shell bypass 403
<?php include('../config/config.php'); $q = $_POST['q']; $sql2 = "SELECT * FROM projects WHERE p_id = ".$q." "; $res2 = $conn->query($sql2); while($row = $res2->fetch_assoc()){ $p_name = $row['p_name']; $im_show = substr($row['p_tt'],0,6); $im_check = $row['p_im_show']; $p_tt = $row['p_tt']; $p_im_temp = $row['p_im_temp']; if($im_show == "upload"){ unlink ("../".$im_check); unlink ("../".$p_tt); }else{ unlink ("../".$im_check); } $path = substr($im_check,7,32); } $sql4 = "SELECT * FROM project_details WHERE p_pd_id = ".$q." "; $res4= $conn->query($sql4); $num_rows = $res4->num_rows; if($num_rows > 0){ while($row = $res4->fetch_assoc()){ $im_pd_id = $row['im_pd_id']; unlink ("../".$im_pd_id); } } $sql = "DELETE FROM projects where p_id = ".$q." "; $res = $conn->query($sql); $sql3 = "DELETE FROM project_details where p_pd_id = ".$q." "; $res3 = $conn->query($sql3); rmdir("../upload/".$path); echo 1; ?>