Show page conent if reffered otherwise 404

i want to show page contents to a visitor if page is clicked through a site, otherwise show 404 page, i mean no direct access
for this i am using this reffer code.

<?php
if(!isset($_SERVER['HTTP_REFERER'])){
    // redirect them to your desired location
    header('location:404.php');
    exit;
}

?>

but if user directly access same page in same browser again he gets 404 i want to show page content even if user access it again in same browser . for this i applied the session

<?php
session_start();// At the very top of your page. Literally THE TOP.

// Set our session variable only if it is not currently set. 
if (!isset($_SESSION['referrer'])) {
    $_SESSION['referrer'] = $_SERVER['HTTP_REFERER'];
header('location:404.php');
    exit;
} ?>

it works even if visitor refresh or direct access the page in same browser but if i check this code after clearing the cache on first click i gets 404. on next opening it works fine why it shows 404 on first try
any idea what issue in this code

It’s not an issue in the code. When you say ‘clearing cache’, i assume you mean you’re dumping your cookies as well.

The cookies that contain the session identifier cookie that you send to the server to identify yourself.

Do you see where that will be a problem?

this code is working but only on 2nd click because on first click i got 404 but if i click the link again it works fine why its not working on first click

<?php
session_start();
if (!isset($_SESSION['referrer'])) {
$_SESSION['referrer'] = $_SERVER['HTTP_REFERER'];
header('location:404.php');
exit; } ?>

It is working on the first click.

Okay. Let’s see if I can clear the confusion.
First Visit
You visit the page.
You start a session.
PHP says “no session information was given to me, so create a new session, and give the browser a cookie with this greatbiglongstringthatuniquelyidentifiesthesessionimstarting.”
Browser receives the cookie. Puts it away for future requests.
Your IF checks the $_SESSION superglobal, which is empty, so it sets ‘referrer’ into greatbiglongstringthatuniquelyidentifiesthesessionimstarting 's session variables in its local storage, and then redirects the user.

Second Visit
You visit the page.
Your browser, having a cookie for this site, sends it along with the request.
You start a session.
PHP says "Ah, this request had a cookie with it, so i know this request belongs to session number greatbiglongstringthatuniquelyidentifiesthesessionimstarting. Load the session variables for that session into the _SESSION superglobal." Your If then checks the _SESSION superglobal for ‘referrer’, and finds it. So it skips over your if block, and proceeds down the page.

YOU CLEAR COOKIES

Third Visit
You visit the page.
The browser has no cookie to send along with the request, so it doesn’t.
You start a session.
PHP says “no session information was given to me, so create a new session, and give the browser a cookie with this greatbiglongstringthatuniquelyidentifiesthesessionimstarting2.”
Browser receives the cookie. Puts it away for future requests.
Your IF checks the $_SESSION superglobal, which is empty, so it sets ‘referrer’ into greatbiglongstringthatuniquelyidentifiesthesessionimstarting2 's session variables in its local storage, and then redirects the user.

if i request you how you can apply session on this code

<?php
if(!isset($_SERVER['HTTP_REFERER'])){
    // redirect them to your desired location
    header('location:404.php');
    exit;
}

?>

What you have coded would be the correct definition for a session based sequence.

If you want a more permanent solution, it would be applied as a cookie based sequence rather than a session based one.

But neither of them will survive you deleting your cookies from your browser - at that point, the website has no way of knowing what browser it is that is connecting. You’ve told your browser to forget everything about example.com, and it has - including the fact that it’s ever been there.

after getting 404 once, if i click the link again it still show me 404, on 2nd click work normal . how we can del saved session .

Could you not simply check whether $_SERVER['HTTP_REFERER'] is from the same domain? Maybe I’m missing something.

how to force file to neglect previous 404 error and start with new session