The TutsPlus.com site has posted the next article in their "How to Program with Yii2" series of tutorials, this time talking about security covering security tools and functionality already included in the framework.
In this Programming With Yii2 series, I'm guiding readers in use of the Yii2 Framework for PHP. If you're planning to share your application with the public, you'll need it to be secure, and it's best to plan this from the beginning. Fortunately, starting with a framework such as Yii makes this a lot easier than it otherwise would be.
[...] In this tutorial, I'll walk you through the basic security concepts within the Yii application framework. And, if you're interested, future episodes will work to <a href="http://code.tutsplus.com/tutorials/building-your-startup-security-basics--cms-26702>secure the application, Meeting Planner, featured in our startup series, as it approaches alpha release.
The tutorial starts with a look at some of the basics of Yii2's security functionality including authorization tools, password handling and cryptography. Code is included in each section showing the use of the component/functionality. The final point, "Best Practices", links to pages in the Yii2 documentation where you can get more information about preventing vulnerabilities like SQL injection, cross-site scripting and file exposure issues.