Hello,
First of all - thanks for this function.
Anyway - I figured out some errors/enhancements:
1. It is:
if (!in_array($size,$sizes)) {
should be:
if (!in_array($size,$allowed)) {
2. You should quit script on the first error - or the thumb will be generated no matter there is an error. I've created a function:
function exit_on_error($error) {
header("HTTP/1.0 404 Not Found");
echo 'Not Found';
echo '
The image you requested could not be found.
';
echo "
An error was triggered: $error
";
}
and you should use it on each error:
if (!$_GET['thumb']) {
die (exit_on_error('no thumb'));
}
3. And little more security on input:
// get the thumbnail from the URL
$thumb = strip_tags(htmlspecialchars($_GET['thumb']));
Errors
Hello,
First of all - thanks for this function.
Anyway - I figured out some errors/enhancements:
1. It is:
if (!in_array($size,$sizes)) {
should be:
if (!in_array($size,$allowed)) {
2. You should quit script on the first error - or the thumb will be generated no matter there is an error. I've created a function:
function exit_on_error($error) {
header("HTTP/1.0 404 Not Found");
echo 'Not Found';
echo '
The image you requested could not be found.
';
echo "
An error was triggered: $error
";
}
and you should use it on each error:
if (!$_GET['thumb']) {
die (exit_on_error('no thumb'));
}
3. And little more security on input:
// get the thumbnail from the URL
$thumb = strip_tags(htmlspecialchars($_GET['thumb']));