Permissions to cast and edit votes is decided based on display names. The problem is that Dokuwiki allows users to change their display name as often as they like (assuming the authentication backend supports it). This makes it possible for users to spoof others' votes, edit existing votes of other users, or vote multiple times under multiple names. It would be better if these permissions were computed based on username (which can not be changed except by superusers), with the display name used only for rendering purposes.
Permissions to cast and edit votes is decided based on display names. The problem is that Dokuwiki allows users to change their display name as often as they like (assuming the authentication backend supports it). This makes it possible for users to spoof others' votes, edit existing votes of other users, or vote multiple times under multiple names. It would be better if these permissions were computed based on username (which can not be changed except by superusers), with the display name used only for rendering purposes.