How to embed php into js?

K

Kryptonit2020-08-27 12:23:48

PHP

Kryptonit, 2020-08-27 12:23:48

I have an index.php file, it contains the body of the site with the form

<form action="#" method="POST">
                    <div class="dannue">
                        <input type="text" name="fio" placeholder="Имя" required="">
                        <input type="text" name="email" placeholder="Почта" required="">
                        <input type="hidden" name="token" id="token" value="03AGdBq26YYdWHX94usO0FU6">
                    </div>
                    <input type="text" name="thema" id="inp" placeholder="Тема" required="">
                    <textarea name="mess" cols="30" rows="10" placeholder="Сообщение" required=""></textarea>
                    <button id="send" type="submit">Отправить</button>       
                </form>

the form is processed by google captcha, everything works correctly, it is determined by a bot or a person.
The code below processes the form (the bottom of the index.php file) and communicates with the google api:

<script>
    document.querySelector('form').addEventListener('submit', (e) =>{

    e.preventDefault();

    let tk = '';

        grecaptcha.ready(function() {
          grecaptcha.execute('6LfjGsMZAAAAAPxwEON9oAMztQGcRx', {action: 'homepage'}).then(function(token) {
              tk = token;
              document.getElementById('token').value = token;
              

              const data = new URLSearchParams();
              for(const pair of new FormData(document.querySelector('form'))){
                data.append(pair[0], pair[1]);
              }

              fetch('send.php',{
                method: 'post',
                body: data,
              })
              .then(response => response.json())
              .then(result => {
                if(result['om_score'] >= 0.5){
                  console.log('человек');
                  
                  <?php
                    $fio = $_POST['fio'];
                    $email = $_POST['email'];
                    $mess = $_POST['mess'];
                    $thema = $_POST['thema'];
                    $fio = htmlspecialchars($fio);
                    $email = htmlspecialchars($email);
                    $mess = htmlspecialchars($mess);
                    $thema = htmlspecialchars($thema);
                    $fio = urldecode($fio);
                    $thema = urldecode($thema);
                    $mess = urldecode($mess);
                    $email = urldecode($email);
                    $fio = trim($fio);
                    $email = trim($email);

                    if (mail("[email protected]", "Тема".$thema, "".$fio.". E-mail: ".$email. "сообщение:".$mess ,"[email protected] \r\n"))
                     {     header('Location: success-page.html'); 
                    } else { 
                        header('Location: fail-page.html');
                   }
                    ?>
                }else{
                  console.log('бот');
            }
          });
        });
      });
  });
</script>

there is also a send.php file (if needed)

<?php

$captcha;

if(isset($_POST['token'])){
  $captcha = $_POST['token'];
}

$secretkey = '6LfjGsMZAAAAAAt9_XdcVXP-sfL8y1';

$url = 'https://www.google.com/recaptcha/api/siteverify?secret='.$secretkey.'&response='.$_POST['token'];

$response = file_get_contents($url);
$responsekeys = json_decode($response, true);
header('Content-type: application/json');
if($responsekeys["success"] && $responsekeys["score"] >= 0.5){
  echo json_encode(array('success' => 'true', 'om_score' => $responsekeys["score"], 'token' => $_POST['token']));
}else {
  echo json_encode(array('success' => 'false', 'om_score' => $responsekeys["score"], 'token' => $_POST['token']));
}

?>

in index.php, if you look closely, there are lines:

<?php
                    $fio = $_POST['fio'];
                    $email = $_POST['email'];
                    $mess = $_POST['mess'];
                    $thema = $_POST['thema'];
                    $fio = htmlspecialchars($fio);
                    $email = htmlspecialchars($email);
                    $mess = htmlspecialchars($mess);
                    $thema = htmlspecialchars($thema);
                    $fio = urldecode($fio);
                    $thema = urldecode($thema);
                    $mess = urldecode($mess);
                    $email = urldecode($email);
                    $fio = trim($fio);
                    $email = trim($email);

                    if (mail("[email protected]", "Тема".$thema, "".$fio.". E-mail: ".$email. "сообщение:".$mess ,"[email protected] \r\n"))
                     {     header('Location: success-page.html'); 
                    } else { 
                        header('Location: fail-page.html');
                   }
                    ?>

after the script determines what the person is writing, he must execute these lines in php, but he does not display a page with success or a file, there are absolutely no errors in the browser, I think that the code is not seen by the browser, how to fix this?

Reply

Answer the question

In order to leave comments, you need to log in

1 answer(s)

S

Stalker_RED, 2020-08-27
@Kryptonit

Do not paste it, it works completely differently.
Your js is executed in the user's browser when they visit the page. And php code is executed on your server, BEFORE the page is sent.
If you want the user's actions to somehow affect the server, then you need to send a request to the server , using xhr or fectch, for example.