This is the procedure I use for creating new projects with yiiframework: Download latest code from http://www.yiiframework.com cd ~/tmp wget http://yii.googlecode.com/files/yii-1.1.5.r2654.tar.gz tar xzvf yii-1.1.5.r2654.tar.gz Create a new directory for the project: mkdir ~/workspace/www/myproject cp -R ~/tmp/yii-1.1.5.r2654/framework/ ~/workspace/www/myproject Create an initial application skeleton: cd ~/workspace/www/myproject framework/yiic webapp public Move application directory outside from webroot (for security [...]

Cross-site scripting (XSS) attacks are one of the biggest threats to dynamic web pages. Up to 80 percent of all web sites are vulnerable to some type of this attack. Yet, many programmers and site owners are simply not aware of this problem. So, how it works? Generally, you have some web site which doesn’t [...]