I wrote a php script that displays product information obtained from a retailers product feed. The links to individual products from my site first pass through a second php page on my site designed to handle the blocking of unwanted referrers as well as allowing me to make my on-site links more descriptive.

Everything works well and the product number is passed between pages using the URL.

I'd like to secure this a little more to prevent someone from attempting to visit the link handling page by directly typing its URL into their browser along with something other than the product number MY links provide.

Complications: The script runs database free so storing product numbers to check as a reference isn't possible and since the valid product numbers aren't available to the link processing page I'm not sure how I would construct a suitable if command.

I don't want example.com/page.php?productnumber to be changed to example.com/page.php?usertypedjunk or the script as is would pass the junk to the retailer.

I could combine the pages easily but would this not also be unsafe to do? Suggestions ?