Custom form submission validation by email

coolwebs · 2015-09-10 22:34:49 UTC

I've made a custom form and I am looking at a way of validating that its a human completing the form via email validation ONLY.

Currently CAPTCHA is fantastic and it offers the option of validating a form via email. I want to make the email option mandatory.

The issue currently experiencing is that we have setup a custom form for people to vote on a book and we are very sure 1 week ago a person or group of people began to misuse the form by voting multiple times with bogus names and emails (some emails have actually been stolen). This obviously messes up the accuracy of the voting.

Has anyone in the Squiziverse done this type of thing before?

Bart · 2015-09-10 23:40:32 UTC

Not really, as its really hard to police with public users. You could add some extra checks and record the user's IP address and even set a cookie on them once they have submitted the form and then check on that when loading the form, but again, not failsafe. You could also try the online poll asset which handles the IP thing for you (I think), or try a 3rd party voting app and embed it into your site, but not sure how failsafe they can be either.

coolwebs · 2015-09-11 00:07:20 UTC

Hence why I have already initiated a Squiz Tech support ticket. Just thought I would check on the forum for anyone who might have had a similar experience. Where is the online poll asset documentation? I have tried looking for it in Squiz Guide. If there was a way to lock a user out for longer than 5-10min before making another form submission that would work also because I'm pretty sure the fakers would get frustrated and probably stop submitting fake votes.

Obviously this activity has happened in the past. Humans are very good at exploiting loopholes and be extremely untrustworthy. Hate to admit it but I always have to play 'devil's advocate' and look at ways how I would abuse a system when developing.

Bart · 2015-09-11 00:11:45 UTC

Online poll http://manuals.matrix.squizsuite.net/other-cms-assets/chapters/online-poll

But doesn't know who entered the poll, which may be important in your case.

I would start with something simple and just set a cookie on the user's browser and checking that when the form loads. I'd say 90% of your users wouldn't clue on and stop from submitting multiple times.