This is as an extension of this wiki by Kartik V which shows to make different enableAutoLogin cookies for frontend and backend.
This is as an extension of this wiki by Kartik V which shows to make different enableAutoLogin cookies for frontend and backend.
Getting "Expired token" errors ? Here is a solution to avoid invalid CSRF on POST or ajax requests, or user identity changes.
Your need: You require that for shared machines, the user is authenticated again for a backend access again, if someone is logged in from frontend and vice versa.
In this mini howto I would like to show how to add a required captcha field in the login form, after a defined number of unsuccessfull attempts. To do this, I will use the blog demo that you have in default Yii download package (path/to/yii/demos/blog).
I am writing this guide because I struggled to find a resource that included ALL of the necessary steps to completely separate the frontend from the backend. After reading guides like Configuring different sessions for backend and frontend in yii-advanced-app and [yii2 configuring d...
This is to show you how to use Yii2 flash messages with Kartik Growl (bootstrap notify wrapper).
This solution requires Yii 1.1.9 or above
First of all, You must change component config to enable the default Yii CSRF validation.
This had me stumped for a while so I figured it would be nice to share here to avoid others the grief.