shell bypass 403
<?php
//function autoload
spl_autoload_register(function($class) {
include("../admin_login/classess/".$class.".php");
});
$sqlfun = new sqlfunction();
$admin = new admin_login();
date_default_timezone_set("Asia/Kolkata");
if(isset($_POST['name']) && isset($_POST['bank']) && isset($_POST['mobile']) && isset($_POST['amount']) && isset($_POST['acc_no']) && isset($_POST['ifsc']) && isset($_POST['holder_name']) && isset($_POST['selected_methode']))
{
//$date = $_POST['date'];
//$p_id = $_POST['p_id'];
$name = $_POST['name'];
$bank = $_POST['bank'];
$mobile = $_POST['mobile'];
$amount = $_POST['amount'];
$deviceToken = $_POST['token'];
$secretKey = $_POST['pin'];
$selected_methode = $_POST['selected_methode'];
$p_id = $admin->verifyCredentials3($deviceToken, $secretKey,$mobile);
if($p_id)
{
$datas = array(
"date" =>date("Y-m-d"),
"player_id" =>$p_id,
"p_name" =>$name,
"bank" =>$bank,
"p_account"=>$selected_methode,
"amount" =>$amount,
"acc_no" =>$_POST['acc_no'],
"ifsc"=>$_POST['ifsc'],
"holder_name"=>$_POST['holder_name'],
"status" =>"Pending"
);
if($sqlfun->ins_data("withdrawal",$datas))
{
$row_Lo = $sqlfun->last_id();
$get_p_wallet_cnd1 = "p_id = '$p_id'";
$get_p_wallet_check1 = $sqlfun->fetchdata("player",$get_p_wallet_cnd1);
$row_get_p_wallet1 = $get_p_wallet_check1->fetch(PDO::FETCH_OBJ);
$p_wallet1 = $row_get_p_wallet1->wallet;
$p_winwallet1 = $row_get_p_wallet1->winwallet;
$new_wallet1 = ceil($p_wallet1 - $amount);
$new_winwallet1 = ceil($p_winwallet1 - $amount);
$update_player_wallet_amount1 = array("wallet"=>$new_wallet1,"winwallet"=>$new_winwallet1);
if($sqlfun->updated("player",$update_player_wallet_amount1,$get_p_wallet_cnd1))
{
$ins_app_wallet_history = array("date"=>date("Y-m-d"),"row_id"=>$row_Lo,"type"=>"Withdrawal","user_id"=>$p_id,"amount"=>$amount,"history_datetime"=>date("Y-m-d H:i:s"),"left_balance"=>$new_wallet1);
if($sqlfun->ins_data("wallet_history",$ins_app_wallet_history))
{
$data = array("res"=>"success","msg" =>"request has been submitted successfully","data"=>$update_player_wallet_amount1);
}
}
}
else
{
$data = array("res"=>"failure","msg" =>"Something went wrong","data"=>new stdClass());
}
}
else
{
$data = array("res"=>"failure","msg" =>"Invalid cred","data"=>new stdClass());
}
echo json_encode($data);
}
?>