After browsing through static pages and paying, I'd like for the user to see a confirmation page at .com/confirmation/randomkey. How do I create the random key after payment if I didn't create it before by manually adding a php file to my server. There's no point in creating the URL before since I don't know who's gonna purchase and every single one should be unique.
You can user SEO-Friendly Links in order to rewrite the URL.
Then you will be able to handle the randomkey as a parameter and do not need for each user a individual page.
Example:www.example.com/confirmation/randomkey will be rewritten to www.example.com/?a=confirmation&key=randomkey
This is often used by MVC: e.g. the first parameter (confirmation) will be the controller and depending on the parameter (randomkey) the contentwill be different. In this case, you will not need static sites.
Okay, I need apologise as I misread your question. I can see one of the answers briefly touched on it so I will explain a little more in depth whilst utilising my answer for the random key.
So a the moment (judging by your comments and question) you have static pages but you would like the confirmation page to be dynamic.
Your best having an index.php in the root of .com/confirmation/. This can have your static confirmation page HTML along with the PHP content.
.com/confirmation/index.php?key=123456
<?php
$key = $_GET['key'] //Get key from URL which 123456
//Check if Key is set or else redirect them somewhere else
if (!isset($key)) {
header('Location: http://www.foo.com/foo.php' );
}
?>
<html>
<head> </head>
<body>
<p> Confirmation Key: <?php echo $key; //Print confirmation key to screen ?> </p>
</body>
</html>
This could also be achieved by passing data using sessions which means no data is passed via URL. This can be picked up in $_SESSION variable which can be accessed from page to page. By doing this, you would NOT need to pass the variable in a URL, you would just need to generate it from the page before confirmation and send the confirmation key. Sessions last until the browser has been closed so it's not like cookies where you can set the expiry of the data.
Page before confirmation
<?php
//Start a session
session_start();
//add to session variable
$key = $_SESSION['key'] = "Your KEY";
?>
.com/confirmation/index.php
<?php
session_start(); //Needs to start before session data can be read
$key = $_SESSION['key'] //Data is queried from server NOT URL.
//Check if Key is set or else redirect them somewhere else
if (!isset($key)) {
header('Location: http://www.foo.com/foo.php' );
}
?>
<html>
<head> </head>
<body>
<p> Confirmation Key: <?php echo $key; //Print confirmation key to screen ?> </p>
</body>
</html>
See: