Task 9: Add CSRF tokens to form templates and backend processors

Updated forms with hidden CSRF token fields:
- comment_box.php - Comment form
- course_details.php - Course booking form
- campsites.php - Campsite addition modal form
- bar_tabs.php - Bar tab creation modal form
- membership_application.php - Membership application form

Updated backend processors with CSRF validation:
- create_bar_tab.php - Bar tab AJAX processor
- add_campsite.php - Campsite form processor
- submit_order.php - Order submission processor

All forms now require validated CSRF tokens before processing, preventing cross-site request forgery attacks.

course_details.php

@@ -71,6 +71,7 @@ $result = $conn->query($sql);
                     <p>Our 4x4 Basic Training Course equips you with the essential skills and knowledge to confidently tackle off-road terrains. Learn vehicle mechanics, driving techniques, obstacle navigation, and recovery methods while promoting safe and responsible off-road practices. Perfect for beginners and new 4x4 owners!</p>
                     <hr class="mt-40">
                     <form action="#" class="add-to-cart pt-15 pb-30">
+                        <input type="hidden" name="csrf_token" value="<?php echo generateCSRFToken(); ?>">
                         <label for="course_date">Select a Date:</label>
                         <select name="course_date" id="course_date" required>
                             <!-- <option value="" disabled selected>-- Select a Date --</option> -->