I would like to run and store the value returned from a python script, in response to certain admin actions.
I've tried a bunch of suggested solutions but the only method that has worked for me is:
$python_script_path = get_template_directory() . '/hello.py';
$python_command = 'C:\Users\fluxian\AppData\Local\Microsoft\WindowsApps\python.exe ' . escapeshellarg($python_script_path);
ob_start();
passthru($python_command . ' dog');
$output = ob_get_contents();
ob_end_clean();
echo $output; // Hello dog
Which seems dirty, but if it works it works. I don't want to hard-code the location to a python install though. Is there a way to figure out where python is actually installed dynamically, instead of relying on hard-coding its location?
Whenever I run shell_exec or exec I get an error saying that python is not a recognised command. I assume the shell php is calling is not the cmd that Windows is exposing? Fixing that seems like a neater solution, if anyone knows how.
I would like to run and store the value returned from a python script, in response to certain admin actions.
I've tried a bunch of suggested solutions but the only method that has worked for me is:
$python_script_path = get_template_directory() . '/hello.py';
$python_command = 'C:\Users\fluxian\AppData\Local\Microsoft\WindowsApps\python.exe ' . escapeshellarg($python_script_path);
ob_start();
passthru($python_command . ' dog');
$output = ob_get_contents();
ob_end_clean();
echo $output; // Hello dog
Which seems dirty, but if it works it works. I don't want to hard-code the location to a python install though. Is there a way to figure out where python is actually installed dynamically, instead of relying on hard-coding its location?
Whenever I run shell_exec or exec I get an error saying that python is not a recognised command. I assume the shell php is calling is not the cmd that Windows is exposing? Fixing that seems like a neater solution, if anyone knows how.
1 Answer
Reset to default 2Which seems dirty, but if it works it works. I don't want to hard-code the location to a python install though. Is there a way to figure out where python is actually installed dynamically, instead of relying on hard-coding its location?
There's several options:
- Put the python executable in
PATHso that the path is unnecessary and it can be shortened to justpython ...args.. - Pass the path in an environment variable, but this requires pre-configuring at a server level
- Pass it via a config file outside of the public dir, again requires server specific file
- Query the python file via a HTTP request and rely on a python web server to execute your query
- You may be tripped up by the working directory, which might change depending on how and where you make the request to WordPress.
- Read in the return code from
python, right now there is no error handling code
Note though that executing shell scripts is one of the most dangerous things you can do and these functions are explicitly disabled on some hosts for that reason. This code will be flagged by most code quality/security scanning tools as a result.
Some further notes:
- Move your python application outside your theme, ideally outside your servers publicly accessible folders, otherwise someone could hit that python URL directly and execute/read/download the contents
- Assemble your command in 1 step so that it can be escaped all at once, don't append extra arguments afterwards
Whenever I run shell_exec or exec I get an error saying that python is not a recognised command. I assume the shell php is calling is not the cmd that Windows is exposing? Fixing that seems like a neater solution, if anyone knows how.
At this point you've moved beyond the world of WordPress and have a generic PHP question. But the answer depends enormously on how your server is set up. E.g. if you're using a docker based environment then that path won't work and you'll need to make sure a python install is present inside the container. If you're using a tool such as WP Studio or wp-now then there is no python ( and no PHP either! That tool transpiles it all into javascript ). Likewise if your local environment relies on WSL it will have its own filesystem etc.. It may even be that Windows security is preventing access, but you would need to ask someone more experienced with modern Windows security practices on how to check for that.
As for passthru versus exec vs system this stackoverflow question handles that: https://stackoverflow/questions/732832/php-exec-vs-system-vs-passthru#732844