-1

Hey easy to medium question here:

I'm busy working on application at work where user signs up for something. He/She enters a competition. IT'S IS VERY IMPORTANT THAT USER CAN ONLY SIGN UP ONCE (1TIME)

I know I can use $_SERVER['REMOTE_HOST'] to get user ip address store data in a table and compare against new registrations BUT....

A smart user can easily change his IP address....

IS THERE ANYWAY WHICH I CAN ENSURE THAT USER ONLY SIGNS UP ONCE EVEN IF HE CHANGES IP ADDRESS, IF SO ANY EXAMPLES / CODE / LINKS / RECOMENDED READING WELCOME

Marilee
  • 1,598
  • 4
  • 22
  • 52
  • email id at the time of registration not the ip-address. email id will help you in your senario – Alive to die - Anant Feb 03 '17 at 09:07
  • @Anant: One can make multiple email addresses :-) – Svekke Feb 03 '17 at 09:08
  • You can ask the number of the identity card. This is unique for each person. But I guess you cannot do a check to see if number is legit. – Svekke Feb 03 '17 at 09:10
  • There is no way with IP. The IP Adress will change anyway all 24 hours / after a router restart. The users haven't to be "smart" to change the IP, its done automatically. There is no way you can access a static IP of a user by a browser. – Twinfriends Feb 03 '17 at 09:10
  • IP wont work, most are dynamically assigned and re-assigned. You might even prevent multiple people signing up if they all have the same ISP as the get assigned the same IP from time to time. – Philip Thomson Feb 03 '17 at 09:12
  • Hopefully you can't do that. It would be massive privacy violations if you could. – Federkun Feb 03 '17 at 09:21
  • you shouldn't limit signups per IP in the first place - because of **carrier grade NAT**, several **thousands** of legit users may share one – Franz Gleichmann Feb 03 '17 at 09:35

1 Answers1

0

You can set a cookie in users system when he signs up for the first time and checks it when the customer tries to sign up again.

I know it is possible to delete that cookie as well easily but are you dealing with programmers with your system? I hope not.

A basic computer user doesn't have the knowledge to change IP or delete cookies.

Wolfack
  • 2,667
  • 1
  • 26
  • 50
  • They could just use a different machine – Philip Thomson Feb 03 '17 at 09:18
  • in that case it is not possible to block it – Wolfack Feb 03 '17 at 09:20
  • @RaghubendraSingh was just wondering what about getting MAC address of router would that be possible that can partially solve the issue...? – Timothy Coetzee Feb 03 '17 at 09:30
  • Are your even aware that PHP is a sever side language and fetching the MAC address is not possible through it and this is not a good approach as well... and you can't do it with Javascript as well... http://stackoverflow.com/questions/3385/mac-addresses-in-javascript – Wolfack Feb 03 '17 at 09:36
  • and even if you could, routers and users don't share a 1:1 relationship. – Federkun Feb 03 '17 at 09:40