Pass form variables from PHP to Python (inside jumi in Joomla)

Question

Is there a way for PHP to pass HTML form variables (POST) directly to a python script called with "passthru" in PHP without PHP having to know the variable names?

Can PHP pass the HTTP POST request to python so that i.e. the cgi module in python will read it like it was passed "from the web"?

Basic setup: Joomla CMS, with the jumi module.
NB! Python 2.4, PHP 5.3.3 on RedHat 5.9 - only standard packages.

One of the jumi applications is a python script which creates a form, and also handles the POST variables.

Reason: A lot more python knowledge in our shop, and the python script does a lot in the background.

In the jumi PHP script I have:

<?php
$var1 = $_REQUEST['myVar1'];
$var2 = $_REQUEST['myVar2'];
echo passthru('/usr/bin/python /var/www/html/joomla/jumi/portal-ldap.py '.$myVar1.' '.$myVar2);
?>

The python scripts then uses sys.arvg to process these variables.

It works - by all means, but it also means that any additinal variables must be known to both scripts.

Is there a way for PHP to pass the form variables directly to the python script in a way so that the "cgi" module in Python can process the variables as it would if I ran the python script with a framework/cgi/mod_python/...?

Python handling form variables:

import cgi
form = cgi.FieldStorage()
var1 = form.getvalue("myVar1", "nothing")
var2 = form.getvalue("myVar2", "nothing")

Answer 1

If you absolutely want to read the values through cgi.FieldStorage, you could run the python script on an HTTP server, preferably limiting its access to localhost. Executing the call over HTTP would also be a lot more secure than passing the parameters to passthrough() unparsed.

Alternatively, you could change your python script to use the getopt module, which makes it easier to define the argument in key-value pairs like this (paths omitted for brevity):

python portal-ldap.py --myvar1 nothing --myvar2 nothing

If you decide to keep using passthgough(), do remember to escape all the arguments with escapeshellarg().

Edit: You could also json_encode($_REQUEST) and pass it as a parameter, then json.loads() it in Python to get the array as a dictionary.

Answer 2

I'll answer my own question to explain how I used the info I've gotten.

I must also add that I'm limited by using python 2.4 and (maybe not limited by) simplejson - since I'm on RedHat 5.9 in this project - and want/need to keep to the supplied packages. So I have web --> Joomla --> jumi --> php --> python --> backend...

Building on the answer and comments from Kaivosukeltaja and supporting articles executing Python script in PHP and exchanging data between the two and http://pymotw.com/2/json/

In the jumi application / php-script I have put (amongst other things) the following to allow HTTP POST to be sent as a JSON object to my supporting python script.

echo passthru('/usr/bin/python /var/www/html/joomla/jumi/ldap-script.py '. escapeshellarg(json_encode($_POST)))

Then, in the python script I use sys.argv to read the variable, and simplejson to map the json object from PHP to a python dictionary (heavily simplified):

import sys
import simplejson as json
myjson = sys.argv[1]
mydict = json.loads(myjson)

I can now test if my desired keys can be found:

if ( 'var1' in mydict):
    print mydict['var1']

The user posts to these variables in a simple form:

<form name="INPUT" action="" method="POST">
    MyVar1 <input type="number" name="var1">
    <input type=SUBMIT" value="Submit">
</form>

The avid reader will see that "var1" is referenced in most of these steps, while PHP isn't, don't have to be, aware of it.