Wiki

Articles tagged with "session", sorted by viewsX
Displaying 1-9 of 9 result(s).

How to validate CSRF token with session

Created 3 years ago by yangmlsHow-tos1 comment – viewed 34,094 times – ( +20 ) – version 1.1
First of all, You must change component config to enable the default Yii CSRF validation.
tags: CSRF, session

Single sign on across multiple subdomains

Created 3 years ago by ianarĂ©How-tos9 comments – viewed 30,119 times – ( +31 ) – version 1.1
This had me stumped for a while so I figured it would be nice to share here to avoid others the grief.

Manage (Target) Language in Multilingual Applications + A Language Selector Widget (i18n)

Created 2 years ago by c@cbaTutorials10 comments – viewed 27,659 times – ( +15 ) – version 1.1
In case of a multilingual application, one might consider it a reasonable approach to store the preferred language of the user in a session variable, and after that, every time a page is requested, to check this session variable and render the page in the indicated language. This tutorial shows a Yii-way of doing this. We implement an event handler for the onBeginRequest event; as the name of the event suggests, this event handler will be called at the beginning of each request, so its a good place to check whether a language is provided (via post, session or cookie) and set the application language accordingly. We also implement a simple Language-Selector Widget, which can render the language options as ajax-links or as a drop-down list.

Using loginRequiredAjaxResponse to solve ajax session timeout

Created 2 years ago by RutgerHow-tos3 comments – viewed 19,089 times – ( +12 ) – version 1.1
This solution requires Yii 1.1.9 or above

Show captcha after <N> unsuccessfull attempts

Created 2 years ago by zitterHow-tos7 comments – viewed 14,675 times – ( +14 / -4 ) – version 1.1
In this mini howto I would like to show how to add a required captcha field in the login form, after a defined number of unsuccessfull attempts. To do this, I will use the blog demo that you have in default Yii download package (path/to/yii/demos/blog).

Checking for "expired" sessions/logins on the client side

Created about a year ago by le_topHow-tos0 comments – viewed 13,708 times – ( +5 ) – version 1.1
Getting "Expired token" errors ? Here is a solution to avoid invalid CSRF on POST or ajax requests, or user identity changes.

Configuring different sessions for backend and frontend in Yii advanced app

Created 6 months ago by Kartik VHow-tos1 comment – viewed 4,026 times – ( +32 ) – version 2.0
After you have setup your Yii2 advanced application, you now have setup your user authentication for both frontend and backend. However, if you have first logged into frontend, and try to access backend from the same client machine, you see no login screen, but find yourself automatically logged in.

Make the authentication more securely

Created 5 months ago by KonApazTutorials1 comment – viewed 2,443 times – ( +3 ) – version 1.1
Suppose a hacker has an account of your website He could set the PHPSESSID to empty After of that He login in your system The PHPSESSID remains blank and user has already logged with this session

Yii2: Configuring different sessions for backend and frontend in Yii Advanced Application Template

Created 21 days ago by hrnairHow-tos2 comments – viewed 1,858 times – ( +1 ) – version 2.0
This is as an extension of this wiki by Kartik V which shows to make different enableAutoLogin cookies for frontend and backend.