shell bypass 403
<?php
include('../config/config.php');
$q = $_POST['q'];
$sql = "SELECT * FROM homes WHERE h_id = ".$q." ";
$res = $conn->query($sql);
while($row = $res->fetch_assoc()){
$image = $row['h_image'];
@unlink("../".$image);
}
$sql = "DELETE FROM homes WHERE h_id = ".$q." ";
$res = $conn->query($sql);
if($res === TRUE){
echo 1;
}else{
echo 0;
}
?>