shell bypass 403
<?php
include('../config/config.php');
$q = $_POST['q'];
if(isset($_FILES['file']['tmp_name'])){
$sql = "SELECT * FROM clients2 WHERE cl2_id = ".$q." ";
$res = $conn->query($sql);
while($row = $res->fetch_assoc()){
$image = $row['cl2_image'];
@unlink("../".$image);
}
$images1 = $_FILES['file']['tmp_name'];
$images_name1 = $_FILES['file']['name'];
$images = "images/client/logo/".$images_name1;
move_uploaded_file($_FILES['file']['tmp_name'],"../images/client/logo/".$_FILES["file"]["name"]);
$sql = "update clients2 SET cl2_image = '".$images."' WHERE cl2_id = ".$q."";
$res = $conn->query($sql);
if($res === TRUE ){
echo 1;
}else{
echo 0;
}
}else{
echo 1;
}
?>