phpdatabasewordpressproxycode-inspection

How to find PHP script (and line) that accessing database


I know there is a way to find php script that send spam from your server, but I have a different issue. I'm having issue with repeating php code that is sending tones of queries to database and I cannot pin point which code does that. I'm not php developer. I would like to somehow get script and code line that is doing this and maybe that way I will be able to reverse check the "repeating" job that is triggering this issue. With mytop I can see that there are tones of queries, nothing else :(

The script is part of wordpress plugin which ain't compromised, maybe buggy.

Sadly the script is running with 100% of resources and blocking access to page.


Solution

  • I started with mytop, but end up with something build-in:

    mysqladmin -i 1 processlist
    

    Thanks to that I could see how many and what queries are hitting mysql server;

    Then I enabled status page for php-fpm:

    pm.status_path = /status
    

    Thanks to that I could see what was triggering the hit (in my case it was of course wp-cron.php ) so that was a clue but not the answer.

    I wanted to log every php call into file, but realised that would be insane, so next sane thing was use php debugger - XDebug.

    I didn't know then that I could use in without IDE and just write that part of code thanks to and and I end up setting IDE (Visual Studio Code) with addon Remote - SSH and PHP Debug. The second one is installed on server side and thanks to that I didn't have to install any XAMP/LAMP server on my machine.

    After connecting remotely with VSC I just opened plugin code file, put breakpoint and started to track what code was doing thanks to moving around it with F10 and F11.

    That way I end up with loosing many many hours but I was able to find the buggy coded that was spamming my database.