CSRF Protection - Package manager
The CSRF protection doesn't work on the package manager as it takes the parameters to install/uninstall/reinstall packages directly from GET parameters in the request uri.
Example: Visiting https://ip/pkg_mgr_install.php?id=arping will automatically install the arping package, without user confirmation required.
Visiting https://ip/pkg_mgr_install.php?mode=delete&pkg=snort will remove the snort package.
Fixes #3460. Ask for validation when real operation will be done and ask for the operation with POST to get protection from CRSF.