EvilZone
Programming and Scripting => Projects and Discussion => : Kulverstukas July 20, 2014, 09:05:15 AM
-
I'm writing an IRC bot (yeah yeah...) in PHP, because I feel like it and because Evilzone IRC kinda needs one. Everything is OK up until now, the actual part that is going to do the votebanning.
I can't decide how to approach this, help me figure out how to count the votes. While talking about it on IRC, we discussed few methods:
* Hardcoding the vote count == only good if channel has many users and at least twice are active at that time.
* Percentage from the overall member count == sounds like the best solution, but cannot decide on that percentage for it to be effective.
* If anyone could vote, trollvoting would occur by connecting multiple times with different names and voting. To solve trollvoting, it was suggested to use a list of people that are allowed to vote, another could be checking the vhost or IP, but it's useless if the person uses proxies.
* It should have a whitelist of people that cannot be banned with this bot.
Help me on this to keep the community clean :D
-
maybe giving out a personal voting password, so even if i connect multiple times I only get to vote once? Sorry if it makes no sense, I don't know much about IRC, just for brainstorming ends
-
maybe giving out a personal voting password, so even if i connect multiple times I only get to vote once? Sorry if it makes no sense, I don't know much about IRC, just for brainstorming ends
Thats something I thought about, too :) Guess its a bit overkill but I think I would do something like that:
1. Create a access list for users who are allowed to use the bot and the voting system.
2. to avoid multiple votes from a single user I would create a one-time-token function. The allowed users can pm the bot, provide the name of the user that should get banned, and get a one-time-token they need to pass to the vote function. That would make sure, that a allowed users can only vote once to ban a specific user name.
3. The user should get banned if more than 50% of the allowed users (which are online in that moment) voted for the ban.
This approach has one (or maybe two) major faults. If only one of the allowed users is connected to the irc his one vote would lead to a ban. The other flaw is that many members stay connected (bnc connections) even when they are not there. Most of them show that with adding _afk or _away or something else to their nick name. The bot would need to check for that too.
Thats just some thoughts. I will keep on thinking about it and maybe I can come up with something more practical :)
-
It will have to have a trusted list to stop trollvoting, that's for sure.
As for #2: that is an overkill, since the same user could connect again with different name and request the code. It's essentially the same as tracking his nickname.
The biggest problem here is how to control the votes per person.
-
If it's gonna be a trusted list, you could give out a personal code via pm to the trusted member's forum account, which is only one per person. And then the bot would require it in order to vote, that way it can keep record of who has voted and who hasn't, independently of the nickname used.
-
But then the user would need to PM the bot with his code as not to expose it to the public and that isn't very convenient.
It should be as simple as !yes or !no for voting if at all possible to do while still having security measures.
UID for every forum user is not practical and integration with our current SMF forum system would be a huge overkill.
-
Ok, cool. That sounds like the best solution for vote control.
Have a list of people that are allowed to vote and to count the vote, user in the list have to be authenticated with IRCd.
Now onto the next problem: how to actually count the votes. Since it'll be a controlled list, the way I see it, percentage is the best way to go.
Did some calculating and the way I see it, for the bot to be effective, there will have to be at least 5 users in the channel (bot included).
* 2 users: 1 bot, 1 human -> no go, bot cannot ban itself, person who initiated the command cannot vote.
* 3 users: 1 bot, 2 humans -> no go, person who initiated the command cannot vote.
* 4 users: 1 bot, 3 humans -> no go, person who initiated the command cannot vote, 1 human makes 100%.
* 5 users: 1 bot, 4 humans -> good, 1 human will be 50%. 1 to initiate the voting, 1 to be banned, 2 to vote.
So at least 4 people must be in the channel. I'll try to round up to less the vote count, let's say if 7 humans are in the channel, so then 50% would be 3.5 votes. I will round it down to 3 votes (if possible) to get a lesser vote count.
-
Web interface sounds delicious, however maybe one day... a simple command line will be enough for now.
-
The issue i see with this is that so many people idle in channel so maybe make the vote based off of two extra conditions: It only counts users that are white listed(capable of voting) and that have been active in the last x minutes. Otherwise with the amount of afking in channel it would be impossible to ever get a successful voteban.
-
Yes, I thought of that as well. I intend to have it run on my rpi, and I reboot my rpi every day at midnight, so building a profile every time the script starts seems a bit of a long lasting task.
However currently I see no other way, I would prefer without it.
Though some people are online but do not check the irc often, for that I was gonna send out notices to everyone in the channel to highlight them so they can check what is happening.
-
Progress update: doing good so far. Just got to a point where I doubt the hardcoded percentage value.
If the channel has 30 people, then 14 votes will be required with 50% and that is obviously too much. But if that channel has just 8 people, then it's reasonable.
What I was thinking to do is have the percentage decrease if the number of users increase, just decide on percentage values that I should use.
-
do you have data on average online users, or even better online users in different times of day / days ? with that info we can help you build a funciton with a reasonable curve.
Edit: have you thought of a link to a captcha with a unique-per-votation authorization code ? that would slow'em down.
-
averages differ with different channels and servers. So no, values should be global. A link with unique auth codes might viable. But I am doing a basic thing to be managed over irc as I dont have a lot of time for pimping. It wont be complete that way..
-
Ok, how about having a random small sized captcha sent by the bot to the users? Please excuse me if I suggest things that are obviously too complicated or simply not worth it, or even worse, an insult by implying you didn't think of them. This is strictly a result of my lack of technical knowledge. I just love trying to solve problems and the issue keeps coming to my mind without being called =P
-
how would captcha solve this? makes no sense to me.
-
I thought it could prevent someone from voting multiple times, as it would take time to receive the file, open it, return the captcha correctly and only then being allowed to vote, and by the time u do all this the second time, the voting will be probably over. Maybe there could be a limited amount of time for votations. But again, if it is a dumb idea, disregard it please and excuse my n00bness, I'll go back and play with the little kids =P
-
It isn't a horrible idea, but not good one in this situation. It would just make it complicated for a regular user.
-
I thought it could prevent someone from voting multiple times, as it would take time to receive the file, open it, return the captcha correctly and only then being allowed to vote, and by the time u do all this the second time, the voting will be probably over. Maybe there could be a limited amount of time for votations. But again, if it is a dumb idea, disregard it please and excuse my n00bness, I'll go back and play with the little kids =P
I might not get engaged in another votebanning next time after realising how difficult the whole process is. Captha method will make it quite complicated.
-
I got a fool-proof idea, daxda suggested it. Use a timer to count votes, then I won't have to worry about percentage. Once voting is started, go into a loop checking the time for 10 or something minutes while counting the votes. If 50% of votes were received before time runs out - user gets banned. If time runs out, I compare if I received more !yes votes, if I had then ban the dude. If it's a tie, then do nothing.
-
yeah that does remove the need for worrying about channel activity etc, as only "active" people would be voting within the time-frame, so only they are counted. Id still implement a whitelist though. Also (i dont think this has been brought up yet) but shouldnt/couldnt you implement the bot to run through nickserv for the whitelist? ie if you arnt identified with NS AND on the whitelist then no voting. Anyway unless im missing something really obvious it should be a easy way to both verify an identity(whois queery from your bot to NS) as well as make the whitelist manageable.
-
derp herp merp suggestions suggestions
Thanks for that, but I have already thought about it and done it :)
-
How is it doing?
-
Pretty good. Done a lot of work and it's mostly working, still coding it, doing tweaks here and there.
I decided to have 2 modes: restrained and guest voting. When guest voting is not allowed, then it checks who voted by the list that you define. If it's allowed, then obviously nicknames are useless, however then I check for hostnames - those are usually unique and never change, unless you use a different IP.