* master: (156 commits)
added property docs to AR test classes
moved getPDOType() back to Command to avoid dependency on Schema
updated @property annotations of web\Request
moved redis out of yii\db namespace
Fixes#884.
Supports sending CSRF token via HTTP header.
Use .prop() instead .attr().
use meta tags to pass CSRF token.
Added memcached service in Travis YAML
fixed typo
cleanup db `use` statements
doc fix.
Better strtr arguments format
Modified js registration position.
renamed Request::csrfTokenName to csrfVar. added version, csrfVar and csrfToken to yii js module.
Advanced application enhancements.
Basic application enhancements.
Better phpdoc for AccessControl
Security::generateRandomKey enhancements:
Fixes#875: Security::generateRandomKey() can now be safely used in URLs
...
Conflicts:
.travis.yml
framework/yii/caching/RedisCache.php
tests/unit/framework/caching/RedisCacheTest.php
- Turned on CSRF validation by default.
- Added access control for login, signup and logout for frontend application.
- Added access control for login, logout and index for backend application.
- YII_ENV is now defined for all applications.
- No trace is writted to logs if debug is turned off.
- Added default error view for frontend and backend.
- In frontend application captcha will always ask for "testme" if YII_ENV is defined as "test".
- Turned on CSRF validation by default.
- Application params are now readed before config is defined to be able to use values from params when configuring.
- Added access control for login and logout.
Carsten Brandt
Qiang Xue
Panagiotis Moustafellos
Alexander Makarov