UnknownSec Bypass
403
:
/
var
/
www
/
zenithentcare
/
stmedicosoftware
/ [
drwxrwxr-x
]
Menu
Upload
Mass depes
Mass delete
Terminal
Info server
About
name :
mst_curd_test.php
<?php require_once "config.php"; $msg=""; $creationdatetime = date("Y-m-d H:m:s"); $testname= trim($_POST['testname']); $amount= trim($_POST['tamount']); $category= trim($_POST['category']); $id= $_POST['id']; $btnopration= $_POST['btnopration']; $identifier= $_POST['identifier']; $type=""; $query="select typeofcharge from testdetailsmaster where testname='".$category."' and identifier='".$gcategoryidentifier."' and isdeleted='".$gnotdeleted."'"; $result1 = mysqli_query($conn, $query); while($row=mysqli_fetch_array($result1)) { $type=$row['typeofcharge']; } if($btnopration=="SAVE") { $query="select * from testdetailsmaster where testname='" . $category . "' and subtestname= '" . $testname . "' and identifier='" . $identifier. "' and isdeleted='" . $gnotdeleted . "'"; $cnt= get_noof_rows($conn,$query); if($cnt==0) { $query="insert into testdetailsmaster(testname,subtestname,amount,identifier,typeofcharge,isdeleted,creationdatetime,createdbyuserid) values('".$category."','".$testname."','".$amount."','".$identifier."','".$type."','".$gnotdeleted."','".$creationdatetime."',1)"; $result=insertrecord($conn,$query); if($result==true) $msg="Record save successfully"; else $msg="There is problem to save Record"; } else { $msg="Record is already exist"; } } else if($btnopration=="UPDATE") { $query="select * from testdetailsmaster where testdetailsid!='".$id."' and testname='" . $category . "' and subtestname= '" . $testname . "' and identifier='" . $identifier. "' and isdeleted='" . $gnotdeleted . "'"; $cnt= get_noof_rows($conn,$query); if($cnt==0) { $query="Update testdetailsmaster set testname='" . $category . "',subtestname= '" . $testname . "',amount='".$amount."',typeofcharge='".$type."' where testdetailsid='".$id."'"; $result=updaterecord($conn,$query); if($result==true) $msg="Record update successfully"; else $msg="There is problem to update Record"; } else { $msg="Record is already exist"; } } else if($btnopration=="REMOVE") { $query="SELECT * from opdheaddetails where chargeid='".$id."' and isdeleted='" . $gnotdeleted . "'"; $cnt2= get_noof_rows($conn,$query); if($cnt2>0) { $msg="You cant delete it because it is in use."; echo json_encode ($msg); return; } $query="Update testdetailsmaster set isdeleted='".$gdeleted."' where testdetailsid='".$id."'"; $result=updaterecord($conn,$query); if($result==true) $msg="Record delete successfully"; else $msg="There is problem to delete Record"; } echo json_encode ($msg); ?>
Copyright © 2025 - UnknownSec