如何找到访问数据库的 PHP 脚本(和行)
[英]How to find PHP script (and line) that accessing database
问题描述
I know there is a way to find php script that send spam from your server, but I have a different issue.
我知道有一种方法可以找到从您的服务器发送垃圾邮件的 php 脚本,但我有一个不同的问题。 I'm having issue with repeating php code that is sending tones of queries to database and I cannot pin point which code does that.我在重复向数据库发送查询音调的 php 代码时遇到问题,我无法确定是哪个代码做到了这一点。 I'm not php developer.我不是 php 开发人员。 I would like to somehow get script and code line that is doing this and maybe that way I will be able to reverse check the "repeating" job that is triggering this issue.我想以某种方式获得正在执行此操作的脚本和代码行,也许这样我将能够反向检查触发此问题的“重复”作业。 With mytop I can see that there are tones of queries, nothing else :(使用 mytop 我可以看到有很多查询,仅此而已:(
The script is part of wordpress plugin which ain't compromised, maybe buggy.该脚本是 wordpress 插件的一部分,它没有受到损害,也许是错误的。
Sadly the script is running with 100% of resources and blocking access to page.可悲的是,该脚本正在运行 100% 的资源并阻止对页面的访问。
2 个解决方案
解决方案1
1 2022-02-16 00:08:16
Here is a possible approach.这是一种可能的方法。 First of all be aware that this will affect the server performance while you carry out the test, so try do this when you don't expect high volume of traffic.首先请注意,这会在您进行测试时影响服务器性能,因此请在您不期望大量流量时尝试这样做。
Instruct MySQL to log all queries.指示 MySQL 记录所有查询。
mysql> SHOW VARIABLES LIKE "general_log%";
It should return something like:它应该返回如下内容:
+------------------+----------------------------+
| Variable_name | Value |
+------------------+----------------------------+
| general_log | OFF |
| general_log_file | /var/run/mysqld/mysqld.log |
+------------------+----------------------------+
Now activate the general log现在激活通用日志
mysql> SET GLOBAL general_log = 'ON';
Find the log in your server (the location might differ from the one in the example) and examine the queries to see what the queries are about so you can identify the plugin that is causing the problem.在您的服务器中找到日志(位置可能与示例中的不同)并检查查询以查看查询的内容,以便您识别导致问题的插件。
Try this out first and if you can't sort it out we can run other test.先试试这个,如果你不能解决它,我们可以运行其他测试。
When you finish don't forget to turn off the general log:完成后不要忘记关闭常规日志:
mysql> SET GLOBAL general_log = 'OFF';
解决方案2
0 已采纳 2022-06-07 07:46:07
I started with mytop, but end up with something build-in:我从 mytop 开始,但最终内置了一些东西:
mysqladmin -i 1 processlist
Thanks to that I could see how many and what queries are hitting mysql server;多亏了这一点,我可以看到有多少查询以及哪些查询正在访问 mysql 服务器;
Then I enabled status page for php-fpm:然后我为 php-fpm 启用了状态页面:
pm.status_path = /status
Thanks to that I could see what was triggering the hit (in my case it was of course wp-cron.php ) so that was a clue but not the answer.多亏了这一点,我可以看到触发命中的原因(在我的情况下,当然是 wp-cron.php ),所以这是一个线索,但不是答案。
I wanted to log every php call into file, but realised that would be insane, so next sane thing was use php debugger - XDebug.我想将每个 php 调用记录到文件中,但意识到这太疯狂了,所以下一个理智的事情是使用 php 调试器 - XDebug。
I didn't know then that I could use in without IDE and just write that part of code thanks to and and I end up setting IDE (Visual Studio Code) with addon Remote - SSH and PHP Debug .那时我不知道我可以在没有 IDE 的情况下使用,只需编写那部分代码,感谢 and 我最终使用插件Remote - SSH和PHP Debug设置 IDE (Visual Studio Code)。 The second one is installed on server side and thanks to that I didn't have to install any XAMP/LAMP server on my machine.第二个安装在服务器端,因此我不必在我的机器上安装任何 XAMP/LAMP 服务器。
After connecting remotely with VSC I just opened plugin code file, put breakpoint and started to track what code was doing thanks to moving around it with F10 and F11.与 VSC 远程连接后,我刚刚打开插件代码文件,放置断点并开始跟踪代码在做什么,这要归功于使用 F10 和 F11 移动它。
That way I end up with loosing many many hours but I was able to find the buggy coded that was spamming my database.这样我最终会浪费很多时间,但我能够找到向我的数据库发送垃圾邮件的错误代码。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.