In a Nutshell: this is a question, about improving the security of sessions in-order to prevent them from session fixation/hijacking

I have a user registration form, login and article posting form.
Now, when user registers, logs in or posts somethings there is always thank you page different for all three. More specifically ‘thankyou.php’

The problem is users can access the static thank you page, by typing the url ‘site.com/thanks.php’

I don’t want this to happen, I want those page to show up only when a specific tasks have been arbitrated.

So, I thought about about making sql query’s to see if users has posts for the last 5 seconds and show thank you page, or show 404 but, It’s seems unnecessary to create a query just for than one. And, Since I think PHP is flexible if you guys give me an idea I could probable learn something new on the way, on how to achieve this.