I wanted to change a vote on a particular anime, so I went to my votes, opened a second window with the anime, clicked the revoke link for the vote I wished to change, reloaded the other window and made the new vote. Due to stupidity on my end, the dropdown was still set to 1, so I tried to revoke the vote again. To do so, I reloaded the page where I had previously revoked the same vote. What I didn't notice was that by reloading the page, the revoke action had already been performed since the command to do so consists of a parameter in the URI. Being confused, I went back to the window with the anime and reloaded that as well, thereby unknowingly re-casting the wrong vote that I unknowingly revoked a second ago.
This went on at least three times before I noticed the "vote.del=1" and "votea.rate=6" parts in the URI, hence I suggest to either display a notification ("Thank you, your vote has been recorded.", "Your vote for [title] was revoked!"), or better yet, to send a HTTP 302 header after revoking/adding a vote and sending the user back to the page where they revoked/cast the vote but without the appropriate parameter in the URI.
GET requests are confusing [tracked]
Moderator: AniDB
Here's an idea:
Instead of submitting the vote via GET, use POST. Additionally, include two hidden fields in the form that contain a timestamp and a checksum. The checksum is the md5sum of the timestamp + client's IP + secret. Upon handling the vote request, the script regenerates the checksum using the submitted timestamp and client IP. If the timestamp is smaller then the current time minus 1h or the submitted and regenerated checksums don't match, the request is discarded.
Instead of submitting the vote via GET, use POST. Additionally, include two hidden fields in the form that contain a timestamp and a checksum. The checksum is the md5sum of the timestamp + client's IP + secret. Upon handling the vote request, the script regenerates the checksum using the submitted timestamp and client IP. If the timestamp is smaller then the current time minus 1h or the submitted and regenerated checksums don't match, the request is discarded.
Well, I'm looking at it this way:
It takes three lines to add a method that generates the hash.
It takes two lines to get the current time, call the hash method and add the two hidden form fields.
It takes another two lines to check the submitted timestamp against the current time and verify the hash.
With roughly seven lines of code, you can make sure that users aren't tricked into casting votes in any way, you don't have to worry about how the form data is handled, and finally, if someone accidently re-posts the form or has an outdated copy of the page cached, the timestamp catches those cases.
But... I guess it doesn't matter after all since either way works.
It takes three lines to add a method that generates the hash.
It takes two lines to get the current time, call the hash method and add the two hidden form fields.
It takes another two lines to check the submitted timestamp against the current time and verify the hash.
With roughly seven lines of code, you can make sure that users aren't tricked into casting votes in any way, you don't have to worry about how the form data is handled, and finally, if someone accidently re-posts the form or has an outdated copy of the page cached, the timestamp catches those cases.
But... I guess it doesn't matter after all since either way works.