[technimad]

Thats exacly how I did it, and than the creation of a new cached file was handled by a PHP script ran as the 404 errorHandler which output the image to both the browser and file system.

Still pretty dangerous stuff i.e. ?size=10000x2000000

[noir_lord]

Nah, I'm a cynical fucker, I had...

    $x = $x > 9000 ? 9000 : $x;
    $y = $y > 9000 ? 9000 : $y;

I also had checks for negative values and that what I got actually made sense as an integer, since well it's the internet and a get request, they can put anything.

Tbh even 81MP was pushing it but I got to put the comment

// check and limit maximum image size // it's over 9000!

As someone who was around online back then how could I resist.

EDIT: Just remembered, I had to really resist the urge to change the returned image to a raised middle finger if either parameter was out of limit, not because I didn't think it was funny but because with my luck it'd be me that fat fingered it.