diff -r 63e131c38876 -r 26479224936a includes/sessions.php
--- a/includes/sessions.php	Sat May 24 23:40:42 2008 -0400
+++ b/includes/sessions.php	Sat Jun 07 12:39:24 2008 -0400
@@ -1249,6 +1249,8 @@
       $lang = new Language($language);
       @setlocale(LC_ALL, $lang->lang_code);
     }
+    // make a CSRF token
+    $this->csrf_token = sha1($_SERVER['REMOTE_ADDR'] . sha1($this->private_key));
   }
   
   /**