This question already has answers here:
Create unique Poll/vote/survey in php
(3 answers)
how to identify remote machine uniquely in php?
(7 answers)
Closed 6 years ago.
We have a small web-poll system we use in a math class before semester begin on voluntary base. On one hand we dont want the students have to register or download something, because of possible lost of poll participants. On the orher hand there are some students who manipulate the poll by sending lot's of junk answers.
Is there a way to identify a user machine over http? Ideas how to create an simple identification?
Simple: it is not possible to get the users computer name with Javascript. You can get all details about the browser and network. But not more than that.
If you are looking for a simple solution just use a cookie with a far future expire marking the device as already voted. However, this is just a simple solution and does not protect you against users with minimal IT skills. You could consolidate the separation by saving a hashed value of their Browser version/os/ip with each vote and you can filter results when counting
Related
Closed. This question is opinion-based. It is not currently accepting answers.
Want to improve this question? Update the question so it can be answered with facts and citations by editing this post.
Closed 3 years ago.
The community reviewed whether to reopen this question 1 year ago and left it closed:
Original close reason(s) were not resolved
Improve this question
If I'm using something like React/Vue/Angular or just simply preventing my page to load on submit with pure JS, should I generate the id for my element on the front end or should I wait for the server to respond with an id?
A simple example would be the good old todo list, I add a todo and it has to have an id so when I want to delete it I can send the id to the server. In the past I used to generate a UUID and send that to the server for it to use. My question is just if this is good practice or should I be doing it differently?
If you're going to store data in the server, you should never created the ID of an element in the client. You could add the same ID twice, or another user could use the same ID that you do, or use an invalid one, or -- you get the idea. You can almost surely avoid repeating IDS generating UUIDs client-side, but it is much easier, and more secure, to edit them in the server. Take into account that in the client you don't have any control in which the client sends to your backend. Despite what you do with JavaScript, a malicious user can always hack the request sent to the server and modify it the way they want, so you could end with IDs too long for you database fields, or with invalid values, or God know what else.
Generating ids client side is indeed bad practice for the reasons already explained. But the real point regarding your concern in my opinion is, even if you generate the ids client side, you still have to wait for that server response to make sure the resource is actually created. Server might be temporarily down, server-db connection might be down, disk might be faulty. You need that response in either case for a better user experience when there is an error. So I don't believe you're actually improving the overall user experience by generating ids client side.
This question already has answers here:
How can I obfuscate (protect) JavaScript? [closed]
(22 answers)
Closed 4 years ago.
I'm installing Intercom (https://www.intercom.com) for customer engagement on my site. With the recommended installation the javascript snippet they gave would have my intercom app_id exposed in the page source.
May not be a big deal, but I was wondering if there was a better way where I could keep that hidden.
May not be a big deal
It isn't.
but I was wondering if there was a better way where I could keep that hidden
You can't.
Intercom need the browser to tell them your ID for their approach to work.
This means you must tell the browser your ID.
The browser is the property of the user and it answers to them.
It is not possible to give the browser information and keep it secret from the user who owns the browser.
Closed. This question is opinion-based. It is not currently accepting answers.
Want to improve this question? Update the question so it can be answered with facts and citations by editing this post.
Closed 7 years ago.
Improve this question
So this is all more theoretical since I am sorta planning ahead here but I have a generic Parse User class that I am trying to impliment a sort of search function so one user could search for his friends user.
My initial plan was to use the Parse Query contains method to find all the users who contain 'xxx' characters in their name. However.. I noticed that parse noted this would be slow with a large database.. ideally my hope for the app would be to have thousands of users. I Know that can sound a bit ambitious but that is what I am thinking.
Is parse just not the right platform for this?
I had thought about downloading all the user objects and then using local code to filter through them quickly but that surely couldn't be faster.
Would love to hear your guys thoughts!
Your idea could work, but it could be slow. You can do some things to make it a bit faster, but contains is always going to be slow for the server to do. If you can change to 'begins with' instead of contains that will be faster. Exact matches should be faster again.
If you limit the search results that would help. So, as the user types, don't make any request to the server until 3 characters have been typed, and set the query limit to 5 results. Ideally also add a timer so if the user types a fourth character within 1 second the request isn't made. If the request is made and another character is typed cancel the current request before making a new one.
As more characters are typed in you could extend the limit to get more results.
Definitely don't download everything and search locally. Your users should also only really be accessible to cloud code because it can use the master key (your users should have an ACL which denies access to other users).
This question already has an answer here:
JS Simple but Safe Login? [closed]
(1 answer)
Closed 6 years ago.
I am trying to create a login page using JavaScript. It's really just a redirect page with a couple of usernames and passwords. I know how insecure it is, but its simple; plus no confidential information will be on the target pages.
I got my script from this source: http://www.javascriptkit.com/script/script2/loginpass2.shtml
Im trying to have certain usernames redirect to a particular page and I want to do that with the code given..I just don't know how.
Sorry for not being clear.
For example, when someone logs in as user 1 I want them to be redirected to a different page as user 2.
Thanks in advance. :)
Why not just do
window.location.replace(url);
Where you get url from matching a username with a url. An associated array would fit the bill
This question already has answers here:
When do items in HTML5 local storage expire?
(18 answers)
Closed 9 years ago.
I am creating an app using phonegap. I want to use local storage. I have seen some example that i cat store it using.
window.localStorage.setItem('variablename','value');
I cant find anywhere about its details. I dont know about it lifetime. If i am storing some value how much time it will stay. Means i want to know will this expire like cookies or session, after some time it will expired automatically. Or it will be stored for lifetime?
Could anyone tell me about this variable.
It is completely upto the u.There is no definite lifetime of it.you can have a look at the following.It might help you.
http://ejohn.org/blog/dom-storage/