refactor "view as another user", PRG

[simonLeary42]

Our HTTP API is constrained by the "view as another user" feature and the "post -> request -> get (PRG)" best practice.
The file header.php allows the user to HTTP POST to any page in the site, and also issues redirects for any page in the site which handles POST data.
The following actions must be forbidden in any page before the inclusion of header.php:

• throwing errors due to unrecognized POST data
  • header.php recognizes keys that specific pages do not
• discarding POST data
  • header.php needs to read POST data
• displaying content of any kind (this includes UnityHTTPD::alert())
  • if header.php redireects, the user will not see any content displayed up until that point

Hopefully a more elegant solution can be found and some of these constraints can be lifted.

[simonLeary42]

Some particularly bad behavior is how UnitySite::alert has no effect when called before header.php and when $_SERVER['REQUEST_METHOD'] == "POST"