CakePHP2.0 SecurityComponent Sample(CSRF)

add.ctp

<div class="topics form">
<?php echo $this->Form->create('Topic');?>
	<fieldset>
		<legend><?php echo __('Add Topic'); ?></legend>
	<?php
		echo $this->Form->input('content', array('type' => 'text'));
	?>
	</fieldset>
<?php echo $this->Form->end(__('Submit'));?>
</div>

TopicsController.php

<?php

App::uses('AppController', 'Controller');

/**
 * Topics Controller
 *
 * @property Topic $Topic
 */
class TopicsController extends AppController {

	/**
	 * Components
	 *
	 * @var array
	 */
	public $components = array('Security');
	

	/**
	 * add method
	 *
	 * @return void
	 */
	public function add() {
		if ($this->request->is('post')) {
			$this->Topic->create();
			if ($this->Topic->save($this->request->data)) {
				$this->Session->setFlash(__('The topic has been saved'));
				$this->redirect(array('ac1tion' => 'add'));
			} else {
				$this->Session->setFlash(__('The topic could not be saved. Please, try again.'));
			}
		}
	}
	//===============================================
	// callback 
	//===============================================
	public function beforeFilter(){
		$this->Security->blackHoleCallback = 'blackhole';
		parent::beforeFilter();
	}
	
	/**
	 * blackhole
	 * - for SecurityComponent
	 */
	public function blackhole($type){
		switch($type){
			case 'csrf' :
				$this->Session->setFlash(__('不正な送信が行われました'));
				$this->redirect(array('controller' => 'topics', 'action' => $this->action));
				break;
			default :
				$this->redirect(array('controller' => 'topics', 'action' => 'index'));
				break;
		}
	}

}