diff --git a/lam/lib/lists.inc b/lam/lib/lists.inc
index 6fa649d3..fa644792 100644
--- a/lam/lib/lists.inc
+++ b/lam/lib/lists.inc
@@ -545,6 +545,9 @@ class lamList {
* @return String HTML fragment to insert into beginning of account list
*/
protected function listDoPost() {
+ if (!empty($_POST)) {
+ validateSecurityToken();
+ }
// check if button was pressed and if we have to add/delete an account or call file upload
if (isset($_POST['new']) || isset($_POST['del']) || isset($_POST['fileUpload'])){
if (!checkIfWriteAccessIsAllowed($this->type)) {
@@ -720,6 +723,7 @@ class lamList {
$container->addElement(new htmlHiddenInput($selAccounts[$i], 'on'));
}
$container->addElement(new htmlHiddenInput('clickedAccount', $id));
+ addSecurityTokenToMetaHTML($container);
parseHtml(null, $container, array(), false, $this->tabindex, $this->type);
@@ -826,6 +830,7 @@ class lamList {
*/
protected function listPrintFooter() {
?>
+