Parsing __utmz tracking cookie to get referral - cookies

I use Google Analytics on my site, and I want to read __umtz cookie to get referring link. I made some research and I wrote such code:
$refer=explode('utmcsr=',$_COOKIE['__utmz']);
if(count($refer)>1) $refer=explode('|',$refer[1]);
$refer=addslashes($refer[0]);
The problem is, this is not always working, sometimes I get junk as result. What I am doing wrong? Maybe someone have a good description of this cookie?

Check my Google Analytics Cookie Parser.
Google Analytics PHP Cookie Parser is a PHP Class that you can use to obtain data from GA cookies such as campaign, source, medium, etc. You can use this parser to get this data on your contact forms or CRM.
Just updated to version 1.2 with minor bugfixes and more info, number of pages viewed in current visit.

You could use $_SERVER['HTTP_REFERER'] to get the Referer.
Overall it is a bad idea to use other's people's cookies to get data unless you know exactly how they work, and when they update, or you use an API that THEY have made available.
Lets say the Google decides to revamp the cookie altogether so that the Referer information isn't available on the cookie, your system would break. It is best to get data directly from your own sources rather than someone else's.

Related

gtag.js cookie not being set

I have put the tracking code with my id on every page of website.
But upon checking for cookies, I can see no cookie is being set by gtag.js.
According to https://developers.google.com/analytics/devguides/collection/gtagjs/cookies-user-id , the js code should automatically set the cookie.
P.S.- I am using Google Analytics for the first time. Total Noob.
Any ideas?
Indeed, gtag.js uses the _ga and _gid cookies to distinguish unique users, and uses the _gat cookie to throttle the request rate. More details about cookies you can see here:
https://developers.google.com/analytics/devguides/collection/gtagjs/cookie-usage
To check actual cookies, please use plugin like EditThisCookies (plugin to Chrome).
To check your GA implementation, please use Google Tag Assistant (also plugin to Chrome). Tag Assistant will validate if your analytics is working or not.
There is a need of more details about your website and GA implementation. For example, do you implement GA via Tag Manager? What is your website address? etc. Without such details it is difficult to investigate your case.

Google NID Cookie

I'm not sure if this is the right stack to ask this in so if not please let me know!
I am trying to get a handle on what cookies are used on a site and what they are for. When I initially did a cookie scan I noticed a cookie names NID which was set by google.
I have tried to research this cookie and can see it is used by Google for advertising purposes.
But I am confused about why and where this is being set, the site I am looking at does not use advertising anywhere, although it does use embedded YouTube videos.
Can anyone shed any light on when and why this cookie is set?
according to Google
Most Google users will have a preferences cookie called ‘NID’ in their browsers. A browser sends this cookie with requests to Google’s sites. The NID cookie contains a unique ID Google uses to remember your preferences and other information, such as your preferred language (e.g. English), how many search results you wish to have shown per page (e.g. 10 or 20), and whether or not you wish to have Google’s SafeSearch filter turned on.
For me, the cookie was hammered incessantly by the url https://www.google.com/s2/favicons?domain=example.org Which was being used by CookieBro & FeedBro RSS feeder browser addons for retrieving icons associated with various domains. The cookie can be dropped by either an addon or by google itself.
I used cookie log via cookiebro addon for firefox & chrome to detect these cookies in realtime, its one of a kind. However I did not realize it was cookiebro dropping them until the next step below.
To see what background connection is occuring when these cookies are placed, enter the following firefox url: about:cache?storage=disk&context= and you will see when and where the google url being connected to.
It is said this cookie is for targeting & ADS and the google's settings are integrated to make the cookie inconvenient to delete for Google users.

Google Analytics and cookies

My question is: I'm developing a website and I want to monitor analytics with Google Analytics, however I've been reading articles about cookies and I didn't realize if I need to program my website with some kind of cookies in order to use google tool, or if I simply don't need to do anything on my website.
Thanks
To do tracking you simply need to insert the code snippet that you can get from the GA admin interface.
However since you are in the EU you need to point out to your visitors that they are being tracked on your web page and that the site uses cookies to do so (and I think you need to provide an opt-out, although that might be a German thing). This is mandated by the European Privacy directive, which is sometimes referred to as "Cookie Law" (technically incorrect, since it is neither a law nor specifically about cookies), so maybe this gave you the idea that you need to do extra programming.

Meaning of cookie in browser

I found that the cookie in browser is a random string which web server sends to each client for remembering users' information purpose. But I don't understand in programmers viewpoint, what does cookie use for?
For example, I've used EditThisCookie extension in Chrome Browser to read wikipedia.org site's cookie, in the following picture included here. The value of this cookie (sessionId) is useless for programmers (EDIT: I mean I don't extract any information from this cookie, I know the cookie is very important for web developers, so sorry about my poor expression). If I get this cookie, which kind of information I can understand about the users?
Looking for some help! Thank you very much!
The example about cookie
http://i102.photobucket.com/albums/m86/dienkun1/cookie_example_zps455f0dad.png
EDIT: Sorry, I've just expressed my problem in wrong way.
Actually, I am going to write an extension for collecting users' preferences via users' cookie, but I can't understand anything what information can be extracted from cookie. I've read about cookie in many documents, like wikipedia, and all of them just show how to get cookie, the definition of cookie, classified... and nothing about which information we can get from cookie.
Thank you very much!
Why do you say that the sessionId is useless for programmers? It actually can be extremely useful. Somewhere on Wikipedia's servers, they're probably storing quite a bit of information about your session. This could include things like whether you've already hidden one of their fundraising banners (so that it won't keep showing it to you again and again), to things that are required for basic functionality, such as what user you are currently logged in as.
However, Wikipedia is storing this same information for millions of sessions. It needs a way to tie the information back to each individual browser. That sessionId is how it does so. It set the sessionId in a cookie when you first accessed the page, and that cookie gets sent back to the server with every request you make to it now. Then they have code on the back end that reads that sessionId from the cookie and uses it to look up all of the information specific to your session, and do whatever needs to be done with it.
You could of course store the session information itself in the cookies, but there are a couple problems with that. First, there are limits on the size of each cookie, and on the overall size of all cookies for a single domain. Some of the data you want to store might not even fit. But the bigger problem is that cookies can be very easily manipulated by the end user. If you stored the information of who the user is logged in as in a cookie, the user could just change that value to something else, and suddenly be logged in as someone else! Of course, it's also possible that the user could change their sessionId to be some other user's session and suddenly be logged in as them. That's why session IDs need to be as random as possible, and should be long enough that guessing someone else's is basically impossible.
Well, why would someone bother writing a sessionId to a cookie if it's useless?
Cookies are extremely useful when it comes to (e.g) identifying users on your site so you can have them logged in right away, count their visits, track them on your site and even beyond.. only to name a few use cases.
To cite a somewhat popular site (wikipedia.org):
Cookies were designed to be a reliable mechanism for websites to remember stateful information (such as items in a shopping cart) or to record the user's browsing activity (including clicking particular buttons, logging in, or recording which pages were visited by the user as far back as months or years ago).
The most important word here is "stateful".

Get apprequests available to user, sent by other users

BUMP: This is not a dead request. I'm still hoping to get a solid answer from someone at Facebook or anyone else. Thanks.
Revised Inquiry: I don't know if I'm not asking the right question, or if I'm asking a valid question that no one can answer.
New Questions:
Can we use FQL or another means to get all of the requests seen at reqs.php? I'm essentially looking for something like this:
SELECT request_id, app_id FROM apprequest WHERE recipient_uid = me()
Notifications return that data but app requests are often batched into a single record with a link identifying some but not all requests. I want individual records for all app requests currently open. The data to do this must be available, as this is the data used to build notifications! It just seems that this is not being made available to us. :(
Thanks!
Original Inquiry Follows:
I have an app that aggregates various sources of Facebook information for a user. One of the sets of data I'm working on is the collection of apprequests which have been sent to this user by friends. For example, I open GreatApp and click to send a request to you. You may or may not use GreatApp but let's assume you haven't blocked requests from it. You now open my AggregatorApp that shows my request to you, and the included link back to GreatApp. The data you see is the same as at reqs.php but formatted differently, with much more data, and of course simply much better. ;)
I thought that is what we got in apprequests. From this question I'm understanding that apprequests is a collection of requests sent out by the current application.
When using path/me/apprequests, we don't need to specify an app ID. But I believe here we do need to provide an app token rather than a user token. Is that correct? If that's correct then this confirms that the requests are those that this app sent out, not requests generated by other apps.
When using FQL, we need to identify the uid of the app as well as the id of the request in order to query the apprequests table. I get that, but even with a valid request id and app id (and valid permissions) FQL doesn't return request data. (I haven't checked with an app id, maybe that's the key.)
I am hoping people will provide some concrete examples for any of the above, specifically getting inbound requests from other apps, and confirmation about what token or other detail is expected for /apprequests and the apprequests table to return data.
Thanks!
Other threads asking the same question without a good (or any) response:
thread1 thread2
You need to make a graph api request to get the apprequests connection for a user. See the current documentation here: http://developers.facebook.com/docs/reference/api/user/.
In the Connections table, the documentation correctly notes that you need an application access token to retrive the requests to that user. There's a bug in the documentation under (http://developers.facebook.com/docs/reference/api/user/#apprequests) that claims you need a user access token. This is incorrect, and (as you've seen) will return an empty list of requests.
Requests sent by an application are only visible to the application. The user can't see or delete these requests (though they are able to hide the request). The reason for this is that the applications can put data into the requests (255 characters) that's never exposed to the user or other applications.
I don't think there's a way you'll be able to aggregate a user's requests from apps that you don't have an access token for.
What I have found out (before my question was deleted) was that you can't access requests with a user token, and app tokens can only access requests that app has sent (and I found that out myself in the documentation and playing with the graph explorer). Since I know there are iPhone apps and browser plugins for processing requests, I assume they are accessing the page itself and parsing the data (like scraping a site). The downfall to that approach is that on the request page only around 100 requests from each app are shown at one time.
(Unless some people have found a way that they aren't sharing...)
You are right, you need the app_access_token and not the user_access_token.
I think the FB documentation has an error.
The definitive answer was provided by a Facebook developer here in response to my bug report. The resolution is that this is By Design. This relates to the note by #noah-callaway that there's probably some app-specific data in requests that should not be available to other apps.
This is a shame, in my opinion, because as Facebook is all about sharing data among friends, I think it adds a dimension to the ecosystem when apps can share (limited and reasonable) information among one another.
Thanks for the responses!