Putting it simply, the plugin adds a new table to the database. That table contains two fields. 'SessionID' and 'SessionRand'. SessionID is a timestamp (which should, in theory be totally unique), and then SessionRand holds the value of the string.
The date is then hidden in a variable, which is passed along to the PRE hook. The PRE hook then looks up in the database for a session ID the same as what was submitted, and see's if the string is the same. If it is, the submission is accepted. If not, they are returned to the add page, with an error.
Cheers
Andy (mod)
andy@ultranerds.co.uk
Want to give me something back for my help? Please see my Amazon Wish List
GLinks ULTRA Package | GLinks ULTRA Package PRO
Links SQL Plugins | Website Design and SEO | UltraNerds | ULTRAGLobals Plugin | Pre-Made Template Sets | FREE GLinks Plugins!