403 forbidden nginx

Website URL
http://ujjushop.epizy.com/

Error Message

403 forbidden nginx
I have made an ecommerce website.whenever i try to pay offlline website should redirect to order page but it shows 403 forbidden nginx

(other information and details relevant to your question)

What? I think it is normal cause you really can’t purchase or pray offline.

<div class="box">
<?php
$session_email=$_SESSION['customer_email'];
$select_cust="select  * from  customers where customer_email='$session_email'";
$run_cust=mysqli_query($con,$select_cust);
$row=mysqli_fetch_array($run_cust);
$customer_id=$row['customer_id'];
?>
	<h1  class="text-center">Payment  options</h1>
	<p class="lead  text-center"><a href="order.php?c_id=<?php echo $customer_id ?>">Pay Offline</a></p>
<center>
	<p>
	<a href="pay.php?c_id=<?php echo $customer_id ?>">Pay Online</a>
	</p>
</center>
</div>

when user clicks on payoffline it should redirect to order page but it is displaying 403 error

<?php
session_start();
include "includes/db.php";
include ("functions/functions.php");
?>
<?php
if (isset($_GET['c_id'])) {
	$customer_id=$_GET['c_id'];
}
$ip_add=getuserip();
$status="pending";
$invoice_no=mt_rand();
$select_cart="select * from cart where ip_add='$ip_add'";
$run_cart=mysqli_query($con,$select_cart);
while ($row_cart=mysqli_fetch_array($run_cart)) {
	$pro_id=$row_cart['p_id'];
	$pro_size=$row_cart['size'];
	$qty=$row_cart['qty'];
	$get_product="select * from product where product_id='$pro_id'";
	$run_pro=mysqli_query($con,$get_product);
	while ($row_pro=mysqli_fetch_array($run_pro)) {
		$sub_total=$row_pro['product_price']*$qty;
		$insert_customer_order="insert into customer_order 
		(customer_id,product_id,due_amount,invoice_no,qty,size,order_date,order_status)values('$customer_id','$pro_id','$sub_total','$invoice_no','$qty','$pro_size',NOW(),'$status')";
		$run_cust_order=mysqli_query($con,$insert_customer_order);
		$insert_pending_order="insert into pending_order(customer_id,invoice_no,product_id,qty,size,order_status)values('$customer_id','$invoice_no','$pro_id','$qty','$pro_size','$status')";
		$run_pending=mysqli_query($con,$insert_pending_order);
		$delete_cart="delete from cart where ip_add='$ip_add'";
		$run_del=mysqli_query($con,$delete_cart);
		echo "<script>alert('Your order has been  submitted,Thanks')</script>";
		echo "<script>window.open('customer/my_account.php?my_order','_self')</script>";
	}
}
?>

it is my order page

Any solution guys above I have attached my codes

A few reasons that come to mind:

  • The URL you’re using could be blocked for security. Can you please share the URL to this Pay Offline page?
  • Using a window.open to redirect people is a bit unusual. Maybe a PHP redirect doesn’t have this problem?
2 Likes