phpThumb - 无效散列 [英] phpThumb - Invalid hash
问题描述
为网站设置phpThumb,并且我想通过对每个图像使用哈希URL来保护脚本。
我在 phpThumb.config.php
中启用了安全选项:
// *安全配置
$ PHPTHUMB_CONFIG ['high_security_enabled'] = true; //如果启用,需要设置'high_security_password'并且需要使用phpThumbURL()函数(在phpThumb.config.php的底部)来生成哈希URL
$ PHPTHUMB_CONFIG ['high_security_password'] =' ;如果'high_security_enabled'为真,并且必须是复杂的(大写,小写,数字,标点符号等 - 标点符号最强,小写字母最弱;请参阅phpThumb.php中的PasswordStrength())。您可以使用像http://silisoftware.com/tools/password-random.php这样的密码生成器来生成强密码
我使用函数phpThumbURL(),如文档中所述;
require_once('img / phpThumb.config.php');
echo'< img src =''。phpThumbURL('src = / wp-content / uploads / 2011/08 / wall140-73.jpg& w = 640& h = 400& zc = 1 ')。'>';
不过,我得到的只是错误:散列无效
我没有使用这个安全选项让phpThumbs工作,但我真的不想让任何人都可以在我的服务器上生成缩略图。
我不明白散列可能无效,为什么它不起作用。
对于我来说,帮助 phpThumb.config.php
底部的INFO b$ b
/////////////////////////////// ///////////////////////////////////////////////
//函数用于生成对phpThumb的哈希调用,如果'high_security_enabled'
//示例:
// require_once('phpThumb / phpThumb.config.php');
// echo'< img src =''。htmlspecialchars(phpThumbURL('src = / images / pic.jpg& w = 50','/phpThumb/phpThumb.php')).'\"> ;
所以要使用thumb函数 htmlspecialchars(phpThumbURL(...)):
$ path ='C:\wamp\www\_img_test\\\'; //你的路径
require_once($ path.'phpThumb\phpThumb.config.php');
$ img ='1.jpg'; //你的图像
$ ParameterString ='w = 200& h = 200'; //你的参数
$ url ='http:// localhost / _img_test /'; //你的URL
$ path = htmlspecialchars(phpThumbURL('src = .. /'。$ img。'&'。$ ParameterString,$ url.'phpThumb / phpThumb.php')) ;
echo'< img src ='。$ path。'>'; //你的图像
echo $ path; // //你的图像路径
当然在phpThumb.config.php中设置:
$ PHPTHUMB_CONFIG ['high_security_enabled'] = true;
$ PHPTHUMB_CONFIG ['high_security_password'] ='V_8r} ZZj-)p4vVx0H6.4'; //你的密码来自:http://silisoftware.com/tools/password-random.php
$ PHPTHUMB_CONFIG ['disable_debug'] = true;
对我来说,它是有效的。
Setting up phpThumb for a website, and I want to secure the script by using hash-url's for each image.
I have enabled the security-option in phpThumb.config.php
:
// * Security configuration
$PHPTHUMB_CONFIG['high_security_enabled'] = true; // if enabled, requires 'high_security_password' set to be set and requires the use of phpThumbURL() function (at the bottom of phpThumb.config.php) to generate hashed URLs
$PHPTHUMB_CONFIG['high_security_password'] = ' '; // required if 'high_security_enabled' is true, and must be at complex (uppercase, lowercase, numbers, punctuation, etc -- punctuation is strongest, lowercase is weakest; see PasswordStrength() in phpThumb.php). You can use a password generator like http://silisoftware.com/tools/password-random.php to generate a strong password
I use the function phpThumbURL() as described in the documentation;
require_once('img/phpThumb.config.php');
echo '<img src="'.phpThumbURL('src=/wp-content/uploads/2011/08/wall140-73.jpg&w=640&h=400&zc=1').'">';
Still, all I get is Error: Invalid hash
I got phpThumbs to work without this security-option, but I really do not want to have the script open for anyone to generate thumbnail-images on my server.
I don't understand how the hash can be invalid, and why it doesn't work.
For me helped INFO at the bottom of phpThumb.config.php
//////////////////////////////////////////////////////////////////////////////
// Function for generating hashed calls to phpThumb if 'high_security_enabled'
// example:
// require_once('phpThumb/phpThumb.config.php');
// echo '<img src="'.htmlspecialchars(phpThumbURL('src=/images/pic.jpg&w=50', '/phpThumb/phpThumb.php')).'">';
so to make thumb I use function htmlspecialchars(phpThumbURL(...)):
$path = 'C:\wamp\www\_img_test\\'; // YOUR PATH
require_once($path.'phpThumb\phpThumb.config.php');
$img = '1.jpg'; // YOUR IMAGE
$ParameterString = 'w=200&h=200'; // YOUR PARAMS
$url = 'http://localhost/_img_test/'; // YOUR URL
$path = htmlspecialchars(phpThumbURL('src=../'.$img.'&'.$ParameterString, $url.'phpThumb/phpThumb.php'));
echo '<img src="'.$path.'">'; // YOUR IMAGE
echo $path; // // YOUR IMAGE PATH
Of course in phpThumb.config.php set:
$PHPTHUMB_CONFIG['high_security_enabled'] = true;
$PHPTHUMB_CONFIG['high_security_password'] = 'V_8r}ZZj-)p4vVx0H6.4'; // YOUR PASSWD from: http://silisoftware.com/tools/password-random.php
$PHPTHUMB_CONFIG['disable_debug'] = true;
For me it works.
这篇关于phpThumb - 无效散列的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!