Hello everyone, I want to build an advertising system like AdSense on my website. I want to count only clicks that are not from the same user.
Because I don't want the user to click many times on the same ad and ruining the ad program.

I was thinking of storing a SESSION or a COOKIE in the user computer when he clicks on the ad so the next click won't add up.
I also was thinking of saving the IP address of the user. But both methods can be manipulated by deleting the COOKIE or by changing the IP address.

So what can I do to make sure that the user haven't clicked on the same ad twice or more?

Recommended Answers

All 4 Replies

You can use a combination cookie/ip as well as javascript localStorage. You can hold a session in localStorage that will re-initialize regardless of cookie or ip change. However, localstorage can be wiped out just as easily as cookies. Most people dont bother clearing cookies anymore, however.

The only way you can realistically track an individual's activity is by forcing them to log in through some fashion, and keeping that session data available. IP Addresses, LocalStorage, and Cookies, are tools you can use to track, but all of them are (as you stated) deletable or mutable in some fashion.

The other option is to look into browser fingerprinting. However, this too is mutable in some fashion (uninstalling a plugin, or changing a timezone), and therefore if you really want to look at uniqueness, you will have to implement a combination (or persistent cookie / evercookie), or have some sort of login mechanism.

Realistically, IP addresses don't change very fast. You can likely timestamp an ip address, and if it is within some range (1 week? 2 weeks? a month?) then you ignore the click. You can combine this with any sort of cookie / session / finger printing you like, but ultimately, it will be prone to failure somewhere along the chain without a user initiated session.

There must be a way. How does Google does it with AdSense? Can someone change their IP address repeatedly in a short time, say less than a minute or five?

Can someone change their IP address repeatedly in a short time, say less than a minute or five?

Yes, if IP is dynamic you disconnect & connect to get a new address, not always in the same range and it can change even at each request when using services like Tor.

Some use the Etag header, this is used to cache resources into the browser: you set a specific Etag ID for each client and, when the browser asks the server if there is a new version of the resource, you can track the request and by consequence that specific user associated to the Etag ID.

An IP change will not affect the tracking with Etags, but deleting the browser cache will delete the Etag entries.

Other use the screen resolution and viewport size to track users. Consider that these are not considered ethical practices, see:

Be a part of the DaniWeb community

We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, learning, and sharing knowledge.