I'm creating a site where a profile can be voted on by guest users.
I want to prevent basic fraud by disallowing multiple votes for the same profile in one session.
I was thinking about using a session array and checking for the profile ID in the session array.
So far, it's not working correctly and I'm not even sure if this is the best approach.
Any ideas?
I'm open to new ideas, or at least debugging on my code:
unless session[:voted_user_ids] session[:voted_user_ids] = Array.new end
unless session[:voted_user_ids].include? params[:voted_user_id] @vote = Vote.create(...) session[:voted_user_ids].push params[:vosted_user_id] end
Thanks, Andy