PHP Form Submission: Recognize Image Input Buttons
Written by David Walsh on July 1, 2008 · 8 Comments
As you probably know, you can recognize a form submission from a "submit" input type by placing the following code in the "processing" PHP script:
if(isset($_POST['submit'])) { /* do stuff */ }
Did you know, however, that when using an "image" input type to submit the form, the above wont work? You need to add a "_x" to the field name in PHP:
if(isset($_POST['submit_x'])) { /* do stuff */ }
Odd, huh? This works the same when using a form "GET" method.
The _x and _y represent the coordinate location you clicked the image at.
Think this is only an issue with IE.
Yeah. The _x- and _y-coordinates are great for improving the security of a form! I’ve used this to determine if the form has been filled by a human. A spam-bot won’t submit any coordinates but a human has to click on the button and so there will always be coordinates (you’ll have to deactive submitting with the ENTER-button).
@Matthias: Good point on the security enhancement — I’ve never though of that!
@ Matthias
Thanks for posting your comment. I think telling the user that the ENTER button has been deactivated for bot protection is easier than having the user type in a captcha.
I’ll definitely be looking into that method and most likely incorporating it into my projects.
@Braxo – Wait – “Enter button” is deactivated? How would this affect someone who cannot use a mouse/relies on accessibility tools to fill out forms and the like?
Some sites cannot get away with it (coughtargetcough).
You can save yourself the trouble and just give the input a name attribute and check for that. Saves from changing code in two places (the input and the PHP submit validation).
<input type="image" src="image.png" name="submitted" value="Submit" />
I should clarify that…
It saves from changing code in 2 places should you want to change to/from an image submit or a standard submit.