I have a form called ObjectCollectionOuterForm which extends from sfForm. ObjectCollectionOuterForm is the main form of an embedded form, each embedded form has disabled its csrf with: $this->disableLocalCSRFProtection(), so now my form protection depends on the outer form but since it´s not a sfFormDoctrine dependent it has a field called _csrf_token but with no value inside. How can I generate it?
The CSRF protection is handled by sfForm class, it has nothing to do with sfFormDoctrine. The secret should get generated for you, but if you have problems you can pass it as a third argument to your form's constructor:
$form = new ObjectCollectionOuterForm($defaults, $options, $CSRFSecret);