PHP Prevent Re submission for multiple forms on same page

Hi have checked answer from this page: But it uses action="" is it vulnerable to XSS attacks? If yes then without such solution what are my options?

I tried using header redirect. But as I have 2 forms,(in some pages 4-5 forms) header re direction is not working for me with errors.

Here is my code: (Simplified)

1st form: works ok with a redirect.

<form name="ip_block" method="post" class="form-horizontal">
            <div class="form-group">
           <label class="control-label col-sm-2" for="ip"> Enter IP:</label>
            <div class="col-sm-8">
                <input type="text" name="ip" class="form-control" id="ip" />
          </div></div>
         <div class="form-group"> 
            <div class="col-sm-offset-2 col-sm-8">
            <button type="submit" class="btn btn-default" 
            name="ip_block_add">Submit</button>
               </div></div>
             </form> 
        <?php
          if(isset($_POST['ip'])){
              if($IP = filter_input(INPUT_POST, 'ip', 
                FILTER_SANITIZE_STRING)){
              $add_ip = $mysqli->prepare("INSERT INTO block_ip(b_ip) 
                VALUES(?)");
              $add_ip->bind_param("s",$IP);
              $add_ip->execute();
              $add_ip->store_result();
              $add_ip->close();
             header("refresh:5;url=./admin-security.php");// avoiding form 
                 resubmission
             echo 'Added successfully';
              }
              else {
                    echo 'failed to insert';
              }
          }
        ?>

Form 2:

 <form name="clear_data" method="post">
            <input type="hidden" name="data_clear" value="1"/>
            <button type="submit" class="btn btn-warning">Clean Data</button>
        </form>
                 <?php
              if(isset($_POST['data_clear'])){
              if($mysqli->query("CALL clear_old_data")){ 
              header("refresh:5;url=./admin-security.php");// avoiding form resubmission
              echo 'operation successfull'; 
              }   
       else
       {
         echo 'database failure';
          }
        }
      //----
    ?>

For Second form I get error like this

Warning: Cannot modify header information - headers already sent by

For 2nd form I am using header before echo still it doesn't work. reference, I tried with javascript too but that failed.

 echo "<script>setTimeout('window.location.href='./admin-
 security.php';',4000);</script>";

Updated with Dainis Abols idea: but form re submit option is still showing on page refresh

            <form name="clear_data" method="post">
            <input type="hidden" name="data_clear" value="1"/>
            <?php
               $var=111;
               $_SESSION['var']=$var;
               ?>
            <input type="hidden" value="<?php echo $var; ?>" name="varcheck" 
              />
            <button type="submit" class="btn btn-warning">Clean 
                  Data</button>
                   </form>
                 <?php
              if(isset($_POST['data_clear']) && 
            ($_POST['varcheck']==$_SESSION['var'])){
             // Some code
             }