Wrox Programmer Forums

Need to download code?

View our list of code downloads.

Register | FAQ | Members List | Calendar | Search | Today's Posts | Mark Forums Read
BOOK: ASP.NET 2.0 Website Programming Problem Design Solution ISBN: 978-0-7645-8464-0
This is the forum to discuss the Wrox book ASP.NET 2.0 Website Programming: Problem - Design - Solution by Marco Bellinaso; ISBN: 9780764584640
Welcome to the p2p.wrox.com Forums.

You are currently viewing the BOOK: ASP.NET 2.0 Website Programming Problem Design Solution ISBN: 978-0-7645-8464-0 section of the Wrox Programmer to Programmer discussions. This is a community of tens of thousands of software programmers and website developers including Wrox book authors and readers. As a guest, you can read any forum posting. By joining today you can post your own programming questions, respond to other developersí questions, and eliminate the ads that are displayed to guests. Registration is fast, simple and absolutely free .
DRM-free e-books 300x50
 
 
Thread Tools Display Modes
  #1 (permalink)  
Old December 30th, 2008, 10:32 PM
Authorized User
 
Join Date: Oct 2008
Location: Scottsdale, AZ, USA.
Posts: 23
Thanks: 5
Thanked 0 Times in 0 Posts
Default Question on Rating items, etc.

Has anyone improved the rating logic? Digging in today, I noticed, the "save" is a db count and rating store, then a cookie for the user. Having deleted cookies many a time, this does seem like a very good way. Before I add a new table and logic, I thought I'd poll the forum and see if anyone has already dealt with this. Thanks.
  #2 (permalink)  
Old December 30th, 2008, 11:25 PM
Lee Dumond's Avatar
Wrox Author
Points: 4,942, Level: 29
Points: 4,942, Level: 29 Points: 4,942, Level: 29 Points: 4,942, Level: 29
Activity: 0%
Activity: 0% Activity: 0% Activity: 0%
 
Join Date: Jan 2008
Location: Decatur, IL, USA.
Posts: 923
Thanks: 12
Thanked 166 Times in 162 Posts
Default

The book discusses alternative methods, including rate locking by IP etc. You are right though, that cookies (and IP, for that matter) are far from foolproof. These are merely convenient-to-implement deterrents from repeated rating. They can't prevent it, because these methods work from the client side. There is no client-side method that can truly prevent someone from jacking your ratings.

A more secure method would be to store rating instances in the database. You would have a table with a username column and an article ID column (or whatever is being rated). When a logged-in user rates something, store their username and the ID of the thing being rated in a record. Do a lookup as part of the rating logic, that prevents a user from rating if a record exists matching the user to the item being rated.

If you have multiple things being rated, you'd have to set up a table for each (ArticleRatings, StoreItemRatings, etc.)
__________________
Visit my blog at http://leedumond.com
Follow me on Twitter: http://twitter.com/LeeDumond

Code:
if (this.PostHelpedYou)
{
   ClickThanksButton(); 
}

Last edited by Lee Dumond; December 30th, 2008 at 11:30 PM.
The Following User Says Thank You to Lee Dumond For This Useful Post:
scottlucas58 (December 31st, 2008)
  #3 (permalink)  
Old December 31st, 2008, 07:44 PM
Authorized User
 
Join Date: Oct 2008
Location: Scottsdale, AZ, USA.
Posts: 23
Thanks: 5
Thanked 0 Times in 0 Posts
Default Thanks

Quote:
Originally Posted by Lee Dumond View Post
The book discusses alternative methods, including rate locking by IP etc. You are right though, that cookies (and IP, for that matter) are far from foolproof. These are merely convenient-to-implement deterrents from repeated rating. They can't prevent it, because these methods work from the client side. There is no client-side method that can truly prevent someone from jacking your ratings.

A more secure method would be to store rating instances in the database. You would have a table with a username column and an article ID column (or whatever is being rated). When a logged-in user rates something, store their username and the ID of the thing being rated in a record. Do a lookup as part of the rating logic, that prevents a user from rating if a record exists matching the user to the item being rated.

If you have multiple things being rated, you'd have to set up a table for each (ArticleRatings, StoreItemRatings, etc.)
Thanks Lee, I was just being lazy, hoping someone had a nice little neat package all wrapped up.
-s
  #4 (permalink)  
Old December 31st, 2008, 07:48 PM
Lee Dumond's Avatar
Wrox Author
Points: 4,942, Level: 29
Points: 4,942, Level: 29 Points: 4,942, Level: 29 Points: 4,942, Level: 29
Activity: 0%
Activity: 0% Activity: 0% Activity: 0%
 
Join Date: Jan 2008
Location: Decatur, IL, USA.
Posts: 923
Thanks: 12
Thanked 166 Times in 162 Posts
Default

Quote:
Originally Posted by scottlucas58 View Post
Thanks Lee, I was just being lazy, hoping someone had a nice little neat package all wrapped up.
-s
Always worth a shot.
__________________
Visit my blog at http://leedumond.com
Follow me on Twitter: http://twitter.com/LeeDumond

Code:
if (this.PostHelpedYou)
{
   ClickThanksButton(); 
}
 


Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off
Trackbacks are Off
Pingbacks are On
Refbacks are Off

Similar Threads
Thread Thread Starter Forum Replies Last Post
Reset Article View Count and Rating retroviz BOOK: ASP.NET 2.0 Website Programming Problem Design Solution ISBN: 978-0-7645-8464-0 2 July 20th, 2008 10:43 AM
Rating &ViewCount do not increment tectrix BOOK: ASP.NET 2.0 Website Programming Problem Design Solution ISBN: 978-0-7645-8464-0 15 May 30th, 2007 06:46 AM
Beginner Question - ComboBox Items edusem C# 2005 3 April 1st, 2007 10:10 AM
Menu Items JoBi C# 0 October 20th, 2004 08:51 PM
displaying 6 items only having 20 items Lakshmi KS VB Components 1 February 17th, 2004 09:34 AM



All times are GMT -4. The time now is 01:54 AM.


Powered by vBulletin®
Copyright ©2000 - 2018, Jelsoft Enterprises Ltd.
© 2013 John Wiley & Sons, Inc.