Index: timthumb.php
===================================================================
--- timthumb.php	(revision 468863)
+++ timthumb.php	(working copy)
@@ -20,7 +20,9 @@
 	a new version of timthumb.
 
 */
-define ('VERSION', '2.8');										// Version of this script
+define ('VERSION', '2.8');	
+define( 'ALLOW_ALL_EXTERNAL_SITES', true );
+// Version of this script
 //Load a config file if it exists. Otherwise, use the values below.
 if( file_exists('timthumb-config.php')) 	require_once('timthumb-config.php');
 if(! defined( 'DEBUG_ON' ) ) 			define ('DEBUG_ON', false);				// Enable debug logging to web server error log (STDERR)
@@ -215,15 +217,23 @@
 			return false;
 			exit(0);
 		}
+		// Don't do this
+		/*(
 		if(preg_match('/https?:\/\/(?:www\.)?' . $this->myHost . '(?:$|\/)/i', $this->src)){
 			$this->src = preg_replace('/https?:\/\/(?:www\.)?' . $this->myHost . '/i', '', $this->src);
 		}
+		*/
+		
 		if(preg_match('/^https?:\/\/[^\/]+/i', $this->src)){
 			$this->debug(2, "Is a request for an external URL: " . $this->src);
 			$this->isURL = true;
 		} else {
 			$this->debug(2, "Is a request for an internal file: " . $this->src);
 		}
+		
+		// Manually set isURL to true
+		$this->isURL = true;
+		
 		if($this->isURL && (! ALLOW_EXTERNAL)){
 			$this->error("You are not allowed to fetch images from an external website.");
 			return false;
Index: cac-featured-content.php
===================================================================
--- cac-featured-content.php	(revision 468863)
+++ cac-featured-content.php	(working copy)
@@ -441,6 +441,8 @@
 		$resource_title = $instance['resource_title'];
 		$resource_image_source = $instance['resource_image_source'];
 		
+		$this->instance = $instance;
+		
 		/********************
 		 *****Form Data******
 		*********************/
@@ -507,7 +509,10 @@
 			<?php
 			echo $this->getBlogDomainField($blog_domain, true);
 			?>
+			
 			<hr />
+			
+			<p><?php _e( 'Select an image to be shown in the widget. You may enter a URL, or select from the current blog\'s Media Library. If you leave this field blank, an image will be automatically pulled from the blog.', $this->pluginDomain ) ?></p>
 		</div>
 		
 		<div class="cac-featured-resource">
@@ -523,45 +528,42 @@
 			?>
 			<p>You can choose to use an image with an external source, or select an image from the media library.</p>
 			<hr />
-			<p><label for="<?php echo $this->get_field_id('image'); ?>"><?php _e('Image from the media library:', $this->pluginDomain); ?></label>
+		</div>
+		
+		<div class="cac-featured-image">
 			<?php
-				$media_upload_iframe_src = "media-upload.php?type=image&widget_id=".$this->id; //NOTE #1: the widget id is added here to allow uploader to only return array if this is used with image widget so that all other uploads are not harmed.
-				$image_upload_iframe_src = apply_filters('image_upload_iframe_src', "$media_upload_iframe_src");
-				$image_title = __(($instance['image'] ? 'Change Image' : 'Add Image'), $this->pluginDomain);
-			?><br />
-			<a href="<?php echo $image_upload_iframe_src; ?>&TB_iframe=true" id="add_image-<?php echo $this->get_field_id('image'); ?>" class="thickbox-cac-featured-content-widget" title='<?php echo $image_title; ?>' onClick="set_active_widget('<?php echo $this->id; ?>');return false;" style="text-decoration:none"><img src='images/media-button-image.gif' alt='<?php echo $image_title; ?>' align="absmiddle" /> <?php echo $image_title; ?></a>
-			<div id="display-<?php echo $this->get_field_id('image'); ?>"><?php 
-			if ($instance['imageurl']) {
-				echo '<img src="'.get_bloginfo('wpurl').'/wp-content/plugins/cac-featured-content/timthumb.php?src='.$this->get_fully_qualified_image_path($instance['imageurl']).'&w=50&q=100" class="avatar" width="50" hight="50"/>';
-				// echo "<img src=\"{$instance['imageurl']}\" alt=\"{$instance['image_title']}\" style=\"";
-				// 					if ($instance['width'] && is_numeric($instance['width'])) {
-				// 						echo "max-width: {$instance['width']}px;";
-				// 					}
-				// 					if ($instance['height'] && is_numeric($instance['height'])) {
-				// 						echo "max-height: {$instance['height']}px;";
-				// 					}
-				// 					echo "\"";
-				// 					if (!empty($instance['align']) && $instance['align'] != 'none') {
-				// 						echo " class=\"align{$instance['align']}\"";
-				// 					}
-				// 					echo " />";
-			}
+			echo $this->getImageSelectionFields();
 			?>
-			<br />
-			<a class="remove">Remove image</a>
-			</div>
-			<input id="<?php echo $this->get_field_id('image'); ?>" name="<?php echo $this->get_field_name('image'); ?>" type="hidden" value="<?php echo $instance['image']; ?>" />
-			</p>
-			<?php
-			echo $this->getResourceImageSourceField($resource_image_source, true);
-			?>
-			<?php
-			echo $this->getImageCropRuleField($image_crop_rule, true);
-			?>
 		</div>
 <?php
 	}
 	
+	function getImageSelectionFields() {
+		$instance = $this->instance;
+		
+		$media_upload_iframe_src = "media-upload.php?type=image&widget_id=".$this->id; //NOTE #1: the widget id is added here to allow uploader to only return array if this is used with image widget so that all other uploads are not harmed.
+		$image_upload_iframe_src = apply_filters('image_upload_iframe_src', "$media_upload_iframe_src");
+		$image_title = __(($instance['image'] ? 'Change Image' : 'Add Image'), $this->pluginDomain);
+		
+		$image_markup = !empty( $instance['imageurl'] ) ? '<img src="' . get_bloginfo('wpurl') . '/wp-content/plugins/cac-featured-content/timthumb.php?src=' . $this->get_fully_qualified_image_path( $instance['imageurl'] ) . '&w=50&q=100" class="avatar" width="50" hight="50" />' : '';
+		
+		$out = '<p><label for="' . $this->get_field_id('image') . '">' . __('Image from the media library:', $this->pluginDomain) . '</label>';
+		$out .= '<br />';
+		$out .= '<a href="' . $image_upload_iframe_src . '&TB_iframe=true" id="add_image-' . $this->get_field_id('image') . '" class="thickbox-cac-featured-content-widget" title="' . $image_title . '" onClick="set_active_widget(\'' . $this->id . '\');return false;" style="text-decoration:none"><img src="images/media-button-image.gif" alt="' . $image_title . '" align="absmiddle" />' . $image_title . '</a>';
+		
+		$out .= '<div id="display-' . $this->get_field_id('image') . '">';
+		$out .= $image_markup;
+		$out .= '<br /><a class="remove">Remove image</a>';
+		$out .= '</div>';
+		
+		$out .=	'<input id="' . $this->get_field_id('image') . '" name="' . $this->get_field_name('image') . '" type="hidden" value="' . $instance['image'] . '" /></p>';
+		
+		$out .= $this->getResourceImageSourceField($instance['resource_image_source'], true);
+		$out .= $this->getImageCropRuleField($instance['image_crop_rule'], true);
+		
+		return $out;
+	}
+	
 	function getCropLengthField($value, $pWrap = false) {
 		$labelText = "<b>Crop length: </b>Please enter the length (in characters) that you want to crop text by: <br/>";
 		$label = '<label for="'.$this->get_field_id('crop_length').'">'.$labelText.'</label>';
@@ -827,8 +829,18 @@
 		
 		if ( !$width = (int)$this->image_width )
 			$width = '100';
+			
+		$imageurl = false;
+		if ( $this->imageurl ) {
+			$imageurl = $this->imageurl;
+		} elseif( $this->resource_image_source ) {
+			$imageurl = $this->resource_image_source;
+		}
 		
-		$avatar = bp_core_fetch_avatar( array( 'item_id' => $author_id, 'type' => 'full', 'height' => $height , 'width' => $width, 'no_grav' => false ) );
+		// Trimming escaped spaces
+		$imageurl = trim( $imageurl, '&nbsp;' );
+
+		$avatar = $imageurl ? $this->get_image_markup_from_url( $imageurl ) : bp_core_fetch_avatar( array( 'item_id' => $author_id, 'type' => 'full', 'height' => $height , 'width' => $width, 'no_grav' => false ) );
 		
 		/*************************
 		******Switch Context******
@@ -853,7 +865,7 @@
 		?>
 		<h3><?php echo $header ?></h3>
 			<div>
-				<?php if($the_post_image_link): ?>
+				<?php if($the_post_image_link && !$imageurl): ?>
 					<?php echo $the_post_image_link ?>
 					<!-- <img src="<?php echo get_bloginfo('wpurl');?>/wp-content/plugins/cac-featured-content/timthumb.php?src=<?php echo $the_post_image_link ?>&h=<?php echo $this->image_height ?>&w=<?php echo $this->image_width ?>&q=100&a=c" class="avatar" /> -->
 				<?php else: ?>
@@ -899,13 +911,15 @@
 
 			if ( !empty( $src ) ) {
 				$src = substr( substr( str_replace( 'src=', '', $src[1] ), 0, -1 ), 1 );
-				$height = substr( substr( str_replace( 'height=', '', $height[1] ), 0, -1 ), 1 );
-				$width = substr( substr( str_replace( 'width=', '', $width[1] ), 0, -1 ), 1 );
 
 				if ( empty( $width ) || empty( $height ) ) {
 					$width = 100;
 					$height = 100;
+				} else {	
+					$height = substr( substr( str_replace( 'height=', '', $height[1] ), 0, -1 ), 1 );
+					$width = substr( substr( str_replace( 'width=', '', $width[1] ), 0, -1 ), 1 );
 				}
+
 				// This was modified from the original so that the width gets set to whatever the user has selected in the plugin.
 				if ( (int) $this->image_width ) {
 					$ratio = (int)$height / (int)$width;
@@ -955,10 +969,20 @@
 			$height = $this->image_height;
 		} else {
 			$height = '100';
-		}		
+		}
 		
-		$avatar = apply_filters( 'cac_featured_content_blog_avatar', bp_core_fetch_avatar( array( 'item_id' => $blog_admin_id, 'type' => 'full', 'height' => $height, 'width' => $width, 'no_grav' => false ) ), $blog_id );
+		$imageurl = false;
+		if ( $this->imageurl ) {
+			$imageurl = $this->imageurl;
+		} elseif( $this->resource_image_source ) {
+			$imageurl = $this->resource_image_source;
+		}
 		
+		// Trimming escaped spaces
+		$imageurl = trim( $imageurl, '&nbsp;' );
+		
+		$avatar = $imageurl ? $this->get_image_markup_from_url( $imageurl ) : apply_filters( 'cac_featured_content_blog_avatar', bp_core_fetch_avatar( array( 'item_id' => $blog_admin_id, 'type' => 'full', 'height' => $height, 'width' => $width, 'no_grav' => false ) ), $blog_id, $imageurl );
+		
 		switch_to_blog($blog_id);
 		$posts = get_posts();
 		
@@ -1124,5 +1148,21 @@
 	    </div>
 	<?php
 	}
+	
+	public function get_image_markup_from_url( $url ) {
+		if ( (int) $this->image_width ) {
+			$width = $this->image_width;
+		} else {
+			$width = '100';
+		}
+		
+		if ( (int) $this->image_height ) {
+			$height = $this->image_height;
+		} else {
+			$height = '100';
+		}
+		$out = '<img src="' . WP_PLUGIN_URL . '/cac-featured-content/timthumb.php?src=' .  $url . '&h=' . $height . '&w=' . $width . '&q=100&a=' . $this->image_crop_rule . '" class="avatar" />';
+		return $out;
+	}
 }
 ?>