WordPress.org

Forums

anonymous survey with verification of submission (4 posts)

  1. rcpessoa
    Member
    Posted 2 years ago #

    Dear all,

    I need to create a page with a survey, an embedded from somewhere, but I need this page to be accessed only once per user... I need the form submission to be anonymous, but to save in the DB a flag that this user has already accessed this page.

    can anyone help me with the PHP code to insert in a table that I create for this purpose, and the verification (select) to check if the user has already submitted it?

    I would like to have the insertion when the user presses the submit button on the form... is it possible with an embedded code?

    Thanks in advance for any help that you might give me..

    Raul

  2. bcworkz
    Member
    Posted 2 years ago #

    You can mechanically do what you envision. And you can maintain anonymity by storing only a hash of the user's credential, just as a password. You can see if the credential's hash exists in the table, but you cannot recreate the credential from the hash.

    But what credential can you use to ensure the user only answers the survey once? It's all too easy for users to create alternate identities so they can fill out multiple forms if they were so inclined. You can make it marginally difficult by limiting one survey per IP address, or one survey per MAC address. Those are easy to get around as well, in addition to being unrealistic. There can be multiple people per IP or MAC. Or multiple IPs and MACs per person. The only credentials that truly identify someone is something they would not give up easily, and even so, you have no way to verify it still.

  3. rcpessoa
    Member
    Posted 2 years ago #

    I have the wordpress installation syncronized with active directory, so the unique user is not a problem...

    what I would need to do is to save the hash in a database... however I do not know how to do it...

    could you help me?

    Thanks,
    Raul

  4. bcworkz
    Member
    Posted 2 years ago #

    On further thought, to confirm a user only replies once, the user must be authenticated, either by WP or AD. Once this is done, the user cannot be fully assured their answers are anonymous. They have to take your word for it. I suppose making the source code available for examination may assuage some fears.

    Anyway, this makes the hash thing moot. Simply store a value in user meta when the user submits the form. If the value is already there, reject the form. This is unrelated to how the answers are stored, thus anonymity is maintained.

    If the answers are stored in a separate table, a simple inspection would show there can be no correlation between any particular row and any particular user. For further transparency, if possible, tally the answer results directly into accumulators upon submission, such that there is not even a record of the individual form answers, only a summation of all the answers is maintained.

    My apologies for any confusion. Furthermore, I'm unable to provide any actual code on how you would implement this. If I had something already written, I would provide it, but for this, I'd be starting from scratch.

Topic Closed

This topic has been closed to new replies.

About this Topic