UnknownSec Bypass 403

: /var/www/zenithentcare/stmedicosoftware/ [ drwxrwxr-x ]
name : mst_curdholiday.php <?php require_once "config.php"; $msg=""; $creationdatetime = date("Y-m-d H:m:s"); $holidaydate= trim($_POST['holidaydate']); $holidaydes= trim($_POST['holidaydescription']); $eventArray = array(); $eventArray=explode('-',$holidaydate); $strholidaydate = intval($eventArray[2])."-".intval($eventArray[1])."-".intval($eventArray[0]); $strholidaydatestring = intval($eventArray[0])."-".intval($eventArray[1])."-".intval($eventArray[2]); $id= $_POST['id']; $btnopration= $_POST['btnopration']; $identifier= $_POST['identifier']; if($btnopration=="SAVE") { $query="select * from masterappointmenttb Where holidaydate='" . $strholidaydatestring . "' and identifier='" . $identifier. "' and isdeleted='" . $gnotdeleted . "'"; $cnt= get_noof_rows($conn,$query); if($cnt==0) { $query="insert into masterappointmenttb(holidaydate,holidaydate1,holidaydescription,identifier,isdeleted,creationdatetime) values('".$strholidaydatestring."','".$strholidaydate."','".$holidaydes."','".$identifier."','".$gnotdeleted."','".$creationdatetime."')"; $result=insertrecord($conn,$query); if($result==true) $msg="Record save successfully"; else $msg="There is problem to save Record"; } else { $msg="Record is already exist"; } } else if($btnopration=="UPDATE") { $query="select * from masterappointmenttb Where id!='".$id."' and holidaydate='" . $strholidaydatestring . "' and identifier='" . $identifier. "' and isdeleted='" . $gnotdeleted . "'"; $cnt= get_noof_rows($conn,$query); if($cnt==0) { $query="Update masterappointmenttb set holidaydate='" .$strholidaydatestring. "', holidaydate1='" .$strholidaydate."',holidaydescription='".$holidaydes."' where id='".$id."'"; $result=updaterecord($conn,$query); if($result==true) $msg="Record update successfully"; else $msg="There is problem to update Record"; } else { $msg="Record is already exist"; } } else if($btnopration=="REMOVE") { } echo json_encode ($msg); ?>