Page 1 of 2 12 LastLast
Results 1 to 25 of 33
  1. #1
    Affiliate Manager Afilyit's Avatar
    Join Date
    April 25th, 2008
    Location
    Staten Island, NY
    Posts
    348
    Cookies vs. Sessions
    Been discussing this with a few people and wondering if this is a possible. Has anyone ever used sessions (stored in a database) to track visitors and affliliate sales?

    Conceivably, a merchant can track visitors in a database rather than cookies stored on the visitor's computer. If the merchant offers 120 tracking days, on the 121st day the older records would be deleted (probably by a cron job) to keep only the last 120 days in that database so it doesn't get too large.

    If this was possible, affiliates would never have to worry about cookie deletion.

    Any thoughts on this subject?

    thanks

  2. #2
    Newbie Shay's Avatar
    Join Date
    February 18th, 2008
    Posts
    47
    If I understand you question correctly, then this cannot be done.

    A session is exist from the moment a visitor visit your website until the time he leaves. To be more precise need to say until he close the browser or until the session has expired (its a time limit). Session is a server side mechanism so each new visit a new session id is been created.

    A cookie, is a client side mechanism. If a visitor visit your website for the first time, he's got cooked
    When he return your server can identify him by calling to the cookie value, assuming that he did not delete it.

    I hope I answered your question

    Shay

  3. #3
    Affiliate Manager Afilyit's Avatar
    Join Date
    April 25th, 2008
    Location
    Staten Island, NY
    Posts
    348
    Yes, you are correct as to what a session is. But we could catch that session and place it in a mysql database. Perhaps the word "session" is bad. I guess the route I am saying is taking that "cookie" and converting/saving it to a database so it's now tracked on the merchant's end, rather than the visitor.

    I'm probably struggling to say this right, but does the concept make sense at all?

  4. #4
    ABW Ambassador Boom or Bust's Avatar
    Join Date
    February 3rd, 2008
    Posts
    3,955
    Sure, you can save cookie or session information in a DB. Cookies and sessions are just the vehicle that can store whatever data you wish. The only way I can see matching that DB record up with a sale would be the IP address. Problem with that is that IP addresses for many visitors are dynamic. Perhaps you can utilize both methods and when a cookie is nonexistent, fall back and check the IP address for a match. You may be able to recover tracking that otherwise would have been lost with the demise of a cookie.



    X

  5. #5
    ABW Ambassador PatrickAllmond's Avatar
    Join Date
    September 20th, 2005
    Location
    OKC
    Posts
    1,219
    Yes you can do it . No it would no be 100% reliable or accurate so I would not touch it.

    In an application I wrote I log everything the user has/does: SessionID, IP, what they clicked on, where they were before this. But it is not so I can track successive sessions because that would no be reliable. It is only so I can track things within a given session.
    ---
    This response was masterly crafted via the fingers of Patrick Allmond who believe you should StopDoingNothing starting today.
    ---
    Focus Consulting is where I roll | Follow @patrickallmond on Twitter
    Search Engine Marketing | Search Engine Optimization | Social Media | Online Video

  6. #6
    Affiliate Manager Afilyit's Avatar
    Join Date
    April 25th, 2008
    Location
    Staten Island, NY
    Posts
    348
    Makes sense, thanks for the thoughts.

  7. #7
    Affiliate Manager bcwaller's Avatar
    Join Date
    January 18th, 2005
    Posts
    244
    Sessions are very reliable for a single user session. They cannot be used to track a user who comes back days later, as sessions expire (usually minutes to hours). We use both sessions and cookies for tracking, as sessions will work when users reject cookies.

    You don't need to track session to IP address, the session is stored on the users computer and identifies the browser session. If someone comes to the site and gets a session, you will know 100% that it is them until their session expires.

    Sessions are usually used for a user visit. Many sites use them to maintain user choices (look/feel, region, path) and identity while browsing and buying.
    Brad Waller | VP, Business and Affiliate Development
    EPage.com

  8. #8
    ABW Ambassador Boom or Bust's Avatar
    Join Date
    February 3rd, 2008
    Posts
    3,955
    In ASP session variables are stored in cookies. If cookies are blocked session variables don't function.



    X

  9. #9
    Affiliate Manager bcwaller's Avatar
    Join Date
    January 18th, 2005
    Posts
    244
    Quote Originally Posted by Boomers
    In ASP session variables are stored in cookies. If cookies are blocked session variables don't function.
    That's no fun! Any option to URL encode them?
    Brad Waller | VP, Business and Affiliate Development
    EPage.com

  10. #10
    ABW Ambassador Boom or Bust's Avatar
    Join Date
    February 3rd, 2008
    Posts
    3,955
    Yes, you can put variables in the request header and move them from page to page in the URL. All the standard session variables such as referrer, IP address etc. are available regardless of cookies, but you can't write/store a session variable without cookies because they have to reside somewhere. As far as I know that's how all [HTML] languages stores session data.



    X

  11. #11
    ABW Ambassador PatrickAllmond's Avatar
    Join Date
    September 20th, 2005
    Location
    OKC
    Posts
    1,219
    In my experience most sessions occur in the server memory, not in the client side browser.

    You can change you configuration to store session data in a variety of places. You can have sessions in cookies, in a database, in memory or in the server file system. But most of the time they are in memory.
    ---
    This response was masterly crafted via the fingers of Patrick Allmond who believe you should StopDoingNothing starting today.
    ---
    Focus Consulting is where I roll | Follow @patrickallmond on Twitter
    Search Engine Marketing | Search Engine Optimization | Social Media | Online Video

  12. #12
    ABW Ambassador Boom or Bust's Avatar
    Join Date
    February 3rd, 2008
    Posts
    3,955
    That's right.
    I'm sure I learned somewhere along the line that session variables are tied in with cookies. Now I'm going to have to go back and dig it up...



    X

  13. #13
    ABW Ambassador Boom or Bust's Avatar
    Join Date
    February 3rd, 2008
    Posts
    3,955
    Quote Originally Posted by Boomers
    That's right.
    I'm sure I learned somewhere along the line that session variables are tied in with cookies. Now I'm going to have to go back and dig it up...
    Ok, got out my ASP binder and blew off the dust. Here's the skinny on cookies and session variables...

    A session starts the first time a user requests an .asp file. When the session starts, the web application generates a session ID. The session ID is stored as a cookie that is sent back to the browser. ASP uses that session ID to match user requests with the information specific to that user's session.

    ASP automatically processes this cookie and uses it to restore the values saved in the session object during each request.

    If a user disables or blocks cookies, the session ID cookie cannot be created for that user. Consequently, session management (including session variables) may not be utilized during the session.

    There you have it. It's the session ID cookie that's key...



    X

  14. #14
    ABW Ambassador PatrickAllmond's Avatar
    Join Date
    September 20th, 2005
    Location
    OKC
    Posts
    1,219
    I'd like to reemphasize that you can have cookies disabled and still have sessions.
    ---
    This response was masterly crafted via the fingers of Patrick Allmond who believe you should StopDoingNothing starting today.
    ---
    Focus Consulting is where I roll | Follow @patrickallmond on Twitter
    Search Engine Marketing | Search Engine Optimization | Social Media | Online Video

  15. #15
    ABW Ambassador Boom or Bust's Avatar
    Join Date
    February 3rd, 2008
    Posts
    3,955
    Absolutely. The session has to exist. That's the way HTML works. You just can't manage the session without the ID cookie. For instance, our ecommerce site stores the shopping cart in a session. If the browsers cookies are disabled, guess what, the shopping cart ceases to function because the session can't identify it with the browser.



    X

  16. #16
    ABW Ambassador PatrickAllmond's Avatar
    Join Date
    September 20th, 2005
    Location
    OKC
    Posts
    1,219
    I am going to run some tests on this and get back to you. I have my own web on the internet where I log every click. One of the things in the log is the session ID. I am going to disable cookies in my browser and see if the PHP code still knows what the session is and it keeps it the same. I'll also do it via a different browser on the same machine. I should end up with a different session. I am willing to be wrong.
    ---
    This response was masterly crafted via the fingers of Patrick Allmond who believe you should StopDoingNothing starting today.
    ---
    Focus Consulting is where I roll | Follow @patrickallmond on Twitter
    Search Engine Marketing | Search Engine Optimization | Social Media | Online Video

  17. #17
    ABW Ambassador Boom or Bust's Avatar
    Join Date
    February 3rd, 2008
    Posts
    3,955
    That'll be an interesting test.
    I don't do PHP so I have no idea how the session is handled in that case.



    X

  18. #18
    Affiliate Manager Afilyit's Avatar
    Join Date
    April 25th, 2008
    Location
    Staten Island, NY
    Posts
    348
    I'm pretty sure (that at least in PHP) sessions are handled on the server side, not the client side.

  19. #19
    ABW Ambassador Boom or Bust's Avatar
    Join Date
    February 3rd, 2008
    Posts
    3,955
    Yes, sessions are handled server-side in asp too. Session specifics and any session variables set by the web application are stored in server memory during the life of the session. It's those session variables that have trouble with blocked cookies. ASP uses the session ID cookie provided by the browser to identify it as the owner of the session variables set during that session. I don't know if PHP handles it that way or not.



    X

  20. #20
    2005 Linkshare Golden Link Award Winner  ecomcity's Avatar
    Join Date
    January 18th, 2005
    Location
    St Clair Shores MI.
    Posts
    17,328
    Quick test as I don't know where your going with this question. Go to www.suspenders.com and put something in the shopping cart. Navigate out to www.sloops.com and place something there in your shopping cart. Notice the cart contents from both web sites. The cart uses both session recording and cookies. Now clear all cookies and close down your browser.

    Open browser and go to either site and view cart contents. If nothing is there then clearing all browser cookies clears both the session ID cookie and the cart content cookie.... PS; there-in hangs the fate of the return day cookies too. Try it on several merchants including those non-cookied Linkshare ones. Google is probably gathering a lot of info on this from their PPA beta program which uses (relies upon) hundreds of different type cart programs.
    Webmaster's... Mike and Charlie

    "What have you done today to put real value into a referral click...from a shoppers viewpoint!"

  21. #21
    ABW Ambassador Boom or Bust's Avatar
    Join Date
    February 3rd, 2008
    Posts
    3,955
    Even after clearing cookies and closing the browser, the items remained in the shopping cart when accessed from either site. So how is the cart application identifying this browser as the one that added to the cart?



    X

  22. #22
    ABW Ambassador Boom or Bust's Avatar
    Join Date
    February 3rd, 2008
    Posts
    3,955
    Ok, this is getting very interesting. I just figured out how the shopping cart app associated the browser with the shopping cart. The problem is, IT'S WRONG!

    I'm testing by remoting in to one of my client sites. I tested the shopping cart for suspenders.com, then cleared cookies, closed the browser, reopened the browser, and accessed the shopping cart. The shopping cart item remained.

    Here's the interesting part...

    Remoted in to a different computer at the same site, accessed suspenders.com and the shopping cart. Guess what?!? The shopping cart contained the same suspenders I added at the other computer! This is proof positive that Google Checkout[GC] is storing the cart in a database and referencing the shopper by IP address, not cookies or anything else on the client side. You see, the network I tested from is connected to the Internet through a NAT firewall and from the outside all their computers appear on the same IP address. So GC is storing the session data (IP address) as well as the shopping cart contents in their database and serving it up to ANY computer that comes in with that IP address.

    So, what I mentioned early in this thread about the only way to identify the shopper with a DB stored session is with the IP address.



    X

  23. #23
    ABW Ambassador Boom or Bust's Avatar
    Join Date
    February 3rd, 2008
    Posts
    3,955
    Addendum to some of my observations above...

    Because I've set privacy to ask before setting any cookie on my computers, a dialog box appears asking how I want to handle a cookie. Because of this thread I started paying attention to the cookie contents that display. I've noticed names such as phpsessid as well as others associated with other web application languages. This leads me to the belief that other languages will have the same problems with blocked cookies as ASP if you use the session variables for storing application data.

    As an affiliate the information in this thread will have little value. As a merchant these issues should be considered when developing both their ecommerce and their affiliate tracking applications.



    X

  24. #24
    ABW Ambassador
    Join Date
    January 18th, 2005
    Posts
    4,423
    Not really. The only reliable way to currently track a computer from session to session is to use... cookies. That is why all programs do it that way. Some may have various session trick, but once a visitor leaves, closes the browser etc - it is about the cookies. The language makes no difference.

  25. #25
    Full Member
    Join Date
    January 18th, 2005
    Posts
    396
    While dial-up folks do dynamically change their IP's each dial-in so you couldn't track their web accesses with IP's, the folks with cable/DSL and a UPS on their router don't change their dynamic IP's very often. I would think an IP Database as a backup to cookies would be fairly reliable, at least for a 30-120 day 'cookie' period.

+ Reply to Thread
Page 1 of 2 12 LastLast

Similar Threads

  1. Featured: Vote for ASW15 Sessions
    By MichaelColey in forum Events and Gatherings
    Replies: 8
    Last Post: September 19th, 2014, 03:07 PM
  2. How to get powerpoints, etc from sessions?
    By aws2010yes in forum Events and Gatherings
    Replies: 17
    Last Post: February 24th, 2010, 07:01 AM
  3. affiliates auto-setting cookies, merchants overwriting cookies
    By affiliatetracking in forum Midnight Cafe'
    Replies: 25
    Last Post: March 12th, 2004, 09:44 AM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •