Improve security on tracked links

[artfulrobot]

Tracked links look like this:

https://yoursite.org/some/path/url.php?qid=132&u=456

It is therefore very easy to scan/load every link in any CiviCRM driven website with a programmatic loop of integers for qid and u params.

CiviCRM users may not be aware of this. e.g. they may put share links to google docs that are sensitive in but could easily be harvested.

CiviCRM guards its own personal data a bit by not allowing tokens (see #30).

Suggested improvements.

Flex mailer replaces the tracked link building of core and as such it is in a good place to make some improvements.

1. include a hash/unique id on each trackable link, e.g. store this in a new column on trackable url table. This would prevent harvesting.

2. rather than the immedieate solution in Request: support tracking URLs with tokens in query strings #30 we could store the actual tokenised URLs for every contact in the tracked link url table, but add a column that stores the original url string (e.g. including {token.placeholders}. This would enable meaningful reporting e.g. "12.2% of people clicked the /donate-now?cs={contact.checksum}&cid={contact.id} link` while also allowing tracking of any link - tokens could even be in the domain or path. I think Mailchimp offers this sort of thing.