Add CSRF protections

app/helpers.php

@@ -2,6 +2,11 @@
 
 namespace Helper;
 
+function param_csrf()
+{
+    return '&csrf_token='.\Core\Security::getCSRFToken();
+}
+
 function js($filename)
 {
     return '<script type="text/javascript" src="'.$filename.'?'.filemtime($filename).'"></script>';
@@ -163,6 +168,11 @@ function form_value($values, $name)
     return isset($values[$name]) ? 'value="'.escape($values[$name]).'"' : '';
 }
 
+function form_csrf()
+{
+    return '<input type="hidden" name="csrf_token" value="'.\Core\Security::getCSRFToken().'"/>';
+}
+
 function form_hidden($name, $values = array())
 {
     return '<input type="hidden" name="'.$name.'" id="form-'.$name.'" '.form_value($values, $name).'/>';