I once had to implement something similar for a client's intranet page. First we designed it to work without login simply by logging the IPs (static and in the 10.10.*.* range) to avoid people voting twice or more. Then the client wanted to have some statistics like what department voted for what (yeah, not very democratic i know). So we changed it have the user log in before voting. Now we could also make sure that only authorized users were voting, unless a user forgot to log out and a delivery guy was taking his chances (very unlikely). I think the thingy about online voting is to ask oneself how serious the result has to be. Getting a 99% bulletproof result might be quite time consuming (thinking of HTTPS, tokens, authorization, etc. here). So it all depends on what your client wants. //A yeti -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
