streams/Code/Widget/Photo.php

<?php

namespace Code\Widget;

class Photo
{


    /**
     * @brief Widget to display a single photo.
     *
     * @param array $arr associative array with
     *    * \e string \b src URL of photo; URL must be an http or https URL
     *    * \e boolean \b zrl use zid in URL
     *    * \e string \b style CSS string
     *
     * @return string with parsed HTML
     */

    public function widget($arr)
    {

        $style = $zrl = false;

        if (array_key_exists('src', $arr) && isset($arr['src'])) {
            $url = $arr['src'];
        }

        if (strpos($url, 'http') !== 0) {
            return '';
        }

        if (array_key_exists('style', $arr) && isset($arr['style'])) {
            $style = $arr['style'];
        }

        // ensure they can't sneak in an eval(js) function

        if (strpbrk($style, '(\'"<>') !== false) {
            $style = '';
        }

        if (array_key_exists('zrl', $arr) && isset($arr['zrl'])) {
            $zrl = (($arr['zrl']) ? true : false);
        }

        if ($zrl) {
            $url = zid($url);
        }

        $o = '<div class="widget">';

        $o .= '<img ' . (($zrl) ? ' class="zrl" ' : '')
            . (($style) ? ' style="' . $style . '"' : '')
            . ' src="' . $url . '" alt="' . t('photo/image') . '">';

        $o .= '</div>';

        return $o;
    }
}
the rest of the standard widgets converted 2017-03-17 00:11:48 +00:00			`<?php`

it's done 2022-02-16 04:08:28 +00:00			`namespace Code\Widget;`
the rest of the standard widgets converted 2017-03-17 00:11:48 +00:00
psr12 updates 2021-12-02 23:02:31 +00:00			`class Photo`
			`{`
the rest of the standard widgets converted 2017-03-17 00:11:48 +00:00

psr12 updates 2021-12-02 23:02:31 +00:00			`/**`
			`* @brief Widget to display a single photo.`
			`*`
			`* @param array $arr associative array with`
			`* * \e string \b src URL of photo; URL must be an http or https URL`
			`* * \e boolean \b zrl use zid in URL`
			`* * \e string \b style CSS string`
			`*`
			`* @return string with parsed HTML`
			`*/`
the rest of the standard widgets converted 2017-03-17 00:11:48 +00:00
psr12 updates 2021-12-02 23:02:31 +00:00			`public function widget($arr)`
			`{`
the rest of the standard widgets converted 2017-03-17 00:11:48 +00:00
psr12 updates 2021-12-02 23:02:31 +00:00			`$style = $zrl = false;`
the rest of the standard widgets converted 2017-03-17 00:11:48 +00:00
psr12 rewrites, continued 2021-12-03 03:01:39 +00:00			`if (array_key_exists('src', $arr) && isset($arr['src'])) {`
psr12 updates 2021-12-02 23:02:31 +00:00			`$url = $arr['src'];`
psr12 rewrites, continued 2021-12-03 03:01:39 +00:00			`}`
the rest of the standard widgets converted 2017-03-17 00:11:48 +00:00
psr12 rewrites, continued 2021-12-03 03:01:39 +00:00			`if (strpos($url, 'http') !== 0) {`
psr12 updates 2021-12-02 23:02:31 +00:00			`return '';`
psr12 rewrites, continued 2021-12-03 03:01:39 +00:00			`}`
the rest of the standard widgets converted 2017-03-17 00:11:48 +00:00
psr12 rewrites, continued 2021-12-03 03:01:39 +00:00			`if (array_key_exists('style', $arr) && isset($arr['style'])) {`
psr12 updates 2021-12-02 23:02:31 +00:00			`$style = $arr['style'];`
psr12 rewrites, continued 2021-12-03 03:01:39 +00:00			`}`
the rest of the standard widgets converted 2017-03-17 00:11:48 +00:00
psr12 updates 2021-12-02 23:02:31 +00:00			`// ensure they can't sneak in an eval(js) function`
the rest of the standard widgets converted 2017-03-17 00:11:48 +00:00
psr12 rewrites, continued 2021-12-03 03:01:39 +00:00			`if (strpbrk($style, '(\'"<>') !== false) {`
psr12 updates 2021-12-02 23:02:31 +00:00			`$style = '';`
psr12 rewrites, continued 2021-12-03 03:01:39 +00:00			`}`
the rest of the standard widgets converted 2017-03-17 00:11:48 +00:00
psr12 rewrites, continued 2021-12-03 03:01:39 +00:00			`if (array_key_exists('zrl', $arr) && isset($arr['zrl'])) {`
psr12 updates 2021-12-02 23:02:31 +00:00			`$zrl = (($arr['zrl']) ? true : false);`
psr12 rewrites, continued 2021-12-03 03:01:39 +00:00			`}`
the rest of the standard widgets converted 2017-03-17 00:11:48 +00:00
psr12 rewrites, continued 2021-12-03 03:01:39 +00:00			`if ($zrl) {`
psr12 updates 2021-12-02 23:02:31 +00:00			`$url = zid($url);`
psr12 rewrites, continued 2021-12-03 03:01:39 +00:00			`}`
the rest of the standard widgets converted 2017-03-17 00:11:48 +00:00
psr12 updates 2021-12-02 23:02:31 +00:00			`$o = '<div class="widget">';`
the rest of the standard widgets converted 2017-03-17 00:11:48 +00:00
psr12 updates 2021-12-02 23:02:31 +00:00			`$o .= '<img ' . (($zrl) ? ' class="zrl" ' : '')`
			`. (($style) ? ' style="' . $style . '"' : '')`
			`. ' src="' . $url . '" alt="' . t('photo/image') . '">';`
the rest of the standard widgets converted 2017-03-17 00:11:48 +00:00
psr12 updates 2021-12-02 23:02:31 +00:00			`$o .= '</div>';`
the rest of the standard widgets converted 2017-03-17 00:11:48 +00:00
psr12 updates 2021-12-02 23:02:31 +00:00			`return $o;`
			`}`
the rest of the standard widgets converted 2017-03-17 00:11:48 +00:00			`}`