shell bypass 403
<?php session_start();
if(isset($_SESSION['status']) == 1 || isset($_SESSION['stauts_login']) == 1 ){
header("Location:dashboard.php");
}
?>
<!DOCTYPE html>
<html>
<head>
<meta charset="utf-8">
<meta http-equiv="X-UA-Compatible" content="IE=edge">
<title>AdminLTE 2 | Dashboard</title>
<meta content="width=device-width, initial-scale=1, maximum-scale=1, user-scalable=no" name="viewport">
<link rel="stylesheet" href="bower_components/bootstrap/dist/css/bootstrap.min.css">
<link rel="stylesheet" href="bower_components/font-awesome/css/font-awesome.min.css">
<link rel="stylesheet" href="bower_components/Ionicons/css/ionicons.min.css">
<link rel="stylesheet" href="https://fonts.googleapis.com/css?family=Source+Sans+Pro:300,400,600,700,300italic,400italic,600italic">
</head>
<style>
body{
background-color: black;
}
.wrapper {
margin-top: 100px;
margin-bottom: 20px;
}
.form-signin {
max-width: 420px;
padding: 30px 38px 66px;
margin: 0 auto;
background-color: #eee;
border: 3px dotted rgba(0,0,0,0.1);
}
.form-signin-heading {
text-align:center;
margin-bottom: 30px;
}
.form-control {
position: relative;
font-size: 16px;
height: auto;
padding: 10px;
}
input[type="text"] {
margin-bottom: 0px;
border-bottom-left-radius: 0;
border-bottom-right-radius: 0;
}
input[type="password"] {
margin-bottom: 20px;
border-top-left-radius: 0;
border-top-right-radius: 0;
}
.colorgraph {
height: 7px;
border-top: 0;
background: #c4e17f;
border-radius: 5px;
background-image: -webkit-linear-gradient(left, #c4e17f, #c4e17f 12.5%, #f7fdca 12.5%, #f7fdca 25%, #fecf71 25%, #fecf71 37.5%, #f0776c 37.5%, #f0776c 50%, #db9dbe 50%, #db9dbe 62.5%, #c49cde 62.5%, #c49cde 75%, #669ae1 75%, #669ae1 87.5%, #62c2e4 87.5%, #62c2e4);
background-image: -moz-linear-gradient(left, #c4e17f, #c4e17f 12.5%, #f7fdca 12.5%, #f7fdca 25%, #fecf71 25%, #fecf71 37.5%, #f0776c 37.5%, #f0776c 50%, #db9dbe 50%, #db9dbe 62.5%, #c49cde 62.5%, #c49cde 75%, #669ae1 75%, #669ae1 87.5%, #62c2e4 87.5%, #62c2e4);
background-image: -o-linear-gradient(left, #c4e17f, #c4e17f 12.5%, #f7fdca 12.5%, #f7fdca 25%, #fecf71 25%, #fecf71 37.5%, #f0776c 37.5%, #f0776c 50%, #db9dbe 50%, #db9dbe 62.5%, #c49cde 62.5%, #c49cde 75%, #669ae1 75%, #669ae1 87.5%, #62c2e4 87.5%, #62c2e4);
background-image: linear-gradient(to right, #c4e17f, #c4e17f 12.5%, #f7fdca 12.5%, #f7fdca 25%, #fecf71 25%, #fecf71 37.5%, #f0776c 37.5%, #f0776c 50%, #db9dbe 50%, #db9dbe 62.5%, #c49cde 62.5%, #c49cde 75%, #669ae1 75%, #669ae1 87.5%, #62c2e4 87.5%, #62c2e4);
}
</style>
<body>
<div class = "container">
<div class="wrapper">
<form method="post" name="login_form" id="login_form" class="form-signin">
<h3 class="form-signin-heading">ยินดีต้อนรับ!! กรุณาเข้าสู่ระบบ</h3>
<hr class="colorgraph"><br>
<div id="error_login"></div>
<div class="form-group">
<label>ชื่อผู้ใช้งาน</label>
<input type="text" class="form-control" name="username" id="username" placeholder="ชื่อผู้เข้าใช้งาน" rautofocus="" />
</div>
<div class="form-group">
<label>รหัสผ่าน</label>
<input type="password" class="form-control" name="password" id="password" placeholder="รหัสผ่าน" >
</div>
<button class="btn btn-lg btn-primary btn-block" type="Submit">เข้าสู่ระบบ</button>
<!-- <p class="text-center" style="padding-top:25px;margin:0px;"><a href="register.php">สมัครสมาชิก </a></p> -->
</form>
</div>
</div>
</body>
<script src="bower_components/jquery/dist/jquery.min.js"></script>
<script src="bower_components/jquery-ui/jquery-ui.min.js"></script>
<script src="bower_components/bootstrap/dist/js/bootstrap.min.js"></script>
<script src="http://malsup.github.com/jquery.form.js"></script>
<script src="../js/jquery.validate.min.js"></script>
<script>
$('#login_form').validate({
rules: {
username: {
required: true,
},
password: {
required: true,
},
},
messages: {
username: {
required: "<p style='color:red;'> กรุณากรอกข้อมูล ชื่อผู้ใช้งาน</p>",
},
password: {
required: "<p style='color:red;'> กรุณากรอกข้อมูล รหัสผ่าน </p>",
},
},
submitHandler: function(form) {
$.ajax({
url: "check_login.php",
type: "post",
data: $("#login_form").serialize(),
}).done(function(data){
console.log(data);
if(data == 1){
console.log(data);
window.location = "dashboard.php";
}else{
console.log(data);
$("#error_login").html("<div class='alert alert-danger'>ไม่สามารถเข้าสู่ระบบได้!!</div>");
setTimeout(function(){
$('#error_login').fadeOut()
},3000);
return false;
}
});
}
});
</script>
</html>