header vs form action

Question

I am currently diving into php and html and working on a simple redirect just for the purpose of showing database content through an url.

I know you can generate an URL in 2 ways, probably more but these two are the reason why I started this question:

php:

<?php
    header('Location: example.php?parameter');
?>

html:

<form action="example.php" method="post">
<!--input fields etc -->
<input type="submit">

But now I was wondering "What is the best practice regarding these two options". Is it just a personal opinion with what you like the best and what is the best suitable way in a situation or is there something else I am overlooking.

I am not trying to start a discussion here, just interested in what is 'normally/commonly' used.

Thanks in advance!

Answer 1

These two pieces of code do fundamentally different things, even though in some cases the user-observed behavior may be very similar.

This is a server-initiated redirect:

<?php
    header('Location: example.php?parameter');
?>

Basically this is the server's way of telling the browser that it should browse to another location. (The browser can ignore it, but doesn't really have a reason to ignore it.) Additional details can be added to the response to tell the browser if this redirection is temporary or permanent, or has other conditions regarding it. But at its simplest this is just the server saying "I don't really have anything for you here, go over there for your information."

This is a client-initiated form POST:

<form action="example.php" method="post">

Well, "client-initiated" in that the actual action of POSTing the form comes from the browser. The server probably gave that HTML tag to the client to tell it to do that, but the client is free to change it if it wants. (There's no reason to do so, though.) The point here is that this is a means by which the client sends data to example.php. It has nothing to do with redirects, it's just sending data to a specific resource on the server.

The server can respond to that data with a redirect, or a rendered page, or any other response.

These might be used in conjunction in a number of ways. Let's say you have page1.php and page2.php. On page1 there is a form, and after that form is submitted you want the user to see page2. This is where the user-observed result might be indistinguishable.

page1 can post to page2 and page2 can handle the submitted data and then display. Or page1 can post back to page1, handle the submitted data, and redirect to page2. To the end user, there's essentially no difference. The main difference is in how you organize your code. In that regard, sure, personal preference comes into play. But this isn't the only scenario in which either of these tools are employed. For example, you might want to submit values to a completely different page for a completely different reason, or redirect on a page request for some server-side reason completely unknown to the client.

As you develop more complex web applications you'll find certain patterns work well in certain situations, and personal preference will begin to conform to those patterns. In the end, these are just tools to perform actions (redirect the client to another location, send data to the server) and your overarching patterns and practices simply make use of the tools.

Answer 2

In most cases you use html forms or links. header() is used mainly if you want to redirect an user after the code is executed (e.g. after a successful login, or when is not authorized to access a restricted page)

Answer 3

The HTTP location header and a HTML form are not really comparable.

The header should be used if you want to create a redirect during the execution of PHP. The form should be used if you want to submit user input from the client side (browser) to the server side.

HTML anchors are the best way to provide links on a web page:

<a href="example.php?parameter">Click</a>