Download the PHP package ctrbts/secure-timthumb without Composer

On this page you can find all versions of the php package ctrbts/secure-timthumb. It is possible to download/install these versions without Composer. Possible dependencies are resolved automatically.

FAQ

After the download, you have to make one include require_once('vendor/autoload.php');. After that you have to import the classes with use statements.

Example:
If you use only one package a project is not needed. But if you use more then one package, without a project it is not possible to import the classes with use statements.

In general, it is recommended to use always a project to download your libraries. In an application normally there is more than one library needed.
Some PHP packages are not free to download and because of that hosted in private repositories. In this case some credentials are needed to access such packages. Please use the auth.json textarea to insert credentials, if a package is coming from a private repository. You can look here for more information.

  • Some hosting areas are not accessible by a terminal or SSH. Then it is not possible to use Composer.
  • To use Composer is sometimes complicated. Especially for beginners.
  • Composer needs much resources. Sometimes they are not available on a simple webspace.
  • If you are using private repositories you don't need to share your credentials. You can set up everything on our site and then you provide a simple download link to your team member.
  • Simplify your Composer build process. Use our own command line tool to download the vendor folder as binary. This makes your build process faster and you don't need to expose your credentials for private repositories.
Please rate this library. Is it a good library?

Example code of ctrbts/secure-timthumb

Informations about the package secure-timthumb

Secure TimThumb (Modern Refactor)

A secure, modern rewrite of the timthumb.php script. This project aims to provide a drop-in replacement for legacy systems that still rely on TimThumb, mitigating the critical RCE and file inclusion vulnerabilities present in the original version.

⚠️ WARNING: This library is intended for legacy maintenance. For new projects, maybe you prefer a modern solutions like Intervention Image or cloud-based services.

Key Security Improvements

Installation

Option A:

Composer (Recommended)

Option B:

Drop-in Replacement (Manual)

  1. Download TimThumb.php from this repository.
  2. Replace your existing timthumb.php file.
  3. Ensure the cache directory exists and is writable by the web server.

Configuration

You can configure the script by instantiating the class with an array of options (if using as a library) or by editing the default config array at the top of the TimThumb.php file (if using as a standalone script).

Attribution & Transparency

Maintainer: Fernando Merlo Original Authors: Ben Gillbanks & Mark Maunder

Refactor Note: This codebase was refactored with the assistance of AI tools to analyze historical security flaws and implement modern PHP security standards (PSR, Strict Types, Exception Handling).

Disclaimer: This software is provided "as is", without warranty of any kind. Use at your own risk.

All versions of secure-timthumb with dependencies

PHP Build Version
Package Version
Requires php Version >=7.4
ext-gd Version *
ext-curl Version *
ext-fileinfo Version *
ext-json Version *
Composer command for our command line client (download client) This client runs in each environment. You don't need a specific PHP version etc. The first 20 API calls are free. Standard composer command

The package ctrbts/secure-timthumb contains the following files

Loading the files please wait ...