The current AppConfig for RatingsCanBeDoneByAnons only has an effect on the product pages and showing the link for the popup window.

However rateit.aspx can be directly accessed, sometimes you want this to happen. For example an automated email system that asks the user to review a product. If you want it to get done you will send them directly to the rateit page than have them hunt around on the product page.

The problem is rateit.aspx.cs does not check if you are logged in or not. Luckily this is a very easy and quick fix.

Ver 9
Open up rateit.aspx,
We will insert some new code under line 45. If you have any extra code I am adding this snippet after AppLogic.CheckForScriptTag(ReturnURL);
Code:
// Anon check - DotNetDevelopments
if (!AppLogic.AppConfigBool("RatingsCanBeDoneByAnons") && !ThisCustomer.IsRegistered)
{
     Response.Redirect(string.Format("signin.aspx?returnurl={0}{1}", Server.UrlEncode("rateit.aspx?productid="), ProductID));
}
Now this code works fine but with one small issue. When directly accessing rateit.aspx the skinid if statement fails thus returning a 0, breaking your images.
The fix for this is a few lines above. Change the following line of code.
Code:
FROM
SkinID = int.Parse(CommonLogic.IIF(CommonLogic.IsInteger(Profile.SkinID.ToString()), Profile.SkinID.ToString(), "0"));

TO
SkinID = int.Parse(CommonLogic.IIF(CommonLogic.IsInteger(Profile.SkinID.ToString()), Profile.SkinID.ToString(), "1"));
I have changed it to skinid 1 because at the start of the class we set SkinID as 1. However if you do not have skinid 1 just set it to a skin you do have. This is only for the stars images, I am sure there is a quick way to get the current skinid, however as far as importance goes I put this pretty low and was happy to hard code.

A word of warning. First test I used ThisCustomer and their SkinID. However because we had renamed skinid's and moved folders the customer has skinid 7 when we only have 1 and 2. However if this is not an issue for you then feel free to add onto the snippet after the if statement.
Code:
SkinID = ThisCustomer.SkinID;
Ver 8
Version 8 is so much easier.
Again go to rateit.aspx.cs After line 47 or after AppLogic.CheckForScriptTag(ReturnURL); Add The following lines.
Code:
// Anon check - DotNetDevelopments
if (!AppLogic.AppConfigBool("RatingsCanBeDoneByAnons") && !ThisCustomer.IsRegistered)
{
     Response.Redirect(string.Format("signin.aspx?returnurl={0}{1}", Server.UrlEncode("rateit.aspx?productid="), ProductID));
}
The reason we don't need to worry about the SkinID is because we collect the SkinID from a cookie. Ver 9 does not keep the SkinID in a cookie so this is not possible. There is an issue that if a user does not have the SkinID set as a cookie, so if you want to be 100% sure the images will show up I do suggest adding skinid=yourid on the end of your query string when directly linking.

Any problems with the code or issue just post a message and we can try and work out what's happening.