Can I give likes and Dislikes to Post without login in

Published 1 month ago by pickab00

Is it possible to like and dislike a post without logging in? I have seen websites use likes and dislikes without login but I don’t know how. They do not require to be logged in and once the post is liked, it can not be liked again when refreshed or even when the cookies are deleted. An example can be found here.

Edit: Link removed for obvious reasons

First of all, how did they make the react buttons? (Those emoticons below).

And second, the comment section. You are able to like it without logging in. What is the logic behind this?

Best Answer (As Selected By pickab00)
Snapey

I'm saying you can hit the face and a record is sent to the server each time. Since the votes are percentages its impossible to say if the vote is registered because you don't know how many other votes there have been. For instance, if there were 10,000 votes then you would need to press 100 times for the percentage to increase.

However, thats beside the point. If you want to avoid a guest voting twice then you have to resort to fingerprinting with a library such as https://clientjs.org/. Its not foolproof though and it would be trivial for someone to post votes using guzzle.

Interestingly, the site's back-end is built with Laravel.

pickab00

@Sergiu Sorry. Scroll all the way down and you will see user icons. From there it will be noticeable. Each comment and its replies has it’s own likeable and dislikeable. And user doesn’t need to login.

Snapey
Snapey
1 month ago (959,275 XP)

Clicking the icon and registering the vote is the simple part (just a guest post to site)

The tricky bit is to stop you doing it multiple times. They could be using client fingerprinting?

https://www.forbes.com/sites/bernardmarr/2017/06/23/how-businesses-use-controversial-device-fingerprinting-to-identify-and-track-customers/#182b27f93d46

pickab00

@Snapey yes it is simple. That is the tricky part too. I know that they are using data-opt to take the value/id using js and ajax-ing to db. But the thing I don’t get it is how they are stopping it from doing twice.

Snapey
Snapey
1 month ago (959,275 XP)

I can't see anything to suggest its stopping me hitting the button multiple times.. It certainly sends an ajax post each time the face is punched.

pickab00

Exactly! That is what’s grinding my mind. I don’t see anything unique in js either. Obviously everything is being handled by the controller but I can’t think of anyway they could stop from voting agin. Unless they are taking the IP. But that would be just way too stupid as IP is per router and that will stop from voting anyone else who is on that same network.

Snapey
Snapey
1 month ago (959,275 XP)

Thats not what I said. I said HOW do you know they ARE blocking it?

pickab00

Sorry. Well the first request works but afterwards it doesn’t even budge. I mean, you can like comment or react to the post only once. After that it doesn’t get stored i assume. These are all assumptions based on what i am able to see. And i see the reacts and likes being blocked after you have reacted or liked once.

So what you are saying is that an ajax is sent over everytime you hit the faces? But once refreshed, it does not count?

Snapey
Snapey
1 month ago (959,275 XP)

I'm saying you can hit the face and a record is sent to the server each time. Since the votes are percentages its impossible to say if the vote is registered because you don't know how many other votes there have been. For instance, if there were 10,000 votes then you would need to press 100 times for the percentage to increase.

However, thats beside the point. If you want to avoid a guest voting twice then you have to resort to fingerprinting with a library such as https://clientjs.org/. Its not foolproof though and it would be trivial for someone to post votes using guzzle.

Interestingly, the site's back-end is built with Laravel.

siangboon

I think that the idea to allow vote without login is not practical. Try to refresh after you clicked, the count is not persistent.

pickab00

@Snapey Yes it is built on laravel. That is for sure. Also I looked at clientJS and the fingerprint idea is good. So what you mean is that even though fingerprinting is used, there is a way to fool the system and give multiple votes correct?

What are your thoughts on how they are doing it?

Snapey
Snapey
1 month ago (959,275 XP)

What are your thoughts on how they are doing it?

Its not obvious that they are doing it, but if they are, you would probably need to see the server code also.

pickab00

Ok one last question. How much would you recommend clientJS?

pickab00

@Sergiu17 Could you please remove the link posted on your reply.

Please sign in or create an account to participate in this conversation.