Demos · Guide · Class Reference · Wiki · Extensions · Forum · Live Chat · Login

Wiki Follow @yiiframework

Displaying 1-4 of 4 result(s).

How to write secure Yii applications

Created about a year ago by François Gannaz – How-tos – 11 comments – viewed 69,288 times – ( +78 )

warning: While this security guide tries to be quite complete, is not exhaustive. If security matters for you, you ought to check several other references.

tags: security, authorization, authentication, XSS, SQL injection

Simple authorization system

Created about a year ago by Gustavo – How-tos – 1 comment – viewed 15,320 times – ( +16 )

How to create a simple (non-RBAC) authorization system

tags: auth, authorization, security

Implementing a Flat User Access System

Created about a month ago by Trejder – How-tos – 0 comments – viewed 1,973 times – ( +6 )

This article shows a quick and easy way to implement flat user access control system. Flat means, that user access is controlled by level only, which is solution exactly opposite to complex RBAC access systems.

tags: rbac, authorization, access control

ACL and RBAC

Created 10 months ago by zeroByte – How-tos – 0 comments – viewed 6,870 times

This HowTo assumes that you have a smattering of ACL in general and of how the acl-extension works basically. It will introduce you into the abstract and give you a hint on how to use Business-Rules. If you have in-depth questions, please refer to the extension documentation. Using ACL in an RBAC-manner cannot and should never obscure the fact that the underlying system is still ACL-based. In fact, the Business-Rules are just another layer in the permission-check plan.

tags: ACL, rbac, Tree structure, authorization, security, scalability

Write new article

Yii Supporters

The Ext4Yii Framework is a professional PHP Yii extension which provides server-side ExtJS functionality.