0

There are slightly less than a billion similar questions on SO, with about the same number of reasons for the error. I just don't seem to find mine.

Kwicks accordian and the jQuery Easing plugin have been working for some time on my site and I'm unaware of any change that I have made that would cause them to misbehave:

http://donmorris.com

My console is showing two errors as I move my mouse over the accordian:

Uncaught TypeError: Object #<Object> has no method 'easeOutCubic'
Uncaught TypeError: Property 'undefined' of object #<Object> is not a function

These seem to point to jquery.easing.js not being loaded, but that doesn't seem to be the case. Could someone here with sharper eyes please point out my mistake?

User login session variable. Is it possible to spoof session variable? PHP

When user logs in I use the following strategy to authenticate user:

  1. Username and Password are present in database along with unique Token and Session Identifier
  2. Set session variable $_SESSION['logged_in'] = true if above returns true
  3. On every page (basecontroller) checks if ($_SESSION['logged_in'] > 0) otherwise redirects to login page.

Is it possible that a hacker might somehow set $_SESSION['logged_in'] = true; ? Do I have a security issue with the above strategy?

Please give me an article or anything that can help me make it more secure.

4

1 に答える 1

3

jQuery を 3 回リンクしましたが、少なくとも 2 回は異なるバージョンです。開発者ツールでページを確認するか、ページのソースを表示してください。ajax.googlapis.com からの追加の 2 つのインスタンスがあるため、drupal モジュールの 1 つからのものである必要があります。

于 2013-08-05T20:55:10.807 に答える