CODE
// If an image is found and we can determine that it is an image
if ( $pic )
{
// Get width and height from the image
$width = imagesx( $pic );
$height = imagesy( $pic );
// Width that thumbnail should be
$twidth = $_GET['width'];
If the image is found, we will use the functions
imagesx() and
imagesy() in order to get the width and image from the original image. We now will setup a variable holding the requested width of the image we will generate
CODE
// Valid width?
if ( !is_numeric( $twidth ) || $twidth <= 0 || !intval( $twidth ) || $twidth > $width )
{
exit();
}
We are now checking the values of the width to make sure they are valid in order to generate a thumbnail. If the width is not a number, less than or equal to zero, not an integar, or is greater than the original image's width, we will stop there. This means that we have people messing around with the script. We don't want that now do we.
