UnknownSec Bypass
403
:
/
var
/
www
/
html
/ [
drwxr-xr-x
]
Menu
Upload
Mass depes
Mass delete
Terminal
Info server
About
name :
user_authentification.php
<?php require_once "config.php"; require_once "conclass.php"; session_start(); $personalno = trim($_POST['personalno']); $password= trim($_POST['psw']); $canteenname = $_POST['canteen']; $data["userau"]="0"; $data["pswc"]="0"; $sanitized_personalno = mysqli_real_escape_string($conn, $personalno); $sanitized_canteenname = mysqli_real_escape_string($conn, $canteenname); $sanitized_password = mysqli_real_escape_string($conn, $password); $msg="0"; $query1 = "select * from customerregistrationtb where personalno= '".$personalno."' and isdeleted='".$NotDeleted."'"; $result1 = mysqli_query($conn, $query1); while($row = mysqli_fetch_array($result1)) { $msg="1"; } if($msg=="1") { $query = "select * from customerregistrationtb where personalno= '".$personalno."' and trim(cuspassword)='".$password."' and isdeleted='".$NotDeleted."'"; $result = mysqli_query($conn, $query); while($row = mysqli_fetch_array($result)) { $data["pswc"]=$row["pswchangeyesno"]; $data["userau"]="1"; $_SESSION['pswchangeyesorno']=$row["pswchangeyesno"]; $_SESSION['usercanteenname']= $sanitized_canteenname; $_SESSION['username']= $row["Name"]; $_SESSION['regisid']= $row["RegisID"]; } } else { $data["userau"]="2"; } echo json_encode($data); ?>
Copyright © 2025 - UnknownSec