Home Forums WordPress Plugins Hide My WP Timthumb error

This topic is: not resolved
Viewing 5 posts - 1 through 5 (of 5 total)
  • Author
    Posts
  • September 15, 2013 at 7:18 pm #107
    MGK
    Post count: 5

    Dear Hide-My-WP team,

    I am experiencing an issue with the Timthumb.php file…I read many comments with same issue and your answers and also your guidelines in the FAQ but I couldnt get the right solution to my issue.

    I am working offline (WAMP server) so I can’t provide online links but I’ll be as clear as I can:

    The base url of the wordpress website is : http://xx/new/

    I am using a plugin that uses timthumb.php and the thumbs are called using this kind of links:

    http://xx/new/plugins/1e08d426/admin/timthumb.php?src=http%3A%2F%2Fxx%2Fnew%2Fwp-content%2Ffancygallery%2F

    the images are in wp-content/fancygallery/ subfolders

    what i am trying to do is to change this portion of the url (i.e. wp-content/fancygallery/) to “gal” so that the images would be called like this :

    http://xx/new/plugins/1e08d426/admin/timthumb.php?src=http%3A%2F%2Fxx%2Fnew%2Fgal%2F

    I added in the Replace URLS field : 

    wp-content/fancygallery/==gal/

    because I have other references to wp-content/fancygallery/ that I wanted to change to gal/

    In the Replace HTML field I added : 

    timthumb.php?src[equal]http%3A%2F%2Fxx%2Fnew%2Fwp-content%2Ffancygallery%2F = timthumb.php?src[equal]http%3A%2F%2Fxx%2Fnew%2Fgal%2F

    While direct access to the images through links like this works:
    http://xx/new/gal/1/2/xx.jpg
    those ones, dont :

    http://xx/new/plugins/1e08d426/admin/timthumb.php?src=http%3A%2F%2Fxx%2Fnew%2Fgal%2F1%2F2%2Fxx.jpg&w=64&h=81&zc=1&q=100

    What have I done wrong ?

    I tried with relative urls, but it doenst work neither

    Ps: I excluded timthumb.php (the direct access part).

    Thanks for your time and help !

    September 16, 2013 at 8:11 am #108
    Hassan
    Post count: 955

    Hi-

    Well, as I said in that FAQ TimThumb doesn’t support virtual addresses so you can’t change it to new name ‘gal’. Instead, you have to use relative URLs. Something like below:

    http://xx/new/plugins/1e08d426/admin/timthumb.php?src=../../../fancygallery/

    Therefor, you should have following in Replace in HTML:
    timthumb.php?src[equal]http%3A%2F%2Fxx%2Fnew%2Fwp-content%2Ffancygallery%2F = timthumb.php?src[equal]..%2F..%2F..%2Ffancygallery%2F

    You can still use ‘gal’ name by renaming fancygallery folder in wp-content and using this rule:
    timthumb.php?src[equal]http%3A%2F%2Fxx%2Fnew%2Fwp-content%2Ffancygallery%2F = timthumb.php?src[equal]..%2F..%2F..%2Fgal%2F

    But you may have difficulties in admin section as Replace in HTML doesn’t work in backend.

    PS:
    You can always use New Upload Path or Replace URLs to change other (non-TimThumb) URLs.

    September 16, 2013 at 8:21 am #109
    MGK
    Post count: 5

    Hello,

    Thanks for your support !

    I tried also with relative path 

    timthumb.php?src[equal]http%3A%2F%2Fxx%2Fnew%2Fwp-content%2Ffancygallery%2F = timthumb.php?src[equal]..%2F..%2F..%2Ffancygallery%2F

    and got the same issue (i.e. Could not find the internal image you specified. when looking at the image timthumb link).

    I am guessing it comes from the relative path.
    I tried adding those two lines in the htaccess (with customized htaccess checked and hidemywp lines added to the htaccess)

    SecFilterEngine Off
SecFilterScanPost Off

    but i got a 500 error.

    I have access to the php.ini (on my offline and online servers), is there any other solution ? (secured)

    Thanks in advance for your time

    September 20, 2013 at 8:09 am #122
    MGK
    Post count: 5

    Hello,

    did you had a chance to look at my issue please ?

    Thank you very much in advance !

    Michel

    September 21, 2013 at 9:02 am #127
    Hassan
    Post count: 955

    Sorry for such a long delay, I was working on new version. 😐

    If it was online I could take a look and try different possibilities.

    First make sure this works, if not means our path are wrong:
    http://xx/new/plugins/1e08d426/admin/timthumb.php?src=http://xx/new/wp-content/fancygallery/1/2/xx.jpg

    Now try these other possibilities:
    http://xx/new/plugins/1e08d426/admin/timthumb.php?src=../../../../fancygallery/1/2/xx.jpg

    http://xx/new/plugins/1e08d426/admin/timthumb.php?src=../../../fancygallery/1/2/xx.jpg

    http://xx/new/plugins/1e08d426/admin/timthumb.php?src=../../fancygallery/1/2/xx.jpg

    If one of above works means we found the solution and only need a rule to replace old URLs with new ones.

    Also try this one, (the same but removed %2F from second part)
    timthumb.php?src[equal]http%3A%2F%2Fxx%2Fnew%2Fwp-content%2Ffancygallery%2F = timthumb.php?src[equal]../../../fancygallery/

    I haven’t experience with mod_security but error 500 usually means your htaccess syntax is wrong.

  • Author
    Posts
Viewing 5 posts - 1 through 5 (of 5 total)

You must be logged in to reply to this topic.