WordPress poll plugin?

Dear Lazyweb, is there a WordPress poll plugin that you like?

There are a bunch of them, but the thing I'm most worried about is, which one is least likely to open up a gaping security hole in my site?

The fact that there are a bunch of them makes me suspect that many folks have considered writing a poll plugin to be their "learning experience", and with PHP, that does not augur well for security.

Hoping for: polls are inline in a post (not a sidebar); questions are multiple choice, boolean, numeric-range; multiple questions in a single poll; authenticate in the same way as posting a comment (in other words, not overly concerned about ballot-box-stuffing).

Livejournal did this pretty well.

Tags: , ,

9 Responses:

  1. Otto says:

    Are you restricting this entirely to your own site and not using a service? I ask because I was fiddling around with Polldaddy again recently, and it works pretty well.

    • jwz says:

      I'd rather have all the data be self-hosted than rely on an external service that will go away eventually.

      • Otto says:

        I don't disagree with you, but, Automattic runs Polldaddy. It's not going anywhere. :-)

        • pete23 says:

          Really? I've survived four times the length that Automattic has been around and was planning on doing the same again. Self hosting - your content, as long as you can be bothered.

  2. Jeremiah Edward Cornelius says:

    Hey, if you are running on WordPress/PHP then you really should look at wordfence. It does reputation filtering, selective blocking, auth notification, etc...

    I lost a couple of people's WP sites to some aggressive bots in Jan. Somewhat painfully rebuilt these by hand, and started using wordfence for protection and updates. The free edition is enough. Askimet used to fill up with many thousands of spam messages a month. This alone was damaging to site speed with the connections and DB size, etc. Now Askimet stays under 500 - and drops bogus login, etc.

    There's a lot of "bullshit maintainance" from which I'm now unburdened.

    • jwz says:

      Huh. Well, it sounds nice, but as soon as I installed it and hit "Save Changes", it ran my server out of memory, driving the load up to 250.

      So, yeah, maybe not.

      • Dave says:

        Ymmv, of course, and I don't know your sites' stats, my install required some tweaking in the memory used by php. Wordfence was worth it for me.

        • jwz says:

          Well I tried activating it again, after lowering its memory limit from 256 to 32, and it did the same thing. That they failed at such a basic task as "don't utterly kill the machine ten seconds after installation" fills me with the-exact-opposite-of-confidence in their coding skills, so, **plonk**. If a machine with 8GB of RAM and 8x1.6GHz falls below your minimum system requirements, you fail at life.

  3. Lloyd says:

    If you use WordPress, you need the ultimate in hackproof WordPress security.