ansaurus

Question

PHP - page counter script. what is wrong?

Answer 1

A:

Write session_start() at the start of code. (For more clarity in the question)

Although default session timeout is 1440 sec in PHP. By default, session closes after browser shutdown. Knowing that the application log contains a bot, most likely it is doing the same thing. (opening and closing the connections)

Vikash 2010-09-07 18:44:07

hehe yeah of course that only a part of my page, just the part where i put info about user.

markzzz 2010-09-07 18:54:14

Answer 2

+5 A:

The bot is discarding session info and ignoring your cookies.

This means that it shows up multiple times in your log. Yes, it does hit your site quickly and without session info, so you don't filter it out.

Your best option is to have some kind of duplicate filter for bots or IPs that hit quickly and repeatedly this way. You might also try adding explicit ignores to the few bot user agents that cause this problem with your script. By the time you have 10 or 15, you'll have dealt with the majority of the problem UAs.

Paul McMillan 2010-09-07 18:46:50

Bot? What bot? Dunno what you are saying :) these example is when i try to add on my website (me, not a bot). It ignore the $_SESSION['log'] variable o_O

markzzz 2010-09-07 18:53:44

@markzzz Yandex **Bot** from the log you supplied.

Col. Shrapnel 2010-09-07 18:57:15

No, they aren't you. YandexBot is a Russian search engine spider.

Paul McMillan 2010-09-07 18:58:34

damn!!!! So these are bots who discard sessions! Sorry now i understand ehhehe :) but why these kind of bots open my website only 1/2 time for example?

markzzz 2010-09-07 19:04:13

That's a hard question. Better ask their makers... But they may only be interested in some of your content.

Paul McMillan 2010-09-07 19:07:40

@markzzz not only bots. Many people do not like then someone is tracking their movements. In my browser cookie support is turned off by default. In your place I would not mess with cookies but counted just IPs - it's much easier and reliable enough.

Col. Shrapnel 2010-09-07 19:20:21

okok ;) tnx for the answer. i need to find out a solution... where can i find the list of these bot? i think if i ignore 10-15 it's ok :) (if some bot add some lines...it doesnt make the real difference ehhe)

markzzz 2010-09-07 19:23:14

@markzzz actually you will be spammed with bot's requests. I wouldn't call it "not a real difference". Your optimism is much higher than your knowledge. I'd suggest to equalize it a bit.

Col. Shrapnel 2010-09-07 19:50:26

uhm yeah...but in fact i can't think to a real solution. I can add a list of knowed bots, but after it? any suggestion would be nice :)

markzzz 2010-09-07 20:59:50

Answer 3

A:

EDIT ok, that's the new version of "counter" with the IP check :

// views.php i do this at the begin of each page
$actualdate=date("Y-m-d H:i:s"); 
$ip=$_SERVER['REMOTE_ADDR']; 
$query=mysql_query("SELECT date, id FROM views WHERE ip='$ip' ORDER BY date DESC",$mydb); 

$idipv=mysql_result($query,0,'id'); 
$actualts=strtotime("-20 minutes"); 
$lastts=strtotime(mysql_result($query,0,'date')); 

if($lastts<=$actualts) { 
    $browser=$_SERVER['HTTP_USER_AGENT']; 
    $browser=mysql_real_escape_string($browser);     
    if(isset($_SESSION['nickname'])) { 
        $user=$_SESSION['nickname']; 
    } else { 
        $user="unknownABCD1234"; 
    }         
    $insert=mysql_query("INSERT INTO views (ip, user, date, browser) VALUES ('$ip', '$user', '$actualdate', '$browser')", $mydb);             
} else { 
    $update=mysql_query("UPDATE views SET date='$actualdate' WHERE id='$idipv'",$mydb); 
} 

// login.php i do this only when a user try to log in
include("../auth/views.php");     

$query=mysql_query("SELECT nickname, password, admin, accessres FROM users WHERE nickname='".$_POST['nickname']."'",$mydb); 

if(mysql_num_rows($query)==0){ 
    mysql_close($mydb); 
    header("location: ../index.php?general=login&messaggio=1"); 
} else { 
    $crypass=md5($_POST['password']); 
    if (mysql_result($query,0,'password')!=$crypass) { 
        mysql_close($mydb); 
        header("location: ../index.php?general=login&messaggio=1"); 
    } else { 
        $nickn=mysql_result($query,0,'nickname'); 
        $_SESSION['nickname']=$nickn; 
        $_SESSION['admin']=mysql_result($query,0,'admin'); 
        $_SESSION['accessres']=mysql_result($query,0,'accessres'); 

        $ip=$_SERVER['REMOTE_ADDR'];         
        $update=mysql_query("UPDATE views SET user='$nickn' WHERE id='$idipv'",$mydb); 

        if(isset($_POST['remember'])) { 
            $cookie=$nickn."%%".$crypass."%%".md5("PAROLAMAGICA"); 
            setcookie("saveduser",$cookie,time()+31536000, "/", false); 
        } 
        mysql_close($mydb); 
        header("location: ../index.php?status=usermain"); 
    } 
}

this should work! the only problem is when a user close his router, his ip is dinamic and that ip will get by another user in 20 minuts (i dubt so...)

let me know

markzzz 2010-09-07 22:13:10

`REPLACE INTO` syntax will make it single query. And usual unique visitor timeout is 24 hours. Though I wouldn't do it online but rather by parsing access log.

Col. Shrapnel 2010-09-07 23:09:13

24 hours? Its long time imo, isn't it? I think IP can change to many users in 24 hours (so they are not 1 visitors :)). P.S. dunno how to use REPLACE INTO stat; can you give an example pls? cheers

markzzz 2010-09-07 23:12:39

ansaurus

tags:

views:

answers:

PHP - page counter script. what is wrong?

related questions