Add form tokens to several forms.

airtime_mvc/application/forms/EditUser.php

@@ -22,6 +22,10 @@ class Application_Form_EditUser extends Zend_Form
         $this->setDecorators(array(
                 array('ViewScript', array('viewScript' => 'form/edit-user.phtml', "currentUser" => $currentUser->getLogin()))));
         $this->setAttrib('id', 'current-user-form');
+
+        $this->addElement('hash', 'csrf', array(
+           'salt' => 'unique'
+        ));
         
         $hidden = new Zend_Form_Element_Hidden('cu_user_id');
         $hidden->setDecorators(array('ViewHelper'));

airtime_mvc/application/forms/Login.php

@@ -10,6 +10,10 @@ class Application_Form_Login extends Zend_Form
         // Set the method for the display form to POST
         $this->setMethod('post');
 
+        $this->addElement('hash', 'csrf', array(
+           'salt' => 'unique'
+        ));
+
         $this->setDecorators(array(
             array('ViewScript', array('viewScript' => 'form/login.phtml'))
         ));

airtime_mvc/application/views/scripts/form/edit-user.phtml

@@ -157,6 +157,9 @@
                 </ul>
             <?php endif; ?> 
         </dd>
+
+        <?php echo $this->element->getElement('csrf') ?>
+
         <button type="submit" id="cu_save_user" class="btn btn-small right-floated"><?php echo _("Save")?></button>
     </dl>
 </form>

airtime_mvc/application/views/scripts/form/login.phtml

@@ -27,6 +27,8 @@
     <dd id="locale-element">
       <?php echo $this->element->getElement('locale') ?>
     </dd>
+
+    <?php echo $this->element->getElement('csrf') ?>
     
     <?php if (Application_Model_Preference::GetEnableSystemEmail()): ?>
         <dt id="reset-label" class="hidden">&nbsp;</dt>