Here's my dilemma for my proxy - I'm putting a CPALead on the index of the proxy. Once you fill it out, you can use the form on index.php to access browse.php

The problem is, anybody can access browse.php directly, bypassing index.php.

And normal site hot linking doesn't work because somebody can just go on any other page on my site and then hotlink.

So what would be a way that I could REQUIRE a user access my browse.php through my form on index.php - and only that form?

I don't know how to integrate sessions with that form, and I am thinking something along the lines of a random key? And it needs to expire every 2 hours.