fghber/sample-php-headers.php

## sample-php-headers.php
301 moved permanently (redirect):
<?php
header('HTTP/1.1 301 Moved Permanently');
header('Location: http://www.example.com');
die();
?>

302 moved temporarily(redirect):
<?php
header('Location: http://www.example.com');
die();
?>

302 moved temporarily(redirect) buffered output:
<?php
ob_start();
if(!loggedIn) {
    ob_end_clean(); //SO Q: header redirect location using ob_start https://stackoverflow.com/questions/11823130/how-to-redirect-with-header-location-in-php-when-using-ob-start
    header("location:../login.php");
    die(true); /// SO Q:Utilizing exit(); or die(); after header("Location:..") https://stackoverflow.com/questions/8665985/php-utilizing-exit-or-die-after-headerlocation
    /// You need to use exit or die to stop execution of your script after header("Location: " . getenv("HTTP_REFERER"));,
    //because your script may be executed till the end, what can cause unexpected behavior.
    //See also: "Headers already sent" error https://stackoverflow.com/questions/8028957/how-to-fix-headers-already-sent-error-in-php/8028987#8028987
}
?>

404 Page Not Found:
<?php
header('HTTP/1.1 404 Not Found');
?>

Service not avaliable:
<?php
header('HTTP/1.1 503 Service Temporarily Unavailable');
header('Status: 503 Service Temporarily Unavailable');
header('Retry-After: 60');
?>

CSS:
<?php
header('Content-Type: text/css');
?>

Javascript header:
<?php
header('Content-Type: application/javascript');
?>

Images:
For JPEG(jpg):
<?php
header('Content-Type: image/jpeg');
?>
For PNG:
<?php
header('Content-Type: image/png');
?>
For BMP:
<?php
header('Content-Type: image/bmp');
?>

PDF (output pdf with php):
<?php
header('Content-Type: application/pdf');
echo file_get_contents('filename.pdf');
?>

Cache (force browsers not to cache files):
<?php
header('Expires: Sat, 26 Jul 1997 05:00:00 GMT');
header('Cache-Control: no-store, no-cache, must-revalidate');
header('Cache-Control: pre-check=0, post-check=0, max-age=0');
header ('Pragma: no-cache');
?>

Download dialog:
<?php
header('Content-Disposition: attachment; filename=' . urlencode($f));
header('Content-Type: application/force-download');
header('Content-Type: application/octet-stream');
header('Content-Type: application/download');
header('Content-Description: File Transfer');
header('Content-Length: ' . filesize($f));
echo file_get_contents($f);
?>

Authentication (force the browser to pop up a Username/Password input window) - only available when PHP is running as an Apache module:
<?php
if (!isset($_SERVER['PHP_AUTH_USER'])) {
    header('WWW-Authenticate: Basic realm="The Realm"');
    header('HTTP/1.0 401 Unauthorized');
    echo 'If cancel is pressed this text shows';
    die();
} else {
//always escape your data//
$user='user';
$pass='pass';
   if($_SERVER['PHP_AUTH_USER']==$user && $_SERVER['PHP_AUTH_PW']==$pass){
    echo 'Authorized';
}
}
?>
	301 moved permanently (redirect):
	<?php
	header('HTTP/1.1 301 Moved Permanently');
	header('Location: http://www.example.com');
	die();
	?>

	302 moved temporarily(redirect):
	<?php
	header('Location: http://www.example.com');
	die();
	?>

	302 moved temporarily(redirect) buffered output:
	<?php
	ob_start();
	if(!loggedIn) {
	ob_end_clean(); //SO Q: header redirect location using ob_start https://stackoverflow.com/questions/11823130/how-to-redirect-with-header-location-in-php-when-using-ob-start
	header("location:../login.php");
	die(true); /// SO Q:Utilizing exit(); or die(); after header("Location:..") https://stackoverflow.com/questions/8665985/php-utilizing-exit-or-die-after-headerlocation
	/// You need to use exit or die to stop execution of your script after header("Location: " . getenv("HTTP_REFERER"));,
	//because your script may be executed till the end, what can cause unexpected behavior.
	//See also: "Headers already sent" error https://stackoverflow.com/questions/8028957/how-to-fix-headers-already-sent-error-in-php/8028987#8028987
	}
	?>

	404 Page Not Found:
	<?php
	header('HTTP/1.1 404 Not Found');
	?>

	Service not avaliable:
	<?php
	header('HTTP/1.1 503 Service Temporarily Unavailable');
	header('Status: 503 Service Temporarily Unavailable');
	header('Retry-After: 60');
	?>

	CSS:
	<?php
	header('Content-Type: text/css');
	?>

	Javascript header:
	<?php
	header('Content-Type: application/javascript');
	?>

	Images:
	For JPEG(jpg):
	<?php
	header('Content-Type: image/jpeg');
	?>
	For PNG:
	<?php
	header('Content-Type: image/png');
	?>
	For BMP:
	<?php
	header('Content-Type: image/bmp');
	?>

	PDF (output pdf with php):
	<?php
	header('Content-Type: application/pdf');
	echo file_get_contents('filename.pdf');
	?>

	Cache (force browsers not to cache files):
	<?php
	header('Expires: Sat, 26 Jul 1997 05:00:00 GMT');
	header('Cache-Control: no-store, no-cache, must-revalidate');
	header('Cache-Control: pre-check=0, post-check=0, max-age=0');
	header ('Pragma: no-cache');
	?>

	Download dialog:
	<?php
	header('Content-Disposition: attachment; filename=' . urlencode($f));
	header('Content-Type: application/force-download');
	header('Content-Type: application/octet-stream');
	header('Content-Type: application/download');
	header('Content-Description: File Transfer');
	header('Content-Length: ' . filesize($f));
	echo file_get_contents($f);
	?>

	Authentication (force the browser to pop up a Username/Password input window) - only available when PHP is running as an Apache module:
	<?php
	if (!isset($_SERVER['PHP_AUTH_USER'])) {
	header('WWW-Authenticate: Basic realm="The Realm"');
	header('HTTP/1.0 401 Unauthorized');
	echo 'If cancel is pressed this text shows';
	die();
	} else {
	//always escape your data//
	$user='user';
	$pass='pass';
	if($_SERVER['PHP_AUTH_USER']==$user && $_SERVER['PHP_AUTH_PW']==$pass){
	echo 'Authorized';
	}
	}
	?>