From c2f1781fae61f105632bd7f0dd0343f8dc95738b Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Wed, 21 Jul 2021 00:14:03 +0200 Subject: [PATCH] Fix #huntr5bb5a52-3b1c-40ad-9c64-61735f886736 --- htdocs/main.inc.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/htdocs/main.inc.php b/htdocs/main.inc.php index 2bd95197a2af3..d1423009c44a0 100644 --- a/htdocs/main.inc.php +++ b/htdocs/main.inc.php @@ -461,7 +461,7 @@ function analyseVarsForSqlAndScriptsInjection(&$var, $type) // Array of action code where CSRFCHECK with token will be forced (so token must be provided on url request) $arrayofactiontoforcetokencheck = array( 'activate', 'add', 'addrights', 'addtimespent', - 'confirm_create_user', 'confirm_create_thirdparty', 'confirm_purge', 'confirm_reject_check', 'confirm_deletedir', + 'confirm_create_user', 'confirm_create_thirdparty', 'confirm_purge', 'confirm_reject_check', 'confirm_deletedir', 'confirm_deletefile', 'delete', 'deletefilter', 'deleteoperation', 'deleteprof', 'deletepayment', 'delrights', 'disable', 'doprev', 'donext', 'dvprev', 'dvnext',