Hello. How to find out the id of the user who visited our site without the participation of the user?
Those. when a user visits our site asynchronously, a request is sent from our site to the VKontakte site, and the user ID returned to the site is returned.
Thank.
Vitalina
eleven 1 golden mark 2 silver marks 8 bronze marks
Maksim147 Maksim147
497 1 golden mark 6 silver marks 24 bronze marks
- I think it does. Answer for yourself the question: what data will the site send in the request to VKontakte to identify the user, and will VKontakte give you the Id of the user by his IP? - MasterAlex
- fiveHow to violate the visitor’s privacy? I hope that in any way. If there is any way, you should immediately inform VK about it, so that they close it. - VladD
- habrahabr.ru/post/238565 I recommend digging from here - S_G
- one"You are not authorized in VKontakte" while I am authorized - Maxim147
|
2 answers
For those VC users who have installed one of the applications whose domain is the same as that of your fish page.
- Only the application id is needed, the secret is not required.
See the OpenAPI section - there is an example of the code "Example of authorization through the Open API":
<script src="//vk.com/js/api/openapi.js" type="text/javascript"></script> <div id="login_button" onclick="VK.Auth.login(authInfo);"></div> <script language="javascript"> VK.init({ apiId: ВАШ_API_ID }); function authInfo(response) { if (response.session) { alert('user: '+response.session.mid); } else { alert('not auth'); } } VK.Auth.getLoginStatus(authInfo); VK.UI.button('login_button'); </script>
Already when entering the page, it will output the VC id alert if the user has previously installed this application, agreeing to give him access to his basic information. Instead of an alert, you can send it with ajax to your statistics server.
Sergiks Sergiks
28.3k 3 gold marks 39 silver marks 78 bronze marks
- Alert only displays the ID of the person who created this application. If you log in from another account, always 'not auth'. - Maxim147
- Of course, this is the default state - Maxim147
- Have you tried to test from another account? - Maxim147
- @ Maksim147, you are right, my fault! )) Checked on different accounts, all of which have already installed the once used application - and then gave permission to access their personal data! Acts only on those who have installed the application itself, whose domain matches the phishing page. What noticeably narrows the coverage:) - Sergiks
|
Actually, it is necessary for the user to log in to the site through the VC, and there in the response from the VC there will be a user ID.
And so hardly anything that will help.
Vitalina
eleven 1 golden mark 2 silver marks 8 bronze marks
Vitaly RS Vitaly RS
1,202 6 silver marks 21 bronze marks
|
Protected by community spirit ♦ Nov 9 '15 at 21:30 .
Thank you for your interest in this issue. Since he collected a large number of low-quality and spam responses, which had to be deleted, now it’s necessary to have 10 reputation points on the site (the bonus for account association is not counted ).
Maybe you want to answer one of the unanswered questions ?