diff --git a/lam/lib/security.inc b/lam/lib/security.inc
index 247ab3aa..0aff6d63 100644
--- a/lam/lib/security.inc
+++ b/lam/lib/security.inc
@@ -514,8 +514,13 @@ function getClientIPForLogging() {
 
 /**
  * Adds a security token to the session to prevent CSRF attacks.
+ *
+ * @param boolean $overwrite overwrite existing token
  */
-function addSecurityTokenToSession() {
+function addSecurityTokenToSession($overwrite = true) {
+	if (!empty($_SESSION[getSecurityTokenName()]) && !$overwrite) {
+		return;
+	}
 	$_SESSION[getSecurityTokenName()] = getRandomNumber();
 }