php - Deny direct access to success url in ecommerce website by typing it -

bottom line: how prevent direct access success page when transaction done (filename thankyou.php) if he/she knows url. have integrated ccavenue payment gateway in application.

full detail: have made ecommerce web application (still under construction).

on checkout page, whenever user clicks proceed payment button, generating unique ordercode , saving in session , calling session value in success url page , inserting details in order table , if ordercode not set, heading user away //www.example.com/store/

now, suppose knows success url (//www.example.com/store/thankyou.php) ccavenue redirecting after successful payment of amount merchant, types url directly. want user should not directly access typing in url bar, when payment done, thankyou.php file has shown 2 minutes , not more that. , after 2 minutes, if tries access success url page again, should not see success page again.

after bit of research, many of them have said use $_server['http_referer'] knowledge can bypassed if user tries do.

so how achieve ?

any highly appreciated. thank you.

after successful payment, ccavenue redirect our successurl details post url/get url.

whet need on top of thankyou.php page unique value return parameters,

in if block check set parameter , delivery address against particular customer not find in database display thankyou message , save delivery address of customer.

in else block redirect other page customer if hit again same url of thankyou page he/she cannot see page instead take redirected page.