Voting settings

fv-voting-security-and-frequency

Voting frequency

In contest settings, you can select one of ten preset types:

  1. Once for one photo for all time – user can vote just once during the contest.
  2. Once for 2 photos for all time – like above but user can vote for two different photos (but not more than once for each photo).
  3. Once for 3 photos for all time – like above but user can vote for three unique photos (not more than once for each photo).
  4. Once for 10 photos for all time – like above but user can vote for ten unique photos (not more than once for each photo).
  5. For each photo once – user can vote once for each unique photo (not more than once for each photo).
  6. For one photo once for 24 hours – user can vote for one photo every 24 hours (can vote for the same photo several times). Note: 24 hours not means once per day, 24 hours have to pass before the user can vote again.
  7. For 2 photos once for 24 hours – user can vote for two different photos every 24 hours (one vote per photo for the same 24-hour period but the same photo can get another vote after 24 hours).
  8. For 3 photos once for 24 hours – user can vote for three different photos every 24 hours (one vote per photo for the same 24-hour period but the same photo can get another vote after 24 hours).
  9. For all photos once for 24 hours – user can vote for all photos but cannot give more than one vote on the same photo over 24 hours.

Voting security

IP + cookies + evercookie

Check:  voter IP and evercookie is recorded in the votes table. So if the voter uses a shared IP (like at university, company etc.) or tries voting again from the same browser, they might not be able to vote.
Effectiveness: Not extremely effective, but simple for users.

IP+cookies+evercookie + reCaptcha (reCaptcha key required)

Check: like above but user must match the reCaptcha every time, when vote button is clicked (or if saving reCaptcha session is enabled, session is kept for 30 minutes).
Effectiveness: effective, but not so comfortable for users and creates more server load (for every vote your site sends a reCaptcha request to Google).

cookies+evercookie + reCaptcha (reCaptcha key required)

Check: same as above but no IP check.
Effectiveness: very bad, but allows votes from shared IPs – like at university, company etc.

IP+cookies+evercookie + Subscribe form

Details: when user makes their first vote, they will have to fill a subscribe form with name & email fields; after the form is submitted the data saves to user session and voting can start.
Check: voter IP and evercookie is recorded in the votes table. So if the voter uses a shared IP (like at university, company etc.) or tries voting again from the same browser, they might not be able to vote.
Effectiveness: Not very effective, but simple for users.
Example: https://yadi.sk/i/TGz1dvJ6wbdHt

IP+cookies+evercookie + Facebook Share (required FB app ID)

Details: when vote is clicked, opens a Facebook sharing popup window with the current photo and the vote will be registered when they click Share.
Check: voter IP and evercookie is recorded in the votes table. So if the voter uses a shared IP (like at university, company etc.) or tries voting again from the same browser, they might not be able to vote.
Notes: user must have a Facebook account.
Effectiveness: same as in Default + more Facebook share, so it is more effective.
Usage details: rarely used, but can be useful with “Once for one photo for all time” voting frequency.

IP+cookies+evercookie+Social authorization

Details:

  1. Voter clicks “Vote”
  2. A popup with allowed social networks shows up – https://yadi.sk/i/PRSGu6TsmD2Ta
  3. User clicks on the network of their choice and allows access to their profile (First & last name & sometimes email)
  4. The data is sent to server and saved in session
  5. Vote is registered

Check: same as in Default + unique social user ID.
Notes: this does not create any account for the user, all data stored in PHP session.
Second login with the same account: in second login with the same social account Permission request window don’t shows.
Facebook note: by default, external service is used for authorization but when you set up Facebook app ID in settings, then self-hosted Facebook login will be used.
Effectiveness: good.

cookies+evercookie+ Social authorization

Details: the same as in “IP+cookies+evercookie + Social autorization”, but does check IP.
Effectiveness: slightly worse than “IP+cookies+evercookie + Social autorization”.
Usage details: useful if you want to allow different users to vote from the same shared IP (but not from the same browser because of the cookie, unless private browsing tabs are used).

cookies+evercookie + Authorized user

Check: browser cookies and user ID.
Requirements: user must be logged in on the website else they can’t vote and will see a message like “You must be logged in to vote!”.
Usage details: useful if you want to motivate user registration on the site or of the most part of voters are already site members.
Effectiveness: pretty good (users can create many accounts to cheat on the votes though).