UnknownSec Bypass 403

: /var/www/zenithentcare/stmedicosoftware/ [ drwxrwxr-x ]
name : get_consultanfee.php <?php require_once "config.php"; $departmentid = $_POST['departmentid']; $doctorid = $_POST['doctorid']; $patienttype = $_POST['patienttype']; $suhid = $_POST['suhid']; $odate=date_create($_POST['trandate']); $opdate=date_format($odate,"Y-m-d"); $data["amt"]=0; $data["expirydate"]="1990-01-01"; $vailddays=0; $noofdays=0; $query = "SELECT * from mastertb where accountmasterid='".$doctorid."' and status=0"; $result = mysqli_query($conn, $query); while($row = mysqli_fetch_array($result)) { if($patienttype=="Normal") $data["amt"] = $row["normalfee"]; else $data["amt"] = $row["emergencyfee"]; $noofdays=intval($row["validitydays"])-1; $vailddays= $noofdays.' days'; } if($suhid=="" || $suhid==null) { $expirydate= date('Y-m-d', strtotime($opdate. $vailddays)); $data["expirydate"]=$expirydate; } else { $expirydate= date('Y-m-d', strtotime($opdate. $vailddays)); $flag=false; $query1 = "select * from patientdetailstb where suhid='".$suhid."' and examinedbyid='".$doctorid."' and isdeleted=0 order by opddate Desc "; $result1 = mysqli_query($conn, $query1); while ($row1=mysqli_fetch_array($result1)) { $lastexpirydate= strtotime($row1["expirydate"]); $currentdate= strtotime($opdate); if($lastexpirydate>= $currentdate) { $data["amt"]="0"; $data["expirydate"]= $row1["expirydate"]; $flag=true; } } if($flag==false) { $expirydate= date('Y-m-d', strtotime($opdate. $vailddays)); $data["expirydate"]=$expirydate; } } echo json_encode($data); ?>