So now I’m interested in good tips to avoid cheaters. Such as paticipants e-mail-spamming with the link to the competition entry.
You could set a cookie by IP address. I don’t know the exact code for it – but you can Google on setting cookies. So basically, you could set the cookie to look for the email address and IP address that the entry/vote is sent, and set a time limit on it (so if the vote is over in 3 days, you can set the time to expire in 3 days). Then it’ll look for the IP address and email address of every vote – if a match is found, then it won’t submit it.
This isn’t foolproof, though, because setting a cookie isn’t server-side, and the end user could effectively render this useless by clearing his cookies (or not allowing cookies to be set through his browser). Alternatively, they could vote in IE, have the cookie set, then open up Mozilla and do it again (but using *both* IP *and* email would help circumvent this).
You *could* make it server side by having the IP and emails be sent to a database, and then every time a visitor came, it would try to match the user’s settings to the logged votes in the database, but that would take some coding to accomplish.