From a59794298422b04597ce8d1c00ae1d23acdc35ef Mon Sep 17 00:00:00 2001
From: Andrew O'Neil <andy@andyofniall.net>
Date: Thu, 10 Jan 2008 20:47:50 +0000
Subject: [PATCH] Added $SecurityID for templates

git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@47839 467b73ca-7a2a-4603-9d3b-597d59a354a9
---
 core/ViewableData.php | 16 ++++++++++++++++
 1 file changed, 16 insertions(+)

diff --git a/core/ViewableData.php b/core/ViewableData.php
index 06c9f368c..a5d8dec7a 100644
--- a/core/ViewableData.php
+++ b/core/ViewableData.php
@@ -683,6 +683,22 @@ class ViewableData extends Object implements Iterator {
 	function CurrentMember() {
 		return Member::currentUser();
 	}
+	
+	/**
+	 * Returns the Security ID.
+	 * This is used to prevent CRSF attacks in forms.
+	 * @return int
+	 */
+	function SecurityID() {
+		if(Session::get('SecurityID')) {
+			$securityID = Session::get('SecurityID');
+		} else {
+			$securityID = rand();
+			Session::set('SecurityID', $securityID);
+		}
+		
+		return $securityID;
+	}
 
     /**
      * Checks if the current user has the given permission.