It seems the user agent class leaves a lot to be desired in regards to truly detecting people versus bots. I know there are inherit problems as the list of bots changes and grows everyday.

So I’m trying to create a little app that will test my clients campaign performance. Aka - Page A gets more clicks & sales then Page B.

I’m using a redirection script for the first page hit. So affiliate ‘1234’ will send his traffic to page http://example.com/aff/1234 - then i do a db lookup to see where to send 1234, i then redirect to the page they have set.

so http://example.com/aff/1234 might redirect to something like http://example.com/myspecialoffer/1234

I track on the pages I redirect them too ... not the redirect controller. So my script should register a click for http://example.com/myspecialoffer/1234 and if they buy, then a sale.

This works perfectly ... and it all tracks, but bots reek havoc and the #‘s are not usable.

So ... seeing that the bot list grows and grows, I thought ... what if in my redirection script (where i cookie the affiliate #), i set a cookie ... then in the tracking script that loads on the landing page, i look for this cookie. if it’s present, i can track, if it’s not ... i won’t.

It seems googlebot doesn’t set cookies, but my early test shows that yahoo, or something pretending to be them ... does indeed set a cookie.

I thought bots don’t set cookies ... but then again, i guess they most certainly can!

argh! any ideas on how to ensure that this is a person, not a bot?