

Csrf-magic: Wizard CSRF Protection for PHP - toni
http://csrf.htmlpurifier.org/

======
nostrademons
Django actually makes it easier...all you have to do is add
django.contrib.csrf.middleware.CsrfMiddleware to your MIDDLEWARE_CLASSES, and
it protects the whole webapp.

<http://www.djangoproject.com/documentation/csrf/>

------
aston
Don't forget to protect all of your AJAX calls, too, if they modify any
backend state.

