0

There are slightly less than a billion similar questions on SO, with about the same number of reasons for the error. I just don't seem to find mine.

Kwicks accordian and the jQuery Easing plugin have been working for some time on my site and I'm unaware of any change that I have made that would cause them to misbehave:

http://donmorris.com

My console is showing two errors as I move my mouse over the accordian:

Uncaught TypeError: Object #<Object> has no method 'easeOutCubic'
Uncaught TypeError: Property 'undefined' of object #<Object> is not a function

These seem to point to jquery.easing.js not being loaded, but that doesn't seem to be the case. Could someone here with sharper eyes please point out my mistake?

User login session variable. Is it possible to spoof session variable? PHP

When user logs in I use the following strategy to authenticate user:

  1. Username and Password are present in database along with unique Token and Session Identifier
  2. Set session variable $_SESSION['logged_in'] = true if above returns true
  3. On every page (basecontroller) checks if ($_SESSION['logged_in'] > 0) otherwise redirects to login page.

Is it possible that a hacker might somehow set $_SESSION['logged_in'] = true; ? Do I have a security issue with the above strategy?

Please give me an article or anything that can help me make it more secure.

4

1 回答 1

3

你有 jQuery 链接 3 次,至少 2 是不同的版本。在开发人员工具中查看您的页面或仅查看页面源代码。它必须来自您的一个 drupal 模块,因为您还有来自 ajax.googlapis.com 的另外 2 个实例。

于 2013-08-05T20:55:10.807 回答