我需要实现一个匿名投票系统(用户注册是不行)。我已经决定,最好的选择是限制单个项目的票数为每个IP10(考虑到学校等)。PHP + MySQL限制IP投票系统
什么是最好的方法来解决这个问题。我正在使用PHP + MySQL。在高峰时段,每秒可能会有20张选票。我使用负载平衡的前端与专用的MySQL服务器。
我担心的是在数据库中的每一票插入一行,然后查询这些数据,看看他们是否已经达到极限可能是太多的服务器来处理?
我会更好看的MongoDB什么?
还有其他想法吗?
我会建议将“投票”状态保存在cookie中。这将允许全校&办事处投票。这样做每个IP 10将允许在一个地址的单个用户投票10次。
显然有它周围的方式,如清除饼干等,但我认为这是一个不错的选择。
只要确保你指数知识产权领域,并考虑代表它不是一个字符串(例如整数)以外的东西。在这里看到更多的细节:http://daipratt.co.uk/mysql-store-ip-address/
此外,通过adlawson cookie的想法是好的。你可以同时使用这两个IP地址,也许可以让IP地址向你发出警报,在那里你可以进入某个管理员屏幕,并决定这些IP看起来像是某人试图欺骗系统而不是学校。
有关ipv6的更新:我对ipv6 w/regards对当前webhosting没有太大的了解,所以不确定ipv6上是否存在专门用户。如果是的话,你可以考虑一些在这些职位对于如何存储他们提出的想法:
这听起来不错。我应该担心IPv6吗?我不能将这些数据存储为整数,或者在ISP开始抛弃这些数据之前这种情况不太可能发生?请原谅我的无知。 – bradley
我更新了上面的帖子w /一些ipv6信息(虽然,我在这个问题上的专业知识是相当有限的) –
我觉得键/值数据库会更好这里。
此外,你不用排了每一张选票,则需要每个IP和使用只有1排queryes LIKE如你所描述应该罚款
INSERT INTO .. ON DUPLICATE KEY UPDATE
负载均衡。一个专用的MySQL服务器不应该有任何问题的速度的查询。我不认为MongoDB会帮助解决这样的问题。类似memcached的性能要高得多,但您仍然需要在某些时候将数据发送到更持久的MySQL DB。
我会adlawston上使用cookie,而不是同意。你仍然可以有一个可以从一个单一的IP
我需要实现一个匿名投票系统(用户注册是 没有去)
IP的可以投票的上限是不解决这个问题的方法,因为很多公司/学校有成千上万的人映射到几个IP地址。如果您不希望用户因匿名投票而登录,我会建议您使用CAPTCHA(recaptcha)来保护群众投票,因为所有其他技术都可以被熟练的程序员绕过。它甚至有可能到spoof IP address。我相信在很多Linux发行版中,您可以轻松地欺骗IP。
[email protected]:~/bash$ apt-cache search ^fake$
fake - IP address takeover tool
http://en.wikipedia.org/wiki/IP_address_spoofing#Defense_against_spoofing:
此外,还建议设计的网络协议和服务,以便 它们不依赖于IP源地址进行验证。
但一个熟练的程序员不能绕过经过测试的验证码,如recaptcha。投票有点难,但在我看来,这是对付假投票的唯一方法。另外captcha不能使投票系统无法投票错误。制作这种系统的唯一方法是使用认证。保留允许投票的用户(身份)列表。
什么是最好的方法来解决这个问题。我正在使用PHP + MySQL。在 高峰期间,可能会有多达每秒20票。
这甚至不会冒汗Redis,因为它非常快速。
Redis是一个开源的高级键值存储。它通常被称为数据结构服务器,因为密钥可以包含字符串, 哈希,列表,集合和有序集合。
首先我的系统信息。我喜欢它,但它已经很老了。
-Computer-
Processor : 2x Intel(R) Core(TM)2 Duo CPU T7100 @ 1.80GHz
Memory : 2051MB (1403MB used)
Operating System : Ubuntu 10.10
User Name : alfred (alfred)
Date/Time : Sat 16 Jul 2011 07:53:20 PM CEST
-Display-
Resolution : 1280x800 pixels
OpenGL Renderer : Unknown
X11 Vendor : The X.Org Foundation
-Multimedia-
Audio Adapter : HDA-Intel - HDA Intel
-Input Devices-
Power Button
Lid Switch
Sleep Button
Power Button
AT Translated Set 2 keyboard
Dell Dell USB Keyboard
Logitech Trackball
PS/2 Logitech Wheel Mouse
Video Bus
-Printers (CUPS)-
Canon-MP150 : <i>Default</i>
HP-Photosmart-b110
-SCSI Disks-
HL-DT-ST DVDRAM GSA-T20N
ATA WDC WD1600BEVS-2
接下来我将基准我的Redis服务器:
[email protected]:~/database/redis-2.2.0-rc4/src$ ./redis-server --version
Redis server version 2.1.12 (00000000:0)
[email protected]:~/database/redis-2.2.0-rc4/src$ ./redis-benchmark
====== PING (inline) ======
10000 requests completed in 0.23 seconds
50 parallel clients
3 bytes payload
keep alive: 1
94.11% <= 1 milliseconds
97.77% <= 2 milliseconds
98.97% <= 3 milliseconds
99.02% <= 4 milliseconds
99.51% <= 6 milliseconds
99.88% <= 7 milliseconds
100.00% <= 7 milliseconds
44052.86 requests per second
====== PING ======
10000 requests completed in 0.23 seconds
50 parallel clients
3 bytes payload
keep alive: 1
87.97% <= 1 milliseconds
97.44% <= 2 milliseconds
98.83% <= 3 milliseconds
99.41% <= 4 milliseconds
99.51% <= 5 milliseconds
99.70% <= 6 milliseconds
100.00% <= 6 milliseconds
43478.26 requests per second
====== MSET (10 keys) ======
10000 requests completed in 0.37 seconds
50 parallel clients
3 bytes payload
keep alive: 1
11.02% <= 1 milliseconds
82.00% <= 2 milliseconds
93.94% <= 3 milliseconds
97.18% <= 4 milliseconds
98.17% <= 5 milliseconds
98.89% <= 6 milliseconds
99.44% <= 7 milliseconds
99.51% <= 9 milliseconds
99.52% <= 10 milliseconds
100.00% <= 10 milliseconds
26881.72 requests per second
====== SET ======
10000 requests completed in 0.24 seconds
50 parallel clients
3 bytes payload
keep alive: 1
86.50% <= 1 milliseconds
96.08% <= 2 milliseconds
97.45% <= 3 milliseconds
97.87% <= 4 milliseconds
99.02% <= 5 milliseconds
99.51% <= 6 milliseconds
99.52% <= 7 milliseconds
100.00% <= 7 milliseconds
40983.61 requests per second
====== GET ======
10000 requests completed in 0.23 seconds
50 parallel clients
3 bytes payload
keep alive: 1
86.06% <= 1 milliseconds
97.51% <= 2 milliseconds
98.89% <= 3 milliseconds
99.65% <= 4 milliseconds
100.00% <= 4 milliseconds
42553.19 requests per second
====== INCR ======
10000 requests completed in 0.23 seconds
50 parallel clients
3 bytes payload
keep alive: 1
90.72% <= 1 milliseconds
96.92% <= 2 milliseconds
98.12% <= 3 milliseconds
98.33% <= 4 milliseconds
99.27% <= 5 milliseconds
99.51% <= 7 milliseconds
100.00% <= 7 milliseconds
43103.45 requests per second
====== LPUSH ======
10000 requests completed in 0.23 seconds
50 parallel clients
3 bytes payload
keep alive: 1
87.92% <= 1 milliseconds
96.35% <= 2 milliseconds
98.26% <= 3 milliseconds
99.51% <= 7 milliseconds
100.00% <= 7 milliseconds
42735.04 requests per second
====== LPOP ======
10000 requests completed in 0.24 seconds
50 parallel clients
3 bytes payload
keep alive: 1
87.75% <= 1 milliseconds
96.67% <= 2 milliseconds
97.77% <= 3 milliseconds
98.64% <= 4 milliseconds
98.65% <= 5 milliseconds
99.80% <= 6 milliseconds
100.00% <= 6 milliseconds
41841.00 requests per second
====== SADD ======
10000 requests completed in 0.23 seconds
50 parallel clients
3 bytes payload
keep alive: 1
89.55% <= 1 milliseconds
96.56% <= 2 milliseconds
97.80% <= 3 milliseconds
98.76% <= 4 milliseconds
99.50% <= 5 milliseconds
99.63% <= 6 milliseconds
100.00% <= 6 milliseconds
42553.19 requests per second
====== SPOP ======
10000 requests completed in 0.25 seconds
50 parallel clients
3 bytes payload
keep alive: 1
88.12% <= 1 milliseconds
96.21% <= 2 milliseconds
97.45% <= 3 milliseconds
97.99% <= 4 milliseconds
98.53% <= 5 milliseconds
99.51% <= 6 milliseconds
100.00% <= 6 milliseconds
40322.58 requests per second
====== LPUSH (again, in order to bench LRANGE) ======
10000 requests completed in 0.24 seconds
50 parallel clients
3 bytes payload
keep alive: 1
89.41% <= 1 milliseconds
96.05% <= 2 milliseconds
97.76% <= 3 milliseconds
98.76% <= 4 milliseconds
99.01% <= 5 milliseconds
99.51% <= 7 milliseconds
99.96% <= 8 milliseconds
100.00% <= 8 milliseconds
42016.81 requests per second
====== LRANGE (first 100 elements) ======
10000 requests completed in 0.40 seconds
50 parallel clients
3 bytes payload
keep alive: 1
11.56% <= 1 milliseconds
76.23% <= 2 milliseconds
91.93% <= 3 milliseconds
94.47% <= 4 milliseconds
97.80% <= 5 milliseconds
99.23% <= 6 milliseconds
99.87% <= 9 milliseconds
100.00% <= 9 milliseconds
24937.66 requests per second
====== LRANGE (first 300 elements) ======
10000 requests completed in 0.86 seconds
50 parallel clients
3 bytes payload
keep alive: 1
2.28% <= 1 milliseconds
10.90% <= 2 milliseconds
35.68% <= 3 milliseconds
63.74% <= 4 milliseconds
86.00% <= 5 milliseconds
92.65% <= 6 milliseconds
94.96% <= 7 milliseconds
97.50% <= 8 milliseconds
98.04% <= 9 milliseconds
98.75% <= 10 milliseconds
99.56% <= 11 milliseconds
99.96% <= 12 milliseconds
100.00% <= 12 milliseconds
11682.24 requests per second
====== LRANGE (first 450 elements) ======
10000 requests completed in 1.15 seconds
50 parallel clients
3 bytes payload
keep alive: 1
1.13% <= 1 milliseconds
6.20% <= 2 milliseconds
10.38% <= 3 milliseconds
27.37% <= 4 milliseconds
53.45% <= 5 milliseconds
74.60% <= 6 milliseconds
89.41% <= 7 milliseconds
95.40% <= 8 milliseconds
98.04% <= 9 milliseconds
98.98% <= 10 milliseconds
99.46% <= 11 milliseconds
99.58% <= 12 milliseconds
99.73% <= 13 milliseconds
99.87% <= 14 milliseconds
100.00% <= 14 milliseconds
8695.65 requests per second
====== LRANGE (first 600 elements) ======
10000 requests completed in 1.45 seconds
50 parallel clients
3 bytes payload
keep alive: 1
0.52% <= 1 milliseconds
6.23% <= 2 milliseconds
10.67% <= 3 milliseconds
16.37% <= 4 milliseconds
27.51% <= 5 milliseconds
46.06% <= 6 milliseconds
60.82% <= 7 milliseconds
79.70% <= 8 milliseconds
90.96% <= 9 milliseconds
96.01% <= 10 milliseconds
97.99% <= 11 milliseconds
99.43% <= 12 milliseconds
99.90% <= 13 milliseconds
100.00% <= 13 milliseconds
6896.55 requests per second
的incr操作是您需要什么,是你可以看到我的系统可以处理43103.45 requests per second。
对于MongoDB什么的我会更好吗?
我建议redis如上所述。
10完全是一个任意值,并不会占到办公室那里有可能是数百甚至数千背后一个面向公众的IPv4地址的人。更不用说你可能允许个人投票十次。
显然,这不是一个强大或适合用途的解决方案。
找到另一种唯一标识人的方法。
对不起,忘了提及我已经这样做了。我只需要防止那些愿意通过清除他们的Cookie超过10次投票进一步的人。我知道没有傻瓜证明的方式,但通过知识产权进行限制似乎是一个很好的妥协。 – bradley
在这种情况下,您可以为每个IP添加一个上限,但我认为这取决于您的市场。如果您希望很多学校/办公室用户投票,那么这可能不是一个好主意。而且,即使有IP限制,用户仍然可以通过代理进行投票。如果每个人保持1票是非常重要的话,那么我会建议用户注册。 – adlawson