diff --git a/htdocs/main.inc.php b/htdocs/main.inc.php
index 99cfe360f9fe0..4dff3426ac961 100644
--- a/htdocs/main.inc.php
+++ b/htdocs/main.inc.php
@@ -461,7 +461,7 @@ function analyseVarsForSqlAndScriptsInjection(&$var, $type)
 	// Array of action code where CSRFCHECK with token will be forced (so token must be provided on url request)
 	$arrayofactiontoforcetokencheck = array(
 		'activate', 'add', 'addtimespent', 'update', 'install',
-		'confirm_create_user', 'confirm_create_thirdparty', 'confirm_purge', 'confirm_reject_check',
+		'confirm_create_user', 'confirm_create_thirdparty', 'confirm_purge', 'confirm_reject_check', 'confirm_deletedir',
 		'delete', 'deletefilter', 'deleteoperation', 'deleteprof', 'deletepayment', 'disable',
 		'doprev', 'donext', 'dvprev', 'dvnext',
 		'enable', 'setpricelevel'