HTTP_REFERER
in this case only tracks back to one page from where you came.
So you can't really on it. For example, when a user clicks an ad on a site which is orginated from OSIpage, quick access application, the http_referrer contains OSIpage as the source page.
But on the other hand, when a user click the ad on the second page, the http_referrer becomes the same site.
HTTP_REFERER
is therefore unreliable indeed. It might not be there, it might be forgotten, you just can't trust it if it's for security reasons.
Just try with cookies
which gives you better control from where your site originated.