How to insert the page from where it came to my site and the publisher's id?

Question

I need to be able to register the publisher's id in the reference data record.

site.com/url-of-post/?publishers=1435356P

The code to get the original URL from where it came to my website does not work

$refferer = isset($_SERVER['HTTP_REFERER']) ? $_SERVER['HTTP_REFERER'] : '';

My complete code is:

visitors_connections.php

<?php
$ServerName = "localhost";
$Username = "root";
$PassWord = "";
$DataBase = "visitor_publishers";

$con = new mysqli($ServerName, $Username, $PassWord, $DataBase);
if ($con->connect_error) {
  exit("Error de conexión: " . $con->connect_error);
}
if (!$con->set_charset("utf8")) {
  printf("Error cargando el conjunto de caracteres utf8: %s\n", $con->error);
  exit();
}

function getBrowserType($user_agent){
  if (strpos($user_agent, 'Opera') || strpos($user_agent, 'OPR/')) return 'Opera';
  elseif (strpos($user_agent, 'Edge')) return 'Edge';
  elseif (strpos($user_agent, 'Chrome')) return 'Chrome';
  elseif (strpos($user_agent, 'Safari')) return 'Safari';
  elseif (strpos($user_agent, 'Firefox')) return 'Firefox';
  elseif (strpos($user_agent, 'MSIE') || strpos($user_agent, 'Trident/7')) return 'Internet Explorer';
  return 'Other';
}

//https://stackoverflow.com/questions/6717926/function-to-get-user-ip-address
//https://stackoverflow.com/questions/1634782/what-is-the-most-accurate-way-to-retrieve-a-users-correct-ip-address-in-php/2031935#2031935
//https://stackoverflow.com/questions/13646690/how-to-get-real-ip-from-visitor
//http://itman.in/en/how-to-get-client-ip-address-in-php/
function GetIP(){
  foreach (array('HTTP_CLIENT_IP', 'HTTP_X_FORWARDED_FOR', 'HTTP_X_FORWARDED', 'HTTP_X_CLUSTER_CLIENT_IP', 'HTTP_FORWARDED_FOR', 'HTTP_FORWARDED', 'REMOTE_ADDR') as $key){
    if (array_key_exists($key, $_SERVER) === true){
      foreach (array_map('trim', explode(',', $_SERVER[$key])) as $ip){
        if (filter_var($ip, FILTER_VALIDATE_IP, FILTER_FLAG_NO_PRIV_RANGE | FILTER_FLAG_NO_RES_RANGE) !== false){
          return $ip;
        }
      }
    }
  }
}

//https://stackoverflow.com/questions/12369615/serverhttp-referer-missing
$refferer = isset($_SERVER['HTTP_REFERER']) ? $_SERVER['HTTP_REFERER'] : '';

function selfURL() {
$s = empty($_SERVER["HTTPS"]) ? '' : ($_SERVER["HTTPS"] == "on") ? "s" : "";
$protocol = strleft(strtolower($_SERVER["SERVER_PROTOCOL"]), "/").$s;
$port = ($_SERVER["SERVER_PORT"] == "80") ? "" : (":".$_SERVER["SERVER_PORT"]);
return $protocol."://".$_SERVER['SERVER_NAME'].$port.$_SERVER['REQUEST_URI'];
}
function strleft($s1, $s2) { return substr($s1, 0, strpos($s1, $s2)); }
?>

visitor_tracking.php

<?php
require_once('visitors_connections.php');

$visitor_ip = GetIP();
$visitor_browser = getBrowserType($_SERVER['HTTP_USER_AGENT']);
$visitor_date = date("Y-m-d H:i:s");
$visitor_refferer = $refferer;
$visited_page = selfURL();
//$id_publishers = "";    

$stmt = $con->prepare("INSERT INTO visitors_table (visitor_ip, visitor_browser, visitor_date,
 visitor_refferer, visitor_page) VALUES (?, ?, ?, ?, ?)");
$stmt->bind_param("sssss", $visitor_ip,$visitor_browser,$visitor_date,$visitor_refferer,$visited_page);
$stmt->execute();
?>

The records of the table:

Another small validation error, there is no control to register the visits, such as avoiding the registration of the same ip next. That the same ip re-register but after 48 hrs.

`publishers=1435356P` is part of the querystring and thus should be available as a GET parameter. — ADyson, Aug 10 '18 at 14:04
The `$_SERVER['HTTP_REFERER']` is often empty, because it's browser dependent, and many browsers don't set it for privacy reasons. — PeterM, Aug 10 '18 at 14:48
Ok. In the question you said "I need to be able to register the publisher's id"...the publisher's ID is in the GET parameter. If you already know how to get it, then what's the issue? Perhaps I haven't understood your true meaning. — ADyson, Aug 10 '18 at 14:59
By the way, a separate bit of advice: **Never** get your web app to login to the database as root. Root can do whatever it likes, so this can potentially leave your database an open book for hackers. Instead create a separate user account specifically for this application which has only the permissions it actually _needs_ in order to work properly. Don't even do this is a shortcut during development or testing, because you need to test your account permissions as well - otherwise when you go live you might have unexpected errors relating to the user account setup. — ADyson, Aug 10 '18 at 15:01
Ok I see. What you mean by ID was actually the URL of the referring site. Well, as PeterM correctly stated, this is not under your control. Sometimes it will be sent, sometimes not. It's an entirely optional parameter which the client making the HTTP request can choose to send, or not send. Often, things like proxy servers will also modify it, so it may not be the original value. The spec doesn't even say what should be in it. So you can try to record it for sure, but you can never guarantee it will give you a full or even a correct picture of your users. — ADyson, Aug 10 '18 at 15:02
@ADyson and a small problem of validation is that the same IP is registered several times, I need to be able to pass a condition that only registers once every 48 hours. How can I pass this condition? Please, can you help me :( — , Aug 10 '18 at 15:05
Re your validation of IP addresses - you would have to select from the visitors table first to find the most recent entry for that IP address. If the address exists, and the last visit time was less than 48 hours ago, then don't proceed with the insert. — ADyson, Aug 10 '18 at 15:10
@ADyson You have given me all the alternatives and solutions, by comments. You can write an answer to accept it :) — , Aug 10 '18 at 15:16
I thought you wanted to validate by IP address, not by referrer? BTW I assume you know that IP address may not be unique to a single visitor? — ADyson, Aug 10 '18 at 15:17
@ADyson Validate by IP, let's forget that reference topic. I see that it is not useful to use it. — , Aug 10 '18 at 15:20

ADyson · Answer 1 · 2018-08-10T15:59:39.000

0

The problem with HTTP_REFERRER is that sometimes it will be sent, sometimes not. It's an entirely optional parameter which the client making the HTTP request can choose to send, or not send. Often, things like proxy servers will also modify it, so it may not be the original value. The spec doesn't even say what should be in it. So you can try to record it for sure, but you can never guarantee it will give you a full or even a correct picture of your users.

Re your validation of IP addresses - you would have to select from the visitors table first to find the most recent entry for that IP address. If the address exists, and the last visit time was less than 48 hours ago, then don't proceed with the insert. I would be something like SELECT visitor_ip FROM visitors_table ORDER BY visitor_date DESC LIMIT 1 - I can't test it but that should get you the most recent visit by that IP address. If you get no rows, that IP address has never visited before

edited Aug 10 '18 at 15:59

answered Aug 10 '18 at 15:19

ADyson

57,178
14
51
63

What would the query be like to finish? – Aug 10 '18 at 15:21
sorry, to finish what? – ADyson Aug 10 '18 at 15:24
1

hehe like my absurd questions, help me with the query please. – Aug 10 '18 at 15:29
it's not a hard one. Something like `SELECT visitor_ip FROM visitors_table ORDER BY visitor_date DESC LIMIT 1` - I can't test it but that should get you the most recent visit by that IP address. If you get no rows, that IP address has never visited before. – ADyson Aug 10 '18 at 15:30
I understand about that, but how does the condition of 48 hours, and how does it insert the data from in `$stmt = $con->prepare("INSERT INTO visitors_table (visitor_ip, visitor_browser, visitor_date, visitor_refferer, visitor_page) VALUES (?, ?, ?, ?, ?)"); $stmt->bind_param("sssss", $visitor_ip,$visitor_browser,$visitor_date,$visitor_refferer,$visited_page); $stmt->execute();` – Aug 10 '18 at 15:50
"how does it insert the data"...that _is_ the insert. The code I'm suggesting, you'd need to write a statement before that one. To check the date, use PHP to get the current date, then compare the visit date from the query result to that. I can't tell if you can't work out the actual logical steps required, or you simply need to go and google the syntax for simple things like running a select. You can also easily google how to compare dates using PHP. I don't need to spell out every tiny part, it's all made up of well-known steps you can research with no trouble. – ADyson Aug 10 '18 at 15:52
1

@ADyson Hi, You should add in your response what you indicate in the comment. at least that way, they will have an example of how to implement it. + 1 – Aug 10 '18 at 15:57
@ADyson Because I realize that the SO, does not know much, I realize because it has taken each code from here that can be seen from the links commented in your code. – Aug 10 '18 at 15:59

How to insert the page from where it came to my site and the publisher's id?

1 Answers1