The alternative anonymous
-
I just got an e-mail that made me laugh... I've swapped the guid, but here it is:
To respond to our survey, please click on the web address above.
<snip>
If you wish to take the survey anonymously, click the link below:
Because nothing says anonymous like a user_id guid ;-p
And no, I won't be taking up their invitation any time soon...
-
&admin=false is missing here.
-
Another WTF is the fact that I was able to complete the survey with the changed user_id. Twice.
I'd expect most questionaire systems to a) detect which guid's have been handed out and b) detect which subset of (a) have been not been filled in already, and reject attempts to fill in any that don't fit into these groups.
-
PHJ has a point here. As WTFy as this looks, how would you design an online survey that works without unique user ids and still prevents double voting? And no, a has_voted = yes cookie is no option :p
-
@PSWorx said:
As WTFy as this looks, how would you design an online survey that works without unique user ids and still prevents double voting?
With Diebold voting machines, of course!