Update: This wiki has been rewritten to be in line with Yii 1.1.14. Since many of the detailed complexities are now handled by Yii, the article focuses on how the crypt()
built-in function works and why it's important to use it correctly.
Update: This wiki has been rewritten to be in line with Yii 1.1.14. Since many of the detailed complexities are now handled by Yii, the article focuses on how the crypt()
built-in function works and why it's important to use it correctly.
Getting "Expired token" errors ? Here is a solution to avoid invalid CSRF on POST or ajax requests, or user identity changes.
In this article I will show you how to slightly increase application security, by exploiting the fact that Yii implements the Front Controller Pattern.
YII_DEBUG
to true (by default, it is defined in index.php
)
and put alongside error_reporting(E_ALL);
.
Then errors and warnings will stop the execution an...