1<?php
2//////////////////////////////////////////////////////////////
3//   phpThumb() by James Heinrich <info@silisoftware.com>   //
4//        available at http://phpthumb.sourceforge.net      //
5//         and/or https://github.com/JamesHeinrich/phpThumb //
6//////////////////////////////////////////////////////////////
7///                                                         //
8// See: phpthumb.readme.txt for usage instructions          //
9//      NOTE: THIS FILE HAS NO EFFECT IN OBJECT MODE!       //
10//            THIS CONFIG FILE ONLY APPLIES TO phpThumb.php //
11//                                                         ///
12//////////////////////////////////////////////////////////////
13
14define('phpThumbConfigFileVersion', '1.7.16');
15ob_start();
16if (!class_exists('phpthumb_functions', false)) { // normally include_once should take care of this, but see https://github.com/JamesHeinrich/phpThumb/issues/94
17	if (!file_exists( __DIR__ .'/phpthumb.functions.php') || !include_once( __DIR__ .'/phpthumb.functions.php')) {
18		ob_end_flush();
19		die('failed to include_once(phpthumb.functions.php) - realpath="'.realpath( __DIR__ .'/phpthumb.functions.php').'"');
20	}
21}
22ob_end_clean();
23
24
25
26/****************************************************************************************/
27/* START USER CONFIGURATION SECTION: */
28global $PHPTHUMB_CONFIG;  // declare as global to prevent scope issues (when including phpThumb.config.php inside functions inside included files, etc)
29$PHPTHUMB_CONFIG = array();
30
31// * DocumentRoot configuration
32// phpThumb() depends on $_SERVER['DOCUMENT_ROOT'] to resolve path/filenames. This value is usually correct,
33// but has been known to be broken on some servers. This value allows you to override the default value.
34// Do not modify from the auto-detect default value unless you are having problems.
35//$PHPTHUMB_CONFIG['document_root'] = '/home/httpd/httpdocs';
36//$PHPTHUMB_CONFIG['document_root'] = 'c:\\webroot\\example.com\\www';
37//$PHPTHUMB_CONFIG['document_root'] = $_SERVER['DOCUMENT_ROOT'];
38//$PHPTHUMB_CONFIG['document_root'] = realpath((@$_SERVER['DOCUMENT_ROOT'] && file_exists(@$_SERVER['DOCUMENT_ROOT'].$_SERVER['PHP_SELF'])) ? $_SERVER['DOCUMENT_ROOT'] : str_replace(dirname(@$_SERVER['PHP_SELF']), '', str_replace(DIRECTORY_SEPARATOR, '/', realpath('.'))));
39$PHPTHUMB_CONFIG['document_root'] = realpath((getenv('DOCUMENT_ROOT') && preg_match('#^'.preg_quote(realpath(getenv('DOCUMENT_ROOT'))).'#', realpath(__FILE__))) ? getenv('DOCUMENT_ROOT') : str_replace(dirname(@$_SERVER['PHP_SELF']), '', str_replace(DIRECTORY_SEPARATOR, '/',  __DIR__ )));
40
41
42// * Security configuration
43$PHPTHUMB_CONFIG['disable_debug']               = true;    // DO NOT DISABLE THIS ON ANY PUBLIC-ACCESSIBLE SERVER. Prevents phpThumb from displaying any information about your system. If true, phpThumbDebug and error messages will be disabled. If set to false (debug messages enabled) then debug mode will be FORCED -- ONLY debug output will be presented, no actual thumbnail (to avoid accidentally leaving debug mode enabled on a production server)
44$PHPTHUMB_CONFIG['high_security_enabled']       = true;    // DO NOT DISABLE THIS ON ANY PUBLIC-ACCESSIBLE SERVER. If disabled, your server is more vulnerable to hacking attempts, both on your server and via your server to other servers. When enabled, requires 'high_security_password' set to be set and requires the use of phpThumbURL() function (at the bottom of phpThumb.config.php) to generate hashed URLs
45$PHPTHUMB_CONFIG['high_security_password']      = '__HSP_KEY__';      // required if 'high_security_enabled' is true, and must be at complex (uppercase, lowercase, numbers, punctuation, etc -- punctuation is strongest, lowercase is weakest; see PasswordStrength() in phpthumb.functions.php). You can use a password generator like http://silisoftware.com/tools/password-random.php to generate a strong password
46
47$PHPTHUMB_CONFIG['high_security_url_separator'] = '&';     // should almost always be left as '&'. Must be a single character. Do not change to '&amp;' -- htmlspecialchars wrapped around phpThumbURL() takes care of this without breaking the hash
48$PHPTHUMB_CONFIG['allow_src_above_docroot']     = false;   // if false (default) only allow src within document_root; if true, allow src to be anywhere in filesystem
49$PHPTHUMB_CONFIG['allow_src_above_phpthumb']    = true;    // if true (default), allow src to be anywhere in filesystem; if false only allow src within sub-directory of phpThumb installation
50$PHPTHUMB_CONFIG['auto_allow_symlinks']         = true;    // if true (default), allow symlink target directories without explicitly whitelisting them
51$PHPTHUMB_CONFIG['additional_allowed_dirs']     = array(); // array of additional directories to allow source images to be read from
52
53
54// * Cache directory configuration (choose only one of these - leave the other lines commented-out):
55// Note: this directory must be writable (usually chmod 777 is neccesary) for caching to work.
56// If the directory is not writable no error will be generated but caching will be disabled.
57$PHPTHUMB_CONFIG['cache_directory'] = __DIR__.DIRECTORY_SEPARATOR.'cache'.DIRECTORY_SEPARATOR;                                                            // set the cache directory relative to the phpThumb() installation
58//$PHPTHUMB_CONFIG['cache_directory'] = $PHPTHUMB_CONFIG['document_root'].DIRECTORY_SEPARATOR.'phpthumb'.DIRECTORY_SEPARATOR.'cache'.DIRECTORY_SEPARATOR; // set the cache directory to an absolute directory for all source images
59//$PHPTHUMB_CONFIG['cache_directory'] = '.'.DIRECTORY_SEPARATOR.'cache'.DIRECTORY_SEPARATOR;                                                              // set the cache directory relative to the source image - must start with '.' (will not work to cache URL- or database-sourced images, please use an absolute directory name)
60//$PHPTHUMB_CONFIG['cache_directory'] = null;                                                                                                             // disable thumbnail caching (not recommended)
61//if (strtoupper(substr(PHP_OS, 0, 3)) == 'WIN') {
62//	$PHPTHUMB_CONFIG['cache_directory'] = __DIR__.DIRECTORY_SEPARATOR.'cache'.DIRECTORY_SEPARATOR;                                                        // set the cache directory to an absolute directory for all source images
63//	$PHPTHUMB_CONFIG['cache_directory'] = '/tmp/persistent/phpthumb/cache/';
64//}
65
66$PHPTHUMB_CONFIG['cache_disable_warning'] = false; // If [cache_directory] is non-existant or not writable, and [cache_disable_warning] is false, an error image will be generated warning to either set the cache directory or disable the warning (to avoid people not knowing about the cache)
67$PHPTHUMB_CONFIG['cache_directory_depth'] = 2; // If this larger than zero, cache structure will be broken into a broad directory structure based on cache filename. For example "cache_src012345..." will be stored in "/0/01/012/0123/cache_src012345..." when (cache_directory_depth = 4). Caution: larger values can lead to an exponentially larger number of subdirectories which will also affect disk space due to (typically) 4kB used per directory entry: "2" gives a maximum of 16^2=256 subdirectories (up to 1MB wasted space), "3": 16^3=4096 subdirs (up to 16MB wasted), "4": 16^4=65536 subdirs (256MB wasted space), etc.
68
69// * Cache culling: phpThumb can automatically limit the contents of the cache directory
70//   based on last-access date and/or number of files and/or total filesize.
71
72//$PHPTHUMB_CONFIG['cache_maxage'] = null;            // never delete cached thumbnails based on last-access time
73$PHPTHUMB_CONFIG['cache_maxage'] = 86400 * 30;        // delete cached thumbnails that haven't been accessed in more than [30 days] (value is maximum time since last access in seconds to avoid deletion)
74
75//$PHPTHUMB_CONFIG['cache_maxsize'] = null;           // never delete cached thumbnails based on byte size of cache directory
76$PHPTHUMB_CONFIG['cache_maxsize'] = 10 * 1024 * 1024; // delete least-recently-accessed cached thumbnails when more than [10MB] of cached files are present (value is maximum bytesize of all cached files). Note: this only counts file size, does not count space "wasted" by directory entries in the cache structure -- see notes under $PHPTHUMB_CONFIG['cache_directory_depth']
77
78//$PHPTHUMB_CONFIG['cache_maxfiles'] = null;          // never delete cached thumbnails based on number of cached files
79$PHPTHUMB_CONFIG['cache_maxfiles'] = 200;             // delete least-recently-accessed cached thumbnails when more than [200] cached files are present (value is maximum number of cached files to keep)
80
81
82// * Source image cache configuration
83$PHPTHUMB_CONFIG['cache_source_enabled']   = false;                                                                                  // if true, source images obtained via HTTP are cached to $PHPTHUMB_CONFIG['cache_source_directory']
84$PHPTHUMB_CONFIG['cache_source_directory'] =  __DIR__.DIRECTORY_SEPARATOR.'cache'.DIRECTORY_SEPARATOR.'source'.DIRECTORY_SEPARATOR;  // set the cache directory for unprocessed source images
85
86// * cache source modification date configuration
87$PHPTHUMB_CONFIG['cache_source_filemtime_ignore_local']  = false; // if true, local source images will not be checked for modification date and cached image will be used if available, even if source image is changed or removed
88$PHPTHUMB_CONFIG['cache_source_filemtime_ignore_remote'] = true;  // if true, remote source images will not be checked for modification date and cached image will be used if available, even if source image is changed or removed. WARNING: cached performance MUCH slower if this is set to false.
89
90
91// * Simplified cache filename configuration
92// Instead of creating unique cache filenames for all parameter combinations, create "simple" cache files (eg: "pic_thumb.jpg")
93// If cache_default_only_suffix is non-empty, GETstring parameters (except 'src') are ignored and only $PHPTHUMB_DEFAULTS
94// parameters (set at the bottom of phpThumb.config.php) are used for processing.
95// The '*' character MUST be used to represent the source image name
96$PHPTHUMB_CONFIG['cache_default_only_suffix'] = '';           // cached in normal phpThumb manner
97//$PHPTHUMB_CONFIG['cache_default_only_suffix'] = '*_thumb';  // cache 'pic.jpg' becomes 'pic_thumb.jpg' (or 'pic_thumb.png' if PNG output is selected, etc)
98//$PHPTHUMB_CONFIG['cache_default_only_suffix'] = 'small-*';  // cache 'pic.jpg' becomes 'small-pic.jpg' (or 'small-pic.png' if PNG output is selected, etc)
99
100$PHPTHUMB_CONFIG['cache_prefix'] = 'phpThumb_cache_'.(isset($_SERVER['SERVER_NAME']) ? str_replace('www.', '', $_SERVER['SERVER_NAME']).'_' : ''); // keep cache file separate by domain
101//$PHPTHUMB_CONFIG['cache_prefix'] = 'phpThumb_cache';                                                                                             // allow phpThumb to share 1 set of cached files even if accessed under different servername/domains on same server
102
103$PHPTHUMB_CONFIG['cache_force_passthru'] = true;  // if true, cached image data will always be passed to browser; if false, HTTP redirect will be used instead
104
105
106
107// * Temp directory configuration
108// phpThumb() may need to create temp files. Usually the system temp dir is writable and can be used.
109// Leave this value as NULL in most cases. If you get errors about "failed to open <filename> for writing"
110// you should change this to a full pathname to a directory you do have write access to.
111//$PHPTHUMB_CONFIG['temp_directory'] = null;                               // attempt to auto-detect
112//$PHPTHUMB_CONFIG['temp_directory'] = '/tmp/persistent/phpthumb/cache/';  // set to absolute path
113$PHPTHUMB_CONFIG['temp_directory'] = $PHPTHUMB_CONFIG['cache_directory'];  // set to same as cache directory
114
115
116// ImageMagick configuration
117$PHPTHUMB_CONFIG['prefer_imagemagick']        = true;  // If true, use ImageMagick to resize thumbnails if possible, since it is usually faster than GD functions; if false only use ImageMagick if PHP memory limit is too low.
118$PHPTHUMB_CONFIG['imagemagick_use_thumbnail'] = true;  // If true, use ImageMagick's "-thumbnail" resizing parameter (if available) which removes extra non-image metadata (profiles, EXIF info, etc) resulting in much smaller filesize; if false, use "-resize" paramter which retains this info
119if (strtoupper(substr(PHP_OS, 0, 3)) == 'WIN') {
120	// Windows: set absolute pathname
121	$PHPTHUMB_CONFIG['imagemagick_path'] = 'C:/ImageMagick/convert.exe';
122} else {
123	// *nix: set absolute pathname to "convert", or leave as null if "convert" is in the path (location detected with `which`)
124	//$PHPTHUMB_CONFIG['imagemagick_path'] = '/usr/local/bin/convert';
125	$PHPTHUMB_CONFIG['imagemagick_path'] = null;
126}
127
128
129// NOTE: "max_source_pixels" only affects GD-resized thumbnails. If you have ImageMagick installed it will bypass most of these limits
130// maximum number of pixels in source image to attempt to process entire image in GD mode.
131// If this is zero then no limit on source image dimensions.
132// If this is nonzero then this is the maximum number of pixels the source image can have to be processed normally, otherwise the
133// embedded EXIF thumbnail will be used (if available) or an "image too large" notice will be displayed. This is to be used for large
134// source images (>2Mpx) and low PHP memory limits. If PHP runs out of memory the script will usually just die with no output.
135// To calculate this number, multiply the dimensions of the largest image you can process with your memory limitation (e.g. 1600 * 1200 = 1920000)
136// As a general guideline, this number will be about 20% of your PHP memory configuration, so 8M = 1,677,722; 16M = 3,355,443; 32M = 6,710,886; etc.
137if (phpthumb_functions::version_compare_replacement(phpversion(), '4.3.2', '>=') && !defined('memory_get_usage') && !@ini_get('memory_limit')) {
138	// memory_get_usage() will only be defined if your PHP is compiled with the --enable-memory-limit configuration option.
139	$PHPTHUMB_CONFIG['max_source_pixels'] = 0;         // no memory limit
140} else {
141	// calculate default max_source_pixels as 1/6 of memory limit configuration
142	$PHPTHUMB_CONFIG['max_source_pixels'] = round(max(intval(ini_get('memory_limit')), intval(get_cfg_var('memory_limit'))) * 1048576 / 6);
143	//$PHPTHUMB_CONFIG['max_source_pixels'] = 0;       // no memory limit
144	//$PHPTHUMB_CONFIG['max_source_pixels'] = 1920000; // allow 1600x1200 images (2Mpx), no larger (about 12MB memory required)
145	//$PHPTHUMB_CONFIG['max_source_pixels'] = 2795000; // 16MB memory limit
146	//$PHPTHUMB_CONFIG['max_source_pixels'] = 3871488; // allow 2272x1704 images (4Mpx), no larger (about 24MB memory required)
147}
148
149
150// * Default output configuration:
151$PHPTHUMB_CONFIG['output_format']    = 'jpeg'; // default output format ('jpeg', 'png' or 'gif') - thumbnail will be output in this format (if available in your version of GD or ImageMagick). This is only used if the "f" parameter is not specified, and if the thumbnail can't be output in the input format.
152$PHPTHUMB_CONFIG['output_maxwidth']  = 0;      // default maximum thumbnail width.  If this is zero then default width  is the width  of the source image. This is always overridden by ?w=___ GETstring parameter
153$PHPTHUMB_CONFIG['output_maxheight'] = 0;      // default maximum thumbnail height. If this is zero then default height is the height of the source image. This is always overridden by ?h=___ GETstring parameter
154$PHPTHUMB_CONFIG['output_interlace'] = true;   // if true: interlaced output for GIF/PNG, progressive output for JPEG; if false: non-interlaced for GIF/PNG, baseline for JPEG.
155
156// * Error message configuration
157$PHPTHUMB_CONFIG['error_image_width']           = 400;      // default width for error images
158$PHPTHUMB_CONFIG['error_image_height']          = 100;      // default height for error images
159$PHPTHUMB_CONFIG['error_message_image_default'] = '';       // Set this to the name of a generic error image (e.g. '/images/error.png') that you want displayed in place of any error message that may occur. This setting is overridden by the 'err' parameter, which does the same thing.
160$PHPTHUMB_CONFIG['error_bgcolor']               = 'CCCCFF'; // background color of error message images
161$PHPTHUMB_CONFIG['error_textcolor']             = 'FF0000'; // color of text in error messages
162$PHPTHUMB_CONFIG['error_fontsize']              = 1;        // size of text in error messages, from 1 (smallest) to 5 (largest)
163$PHPTHUMB_CONFIG['error_die_on_error']          = true;     // die with error message on any fatal error (recommended with standalone phpThumb.php)
164$PHPTHUMB_CONFIG['error_silent_die_on_error']   = false;    // simply die with no output of any kind on fatal errors (not recommended)
165$PHPTHUMB_CONFIG['error_die_on_source_failure'] = true;     // die with error message if source image cannot be processed by phpThumb() (usually because source image is corrupt in some way). If false the source image will be passed through unprocessed, if true (default) an error message will be displayed.
166
167// * Off-server Thumbnailing Configuration:
168$PHPTHUMB_CONFIG['nohotlink_enabled']           = true;                                     // If false will allow thumbnailing from any source domain, if true then only domains in 'nohotlink_valid_domains' will be accepted
169$PHPTHUMB_CONFIG['nohotlink_valid_domains']     = array(@$_SERVER['HTTP_HOST']);            // This is the list of domains for which thumbnails are allowed to be created. Note: domain only, do not include port numbers. The default value of the current domain should be fine in most cases, but if neccesary you can add more domains in here, in the format "www.example.com"
170$PHPTHUMB_CONFIG['nohotlink_erase_image']       = true;                                     // if true thumbnail is covered up with $PHPTHUMB_CONFIG['nohotlink_fill_color'] before text is applied, if false text is written over top of thumbnail
171$PHPTHUMB_CONFIG['nohotlink_text_message']      = 'Off-server thumbnailing is not allowed'; // text of error message
172
173// * Off-server Linking Configuration:
174$PHPTHUMB_CONFIG['nooffsitelink_enabled']       = true;                                       // If false will allow thumbnails to be linked to from any domain, if true only domains listed below in 'nooffsitelink_valid_domains' will be allowed.
175$PHPTHUMB_CONFIG['nooffsitelink_valid_domains'] = array(@$_SERVER['HTTP_HOST']);              // This is the list of domains for which thumbnails are allowed to be created. The default value of the current domain should be fine in most cases, but if neccesary you can add more domains in here, in the format 'www.example.com'
176$PHPTHUMB_CONFIG['nooffsitelink_require_refer'] = false;                                      // If false will allow standalone calls to phpThumb(). If true then only requests with a $_SERVER['HTTP_REFERER'] value in 'nooffsitelink_valid_domains' are allowed.
177$PHPTHUMB_CONFIG['nooffsitelink_erase_image']   = false;                                      // if true thumbnail is covered up with $PHPTHUMB_CONFIG['nohotlink_fill_color'] before text is applied, if false text is written over top of thumbnail
178$PHPTHUMB_CONFIG['nooffsitelink_watermark_src'] = '/demo/images/watermark.png';                // webroot-relative image to overlay on hotlinked images
179$PHPTHUMB_CONFIG['nooffsitelink_text_message']  = 'Image taken from '.@$_SERVER['HTTP_HOST']; // text of error message (used if [nooffsitelink_watermark_src] is not a valid image)
180
181
182// * Border & Background default colors
183$PHPTHUMB_CONFIG['border_hexcolor']     = '000000'; // Default border color - usual HTML-style hex color notation (overidden with 'bc' parameter)
184$PHPTHUMB_CONFIG['background_hexcolor'] = 'FFFFFF'; // Default background color when thumbnail aspect ratio does not match fixed-dimension box - usual HTML-style hex color notation (overridden with 'bg' parameter)
185
186// * Watermark configuration
187$PHPTHUMB_CONFIG['ttf_directory'] =  __DIR__ .DIRECTORY_SEPARATOR.'fonts'; // Base directory for TTF font files
188//$PHPTHUMB_CONFIG['ttf_directory'] = 'c:/windows/fonts';
189
190
191// * MySQL configuration
192// You may want to pull data from a database rather than a physical file
193// If so, modify the $PHPTHUMB_CONFIG['mysql_query'] line to suit your database structure
194// Note: the data retrieved must be the actual binary data of the image, not a URL or filename
195$PHPTHUMB_CONFIG['mysql_extension'] = 'mysqli'; // either "mysqli" or "mysql"
196
197$PHPTHUMB_CONFIG['mysql_query'] = '';
198//$PHPTHUMB_CONFIG['mysql_query'] = 'SELECT `picture` FROM `products` WHERE (`id` = \''.mysqli_real_escape_string(@$_GET['id']).'\')';
199
200// These 4 values must be modified if $PHPTHUMB_CONFIG['mysql_query'] is not empty, but may be ignored if $PHPTHUMB_CONFIG['mysql_query'] is blank.
201$PHPTHUMB_CONFIG['mysql_hostname'] = 'localhost';
202$PHPTHUMB_CONFIG['mysql_username'] = '';
203$PHPTHUMB_CONFIG['mysql_password'] = '';
204$PHPTHUMB_CONFIG['mysql_database'] = '';
205
206
207// * HTTP UserAgent configuration
208//$PHPTHUMB_CONFIG['http_user_agent'] = '';                                                                                        // PHP default: none
209//$PHPTHUMB_CONFIG['http_user_agent'] = 'Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1)';                                      // Windows XP, Internet Explorer
210//$PHPTHUMB_CONFIG['http_user_agent'] = 'Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.7.12) Gecko/20050915 Firefox/1.0.7'; // Windows XP, Firefox
211$PHPTHUMB_CONFIG['http_user_agent'] = @$_SERVER['HTTP_USER_AGENT'];                                                                // use client user-agent
212
213
214// * Compatability settings
215$PHPTHUMB_CONFIG['disable_pathinfo_parsing']        = true;   // if true, $_SERVER[PATH_INFO] is not parsed. May be needed on some server configurations to allow normal behavior.
216$PHPTHUMB_CONFIG['disable_imagecopyresampled']      = false;  // if true, imagecopyresampled is replaced with ImageCopyResampleBicubic. May be needed for buggy versions of PHP-GD.
217$PHPTHUMB_CONFIG['disable_onlycreateable_passthru'] = true;   // if true, any image that can be parsed by getimagesize() can be passed through; if false, only images that can be converted to GD by ImageCreateFrom(JPEG|GIF|PNG) functions are allowed
218$PHPTHUMB_CONFIG['disable_realpath']                = false;  // PHP realpath() function requires that "the running script must have executable permissions on all directories in the hierarchy, otherwise realpath() will return FALSE". Set config_disable_realpath=false to enable alternate filename-parsing that does not use realpath() function (but also does not resolve symbolic links)
219
220
221// * HTTP remote file opening settings
222$PHPTHUMB_CONFIG['http_fopen_timeout']              = 10;   // timeout (in seconds) for fopen / curl / fsockopen
223$PHPTHUMB_CONFIG['http_follow_redirect']            = true; // if true (default), follow "302 Found" redirects to new URL; if false, return error message
224
225
226// * Speed optimizations configuration
227$PHPTHUMB_CONFIG['allow_local_http_src']         = false; // If true, 'src' parameter can be "http://<thishostname>/path/image.ext" instead of just "/path/image.ext"; if false then display warning message to encourage more efficient local-filename calling.
228$PHPTHUMB_CONFIG['use_exif_thumbnail_for_speed'] = false; // If true, and EXIF thumbnail is available, and is larger or equal to output image dimensions, use EXIF thumbnail rather than actual source image for generating thumbnail. Benefit is only speed, avoiding resizing large image.
229
230/* END USER CONFIGURATION SECTION */
231
232
233
234
235/* START DEFAULT PARAMETERS SECTION */
236// If any parameters are constant across ALL images, you can set them here
237
238$PHPTHUMB_DEFAULTS_GETSTRINGOVERRIDE = true;  // if true, any parameters in the URL will override the defaults set here; if false, any parameters set here cannot be overridden in the URL
239$PHPTHUMB_DEFAULTS_DISABLEGETPARAMS  = false; // if true, GETstring parameters will be ignored (except for 'src') and only below default parameters will be used; if false, both default and GETstring parameters will be used (depending on $PHPTHUMB_DEFAULTS_GETSTRINGOVERRIDE). Will be auto-set true if !empty($PHPTHUMB_CONFIG['cache_default_only_suffix'])
240
241//$PHPTHUMB_DEFAULTS['w']    = 200;
242//$PHPTHUMB_DEFAULTS['fltr'] = array('blur|10');
243//$PHPTHUMB_DEFAULTS['q']    =  90;
244
245
246/* END DEFAULT PARAMETERS SECTION */
247
248
249
250//////////////////////////////////////////////////////////////////////////////
251// Function for generating hashed calls to phpThumb if 'high_security_enabled'
252// example:
253//   require_once('phpThumb/phpThumb.config.php');
254//   echo '<img src="'.htmlspecialchars(phpThumbURL('src=/images/pic.jpg&w=50', '/phpThumb/phpThumb.php')).'">';
255
256$GLOBALS['PHPTHUMB_CONFIG'] = $PHPTHUMB_CONFIG;
257function phpThumbURL($ParameterString, $path_to_phpThumb='phpThumb.php') {
258	global $PHPTHUMB_CONFIG;
259	if (is_array($ParameterString)) {
260		$ParameterStringArray = $ParameterString;
261	} else {
262		parse_str($ParameterString, $ParameterStringArray);
263	}
264	$ParamterStringEncodedArray = array();
265	foreach ($ParameterStringArray as $key => $value) {
266		if (is_array($value)) {
267			// e.g. fltr[] is passed as an array
268			foreach ($value as $subvalue) {
269				$ParamterStringEncodedArray[] = $key.'[]='.rawurlencode($subvalue);
270			}
271		} else {
272			$ParamterStringEncodedArray[] = $key.'='.rawurlencode($value);
273		}
274	}
275	$ParameterString = implode($PHPTHUMB_CONFIG['high_security_url_separator'], $ParamterStringEncodedArray);
276	return $path_to_phpThumb.'?'.$ParameterString.$PHPTHUMB_CONFIG['high_security_url_separator'].'hash='.hash_hmac('sha256', $ParameterString, $PHPTHUMB_CONFIG['high_security_password']);
277}
278