Jump to content
Sign in to follow this  
dailce

[Contribution] Secure Admin Login - Logout

Recommended Posts

I have just moved my OSC store to a new server and URL, I have duplicated my MySQL DB and addapted the config and admin config file...

 

Im unable to login to my admin section - http://www.recoverworld.com/catalog/admin

 

Warning: mysql_fetch_row(): supplied argument is not a valid MySQL result resource in /content/BusinessHostPlus/r/e/recoverworld.com/web/catalog/admin/LoginAction.php on line 21

Warning: Cannot modify header information - headers already sent by (output started at /content/BusinessHostPlus/r/e/recoverworld.com/web/catalog/admin/LoginAction.php:21) in /content/BusinessHostPlus/r/e/recoverworld.com/web/catalog/admin/LoginAction.php on line 26

Warning: Cannot modify header information - headers already sent by (output started at /content/BusinessHostPlus/r/e/recoverworld.com/web/catalog/admin/LoginAction.php:21) in /content/BusinessHostPlus/r/e/recoverworld.com/web/catalog/admin/LoginAction.php on line 28

 

What can I do to get back into my admin? please advise.

 

Many thanks,

 

C/

Share this post


Link to post
Share on other sites

Hi

 

I think , i have found a security issue.

 

 

 

 

I was wondering again and again about some configurations not beeing exactly as i left the shopadministration last day.

i first thought about a hacker, but the domain was brandnew and so nobody knew about it.

nobody but alexa. alexa has the ia_archiver which works for the waybackmachine.

 

in my logs i found this:

 

209.234.171.38 - - [23/Jun/2008:04:49:05 +0200] "GET /robots.txt HTTP/1.0" 404 279 "-" "ia_archiver"
209.234.171.38 - - [23/Jun/2008:04:49:06 +0200] "GET /admin/affiliate_summary.php?selected_box=affiliate&osCAdminID=cf7eb89001a7867f9e53b7d4124ca674 HTTP/1.0" 302 21046 "-" "ia_archiver"
209.234.171.38 - - [23/Jun/2008:04:49:07 +0200] "GET /admin/login.php?refer=%2Fadmin%2Faffiliate_summary.php%3Fselected_box%3Daffiliate%26osCAdminID%3Dcf7eb89001a7867f9e53b7d4124ca674 HTTP/1.0" 200 1977 "-" "ia_archiver"
209.234.171.38 - - [23/Jun/2008:04:49:10 +0200] "GET /admin/articles.php?selected_box=articles&osCAdminID=cf7eb89001a7867f9e53b7d4124ca674 HTTP/1.0" 302 39540 "-" "ia_archiver"
209.234.171.38 - - [23/Jun/2008:04:49:12 +0200] "GET /admin/login.php?refer=%2Fadmin%2Farticles.php%3Fselected_box%3Darticles%26osCAdminID%3Dcf7eb89001a7867f9e53b7d4124ca674 HTTP/1.0" 200 1967 "-" "ia_archiver"
209.234.171.38 - - [23/Jun/2008:04:49:15 +0200] "GET /admin/categories.php?cPath=161&osCAdminID=cf7eb89001a7867f9e53b7d4124ca674 HTTP/1.0" 302 31539 "-" "ia_archiver"
209.234.171.38 - - [23/Jun/2008:04:49:17 +0200] "GET /admin/login.php?refer=%2Fadmin%2Fcategories.php%3FcPath%3D161%26osCAdminID%3Dcf7eb89001a7867f9e53b7d4124ca674 HTTP/1.0" 200 1957 "-" "ia_archiver"
209.234.171.38 - - [23/Jun/2008:04:49:21 +0200] "GET /admin/categories.php?osCAdminID=cf7eb89001a7867f9e53b7d4124ca674 HTTP/1.0" 302 24912 "-" "ia_archiver"
209.234.171.38 - - [23/Jun/2008:04:49:21 +0200] "GET /admin/login.php?refer=%2Fadmin%2Fcategories.php%3FosCAdminID%3Dcf7eb89001a7867f9e53b7d4124ca674 HTTP/1.0" 200 1947 "-" "ia_archiver"
209.234.171.38 - - [23/Jun/2008:04:49:26 +0200] "GET /admin/categories.php?selected_box=catalog&osCAdminID=cf7eb89001a7867f9e53b7d4124ca674 HTTP/1.0" 302 25980 "-" "ia_archiver"
209.234.171.38 - - [23/Jun/2008:04:49:26 +0200] "GET /admin/login.php?refer=%2Fadmin%2Fcategories.php%3Fselected_box%3Dcatalog%26osCAdminID%3Dcf7eb89001a7867f9e53b7d4124ca674 HTTP/1.0" 200 1968 "-" "ia_archiver"
209.234.171.38 - - [23/Jun/2008:04:49:31 +0200] "GET /admin/categories.php?selected_box=infobox&osCAdminID=cf7eb89001a7867f9e53b7d4124ca674 HTTP/1.0" 302 22925 "-" "ia_archiver"

 

 

and i tried one of the links shown here.

and it worked, i could open the page and work in it and then go further to another file and work in the other file

 

the bot is using a sid. i am normally not, i have enabled cookies.

 

now that i noticed, that the bot is reading robots.txt, i have uploaded a robots.txt and disallowed admin

 

but thats not a solution

 

has anybody else problems about some configurations changing from time to time?

for example. attributes: i had downloads enabled, and the attributes didnt have the downloadfile anymore.

attributes changed positions. specials enabled after some days when left disabled. some other features changing again and again whithout your interaction.

 

i think, this is a severe problem.

normally a bot should not have the possibility to login with a session id. but it really worked here.

as i logged out, it was not possible anymore to login with this session-id. but as long as i didnt logout, i could make everything.

 

sorry for my bad english, i hope everyone understood, what i meant.

if not, please do not hesitate and post here.

Share this post


Link to post
Share on other sites

If you can't login after moving or restoring the database, the solution is to open phpMyAdmin, select the administrator table, click Browse, delete the current rows, then run the SQL statement to re-create users.

 

First, replace username1 and user1password with the actual username and password that you want to have, then do the same for username2 and user2password, or simply delete the second line.

INSERT INTO `administrator` VALUES (1, 'username1', password('user1password'), NULL, NULL);
INSERT INTO `administrator` VALUES (2, 'username2', password('user2password'), NULL, NULL);

Regards,

EricK

Share this post


Link to post
Share on other sites

I havn't been able to get this working yet

 

any definate guides as to how I can

 

I have had to revert back and cannot rename the admin folder either

Share this post


Link to post
Share on other sites
I have been having the same problem. The session variable is not getting passed correctly. I have fixed this in a client's store in these files:

 

catalog/admin/customers.php

catalog/admin/orders.php

catalog/admin/categories.php

 

This is what I did -- I am doing this on a heavily modded store so line numbers may be totally inaccurate for your store.

_________________________________________________________________
catalog/admin/customers.php
around line 885, after:
<td class="smallText" align="right"><?php echo HEADING_TITLE_SEARCH . ' ' . tep_draw_input_field('search'); ?>

add: 
<input type="hidden" name="osCAdminID" value="<?php echo $_REQUEST['osCAdminID'];?>">

_________________________________________________________________
store/admin/categories.php
Before:
echo '</form>';
around lines 1280 and 1292: 

add:
echo tep_draw_input_field('osCAdminID', $_REQUEST[osCAdminID], '', '', 'hidden');
_________________________________________________________________
store/admin/orders.php

around line 421, before: 
<td class="smallText" align="right"><?php echo HEADING_TITLE_STATUS . ' ' . tep_draw_pull_down_menu('status', 

array_merge(array(array('id' => '', 'text' => TEXT_ALL_ORDERS)), $orders_statuses), '', 'onChange="this.form.submit();"'); ?></td>
		  </form></tr>

add:
<?php echo tep_draw_form('status', FILENAME_ORDERS, '', 'get'); ?>

and at line 423, before </form>, add:
<? echo tep_draw_input_field('osCAdminID', $_REQUEST[osCAdminID], '', '', 'hidden'); ?>

line 429, before </form> add:
<? echo tep_draw_input_field('osCAdminID', $_REQUEST[osCAdminID], '', '', 'hidden'); ?></td>

 

Hope this is helpful.

 

i tried this but no luck...stil can login but stil asks to login again with nothing happing after that

Edited by poon

Share this post


Link to post
Share on other sites
UPDATED: 20-Jan-2008

http://addons.oscommerce.com/info/4121

This is a Complete Package.

 

Merged the Admin Login Mgt contributions, cleaned-up code, re-wrote the install instructions and tested on a clean install running on PHP5/MySQL5/PHP5 with register_globals=off.

 

All credit to the original contributors. Please post questions in this support thread.

 

Regards,

EricK

 

Hi, lots thanks for this great update of yours! Honors to you!

It works like a charm for my shop :)

 

It does have one caveat though, som phrases are hard coded into login.php & logoff.php

while in the admin panel phrases are language specific.

 

I would like to have this contrib not to use hard coded phrases, my shops manager, a girl like me, doesn't speak English at all.

So how can I make this changes?

 

Warm regards from Sweden

Sara

Share this post


Link to post
Share on other sites
Hi

 

I think , i have found a security issue.

 

 

 

 

I was wondering again and again about some configurations not beeing exactly as i left the shopadministration last day.

i first thought about a hacker, but the domain was brandnew and so nobody knew about it.

nobody but alexa. alexa has the ia_archiver which works for the waybackmachine.

 

in my logs i found this:

 

209.234.171.38 - - [23/Jun/2008:04:49:05 +0200] "GET /robots.txt HTTP/1.0" 404 279 "-" "ia_archiver"
209.234.171.38 - - [23/Jun/2008:04:49:06 +0200] "GET /admin/affiliate_summary.php?selected_box=affiliate&osCAdminID=cf7eb89001a7867f9e53b7d4124ca674 HTTP/1.0" 302 21046 "-" "ia_archiver"
209.234.171.38 - - [23/Jun/2008:04:49:07 +0200] "GET /admin/login.php?refer=%2Fadmin%2Faffiliate_summary.php%3Fselected_box%3Daffiliate%26osCAdminID%3Dcf7eb89001a7867f9e53b7d4124ca674 HTTP/1.0" 200 1977 "-" "ia_archiver"
209.234.171.38 - - [23/Jun/2008:04:49:10 +0200] "GET /admin/articles.php?selected_box=articles&osCAdminID=cf7eb89001a7867f9e53b7d4124ca674 HTTP/1.0" 302 39540 "-" "ia_archiver"
209.234.171.38 - - [23/Jun/2008:04:49:12 +0200] "GET /admin/login.php?refer=%2Fadmin%2Farticles.php%3Fselected_box%3Darticles%26osCAdminID%3Dcf7eb89001a7867f9e53b7d4124ca674 HTTP/1.0" 200 1967 "-" "ia_archiver"
209.234.171.38 - - [23/Jun/2008:04:49:15 +0200] "GET /admin/categories.php?cPath=161&osCAdminID=cf7eb89001a7867f9e53b7d4124ca674 HTTP/1.0" 302 31539 "-" "ia_archiver"
209.234.171.38 - - [23/Jun/2008:04:49:17 +0200] "GET /admin/login.php?refer=%2Fadmin%2Fcategories.php%3FcPath%3D161%26osCAdminID%3Dcf7eb89001a7867f9e53b7d4124ca674 HTTP/1.0" 200 1957 "-" "ia_archiver"
209.234.171.38 - - [23/Jun/2008:04:49:21 +0200] "GET /admin/categories.php?osCAdminID=cf7eb89001a7867f9e53b7d4124ca674 HTTP/1.0" 302 24912 "-" "ia_archiver"
209.234.171.38 - - [23/Jun/2008:04:49:21 +0200] "GET /admin/login.php?refer=%2Fadmin%2Fcategories.php%3FosCAdminID%3Dcf7eb89001a7867f9e53b7d4124ca674 HTTP/1.0" 200 1947 "-" "ia_archiver"
209.234.171.38 - - [23/Jun/2008:04:49:26 +0200] "GET /admin/categories.php?selected_box=catalog&osCAdminID=cf7eb89001a7867f9e53b7d4124ca674 HTTP/1.0" 302 25980 "-" "ia_archiver"
209.234.171.38 - - [23/Jun/2008:04:49:26 +0200] "GET /admin/login.php?refer=%2Fadmin%2Fcategories.php%3Fselected_box%3Dcatalog%26osCAdminID%3Dcf7eb89001a7867f9e53b7d4124ca674 HTTP/1.0" 200 1968 "-" "ia_archiver"
209.234.171.38 - - [23/Jun/2008:04:49:31 +0200] "GET /admin/categories.php?selected_box=infobox&osCAdminID=cf7eb89001a7867f9e53b7d4124ca674 HTTP/1.0" 302 22925 "-" "ia_archiver"

 

 

and i tried one of the links shown here.

and it worked, i could open the page and work in it and then go further to another file and work in the other file

 

the bot is using a sid. i am normally not, i have enabled cookies.

 

now that i noticed, that the bot is reading robots.txt, i have uploaded a robots.txt and disallowed admin

 

but thats not a solution

 

has anybody else problems about some configurations changing from time to time?

for example. attributes: i had downloads enabled, and the attributes didnt have the downloadfile anymore.

attributes changed positions. specials enabled after some days when left disabled. some other features changing again and again whithout your interaction.

 

i think, this is a severe problem.

normally a bot should not have the possibility to login with a session id. but it really worked here.

as i logged out, it was not possible anymore to login with this session-id. but as long as i didnt logout, i could make everything.

 

sorry for my bad english, i hope everyone understood, what i meant.

if not, please do not hesitate and post here.

 

Hi, I think.. but do not know for sure, that it has something to do with robots.txt... ?

 

Be safe

Sara

Share this post


Link to post
Share on other sites

I have installed the contribution. I get the login screen, (https://midcenturyjewelry.c6.ixwebhosting.com/admin/login.php), type in username and password, it passes through to a blank screen. (https://midcenturyjewelry.c6.ixwebhosting.com/admin/index.php)

 

If I rename the files that I have changed per the instructions (application_top.php, filenames.php, tools.php, english.php) and rstore the orginals, I cna get directly into the admin module via this link, https://midcenturyjewelry.c6.ixwebhosting.c...admin/index.php (same as above), establishing theat this problem was not there before the files changes.

 

Any thoughts?

Share this post


Link to post
Share on other sites
Hi, I think.. but do not know for sure, that it has something to do with robots.txt... ?

 

Be safe

Sara

 

 

Hi Sara

 

I know now, what the problem is:

The problem was, that i was still logged in into the administration, i just closed the page.

So, the bot came in whith my own session, which was still active.

And because there was no robots.txt, the bot entered the administration. And then he followed all links and whith following the links, he activated and deactivated some configurations.

Loading the robots.txt and disallowing /admin was a good thing.

A timestamp which closes the session after x time of inactivity would be great.

 

Bye

Chris

Share this post


Link to post
Share on other sites

Alright I just installed this contribution and it only works half of the time so if I want to log into admin I gotta reload the stock login page somebody needs to get this fix for:

 

PHP Version: 5.2.4-2ubuntu5.3 (Zend: 2.2.0)

Database: MySQL 5.0.51a-3ubuntu5.1

 

because right now I dont think its safe to use if you have the same php and database as I do because I got to upload the stock file all the time.

Share this post


Link to post
Share on other sites

Did anyone work out the issue that you log in and get the main admin screen but when you press on anything it asks for the login info again and again. Please help, I have put in all the files and followed the instructions from download of Sep 2008 and it still is not working. I see this problem coming up a lot in this thread but I don't see an answer.

Share this post


Link to post
Share on other sites

so with all the different people on this site no one has an answer to the problem that you cannot get into the admin except the main screen? Please I really need this to work. :(

Share this post


Link to post
Share on other sites

Salve,

when i try to log in i have this error:

Warning: mysql_query(): supplied argument is not a valid MySQL-Link resource in D:\xampp\htdocs\Osc\catalog1\admin\includes\functions\database.php on line 45

SELECT ID FROM administrator WHERE sGUID = 'c4000ddd1c0e4d6cf465649e0bd19dab'

 

can someone help me please

 

Regards

Edited by danut82

Share this post


Link to post
Share on other sites

got this working this morning eventually :)

 

great contribution.

 

 

is there anyway to echo the username of the person logged in to the admin panel?

 

i have a "Welcome Back 'USERNAME'" in my admin index page and i like it to work please.

 

thank you.

Share this post


Link to post
Share on other sites

Hi gang,

 

guess i got lucky cuz it finally works! i'm a little leery of posting my solution due to making numerous changes until it cooperated so what i reveal might not work for anyone because i left out an intervening step but here tis

 

i simply replaced the non working login.php with a version i'd successfully used on another site and it finally let me in, i didn't take the time to analyze the numerous differences between the non-working version and the "new"(other site) version being otherwise occupied in jumping for joy.

 

oh and one more thing, in my admin/includes/configure.php

define('HTTP_CATALOG_SERVER', 'https://mysite.com'); (Note the lack of a trailing / at the end of mysite.com)

define('HTTPS_CATALOG_SERVER', 'https://mysite.com'); (Note the lack of a trailing / at the end of mysite.com)

 

define('DIR_WS_ADMIN', '/admin/'); (Note the extra / at the beginning of admin)

not sure if it's relevant but mention it 'just in case'

 

well here's the actual code for login.php that DID work(for moi):

<?php

include("includes/configure.php");

?>

<!doctype html public "-//W3C//DTD HTML 4.01 Transitional//EN">

<html <?php echo HTML_PARAMS; ?>>

<head>

<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">

<title>Administration Login</title>

<style type="text/css">

body {

background-image: url(images/bg_bluex3.jpg);

background-repeat: repeat-x;

background-color: #E6E6E6;

color: #000000;

margin: 0px;

}

TD {

margin: 0px;

font-size: 12px;

font-family: Verdana, Arial, Helvetica, sans-serif;

}

.menu_title {

background-color: white;

color: black;

font-weight: bold;

font-size: 12px;

font-family: Verdana, Arial, Helvetica, sans-serif;

}

.nav {

font-family: Verdana, Arial, Helvetica, sans-serif;

font-size: 11px;

}

</style>

</head>

<body>

<br>

<br>

<br>

<br>

<br>

<table width=475 border=1 align="center" cellpadding=0 cellspacing=10 bgcolor="#FFFFFF">

<tr>

<td width=450 align="center" valign="middle">

<form action="<?php echo HTTPS_CATALOG_SERVER . DIR_WS_ADMIN . "LoginAction.php";?>" method="post" name="LoginAction">

<input type="hidden" name="psRefer" value="<?php echo $refer; ?>">

<table width=450 border=0 cellpadding=4 cellspacing=0>

<tr>

<td colspan="2" class="nav"><img src="images/oscommerce.png" alt="osCommerce" width="204" height="50" vspace="0" border="0">

</td>

</tr>

<tr>

<td align="right" width=40% class="menu_title">Administration Login</td>

<td width=60% class="menu_title"> </td>

</tr>

<tr>

<td align="right" width=40%>Username:</td>

<td align="left" width=60%><input type="text" name="psName" style="width: 150px" value=""></td>

</tr>

<tr>

<td align="right" width=40%>Password:</td>

<td align="left" width=60%><input type="password" name="psPassword" style="width: 150px" value=""></td>

</tr>

<tr>

<td align="right" width=40%><input type="submit" name="admin_login_submit" value="Login"></td>

<td align="left" width=60%><input type="reset" name="admin_login_reset" value="Clear"></td>

</tr>

</table>

</form>

</td>

</tr>

</table>

</body>

</html>

 

hope somebody will benefit from this...

Share this post


Link to post
Share on other sites

I test your contribution (modification) and works fine, but I have only one problem.
When I try to use "Admin Login Mgt." on Tools doesn't works; I try to change or add a new admin, and a message appears saying...

Error: You cannot have a blank Admin Username

This error appears too when I try to change admin password.

Thanks for the feedback, yes I see the Login page works great, but the Admin Login Mgt. page has javascript form validation problems. I will take a look. Please feel free to make changes and post your results.

 

Regards,

EricK

Hi

 

I am having the same problem on version 1.7. Has anyone solved the javascript errors??

 

Many thanks

 

Ian

Share this post


Link to post
Share on other sites

Would someone please tell me the order of what one would have to do to edit an existing oscommerece

when it will not accept your user name or password?

 

 

What php files would one have to edit, and in what order to make the changes necessary to allow one to

evently be able to use the word admin as the user and use the word great as the password

allowing me to then change the user name and password to the oscommerece is working again

without loosing the existing database.

 

 

Thanks

 

OsCommerceGuy


The OsCommerceGuy - Thanks for any and all of your support in advance !

Share this post


Link to post
Share on other sites

There is still and error in the latest files. I can not login but eventually by clicking on the link again I am able to go to the admin screen bypassing the login screen.

Share this post


Link to post
Share on other sites

I just registered to give you guys some extra advice for the ones that are getting Database errors when importing the deliverd .sql file and then go on manually creating the usernames and passwords.

 

First of all Manually creating passwords in your Database won't work with this module unless you give it a MyISAM type, the given sql file in package 1.7 doesn't work properly so what you should do is replace the database query in the SQL file.

 

CREATE TABLE `administrator` (
 `ID` int(10) unsigned NOT NULL auto_increment,
 `sName` varchar(255) NOT NULL default '',
 `sPassword` varchar(255) NOT NULL default '',
 `sGUID` varchar(32) default NULL,
 `sData` text,
 PRIMARY KEY  (`ID`)
) TYPE=MyISAM AUTO_INCREMENT=3 ;

 

Insert this and you will be able to login just fine.

 

Regards,

Mehk

Share this post


Link to post
Share on other sites

Hi My name is Zulfan, nice to know you all, i just want to ask about my problems when i login in admin pages, my site is http://dezulma.vacau.com/admin . When i click the link, the site is direct to the google site, i don't understand why did it happen?and if i come in to my admin login page via http://dezulma.vacau.com/admin/login.php , is same direct to google site eventhough i fill username and password correctly, please tell me why did it happen, i'll wait your respons guys, or u can send email to zulfanceo21@gmail.com. Thanks

Edited by zulfanceozi

Share this post


Link to post
Share on other sites

I test your contribution (modification) and works fine, but I have only one problem.
When I try to use "Admin Login Mgt." on Tools doesn't works; I try to change or add a new admin, and a message appears saying...

Error: You cannot have a blank Admin Username

This error appears too when I try to change admin password.

Thanks for the feedback, yes I see the Login page works great, but the Admin Login Mgt. page has javascript form validation problems. I will take a look. Please feel free to make changes and post your results.

 

Regards,

EricK

 

I am still getting the following error, anyone have a fix yet?

Share this post


Link to post
Share on other sites

Hey guys

 

I have recently installed osCommerce and need a way to secure the admin login. I found this contribution and decided to try it. However I ran into some problems from running the "secure_administrator.sql" with the edited user names and password.

 

SQL query: 

INSERT INTO `administrator` 
VALUES (

'bravasupport', password( 'password' ) , NULL , NULL 
) 

MySQL said:  

#1136 - Column count doesn't match value count at row 1 

 

I checked and there is no "row 1", just a row 0. Could someone please explain this error to me and how to resolve the issue?

 

Thanks in advance

Share this post


Link to post
Share on other sites

Hey guys

 

I have recently installed osCommerce and need a way to secure the admin login. I found this contribution and decided to try it. However I ran into some problems from running the "secure_administrator.sql" with the edited user names and password.

 

SQL query: 

INSERT INTO `administrator` 
VALUES (

'bravasupport', password( 'password' ) , NULL , NULL 
) 

MySQL said:  

#1136 - Column count doesn't match value count at row 1 

 

I checked and there is no "row 1", just a row 0. Could someone please explain this error to me and how to resolve the issue?

 

Thanks in advance

 

 

I found this to be an issue as well. They left out an entry for the Insert Into so I went to the original file for this contribution and used this sql code to get my information added and it worked like a charm. If you compare this info to the one included in new file you will see they left out the 1 and 2 before username:

 

INSERT INTO `administrator` VALUES (1, 'username1', password('your_password1'), NULL, NULL);
INSERT INTO `administrator` VALUES (2, 'username2', password('your_password2'), NULL, NULL);

Edited by BBandC

Share this post


Link to post
Share on other sites

I am still having the problem that once I click login, nothing happens, it just reloads the login page. Any fix for this yet? Or should I de-install it?

On my server I cannot secure the admin with a htaccess so I need some other system. Anything else people can recommend?

 

Thanks,

Share this post


Link to post
Share on other sites
am still having the problem that once I click login, nothing happens, it just reloads the login page. Any fix for this yet? Or should I de-install it?

On my server I cannot secure the admin with a htaccess so I need some other system. Anything else people can recommend?

 

Thanks,

Yup, same with me... ...but I tried only a few minutes. I have no time since next weekend. maybe someone is faster with an answer. So...


life long and knusper

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
Sign in to follow this  

×