Adding an AJAX powered login form to a Symfony 2 project is pretty simple, but there are a few things to cover. The first is that the Symfony firewall handles authentication by sending a form to the route defined in the app/config/security.yml as the check_path for the firewall. So to login using AJAX, a form needs to be posted to that route along with a few fields, _username, _password, _remember_me, and if you’ve enabled CSRF for your form, the _csrf_token, field. more…
Unit testing PHP classes with private or protected methods and properties can be a real challenge. One solution to the problem is to use a public method that calls the protected method or a getter to access the private property, but that may not be desirable in many instances. more…
Creating a plugin for WordPress is a really simple process and allows you to create reusable code that you can incorporate into any project or share with others. WordPress has some great support for getting started, I recommend you head over to the Writing a Plugin article in the Codex. more…
If you’re using the Twitter v1.1 API to fetch a user’s statuses from their timeline, then you’ve likely come across the fact that user mentions, hashtags, and urls do not have links in the “text” node of the JSON response the API returns. There is no <a> element to follow the link, and there are no links to follow to check out a mention or hashtag on Twitter site. more…
The stock WordPress user profile is fairly limited in the fields it offers. Lets say you want to add a Facebook or Pinterest field to an author profile? There are a few ways we can go about adding some profile information to the user. more…
Accessing PHP variables in javascript using WordPress can come in very handy, especially in plugins or themes that use separate javascript files and php page templates where accessing a variable is not possible to do directly. A great example of where this would be necessary is when you have a string that needs to be translated using PHP but is to be rendered using javascript, maybe in an alert box or error message more…
Cross-site request forgery [CSRF] is a type of attack where a user is tricked/forced into performing an unwanted action on a friendly website that they are authenticated with. For example, if a user is logged into their bank and then visits a malicious site, it is possible that the malicious site can use the user’s session to make requests to the bank server. more…
The Symfony 2 translation service does a fantastic job of translating messages using the file system and translation messages.locale.xliff files. Gathering all of the i18n source phrases to hand off to a translator or translation service can be a major challenge, especially in a large, dynamic website. The goal here is to provide a logging mechanism to add un-translated text to a database more…