PageRenderTime 39ms CodeModel.GetById 11ms RepoModel.GetById 0ms app.codeStats 0ms

/src/phpthumb/phpThumb.php

http://github.com/thibaud-rohmer/PhotoShow
PHP | 642 lines | 478 code | 80 blank | 84 comment | 174 complexity | 926ef9af19abdc8255c0dde3ee0fbfc4 MD5 | raw file
    

  1. <?php
    2. 

  2. //////////////////////////////////////////////////////////////
    3. 

  3. //   phpThumb() by James Heinrich <info@silisoftware.com>   //
    4. 

  4. //        available at http://phpthumb.sourceforge.net      //
    5. 

  5. //         and/or https://github.com/JamesHeinrich/phpThumb //
    6. 

  6. //////////////////////////////////////////////////////////////
    7. 

  7. ///                                                         //
    8. 

  8. // See: phpthumb.changelog.txt for recent changes           //
    9. 

  9. // See: phpthumb.readme.txt for usage instructions          //
    10. 

  10. //                                                         ///
    11. 

  11. //////////////////////////////////////////////////////////////
    12. 

  12. 

  13. error_reporting(E_ALL);
    14. 

  14. ini_set('display_errors', '1');
    15. 

  15. ini_set('magic_quotes_runtime', '0');
    16. 

  16. if (ini_get('magic_quotes_runtime')) {
    17. 

  17. 	die('"magic_quotes_runtime" is set in php.ini, cannot run phpThumb with this enabled');
    18. 

  18. }
    19. 

  19. $starttime = array_sum(explode(' ', microtime())); // could be called as microtime(true) for PHP 5.0.0+
    20. 

  20. 

  21. // this script relies on the superglobal arrays, fake it here for old PHP versions
    22. 

  22. if (phpversion() < '4.1.0') {
    23. 

  23. 	$_SERVER = $HTTP_SERVER_VARS;
    24. 

  24. 	$_GET    = $HTTP_GET_VARS;
    25. 

  25. }
    26. 

  26. 

  27. function SendSaveAsFileHeaderIfNeeded() {
    28. 

  28. 	if (headers_sent()) {
    29. 

  29. 		return false;
    30. 

  30. 	}
    31. 

  31. 	global $phpThumb;
    32. 

  32. 	$downloadfilename = phpthumb_functions::SanitizeFilename(!empty($_GET['sia']) ? $_GET['sia'] : (!empty($_GET['down']) ? $_GET['down'] : 'phpThumb_generated_thumbnail'.(!empty($_GET['f']) ? $_GET['f'] : 'jpg')));
    33. 

  33. 	if (!empty($downloadfilename)) {
    34. 

  34. 		$phpThumb->DebugMessage('SendSaveAsFileHeaderIfNeeded() sending header: Content-Disposition: '.(!empty($_GET['down']) ? 'attachment' : 'inline').'; filename="'.$downloadfilename.'"', __FILE__, __LINE__);
    35. 

  35. 		header('Content-Disposition: '.(!empty($_GET['down']) ? 'attachment' : 'inline').'; filename="'.$downloadfilename.'"');
    36. 

  36. 	}
    37. 

  37. 	return true;
    38. 

  38. }
    39. 

  39. 

  40. function PasswordStrength($password) {
    41. 

  41. 	$strength = 0;
    42. 

  42. 	$strength += strlen(preg_replace('#[^a-z]#',       '', $password)) * 0.5; // lowercase characters are weak
    43. 

  43. 	$strength += strlen(preg_replace('#[^A-Z]#',       '', $password)) * 0.8; // uppercase characters are somewhat better
    44. 

  44. 	$strength += strlen(preg_replace('#[^0-9]#',       '', $password)) * 1.0; // numbers are somewhat better
    45. 

  45. 	$strength += strlen(preg_replace('#[a-zA-Z0-9]#',  '', $password)) * 2.0; // other non-alphanumeric characters are best
    46. 

  46. 	return $strength;
    47. 

  47. }
    48. 

  48. 

  49. function RedirectToCachedFile() {
    50. 

  50. 	global $phpThumb;
    51. 

  51. 

  52. 	$nice_cachefile = str_replace(DIRECTORY_SEPARATOR, '/', $phpThumb->cache_filename);
    53. 

  53. 	$nice_docroot   = str_replace(DIRECTORY_SEPARATOR, '/', rtrim($phpThumb->config_document_root, '/\\'));
    54. 

  54. 

  55. 	$parsed_url = phpthumb_functions::ParseURLbetter(@$_SERVER['HTTP_REFERER']);
    56. 

  56. 

  57. 	$nModified  = filemtime($phpThumb->cache_filename);
    58. 

  58. 

  59. 	if ($phpThumb->config_nooffsitelink_enabled && !empty($_SERVER['HTTP_REFERER']) && !in_array(@$parsed_url['host'], $phpThumb->config_nooffsitelink_valid_domains)) {
    60. 

  60. 

  61. 		$phpThumb->DebugMessage('Would have used cached (image/'.$phpThumb->thumbnailFormat.') file "'.$phpThumb->cache_filename.'" (Last-Modified: '.gmdate('D, d M Y H:i:s', $nModified).' GMT), but skipping because $_SERVER[HTTP_REFERER] ('.@$_SERVER['HTTP_REFERER'].') is not in $phpThumb->config_nooffsitelink_valid_domains ('.implode(';', $phpThumb->config_nooffsitelink_valid_domains).')', __FILE__, __LINE__);
    62. 

  62. 

  63. 	} elseif ($phpThumb->phpThumbDebug) {
    64. 

  64. 

  65. 		$phpThumb->DebugTimingMessage('skipped using cached image', __FILE__, __LINE__);
    66. 

  66. 		$phpThumb->DebugMessage('Would have used cached file, but skipping due to phpThumbDebug', __FILE__, __LINE__);
    67. 

  67. 		$phpThumb->DebugMessage('* Would have sent headers (1): Last-Modified: '.gmdate('D, d M Y H:i:s', $nModified).' GMT', __FILE__, __LINE__);
    68. 

  68. 		if ($getimagesize = @GetImageSize($phpThumb->cache_filename)) {
    69. 

  69. 			$phpThumb->DebugMessage('* Would have sent headers (2): Content-Type: '.phpthumb_functions::ImageTypeToMIMEtype($getimagesize[2]), __FILE__, __LINE__);
    70. 

  70. 		}
    71. 

  71. 		if (preg_match('#^'.preg_quote($nice_docroot).'(.*)$#', $nice_cachefile, $matches)) {
    72. 

  72. 			$phpThumb->DebugMessage('* Would have sent headers (3): Location: '.dirname($matches[1]).'/'.urlencode(basename($matches[1])), __FILE__, __LINE__);
    73. 

  73. 		} else {
    74. 

  74. 			$phpThumb->DebugMessage('* Would have sent data: readfile('.$phpThumb->cache_filename.')', __FILE__, __LINE__);
    75. 

  75. 		}
    76. 

  76. 

  77. 	} else {
    78. 

  78. 

  79. 		if (headers_sent()) {
    80. 

  80. 			$phpThumb->ErrorImage('Headers already sent ('.basename(__FILE__).' line '.__LINE__.')');
    81. 

  81. 			exit;
    82. 

  82. 		}
    83. 

  83. 		SendSaveAsFileHeaderIfNeeded();
    84. 

  84. 

  85. 		header('Cache-Control: private');
    86. 

  86. 		header('Pragma: private');
    87. 

  87. 		header('Expires: '.date(DATE_RFC822, strtotime(' 1 day')));
    88. 

  88. 		if (!empty($_SERVER['HTTP_IF_MODIFIED_SINCE']) && ($nModified == strtotime($_SERVER['HTTP_IF_MODIFIED_SINCE'])) && !empty($_SERVER['SERVER_PROTOCOL'])) {
    89. 

  89. 			header('Last-Modified: '.gmdate('D, d M Y H:i:s', $nModified).' GMT', true, 304);
    90. 

  90. 			exit;
    91. 

  91. 		}
    92. 

  92. 		if ($getimagesize = @GetImageSize($phpThumb->cache_filename)) {
    93. 

  93. 			header('Content-Type: '.phpthumb_functions::ImageTypeToMIMEtype($getimagesize[2]));
    94. 

  94. 		} elseif (preg_match('#\\.ico$#i', $phpThumb->cache_filename)) {
    95. 

  95. 			header('Content-Type: image/x-icon');
    96. 

  96. 		}
    97. 

  97. 		header('Content-Length: '.filesize($phpThumb->cache_filename));
    98. 

  98. 		if (empty($phpThumb->config_cache_force_passthru) && preg_match('#^'.preg_quote($nice_docroot).'(.*)$#', $nice_cachefile, $matches)) {
    99. 

  99. 			header('Location: '.dirname($matches[1]).'/'.urlencode(basename($matches[1])));
    100. 

  100. 		} else {
    101. 

  101. 			@readfile($phpThumb->cache_filename);
    102. 

  102. 		}
    103. 

  103. 		exit;
    104. 

  104. 

  105. 	}
    106. 

  106. 	return true;
    107. 

  107. }
    108. 

  108. 

  109. 

  110. 

  111. // instantiate a new phpThumb() object
    112. 

  112. ob_start();
    113. 

  113. if (!include_once(dirname(__FILE__).'/phpthumb.class.php')) {
    114. 

  114. 	ob_end_flush();
    115. 

  115. 	die('failed to include_once("'.realpath(dirname(__FILE__).'/phpthumb.class.php').'")');
    116. 

  116. }
    117. 

  117. ob_end_clean();
    118. 

  118. $phpThumb = new phpThumb();
    119. 

  119. $phpThumb->DebugTimingMessage('phpThumb.php start', __FILE__, __LINE__, $starttime);
    120. 

  120. $phpThumb->SetParameter('config_error_die_on_error', true);
    121. 

  121. 

  122. if (!phpthumb_functions::FunctionIsDisabled('set_time_limit')) {
    123. 

  123. 	set_time_limit(60);  // shouldn't take nearly this long in most cases, but with many filters and/or a slow server...
    124. 

  124. }
    125. 

  125. 

  126. // phpThumbDebug[0] used to be here, but may reveal too much
    127. 

  127. // info when high_security_mode should be enabled (not set yet)
    128. 

  128. 

  129. if (file_exists(dirname(__FILE__).'/phpThumb.config.php')) {
    130. 

  130. 	ob_start();
    131. 

  131. 	if (include_once(dirname(__FILE__).'/phpThumb.config.php')) {
    132. 

  132. 		// great
    133. 

  133. 	} else {
    134. 

  134. 		ob_end_flush();
    135. 

  135. 		$phpThumb->config_disable_debug = false; // otherwise error message won't print
    136. 

  136. 		$phpThumb->ErrorImage('failed to include_once('.dirname(__FILE__).'/phpThumb.config.php) - realpath="'.realpath(dirname(__FILE__).'/phpThumb.config.php').'"');
    137. 

  137. 	}
    138. 

  138. 	ob_end_clean();
    139. 

  139. } elseif (file_exists(dirname(__FILE__).'/phpThumb.config.php.default')) {
    140. 

  140. 	$phpThumb->config_disable_debug = false; // otherwise error message won't print
    141. 

  141. 	$phpThumb->ErrorImage('Please rename "phpThumb.config.php.default" to "phpThumb.config.php"');
    142. 

  142. } else {
    143. 

  143. 	$phpThumb->config_disable_debug = false; // otherwise error message won't print
    144. 

  144. 	$phpThumb->ErrorImage('failed to include_once('.dirname(__FILE__).'/phpThumb.config.php) - realpath="'.realpath(dirname(__FILE__).'/phpThumb.config.php').'"');
    145. 

  145. }
    146. 

  146. 

  147. if (!empty($PHPTHUMB_CONFIG)) {
    148. 

  148. 	foreach ($PHPTHUMB_CONFIG as $key => $value) {
    149. 

  149. 		$keyname = 'config_'.$key;
    150. 

  150. 		$phpThumb->setParameter($keyname, $value);
    151. 

  151. 		if (!preg_match('#(password|mysql)#i', $key)) {
    152. 

  152. 			$phpThumb->DebugMessage('setParameter('.$keyname.', '.$phpThumb->phpThumbDebugVarDump($value).')', __FILE__, __LINE__);
    153. 

  153. 		}
    154. 

  154. 	}
    155. 

  155. 	if (!$phpThumb->config_disable_debug) {
    156. 

  156. 		// if debug mode is enabled, force phpThumbDebug output, do not allow normal thumbnails to be generated
    157. 

  157. 		$_GET['phpThumbDebug'] = (!empty($_GET['phpThumbDebug']) ? max(1, intval($_GET['phpThumbDebug'])) : 9);
    158. 

  158. 		$phpThumb->setParameter('phpThumbDebug', $_GET['phpThumbDebug']);
    159. 

  159. 	}
    160. 

  160. } else {
    161. 

  161. 	$phpThumb->DebugMessage('$PHPTHUMB_CONFIG is empty', __FILE__, __LINE__);
    162. 

  162. }
    163. 

  163. 

  164. if (empty($phpThumb->config_disable_pathinfo_parsing) && (empty($_GET) || isset($_GET['phpThumbDebug'])) && !empty($_SERVER['PATH_INFO'])) {
    165. 

  165. 	$_SERVER['PHP_SELF'] = str_replace($_SERVER['PATH_INFO'], '', @$_SERVER['PHP_SELF']);
    166. 

  166. 

  167. 	$args = explode(';', substr($_SERVER['PATH_INFO'], 1));
    168. 

  168. 	$phpThumb->DebugMessage('PATH_INFO.$args set to ('.implode(')(', $args).')', __FILE__, __LINE__);
    169. 

  169. 	if (!empty($args)) {
    170. 

  170. 		$_GET['src'] = @$args[count($args) - 1];
    171. 

  171. 		$phpThumb->DebugMessage('PATH_INFO."src" = "'.$_GET['src'].'"', __FILE__, __LINE__);
    172. 

  172. 		if (preg_match('#^new\=([a-z0-9]+)#i', $_GET['src'], $matches)) {
    173. 

  173. 			unset($_GET['src']);
    174. 

  174. 			$_GET['new'] = $matches[1];
    175. 

  175. 		}
    176. 

  176. 	}
    177. 

  177. 	if (preg_match('#^([0-9]*)x?([0-9]*)$#i', @$args[count($args) - 2], $matches)) {
    178. 

  178. 		$_GET['w'] = $matches[1];
    179. 

  179. 		$_GET['h'] = $matches[2];
    180. 

  180. 		$phpThumb->DebugMessage('PATH_INFO."w"x"h" set to "'.$_GET['w'].'"x"'.$_GET['h'].'"', __FILE__, __LINE__);
    181. 

  181. 	}
    182. 

  182. 	for ($i = 0; $i < count($args) - 2; $i++) {
    183. 

  183. 		@list($key, $value) = explode('=', @$args[$i]);
    184. 

  184. 		if (substr($key, -2) == '[]') {
    185. 

  185. 			$array_key_name = substr($key, 0, -2);
    186. 

  186. 			$_GET[$array_key_name][] = $value;
    187. 

  187. 			$phpThumb->DebugMessage('PATH_INFO."'.$array_key_name.'[]" = "'.$value.'"', __FILE__, __LINE__);
    188. 

  188. 		} else {
    189. 

  189. 			$_GET[$key] = $value;
    190. 

  190. 			$phpThumb->DebugMessage('PATH_INFO."'.$key.'" = "'.$value.'"', __FILE__, __LINE__);
    191. 

  191. 		}
    192. 

  192. 	}
    193. 

  193. }
    194. 

  194. 

  195. if (!empty($phpThumb->config_high_security_enabled)) {
    196. 

  196. 	if (empty($_GET['hash'])) {
    197. 

  197. 		$phpThumb->config_disable_debug = false; // otherwise error message won't print
    198. 

  198. 		$phpThumb->ErrorImage('ERROR: missing hash');
    199. 

  199. 	} elseif (PasswordStrength($phpThumb->config_high_security_password) < 20) {
    200. 

  200. 		$phpThumb->config_disable_debug = false; // otherwise error message won't print
    201. 

  201. 		$phpThumb->ErrorImage('ERROR: $PHPTHUMB_CONFIG[high_security_password] is not complex enough');
    202. 

  202. 	} elseif ($_GET['hash'] != md5(str_replace($phpThumb->config_high_security_url_separator.'hash='.$_GET['hash'], '', $_SERVER['QUERY_STRING']).$phpThumb->config_high_security_password)) {
    203. 

  203. 		header('HTTP/1.0 403 Forbidden');
    204. 

  204. 		sleep(10); // deliberate delay to discourage password-guessing
    205. 

  205. 		$phpThumb->ErrorImage('ERROR: invalid hash');
    206. 

  206. 	}
    207. 

  207. }
    208. 

  208. 

  209. ////////////////////////////////////////////////////////////////
    210. 

  210. // Debug output, to try and help me diagnose problems
    211. 

  211. $phpThumb->DebugTimingMessage('phpThumbDebug[0]', __FILE__, __LINE__);
    212. 

  212. if (isset($_GET['phpThumbDebug']) && ($_GET['phpThumbDebug'] == '0')) {
    213. 

  213. 	$phpThumb->phpThumbDebug();
    214. 

  214. }
    215. 

  215. ////////////////////////////////////////////////////////////////
    216. 

  216. 

  217. // returned the fixed string if the evil "magic_quotes_gpc" setting is on
    218. 

  218. if (get_magic_quotes_gpc()) {
    219. 

  219. 	// deprecated: 'err', 'file', 'goto',
    220. 

  220. 	$RequestVarsToStripSlashes = array('src', 'wmf', 'down');
    221. 

  221. 	foreach ($RequestVarsToStripSlashes as $key) {
    222. 

  222. 		if (isset($_GET[$key])) {
    223. 

  223. 			if (is_string($_GET[$key])) {
    224. 

  224. 				$_GET[$key] = stripslashes($_GET[$key]);
    225. 

  225. 			} else {
    226. 

  226. 				unset($_GET[$key]);
    227. 

  227. 			}
    228. 

  228. 		}
    229. 

  229. 	}
    230. 

  230. }
    231. 

  231. 

  232. if (empty($_SERVER['PATH_INFO']) && empty($_SERVER['QUERY_STRING'])) {
    233. 

  233. 	$phpThumb->config_disable_debug = false; // otherwise error message won't print
    234. 

  234. 	$phpThumb->ErrorImage('ERROR: no parameters specified');
    235. 

  235. }
    236. 

  236. 

  237. if (!empty($_GET['src']) && isset($_GET['md5s']) && empty($_GET['md5s'])) {
    238. 

  238. 	if (preg_match('#^([a-z0-9]+)://#i', $_GET['src'], $protocol_matches)) {
    239. 

  239. 		if (preg_match('#^(f|ht)tps?://#i', $_GET['src'])) {
    240. 

  240. 			if ($rawImageData = phpthumb_functions::SafeURLread($_GET['src'], $error, $phpThumb->config_http_fopen_timeout, $phpThumb->config_http_follow_redirect)) {
    241. 

  241. 				$md5s = md5($rawImageData);
    242. 

  242. 			}
    243. 

  243. 		} else {
    244. 

  244. 			$phpThumb->ErrorImage('only FTP and HTTP/HTTPS protocols are allowed, "'.$protocol_matches[1].'" is not');
    245. 

  245. 		}
    246. 

  246. 	} else {
    247. 

  247. 		$SourceFilename = $phpThumb->ResolveFilenameToAbsolute($_GET['src']);
    248. 

  248. 		if (is_readable($SourceFilename)) {
    249. 

  249. 			$md5s = phpthumb_functions::md5_file_safe($SourceFilename);
    250. 

  250. 		} else {
    251. 

  251. 			$phpThumb->ErrorImage('ERROR: "'.$SourceFilename.'" cannot be read');
    252. 

  252. 		}
    253. 

  253. 	}
    254. 

  254. 	if (!empty($_SERVER['HTTP_REFERER'])) {
    255. 

  255. 		$phpThumb->ErrorImage('&md5s='.$md5s);
    256. 

  256. 	} else {
    257. 

  257. 		die('&md5s='.$md5s);
    258. 

  258. 	}
    259. 

  259. }
    260. 

  260. 

  261. if (!empty($_GET['src']) && empty($phpThumb->config_allow_local_http_src) && preg_match('#^http://'.@$_SERVER['HTTP_HOST'].'(.+)#i', $_GET['src'], $matches)) {
    262. 

  262. 	$phpThumb->ErrorImage('It is MUCH better to specify the "src" parameter as "'.$matches[1].'" instead of "'.$matches[0].'".'."\n\n".'If you really must do it this way, enable "allow_local_http_src" in phpThumb.config.php');
    263. 

  263. }
    264. 

  264. 

  265. ////////////////////////////////////////////////////////////////
    266. 

  266. // Debug output, to try and help me diagnose problems
    267. 

  267. $phpThumb->DebugTimingMessage('phpThumbDebug[1]', __FILE__, __LINE__);
    268. 

  268. if (isset($_GET['phpThumbDebug']) && ($_GET['phpThumbDebug'] == '1')) {
    269. 

  269. 	$phpThumb->phpThumbDebug();
    270. 

  270. }
    271. 

  271. ////////////////////////////////////////////////////////////////
    272. 

  272. 

  273. $parsed_url_referer = phpthumb_functions::ParseURLbetter(@$_SERVER['HTTP_REFERER']);
    274. 

  274. if ($phpThumb->config_nooffsitelink_require_refer && !in_array(@$parsed_url_referer['host'], $phpThumb->config_nohotlink_valid_domains)) {
    275. 

  275. 	$phpThumb->ErrorImage('config_nooffsitelink_require_refer enabled and '.(@$parsed_url_referer['host'] ? '"'.$parsed_url_referer['host'].'" is not an allowed referer' : 'no HTTP_REFERER exists'));
    276. 

  276. }
    277. 

  277. $parsed_url_src = phpthumb_functions::ParseURLbetter(@$_GET['src']);
    278. 

  278. if ($phpThumb->config_nohotlink_enabled && $phpThumb->config_nohotlink_erase_image && preg_match('#^(f|ht)tps?://#i', @$_GET['src']) && !in_array(@$parsed_url_src['host'], $phpThumb->config_nohotlink_valid_domains)) {
    279. 

  279. 	$phpThumb->ErrorImage($phpThumb->config_nohotlink_text_message);
    280. 

  280. }
    281. 

  281. 

  282. if ($phpThumb->config_mysql_query) {
    283. 

  283. 	if ($cid = @mysql_connect($phpThumb->config_mysql_hostname, $phpThumb->config_mysql_username, $phpThumb->config_mysql_password)) {
    284. 

  284. 		if (@mysql_select_db($phpThumb->config_mysql_database, $cid)) {
    285. 

  285. 			if ($result = @mysql_query($phpThumb->config_mysql_query, $cid)) {
    286. 

  286. 				if ($row = @mysql_fetch_array($result)) {
    287. 

  287. 

  288. 					mysql_free_result($result);
    289. 

  289. 					mysql_close($cid);
    290. 

  290. 					$phpThumb->setSourceData($row[0]);
    291. 

  291. 					unset($row);
    292. 

  292. 

  293. 				} else {
    294. 

  294. 					mysql_free_result($result);
    295. 

  295. 					mysql_close($cid);
    296. 

  296. 					$phpThumb->ErrorImage('no matching data in database.');
    297. 

  297. 				}
    298. 

  298. 			} else {
    299. 

  299. 				mysql_close($cid);
    300. 

  300. 				$phpThumb->ErrorImage('Error in MySQL query: "'.mysql_error($cid).'"');
    301. 

  301. 			}
    302. 

  302. 		} else {
    303. 

  303. 			mysql_close($cid);
    304. 

  304. 			$phpThumb->ErrorImage('cannot select MySQL database: "'.mysql_error($cid).'"');
    305. 

  305. 		}
    306. 

  306. 	} else {
    307. 

  307. 		$phpThumb->ErrorImage('cannot connect to MySQL server');
    308. 

  308. 	}
    309. 

  309. 	unset($_GET['id']);
    310. 

  310. }
    311. 

  311. 

  312. ////////////////////////////////////////////////////////////////
    313. 

  313. // Debug output, to try and help me diagnose problems
    314. 

  314. $phpThumb->DebugTimingMessage('phpThumbDebug[2]', __FILE__, __LINE__);
    315. 

  315. if (isset($_GET['phpThumbDebug']) && ($_GET['phpThumbDebug'] == '2')) {
    316. 

  316. 	$phpThumb->phpThumbDebug();
    317. 

  317. }
    318. 

  318. ////////////////////////////////////////////////////////////////
    319. 

  319. 

  320. $PHPTHUMB_DEFAULTS_DISABLEGETPARAMS = (bool) ($phpThumb->config_cache_default_only_suffix && (strpos($phpThumb->config_cache_default_only_suffix, '*') !== false));
    321. 

  321. 

  322. // deprecated: 'err', 'file', 'goto',
    323. 

  323. $allowedGETparameters = array('src', 'new', 'w', 'h', 'wp', 'hp', 'wl', 'hl', 'ws', 'hs', 'f', 'q', 'sx', 'sy', 'sw', 'sh', 'zc', 'bc', 'bg', 'bgt', 'fltr', 'xto', 'ra', 'ar', 'aoe', 'far', 'iar', 'maxb', 'down', 'phpThumbDebug', 'hash', 'md5s', 'sfn', 'dpi', 'sia', 'nocache');
    324. 

  324. foreach ($_GET as $key => $value) {
    325. 

  325. 	if (!empty($PHPTHUMB_DEFAULTS_DISABLEGETPARAMS) && ($key != 'src')) {
    326. 

  326. 		// disabled, do not set parameter
    327. 

  327. 		$phpThumb->DebugMessage('ignoring $_GET['.$key.'] because of $PHPTHUMB_DEFAULTS_DISABLEGETPARAMS', __FILE__, __LINE__);
    328. 

  328. 	} elseif (in_array($key, $allowedGETparameters)) {
    329. 

  329. 		$phpThumb->DebugMessage('setParameter('.$key.', '.$phpThumb->phpThumbDebugVarDump($value).')', __FILE__, __LINE__);
    330. 

  330. 		$phpThumb->setParameter($key, $value);
    331. 

  331. 	} else {
    332. 

  332. 		$phpThumb->ErrorImage('Forbidden parameter: '.$key);
    333. 

  333. 	}
    334. 

  334. }
    335. 

  335. 

  336. if (!empty($PHPTHUMB_DEFAULTS) && is_array($PHPTHUMB_DEFAULTS)) {
    337. 

  337. 	$phpThumb->DebugMessage('setting $PHPTHUMB_DEFAULTS['.implode(';', array_keys($PHPTHUMB_DEFAULTS)).']', __FILE__, __LINE__);
    338. 

  338. 	foreach ($PHPTHUMB_DEFAULTS as $key => $value) {
    339. 

  339. 		if (!$PHPTHUMB_DEFAULTS_GETSTRINGOVERRIDE || !isset($_GET[$key])) { // set parameter to default value if config is set to allow _GET to override default, OR if no value is passed via _GET for this parameter
    340. 

  340. 			$_GET[$key] = $value;
    341. 

  341. 			$phpThumb->DebugMessage('PHPTHUMB_DEFAULTS assigning ('.(is_array($value) ? print_r($value, true) : $value).') to $_GET['.$key.']', __FILE__, __LINE__);
    342. 

  342. 		}
    343. 

  343. 	}
    344. 

  344. }
    345. 

  345. 

  346. ////////////////////////////////////////////////////////////////
    347. 

  347. // Debug output, to try and help me diagnose problems
    348. 

  348. $phpThumb->DebugTimingMessage('phpThumbDebug[3]', __FILE__, __LINE__);
    349. 

  349. if (isset($_GET['phpThumbDebug']) && ($_GET['phpThumbDebug'] == '3')) {
    350. 

  350. 	$phpThumb->phpThumbDebug();
    351. 

  351. }
    352. 

  352. ////////////////////////////////////////////////////////////////
    353. 

  353. 

  354. //if (!@$_GET['phpThumbDebug'] && !is_file($phpThumb->sourceFilename) && !phpthumb_functions::gd_version()) {
    355. 

  355. //	if (!headers_sent()) {
    356. 

  356. //		// base64-encoded error image in GIF format
    357. 

  357. //		$ERROR_NOGD = 'R0lGODlhIAAgALMAAAAAABQUFCQkJDY2NkZGRldXV2ZmZnJycoaGhpSUlKWlpbe3t8XFxdXV1eTk5P7+/iwAAAAAIAAgAAAE/vDJSau9WILtTAACUinDNijZtAHfCojS4W5H+qxD8xibIDE9h0OwWaRWDIljJSkUJYsN4bihMB8th3IToAKs1VtYM75cyV8sZ8vygtOE5yMKmGbO4jRdICQCjHdlZzwzNW4qZSQmKDaNjhUMBX4BBAlmMywFSRWEmAI6b5gAlhNxokGhooAIK5o/pi9vEw4Lfj4OLTAUpj6IabMtCwlSFw0DCKBoFqwAB04AjI54PyZ+yY3TD0ss2YcVmN/gvpcu4TOyFivWqYJlbAHPpOntvxNAACcmGHjZzAZqzSzcq5fNjxFmAFw9iFRunD1epU6tsIPmFCAJnWYE0FURk7wJDA0MTKpEzoWAAskiAAA7';
    358. 

  358. //		header('Content-Type: image/gif');
    359. 

  359. //		echo base64_decode($ERROR_NOGD);
    360. 

  360. //	} else {
    361. 

  361. //		echo '*** ERROR: No PHP-GD support available ***';
    362. 

  362. //	}
    363. 

  363. //	exit;
    364. 

  364. //}
    365. 

  365. 

  366. // check to see if file can be output from source with no processing or caching
    367. 

  367. $CanPassThroughDirectly = true;
    368. 

  368. if ($phpThumb->rawImageData) {
    369. 

  369. 	// data from SQL, should be fine
    370. 

  370. } elseif (preg_match('#^http\://[^\\?&]+\\.(jpe?g|gif|png)$#i', $phpThumb->src)) {
    371. 

  371. 	// assume is ok to passthru if no other parameters specified
    372. 

  372. } elseif (preg_match('#^(f|ht)tp\://#i', $phpThumb->src)) {
    373. 

  373. 	$phpThumb->DebugMessage('$CanPassThroughDirectly=false because preg_match("#^(f|ht)tp\://#i", '.$phpThumb->src.')', __FILE__, __LINE__);
    374. 

  374. 	$CanPassThroughDirectly = false;
    375. 

  375. } elseif (!@is_readable($phpThumb->sourceFilename)) {
    376. 

  376. 	$phpThumb->DebugMessage('$CanPassThroughDirectly=false because !@is_readable('.$phpThumb->sourceFilename.')', __FILE__, __LINE__);
    377. 

  377. 	$CanPassThroughDirectly = false;
    378. 

  378. } elseif (!@is_file($phpThumb->sourceFilename)) {
    379. 

  379. 	$phpThumb->DebugMessage('$CanPassThroughDirectly=false because !@is_file('.$phpThumb->sourceFilename.')', __FILE__, __LINE__);
    380. 

  380. 	$CanPassThroughDirectly = false;
    381. 

  381. }
    382. 

  382. foreach ($_GET as $key => $value) {
    383. 

  383. 	switch ($key) {
    384. 

  384. 		case 'src':
    385. 

  385. 			// allowed
    386. 

  386. 			break;
    387. 

  387. 

  388. 		case 'w':
    389. 

  389. 		case 'h':
    390. 

  390. 			// might be OK if exactly matches original
    391. 

  391. 			if (preg_match('#^http\://[^\\?&]+\\.(jpe?g|gif|png)$#i', $phpThumb->src)) {
    392. 

  392. 				// assume it is not ok for direct-passthru of remote image
    393. 

  393. 				$CanPassThroughDirectly = false;
    394. 

  394. 			}
    395. 

  395. 			break;
    396. 

  396. 

  397. 		case 'phpThumbDebug':
    398. 

  398. 			// handled in direct-passthru code
    399. 

  399. 			break;
    400. 

  400. 

  401. 		default:
    402. 

  402. 			// all other parameters will cause some processing,
    403. 

  403. 			// therefore cannot pass through original image unmodified
    404. 

  404. 			$CanPassThroughDirectly = false;
    405. 

  405. 			$UnAllowedGET[] = $key;
    406. 

  406. 			break;
    407. 

  407. 	}
    408. 

  408. }
    409. 

  409. if (!empty($UnAllowedGET)) {
    410. 

  410. 	$phpThumb->DebugMessage('$CanPassThroughDirectly=false because $_GET['.implode(';', array_unique($UnAllowedGET)).'] are set', __FILE__, __LINE__);
    411. 

  411. }
    412. 

  412. 

  413. ////////////////////////////////////////////////////////////////
    414. 

  414. // Debug output, to try and help me diagnose problems
    415. 

  415. $phpThumb->DebugTimingMessage('phpThumbDebug[4]', __FILE__, __LINE__);
    416. 

  416. if (isset($_GET['phpThumbDebug']) && ($_GET['phpThumbDebug'] == '4')) {
    417. 

  417. 	$phpThumb->phpThumbDebug();
    418. 

  418. }
    419. 

  419. ////////////////////////////////////////////////////////////////
    420. 

  420. 

  421. $phpThumb->DebugMessage('$CanPassThroughDirectly="'.intval($CanPassThroughDirectly).'" && $phpThumb->src="'.$phpThumb->src.'"', __FILE__, __LINE__);
    422. 

  422. while ($CanPassThroughDirectly && $phpThumb->src) {
    423. 

  423. 	// no parameters set, passthru
    424. 

  424. 

  425. 	if (preg_match('#^http\://[^\\?&]+\.(jpe?g|gif|png)$#i', $phpThumb->src)) {
    426. 

  426. 		$phpThumb->DebugMessage('Passing HTTP source through directly as Location: redirect ('.$phpThumb->src.')', __FILE__, __LINE__);
    427. 

  427. 		header('Location: '.$phpThumb->src);
    428. 

  428. 		exit;
    429. 

  429. 	}
    430. 

  430. 

  431. 	$SourceFilename = $phpThumb->ResolveFilenameToAbsolute($phpThumb->src);
    432. 

  432. 

  433. 	// security and size checks
    434. 

  434. 	if ($phpThumb->getimagesizeinfo = @GetImageSize($SourceFilename)) {
    435. 

  435. 		$phpThumb->DebugMessage('Direct passthru GetImageSize() returned [w='.$phpThumb->getimagesizeinfo[0].';h='.$phpThumb->getimagesizeinfo[1].';t='.$phpThumb->getimagesizeinfo[2].']', __FILE__, __LINE__);
    436. 

  436. 

  437. 		if (!@$_GET['w'] && !@$_GET['wp'] && !@$_GET['wl'] && !@$_GET['ws'] && !@$_GET['h'] && !@$_GET['hp'] && !@$_GET['hl'] && !@$_GET['hs']) {
    438. 

  438. 			// no resizing needed
    439. 

  439. 			$phpThumb->DebugMessage('Passing "'.$SourceFilename.'" through directly, no resizing required ("'.$phpThumb->getimagesizeinfo[0].'"x"'.$phpThumb->getimagesizeinfo[1].'")', __FILE__, __LINE__);
    440. 

  440. 		} elseif (($phpThumb->getimagesizeinfo[0] <= @$_GET['w']) && ($phpThumb->getimagesizeinfo[1] <= @$_GET['h']) && ((@$_GET['w'] == $phpThumb->getimagesizeinfo[0]) || (@$_GET['h'] == $phpThumb->getimagesizeinfo[1]))) {
    441. 

  441. 			// image fits into 'w'x'h' box, and at least one dimension matches exactly, therefore no resizing needed
    442. 

  442. 			$phpThumb->DebugMessage('Passing "'.$SourceFilename.'" through directly, no resizing required ("'.$phpThumb->getimagesizeinfo[0].'"x"'.$phpThumb->getimagesizeinfo[1].'" fits inside "'.@$_GET['w'].'"x"'.@$_GET['h'].'")', __FILE__, __LINE__);
    443. 

  443. 		} else {
    444. 

  444. 			$phpThumb->DebugMessage('Not passing "'.$SourceFilename.'" through directly because resizing required (from "'.$phpThumb->getimagesizeinfo[0].'"x"'.$phpThumb->getimagesizeinfo[1].'" to "'.@$_GET['w'].'"x"'.@$_GET['h'].'")', __FILE__, __LINE__);
    445. 

  445. 			break;
    446. 

  446. 		}
    447. 

  447. 		switch ($phpThumb->getimagesizeinfo[2]) {
    448. 

  448. 			case 1: // GIF
    449. 

  449. 			case 2: // JPG
    450. 

  450. 			case 3: // PNG
    451. 

  451. 				// great, let it through
    452. 

  452. 				break;
    453. 

  453. 			default:
    454. 

  454. 				// browser probably can't handle format, remangle it to JPEG/PNG/GIF
    455. 

  455. 				$phpThumb->DebugMessage('Not passing "'.$SourceFilename.'" through directly because $phpThumb->getimagesizeinfo[2] = "'.$phpThumb->getimagesizeinfo[2].'"', __FILE__, __LINE__);
    456. 

  456. 				break 2;
    457. 

  457. 		}
    458. 

  458. 

  459. 		$ImageCreateFunctions = array(1=>'ImageCreateFromGIF', 2=>'ImageCreateFromJPEG', 3=>'ImageCreateFromPNG');
    460. 

  460. 		$theImageCreateFunction = @$ImageCreateFunctions[$phpThumb->getimagesizeinfo[2]];
    461. 

  461. 		if ($phpThumb->config_disable_onlycreateable_passthru || (function_exists($theImageCreateFunction) && ($dummyImage = @$theImageCreateFunction($SourceFilename)))) {
    462. 

  462. 

  463. 			// great
    464. 

  464. 			if (@is_resource($dummyImage)) {
    465. 

  465. 				unset($dummyImage);
    466. 

  466. 			}
    467. 

  467. 

  468. 			if (headers_sent()) {
    469. 

  469. 				$phpThumb->ErrorImage('Headers already sent ('.basename(__FILE__).' line '.__LINE__.')');
    470. 

  470. 				exit;
    471. 

  471. 			}
    472. 

  472. 			if (@$_GET['phpThumbDebug']) {
    473. 

  473. 				$phpThumb->DebugTimingMessage('skipped direct $SourceFilename passthru', __FILE__, __LINE__);
    474. 

  474. 				$phpThumb->DebugMessage('Would have passed "'.$SourceFilename.'" through directly, but skipping due to phpThumbDebug', __FILE__, __LINE__);
    475. 

  475. 				break;
    476. 

  476. 			}
    477. 

  477. 

  478. 			SendSaveAsFileHeaderIfNeeded();
    479. 

  479. 			header('Last-Modified: '.gmdate('D, d M Y H:i:s', @filemtime($SourceFilename)).' GMT');
    480. 

  480. 			if ($contentType = phpthumb_functions::ImageTypeToMIMEtype(@$phpThumb->getimagesizeinfo[2])) {
    481. 

  481. 				header('Content-Type: '.$contentType);
    482. 

  482. 			}
    483. 

  483. 			@readfile($SourceFilename);
    484. 

  484. 			exit;
    485. 

  485. 

  486. 		} else {
    487. 

  487. 			$phpThumb->DebugMessage('Not passing "'.$SourceFilename.'" through directly because ($phpThumb->config_disable_onlycreateable_passthru = "'.$phpThumb->config_disable_onlycreateable_passthru.'") and '.$theImageCreateFunction.'() failed', __FILE__, __LINE__);
    488. 

  488. 			break;
    489. 

  489. 		}
    490. 

  490. 

  491. 	} else {
    492. 

  492. 		$phpThumb->DebugMessage('Not passing "'.$SourceFilename.'" through directly because GetImageSize() failed', __FILE__, __LINE__);
    493. 

  493. 		break;
    494. 

  494. 	}
    495. 

  495. 	break;
    496. 

  496. }
    497. 

  497. 

  498. ////////////////////////////////////////////////////////////////
    499. 

  499. // Debug output, to try and help me diagnose problems
    500. 

  500. $phpThumb->DebugTimingMessage('phpThumbDebug[5]', __FILE__, __LINE__);
    501. 

  501. if (isset($_GET['phpThumbDebug']) && ($_GET['phpThumbDebug'] == '5')) {
    502. 

  502. 	$phpThumb->phpThumbDebug();
    503. 

  503. }
    504. 

  504. ////////////////////////////////////////////////////////////////
    505. 

  505. 

  506. // check to see if file already exists in cache, and output it with no processing if it does
    507. 

  507. $phpThumb->SetCacheFilename();
    508. 

  508. if (@is_readable($phpThumb->cache_filename)) {
    509. 

  509. 	RedirectToCachedFile();
    510. 

  510. } else {
    511. 

  511. 	$phpThumb->DebugMessage('Cached file "'.$phpThumb->cache_filename.'" does not exist, processing as normal', __FILE__, __LINE__);
    512. 

  512. }
    513. 

  513. 

  514. ////////////////////////////////////////////////////////////////
    515. 

  515. // Debug output, to try and help me diagnose problems
    516. 

  516. $phpThumb->DebugTimingMessage('phpThumbDebug[6]', __FILE__, __LINE__);
    517. 

  517. if (isset($_GET['phpThumbDebug']) && ($_GET['phpThumbDebug'] == '6')) {
    518. 

  518. 	$phpThumb->phpThumbDebug();
    519. 

  519. }
    520. 

  520. ////////////////////////////////////////////////////////////////
    521. 

  521. 

  522. if ($phpThumb->rawImageData) {
    523. 

  523. 

  524. 	// great
    525. 

  525. 

  526. } elseif (!empty($_GET['new'])) {
    527. 

  527. 

  528. 	// generate a blank image resource of the specified size/background color/opacity
    529. 

  529. 	if (($phpThumb->w <= 0) || ($phpThumb->h <= 0)) {
    530. 

  530. 		$phpThumb->ErrorImage('"w" and "h" parameters required for "new"');
    531. 

  531. 	}
    532. 

  532. 	@list($bghexcolor, $opacity) = explode('|', $_GET['new']);
    533. 

  533. 	if (!phpthumb_functions::IsHexColor($bghexcolor)) {
    534. 

  534. 		$phpThumb->ErrorImage('BGcolor parameter for "new" is not valid');
    535. 

  535. 	}
    536. 

  536. 	$opacity = (strlen($opacity) ? $opacity : 100);
    537. 

  537. 	if ($phpThumb->gdimg_source = phpthumb_functions::ImageCreateFunction($phpThumb->w, $phpThumb->h)) {
    538. 

  538. 		$alpha = (100 - min(100, max(0, $opacity))) * 1.27;
    539. 

  539. 		if ($alpha) {
    540. 

  540. 			$phpThumb->setParameter('is_alpha', true);
    541. 

  541. 			ImageAlphaBlending($phpThumb->gdimg_source, false);
    542. 

  542. 			ImageSaveAlpha($phpThumb->gdimg_source, true);
    543. 

  543. 		}
    544. 

  544. 		$new_background_color = phpthumb_functions::ImageHexColorAllocate($phpThumb->gdimg_source, $bghexcolor, false, $alpha);
    545. 

  545. 		ImageFilledRectangle($phpThumb->gdimg_source, 0, 0, $phpThumb->w, $phpThumb->h, $new_background_color);
    546. 

  546. 	} else {
    547. 

  547. 		$phpThumb->ErrorImage('failed to create "new" image ('.$phpThumb->w.'x'.$phpThumb->h.')');
    548. 

  548. 	}
    549. 

  549. 

  550. } elseif (!$phpThumb->src) {
    551. 

  551. 

  552. 	$phpThumb->ErrorImage('Usage: '.$_SERVER['PHP_SELF'].'?src=/path/and/filename.jpg'."\n".'read Usage comments for details');
    553. 

  553. 

  554. } elseif (preg_match('#^([a-z0-9]+)://#i', $_GET['src'], $protocol_matches)) {
    555. 

  555. 

  556. 	if (preg_match('#^(f|ht)tps?://#i', $_GET['src'])) {
    557. 

  557. 		$phpThumb->DebugMessage('$phpThumb->src ('.$phpThumb->src.') is remote image, attempting to download', __FILE__, __LINE__);
    558. 

  558. 		if ($phpThumb->config_http_user_agent) {
    559. 

  559. 			$phpThumb->DebugMessage('Setting "user_agent" to "'.$phpThumb->config_http_user_agent.'"', __FILE__, __LINE__);
    560. 

  560. 			ini_set('user_agent', $phpThumb->config_http_user_agent);
    561. 

  561. 		}
    562. 

  562. 		$cleanedupurl = phpthumb_functions::CleanUpURLencoding($phpThumb->src);
    563. 

  563. 		$phpThumb->DebugMessage('CleanUpURLencoding('.$phpThumb->src.') returned "'.$cleanedupurl.'"', __FILE__, __LINE__);
    564. 

  564. 		$phpThumb->src = $cleanedupurl;
    565. 

  565. 		unset($cleanedupurl);
    566. 

  566. 		if ($rawImageData = phpthumb_functions::SafeURLread($phpThumb->src, $error, $phpThumb->config_http_fopen_timeout, $phpThumb->config_http_follow_redirect)) {
    567. 

  567. 			$phpThumb->DebugMessage('SafeURLread('.$phpThumb->src.') succeeded'.($error ? ' with messsages: "'.$error.'"' : ''), __FILE__, __LINE__);
    568. 

  568. 			$phpThumb->DebugMessage('Setting source data from URL "'.$phpThumb->src.'"', __FILE__, __LINE__);
    569. 

  569. 			$phpThumb->setSourceData($rawImageData, urlencode($phpThumb->src));
    570. 

  570. 		} else {
    571. 

  571. 			$phpThumb->ErrorImage($error);
    572. 

  572. 		}
    573. 

  573. 	} else {
    574. 

  574. 		$phpThumb->ErrorImage('only FTP and HTTP/HTTPS protocols are allowed, "'.$protocol_matches[1].'" is not');
    575. 

  575. 	}
    576. 

  576. 

  577. }
    578. 

  578. 

  579. ////////////////////////////////////////////////////////////////
    580. 

  580. // Debug output, to try and help me diagnose problems
    581. 

  581. $phpThumb->DebugTimingMessage('phpThumbDebug[7]', __FILE__, __LINE__);
    582. 

  582. if (isset($_GET['phpThumbDebug']) && ($_GET['phpThumbDebug'] == '7')) {
    583. 

  583. 	$phpThumb->phpThumbDebug();
    584. 

  584. }
    585. 

  585. ////////////////////////////////////////////////////////////////
    586. 

  586. 

  587. $phpThumb->GenerateThumbnail();
    588. 

  588. 

  589. ////////////////////////////////////////////////////////////////
    590. 

  590. // Debug output, to try and help me diagnose problems
    591. 

  591. $phpThumb->DebugTimingMessage('phpThumbDebug[8]', __FILE__, __LINE__);
    592. 

  592. if (isset($_GET['phpThumbDebug']) && ($_GET['phpThumbDebug'] == '8')) {
    593. 

  593. 	$phpThumb->phpThumbDebug();
    594. 

  594. }
    595. 

  595. ////////////////////////////////////////////////////////////////
    596. 

  596. 

  597. if (!empty($phpThumb->config_high_security_enabled) && !empty($_GET['nocache'])) {
    598. 

  598. 

  599. 	// cache disabled, don't write cachefile
    600. 

  600. 

  601. } else {
    602. 

  602. 

  603. 	phpthumb_functions::EnsureDirectoryExists(dirname($phpThumb->cache_filename));
    604. 

  604. 	if (is_writable(dirname($phpThumb->cache_filename)) || (file_exists($phpThumb->cache_filename) && is_writable($phpThumb->cache_filename))) {
    605. 

  605. 

  606. 		$phpThumb->CleanUpCacheDirectory();
    607. 

  607. 		if ($phpThumb->RenderToFile($phpThumb->cache_filename) && is_readable($phpThumb->cache_filename)) {
    608. 

  608. 			chmod($phpThumb->cache_filename, 0644);
    609. 

  609. 			RedirectToCachedFile();
    610. 

  610. 		} else {
    611. 

  611. 			$phpThumb->DebugMessage('Failed: RenderToFile('.$phpThumb->cache_filename.')', __FILE__, __LINE__);
    612. 

  612. 		}
    613. 

  613. 

  614. 	} else {
    615. 

  615. 

  616. 		$phpThumb->DebugMessage('Cannot write to $phpThumb->cache_filename ('.$phpThumb->cache_filename.') because that directory ('.dirname($phpThumb->cache_filename).') is not writable', __FILE__, __LINE__);
    617. 

  617. 

  618. 	}
    619. 

  619. 

  620. }
    621. 

  621. 

  622. ////////////////////////////////////////////////////////////////
    623. 

  623. // Debug output, to try and help me diagnose problems
    624. 

  624. $phpThumb->DebugTimingMessage('phpThumbDebug[9]', __FILE__, __LINE__);
    625. 

  625. if (isset($_GET['phpThumbDebug']) && ($_GET['phpThumbDebug'] == '9')) {
    626. 

  626. 	$phpThumb->phpThumbDebug();
    627. 

  627. }
    628. 

  628. ////////////////////////////////////////////////////////////////
    629. 

  629. 

  630. if (!$phpThumb->OutputThumbnail()) {
    631. 

  631. 	$phpThumb->ErrorImage('Error in OutputThumbnail():'."\n".$phpThumb->debugmessages[(count($phpThumb->debugmessages) - 1)]);
    632. 

  632. }
    633. 

  633. 

  634. ////////////////////////////////////////////////////////////////
    635. 

  635. // Debug output, to try and help me diagnose problems
    636. 

  636. $phpThumb->DebugTimingMessage('phpThumbDebug[10]', __FILE__, __LINE__);
    637. 

  637. if (isset($_GET['phpThumbDebug']) && ($_GET['phpThumbDebug'] == '10')) {
    638. 

  638. 	$phpThumb->phpThumbDebug();
    639. 

  639. }
    640. 

  640. ////////////////////////////////////////////////////////////////
    641. 

  641. 

  642. ?>
    643.