Unobtrusive AJAX/jQuery Star Rating Bar - Bot Voting Protection

Have you noticed that vote (or poll) results on your website are not as accurate as you thought they would be? Web bots are to be blamed for this trickery. They follow each link on your page and voting links are no exception. Voting scripts usually allow one vote per user and ban any further voting attempts from the same IP address. So, web bots are allowed to vote only once, just as any other visitor. Each of them will hit the lowest rating link first, vote and make the total score for item lower then it would really be unless you somehow manage to ban them from following the voting links.
To tell a web bot or a robot not to follow particular link we use “rel” attribute of the <A> tag with its value set to ”nofollow”. This is enough for Google, Yahoo and other search engines’ bots but it will not stop other, somewhat more “curious” bots, from following the link.
Solution to this problem is quite simple: use JavaScript to write voting links in your page. Here is a brief review of how I accomplished this on a client’s web site. On the website I used Unobtrusive AJAX Star Rating Bar created by Ryan Masuga. It consists of several JS and PHP files but here we are particularly interested in “_drawrating.php” script since it is responsible for writing down the complete HTML of the rating block.
In the file, somewhere around line 68, you’ll see declared variable $rater. This variable is populated with string that is actual HTML of the rating block displayed on page. See the following code:

68. $rater ='';
69. $rater .= '<script type="text/javascript">';
70. $rater.='document.write("<div class=\"ratingblock\">");';
71. $rater.='document.write("<div id=\"unit_long'.$id.'\">");';
72. $ rater.='document.write("<ul id=\"unit_ul'.$id.'\" class=\"unit-rating\"style=\"width:'.$rating_unitwidth*$units.'px;\">");';$rater.='document.write("<li class=\"current-rating\" style=\"width:'.$rating_width.'px;\"> </li>");';
73.
74. for ($ncount = 1; $ncount <= $units; $ncount++) { // loop from 1 to the number of units
75.  if(!$voted) { // if the user hasn't yet voted, draw the voting stars
76.    // write link
77.    $rater.='document.write("<li><a href=\"'.HOST.'");';
78.    $rater .='document.write("ajaxstarrater_v122/");';
79.$rater.='document.write("db.php?j='.$ncount.'&q='.$id.'&t='.$ip.'&c='.$units.'\" title=\"'.$ncount.' out of '.$units.'\" class=\"r'.$ncount.'-unit rater\" rel=\"nofollow\"> </a></li>");';
80.
81.    // eof write link
82.   }
83.}
84. $ncount=0; // resets the count
85. $rater.='document.write("</ul>");';
86. $rater.='  <p';
87. if($voted){ $rater.=' class="voted"'; }
88. $rater.='>'.$id.' Rating: <strong>'.$rating1.'</strong>/'.$units.'('.$count.' '.$tense.' cast)';$rater.='  </p>';
89. $rater.='document.write("</div></div>");</script>';

I made the script write whole rating block using JavaScript, although the link alone is all that matters: see the code between comments write link and eof write link. It is composed from three parts: host, path to ajaxrater folder and file name with query string. Each part is written by calling the JavaScript write()method. This way web bots are not able to follow the voting link: they just can’t see the complete link. They might be able to follow host path, like http://www.mydomain.com, but that’s all and it’ll cause no harm.
I hope you’ll find this method of preventing web bots from voting useful, we at Web Design Beach sure did.

Tags: , ,

Share/Save/Bookmark
Share

3 Responses to “Unobtrusive AJAX/jQuery Star Rating Bar - Bot Voting Protection”


  1. Marcus Says:

    Thanks guys!

    I hope this will protect voting script from evil bots


  2. sneha Says:

    thanks


  3. Oyeme Says:

    I did better version without checking Ip every time,when you want to vote.
    It’s not correct for me , because it’s just another query -
    For an example ,u have on the page 10 rate bars, it’s equal 10 queries.

    I did some modifications with using “Cookies”,every time i checking a cookie array seperated by “;”,
    It’s look like “2;3;43;
    I just searching my id number in cookie array.
    Logical system is the same,i just use cookies with lower sql queries.

    For code u could write me :)

Leave a Reply