CSRF token is not securely random

You create CSRF tokens using random_string which uses mt_rand and this is not secure--the output of mt_rand can be predicted with enough input bytes.  Instead of:

https://github.com/joepie91/cphp/blob/feature/formhandler/include.csrf.php#L20

Use:

$key = bin2hex(openssl_random_pseudo_bytes(16));
$token = bin2hex(openssl_random_pseudo_bytes(16));
