From 0e18bd4be1c8debf3482a723b14c70442d564802 Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Tue, 20 Jul 2021 23:15:31 +0200 Subject: [PATCH] Fix #hunter2cd3fc73-65a1-4615-9143-9e7febd81a15 --- htdocs/main.inc.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/htdocs/main.inc.php b/htdocs/main.inc.php index 99cfe360f9fe0..4dff3426ac961 100644 --- a/htdocs/main.inc.php +++ b/htdocs/main.inc.php @@ -461,7 +461,7 @@ function analyseVarsForSqlAndScriptsInjection(&$var, $type) // Array of action code where CSRFCHECK with token will be forced (so token must be provided on url request) $arrayofactiontoforcetokencheck = array( 'activate', 'add', 'addtimespent', 'update', 'install', - 'confirm_create_user', 'confirm_create_thirdparty', 'confirm_purge', 'confirm_reject_check', + 'confirm_create_user', 'confirm_create_thirdparty', 'confirm_purge', 'confirm_reject_check', 'confirm_deletedir', 'delete', 'deletefilter', 'deleteoperation', 'deleteprof', 'deletepayment', 'disable', 'doprev', 'donext', 'dvprev', 'dvnext', 'enable', 'setpricelevel'