views:

140

answers:

3

Is it possible for php(or javascript in the worst case) to create a unique id for a user that is not cookie or ip dependant. I have seen on myminicity.com that on each city the count only goes up once a day(it has a unique id for everyone i think) and even if I delete my cookies and refresh ip it still seems to detect me as visited already and I want to make this system for me. I have seen lots of people saying its not possible and if it really isn't, whats the best alternative?

EDIT

Now i got the idea that I could use a mix of multiple cookies(with multiple methods of identification), multiple localstorage values(same as the cookies), mysql database ip tracking and flash cookies and if any one of them is found, the user has visited before today.

+1  A: 

You could generate a GUID per computer, assuming that you can figure out some way to store it such that the user can't delete it (good luck).

Most sites that do things like this store the IP address in a database on the server and identify "users" that way. Using javascript you can combine IP address and MAC address to allow for multiple people behind a NAT gateway.

Donnie
And how do i get mac address?
Neb
Donnie
@DonnieI think only ie can do that and the website im working on doesn't support ie(its html5)
Neb
+1  A: 

myminicity.com uses your IP range to detect which region you are coming in from... It is called IP base geolocation. There are free and paid services for this. Google "IP based geolocation" ... You can learn more about it at http://en.wikipedia.org/wiki/Geolocation_software

Elf King
I know scripts can turn for example 123.456.789.012 to London but thousands of people are in London. And I havn't seen any more specific ip to geolocation than city name. I know google maps has good detection but I have seen very unclear results and multiple people could be in the same area.
Neb
+4  A: 

There are several information a user agent sends to the server. See for example Panopticlick to see how unique your browser is. Another option would be to use Flash cookies that are harder to reject and delete.

Gumbo
+1 You have anticipated me with Panopticlick.
mbq
Panopticlick gives me ideas but it would be too complicated... Flash cookies are definately harder to delete but are still crackable in the end.
Neb
@Neb: There is no solution that cannot be cracked in some way. Even the MAC address can be tampered. And Panopticlick should only show you what information a user agent is sending without having the user knowing about. And since it cannot identify a user for sure, a hidden flash cookie is probably the best solution in this case.
Gumbo
@GumboRead my edit, I will have to do it that way :-\
Neb