khashnan / timthumb

Automatically exported from code.google.com/p/timthumb
0 stars 0 forks source link

Changing order of GET parameters re-caches an image #283

Closed GoogleCodeExporter closed 8 years ago

GoogleCodeExporter commented 8 years ago
What steps will reproduce the problem?
1. Access timthumb.php?src=example.jpg&w=200
2. Access timthumb.php?w=200&src=example.jpg 

What is the expected output? What do you see instead?
Expected: The already cached file is returned.
Actual: File is re-processed and re-cached.

What version of the product are you using? On what operating system?
2.8.2

Please provide any additional information below.
I suspect this is from including $_SERVER ['QUERY_STRING'] in the md5sum used 
as the cached image's filename.

Examples:
line 251:
this->cachefile = $this->cacheDirectory . '/' . $cachePrefix . md5($this->salt 
. $_SERVER ['QUERY_STRING'] . $this->fileCacheVersion) . FILE_CACHE_SUFFIX;

line 263:
$this->cachefile = $this->cacheDirectory . '/' . $cachePrefix . md5($this->salt 
. $this->localImageMTime . $_SERVER ['QUERY_STRING'] . $this->fileCacheVersion) 
. FILE_CACHE_SUFFIX;

Original issue reported on code.google.com by dasu...@gmail.com on 8 Nov 2011 at 3:37

GoogleCodeExporter commented 8 years ago
Quick fix:

Make a new function:

protected function sortQueryStr($string){
    //BECAUSE THIS CAN'T BE A ONE-LINER.
    $arr = explode('&', $string);
    asort($arr);
    return implode('&', $arr);
}

Then wrap "$_SERVER ['QUERY_STRING']" on those 2 lines with the new function, 
like:

$this->sortQueryStr($_SERVER ['QUERY_STRING'])

This resolved the issue for me.

Original comment by dasu...@gmail.com on 8 Nov 2011 at 7:19

GoogleCodeExporter commented 8 years ago
Is this a problem? How often are you going to change the query string order for 
the images on your site? Just trying to work out how it would affect people 
negatively

Original comment by BinaryMoon on 24 Nov 2011 at 8:55

GoogleCodeExporter commented 8 years ago
In my personal copy of timthumb, I added a rather CPU intensive dithering 
algorithm as a thumbnailing option. This addition reduces the chance that a 
curious user who's playing with the query string will trigger a (lengthy) 
regeneration of the thumbnail. It also mildly reduces cache storage overhead by 
only saving one copy of an image for any fixed set of query string parameters, 
regardless of GET variable order.

I suspect this is an issue that won't perceptibly affect most timthumb users, 
but I felt it would be useful to bring it to your attention as a possible area 
of optimization.

Original comment by dasu...@gmail.com on 24 Nov 2011 at 3:53

GoogleCodeExporter commented 8 years ago
I don't think this will affect a large amount of people but I like the idea of 
keeping things clean so I have added it in :)

This will be added in the next commit

Original comment by BinaryMoon on 24 Nov 2011 at 10:50