Browse Source

Doing more editing...

tags/2.0.0-beta
Larry Ullman 11 years ago
parent
commit
dde7d731a5
  1. 6
      docs/guide/bootstrap-widgets.md
  2. 2
      docs/guide/overview.md
  3. 7
      docs/guide/security.md

6
docs/guide/bootstrap-widgets.md

@ -1,17 +1,17 @@
Bootstrap widgets Bootstrap widgets
================= =================
Yii includes support for the [Bootstrap 3](http://getbootstrap.com/) markup and components framework out of the box. Bootstrap is an excellent, responsive framework that can greatly speed up your development process. Out of the box, Yii includes support for the [Bootstrap 3](http://getbootstrap.com/) markup and components framework (also known as "Twitter Bootstrap"). Bootstrap is an excellent, responsive framework that can greatly speed up the client-side of your development process.
The core of Bootstrap is represented by two parts: The core of Bootstrap is represented by two parts:
- CSS basics, such as grid layout system, typography, helper classes, and responsive utilities. - CSS basics, such as a grid layout system, typography, helper classes, and responsive utilities.
- Ready to use components, such as menus, pagination, modal boxes, tabs etc. - Ready to use components, such as menus, pagination, modal boxes, tabs etc.
Basics Basics
------ ------
Yii doesn't wrap bootstrap basics into PHP code since HTML is very simple by itself in this case. You can find details Yii doesn't wrap the bootstrap basics into PHP code since HTML is very simple by itself in this case. You can find details
about using the basics at [bootstrap documentation website](http://getbootstrap.com/css/). Still Yii provides a about using the basics at [bootstrap documentation website](http://getbootstrap.com/css/). Still Yii provides a
convenient way to include bootstrap assets in your pages with a single line added to `AppAsset.php` located in your convenient way to include bootstrap assets in your pages with a single line added to `AppAsset.php` located in your
`config` directory: `config` directory:

2
docs/guide/overview.md

@ -24,7 +24,7 @@ Yii is a generic Web programming framework that can be used for developing
virtually any type of Web application. Because it is light-weight and virtually any type of Web application. Because it is light-weight and
equipped with sophisticated caching mechanisms, it is especially suited equipped with sophisticated caching mechanisms, it is especially suited
to high-traffic applications, such as portals, forums, content to high-traffic applications, such as portals, forums, content
management systems (CMS), e-commerce systems, etc. management systems (CMS), e-commerce projects, etc.
How does Yii Compare with Other Frameworks? How does Yii Compare with Other Frameworks?

7
docs/guide/security.md

@ -4,12 +4,9 @@ Security
Hashing and verifying passwords Hashing and verifying passwords
------------------------------ ------------------------------
It is important not to store passwords in plain text but, contrary to popular belief, just using `md5` or `sha1` to Most developers know that you cannot store passwords in plain text, but many believe it's safe to hash passwords using `md5` or `sha1`. There was a time when those hashing algorithms were sufficient, but modern hardware makes it possible to break those hashes very quickly using a brute force attack.
compute and verify hashes isn't a good way either. Modern hardware allows to brute force these very fast.
In order to truly secure user passwords even in case your database is leaked you need to use a function that is resistant In order to truly secure user passwords, even in the worst case scenario (your database is broken into), you need to use a hashing algorithm that is resistant to brute force attacks. The best current choice is bcrypt. In PHP, you can create a bcrypt hash by using [crypt function](http://php.net/manual/en/function.crypt.php). However, this function is not easy to use properly, so Yii provides two helper functions for generating hash from
to brute-force such as bcrypt. In PHP it can be achieved by using [crypt function](http://php.net/manual/en/function.crypt.php)
but since usage isn't trivial and one can easily misuse it, Yii provides two helper functions for generating hash from
password and verifying existing hash. password and verifying existing hash.
When user sets his password we're taking password string from POST and then getting a hash: When user sets his password we're taking password string from POST and then getting a hash:

Loading…
Cancel
Save