specializing in digital media technologies

Version 1.1.2 of the Yii framework came out a couple of weeks ago (May 2, 2010) and it’s main new feature is Gii. Gii is a Web-based alternative to the yiic command-line tool. Both yiic and Gii are used to generate code in existing Yii Web applications. For example, you create the database for a project, then use the command-line yiic tool to generate the shell of the project (its directory, configuration files, subdirectories, etc.), and then you would turn to Gii in the Web browser to create Model, Controller, and View files, along with the standard CRUD functionality. I’ll write more about Gii soon, but in the meantime, check out the previous Gii link or this part of the quickstart documentation.

I’ve been trying to write more about Web development security lately, in part because I’m going to be writing an “E-Commerce with PHP and MySQL” book this summer, so security is at the top of my mind. In a previous post, I made some suggestions as to how one develops and tests a site from a security perspective. Here I want to cover security as a general philosophy, so you understand that approach I take (and, therefore, the approach I would recommend you take). When I explain things, I think in terms of analogies. I’m pretty sure they don’t always work or help, but still, it’s what I do. And the analogy I have for Web site (or application) security is: Security is Next to Godliness. Which is to say, think of security the way you might think about cleanliness. (continue reading…)

I StumbledUpon this article titled Making a Cool Login System with PHP, MySQL, and jQuery. It’s very slick, with a panel that slides down for the users to login or register. The article includes the complete code and a demo version. I like this approach—a separate login panel—because logging in is common to most sites but also something the user only does once per session at most, so it’s best not to take up screen space with a login form.