Nevermind, I've fixed my own problem. If, in the future, anyone needs the solution:

Options +FollowSymLinks
RewriteEngine On
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{REQUEST_FILENAME} !-l
RewriteRule ^([a-z0-9_-]+)/?([a-z0-9_-]+)?/?$ image.php?user=$1&template=$2 [NC,L]

Unless there's some way of making this more efficient.

Don't use the "-l" check unless you know for a fact that you use symbolically-linked files.

Make the RewriteRule pattern as specific as possible, so that the CPU-intensive "exists" checks only run when absolutely required (RewriteConds are only processed if the RewriteRule pattern matches). These checks must call the file system, and depending on caching, may invoke a physical disk read, so avoid them at all costs, especially on busy and/or shared servers.

Jim

The RewriteRule is as specific as I can see making it, since it has to process variable user and template names so the PHP renders properly. I would add length checks, but I don't want the script to 404 if the length is incorrect, that is all handled by the PHP.

Thanks for the heads-up about -l, I'll remove that. I have never used file checks before, so I went ahead and used all three "just in case".