shell bypass 403
<?php
session_start();
include('../config/config.php');
$username = $_POST['username'];
$password = $_POST['password'];
//echo $check_sql = "SELECT * FROM admin WHERE a_username = '".$username."' and a_password = '".$password_hash."' ";
$sql = "SELECT * FROM admin WHERE a_username = '".$username."' AND a_password = '".$password."' ";
$result = $conn->query($sql);
$num_rows = $result->num_rows;
if($num_rows == 1){
while($row = $result->fetch_assoc ()){
$_SESSION['id'] = $row['a_id'];
$_SESSION['fullname'] = $row['a_fullname'];
$_SESSION['username'] = $row['a_username'];
$_SESSION['password'] = $row['a_password'];
$_SESSION['status'] = $row['a_status'];
$_SESSION['stauts_login'] = 1;
}
echo 1;
}else{
echo 0;
}
?>