shell bypass 403
<?php
include('../config/config.php');
$q = $_POST['q'];
$sql = "SELECT * FROM clients WHERE cl_id = ".$q." ";
$res = $conn->query($sql);
while($row = $res->fetch_assoc()){
$image = $row['cl_image'];
@unlink("../".$image);
$sql1 = "DELETE FROM clients WHERE cl_id = ".$q." ";
$res1 = $conn->query($sql1);
if($res1 === TRUE){
echo 1;
}else{
echo 0;
}
}
?>