your opinion on this type of counter

PHP programming forum. Ask questions or help people concerning PHP code. Don't understand a function? Need help implementing a class? Don't understand a class? Here is where to ask. Remember to do your homework!

Moderator: General Moderators

Post Reply
andrei.mita
Forum Commoner
Posts: 65
Joined: Sun May 08, 2005 4:06 am
Location: Barlad/Romania

your opinion on this type of counter

Post by andrei.mita »

I have build a page traffic analizer/counter and I would like to know what you think of it. It is good? Does it have buggs? Can the script make fals entries into the db? How can I optimeze it?

Code: Select all

<?php
session_start();
mysql_connect("localhost", "user", "pass") or die(mysql_error());
mysql_select_db("db") or die(mysql_error());

$page = $_GET['page'];
$ip = $_SERVER['REMOTE_ADDR'];
$host = gethostbyaddr($_SERVER['REMOTE_ADDR']);
$user = $_SESSION['user'];
$last= date("Y-m-d");

if (empty($_SESSION['user']))  //for index page or any other that doesnt need 
                               //you to be authenticated
	{
	 $select = "SELECT * FROM `counter` WHERE ip='".$ip."' LIMIT 1";  //check for ip
	 $result = mysql_query($select);
	 	if (mysql_affected_rows()<1)  //if the ip is not there it means 
                                             //this persone is for the first time here
	 		{
	 		$insert = "INSERT INTO counter (ip, host, nr, last, ".$page.") VALUES ('".$ip."', '".$host."',1,'".$last."',1 )"; 
	 		$result = mysql_query($insert);
	 		}

	 	elseif (mysql_affected_rows()>0) //if ip is there, check for the last view of the page
	 		{	
	 		$row = mysql_fetch_assoc($result);
	 		if  ($row['last'] != $last)  
	 			{
	 			$update = "UPDATE counter SET nr=nr+1, last='".$last."' WHERE ip='".$ip."'";
	 			$resultU = mysql_query($update);
	 			}
	 		elseif ($row['last'] == $last)   
	 			{
	 			$update1 = "UPDATE counter SET ".$page."=".$page."+1 WHERE ip='".$ip."'";
	 			$resultU1 = mysql_query($update1);
	 			}
	 		}
	 }
	 
elseif (!empty($_SESSION['user'])) //user is logged in
{
	$select  = "SELECT * FROM `counter` WHERE `user` ='".$user."' LIMIT 1";
	$result = mysql_query($select);
	
        if(mysql_affected_rows()<1)
		{
		$update2 = "UPDATE `counter` SET user='".$user."' WHERE ip='".$ip."'";
		$resulU2 = mysql_query($update2);
		}
        
        elseif(mysql_affected_rows()>0)
                {
	         $select  = "SELECT * FROM `counter` WHERE `user` ='".$user."' LIMIT 1";
	         $result = mysql_query($select);
	         $row = mysql_fetch_assoc($result);
	
	         if ($row['last'] != $last)
		        {
		        $update = "UPDATE `counter` SET ip='".$ip."', host='".$host."',  nr=nr+1, last='".$last."', ".$page."=".$page."+1 WHERE user='".$user."'";
		        $resulU = mysql_query($update);
		        }
	         elseif ($row['last'] == $last )
		        {
		        $update1 = "UPDATE counter SET ".$page."=".$page."+1 WHERE user='".$user."'";
	 	        $resultU1 = mysql_query($update1);
	 	        }
	         } 
}
 	
?>
User avatar
Chris Corbyn
Breakbeat Nuttzer
Posts: 13098
Joined: Wed Mar 24, 2004 7:57 am
Location: Melbourne, Australia

Post by Chris Corbyn »

:arrow: Moved to PHP Theory & Design

EDIT | Moved back to PHP Code
Last edited by Chris Corbyn on Sun Jun 12, 2005 3:33 pm, edited 1 time in total.
User avatar
Buddha443556
Forum Regular
Posts: 873
Joined: Fri Mar 19, 2004 1:51 pm

Post by Buddha443556 »

Escaping your SQL variable is usually a good idea especailly $page. $_GET needs validation.

Some users, like those on AOL, may change their IP with every page. Might consider using:

$_SERVER['HTTP_CLIENT_IP']
$_SERVER['HTTP_X_FORWARDED_FOR']

Snippet form my session tracker:

Code: Select all

if(isset($_SERVER['HTTP_X_FORWARDED_FOR']) === true) {
	
		if(isset($_SERVER['HTTP_CLIENT_IP']) === true) {
			$_SESSION['session_proxy_ip'] = $_SERVER['HTTP_CLIENT_IP'];
		} else {
			$_SESSION['session_proxy_ip'] = $_SERVER['REMOTE_ADDR'];
		}
		
		$_SESSION['session_ip'] = $_SERVER['HTTP_X_FORWARDED_FOR'];
		
	} else{
		
		if(isset($_SERVER['HTTP_CLIENT_IP']) === true) {
			$_SESSION['session_ip'] = $_SERVER['HTTP_CLIENT_IP'];
		} else {
			$_SESSION['session_ip'] = $_SERVER['REMOTE_ADDR'];
		}
		
	}
andrei.mita
Forum Commoner
Posts: 65
Joined: Sun May 08, 2005 4:06 am
Location: Barlad/Romania

Post by andrei.mita »

There will be a small (200 people) comunity using my website. Thanks for the advice, I'll be using it on my other websites. If that's all, that means the script is good, no? Thanks.
User avatar
Buddha443556
Forum Regular
Posts: 873
Joined: Fri Mar 19, 2004 1:51 pm

Post by Buddha443556 »

andrei.mita wrote:There will be a small (200 people) comunity using my website. Thanks for the advice, I'll be using it on my other websites. If that's all, that means the script is good, no? Thanks.
I just mentioned the obvious. Weekends are slow here ... other member may comment during the week. Might post the database layout and any updates to the script? I'm still wondering what $page is? :oops: I'm willing to bet you'll be wondering the same thing in six months ... could use a comment.
andrei.mita
Forum Commoner
Posts: 65
Joined: Sun May 08, 2005 4:06 am
Location: Barlad/Romania

Post by andrei.mita »

$page holds the name of the page the user is browsing, i.e. index.php, profile.php, contact.php etc.
as for the bd:
ip varchar(25)
host varchar(250)
user varchar(15)
nr int(12)
last varchar(50)
p_index int(12)
p_main int(12)
p_.....
.
.
.
Any other suggestion. I'm not sure if my algorithm is right.
Post Reply