PHP Script - Protect Referral Link - Need Feedback On Possible Uses!

N

NetBrilliance

Newbie
Joined
Jan 18, 2008
Messages
7
Reaction score
23
I've been working on gathering information on the best methods of blanking or spoofing referral information in affiliate cookies be used on ebay and other auction sites. I know this has been a widely discussed topic here and wanted share/get feedback on possible uses for this script.

It has an admin section with default login of admin/admin that displays campaign name, real affiliate link url, and encrypted (hashed) url you place on your web pages to make creating/updating links on your webpages as easy as a copy and paste.


Heres the script:

<?php
######################################################################
#
# referral link cloaker and forwarder
#
# showcase.php
#
######################################################################
#
# SETUP: Your referrral link ad campaigns
#
# Array ( "campaign name--referral link url" );
#
# -- is default delimiter between campaign name and referral url
$referral_campaigns = array(
"campaign 1--http://referrer-website-1.com/?referral_id=fdbfbrererehrehr444",
"campaign 2--http://referrer-website-1.com/?referral_id=hjyj4t43t43t43tgfff",
"campaign 3--http://referrer-website-1.com/?referral_id=hjgfdgfrrrrjtye4544",
"campaign 4--http://referrer-website-1.com/?referral_id=gy54y45y4ufggfnfgnn",
"campaign 5--http://referrer-website-1.com/?referral_id=5y7u65u76j56j5656j5",
"campaign 6--http://referrer-website-1.com/?referral_id=greerercvvvvvvvvvvv",
"campaign 7--http://referrer-website-1.com/?referral_id=k86kk6h5hb4nnnnnnnn",
"campaign 8--http://referrer-website-1.com/?referral_id=grg43g34g43g34g4g43",
"campaign 9--http://referrer-website-1.com/?referral_id=rbbnerbrbreberbrerb",
"campaign 10--http://referrer-website-1.com/?referral_id=gngfngfngngngngfnn",
"campaign 11--http://referrer-website-1.com/?referral_id=asasasasasasasaasa",
"campaign 12--http://referrer-website-1.com/?referral_id=123456789012343788",
"campaign 13--http://referrer-website-1.com/?referral_id=j76j7j65h35fsdfdff",
"campaign 14--http://referrer-website-1.com/?referral_id=3t45tty3453g344g43",
);
#
# $phpself finds the URI to this script
#
$phpself = "http://" . trim($_SERVER['HTTP_HOST'], "/") . $_SERVER['PHP_SELF'];
#
# ADMIN DISPLAY
#
# to access admin: http://your-website.com/path/to/this/script.php?admin
#
if (isset($_GET['admin']))
{
#
# change username and password to your preference
#
$admin_password = "admin";
$admin_username = "admin";
if ((isset($_POST['submit'])) && ($_POST['admin_name'] == $admin_username) && ($_POST['admin_password'] == $admin_password))
{
echo "<html><head><title>referral link admin</title><style type='text/css'>th{border: 2px solid black;}td{border: 1px solid black;}</style></head><body>";
echo "<table width='100%'";
echo "<tr><th>campaign name</th><th>real referral link</th><th>encrypted referral link</th></tr>";
foreach ($referral_campaigns as $individual_campaign)
{
$campaign_array = explode("--",$individual_campaign);
echo "<tr><td>".$campaign_array[0]."</td><td><a href='".$campaign_array[1]."'>".$campaign_array[1]."</a></td><td><a href='".$phpself."?id=".md5($campaign_array[1])."'>".$phpself."?id=".md5($campaign_array[1])."</a></td></tr>";
}
echo "</table>";
echo "</body></html>";
exit;
}
else
{
#
# dislay admin login
#
echo "<html><head><title>please login</title></head><body>";
echo "<form name='login' method='POST' action=''>";
echo "<p><input name='admin_name' type='text' MAXLENGTH='50' /> :Username</p>";
echo "<p><input name='admin_password' type='text' MAXLENGTH='50' /> :Password</p>";
echo "<p><input name='submit' type='submit' value='Login' /></p>";
echo "</body></html>";
}
}
#
# if id QUERY_STRING is set
#
if (isset($_GET['id']))
{
#
# loop through the array
#
foreach ($referral_campaigns as $individual_campaign)
{
#
# make new array out of each line
#
$campaign_array = explode("--",$individual_campaign);
#
# if the URI QUERY_STRING equals the hashed value of the array_key 1 data (afiliate url)
#
if ($_GET['id'] == md5($campaign_array[1]))
{
#
# redirect immediately to the affiliate url
#
header("Location: ".$campaign_array[1]."");
exit;
}
}
}
#
# if script is accessed directly or if 'id' isnt in the array, do nothing and show a blank page
#
#
?>
 
Advertise on BHW
Things like this aren't so much a referrer blank or spoof as it is a cloaking method.

Redirects like this are nifty because they can cloak your referrer in predictable ways, and are generally easy to test/verify.

Using a JS Variant you could probably even do things like load Google Analytics to track hits.

The major drawback that I've noticed is that it's hard to explain why your traffic is cloaked, and it's hard to implement these redirect methods on your site in a way that doesn't scream "cookie stuff!"

The real holy grail of referrer spoofing would be something more like:

I came from myspace.com/blackhat, but your server logged me as coming from mydomain.com/offer/ which is the registered affiliate page for this program.
 
Advertise on BHW
You must log in or register to reply here.
Sign up now!

Main Menu

Home Main Forum List Black Hat SEO White Hat SEO BHW Newbie Guide Blogging Black Hat Tools Social Media Downloads

Marketplace

Account Selling Content / Copywriting EBooks / Methods Hosting Misc Proxies For Sale SEO - Link building SEO - Packages Social Media Social Media - Panels Web Design More

Making Money

Affiliate Programs Hire a Freelancer IM Journeys Making Money Pay Per Click Site Flipping Want to Buy

BlackHat World

Dispute Resolution Forum Suggestions & Feedback Introductions Lounge
Back
Top