: How Do I Prevent Users from Accessing a Page More Then Once? Hi I have a URL say for example http://www.xyz.com/form1.html. Now i need to hide this URL since I dont want people to keep coming

@Pope3001725

You need to have that page require a token to work. If that token is missing the page will not load (or takes the user to an error message). If a token is present it is matched against a database of tokens to see if it is valid and not expired or used. If it is expired or already used show the error message. If it is valid then allow them to complete the form and download the file. Then update the database to reflect it as being used and no longer is valid.

For example:

You send the user to Paypal to make payment. Before you do you create a unique token for them and place it in your database.

The user gets redirected to the form after making payment at Paypal. The URL they are sent to will resemble something like this: www.xyz.com/form1.php?token=anc4wqfnpq4qp3y. form1.php is the form and anc4wqfnpq4qp3y is the unique token for that user's one visit.

When that page loads it will check the database to see if that token:


is present
is no expired
has not been used


If it is invalid you can show them an error message. If it is valid then they can complete the form normally.

Once they complete the form and get the contents you deliver you need to update your database to mark that token as invalid.

To make it even more secure you can match the token and the user's ID to make sure both match but that's up to you.

Vote Up Vote Down