Quote:
|
Originally Posted by Chuck S It is a security feature. |
You're kidding right? Where's the security now when a user can register a 100 new users and achieve better (and not so easily detected) results?
I see your point but restricting one rating per user as a security method is pointless, not to mention statistically inaccurate like my previous example shows. If you want to throw in a security feature to prevent abuse, what about this?
- make the product id a mandatory field to submit a rating;
- if the product is not marked as "sold", abort;
- if the product id is marked as already used to rate the owner, abort; (needs a new db table field)
- if the product owner id does not match the user id that is receiving the rating, abort;
- if the above conditions are given, submit the rating and mark the product as "used" (the new field mentioned above) or something similar to prevent double posting or someone else to abuse the system;