Most of the time, a PHP application won't need to change the HTTP status code that Apache or FastCGI generates on it's behalf, but occasionally there's a need to do so.
This snippet lists some of the common HTTP Status codes and how to return them
/* Success - 2xx */
// Standard response - HTTP 200 (the default anyway)
header($_SERVER["SERVER_PROTOCOL"]." 200 OK", true, 200);
// No Content - HTTP 204
header($_SERVER["SERVER_PROTOCOL"]." 200 OK", true, 204);
// Partial Content - HTTP 206
header($_SERVER["SERVER_PROTOCOL"]." 200 OK", true, 206);
header("Content-Range: 0-1024");
/* Redirects - 3xx */
// Temporary redirect - HTTP 302
header('Location: https://example.com/somepage.html');
// Permanent Redirect - HTTP 301
header('Location: https://example.com/somepage.html', true, 301);
// See Other - HTTP 303
header('Location: https://example.com/somepage.html', true, 303);
// Not Modified - HTTP 304
header($_SERVER["SERVER_PROTOCOL"]." 304 Not Modified", true, 304);
// Temporary Redirect, do not change HTTP method - HTTP 307
header('Location: https://example.com/somepage.html',true,307);
// Permanant Redirect, do not change HTTP method - HTTP 308
header('Location: https://example.com/somepage.html',true,308);
/* Request issues - 4xx */
// Bad Request - HTTP 400
header($_SERVER["SERVER_PROTOCOL"]." 400 Bad Request", true, 400);
// Unauthorized - HTTP 401
header($_SERVER["SERVER_PROTOCOL"]." 401 Unauthorized", true, 401);
// Unauthorized, require basic authentication - HTTP 401
header($_SERVER["SERVER_PROTOCOL"]." 401 Unauthorized", true, 401);
header("WWW-Authenticate: Basic realm='My Site'");
// Forbidden - HTTP 403
header($_SERVER["SERVER_PROTOCOL"]." 403 Forbidden", true, 403);
// Page Not Found - HTTP 404
header($_SERVER["SERVER_PROTOCOL"]." 404 Not Found", true, 404);
// Method Not Allowed - HTTP 405
header($_SERVER["SERVER_PROTOCOL"]." 405 Method Not Allowed", true, 405);
// Not Acceptable - HTTP 406
header($_SERVER["SERVER_PROTOCOL"]." 406 Not Acceptable", true, 406);
// Request Timeout - HTTP 408
header($_SERVER["SERVER_PROTOCOL"]." 408 Request Timeout", true, 408);
// Gone - HTTP 410
header($_SERVER["SERVER_PROTOCOL"]." 410 Gone", true, 410);
// Range Not Satisfiable - HTTP 416
header($_SERVER["SERVER_PROTOCOL"]." 416 Range Not Satisfiable", true, 416);
// RFC 2324 - HTTP 418
header($_SERVER["SERVER_PROTOCOL"]." 418 I'm a teapot", true, 418);
/* Server Error - 5xx */
// Internal server error - HTTP 500
header($_SERVER["SERVER_PROTOCOL"]." 500 Internal Server Error", true, 500);
// Not Implemented - HTTP 501
header($_SERVER["SERVER_PROTOCOL"]." 501 Internal Server Error", true, 501);
// Bad Gateway - HTTP 502
header($_SERVER["SERVER_PROTOCOL"]." 502 Bad Gateway", true, 502);
// Service Unavailable - HTTP 503
header($_SERVER["SERVER_PROTOCOL"]." 503 Service Unavailable", true, 503);
// Gateway Timeout - HTTP 504
header($_SERVER["SERVER_PROTOCOL"]." 504 Gateway Timeout", true, 504);
// HTTP version not supported - HTTP 505
header($_SERVER["SERVER_PROTOCOL"]." 505 HTTP Version Not Supported", true, 505);