Fix - Vca01000

Cool PHP Download File Counter and Tracker. This counter uses a MySQL database to store the amount of downloads for files. It also uses force download and prevents bots from downloading the files and affecting the counter.

Instructions

All of your downloadable files should be in $secret_folder specified in dlcounter.php otherwise bots and users will be able to download the files directly and those downloads will not be counted. This script should not be in $secret_folder.

USAGE:

To stop bots from downloading your files put this honeypot for bots at the very top of your html document. The bots will follow the link and we will be able to track that they are bots and not let them download files and skew the counter results:

<a id="dlc_b" href="dlcounter.php?dlc_b=1">dlc_b</a>
<script type="text/javascript">
document.getElementById('dlc_b').style.display = 'none'; // Hide anchor from real users
</script>

Wherever you have a downloadable file on your page change the link to something like this:

<a rel="nofollow" href="dlcounter.php?file=file.exe">Download file.exe</a>

Wherever you want a counter of the number of downloads for a file on your page put this html code:

Downloaded <span id="file.exe">0</span> times.
<script type="text/javascript" src="dlcounter.php?count=file.exe"></script>

http://www.yourserver.com/dlcounter.php?admin=secretfolder123

Download

Edit the following variables in dlcounter.php:

$db_username="your_mysql_username"; 
$db_pw="your_pw";
$server="localhost";
$database="your_mysql_database";

if (!isset($secret_folder))
	$secret_folder = "secretfolder123"; // Make this random and hard to guess. It is like a password
$purge_days = 90; // Purge bot_history and user_history that are older than this many days

One last note: The download stats also can keep track of the HTTP referer page (how the user came to your website). But in order to get the right referring page you need to put the following code at the top of your webpage. If your webpage has an .html extension instead of .php then you also need to make sure that your web server is processing php code in .html files:

<?PHP	
	@session_start();
	if (!isset($_SESSION['refer'])) // Only set refer if it is not set already
		$_SESSION['refer'] = $_SERVER['HTTP_REFERER'];
?>

History

3/8/2021 - Version 1.1c - Bug Fix - Put inet_pton() inside of escape_string because on the outside mysql sometimes has an error because inet_pton() sometimes puts an unescaped single quote in the string.

4/1/2020 - Version 1.1b - Fixed Warning: "Warning: mysqli_affected_rows() expects exactly 1 parameter" by replacing all instances of mysqli_affected_rows() with mysqli_affected_rows($link) in the script.

3/26/2019 - Version 1.1 - All mysql functions have been converted to mysqli.

1/8/2015 - Version 1.0c - "Yahoo! Slurp" search engine was crawling the rel="nofollow" links and therefore updating the download counter. But only on some pages. Added slurp to dlcounter.php on line 180 to prevent this bot from downloading. Also updated the time from 1 hour to 24 hours for searching in bot_history on line 148 to block previous bots.

10/17/2014 - Version 1.0b - Added extra checking for bots that change their user_agent between each request. Made the download stats appear more appealing by adding user_agent and referer page to same table cell.

9/30/2014 - Version 1.0 - Cool PHP Download Counter / Tracker created.