Solved

Can we count website hits using a coldfusion session variable?

Posted on 2006-11-18
15
907 Views
Last Modified: 2013-12-20
I want to track users by the number of clicks or pages loaded. We currently use a decent custom written CF controlled sql database logfile. But I'd rather not have track the idle user, not logged in, in some simpler way, if possible.

I want to be able to control the amount of hits to the system per user and pass that info back to CF so the user is not allowed access to certain areas.  Can this be done automatically with some kind of session variable? And yes, I know I can do this with a cookie and know how, but I'd rather make it simpler if at all possible.

I know I'm groping here but can cf5 on win2000 keep track of such info? I know I can do this by setting a variable in each page and counting the number of times that variable is loaded, and record it to a cookie but I want to keep this as simple as possible.

So, I'm looking for neat ideas and how best to impliment it.

   - Georgia
0
Comment
Question by:RollinNow
  • 7
  • 5
  • 3
15 Comments
 
LVL 39

Expert Comment

by:gdemaria
ID: 17973514

 Hi Georgia,

 You've mentioned a couple different things here;  counting visits for a user and preventing users access to certain areas.  These would be handled separately.

 First counting hits.  
 > But I'd rather not have track the idle user, not logged in, in some simpler way, if possible

 You want to track a logged in user and what pages he visits?
 
 How about doing an insert into a database table for each page visit:  you would save User's ID, the Page and the date/time.  Then you can run reports based on time, access to pages, and what a user visited.    If you only want to track  logged in users, then wrap the insert with a CFIF to check that the user is logged in.   This cod can be placed in a footer or other shared file.

> Can this be done automatically with some kind of session variable?

 You could count visits using a session variable, but you'd have to try to store it before the user ends their session.  Not sure how you could capture this happening before it did.  The user closes the browser and the session is gone..

 There is no automatic method set up for you outside of logs...


 
0
 

Author Comment

by:RollinNow
ID: 17973709
Sorry, what I meant to say, is that I am not concerned about the customer. I am not concerned about the person who is logged in. We're only concerned about the idle user who is browsing. The website is open so users can browse anywhere but cannot download. I want only to limit those who do not have an account. So, I can't easily use a database.

And as I said, we do track the idel user by ip and user agent and save that info into a database. I know I can do this by using that info, but again, I prefer something much simpler.

> You could count visits using a session variable, but you'd have to try to store it before the user ends their session.

I don't care about them once they leave, once they end their session. I only want to count the number of pages or clicks and stop them when they reach xx amount.

I hope that makes my needs a bit clearer.

 - Georgia


0
 
LVL 39

Expert Comment

by:gdemaria
ID: 17976846

 I see, then I am going to do a 180 on my answer.

 How about in application.cfm you place something like this..
 If will count the page views and redirect to a new page if it exceeds 10.
 You just need to add some logic to test if they are logged in (then don't do this...)

<cfif NOT  loggedIn>
  <cfif IsDefined('cookie.pageCount')>
    <cfcookie name="pageCount" value="#cookie.pageCount + 1#">
  <cfelse>
    <cfcookie name="pageCount" value="1">
  </cfif>
  <cfif cookie.pageCount gt 10>
    <cflocation url="NoMoreBrowsing.cfm">
  </cfif>
</cfif>

0
 

Author Comment

by:RollinNow
ID: 17981082
Gdemaria,

Thanks but actually, I know how to handle the user once they have exceeded clicks or pages, etc. That's not where I need help. And as I said, I know how to count by saving the info to a cookie but prefer not to do so.

I'm wanting to know if there is a way to count without using a cookie. Does CF use some other method to count a session variable from page to page, wtihout using a database, cookie, etc, but using an internal count based on a set variable.  That is my only question. And may sound a bit strange but it's only because I have not studied CF and don't really understand how a session variable works and what can or cannot be done for an individual user.

 - Georgia


0
 
LVL 39

Expert Comment

by:gdemaria
ID: 17981292

  There isn't any built in mechansim to count pages; just the logs that Coldfusion keeps and the certainly wouldn't be easier to use.  

  If you were to use the session variable approach, it would work the same as the example I provided except the "cookie" would be replaced for "session"    In other words, you would still have to do the count manually.   The session variable is just like any other variable, except it keeps its value between pages which is similar to a cookie..

 Session variables are great for logins.  You can set the session variable when the person logs in, say something like this..

 <cfset session.userID = checLogin.userID>   (where checkLogin is the query that validates the person).

 Then on each page, if session.userID exists, you know who the person is and that they logged in.   If the session expires (gets timed-out), the session variables will all disapear.  In that case when you check session.userID it will not be defined and you can send them to a login.   That's sort-of the classic use of a session variable.  

 Your idea of using a session variable to see how long the user has been surfing around would work as well.  But again, there is no special bult in mechanism to do it.  You would just update a session variable and its value would stay around as long as the user stays around, or when the session expires.   The amount of time before a session expires is set in CFAPPLICATION usually in application.cfm

 Hope that helps :)


 

 
0
 

Author Comment

by:RollinNow
ID: 17982624

Not sure if this will help understand my setup but here's my main application.cfm file header:

<CFSETTING ENABLECFOUTPUTONLY="Yes">
<cfapplication name="Website"
  clientManagement="Yes"
  clientStorage="CUSTOMER_SERVICE"
  setClientCookies="Yes"
  setDomainCookies="Yes">


I'm not the original programmer or database designer so I'm alone trying to figure this out, and with no formal training, and this is not my primary area of expertice, to say the least.

But I did find two tables of interest because one of them stores some kind of data which may be related to a session variable. However, I cannot find any code or queries which reference the database anywhere except for this:

<!--- Primary check to make sure the tables are not growing out of control --->
<cfquery name="CheckClientVars" datasource="CUSTOMER_SERVICE">
   SELECT COUNT(CFID) AS HITS
   FROM CDATA
</cfquery>
<cfif CheckClientVars.HITS ge 30000>
   <cfquery datasource="CUSTOMER_SERVICE">
      TRUNCATE TABLE CDATA
      TRUNCATE TABLE CGLOBAL
   </cfquery>

I have no idea if this will be any help in deciding what those tables are used for or if they have anything to do with non-customers and their records as they move around the system, but here's a bit more info on those tables, a copy from the database:
 
CDATA TABLE:
ID (int)    CFID (char)        APP (char)           DATA (text)
1            32979206:17327928  WEBSITE      #UUID=05A35BC9-3321-4BA2-B1AB652C945A214E#  
 
 
CGLOBAL TABLE  
CFID (char)               DATA (text)                                                                                            LASTVISIT
32979206:17327928  HITCOUNT=1#LASTVISIT={ts '2006-11-20 03:12:30'}#TIMECREATED={ts '2006-11-20 03:12:30'}#      11/20/2006 3:12:30 AM

And here's a bit of code where some kind of security cookie is set, I assume, for everyone:

<!--- If the user has lost his security cookie then set it --->
<cfif not IsDefined("Cookie.SECURITY_COOKIE")>
   <cfcookie name="SECURITY_COOKIE" value="#UserInfo.SECURITY_COOKIE#" expires="never" domain=".#WebsiteInfo.DOMAIN#">
   <cfset Client.SECURITY_COOKIE = UserInfo.SECURITY_COOKIE>
</cfif>

And this code:

<!---
Synchronize the UUID client variable with the user's UUID cookie.  If the user
doesn't a UUID then generate one.  We will use this cookie to track users as
they move around on the system.
--->
<cfif IsDefined("Cookie.UUID")>
   <cfset Client.UUID = Cookie.UUID>
<cfelse>
   <cfset CREATE_UUID = CreateUUID()>
   <cfcookie name="UUID" value="#CREATE_UUID#" expires="never" domain=".#WebsiteInfo.DOMAIN#">
   <cfset Client.UUID = CREATE_UUID>
</cfif>


<!---
Synchronize the SECURITY_COOKIE client variable with the
user's security cookie if they have one.
--->
<cfif IsDefined("Cookie.SECURITY_COOKIE")>
   <cfset Client.SECURITY_COOKIE = Cookie.SECURITY_COOKIE>
<cfelseif IsDefined("Client.SECURITY_COOKIE")>
   <cfset temp = DeleteClientVariable("SECURITY_COOKIE")>  
</cfif>

I hope something here will be helpful and that I've made myself a bit clearer or you can point me in the right direction.

As usual, thank you for the help,

 - Georgia



0
 
LVL 25

Expert Comment

by:dgrafx
ID: 17994700
Just thought I'd post - just killing time ...
the code below would go in your Application file or a file included into it.
<cfif Not structkeyexists(Cookie,"loggedIn")>
<cfcookie name="loggedIn" value="false">
<cfcookie name="counter" value="0">
</cfif>
Then be sure and set cookie.loggedIn to true when (and if) user does log in.<br>

<cfif Not Cookie.loggedIn>
<cfset cookie.counter=cookie.counter+1>
</cfif>
You said you have the rest figured out (if Not cookie.loggedIn and cookie.counter gt X) so I'll stop here.
Keep in mind that cookies don't work with cflocation (cookie won't be set if there is a cflocation on the same page or on a page that is included).
0
Highfive Gives IT Their Time Back

Highfive is so simple that setting up every meeting room takes just minutes and every employee will be able to start or join a call from any room with ease. Never be called into a meeting just to get it started again. This is how video conferencing should work!

 
LVL 39

Expert Comment

by:gdemaria
ID: 17996526

 Hi Georgia,

 The CDDATA table looks like it holds a unique session ID for a web site visitor.  Coldfusion keeps track of a session using CFID and CFTOKEN values which it stores in cookies.  It's considered back practice to pass these values around in the query string (for example, if you were to do a CFLOCATION addToke="Yes" the CFID and CFTOKEN would be added to the query string) .  That's not done any more because when people share their URL, they can get into each others sessions.  So, the CFID and CFTOKEN are now hidden.  One method to do this is to create a random and Unique identifier for each site visitor; which is what the UUID looks like below.  That UUID uniquely identifies a user's session.  It is used in this case to fetch the CFID from the CDDATA table.  So more information about a user is stored in this database table, and only a unique ID is placed into the cookie that would refer to that record and allow access to the rest of the information (such as the CFID).

CDATA TABLE:
ID (int)    CFID (char)        APP (char)           DATA (text)
1            32979206:17327928  WEBSITE      #UUID=05A35BC9-3321-4BA2-B1AB652C945A214E#  


The CFGLOBAL table uses the CFID and keeps track of the user's last visit time and, it says, number of hits.  

CGLOBAL TABLE  
CFID (char)               DATA (text)                                                                                            LASTVISIT
32979206:17327928  HITCOUNT=1#LASTVISIT={ts '2006-11-20 03:12:30'}#TIMECREATED={ts '2006-11-20 03:12:30'}#     11/20/2006 3:12:30 AM


I don't see in your code snippets where it updates any of these values or how often or from what location in the code.



Its unclear to me why the developer is using cookies, database tables and client variables all together.  There seems to be more here than needed, but of course, I don't know everything the app is doing or why.  Typically all that is need is as said in the examples by myself and others above, a cookie or session variable to track the user's login and something to count hits (again a session variable or cookie is the easiest way to do this).


0
 

Author Comment

by:RollinNow
ID: 17999763
From reading many posts, I get the idea that a good number of experts naturally seem to looking for simple questions they can answer with the least amount of time spent. I’m not talking about either of you. Both of you have been incredibly helpful and I owe my sanity to you both and to EE. That's not a gripe, just an observation.

But writing simple, clear questions is not always practical with a novice like myself, don’t you think? If ours was a simple website, I could see posting more examples. But this is not the case. It’s very complex. Not sophisticated, but complex like military written code which has evolved and adapted, ending in a mess of needless complexity. Even I can see this. Some day, when I get the time, and the knowledge, I'll ask more questions, or take a couple months and really try to learn more about what I’m doing. Until then, it’s back to asking these kinds of questions on EE.

My question really is simple. The only problem is that I don't know enough to ask the question correctly. Perhaps that's it. But then, that's why I'm here, chicken or the egg ...

dgrafx,

Our system already identifies a logged in person vs. not logged in. I don't need any help there, at least not today.

gdemaria,


> Its unclear to me why the developer is using cookies, database tables and client variables all together.

Much of it is for the tracking system. We already have a working CF website hit tracking system which saves to our database. I understand how it works pretty well and can adapt it to do what I want. And it looks like I'll have to. But I have to close this question and I hate doing so  without an explanation so that nothing is really left hanging. My husband says I'm conscientious to the point of being annoying.

Anyway, the tracking system tracks everyone, including customers, non-customers and search engine bots. I don't see that it specifically tracks the number of total hits though and that's why I was asking about cglobal and cdata, to see if the snippet’s I gave suggested anything. I am not asking anyone to give me advise on something already written except for the cdata and cgloal lines.

I can only guess from your response that you did look at the cglobal and cdata code but that nothing made sense to you from what I gave you. They’re from several modules and there’s NO other cf code relating to them (cdata and cglobal).

The security cookie info I posted for the same reason, in the hopes it turned on some light in regards to answering my basic question about session variables and how to count. But I fully understand how difficult it is to understand something this way and without more input.

But that would be totally impractical.  There are thousands of modules and over a million lines of cf code and that code is complicated because most of the modules are cfincluded. Attempting to show you one or two modules would just confuse the question more. And anyway, for this question, it seems to me, it's not really needed.

Also, some of that code relates to the online tracking system. I could use that system to track the user but as I said, I'd rather not, IF there was another way, NOT using cookies. I understand the basics on how to use cookies do I don’t need any  help there. And I understand how to save data to the database and pull it out again.

But I was not sure if it was possible to use a session variable from page to page, and have CF keep a running track without saving it to a database or cookie. I believe I understand that CF doesn't automatically keep track of every hit with a session variable, that I have to design and write something first.  I understand.

If there is none then just state so even if it seems redundant, and I'll close the question with my gratitude. The answer may seem obvious to you, but I wanted to first check here on EE so that I would not waste time when something simpler was available.

As it is, in general, the more detailed my question, the fewer answers I receive. You should see how many questions I've deleted because of no response. If I don't take time to write more detail it can be confusing.  And this keeps me from asking detailed questions because it takes too long, for both of us.

 - Georgia
0
 
LVL 25

Expert Comment

by:dgrafx
ID: 18000338
>>Our system already identifies a logged in person vs. not logged in. I don't need any help there, at least not today.

the code I posted is exclusively to count pages as you requested - not to show you how to determine if logged in.
I'm afraid you misunderstood.

this is about as simple as it gets - I hope you can see this.
I don't understand why you're looking further ???
I do not mean any offense by saying this but are you looking further because you believe you need a "more complex" solution or because you are a novice (your own words)

if you want to use sessions instead - then do it!
just change the word cookie to session in the code I posted. (lock sessions though)
be advised though that when session times out - the count will start over.
thats why I suggested cookies instead of sessions.

I understand what you're saying about the overly complex (possibly very inefficient) code you have.
But it seems that you are assuming something this complex MUST have something already that can be used.

Maybe it does - maybe it doesn't - I doubt that it does.
At this point - with something so convoluted and bloated - what does one more small functionality matter?

0
 

Author Comment

by:RollinNow
ID: 18000379
gdemaria,

Yes, the UUID. Do you think this might be handy to use to count hits as a user moves around the site or should I just forget that as a possibility, and look more to what dgrafx is suggesting?

I'll get back to you dgrafx soon as I plot my next move. But to answer your question: it's because I am a novice, an anateur. That's always the problem on my end.

And now I have to cook Thanksgiving Dinner and code. I hope I don't get that mixed up!

  - Georgia


0
 

Author Comment

by:RollinNow
ID: 18000462
dgrafx,

I used your session suggestion, made the change of cookie to session:

<cfif Not structkeyexists(Session,"loggedIn")>
<cfcookie name="loggedIn" value="false">
<cfcookie name="counter" value="0">
</cfif>

Got this error: "Request canceled or ignored by serverServer busy or unable to fulfill request ..."

Maybe that's because I did not lock sessions, whatever that is. I did a bit of research on how to lock sessions and came to the quick conclusion that it may be too dangerous in the hands of a novice. These are potential customers I'm screwing with and I have no idea how long to set the timeout or what negative repercussions it might cause and I believe asking you all to train me on it  is beyond the scope of EE.

I'm sure most novices could handle this but it looks like I could get into trouble here. But I do appreciate the idea. It just scares me a bit. All those sessions, locking them, and what  happens if the lock time is too long? As it is, the system is incredibly taxed with a a quarter million hits a day and increasing. Mind you, some of those are bots. The only way I'd purse this is if you twisted my arm and told me there was really no danger at all, even for a novice and that all will be fine and it won't take long. But I'd still be apprehensive.

I also did not want to use cookies because so many users will get a warning on every page and that's a big turn-off. I don't want to piss them off by getting an annoying message that we are trying to set a cookie. I know there are two different kinds of cookies, those which expire and those which do not but I assume in this case, the user will get a warning on both if their software is set to not accept cookies, and a warning should be shown.

So, I may have to th ink something else or modify the system we have, or just forget it. I'll wait for a final response before closing this one. As always thanks so much.

  - Georgia


0
 
LVL 25

Expert Comment

by:dgrafx
ID: 18000511
you need to stick with either session or cookies

so if session then
<cfif Not structkeyexists(Session,"loggedIn")>
<cflock scope="SESSION" type="EXCLUSIVE" timeout="15">
<cfset session.loggedIn=false>
<cfset session.counter=0>
</cflock>
</cfif>

<cfif Not session.loggedIn>
<cflock scope="SESSION" type="EXCLUSIVE" timeout="15">
<cfset session.counter=session.counter+1>
</cflock>
</cfif>

>> I did a bit of research on how to lock sessions and came to the quick conclusion that it may be too dangerous in the hands of a novice
completely untrue - just forget about anything negative that will happen from locking - it's a happy thing.

>><cfapplication name="Website"
  clientManagement="Yes"
  clientStorage="CUSTOMER_SERVICE"
  setClientCookies="Yes"
  setDomainCookies="Yes"
SESSIONManagement="yes"
SESSIONTIMEOUT="0.03125"> this is 45 minutes
added sessionmanagement and timeout to your cfapplication tag

>>cookie warnings
??? you wouldn't get any warnings from cookies used as I posted
0
 
LVL 39

Accepted Solution

by:
gdemaria earned 500 total points
ID: 18000756

> Yes, the UUID. Do you think this might be handy to use to count hits as a user moves around the site or should I just forget that as a possibility, and look more to what dgrafx is suggesting?

I didn't see anyplace in the code you supplied where the values are actually set.  You did say that was all the code involving those tables, so I am not sure how you would use that code to track the hits as there is no visible place to update it.   The rule of thumb I like to use when dealing with large complex systems is that its better to add a little code that stands distinctly separate, than it is to modify existing code; unless I fully understand it.   In your case, I suggest adding a little code snippet (like at the bottom of this post) to track your page visits rather than attempting to alter or add to that existing code; mostly because I don't see how it is working in full - so why risk breaking it?

> But I was not sure if it was possible to use a session variable from page to page, and have CF keep a running track without saving it to a database or cookie. I believe I understand that CF doesn't automatically keep track of every hit with a session variable, that I have to design and write something first.  I understand.

That is correct.   The session variable will exist page to page and is a perfect way to track this type of thing (see code at bottom).   Coldfusion doesn't provide any way to automatically count page visits (beyond the logs).    Regarding cookies: I don't believe you would get that annoying warning you speak of.  I think very few people are blocking or warning for cookies these days as too many sites require them for shopping, etc.   In any case, you don't have to use them, just use the session variable.

> If there is none then just state so even if it seems redundant, and I'll close the question with my gratitude. The answer may seem obvious to you, but I wanted to first check here on EE so that I would not waste time when something simpler was available.

This is the simplest solution I think there is..  

First ...
 Ensure that your <cfapplication> tag in application.cfm has the session management parameters...
<cfapplication name="MyApp" sessionManagement="yes" sessionTimeOut="#createTimespan(0,0,1,0)#">
                                                                 ^^^^^^         ^^^^^^^^                       ^^^^^^ 1 hour

Then..
 Add this into your application.cfm, it will fire on every page automatically (because application.cfm is called with every page view)

<cflock scope="SESSION" type="EXCLUSIVE" timeout="15">
  <cfif IsDefined(session.pageCount')>
     <cfset session.pageCount = session.pageCount + 1>
  <cfelse>
     <cfset session.pageCount = 1>
  </cfif>
</cflock>


 The only thing you have to add is what you want to do if  session.pageCount gets too high...

 <cfif session.pageCount gt 100>
    <cflocation url="stopBrowsing.cfm" addToken="no">
 </cfif>


0
 

Author Comment

by:RollinNow
ID: 18013269
Thanks for the code, both of you. I'll get to this and see if I can give it a try but it'll have to be next week as I'm taking a few days off.

Hope everyone had a plesant ThanksGiving.

- Georgia
0

Featured Post

Maximize Your Threat Intelligence Reporting

Reporting is one of the most important and least talked about aspects of a world-class threat intelligence program. Here’s how to do it right.

Join & Write a Comment

Suggested Solutions

Title # Comments Views Activity
Blue Coat API portal URL 2 122
I starting with php 12 95
Add server behaviors to Dreamweaver CC 2015 2 93
DNS, website, godaddy 6 44
If you don't have the right permissions set for your WordPress location in IIS, you won't be able to perform automatic updates. Here's how to fix the problem.
Meet the world's only “Transparent Cloud™” from Superb Internet Corporation. Now, you can experience firsthand a cloud platform that consistently outperforms Amazon Web Services (AWS), IBM’s Softlayer, and Microsoft’s Azure when it comes to CPU and …
The purpose of this video is to demonstrate how to exclude a particular blog category from the main blog page. This is can be used when a category already has its own tab, or you simply want certain types of posts not to show up on the main blog. …
The purpose of this video is to demonstrate how to add AdSense Ads to a WordPress Website, and how to set up WordPress to automatically place Ads in Sidebars. This will be demonstrated using a Windows 8 PC. Log into your AdSense account. : Cli…

743 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

13 Experts available now in Live!

Get 1:1 Help Now