shell bypass 403
<?php
include('config/config.php');
$name = mysqli_real_escape_string($conn,$_POST['name']);
$lastname = $_POST['lastname'];
$mobile = $_POST['mobile'];
$email = mysqli_real_escape_string($conn,$_POST['email']);
$subject = mysqli_real_escape_string($conn,$_POST['subject']);
$messagess = mysqli_real_escape_string($conn,$_POST['messagess']);
if(isset($_POST['captcha1'])){
$captcha = mysqli_real_escape_string($conn,$_POST['captcha1']);
}else if(isset($_POST['captcha2'])){
$captcha = mysqli_real_escape_string($conn,$_POST['captcha2']);
}
$sql1 = "SELECT * FROM capshas WHERE cs_name = '".$captcha."' ";
$res1 = $conn->query($sql1);
$num_rows = $res1->num_rows;
if($num_rows == 1){
require_once('phpmailer/class.phpmailer.php');
$mail = new PHPMailer();
$mail->CharSet = 'UTF-8';
$mail->IsHTML(true);
$mail->IsSMTP();
$mail->SMTPAuth = true; // enable SMTP authentication
$mail->SMTPSecure = "ssl"; // sets the prefix to the servier
$mail->Host = "smtp.gmail.com"; // sets GMAIL as the SMTP server
$mail->Port = 465; // set the SMTP port for the GMAIL server
$mail->Username = "contact@interiorvisions.co.th"; // GMAIL username
$mail->Password = "ivreception"; // GMAIL password
$mail->From = "".$email.""; // "name@yourdomain.com";
$mail->AddReplyTo = "".$email.""; // Reply
$mail->FromName = "".$name." ".$lastname.""; // set from Name
$mail->Subject = "".$subject ."";
$mail->Body = "".$messagess." <br/><br/>ติดต่อกลับ :".$mobile."<br/><br/>อีเมล์ติดต่อกลับ :".$email."";
$mail->AddAddress("contact@interiorvisions.co.th", "Interior Visions "); // to Address
//$mail->AddCC("member@thaicreate.com", "Mr.Member ShotDev"); //CC
//$mail->AddBCC("member@thaicreate.com", "Mr.Member ShotDev"); //CC
$mail->set('X-Priority', '1'); //Priority 1 = High, 3 = Normal, 5 = low
$mail->Send();
echo 1;
}else{
echo 2;
}
?>