Using TimThumb Part 2: External Websites

Of all the TimThumb feature requests the most popular are being able to crop an image from a specified location, and being able to load images from external websites. Resizing images from external images was added at the start of 2010 and seems to be working really well.

Like all things TimThumb I tried to make it as easy as possible to use the external images feature, however I had to keep security in mind. Opening up external resizing would potentially open up the opportunity to inject code onto peoples websites. My solution to this was to restrict the sites that have resizable images to a select few.

By default TimThumb can resize images hosted on flickr.com, picasa.com, blogger.com, wordpress.com, and img.youtube.com. In my experience these are the sites people request to be able to resize from the most (actually Flickr is the most popular – I thought the others might be useful).

If you want to change this list yourself you will need to open up timthumb.php in your favorite text editor (notepad is fine) then find and update the $allowedSites array.

Usage

Usage for this feature is nice and easy. You use the same commands as you would when resizing any other image. Just specify the src parameter as mentioned in the Getting Started with TimThumb article and you will be golden.

Potential Problems

There are two areas where there could be problems with offsite image resizing.

1. Folder Permissions. Accessing the external images can be slow so they are stored in the cache directory setup in getting started article. For this to work the ‘cache’ directory must be created in the same directory as timthumb.php and it must have it’s file permissions set to 775.
2. Allowed Site Restrictions. As I mentioned earlier in this article there is a list of websites inside the TimThumb script and if you are trying to resize an image that is not on an allowed domain then it simply won’t work.