Hi,I recently wrote a blog post about how I now use Zend_Form_Element_Hash, I hope someone might find it interesting/ userful.
http://www.noginn.com/2009/03/01/preventing-csrf-properly/I have outlined some issues with the standard approach and how to better tackle invalid CSRF tokens.
Tom
