Форумы Делаем анонимный форум vBulletin [3.6.8]

Discussion in 'Уязвимости CMS/форумов' started by -Gory King-, 6 May 2010.

  1. -Gory King-

    -Gory King- Banned

    Joined:
    26 Jun 2009
    Messages:
    247
    Likes Received:
    23
    Reputations:
    15
    Делаем анонимный форум vBulletin [3.6.8]


    По многочисленным просьбам, решил в vBulletin полностью отключить ведение логов IP адресов, и сразу попутно писать эту статью

    Эта статья на примере vBulletin 3.6.8, по этому если у вас версия другая (а я уверен), то в ней могут быть новые файлы, которые ведут дополнительную запись в БД, в них уже придётся вам самим исправлять.

    А я на примере 3.6.8, начну:

    1.

    Открываем файл /register.php
    Ищем строку:
    Code:
    
// register IP address
$userdata->set('ipaddress', IPADDRESS);
    и заменяем на:
    Code:
    // register IP address
$userdata->set('ipaddress', '');
    Дальше там же ищем:

    Code:
    
$ipaddress = IPADDRESS;
eval(fetch_email_phrases('newuser', 0));
    и заменяем на:
    Code:
    
$ipaddress = '';
eval(fetch_email_phrases('newuser', 0));

    2.
    Открываем файл /inlinemod.php
    Ищем строку:

    Code:
    
    /*insert query*/
    $db->query_write("
        REPLACE INTO " . TABLE_PREFIX . "search (userid, showposts, ipaddress, personal, forumchoice, sortby, sortorder, searchtime, orderedids, announceids, dateline, displayterms, searchhash)
        VALUES (" . $vbulletin->userinfo['userid'] . ", 0, '" . $db->escape_string(IPADDRESS) . "', 1, '', '', 'DESC', '', '" . $db->escape_string($threadids) . "', '', " . TIMENOW . ", '" . $db->escape_string(serialize($display)) . "', '')
    ");
    и заменяем на:
    Code:
    
    /*insert query*/
    $db->query_write("
        REPLACE INTO " . TABLE_PREFIX . "search (userid, showposts, ipaddress, personal, forumchoice, sortby, sortorder, searchtime, orderedids, announceids, dateline, displayterms, searchhash)
        VALUES (" . $vbulletin->userinfo['userid'] . ", 0, '" . $db->escape_string('') . "', 1, '', '', 'DESC', '', '" . $db->escape_string($threadids) . "', '', " . TIMENOW . ", '" . $db->escape_string(serialize($display)) . "', '')
    ");
    Дальше там же ищем:

    Code:
        /*insert query*/
    $db->query_write("
        REPLACE INTO " . TABLE_PREFIX . "search (userid, showposts, ipaddress, personal, forumchoice, sortby, sortorder, searchtime, orderedids, announceids, dateline, displayterms, searchhash)
        VALUES (" . $vbulletin->userinfo['userid'] . ", 1, '" . $db->escape_string(IPADDRESS) . "', 1, '', '', 'DESC', '', '" . $db->escape_string($postids) . "', '', " . TIMENOW . ", '" . $db->escape_string(serialize($display)) . "', '')
    ");
    и заменяем на:

    Code:
        /*insert query*/
    $db->query_write("
        REPLACE INTO " . TABLE_PREFIX . "search (userid, showposts, ipaddress, personal, forumchoice, sortby, sortorder, searchtime, orderedids, announceids, dateline, displayterms, searchhash)
        VALUES (" . $vbulletin->userinfo['userid'] . ", 1, '" . $db->escape_string('') . "', 1, '', '', 'DESC', '', '" . $db->escape_string($postids) . "', '', " . TIMENOW . ", '" . $db->escape_string(serialize($display)) . "', '')
    ");
    3.
    Открываем файл /online.php
    Ищем строку:

    Code:
    
    $userinfo["{$vbulletin->userinfo['userid']}"]['location'] = '/online.php';
    $userinfo["{$vbulletin->userinfo['userid']}"]['host'] = IPADDRESS;
    $userinfo["{$vbulletin->userinfo['userid']}"]['lastactivity'] = TIMENOW;
    и заменяем на:

    Code:
    
    $userinfo["{$vbulletin->userinfo['userid']}"]['location'] = '/online.php';
    $userinfo["{$vbulletin->userinfo['userid']}"]['host'] = '';
    $userinfo["{$vbulletin->userinfo['userid']}"]['lastactivity'] = TIMENOW;
    4.
    Открываем файл /search.php
    Ищем строку:

    Code:
        if ($prevsearch = $db->query_first("
        SELECT searchid, dateline
        FROM " . TABLE_PREFIX . "search AS search
        WHERE " . iif(!$vbulletin->userinfo['userid'], "ipaddress ='" . $db->escape_string(IPADDRESS) . "'", "userid = " . $vbulletin->userinfo['userid']) . "
        ORDER BY dateline DESC LIMIT 1
    "))
    и заменяем на:

    Code:
        if ($prevsearch = $db->query_first("
        SELECT searchid, dateline
        FROM " . TABLE_PREFIX . "search AS search
        WHERE " . iif(!$vbulletin->userinfo['userid'], "ipaddress ='" . $db->escape_string('') . "'", "userid = " . $vbulletin->userinfo['userid']) . "
        ORDER BY dateline DESC LIMIT 1
    "))
    Дальше там же ищем:

    Code:
    $db->query_write("
REPLACE INTO " . TABLE_PREFIX . "search (userid, titleonly, ipaddress, personal, query, searchuser, forumchoice, sortby, sortorder, searchtime, showposts, orderedids, dateline, searchterms, displayterms, searchhash, completed)
VALUES (" . $vbulletin->userinfo['userid'] . ", " . intval($vbulletin->GPC['titleonly']) . " ,'" . $db->escape_string(IPADDRESS) . "', " . ($vbulletin->options['searchsharing'] ? 0 : 1) . ", '" . $db->escape_string($search['query']) . "', '" . $db->escape_string($search['searchuser']) . "', '" . $db->escape_string($search['forumchoice']) . "', '" . $db->escape_string($search['sortby']) . "', '" . $db->escape_string($vbulletin->GPC['sortorder']) . "', $searchtime, " . intval($vbulletin->GPC['showposts']) . ", '" . implode(',', $search['orderedids']) . "', " . TIMENOW . ", '" . $db->escape_string($search['searchterms']) . "', '" . $db->escape_string($search['displayterms']) . "', '" . $db->escape_string($searchhash) . "', 1)
### SAVE ITEM IDS IN ORDER ###
");
    и заменяем на:

    Code:
    $db->query_write("
REPLACE INTO " . TABLE_PREFIX . "search (userid, titleonly, ipaddress, personal, query, searchuser, forumchoice, sortby, sortorder, searchtime, showposts, orderedids, dateline, searchterms, displayterms, searchhash, completed)
VALUES (" . $vbulletin->userinfo['userid'] . ", " . intval($vbulletin->GPC['titleonly']) . " ,'" . $db->escape_string('') . "', " . ($vbulletin->options['searchsharing'] ? 0 : 1) . ", '" . $db->escape_string($search['query']) . "', '" . $db->escape_string($search['searchuser']) . "', '" . $db->escape_string($search['forumchoice']) . "', '" . $db->escape_string($search['sortby']) . "', '" . $db->escape_string($vbulletin->GPC['sortorder']) . "', $searchtime, " . intval($vbulletin->GPC['showposts']) . ", '" . implode(',', $search['orderedids']) . "', " . TIMENOW . ", '" . $db->escape_string($search['searchterms']) . "', '" . $db->escape_string($search['displayterms']) . "', '" . $db->escape_string($searchhash) . "', 1)
### SAVE ITEM IDS IN ORDER ###
");
    Дальше там же ищем:
    Code:
    VALUES (
" . $vbulletin->userinfo['userid'] . ",
" . intval($vbulletin->GPC['titleonly']) . ",
'" . $db->escape_string(IPADDRESS) . "',
" . ($vbulletin->options['searchsharing'] ? 0 : 1) . ",
    и заменяем на:

    Code:
    VALUES (
" . $vbulletin->userinfo['userid'] . ",
" . intval($vbulletin->GPC['titleonly']) . ",
'" . $db->escape_string('') . "',
" . ($vbulletin->options['searchsharing'] ? 0 : 1) . ",

    Дальше там же ищем:
    Code:
    VALUES (
" . $vbulletin->userinfo['userid'] . ",
" . intval($vbulletin->GPC['titleonly']) . " ,
'" . $db->escape_string(IPADDRESS) . "',
" . ($vbulletin->options['searchsharing'] ? 0 : 1) . ",
    и заменяем на:

    Code:
    VALUES (
" . $vbulletin->userinfo['userid'] . ",
" . intval($vbulletin->GPC['titleonly']) . " ,
'" . $db->escape_string('') . "',
" . ($vbulletin->options['searchsharing'] ? 0 : 1) . ",
    Дальше там же ищем:
    Code:
    $db->query_write("
REPLACE INTO " . TABLE_PREFIX . "search (userid, titleonly, ipaddress, personal, query, searchuser, forumchoice, sortby, sortorder, searchtime, showposts, orderedids, dateline, searchterms, displayterms, searchhash, completed)
VALUES (" . $vbulletin->userinfo['userid'] . ", " . intval($vbulletin->GPC['titleonly']) . " ,'" . $db->escape_string(IPADDRESS) . "', " . ($vbulletin->options['searchsharing'] ? 0 : 1) . ", '" . $db->escape_string($vbulletin->GPC['query']) . "', '" . $db->escape_string($vbulletin->GPC['searchuser']) . "', '" . $db->escape_string($forumchoice) . "', '" . $db->escape_string($vbulletin->GPC['sortby']) . "', '" . $db->escape_string($vbulletin->GPC['sortorder']) . "', $searchtime, " . intval($vbulletin->GPC['showposts']) . ", '" . implode(',', $orderedids) . "', " . time() . ", '" . $db->escape_string(serialize($searchterms)) . "', '" . $db->escape_string(serialize($display)) . "', '" . $db->escape_string($searchhash) . "', 1)
### SAVE ORDERED IDS TO SEARCH CACHE ###
");
    и заменяем на:

    Code:
    $db->query_write("
REPLACE INTO " . TABLE_PREFIX . "search (userid, titleonly, ipaddress, personal, query, searchuser, forumchoice, sortby, sortorder, searchtime, showposts, orderedids, dateline, searchterms, displayterms, searchhash, completed)
VALUES (" . $vbulletin->userinfo['userid'] . ", " . intval($vbulletin->GPC['titleonly']) . " ,'" . $db->escape_string('') . "', " . ($vbulletin->options['searchsharing'] ? 0 : 1) . ", '" . $db->escape_string($vbulletin->GPC['query']) . "', '" . $db->escape_string($vbulletin->GPC['searchuser']) . "', '" . $db->escape_string($forumchoice) . "', '" . $db->escape_string($vbulletin->GPC['sortby']) . "', '" . $db->escape_string($vbulletin->GPC['sortorder']) . "', $searchtime, " . intval($vbulletin->GPC['showposts']) . ", '" . implode(',', $orderedids) . "', " . time() . ", '" . $db->escape_string(serialize($searchterms)) . "', '" . $db->escape_string(serialize($display)) . "', '" . $db->escape_string($searchhash) . "', 1)
### SAVE ORDERED IDS TO SEARCH CACHE ###
");
    Дальше там же ищем:

    Code:
            // is this search customized for one user?
        if ($search['personal'])
        {
            // if search was by guest, do ip addresses match?
            if ($search['userid'] == 0 AND $search['ipaddress'] == IPADDRESS)
            {
    и заменяем на:

    Code:
            // is this search customized for one user?
        if ($search['personal'])
        {
            // if search was by guest, do ip addresses match?
            if ($search['userid'] == 0 AND $search['ipaddress'] == '')
            {
    Дальше там же ищем:

    Code:
        // build search hash
    $searchhash = md5($vbulletin->userinfo['userid'] . IPADDRESS . $forumid . $vbulletin->GPC['days'] . $vbulletin->userinfo['lastvisit'] . $vbulletin->GPC['include'] . '|' . $vbulletin->GPC['exclude']);
и заменяем на:
Код:
    // build search hash
    $searchhash = md5($vbulletin->userinfo['userid'] . '' . $forumid . $vbulletin->GPC['days'] . $vbulletin->userinfo['lastvisit'] . $vbulletin->GPC['include'] . '|' . $vbulletin->GPC['exclude']);
    Дальше там же ищем:

    Code:
        /*insert query*/
    $db->query_write("
        REPLACE INTO " . TABLE_PREFIX . "search (userid, showposts, ipaddress, personal, forumchoice, sortby, sortorder, searchtime, orderedids, announceids, dateline, displayterms, searchhash, completed)
        VALUES (" . $vbulletin->userinfo['userid'] . ", " . intval($vbulletin->GPC['showposts']) . ", '" . $db->escape_string(IPADDRESS) . "', 1, '" . $db->escape_string($foruminfo['forumid']) . "', '" . $db->escape_string($vbulletin->GPC['sortby']) . "', 'DESC', $searchtime, '$sql_ids', '$sql_aids', " . TIMENOW . ", '" . $db->escape_string(serialize($display)) . "', '" . $db->escape_string($searchhash) . "', 1)
    ");
    и заменяем на:
    Code:
        /*insert query*/
    $db->query_write("
        REPLACE INTO " . TABLE_PREFIX . "search (userid, showposts, ipaddress, personal, forumchoice, sortby, sortorder, searchtime, orderedids, announceids, dateline, displayterms, searchhash, completed)
        VALUES (" . $vbulletin->userinfo['userid'] . ", " . intval($vbulletin->GPC['showposts']) . ", '" . $db->escape_string('') . "', 1, '" . $db->escape_string($foruminfo['forumid']) . "', '" . $db->escape_string($vbulletin->GPC['sortby']) . "', 'DESC', $searchtime, '$sql_ids', '$sql_aids', " . TIMENOW . ", '" . $db->escape_string(serialize($display)) . "', '" . $db->escape_string($searchhash) . "', 1)
    ");
    Дальше там же ищем:

    Code:
            VALUES
            (" . $vbulletin->userinfo['userid'] . ", '" . $db->escape_string(IPADDRESS) . "', 1,
            '" . $db->escape_string($user['username']) . "', '" . $db->escape_string($forumchoice) . "',
    и заменяем на:

    Code:
            VALUES
            (" . $vbulletin->userinfo['userid'] . ", '" . $db->escape_string('') . "', 1,
            '" . $db->escape_string($user['username']) . "', '" . $db->escape_string($forumchoice) . "',

    5.
    Открываем файл /sendmessage.php
    Ищем строку:

    Code:
     if ($destemail == $vbulletin->options['webmasteremail'])
            {
                $ip = IPADDRESS;
            }
    и заменяем на:

    Code:
     if ($destemail == $vbulletin->options['webmasteremail'])
            {
                $ip = '';
            }
    Дальше там же ищем:

    Code:
            {
            $ip = IPADDRESS;
            $destemail =& $vbulletin->options['webmasteremail'];
        }
    и заменяем на:
    Code:
            {
            $ip = '';
            $destemail =& $vbulletin->options['webmasteremail'];
        }
    6.
    Открываем файл /threadrate.php
    Ищем строку:


    Code:
     if ($rating = $db->query_first("
            SELECT *
            FROM " . TABLE_PREFIX . "threadrate
            WHERE ipaddress = '" . $db->escape_string(IPADDRESS) . "'
    и заменяем на:

    Code:
      if ($rating = $db->query_first("
            SELECT *
            FROM " . TABLE_PREFIX . "threadrate
            WHERE ipaddress = '" . $db->escape_string('') . "'
    Дальше там же ищем:
    Code:
                $threadrate->set('vote', $vbulletin->GPC['vote']);
            $threadrate->set('ipaddress', IPADDRESS);
    и заменяем на:

    Code:
                $threadrate->set('vote', $vbulletin->GPC['vote']);
            $threadrate->set('ipaddress', '');
    7.
    Открываем файл /includes/adminfunctions.php
    Ищем строку:

    Code:
        $vbulletin->db->shutdown_query("
        INSERT INTO " . TABLE_PREFIX . "adminlog(userid, dateline, script, action, extrainfo, ipaddress)
        VALUES
        ($userid, " . TIMENOW.", '" . $vbulletin->db->escape_string($script) . "', '" . $vbulletin->db->escape_string($scriptaction) . "', '" . $vbulletin->db->escape_string($extrainfo) ."', '" . IPADDRESS . "')
    ");
    и заменяем на:
    Code:
        $vbulletin->db->shutdown_query("
        INSERT INTO " . TABLE_PREFIX . "adminlog(userid, dateline, script, action, extrainfo, ipaddress)
        VALUES
        ($userid, " . TIMENOW.", '" . $vbulletin->db->escape_string($script) . "', '" . $vbulletin->db->escape_string($scriptaction) . "', '" . $vbulletin->db->escape_string($extrainfo) ."', '" . '' . "')
    ");
    8.
    Открываем файл /includes/class_core.php
    Ищем строку:

    Code:
                $ipaddress      = IPADDRESS;
            $classname      = get_class($this);
    и заменяем на:

    Code:
       $ipaddress      = '';
            $classname      = get_class($this);

    9.
    Открываем файл /includes/class_dm_threadpost.php
    Ищем строку:

    Code:
                if ($this->fetch_field('ipaddress', 'post') === null)
            {
                $this->set('ipaddress', ($this->registry->options['logip'] ? IPADDRESS : ''));
            }
    и заменяем на:
    Code:
    if ($this->fetch_field('ipaddress', 'post') === null)
            {
                $this->set('ipaddress', ($this->registry->options['logip'] ? '' : ''));
            }
    Дальше там же ищем:

    Code:
    $modlogsql[] = "
                    ($entry[userid], " . TIMENOW . ", $forumid, $threadid, $entry[type],
                    '" . $this->dbobject->escape_string($entry['action']) . "', '" . $this->dbobject->escape_string(IPADDRESS) . "')
                ";
    и заменяем на:

    Code:
                    $modlogsql[] = "
                    ($entry[userid], " . TIMENOW . ", $forumid, $threadid, $entry[type],
                    '" . $this->dbobject->escape_string($entry['action']) . "', '" . $this->dbobject->escape_string('') . "')
                ";

    10.
    Открываем файл /includes/class_dm_threadrate.php
    Ищем строку:
    Code:
            if (!$this->condition AND $this->fetch_field('userid') == $this->registry->userinfo['userid'] AND !$this->fetch_field('ipaddress'))
        {
            $this->set('ipaddress', IPADDRESS);
        }
    и заменяем на:

    Code:
            if (!$this->condition AND $this->fetch_field('userid') == $this->registry->userinfo['userid'] AND !$this->fetch_field('ipaddress'))
        {
            $this->set('ipaddress', '');
        }
    11.
    Открываем файл /includes/functions.php
    Ищем строку:

    Code:
        global $vbulletin;

    $user_ipaddress = IPADDRESS . '.';
    и заменяем на:

    Code:
        global $vbulletin;

    $user_ipaddress = '' . '.';
    12.
    Открываем файл /includes/functions_login.php
    Ищем строку:
    Code:
        $strikes = $vbulletin->db->query_first("
        SELECT COUNT(*) AS strikes, MAX(striketime) AS lasttime
        FROM " . TABLE_PREFIX . "strikes
        WHERE strikeip = '" . $vbulletin->db->escape_string(IPADDRESS) . "'
    ");
    и заменяем на:

    Code:
        $strikes = $vbulletin->db->query_first("
        SELECT COUNT(*) AS strikes, MAX(striketime) AS lasttime
        FROM " . TABLE_PREFIX . "strikes
        WHERE strikeip = '" . $vbulletin->db->escape_string('') . "'
    ");
    Дальше там же ищем:

    Code:
            $strikes_user = $vbulletin->db->query_first("
            SELECT COUNT(*) AS strikes
            FROM " . TABLE_PREFIX . "strikes
            WHERE strikeip = '" . $vbulletin->db->escape_string(IPADDRESS) . "'
                AND username = '" . $vbulletin->db->escape_string(htmlspecialchars_uni($username)) . "'
        ");
    и заменяем на:

    Code:
    
        $strikes_user = $vbulletin->db->query_first("
            SELECT COUNT(*) AS strikes
            FROM " . TABLE_PREFIX . "strikes
            WHERE strikeip = '" . $vbulletin->db->escape_string('') . "'
                AND username = '" . $vbulletin->db->escape_string(htmlspecialchars_uni($username)) . "'
        ");
    Дальше там же ищем:

    Code:
                $ip = IPADDRESS;
            eval(fetch_email_phrases('accountlocked', $user['languageid']));
    и заменяем на:

    Code:
         $ip = '';
            eval(fetch_email_phrases('accountlocked', $user['languageid']));
    Дальше там же ищем:

    Code:
        $vbulletin->db->query_write("
        INSERT INTO " . TABLE_PREFIX . "strikes
        (striketime, strikeip, username)
        VALUES
        (" . TIMENOW . ", '" . $vbulletin->db->escape_string(IPADDRESS) . "', '" . $vbulletin->db->escape_string(htmlspecialchars_uni($username)) . "')
    ");
    и заменяем на:

    Code:
        $vbulletin->db->query_write("
        INSERT INTO " . TABLE_PREFIX . "strikes
        (striketime, strikeip, username)
        VALUES
        (" . TIMENOW . ", '" . $vbulletin->db->escape_string('') . "', '" . $vbulletin->db->escape_string(htmlspecialchars_uni($username)) . "')
    ");
    Дальше там же ищем:
    Code:
    $vbulletin->db->query_write("DELETE FROM " . TABLE_PREFIX . "strikes WHERE strikeip = '" . $vbulletin->db->escape_string(IPADDRESS) . "' AND username='" . $vbulletin->db->escape_string(htmlspecialchars_uni($username)) . "'");
}
    и заменяем на:


    Code:
    $vbulletin->db->query_write("DELETE FROM " . TABLE_PREFIX . "strikes WHERE strikeip = '" . $vbulletin->db->escape_string('') . "' AND username='" . $vbulletin->db->escape_string(htmlspecialchars_uni($username)) . "'");
}
    13.
    Открываем файл /includes/functions_log_error.php
    Ищем строку:

    Code:
                    $errstring .= "Username: {$vbulletin->userinfo['username']}\r\n";
                $errstring .= 'IP Address: ' . IPADDRESS . "\r\n";
    и заменяем на:

    Code:
                    $errstring .= "Username: {$vbulletin->userinfo['username']}\r\n";
                $errstring .= 'IP Address: ' . '' . "\r\n";
    Дальше там же ищем:

    Code:
                    $errstring .= "Username: $username\r\n";
                $errstring .= 'IP Address: ' . IPADDRESS . "\r\n";
                $errstring .= "Strikes: $GLOBALS[strikes]/5\r\n";
    и заменяем на:

    Code:
    $errstring .= "Username: $username\r\n";
                $errstring .= 'IP Address: ' . '' . "\r\n";
                $errstring .= "Strikes: $GLOBALS[strikes]/5\r\n";
    Дальше там же ищем:

    Code:
        $modlogsql[] = "(" . intval($logtype) . ", " . intval($log['userid']) . ", " . TIMENOW . ", " . intval($log['forumid']) . ", " . intval($log['threadid']) . ", " . intval($log['postid']) . ", " . intval($log['pollid']) . ", " . intval($log['attachmentid']) . ", '" . $vbulletin->db->escape_string($action) . "', '" . $vbulletin->db->escape_string(IPADDRESS) . "')";
        }
    и заменяем на:
    Code:
    
    $modlogsql[] = "(" . intval($logtype) . ", " . intval($log['userid']) . ", " . TIMENOW . ", " . intval($log['forumid']) . ", " . intval($log['threadid']) . ", " . intval($log['postid']) . ", " . intval($log['pollid']) . ", " . intval($log['attachmentid']) . ", '" . $vbulletin->db->escape_string($action) . "', '" . $vbulletin->db->escape_string('') . "')";
        }
    Дальше там же ищем:
    Code:
    $moderatorlog['ipaddress'] = IPADDRESS;
    и заменяем на:

    Code:
    $moderatorlog['ipaddress'] = '';
    Ну вот и всё.
    Теперь ваши пользователи будут чувствовать себя вполне спокойно
    Статья канешно не моя!! :D :D :D :D
     
    #1 -Gory King-, 6 May 2010
  2. vbcreate

    vbcreate New Member

    Joined:
    7 May 2010
    Messages:
    5
    Likes Received:
    0
    Reputations:
    0
    Никчему это помоему, лишний гиморой...
     
    #2 vbcreate, 9 May 2010
  3. neval

    neval Elder - Старейшина

    Joined:
    13 Dec 2006
    Messages:
    457
    Likes Received:
    116
    Reputations:
    23
    не проще ли один раз предопределить константу(?) IPADDRESS и не делать
    "Дальше там же ищем: и заменяем на:" двадцать раз?
     
    #3 neval, 9 May 2010
  4. =VoVaN=

    =VoVaN= Banned

    Joined:
    16 Apr 2010
    Messages:
    81
    Likes Received:
    8
    Reputations:
    0
    согласен
     
    #4 =VoVaN=, 11 May 2010
(You must log in or sign up to post here.)
Language
English (US)
    ANTICHAT ™ © 2001-2027 Antichat Kft.