Exemplo n.º 1
0
 function db_login($user, $pass)
 {
     $login = "******";
     $result = @mysql_query($login) or die('<pre>' . mysql_error() . '</pre>');
     if ($result && mysql_num_rows($result) == 1) {
         // Login Successful...
         blobMessagePush("You have logged in as '" . $user . "'");
         blobLogin($user);
         blobRedirect('index.php');
     }
 }
Exemplo n.º 2
0
 * You should have received a copy of the GNU General Public License
 * along with this program.  If not, see <http://www.gnu.org/licenses/>.
 */
define('BLOB_WEB_PAGE_TO_ROOT', '../');
require_once BLOB_WEB_PAGE_TO_ROOT . 'blob/includes/blobPage.inc.php';
blobPageStartup(array('authenticated'));
$page = blobPageNewGrab();
blobDatabaseConnect();
$user = blobCurrentUser();
$user_id = blobGetUserID($user);
if (isset($_GET['user'])) {
    $page['title'] .= $page['title_separator'] . 'Follow User';
    $page['page_id'] = 'followuser';
    $user = $_GET['user'];
    $user = mysql_real_escape_string($user);
    // Check if the user exists
    if (!blobExistUser($user)) {
        blobMessagePush("'" . $user . "' does not exist!");
        blobRedirect('follow.php');
    }
    $fullName = blobGetUserFullName($user);
    $avatar = getAvatar($user);
    $followHTML = blobFollowUser($user);
    $profilepage = BLOB_WEB_PAGE_TO_ROOT . 'profile/view.php?user='******'body'] .= "\r\n<div class=\"body_padded\">\r\n\t<h2>Following User: {$user}</h2>\r\n\r\n\t<div class=\"vulnerable_code_area\">\r\n\t\t<div style=\"float: left; padding-right: 10px; border-right: 2px solid #C0C0C0;\">\r\n\t\t\t<img src=\"{$avatar}\" width=\"100\" />\r\n\t\t</div>\r\n\t\t<div style=\"margin-left: 120px;\">\r\n\t\t\t" . blobInternalLinkUrlGet($profilepage, $fullName) . "\r\n\t\t\t<br /><br />\r\n\t\t\t{$followHTML}\r\n\t\t\t<br /><br />\r\n\t\t</div>\r\n\t</div>\r\n\r\n\t<br />\r\n\t<b>View user's profile:</b> " . blobInternalLinkUrlGet($profilepage, $fullName) . "\r\n\t<br /><br /><br />\r\n\r\n</div>\r\n";
} else {
    $page['title'] .= $page['title_separator'] . 'User List';
    $page['page_id'] = 'othersprofile';
    $page['body'] .= "\r\n<div class=\"body_padded\">\r\n\t<h2>User List</h2>\r\n\r\n\t" . blobUserList() . "\r\n\t<br /> <br />\r\n\r\n</div>\r\n";
}
blobHtmlEcho($page);
Exemplo n.º 3
0
            }
        }
    }
}
if (isset($_POST['deleteUser'])) {
    $un = $_POST['username'];
    $un = stripslashes($un);
    $un = mysql_real_escape_string($un);
    if ($un == "") {
        blobMessagePush("Please enter a User name!");
        blobRedirect(".");
    } else {
        if (!blobExistUser($un)) {
            blobMessagePush("This username does not exist!");
            blobRedirect(".");
        } else {
            if ($un == $user) {
                blobMessagePush("That's You!");
                blobRedirect(".");
            } else {
                $qry = "DELETE FROM `users` WHERE user='******';";
                $result = @mysql_query($qry) or die('<pre>' . mysql_error() . '</pre>');
                blobMessagePush("User '{$un}' deleted!");
                blobRedirect('.');
            }
        }
    }
}
$userList = blobGetSiteUsers();
$page['body'] .= "\r\n<div class=\"body_padded\">\r\n\t<h2>Admin Area</h2>\r\n\r\n\t<hr><center>\r\n\t<div class=\"table-wrap\">\r\n\t<p class=\"heading\"><b>User List [+/-]</b></p>\r\n\t<div class=\"content\">\r\n\t{$userList}\r\n\t</div>\r\n\t</div>\r\n\t</center><hr>\r\n\t<br />\r\n\t<div class=\"vulnerable_code_area\">\r\n\t\t<form method=\"post\" name=\"updateuserlevel\">\r\n\t\t\t<h3>Update User level</h3>\r\n\t\t\t<label for=\"user\">Username</label> <input type=\"text\" class=\"loginInput\" style=\"width:220px;\" size=\"10\" name=\"username\">\r\n\t\t\t<span><select class=\"button\" name=\"levelNumber\"><option value=\"0\">Normal User</option><option value=\"1\">Admin</option></select></span>\r\n\t\t\t<input class=\"button\" name=\"updateLevel\" type=\"submit\" value=\"Update Level\" \">\r\n\t\t</form>\r\n\t</div>\r\n\r\n\t<div class=\"vulnerable_code_area\">\r\n\t\t<form method=\"post\" name=\"deleteUser\">\r\n\t\t\t<h3>Delete User</h3>\r\n\t\t\t<label for=\"user\">Username</label> <input type=\"text\" class=\"loginInput\" style=\"width:220px;\" size=\"10\" name=\"username\">\r\n\t\t\t<span style=\"margin-left: 20px;\"></span>\r\n\t\t\t<input class=\"button\" name=\"deleteUser\" type=\"submit\" value=\"Delete User\" \">\r\n\t\t</form>\r\n\t</div>\r\n\r\n\t<div class=\"vulnerable_code_area\">\r\n\t\t<form method=\"get\" action=\"status.php\">\r\n\t\t\t<h3>View Status</h3>\r\n\t\t\t<label for=\"user\">User ID</label> <input type=\"text\" class=\"loginInput\" style=\"width:220px;\" size=\"10\" name=\"user\">\r\n\t\t\t<span style=\"margin-left: 20px;\"></span>\r\n\t\t\t<input class=\"button\" type=\"submit\" value=\"View Status\" \">\r\n\t\t</form>\r\n\t</div>\r\n\r\n\t<div class=\"clear\"></div>\r\n\r\n\r\n\t<br />\r\n\r\n</div>\r\n";
blobHtmlEcho($page);
Exemplo n.º 4
0
            }
        }
        $qry = "UPDATE `users` SET avatar='{$profUrl}' WHERE user='******';";
        $result = @mysql_query($qry) or die('<pre>' . mysql_error() . '</pre>');
        blobMessagePush("Updated the new Image!");
    }
    if ($profile["fn"] != $fn || $profile["ln"] != $ln || $key_new != $key) {
        $qry = "UPDATE `users` SET first_name='{$fn}', last_name='{$ln}', sec_key='{$key_new}' WHERE user='******';";
        $result = @mysql_query($qry) or die('<pre>' . mysql_error() . '</pre>');
        blobMessagePush("Profile updated");
    } else {
        blobMessagePush("Profile was not updated");
    }
    if ($pass != "") {
        $pass = stripslashes($pass);
        $pass = mysql_real_escape_string($pass);
        $pass = md5($pass);
        $qry = "UPDATE `users` SET password='******' WHERE user='******';";
        $result = @mysql_query($qry) or die('<pre>' . mysql_error() . '</pre>');
        blobMessagePush("Password changed. You Need to re-login");
        blobRedirect('../logout.php');
    }
    blobRedirect('edit.php');
}
$page = blobPageNewGrab();
$page['title'] .= $page['title_separator'] . 'Edit Profile: ' . $user;
$page['page_id'] = 'editprofile';
$page['onload'] = "onLoad=\"document.form.firstname.focus()\"";
$page['script'] .= "<script language=\"javascript\">function doEnable(){ document.form.key.readOnly=false; document.form.key_edit_btn.disabled=true; }</script>";
$page['body'] .= "\r\n<div class=\"body_padded\" align=\"center\">\r\n                        <h2>Edit Profile: {$user}</h2>\r\n\r\n                        <div class=\"main_body_box\" style=\"width: 400px;\">\r\n                            <form action=\"edit.php\" name=\"form\" method=\"post\" enctype=\"multipart/form-data\">\r\n                            <input type=\"hidden\" name=\"edit.php\" value=\"edit.php\" />\r\n\r\n\t<fieldset>\r\n\t<div style=\"float: left\">\r\n\t\t\t<label for=\"firstname\">First Name <font color=\"red\">*</font></label> <input type=\"text\" class=\"loginInput\" size=\"20\" name=\"firstname\" value=\"{$profile["fn"]}\"><br />\r\n\t\t\t</div>\r\n\t\t\t<div style=\"float: left\">\r\n\t\t\t<label for=\"lastname\">Last Name <font color=\"red\">*</font></label> <input type=\"text\" class=\"loginInput\" size=\"20\" name=\"lastname\" value=\"{$profile["ln"]}\"><br />\r\n\t\t\t</div>\r\n\t\t\t<div style=\"float: left\">\r\n\t\t\t<label for=\"pass\">Password <font color=\"red\">(Not changed if blank)</font></label> <input type=\"password\" class=\"loginInput\" AUTOCOMPLETE=\"off\" size=\"20\" name=\"password\">\r\n\t\t\t</div>\r\n\t\t\t<div style=\"float: left\">\r\n\t\t\t<label for=\"key\">Secret Key <font color=\"red\"><input type=\"button\" value=\"Edit\" name=\"key_edit_btn\" onclick=\"doEnable()\"></font></label> <input type=\"text\" readonly class=\"loginInput\" AUTOCOMPLETE=\"off\" size=\"20\" id=\"key\" name=\"key\" value=\"{$key}\">\r\n\t\t\t</div>\r\n\t\t\t<div style=\"float: left; padding-right: 10px; border-right: 2px solid #C0C0C0;\">\r\n\t\t\t\t<img src=\"{$avatar}\" width=\"100\" />\r\n\t\t\t</div>\r\n\t\t\t<div style=\"float: left; margin-left: 120px; margin-top: -70px;\">\r\n\t\t\t\t<label for=\"pass\">Profile Image <font color=\"red\"><br />(Not changed if blank)</font></label> <br /><input type=\"file\" class=\"loginInput\" class=\"button\" name=\"file\" id=\"file\" /><br />\r\n\t\t\t</div>\r\n\t\t\t<div style=\"float: left; width: 100%;\">\r\n\t\t\t<p class=\"submit\"><input class=\"button\" type=\"submit\" value=\"Edit Profile\" name=\"EditProfile\">&nbsp;&nbsp;\r\n\t\t\t<input class=\"button\" type=\"submit\" value=\"Delete Profile\" name=\"DeleteProfile\"></p>\r\n\t\t\t</div>\r\n\t</fieldset>\r\n\r\n\t</form>\r\n\r\n                        </div>\r\n</div>\r\n\r\n";
blobHtmlEcho($page);
Exemplo n.º 5
0
<?php

/*
 * blob is a micro-blogging service where you can share notices
 * about yourself with friends, family, and colleagues!
 *
 * Copyright (C) 2011  Avinash Joshi <*****@*****.**>
 *
 * This program is free software: you can redistribute it and/or modify
 * it under the terms of the GNU General Public License as published by
 * the Free Software Foundation, either version 3 of the License, or
 * (at your option) any later version.
 *
 * This program is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 * GNU General Public License for more details.
 *
 * You should have received a copy of the GNU General Public License
 * along with this program.  If not, see <http://www.gnu.org/licenses/>.
 */
define('BLOB_WEB_PAGE_TO_ROOT', '../');
require_once BLOB_WEB_PAGE_TO_ROOT . 'blob/includes/blobPage.inc.php';
blobRedirect(BLOB_WEB_PAGE_TO_ROOT . 'profile/view.php');
Exemplo n.º 6
0
                blobRegMessagePush("key", $key);
            }
            blobRedirect('join.php');
        }
    }
    $qry = "INSERT INTO users (user_id, first_name, last_name, user, password, sec_key, avatar) VALUES ( 'NULL', '{$fn}', '{$ln}', '{$user}', '{$pass}', '{$key}', '{$profUrl}') ;";
    $result = @mysql_query($qry) or die('<pre>' . mysql_error() . '</pre>');
    $user_id = blobGetUserID($user);
    $qry = "UPDATE `users` SET follow='{$user_id}' WHERE user='******';";
    $result = @mysql_query($qry) or die('<pre>' . mysql_error() . '</pre>');
    if ($result) {
        // Registration Successful...
        blobMessagePush("You have registered as '" . $user . "'");
        blobRedirect('login.php');
    }
    // Registration failed
    blobMessagePush("Registration failed");
    blobRedirect('join.php');
}
$fn_pop = blobRegMessagePop("fn");
$ln_pop = blobRegMessagePop("ln");
$user_pop = blobRegMessagePop("user");
$pass_pop = blobRegMessagePop("pass");
$key_pop = blobRegMessagePop("key");
$page = blobPageNewGrab();
$page['title'] .= $page['title_separator'] . 'Join';
$page['page_id'] = 'join';
$page['onload'] = "onLoad=\"document.form.firstname.focus()\"";
$page['body'] .= "                    <div class=\"body_padded\" align=\"center\">\r\n                        <h2>Join Greenify</h2>\r\n\r\n                        <div class=\"main_body_box\" style=\"width: 350px;\">\r\n                            <form action=\"join.php\" name=\"form\" method=\"post\" enctype=\"multipart/form-data\">\r\n\r\n\t<fieldset>\r\n\t<div style=\"float: left\">\r\n\t\t\t<input type=\"hidden\" size=\"20\" name=\"join.php\" value=\"join.php\">\r\n\t\t\t<label for=\"firstname\">First Name <font color=\"red\">*</font></label> <input type=\"text\" class=\"loginInput\" size=\"20\" name=\"firstname\" value=\"{$fn_pop}\"><br />\r\n\t\t\t<label for=\"lastname\">Last Name <font color=\"red\">*</font></label> <input type=\"text\" class=\"loginInput\" size=\"20\" name=\"lastname\" value=\"{$ln_pop}\"><br />\r\n\t\t\t<label for=\"user\">Username <font color=\"red\">*</font></label> <input type=\"text\" class=\"loginInput\" size=\"20\" name=\"username\" value=\"{$user_pop}\"><br />\r\n\t\t\t<label for=\"pass\">Password <font color=\"red\">*</font></label> <input type=\"password\" class=\"loginInput\" AUTOCOMPLETE=\"off\" size=\"20\" name=\"password\" value=\"{$pass_pop}\"><br />\r\n\t\t\t<label for=\"user\">Secret Key <font color=\"red\">*</font> <small>Will be used during password reset</small></label> <input type=\"text\" class=\"loginInput\" size=\"20\" name=\"key\" value=\"{$key_pop}\"><br />\r\n\t\t\t<label for=\"pass\">Profile Image <font color=\"red\">*</font></label> <input type=\"file\" class=\"loginInput\" class=\"button\" name=\"file\" id=\"file\" /><br />\r\n\t\t\t<p class=\"submit\"><input class=\"button\" type=\"submit\" value=\"Join\" name=\"Join\"></p>\r\n\t</div>\r\n\t</fieldset>\r\n\r\n\t</form>\r\n\r\n                        </div>\r\n</div>\r\n\r\n";
$right = "\r\n<center><b>Already have a blob account?</b><br /><br />\r\nEasy, free, and instant updates. Get access to the information that interests you most.\r\n<br><br>\r\n<div class=\"join\">\r\n<form action=\"login.php\">\r\n<input id=\"login\" value=\"Login!\" type=\"submit\">\r\n</form>\r\n</div>\r\n";
blobNoLoginHtmlEcho($page, $right);
Exemplo n.º 7
0
function blobPageReload()
{
    blobRedirect($_SERVER['PHP_SELF']);
}
Exemplo n.º 8
0
        blobRedirect('forgot.php');
    }
    $user = stripslashes($user);
    $user = mysql_real_escape_string($user);
    $pass = stripslashes($pass);
    $pass = mysql_real_escape_string($pass);
    $key = stripslashes($key);
    $key = mysql_real_escape_string($key);
    if (blobExistUser($user)) {
        $old_key = getSecKey($user);
        if ($old_key == $key) {
            $pass = md5($pass);
            $qry = "UPDATE `users` SET password='******' WHERE user='******';";
            $result = @mysql_query($qry) or die('<pre>' . mysql_error() . '</pre>');
            blobMessagePush("Password changed!");
            blobRedirect('login.php');
        } else {
            blobMessagePush("Security Key does not match!");
        }
    } else {
        blobMessagePush("This user does not exist!");
    }
    blobRedirect('forgot.php');
}
$page = blobPageNewGrab();
$page['title'] .= $page['title_separator'] . 'Forgot Password';
$page['page_id'] = 'forgotpass';
$page['onload'] = "onLoad=\"document.form.username.focus()\"";
$page['body'] .= "\r\n\t<div class=\"body_padded\" align=\"center\">\r\n\t\t<h2>Forgot Password!</h2>\r\n\t\t<div class=\"main_body_box\" style=\"width: 400px;\">\r\n\t\t\t<form action=\"forgot.php\" name=\"form\" method=\"post\" enctype=\"multipart/form-data\"> <fieldset>\r\n\t\t\t<input type=\"hidden\" name=\"forgot.php\" value=\"forgot.php\" />\r\n\t\t\t\t<div style=\"float: left\">\r\n\t\t\t\t\t<label for=\"username\">User Name <font color=\"red\">*</font></label> <input type=\"text\" class=\"loginInput\" size=\"20\" name=\"username\" value=\"\"><br />\r\n\t\t\t\t</div>\r\n\t\t\t\t<div style=\"float: left\">\r\n\t\t\t\t\t<label for=\"pass\">New Password <font color=\"red\">*</font></label> <input type=\"password\" class=\"loginInput\" AUTOCOMPLETE=\"off\" size=\"20\" name=\"password\">\r\n\t\t\t\t</div>\r\n\t\t\t\t<div style=\"float: left\">\r\n\t\t\t\t\t<label for=\"key\">Secret Key <font color=\"red\">*</font></label> <input type=\"text\" class=\"loginInput\" AUTOCOMPLETE=\"off\" size=\"20\" name=\"key\">\r\n\t\t\t\t</div>\r\n\t\t\t\t<div style=\"float: left; width: 100%;\">\r\n\t\t\t\t\t<p class=\"submit\"><input class=\"button\" type=\"submit\" value=\"Change Password\" name=\"EditPassword\"></p>\r\n\t\t\t\t</div>\r\n\t\t\t</fieldset> </form>\r\n\t\t</div>\r\n\t</div>";
$right = "\r\n<center><strong>New to blob?</strong></center>\r\n<br />\r\n<div class=\"join\">\r\n<form action=\"register.php\">\r\n<input id=\"join\" value=\"Join!\" type=\"submit\">\r\n</form>\r\n</div><br />\r\n<center><b>Already have a blob account?</b><br /><br />\r\n<div class=\"join\">\r\n<form action=\"login.php\">\r\n<input id=\"login\" value=\"Login!\" type=\"submit\">\r\n</form>\r\n</div>\r\n<br /><br />Easy, free, and instant updates. Get access to the information that interests you most.\r\n";
blobNoLoginHtmlEcho($page, $right);
Exemplo n.º 9
0
 * blob is a micro-blogging service where you can share notices
 * about yourself with friends, family, and colleagues!
 *
 * Copyright (C) 2011  Avinash Joshi <*****@*****.**>
 *
 * This program is free software: you can redistribute it and/or modify
 * it under the terms of the GNU General Public License as published by
 * the Free Software Foundation, either version 3 of the License, or
 * (at your option) any later version.
 *
 * This program is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 * GNU General Public License for more details.
 *
 * You should have received a copy of the GNU General Public License
 * along with this program.  If not, see <http://www.gnu.org/licenses/>.
 */
define('BLOB_WEB_PAGE_TO_ROOT', '');
require_once BLOB_WEB_PAGE_TO_ROOT . 'blob/includes/blobPage.inc.php';
if (!blobIsLoggedIn()) {
    // The user shouldn't even be on this page
    //	blobMessagePush( "You were not logged in!!" );
    blobRedirect('login.php');
}
blobLogout();
blobMessagePush("You have logged out");
blobRedirect('login.php');
?>

Exemplo n.º 10
0
 */
define('BLOB_WEB_PAGE_TO_ROOT', '../');
require_once BLOB_WEB_PAGE_TO_ROOT . 'blob/includes/blobPage.inc.php';
blobPageStartup(array('authenticated'));
$page = blobPageNewGrab();
$page['title'] .= $page['title_separator'] . 'View Profile';
$page['page_id'] = 'viewprofile';
blobDatabaseConnect();
$user = blobCurrentUser();
if (isset($_GET['user']) && $_GET['user'] != $user) {
    $user = $_GET['user'];
    //$user = mysql_real_escape_string($user);
    // Check if the user exists
    if (!blobExistUser($user)) {
        blobMessagePush("'" . $user . "' does not exist!");
        blobRedirect('view.php');
    }
    $fullName = blobGetUserFullName($user);
    $avatar = getAvatar($user);
    $followHTML = blobCanFollowHTML($user);
    if (blobCanFollow($user)) {
        $showStatusHTML = "<div id=\"comments_main\"><div id=\"comments\"><pre width=\"77\">You will be able to see his updates only if you follow the user!</pre> </div></div>";
    } else {
        $showStatusHTML = blobShowUserStatus($user);
    }
    $page['body'] .= "\r\n<div class=\"body_padded\">\r\n\t<h2>User Profile: {$user}</h2>\r\n\r\n\t<div class=\"vulnerable_code_area\">\r\n\t\t<div style=\"float: left; padding-right: 10px; border-right: 2px solid #C0C0C0;\">\r\n\t\t\t<img src=\"{$avatar}\" width=\"100\" />\r\n\t\t</div>\r\n\t\t<div style=\"margin-left: 120px;\">\r\n\t\t\t{$fullName}\r\n\t\t\t<br /><br />\r\n\t\t\t{$followHTML}\r\n\t\t</div>\r\n\t</div>\r\n\r\n\t<div class=\"clear\"></div>\r\n\t<pre>User's status updates:</pre>\r\n\t{$showStatusHTML}\r\n\t<br /><br /><br />\r\n\r\n</div>\r\n";
} else {
    $user_id = blobGetUserID($user);
    $fullName = blobGetUserFullName($user);
    $avatar = getAvatar($user);
    $showStatusHTML = blobShowUserStatus($user);
Exemplo n.º 11
0
require_once BLOB_WEB_PAGE_TO_ROOT . 'blob/includes/blobPage.inc.php';
blobPageStartup(array('authenticated'));
$page = blobPageNewGrab();
$page['title'] .= $page['title_separator'] . 'What\'s on your mind?';
$page['page_id'] = 'home';
$page['onload'] = "onLoad=\"document.statusupdate.statusMsg.focus()\"";
blobDatabaseConnect();
$user = blobCurrentUser();
$user_id = blobGetUserID($user);
if (isset($_POST['btnUpdate'])) {
    if ($_POST['statusMsg'] == "") {
        blobMessagePush("Status cannot be empty!");
        blobRedirect('index.php');
    }
    $message = trim($_POST['statusMsg']);
    // Sanitize message input
    $message = stripslashes($message);
    $message = mysql_real_escape_string($message);
    // Sanitize name input
    $name = mysql_real_escape_string($name);
    $query = "INSERT INTO status (user_id, status, date_set) VALUES ('{$user_id}','{$message}', NOW());";
    $result = mysql_query($query) or die('<pre>' . mysql_error() . '</pre>');
}
if (isset($_GET['delete'])) {
    $status_id = $_GET['delete'];
    $status = blobDeleteStatus($status_id);
    blobMessagePush($status);
    blobRedirect('index.php');
}
$page['body'] .= "\r\n\t<div class=\"body_padded\">\r\n\t\t<h2>What's on your mind?</h2>\r\n\t\t<div class=\"vulnerable_code_area\">\r\n\t\t\t<form method=\"post\" name=\"statusupdate\">\r\n\t\t\t\t<input type=\"hidden\" name=\"index.php\" value=\"index.php\" />\r\n\t\t\t\t<table width=\"550\" border=\"0\" cellpadding=\"2\" cellspacing=\"1\">\r\n\t\t\t\t\t<tr>\r\n\t\t\t\t\t\t<td><textarea style=\"padding: 5px;\" name=\"statusMsg\" cols=\"60\" rows=\"3\" maxlength=\"140\"></textarea></td>\r\n\t\t\t\t\t</tr>\r\n\t\t\t\t\t<tr>\r\n\t\t\t\t\t\t<td><input class=\"button\" name=\"btnUpdate\" type=\"submit\" value=\"Update Status\" > ( Max 140 characters )</td>\r\n\t\t\t\t\t</tr>\r\n\t\t\t\t</table>\r\n\t\t\t</form>\r\n\t\t</div>\r\n\t\t<div class=\"clear\"></div>\r\n\t\t<pre>Your previous status updates:</pre>\r\n\t\t" . blobShowUserStatus($user) . "\r\n\t\t<br />\r\n\t</div>";
blobHtmlEcho($page);