diff --git a/classes/actions/ActionBlog.class.php b/classes/actions/ActionBlog.class.php
index 2aa3ed93..434f24b8 100644
--- a/classes/actions/ActionBlog.class.php
+++ b/classes/actions/ActionBlog.class.php
@@ -357,6 +357,8 @@ class ActionBlog extends Action {
 		 * Обрабатываем сохранение формы
 		 */
 		if (isPost('submit_blog_admin')) {
+			$this->Security_ValidateSendForm();
+			
 			$aUserRank=getRequest('user_rank',array());
 			if (!is_array($aUserRank)) {
 				$aUserRank=array();
@@ -427,6 +429,7 @@ class ActionBlog extends Action {
 	 * @return bool
 	 */
 	protected function checkBlogFields($oBlog=null) {
+		$this->Security_ValidateSendForm();
 		/**
 		 * Проверяем только если была отправлена форма с данными (методом POST)
 		 */
diff --git a/classes/actions/ActionPage.class.php b/classes/actions/ActionPage.class.php
index dca308fc..517cef3a 100644
--- a/classes/actions/ActionPage.class.php
+++ b/classes/actions/ActionPage.class.php
@@ -248,46 +248,48 @@ class ActionPage extends Action {
 	 * @return unknown
 	 */
 	protected function CheckPageFields() {		
-			$bOk=true;
-			/**
-		 	* Проверяем есть ли заголовок топика
-		 	*/
-			if (!func_check(getRequest('page_title',null,'post'),'text',2,200)) {
-				$this->Message_AddError($this->Lang_Get('page_create_title_error'),$this->Lang_Get('error'));
-				$bOk=false;
-			}
-			/**
-			* Проверяем есть ли заголовок топика, с заменой всех пробельных символов на "_"
-			*/		
-			$pageUrl=preg_replace("/\s+/",'_',getRequest('page_url',null,'post'));
-			$_REQUEST['page_url']=$pageUrl;
-			if (!func_check(getRequest('page_url',null,'post'),'login',1,50)) {
-				$this->Message_AddError($this->Lang_Get('page_create_url_error'),$this->Lang_Get('error'));
-				$bOk=false;
-			}
-			/**
-		 	* Проверяем на счет плохих УРЛов
-			 */
-			if (in_array(getRequest('page_url',null,'post'),$this->aBadPageUrl)) {
-				$this->Message_AddError($this->Lang_Get('page_create_url_error_bad').' '.join(',',$this->aBadPageUrl),$this->Lang_Get('error'));
-				$bOk=false;
-			}
-			/**
-		 	* Проверяем есть ли содержание страницы
-		 	*/
-			if (!func_check(getRequest('page_text',null,'post'),'text',1,50000)) {
-				$this->Message_AddError($this->Lang_Get('page_create_text_error'),$this->Lang_Get('error'));
-				$bOk=false;
-			}
-			/**
-			 * Проверяем страницу в которую хотим вложить
-			 */
-			if (getRequest('page_pid')!=0 and !($oPageParent=$this->Page_GetPageById(getRequest('page_pid')))) {
-				$this->Message_AddError($this->Lang_Get('page_create_parent_page_error'),$this->Lang_Get('error'));
-				$bOk=false;
-			}		
+		$this->Security_ValidateSendForm();	
+		
+		$bOk=true;
+		/**
+		 * Проверяем есть ли заголовок топика
+		 */
+		if (!func_check(getRequest('page_title',null,'post'),'text',2,200)) {
+			$this->Message_AddError($this->Lang_Get('page_create_title_error'),$this->Lang_Get('error'));
+			$bOk=false;
+		}
+		/**
+		 * Проверяем есть ли заголовок топика, с заменой всех пробельных символов на "_"
+		 */		
+		$pageUrl=preg_replace("/\s+/",'_',getRequest('page_url',null,'post'));
+		$_REQUEST['page_url']=$pageUrl;
+		if (!func_check(getRequest('page_url',null,'post'),'login',1,50)) {
+			$this->Message_AddError($this->Lang_Get('page_create_url_error'),$this->Lang_Get('error'));
+			$bOk=false;
+		}
+		/**
+		 * Проверяем на счет плохих УРЛов
+		 */
+		if (in_array(getRequest('page_url',null,'post'),$this->aBadPageUrl)) {
+			$this->Message_AddError($this->Lang_Get('page_create_url_error_bad').' '.join(',',$this->aBadPageUrl),$this->Lang_Get('error'));
+			$bOk=false;
+		}
+		/**
+		 * Проверяем есть ли содержание страницы
+		 */
+		if (!func_check(getRequest('page_text',null,'post'),'text',1,50000)) {
+			$this->Message_AddError($this->Lang_Get('page_create_text_error'),$this->Lang_Get('error'));
+			$bOk=false;
+		}
+		/**
+		 * Проверяем страницу в которую хотим вложить
+		 */
+		if (getRequest('page_pid')!=0 and !($oPageParent=$this->Page_GetPageById(getRequest('page_pid')))) {
+			$this->Message_AddError($this->Lang_Get('page_create_parent_page_error'),$this->Lang_Get('error'));
+			$bOk=false;
+		}		
 			
-			return $bOk;
+		return $bOk;
 	}
 }
 ?>
diff --git a/classes/actions/ActionQuestion.class.php b/classes/actions/ActionQuestion.class.php
index 77eba0f2..00ae2977 100644
--- a/classes/actions/ActionQuestion.class.php
+++ b/classes/actions/ActionQuestion.class.php
@@ -410,6 +410,8 @@ class ActionQuestion extends Action {
 	 * @return unknown
 	 */
 	protected function checkTopicFields($oTopic=null) {		
+		$this->Security_ValidateSendForm();
+		
 		$bOk=true;
 		/**
 		 * Проверяем есть ли блог в кторый постим
diff --git a/classes/actions/ActionSettings.class.php b/classes/actions/ActionSettings.class.php
index 4ecb0eb8..11936d55 100644
--- a/classes/actions/ActionSettings.class.php
+++ b/classes/actions/ActionSettings.class.php
@@ -79,6 +79,8 @@ class ActionSettings extends Action {
 		$this->Viewer_AddHtmlTitle($this->Lang_Get('settings_menu_tuning'));
 		
 		if (isPost('submit_settings_tuning')) {
+			$this->Security_ValidateSendForm();			
+			
 			$this->oUserCurrent->setSettingsNoticeNewTopic( getRequest('settings_notice_new_topic') ? 1 : 0 );
 			$this->oUserCurrent->setSettingsNoticeNewComment( getRequest('settings_notice_new_comment') ? 1 : 0 );
 			$this->oUserCurrent->setSettingsNoticeNewTalk( getRequest('settings_notice_new_talk') ? 1 : 0 );
@@ -108,6 +110,8 @@ class ActionSettings extends Action {
 		$this->Viewer_AddHtmlTitle($this->Lang_Get('settings_menu_invite'));		
 		
 		if (isPost('submit_invite')) {
+			$this->Security_ValidateSendForm();			
+			
 			$bError=false;
 			if (!$this->ACL_CanSendInvite($this->oUserCurrent) and !$this->oUserCurrent->isAdministrator()) {
 				$this->Message_AddError($this->Lang_Get('settings_invite_available_no'),$this->Lang_Get('error'));		
@@ -138,6 +142,8 @@ class ActionSettings extends Action {
 		 * Если нажали кнопку "Сохранить"
 		 */
 		if (isPost('submit_profile_edit')) {
+			$this->Security_ValidateSendForm();
+						
 			$bError=false;			
 			/**
 		 	* Заполняем профиль из полей формы
diff --git a/classes/actions/ActionTalk.class.php b/classes/actions/ActionTalk.class.php
index c0052d1c..0d6bc5f0 100644
--- a/classes/actions/ActionTalk.class.php
+++ b/classes/actions/ActionTalk.class.php
@@ -99,6 +99,8 @@ class ActionTalk extends Action {
 		 * Обработка удаления сообщений
 		 */
 		if (isPost('submit_talk_del')) {
+			$this->Security_ValidateSendForm();
+			
 			$aTalksIdDel=getRequest('talk_del');
 			if (is_array($aTalksIdDel)) {
 				$this->Talk_DeleteTalkUserByArray(array_keys($aTalksIdDel),$this->oUserCurrent->getId());				
@@ -346,6 +348,8 @@ class ActionTalk extends Action {
 	
 	
 	protected function checkTalkFields() {
+		$this->Security_ValidateSendForm();
+		
 		$bOk=true;		
 		/**
 		 * Проверяем есть ли заголовок
diff --git a/classes/actions/ActionTopic.class.php b/classes/actions/ActionTopic.class.php
index b8b37c92..2d0dc195 100644
--- a/classes/actions/ActionTopic.class.php
+++ b/classes/actions/ActionTopic.class.php
@@ -489,6 +489,8 @@ class ActionTopic extends Action {
 	 * @return unknown
 	 */
 	protected function checkTopicFields() {
+		$this->Security_ValidateSendForm();
+		
 		$bOk=true;
 		/**
 		 * Проверяем есть ли блог в кторый постим
diff --git a/config/config.php b/config/config.php
index 5ad62cb9..6e36bb01 100644
--- a/config/config.php
+++ b/config/config.php
@@ -192,7 +192,8 @@ $config['module']['image']['foto']['round_corner']   = false;
 $config['module']['image']['topic']['watermark_use']  = false;
 $config['module']['image']['topic']['round_corner']   = false;
 // Модуль Security
-$config['module']['security']['key']  = "livestreet_security_key"; // ключ сессии для хранения security-кода
+$config['module']['security']['key']   = "livestreet_security_key"; // ключ сессии для хранения security-кода
+$config['module']['security']['hash']  = "livestreet_security_key"; // "примесь" к строке, хешируемой в качестве security-кода
 
 // Какие модули должны быть загружены на старте
 $config['module']['autoLoad'] = array('Cache', 'Security','Session','User', 'Lang', 'Message');
diff --git a/engine/modules/security/Security.class.php b/engine/modules/security/Security.class.php
index e0f23734..da8111f0 100644
--- a/engine/modules/security/Security.class.php
+++ b/engine/modules/security/Security.class.php
@@ -60,8 +60,8 @@ class LsSecurity extends Module {
 	 *
 	 */
 	public function SetSessionKey() {
-		$sCode = md5(microtime().func_generator(32));
-		$this->Session_Set(Config::Get('module.security.key'), $sCode);
+		$sCode = md5($this->Session_GetId().Config::Get('module.security.hash'));
+		if($this->User_IsAuthorization())  $this->Session_Set(Config::Get('module.security.key'), $sCode);
 		$this->Viewer_Assign('LIVESTREET_SECURITY_KEY',$sCode);
 		
 		return $sCode;
diff --git a/engine/modules/session/Session.class.php b/engine/modules/session/Session.class.php
index 84621550..5920c33f 100644
--- a/engine/modules/session/Session.class.php
+++ b/engine/modules/session/Session.class.php
@@ -87,6 +87,14 @@ class LsSession extends Module {
 		}
 	}
 	
+	/**
+	 * Получает идентификатор текущей сессии
+	 *
+	 */	
+	public function GetId() {
+		return $this->sId;
+	}
+	
 	/**
 	 * Гинерирует уникальный идентификатор
 	 *
diff --git a/templates/skin/new/actions/ActionBlog/add.tpl b/templates/skin/new/actions/ActionBlog/add.tpl
index 68665544..7c55787f 100644
--- a/templates/skin/new/actions/ActionBlog/add.tpl
+++ b/templates/skin/new/actions/ActionBlog/add.tpl
@@ -10,7 +10,8 @@
 			<h1>{$aLang.blog_admin}: <a href="{router page='blog'}{$oBlogEdit->getUrl()}/">{$oBlogEdit->getTitle()}</a></h1>
 		{/if}
 		<form action="" method="POST" enctype="multipart/form-data">
-								
+			<input type="hidden" name="security_ls_key" value="{$LIVESTREET_SECURITY_KEY}" /> 
+				
 			<p><label for="blog_title">{$aLang.blog_create_title}:</label><br />
 			<input type="text" id="blog_title" name="blog_title" value="{$_aRequest.blog_title}" class="w100p" /><br />
 			<span class="form_note">{$aLang.blog_create_title_notice}</span></p>
diff --git a/templates/skin/new/actions/ActionBlog/admin.tpl b/templates/skin/new/actions/ActionBlog/admin.tpl
index 952e353a..cd67f6b9 100644
--- a/templates/skin/new/actions/ActionBlog/admin.tpl
+++ b/templates/skin/new/actions/ActionBlog/admin.tpl
@@ -6,6 +6,7 @@
 
 		{if $aBlogUsers}
 			<form action="" method="POST" enctype="multipart/form-data">
+				<input type="hidden" name="security_ls_key" value="{$LIVESTREET_SECURITY_KEY}" />
 				<table class="table-blog-users">
 					<thead>
 						<tr>
diff --git a/templates/skin/new/actions/ActionLink/add.tpl b/templates/skin/new/actions/ActionLink/add.tpl
index 95a30d34..f4c4fdbd 100644
--- a/templates/skin/new/actions/ActionLink/add.tpl
+++ b/templates/skin/new/actions/ActionLink/add.tpl
@@ -26,6 +26,8 @@ document.addEvent('domready', function() {
 					<h1>{$aLang.topic_link_edit}</h1>
 				{/if}
 				<form action="" method="POST" enctype="multipart/form-data">
+					<input type="hidden" name="security_ls_key" value="{$LIVESTREET_SECURITY_KEY}" /> 
+					
 					<p><label for="blog_id">{$aLang.topic_create_blog}</label>
 					<select name="blog_id" id="blog_id" onChange="ajaxBlogInfo(this.value);">
      					<option value="0">{$aLang.topic_create_blog_personal}</option>
diff --git a/templates/skin/new/actions/ActionPage/add.tpl b/templates/skin/new/actions/ActionPage/add.tpl
index 2d465c59..a51c4910 100644
--- a/templates/skin/new/actions/ActionPage/add.tpl
+++ b/templates/skin/new/actions/ActionPage/add.tpl
@@ -30,6 +30,8 @@ tinyMCE.init({
 {/if}
 				
 				<form action="" method="POST">
+					<input type="hidden" name="security_ls_key" value="{$LIVESTREET_SECURITY_KEY}" /> 
+					
 					<p><label for="page_pid">{$aLang.page_create_parent_page}</label>
      				<select name="page_pid" id="page_pid" >
      					<option value="0"></option>
diff --git a/templates/skin/new/actions/ActionQuestion/add.tpl b/templates/skin/new/actions/ActionQuestion/add.tpl
index 58e17df3..a3627dae 100644
--- a/templates/skin/new/actions/ActionQuestion/add.tpl
+++ b/templates/skin/new/actions/ActionQuestion/add.tpl
@@ -27,6 +27,8 @@ document.addEvent('domready', function() {
 					<h1>{$aLang.topic_question_edit}</h1>
 				{/if}
 				<form action="" method="POST" enctype="multipart/form-data">
+					<input type="hidden" name="security_ls_key" value="{$LIVESTREET_SECURITY_KEY}" /> 
+					
 					<p><label for="blog_id">{$aLang.topic_create_blog}</label>
 					<select name="blog_id" id="blog_id" onChange="ajaxBlogInfo(this.value);">
      					<option value="0">{$aLang.topic_create_blog_personal}</option>
diff --git a/templates/skin/new/actions/ActionSettings/invite.tpl b/templates/skin/new/actions/ActionSettings/invite.tpl
index 5f091bc0..b867d777 100644
--- a/templates/skin/new/actions/ActionSettings/invite.tpl
+++ b/templates/skin/new/actions/ActionSettings/invite.tpl
@@ -2,6 +2,8 @@
 
 			<h1>{$aLang.settings_invite}</h1>
 			<form action="" method="POST" enctype="multipart/form-data">
+				<input type="hidden" name="security_ls_key" value="{$LIVESTREET_SECURITY_KEY}" /> 
+				
 				<p>
 					{$aLang.settings_invite_available}: <strong>{if $oUserCurrent->isAdministrator()}{$aLang.settings_invite_many}{else}{$iCountInviteAvailable}{/if}</strong><br />
 					{$aLang.settings_invite_used}: <strong>{$iCountInviteUsed}</strong>
diff --git a/templates/skin/new/actions/ActionSettings/profile.tpl b/templates/skin/new/actions/ActionSettings/profile.tpl
index 4eee0630..165a6fae 100644
--- a/templates/skin/new/actions/ActionSettings/profile.tpl
+++ b/templates/skin/new/actions/ActionSettings/profile.tpl
@@ -29,6 +29,8 @@ document.addEvent('domready', function() {
 
 			<h1>{$aLang.settings_profile_edit}</h1>
 			<form action="" method="POST" enctype="multipart/form-data">
+				<input type="hidden" name="security_ls_key" value="{$LIVESTREET_SECURITY_KEY}" /> 
+				
 				<p>
 					<label for="profile_name">{$aLang.settings_profile_name}:</label>
 					<input type="text" name="profile_name" id="profile_name" value="{$oUserCurrent->getProfileName()|escape:'html'}" class="w100p" /><br />
diff --git a/templates/skin/new/actions/ActionSettings/tuning.tpl b/templates/skin/new/actions/ActionSettings/tuning.tpl
index b0c42990..b805b6fc 100644
--- a/templates/skin/new/actions/ActionSettings/tuning.tpl
+++ b/templates/skin/new/actions/ActionSettings/tuning.tpl
@@ -3,6 +3,7 @@
 			<h1>{$aLang.settings_tuning}</h1>
 			<strong>{$aLang.settings_tuning_notice}</strong>
 			<form action="{router page='settings'}tuning/" method="POST" enctype="multipart/form-data">
+				<input type="hidden" name="security_ls_key" value="{$LIVESTREET_SECURITY_KEY}" /> 
 				<p>
 					<label for=""><input {if $oUserCurrent->getSettingsNoticeNewTopic()}checked{/if}  type="checkbox" id="settings_notice_new_topic" name="settings_notice_new_topic" value="1" class="checkbox" /> &mdash; {$aLang.settings_tuning_notice_new_topic}</label><br />
 					<label for=""><input {if $oUserCurrent->getSettingsNoticeNewComment()}checked{/if} type="checkbox"   id="settings_notice_new_comment" name="settings_notice_new_comment" value="1" class="checkbox" /> &mdash; {$aLang.settings_tuning_notice_new_comment}</label><br />
diff --git a/templates/skin/new/actions/ActionTalk/add.tpl b/templates/skin/new/actions/ActionTalk/add.tpl
index 6cd659fb..5f93a02f 100644
--- a/templates/skin/new/actions/ActionTalk/add.tpl
+++ b/templates/skin/new/actions/ActionTalk/add.tpl
@@ -18,6 +18,8 @@ document.addEvent('domready', function() {
 			<div class="topic">
 				<h1>{$aLang.talk_create}</h1>
 				<form action="" method="POST" enctype="multipart/form-data">
+					<input type="hidden" name="security_ls_key" value="{$LIVESTREET_SECURITY_KEY}" /> 
+					
 					<p><label for="talk_users">{$aLang.talk_create_users}:</label><input type="text" class="w100p" id="talk_users" name="talk_users" value="{$_aRequest.talk_users}"/></p>
 					<p><label for="talk_title">{$aLang.talk_create_title}:</label><input type="text" class="w100p" id="talk_title" name="talk_title" value="{$_aRequest.talk_title}"/></p>
 
diff --git a/templates/skin/new/actions/ActionTalk/inbox.tpl b/templates/skin/new/actions/ActionTalk/inbox.tpl
index 6e7fb5e8..49054012 100644
--- a/templates/skin/new/actions/ActionTalk/inbox.tpl
+++ b/templates/skin/new/actions/ActionTalk/inbox.tpl
@@ -4,6 +4,7 @@
 			<div class="topic people top-blogs talk-table">
 				<h1>{$aLang.talk_inbox}</h1>
 				<form action="" method="post" id="form_talks_list">
+				<input type="hidden" name="security_ls_key" value="{$LIVESTREET_SECURITY_KEY}" /> 
 				<table>
 					<thead>
 						<tr>
diff --git a/templates/skin/new/actions/ActionTopic/add.tpl b/templates/skin/new/actions/ActionTopic/add.tpl
index 14e38c5b..dedbab7c 100644
--- a/templates/skin/new/actions/ActionTopic/add.tpl
+++ b/templates/skin/new/actions/ActionTopic/add.tpl
@@ -61,6 +61,8 @@ tinyMCE.init({
 					<h1>{$aLang.topic_topic_edit}</h1>
 				{/if}
 				<form action="" method="POST" enctype="multipart/form-data">
+					<input type="hidden" name="security_ls_key" value="{$LIVESTREET_SECURITY_KEY}" /> 
+					
 					<p><label for="blog_id">{$aLang.topic_create_blog}</label>
 					<select name="blog_id" id="blog_id" onChange="ajaxBlogInfo(this.value);">
      					<option value="0">{$aLang.topic_create_blog_personal}</option>
diff --git a/templates/skin/new/header.tpl b/templates/skin/new/header.tpl
index a606a6c9..d48f327b 100644
--- a/templates/skin/new/header.tpl
+++ b/templates/skin/new/header.tpl
@@ -30,6 +30,7 @@ var aRouter=new Array();
 {foreach from=$aRouter key=sPage item=sPath}
 aRouter['{$sPage}']='{$sPath}';
 {/foreach}
+
 </script>
 
 	{$aHtmlHeadFiles.js}