[eluser]tomdelonge[/eluser]
There is no way to guarantee only one entry per person. IP address are most of the time dynamic (I think). Plus, they're mobile. Cookies can't be trusted, since someone could tamper with them (or in the least just remove them). The only good way of making sure someone doesn't do something twice is to require a sign in (which sounds too cumbersome for what you're doing) And even then, what's to stop multiple sign-ups? Another possibility is requiring the user's phone number.