i have a registration page called register.php if the data entered is validated correctly i call a file called thankyou.php or else validate.php

presently a user after seeing the url website.com/thankyou.php if they enter the url directly in the browser as website.com/thankyou.php they can access the file, if a user accesses the file this way i would like to redirect to a page saying "Direct acess to this file is not allowed"

previously i used sessions in register.php and also in thakyou.php and validate.php and it worked fine for some reason now it is not working the way it is supposed to i might have made some changes which i do not know

previously my code in register.php was, the first few lines of register.php file
================================================== ===================
<?php
ob_start();
session_start();
if(!session_is_registered("directaccess"))
{
session_register("directaccess");
}
// rest of the html and php code
ob_end_flush();
?>
================================================== ===================
code in thankyou.php, the first few lines of register.php file
================================================== ===================
<?php
session_start();
if(!session_is_registered("directaccess"))
{
header("Location: http://website.com/directaccess.html");
exit;
}
// rest of the html and php code
ob_end_flush();
?>
================================================== ===================
NOTE = in thankyou.php i display a thank you message by retrieving the first name from register page and displaying in thankyou.php using session variables in the following way

in register.php, the first few lines of register.php file
================================================== ===================
if(!session_is_registered("firstname"))
{
session_register("firstname ");
}
$_SESSION[firstname] = $ firstname;
================================================== ===================

in thankyou.php, the first few lines of register.php file
================================================== ===================
if(session_is_registered("firstname "))
{
echo $_SESSION[firstname];
session_unregister("firstname ");
}
================================================== ===================

please advice how i should rewrite the php code in both the files(register.php and thankyou.php) so that if a user enters the url directly in the browser i can redirect to directaccess.html file

thanks.

use a cookie? if they login, set the cookie, if there is no cookie, send them on their way.

Yeah, just use a cookie.

set cookies by:

PHP Code:

setcookie('mycookie','mycookies_value',3600); 


where mycookie is the name of the cookie, mycookies_value is what data you want it to store, and 3600 is the time in seconds when you want the cookie to expire.

delete cookies by calling the setcookie() function again, with the name of the cookie:

PHP Code:

setcookie('mycookie'); 


more on cookies here: http://www.tizag.com/phpT/phpcookies.php

if you want to redirect, use this code:

PHP Code:

header("Location: mysite.com/directaccess.html"); 


Referers.

PHP Code:

if(!preg_match('/^http:\/\/(?:www.)?example.com\/register.php$/i'. $_SERVER['HTTP_REFERER'])){
//This would match register.php
header('Location: directaccess.html');
}