UnknownSec Bypass 403

: /var/www/zenithentcare/stmedicosoftware/ [ drwxrwxr-x ]
name : mst_save_update_headersettings.php <?php require_once "config.php"; $msg=""; $oldimagename=""; $query = "select logoimagepath from headersettingtb"; $result = mysqli_query($conn,$query); while($row = mysqli_fetch_array($result)) { $oldimagename= $row["logoimagepath"]; } $logo_name=$_FILES['logofile']['name']; $logo_size=$_FILES['logofile']['size']; $logo_tmp=$_FILES['logofile']['tmp_name']; $logo_type=$_FILES['logofile']['type']; $file_ext=explode('.',$logo_name); $file_ext=strtolower(end($file_ext)); $extensions=array("jpeg","jpg","png"); if(in_array($file_ext,$extensions)===false){ $error[]="This extension file is not allowed, Please choose a JPG or PNG file."; } if($logo_size > 2097152) { $error="File size must be 2mb or lower."; } if($logo_size>0) $logonew_name=time()."-".basename($logo_name); else { $logonew_name= $oldimagename; } $logotarget="logoimage/".$logonew_name; $logoimage_name=$logonew_name; if(empty($errors)==true){ if($logo_size>0) { if($oldimagename) { $removefilename="logoimage/".$oldimagename; unlink($removefilename); } move_uploaded_file($logo_tmp,$logotarget); } } $header= $_POST['headername']; $address1= $_POST['address1']; $address2= $_POST['address2']; $phoneno= $_POST['phoneno']; $query="truncate table headersettingtb"; $result=updaterecord($conn,$query); $query="insert into headersettingtb(headertext,address1,address2,phoneno, logoimagepath) values('".$header."','".$address1."','".$address2."','".$phoneno."','". $logoimage_name."')"; $result=insertrecord($conn,$query); if($result==true) $msg="Header settings save successfully"; else $msg="There is problem to save header settings"; echo json_encode ($msg); ?>