Created 2 years ago by Boaz – Tips – 0 comments – viewed 18,449 times
( +5 )
When you're filling up a form of a CActiveRecord (using CActiveForm for example), usually you'll construct your code so that in case of validation error you'll get back the form with the error displayed back to you, typically when CActiveForm.errorSummary() is used. This is how its done by Gii.
This article is called extended guide is because there is already a security guide in the Yii tutorial security section. but that guide is not complete in the sense that it does not rise the developers' attention to some other commonly happening attacks: SQL injection and magic URL, which can be major vulnerabilities in your application without much caring.
When using the latest stable jQuery UI themes (1.8.10) with Yii 1.1.6 (which uses 1.8.6) the widgets don't appear (they're invisible but they're there). In order to make them visible you need to change the following line:
CFormatter is one of Yii's core components and used to format values displayed in widgets like CGridView or CDetailView. All classic formats like numbers, text, urls or datetime are supported but you may have to use a formatting rule that isn't built in. Let's say we want to display arrays of strings (like tags associated with a product model). When using CDetailView we would usually make use of PHPs implode function to create a simple string value of all values in the $product->tags array.