Rezising image with TimThumb

Hello,

on some of my old websites using wordpress i used to use TimThumb library to rezise images. But, now i’m not using it anymore because it seems too risky.

But the thing is that i have these websites that are still using TimThumb and i need to modify that asap.

On these websites i was uploading images from the administration and storing images url as post meta (using Easy Content Type from Pippin Williamson) and then i was displaying images calling timthumb.php?url=get_post_meta(... etc…

So does anyone know how i can change that ? I mean displaying and rezising images just from the url with wordpress native functions ?

get_the_post_thumbnail() can be used just for the featured image or for an attachment, right? Not for specified urls?

so, is it possible to resize and display images from its url? and if yes how?

Many thanks!

You can create multiple custom image sizes in WP and regenerate the images. But then you’d have to put the URL for the each image (or image variation to be more precise) in by hand. I don’t know how many images you have but ….

Also, I’d recommend using featured images (post thumbnails) if you only need one image per post.

no, i can have about 20 images by post and all image are specified by a url in meta post. I should have used attachments but it’s too late.

What do you mean exactly by ? “But then you’d have to put the URL for the each image (or image variation to be more precise) in by hand.”

What about: http://codex.wordpress.org/Function_Reference/image_resize ?

If you have 20 images per post I’d suggest modifying TimThumb by hardcoding a few paths and making it a bit unique. That way you’re 99.9% safe from script kiddies and you don’t have to make a lot of changes.

Yes, it’s a good way to solvethe problem easily and quickly, but is it safier enough?

corsonr said
What about: http://codex.wordpress.org/Function_Reference/image_resize ?

This is for storing images. You have to resize the images on the fly.

The simplest, safest, cleanest way to handle the risizing of multiple image is certainly TimThumb. I’m using it right now for a new project.
I tried to use wordpress built-in resizing methods but aren’t effectives enough.

Don’t be scared by the buzz about TimThumb safe. It is constantly updated and has resolved all the issues came out months ago.

Just set cleverly the class parameters and you have done.

I leave blank the option for the cache (it will use the system global temporary path) and use a custom name for the file cache suffix and prefix.
Doing that nobody can know where you use TT.

corsonr said
Yes, it’s a good way to solvethe problem easily and quickly, but is it safier enough?

If you prevent the script from being able to open any file outside the folder you specify and to execute arbitrary code …. it’s as safe as it gets.

The thing is even with the latest timthumb version i got multiplres websites hacked with a trojan redirection. Nothing really dangerous but websites are then really slow (every php file is then modified…). Well ok, i’m going to change a bit timthumb code, hardcode some paths and be really carefull with options. Any tips about the best timthumb configuration?