Skip to content
Projects
Groups
Snippets
Help
This project
Loading...
Sign in / Register
Toggle navigation
Y
yii2
Project
Overview
Details
Activity
Cycle Analytics
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Charts
Issues
0
Issues
0
List
Board
Labels
Milestones
Merge Requests
0
Merge Requests
0
CI / CD
CI / CD
Pipelines
Jobs
Schedules
Charts
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Charts
Create a new issue
Jobs
Commits
Issue Boards
Open sidebar
PSDI Army
yii2
Commits
a61d9dcc
Commit
a61d9dcc
authored
Aug 13, 2013
by
Alexander Makarov
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
started view docs
parent
90ddea11
Show whitespace changes
Inline
Side-by-side
Showing
4 changed files
with
106 additions
and
1 deletion
+106
-1
apps-advanced.md
docs/guide/apps-advanced.md
+5
-0
apps-basic.md
docs/guide/apps-basic.md
+5
-0
overview.md
docs/guide/overview.md
+1
-1
view.md
docs/guide/view.md
+95
-0
No files found.
docs/guide/apps-advanced.md
View file @
a61d9dcc
...
@@ -5,6 +5,11 @@ This template is for large projects developed in teams where backend is divided
...
@@ -5,6 +5,11 @@ This template is for large projects developed in teams where backend is divided
to multiple servers etc. This application template also goes a bit further regarding features and provides essential
to multiple servers etc. This application template also goes a bit further regarding features and provides essential
database, signup and password restore out of the box.
database, signup and password restore out of the box.
Installation
------------
TBD
Directory structure
Directory structure
-------------------
-------------------
...
...
docs/guide/apps-basic.md
View file @
a61d9dcc
...
@@ -7,6 +7,11 @@ The application has four pages: the homepage, the about page, the contact page a
...
@@ -7,6 +7,11 @@ The application has four pages: the homepage, the about page, the contact page a
The contact page displays a contact form that users can fill in to submit their inquiries to the webmaster,
The contact page displays a contact form that users can fill in to submit their inquiries to the webmaster,
and the login page allows users to be authenticated before accessing privileged contents.
and the login page allows users to be authenticated before accessing privileged contents.
Installation
------------
TBD
Directory structure
Directory structure
-------------------
-------------------
...
...
docs/guide/overview.md
View file @
a61d9dcc
...
@@ -5,7 +5,7 @@ Yii is a high-performance, component-based PHP framework for developing
...
@@ -5,7 +5,7 @@ Yii is a high-performance, component-based PHP framework for developing
large-scale Web applications rapidly. It enables maximum reusability in Web
large-scale Web applications rapidly. It enables maximum reusability in Web
programming and can significantly accelerate your Web application development
programming and can significantly accelerate your Web application development
process. The name Yii (pronounced
`Yee`
or
`[ji:]`
) is an acronym for
process. The name Yii (pronounced
`Yee`
or
`[ji:]`
) is an acronym for
"
**Yes It Is!**
"
.
**Yes It Is!**
.
Requirements
Requirements
...
...
docs/guide/view.md
View file @
a61d9dcc
View
====
View is an important part of MVC and is reponsible for how data is presented to the end user.
Basics
------
Yii uses PHP in view templates by default so in a web application a view typically contains some HTML,
`echo`
,
`foreach`
and such basic constructs. It may also contain widget calls. Using complex code in views is considered a bad practice.
Such code should be moved to controller or widgets.
View is typically called from controller action like the following:
```
php
public
function
actionIndex
()
{
return
$this
->
render
(
'index'
,
array
(
'username'
=>
'samdark'
,
));
}
```
First argument is the view name. In context of the controller Yii will search for its views in
`views/site/`
where
`site`
is controller ID. For details on how view name is resolved please refer to
[
yii\base\Controller::render
]
method.
Second argument is data array that contains key-value pairs. Value is available in the view as a variable named the same
as the corresponding key.
So the view for the action above should be in
`views/site/index.php`
and can be something like:
```
php
<p>
Hello,
<?php
echo
$username
?>
!
</p>
```
Intead of just scalar values you can pass anything else such as arrays or objects.
Layout
------
Partials
--------
Widgets
-------
Security
--------
One of the main security principles is to always escape output. If violated it leads to script execution and,
most probably, to cross-site scripting known as XSS leading to leaking of admin passwords, making a user to automatically
perform actions etc.
Yii provides a good toolset in order help you escaping your output. The very basic thing to escape is a text without any
markup. You can deal with it like the following:
```
php
<?php
use
yii\helpers\Html
;
?>
<div
class=
"username"
>
<?php
echo
Html
::
encode
(
$user
->
name
);
?>
</div>
```
When you want to render HTML it becomes complex so we're delegating the task to excellent
[
HTMLPurifier
](
http://htmlpurifier.org/
)
library. In order to use it you need to modify your
`composer.json`
first by
adding the following to
`require`
:
```
javascript
"ezyang/htmlpurifier"
:
"v4.5.0"
```
After it's done run
`php composer.phar install`
and wait till package is downloaded. Now everything is prepared to use
Yii's HtmlPurifier helper:
```
php
<?php
use
yii\helpers\HtmlPurifier
;
?>
<div
class=
"post"
>
<?php
echo
HtmlPurifier
::
process
(
$post
->
text
);
?>
</div>
```
Note that besides HTMLPurifier does excellent job making output safe it's not very fast so consider
[
caching result
](
caching.md
)
.
Alternative template languages
------------------------------
There are offlicial extensions for
[
Smarty
](
http://www.smarty.net/
)
and
[
Twig
](
http://twig.sensiolabs.org/
)
. In order
to learn more refer to
[
Using template engines
](
template.md
)
section of the guide.
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment