Managing WordPress Roles and Capabilities

The WordPress permissions system is pretty straight forward, each task a user performs on a WordPress installation requires the capability to perform that task. These capabilities are how a WordPress installation can allow authors to write articles but not edit plugins, or allow editors to manipulate content but not change a theme. more…




Create an Authentication Listener in Symfony 2

It is possible to subscribe to many events in Symfony 2, and login events are no different. You may want to have an authentication listener that increments a user’s failed login attempts so an account can be locked or you may want to set the last login date for a user on a successful login. more…


Adding an AJAX Login Form to a Symfony Project

Adding an AJAX powered login form to a Symfony 2 project is pretty simple, but there are a few things to cover. The first is that the Symfony firewall handles authentication by sending a form to the route defined in the app/config/security.yml as the check_path for the firewall. So to login using AJAX, a form needs to be posted to that route along with a few fields, _username, _password, _remember_me, and if you’ve enabled CSRF for your form, the _csrf_token, field. more…