The mechanics behind the server scripts is probably the easiest part. I'll quickly
run down the process of what happens when Internet Explorer Runs hide.asp (
#1 A new ASP Session is established, an XML document is created and assigned to Session("passes").
#2 When hide.asp is requested, a new pass Element
is added to the xml document contained in Session("passes"). The pass element
has 2 attributes, guid contains a globally unique
identifier (guid). timeout contains a datestamp
For now we'll ignore the Random() function and all the other client side
#3 Based upon the last statement, hidden.asp?pass=[guid generated from hide.asp] is called.
#4 The pass parameter is stored in guid
#5 The xml document is queried for a pass element with the guid attribute=guid.
#6 The element is found, then deleted so that it cannot be used again.
#7 The timeout timestamp is compared to the current time
#8 Next the user agent is queried to make sure it at least contains "MSIE 6"
#9 Lastly the HTTP Referer is checked to see if the referer is hide.asp.
© 1997-2000 InsideDHTML.com, LLC. All rights reserved.