PHP Form Submission: Recognize Image Input Buttons
As you probably know, you can recognize a form submission from a "submit" input type by placing the following code in the "processing" PHP script:
if(isset($_POST['submit'])) { /* do stuff */ }
Did you know, however, that when using an "image" input type to submit the form, the above wont work? You need to add a "_x" to the field name in PHP:
if(isset($_POST['submit_x'])) { /* do stuff */ }
Odd, huh? This works the same when using a form "GET" method.
![From Webcam to Animated GIF: the Secret Behind chat.meatspac.es!]()
My team mate Edna Piranha is not only an awesome hacker; she's also a fantastic philosopher! Communication and online interactions is a subject that has kept her mind busy for a long time, and it has also resulted in a bunch of interesting experimental projects...
![Regular Expressions for the Rest of Us]()
Sooner or later you'll run across a regular expression. With their cryptic syntax, confusing documentation and massive learning curve, most developers settle for copying and pasting them from StackOverflow and hoping they work. But what if you could decode regular expressions and harness their power? In...
![MooTools 1.2 Image Protector: dwProtector]()
Image protection is a hot topic on the net these days, and why shouldn't it be? If you spent two hours designing an awesome graphic, would you want it ripped of in matter of seconds? Hell no! That's why I've created an image...
![HTML5 Datalist]()
One of the most used JavaScript widgets over the past decade has been the text box autocomplete widget. Every JavaScript framework has their own autocomplete widget and many of them have become quite advanced. Much like the placeholder attribute's introduction to markup, a frequently used...
The _x and _y represent the coordinate location you clicked the image at.
Think this is only an issue with IE.
Yeah. The _x- and _y-coordinates are great for improving the security of a form! I’ve used this to determine if the form has been filled by a human. A spam-bot won’t submit any coordinates but a human has to click on the button and so there will always be coordinates (you’ll have to deactive submitting with the ENTER-button).
@Matthias: Good point on the security enhancement — I’ve never though of that!
@ Matthias
Thanks for posting your comment. I think telling the user that the ENTER button has been deactivated for bot protection is easier than having the user type in a captcha.
I’ll definitely be looking into that method and most likely incorporating it into my projects.
@Braxo – Wait – “Enter button” is deactivated? How would this affect someone who cannot use a mouse/relies on accessibility tools to fill out forms and the like?
Some sites cannot get away with it (coughtargetcough).
You can save yourself the trouble and just give the input a name attribute and check for that. Saves from changing code in two places (the input and the PHP submit validation).
<input type="image" src="image.png" name="submitted" value="Submit" />
I should clarify that…
It saves from changing code in 2 places should you want to change to/from an image submit or a standard submit.