Wiki

Articles tagged with "session"X
Displaying 1-8 of 8 result(s).

Make the authentication more securely

Created 4 months ago by KonApazTutorials1 comment – viewed 2,161 times – ( +2 ) – version 1.1
Suppose a hacker has an account of your website He could set the PHPSESSID to empty After of that He login in your system The PHPSESSID remains blank and user has already logged with this session

Configuring different sessions for backend and frontend in Yii advanced app

Created 5 months ago by Kartik VHow-tos0 comments – viewed 3,074 times – ( +30 ) – version 2.0
After you have setup your Yii2 advanced application, you now have setup your user authentication for both frontend and backend. However, if you have first logged into frontend, and try to access backend from the same client machine, you see no login screen, but find yourself automatically logged in.

Checking for "expired" sessions/logins on the client side

Created about a year ago by le_topHow-tos0 comments – viewed 13,209 times – ( +5 ) – version 1.1
Getting "Expired token" errors ? Here is a solution to avoid invalid CSRF on POST or ajax requests, or user identity changes.

Show captcha after <N> unsuccessfull attempts

Created 2 years ago by zitterHow-tos7 comments – viewed 14,294 times – ( +14 / -4 ) – version 1.1
In this mini howto I would like to show how to add a required captcha field in the login form, after a defined number of unsuccessfull attempts. To do this, I will use the blog demo that you have in default Yii download package (path/to/yii/demos/blog).

Using loginRequiredAjaxResponse to solve ajax session timeout

Created 2 years ago by RutgerHow-tos3 comments – viewed 18,694 times – ( +12 ) – version 1.1
This solution requires Yii 1.1.9 or above

Manage (Target) Language in Multilingual Applications + A Language Selector Widget (i18n)

Created 2 years ago by c@cbaTutorials10 comments – viewed 27,117 times – ( +15 ) – version 1.1
In case of a multilingual application, one might consider it a reasonable approach to store the preferred language of the user in a session variable, and after that, every time a page is requested, to check this session variable and render the page in the indicated language. This tutorial shows a Yii-way of doing this. We implement an event handler for the onBeginRequest event; as the name of the event suggests, this event handler will be called at the beginning of each request, so its a good place to check whether a language is provided (via post, session or cookie) and set the application language accordingly. We also implement a simple Language-Selector Widget, which can render the language options as ajax-links or as a drop-down list.

How to validate CSRF token with session

Created 2 years ago by yangmlsHow-tos1 comment – viewed 33,276 times – ( +20 ) – version 1.1
First of all, You must change component config to enable the default Yii CSRF validation.
tags: CSRF, session

Single sign on across multiple subdomains

Created 3 years ago by ianarĂ©How-tos9 comments – viewed 29,264 times – ( +31 ) – version 1.1
This had me stumped for a while so I figured it would be nice to share here to avoid others the grief.