Registrations to Open-AudIT forums are now closed. To ask any new questions please visit Opmantek Community Questions.

Open-AudIT

What's on your network?
It is currently Fri Mar 29, 2024 9:55 am

All times are UTC + 10 hours




Forum locked This topic is locked, you cannot edit posts or make further replies.  [ 13 posts ] 
Author Message
PostPosted: Wed Aug 11, 2010 9:52 pm 
Offline
Helper

Joined: Thu Apr 15, 2010 12:28 am
Posts: 83
Hi

special character ' in software title causes trouble for OpenAudIT. When I try to view software_register_details.php for some software titled Agere Systems AC'97 Modem
the top of the page says:

[code]Warning: mysql_fetch_array(): supplied argument is not a valid MySQL result resource in /var/www/open-audit/software_register_details.php on line 46[/code]

The reason is most likely that MySQL by default uses the same char ' as string start/end char.

If I use these SQL statements:
[code]mysql> update software_register set software_title='Agere Systems AC\\\'97 Modem' where software_reg_id=2014;
Query OK, 1 row affected (0.00 sec)
Rows matched: 1 Changed: 1 Warnings: 0

mysql> select * from software_register where software_reg_id=2014;
+-----------------+----------+----------------------------+-------------------+
| software_reg_id | group_id | software_title | software_comments |
+-----------------+----------+----------------------------+-------------------+
| 2014 | 0 | Agere Systems AC\'97 Modem | |
+-----------------+----------+----------------------------+-------------------+
1 row in set (0.00 sec)
[/code]

then OpenAudIT software_register_details.php no longer complains, but it does list a \ in the webpage where the software title is listed. Agere Systems AC\'97 Modem

How could we fix this?
[list=1]
  • make admin_pc_add_2.php add a \ when it sees a ' char AND make software_register.php + software_register_details.php remove the \ before showing the software title

  • make MySQL use another string start/end char, which might end up also being used by some software title

  • ignore that the MySQL database contains string start/end chars in the middle of the software title string, and just escape it with \ all the places PHP uses the software title to lookup something in MySQL.



  • Top
     Profile  
    Reply with quote  
    PostPosted: Fri Aug 13, 2010 3:03 am 
    Offline
    Moderator

    Joined: Fri Jul 20, 2007 8:27 am
    Posts: 1259
    Try this change to software_register_details.php. Find the code similar to below and add the mysql_real_escape_string and see what happens.

    [code]
    $sql2 = "SELECT sum(license_purchase_number) as number_purchased FROM ";
    $sql2 .= "software_licenses, software_register WHERE ";
    $sql2 .= "license_software_id = software_reg_id AND ";
    $sql2 .= "software_title = '" . mysql_real_escape_string($myrow['software_title']) . "'";
    $result2 = mysql_query($sql2, $db);
    $myrow2 = mysql_fetch_array($result2);
    [/code]


    Top
     Profile  
    Reply with quote  
    PostPosted: Fri Aug 13, 2010 4:31 am 
    Offline
    Moderator

    Joined: Fri Jul 20, 2007 8:27 am
    Posts: 1259
    The "Add Software" function doesn't work for software with single quotes in the title as well. At least not for me. Did you add the software with quotes by hand?

    Anyway. Add the following to the url_clean function in include_functions.php:
    [code]$url_clean = str_replace ('\'','%27',$url_clean);[/code]

    Make the following change in software_register_add_ajax.php:

    [code]
    FROM:
    if (isset($_GET['act'])){ $package = $_GET['act']; } else { $package = ''; }
    $sql = "SELECT count(*) AS count FROM software_register WHERE software_title = '$package'";
    mysql_connect($mysql_server, $mysql_user, $mysql_password) or die("Could not connect");
    mysql_select_db($mysql_database) or die("Could not select database");


    TO:
    if (isset($_GET['act'])){ $package = $_GET['act']; } else { $package = ''; }
    mysql_connect($mysql_server, $mysql_user, $mysql_password) or die("Could not connect");
    mysql_select_db($mysql_database) or die("Could not select database");
    $package = mysql_real_escape_string($package);
    $sql = "SELECT count(*) AS count FROM software_register WHERE software_title = '$package'";
    [/code]

    See how that works.


    Top
     Profile  
    Reply with quote  
    PostPosted: Fri Aug 13, 2010 7:17 pm 
    Offline
    Helper

    Joined: Thu Apr 15, 2010 12:28 am
    Posts: 83
    [quote="jpa"]Try this change to software_register_details.php. Find the code similar to below and add the mysql_real_escape_string and see what happens.

    [code]
    $sql2 = "SELECT sum(license_purchase_number) as number_purchased FROM ";
    $sql2 .= "software_licenses, software_register WHERE ";
    $sql2 .= "license_software_id = software_reg_id AND ";
    $sql2 .= "software_title = '" . mysql_real_escape_string($myrow['software_title']) . "'";
    $result2 = mysql_query($sql2, $db);
    $myrow2 = mysql_fetch_array($result2);
    [/code]

    If I had know it was that easy, I would have written a patch myself. This one works perfectly.

    Top
     Profile  
    Reply with quote  
    PostPosted: Fri Aug 13, 2010 7:30 pm 
    Offline
    Helper

    Joined: Thu Apr 15, 2010 12:28 am
    Posts: 83
    [quote="jpa"]The "Add Software" function doesn't work for software with single quotes in the title as well. At least not for me. Did you add the software with quotes by hand?

    I might have done that. It's been so long that I can not remember how I got them added.

    [quote="jpa"]Anyway. Add the following to the url_clean function in include_functions.php:
    [code]$url_clean = str_replace ('\'','%27',$url_clean);[/code]
    I only made this change, and now it says it was added. It also is added since it is no longer in the list.



    [quote="jpa"]Make the following change in software_register_add_ajax.php:

    [code]
    FROM:
    if (isset($_GET['act'])){ $package = $_GET['act']; } else { $package = ''; }
    $sql = "SELECT count(*) AS count FROM software_register WHERE software_title = '$package'";
    mysql_connect($mysql_server, $mysql_user, $mysql_password) or die("Could not connect");
    mysql_select_db($mysql_database) or die("Could not select database");


    TO:
    if (isset($_GET['act'])){ $package = $_GET['act']; } else { $package = ''; }
    mysql_connect($mysql_server, $mysql_user, $mysql_password) or die("Could not connect");
    mysql_select_db($mysql_database) or die("Could not select database");
    $package = mysql_real_escape_string($package);
    $sql = "SELECT count(*) AS count FROM software_register WHERE software_title = '$package'";
    [/code]

    See how that works.
    This last one does not work alone.

    Top
     Profile  
    Reply with quote  
    PostPosted: Fri Aug 13, 2010 7:40 pm 
    Offline
    Helper

    Joined: Thu Apr 15, 2010 12:28 am
    Posts: 83
    If I edit both include_functions.php and software_register_add_ajax.php it does not work at all. I had to svn revert software_register_add_ajax.php


    Top
     Profile  
    Reply with quote  
    PostPosted: Sat Aug 14, 2010 2:04 am 
    Offline
    Moderator

    Joined: Fri Jul 20, 2007 8:27 am
    Posts: 1259
    Interesting. Here are my related files. Do they work?


    Attachments:
    software_register.php.txt [5.17 KiB]
    Downloaded 380 times
    software_register_add.php.txt [4.83 KiB]
    Downloaded 362 times
    software_register_add_ajax.php.txt [2.42 KiB]
    Downloaded 367 times
    Top
     Profile  
    Reply with quote  
    PostPosted: Tue Aug 17, 2010 12:46 am 
    Offline
    Helper

    Joined: Thu Apr 15, 2010 12:28 am
    Posts: 83
    [quote="jpa"]Interesting. Here are my related files. Do they work?

    no, they do not work

    Top
     Profile  
    Reply with quote  
    PostPosted: Tue Aug 17, 2010 2:23 am 
    Offline
    Moderator

    Joined: Fri Jul 20, 2007 8:27 am
    Posts: 1259
    Your web server access logs should show the call to software_register_add_ajax.php. Try to register a software package with a single-quote and see what shows up in the access logs. It should be a properly URL encoded string that shows in the log. If this is correct then PHP error logs should hopefully show some type of MySQL error.


    Top
     Profile  
    Reply with quote  
    PostPosted: Tue Aug 17, 2010 11:04 pm 
    Offline
    Helper

    Joined: Thu Apr 15, 2010 12:28 am
    Posts: 83
    [quote="jpa"]Your web server access logs should show the call to software_register_add_ajax.php. Try to register a software package with a single-quote and see what shows up in the access logs. It should be a properly URL encoded string that shows in the log. If this is correct then PHP error logs should hopefully show some type of MySQL error.

    The url looks correct even without your all changes
    [code]
    [09/Mar/2010:14:57:54 +0100] "GET /open-audit/software_register_add_ajax.php?act=Rocks%27n%27Diamonds%203.2.3 HTTP/1.1" 200 40 "http://dkopen-audit/open-audit/software_register_add.php" "Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10.6; en-US; rv:1.9.1.3) Gecko/20090824 Firefox/3.5.3"
    [13/Aug/2010:11:21:22 +0200] "GET /open-audit/software_register_add_ajax.php?act=Rocks%27n%27Diamonds%203.2.3 HTTP/1.1" 200 40 "http://dkopen-audit/open-audit/software_register_add.php" "Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10.6; en-US; rv:1.9.2.8) Gecko/20100722 Firefox/3.6.8"
    [13/Aug/2010:11:31:53 +0200] "GET /open-audit/software_register_add_ajax.php?act=Rocks%27n%27Diamonds%203.2.3 HTTP/1.1" 200 40 "http://dkopen-audit/open-audit/software_register_add.php" "Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10.6; en-US; rv:1.9.2.8) Gecko/20100722 Firefox/3.6.8"
    [13/Aug/2010:11:33:34 +0200] "GET /open-audit/software_register_add_ajax.php?act=Rocks%27n%27Diamonds%203.2.3 HTTP/1.1" 200 20 "http://dkopen-audit/open-audit/software_register_add.php" "Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10.6; en-US; rv:1.9.2.8) Gecko/20100722 Firefox/3.6.8"
    [13/Aug/2010:11:33:44 +0200] "GET /open-audit/software_register_add_ajax.php?act=Rocks%27n%27Diamonds%203.2.3 HTTP/1.1" 200 20 "http://dkopen-audit/open-audit/software_register_add.php" "Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10.6; en-US; rv:1.9.2.8) Gecko/20100722 Firefox/3.6.8"
    [13/Aug/2010:11:37:51 +0200] "GET /open-audit/software_register_add_ajax.php?act=Rocks%27n%27Diamonds%203.2.3 HTTP/1.1" 200 20 "http://dkopen-audit/open-audit/software_register_add.php" "Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10.6; en-US; rv:1.9.2.8) Gecko/20100722 Firefox/3.6.8"
    [13/Aug/2010:11:38:12 +0200] "GET /open-audit/software_register_add_ajax.php?act=Rocks%27n%27Diamonds%203.2.3 HTTP/1.1" 200 40 "http://dkopen-audit/open-audit/software_register_add.php" "Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10.6; en-US; rv:1.9.2.8) Gecko/20100722 Firefox/3.6.8"
    [16/Aug/2010:16:44:56 +0200] "GET /open-audit/software_register_add_ajax.php?act=Rocks%27n%27Diamonds%203.2.3 HTTP/1.1" 200 20 "http://dkopen-audit/open-audit/software_register_add.php" "Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10.6; en-US; rv:1.9.2.8) Gecko/20100722 Firefox/3.6.8"
    [16/Aug/2010:16:45:06 +0200] "GET /open-audit/software_register_add_ajax.php?act=Rocks%27n%27Diamonds%203.2.3 HTTP/1.1" 200 20 "http://dkopen-audit/open-audit/software_register_add.php" "Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10.6; en-US; rv:1.9.2.8) Gecko/20100722 Firefox/3.6.8"
    [16/Aug/2010:16:45:27 +0200] "GET /open-audit/software_register_add_ajax.php?act=Rocks%27n%27Diamonds%203.2.3 HTTP/1.1" 200 40 "http://dkopen-audit/open-audit/software_register_add.php" "Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10.6; en-US; rv:1.9.2.8) Gecko/20100722 Firefox/3.6.8"[/code]

    [code]
    [11-Aug-2010 11:16:17] PHP Warning: mysql_fetch_array(): supplied argument is not a valid MySQL result resource in /var/www/open-audit/include_functions.php on line 1096
    [11-Aug-2010 11:16:17] PHP Warning: mysql_fetch_array(): supplied argument is not a valid MySQL result resource in /var/www/open-audit/include_functions.php on line 1096
    [11-Aug-2010 11:16:17] PHP Warning: mysql_fetch_array(): supplied argument is not a valid MySQL result resource in /var/www/open-audit/include_functions.php on line 1096
    [11-Aug-2010 13:22:04] PHP Warning: mysql_fetch_array(): supplied argument is not a valid MySQL result resource in /var/www/open-audit/software_register_details.php on line 46
    [12-Aug-2010 17:31:51] PHP Warning: mysql_fetch_array(): supplied argument is not a valid MySQL result resource in /var/www/open-audit/software_register_details.php on line 46
    [/code]

    Top
     Profile  
    Reply with quote  
    PostPosted: Wed Aug 18, 2010 2:54 am 
    Offline
    Moderator

    Joined: Fri Jul 20, 2007 8:27 am
    Posts: 1259
    OK I'm stumped. I can't see how this is working at all without all the changes I've indicated.

    How about you post your include_functions.php, software_register_add.php and software_register_add_ajax.php files.


    Top
     Profile  
    Reply with quote  
    PostPosted: Wed Aug 18, 2010 9:23 pm 
    Offline
    Helper

    Joined: Thu Apr 15, 2010 12:28 am
    Posts: 83
    My software_register_add.php ad ajax.php looks like they are from revision 1247, as svn diff gives no output on those.

    [code]
    dkopen-audit:/var/www/open-audit# svn diff include_functions.php
    Index: include_functions.php
    ===================================================================
    --- include_functions.php (revision 1247)
    +++ include_functions.php (working copy)
    @@ -96,6 +96,7 @@
    $url_clean = str_replace ('[','%5B',$url_clean);
    $url_clean = str_replace (']','%5D',$url_clean);
    $url_clean = str_replace ('`','%60',$url_clean);
    +$url_clean = str_replace ('\'','%27',$url_clean);
    return $url_clean;
    }
    [/code]
    Here are the diff for include_functions.php


    Top
     Profile  
    Reply with quote  
    PostPosted: Thu Aug 19, 2010 4:27 am 
    Offline
    Moderator

    Joined: Fri Jul 20, 2007 8:27 am
    Posts: 1259
    I reverted all my changes to SVN 1247. Then made the following changes to get this problem fixed. If this doesn't work for you I can't help. Maybe one of the developers that really know the system can help. I'm just a user fixing things for myself.

    [code]
    Index: include_functions.php
    ===================================================================
    --- include_functions.php (revision 1247)
    +++ include_functions.php (working copy)
    @@ -79,6 +79,7 @@
    $url_clean = str_replace (' ','%20',$url_clean);
    $url_clean = str_replace ('+','%2B',$url_clean);
    $url_clean = str_replace ('&','%26',$url_clean);
    +$url_clean = str_replace ('\'','%27',$url_clean);
    $url_clean = str_replace (',','%2C',$url_clean);
    $url_clean = str_replace ('/','%2F',$url_clean);
    $url_clean = str_replace (':','%3A',$url_clean);
    Index: software_add_license_2.php
    ===================================================================
    --- software_add_license_2.php (revision 1247)
    +++ software_add_license_2.php (working copy)
    @@ -10,10 +10,10 @@
    $sql .= "license_purchase_number, license_comments, license_purchase_type, license_order_number) values ";

    $sql .= "('" . $_POST['id'] . "', '" . $_POST['date_purchased'];
    -$sql .= "', '" . $_POST['vendor'];
    +$sql .= "', '" . mysql_real_escape_string($_POST['vendor']);
    $sql .= "', '" . $_POST['cost'] . "', '" . $_POST['number_purchased'];
    -$sql .= "', '" . $_POST['comments'] . "', '" . $_POST['type'];
    -$sql .= "', '" . $_POST['order'] . "')";
    +$sql .= "', '" . mysql_real_escape_string($_POST['comments']) . "', '" . $_POST['type'];
    +$sql .= "', '" . mysql_real_escape_string($_POST['order']) . "')";

    $result = mysql_query($sql);

    Index: software_register.php
    ===================================================================
    --- software_register.php (revision 1247)
    +++ software_register.php (working copy)
    @@ -71,7 +71,7 @@
    echo "<td align=\"center\">" . $font . $number_audit . "</font></td>";
    }
    echo "<td align=\"center\"><div id=\"s" . $myrow['software_reg_id'] . "\">\n";
    - echo "<a href=\"#\" onclick=\"sendRequest('" . url_clean($myrow["software_reg_id"]) . "');\"><img border=\"0\" src=\"images/button_fail.png\" width=\"16\" height=\"16\" alt=\"\" /></a>";
    + echo "<a href=\"#\" onclick=\"sendRequest('" . url_clean($myrow["software_reg_id"]) . "');return false;\"><img border=\"0\" src=\"images/button_fail.png\" width=\"16\" height=\"16\" alt=\"\" /></a>";
    echo "</div></td>\n";
    echo "</tr>";
    } while ($myrow = mysql_fetch_array($result));
    Index: software_register_add.php
    ===================================================================
    --- software_register_add.php (revision 1247)
    +++ software_register_add.php (working copy)
    @@ -69,7 +69,7 @@
    echo " <td>&nbsp;&nbsp;" . $myrow["software_name"] . "</td>\n";
    echo "<td align=\"center\">";
    echo "<div id=\"s" . div_clean($myrow["software_name"]) . "\">";
    - echo "<a href=\"#\" onclick=\"sendRequest('" . url_clean($myrow["software_name"]) . "');\"><img border=\"0\" src=\"images/button_success.png\" width=\"16\" height=\"16\" alt=\"\" /></a>";
    + echo "<a href=\"#\" onclick=\"sendRequest('" . url_clean($myrow["software_name"]) . "');return false;\"><img border=\"0\" src=\"images/button_success.png\" width=\"16\" height=\"16\" alt=\"\" /></a>";
    echo "</div>\n";
    echo "</td>\n";
    echo "<td valign=\"top\">\n";
    Index: software_register_add_ajax.php
    ===================================================================
    --- software_register_add_ajax.php (revision 1247)
    +++ software_register_add_ajax.php (working copy)
    @@ -36,9 +36,11 @@
    }

    if (isset($_GET['act'])){ $package = $_GET['act']; } else { $package = ''; }
    -$sql = "SELECT count(*) AS count FROM software_register WHERE software_title = '$package'";
    mysql_connect($mysql_server, $mysql_user, $mysql_password) or die("Could not connect");
    mysql_select_db($mysql_database) or die("Could not select database");
    +$package = mysql_real_escape_string($package);
    +$sql = "SELECT count(*) AS count FROM software_register WHERE software_title = '$package'";
    +
    $result = mysql_query($sql) or die ('<td>Insert Failed: ' . mysql_error() . '<br />' . $sql . "</td>");
    $myrow = mysql_fetch_array($result);
    if ($myrow["count"] == "0") {
    Index: software_register_del.php
    ===================================================================
    --- software_register_del.php (revision 1247)
    +++ software_register_del.php (working copy)
    @@ -25,8 +25,16 @@
    $sql3 = "SELECT SUM(license_purchase_number) AS number_purchased FROM software_licenses WHERE license_software_id = '" . $myrow["software_reg_id"] . "'";
    $result3 = mysql_query($sql3, $db);
    $myrow3 = mysql_fetch_array($result3);
    - $sql4 = "SELECT count(software_name) AS number_used FROM software WHERE software_name = '" . addslashes($myrow["software_title"]) . "'";
    - $result4 = mysql_query($sql4, $db);
    + #$sql4 = "SELECT count(software_name) AS number_used FROM software WHERE software_name = '" . mysql_real_escape_string($myrow["software_title"]) . "'";
    + $sql4 = "SELECT software_reg_id, software_title, count(software.software_name) AS number_used FROM ";
    + $sql4 .= "software_register, software, system WHERE ";
    + $sql4 .= "software_title = software_name AND ";
    + $sql4 .= "software_title = '" . mysql_real_escape_string($myrow["software_title"]) . "' AND ";
    + $sql4 .= "software_uuid = system_uuid AND ";
    + $sql4 .= "software_timestamp = system_timestamp ";
    + $sql4 .= "GROUP BY software_title";
    +
    + $result4 = mysql_query($sql4, $db);
    $myrow4 = mysql_fetch_array($result4);
    if ($myrow3["number_purchased"] == "") { $number_purchased = 0; } else { $number_purchased = $myrow3["number_purchased"]; }
    if ($myrow4["number_used"] == "") { $number_used = 0; } else { $number_used = $myrow4["number_used"]; }
    Index: software_register_del_2.php
    ===================================================================
    --- software_register_del_2.php (revision 1247)
    +++ software_register_del_2.php (working copy)
    @@ -1,4 +1,3 @@
    -<<<<<<< .mine
    <?php

    include "include_config.php";
    @@ -25,24 +24,3 @@
    } else {}

    ?>
    -=======
    -<?php
    -
    -include "include_config.php";
    -
    - if ($_GET['confirm']=1) {
    -
    - $link = mysql_connect($mysql_server, $mysql_user, $mysql_password) or die("Could not connect");
    - mysql_select_db("$mysql_database") or die("Could not select database");
    -
    - $query = "DELETE FROM software_register WHERE software_reg_id = '" . $_GET['id'] . "'";
    - $result = mysql_query($query) or die("Query failed at insert stage. register");
    -
    - $query = "DELETE FROM software_licenses WHERE license_software_id = '" . $_GET['id'] . "'";
    - $result = mysql_query($query) or die("Query failed at insert stage. license");
    -
    - header("Location: software_register.php");
    - } else {}
    -
    -?>
    ->>>>>>> .r834
    Index: software_register_details.php
    ===================================================================
    --- software_register_details.php (revision 1247)
    +++ software_register_details.php (working copy)
    @@ -36,7 +36,7 @@
    $sql2 = "SELECT sum(license_purchase_number) as number_purchased FROM ";
    $sql2 .= "software_licenses, software_register WHERE ";
    $sql2 .= "license_software_id = software_reg_id AND ";
    - $sql2 .= "software_title = '" . $myrow['software_title'] . "'";
    + $sql2 .= "software_title = '" . mysql_real_escape_string($myrow['software_title']) . "'";
    $result2 = mysql_query($sql2, $db);
    $myrow2 = mysql_fetch_array($result2);

    Index: software_register_edit_comments.php
    ===================================================================
    --- software_register_edit_comments.php (revision 1247)
    +++ software_register_edit_comments.php (working copy)
    @@ -25,7 +25,7 @@
    $result3 = mysql_query($sql3, $db);
    $myrow3 = mysql_fetch_array($result3);

    - $sql4 = "SELECT count(software_name) AS number_used FROM software WHERE software_name = '" . $myrow["software_title"] . "'";
    + $sql4 = "SELECT count(software_name) AS number_used FROM software WHERE software_name = '" . mysql_real_escape_string($myrow["software_title"]) . "'";
    $result4 = mysql_query($sql4, $db);
    $myrow4 = mysql_fetch_array($result4);

    Index: software_register_edit_comments_2.php
    ===================================================================
    --- software_register_edit_comments_2.php (revision 1247)
    +++ software_register_edit_comments_2.php (working copy)
    @@ -19,6 +19,7 @@
    mysql_connect($mysql_server, $mysql_user, $mysql_password) or die("Could not connect");
    mysql_select_db($mysql_database) or die("Could not select database");

    +$comments = mysql_real_escape_string($comments);
    $sql = "update software_register set software_comments = '$comments' WHERE software_reg_id='$id'";

    $result = mysql_query($sql);

    [/code]


    Top
     Profile  
    Reply with quote  
    Display posts from previous:  Sort by  
    Forum locked This topic is locked, you cannot edit posts or make further replies.  [ 13 posts ] 

    All times are UTC + 10 hours


    Who is online

    Users browsing this forum: No registered users and 2 guests


    You cannot post new topics in this forum
    You cannot reply to topics in this forum
    You cannot edit your posts in this forum
    You cannot delete your posts in this forum
    You cannot post attachments in this forum

    Search for:
    Jump to:  
    cron
    Powered by phpBB® Forum Software © phpBB Group