[eluser]missionsix[/eluser]
Quote:It would check to see if the right sized thumb exists, create it if it doesn’t, and then return the path to the image.
Also, is there any security issues with revealing the path to the user uploaded images (assuming i have permissions set to 755 and not 777)?
This is what I do, but I have a media controller, which serves up images or other media content stored on the server.
An example thumbnail image string would look like this: /media/image/{uniquekey}/?w=250. When an image is called via my media controller it first checks to see if a width or height is set, if not, it does an image pass through and puts the image to the browser. (concealing the stored location).
If a width or height is set, as in my example, then my script first checks if a thumbnail exists for that image & width combination. something like imagename-thumb-250-xxx.jpg would be my thumbnail files. If this file exists, the thumbnail location is sent through the passthrough and the thumb is sent.
And finally, if a w or h is set and the thumbnail does not exist, we create it, store it, and output it.
The best part is, i can conceal my path locations so that no file can be accessed without going through my media controller. If any malicious file were to be uploaded it cannot be executed directly.