How can I write .htaccess so that it only gives access from the form?

Question

Here is my code:

<files contacts.html>
order allow,deny
deny from all
Allow from access.php
</files>

I do not want contacts.html DIRECTLY accessed from the URL. I have a form on the index.html page that has a form with the action access.php. Once it confirms, it redirects it to contacts.html using the header function.

Answer 1

You will want to use $_SESSION,

On access.php

session_start();

// some code here to authenticate

$_SESSION['hasAccess'] = true;

// redirect

Change contacts.html to contacts.php and at the top of this page

session_start();

if($_SESSION['hasAccess'] !== true){

    header('Location: index.php');
    die;

}

// the rest of your code