From 74f99552dc9e37e19faa76b2b8c180982d492c06 Mon Sep 17 00:00:00 2001
From: Julio Montoya <gugli100@gmail.com>
Date: Thu, 13 Sep 2018 09:42:05 +0200
Subject: [PATCH] Minor - merge from 1.11.x

---
 main/lp/learnpathItem.class.php               |  2 +
 .../src/CustomCertificatePlugin.php           |  5 +-
 .../src/print_certificate.php                 | 67 +++++++++++--------
 3 files changed, 43 insertions(+), 31 deletions(-)

diff --git a/main/lp/learnpathItem.class.php b/main/lp/learnpathItem.class.php
index fcfaafd87b..49e0cefb51 100755
--- a/main/lp/learnpathItem.class.php
+++ b/main/lp/learnpathItem.class.php
@@ -2651,6 +2651,8 @@ class learnpathItem
 
                                                 return $returnstatus;
                                             }
+                                        } else {
+                                            return $returnstatus;
                                         }
                                     }
                                 } else {
diff --git a/plugin/customcertificate/src/CustomCertificatePlugin.php b/plugin/customcertificate/src/CustomCertificatePlugin.php
index 6b2045a346..5b1f59316a 100644
--- a/plugin/customcertificate/src/CustomCertificatePlugin.php
+++ b/plugin/customcertificate/src/CustomCertificatePlugin.php
@@ -216,12 +216,13 @@ class CustomCertificatePlugin extends Plugin
             return [];
         }
 
+        $userId = api_get_user_id();
         $certificateTable = Database::get_main_table(TABLE_MAIN_GRADEBOOK_CERTIFICATE);
         $categoryTable = Database::get_main_table(TABLE_MAIN_GRADEBOOK_CATEGORY);
         $sql = "SELECT cer.user_id AS user_id, cat.session_id AS session_id, cat.course_code AS course_code
                 FROM $certificateTable cer
                 INNER JOIN $categoryTable cat
-                ON (cer.cat_id = cat.id)
+                ON (cer.cat_id = cat.id AND cer.user_id = $userId)
                 WHERE cer.id = $id";
         $rs = Database::query($sql);
         if (Database::num_rows($rs) > 0) {
@@ -251,7 +252,7 @@ class CustomCertificatePlugin extends Plugin
     {
         $certId = (int) $certId;
         if (api_get_plugin_setting('customcertificate', 'enable_plugin_customcertificate') == 'true') {
-            $infoCertificate = CustomCertificatePlugin::getCertificateData($certId);
+            $infoCertificate = self::getCertificateData($certId);
             if (!empty($infoCertificate)) {
                 if ($certificate->user_id == api_get_user_id() && !empty($certificate->certificate_data)) {
                     $certificateId = $certificate->certificate_data['id'];
diff --git a/plugin/customcertificate/src/print_certificate.php b/plugin/customcertificate/src/print_certificate.php
index 0807d3dc8f..2f13099e22 100644
--- a/plugin/customcertificate/src/print_certificate.php
+++ b/plugin/customcertificate/src/print_certificate.php
@@ -32,6 +32,15 @@ if (intval($_GET['default']) == 1) {
     $enableCourse = api_get_course_setting('customcertificate_course_enable', $courseCode) == 1 ? true : false;
     $useDefault = api_get_course_setting('use_certificate_default', $courseCode) == 1 ? true : false;
 }
+
+if (empty($courseCode)) {
+    $courseCode = isset($_REQUEST['course_code']) ? Database::escape_string($_REQUEST['course_code']) : '';
+}
+
+if (empty($sessionId)) {
+    $sessionId = isset($_REQUEST['session_id']) ? (int) $_REQUEST['session_id'] : '';
+}
+
 $accessUrlId = api_get_current_access_url_id();
 
 $userList = [];
@@ -269,52 +278,52 @@ foreach ($userList as $userInfo) {
 
     $htmlText .= '<tr>';
     $htmlText .= '<td colspan="2" class="seals" style="width:'.$widthCell.'mm">'.
-                ((!empty($infoCertificate['signature_text1'])) ? $infoCertificate['signature_text1'] : '').
-                '</td>
+        ((!empty($infoCertificate['signature_text1'])) ? $infoCertificate['signature_text1'] : '').
+        '</td>
                 <td colspan="2" class="seals" style="width:'.$widthCell.'mm">'.
-                ((!empty($infoCertificate['signature_text2'])) ? $infoCertificate['signature_text2'] : '').
-                '</td>
+        ((!empty($infoCertificate['signature_text2'])) ? $infoCertificate['signature_text2'] : '').
+        '</td>
                 <td colspan="2" class="seals" style="width:'.$widthCell.'mm">'.
-                ((!empty($infoCertificate['signature_text3'])) ? $infoCertificate['signature_text3'] : '').
-                '</td>
+        ((!empty($infoCertificate['signature_text3'])) ? $infoCertificate['signature_text3'] : '').
+        '</td>
                 <td colspan="2" class="seals" style="width:'.$widthCell.'mm">'.
-                ((!empty($infoCertificate['signature_text4'])) ? $infoCertificate['signature_text4'] : '').
-                '</td>
+        ((!empty($infoCertificate['signature_text4'])) ? $infoCertificate['signature_text4'] : '').
+        '</td>
                 <td colspan="4" class="seals" style="width:'.(2 * $widthCell).'mm">
                     '.((!empty($infoCertificate['seal'])) ? $plugin->get_lang('Seal') : '').
-                '</td>';
+        '</td>';
     $htmlText .= '</tr>';
     $htmlText .= '<tr>';
     $htmlText .= '<td colspan="2" class="logo-seals" style="width:'.$widthCell.'mm">'.
-                ((!empty($infoCertificate['signature1']))
-                ? '<img style="max-height: 100px; max-width: '.$widthCell.'mm;"
+        ((!empty($infoCertificate['signature1']))
+            ? '<img style="max-height: 100px; max-width: '.$widthCell.'mm;"
                     src="'.$path.$infoCertificate['signature1'].'" />'
-                : '').
-                '</td>
+            : '').
+        '</td>
                 <td colspan="2" class="logo-seals" style="width:'.$widthCell.'mm">'.
-                ((!empty($infoCertificate['signature2']))
-                ? '<img style="max-height: 100px; '.$widthCell.'mm;"
+        ((!empty($infoCertificate['signature2']))
+            ? '<img style="max-height: 100px; '.$widthCell.'mm;"
                     src="'.$path.$infoCertificate['signature2'].'" />'
-                : '').
-                '</td>
+            : '').
+        '</td>
                 <td colspan="2" class="logo-seals" style="width:'.$widthCell.'mm">'.
-                ((!empty($infoCertificate['signature3']))
-                ? '<img style="max-height: 100px; '.$widthCell.'mm;"
+        ((!empty($infoCertificate['signature3']))
+            ? '<img style="max-height: 100px; '.$widthCell.'mm;"
                     src="'.$path.$infoCertificate['signature3'].'" />'
-                : '').
-                '</td>
+            : '').
+        '</td>
                 <td colspan="2" class="logo-seals" style="width:'.$widthCell.'mm">'.
-                ((!empty($infoCertificate['signature4']))
-                ? '<img style="max-height: 100px; '.$widthCell.'mm;"
+        ((!empty($infoCertificate['signature4']))
+            ? '<img style="max-height: 100px; '.$widthCell.'mm;"
                     src="'.$path.$infoCertificate['signature4'].'" />'
-                : '').
-                '</td>
+            : '').
+        '</td>
                 <td colspan="4" class="logo-seals" style="width:'.(2 * $widthCell).'mm">'.
-                ((!empty($infoCertificate['seal']))
-                ? '<img style="max-height: 100px; '.(2 * $widthCell).'mm;"
+        ((!empty($infoCertificate['seal']))
+            ? '<img style="max-height: 100px; '.(2 * $widthCell).'mm;"
                     src="'.$path.$infoCertificate['seal'].'" />'
-                : '').
-                '</td>';
+            : '').
+        '</td>';
     $htmlText .= '</tr>';
     $htmlText .= '</table>';
     $htmlText .= '</div>';