UnknownSec Bypass 403

: /var/www/html/clientpnl/ [ drwxr-xr-x ]
name : list_orderdetails.php <?php include "top.php";?> <script type="text/javascript"> $(document).ready(function(){ } ); </script> <!-- /contact-form --> <section class="w3l-contact-main"> <div class="contact-infhny py-5"> <div class="container py-lg-3"> <div class="row align-form-map"> <div class="col-lg-10 title-content text-left mb-lg-4 mb-4"> <h4 class="hny-title mb-3">Welcome, <span><?php echo $_SESSION['username']; ?> !</span>Your Order List</h4> </div> <div class="col-lg-12 form-inner-cont"> <br> <?php include "../config.php"; $regisid1=$_SESSION["regisid"]; $canteenname=$_SESSION['usercanteenname']; $limit=10; if(isset($_GET['page'])){ $page=$_GET['page']; }else{ $page=1; } $offset= ($page-1)*$limit; $sql="SELECT orderno,tokenno, DATE_FORMAT(orderdate,'%d/%m/%Y') AS orderdate,canteenname from ordertb where userid='".$regisid1."' GROUP by orderno,tokenno,orderdate,canteenname order by orderno DESC LIMIT {$offset},{$limit} "; $result=mysqli_query($conn,$sql) or die("Query Failed."); if(mysqli_num_rows($result)>0){ ?> <table class="table table-bordered content-table"> <thead> <th> S.No. </th> <th> Order No </th> <th> Token No </th> <th> Order Date </th> <th> Canteen Name </th> <th> </th> </thead> <tbody> <?php $serial= 1; while ($row = mysqli_fetch_assoc($result)) { ?> <tr> <td class='id'><?php echo $serial; ?></td> <td><?php echo $row['orderno']; ?></td> <td><?php echo $row['tokenno']; ?></td> <td><?php echo $row['orderdate']; ?></td> <td><?php echo $row['canteenname']; ?></td> <td class='edit'><a href='view_order.php?id=<?php echo $row["orderno"]; ?>&op=<?php echo "view order"; ?>'><i class='fa fa-eye'></i></a></td> </tr> <?php $serial++; } ?> </tbody> </table> <?php } $sql1="SELECT orderno,DATE_FORMAT(orderdate,'%d/%m/%Y') AS orderdate,canteenname from ordertb where userid='".$regisid1."' group by orderno,tokenno,orderdate,canteenname order by orderno DESC"; $result1=mysqli_query($conn,$sql1) or die("Query Failed."); if(mysqli_num_rows($result1)>0){ $total_record=mysqli_num_rows($result1); $total_page= ceil($total_record/$limit); echo "<ul class='pagination admin-pagination'>"; if($page > 1){ echo '<li><a class="btn btn-danger" href="list_orderdetails.php?page='.($page - 1).'">Prev</a></li>'; } for($i=1; $i<=$total_page; $i++){ if($i==$page) { $active="active"; }else { $active=""; } echo '<li class="'. $active .'"><a href="list_orderdetails.php?page=' .$i. '">' .$i. '</a></li>'; } if($total_page>$page){ echo '<li><a class="btn btn-danger" href="list_orderdetails.php?page='.($page + 1).'">Next</a></li>'; } echo "</ul>"; } ?> </div> </div> </div> </div> </section> <?php include "footer.php";?>