How to use $_SERVER['HTTP_REFERER'] correctly in php?

Question

Lets say i have two pages page1.php and page2.php and i want page2.php to be displayed only if it is redirected form page1.php

Answer 1

I advise against using $_SERVER['HTTP_REFERER'] as it can be easily spoofed.

Instead , you could set a cookie when they load page 1 using setcookie("page1", 1); before any markup is output. Then check for it on page 2 using

if(isset($_COOKIE['page1']))
{
    //keep displaying page2.php
}else{
    //if it is not redirected from page1.php
    header('Location:page1.php')
    //redirect the user back to page1.php 
}

By not specifying the expiry date the cookie will expire when the browser is closed. In this situation, using cookies also makes for much more readable code to others.