First of all, You must change component config to enable the default Yii CSRF validation.
Application configuration determines how an Yii application should behave, because it is the only parameter passed in the entry script. An application, on the other hand, needs to behave differently under different circumstances. For example, an application may need different configurations when running in production mode, development mode and testing mode; In a team development environment, each...
This article is called extended guide is because there is already a security guide in the Yii tutorial security section. but that guide is not complete in the sense that it does not rise the developers' attention to some other commonly happening attacks: SQL injection and magic URL, which can be major vulnerabilities in you...
It is actually mentioned in the documentation
Since Yii 1.0.5 you can use named scopes with ActiveRecords. They are a great help in simplifying your query calls.
I like programing on my localhost, however it really bugged me to make changes to index.php & config files on my production server. After combining all available wiki articles on this topic and some trial and error this is what I use for my applications so I could just upload it to production server and it will work without any changes.
In case of a multilingual application, one might consider it a reasonable approach to store the preferred language of the user in a session variable, and after that, every time a page is requested, to check this session variable and render the page in the indicated language.
This tutorial shows a Yii-way of doing this.
We implement an event handler for the onBeginRequest event; as the nam...
You have a multilingual application, and you want the URL of a page to be different for different languages, to account for SEO. The URL for the contact page for example should look like http://something.com/en/contact in english, and http://something.com/de/contact in german. This tutorial describes how to make it happen.
Note that currently selected language is always a part...
Yii i18n does not cover decimal format. Some languages like Spanish (I live in Argentina) uses comma ',' instead of dot '.' as decimal separator.
Normally when we want users to download a file, that file is put in a folder under the web application root and the web server does the rest.
I was wondering how to set-up the application parameters in the back-end to use them all around the application without the need of using the database and I came up with this solution, I hope it helps somebody else.