It's a bug in the timthumb.php file. The script uses 2 regular expressions to change the src value from a "virtual" URL into the "system" path.
PHP Code:
// clean params before use
$src = $_REQUEST['src'];
// possibles?
//$src = preg_replace( "/^(\.+(\/|))+/", "", $src );
//$src = str_replace( "../", "", $src );
//$src = preg_replace( '/^(s?f|ht)tps?:\/\/[^\/]+/i', '', $src );
$src = preg_replace( "/(?:^\/+|\.{2,}\/+?)/", "", $src );
$src = preg_replace( '/^\w+:\/\/[^\/]+/', '', $src );
(the commented out "possibles" suggest the author has had problems with this, but regex isn't the easiest thing for lot's of people, so don't hold it against him)
The first preg_replace removes the leading slash from relative URLs like
/wp-content/uploads/cc/car_****_talk.jpg
And the second removes the "http://root" for absolute URLs like
http://talk-****.com/wp-content/uplo..._****_talk.jpg
Later on the script gets the system root and adds the rest back on
PHP Code:
// set document root
$doc_root = $_SERVER['DOCUMENT_ROOT'];
// get path to image on file system
$src = $doc_root . '/' . $src;
The problem is the code works for relative URLs but doesn't remove the leading slash from the "remainder" of the absolute URLs so the path becomes something like
http://talk-****.com//wp-content/upl..._****_talk.jpg
To make sure this will work with both types of URLs IMHO the best thing to do is hack the timthumb.php code so the second preg_replace also removes the "extra" leading slash
PHP Code:
// clean params before use
$src = $_REQUEST['src'];
// possibles?
//$src = preg_replace( "/^(\.+(\/|))+/", "", $src );
//$src = str_replace( "../", "", $src );
//$src = preg_replace( '/^(s?f|ht)tps?:\/\/[^\/]+/i', '', $src );
$src = preg_replace( "/(?:^\/+|\.{2,}\/+?)/", "", $src );
//$src = preg_replace( '/^\w+:\/\/[^\/]+/', '', $src );
$src = preg_replace( '/^\w+:\/\/[^\/]+\//', '', $src );
Originally Posted by Mittineague
Bookmarks