In reply to a post by XRaySpeX:

The diff is your TsoHost link leads to their home page whereas OP's leads to a specific subsidiary page w/out specifying it in his URL. Is that your neat trick?

Yes. Only I didn't click his link and have no record of it, so have no idea where it went. I'm taking your word for it that it went to a relevant page.

In reply to a post by XRaySpeX:

HP does it with ".../home/?p=nnnn".
Nectar does it with ".../?clk_rvr_id=xxxxxxxx". .... Oh no, it doesn't! It does it differently with diff sites, not all involving "?"

The '?' is the way the link is telling the other end that it is passing a variable (the characters before the '=' sign define its name) and a value (the bit after the '=' sign) pair to the recipient page. You can also pass several values at once i.e

home.html?p=634&r=yes&user=xrayspecs

and so on with '&' as a separator.

With the last one in that example, it's obvious what value you are passing for the variable named 'user' but with the earlier ones there will be code to look up what value, for instance, 636 means for the variable 'p' in the example above, either in the code or via a database etc. If the programmer has his head screwed on properly, he won't make the variable and its value that obvious though.

If there is no page defined, i.e. 'home/?x=3' which means the 'home' directory, then the parameters go to the default page for that directory (often index.htm or index.php but could be defined to be anything internally).

It's called the 'GET' method and it's not the best way of passing a value since you can easily call the page with your own values substituted if you wanted so the characters are often encrypted to prevent this.

The other way of doing it is via a method called 'POST', such as on a web form where you fill in all the data and hit a button. The values are then all carried within the headers of the web page when sent and so is more secure.

If that basic explanation doesn't make sense please yell!

Edited by tbailey2 (Sat 14-Jul-12 08:01:52)

Ta! Nice explanation & sufficient for my purposes.

I take it that a variable can not only set a data value in the state machine but also determine which page to display next, as in the OP's link (which has now gone, but I have given its form in an earlier post).

Yes, it can basically do anything the original programmer wants.

From simply using the affiliate or other innocent looking link in the way expected and generating the sender some revenue, to, on the down side, also/or redirecting you off to a malicious web page that loads some dodgy software on your machine in a 'drive-by' attack.

Bear in mind that the remote machine will also have your browser info and your IP address via the server it's running on plus other useful information. If that IP is a static one and not proxied, then other possibilities open up such as a port scan to see if there is a way into your machine.They could also maybe be aware of a vulnerability in a particular browser version and be looking to attack people using that browser. The possibilities are endless.

Edited by tbailey2 (Sun 15-Jul-12 09:03:59)