Yii's by-default directory organization works well enough, but there are several steps one can take that improve the security and serviceability of the system, especially in the context of multiple Yii projects on the same machine (including multiple versions of the same project).
I installed phpseclib because I needed to do some AES encryption in my project. After all the hassle of installing php lib, I found out that Yii already has a security module (securityManager). I finally decided to keep using phpseclib because it has one big advantage over Yii securityManager module, it does not requite mcrypt to be installed in the phpserver!
Info: As KCFinder's documentation mentions, if your application (Yii in our case) session handling is using the PHP environment configuration - meaning no change in session handling at all, then no change is needed also on KCFinder side to be able to use this session and thus have this simple interface between your Yii webapp and KCFinder. If that's your case then you probably need not read the rest of this article but rather just make sure that before a user attempts to upload or browse your server a session variable is already set for him (or her) with his specific configuration already waiting for KCFinder there. What can this session interface be useful for? For example, for having per-user upload directory. You could have uploadURL variable established in the session variable to contain the user's id. When an upload or browse use case will occur, the client side will trigger the KCFinder completely decoupled from the Yii application. Yet, since you've already synced your user-specific-configuration with KCFinder via the session, KCFinder will pick it up and use it.
Relational databases do not support inheritance so if we need to represent it, we have to somehow store meta info while keeping performance by minimizing JOINs. One way to solve this problem is using single table inheritance. All fields for the whole class tree are stored in a single table. Class name is stored in the type field of the same table.
It seems many people is trying to make Wordpress and Yii work together. I got stuck with the same problem, but now I think I have achieved doing it, after a lot of hard thinking and many work hours spent.
This is a reference to be used for Model rule validation and is compiled from the Yii documentation and code. The purpose is to have all the information gathered in one place instead of scattered. This reference is not an intro.
See The Definitive Guide to Yii, Declaring Validation Rules for a tutorial.