Fix XSS holes in generic options inputs, XSS hole in the SquirrelSpell plugin, and...

[squirrelmail.git] / templates / default_advanced / left_main.tpl

diff --git a/templates/default_advanced/left_main.tpl b/templates/default_advanced/left_main.tpl
index 061530c8a328d0071693e9389d0d857a0f76718c..ef129fa52db0ba918f91c97c1cd46d2f9edac5ae 100644 (file)
--- a/templates/default_advanced/left_main.tpl
+++ b/templates/default_advanced/left_main.tpl
@@ -305,7 +305,7 @@ extract($t);
 <?php
 if ($settings['messageRecyclingEnabled']) {
     echo '<br />';
-    echo '<a href="empty_trash.php"';
+    echo '<a href="empty_trash.php?smtoken=' . sm_generate_security_token() . '"';
     if ($accesskey_folders_purge_trash != 'NONE')
         echo ' accesskey="' . $accesskey_folders_purge_trash . '"';
     echo '>' . _("Purge Trash") . '</a>';