double vote made easy on a pligg based website

There is a problem in the voting system that compromises all not-so-huge pligg-based communities.

When an identified user votes, checks are made not to allow him to vote twice. This works as well when an anonymous user votes, on the IP basis.

But when an identified user votes, then disconnects (or open the app in an other browser), he can vote twice as anonymous.

This is a problem for all localized or specialized communities that have ten or so votes per link.

- tested version: 9.9.5

- way to reproduce:
1. login
2. vote
3. logout
4. vote

http://forums.pligg.com/bug-report/14871-double-vote-made-easy.html

Advertisement

This entry was posted on Wednesday, October 8th, 2008 at 3:01 am and is filed under Bugs, Pligg. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.

Leave a Reply

Fill in your details below or click an icon to log in:

Gravatar
WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Cancel

Connecting to %s

Follow

Get every new post delivered to your Inbox.