YII Framework

yii-frameworkYii is a high­ performance component ­based PHP framework for developing large ­scale Web applications. It enables maximum reusability in Web programming and can significantly accelerate the development process. The Yii framework is free software. It is released under the terms of the BSD License. The name Yii (pronounced Yee or [ji:]) means “simple and evolutionary” in Chinese. It can also be thought of as an acronym for Yes It Is!


  1. Fast : Check out the differences in how many RPS (Requests per second) other frameworks can process compared to yii.
  2. CRUD Feature: Yii got the CRUD feature. This literally saves heaps of time and makes our process much easier. For instance, If we are building a user creation form, we just need to create the User table and the required fields in the database. And using Gii(link a powerful tool of Yii to generate models and controllers) we can easily generate the User model and its CRUD.Thats all and we got the user create,update,delete and manage system all in two or three clicks.
  3. Database tables as objects (so that we don’t need to query all time): We can create model instances. The database modification with these model instances helps you to avoid complex queries and make your tasks easy. The CDBCriteria of Yii helps to process very complex database queries easily.
  4. Relations: Relations are one of highlight features of Yii. You can define the relation between multiple tables say One to One, One to Many etc so that we access the related data in a single object avoiding all the compele JOIN (Inner,Outer ) queries of SQL.
  5. Easy Form Validation. Working with form and its validation is one of the essential stuff for any website. Using Yii, you can connect your forms with the models (database tables). You can set validation rules for the model. For instance consider a User model (the user database table for user registration ) and there is a field user name in it. array(‘username’,’required’);
  6. Inbuilt Authentication and Authorization:
    1. Authentication: Yii has a default login system, in which we can authorize our user. We just need to connect our User model into it. It got all the essential features required, say session,cookies,error handling etc. We can also manipulate the login system easily
    2. Authorization: Yii got inbuilt role based access controls through which we can create roles to the users. We can limit the access to different sections based on the roles.
  7. Theming: Yii applications got theme directory inside so that we can set the theme for the application. Also we can switch easily to different themes inside the config file.This helps the designers to implement designs very easily.
  8. Security: Yii is highly secured. Three major types of attacks to a website are :-
    1. Cross­ site Scripting (XSS): A typical example is the attack in a poorly made up forum. User can enter malicious javascript code to the forum and it will appear in the forum page. Yii checks for the javascript and malicious codes entered and is capable of blocking those malicious codes form being entered into the website. CHtmlPurifier(inside Yii) does this purpose.
    2. Cross­ site Request Forgery(CSRF): These type of attacks are mainly responsible for money loss(mainly from banks) . Yii makes the $_GET requests to retrieve data only, not to change anything in the server.
    3. Cookie attacks: Yii got a cookie validation method , which blocks cookies from being modified.

Yii implements the model­view­controller (MVC) design pattern which is widely adopted inWeb programming. A Model View Controller pattern is made up of the following three parts:

  1. The model represents the data, and does nothing else. The model does NOT depend on the controller or the view.
  2. The view displays the model data, and sends user actions (e.g. button clicks) to the controller. The view can be independent of both the model and the controller.
  3. The controller provides model data to the view, and interprets user actions such as button clicks. The controller depends on the view and the model. In some cases, the controller and the view are the same object.



Yii does not need to be installed under a Web­ accessible directory. An Yii application has one entry script which is usually the only file that needs to be exposed to Web users. Other PHP scripts, including those from Yii, should be protected from Web access since they may be exploited for hacking.

Post Your Comment Here