UnknownSec Bypass 403

: /var/www/html/clientpnl/ [ drwxr-xr-x ]
name : newsave_token.php <?php require_once "../config.php"; require_once "../conclass.php"; $regisid = $_POST['regisid']; $bookingdatetime= $_POST['bookingdatetime']; $itemcategory = $_POST['itemcategory']; $canteenname = $_POST['canteenname']; $totalseatavailable = 0; $tokenNo = 0; $cnt=0; $eventArray = array(); $eventArray=explode('-',$bookingdatetime); $bookingintext =intval($eventArray[0])."-".intval($eventArray[1])."-".intval($eventArray[2]); $bookingdate = $eventArray[2]."-".$eventArray[1]."-".$eventArray[0]; $_month=$eventArray[1]; $_year=$eventArray[2]; $creationdatetime=Date("y-m-d"); $_message = ""; $timeStamp = Date("Y-m-d H:i:s"); $creationdatetime= Date("Y-m-d"); $date1 = new DateTime("2024-10-08"); $date2 = new DateTime($bookingdate); if($date2<$date1) { $sql= "CALL sp_tokenentrynew('".$bookingdate."', '".$bookingintext."', '".$regisid."','".$itemcategory."','".$canteenname."','".$_month."','".$_year."','".$creationdatetime."' ,'".$timeStamp."',@_bookmsgid)"; $result = mysqli_query($conn, $sql); $result1 = mysqli_query($conn, "select @_bookmsgid"); $_message = mysqli_fetch_array($result1); } else { $sql= "CALL sp_tokenentry('".$bookingdate."', '".$bookingintext."', '".$regisid."','".$itemcategory."','".$canteenname."','".$_month."','".$_year."','".$creationdatetime."' ,'".$timeStamp."',@_bookmsgid)"; $result = mysqli_query($conn, $sql); $result1 = mysqli_query($conn, "select @_bookmsgid"); $_message = mysqli_fetch_array($result1); } // $stmt = $connect->prepare($sql); // $rs = $stmt->execute(); // $result = $stmt->fetchAll(PDO::FETCH_ASSOC); //CALL sp_tokenentry($bookingdate, $bookingintext, $regisid,$itemcategory,$canteenname,$_month,$_year,$creationdatetime,$timeStamp) // CALL sp_tokenentry('2024-7-14', '14-7-2024', 22,'Grocery','Banbasa','7','2024', '14-7-2024 00:00:00','14-7-2024 00:00:00') echo json_encode($_message); ?>