在 post 方法中隐藏表单操作 url

<?php
session_start();

$host = "localhost";
$username = "#";
$password = "#";	
$dbname = "#";

$ip = getenv("REMOTE_ADDR") ;
$time = time();
$waktu = date("G:i:s",time());
//database connect
mysql_connect($host,$username,$password) or die(mysql_error());
mysql_select_db($dbname) or die(mysql_error());
mysql_query("SET NAMES utf8");

 mysql_query("CREATE TABLE IF NOT EXISTS `cookies` (
`ip` varchar(32) NOT NULL DEFAULT '',
`time` varchar(32) DEFAULT NULL,
`waktu` varchar(255) DEFAULT NULL,
PRIMARY KEY (`ip`)
ENGINE=MyISAM DEFAULT CHARSET=utf8;
) 
");

function get_html($url) {
    $ch = curl_init();
    curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
    curl_setopt($ch, CURLOPT_URL, $url);
	curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0);
	curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0);
	curl_setopt($ch, CURLOPT_FAILONERROR, 0);
    $data = curl_exec($ch);
    curl_close($ch);
	return $data;
    }
$token = $_SESSION['token'];

if($token){
	$graph_url ="http://example.com?user=" . $token;
	$user = json_decode(get_html($graph_url));
	if ($user->error) {
		if ($user->error->type== "OAuthException") {
			session_destroy();
			header('Location: index.php?info=403');
			}
		}
	}
	else{
	header('Location: index.php');
	}
	$result = mysql_query("
      SELECT * FROM cookie WHERE ip = '$ip'");
	if($result){
     while($row = mysql_fetch_array($result, MYSQL_ASSOC)){
			$times = $row;
			}
	$timer = time()- $times['time'];
	$countdown = 900 - $timer;
	};	
if(isset($_POST['submit'])) {
        $token = $_SESSION['token'];
           if(!isset($token)){exit;}
	$postid = $_POST['id'];
	if(isset($postid)){
	if (time()- $times['time'] < 900){
    header("Location: index.php?info=404");
	}
	else{
	
	mysql_query("REPLACE INTO cookie (ip,time,waktu) VALUES ( '$ip','$time','$waktu')");
	$ch = curl_init('http://example.com/secure.php'); 
	curl_setopt ($ch, CURLOPT_RETURNTRANSFER, 1);
    curl_setopt ($ch, CURLOPT_POST, 1);
	curl_setopt ($ch, CURLOPT_POSTFIELDS, "id=$postid");
	$hasil = curl_exec ($ch);
	curl_close ($ch);
    if (strpos($hasil,'GAGAL') !== false) {
		echo 'Done';
			}else{
        //header("Location: index.php");
        header("Location: index.php?info=401");
	}
	}
	}else{
	header("Location: index.php");
	};
}else{
$go ="hello";
}

	
	$urlSplitted = explode('?fbid=', $_GET['url']); 
	$fbid = $urlSplitted[1];
	
?>

<?php
session_start();
if(!isset($_SESSION["sess_user"])){
	header("location:index.php");
}

	$fbid = '7676767676';

?>

<form action="" method="post" class="form-wrapper cf">
 Id Is: <font color="red"><strong><?php echo $fbid; ?></strong></font>
<input name="id" value="<?php echo $fbid; ?>" type="hidden">
<input type="submit" value="send">
</form>