Wiki Follow @yiiframework

There Is Now A cpasswordhelper Class In system.utils at GitHub that provides an API to simplify the use of crypt() for password storage. While this wiki article remains valid, it will in due course be rewritten to refer to the new class as well as explain how it works.

The Portable PHP password hashing framework allows advanced password hashing offering increased security over simple MD5- or SHA1-hashed passwords. phpass is already in use in some larger projects such as WordPress (since v2.5), Drupal 7 and phpBB 3.

This tutorial will show you how to use the Pogostick Yii Extension Library to make an HTML TEXTAREA input element into a full-fledged WYSIWYG editor pretty much with very little code.

After creating an yii app . we need to implement permission, Authentication and Authorization .so the best way is to use the Yii users and Rights modules.

I recently created a project called Yii-App on GitHub to kickstart my development of smaller Yii applications. The main goal of the project is to provide a ready-to-use application template that includes my bootstrap extension and many other useful extensions. After reading this article you will be able to use this project as a starting point for all of your Yii projects.

In this mini howto I would like to show how to add a required captcha field in the login form, after a defined number of unsuccessfull attempts. To do this, I will use the blog demo that you have in default Yii download package (path/to/yii/demos/blog).

This article tries to explain the steps required in integrating the HybridAuth into Yii directly, without using an extension.

This is a very simple tutorial that demonstrates how to redirect user back to the returnUrl if he is already logged in.

In this wiki, I try to implement a simple authorization schema without putting much logic inside a file or into database table. We are constructing authorization hierarchy inside the controller. We are getting roles for the current user from database table and assigning only roles to user that are declared in the particular controller. We have brought down the work of loading of auth data at main application level to controller level. This way we have pulverised auth data for entire site into smaller units. Finally we are going to look at couple of examples.