I plan to prepare a gallery (in php) with a voting option. However, I've got security problems and do not know how to resolve them.
I would like it to be possible to vote only one time per 24 hours. I tried to use IP address verification, but depending on ISP it may change after reconnection. Cookies can be removed from the computer.
I considered another approach: sending an email to the person with a link that they click to vote. That would be saved in the db with 24 hour restriction for IP address and email address.
Unfortunately these options do not give a guarantee. Do you have any more security tips? Would you advise something else?
PS- A CAPTCHA seems nice, but users may not want to vote while experiencing any difficulties.
This can be achieved through obscurity. As Subdigger and Oltarus stated, voting only to registered users are the only real way.
Most automated polling code only submit to the form directly. You can set a cookie and record the user activity to see if they actually visit the polling page before submitting.