From 81f8193cafb4f4bb084cda03b7563452a1aa40d3 Mon Sep 17 00:00:00 2001
From: Julio Montoya <gugli100@gmail.com>
Date: Wed, 10 Apr 2019 15:16:09 +0200
Subject: [PATCH] Minor - format code, use int casting, add
 security::remove_XSS

---
 main/badge/assertion.php   | 1 -
 main/course_info/about.php | 2 +-
 main/course_info/legal.php | 4 ++--
 main/course_info/tools.php | 2 +-
 4 files changed, 4 insertions(+), 5 deletions(-)

diff --git a/main/badge/assertion.php b/main/badge/assertion.php
index bb0b000688..132e0f4464 100644
--- a/main/badge/assertion.php
+++ b/main/badge/assertion.php
@@ -8,7 +8,6 @@
  *
  * @package chamilo.badge
  */
-
 require_once __DIR__.'/../inc/global.inc.php';
 
 $userId = isset($_GET['user']) ? (int) $_GET['user'] : 0;
diff --git a/main/course_info/about.php b/main/course_info/about.php
index f9eed6d55f..1ee1e2b0d5 100644
--- a/main/course_info/about.php
+++ b/main/course_info/about.php
@@ -131,7 +131,7 @@ $topics = [
 $subscriptionUser = CourseManager::is_user_subscribed_in_course($userId, $course->getCode());
 
 $allowSubscribe = false;
-if ($course->getSubscribe() == true || api_is_platform_admin()) {
+if ($course->getSubscribe() || api_is_platform_admin()) {
     $allowSubscribe = true;
 }
 $plugin = BuyCoursesPlugin::create();
diff --git a/main/course_info/legal.php b/main/course_info/legal.php
index 08cedfd7ec..70473776e6 100755
--- a/main/course_info/legal.php
+++ b/main/course_info/legal.php
@@ -8,8 +8,8 @@ $cidReset = true;
 require_once __DIR__.'/../inc/global.inc.php';
 $this_section = SECTION_COURSES;
 
-$course_code = isset($_REQUEST['course_code']) ? $_REQUEST['course_code'] : null;
-$session_id = isset($_REQUEST['session_id']) ? intval($_REQUEST['session_id']) : null;
+$course_code = isset($_REQUEST['course_code']) ? Security::remove_XSS($_REQUEST['course_code']) : null;
+$session_id = isset($_REQUEST['session_id']) ? (int) $_REQUEST['session_id'] : null;
 $user_id = api_get_user_id();
 
 if (empty($course_code)) {
diff --git a/main/course_info/tools.php b/main/course_info/tools.php
index 6397408fd7..53d8a7d375 100644
--- a/main/course_info/tools.php
+++ b/main/course_info/tools.php
@@ -19,7 +19,7 @@ if (!api_is_allowed_to_edit()) {
 }
 
 $action = isset($_GET['action']) ? $_GET['action'] : '';
-$id = isset($_GET['id']) ? intval($_GET['id']) : '';
+$id = isset($_GET['id']) ? (int) $_GET['id'] : '';
 
 $toolName = get_lang('CustomizeIcons');