Skip to main content
G
Gail Bergan
Inspiring
July 19, 2010
Question

Creating a secure elections database

  • July 19, 2010
  • 1 reply
  • 719 views

Hi folks,

I'm coming back to the people who have been so much help in the past! Now that I've got a member login/member update info section working on my site, I need to do the next thing for my client, which is set up an online elections page that posts to an "election" table in my database. I've got the table set up and the page working, via Insert Record Wizard that uses radio groups for the various choices. Everything is posting to the database great.

I have one concern and would appreciate advice on the following: How do I prevent a member from logging in and voting multiple times? Right now I have a page set up where after they log in, they come to a page with two links: one to "Update your info" and another to "Participate in the 2010 board elections." Right now they can click on these links (both pages have restricted access) multiple times, which I want in the first case but not in the second. Do I need to create a separate login for the election  page, and if so, how do I restrict the voting form to only ONE submission per member?

In my main Users table, I have the primary key set as user_id and then I have a field for email addresses. I thought of using the email address somehow as a check, but would like the election process to be entirely anonymous. Right now data just populates to the election table with no member identification, which I like. Will I have to sacrifice this?

Thanks in advance,

Gail

This topic has been closed for replies.

1 reply

A
Anonymous
July 19, 2010

Add a field to the user table, called it Voted, default to No or 0 or whatever. As soon as that person logs in and votes (for anything) set that field to Yes or 1, etc.

Each time a person votes, check that field first. If set (Yes or whatever) then s/he's already voted so say so and proceed.

Since the results are in another table, there is no loss of anonymity.

B
bregent
Participating Frequently
July 19, 2010

Or, create another table that links the user to a specific election (by date, election id, or whatever). In addition to the userid and election id it would have a status field. Then you can have a tally of who voted in each election - but still not have any way of seeing what they voted for.

G
Gail BerganAuthor
Inspiring
July 20, 2010

BC's solution looks like it requires updating two tables at once - linking via a foreign key, something I've read about but not tried to do yet. Bregent's solution looks like (I think) managing this with one table, which might be simpler for me. I have a few questions about how to implement this:

  1. You said " create another table that links the user to a specific election (by date,  election id, or whatever)." Does this mean I should copy the user_id field from my users table to the election table? How do I create this link?
  2. Then add the status field. I can handle that. I'm not sure how to change this field from 'y' to 'n' after a person votes. How do I change the value and then check it if someone logs in again? This question applies to both solutions I guess.

A step-by-step would help me enormously, as I'm new to this. Thanks in advance,

Gail

Terms & ConditionsAccessibility statement
Using the community Terms of use Privacy Cookie preferences Do not sell or share my personal information ad choicesAdChoices