Absolutely. Let's throw out the call for public comment, on a proposed Guideline revision to disallow TimThumb in favor of core Post Thumbnail functionality!<div><br></div><div>It's entirely possible we're missing something. If not, then it will be good to know the *other* arguments, as well.</div>
<div><br></div><div>Chip<br><br><div class="gmail_quote">On Tue, Oct 12, 2010 at 3:01 PM, Edward Caissie <span dir="ltr"><<a href="mailto:edward.caissie@gmail.com">edward.caissie@gmail.com</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex;">
Perhaps the author(s)/developer(s) of timthumb should be asked what makes it so special verus the_post_thumbnail?<br><br>As you wrote, there may be something we are missing on why it should be used ...<br><br><br>Cais.<div>
<div></div><div class="h5"><br>
<br><div class="gmail_quote">On Tue, Oct 12, 2010 at 3:58 PM, Chip Bennett <span dir="ltr"><<a href="mailto:chip@chipbennett.net" target="_blank">chip@chipbennett.net</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0pt 0pt 0pt 0.8ex;border-left:1px solid rgb(204, 204, 204);padding-left:1ex">
Right - and the only thing that I can see that TimThumb does is expose image filtering.<div><br></div><div>1) I'm not familiar with any Themes using TimThumb solely for image filtering (though I concede that there must be some out there...)</div>
<div><br></div><div>2) The image filtering that TimThumb uses <a href="http://www.php.net/manual/en/function.imagefilter.php" target="_blank">can be called directly from PHP</a>.</div><div><br></div><div>So, unless someone can point out something that I'm missing, it looks like there is no particular *need* for TimThumb.</div>
<div><br></div><div><font color="#888888">Chip</font><div><div></div><div><br><br><div class="gmail_quote">On Tue, Oct 12, 2010 at 2:55 PM, Edward Caissie <span dir="ltr"><<a href="mailto:edward.caissie@gmail.com" target="_blank">edward.caissie@gmail.com</a>></span> wrote:<br>
<blockquote class="gmail_quote" style="margin:0pt 0pt 0pt 0.8ex;border-left:1px solid rgb(204, 204, 204);padding-left:1ex">
IF timthumb is being used solely in the fashion that the_post_thumbnail() functionality can 100% manage then the_post_thumbnail() should be used in its place ... I can support that on the condition it is explained to the theme author how to do it.<br>
<br>I am honestly not familiar enough with the workings of timthumb to know exactly how to replace it with the_post_thumbnail().<br><br>Now, on the other hand, if a theme is using timthumb for post thumbnails due to a a unique application that the_post_thumbnail does not inherently handle then the_post_thumbnail() remains an optional use item.<br>
<br>As to the concern @Anca is raising, I would imagine since the_post_thumbnail() is not using the 'fopen' function that it is addressing that particular issue.<br><br><br>Cais.<div><div></div><div><br>
<br><div class="gmail_quote">On Tue, Oct 12, 2010 at 3:43 PM, Chip Bennett <span dir="ltr"><<a href="mailto:chip@chipbennett.net" target="_blank">chip@chipbennett.net</a>></span> wrote:<br>
<blockquote class="gmail_quote" style="margin:0pt 0pt 0pt 0.8ex;border-left:1px solid rgb(204, 204, 204);padding-left:1ex">I disagree, entirely.<div><br></div><div>The wording of the Guidelines is that use of Post Thumbnail feature is not required, but that if Post Thumbnail feature is used, then implementation of the core functionality is required.</div>
<div><br></div><div>In other words: you don't have to incorporate Post Thumbnails into your Theme - but if you do, you are REQUIRED to support the core functionality.</div><div><br></div><div><font color="#888888">Chip</font><div>
<div></div><div><br><br><div class="gmail_quote">
On Tue, Oct 12, 2010 at 2:40 PM, Edward Caissie <span dir="ltr"><<a href="mailto:edward.caissie@gmail.com" target="_blank">edward.caissie@gmail.com</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0pt 0pt 0pt 0.8ex;border-left:1px solid rgb(204, 204, 204);padding-left:1ex">
When the timthumb issue arose at the end of August I put forward to all the theme authors affected to consider using post_thumbnail() core functionality as an alternative, but since post_thumbnail() usage is still only recommended, theme authors are well within their designer's perogative using timthumb, especially if they are making use of its unique functions.<br>
<br><br>Cais.<div><div></div><div><br><br><div class="gmail_quote">On Tue, Oct 12, 2010 at 3:30 PM, Chip Bennett <span dir="ltr"><<a href="mailto:chip@chipbennett.net" target="_blank">chip@chipbennett.net</a>></span> wrote:<br>
<blockquote class="gmail_quote" style="margin:0pt 0pt 0pt 0.8ex;border-left:1px solid rgb(204, 204, 204);padding-left:1ex">
So, here's all I can really determine that TimThumb offers, that can't be accomplished through use of core Post Thumbnails functionality: <a href="http://www.binarymoon.co.uk/2010/08/timthumb-image-filters/" target="_blank">image filters</a>.<div>
<br></div><div>I can see image filtering being useful for Theme designs.</div><div><br></div><div>But, should we be checking to ensure that Themes aren't just using TimThumb to make thumbnails (which should be done using the core Post Thumbnail functionality)?</div>
<div><br></div><div>Chip<br><br><div class="gmail_quote">On Tue, Oct 12, 2010 at 2:19 PM, Chip Bennett <span dir="ltr"><<a href="mailto:chip@chipbennett.net" target="_blank">chip@chipbennett.net</a>></span> wrote:<br>
<blockquote class="gmail_quote" style="margin:0pt 0pt 0pt 0.8ex;border-left:1px solid rgb(204, 204, 204);padding-left:1ex">
I'm completely unfamiliar with TimThumb. What is it, and what does it do?<div><br></div><div>It looks to me like it's just an image thumbnailer/resizer - which is exactly what core Post Thumbnails does.</div><div>
<br>
</div><div>So, should we even be allowing new Themes to be using TimThumb? Does it do something that can't be accomplished with the core functionality?</div><div><br></div><div>Chip<br><div><br><div class="gmail_quote">
<div><div></div><div>
On Tue, Oct 12, 2010 at 2:00 PM, Gene Robinson <span dir="ltr"><<a href="mailto:emhr@submersible.me" target="_blank">emhr@submersible.me</a>></span> wrote:<br></div></div><blockquote class="gmail_quote" style="margin:0pt 0pt 0pt 0.8ex;border-left:1px solid rgb(204, 204, 204);padding-left:1ex">
<div><div></div><div>
<div style="word-wrap:break-word">I don't use tim-thumb but two themes I just reviewed were using it. I'll have to go back and look into them regarding this. The tickets were: <a href="http://themes.trac.wordpress.org/ticket/1333" target="_blank">Sriwijaya</a> and <a href="http://themes.trac.wordpress.org/ticket/1428" target="_blank">Syailendra</a>. Also could someone look at my final comment on <a href="http://themes.trac.wordpress.org/query?keywords=%7Etheme-syailendra" target="_blank">Syailendra</a> as I am unsure if Chris is cc'd on this ticket by simply commenting. <div>
<br></div><div>You are welcome to assign me another theme if you like. When is training complete or is there a milestone to reach?<div><div><div><div><div><br></div><div>-Gene(emhr)</div><div><div><br><div><div>
On Oct 12, 2010, at 2:25 PM, Edward Caissie wrote:</div><br><blockquote type="cite">@Gene -<br><br>Around the end of August several themes were noted to be using an older version of timthumb that had a potentiall security issue associated with the code as it was written. The timbthumb script itself was corrected before then but there were still older versions in use on some repository themes.<br>
<br>If you are using timthumb you can get the current version here if need be:<span> </span><a href="http://code.google.com/p/timthumb/" target="_blank">http://code.google.com/p/<span>timthumb</span>/</a></blockquote></div>
<br></div></div></div></div></div></div></div></div><br></div></div><div>_______________________________________________<br>
theme-reviewers mailing list<br>
<a href="mailto:theme-reviewers@lists.wordpress.org" target="_blank">theme-reviewers@lists.wordpress.org</a><br>
<a href="http://lists.wordpress.org/mailman/listinfo/theme-reviewers" target="_blank">http://lists.wordpress.org/mailman/listinfo/theme-reviewers</a><br>
<br></div></blockquote></div><br></div></div>
</blockquote></div><br></div>
<br>_______________________________________________<br>
theme-reviewers mailing list<br>
<a href="mailto:theme-reviewers@lists.wordpress.org" target="_blank">theme-reviewers@lists.wordpress.org</a><br>
<a href="http://lists.wordpress.org/mailman/listinfo/theme-reviewers" target="_blank">http://lists.wordpress.org/mailman/listinfo/theme-reviewers</a><br>
<br></blockquote></div><br>
</div></div><br>_______________________________________________<br>
theme-reviewers mailing list<br>
<a href="mailto:theme-reviewers@lists.wordpress.org" target="_blank">theme-reviewers@lists.wordpress.org</a><br>
<a href="http://lists.wordpress.org/mailman/listinfo/theme-reviewers" target="_blank">http://lists.wordpress.org/mailman/listinfo/theme-reviewers</a><br>
<br></blockquote></div><br></div></div></div>
<br>_______________________________________________<br>
theme-reviewers mailing list<br>
<a href="mailto:theme-reviewers@lists.wordpress.org" target="_blank">theme-reviewers@lists.wordpress.org</a><br>
<a href="http://lists.wordpress.org/mailman/listinfo/theme-reviewers" target="_blank">http://lists.wordpress.org/mailman/listinfo/theme-reviewers</a><br>
<br></blockquote></div><br>
</div></div><br>_______________________________________________<br>
theme-reviewers mailing list<br>
<a href="mailto:theme-reviewers@lists.wordpress.org" target="_blank">theme-reviewers@lists.wordpress.org</a><br>
<a href="http://lists.wordpress.org/mailman/listinfo/theme-reviewers" target="_blank">http://lists.wordpress.org/mailman/listinfo/theme-reviewers</a><br>
<br></blockquote></div><br></div></div></div>
<br>_______________________________________________<br>
theme-reviewers mailing list<br>
<a href="mailto:theme-reviewers@lists.wordpress.org" target="_blank">theme-reviewers@lists.wordpress.org</a><br>
<a href="http://lists.wordpress.org/mailman/listinfo/theme-reviewers" target="_blank">http://lists.wordpress.org/mailman/listinfo/theme-reviewers</a><br>
<br></blockquote></div><br>
</div></div><br>_______________________________________________<br>
theme-reviewers mailing list<br>
<a href="mailto:theme-reviewers@lists.wordpress.org">theme-reviewers@lists.wordpress.org</a><br>
<a href="http://lists.wordpress.org/mailman/listinfo/theme-reviewers" target="_blank">http://lists.wordpress.org/mailman/listinfo/theme-reviewers</a><br>
<br></blockquote></div><br></div>