UnknownSec Bypass 403

: /var/www/jpsagrisolution/cpanel/product_images/xryukz_sym/root/var/www/html/adminpnl/ [ drwxr-xr-x ]
name : customer.php <?php require_once "top.php"; require_once("dbcontroller.php"); require_once("perpage.php"); require_once "../conclass.php"; $db_handle = new dbcontroller(); $name = ""; $personalno = ""; $queryCondition = ""; if(!empty($_POST["search"])) { foreach($_POST["search"] as $k=>$v){ if(!empty($v)) { $queryCases = array("name","personalno"); if(in_array($k,$queryCases)) { if(!empty($queryCondition)) { $queryCondition .= " AND "; } else { $queryCondition .= " where "; } } switch($k) { case "name": $name = $v; $queryCondition .= "name LIKE '" . $v . "%'"; break; case "personalno": $personalno = $v; $queryCondition .= "personalno LIKE '" . $v . "%'"; break; } } } } $orderby = " order by regisid "; $sql = "select regisid,name,personalno,cusrank,mobileno,cuspassword from customerregistrationtb ". $queryCondition ; $href = 'customer.php'; $perPage = 100; $page = 1; if(isset($_POST['page'])){ $page = $_POST['page']; } $start = ($page-1)*$perPage; if($start < 0) $start = 0; $query = $sql . $orderby . " limit " . $start . "," . $perPage; $result = $db_handle->runQuery($query); if(!empty($result)) { $result["perpage"] = showperpage($sql, $perPage, $href); } ?> <script> function myFunction() { var input, filter, table, tr, td, i, txtValue; input = document.getElementById("myInput"); filter = input.value.toUpperCase(); table = document.getElementById("myTable"); tr = table.getElementsByTagName("tr"); for (i = 0; i < tr.length; i++) { td = tr[i].getElementsByTagName("td")[1]; if (td) { txtValue = td.textContent || td.innerText; if (txtValue.toUpperCase().indexOf(filter) > -1) { tr[i].style.display = ""; } else { tr[i].style.display = "none"; } } } } </script> <!-- /contact-form --> <section class="w3l-contact-main"> <div class="contact-infhny py-5"> <div class="container py-lg-3"> <div class="row align-form-map"> <div class="col-lg-9 title-content text-left mb-lg-4 mb-4"> <h4 class="hny-title mb-3">All <span>Customer</span></h4> </div> <div class="col-lg-3"> <a class="btn btn-contact" href="add_customer.php">ADD CUSTOMER</a> </div> <div class="col-lg-12 form-inner-cont"> <form name="frmSearch" method="post" action="customer.php"> <div class="row mt-lg-5 mt-4"> <div class="col-6 left-section"> <input type="text" placeholder="Name" name="search[name]" class="demoInputBox" value="<?php echo $name; ?>" /> </div> <div class="col-6 right-section m5-4"> <input type="text" placeholder="Code" name="search[personalno]" class="demoInputBox" value="<?php echo $personalno; ?>" /> </div> </div> <div class="row mt-lg-5 mt-4"> <div class="col-6 right-section m5-4"> <input type="submit" name="go" class="btn btn-contact" value="Search"> </div> <div class="col-6 right-section m5-4"> <input type="reset" class="btn btn-contact" value="Reset" onclick="window.location='customer.php'"> </div> </div> <br> <table class="content-table"> <thead> <th>ID</th> <th>Name</th> <th>personal no</th> <th>Rank</th> <th>Mobile No</th> <th>Password</th> <th>Edit</th> <!--<th>Delete</th>--> </thead> <tbody> <?php if(!empty($result)) { foreach($result as $k=>$v) { if(is_numeric($k)) { ?> <tr> <td class='id'><?php echo $result[$k]['regisid']; ?></td> <td><?php echo $result[$k]['name']; ?></td> <td><?php echo $result[$k]['personalno']; ?></td> <td><?php echo $result[$k]['cusrank']; ?></td> <td><?php echo $result[$k]['mobileno']; ?></td> <td><?php echo $result[$k]['cuspassword']; ?></td> <td class='edit'><a href='add_customer.php?id=<?php echo $result[$k]["regisid"]; ?>&op=<?php echo "Update"; ?>'><i class='fa fa-edit'></i></a></td> <!--<td class='delete'><a href='add_customer.php?id=<?php echo $result[$k]["regisid"]; ?>&op=<?php echo "Delete"; ?>'><i class='fa fa-trash-o'></i></a></td>--> </tr> <?php } } } if(isset($result["perpage"])) { ?> <tr> <td colspan="8" align=right> <?php echo $result["perpage"]; ?></td> </tr> <?php } ?> </tbody> </table> </form> </div> </div> </div> </section> <!-- //contact-form --> <?php include "footer.php";?>