shell bypass 403
<?php
include('config/config.php');
$name = mysqli_real_escape_string($conn,$_POST['name']);
$lastname = $_POST['lastname'];
$mobile = $_POST['mobile'];
$email = mysqli_real_escape_string($conn,$_POST['email']);
$subject = mysqli_real_escape_string($conn,$_POST['subject']);
$messagess = mysqli_real_escape_string($conn,$_POST['messagess']);
$captcha = mysqli_real_escape_string($conn,$_POST['captcha']);
include('config/config.php');
$sql1 = "SELECT * FROM capshas WHERE cs_name = '".$captcha."' ";
$res1 = $conn->query($sql1);
$num_rows = $res1->num_rows;
if($num_rows == 1){
$sql = "INSERT INTO contacts (ct_name,ct_lastname,ct_mobile,ct_mail,ct_subject,ct_message)";
$sql .= " VALUES ('".$name."','".$lastname."','". $mobile."','".$email."','".$subject ."','".$messagess."')";
$res = $conn->query($sql);
if($res == TRUE){
echo 1;
}else{
echo 0;
}
}else{
echo 2;
}
?>