Any URL you click could be to a CGI script that grabs the HTTP_REFERER - which might have a user's session ID in it, if that user has set in their profile not to use cookies.
Jason Rhinelander
Gossamer Threads
jason@gossamer-threads.com
Jason Rhinelander
Gossamer Threads
jason@gossamer-threads.com