I like programing on my localhost, however it really bugged me to make changes to index.php & config files on my production server. After combining all available wiki articles on this topic and some trial and error this is what I use for my applications so I could just upload it to production server and it will work without any changes.
There are situations in which Active Record will generate nonsense queries from what a nieve Yii user might think is reasonable code. One such situation is a CActiveDataProvider using CDbCriteria to get data from parent and 1:n child table with a condition on the child table.
If you have to display a overview of related data in a table,
you can use the CListView, create your view with table/tr/td tags
and implement db-queries in the view to display detaildata of the current (master-)record.
This article is called extended guide is because there is already a security guide in the Yii tutorial security section. but that guide is not complete in the sense that it does not rise the developers' attention to some other commonly happening attacks: SQL injection and magic URL, which can be major vulnerabilities in your application without much caring.