Book Image

Mastering Yii

By : Charles R. Portwood ll
Book Image

Mastering Yii

By: Charles R. Portwood ll

Overview of this book

The successor of Yii Framework 1.1, Yii 2 is a complete rewrite of Yii Framework, one of the most popular PHP 5 frameworks around for making modern web applications. The update embraces the best practices and protocols established with newer versions of PHP, while still maintaining the simple, fast, and extendable behavior found in its predecessor. This book has been written to enhance your skills and knowledge with Yii Framework 2. Starting with configuration and how to initialize new projects, you’ll learn how to configure, manage, and use every aspect of Yii2 from Gii, DAO, Query Builder, Active Record, and migrations, to asset manager. You'll also discover how to automatically test your code using codeception. With this book by your side, you’ll have all the skills you need to quickly create rich modern web and console applications with Yii 2.

Related Content you might be interested in

Current Title:

Small book image
Mastering Yii
Charles R. Portwood ll
Jan, 2016 | 380 pages
No titles found
Table of Contents (20 chapters)
Mastering Yii
Mastering Yii
Credits
Credits
About the Author
About the Author
About the Reviewer
About the Reviewer
www.PacktPub.com
www.PacktPub.com
Preface
Preface
Free Chapter
1
Composer, Configuration, Classes, and Path Aliases
Composer, Configuration, Classes, and Path Aliases
Composer
Configuration
Components and objects
Path aliases
Summary
2
Console Commands and Applications
Console Commands and Applications
Configuration and usage
Built-in console commands
Creating console commands
Summary
3
Migrations, DAO, and Query Building
Migrations, DAO, and Query Building
Connecting to databases
Writing database migrations
Database access objects
Query Builder
Data providers and data widgets
Data replication and load balancing
Summary
4
Active Record, Models, and Forms
Active Record, Models, and Forms
Configuring Gii
Active Record
Models
Forms
Summary
5
Modules, Widgets, and Helpers
Modules, Widgets, and Helpers
Modules
Widgets
Helpers
Summary
6
Asset Management
Asset Management
Asset bundles
Third-party asset tools
Summary
7
Authenticating and Authorizing Users
Authenticating and Authorizing Users
Authentication of users
Authorization
Flash messages
Hashing and encryption
Summary
8
Routing, Responses, and Events
Routing, Responses, and Events
Routing
Requests
Responses
Events
Summary
9
RESTful APIs
RESTful APIs
ActiveController
Authentication filters
Verb filters
Cross-origin resource headers
Rate Limiting
Error handling
Custom API controllers
Summary
10
Testing with Codeception
Testing with Codeception
Reasons for testing
Configuring Codeception with Yii2
Unit testing
Functional testing
Acceptance testing
Fixtures
Automatic change testing
Summary
11
Internationalization and Localization
Internationalization and Localization
Configuring Yii2 and PHP
The application language
Message translations
Viewing file translations
Module translations
Widget translations
Summary
12
Performance and Security
Performance and Security
Caching
General performance enhancements
Security considerations
Summary
13
Debugging and Deploying
Debugging and Deploying
Debugging
Deploying
Summary
Index
Index

Security considerations

When using Yii2, it's important to remember to follow security best practices in order to ensure the security of your application, the servers they run on, the data we collect, and our end users who entrust us with this information. In previous chapters, we explored how we can use the yii\base\Security class to safely encrypt and hash data and how to use hazing algorithms such as Bcrypt to secure passwords. In this section, we'll cover some additional security best practices that we can apply when building our applications.

Certificates

In almost every application that Yii2 will be providing the backend for, our clients (browsers or native clients) will communicate with our application over HTTP (Hypertext Transfer Protocol). An easy way to ensure that the information our client submits from their clients reaches our servers in the same state it left in is to encrypt the traffic between our clients and the server with a certificate signed by a trusted certificate authority...

Previous Section
End of Section 4
Next Section