Solved

Fraud in php click counter

Posted on 2010-11-26
8
416 Views
Last Modified: 2012-05-10
Hi,

I am creating a click counter using a php script so i can log the amount of clicks to a certain url. I need to know this so I can bill my advertisiers.

However, I am aware that one of the main problems with cost per click campaigns is fraud.

I intend to use the $_SERVER['REMOTE_ADDR'] to get the ip address of the 'clicker' & use this to separate unique clicks.

- Is this an acceptable method?
- How can IP addresses be faked?
- What other methods of fraud prevention can i use?

Thanks
0
Comment
Question by:DrZork101
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 4
8 Comments
 
LVL 6

Expert Comment

by:V4nP3rs13
ID: 34216392
Here's is the code... you will have to combine it with mysql database and use session to secure your counter against frauds. This visitor is visiting one ip and one session for 24hours. You can also use high IP protection buy using substr(); with the if() to make it more secure.

in the database, make a table "counter" with two fields... "ip" and "date".

Then, here's the code for counting:
<?php
$ip = $_SERVER["REMOTE_ADDR"];
$date = date("d-m-Y");

if((mysql_num_rows(mysql_query("SELECT * FROM counter WHERE ip = '$ip' AND date = '$date'")) == 0) && (!isset($_COOKIE["visitor"]))) {
  mysql_query("INSERT INTO counter VALUES('$ip', '$date')");
  setcookie("visitor","online", time()+3600*24);
}

/* THEN YOU CAN DISPLAY THE AMMOUNT OF VISITORS WITH
echo mysql_num_rows(mysql_query("SELECT * FROM visitors"));
AND THAT WILL DISPLAY THE AMMOUNT OF VISITORS ALL THE TIME */

?>

Open in new window

0
 

Author Comment

by:DrZork101
ID: 34216415
Hi,

Thanks for this code.

The added protection of the session cookie is good, however is it possible to write your own cookies?

Also is it possible to spoof your IP?

I just want to know where the security holes live even if it very difficult to plug them.

Thanks

0
 
LVL 6

Accepted Solution

by:
V4nP3rs13 earned 500 total points
ID: 34216434
Here's the better protection... this will count first three (of four) parts of ip.

111.222.333.444 will be counted as 111.222.333 so this is more secure than my previous code:

<?php
list($a, $b, $c, $d) = explode(".", $_SERVER["REMOTE_ADDR"]);
$ip_fraud = $a.".".$b.".".$c;
$date = date("d-m-Y");

if((mysql_num_rows(mysql_query("SELECT * FROM counter WHERE ip = '$ip_fraud' AND date = '$date'")) == 0) && (!isset($_COOKIE["visitor"]))) {
  mysql_query("INSERT INTO counter VALUES('$ip_fraud', '$date')");
  setcookie("visitor","online", time()+3600*24);
}

/* THEN YOU CAN DISPLAY THE AMMOUNT OF VISITORS WITH
echo mysql_num_rows(mysql_query("SELECT * FROM visitors"));
AND THAT WILL DISPLAY THE AMMOUNT OF VISITORS ALL THE TIME */
?>

Open in new window

0
How to Defend Against the WCry Ransomware Attack

On May 12, 2017, an extremely virulent ransomware variant named WCry 2.0 began to infect organizations. Within several hours, over 75,000 victims were reported in 90+ countries. Learn more from our research team about this threat & how to protect your organization!

 

Author Comment

by:DrZork101
ID: 34216524
Thanks that looks good!

In relation to my other questions - can IP addresses be spoofed?

Also is there any chance of sql injection via the cookie? I assume not because of just using the isset

Thanks,

Julian
0
 
LVL 6

Expert Comment

by:V4nP3rs13
ID: 34216539
IP can be faked through proxys ;)

And my code doesn't have any SQL injection holes... cause it uses isset() instead of if();

So the code is secure from SQL injections through cookie.

Hope I helped you!
0
 

Author Comment

by:DrZork101
ID: 34216562
Ok cool, I realise that nothing is trulely secure!

Is there anything I can do to detect proxy ips - charateristics of web request, patterns, blacklists etc?

Thanks
0
 
LVL 6

Expert Comment

by:V4nP3rs13
ID: 34216575
I'm afraid there isn't a way to detect proxies, cause they are made to cheat us. So they are created identically like a user is surfing through original IP. Maybe you should try using getenv();

Look here => http://php.net/manual/en/function.getenv.php

and here's the example of the code => http://forums.digitalpoint.com/showthread.php?t=58964
0
 

Author Comment

by:DrZork101
ID: 34216602
OK great i will give all of this a go, thanks for all the help!
0

Featured Post

Complete VMware vSphere® ESX(i) & Hyper-V Backup

Capture your entire system, including the host, with patented disk imaging integrated with VMware VADP / Microsoft VSS and RCT. RTOs is as low as 15 seconds with Acronis Active Restore™. You can enjoy unlimited P2V/V2V migrations from any source (even from a different hypervisor)

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Most MSPs worth their salt are already offering cybersecurity to their customers. But cybersecurity as a service is wide encompassing and can mean many things.  So where are MSPs falling in this spectrum?
Keystroke loggers have been around for a very long time. While the threat is old, some of the remedies are new!
The viewer will learn how to create a basic form using some HTML5 and PHP for later processing. Set up your basic HTML file. Open your form tag and set the method and action attributes.: (CODE) Set up your first few inputs one for the name and …
With Secure Portal Encryption, the recipient is sent a link to their email address directing them to the email laundry delivery page. From there, the recipient will be required to enter a user name and password to enter the page. Once the recipient …

738 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question