TimThumb Configurations

TimThumb is no longer supported or maintained.
More information →

As a TimThumb user, making changes to the settings has always been a bit of a pain. It’s possible, of course, but if you make changes – and then want to update the script – then you have to make all the changes again.

To try and combat this, one of the things we did when creating TimThumb 2.0 is introduce a config file. This is a file that you can add to the same directory as timthumb.php, and use it to override the built in settings.

The file should be called timthumb-config.php and would contain a series of defines that change the default settings. The file is a PHP file and so should contain PHP code – I will add a small example at the bottom of this page.

There are a whole bunch of settings that are not controlled by the normal query string parameters.

constant values What it does
DEBUG_ON true/ false Turn on debug logging to the standard PHP error log
DEBUG_LEVEL 1, 2, 3 Debug level 1 is less noisy and level 3 is the most noisy
MEMORY_LIMIT 30M Set the PHP Memory Limit (30M = 30 Megabytes). Higher numbers means larger images can be resized, but also uses more server resources so may slow down your website
BLOCK_EXTERNAL_LEECHERS true, fale Stop external websites from linking to you and display ‘no linking’ image instead
ALLOW_EXTERNAL true/ false Allow images from external sites to be resized. Restricted to the images defined in the $allowed_sites array.
ALLOW_ALL_EXTERNAL_SITES true/ false Allow external images to be resized from ANY website. Note that this could be less secure!
FILE_CACHE_ENABLED true/ false Should we cache the files on disk to speed up your website? (hint: the answer is yes, unless you’re testing/ developing things! :))
FILE_CACHE_TIME_BETWEEN_CLEANS 86400 (milliseconds) TimThumb automatically cleans up the cached files. This defines the amount of time between the different the cache cleaning.
FILE_CACHE_MAX_FILE_AGE 86400 (milliseconds) How old should a file be before it’s cleaned?
FILE_CACHE_SUFFIX .timthumb.txt What to put at the end of all files in the cache directory so we can identify them easily
FILE_CACHE_PREFIX timthumb What to put at the start of the cache files so we can identify them easily
FILE_CACHE_DIRECTORY ./cache the name of the image cache directory. Left blank it will use the system temporary directory (which is better for security, but is not supported by all web hosts)
MAX_FILE_SIZE 10485760 10 Megs is 10485760. This is the max internal or external file size that we’ll process
CURL_TIMEOUT 20 Timeout duration for Curl. This only applies if you have Curl installed and aren’t using PHP’s default URL fetching mechanism.
WAIT_BETWEEN_FETCH_ERRORS 20 Time to wait between errors fetching remote file.
BROWSER_CACHE_MAX_AGE 864000 Browser cache duration (to prevent images from being reloaded more than once – the higher the number the better).
BROWSER_CACHE_DISABLE true/ false Use for testing if you want to disable browser caching.
MAX_WIDTH 1500 Put a sensible limit of the width of the resized image (so that crazy large images can’t be created)
MAX_HEIGHT 1500 Put a sensible limit of the height of the resized image (so that crazy large images can’t be created)
NOT_FOUND_IMAGE null Image to display if a 404 error occurs, instead of showing an error message
ERROR_IMAGE null Image to display if an error occurs, instead of showing an error message
PNG_IS_TRANSPARENT null Define if a png image should have a transparent background color. Use False value if you want to display a custom coloured canvas_colour

The following settings alter the default values for the standard query string parameters.

constant values What it does
DEFAULT_Q 90 Default image compression level (Q = quality)
DEFAULT_ZC 1 Default zoom crop value – more info about the zoom crop settings can be found here
DEFAULT_F null Default image filter – more info about the filter settings can be found here
DEFAULT_S 0 Default value for sharpening an image
DEFAULT_CC ffffff Default value for the canvas colour. This is used when editing the zc values in your image. More info here.

Example

Since it’s a PHP file the code should use the standard PHP format.

An example config would be something like:

<?php
define('ALLOW_ALL_EXTERNAL_SITES', true);
?>

Let me know what you think on Mastodon, or BlueSky (or Twitter X if you must).

Related Posts

04 Nov 2010

TimThumb Troubleshooting Secrets

I often get asked questions about TimThumb and why it doesn’t work in certain situations. I can generally tell what is wrong with the script within about 60 seconds of being sent a demo url. Below are my top tips...
05 Aug 2010

Using TimThumb part 1: Getting Started

TimThumb has always been built with simplicity in mind. However there are a few things it can do that have not been exposed before.Inspired by a comment from RBhavesh I have decided to write a series of posts in which...
19 Aug 2010

Using TimThumb Part 3: Image Filters

So far I have documented the basic TimThumb functionality, and how to resize images that are on external domains and now things can get interesting. In this part I will talk about some of the features that have been available...
01 Jul 2014

I No Longer Use TimThumb – Here’s What I do Instead

Last week there was a second exploit found in TimThumb. Thankfully it was no-where near as bad as the first one – but it raised an interesting question of whether TimThumb is even needed anymore.TimThumb was made to be useful...
05 Mar 2024

TimThumb Image Resizer and Website Security

My friend Alex Denning recently asked me to write some bits about TimThumb for an article he was putting together.The main purpose of TimThumb was to dynamically resize images on websites, making it easier for web developers to manage their...