Yii2 – What you need to know – Part V (Yii2 Application Structure, Security…)

Application Structure

In this last and final installment of the series on Yii2 and it’s new changes, we will take a quick look at all the additional details found in this update to the popular framework that are not covered in the previous parts.

Yii2 Application Structure & Installation

One of the things you will notice first while starting off development for Yii2 is the new and improved application structure and installation procedure. Yii2 uses composer from the get go to manage dependencies. Moreover, the Yii2 application structure is divided into two broad types: basic and advanced. The basic installation, creates a basic application structure that works out of the box. For small and general web applications, the basic installation would be a great starting point.

One gripe many developers had in Yii1 was the rather basic application structure. Yii2 corrects this by providing an advanced application structure that divides the entire application into:

  • backend – backend web application.
  • common – files common to all applications.
  • console – console application.
  • environments – environment configs.
  • frontend – frontend web application.

This is great as it provides a great structure to start working on your more advanced application right away. Within these directories, the structure of the application remains more or less similar to that of Yii1. The following image illustrates this:


Security is one aspect that the developers of the Yii framework have looked into in quite some depth. Several security experts, including Tom Worster and Anthony Ferrara, have helped review the Yii code to make sure the framework is as secure as possible.

The yii2 framework brings forward many of the features of Yii 1.0 that made it a breeze to implement secure applications such as the UserIdentity classes, Access Control Filters and Role-based Access Control. Implementation of all these features remain more or less similar to previous iteration.

The security component has been added in Yii2 in order to make security even more robust and easy. As a result, security related features can be easily access using statements such as:


The biggest change in transactions is the ability to now define transactions using callbacks.

Additionally, a few new events have been defined for transactions that allow you to hook into certain events during the life-cycle of a transaction to take appropriate actions. beginTransaction and commitTransaction are two such events that get triggered during the beginning and while committing transactions.

Asset Management

Yii2 has finally brought the latest and greatest package management tools available in order to manage assets. Yii2 uses bower and npm through composer interfaces to bring comprehensive and modern dependency management to your projects.Read more about asset management using these package management tools here.

Development Tools

The Yii debugger tool was improved and expanded and is now similar to the Symfony debug toolbar. In addition, the Gii tool can now be run from the console which improves productivity immensely while doing repetitive tasks for code generation.

Template Engines

Support has been added for popular templating engines such as Smarty and Twig along with special syntax for working with Yii2.


While this series takes a quick look at all the features and enhancements that can be found in the Yii2 framework, it is by no means a comprehensive listing of all the changes that can be found. As I write this post, the release candidate is out and the final release is expected to be out in the coming weeks. Now would be a good time to take a look at all the goodies that are in store for you. Some links to get you started are mentioned below:

Hope you enjoyed this series. Please let us know what you think about Yii2 and whether it really is the future of PHP frameworks.

Navigate to other parts of the series:
Part I, Part II, Part III and Part IV

Note: Post was moved here from my old blog…

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.