/home/powerrental/public_html/view/returned-summary.php
<br>
<?php
$return_quantity = 0;
?>
<div class="col-12">
<table class="table table-striped">
<tr>
<th>Item</th>
<th>Qty Del</th>
<th>Qty Rtn</th>
<th>Balance</th>
</tr>
<?php foreach($return_summary as $return_data): ?>
<?php
$return_quantity = $return_quantity + $return_data['accepted_good_amount'];
$total_now = $return_data['accepted_good_amount'] + $return_data['less_good_amount'];
$balance = $return_data['quantity_del'] - $total_now;
?>
<tr>
<td><?=$return_data['product_name']; ?></td>
<td><?=$return_data['quantity_del']; ?></td>
<td><?=$total_now; ?></td>
<td><?=$balance; ?></td>
</tr>
<?php endforeach; ?>
</table>
</div>
<br>
<?php if($damage_proof): ?>
<div class="col-12">
<span style="display:block;">Image</span>
<?php foreach($damage_proof as $proof_data): ?>
<center><img src="<?=$url['full']; ?><?=$proof_data['image']; ?>" style="height:200px;"></center>
/home/powerrental/public_html/index.php
$userid = get_user_session(); //get userid
/*REQUEST FILE*/
$route = new Route($_REQUEST);
$filename = $route->file;
$parameter = $sanitize->sanitize($route->parameter);
$second_parameter = $sanitize->sanitize($route->second_parameter);
$third_parameter = $sanitize->sanitize($route->third_parameter);
//lfi
$filename = str_replace("%00","",$filename);
$filename = str_replace("..","",$filename);
$filename = str_replace(chr(0),"",$filename);
if($sanitize->is_server_up() == "1"){
$full_path = "./view/".$filename.".php";
$error = "./view/404.php";
if(include($full_path)){
}else{
header("HTTP/1.1 200 OK");
include($error);
}
}else{ }
?>