How to prevent someone or some role from accessing the WordPress admin panel

It might be required sometime to prevent a user or all users with a specific role from accessing the WordPress admin panel. It’s not tough. Let’s think that we want that all users with author role will not be able to access the admin panel. All you have to do is just add the following… Continue reading How to prevent someone or some role from accessing the WordPress admin panel

Automated Rsync – without compromising security

Rsync is one of the most popular tools to synchronize data between two computers, and used mostly in taking backups using this sync feature. It’s easy to use and only uploads the changed files when a sync is necessary, so it’s effective in saving bandwidth and time too. To run rsync, you need root or… Continue reading Automated Rsync – without compromising security

Create personalized phar files in PHP

Created a screencast to show how you can create phar files, most importantly personalized phar files to store some information inside it and protect it using user’s password. Those information is usable only when user providers a correct password. For packaging, I used http://box-project.org which is an excellent phar packager. I’ve also used two functions… Continue reading Create personalized phar files in PHP

How to login a user programatically in Symfony2

Sometime, you may need to log in an user manually from code, instead of generic form based log in. To do it, you need to use Two Security component “UsernamePasswordToken” and “InteractiveLoginEvent”. We will also use another exception object “UsernameNotFoundException” if the user is not found. [sourcecode language=”php”] use Symfony\Component\Security\Core\Authentication\Token\UsernamePasswordToken; use Symfony\Component\Security\Http\Event\InteractiveLoginEvent; use Symfony\Component\Security\Core\Exception\UsernameNotFoundException; [/sourcecode]… Continue reading How to login a user programatically in Symfony2

Massive security flaw in Facebook and why should they fix it immediately before I take your girlfriend out to dinner tonight

Ok, Facebook Groups has a huge security flaw by which any group member  can pretend to be anyone else in that group, and post in the group on behalf of that user. It is FATAL. I’ve reported to Facebook and I hope they should take immediate action for it. I had disclosed it in details… Continue reading Massive security flaw in Facebook and why should they fix it immediately before I take your girlfriend out to dinner tonight

Story about Blue E, iFramed Web Application, Wastage of 6 hours, Missed Lunch and what not!

Long story short, I was developing a Facebook page application which runs from inside a page tab. Such applications runs inside an iframe on Facebook Fanpage. Everything was going perfectly, until, we started checking it in IE!! The symptoms were simple, PHP Session is not working when user logs in. The application works perfectly in… Continue reading Story about Blue E, iFramed Web Application, Wastage of 6 hours, Missed Lunch and what not!