The Cache: Technology Expert's Forum
 
*
Welcome, Guest. Please login or register. July 22, 2019, 10:05:29 PM

Login with username, password and session length


Pages: [1]
  Print  
Author Topic: JS stats counter, how do they do it?  (Read 4269 times)
Bompa
Administrator
Lifer
*****
Offline Offline

Posts: 564


Where does this show?


View Profile
« on: October 20, 2011, 11:11:38 PM »

I put just a few lines of code from statcounter.com on my page and they log a ton of info, how?

Better yet, just help me with this:

I wrote counter.cgi that logs visitor stats. I call it with js on my home page:

Code:
<script src="counter.cgi"></script>

It works for IP and UA, but I do not get the visitor's REFERER, I just get my homepage as the REFERER.


So, I tried to append the referrer to the request like this:

Code:
<script
var cameFrom = document.referrer;
</script>

<script src = 'counter.cgi?' + cameFrom; </script>


That does not work for me. It's not appending correctly. I get nothing.

I must be doing something wrong.

Bompa
Logged

"The most beautiful and profound emotion we can experience is the sensation of the mystical..." - Albert Einstein
perkiset
Olde World Hacker
Administrator
Lifer
*****
Offline Offline

Posts: 10096



View Profile
« Reply #1 on: October 21, 2011, 07:57:22 AM »

I put just a few lines of code from statcounter.com on my page and they log a ton of info, how?
Can you post what you added to your page? Let me look at it.


Code:
<script src="counter.cgi"></script>

It works for IP and UA, but I do not get the visitor's REFERER, I just get my homepage as the REFERER.


So, I tried to append the referrer to the request like this:

Code:
<script
var cameFrom = document.referrer;
</script>

<script src = 'counter.cgi?' + cameFrom; </script>


That's pretty novel looking, I've not seen it done that way. I am not sure that it would work.

A couple ways I might tackle it:

* in the stats counter script, send up an Ajax call with everything it finds on the page. Don't try to pass them on the LOAD of the script, but rather with the script itself. You should consider jQuery to help you if this is confusing, the Ajax stuff is very easy to understand.

* you might consider something like this:
<script>
preload_image = new Image(1,1);
preload_image.src="dotClear.cgi?ref=" + document.referrer;
</script>

... which I think would process more cleanly and reliably. Note that your dotClear.cgi would have to send back a 1x1 dot image or the page would have an error.

I've only got a moment here, I'll think on this again later if it's not solved.
« Last Edit: October 21, 2011, 07:58:59 AM by perkiset » Logged

It is now believed, that after having lived in one compound with 3 wives and never leaving the house for 5 years, Bin Laden called the U.S. Navy Seals himself.
Bompa
Administrator
Lifer
*****
Offline Offline

Posts: 564


Where does this show?


View Profile
« Reply #2 on: October 21, 2011, 02:48:17 PM »

Code:
<!-- Start of StatCounter Code --><script type="text/javascript">
var sc_project=6875478;
var sc_invisible=1;
var sc_security="2d3131ca";
</script>
<script type="text/javascript" src="http://www.statcounter.com/counter/counter.js"></script>

<noscript>
<div class="statcounter"><a href="http://statcounter.com/tumblr/" title="tumblr hit tracking tool" target="_blank">
<img SRC="1" ALT="tumblr hit tracking tool" class="statcounter" ></a></div>
</noscript><!-- End of StatCounter Code -->

With liveHeaders I see that statcounter does TWO GETs, but I don't know how
they do that.

Their first GET:
http://www.statcounter.com/counter/counter.js

Their second GET:
http://c.statcounter.com/t.php?sc_project=6875478&resolution=1024&h=768&camefrom=&u=http%3A//dripfeedbookmark.com/&t=BUY%20GET%20DRIP%20FEED%20BACK%20LINKS%20-%20SOCIAL%20BOOKMARK%2C%20AUTHORITY%20SITES%2C%20COMMENTING%2C%20SECRET%20SAUCE!&java=1&security=2d3131ca&sc_random=0.7708677250627173&sc_snum=1&invisible=1


Keep in mind, I am not trying to grab all that info. I just want a .html (JS/iframe, etc) solution
to logging a visitor's referrer.


thanks,
Bompa
Logged

"The most beautiful and profound emotion we can experience is the sensation of the mystical..." - Albert Einstein
Bompa
Administrator
Lifer
*****
Offline Offline

Posts: 564


Where does this show?


View Profile
« Reply #3 on: October 21, 2011, 02:55:16 PM »

<script src = 'counter.cgi?' + cameFrom; </script>

That type of concatenating works when doing a redirect

href.location="counter.cgi" + document.referrer;

but it does not work as the src URL.

I think the src URL can not contain a variable at all.


Bompa
Logged

"The most beautiful and profound emotion we can experience is the sensation of the mystical..." - Albert Einstein
perkiset
Olde World Hacker
Administrator
Lifer
*****
Offline Offline

Posts: 10096



View Profile
« Reply #4 on: October 21, 2011, 03:19:39 PM »

Hey Bomps - I took a little bit to grab and de-minify their code so we could look at it, here it is (I'll comment in the next post):

I'm sure I screwed something up because I have to extra closing braces at the end and no tabs to go left.
Also, a quick read of the code looks like they don't want it to run if it's been modified (like I just did) in any way, so don't try to run the code I've got here as is.

Code:

var sc_width = screen.width;
var sc_height = screen.height;
var sc_referer = "" + document.referrer;
try {
sc_referer = "" + parent.document.referrer
} catch(ex) {
sc_referer = "" + document.referrer
}
var sc_unique = 0;
var sc_returning = 0;
var sc_returns = 0;
var sc_error = 0;
var sc_remove = 0;
var sc_cls = -1;
var sc_inv = 0;
var sc_os = "";
var sc_title = "";
var sc_url = "";
var sc_base_dir = "";
var sc_click_dir = "";
var sc_link_back_start = "";
var sc_link_back_end = "";
var sc_security_code = "";
var sc_http_url = "http";
var sc_host = "statcounter.com";

if(window.sc_invisible)  {
if(window.sc_invisible == 1)  {
sc_inv = 1
}
}

if(window.sc_click_stat)  {
sc_cls = window.sc_click_stat
}

if(window.sc_https) {
if(sc_https == 1)  {
sc_doc_loc = '' + document.location;
myRE = new RegExp("^https","i");
if(sc_doc_loc.match(myRE)) {
sc_http_url = "https"
}
}
}

if(window.sc_local)  {
sc_base_dir = sc_local
} else {
if(sc_cls == -1) {
sc_cls = 1
}
sc_base_dir = sc_http_url + "://c." + sc_host + "/"
}

sc_click_dir = sc_base_dir;
if(window.sc_text) {
sc_base_dir += "text.php?"
} else {
sc_base_dir += "t.php?"
}

if(window.sc_project) {
if(sc_project == "4135125") {
if(Math.floor(Math.random()*3)! = 1) {
sc_remove = 1
}
}
sc_base_dir += "sc_project = " + sc_project
} else if(window.usr) {
sc_base_dir += "usr = " + usr
} else {
sc_error = 1
}

if(window.sc_remove_link) {
sc_link_back_start = "";
sc_link_back_end = ""
} else {
sc_link_back_start = "<a class = \"statcounter\" href = \"http://www." + sc_host + "\" target = \"_blank\">";
sc_link_back_end = "<\/a>"
}

sc_date = new Date();
sc_time = sc_date.getTime();
sc_time_difference = 3600000;
sc_title = "" + document.title;
sc_url = "" + document.location;
sc_referer = sc_referer.substring(0,600);
sc_title = sc_title.substring(0,300);
sc_url = sc_url.substring(0,300);
sc_referer = escape(sc_referer);
if(encodeURIComponent) {
sc_title = encodeURIComponent(sc_title)
} else {
sc_title = escape(sc_title)
}

sc_url = escape(sc_url);
if(window.sc_security) {
sc_security_code = sc_security
}

if(sc_script_num) {
sc_script_num++
} else {
var sc_script_num = 1
}

var sc_tracking_url =
sc_base_dir +
"&resolution = " + sc_width +
"&h = " + sc_height +
"&camefrom = " + sc_referer +
"&u = " + sc_url +
"&t = " + sc_title +
"&java = 1&security = " + sc_security_code +
"&sc_random = " + Math.random() +
"&sc_snum = " + sc_script_num;

var sc_clstr = "<span class = \"statcounter\">";
var sc_cltext = "\" alt = \"StatCounter - Free Web Tracker and Counter\" border = \"0\">";
var sc_strout = sc_clstr + sc_link_back_start + "<img src = \"" + sc_tracking_url + sc_cltext + sc_link_back_end + "</span>";

if(sc_error == 1) {
document.writeln("Code corrupted. Insert fresh copy.")
} else if(sc_remove == 1) {

} else {
if(sc_inv == 1) {
if(window.sc_call) {
sc_call++
} else {
sc_call = 1
}
eval("var sc_img" + sc_call + "  =  new Image();
sc_img" + sc_call + ".src  =  \"" + sc_tracking_url + "&invisible = 1\"")
} else if(window.sc_text) {
document.writeln('<scr' + 'ipt language = "JavaScript"' + ' src = ' + sc_tracking_url + "&text = " + sc_text + '></scr' + 'ipt>')
} else {
document.writeln(sc_strout)
}
}

if(sc_cls > 0) {
if(clickstat_done! = 1) {
var clickstat_done = 1;
var clickstat_project = window.sc_project;
var clickstat_security = window.sc_security_code;
var dlext = "7z|aac|avi|csv|doc|docx|exe|flv|gif|gz|jpe?g|js|mp(3|4|e?g)|mov|pdf|phps|png|ppt|rar|sit|tar|torrent|txt|wma|wmv|xls|xlsx|xml|zip";
if(typeof(window.sc_download_type) == 'string') {
dlext = window.sc_download_type
}

var ltype = "https?|ftp|telnet|ssh|ssl|mailto";
var second = "ac|co|gov|ltd|me|mod|net|nic|nhs|org|plc|police|sch|com";
var dl = new RegExp("\\.(" + dlext + ")$","i");
var lnk = new RegExp("^(" + ltype + "):","i");
var domsec = new RegExp("\^(" + second + ")$","i");
var host_name = location.host.replace(/^www\./i,"");
var host_splitted = host_name.split(".");
var domain = host_splitted.pop();
var host_split = host_splitted.pop();
if(domsec.test(host_split)) {
domain = host_split + "." + domain;
host_split = host_splitted.pop()
}

domain = host_split + "." + domain;
var lnklocal_mask = "^https?:\/\/(.*)(" + domain + "|webcache.googleusercontent.com)";
var lnklocal = new RegExp(lnklocal_mask,"i");
if(document.getElementsByTagName) {
var anchors = document.getElementsByTagName('a');
for(var i = 0; i<anchors.length; i++ ) {
var anchor = anchors[i];
if(anchor.onmousedown) {
var original_click = anchor.onmousedown;
var s = original_click.toString().split("\n").join(" ");
var bs = s.indexOf('{');
var head = s.substr(0,bs);
var ps = head.indexOf('(');
var pe = head.indexOf(')');
var params = head.substring(ps + 1,pe);
var plist = params.split(",");
var body = s.substr(bs + 1,s.length-bs-2);
var insert = "sc_clickstat_call(this,'" + sc_click_dir + "');";
var final_body = insert + body;
var ev_head = "new Function (";
var ev_params = "";
var ev_sep = "";
for(var sc_i = 0; sc_i<plist.length; sc_i++ ) {
ev_params = ev_sep + "'" + plist[sc_i] + "'";
ev_sep = ","
}
if(ev_sep == ",") {
ev_params += ","
}
var ev_foot = "final_body);";
var ev_final = ev_head + ev_params + ev_foot;
anchor.onmousedown = eval(ev_final)
} else {
anchor.onmousedown = new Function("event","sc_clickstat_call(this,'" + sc_click_dir + "'); return true;")
}
}
}

function sc_none() {
return
}

function sc_delay() {
if(window.sc_click_stat) {
var d = window.sc_click_stat
} else {
var d = 250
}
var n = new Date();
var t = n.getTime() + d;
while(n.getTime()<t) {
var n = new Date()
}
}

function sc_clickstat_call(adata,sc_click_dir) {
if(adata) {
var clickmode = 0;
if(lnk.test(adata)) {
if((lnklocal.test(adata))) {
if(dl.test(adata)) {
clickmode = 1
} else if(window.sc_exit_link_detect&&new RegExp(sc_exit_link_detect,"i").test(adata)) {
clickmode = 2
} else if(sc_cls == 2) {
clickmode = 2
}
} else {
clickmode = 2
}
}

if(clickmode! = 0) {
var sc_link = escape(adata);
if(sc_link.length>0) {
var sc_req = sc_click_dir +
"click.gif?sc_project = " + clickstat_project +
"&security = " + clickstat_security +
"&c = " + sc_link +
"&m = " + clickmode +
"&u = " + sc_url +
"&t = " + sc_title +
"&rand = " + Math.random();
var sc_req_image = new Image();
sc_req_image.onload = sc_none;
sc_req_image.src = sc_req;
sc_delay()
}
}
}
}

var sc_gsyn_pattern = 'googlesyndication\.com|ypn-js\.overture\.com|ypn-js\.ysm\.yahoo\.com|googleads\.g\.doubleclick\.net';
var sc_gsyn_pattern2 = '^aswift_[0-9] + $';
var sc_px;
var sc_py;

function sc_adsense_click(sc_data) {
if(sc_data.src.match(sc_gsyn_pattern)) {
var sc_link = escape(sc_data.src)
} else {
var sc_link = escape("Google Adsense " + sc_data.width + "x" + sc_data.height)
}

var i = new Image();
var sc_req = sc_click_dir +
"click.gif?sc_project = " + clickstat_project +
"&security = " + clickstat_security +
"&c = " + sc_link +
"&m = 2&u = " + sc_url +
"&t = " + sc_title +
"&rand = " + Math.random();

i.src = sc_req;
sc_delay()
}

function sc_adsense_init() {
if(document.all&&typeof window.opera == "undefined") {
var el = document.getElementsByTagName("iframe");
for(var i = 0; i<el.length; i++ ) {
if(el[i].src.match(sc_gsyn_pattern)||el[i].id.match(sc_gsyn_pattern2)) {
el[i].onfocus = function() {
sc_adsense_click(this)
}
}
}
} else {
if(typeof window.addEventListener! = "undefined") {
window.addEventListener("unload",sc_exitpage,false);
window.addEventListener("mousemove",sc_getmouse,true)
}
}
}

if(typeof window.addEventListener! = 'undefined') {
window.addEventListener('load',sc_adsense_init,false)
} else {
if(typeof document.addEventListener! = 'undefined') {
document.addEventListener('load',sc_adsense_init,false)
} else {
if(typeof window.attachEvent! = 'undefined') {
window.attachEvent('onload',sc_adsense_init)
} else {
if(typeof window.onload == 'function') {
var sc_existing = onload;
window.onload = function() {
sc_existing();
sc_adsense_init()
}
} else {
window.onload = sc_adsense_init
}
}
}
}

function sc_getmouse(e) {
if(typeof e.pageX == "number") {
sc_px = e.pageX;
sc_py = e.pageY
} else {
if(typeof e.clientX == "number") {
sc_px = e.clientX;
sc_py = e.clientY;
if(document.body&&(document.body.scrollLeft||document.body.scrollTop)) {
sc_px += document.body.scrollLeft;
sc_py += document.body.scrollTop
} else {
if(document.documentElement&&(document.documentElement.scrollLeft||document.documentElement.scrollTop)) {
sc_px += document.documentElement.scrollLeft;
sc_py += document.documentElement.scrollTop
}
}
}
}
}

function sc_findy(obj) {
var y = 0;
while(obj) {
y += obj.offsetTop;
obj = obj.offsetParent
}
return(y)
}

function sc_findx(obj) {
var x = 0;
while(obj) {
x += obj.offsetLeft;
obj = obj.offsetParent
}
return(x)
}

function sc_exitpage(e) {
ad = document.getElementsByTagName("iframe");
if(typeof sc_px == "undefined") {
return
}

for(var i = 0; i<ad.length; i++ ) {
var adLeft = sc_findx(ad[i]);
var adTop = sc_findy(ad[i]);
var adW = parseInt(adLeft) + parseInt(ad[i].width) + 15;
var adH = parseInt(adTop) + parseInt(ad[i].height) + 10;
var inFrameX = (sc_px>(adLeft-10)&&sc_px<adW);
var inFrameY = (sc_py>(adTop-10)&&sc_py<adH);
if(inFrameY&&inFrameX) {
if(ad[i].src.match(sc_gsyn_pattern)||ad[i].id.match(sc_gsyn_pattern2)) {
sc_adsense_click(ad[i])
}
}
}
}

}

}
Logged

It is now believed, that after having lived in one compound with 3 wives and never leaving the house for 5 years, Bin Laden called the U.S. Navy Seals himself.
perkiset
Olde World Hacker
Administrator
Lifer
*****
Offline Offline

Posts: 10096



View Profile
« Reply #5 on: October 21, 2011, 03:24:26 PM »

Immediately interesting is this:

Code:
var sc_referer = "" + document.referrer;
try {
sc_referer = "" + parent.document.referrer
} catch(ex) {
sc_referer = "" + document.referrer
}

... which is clearly a concession to the IE/FF or Webkit et al differences.

Second look at this, it explains the "second get" you talk about. Although this is not the only request they potentially make, they are clearly creating a URL here and then requesting a JS and appending it to the DOM (based on some parameters decided earlier, they either request it as a JS or request it as an image, as I'd suggested earlier ... they are going to make sure they get the data Wink )

Code:
var sc_tracking_url =
sc_base_dir +
"&resolution = " + sc_width +
"&h = " + sc_height +
"&camefrom = " + sc_referer +
"&u = " + sc_url +
"&t = " + sc_title +
"&java = 1&security = " + sc_security_code +
"&sc_random = " + Math.random() +
"&sc_snum = " + sc_script_num;

var sc_clstr = "<span class = \"statcounter\">";
var sc_cltext = "\" alt = \"StatCounter - Free Web Tracker and Counter\" border = \"0\">";
var sc_strout = sc_clstr + sc_link_back_start + "<img src = \"" + sc_tracking_url + sc_cltext + sc_link_back_end + "</span>";

if(sc_error == 1) {
document.writeln("Code corrupted. Insert fresh copy.")
} else if(sc_remove == 1) {

} else {
if(sc_inv == 1) {
if(window.sc_call) {
sc_call++
} else {
sc_call = 1
}
eval("var sc_img" + sc_call + "  =  new Image();
sc_img" + sc_call + ".src  =  \"" + sc_tracking_url + "&invisible = 1\"")
} else if(window.sc_text) {
document.writeln('<scr' + 'ipt language = "JavaScript"' + ' src = ' + sc_tracking_url + "&text = " + sc_text + '></scr' + 'ipt>')
} else {
document.writeln(sc_strout)
}
}


Logged

It is now believed, that after having lived in one compound with 3 wives and never leaving the house for 5 years, Bin Laden called the U.S. Navy Seals himself.
perkiset
Olde World Hacker
Administrator
Lifer
*****
Offline Offline

Posts: 10096



View Profile
« Reply #6 on: October 21, 2011, 03:26:00 PM »

Although I haven't worked through it yet, they're also hooking any future loads against (this) document for adsense pulls ... interesting the way they do it.

Logged

It is now believed, that after having lived in one compound with 3 wives and never leaving the house for 5 years, Bin Laden called the U.S. Navy Seals himself.
Bompa
Administrator
Lifer
*****
Offline Offline

Posts: 564


Where does this show?


View Profile
« Reply #7 on: October 21, 2011, 05:33:00 PM »

wow thanks perk

This line shows that it's possible to concatenate to the src.  That's all I need to do and I'll be done.

Code:
document.writeln('<scr' + 'ipt language = "JavaScript"' + ' src = ' + sc_tracking_url + "&text = " + sc_text + '></scr' + 'ipt>')

I think if I put that line inside script tags and set my own vars for
sc_tracking_url and sc_text, it should work, right?


Bomps
« Last Edit: October 21, 2011, 05:34:58 PM by Bompa » Logged

"The most beautiful and profound emotion we can experience is the sensation of the mystical..." - Albert Einstein
Bompa
Administrator
Lifer
*****
Offline Offline

Posts: 564


Where does this show?


View Profile
« Reply #8 on: October 21, 2011, 05:50:30 PM »

Btw, I did try this, but the referrer is not concatenated.

I think I need document.write or maybe eval, i really dunno wtf i'm doing lol


Code:
<script>
preload_image = new Image(1,1);
preload_image.src="welcome.cgi?ref=" + document.referrer;
</script>
Logged

"The most beautiful and profound emotion we can experience is the sensation of the mystical..." - Albert Einstein
Bompa
Administrator
Lifer
*****
Offline Offline

Posts: 564


Where does this show?


View Profile
« Reply #9 on: October 21, 2011, 06:07:32 PM »

Forget everything I said, the below works fine!  duh

Thank you perk.


Code:
<script>
preload_image = new Image(1,1);
preload_image.src="welcome.cgi?ref=" + document.referrer;
</script>
[/quote]
Logged

"The most beautiful and profound emotion we can experience is the sensation of the mystical..." - Albert Einstein
perkiset
Olde World Hacker
Administrator
Lifer
*****
Offline Offline

Posts: 10096



View Profile
« Reply #10 on: October 21, 2011, 08:21:49 PM »

My pleasure Bomps Smiley
Logged

It is now believed, that after having lived in one compound with 3 wives and never leaving the house for 5 years, Bin Laden called the U.S. Navy Seals himself.
Pages: [1]
  Print  
 
Jump to:  

Perkiset's Place Home   Best of The Cache   phpMyIDE: MySQL Stored Procedures, Functions & Triggers
Politics @ Perkiset's   Pinkhat's Perspective   
cache
mart
coder
programmers
ajax
php
javascript
Powered by MySQL Powered by PHP Powered by SMF 1.1.2 | SMF © 2006-2007, Simple Machines LLC
Seo4Smf v0.2 © Webmaster's Talks


Valid XHTML 1.0! Valid CSS!