mod_perl and PHP

BMaximus has asked for the wisdom of the Perl Monks concerning the following question:

Before you go off and start screaming heathen please hear me out.

I'm doing a freelance job for an isp thats just starting up. The application I'm creating is in mod_perl, but his control panel is in PHP. The thought of having to deal with a server that has both PHP and mod_perl compiled in it or as a DSO is disturbing. Don't get me wrong. I'm not against PHP.

I had created a module that is a subclass of Apache::Cookie which uses Crypt::Blowfish to automaticaly encrypt -value as it goes in, and decrypt it as it comes out just like Apache::Cookie does with unencrypted cookies (you get what I'm saying). So what does this have to do with PHP? Well he wants to use the module for authentication for the control panel. What I need to know is that is it possible for a mod_perl/Perl script to communicate or send data to a PHP script like a single variable or more?

Thank you for sharing your knowlege and I pray for forgiveness if this is not the right forum to ask this humble question.

Your humble newbie brother,
BMaximus

sidenote: Surprisingly the module passes taint checks.

Comment on mod_perl and PHP

Replies are listed 'Best First'.
Re: mod_perl and PHP by Dragonfly (Priest) on Mar 23, 2001 at 15:49 UTC
According to the PHP Developer's Cookbook there are a variety of new ways you can do various inter-process communication with PHP 4.0, including socket programming, Unix Domain Sockets, UDP/TCP calls, etc. I'm not sure how you'd work that with mod_perl exactly, but you could certainly look into setting up your PHP script to listen for instructions and/or communications whenever the mod_perl is executed. With PHP 4 the Zend engine is supposed to be much faster than the older PHP engine, although I haven't tried any of the more sophisticated new elements of PHP, so take all this with a grain of salt. =P	[reply]
Re: mod_perl and PHP by jeorgen (Pilgrim) on Mar 23, 2001 at 17:42 UTC
Why not share everything through a database? I'm currently designing a system where you can use Zope (main system), PHP and perl. Everything is then connected to MySQL. Instead of encrypting your cookies, just give them an MD5 or random value and store all the info you now have encrypted in the cookies server-side. In short let all session and user info be stored in and retrieved from the database. /jeorgen	[reply]
Re: Re: mod_perl and PHP by BMaximus (Chaplain) on Mar 25, 2001 at 17:15 UTC
The reason why I have encrypted cookies is to store the session key on them. Not the session's information. That would make the cookie too big and I feel that would be an abuse of the system. If I don't encrypt the cookies there stands a chance of someone going in and mucking around with the cookie to see what they can do. I've seen it happen and I'm not about to take chances with my client's data. I'm being paid to be paranoid. Anyways, I've learned that PHP also has the ability to decrypt with Blowfish so I think I have the problem solved. What I wanted to do was use PerlAccessHandler and create a module to grab the cookie and allow access to the PHP module. The problem with doing that is when the handler lets it through, how does the PHP module know what the session id is or the member id. PerlAccessHandler can't pass anything to the PHP through Apache. Hey if I'm wrong, I'd love to hear it. BMaximus	[reply]
Re: mod_perl and PHP by Coyote (Deacon) on Mar 24, 2001 at 02:18 UTC
I would go with Jeorgen's suggestion and share everything through a database if that is possible, but just to throw this out there, you might also take a look at XML-RPC or its big brother, SOAP. Implementations of <a href='XML-RPC and SOAP exist for both perl and PHP. The SOAP::Lite module is excellent and there is a good tutorial on its use at www.perl.com. There is an implementation of SOAP for PHP as well, but I don't have the link handy. Update: The PHP SOAP implementation is a bit of a pain to find, so here's a link. ---- Coyote	[reply]