Is there any way to have for example:
**result.php**
Only work if requested by:
**input.php**
Otherwise throw an error.
Obvious NO direct access to result.php but also NO access from any other page except input.php.
Is this something that can be accomplished and how? I've tried googling things like "limit page access to specific other page" etc.. but it yield nothing relevant, just unrelated stuff like changing chmod etc and this is not what I'm after.
Many thanks for any help.... Or at least pointer on how I should formulate the question.
If you're just trying to prevent people from accidentally opening the wrong page, referer checking is sufficient. The HTTP Referer header contains the URL of the page that linked to the one being requested, so in your result.php code, you can check that the referer is the correct URL for your input.php page.
However, the referer header is sent by the client (e.g. browser), so you're relying on it to tell you the truth. A skilled user can request your result.php page with a fake referer header that says they came from input.php when they really didn't. This is called referer spoofing.
If you need to prevent that, for security reasons, then you need to use PHP's session support to keep track on the server of which steps the user has completed so far, so that when the user tries to access result.php, you can check for the prerequisites in a way that can't easily be spoofed.