473,237 Members | 1,155 Online
Bytes | Software Development & Data Engineering Community
Post Job

Home Posts Topics Members FAQ

Join Bytes to post your question to a community of 473,237 software developers and data experts.

user identification

Hi all,

We have about 10 different domains that are linked very closely and we
want to identify and track every single user that surfs our websites.
Later we want to analyse user paths and find out the search robots with
the referring search words.

What are the possibilities?
Cookies are not accepted by 40 % of our users and in addition to that
for each domain a different cookie is created what makes it really
complicated.
I guess a combination of Browser type, Operating System, Hostname etc
is really insecure as there are many users using the same stuff.
I think the only secure way to logg this is by the way of using
sessions.

One disadvantage of sessions is that they take very much performance of
the server when there are many users at the same time.
Is there a way to reduce performance of the sessions?
Are there any other possibilities except sessions?
Are there freeware php statistic functions that allow the reuse of
their statistic data in our own implementations?

Thank you very much for your help!

Dennis

Jul 17 '05 #1
2 1919
>We have about 10 different domains that are linked very closely and we
want to identify and track every single user that surfs our websites.
Later we want to analyse user paths and find out the search robots with
the referring search words.

What are the possibilities?
Require the users to log in with an ID and password after registration.
That may not be an option. You also probably need sessions to keep
track of the fact that they HAVE logged in.

When the user first hits one of your pages, the URL passed from
many search engines gives you the keywords. This you can get from
Apache logs, or with PHP. Figuring out where the user goes after
that is harder, especially across domains.
Cookies are not accepted by 40 % of our users and in addition to that
for each domain a different cookie is created what makes it really
complicated. I guess a combination of Browser type, Operating System, Hostname etc
is really insecure as there are many users using the same stuff.
I hope 'secure' is *NOT* what you are looking for, and what you are
looking for is more like 'accurate Big Brother watching'. If
'security' is any kind of issue (say, you are a bank or doctor or
auction site), you shouldn't even be thinking about fingerprinting
browsers as a way of identifying users.

Browser fingerprinting is inaccurate for a number of reasons:
(a) load-sharing proxies make requests for even stuff on the SAME
page come from several different IP addresses (and I believe
most AOL users go through one).
(b) If you don't use IP address, there's not enough info to distinguish
the users (what percentage are using IE(latest) with Windows XP?
Over half?)
(c) NAT gateways make lots of really different users appear to come
from the SAME IP. See (b) for why you can't tell them apart.

It might work OK for marketing stats but not for anything requiring
'security'.
I think the only secure way to logg this is by the way of using
sessions.
Well, you've got a problem. To keep track of a session, you need at
least one of (a) cookies, (b) session IDs passed via URL transparently
using trans_sid, (c) session IDs passed explicitly via URL manually,
or (d) hidden form variables on the page.

(a) doesn't work across domains and besides, a lot of your users have
them turned off.
(b) only works with relative URLs (which have to be the same domain).
(c) is a pain in the butt and may offend users for the same reason
they have cookies off,
and (d) works only if every link is a form, and is also a pain in the butt.
I presume that if cookies are often turned off, Javascript is also often
turned off.

You're essentially stuck with (c), with the others sometimes working
as a backup.
One disadvantage of sessions is that they take very much performance of
the server when there are many users at the same time.
It is possible to write session handlers to stuff the session info
into a MySQL database instead of using lots of little files in a
directory. Whether or not this is a performance increase or decrease
depends on your setup and things like how much data gets stuffed
into sessions. Among other things this gets you is the ability to
share session data between different (load-shared) physical servers.
Is there a way to reduce performance of the sessions?
You could always add time-wasting code such as checking whether a
user is logged in several thousand times on each page, but I don't
think this is what you meant to ask.
Are there any other possibilities except sessions?
There are some do-it-yourself methods which essentially re-implement
sessions, often poorly, using the methods (a) through (d) to
keep track of a session ID. Once you can track the session ID,
you can stuff the session data anywhere you need to (files, database,
whatever).
Are there freeware php statistic functions that allow the reuse of
their statistic data in our own implementations?


Probably, but I'm not sure how calculating mean and standard deviation
of something is going to get you the raw data in the first place.

Gordon L. Burditt
Jul 17 '05 #2
On Mon, 30 May 2005 13:40:19 -0700, d.schulz81 wrote:
Hi all,

We have about 10 different domains that are linked very closely and we
want to identify and track every single user that surfs our websites.
Later we want to analyse user paths and find out the search robots with
the referring search words.

What are the possibilities?
Cookies are not accepted by 40 % of our users and in addition to that for
each domain a different cookie is created what makes it really
complicated.
I guess a combination of Browser type, Operating System, Hostname etc is
really insecure as there are many users using the same stuff. I think the
only secure way to logg this is by the way of using sessions.

One disadvantage of sessions is that they take very much performance of
the server when there are many users at the same time. Is there a way to
reduce performance of the sessions? Are there any other possibilities
except sessions? Are there freeware php statistic functions that allow the
reuse of their statistic data in our own implementations?

Thank you very much for your help!

Dennis


This one is based on a mysql table, it records standard information from
$_SERVER[]. You might want to resolve the IPs on entry to the table,
personally I prefer to only look up those that haven't been looked up
before, which I do locally so haven't included here. Also, I moved the
database connect to inside the function, for the sake of those new to this
stuff who want to see how it fits together.

Finally, don't criticise my crappy HTML bits. I have a real battle with
html. Don't bother asking me why because I don't know the answer, if only
we could do php without having to bother at all with the html side I'd be
alright.
The first function is the one to include in each of your pages (it records
the page hits as well as site hits).

<?php
// Visitor hits
//
function VisitorHit()
{
//constants

define('DB_USER','your mysql user name');
define('DB_PASSWORD','your password');
define('DB_HOST','localhost');
define('DB_NAME','database name');

//connect to database

$dbh=mysql_connect (DB_HOST, DB_USER, DB_PASSWORD);
if( ! $dbh) {
die ('I'm terribly sorry but I cannot connect to the database because:
'.mysql_error());
}

//open database

mysql_select_db (DB_NAME);

//select records
$thispage = $_SERVER['PHP_SELF'];
if( strlen($thispage) < 1 )
{
$thispage = "none";
}
$browser = $_SERVER['HTTP_USER_AGENT'];
if( strlen($browser) < 1 )
{
$browser = "none";
}
$ip = $_SERVER['REMOTE_ADDR'];
if( strlen($ip) < 1 )
{
$ip = "none";
}
$requestmethod = $_SERVER['REQUEST_METHOD'];
if( strlen($requestmethod) < 1 )
{
$requestmethod = "none";
}
$querystring = $_SERVER['QUERY_STRING'];
if( strlen($querystring) < 1 )
{
$querystring = "none";
}
$requesturi = $_SERVER['REQUEST_URI'];
if( strlen($requesturi) < 1 )
{
$requesturi = "none";
}
$referer = $_SERVER['HTTP_REFERER'];
if( strlen($referer) < 1 )
{
$referer = "none";
}

// build SQL string

$sql = "INSERT INTO `visitors` ( `visitorid` , `self` , `browser` , `ip` , `requestmethod` , `querystring` , `requesturl` , `referer` , `touched` ) VALUES ('', '$thispage', '$browser', '$ip', '$requestmethod', '$querystring', '$requesturi', '$referer', NOW( ));";

//perform query

$result = mysql_query($sql);

// no checking because we aren't that bothered about missing the odd hit

}

?>

This next part is really an example of how a 'stats.php' file might be
used to examine the data.
<?php
$page_title='Stats';
include 'header.inc';

define('DB_USER','your mysql username');
define('DB_PASSWORD','your password');
define('DB_HOST','localhost');
define('DB_NAME','your database name');

$dbh=mysql_connect (DB_HOST, DB_USER, DB_PASSWORD);
if( ! $dbh) {
die ('I cannot connect to the database because: '.mysql_error());
}

//open database

mysql_select_db (DB_NAME);

//select minimum date record

$sql = "SELECT DATE_FORMAT(MIN(touched),'%D %b %Y') FROM visitors;";
$result = mysql_query($sql);

if($result)
{
$row = mysql_fetch_array($result);
$mindate = $row[0];
}

//select maximum date record
$sql = "SELECT DATE_FORMAT(MAX(touched),'%D %b %Y') FROM visitors;";
$result = mysql_query($sql);

if($result)
{
$row = mysql_fetch_array($result);
$maxdate = $row[0];
}

//DISTINCT visitors

$sql = "SELECT COUNT(DISTINCT(ip)) FROM visitors;";
$result = mysql_query($sql);

if($result)
{
$row = mysql_fetch_array($result);
$distinct = $row[0];
}

//DISTINCT browsers

$sql = "SELECT COUNT(DISTINCT(browser)) FROM visitors;";
$result = mysql_query($sql);

if($result)
{
$row = mysql_fetch_array($result);
$browser = $row[0];
}
?>

<div >
<h2><a name="Stats">Statistics</a></h2>
<?php
echo "<p>Stats between $mindate and $maxdate</p>";
echo "<p>Number of visitors $distinct</p>";
echo "<p>Number of browsers $browser</p>";

//DISTINCT browsers

$sql = "SELECT browser, COUNT(*) AS icount FROM visitors GROUP BY browser
ORDER BY icount DESC;";

$result = mysql_query($sql);

echo "<p>";
if($result)
{
while( $row = mysql_fetch_array($result))
{
printf("%s --- %s<br>", $row[1],$row[0]);
}
}
echo "</p>";

?>

</div>

<?php
include 'footer.inc'
?>
Jul 17 '05 #3

This thread has been closed and replies have been disabled. Please start a new discussion.

Similar topics

60
by: Fotios | last post by:
Hi guys, I have put together a flexible client-side user agent detector (written in js). I thought that some of you may find it useful. Code is here: http://fotios.cc/software/ua_detect.htm ...
5
by: Carl Ribbegaardh | last post by:
Is there any known list of compiler identification macros? I'm using VS 2003, g++ on windows, sun's cc and g++ on solaris. Is it possible to identify the compiler using macros? I'm aware of WIN32...
3
by: Zlatko Matić | last post by:
Excuse me, what is the difference between user and system_user and which function should be used in audit trail table ? Thanks.
23
by: Roel Melchers | last post by:
My ACCESS-database contains all members of my association. When the members attend to a meeting I want to record their presence. When they enter they identify themselves by putting their finger...
3
by: Caspy | last post by:
I just get stuck on how to check if a user is a member of network (domain). I am building an internal tracking system with ASP.Net with Form authentication. When an user is added into the system,...
2
by: suresh | last post by:
Hello to you all In my .Net application, I want to import document images (Tiff images), having same format, in a batch, For e.g. I have a document folder containing mixed images like...
2
by: John | last post by:
Help! I've just spend the last three days researching and testing the following issue without any results. I have a test page setup to get the Windows logon name of the user. The site is a...
18
by: Arthur | last post by:
Hi All, I would like to get the name of the user given their networkID, is this something Active Directory would be useful for?(For intranet users) If so, can you please point me to some sample...
4
by: shapper | last post by:
Hello, I am creating a Poll system and I need to check if a user has already voted. What should be the best way to do this? 1. Should I save the user IP along with its vote in the database?...
2
by: mitja | last post by:
Hi, I have read a lot of posts on the web and got no answer. Is there any chance of geting any unique client identification data (his IP-but not proxy IP or router or NAT, his username, his...
0
by: abbasky | last post by:
### Vandf component communication method one: data sharing ​ Vandf components can achieve data exchange through data sharing, state sharing, events, and other methods. Vandf's data exchange method...
2
isladogs
by: isladogs | last post by:
The next Access Europe meeting will be on Wednesday 7 Feb 2024 starting at 18:00 UK time (6PM UTC) and finishing at about 19:30 (7.30PM). In this month's session, the creator of the excellent VBE...
0
by: fareedcanada | last post by:
Hello I am trying to split number on their count. suppose i have 121314151617 (12cnt) then number should be split like 12,13,14,15,16,17 and if 11314151617 (11cnt) then should be split like...
0
by: stefan129 | last post by:
Hey forum members, I'm exploring options for SSL certificates for multiple domains. Has anyone had experience with multi-domain SSL certificates? Any recommendations on reliable providers or specific...
1
by: davi5007 | last post by:
Hi, Basically, I am trying to automate a field named TraceabilityNo into a web page from an access form. I've got the serial held in the variable strSearchString. How can I get this into the...
0
by: MeoLessi9 | last post by:
I have VirtualBox installed on Windows 11 and now I would like to install Kali on a virtual machine. However, on the official website, I see two options: "Installer images" and "Virtual machines"....
0
by: DolphinDB | last post by:
Tired of spending countless mintues downsampling your data? Look no further! In this article, you’ll learn how to efficiently downsample 6.48 billion high-frequency records to 61 million...
0
by: Aftab Ahmad | last post by:
So, I have written a code for a cmd called "Send WhatsApp Message" to open and send WhatsApp messaage. The code is given below. Dim IE As Object Set IE =...
0
isladogs
by: isladogs | last post by:
The next Access Europe meeting will be on Wednesday 6 Mar 2024 starting at 18:00 UK time (6PM UTC) and finishing at about 19:15 (7.15PM). In this month's session, we are pleased to welcome back...

By using Bytes.com and it's services, you agree to our Privacy Policy and Terms of Use.

To disable or enable advertisements and analytics tracking please visit the manage ads & tracking page.