Using TimThumb Part 2: External Websites

TimThumb is no longer supported or maintained.
More information →

Of all the TimThumb feature requests the most popular are being able to crop an image from a specified location, and being able to load images from external websites. Resizing images from external images was added at the start of 2010 and seems to be working really well.

Like all things TimThumb I tried to make it as easy as possible to use the external images feature, however I had to keep security in mind. Opening up external resizing would potentially open up the opportunity to inject code onto peoples websites. My solution to this was to restrict the sites that have resizable images to a select few.

By default TimThumb can resize images hosted on flickr.com, picasa.com, blogger.com, wordpress.com, and img.youtube.com. In my experience these are the sites people request to be able to resize from the most (actually Flickr is the most popular – I thought the others might be useful).

If you want to change this list yourself you will need to open up timthumb.php in your favorite text editor (notepad is fine) then find and update the $allowedSites array.

Usage

Usage for this feature is nice and easy. You use the same commands as you would when resizing any other image. Just specify the src parameter as mentioned in the Getting Started with TimThumb article and you will be golden.

Potential Problems

There are two areas where there could be problems with offsite image resizing.

  1. Folder Permissions. Accessing the external images can be slow so they are stored in the cache directory setup in getting started article. For this to work the ‘cache’ directory must be created in the same directory as timthumb.php and it must have it’s file permissions set to 775.
  2. Allowed Site Restrictions. As I mentioned earlier in this article there is a list of websites inside the TimThumb script and if you are trying to resize an image that is not on an allowed domain then it simply won’t work.

Let me know what you think on Mastodon, or BlueSky (or Twitter X if you must).

Related Posts

05 Aug 2010

Using TimThumb part 1: Getting Started

TimThumb has always been built with simplicity in mind. However there are a few things it can do that have not been exposed before.Inspired by a comment from RBhavesh I have decided to write a series of posts in which...
04 Nov 2010

TimThumb Troubleshooting Secrets

I often get asked questions about TimThumb and why it doesn’t work in certain situations. I can generally tell what is wrong with the script within about 60 seconds of being sent a demo url. Below are my top tips...
06 Jul 2009

A Brief History of TimThumb

When we were building Mimbo Pro – Darren came up with the idea of automating the image thumbnail resizing – and this was the idea that sparked the development of TimThumb.This was all part of making the theme site as...
05 Mar 2024

TimThumb Image Resizer and Website Security

My friend Alex Denning recently asked me to write some bits about TimThumb for an article he was putting together.The main purpose of TimThumb was to dynamically resize images on websites, making it easier for web developers to manage their...
11 Oct 2009

How to Make TimThumb Work With WordPress Multisite

TimThumb is a popular image resizing script that was created for Mimbo Pro – but it’s never worked properly with WordPress MU, so I wanted to change that.The reason it doesn’t work is quite simple. Because of the way WordPress...
19 Aug 2010

Using TimThumb Part 3: Image Filters

So far I have documented the basic TimThumb functionality, and how to resize images that are on external domains and now things can get interesting. In this part I will talk about some of the features that have been available...