shell bypass 403
<?php
include('../config/config.php');
$q = $_POST['q'];
$sql2 = "SELECT * FROM projects WHERE p_id = ".$q." ";
$res2 = $conn->query($sql2);
while($row = $res2->fetch_assoc()){
$p_name = $row['p_name'];
$im_show = substr($row['p_tt'],0,6);
$im_check = $row['p_im_show'];
$p_tt = $row['p_tt'];
$p_im_temp = $row['p_im_temp'];
if($im_show == "upload"){
unlink ("../".$im_check);
unlink ("../".$p_tt);
}else{
unlink ("../".$im_check);
}
$path = substr($im_check,7,32);
}
$sql4 = "SELECT * FROM project_details WHERE p_pd_id = ".$q." ";
$res4= $conn->query($sql4);
$num_rows = $res4->num_rows;
if($num_rows > 0){
while($row = $res4->fetch_assoc()){
$im_pd_id = $row['im_pd_id'];
unlink ("../".$im_pd_id);
}
}
$sql = "DELETE FROM projects where p_id = ".$q." ";
$res = $conn->query($sql);
$sql3 = "DELETE FROM project_details where p_pd_id = ".$q." ";
$res3 = $conn->query($sql3);
rmdir("../upload/".$path);
echo 1;
?>