If you want to restrict access to those users who clicked a link on a specific web page, you would have to use PHP and reference $_SERVER. But this value can't really be trusted. From the PHP manual:
The address of the page (if any) which referred the user agent to the current page. This is set by the user agent. Not all user agents will set this, and some provide the ability to modify HTTP_REFERER as a feature. In short, it cannot really be trusted.
This is about as good as you can get if you want to be sure people arrive at your page by clicking a link on another specific page; there is no easy way to tell how someone arrived at a page.
Well, perhaps you could create a session cookie that stores the URL (or an ID code) of the page visited on your web site. Then the first thing your protected page does is check the cookie. If it contains the right URL or code, you set the cookie to the protected page's URL or code and allow access. If not, you send her elsewhere (maybe redirect to blank:, maybe to a random search on Google, maybe to an error). Of course, this means that *every* page of your web site must set the cookie.