shell bypass 403
<?php
include('../config/config.php');
if(isset($_POST['show'])){
if(isset($_POST['q'])){
$aa = $_POST['q'];
}
}
$sql = "SELECT * FROM contacts WHERE ct_id = ".$aa." ";
$res = $conn->query($sql);
$num_rows = $res->num_rows;
if($num_rows > 0){
while($row = $res->fetch_assoc()){
?>
<table class="table">
<tr>
<th width="25%">Contact Name :</th>
<td><?php echo $row['ct_name']." ".$row['ct_lastname']; ?></td>
</tr>
<tr>
<th>Contact Mobile :</th>
<td><?php echo $row['ct_mobile']; ?></td>
</tr>
<tr>
<th>Contact E-mail :</th>
<td><?php echo $row['ct_mail']; ?></td>
</tr>
<tr>
<th>Contact Subject :</th>
<td><?php echo $row['ct_subject']; ?></td>
</tr>
<tr>
<th>Contact Messsage :</th>
<td><?php echo $row['ct_message']; ?></td>
</tr>
</table>
<?php
}
}else{
?>
<h1 class="text-cneter text-danger">No Contact Data</h1>
<?php
}
?>