jpsagrisolution.com - UnknownSec 403

UnknownSec Bypass 403

: /var/www/jpsagrisolution/cpanel/ [ drwxr-xr-x ]
name : change_password.php
 <?php
 include "top.php";

 if(isset($_POST['save'])){
  $oldpassword=mysqli_real_escape_string($conn,$_POST['oldpassword']);
  $newpassword=mysqli_real_escape_string($conn,$_POST['newpassword']);

  $sql = "SELECT employeename  FROM employeetb WHERE employeeid = '{$_SESSION['adminid']}' AND userpassword='{$oldpassword}'";
  $result = mysqli_query($conn,$sql) or die("Query Failed.");
  if(mysqli_num_rows($result) > 0){
    $sql1="UPDATE employeetb SET userpassword='{$newpassword}' WHERE employeeid = '{$_SESSION['adminid']}'";
    $result1 = mysqli_query($conn,$sql1) or die("Query Failed.");
    if(mysqli_query($conn, $sql)){
          echo "<h3 style='color:red;text-align:center;margin:10px 0'>Password Change Successfully.</h3>";
      }
  }else{
    echo "<h3 style='color:red;text-align:center;margin:10px 0'>Old Password is not correct.</h3>";
  }
}
?>
<div id="page-wrapper" class="gray-bg dashbard-1">
       <div class="content-main">

 	<!--banner-->
		    <div class="banner">
		    	<h2>
				<a href="index.php">Home</a>
				<i class="fa fa-angle-right"></i>
				<span>Change Password</span>
				</h2>
		    </div>
		<!--//banner-->
 	 <!--gallery-->
 	 <div class=" profile">

		<div class="profile-bottom">
			<h3><i class="fa fa-user"></i>Change Password</h3>
      <form  action="<?php $_SERVER["PHP_SELF"]; ?>" method ="POST" autocomplete="off">
			<div class="profile-bottom-top">

  			<div class="col-md-12 profile-text">
          <div class="vali-form">
             <!--<input type="hidden" id="hdid" name="hdid">-->
             <div class="col-md-12 form-group1">
               <label class="control-label">Old Password</label>
               <input type="text" name="oldpassword" id="oldpassword" placeholder="Old Password" required="">
             </div>
             <div class="clearfix"> </div>
             <br>
             <div class="col-md-12 form-group1">
               <label class="control-label">New Password</label>
               <input type="text" name="newpassword" id="newpassword" placeholder="New Password" required="">
             </div>
             <div class="clearfix"> </div>
           </div>

  			</div>
  			<div class="clearfix"></div>
			</div>
			<div class="profile-btn">
                <input type="submit" id="save" name="save" class="btn bg-red" value="Save changes"/>
           <div class="clearfix"></div>
			</div>

    </form>
		</div>
	</div>
</div>
</div>
	<!--//gallery-->
  <script>
    if ( window.history.replaceState ) {
        window.history.replaceState( null, null, window.location.href );
    }
</script>
<?php include "footer.php";?>