With your example code, each query-string parameter you access through $_GET, such as $_GET['page'], you directly append to a $header variable, such as $header = '&page=' . $_GET['page'];.

Since each key looks like it has “rules”, such as the id can’t be 0, looping through a list of keys would be do-able, however, you’d also need to keep a list of rules to evaluate and it wouldn’t be worth it (unless you had a lot of keys, then I could see a good benefit).

Instead, you could re-order and clean-up your code to build the full query-string and then worry about actually redirecting:

if (!isset($_GET['id']) || ((int)$_GET['id'] == 0)) {
    // invalid id; no need to process further.
    header('Location: error.php');
    die();
}

// set the ID
$queryString = 'id=' . (int)$_GET['id'];

// process the current page
$queryString .= '&page=' . ((empty($_GET['page']) || ((int)$_GET['page'] <= 0)) ? 1 : $_GET['page']);

// set the order, if available
if (!empty($_GET['order'])) {
    $queryString .= '&order=' . $_GET['order'];
}

// redirect
header('Location: topic.php?' . $queryString);
die();

While this still requires manual work for each key, it’s easier to manage (in my opinion) and the actual URL/redirect is handled in only a single place. This is also a method I would use on smaller projects, ones that aren’t expected to change (much) or have a dynamic/growing list of parts.

If the above method is too tedious (which can easily become the case when you have too many query-string parameters/rules), creating a list of keys and their rules would become the preferred method. Here’s a quick thrown-together (and not tested) sample of this method:

// define the list of "keys" and their "rules"
$keys = array(
    'id'    => array('required' => true, 'min' => 1),
    'page'  => array('required' => false, 'min' => 1, 'default' => 1),
    'order' => array('required' => false)
);

$query = '';
foreach ($keys as $key => $rules) {
    // get the value of the key from the query-string, if set
    $value = (empty($_GET[$key]) ? null : $_GET[$key]);

    // determine if the value is valid or not
    $valid = (empty($value) || (isset($rules['min']) && ((int)$value < $rules['min']))) ? false : true;

    if ($rules['required'] && !$valid) {
        // required key but invalid value =[
        header('Location: error.php');
        die();
    } else if (!$rules['required'] && !$valid) {
        if (!empty($rules['default'])) {
            // the key is not set but has a default value
            $value = $rules['default'];
        } else {
            // the key is not required, is not set, and has no default value; skip it
            continue;
        }
    }

    // append the key/value to the query
    $query .= (($query != '') ? '&' : '') . $key . '=' . $value;
}

header('Location: topic.php?' . $query);
die();

The above is a skeleton of a key/rule-based system. The rules are very minimal and define if a key is required and what it’s minimum value is (if a min is set, it assumes it’s an integer and casts it via (int)). If the key is required and not set, or not a valid value, it immediately fails and redirects to error.php. If the key is not required and the value is invalid but there is a default value set, it will use that value; otherwise it will skip that key. After all value-processing is done, it appends the key/value to the query and continues on it’s way.

I say that it is a “skeleton” system because it only defines two rules, min and required. You could build upon this to add additional rules such as max to set the highest value, or in_list to define a list of valid values (such as for order, you could have 'in_list' => array('asc', 'desc') and then check it with in_array($value, $rules['in_list'])). It has potential, but is only limited to your needs!