<% @this_user = User.find_by_display_name(@this_user.display_name) %>
-<h2><%= @this_user.display_name %></h2>
+<h2><%= h(@this_user.display_name) %></h2>
<div id="userinformation">
<% if @user and @this_user.id == @user.id %>
<%= link_to 'my diary', :controller => 'diary_entry', :action => 'list', :display_name => @user.display_name %>
<% end %>
</div>
+<h3>User image</h3>
+<% if @this_user.image %>
+ <%= image_tag url_for_file_column(@this_user, "image") %>
+<% end %>
+<br />
+
+<% if @user and @this_user.id == @user.id %>
+ Upload an image<br />
+ <%= form_tag({:action=>'upload_image'}, :multipart => true)%>
+ <%= file_column_field 'user', 'image' %>
+ <input type="submit" name="Upload" />
+ </form>
+<% end %>
+
+<h3>Description</h3>
<div id="description"><%= simple_format(@this_user.description) %></div>
<% if @this_user.home_lat.nil? or @this_user.home_lon.nil? %>
No home location has been set.
<% if @user and @this_user.id == @user.id %>
- You can set your home location on your <%= link_to 'settings', :controller => 'user', :action => 'account', :display_name => @user.display_name %> page.
+ If you set your location, a pretty map and stuff will appear below. You can set your home location on your <%= link_to 'settings', :controller => 'user', :action => 'account', :display_name => @user.display_name %> page.
<% end %>
<% else %>
<% @this_user.friends.each do |friend| %>
<% @friend = User.find_by_id(friend.friend_user_id) %>
<tr>
- <td class="username"><%= link_to @friend.display_name, :controller => 'user', :action => 'view', :display_name => @friend.display_name %></td>
+ <td class="image">
+ <% if @friend.image %>
+ <%= image_tag url_for_file_column(@friend, "image") %>
+ <% end %>
+ </td>
+ <td class="username"><%= link_to h(@friend.display_name), :controller => 'user', :action => 'view', :display_name => @friend.display_name %></td>
<td><% if @friend.home_lon and @friend.home_lat %><%= @this_user.distance(@friend).round %>km away<% end %></td>
<td class="message">(<%= link_to 'send message', :controller => 'message', :action => 'new', :user_id => @friend.id %>)</td>
</tr>
<table id="nearbyusers">
<% @this_user.nearby.each do |nearby| %>
<tr>
- <td class="username"><%= link_to nearby.display_name, :controller => 'user', :action => 'view', :display_name => nearby.display_name %></td>
+ <td class="username"><%= link_to h(nearby.display_name), :controller => 'user', :action => 'view', :display_name => nearby.display_name %></td>
<td><%= @this_user.distance(nearby).round %>km away</td>
<td class="message">(<%= link_to 'send message', :controller => 'message', :action => 'new', :user_id => nearby.id %>)</td>
</tr>