Technology

Controller Access Control With the Yii Rights Module

It's easy enough to determine how the Yii Rights module works when used to perform inline access control checks in your code. You simply call ($user->checkAccess($operation) === true), and the internal details are easy enough to dig into. But how does it work with your controllers to allow or deny access to a page (or more specifically, an action in your controller)?

If you haven't yet read up on access control filters, you should check out the official Yii Controller Basics first and get familiar with filter chains. Then come back and read the rest of this post.

> Read More
Category:
Tags:

Displaying Yii's CLinkPager "First" and "Last" Buttons

Yii provides an excellent set of tools for displaying paged data, namely the CListView and
CGridView widgets. These widgets are easy to use, are highly customizable, and provide the kind of pager that is in use all over the web. Which makes it all the more strange that the pager doesn't work quite as expected.

The strange default behavior is that built-in css attributes hide the "First" and "Last" buttons. In fact, if you're like me, you didn't even know that the pager had a "First" and "Last" button until you started looking into putting ones in there. If you view the page source and scroll down to the pager, you'll see these elements, each of them contained within <li class="first"> and <li class="last"> tags, respectively. These tags are targeted by a display:none css attribute contained in the default pager stylesheet.

I have no idea why these are hidden by default, but it's not too much work to make them visible.

Read on to see how to change:

to:

> Read More
Category:
Tags:

Using Yii ActiveRecord to Assign from a List of Values

Often times you'll have a database table containing a list of values, and you want to assign one of those values to another entity. Imagine you're assigning an author to a book, or a currency type to a sale amount, or a country preference to a user. In all these cases you have one table/class representing a list of values, and one table/class that stores, among other things, a reference to a value/instance in the first table/class.

Luckily, Yii makes it easy for you do implement this.

For this example we're going to focus on books and authors, because everyone still reads books, right?

> Read More
Category:
Tags:

Updating to the Latest Yii Framework

The good folks at Yii dropped their latest framework release, 1.1.9, on January 1 of this year. Updating my applications use to this new framework was comically simple thanks to a small trick: using a symbolic link to reference the framework.

Whether you're downloading Yii for the first time, or upgrading to the latest Yii framework, you can create a symbolic link in your web root directory like this:

ln -s yii-1.1.9.r3527/ yii

Also update the following webapp files and replace each reference to the hard link with a reference to the symbolic link:

  • /webapp/index.php
  • /webapp/index-test.php
  • /webapp/protected/yiic.php
  • /webapp/protected/tests/bootstrap.php

Now here's where this comes in handy: when you're ready to upgrade to a new Yii framework, simply download it and unzip it in your web root, and update the symbolic to point to the new framework. Boom, thirty seconds, you've upgraded.

(Of course it's only this easy if you haven't hacked any core framwework files. You haven't hacked any core framework files, right?)

Category:
Tags:

Installing Yii Users and Rights in 5 Steps

So you've got your clean Yii installation*...now what? Frequently the next step is adding support for users and some sort of permissioning schema. The official Yii guide to Authentication and Authorization is a very comprehensive and important piece of documentation — please do take the hour or so necessary to read it and try to understand it. You could skip it, of course, and just use the following steps to get your app working, but you'd really be missing out, especially if you're new to Yii, new to object-oriented PHP, or just new to authentication/authorization methodologies.

Anyone could roll his own user and permissioning framework, but luckily there are two well-supported Yii extensions for this: yii-user and rights. Both come with installation instructions, but I'm writing it all out in steps for easy reference.

By the way, I've created a github repository with a working version of my installation. You can grab it here, or just clone it:

git clone git@github.com:benjaminlhaas/Yii-with-Users-and-Rights.git

If you use this, you'll need to run the two migration scripts in the webapp/protected/migrations directory and probably change some directory permissions. Check out the README in the root.

If you still want to install yii-users and rights step-by-step, here are the instructions:

> Read More
Category:
Tags:

Installing Yii in 10 Easy Steps

I've been working with the Yii Framework for a few months now, and have been massively impressed so far. The amount of foresight that went into the design and architecture of this framework is mind boggling, and I keep getting reminded of this over and over again when I'm trying to get a very specific task done, and I learn that a well-documented, simple method or class already exists expressly for this purpose. I'm really surprised that Yii hasn't been getting a lot of chatter in the development community (at least from the people I've been listening to).

I've thrown together a few Yii applications so far, and I thought I would document a few installation/configuration processes for my benefit, and for anyone else who stumbles across this. All of this is available in disparate locations, including the official Yii reference, but I wanted to list things out as simply as possible, detailing how I got it to work for my setup.

> Read More
Category:
Tags:

Mozilla's 4096 Character TextNode Limit

Ugh, I hate it when one browser works different than all the rest of them and displays some unexpected behavior. Believe it or not, no, I'm not talking about IE this time, it's Mozilla that's giving me a headache. Mozilla is the only major browser that imposes a 4096 character limit on TextNodes in its DOM structure.

> Read More
Category:

Using Apache's mod_rewrite for Maintaining Advanced and Classic Mobile Websites

These days it's not enough to just have a single mobile website. With fragmentation of handheld devices, operating systems, and browsers, your site's visitors have a wider range of a viewing capabilities than ever. My HTC Incredible for example, running Android 2.2, delivers a much richer browsing experience than my old BlackBerry Curve (you know the one - everyone used to have it in the pre-iPhone days - it's the one everyone was playing BrickBreaker on while riding the subway). To be truly considerate of your site's visitors, you should have a feature-rich "advanced" mobile site for advanced handhelds (iPhone, iPad, Android, etc.), and a simpler, more text-centric "classic" site for older handhelds. The challenge, then, is how to route users to the appropriate site without annoying them. This is where Apache's .htaccess and mod_rewrite come in handy.

> Read More
Category:

AMF and PHP with Drupal and Flex

At my company we're working on a project where we're using Drupal as an administrative-facing data storage and content management system, and Flex as a client-facing user interface. We knew conceptually that this should be an easy task, since we knew we can create and expose an API to Drupal via the Services module. We were initially concerned, though, that we might have some difficulty getting Flex to work smoothly with these API. Turns out though, that our fears were unfounded -- with the help of the AMFPHP module, it couldn't have been easier.

> Read More
Category:
Tags: , ,

How to Hide Drupal's "Request New Password" Tab

Sometimes your site only has one or two users (like this site!), and you have no need for the built-in Drupal "Request new password" tab on the user login block. It's really quite easy to disable this tab. All you have to do is have a custom module, and implement hook_menu_alter.

> Read More
Category:
Tags:
Syndicate content