CSRF Protection (#235)

* Fix alert class name

* feature: csrf protection

* Cosmetics

* Fix token generate

* Admin Panel: changelogs csrf protection

* news/id route

* Refactor admin newses + add csrf

* Use admin.links instead

* Admin panel: Pages csrf

* Menus: better csrf + add success message on reset colors

* Plugins csrf

* Move definitions

* add info function, same as note($message)

* Update mailer.php

* Fix new page/news links

* clear_cache & maintenance csrf

* Formatting

* Fix news type

* Fix changelog link

* Add new changelog link

* More info to confirm dialog

* This is always true

system/settings.php

@@ -65,6 +65,12 @@ return [
 			'default' => false,
 			'is_config' => true,
 		],
+		'csrf_protection' => [
+			'name' => 'CSRF protection',
+			'type' => 'boolean',
+			'desc' => 'Its recommended to keep it enabled. Disable only if you know what you are doing.',
+			'default' => true,
+		],
 		'google_analytics_id' => [
 			'name' => 'Google Analytics ID',
 			'type' => 'text',