I want to secure the url path of my site.... i dont want the users to see the id through the url... how do i do that?

or other ways how to
block users to just type the id and go to pages

I just fixed this same problem on my site a few days ago. There are lots of different ways to generate a random id but the one I settled on was...

Now when a record is created in the DB it auto increments the ID but the INSERT statement also creates an RDID which is the random number. You can now use the RDID for $_GET queries.

There's no need to mess with $_SESSIONS since the $_GET will have the RDID. If someone messes with the URL it will kick to a page with "No Records Found".

www.phpfive.net (http://www.phpfive.net/pseudo-random-php-functions-and-truly-random-number-generators_article2.htm)