• 25,450
  • +1,003
  • 2,796
TimThumb readfile() has been disabled for security reasons

TimThumb readfile() has been disabled for security reasons

Bookmark

Type : Tips and Trick Level : Easy Yesterday while adding some content to this site, I'm a little bit strange because the thumbnails didn't show up correctly and it's just an empty box showed up… The first thing I do was checking the error_log inside my timthumb.php folder location, and then I found this message "readfile() has been disabled for security reasons" on my error_log file. It's a little bit strange, because two days ago(March 18, 2012) I still can view the thumbnails….so I make a temporary conclusion that this maybe because of my hosting provider didn't allow readfile() function. The step I can take was to change the readfile() function into another function that has same functionality… Open your timthumb.php file using your wordpress appearance editor and then press CTRL + F to find the readfile() function. You can replace it with file_get_contents() or include(), so the script will be like this Before :

header ('Content-Length: ' . filesize($file) );
header ('Cache-Control: no-store, no-cache, must-revalidate, max-age=0');
header ("Pragma: no-cache");
$bytes = @readfile($file);
if($bytes > 0){
    return true;
}

After :

header ('Content-Length: ' . filesize($file) );
header ('Cache-Control: no-store, no-cache, must-revalidate, max-age=0');
header ("Pragma: no-cache");
$bytes = @file_get_contents($file);
if($bytes > 0){
    return true;
}

That's it…hope it's useful 🙂

Subscribe Now To Get Latest Tips and Trick on Your E-Mail

Share this article if you found this post was useful:

Blogger at hacking-tutorial.com. Love PHP, offensive security and web. Contact him at me[-at-]vishnuvalentino.com

See all posts by || Visit Website : http://www.vishnuvalentino.com