A simple example of PHP preventing repeated data submission by post

I had this question during an interview in an empire: how to handle the repeated post submission problem? Later, I talked with @ wenyang. He said that I didn't understand how to record the time, what I want is to use the session to record the form page and then submit the page for judgment. If it is equal, it is regarded as successful and the session is cleared. But the problem is that if the form page is html, what should I do? Do you want to call a php verification page? Similar to the Verification Code function. It is also said to set the expiration time using the header... but did not try. The following is written in php and is available after testing.

Copy codeThe Code is as follows:
<? Php
// Enable session
Session_start ();

// If a submission ID exists
If (isset ($ _ GET ['action']) & $ _ GET ['action'] = 'save '){

// If a session exists and it is the same as the passed value, it is submitted.
If (isset ($ _ SESSION ['_ open_auth']) & isset ($ _ POST ['auth']) & $ _ SESSION ['_ open_auth'] =$ _ POST ['auth ']) {
Print_r ($ _ POST );
$ _ SESSION ['_ open_auth'] = null; // clear
} Else {

// Start
Header ("location: post. php ");
}
Exit ();
}

// Authorization
$ Auth = $ _ SESSION ['_ open_auth'] = time ();

?>
<! Doctype html>
<Html>
<Head>
<Meta charset = "UTF-8">
<Title> post </title>
</Head>
<Body>
<Form action = "post. php? Action = save "method =" post ">
<Ul>
<Li>
<Input type = "hidden" name = "auth" value = "<? Php echo $ auth;?> ">
<Input type = "text" name = "userName">
</Li>
<Li>
<Input type = "password" name = "userpass">
</Li>
<Li>
<Input type = "submit" value = "start">
</Li>
<Li>
<? Php echo time () ;?>
</Li>
</Ul>
</Form>
</Body>
</Html>