shell bypass 403
<?php session_start();
if(isset($_SESSION['status']) != 1 || isset($_SESSION['stauts_login']) != 1 ){
header("Location:index.php");
}
?>
<!DOCTYPE html>
<html>
<head>
<meta charset="utf-8">
<meta http-equiv="X-UA-Compatible" content="IE=edge">
<title>AdminLTE 2 | Dashboard</title>
<meta content="width=device-width, initial-scale=1, maximum-scale=1, user-scalable=no" name="viewport">
<link rel="stylesheet" href="bower_components/bootstrap/dist/css/bootstrap.min.css">
<link rel="stylesheet" href="bower_components/font-awesome/css/font-awesome.min.css">
<link rel="stylesheet" href="bower_components/Ionicons/css/ionicons.min.css">
<link rel="stylesheet" href="dist/css/AdminLTE.css">
<link rel="stylesheet" href="dist/css/skins/_all-skins.min.css">
<link rel="stylesheet" href="bower_components/morris.js/morris.css">
<link rel="stylesheet" href="bower_components/jvectormap/jquery-jvectormap.css">
<link rel="stylesheet" href="bower_components/bootstrap-datepicker/dist/css/bootstrap-datepicker.min.css">
<link rel="stylesheet" href="bower_components/bootstrap-daterangepicker/daterangepicker.css">
<link rel="stylesheet" href="plugins/bootstrap-wysihtml5/bootstrap3-wysihtml5.min.css">
<link rel="stylesheet" href="bower_components/datatables.net-bs/css/dataTables.bootstrap.min.css">
<link rel="stylesheet" href="https://fonts.googleapis.com/css?family=Source+Sans+Pro:300,400,600,700,300italic,400italic,600italic">
</head>
<body class="hold-transition skin-blue sidebar-mini">
<div class="wrapper">
<header class="main-header">
<!-- Logo -->
<a href="dashboard.php" class="logo">
<!-- mini logo for sidebar mini 50x50 pixels -->
<span class="logo-mini"><b>I</b>V</span>
<!-- logo for regular state and mobile devices -->
<span class="logo-lg">INTERIOR VISIONS</span>
</a>
<!-- Header Navbar: style can be found in header.less -->
<nav class="navbar navbar-static-top">
<!-- Sidebar toggle button-->
<a href="#" class="sidebar-toggle" data-toggle="push-menu" role="button">
<span class="sr-only">Toggle navigation</span>
</a>
<div class="navbar-custom-menu">
<ul class="nav navbar-nav">
<li class="dropdown user user-menu">
<a href="#" class="dropdown-toggle" data-toggle="dropdown">
<span class="hidden-xs"><?php echo $_SESSION['fullname'] ; ?></span>
</a>
<ul class="dropdown-menu">
<!-- User image -->
<li class="user-header">
<p>
<?php echo $_SESSION['fullname']; ?>- Admin
<small>Admin since No. <?php echo $_SESSION['id']; ?></small>
</p>
</li>
<!-- Menu Footer-->
<li class="user-footer">
<div class="pull-left">
<a href="../" class="btn btn-default btn-flat" target="_blank">Go to Website</a>
</div>
<div class="pull-right">
<a href="logout.php" class="btn btn-default btn-flat">Sign out</a>
</div>
</li>
</ul>
</li>
<!-- Control Sidebar Toggle Button -->
</ul>
</div>
</nav>
</header>
<!-- Left side column. contains the logo and sidebar -->
<aside class="main-sidebar">
<!-- sidebar: style can be found in sidebar.less -->
<section class="sidebar">
<ul class="sidebar-menu" data-widget="tree">
<li class="treeview">
<a href="#">
<i class="fa fa-home" aria-hidden="true"></i><span>Management Home</span>
<span class="pull-right-container">
<i class="fa fa-angle-left pull-right"></i>
</span>
</a>
<ul class="treeview-menu">
<li><a href="home_setting.php"><i class="fa fa-circle-o"></i> Home Setting</a></li>
</ul>
</li>
<li class="treeview">
<a href="#">
<i class="fa fa-file-text-o" aria-hidden="true"></i> <span>Management Project</span>
<span class="pull-right-container">
<i class="fa fa-angle-left pull-right"></i>
</span>
</a>
<ul class="treeview-menu">
<li><a href="insert_project.php"><i class="fa fa-circle-o"></i> Insert Project</a></li>
<li><a href="project_list.php"><i class="fa fa-circle-o"></i> Project List</a></li>
</ul>
</li>
<li class="treeview">
<a href="#">
<i class="fa fa-info-circle" aria-hidden="true"></i> <span>Management About</span>
<span class="pull-right-container">
<i class="fa fa-angle-left pull-right"></i>
</span>
</a>
<ul class="treeview-menu">
<li><a href="company_setting.php"><i class="fa fa-circle-o"></i> Company Setting</a></li>
<li><a href="director_setting.php"><i class="fa fa-circle-o"></i> Directors Setting</a></li>
<li><a href="team_setting.php"><i class="fa fa-circle-o"></i> Team Setting</a></li>
</ul>
</li>
<li class="treeview">
<a href="#">
<i class="fa fa-users" aria-hidden="true"></i> <span>Management Client</span>
<span class="pull-right-container">
<i class="fa fa-angle-left pull-right"></i>
</span>
</a>
<ul class="treeview-menu">
<li><a href="client_setting.php"><i class="fa fa-circle-o"></i> Client Setting</a></li>
</ul>
</li>
<li class="treeview">
<a href="#">
<i class="fa fa-phone" aria-hidden="true"></i> <span>Management Contact</span>
<span class="pull-right-container">
<i class="fa fa-angle-left pull-right"></i>
</span>
</a>
<ul class="treeview-menu">
<li><a href="contact_setting.php"><i class="fa fa-circle-o"></i> Contact Setting</a></li>
</ul>
</li>
</ul>
</section>
<!-- /.sidebar -->
</aside>
<!-- Content Wrapper. Contains page content -->
<div class="content-wrapper">
<section class="content">
<h2>Project List</h2>
<!-- SELECT2 EXAMPLE -->
<div class="box box-primary">
<div class="box-header with-border">
</div>
<!-- /.box-header -->
<div class="box-body">
<div class="row">
<div class="col-md-12">
<div id="error_del_project"></div>
<div class="panel with-nav-tabs panel-default">
<div class="panel-heading">
<ul class="nav nav-tabs">
<li class="dropdown">
<a href="#" data-toggle="dropdown">Interior Design<span class="caret"></span></a>
<ul class="dropdown-menu" role="menu">
<li><a href="#" class="select_cat" id="select_cat" atr="C000" art="T001">All</a></li>
<li><a href="#" class="select_cat" id="select_cat" atr="C001" art="T001">Property</a></li>
<li><a href="#" class="select_cat" id="select_cat" atr="C002" art="T001">Residential</a></li>
<li><a href="#" class="select_cat" id="select_cat" atr="C003" art="T001">Hospitality </a></li>
<li><a href="#" class="select_cat" id="select_cat" atr="C004" art="T001">Commercail/Retail</a></li>
<li><a href="#" class="select_cat" id="select_cat" atr="C005" art="T001">Corparate</a></li>
<li><a href="#" class="select_cat" id="select_cat" atr="C008" art="T001">Restaurent</a></li>
</ul>
</li>
<li class="dropdown">
<a href="#" data-toggle="dropdown">Architecture<span class="caret"></span></a>
<ul class="dropdown-menu" role="menu">
<li><a href="#" class="select_cat" id="select_cat" atr="C000" art="T002">All</a></li>
<li><a href="#" class="select_cat" id="select_cat" atr="C001" art="T002">Property</a></li>
<li><a href="#" class="select_cat" id="select_cat" atr="C002" art="T002">Residential</a></li>
<li><a href="#" class="select_cat" id="select_cat" atr="C003" art="T002">Hospitality </a></li>
<li><a href="#" class="select_cat" id="select_cat" atr="C004" art="T002">Commercail/Retail</a></li>
<li><a href="#" class="select_cat" id="select_cat" atr="C005" art="T002">Corparate</a></li>
<li><a href="#" class="select_cat" id="select_cat" atr="C006" art="T002">Institute</a></li>
<li><a href="#" class="select_cat" id="select_cat" atr="C007" art="T002">Recreation</a></li>
</ul>
</li>
<li class="dropdown">
<a href="#" data-toggle="dropdown">Visual Communications <span class="caret"></span></a>
<ul class="dropdown-menu" role="menu">
<li><a href="#" class="select_cat" id="select_cat" atr="C000" art="T003">All</a></li>
<li><a href="#" class="select_cat" id="select_cat" atr="C001" art="T003">Property</a></li>
<li><a href="#" class="select_cat" id="select_cat" atr="C002" art="T003">Residential</a></li>
<li><a href="#" class="select_cat" id="select_cat" atr="C003" art="T003">Hospitality </a></li>
<li><a href="#" class="select_cat" id="select_cat" atr="C004" art="T003">Commercail/Retail</a></li>
<li><a href="#" class="select_cat" id="select_cat" atr="C005" art="T003">Corparate</a></li>
<li><a href="#" class="select_cat" id="select_cat" atr="C006" art="T003">Institute</a></li>
<li><a href="#" class="select_cat" id="select_cat" atr="C007" art="T003">Recreation</a></li>
</ul>
</li>
</ul>
</div>
<div class="panel-body">
<div class="tab-content">
<div class="tab-pane fade in active" id="tab1default">
<div class="table-responsive">
<div id="project_list"></div>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
</section>
<!-- /.content -->
</div>
<div class="control-sidebar-bg"></div>
</div>
</body>
<script src="bower_components/jquery/dist/jquery.min.js"></script>
<script src="bower_components/jquery-ui/jquery-ui.min.js"></script>
<script>
$.widget.bridge('uibutton', $.ui.button);
</script>
<script src="bower_components/bootstrap/dist/js/bootstrap.min.js"></script>
<script src="bower_components/raphael/raphael.min.js"></script>
<script src="bower_components/morris.js/morris.min.js"></script>
<script src="bower_components/jquery-sparkline/dist/jquery.sparkline.min.js"></script>
<script src="plugins/jvectormap/jquery-jvectormap-1.2.2.min.js"></script>
<script src="plugins/jvectormap/jquery-jvectormap-world-mill-en.js"></script>
<script src="bower_components/jquery-knob/dist/jquery.knob.min.js"></script>
<script src="bower_components/moment/min/moment.min.js"></script>
<script src="bower_components/bootstrap-daterangepicker/daterangepicker.js"></script>
<script src="bower_components/bootstrap-datepicker/dist/js/bootstrap-datepicker.min.js"></script>
<script src="plugins/bootstrap-wysihtml5/bootstrap3-wysihtml5.all.min.js"></script>
<script src="bower_components/jquery-slimscroll/jquery.slimscroll.min.js"></script>
<script src="bower_components/fastclick/lib/fastclick.js"></script>
<script src="dist/js/adminlte.min.js"></script>
<script src="dist/js/pages/dashboard.js"></script>
<script src="dist/js/demo.js"></script>
<script src="dist/js/jquery.validate.min.js"></script>
<script src="http://malsup.github.com/jquery.form.js"></script>
<script src="bower_components/datatables.net/js/jquery.dataTables.min.js"></script>
<script src="bower_components/datatables.net-bs/js/dataTables.bootstrap.min.js"></script>
<script>
$(document).ready(function(){
$.ajax({
url:"table_project_list.php",
type:"post",
data:{p:"T001",q:"C000"},
}).done(function(data){
console.log(data);
$("#project_list").html(data);
});
});
$(".select_cat").click(function(){
var q = $(this).attr("atr");
var p = $(this).attr("art");
$.ajax({
url:"table_project_list.php",
type:"post",
data:{q:q,p:p},
}).done(function(data){
console.log(data);
$("#project_list").html(data);
});
});
</script>
</html>