What's difference between Yii and codeigniter security?


What’s difference between Yii and codeigniter security?

Everyone please helps me to answer this question.

I would like to know how Yii and codeigniter security and which one is higher security?




What kind of security you are looking for?? web security?? user login data (session) security or access permissions??

I have very low knowledge and experience of CI and I will give Yii a plus for its DB connection methodolgy and access rules in controller make it more compact and robust in security.


check the above the only topic I found in Yii wiki telling that it prevent from all 3 big hacks.


Yii security level: High

CI security level: Medium

Yii provides more security standards like input validations, output filtering, SQL injection and cross site scripting etc.

I’m struggling to take the linked blog post serious as it does not really mention how it came to that conclusion. However, it bears mentioning that Yii provides facilities to help writing more secure code. They are without magical powers, though: If you don’t use them, they become useless. The burden of writing secure code is ultimately still upon the developer ;)

As always… there are no “magical” solutions that are simultaneously secure enough, flexible enough and developer-proof enough :)

I would say there’s no winner. Even though Yii and Codeigniter are built to be secure frameworks, any developer who isn’t careful can build an insecure application.

Both frameworks are used for different purposes. YII is powerful framework than CodeIgniter. The security level of YII is High and Codeigniter is Medium. YII providers powerful Cache support where Codeigniter Doesn’t. YII Support machine Code Generation But CodeIgniter doesn’t.

Thanks. It’s been a great experience with Yii although I’ve been trying to learn more about it