Usually when you send a link to somebody to someones social profile it will ask you to create an account to see it. But say i didn't want to do that, rather i wanted to give them a link that could not be indexed by search engines and something that was rather complicated to guess so that the person can see the content on that link, i was thinking something like:
www.domain.com/user/content/private/secured/90989834093/testcontent.php
How do i achieve that securely?
Instead of doing that, you can generate a one-off random access token and use it in a querystring. The token would be stored in a database which would know if it has been previously accessed or not. When the page is hit, the token is checked against the database, and if still active the content would be served.
As Truth has commented below, this would work well in conjunction with a Session or Cookie so you could continue to serve the authenticated user the page after the access token has been used.