UnknownSec Bypass 403

: /var/www/cotutilitydash/ [ drwxrwxr-x ]
name : insert_uploaddata.php <?php include "header.php"?> <?php include "sidemenu.php"?> <div id="page-wrapper"> <div class="col-md-12 graphs"> <div class="xs"> <table width="100%"> <tr> <td width="50%"> <h3>File Record Details</h3> </td> <td width="50%" align="right"> <a class="btn btn-primary" href="upload_excelfile.php" style="margin: 5px"><i class="fa fa-list"></i> Back To Upload File</a> </td> </tr> </table> <div class="well1 white"> <?php require('library/php-excel-reader/excel_reader2.php'); require('library/SpreadsheetReader.php'); //require('config.php'); $creationdatetime = date("Y-m-d H:m:s"); if(isset($_POST['Submit'])){ //$mimes = ['application/vnd.ms-excel','text/xls','text/xlsx','application/vnd.oasis.opendocument.spreadsheet']; $mimes = array('text/xls', 'text/xlsx', 'application/excel', 'application/vnd.msexcel', 'application/vnd.ms-excel', 'application/vnd.openxmlformats-officedocument.spreadsheetml.sheet'); if(in_array($_FILES["file"]["type"],$mimes)){ $uploadFilePath = 'uploads/'.basename($_FILES['file']['name']); move_uploaded_file($_FILES['file']['tmp_name'], $uploadFilePath); $Reader = new SpreadsheetReader($uploadFilePath); $totalSheet = count($Reader->sheets()); echo "You have total ".$totalSheet." sheets". $acutaldata=0; $duplicatedata=0; $duphtml="<table border='1' class='table table-bordered'>"; $duphtml.="<tr> <th>Date</th> <th>Area</th> <th>Sub Area</th> <th>Total Consumption</th> </tr> "; $html="<table border='1' class='table table-bordered'>"; $html.="<tr> <th>Date</th> <th>Area</th> <th>Sub Area</th> <th>Total Consumption</th> </tr> "; /* For Loop for all sheets */ for($i=0;$i<$totalSheet;$i++){ $Reader->ChangeSheet($i); $k=0; foreach ($Reader as $Row) { $flag=false; $html.="<tr>"; $date=""; $area=""; $subarea=""; $totalconsumption=0; $date = isset($Row[0]) ? $Row[0] : ''; if(strtotime($date)){ $flag=true; $odate=date_create($date); $condate=date_format($odate,"Y-m-d"); } $area = isset($Row[1]) ? $Row[1] : ''; $subarea = isset($Row[2]) ? $Row[2] : ''; $totalconsumption = isset($Row[3]) ? $Row[3] : ''; $areaid=""; $subareaid=""; $query="Select id from mastertb where area='".$area."' and identifier=1 and isdeleted='".$gnotdeleted."'"; $result = mysqli_query($conn, $query); while ($row=mysqli_fetch_array($result)) { $areaid = $row["id"]; } $query=" Select id from mastertb where area='".$area."' and subarea='".$subarea."' and identifier=2 and isdeleted='".$gnotdeleted."'"; $result = mysqli_query($conn, $query); while ($row=mysqli_fetch_array($result)) { $subareaid = $row["id"]; } $query="select * from consumptiontb Where consuptiondate='".$condate."' and areaid='".$areaid."' and subareaid='".$subareaid."' and isdeleted='" . $gnotdeleted . "' "; $cnt= get_noof_rows($conn,$query); if($cnt==0 && $areaid!=0 && $subareaid!=0 && $flag==true && $totalconsumption!=0) { $html.="<td>".$date."</td>"; $html.="<td>".$area."</td>"; $html.="<td>".$subarea."</td>"; $html.="<td>".$totalconsumption."</td>"; $html.="</tr>"; $query = "insert into consumptiontb(consuptiondate,areaid,subareaid,totalconsumption,isdeleted,userid,creationdatetime) values('".$condate."','".$areaid."','".$subareaid."','".$totalconsumption."',0,0,'".$creationdatetime."')"; $result=insertrecord($conn,$query); $acutaldata=$acutaldata+1; } else { $duphtml.="<td>".$date."</td>"; $duphtml.="<td>".$area."</td>"; $duphtml.="<td>".$subarea."</td>"; $duphtml.="<td>".$totalconsumption."</td>"; $duphtml.="</tr>"; $duplicatedata=$duplicatedata+1; } //$mysqli->query($query); } } if($acutaldata!=0) { echo "<br />Data Save Successfully"; $html.="</table>"; echo $html; } if($duplicatedata!=0) { echo "<br />This Consumption Data is already exist or data is not in correct format"; $duphtml.="</table>"; echo $duphtml; } }else { die("<br/>Sorry, File type is not allowed. Only Excel file."); } } ?> </div> <!-- <div class="bs-example4 tab-content" data-example-id="simple-responsive-table"> </div> --> </div> <?php include "footer.php"?>