diff --git a/post/user/project.php b/post/user/project.php
index 75450b1f..39e5d618 100644
--- a/post/user/project.php
+++ b/post/user/project.php
@@ -170,6 +170,9 @@ if (isset($_GET['delete_project'])) {
enforceUserPermission('module_support', 3);
+ // CSRF Check
+ validateCSRFToken($_GET['csrf_token']);
+
$project_id = intval($_GET['delete_project']);
// Get Project Name and Client ID for logging
diff --git a/project_details.php b/project_details.php
index eae26b9e..4157c230 100644
--- a/project_details.php
+++ b/project_details.php
@@ -259,7 +259,7 @@ if (isset($_GET['project_id'])) {
= 3)) { ?>
-
+
Delete
diff --git a/projects.php b/projects.php
index 9057747e..7df64258 100644
--- a/projects.php
+++ b/projects.php
@@ -320,7 +320,7 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
= 3)) { ?>
-
+
Delete