Identifying Unique Visitor Clicks

Posted on 2012-04-03
Last Modified: 2012-04-06
I have a requirement like this. My user can publish articles which are present in my website anywhere in the net. If somebody clicks on that link I will give my user points.

I have to uniquely identify the user machine so that if any body clicks the same post second time I will not give points to my user.

Using IP address we cannot identify, most of them are DHCP. Using cookies also we can't identify. Cookies are browser specific.

Is there any best approach to identify unique visitor machine.

I am using java 1.5
Question by:sasidhar1229
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 3
LVL 40

Expert Comment

ID: 37804723
<<Is there any best approach to identify unique visitor machine.>>
No, unless the user is registered on your website and is logged in.

<<Is there any best approach to identify unique visitor machine.>>
Cookies are good enough in most cases.

Author Comment

ID: 37804756
But user can delete cookies and he can click again for points.

I saw somebody using this javascript. If you understand this, could you explain me?

LVL 40

Expert Comment

ID: 37804763
If you are talking about 'clientsysname'  (line 94), then it is only possible on browsers where java is enabled.

did you checked if it is working on your browsers?
What Is Transaction Monitoring and who needs it?

Synthetic Transaction Monitoring that you need for the day to day, which ensures your business website keeps running optimally, and that there is no downtime to impact your customer experience.


Author Comment

ID: 37804797
Yes it's working I tried it.

clientsysname giving this value 'localhost.localdomain'. This is not unique value. Whoever uses linux will get this value.

I updated the attachment with values generated.

I think it will give you some information.

LVL 40

Expert Comment

ID: 37804825
check the same script from another system, see if it gives a different value.
Also, check if it gives a unique value for each system behind a proxy

I personally don't think it is a trustworthy solution since this value cannot be unique for every machine. Simply because there aren't as many IP addresses as number of machines, and IP addresses are expensive thing
LVL 28

Accepted Solution

dpearson earned 500 total points
ID: 37818378
There's no simple solution to this problem.

There's the common approach - which is to use a cookie, but as you say a user can just delete them.

There's the browser fingerprint approach ( which is to pull as many properties as you can from a browser and recognize those as the "signature".  However if a user knew this they could still beat your system by changing some of those properties (e.g. the mix of fonts on their system) but it's more work for them then just cleaning out cookies.

There's the Flash cookie approach - which is to use a small piece of Flash code to write to local storage (an area separate from cookies that Flash uses to store information).  Again a user can clear this out but it's more work because "remove cookies" doesn't cut it - they need to work a bit harder.

Then you can put them all together and add a series of extra steps and use Evercookie ( which combines a whole series of techniques to try to store a cookie and if you delete all but one of them it'll recreate the rest.  But again it's not foolproof - it's just more work.

So if your site is going to hand out rewards to users based on their actions, you should assume that if your site is successful, somebody will figure out how to hack around any of these solutions and post the required steps for all of your users to make use of.

If you assume that your best solution is to take one of the above approaches and combine it with an IP limit - so a given IP can never earn more than a specific amount of user points.  If somebody is behind DHCP they may get unlucky and get no points (because other users have earned the entire quota) but this will stop you from being hacked.


Author Comment

ID: 37818396
Hi Doug,

Most of the users don't know all these. At least we can eliminate most of them.

And IP limit is also good one. I will try this approach.


Featured Post

Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

After being asked a question last year, I went into one of my moods where I did some research and code just for the fun and learning of it all.  Subsequently, from this journey, I put together this article on "Range Searching Using Visual Basic.NET …
Are you developing a Java application and want to create Excel Spreadsheets? You have come to the right place, this article will describe how you can create Excel Spreadsheets from a Java Application. For the purposes of this article, I will be u…
Viewers will learn about arithmetic and Boolean expressions in Java and the logical operators used to create Boolean expressions. We will cover the symbols used for arithmetic expressions and define each logical operator and how to use them in Boole…
This tutorial will introduce the viewer to VisualVM for the Java platform application. This video explains an example program and covers the Overview, Monitor, and Heap Dump tabs.

717 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question