296 posts
  • Has been part of the Envato Community for over 2 years
  • Sells items exclusively on Envato Market
crossroad says

For example I’m creating in a theme a gallery with images either from external sources or from any folder from the WP installation. WP can’t handle them if they’re not inside the wp path and since they weren’t uploaded via the media library or set as featured image to any post, how would I resize them? Timthumb does this job just great so I really can’t see any issue why this won’t be approved. Timthumb also works great for youtube / vimeo thumbs.

That’s what I asked that how does TimThumb resizes them? Does it crop the image to create an additional copy of the image with your defined size and upload to your server, or how it does?

496 posts
  • Has referred 1000+ members
  • Has sold $250,000+ on Envato Market
  • Has collected 10+ items on Envato Market
  • Elite Author: Sold more than $75,000 on Envato Market
+8 more
pixelentity says

To serve static images using php is just a massive waste of resources. Additionally, scripts which relies on url parameters are exploitable by nature: what if somebody just manually rewrites them by using random values for width and height ? a new image will be created each time, eating cpu cycles and storage.

1797 posts Don't Worry, Be Happy
  • Sells items exclusively on Envato Market
  • Elite Author: Sold more than $75,000 on Envato Market
  • Located in United States
  • Made it to the Authors' Hall of Fame
+8 more
FinalDestiny says

To serve static images using php is just a massive waste of resources. Additionally, scripts which relies on url parameters are exploitable by nature: what if somebody just manually rewrites them by using random values for width and height ? a new image will be created each time, eating cpu cycles and storage.

Then what’s the alternative? WP’s limitation only for images that are hosted in the uploads folder is definitely not good. As for external images, there’s no way to create a thumbnail from external images, this is a major -

296 posts
  • Has been part of the Envato Community for over 2 years
  • Sells items exclusively on Envato Market
crossroad says

Then what’s the alternative? WP’s limitation only for images that are hosted in the uploads folder is definitely not good. As for external images, there’s no way to create a thumbnail from external images, this is a major -

Why won’t you use the WordPress image sizing function? For the external images, you can resize them with the css? If some user does not want to use css resizing as it deforms the images, they can regenerate the thumbs using any plugin?

753 posts
  • Power Elite Author: Sold more than $1M on Envato Market
  • Has been part of the Envato Community for over 4 years
  • Has sold $1M+ on Envato Market and is now a Power Elite Author
  • Made it to the Authors' Hall of Fame
+5 more
Dream-Theme says

To serve static images using php is just a massive waste of resources. Additionally, scripts which relies on url parameters are exploitable by nature: what if somebody just manually rewrites them by using random values for width and height ? a new image will be created each time, eating cpu cycles and storage.

Every word is true. But “scripts which relies on url parameters are exploitable by nature” != exiting security issues.

1485 posts
  • Has referred 1+ members
  • Has sold $10,000+ on Envato Market
  • Has collected 10+ items on Envato Market
  • Made it to the Authors' Hall of Fame
+3 more
OriginalEXE says


To serve static images using php is just a massive waste of resources. Additionally, scripts which relies on url parameters are exploitable by nature: what if somebody just manually rewrites them by using random values for width and height ? a new image will be created each time, eating cpu cycles and storage.
Then what’s the alternative? WP’s limitation only for images that are hosted in the uploads folder is definitely not good. As for external images, there’s no way to create a thumbnail from external images, this is a major -
Can’t you just download the image to host via curl/file_get_contents, use WP FileSystem API to save it to uploads folder and then generate thumbs?
173 posts
  • Has been part of the Envato Community for over 2 years
  • Has sold $100+ on Envato Market
  • Has collected 10+ items on Envato Market
  • Sells items exclusively on Envato Market
+1 more
kungfu-themes says

I’m curious as to why you’re not just embedding the youtube videos directly, rather than using a thumbnail?

Additionally, why would you want to use images from external sources, perhaps with the exception of sites like flicker which must have their own resizing options/api.

And for images that are already in the wp-image folder but not resized, perhaps you could just recursively call that function on all the images in that directory?

496 posts
  • Has referred 1000+ members
  • Has sold $250,000+ on Envato Market
  • Has collected 10+ items on Envato Market
  • Elite Author: Sold more than $75,000 on Envato Market
+8 more
pixelentity says

Every word is true. But “scripts which relies on url parameters are exploitable by nature” != exiting security issues.
It depends on your concept of security. The latest exploit allowed arbitrary code execution but, even if that was patched, due the nature of the script, i could still be able to bring your server on knees by requesting all possible combinations of width/height for one or multiple images. This still qualifies as security issue for me.

The problem is not really timthumb using custom code to generate the image but the script doing it when image itself is requested instead of at page rendering time (like aqua resizer does for instance).

This may be sound optimal at a first glance (to only generate a thumbnail when it’s requested) but you lose control on the parameters which is far worst than creating more thumbnails than you need at a given time.

1204 posts
  • Has been part of the Envato Community for over 4 years
  • Has sold $40,000+ on Envato Market
  • Has been a beta tester for an Envato feature
  • Has collected 50+ items on Envato Market
+5 more
Smartik says

I’m curious as to why you’re not just embedding the youtube videos directly, rather than using a thumbnail?

Additionally, why would you want to use images from external sources, perhaps with the exception of sites like flicker which must have their own resizing options/api.

And for images that are already in the wp-image folder but not resized, perhaps you could just recursively call that function on all the images in that directory?

for example if I want to use images from youtube, vimeo and dailymotion, they should be resized because default thumbnails from each site has different sizes. OriginalEXE’s answer I find to be the best solution so far.

2643 posts Community Team
  • Provided great feedback to improve the user experience on Envato Market
  • Member of the Envato Team
  • Helped several times protecting Envato Market against copyright violations
  • Contributed a tutorial on Tuts+
+19 more
contrastblack Envato team says

Hi guys,

just wanted to let you know that I have forwarded this thread to the appropriate Staff and will be following up on the matter shortly.

L.E: The matter has been brought to the attention of the Review Team, and a Notes Post should be up as soon as a common ground has been reached. In the meanwhile please try to stick to the official Codex as much as possible.

Once again, thank you for your feedback. I will probably bump the thread once the Notes post goes up.

Cheers.

by
by
by
by
by
by