Adding csrf_field helper method

Author: lonnieezell

system/Common.php

@@ -547,6 +547,21 @@ function csrf_hash()
 
 //--------------------------------------------------------------------
 
+if (! function_exists('csrf_field'))
+{
+    /**
+     * Generates a hidden input field for use within manually generated forms.
+     *
+     * @return string
+     */
+    function csrf_field()
+    {
+        return '<input type="hidden" name="'. csrf_token() .'" value="'. csrf_hash() .'">';
+    }
+}
+
+//--------------------------------------------------------------------
+
 if (! function_exists('force_https'))
 {
 	/**

user_guide_src/source/general/common_functions.rst

@@ -137,6 +137,15 @@ Miscellaneous Functions
 
 	Returns the current CSRF hash value.
 
+.. php:function:: csrf_field ()
+
+	:returns: A string with the HTML for hidden input with all required CSRF information.
+	:rtype: string
+
+	Returns a hidden input with the CSRF information already inserted: 
+
+		<input type="hidden" name="{csrf_token}" value="{csrf_hash}">
+
 .. php:function:: force_https ( $duration = 31536000 [, $request = null [, $response = null]] )
 
 	:param  int  $duration: The number of seconds browsers should convert links to this resource to HTTPS.

user_guide_src/source/libraries/security.rst

@@ -57,6 +57,12 @@ and ``csrf_hash()`` functions
 
 	<input type="hidden" name="<?= csrf_token() ?>" value="<?= csrf_hash() ?>" />
 
+Additionally, you can use the ``csrf_field()`` method to generate this 
+hidden input field for you::
+
+	// Generates: <input type="hidden" name="{csrf_token}" value="{csrf_hash}" />
+	<?= csrf_field() ?>
+
 Tokens may be either regenerated on every submission (default) or
 kept the same throughout the life of the CSRF cookie. The default
 regeneration of tokens provides stricter security, but may result