function blobUserList()
{
$query = "SELECT first_name,last_name,user,avatar comment FROM users";
$result = mysql_query($query);
$userList = '';
while ($row = mysql_fetch_row($result)) {
$fullName = $row[0] . ' ' . $row[1];
$profilepage = BLOB_WEB_PAGE_TO_ROOT . 'profile/view.php?user=' . $row[2];
$profileUrl = blobInternalLinkUrlGet($profilepage, $fullName);
$avatar = getAvatar($row[2]);
$avatarImage = "<img src=\"{$avatar}\" width=\"100\" />";
$followHTML = blobCanFollowHTML($row[2]);
$userList .= "\r\n\t\t<div class=\"user-list\">\r\n\t\t\t<div style=\"float: left; padding-right: 10px; border-right: 2px solid #C0C0C0; height: 100px;\">\r\n\t\t\t\t{$avatarImage}\r\n\t\t\t</div>\r\n\t\t\t<div style=\"margin-left: 120px;\">\r\n\t\t\t\t{$profileUrl}\r\n\t\t\t\t<br /><br />\r\n\t\t\t\t{$followHTML}\r\n\t\t\t</div>\r\n\t\t</div>";
}
return $userList;
}
$page = blobPageNewGrab();
$page['title'] .= $page['title_separator'] . 'View Profile';
$page['page_id'] = 'viewprofile';
blobDatabaseConnect();
$user = blobCurrentUser();
if (isset($_GET['user']) && $_GET['user'] != $user) {
$user = $_GET['user'];
//$user = mysql_real_escape_string($user);
// Check if the user exists
if (!blobExistUser($user)) {
blobMessagePush("'" . $user . "' does not exist!");
blobRedirect('view.php');
}
$fullName = blobGetUserFullName($user);
$avatar = getAvatar($user);
$followHTML = blobCanFollowHTML($user);
if (blobCanFollow($user)) {
$showStatusHTML = "<div id=\"comments_main\"><div id=\"comments\"><pre width=\"77\">You will be able to see his updates only if you follow the user!</pre> </div></div>";
} else {
$showStatusHTML = blobShowUserStatus($user);
}
$page['body'] .= "\r\n<div class=\"body_padded\">\r\n\t<h2>User Profile: {$user}</h2>\r\n\r\n\t<div class=\"vulnerable_code_area\">\r\n\t\t<div style=\"float: left; padding-right: 10px; border-right: 2px solid #C0C0C0;\">\r\n\t\t\t<img src=\"{$avatar}\" width=\"100\" />\r\n\t\t</div>\r\n\t\t<div style=\"margin-left: 120px;\">\r\n\t\t\t{$fullName}\r\n\t\t\t<br /><br />\r\n\t\t\t{$followHTML}\r\n\t\t</div>\r\n\t</div>\r\n\r\n\t<div class=\"clear\"></div>\r\n\t<pre>User's status updates:</pre>\r\n\t{$showStatusHTML}\r\n\t<br /><br /><br />\r\n\r\n</div>\r\n";
} else {
$user_id = blobGetUserID($user);
$fullName = blobGetUserFullName($user);
$avatar = getAvatar($user);
$showStatusHTML = blobShowUserStatus($user);
$profileUrl = BLOB_WEB_PAGE_TO_ROOT;
$user = $user . " (that's me!)";
$page['body'] .= "\r\n<div class=\"body_padded\">\r\n\t<h2>User Profile: {$user}</h2>\r\n\r\n\t<div class=\"vulnerable_code_area\">\r\n\t\t<div style=\"float: left; padding-right: 10px; border-right: 2px solid #C0C0C0;\">\r\n\t\t\t<img src=\"{$avatar}\" width=\"100\" />\r\n\t\t</div>\r\n\t\t<div style=\"margin-left: 120px;\">\r\n\t\t\t{$fullName}\r\n\t\t\t<br /><br />\r\n\t\t\t<input class=\"button\" name=\"btnUpdate\" type=\"submit\" value=\"Update your status\" onclick=\"window.location='{$profileUrl}'\">\r\n\t\t</div>\r\n\t</div>\r\n\r\n\t<div class=\"clear\"></div>\r\n\t<pre>Your previous status updates:</pre>\r\n\t{$showStatusHTML}\r\n\t<br /><br /><br />\r\n\r\n</div>\r\n";
}
