using cookie with client computer

hertendreef · December 27th, 2008, 10:38 AM

Hi,

I organise surveys on internet. So i send a cookie to the clientcomputer as check and avoiding a second attempt on the same survey.
I know this is not 100% sure (one can delete the cookie or disable javascript).
The code is here below and works:

Protected Sub submit_Click(ByVal sender As Object, ByVal e As
System.EventArgs)

If Not Request.Cookies("enq") Is Nothing Then
Dim enq As String
enq = Server.HtmlEncode(Request.Cookies("enq").Value)
Page.ClientScript.RegisterClientScriptBlock(Me.Get Type(), "myscript", _
" alert(already filled.');" & _
" window.location.href='http://xye.sd.sd/';", True)
Else
Response.Cookies("enq").Value = "1"
End If
....

I can see the cookie in C:\Documents and Settings\myaccount\Local Settings\Temporary Internet Files

But i visited recently a website also with a survey. I filled it, then made the whole Temporary Internet Files directory empty to be sure, i closed the
browser and then i went back to the same site, i tried to fill the survey a second time, but i got the message "you have already ..." .

I even started Firefox on the same client computer and there too i couldn't fill the survey. And i also disconnected my internet connection and reconnected (with a new IP) but still same message.

My conclusion is that there must be another cookie placed in another location.

Can someone tell me what i can do more than my code ( can i redirected another cookie in another place?) or does it exist another way to prevent
the second attempt?

Thanks
H.

dparsons · December 28th, 2008, 12:17 PM

There could be a few things at play:

1) You did not say if the website you visited required you to 'log in'. If you did then the system is tracking based upon user names and probably not a cookie of some sort.

2) With regard to your IP address, you did not say how you obtained this. For example, if I issue the following commands from a command prompt on my work pc: ipconfig -release then ipconfig -renew I might very well wind up with a different internal IP address, however, my external IP address has not changed. The same secnario holds true if I issue the commands from my home PC since it sits behind a router that is attached to my cable modem. In both cases your internal IP address has changed, your external has not.

I will have to say that one of the aforementioned conditions are true because, typically, a cookie created in IE can not be read by FireFox or vice versa. Further, when you create a cookie, the browser decides where it is placed on the client machine and, as far as I know, this can not be overriden.

Lastly, as you have said, there is no "full proof" poll/survey system and I think you just need to accept it. For example, if you look at www.cnn.com they have a poll on their homepage everyday with a little disclaimer that says "Polls are not scientific" which is a nod to them knowing there is no full proof way to prevent ballot stuffing and the like.

hth.
-Doug

Imar · December 28th, 2008, 12:48 PM

Rather than clearing the Temporary Internet Files folder manually, try doing it through Internet Explorer: Tools | Internet Options | Delete. There you have an option to delete cookies.

Additionally, get the Internet Explorer Developer Toolbar to look at your existing cookies and get Fiddler to debug the data that gets sent between the browser and the server.

Hope this helps,

Imar

hertendreef · December 28th, 2008, 02:56 PM

Thanks for replying.

I have not to log in; i'm an anonymous user.
I receive my IP from my provider who probably takes it from a pool of IP.

H.

dparsons · December 28th, 2008, 03:45 PM

Do as Imar has pointed out by clearing your cookies via the browser.