How to redirect in PHP ?

In PHP, redirection is a common practice where you want to take the user from one page to another automatically. This is typically done using the header() function. Here’s how you can implement a redirect in PHP:

Method 1: Using the header() Function

The header() function is used to send raw HTTP headers to a client. It must be called before any actual output is sent, either by normal HTML tags, blank lines in a file, or from PHP.


header('Location: target-url');


// Redirect to another page
exit; // Always call exit after header

Important Notes:

  1. Call exit or die: After sending the location header, it’s important to halt the script using exit() or die() to ensure that no further code is executed which could interfere with the redirection.

  2. Output Buffering: If there’s any possibility that output may be sent before calling header(), use output buffering (ob_start()) at the beginning of your script to avoid issues with headers already being sent.

  3. Relative URLs: While using relative URLs in the Location header is supported, it's generally safer to use absolute URLs.

Method 2: Using HTML Meta Refresh

If for some reason you are unable to use the header() function for redirection, you can use a meta refresh in HTML:


<meta http-equiv="refresh" content="0;URL=''">

This goes in the <head> section of your HTML. The content attribute specifies the number of seconds to wait before redirecting (here, 0 seconds), and the URL to which to redirect.

Method 3: Using JavaScript

Redirecting using JavaScript is another option if the previous methods are not suitable:


    window.location.href = '';

This JavaScript can be placed in either the <head> or <body> of your HTML and will execute when loaded in the browser.

Best Practice

For most server-side redirections, using the header() function in PHP is the preferred method, because it happens before any content is loaded, making it faster and more secure. Always remember to validate any URLs or parameters used in redirects to avoid security issues like open redirects and ensure compliance with your application's logic.