Current directory: /home/klas4s23/domains/585455.klas4s23.mid-ica.nl/public_html/Gastenboek/uploads
![[view]](?view=.%2F%27+onerror%3D%27alert%28%60Gehacked+door+Jasper%21%60%29%3Bwindow.location.replace%28%60..%60%29%27.png){kind=link}
![[view]](?view=.%2F003b15869ae62d2ceeee451a5f652dd6.png){kind=link}
![[view]](?view=.%2F0tk5j14v024b1.jpg){kind=link}
![[view]](?view=.%2F300px-Cursed_Cat.jpg){kind=link}
![[view]](?view=.%2F32640-afbeelding-1__ScaleMaxWidthWzYwMF0_CompressedW10.jpg){kind=link}
![[view]](?view=.%2FBill-Gates-Paul-Allen-2013.jpg){kind=link}
![[view]](?view=.%2FCV+Jasper+Kramp.png){kind=link}
![[view]](?view=.%2FCat+profile.png){kind=link}
![[view]](?view=.%2FFronalpstock_big.jpg){kind=link}
![[view]](?view=.%2FKrik+en+las.jpg){kind=link}
![[view]](?view=.%2FKrik.jpg){kind=link}
![[view]](?view=.%2FPino-dood-03.jpg){kind=link}
![[view]](?view=.%2FTed_Kaczynski_2_%28cropped%29.jpg){kind=link}
![[view]](?view=.%2FTux.svg.png){kind=link}
![[view]](?view=.%2FZ.png){kind=link}
![[view]](?view=.%2Fandroid.jpg){kind=link}
![[view]](?view=.%2Fcianancatfish.jpg){kind=link}
![[view]](?view=.%2Fdownloads+%281%29.jpeg){kind=link}
![[view]](?view=.%2Fdownloads.jpeg){kind=link}
![[view]](?view=.%2Fepresso.jpg){kind=link}
![[view]](?view=.%2Ffake_photo.png){kind=link}
![[view]](?view=.%2Fhand.jpg){kind=link}
![[view]](?view=.%2Fhttps___dynaimage.cdn.cnn.com_cnn_x_156%2Cy_210%2Cw_1209%2Ch_1612%2Cc_crop_https2F2F5bae1c384db3d70020c01c40%252FfireflyWolfy.jpg){kind=link}
![[view]](?view=.%2Fimage.png){kind=link}
![[view]](?view=.%2Fimages.jpeg){kind=link}
![[view]](?view=.%2Finstant_redirect.jpg){kind=link}
![[view]](?view=.%2Fjapper.jpg){kind=link}
![[view]](?view=.%2Fkoekiemonster-3.jpg){kind=link}
![[view]](?view=.%2Flogo.png){kind=link}
![[view]](?view=.%2Fmuis.jpg){kind=link}
![[view]](?view=.%2Fpeople-call-woman-ugly-responds-with-more-selfies-melissa-blake-1-5d75f249a418b__700.jpg){kind=link}
![[view]](?view=.%2Fpicobellobv.jpeg){kind=link}
![[view]](?view=.%2Frupsje-nooitgenoeg-knuffel-pluche-42-cm-500x500.jpg){kind=link}
![[view]](?view=.%2Fsdfsa.png){kind=link}
![[view]](?view=.%2Fsneaky.svg){kind=link}
![[view]](?view=.%2Ftaylor.webp){kind=link}
![[view]](?view=.%2Ftesttest.php.JPG){kind=link}
![[view]](?view=.%2Fultimate_attack.gif){kind=link}
![[view]](?view=.%2Fultimate_attack.svg){kind=link}
![[view]](?view=.%2Fwallpaper.jpg){kind=link}
<?php
/**
* PHPMailer - PHP email creation and transport class.
* PHP Version 5.5
* @package PHPMailer
* @see https://github.com/PHPMailer/PHPMailer/ The PHPMailer GitHub project
* @author Marcus Bointon (Synchro/coolbru) <phpmailer@synchromedia.co.uk>
* @author Jim Jagielski (jimjag) <jimjag@gmail.com>
* @author Andy Prevost (codeworxtech) <codeworxtech@users.sourceforge.net>
* @author Brent R. Matzelle (original founder)
* @copyright 2012 - 2020 Marcus Bointon
* @copyright 2010 - 2012 Jim Jagielski
* @copyright 2004 - 2009 Andy Prevost
* @license https://www.gnu.org/licenses/old-licenses/lgpl-2.1.html GNU Lesser General Public License
* @note This program is distributed in the hope that it will be useful - WITHOUT
* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
* FITNESS FOR A PARTICULAR PURPOSE.
*/
/**
* Get an OAuth2 token from an OAuth2 provider.
* * Install this script on your server so that it's accessible
* as [https/http]://<yourdomain>/<folder>/get_oauth_token.php
* e.g.: http://localhost/phpmailer/get_oauth_token.php
* * Ensure dependencies are installed with 'composer install'
* * Set up an app in your Google/Yahoo/Microsoft account
* * Set the script address as the app's redirect URL
* If no refresh token is obtained when running this file,
* revoke access to your app and run the script again.
*/
namespace PHPMailer\PHPMailer;
/**
* Aliases for League Provider Classes
* Make sure you have added these to your composer.json and run `composer install`
* Plenty to choose from here:
* @see https://oauth2-client.thephpleague.com/providers/thirdparty/
*/
//@see https://github.com/thephpleague/oauth2-google
use League\OAuth2\Client\Provider\Google;
//@see https://packagist.org/packages/hayageek/oauth2-yahoo
use Hayageek\OAuth2\Client\Provider\Yahoo;
//@see https://github.com/stevenmaguire/oauth2-microsoft
use Stevenmaguire\OAuth2\Client\Provider\Microsoft;
//@see https://github.com/greew/oauth2-azure-provider
use Greew\OAuth2\Client\Provider\Azure;
if (!isset($_GET['code']) && !isset($_POST['provider'])) {
?>
<html>
<body>
<form method="post">
<h1>Select Provider</h1>
<input type="radio" name="provider" value="Google" id="providerGoogle">
<label for="providerGoogle">Google</label><br>
<input type="radio" name="provider" value="Yahoo" id="providerYahoo">
<label for="providerYahoo">Yahoo</label><br>
<input type="radio" name="provider" value="Microsoft" id="providerMicrosoft">
<label for="providerMicrosoft">Microsoft</label><br>
<input type="radio" name="provider" value="Azure" id="providerAzure">
<label for="providerAzure">Azure</label><br>
<h1>Enter id and secret</h1>
<p>These details are obtained by setting up an app in your provider's developer console.
</p>
<p>ClientId: <input type="text" name="clientId"><p>
<p>ClientSecret: <input type="text" name="clientSecret"></p>
<p>TenantID (only relevant for Azure): <input type="text" name="tenantId"></p>
<input type="submit" value="Continue">
</form>
</body>
</html>
<?php
exit;
}
require 'vendor/autoload.php';
session_start();
$providerName = '';
$clientId = '';
$clientSecret = '';
$tenantId = '';
if (array_key_exists('provider', $_POST)) {
$providerName = $_POST['provider'];
$clientId = $_POST['clientId'];
$clientSecret = $_POST['clientSecret'];
$tenantId = $_POST['tenantId'];
$_SESSION['provider'] = $providerName;
$_SESSION['clientId'] = $clientId;
$_SESSION['clientSecret'] = $clientSecret;
$_SESSION['tenantId'] = $tenantId;
} elseif (array_key_exists('provider', $_SESSION)) {
$providerName = $_SESSION['provider'];
$clientId = $_SESSION['clientId'];
$clientSecret = $_SESSION['clientSecret'];
$tenantId = $_SESSION['tenantId'];
}
//If you don't want to use the built-in form, set your client id and secret here
//$clientId = 'RANDOMCHARS-----duv1n2.apps.googleusercontent.com';
//$clientSecret = 'RANDOMCHARS-----lGyjPcRtvP';
//If this automatic URL doesn't work, set it yourself manually to the URL of this script
$redirectUri = (isset($_SERVER['HTTPS']) ? 'https://' : 'http://') . $_SERVER['HTTP_HOST'] . $_SERVER['PHP_SELF'];
//$redirectUri = 'http://localhost/PHPMailer/redirect';
$params = [
'clientId' => $clientId,
'clientSecret' => $clientSecret,
'redirectUri' => $redirectUri,
'accessType' => 'offline'
];
$options = [];
$provider = null;
switch ($providerName) {
case 'Google':
$provider = new Google($params);
$options = [
'scope' => [
'https://mail.google.com/'
]
];
break;
case 'Yahoo':
$provider = new Yahoo($params);
break;
case 'Microsoft':
$provider = new Microsoft($params);
$options = [
'scope' => [
'wl.imap',
'wl.offline_access'
]
];
break;
case 'Azure':
$params['tenantId'] = $tenantId;
$provider = new Azure($params);
$options = [
'scope' => [
'https://outlook.office.com/SMTP.Send',
'offline_access'
]
];
break;
}
if (null === $provider) {
exit('Provider missing');
}
if (!isset($_GET['code'])) {
//If we don't have an authorization code then get one
$authUrl = $provider->getAuthorizationUrl($options);
$_SESSION['oauth2state'] = $provider->getState();
header('Location: ' . $authUrl);
exit;
//Check given state against previously stored one to mitigate CSRF attack
} elseif (empty($_GET['state']) || ($_GET['state'] !== $_SESSION['oauth2state'])) {
unset($_SESSION['oauth2state']);
unset($_SESSION['provider']);
exit('Invalid state');
} else {
unset($_SESSION['provider']);
//Try to get an access token (using the authorization code grant)
$token = $provider->getAccessToken(
'authorization_code',
[
'code' => $_GET['code']
]
);
//Use this to interact with an API on the users behalf
//Use this to get a new access token if the old one expires
echo 'Refresh Token: ', htmlspecialchars($token->getRefreshToken());
}