PHP / MSSQL 连接故障排除

Question

I have php script that is sending values given to it to an MSSQL database. It works about 70% of the time (there should be ~100 records, I'll see ~70). There is no pattern, that I can see. I am not looking for help going over the logs I already have; I need to know where I should look to find errors. The php is simple, using mssql_query, mssql_num_rows, and mssql_fetch_array. Timeout in php.ini has not changed from default 60s, although I have just now set it to 240s (if this fixes everything, I will update the post). I am not able to return anything once the script has been called; every response, whether there is an error or not, must be the same. Can I somehow log details of the mssql_query function? Or is there a response from the SQL server I can listen for? I've read the manual and havent seen anything like this. Any help would be appreciated. I need this taken care of asap.

edit - I can't run mssql_showlastmessage, because I can't return anything but, as things will break. Below is the entire code.

<?php
//request xml cdr from switchvox
error_reporting(E_ALL);

//include switchvox libraries
require_once("SwitchvoxRequest.php");

//define sql connection stuff
$db_host = "dbhost";
$db_user = "dbuser";
$db_pass = "dbsecret";
$db = "db";
$table_sr = "tblsr";
$table_cd = "tblcmrd";
$link = mssql_connect($db_host, $db_user, $db_pass);
$err = "";

//make sure we can connect
if (!$link || !mssql_select_db($db, $link))
        {
            die("<response></response>");
        }

//define pbx connection stuff
$sv_host = "pbx";
$sv_user = "user";
$sv_pass = "secret";

//get the extension from the pbx and format it
$ext = $_GET['ext'];
$ext2 = $_GET['ext2'];
$jobid = $_GET['jobid'];
$et = $_GET['et'];

if(!$ext2)
        {
        $ext = substr($ext,-4,4);
        }

if(strlen($ext) > 4)
        {
        if(strlen($ext2) > 4)
                {
                die("<response></response>");
                }
        $ext = $ext2;
        }

//query the sr table to find the account ID of the extension we are referencing
$acid_sql = "SELECT * FROM $table_sr WHERE ext=$ext";
$acid_res = mssql_query($acid_sql);
$acida = mssql_fetch_array($acid_res, MSSQL_BOTH);
$acid = $acida['pbx_accountid'];

if (!$acid_res) 
        {
            die("<response></response>");
        }

//make sure there is a salesrep for the extension making the call
if (!$acid)
        {
            die("<response></response>");
        }

//get and format the time and date as YYYY-MM-DD
$date = date('Y') . "-" . date('m') . "-" . date('d');

//format the time as HH:MM:SS
$time = date('H') . ":" . date('i') . ":" . date('s');

//create a new request
$req = new SwitchvoxRequest($sv_host, $sv_user, $sv_pass);
$reqpar = array
        (
        'account_ids' => array
                (
                'account_id' => array
                        (
                        $acid
                        )
                ),
            'start_date' => array
                (
                $date . " " . "00:00:00"
                ),
        'end_date' =>  array
                (
                $date . " " . $time
                ),
        'sort_field' => array
                (
                ),
        'sort_order' => array
                (
                'DESC'
                )
        );
$res = $req -> send("switchvox.callLogs.search", $reqpar);
$result = $res->getResult();
$calls = $result['calls']['total_items'];

//check that there were calls to/from this account today
if(!$calls)
        {
        die("<response></response>");
        }

$latest = $result['calls']['call']['0'];
$callid = $latest['id'];

//check to see if the call has already been logged
$id_sql = "SELECT * FROM $table_cd WHERE callID='$callid'";
$id_res = mssql_query($id_sql);
$exid = mssql_fetch_array($id_res, MSSQL_ASSOC);

if (!$id_res) 
        {
    die("<response></response>");
        }

if($exid['callID'])
        {
        die("<response></response>");
        }

//define variables to be sent to the table
$from = $latest['from_number'];
$to = $latest['to_number'];
$durat = $latest['talk_duration'];
$start = $latest['start_time'];
$callid = $latest['id'];
$calltype = $latest['origination'];

//check the length of the cid/ext strings and swap if needed
if (strlen($from) > strlen($to))
        {
        $extension = $to;
        $phonenumber = $from;
        }
        else
        {
        $extension = $from;
        $phonenumber = $to;
        }

//insert the data into the table
$fi_sql = "INSERT INTO $table_cd (extension, phonenumber, calldatetime, duration, callID, calltype)     VALUES ($extension, $phonenumber, '$start', '$durat', '$callid', '$calltype')";
$fi_res = mssql_query($fi_sql);

if (!$fi_res) 
{
    die("<response></response>");
}

$sv_res = "<response></response>";

echo $sv_res;
?>

I realize this is open to sql injections. That's ok.

edit -

I looked through the logs on the database; there are no errors for when I would expect there to have been data inserted, nothing even indicating that it tried. I am going to look at something that will log messages to syslog or something from php. suggestions are welcome.

Answer 1

In general, you are free to execute this on MySQL

EXPLAIN SELECT ...

to get a description of a SELECT statement . This feature basically explains, how MySQL's query analyzer sees your query and how it would be executed. For example, EXPLAIN describes, if MySQL is about to perform costly table-scans or may use an index and if so, which one.

Are you sure, that MySQL is causing the problem? Or might PHP force problems?

Do you check mysql_error() after each query?

Is $ext probably not numeric? In this case, $ext should get quoted (sorry, don't like variable substitution inside of string):

$acid_sql = "SELECT * FROM " .  $table_sr . " WHERE ext='" . $ext . "'";

Since you return XML and if the client of this routine behaves well, why not insert a new element inside of response like this:

<response>
   ... other elements ...
  <sysInfo>
    Failed to perform...
  </sysInfo>
</response>

A well-behaving XML client should only read known elements and thus skip additional elements. Adding such a logic return code always useful.

PS: Although the above code might just be a sample, let me remark, that it is attackable by sql-injections .