How to Set a Secure Affiliate Cookie

When you have an affiliate program, browsers sent to your website by your affiliates will need to be associated with the affiliate, which generally involves setting a cookie. The cookie contains the affiliate's identification.

When a purchase is made, your affiliate software can use the information in the cookie to determine which affiliate sent the buyer to your website. Because of the cookie, you know who has earned a commission.

The code in this article sets a secure cookie. The cookie's name can be customized for whatever name your affiliate software expects. The cookie is set with JavaScript — so it can be used on *.html and other web pages and not be restricted to only *.php pages.

To enable the functionality, insert the JavaScript into your web pages.

When a site visitor loads a web page that has the JavaScript, the JavaScript determines if the URL to access the page has a parameter. (A URL parameter is information following a "?" in the URL.)

If a parameter is found at the end of the URL used to access the web page, a cookie is set with the parameter as its value. The cookie's name will be what you specify when you customize the JavaScript, as noted further below.

In these URL examples, the bolded part is information stored in the cookie; in essence, everything following the "?" character except a page scroll-to location marked with a "#" character.

https://example.com?AffiliateID
https://example.com/page.php?id=AffiliateID
https://example.com/books/?AffiliateID#scrollto
https://example.com?tag=AffiliateID&special=yes
https://example.com?AffiliateID&books=only#scrollto

When you distribute link URLs to your affiliates, the parameter (the bolded part, above) needs to be specified in a way that your affiliate software can understand.

Here is the source code for the JavaScript cookie setter. There are two customizations, the cookie name and how many days the cookie shall last.

<script type="text/javascript">
function SetAffiliateCookie()
{
   // Customization:
   let CookieName = "AffCookie"; // Alphanumeric characters and underscores only.
   let DaysBeforeExpiration = 30; // Number of days for the cookie to last (may be 0 for session-only cookie).
   // End of customization
   let cookie = CookieName + "=" + encodeURIComponent(location.search.substring(1));
   if(DaysBeforeExpiration>0)
   {
      let d = new Date().getTime();
      d += parseInt(DaysBeforeExpiration*24*60*60*1000);
      cookie += "; expires="+(new Date(d).toUTCString());
   }
   cookie += "; path=/; secure";
   document.cookie = cookie;
}
if(location.search.length) { SetAffiliateCookie(); }
</script>

Customizations:

1. CookieName = "AffCookie";

   Replace AffCookie with the cookie name your affiliate software expects. Cookie names may be composed only of alphabet, number, and underscore characters.

2. DaysBeforeExpiration = 30;

   Replace 30 with the number of days the cookie shall last. It may be a decimal number, such as 1.5 for a day and a half. If you specify 0 or a negative number, the cookie will be set as a session cookie. A session cookie generally lasts until the browser closes, but may be removed at other times depending on the browser.

When the customization is done, make the JavaScript available at every web page that shall set the cookie when a browser arrives with an affiliate link URL.

That's it for installation. Test the system and you are good to go.

(This content first appeared in Possibilities newsletter.)

Will Bontrager