} } if (@$PHPTHUMB_CONFIG['high_security_enabled']) { if (!@$_GET['hash']) { $phpThumb->ErrorImage('ERROR: missing hash'); } elseif (strlen($PHPTHUMB_CONFIG['high_security_password']) < 5) { $phpThumb->ErrorImage('ERROR: strlen($PHPTHUMB_CONFIG[high_security_password]) < 5'); } elseif ($_GET['hash'] != md5(str_replace('&hash=' . $_GET['hash'], '', $_SERVER['QUERY_STRING']) . $PHPTHUMB_CONFIG['high_security_password'])) { $phpThumb->ErrorImage('ERROR: invalid hash'); } } //////////////////////////////////////////////////////////////// // Debug output, to try and help me diagnose problems $phpThumb->DebugTimingMessage('phpThumbDebug[0]', __FILE__, __LINE__); if (@$_GET['phpThumbDebug'] == '0') { $phpThumb->phpThumbDebug(); } //////////////////////////////////////////////////////////////// // returned the fixed string if the evil "magic_quotes_gpc" setting is on if (get_magic_quotes_gpc()) { // deprecated: 'err', 'file', 'goto', $RequestVarsToStripSlashes = array('src', 'wmf', 'down'); foreach ($RequestVarsToStripSlashes as $key) { if (isset($_GET[$key])) { if (is_string($_GET[$key])) { $_GET[$key] = stripslashes($_GET[$key]); } else { unset($_GET[$key]); } } }