[theme-reviewers] TimThumb

Chip Bennett chip at chipbennett.net
Tue Oct 12 21:38:26 UTC 2010 

On Tue, Oct 12, 2010 at 3:24 PM, Radu Ganea <raduganea at raduganea.com> wrote:

> I am using some shared accounts of one of the "big hosting guys" out there
> with default setting "enabled".
>
> The use: there are lots of services / products offered through XML, why not
> take advantage of all that?
>
> Hotlinking is bad only if it's done by bad guys against good guys :)
> Although good guys can protect themselves easy enough.
> Good guys, on the other hand, can help each other.


> One more thing: after cropping the image, TimThumb serves the cached image
> instead, this way breaking the hotlink.
>
> I don't see this as a valid argument against using the core Post Thumbnail
functionality.

After all, which is easier: saving/uploading the desired image (and using
the familiar, core Featured Image UI), or copying/pasting an image URL into
a custom field to allow an external image to be featured?

Chip

On Tue, Oct 12, 2010 at 11:16 PM, Chip Bennett <chip at chipbennett.net> wrote:
>
>> External image as Post Thumbnail? Hotlinking images = bad. :)
>>
>> It's true: the core Post Thumbnail functionality requires the image to
>> exist in the WordPress database.
>>
>> What's the use-case for needing external images as Post Thumbnails?
>>
>> (And doesn't that require PHP to have allow_url_fopen() enabled? That's
>> not usually the default setting, is it?)
>>
>> Chip
>>
>>
>> On Tue, Oct 12, 2010 at 3:05 PM, Radu Ganea <raduganea at raduganea.com>wrote:
>>
>>> Hi guys,
>>>
>>> I don't know how to use the core thumbnailing function for external
>>> images. I can do that with TimThumb.
>>> Maybe I am not 100% familiar to the core thumbnail function
>>>
>>> Radu Ganea
>>>
>>>
>>>
>>> On Tue, Oct 12, 2010 at 11:01 PM, Edward Caissie <
>>> edward.caissie at gmail.com> wrote:
>>>
>>>> Perhaps the author(s)/developer(s) of timthumb should be asked what
>>>> makes it so special verus the_post_thumbnail?
>>>>
>>>> As you wrote, there may be something we are missing on why it should be
>>>> used ...
>>>>
>>>>
>>>> Cais.
>>>>
>>>>
>>>> On Tue, Oct 12, 2010 at 3:58 PM, Chip Bennett <chip at chipbennett.net>wrote:
>>>>
>>>>> Right - and the only thing that I can see that TimThumb does is expose
>>>>> image filtering.
>>>>>
>>>>> 1) I'm not familiar with any Themes using TimThumb solely for image
>>>>> filtering (though I concede that there must be some out there...)
>>>>>
>>>>> 2) The image filtering that TimThumb uses can be called directly from
>>>>> PHP <http://www.php.net/manual/en/function.imagefilter.php>.
>>>>>
>>>>> So, unless someone can point out something that I'm missing, it looks
>>>>> like there is no particular *need* for TimThumb.
>>>>>
>>>>> Chip
>>>>>
>>>>>
>>>>> On Tue, Oct 12, 2010 at 2:55 PM, Edward Caissie <
>>>>> edward.caissie at gmail.com> wrote:
>>>>>
>>>>>> IF timthumb is being used solely in the fashion that
>>>>>> the_post_thumbnail() functionality can 100% manage then the_post_thumbnail()
>>>>>> should be used in its place ... I can support that on the condition it is
>>>>>> explained to the theme author how to do it.
>>>>>>
>>>>>> I am honestly not familiar enough with the workings of timthumb to
>>>>>> know exactly how to replace it with the_post_thumbnail().
>>>>>>
>>>>>> Now, on the other hand, if a theme is using timthumb for post
>>>>>> thumbnails due to a a unique application that the_post_thumbnail does not
>>>>>> inherently handle then the_post_thumbnail() remains an optional use item.
>>>>>>
>>>>>> As to the concern @Anca is raising, I would imagine since
>>>>>> the_post_thumbnail() is not using the 'fopen' function that it is addressing
>>>>>> that particular issue.
>>>>>>
>>>>>>
>>>>>> Cais.
>>>>>>
>>>>>>
>>>>>> On Tue, Oct 12, 2010 at 3:43 PM, Chip Bennett <chip at chipbennett.net>wrote:
>>>>>>
>>>>>>> I disagree, entirely.
>>>>>>>
>>>>>>> The wording of the Guidelines is that use of Post Thumbnail feature
>>>>>>> is not required, but that if Post Thumbnail feature is used, then
>>>>>>> implementation of the core functionality is required.
>>>>>>>
>>>>>>> In other words: you don't have to incorporate Post Thumbnails into
>>>>>>> your Theme - but if you do, you are REQUIRED to support the core
>>>>>>> functionality.
>>>>>>>
>>>>>>> Chip
>>>>>>>
>>>>>>>
>>>>>>> On Tue, Oct 12, 2010 at 2:40 PM, Edward Caissie <
>>>>>>> edward.caissie at gmail.com> wrote:
>>>>>>>
>>>>>>>> When the timthumb issue arose at the end of August I put forward to
>>>>>>>> all the theme authors affected to consider using post_thumbnail() core
>>>>>>>> functionality as an alternative, but since post_thumbnail() usage is still
>>>>>>>> only recommended, theme authors are well within their designer's perogative
>>>>>>>> using timthumb, especially if they are making use of its unique functions.
>>>>>>>>
>>>>>>>>
>>>>>>>> Cais.
>>>>>>>>
>>>>>>>>
>>>>>>>> On Tue, Oct 12, 2010 at 3:30 PM, Chip Bennett <chip at chipbennett.net
>>>>>>>> > wrote:
>>>>>>>>
>>>>>>>>> So, here's all I can really determine that TimThumb offers, that
>>>>>>>>> can't be accomplished through use of core Post Thumbnails functionality: image
>>>>>>>>> filters<http://www.binarymoon.co.uk/2010/08/timthumb-image-filters/>
>>>>>>>>> .
>>>>>>>>>
>>>>>>>>> I can see image filtering being useful for Theme designs.
>>>>>>>>>
>>>>>>>>> But, should we be checking to ensure that Themes aren't just using
>>>>>>>>> TimThumb to make thumbnails (which should be done using the core Post
>>>>>>>>> Thumbnail functionality)?
>>>>>>>>>
>>>>>>>>> Chip
>>>>>>>>>
>>>>>>>>> On Tue, Oct 12, 2010 at 2:19 PM, Chip Bennett <
>>>>>>>>> chip at chipbennett.net> wrote:
>>>>>>>>>
>>>>>>>>>> I'm completely unfamiliar with TimThumb. What is it, and what does
>>>>>>>>>> it do?
>>>>>>>>>>
>>>>>>>>>> It looks to me like it's just an image thumbnailer/resizer - which
>>>>>>>>>> is exactly what core Post Thumbnails does.
>>>>>>>>>>
>>>>>>>>>> So, should we even be allowing new Themes to be using TimThumb?
>>>>>>>>>> Does it do something that can't be accomplished with the core functionality?
>>>>>>>>>>
>>>>>>>>>> Chip
>>>>>>>>>>
>>>>>>>>>>  On Tue, Oct 12, 2010 at 2:00 PM, Gene Robinson <
>>>>>>>>>> emhr at submersible.me> wrote:
>>>>>>>>>>
>>>>>>>>>>>  I don't use tim-thumb but two themes I just reviewed were using
>>>>>>>>>>> it. I'll have to go back and look into them regarding this. The tickets
>>>>>>>>>>> were: Sriwijaya <http://themes.trac.wordpress.org/ticket/1333>
>>>>>>>>>>>   and Syailendra <http://themes.trac.wordpress.org/ticket/1428>. Also
>>>>>>>>>>> could someone look at my final comment on Syailendra<http://themes.trac.wordpress.org/query?keywords=%7Etheme-syailendra> as
>>>>>>>>>>> I am unsure if Chris is cc'd on this ticket by simply commenting.
>>>>>>>>>>>
>>>>>>>>>>> You are welcome to assign me another theme if you like. When is
>>>>>>>>>>> training complete or is there a milestone to reach?
>>>>>>>>>>>
>>>>>>>>>>> -Gene(emhr)
>>>>>>>>>>>
>>>>>>>>>>> On Oct 12, 2010, at 2:25 PM, Edward Caissie wrote:
>>>>>>>>>>>
>>>>>>>>>>> @Gene -
>>>>>>>>>>>
>>>>>>>>>>> Around the end of August several themes were noted to be using an
>>>>>>>>>>> older version of timthumb that had a potentiall security issue associated
>>>>>>>>>>> with the code as it was written. The timbthumb script itself was corrected
>>>>>>>>>>> before then but there were still older versions in use on some repository
>>>>>>>>>>> themes.
>>>>>>>>>>>
>>>>>>>>>>> If you are using timthumb you can get the current version here if
>>>>>>>>>>> need be: http://code.google.com/p/timthumb/
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>> _______________________________________________
>>>>>>>>>>> theme-reviewers mailing list
>>>>>>>>>>> theme-reviewers at lists.wordpress.org
>>>>>>>>>>> http://lists.wordpress.org/mailman/listinfo/theme-reviewers
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>
>>>>>>>>> _______________________________________________
>>>>>>>>> theme-reviewers mailing list
>>>>>>>>> theme-reviewers at lists.wordpress.org
>>>>>>>>> http://lists.wordpress.org/mailman/listinfo/theme-reviewers
>>>>>>>>>
>>>>>>>>>
>>>>>>>>
>>>>>>>> _______________________________________________
>>>>>>>> theme-reviewers mailing list
>>>>>>>> theme-reviewers at lists.wordpress.org
>>>>>>>> http://lists.wordpress.org/mailman/listinfo/theme-reviewers
>>>>>>>>
>>>>>>>>
>>>>>>>
>>>>>>> _______________________________________________
>>>>>>> theme-reviewers mailing list
>>>>>>> theme-reviewers at lists.wordpress.org
>>>>>>> http://lists.wordpress.org/mailman/listinfo/theme-reviewers
>>>>>>>
>>>>>>>
>>>>>>
>>>>>> _______________________________________________
>>>>>> theme-reviewers mailing list
>>>>>> theme-reviewers at lists.wordpress.org
>>>>>> http://lists.wordpress.org/mailman/listinfo/theme-reviewers
>>>>>>
>>>>>>
>>>>>
>>>>> _______________________________________________
>>>>> theme-reviewers mailing list
>>>>> theme-reviewers at lists.wordpress.org
>>>>> http://lists.wordpress.org/mailman/listinfo/theme-reviewers
>>>>>
>>>>>
>>>>
>>>> _______________________________________________
>>>> theme-reviewers mailing list
>>>> theme-reviewers at lists.wordpress.org
>>>> http://lists.wordpress.org/mailman/listinfo/theme-reviewers
>>>>
>>>>
>>>
>>> _______________________________________________
>>> theme-reviewers mailing list
>>> theme-reviewers at lists.wordpress.org
>>> http://lists.wordpress.org/mailman/listinfo/theme-reviewers
>>>
>>>
>>
>> _______________________________________________
>> theme-reviewers mailing list
>> theme-reviewers at lists.wordpress.org
>> http://lists.wordpress.org/mailman/listinfo/theme-reviewers
>>
>>
>
> _______________________________________________
> theme-reviewers mailing list
> theme-reviewers at lists.wordpress.org
> http://lists.wordpress.org/mailman/listinfo/theme-reviewers
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.wordpress.org/pipermail/theme-reviewers/attachments/20101012/92eb2371/attachment-0001.htm>

More information about the theme-reviewers mailing list