here's an odd post... I was building a tracking system to track hits to a website and was looking at another company's tracker to get some insite. What I discoverd was very odd.
The way they work is they give users a javascript code to paste into their page. This code gets the info from the viewer (browser, screen size, etc) and document writes an image link to an image on thier server, but heres the odd part... the image link has a query string on the image name with the info it received from the user's system. ie:
document.write = '<img src="www.server.com/fake.gif?sres=' + sres + '&browser=' +brow + ' " height="1" width="1">
like that (but formatted correctly...im just throwing it out there to give an idea. I built a page with nothing but a javascript alert and then renamed it .gif and it will exicute the javascript, but my test concluded that the trick will not work on asp. I did however make a javescript redirect to an asp page and named it .gif and that worked.
My main question is how are they adding the info from the query string into the database (the user never sees anything)...
sorry if i am unclear but i was interuppted in the middle of this post and hope i covered it all . also, is this an old trick i have never heard of?
thanks in advance,
Michael