shell bypass 403
<div class="modal fade sendCertificate" id="sendPair" tabindex="-1" aria-labelledby="sendPairLabel" aria-hidden="true">
<div class="modal-dialog modal-dialog-centered">
<div class="modal-content">
<button type="button" class="close-modal" data-bs-dismiss="modal" aria-label="Close">
<i class="fa-solid fa-xmark"></i>
</button>
<h4 class="theme-h4">Send Pair</h4>
<ul class="select-service">
<li><a href="javascript:;" data-bs-toggle="modal" data-bs-target="#sendCertificate">Certificate</a>
</li>
<li><a href="/e-card-design">E-Card</a></li>
</ul>
</div>
</div>
</div>
<div class="modal fade sendCertificate" id="sendCertificate" tabindex="-1" aria-labelledby="sendCertificateLabel" aria-hidden="true">
<div class="modal-dialog modal-dialog-centered">
<div class="modal-content">
<button type="button" class="close-modal" data-bs-dismiss="modal" aria-label="Close">
<i class="fa-solid fa-xmark"></i>
</button>
<h4 class="theme-h4">Generate Certificate</h4>
<form id="Generate-certificate-form" action="/api/certificate" method="post">
<div class="row g-4">
<div class="col-12">
<div class="input-field">
<label for="">Receiver Email *</label>
<input type="hidden" name="id" required>
<input type="email" name="email" required>
</div>
</div>
<div class="col-12">
<div class="input-field">
<label for="">Ballz Type *</label>
<!-- <input type="text" name="ballz_type"> -->
<select name="ballz_type" required>
<option value="" selected disabled>Select Ball Type</option>
<option value="Blue Ballz">Blue Ballz</option>
<option value="Brass Ballz">Brass Ballz</option>
<option value="Platinum Ballz">Platinum Ballz</option>
<option value="Glass Ballz">Glass Ballz</option>
<option value="Gold Ballz">Gold Ballz</option>
<option value="Silver Ballz">Silver Ballz</option>
<option value="Regular Ballz">Regular Ballz</option>
</select>
</div>
</div>
<div class="col-12">
<div class="input-field">
<label for="">Recipent Name *</label>
<input type="text" name="recname" maxlength="30" required>
</div>
</div>
<div class="col-12">
<div class="input-field">
<label for="">Reason *</label>
<!-- <select name="reason" class="cerf-reason" required>
<option value="" selected disabled>Select Reason</option>
<option value="">Other (Type Yourself)</option>
<option value="possess an uncanny knack for conjuring creative and absurd excuses for any situation, proving that ingenuity knows no bounds when it comes to avoiding responsibilities.">possess an uncanny knack for conjuring creative and absurd excuses for any situation, proving that ingenuity knows no bounds when it comes to avoiding responsibilities. </option>
<option value="possess an unparalleled ability to wield sarcasm like a finely sharpened sword, leaving their audience in stitches (and perhaps slightly confused).">possess an unparalleled ability to wield sarcasm like a finely sharpened sword, leaving their audience in stitches (and perhaps slightly confused).</option>
<option value="show or possess remarkable endurance in staying up all night, dancing like nobody's watching, and embracing the true spirit of partying.">show or possess remarkable endurance in staying up all night, dancing like nobody's watching, and embracing the true spirit of partying.</option>
<option value="slip clever innuendos into everyday conversations, leaving others both amused and slightly flustered.">slip clever innuendos into everyday conversations, leaving others both amused and slightly flustered.</option>
</select> -->
<div class="select-custom">
<input type="hidden" name="reason" required>
<a href="javascript:;">Select Reason</a>
<ul class="select-options">
<li data-value="">Other (Type Yourself)</li>
<li data-value="possess an uncanny knack for conjuring creative and absurd excuses for any situation, proving that ingenuity knows no bounds when it comes to avoiding responsibilities. ">possess an uncanny knack for conjuring creative and absurd excuses for any situation, proving that ingenuity knows no bounds when it comes to avoiding responsibilities. </li>
<li data-value="possess an unparalleled ability to wield sarcasm like a finely sharpened sword, leaving your audience in stitches (and perhaps slightly confused).">possess an unparalleled ability to wield sarcasm like a finely sharpened sword, leaving your audience in stitches (and perhaps slightly confused).</li>
<li data-value="show or possess remarkable endurance in staying up all night, dancing like nobody's watching, and embracing the true spirit of partying.">show or possess remarkable endurance in staying up all night, dancing like nobody's watching, and embracing the true spirit of partying.</li>
<li data-value="slip clever innuendos into everyday conversations, leaving others both amused and slightly flustered.">slip clever innuendos into everyday conversations, leaving others both amused and slightly flustered.</li>
</ul>
</div>
<div style="display: none;">
<textarea type="text" name="reasonother" class="reason-other-inp" placeholder="Mention Your Reason..."></textarea>
</div>
</div>
</div>
<div class="col-12">
<div class="input-field checkbox-field">
<div>
<label>Your Name</label>
<input placeholder="Your Name" type="text" name="anonymousname" value="<%= user.firstName %> <%= user.lastName %>">
</div>
<label class="checkbox-lbl" for="cer-anonymously">Send Anonymously <input type="checkbox" value="send-anonymously" name="sendanonymously" id="cer-anonymously"></label>
</div>
</div>
<div class="col-12">
<div class="input-field">
<button class="theme-btn" type="submit">Preview Certificate</button>
</div>
</div>
</div>
</form>
</div>
</div>
</div>
<div class="modal fade sendCertificate" id="editAccountDetail" tabindex="-1" aria-labelledby="editAccountDetailLabel" aria-hidden="true">
<div class="modal-dialog modal-dialog-centered">
<div class="modal-content">
<button type="button" class="close-modal" data-bs-dismiss="modal" aria-label="Close">
<i class="fa-solid fa-xmark"></i>
</button>
<h4 class="theme-h4">Edit Account Details</h4>
<form action="/api/user/update" method="POST">
<div class="row g-4">
<div class="col-12">
<div class="input-field">
<label for="">First Name *</label>
<input type="text" name="firstName" required value="<%= user.firstName %>">
</div>
</div>
<div class="col-12">
<div class="input-field">
<label for="">Last Name *</label>
<input type="text" name="lastName" required value="<%= user.lastName %>">
</div>
</div>
<div class="col-12">
<div class="input-field">
<label for="">Email</label>
<input type="email" name="email" value="<%= user.email %>" readonly>
</div>
</div>
<div class="col-md-4 col-12">
<div class="input-field">
<label for="">City *</label>
<input type="text" name="city" required value="<%= user.city %>">
</div>
</div>
<div class="col-md-4 col-12">
<div class="input-field">
<label for="">State *</label>
<input type="text" name="state" required value="<%= user.state %>">
</div>
</div>
<div class="col-md-4 col-12">
<div class="input-field">
<label for="">Zip *</label>
<input type="text" name="zip" required value="<%= user.zip %>">
</div>
</div>
<div class="col-12">
<div class="input-field">
<label for="">Confirm Password *</label>
<input type="password" name="password" required value="">
</div>
</div>
<div class="col-12">
<div class="input-field">
<button class="theme-btn" type="submit">Save</button>
</div>
</div>
</div>
</form>
</div>
</div>
</div>
<div class="modal fade sendCertificate" id="editPassword" tabindex="-1" aria-labelledby="editPasswordLabel" aria-hidden="true">
<div class="modal-dialog modal-dialog-centered">
<div class="modal-content">
<button type="button" class="close-modal" data-bs-dismiss="modal" aria-label="Close">
<i class="fa-solid fa-xmark"></i>
</button>
<h4 class="theme-h4">Edit Password</h4>
<form action="/api/user/change-password" method="POST">
<div class="row g-4">
<div class="col-12">
<div class="input-field">
<label for="">Password *</label>
<input type="password" name="password" required>
</div>
</div>
<div class="col-12">
<div class="input-field">
<label for="">New Password *</label>
<input type="password" name="newPassword" required>
</div>
</div>
<div class="col-12">
<div class="input-field">
<label for="">Confirm Password *</label>
<input type="password" name="confirmPassword" required>
</div>
</div>
<div class="col-12">
<div class="input-field">
<button class="theme-btn" type="submit">Save</button>
</div>
</div>
</div>
</form>
</div>
</div>
</div>
<div class="toast-container">
<% if (message) { %>
<div class="toast success align-items-center show" role="alert" aria-live="assertive" aria-atomic="true">
<div class="d-flex">
<div class="toast-body">
<%= message %>
</div>
<button type="button" class="close-btn me-2 m-auto" data-bs-dismiss="toast" aria-label="Close">
<i class="fa-regular fa-xmark"></i>
</button>
</div>
</div>
<% } %>
<% if (error) { %>
<div class="toast error align-items-center show" role="alert" aria-live="assertive" aria-atomic="true">
<div class="d-flex">
<div class="toast-body">
<%= error %>
</div>
<button type="button" class="close-btn me-2 m-auto" data-bs-dismiss="toast" aria-label="Close">
<i class="fa-regular fa-xmark"></i>
</button>
</div>
</div>
<% } %>
</div>
<script src="https://html2canvas.hertzen.com/dist/html2canvas.min.js"></script>