Solved

Identifying Unique Visitor Clicks

Posted on 2012-04-03
7
257 Views
Last Modified: 2012-04-06
I have a requirement like this. My user can publish articles which are present in my website anywhere in the net. If somebody clicks on that link I will give my user points.

I have to uniquely identify the user machine so that if any body clicks the same post second time I will not give points to my user.

Using IP address we cannot identify, most of them are DHCP. Using cookies also we can't identify. Cookies are browser specific.

Is there any best approach to identify unique visitor machine.

I am using java 1.5
0
Comment
Question by:sasidhar1229
  • 3
  • 3
7 Comments
 
LVL 40

Expert Comment

by:gurvinder372
Comment Utility
<<Is there any best approach to identify unique visitor machine.>>
No, unless the user is registered on your website and is logged in.

<<Is there any best approach to identify unique visitor machine.>>
Cookies are good enough in most cases.
0
 

Author Comment

by:sasidhar1229
Comment Utility
But user can delete cookies and he can click again for points.

I saw somebody using this javascript. If you understand this, could you explain me?

PFA.
uniqueVisitor.txt
0
 
LVL 40

Expert Comment

by:gurvinder372
Comment Utility
If you are talking about 'clientsysname'  (line 94), then it is only possible on browsers where java is enabled.

did you checked if it is working on your browsers?
0
Highfive + Dolby Voice = No More Audio Complaints!

Poor audio quality is one of the top reasons people don’t use video conferencing. Get the crispest, clearest audio powered by Dolby Voice in every meeting. Highfive and Dolby Voice deliver the best video conferencing and audio experience for every meeting and every room.

 

Author Comment

by:sasidhar1229
Comment Utility
Yes it's working I tried it.

clientsysname giving this value 'localhost.localdomain'. This is not unique value. Whoever uses linux will get this value.

I updated the attachment with values generated.

I think it will give you some information.

PFA.
uniqueVisitor.txt
0
 
LVL 40

Expert Comment

by:gurvinder372
Comment Utility
check the same script from another system, see if it gives a different value.
Also, check if it gives a unique value for each system behind a proxy

I personally don't think it is a trustworthy solution since this value cannot be unique for every machine. Simply because there aren't as many IP addresses as number of machines, and IP addresses are expensive thing
0
 
LVL 26

Accepted Solution

by:
dpearson earned 500 total points
Comment Utility
There's no simple solution to this problem.

There's the common approach - which is to use a cookie, but as you say a user can just delete them.

There's the browser fingerprint approach (https://panopticlick.eff.org/) which is to pull as many properties as you can from a browser and recognize those as the "signature".  However if a user knew this they could still beat your system by changing some of those properties (e.g. the mix of fonts on their system) but it's more work for them then just cleaning out cookies.

There's the Flash cookie approach - which is to use a small piece of Flash code to write to local storage (an area separate from cookies that Flash uses to store information).  Again a user can clear this out but it's more work because "remove cookies" doesn't cut it - they need to work a bit harder.

Then you can put them all together and add a series of extra steps and use Evercookie (http://samy.pl/evercookie/) which combines a whole series of techniques to try to store a cookie and if you delete all but one of them it'll recreate the rest.  But again it's not foolproof - it's just more work.

So if your site is going to hand out rewards to users based on their actions, you should assume that if your site is successful, somebody will figure out how to hack around any of these solutions and post the required steps for all of your users to make use of.

If you assume that your best solution is to take one of the above approaches and combine it with an IP limit - so a given IP can never earn more than a specific amount of user points.  If somebody is behind DHCP they may get unlucky and get no points (because other users have earned the entire quota) but this will stop you from being hacked.

Doug
0
 

Author Comment

by:sasidhar1229
Comment Utility
Hi Doug,

Most of the users don't know all these. At least we can eliminate most of them.

And IP limit is also good one. I will try this approach.

Regards,
Sasidhar.
0

Featured Post

Maximize Your Threat Intelligence Reporting

Reporting is one of the most important and least talked about aspects of a world-class threat intelligence program. Here’s how to do it right.

Join & Write a Comment

Introduction Java can be integrated with native programs using an interface called JNI(Java Native Interface). Native programs are programs which can directly run on the processor. JNI is simply a naming and calling convention so that the JVM (Java…
Introduction This article is the second of three articles that explain why and how the Experts Exchange QA Team does test automation for our web site. This article covers the basic installation and configuration of the test automation tools used by…
This tutorial will introduce the viewer to VisualVM for the Java platform application. This video explains an example program and covers the Overview, Monitor, and Heap Dump tabs.
This tutorial explains how to use the VisualVM tool for the Java platform application. This video goes into detail on the Threads, Sampler, and Profiler tabs.

762 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

6 Experts available now in Live!

Get 1:1 Help Now