Scenario Enforcement


Currently one could set the scenario attribute of CModel to any value that he wants.

This may lead to dangerous security bugs.

Lets say I support the scenario "login" in my model and I have a typo and I set "logun" as my wanted scenario. The result will be that I the validation rules that I wanted to be performed might not be performed.

I suggest that we will add a list of supported scenarios to CModel and that the given scenario value (through the constructor or $model->scenario) will be verified.