1: <?php
  2: /**
  3:  * Smarty plugin
  4:  *
  5:  * @package    Smarty
  6:  * @subpackage PluginsFunction
  7:  */
  8: 
  9: /**
 10:  * Smarty {html_image} function plugin
 11:  * Type:     function<br>
 12:  * Name:     html_image<br>
 13:  * Date:     Feb 24, 2003<br>
 14:  * Purpose:  format HTML tags for the image<br>
 15:  * Examples: {html_image file="/images/masthead.gif"}<br>
 16:  * Output:   <img src="/images/masthead.gif" width=400 height=23><br>
 17:  * Params:
 18:  * <pre>
 19:  * - file        - (required) - file (and path) of image
 20:  * - height      - (optional) - image height (default actual height)
 21:  * - width       - (optional) - image width (default actual width)
 22:  * - basedir     - (optional) - base directory for absolute paths, default is environment variable DOCUMENT_ROOT
 23:  * - path_prefix - prefix for path output (optional, default empty)
 24:  * </pre>
 25:  *
 26:  * @link    http://www.smarty.net/manual/en/language.function.html.image.php {html_image}
 27:  *          (Smarty online manual)
 28:  * @author  Monte Ohrt <monte at ohrt dot com>
 29:  * @author  credits to Duda <duda@big.hu>
 30:  * @version 1.0
 31:  *
 32:  * @param array                    $params   parameters
 33:  * @param Smarty_Internal_Template $template template object
 34:  *
 35:  * @throws SmartyException
 36:  * @return string
 37:  * @uses    smarty_function_escape_special_chars()
 38:  */
 39: function smarty_function_html_image($params, $template)
 40: {
 41:     require_once(SMARTY_PLUGINS_DIR . 'shared.escape_special_chars.php');
 42: 
 43:     $alt = '';
 44:     $file = '';
 45:     $height = '';
 46:     $width = '';
 47:     $extra = '';
 48:     $prefix = '';
 49:     $suffix = '';
 50:     $path_prefix = '';
 51:     $basedir = isset($_SERVER['DOCUMENT_ROOT']) ? $_SERVER['DOCUMENT_ROOT'] : '';
 52:     foreach ($params as $_key => $_val) {
 53:         switch ($_key) {
 54:             case 'file':
 55:             case 'height':
 56:             case 'width':
 57:             case 'dpi':
 58:             case 'path_prefix':
 59:             case 'basedir':
 60:                 $$_key = $_val;
 61:                 break;
 62: 
 63:             case 'alt':
 64:                 if (!is_array($_val)) {
 65:                     $$_key = smarty_function_escape_special_chars($_val);
 66:                 } else {
 67:                     throw new SmartyException ("html_image: extra attribute '$_key' cannot be an array", E_USER_NOTICE);
 68:                 }
 69:                 break;
 70: 
 71:             case 'link':
 72:             case 'href':
 73:                 $prefix = '<a href="' . $_val . '">';
 74:                 $suffix = '</a>';
 75:                 break;
 76: 
 77:             default:
 78:                 if (!is_array($_val)) {
 79:                     $extra .= ' ' . $_key . '="' . smarty_function_escape_special_chars($_val) . '"';
 80:                 } else {
 81:                     throw new SmartyException ("html_image: extra attribute '$_key' cannot be an array", E_USER_NOTICE);
 82:                 }
 83:                 break;
 84:         }
 85:     }
 86: 
 87:     if (empty($file)) {
 88:         trigger_error("html_image: missing 'file' parameter", E_USER_NOTICE);
 89: 
 90:         return;
 91:     }
 92: 
 93:     if ($file[0] == '/') {
 94:         $_image_path = $basedir . $file;
 95:     } else {
 96:         $_image_path = $file;
 97:     }
 98: 
 99:     // strip file protocol
100:     if (stripos($params['file'], 'file://') === 0) {
101:         $params['file'] = substr($params['file'], 7);
102:     }
103: 
104:     $protocol = strpos($params['file'], '://');
105:     if ($protocol !== false) {
106:         $protocol = strtolower(substr($params['file'], 0, $protocol));
107:     }
108: 
109:     if (isset($template->smarty->security_policy)) {
110:         if ($protocol) {
111:             // remote resource (or php stream, …)
112:             if (!$template->smarty->security_policy->isTrustedUri($params['file'])) {
113:                 return;
114:             }
115:         } else {
116:             // local file
117:             if (!$template->smarty->security_policy->isTrustedResourceDir($_image_path)) {
118:                 return;
119:             }
120:         }
121:     }
122: 
123:     if (!isset($params['width']) || !isset($params['height'])) {
124:         // FIXME: (rodneyrehm) getimagesize() loads the complete file off a remote resource, use custom [jpg,png,gif]header reader!
125:         if (!$_image_data = @getimagesize($_image_path)) {
126:             if (!file_exists($_image_path)) {
127:                 trigger_error("html_image: unable to find '$_image_path'", E_USER_NOTICE);
128: 
129:                 return;
130:             } elseif (!is_readable($_image_path)) {
131:                 trigger_error("html_image: unable to read '$_image_path'", E_USER_NOTICE);
132: 
133:                 return;
134:             } else {
135:                 trigger_error("html_image: '$_image_path' is not a valid image file", E_USER_NOTICE);
136: 
137:                 return;
138:             }
139:         }
140: 
141:         if (!isset($params['width'])) {
142:             $width = $_image_data[0];
143:         }
144:         if (!isset($params['height'])) {
145:             $height = $_image_data[1];
146:         }
147:     }
148: 
149:     if (isset($params['dpi'])) {
150:         if (strstr($_SERVER['HTTP_USER_AGENT'], 'Mac')) {
151:             // FIXME: (rodneyrehm) wrong dpi assumption
152:             // don't know who thought this up… even if it was true in 1998, it's definitely wrong in 2011.
153:             $dpi_default = 72;
154:         } else {
155:             $dpi_default = 96;
156:         }
157:         $_resize = $dpi_default / $params['dpi'];
158:         $width = round($width * $_resize);
159:         $height = round($height * $_resize);
160:     }
161: 
162:     return $prefix . '<img src="' . $path_prefix . $file . '" alt="' . $alt . '" width="' . $width . '" height="' . $height . '"' . $extra . ' />' . $suffix;
163: }
164: