Online Fan-Voting

<p>An online fan-voting process is going to be implemented, where only the email-address of the voter and the object-voted-for (person, band, subject,...) is given. It should not be possible for voters to vote more than one time. The system is implemented in PHP on a shared hosting service. Access to MySQL database and email sending component is possible.</p><p>To find a basic concept (workflow), how multiple votings by a single user can be prevented in this restricted environment, is the goal of this challenge.</p>


2 answers

Using Boot Camp to run XP and MacOS on the same computer

Boot Camp is software included with Mac OS X 10.5 Leopard that lets you run compatible versions of Microsoft Windows on an Intel-based Mac.I will be guiding you guys through how to setup Boot Camp in Mac OS X Leopard or Snow Leopard. Boot Camp is a utility that comes with every new Macintosh and can run on any Intel Macintosh. It allows you to natively boot and run Windows XP (SP2 or later), Vista or Windows 7 (Not officially supported yet). Here goes the tutorial:Step 1: Navigate to Applications>Utilities>Boot Camp Assistant and open it. Read the introduction and click continueStep 2: Pick a partition size and select “Partition”. Allow the assistant to partition your hard drive for you.Step 3: Follow the rest of the Boot Camp Assistant instructions, ending with inserting your Windows Installation DVD/CD.Step 4: For the rest of the steps in setting up and installing Windows on to your Mac, follow this Apple Boot Camp tutorial: 

Online Fan-Voting Security by Email-based Confirmation

The solution to the problem "Online Fan-Voting" is the following concept, which has already been implemented successfully (on shared hosting environment, with PHP and MySQL): 

  • Every voter is registered with her email address and the relevant voting information in the MySQL database, and a hash value is also generated and saved, which is hashed from the concatenation of a secret passphrase and the entered email address (so the hash-base can not be found out).
  • An email is sent to the voter's email address, with a link to a confirmation page, with the generated hash value as GET parameter
  • When the voter clicks onto the link with the hash parameter, the voting is confirmed in the database, for the entry matching the hash value. Automatically engineering the hash value would not work out for spam bots within reasonable time, since a long hash value is used.
  • From the moment the voting is submitted (still unconfirmed), the voter's email address can no longer be used for votings.
  • Additionally, the voting's datetime is saved, so strange chronological accumulations of votings can be found after the voting period is up.