/ Forside / Teknologi / Udvikling / PHP / Nyhedsindlæg
Login
Glemt dit kodeord?
Brugernavn

Kodeord


Reklame
Top 10 brugere
PHP
#NavnPoint
rfh 3959
natmaden 3372
poul_from 3310
funbreak 2700
stone47 2230
Jin2k 1960
Angband 1743
Bjerner 1249
refi 1185
10  Interkril.. 1146
Problemer med Script
Fra : Christian


Dato : 28-02-04 13:23

Hejsa,

JEg har ikke selv lavet dette script, det skal lige siges. MEn
jeg har et problem med det. Det er et login sytem.

Når jeg trykker et rigtigt matchende password og username bliver
jeg logget ind, men når jeg trykker et forkert user og password
bliver jeg også logget ind. Nogen masterminds der har nogen
idéer?

Eksempel kan ses på http://www.rb-design.dk/fun-online/newlogin

Her er scriptet:




<?

if ($action == "login") {
if ($username == "admin" || $password == "admin")
if ($username == "admin3" || $password == "admin") {
setcookie("admin", "loggedin", "+3600");
header('Location: admin.php');
}
else {
$error = "wrong password";
}
}
elseif ($action == "logout") {
setcookie("admin", "loggedout", "-3600");
header('Location: http://216.118.121.28/pw/');
}


echo $error
?>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<HTML><HEAD><TITLE>Snewz WMS</TITLE>
<META content="text/html; charset=windows-1252"
http-equiv=Content-Type>

<STYLE type=text/css>
A:link {
COLOR: #000000; FONT-FAMILY: Verdana, Geneva, Arial, Helvetica,
sans-serif; FONT-WEIGHT: bold; TEXT-DECORATION: none
}

A:visited {
COLOR: #000000; FONT-FAMILY: Verdana, Geneva, Arial, Helvetica,
sans-serif; FONT-WEIGHT: bold; TEXT-DECORATION: none
}
A:hover {
COLOR: #800000; FONT-FAMILY: Verdana, Geneva, Arial, Helvetica,
sans-serif; FONT-WEIGHT: bold; TEXT-DECORATION: underline
}
A:active {
COLOR: #000000; FONT-FAMILY: Verdana, Geneva, Arial, Helvetica,
sans-serif; FONT-WEIGHT: bold; TEXT-DECORATION: none
}
input.button {
background-color: #7B093C;
color: white
}
</STYLE>


<META content="MSHTML 5.00.2614.3500" name=GENERATOR></HEAD>
<BODY bgColor=#cccccc marginwidth="0" marginheight="0">
<?
if($admin == "loggedin") { ?>
<TABLE align="center" cellPadding=0 cellSpacing=0 width="100%">
<TBODY>
<TR>

<TD bgColor=#42525B align="right" vAlign=top width="100%">
<DIV align=center>
<TABLE align="center" cellPadding=0 cellSpacing=0 width="100%">
<TBODY>
<TR>

<TD vAlign="middle" height="30" align="center"><font size="4"
color="#f1f1f1" face="Verdana"><strong>Snewz
WMS</strong></font></td></tr></table></TD></TR></TBODY></TABLE>

<table bgColor=#42525B border=1 bordercolor="#42525B"
width="100%"><tr>
<TD bgColor=#ffffff align="right" vAlign=top width="100%"
height="600">
<table bgColor=#FFFFFF border=0 bordercolor="#42525B"
width="100%"><tr>
<TD bgColor=#ffffff align="center" vAlign=top width="100%"
height="10"> </TD></TR></TBODY></TABLE>
<table width="100%" align="right"><tr><td align="right">
<font size="2"><a href="admin.php?action=login">login</a> | <a
href="admin.php?action=logout">logout</a></font>
<table border="0" bordercolor="#800000" cellspacing="1"
cellpading="2" width="100%" bgcolor="#FFFFFF" align="center"
border="0" cellspacing="0" cellpadding="0">
<tr>
<td width="100%" align="center">
<table width="100%" height="5"><tr><td align="center">
</td></tr></table>


<table width="100%" border="0" cellspacing="0"
cellpadding="0">
<tr>
<td vAlign="top" width="150" align="left">



<table border="1" bordercolor="#800000" cellspacing="0"
cellpading="0" width="100%" border="0" cellspacing="0"
cellpadding="0">
<tr>
<td bgcolor="#efefef" vAlign="top" width="150"
align="left">


<table border="0" bgcolor="#800000" cellspacing="0"
cellpading="0" width="100%" border="0" cellspacing="0"
cellpadding="0">
<tr>
<td bgcolor="#800000" vAlign="top" width="150"
align="center"><font size="2" color="#FFFFFF"
face="Verdana"><strong>News
Admin</strong></font></td></tr></table>


<?PHP
echo "<font size=\"2\" face=\"Verdana\">\n";
echo "<BR><a href=\"$PHP_SELF?action=form_addnews&id=$key\">add
news</a>\n";
echo "<BR><a href=\"$PHP_SELF?action=viewnews&id=$key\">view
news</a>\n";
echo "<BR><a
href=\"$PHP_SELF?action=newsconfiguration&id=$key\">config
news</a></font>\n";
echo "<BR><BR>\n";?>
</td></tr></table>

<table width="100%" height="10"><tr><td align="center">
</td></tr></table>

<table border="1" bordercolor="#800000" cellspacing="0"
cellpading="0" width="100%" border="0" cellspacing="0"
cellpadding="0">
<tr>
<td bgcolor="#efefef" vAlign="top" width="150"
align="left">


<table border="0" bgcolor="#800000" cellspacing="0"
cellpading="0" width="100%" border="0" cellspacing="0"
cellpadding="0">
<tr>
<td bgcolor="#800000" vAlign="top" width="150"
align="center"><font size="2" color="#FFFFFF"
face="Verdana"><strong>Guides
Admin</strong></font></td></tr></table>


<?PHP
echo "<font size=\"2\" face=\"Verdana\">\n";
echo "<BR><a href=\"$PHP_SELF?action=form_addwhere&id=$key\">add
where</a>\n";
echo "<BR><a href=\"#\">config guides</a></font>\n";
echo "<BR><BR>\n";?>
</td></tr></table>

<table width="100%" height="10"><tr><td align="center">
</td></tr></table>

<table border="1" bordercolor="#800000" cellspacing="0"
cellpading="0" width="100%" border="0" cellspacing="0"
cellpadding="0">
<tr>
<td bgcolor="#efefef" vAlign="top" width="150"
align="left">


<table border="0" bgcolor="#800000" cellspacing="0"
cellpading="0" width="100%" border="0" cellspacing="0"
cellpadding="0">
<tr>
<td bgcolor="#800000" vAlign="top" width="150"
align="center"><font size="2" color="#FFFFFF"
face="Verdana"><strong>Articles
Admin</strong></font></td></tr></table>


<?PHP
echo "<font size=\"2\" face=\"Verdana\">\n";
echo "<BR><a href=\"#\">add where</a>\n";
echo "<BR><a href=\"#\">config articles</a></font>\n";
echo "<BR><BR>\n";?>
</td></tr></table>

<table width="100%" height="10"><tr><td align="center">
</td></tr></table>

<table border="1" bordercolor="#800000" cellspacing="0"
cellpading="0" width="100%" border="0" cellspacing="0"
cellpadding="0">
<tr>
<td bgcolor="#efefef" vAlign="top" width="150"
align="left">


<table border="0" bgcolor="#800000" cellspacing="0"
cellpading="0" width="100%" border="0" cellspacing="0"
cellpadding="0">
<tr>
<td bgcolor="#800000" vAlign="top" width="150"
align="center"><font size="2" color="#FFFFFF"
face="Verdana"><strong>Reviews
Admin</strong></font></td></tr></table>


<?PHP
echo "<font size=\"2\" face=\"Verdana\">\n";
echo "<BR><a href=\"#\">add where</a>\n";
echo "<BR><a href=\"#\">config reviews</a></font>\n";
echo "<BR><BR>\n";?>
</td></tr></table>

<table width="100%" height="10"><tr><td align="center">
</td></tr></table>

<table border="1" bordercolor="#800000" cellspacing="0"
cellpading="0" width="100%" border="0" cellspacing="0"
cellpadding="0">
<tr>
<td bgcolor="#efefef" vAlign="top" width="150"
align="left">


<table border="0" bgcolor="#800000" cellspacing="0"
cellpading="0" width="100%" border="0" cellspacing="0"
cellpadding="0">
<tr>
<td bgcolor="#800000" vAlign="top" width="150"
align="center"><font size="2" color="#FFFFFF"
face="Verdana"><strong>Tutorials
Admin</strong></font></td></tr></table>


<?PHP
echo "<font size=\"2\" face=\"Verdana\">\n";
echo "<BR><a href=\"#\">add where</a>\n";
echo "<BR><a href=\"#\">config tutorials</a></font>\n";
echo "<BR><BR>\n";?>
</td></tr></table>


<table width="100%" height="10"><tr><td align="center">
</td></tr></table>

<table border="1" bordercolor="#800000" cellspacing="0"
cellpading="0" width="100%" border="0" cellspacing="0"
cellpadding="0">
<tr>
<td bgcolor="#efefef" vAlign="top" width="150"
align="left">


<table border="0" bgcolor="#800000" cellspacing="0"
cellpading="0" width="100%" border="0" cellspacing="0"
cellpadding="0">
<tr>
<td bgcolor="#800000" vAlign="top" width="150"
align="center"><font size="2" color="#FFFFFF"
face="Verdana"><strong>Ancient
History</strong></font></td></tr></table>


<?PHP
echo "<font size=\"2\" face=\"Verdana\">\n";
echo "<BR><a href=\"$PHP_SELF?action=form_addwhere&id=$key\">add
where</a>\n";
echo "<BR><a
href=\"$PHP_SELF?action=newsconfiguration&id=$key\">config A.H.
articles</a></font>\n";
echo "<BR><BR>\n";?>
</td></tr></table>

</DIV></td><td align="center" width="15">&nbsp;</td><td
vAlign="top" align="center" width="500">
<?
if($action == "edit" && isset($HTTP_POST_VARS['password'])) {
//obviously you should change this password on the next line
if($HTTP_POST_VARS['password'] == "editpass") {
//First let's recompile that line with the pipe symbols
so we can reinsert it
$line = $HTTP_POST_VARS['date'] . "|" .
$HTTP_POST_VARS['name'];
$line .= "|" . $HTTP_POST_VARS['news'];
$line = str_replace("\r\n","<BR>",$line);
$line .= "\r\n";
$data = file('news.txt');
$data[$id] = $line;
//the next line makes sure the $data array starts at the
beginning
reset($data);
//now we open the file with mode 'w' which truncates the
file
$fp = fopen('news.txt','w');
foreach($data as $element) {
fwrite($fp, $element);
}
fclose($fp);
echo "Item Edited!<BR><BR>\n";
echo "<a href=\"$PHP_SELF\">Go Back</a>\n";
exit;
} else {
echo "Bad password!\n";
exit;
}
}
if($action == "edit") {
$data = file('news.txt');
$element = trim($data[$id]);
$pieces = explode("|", $element);
//the next line is to reverse the process of turning the end
of lines into breaking returns
$news = str_replace("<BR>","\r\n",$pieces[2]);
echo "Make the changes you would like and press save.<BR>\n";
echo "<FORM ACTION=\"$PHP_SELF?action=edit\" METHOD=\"POST\"
NAME=\"editform\">\n";
echo "Name:<BR>\n";
echo "<INPUT TYPE=\"text\" SIZE=\"30\" NAME=\"name\"
value=\"".$pieces[1]."\"><BR>\n";
echo "The News:<BR>\n";
echo "<TEXTAREA NAME=\"news\" COLS=\"40\"
ROWS=\"5\">".$news."</TEXTAREA><BR><BR>\n";
echo "Password:<BR>\n";
echo "<INPUT TYPE=\"password\" SIZE=\"30\"
NAME=\"password\"><BR>\n";
echo "<INPUT TYPE=\"hidden\" NAME=\"date\"
VALUE=\"".$pieces[0]."\">\n";
echo "<INPUT TYPE=\"hidden\" NAME=\"id\" VALUE=\"$id\">\n";
echo "<INPUT TYPE=\"submit\" NAME=\"submit\"
VALUE=\"Save\"><BR>\n";
echo "</FORM>\n";
exit;
}
if($action == "delete" && isset($HTTP_POST_VARS['password'])) {
//obviously you should change this password on the next line
if($HTTP_POST_VARS['password'] == "deletepass") {
$data = file('news.txt');
//this next line will remove the single news item from
the array
array_splice($data,$id,1);
//now we open the file with mode 'w' which truncates the
file
$fp = fopen('news.txt','w');
foreach($data as $element) {
fwrite($fp, $element);
}
fclose($fp);
echo "Item deleted!<BR><BR>\n";
echo "<a href=\"$PHP_SELF\">Go Back</a>\n";
exit;
} else {
echo "Bad password!\n";
exit;
}
}
if($action == "delete") {
echo "<H2>You are about to delete the following news
item.</H2>\n";
$data = file('news.txt');
$element = trim($data[$id]);
$pieces = explode("|", $element);
echo $pieces[2] . "<BR>" . "<b>Posted by " . $pieces[1] . "
on " . $pieces[0] . "</b>\n";
echo "<BR><BR>\n";
echo "Are you sure you want to delete this news item? If so,
enter the password and click on Delete.<BR>\n";
echo "<FORM ACTION=\"$PHP_SELF?action=delete\"
METHOD=\"POST\" NAME=\"deleteform\">\n";
echo "Password:<BR>\n";
echo "<INPUT TYPE=\"password\" SIZE=\"30\"
NAME=\"password\"><BR>\n";
echo "<INPUT TYPE=\"hidden\" NAME=\"id\" VALUE=\"$id\">\n";
echo "<INPUT TYPE=\"submit\" NAME=\"submit\"
VALUE=\"Delete\"><BR>\n";
echo "</FORM>\n";
exit;
}


echo "<H1><u>Current News</u></H1>\n";
$data = file('news.txt');
//next line removed to make everything else easier in the admin
script
//$data = array_reverse($data);
foreach($data as $key=>$element) {
$element = trim($element);
$pieces = explode("|", $element);
echo $pieces[2] . "<BR>" . "<b>Posted by " . $pieces[1] . "
on " . $pieces[0] . "</b>\n";
echo "&nbsp;<a
href=\"$PHP_SELF?action=delete&id=$key\">Delete</a>\n";
echo "&nbsp;<a
href=\"$PHP_SELF?action=edit&id=$key\">Edit</a>\n";
echo "<BR><BR>\n";
}
echo "<HR>\n";
echo "<H1><u>Add News</u></H1>\n";
if($HTTP_POST_VARS['submit']) {
if($HTTP_POST_VARS['password'] == 'pass') {
if(!$HTTP_POST_VARS['name']) {
echo "You must enter a name";
exit;
}
if(!$HTTP_POST_VARS['news']) {
echo "You must enter some news";
exit;
}
if(strstr($HTTP_POST_VARS['name'],"|")) {
echo "Name cannot contain the pipe symbol - |";
exit;
}
if(strstr($HTTP_POST_VARS['news'],"|")) {
echo "News cannot contain the pipe symbol - |";
exit;
}
$fp = fopen('news.txt','a');
if(!$fp) {
echo "Error opening file!";
exit;
}
$line = date("m.d.y") . "|" . $HTTP_POST_VARS['name'];
$line .= "|" . $HTTP_POST_VARS['news'];
$line = str_replace("\r\n","<BR>",$line);
$line .= "\r\n";
fwrite($fp, $line);
if(!fclose($fp)) {
echo "Error closing file!";
exit;
}
echo "<b>News added!</b>\n";
} else {
echo "Bad Password";
}
}

?>
<FORM ACTION="<?=$PHP_SELF?>" METHOD="POST" NAME="newsentry">
Your name:<BR>
<INPUT TYPE="text" SIZE="30" NAME="name"><BR>
The News:<BR>
<TEXTAREA NAME="news" COLS="40" ROWS="5"></TEXTAREA><BR><BR>
News Password:<BR>
<INPUT TYPE="password" SIZE="30" NAME="password"><BR>
<INPUT TYPE="submit" NAME="submit" VALUE="Post it!"><BR>
</FORM>





</font> </td></tr></table>

</td></tr></table>
<br><br>
</div>

</td></tr></table>


</TD></TR></TBODY></TABLE>
<? } else { ?>

<table width="100%" height="180"><tr><td align="center">
</td></tr></table>
<table border="1" bordercolor="#800000" cellspacing="1"
cellpading="2" width="200" bgcolor="#FFFFFF" align="center"
border="0" cellspacing="0" cellpadding="0">
<tr>
<td align="center">
<table width="100%" height="5"><tr><td align="center">
</td></tr></table>
<form name="form1" method="post" action="admin.php?action=login">
<table border="0" cellspacing="0" cellpadding="0">
<tr>
<td>
<div align="right"><font
color="#000000">Name:</font>
<input type="text" style="background-color:#E5E5E5" name="user"
id="textfield" maxlength="20" size="10">
</div>
</td>
</tr>
<tr>
<td height="2">
<div align="right"><font
color="#000000">Password:</font>
<input type="password" style="background-color:#E5E5E5"
name="password" id="textfield" maxlength="20" size="10">

</div>
</td>
</tr>
<tr>
<td height="30">
<div align="right">
<input type="submit" name="Submit" value="Login"
style="height:20; font-size:10px;font-family:verdana;
color:#000000;">
</div>
</td>
</tr>
</table>

</form></td></tr></table>


<? } ?>
</BODY></HTML>


På forhånd tak Christian



--
Vil du lære at kode HTML, XHTML, CSS, SSI eller ASP?
- Pædagogiske tutorials på dansk
- Kom godt i gang med koderne
KLIK HER! => http://www.html.dk/tutorials

 
 
Thomas Lindgaard (28-02-2004)
Kommentar
Fra : Thomas Lindgaard


Dato : 28-02-04 15:25

Davs

Det er en noget mærkelig if-konstruktion der indleder scriptet - jeg
indenter lige...

On Sat, 28 Feb 2004 12:22:36 +0000, Christian wrote:

> if ($action == "login") {
> if ($username == "admin" || $password == "admin")
> if ($username == "admin3" || $password == "admin") {
> setcookie("admin", "loggedin", "+3600");
> header('Location: admin.php');
> }
> else {
> $error = "wrong password";
> }
> }
> elseif ($action == "logout") {
> setcookie("admin", "loggedout", "-3600");
> header('Location: http://216.118.121.28/pw/');
> }

Hvis $action er 'login' og kodeordet er 'admin' så kan man logge ind med
en vilkårligt brugernavn, fordi betingelserne i if-sætningerne spørge
om $username _eller_ $password er rigtige.

Hvis kodeordet ikke er 'admin' vil man ikke kunne logge ind idet der
først spørges til om $username er 'admin' og derefter om $username er
'admin3' - den ene udelukker den anden.

Altså:

if ( $action == 'login' ) {
// Tjek at $username og $password begge er gyldige
if ( $username == 'admin' && $password == 'noget hemmeligt' ) {
setcookie('admin', 'loggedin', '+3600');
header('Location: admin.php');
}
else {
$error = 'brugeren er en prut';
}
}
else if ( $action == 'logout' ) {
setcookie('admin', 'loggedout', '-3600');
header('Location: http://www.leech.dk/santatoss.swf');
}

Det skulle gerne reparere på login-delen - men der er vist andre
mærkværdigheder i koden (f.eks. bliver $error skrevet ud _før_ DOCTYPE...)

Mvh.
/Thomas

Christian (28-02-2004)
Kommentar
Fra : Christian


Dato : 28-02-04 17:01


> Altså:
>
> if ( $action == 'login' ) {
> // Tjek at $username og $password begge er gyldige
> if ( $username == 'admin' && $password == 'noget hemmeligt' ) {
> setcookie('admin', 'loggedin', '+3600');
> header('Location: admin.php');
> }
> else {
> $error = 'brugeren er en prut';
> }
> }
> else if ( $action == 'logout' ) {
> setcookie('admin', 'loggedout', '-3600');
> header('Location: http://www.leech.dk/santatoss.swf');
> }
>
> Det skulle gerne reparere på login-delen - men der er vist andre
> mærkværdigheder i koden (f.eks. bliver $error skrevet ud _før_
DOCTYPE...)

Er det så muligt at oprette flere brugere?

--
Vil du lære at kode HTML, XHTML, CSS, SSI eller ASP?
- Pædagogiske tutorials på dansk
- Kom godt i gang med koderne
KLIK HER! => http://www.html.dk/tutorials

Kasper Garnæs (28-02-2004)
Kommentar
Fra : Kasper Garnæs


Dato : 28-02-04 18:09

Christian <SphinX@mail-online.dk> wrote:
>> Altså:
>>
>> if ( $action == 'login' ) {
>> // Tjek at $username og $password begge er gyldige
>> if ( $username == 'admin' && $password == 'noget hemmeligt' ) {
>> setcookie('admin', 'loggedin', '+3600');
>> header('Location: admin.php');
>> }
>> else {
>> $error = 'brugeren er en prut';
>> }
>> }
>> else if ( $action == 'logout' ) {
>> setcookie('admin', 'loggedout', '-3600');
>> header('Location: http://www.leech.dk/santatoss.swf');
>> }
>>
>> Det skulle gerne reparere på login-delen - men der er vist andre
>> mærkværdigheder i koden (f.eks. bliver $error skrevet ud _før_
>> DOCTYPE...)
>
> Er det så muligt at oprette flere brugere?

Hvis du vil have flere brugere, kan du bygge videre på ovenstående ved at
tilføje "eller brugernavn = et-eller-andet-brugernavn og kodeord =
tilhørende-kodeord" á la:

// Tjek at $username og $password begge er gyldige
if ( ( $username == 'admin' && $password == 'noget hemmeligt' ) ||
( $username == 'et-eller-andet-brugernavn' && $password ==
'tilhørende-kodeord' ) ) {

--
Med venlig hilsen / Regards
Kasper Garnæs
http://kasper.garnaes.dk



Christian (28-02-2004)
Kommentar
Fra : Christian


Dato : 28-02-04 21:25

Kasper Garnæs wrote in dk.edb.internet.webdesign.serverside.php:
> Christian <SphinX@mail-online.dk> wrote:
> >> Altså:
> >>
> >> if ( $action == 'login' ) {
> >> // Tjek at $username og $password begge er gyldige
> >> if ( $username == 'admin' && $password == 'noget hemmeligt' ) {
> >> setcookie('admin', 'loggedin', '+3600');
> >> header('Location: admin.php');
> >> }
> >> else {
> >> $error = 'brugeren er en prut';
> >> }
> >> }
> >> else if ( $action == 'logout' ) {
> >> setcookie('admin', 'loggedout', '-3600');
> >> header('Location: http://www.leech.dk/santatoss.swf');
> >> }
> >>
> >> Det skulle gerne reparere på login-delen - men der er vist andre
> >> mærkværdigheder i koden (f.eks. bliver $error skrevet ud _før_
> >> DOCTYPE...)
> >
> > Er det så muligt at oprette flere brugere?
>
> Hvis du vil have flere brugere, kan du bygge videre på ovenstående ved at
> tilføje "eller brugernavn = et-eller-andet-brugernavn og kodeord =
> tilhørende-kodeord" á la:
>
Selv med ovenstående kode sker det samme igen. Du bliver lukket ind
ligemeget hvilket pass du skriver....

Nogen løsninger? Hele scriptet der er gennemtestet modtages med kyshånd. (Du
kan få en reklame hos mig så)

--
Vil du lære at kode HTML, XHTML, CSS, SSI eller ASP?
- Pædagogiske tutorials på dansk
- Kom godt i gang med koderne
KLIK HER! => http://www.html.dk/tutorials

Thomas Lindgaard (29-02-2004)
Kommentar
Fra : Thomas Lindgaard


Dato : 29-02-04 13:25

On Sat, 28 Feb 2004 20:25:11 +0000, Christian wrote:

> Selv med ovenstående kode sker det samme igen. Du bliver lukket ind
> ligemeget hvilket pass du skriver....

Outputtet fra dit script er en login-form med plads til brugernavn og
kodeord. Action for form'en er admin.php - dvs. at den information der
tastes ind i form'en sendes til admin.php, og der derfor er dette script
der regner forkert mht. om brugeren skal logges ind eller ej.

> Nogen løsninger? Hele scriptet der er gennemtestet modtages med kyshånd.

Der er ikke noget der er gennemtestet, men tag en kigger på admin.php
- der er garanteret rod i noget brugertjek.

> (Du kan få en reklame hos mig så)

Det har jeg ikke rigtig brug for :)

Mvh.
/Thomas

Søg
Reklame
Statistik
Spørgsmål : 177559
Tips : 31968
Nyheder : 719565
Indlæg : 6408934
Brugere : 218888

Månedens bedste
Årets bedste
Sidste års bedste