A simple example of PHP preventing post from repeatedly submitting data

During an Empire interview, this question was asked: How to deal with duplicate questions submitted by post, and then communicated with @Nuanyang. He said that recording time, I don't understand. I want to use session to record on the form page, then submit page judgment. If equal, it will be considered successful and empty session. But one question is if the form page is html, what should I do first?Do you want to change an php validated page?Similar to Authentication Code. There is also an header header to set expiration time... but not tried. Here is what I wrote by php and tested to be available.

<?php
// open session
session_start();
// If there is a submission identification 
if(isset($_GET['action']) && $_GET['action'] === 'save'){
 // If there is session And with the value passed in 1 Submit only then 
 if(isset($_SESSION['__open_auth']) && isset($_POST['auth']) && $_SESSION['__open_auth'] == $_POST['auth']){
  print_r($_POST);
  $_SESSION['__open_auth'] = null;// empty 
 } else {
  // Walk Up 
  header("location: post.php");
 }
 exit();
}
// To grant authorization 
$auth = $_SESSION['__open_auth'] = time();
?>
<!doctype html>
<html>
<head>
 <meta charset="UTF-8">
 <title>post</title>
</head>
<body>
 <form action="post.php?action=save" method="post">
  <ul>
   <li>
    <input type="hidden" name="auth" value="<?php echo $auth;?>">
    <input type="text" name="userName">
   </li>
   <li>
    <input type="password" name="userpass">
   </li>
   <li>
    <input type="submit" value=" Walk Up ">
   </li>
   <li>
    <?php echo time(); ?>
   </li>
  </ul>
 </form>
</body>
</html>