I’m currently making a facemash analog and I found out that it’s very easy

Question

0

Asked: May 28, 20262026-05-28T01:19:14+00:00 2026-05-28T01:19:14+00:00

I’m currently making a facemash analog and I found out that it’s very easy

0

I’m currently making a facemash analog and I found out that it’s very easy to cheat ^^ If you type this in your browser several times: http://domain.com/rate.php?winner=1&loser=2, you can make photo №1 a winner. I know that it’s possible to prevent it with cookies and ip-blocking, but I don’t know how exactly. Please help me. Thanks!

Thant’s an example (not mine):
http://facemash.moefelt.dk/

UPD I can provide a source code if needed.

UPD 1 rate.php http://jsfiddle.net/6xLR6/
index.php http://jsfiddle.net/AvF4M/1/

Report

Leave an answer
Cancel reply

You must login to add an answer.

Need An Account,

1 Answer

Editorial Team · Answer 1 · 2026-05-28T01:19:15+00:00

you can simply use $_POST instread of $_GET, the cheat would be harder !

cookies can be saved in cache but if the user clean it everytime, it could be useless.

EDIT :

<form METHOD=POST ACTION="rate.php">

<table>
<tr>
        <td><img src="images/<?=$images[0]->filename?>" /></td>
        <td><img src="images/<?=$images[1]->filename?>" /></td>

<input type="radio" name="winer" value="First"> First<br>
<input type="radio" name="winer" value="Second"> Second

<input type="hidden"  name="first"  value="<?=$images[0]->image_id?>">
<input type="hidden"  name="second"  value="<?=$images[1]->image_id?>">
</tr>
</table>
</form>

In rate.php :

<?php 
$winerId = $_POST['winer'];

if ($_POST['winer'] == $_POST['first']){
$looser = $_POST['second'];}
else { $looser = $_POST['second']; }
...

I think that you got all that you want right now 😉

Sign Up

Sign In

Forgot Password

The Archive Base Latest Questions

I’m currently making a facemash analog and I found out that it’s very easy

Leave an answerCancel reply

1 Answer

Leave an answer
Cancel reply