I have seen the service like spypig.com placing a small image in the email and tracking when it is opened and from where. They track city, country, IP address etc. How is this done?
Basically, in the HTML body of your email, there will be an <img>
tag that would look like this :
<img src="http://www.yoursite.com/tracker.php?id=123456" alt="" />
When someone reads his mail, with images enabled, the email-client will send a request to tracker.php
, to load the image, passing it id=123456
as a parameter.
This tracker.php
script will be on your server, and, when called, it will :
id
parameter, id
different for each e-mail.
The tracker.php
script knows from which IP address it's been called -- like any other PHP script :
$ipAddress = $_SERVER['REMOTE_ADDR'];
And, starting from this IP address, you can use a geolocation service to find out from where in the world the email has been opened.
As a couple of examples, you could take a look at MaxMind, or IPInfoDB
As you know that id=123456
corresponds to one specific email address, this allows to find out where each one of your subscribers are.
1. Place the tracker image at the E-mail
<img src="http://www.yoursite.com/tracker.php?eid=123456&uid=123" alt="" width="1px" height="1px">
Its working is very simple, Once your mail is open, that tracker image sends the request to the server, from that request we can get information by creating the image URL with userID, and also consider as that mail is read by the user.
Note: Don't use display: none; property for hiding your images, it may filter by spam algorithm. And don't place any javascript codes, it also blocks the spam filter
2. On the tracker.php
<?php
header("Content-Type: image/jpeg"); // it will return image
readfile("img.jpg");
dbfunction(); // place your db code
?>
3. The ip address is get by the following function.
function get_client_ip() {
$ipaddress = '';
if (isset($_SERVER['HTTP_CLIENT_IP']))
$ipaddress = $_SERVER['HTTP_CLIENT_IP'];
else if(isset($_SERVER['HTTP_X_FORWARDED_FOR']))
$ipaddress = $_SERVER['HTTP_X_FORWARDED_FOR'];
else if(isset($_SERVER['HTTP_X_FORWARDED']))
$ipaddress = $_SERVER['HTTP_X_FORWARDED'];
else if(isset($_SERVER['HTTP_FORWARDED_FOR']))
$ipaddress = $_SERVER['HTTP_FORWARDED_FOR'];
else if(isset($_SERVER['HTTP_FORWARDED']))
$ipaddress = $_SERVER['HTTP_FORWARDED'];
else if(isset($_SERVER['REMOTE_ADDR']))
$ipaddress = $_SERVER['REMOTE_ADDR'];
else
$ipaddress = 'UNKNOWN';
return $ipaddress;
}
$PublicIP = get_client_ip();
4. Location:
The location is getting by any geolocation services, you can use open-source GeoLocation finder like nekudo,freegeoip.
for example
<?php
$json = file_get_contents("http://ipinfo.io/$PublicIP/geo");
$json = json_decode($json ,true);
$country = $json['country_name'];
$region= $json['region_name'];
$city = $json['city'];
?>
The other answers are great but, since humanity seems convinced that "any tracking is evil tracking" I like to take it a step further by being "invisible" to the user by retaining the .png
/.jpg
/.gif
etc image file extension.
I'm not sure about compatibility with all types of web servers and hosts, but for me it was a quick change to the AddHandler directive I already had in .htaccess
, such as:
AddHandler application/x-httpd-lsphp .png
...to allow processing of PHP code within files with a .png
extension.
You might already have an AddHandler
line to allow PHP in .htm
/.html
files; if so, just add the appropriate image file extension to the end of the list.
This is, roughly, my "tracking image" code, file saved as trackimage.png
or whatever :
<?php //silently log user and return image
$ip=$_SERVER['REMOTE_ADDR'];
$uri=tidy($_SERVER['SCRIPT_URI']);
$querystring=tidy($_SERVER['QUERY_STRING']);
$useragent=tidy($_SERVER['HTTP_USER_AGENT']);
$json = file_get_contents("https://ipinfo.io/".$ip."/geo");
if(($json<>'')&&(strpos($json,"error")===false)){ extract(json_decode($json ,true)); }
$country=tidy($country);
$prov=tidy($region);
$city=tidy($city);
list($lat,$lon)=explode(',',$loc);
$lat=tidy($lat);
$lon=tidy($lon);
$sql = "INSERT INTO img_track_table set ip='$ip', useragent=$useragent, uri=$uri, "
."querystring=$querystring, country=$country, prov=$prov, city=$city, lat=$lat, lon=$lon;";
require 'connect.php'; $conn=new mysqli($servername, $username, $password, $dbname);
if ($conn->connect_error) { /* couldn't connect, but do nothing about it */ }
}else{ //run insert query
if(!$conn->query($sql)) { /* query error, but do nothing about it */ }
$conn->close();
}
//return image
header("Content-Type: image/png");
readfile("myActualImageFile.png");
function tidy($str){ //remove quotes and backslashes from string
if(is_null($str)||($str=="")){return "null";}
$str=trim(str_replace('\\','',str_replace("'","",str_replace('"',"",$str))));
if(is_numeric($str)){return $str;}
return "'$str'";
}
Note that if error text, or anything else, is returned by the code before the image, the image will be undisplayable. It might also be worth researching possible security concerns with this that might apply to you case. For example, this.
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With