This article is called extended guide is because there is already a security guide in the Yii tutorial security section. but that guide is not complete in the sense that it does not rise the developers' attention to some other commonly happening attacks: SQL injection and magic URL, which can be major vulnerabilities in your application without much caring.
Few days ago i was playing with TCPF plugin to create a PDF files. Since i have checked few available extension and also checked some forum threads but still i dont get my expected result for PDF file.
This little tutorial explains a way how you can retrieve more parameters from Yii::app()->user by adding a component that extends CWebUser and retrieves the user information from database table named User.
A common source of confusion among new Yii users is how the 'safe' validator works, how it works with other validators, and why it's necessary in the first place. This article means to clear up this confusion, as well as explain the notion of Massive Assignment.
The popular CListView and CGridView widgets each take a data provider and iterate over each data object produced, calling the user's code to render each row one at a time, and most are familiar with the use of the $data variable to represent the current model object or array.