UnknownSec Bypass 403

: /var/www/santgyaneshwarji/cpanel/ [ drwxr-xr-x ]
name : save_faculty.php <?php include "../config.php"; $teachername=mysqli_real_escape_string($conn, $_POST['teachername']); $qualification=mysqli_real_escape_string($conn, $_POST['qualification']); $specialization=mysqli_real_escape_string($conn, $_POST['specialization']); $date=date("d M, Y"); $data=0; $sqlchk="SELECT * FROM facultytb WHERE teachername='{$teachername}' and qualification='{$qualification}' and specialization='{$specialization}'"; $result=mysqli_query($conn, $sqlchk) or die("Query Failed."); if(mysqli_num_rows($result)>0){ $data=0; } else { if($_FILES['fileToUpload']['name']){ $error=array(); $file_name=$_FILES['fileToUpload']['name']; $file_size=$_FILES['fileToUpload']['size']; $file_tmp=$_FILES['fileToUpload']['tmp_name']; $file_type=$_FILES['fileToUpload']['type']; //$file_ext=strtolower(end(explode('.',$file_name))); $file_ext=explode('.',$file_name); $extensions=array("jpeg","jpg","png"); if(in_array($file_ext,$extensions)===false){ $error[]="This extension file is not allowed, Please choose a JPG or PNG file."; } if($file_size > 2097152) { $error="File size must be 2mb or lower."; } $new_name=time()."-".basename($file_name); $target="faculty_images/".$new_name; $image_name=$new_name; if(empty($errors)==true){ move_uploaded_file($file_tmp,$target); }else{ print_r($error); die(); } } $sql="INSERT INTO facultytb(teachername,qualification,specialization,image_name,added_on) VALUES('{$teachername}','{$qualification}','{$specialization}','{$image_name}','{$date}')"; if(mysqli_multi_query($conn, $sql)) { $data=1; } } echo json_encode($data); ?>