I fail to see how this solution prevents tampering with the coupons. Surely if the only access that users have is to the web server this is no safer than building the PDF there?