I am trying the following. I have a facebook ad that has redirect link. This link leads to lets say xyz.com. I have have access to xyz.com.
I like to find out from where the user came from to xyz.com.
Basically, I am trying to avoid to let people copy the link from the facebook ad and put on their personal sites. Is that even possible to detect whether through Javascript or PHP if possible.
In PHP, there is the global variable $_SERVER['HTTP_REFERER'] available, but it contains a value provided by the client (the browser when interacting with humans) and cannot be relied on to be consistently set. If there is a redirect in between, possibly you see only the server where the redirect is coming from. JavaScript has the history object, but does not allow you to see its contents for privacy reasons.
If you do not need 100% reliability, I would propose to log the data in $_SERVER['HTTP_REFERER'] for a few days and then have an eye on the records, thus allowing you to spot how the traffic origin is distributed.
Depending on your server's settings, the referer may also be contained in the access log. For Apache, see the documentation here.
Related
I'm customizing the content of my site based on Google and Bing PPC campaigns. If a user clicks a PPC ad, they see certain content. If they come to the site via organic seach, they see different content. If they come direct, they see a third content.
It's working but not consistently; results are not behaving as expected, and often PPC ads will show the organic content.
I know HTTP_REFERER can't be trusted, so maybe this is causing the problem.
In any case, is there a better way to do this? Can I use Google Analytics and/or something in https://code.google.com/p/gapi-google-analytics-php-interface/ to reliably get the referring URL?
Thanks for any advice.
Showing different content based on whether the user clicked to your site from a search engine or typed the URL in directly is not possible without using $_SERVER, and even using $_SERVER is unreliable since it can easily be forged. However as far as I know, providing different content to search engines (also known as cloaking) is a quick way to get your site banned and/or penalized anyway. So I would avoid this at all costs.
For the CPC ad campaign, this is easy. Just set a different URL, eg http://www.yoursite.com/?cpc=adwords, then if $_GET['cpc'] is set, set a session variable and redirect them to the same page but without the $_GET parameter. Of course, session cookies could also be deleted/disabled, so even this is not 100% reliable.
I have an application which records users visits. None of these visits are directly accessed, 100% of these visits are referred from another site.
I am passing $_SERVER['HTTP_REFERER'] through to the database. Approximately 35% of the logged entrees pass a referer, the rest are blank.
Is there a reason for this?
There are a couple of number of reasons why HTTP_REFERER might be blank.
You have to understand it's an environment variable given by the browser. Meaning users can remove it or even change it, if they so intend to.
Users accessing the link from a bookmark, history or by typing the link manually do not have a referer.
IE has also been known to remove the referer in situations revolving around javascript. Such as window.open, window.location and even setting target="_blank" in anchors or meta refresh.
Clicking an embedded link in a chat application, PDF/Word/Excel document, will also not set a referer.
Using AJAX, file_get_contents, fopen and other similar functions in other languages will probably not set a referer request.
cURL, fsockopen, applications that have browser-like components might not set a referer.
There are probably more situations when this could happen, I'll update if I can think of anything that seems reasonable.
If a user visits your site directly, there is no referrer. It's also possible they have set it up so their browser never sends the referrer.
According to this answer, browsers do not necessarily send a referrer when doing a meta refresh.
Browsers sometimes will include the referer in the request. But it is not mandatory to do so (the referer is 100% voluntary). Indeed there are various privacy and security issues surrounding the referer (for example, if an HTTPS site refers you to an HTTP site, the browser should not include the referring site as the referer). So don't rely on it.
When linking from one document to another in Internet Explorer 4.0 and later, the Referer header will not be sent when the link is from an HTTPS page to a non-HTTPS page. The Referer header also will not be sent when the link is from a non-HTTP(S) protocol, such as file://, to another page. for more info go to this link
Direct access to your page (typing URL in address bar or from bookmarks, history, etc)
Browser settings (disabled referrer or empty)
if someone requests page content with file_get_contents() function...
It is common when you are stuck finding why it is missing:
- Sometime your referer is https and you are on http, it will be lost.
Otherwise:
- User accessing by inputing url directly.
- A user has bookmarked and come from bookmarks.
- Sometime user keep the url default for browser (similar like bookmark)
- Proxy surfying may remove referer.
- accessing website as bots (search engine)
It also depends on the Transport layer, I encountered an issue where my Consumer Application A was running on the HTTP layer while the Application from where I was sending the request was running on the HTTPS layer.
Is it possible to get remote username when I get a referral link without involving any server side code from the referral link?
Do you mean like if I clicked a link to your site on Stack Overflow, you would want to be able to see that my username is "Agent Conundrum"? No, you can't do that without the help of the referring site. The only information you should be able to get is the (permanently misspelled) HTTP_REFERER in the $_SERVER superglobal array, which tells you the page the user came from. Even then, there are ways to block or change this so you shouldn't count on it being set (especially since it wouldn't be set if the user navigated directly to your page via the address bar).
Frankly, I wouldn't want to use a site that leaked personal information (and for some sites, even the username qualifies as personal information), and I wouldn't want to use a site that tries to harvest such leaked information without my knowledge.
Generally, any site where you have a legitimate reason to broadcast this information would have some sort of API built in, like FacebookConnect. Even then, it should be strictly opt-in for the user.
As a general thing: no. The HTTP protocol does not involve the transmission of a remote user name.
Hey, it could help to answer if you would be a little more specific on which kind of service are you trying to fetch the data from.
Large/Public services tend to have somekind of an accessible API that you can fork on your referrer, but other than that its mostly that you need to regexp the site and know the structure of the HTML pretty much.
I want to track the site URL from where user reached my site.
From where he came i.el, Google, GMail, Facebook, etc.
I tried $_SERVER['HTTP_REFERER'] but it does not contain anything when user click on my site link from any external site but resides the value when I visit among my site pages and this is also not trusted.
So, What I can do from here?
Is there any other way to track the external URL through PHP?
Any idea?
EDIT: Now HTTP_REFERER is able to get the url from most of sites but not able to get the url if user came through Gmail and AOL. What could be the causes?
HTTP_REFERER is the only way to get any information about previous site.
And that is also up to the broser if it supplies that information, most do as default.
Its a header that is set by the browser in the request to your server, if it is not present, then you will never know where the user came from.
If the browser is sending and you still to not get anything on the server check if you have any code that interferes with the $_SERVER variable.
Try this URL, its a google search result that goes to a page that just dumps the HTTP_REFERER.
As the pages indicates, if the box lists (none), then your browser is not sending HTTP_REFERER but if you get a result then the problem is in sour server.
http://www.google.com/url?sa=t&source=web&cd=1&sqi=2&ved=0CBIQFjAA&url=http%3A%2F%2Fkarmak.org%2F2004%2Freftest%2Ftest&rct=j&q=http_referer%20test&ei=cNQ2TdGYGsmUOp_ExPoD&usg=AFQjCNFVSmYmQBUcL2l3_ZpmZzVWZztjWg&cad=rja
You can compare it to when you load the page withour google to redirect you:
http://karmak.org/2004/reftest/test
Here is their own start page with link:
http://karmak.org/2004/reftest/
Have you tried it in a variety of browsers? It's down to the browser (As far as I'm aware) to set HTTP_REFERER and sometimes privacy settings can prevent this.
Visitors coming from google can be tracked using google analytics, it gives you the search query terms used before.
This solution also track a lot of other things from your visitors. I undertand it's not PHP based, but it's the only other kind of solution I know if HTTP_REFERRER is not enough to you, and as you quoted google...
So, I can use getenv('HTTP_REFERER') to get an URL which the member has visited previously, but it works only if it's the same website. I want this:
for example. the member firstly visits google.com then goes to my website. I want to show him, that previously he visited a google.com website. How can I do it if it's possible?
$_SERVER['HTTP_REFERER'] works fine for either case, as long as they followed a link from google.com to get to your site. Example: http://mrozekma.com/referer.php
You can only use the HTTP_REFERER header, and capture it the moment the visitor comes to your site. It might not be set, it might be false. There is no other way (and rightly so, I value my privacy). If you need to 'remember' the data store it in a session.
The simple answer is this is not possible. You can get the direct referrer if you're lucky, but nothing else (i.e. not the referrer of the referrer for example). Being able to retrieve the full history of a browser tab via JavaScript or post-back would be a major security issue.
Grabbing a browser's history is considered a breach of privacy, so any method that might exist to grab it would be considered a security bug in the browser.
Note that even the HTTP_REFERER header is considered to be a privacy issue by many people, so it's either disabled or filtered quite often (http://en.wikipedia.org/wiki/HTTP_referrer#Referrer_hiding).