Suppose, I have 200 links and if the visitors visits continuously all the links then I want to offer a free pdf book
after last link but if someone directly visits last link then offer should not display.
In this case the user may visit the site per month or any long time to complete the tutorial site (this site) and the
user may delete the cookies so I should not use local storage or something like that.
So, I'm pulling an option with the users' ip address and if that ip's users completes the whole page visit the offer should be displayed.
So, how to decide if an ip address has viewed all the pages and if the user is at last link then display offer.
Does it have a login feature? If so I would track page views by url and userId.
The shortcoming of ip address is that different people using the same computer will count towards the same tracking. Also, you will not get credit if you visit the site from two different locations.
It is not possible to track the information with only the ip address. The IP address can change everytime the user reconnects to the internet e.g. reboot router. You will have to provide user login feature so you can associate the link visits with that user account.
The usual way to do this would be as follows using some server-side storage:
When a browser hits your server on any of the pages you are tracking, you see if there's already a tracking cookie in the browser. If not, you coin a unique ID for this browser and put it in a cookie that you set into that browser. Make sure the path allows visibility of the cookie anywhere on the site and set the expiration for however long you want.
In your server-side database, create an entry for this cookie ID and record that the page that was just hit has now been seen by this cookie ID.
On any subsequent page hit, get the cookie ID, look it up in the database, record that this page has now been viewed by that ID and check if all the required pages have now been viewed by that ID. If so, add the special offer to the delivery of the current page.
Using a cookied ID like this avoids issues with multiple browsers sharing a single IP address (which even happens on home networks and happens all the time on corporate networks).
If your site has a user login, it's even better to use the login ID as the user identifier because that allows you to accumulate the browsing history of the user even if they use multiple browsers/multiple computers as long as they login first.
FYI, some of the logic above can also be implemented via ajax calls made from the client upon each page load rather than work done at the time of serving the page - though this adds an extra server request for each page.
Related
I want to know how to count unique visitors on webpage with Javascript (ReactJS + NodeJS(Express) i mean when user loads page it should send user's data to validate and if it is unique add it to database. there are this options (what i figured out)
Use client's IP address as validator.
Set Cookie
first one is not good because many device can share same network and many visitors will be lost.
Second one is not good option because cookie can be manipulated & deleted (if it is httpOnly then only deleted)
So what is best way to count visitors? my aim is to make something like . this
You can add a field in your database schema in which you can update it by adding 1 or something similar when a user visits a page. If you want to go further you can then store the user IP in the database or use cookies to avoid counting page visits for the same person multiple times.
You can use e.g. Google Analytics and their core reporting API. After you included GA in your site, the query explorer will get you started.
First off, Thanks in advance to anyone who resolves/helps to resolve this problem. And sorry if this is a duplicate(I couldn't find it anywhere, so posted a new question).
So the main issue is I want my webpage to display an alert message, subsequently from when a user visits the page for 2nd time onwards, so I thought IP logging using cookies would be the most unique thing to do, please do suggest if there's a better thing to use.
Browsing till now, did not get me a way to log IP in cookies. Also, the solutions I found were somewhat similar but they were in PHP, which, I'm not good at.
I would prefer using JavaScript as opposed to jQuery, but all and any help is appreciated.
First off before I give different ways of identify repeated visit and display a message after 1st visit.
I would recommend not using the IP address because there could be multiple machines behind the NAT routers sharing the one IP address, there will also be a the problem of mobiles always changing their IP address because they will also be connecting to different networks.
There is multiple ways of doing this:
I would recommend using either Option 3 or Option 4 so that there is nothing stored on the users machine. It is then much more secure that client side because people can store of JavaScript on their browsers.
Option 1:
You could have a client side local storage by using the HTML5 Web Storage.
HTML5 Web Storage
Before HTML5, application data had to be stored in cookies, included in every server request. Local storage is more secure, and large amounts of data can be stored locally, without affecting website performance.
Unlike cookies, the storage limit is far larger (at least 5MB) and
information is never transferred to the server.
Local storage is per origin (per domain and protocol). All pages, from
one origin, can store and access the same data.
Option 2:
You could go with using a client side cookie, which you would set and remove with JavaScript:
Cookies are data, stored in small text files, on your computer.
When a web server has sent a web page to a browser, the connection is
shut down, and the server forgets everything about the user.
Cookies were invented to solve the problem "how to remember
information about the user":
When a user visits a web page, his name can be stored in a cookie.
Next time the user visits the page, the cookie "remembers" his name.
Cookies are saved in name-value pairs like:
username=John
I've actually done an example of this few days ago.
COOKIE EXAMPLE
Option 3:
You could have a session, which is a good way of checking if you are having users logging into your website/application:
PHP Sessions
A session is a way to store information (in variables) to be used across multiple pages.
Unlike a cookie, the information is not stored on the users computer.
When you work with an application, you open it, do some changes, and
then you close it. This is much like a Session. The computer knows who
you are. It knows when you start the application and when you end. But
on the internet there is one problem: the web server does not know who
you are or what you do, because the HTTP address doesn't maintain
state.
Session variables solve this problem by storing user information to be
used across multiple pages (e.g. username, favorite color, etc). By
default, session variables last until the user closes the browser.
So; Session variables hold information about one single user, and are
available to all pages in one application.
Option 4:
You could use server side cookies (this way it's not stored on users machine), this is a good way of identifying a user (visitor):
PHP Cookies
A cookie is often used to identify a user.
A cookie is often used to identify a user. A cookie is a small file
that the server embeds on the user's computer. Each time the same
computer requests a page with a browser, it will send the cookie too.
With PHP, you can both create and retrieve cookie values.
I have a web application which sends a download link to subscribers. Subscribers are able to click the link from their inbox and get access to download a pdf document. It is fine but what I want is to allow the access to pdf document only when link is clicked from his inbox only. I mean if subscriber forwards this email to some one else or tries to paste the link in browser manually it should not work.
What you want is impossible.
Consider this situation: You email someone#example.com. They can view the email via:
a) Desktop mail client
b) Smartphone/tablet mail client
c) Webmail
All three will appear "different" to your server, depending on exactly which client they clicked on your link in. And if the user forwards the email to someone else, say otherperson#example.com, the EXACT same link will be in that person's mail file as well, and they can view it via the exact same options.
You MIGHT be able to extract a username or some other personally identifiable datum from the refer IF they used webmail and the webmail system is stupid enough to have webmail.example.com/readmail?userid=someone
But otherwise, no, you cannot assume anything about the incoming click, only that SOMEONE clicked on the link in SOME email.
There is no way to tell if a link was opened from an email client or if it was pasted into the address bar. There is no way to track if an email has been forwarded (webbug images in an HTML formatted email are blocked by most email clients).
If you want to limit who can download the file from your servers, then require that users login and then hope that none of them engage is password sharing.
Even that won't stop them redistributing the file directly.
Its not really possible to "protect" a link.
But if your web application require user to login, you can generate a unique link for each of your user, and require him to login before allowing download.
People will be less prone to share their login/password than a simple url.
I know this is an old question and I'm not sure why it was down-voted, but an idea occurred to me. If you put a common pixel tracker in your email with a token that identified the user and the email edition which, when requested, your server would note the time the email was opened and read (and successive reads). Then if the user clicks the link in the email, a token on the link identifies the same user and email edition. When the server receives this request it could compare it to the last time the matching tracking pixel was accessed. If the pixel was accessed within a few minutes before the link was requested, that implies that the email was opened and then the link was clicked.
If the user book marks the link and uses it the next day, there would be no recent tracking pixel history, which implies that the request was not from the inbox.
This would be easy to spoof, so it shouldn't be used for any kind of security concern. You wouldn't know if the email was forwarded to another person. Their email client would hit the tracking pixel as well.
Many email clients would block the pixel tracking for ever-increasing privacy concerns, so it isn't reliable.
If you're just looking for an indication of usage, this might work.
I am working on internal website, which is used only within the company. The requirement for one of its pages is to log-in to our vendor sites (which are all on different domains).
For this I open these vendor sites within an iframe of the internal website.
Say,
Internal site: us.com
Vendor sites: foo.com, bar.com
On us.com/openvendor , there are two options: foo and bar. When a user clicks on foo, the iframe within the page opens foo.com in signed in state.
To achieve this, I replicate the login form of foo.com and post all the required parameters like username, password etc. to foo.com's page. I have all the usernames and passwords of different vendors stored in database.
Why do I do this? Because we don't want the users of this site(mostly our CRM team) to know the passwords (lest they use it to do unwanted and untracked transactions) and the activities done through us.com is recorded and saved.
So essentially, we enable users to login to any vendor site, just by clicking on a link.
This was working perfectly fine until one day, when I had to add a new vendor site which doesn't post an html form for authentication. This site (say whattodo.com) makes an ajax call to a url with login credentials, which returns back an authentication cookie. This cookie is then set by the site to make the user logged in.
Now how can I make my end users login to whattodo.com on a click?
I cannot make the ajax call to whattodo.com
Even if I overcome the above problem by storing the auth cookie value in my database and updating it monthly(ya that's when the cookie expires), I cannot set this cookie under whattodo.com domain in the user's browsers.
Please suggest a possible solution.
And please feel free to edit the title. I'm sure there's a better one to summarize the question.
How do I know how long a user or a single IP address spent on a page of my site?
Can I use any event of JavaScript?
This is what Google Analytics is for. It keeps track of visitors to your website and reports statistics to you like such as length of visit. They even offer an API to help you get this information.
To implement inside your application
When a user loads a page, their "last page load time" is updated in the database.
A cron script runs every minute. It looks for users whose "last page load time" was in the last minute.
Increment the "time spent on site" for each user found.
In this way, I can keep track of users accurately to the minute. Just divide by 60 to get the hours.
Else
Google Analytics. You can check out it's features here.
I will go for a Redis installation that keeps tracks of a specific hash created by a combination of IP address, USERAGENT and login information (if you have it).
Save the stuff in Redis with a timestamp (use hashes or whatever you like) and then add a "farewell" timestamp when the user logs out or leaves the site for an external link or unloads the page.
Use Ajax to send keep-alive information to your backend. Save it as session data in your database.
The session data can save the current page the user is watching and was active last time. Send the keep-alive information using, for example, setInterval every x seconds (depending on resolution needs).
There is no need for cron...