From 3e46c0270745faa45400850661efadddcf55e2b6 Mon Sep 17 00:00:00 2001
From: Julio Montoya <gugli100@gmail.com>
Date: Thu, 28 Nov 2013 15:02:36 +0100
Subject: [PATCH 1/4] Minor - adding message.

---
 main/cron/import_csv.php | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/main/cron/import_csv.php b/main/cron/import_csv.php
index 1b921f3132..ac0fb593a7 100644
--- a/main/cron/import_csv.php
+++ b/main/cron/import_csv.php
@@ -160,7 +160,7 @@ class ImportCsv
                         $method = $fileInfo['method'];
                         $file = $fileInfo['file'];
                         echo 'Static file: '.$file.PHP_EOL;
-                        $this->logger->addInfo("Reading file: $file");
+                        $this->logger->addInfo("Reading static file: $file");
                         $this->$method($file, true);
                     }
                 }
@@ -673,6 +673,7 @@ class ImportCsv
             $this->logger->addError($result['error_message']);
         }
         $this->logger->addInfo("Sessions - Sessions parsed: ".$result['session_counter']);
+
         if ($moveFile) {
             $this->moveFile($file);
         }

From a18e192ce48d857e048352a7567f4c2753ee52e4 Mon Sep 17 00:00:00 2001
From: Julio Montoya <gugli100@gmail.com>
Date: Fri, 29 Nov 2013 14:46:01 +0100
Subject: [PATCH 2/4] Fixing empty title in work list see BT#6916

---
 main/work/work.lib.php | 18 ++++++++++++++----
 1 file changed, 14 insertions(+), 4 deletions(-)

diff --git a/main/work/work.lib.php b/main/work/work.lib.php
index e50074ed18..4b0316f1b5 100644
--- a/main/work/work.lib.php
+++ b/main/work/work.lib.php
@@ -857,13 +857,15 @@ function build_work_move_to_selector($folders, $curdirpath, $move_file, $group_d
     $course_id = api_get_course_int_id();
 	$move_file	= intval($move_file);
 	$tbl_work	= Database::get_course_table(TABLE_STUDENT_PUBLICATION);
-	$sql 		= "SELECT title FROM $tbl_work WHERE c_id = $course_id AND id ='".$move_file."'";
+	$sql 		= "SELECT title, url FROM $tbl_work WHERE c_id = $course_id AND id ='".$move_file."'";
 	$result 	= Database::query($sql);
-	$title 		= Database::fetch_row($result);
+	$row = Database::fetch_array($result, 'ASSOC');
+    $title = empty($row['title']) ? basename($row['url']) : $row['title'];
+
 	global $gradebook;
     //@todo use formvalidator please!
 	$form = '<form class="form-horizontal" name="move_to_form" action="'.api_get_self().'?'.api_get_cidreq().'&gradebook='.$gradebook.'&curdirpath='.Security::remove_XSS($curdirpath).'" method="POST">';
-	$form .= '<legend>'.get_lang('MoveFile').' - '.Security::remove_XSS($title[0]).'</legend>';
+	$form .= '<legend>'.get_lang('MoveFile').' - '.Security::remove_XSS($title).'</legend>';
 	$form .= '<input type="hidden" name="item_id" value="'.$move_file.'" />';
 	$form .= '<input type="hidden" name="action" value="move_to" />';
 	$form .= '<div class="control-group">
@@ -1581,6 +1583,9 @@ function getWorkListStudent($start, $limit, $column, $direction, $where_conditio
 
         $work['type'] = Display::return_icon('work.png');
         $work['expires_on'] = $work['expires_on']  == '0000-00-00 00:00:00' ? null : api_get_local_time($work['expires_on']);
+        if (empty($work['title'])) {
+            $work['title'] = basename($work['url']);
+        }
         $work['title'] = Display::url($work['title'], $url.'&id='.$work['id']);
         $work['others'] = Display::url(Display::return_icon('group.png', get_lang('Others')), $urlOthers.$work['id']);
         $works[] = $work;
@@ -1595,6 +1600,7 @@ function getWorkListStudent($start, $limit, $column, $direction, $where_conditio
  * @param string $column
  * @param string $direction
  * @param string $where_condition
+ * @param bool $getCount
  * @return array
  */
 function getWorkListTeacher($start, $limit, $column, $direction, $where_condition, $getCount = false)
@@ -1643,6 +1649,9 @@ function getWorkListTeacher($start, $limit, $column, $direction, $where_conditio
             $work['type'] = Display::return_icon('work.png');
             $work['expires_on'] = $work['expires_on']  == '0000-00-00 00:00:00' ? null : api_get_local_time($work['expires_on']);
             $work['ends_on'] = $work['ends_on']  == '0000-00-00 00:00:00' ? null : api_get_local_time($work['ends_on']);
+            if (empty($work['title'])) {
+                $work['title'] = basename($work['url']);
+            }
             $work['title'] = Display::url($work['title'], $url.'&id='.$work['id']);
             $works[] = $work;
         }
@@ -3775,7 +3784,8 @@ function generateMoveForm($item_id, $path, $courseInfo, $groupId, $sessionId)
                     $sessionCondition";
     $res = Database::query($sql);
     while ($folder = Database::fetch_array($res)) {
-        $folders[$folder['id']] = $folder['title'];
+        $title = empty($folder['title']) ? basename($folder['url']) : $folder['title'];
+        $folders[$folder['id']] = $title;
     }
     return build_work_move_to_selector($folders, $path, $item_id);
 }

From b6a83268b2a64a2485e451eb793bf56bb4dc9c71 Mon Sep 17 00:00:00 2001
From: Julio Montoya <gugli100@gmail.com>
Date: Fri, 29 Nov 2013 15:39:20 +0100
Subject: [PATCH 3/4] Cleaning code, format code, fixing php notices.

---
 main/wiki/index.php    | 284 ++++++++++-------------
 main/wiki/wiki.inc.php | 495 +++++++++++++++++------------------------
 2 files changed, 320 insertions(+), 459 deletions(-)

diff --git a/main/wiki/index.php b/main/wiki/index.php
index 3fbd1a190f..6ecc13ef81 100644
--- a/main/wiki/index.php
+++ b/main/wiki/index.php
@@ -15,51 +15,45 @@ $language_file = 'wiki';
 // including the global initialization file
 require_once '../inc/global.inc.php';
 
+//error_reporting(-1);
+
 // section (for the tabs)
 $this_section = SECTION_COURSES;
 
 $current_course_tool  = TOOL_WIKI;
-
-// including additional library scripts
-
 require_once api_get_path(LIBRARY_PATH).'mail.lib.inc.php';
-
 require_once 'wiki.inc.php';
-
 $course_id = api_get_course_int_id();
-
 // additional style information
 $htmlHeadXtra[] ='<link rel="stylesheet" type="text/css" href="'.api_get_path(WEB_CODE_PATH).'wiki/css/default.css"/>';
 
 // javascript for advanced parameters menu
 $htmlHeadXtra[] = '<script type="text/javascript" language="javascript">
 function advanced_parameters() {
-    if(document.getElementById(\'options\').style.display == \'none\') {
-                    document.getElementById(\'options\').style.display = \'block\';
-                    document.getElementById(\'plus_minus\').innerHTML=\'&nbsp;'.Display::return_icon('div_hide.gif',get_lang('Hide'),array('style'=>'vertical-align:middle')).'&nbsp;'.get_lang('AdvancedParameters').'\';
+    if (document.getElementById(\'options\').style.display == \'none\') {
+        document.getElementById(\'options\').style.display = \'block\';
+        document.getElementById(\'plus_minus\').innerHTML=\'&nbsp;'.Display::return_icon('div_hide.gif',get_lang('Hide'),array('style'=>'vertical-align:middle')).'&nbsp;'.get_lang('AdvancedParameters').'\';
     } else {
-                    document.getElementById(\'options\').style.display = \'none\';
-                    document.getElementById(\'plus_minus\').innerHTML=\'&nbsp;'.Display::return_icon('div_show.gif',get_lang('Show'),array('style'=>'vertical-align:middle')).'&nbsp;'.get_lang('AdvancedParameters').'\';
+        document.getElementById(\'options\').style.display = \'none\';
+        document.getElementById(\'plus_minus\').innerHTML=\'&nbsp;'.Display::return_icon('div_show.gif',get_lang('Show'),array('style'=>'vertical-align:middle')).'&nbsp;'.get_lang('AdvancedParameters').'\';
     }
 }
 function setFocus(){
     $("#search_title").focus();
-    }
-    $(document).ready(function () {
-      setFocus();
-    });
+}
 
-</script>';
+$(document).ready(function () {
+    setFocus();
+});
 
+</script>';
 
 // Database table definition
 $tbl_wiki           = Database::get_course_table(TABLE_WIKI);
 $tbl_wiki_discuss   = Database::get_course_table(TABLE_WIKI_DISCUSS);
 $tbl_wiki_mailcue   = Database::get_course_table(TABLE_WIKI_MAILCUE);
 $tbl_wiki_conf      = Database::get_course_table(TABLE_WIKI_CONF);
-/*
-Constants and variables
-*/
+/* Constants and variables */
 $tool_name = get_lang('ToolWiki');
 
 $MonthsLong = array (get_lang("JanuaryLong"), get_lang("FebruaryLong"), get_lang("MarchLong"), get_lang("AprilLong"), get_lang("MayLong"), get_lang("JuneLong"), get_lang("JulyLong"), get_lang("AugustLong"), get_lang("SeptemberLong"), get_lang("OctoberLong"), get_lang("NovemberLong"), get_lang("DecemberLong"));
@@ -76,29 +70,19 @@ api_block_anonymous_users();
 /* TRACKING */
 event_access_tool(TOOL_WIKI);
 
-/*
-HEADER & TITLE
-*/
+/* HEADER & TITLE */
 // If it is a group wiki then the breadcrumbs will be different.
 
-//Setting variable
-$_clean['group_id'] = 0;
-
-if ($_SESSION['_gid'] OR $_GET['group_id']) {
-
-    if (isset($_SESSION['_gid'])) {
-        $_clean['group_id']=intval($_SESSION['_gid']);
-    }
-    if (isset($_GET['group_id'])) {
-        $_clean['group_id']=intval($_GET['group_id']);
-    }
+// Setting variable
+$groupId = api_get_group_id();
 
-    $group_properties  = GroupManager :: get_group_properties($_clean['group_id']);
+if ($groupId) {
+    $group_properties  = GroupManager::get_group_properties($groupId);
     $interbreadcrumb[] = array ("url" => "../group/group.php", "name" => get_lang('Groups'));
-    $interbreadcrumb[] = array ("url"=>"../group/group_space.php?gidReq=".$_clean['group_id'], "name"=> get_lang('GroupSpace').' '.$group_properties['name']);
+    $interbreadcrumb[] = array ("url"=>"../group/group_space.php?gidReq=".$groupId, "name"=> get_lang('GroupSpace').' '.$group_properties['name']);
 
     $add_group_to_title = ' '.$group_properties['name'];
-    $groupfilter='group_id="'.$_clean['group_id'].'"';
+    $groupfilter='group_id="'.$groupId.'"';
 
     //ensure this tool in groups whe it's private or deactivated
     if 	($group_properties['wiki_state']==0) {
@@ -112,22 +96,18 @@ if ($_SESSION['_gid'] OR $_GET['group_id']) {
     $groupfilter='group_id=0';
 }
 
-
-if ($_POST['action']=='export_to_pdf' && isset($_POST['wiki_id']) && api_get_setting('students_export2pdf') == 'true') {
+if (isset($_POST['action']) && $_POST['action']=='export_to_pdf' && isset($_POST['wiki_id']) && api_get_setting('students_export2pdf') == 'true') {
     export_to_pdf($_POST['wiki_id'], api_get_course_id());
     exit;
 }
 
+$action = isset($_GET['action']) ? $_GET['action'] : null;
 
 Display::display_header($tool_name, 'Wiki');
 
 $is_allowed_to_edit = api_is_allowed_to_edit(false,true);
+/* INITIALISATION */
 
-//api_display_tool_title($tool_name.$add_group_to_title);
-
-/*
-INITIALISATION
-*/
 //the page we are dealing with
 if (!isset($_GET['title'])) {
     $page = 'index';
@@ -135,25 +115,17 @@ if (!isset($_GET['title'])) {
     $page = $_GET['title'];
 }
 
-// some titles are not allowed
-// $not_allowed_titles=array("Index", "RecentChanges","AllPages", "Categories"); //not used for now
-
-/*
-MAIN CODE
-*/
+/* MAIN CODE */
 
 // Tool introduction
 Display::display_introduction_section(TOOL_WIKI);
 
-/*
-              ACTIONS
-*/
-
+/* ACTIONS */
 
-//release of blocked pages to prevent concurrent editions
+// Release of blocked pages to prevent concurrent editions
 echo '<div style="overflow:hidden">';
 $sql = "SELECT * FROM $tbl_wiki WHERE c_id = $course_id AND is_editing != '0' ".$condition_session;
-$result=Database::query($sql);
+$result = Database::query($sql);
 while ($is_editing_block=Database::fetch_array($result)) {
     $max_edit_time	= 1200; // 20 minutes
     $timestamp_edit	= strtotime($is_editing_block['time_edit']);
@@ -166,7 +138,7 @@ while ($is_editing_block=Database::fetch_array($result)) {
         unset ( $_SESSION['_version'] );
     }
     //second checks if has exceeded the time that a page may be available or if a page was edited and saved by its author
-    if ($time_editing>$max_edit_time || ($is_editing_block['is_editing']==$_user['user_id'] && $_GET['action']!='edit')) {
+    if ($time_editing>$max_edit_time || ($is_editing_block['is_editing']==$_user['user_id'] && $action!='edit')) {
         $sql='UPDATE '.$tbl_wiki.' SET is_editing="0", time_edit="0000-00-00 00:00:00"
               WHERE c_id = '.$course_id.' AND is_editing="'.$is_editing_block['is_editing'].'" '.$condition_session;
         Database::query($sql);
@@ -175,20 +147,19 @@ while ($is_editing_block=Database::fetch_array($result)) {
 echo '</div>';
 // saving a change
 
-    if (isset($_POST['SaveWikiChange']) AND $_POST['title']<>'') {
-        if(empty($_POST['title'])) {
-            Display::display_error_message(get_lang("NoWikiPageTitle"));
-        } elseif(!double_post($_POST['wpost_id'])) {
-            //double post
-        } elseif ($_POST['version']!='' && $_SESSION['_version']!=0 && $_POST['version']!=$_SESSION['_version']) {
-            //prevent concurrent users and double version
-            Display::display_error_message(get_lang("EditedByAnotherUser"));
-        } else {
-            $return_message=save_wiki();
-            Display::display_confirmation_message($return_message, false);
-        }
+if (isset($_POST['SaveWikiChange']) AND $_POST['title']<>'') {
+    if(empty($_POST['title'])) {
+        Display::display_error_message(get_lang("NoWikiPageTitle"));
+    } elseif(!double_post($_POST['wpost_id'])) {
+        //double post
+    } elseif ($_POST['version']!='' && $_SESSION['_version']!=0 && $_POST['version']!=$_SESSION['_version']) {
+        //prevent concurrent users and double version
+        Display::display_error_message(get_lang("EditedByAnotherUser"));
+    } else {
+        $return_message=save_wiki();
+        Display::display_confirmation_message($return_message, false);
     }
-
+}
 
 //saving a new wiki entry
 echo '<div style="overflow:hidden">';
@@ -215,9 +186,8 @@ echo '<div style="overflow:hidden">';
     }
 echo '</div>';
 
-
 // check last version
-if ($_GET['view']) {
+if (isset($_GET['view']) && $_GET['view']) {
     $sql='SELECT * FROM '.$tbl_wiki.' WHERE c_id = '.$course_id.' AND id="'.Database::escape_string($_GET['view']).'"'; //current view
     $result=Database::query($sql);
     $current_row=Database::fetch_array($result);
@@ -226,14 +196,14 @@ if ($_GET['view']) {
     $result=Database::query($sql);
     $last_row=Database::fetch_array($result);
 
-    if ($_GET['view']<$last_row['id']) {
+    if ($_GET['view'] < $last_row['id']) {
        $message= '<center>'.get_lang('NoAreSeeingTheLastVersion').'<br /> '.get_lang("Version").' (<a href="index.php?cidReq='.$_course['id'].'&action=showpage&amp;title='.api_htmlentities(urlencode($current_row['reflink'])).'&group_id='.$current_row['group_id'].'&session_id='.$current_row['session_id'].'&view='.api_htmlentities($_GET['view']).'" title="'.get_lang('CurrentVersion').'">'.$current_row['version'].'</a> / <a href="index.php?cidReq='.$_course['id'].'&action=showpage&amp;title='.api_htmlentities(urlencode($last_row['reflink'])).'&group_id='.$last_row['group_id'].'&session_id='.$last_row['session_id'].'" title="'.get_lang('LastVersion').'">'.$last_row['version'].'</a>) <br />'.get_lang("ConvertToLastVersion").': <a href="index.php?cidReq='.$_course['id'].'&action=restorepage&amp;title='.api_htmlentities(urlencode($last_row['reflink'])).'&group_id='.$last_row['group_id'].'&session_id='.$last_row['session_id'].'&view='.api_htmlentities($_GET['view']).'">'.get_lang("Restore").'</a></center>';
        Display::display_warning_message($message,false);
     }
 
     ///restore page
 
-    if ($_GET['action']=='restorepage') {
+    if ($action=='restorepage') {
         //Only teachers and platform admin can edit the index page. Only teachers and platform admin can edit an assignment teacher
         if (($current_row['reflink']=='index' || $current_row['reflink']=='' || $current_row['assignment']==1) && (!api_is_allowed_to_edit(false,true) && intval($_GET['group_id'])==0)) {
             Display::display_normal_message(get_lang('OnlyEditPagesCourseManager'));
@@ -300,7 +270,7 @@ if ($_GET['view']) {
 }
 
 echo '<div style="overflow:hidden">';
-    if ($_GET['action']=='deletewiki') {
+    if ($action=='deletewiki') {
         if(api_is_allowed_to_edit(false,true) || api_is_platform_admin()) {
             if ($_GET['delete'] == 'yes') {
                 $return_message=delete_wiki();
@@ -310,12 +280,11 @@ echo '<div style="overflow:hidden">';
     }
 
 
-    if ($_GET['action']=='discuss' && $_POST['Submit']) {
+    if ($action =='discuss' && $_POST['Submit']) {
         Display::display_confirmation_message(get_lang('CommentAdded'));
     }
 echo '</div>';
 
-
 /* WIKI WRAPPER */
 
 echo '<div id="wikiwrapper">';
@@ -348,14 +317,14 @@ document.getElementById("menuwiki").style.border=b+"px solid #cccccc";
 
 echo '<div id="menuwiki" style="padding:2px;">';
 
-echo '&nbsp;<a href="index.php?cidReq='.$_course['id'].'&action=show&amp;title=index&session_id='.$session_id.'&group_id='.$_clean['group_id'].'"'.is_active_navigation_tab('show').'>'.Display::return_icon('wiki.png',get_lang('HomeWiki'),'',ICON_SIZE_MEDIUM).'</a>&nbsp;';
+echo '&nbsp;<a href="index.php?cidReq='.$_course['id'].'&action=show&amp;title=index&session_id='.$session_id.'&group_id='.$groupId.'"'.is_active_navigation_tab('show').'>'.Display::return_icon('wiki.png',get_lang('HomeWiki'),'',ICON_SIZE_MEDIUM).'</a>&nbsp;';
 
 echo '&nbsp;<a href="javascript:void(0)" onClick="menu_wiki()">'.Display::return_icon('menu.png',get_lang('Menu'),'',ICON_SIZE_SMALL).'</a>';
 ///menu home
 echo '<ul>';
 if ( api_is_allowed_to_session_edit(false,true) ) {
     //menu add page
-    echo '<li><a href="index.php?cidReq='.$_course['id'].'&action=addnew&session_id='.$session_id.'&group_id='.$_clean['group_id'].'"'.is_active_navigation_tab('addnew').'>'.get_lang('AddNew').'</a> ';
+    echo '<li><a href="index.php?cidReq='.$_course['id'].'&action=addnew&session_id='.$session_id.'&group_id='.$groupId.'"'.is_active_navigation_tab('addnew').'>'.get_lang('AddNew').'</a> ';
 }
 
 if (api_is_allowed_to_edit(false,true) || api_is_platform_admin()) {
@@ -372,11 +341,11 @@ if (api_is_allowed_to_edit(false,true) || api_is_platform_admin()) {
 echo '<a href="index.php?action=show&amp;actionpage='.$lock_unlock_addnew.'&amp;title='.api_htmlentities(urlencode($page)).'">'.$protect_addnewpage.'</a></li>';
 
 ///menu find
-echo '<li><a href="index.php?cidReq='.$_course['id'].'&action=searchpages&session_id='.$session_id.'&group_id='.$_clean['group_id'].'"'.is_active_navigation_tab('searchpages').'>'.get_lang('SearchPages').'</a></li>';
+echo '<li><a href="index.php?cidReq='.$_course['id'].'&action=searchpages&session_id='.$session_id.'&group_id='.$groupId.'"'.is_active_navigation_tab('searchpages').'>'.get_lang('SearchPages').'</a></li>';
 ///menu all pages
-echo '<li><a href="index.php?cidReq='.$_course['id'].'&action=allpages&session_id='.$session_id.'&group_id='.$_clean['group_id'].'"'.is_active_navigation_tab('allpages').'>'.get_lang('AllPages').'</a></li>';
+echo '<li><a href="index.php?cidReq='.$_course['id'].'&action=allpages&session_id='.$session_id.'&group_id='.$groupId.'"'.is_active_navigation_tab('allpages').'>'.get_lang('AllPages').'</a></li>';
 ///menu recent changes
-echo '<li><a href="index.php?cidReq='.$_course['id'].'&action=recentchanges&session_id='.$session_id.'&group_id='.$_clean['group_id'].'"'.is_active_navigation_tab('recentchanges').'>'.get_lang('RecentChanges').'</a></li>';
+echo '<li><a href="index.php?cidReq='.$_course['id'].'&action=recentchanges&session_id='.$session_id.'&group_id='.$groupId.'"'.is_active_navigation_tab('recentchanges').'>'.get_lang('RecentChanges').'</a></li>';
 ///menu delete all wiki
 if (api_is_allowed_to_edit(false,true) || api_is_platform_admin()) {
         echo '<li><a href="index.php?action=deletewiki&amp;title='.api_htmlentities(urlencode($page)).'"'.is_active_navigation_tab('deletewiki').'>'.get_lang('DeleteWiki').'</a></li>';
@@ -392,24 +361,24 @@ echo '</div>';
 
 echo '<div id="mainwiki">';
 /** menuwiki (= actions of the page, not of the wiki tool) **/
-if (!in_array($_GET['action'], array('addnew', 'searchpages', 'allpages', 'recentchanges', 'deletewiki', 'more', 'mactiveusers', 'mvisited', 'mostchanged', 'orphaned', 'wanted'))) {
+if (!in_array($action , array('addnew', 'searchpages', 'allpages', 'recentchanges', 'deletewiki', 'more', 'mactiveusers', 'mvisited', 'mostchanged', 'orphaned', 'wanted'))) {
     echo '<div class="actions">';
 
     //menu show page
-    echo '&nbsp;&nbsp;<a href="index.php?cidReq='.$_course['id'].'&action=showpage&amp;title='.api_htmlentities(urlencode($page)).'&session_id='.$session_id.'&group_id='.$_clean['group_id'].'"'.is_active_navigation_tab('showpage').'>'.Display::return_icon('page.png',get_lang('ShowThisPage'),'',ICON_SIZE_MEDIUM).'</a>';
+    echo '&nbsp;&nbsp;<a href="index.php?cidReq='.$_course['id'].'&action=showpage&amp;title='.api_htmlentities(urlencode($page)).'&session_id='.$session_id.'&group_id='.$groupId.'"'.is_active_navigation_tab('showpage').'>'.Display::return_icon('page.png',get_lang('ShowThisPage'),'',ICON_SIZE_MEDIUM).'</a>';
 
     if (api_is_allowed_to_session_edit(false,true) ) {
         //menu edit page
-        echo '<a href="index.php?cidReq='.$_course['id'].'&action=edit&amp;title='.api_htmlentities(urlencode($page)).'&session_id='.$session_id.'&group_id='.$_clean['group_id'].'"'.is_active_navigation_tab('edit').'>'.Display::return_icon('edit.png',get_lang('EditThisPage'),'',ICON_SIZE_MEDIUM).'</a>';
+        echo '<a href="index.php?cidReq='.$_course['id'].'&action=edit&amp;title='.api_htmlentities(urlencode($page)).'&session_id='.$session_id.'&group_id='.$groupId.'"'.is_active_navigation_tab('edit').'>'.Display::return_icon('edit.png',get_lang('EditThisPage'),'',ICON_SIZE_MEDIUM).'</a>';
 
         //menu discuss page
         echo '<a href="index.php?action=discuss&amp;title='.api_htmlentities(urlencode($page)).'"'.is_active_navigation_tab('discuss').'>'.Display::return_icon('discuss.png',get_lang('DiscussThisPage'),'',ICON_SIZE_MEDIUM).'</a>';
      }
 
     //menu history
-    echo '<a href="index.php?cidReq='.$_course['id'].'&action=history&amp;title='.api_htmlentities(urlencode($page)).'&session_id='.$session_id.'&group_id='.$_clean['group_id'].'"'.is_active_navigation_tab('history').'>'.Display::return_icon('history.png',get_lang('ShowPageHistory'),'',ICON_SIZE_MEDIUM).'</a>';
+    echo '<a href="index.php?cidReq='.$_course['id'].'&action=history&amp;title='.api_htmlentities(urlencode($page)).'&session_id='.$session_id.'&group_id='.$groupId.'"'.is_active_navigation_tab('history').'>'.Display::return_icon('history.png',get_lang('ShowPageHistory'),'',ICON_SIZE_MEDIUM).'</a>';
     //menu linkspages
-    echo '<a href="index.php?action=links&amp;title='.api_htmlentities(urlencode($page)).'&session_id='.$session_id.'&group_id='.$_clean['group_id'].'"'.is_active_navigation_tab('links').'>'.Display::return_icon('what_link_here.png',get_lang('LinksPages'),'',ICON_SIZE_MEDIUM).'</a>';
+    echo '<a href="index.php?action=links&amp;title='.api_htmlentities(urlencode($page)).'&session_id='.$session_id.'&group_id='.$groupId.'"'.is_active_navigation_tab('links').'>'.Display::return_icon('what_link_here.png',get_lang('LinksPages'),'',ICON_SIZE_MEDIUM).'</a>';
 
     //menu delete wikipage
     if (api_is_allowed_to_edit(false,true) || api_is_platform_admin()) {
@@ -425,16 +394,15 @@ if (isset($_POST['SaveWikiNew'])) {
 }
 
 //More for export to course document area. See display_wiki_entry
-if ($_POST['export2DOC']) {
+if (isset($_POST['export2DOC']) && $_POST['export2DOC']) {
     $doc_id = $_POST['doc_id'];
     $export2doc = export2doc($doc_id);
     if ($export2doc) {
         Display::display_confirmation_message(get_lang('ThePageHasBeenExportedToDocArea'));
     }
-
 }
 
-if ($_GET['action']=='more') {
+if (isset($action ) =='more') {
 
     echo '<div class="actions">'.get_lang('More').'</div>';
 
@@ -443,28 +411,28 @@ if ($_GET['action']=='more') {
     echo '    <td>';
     echo '      <ul>';
     //Submenu Most active users
-    echo '        <li><a href="index.php?cidReq='.$_course['id'].'&action=mactiveusers&session_id='.$session_id.'&group_id='.$_clean['group_id'].'">'.get_lang('MostActiveUsers').'</a></li>';
+    echo '        <li><a href="index.php?cidReq='.$_course['id'].'&action=mactiveusers&session_id='.$session_id.'&group_id='.$groupId.'">'.get_lang('MostActiveUsers').'</a></li>';
     //Submenu Most visited pages
-    echo '        <li><a href="index.php?cidReq='.$_course['id'].'&action=mvisited&session_id='.$session_id.'&group_id='.$_clean['group_id'].'">'.get_lang('MostVisitedPages').'</a></li>';
+    echo '        <li><a href="index.php?cidReq='.$_course['id'].'&action=mvisited&session_id='.$session_id.'&group_id='.$groupId.'">'.get_lang('MostVisitedPages').'</a></li>';
     //Submenu Most changed pages
-    echo '        <li><a href="index.php?cidReq='.$_course['id'].'&action=mostchanged&session_id='.$session_id.'&group_id='.$_clean['group_id'].'">'.get_lang('MostChangedPages').'</a></li>';
+    echo '        <li><a href="index.php?cidReq='.$_course['id'].'&action=mostchanged&session_id='.$session_id.'&group_id='.$groupId.'">'.get_lang('MostChangedPages').'</a></li>';
     echo '      </ul>';
     echo '    </td>';
     echo '    <td>';
     echo '      <ul>';
    //Submenu Orphaned pages
-    echo '        <li><a href="index.php?cidReq='.$_course['id'].'&action=orphaned&session_id='.$session_id.'&group_id='.$_clean['group_id'].'">'.get_lang('OrphanedPages').'</a></li>';
+    echo '        <li><a href="index.php?cidReq='.$_course['id'].'&action=orphaned&session_id='.$session_id.'&group_id='.$groupId.'">'.get_lang('OrphanedPages').'</a></li>';
     //Submenu Wanted pages
-    echo '        <li><a href="index.php?cidReq='.$_course['id'].'&action=wanted&session_id='.$session_id.'&group_id='.$_clean['group_id'].'">'.get_lang('WantedPages').'</a></li>';
+    echo '        <li><a href="index.php?cidReq='.$_course['id'].'&action=wanted&session_id='.$session_id.'&group_id='.$groupId.'">'.get_lang('WantedPages').'</a></li>';
 	//Submenu Most linked pages
-    echo '<li><a href="index.php?cidReq='.$_course['id'].'&action=mostlinked&session_id='.$session_id.'&group_id='.$_clean['group_id'].'">'.get_lang('MostLinkedPages').'</a></li>';
+    echo '<li><a href="index.php?cidReq='.$_course['id'].'&action=mostlinked&session_id='.$session_id.'&group_id='.$groupId.'">'.get_lang('MostLinkedPages').'</a></li>';
     echo '</ul>';
 	echo '</td>';
 	echo '<td style="vertical-align:top">';
     echo '<ul>';
 	//Submenu Statistics
 	if (api_is_allowed_to_edit(false,true) || api_is_platform_admin()) {
-    	echo '<li><a href="index.php?cidReq='.$_course['id'].'&action=statistics&session_id='.$session_id.'&group_id='.$_clean['group_id'].'">'.get_lang('Statistics').'</a></li>';
+    	echo '<li><a href="index.php?cidReq='.$_course['id'].'&action=statistics&session_id='.$session_id.'&group_id='.$groupId.'">'.get_lang('Statistics').'</a></li>';
 	}
     echo '      </ul>';
     echo'    </td>';
@@ -472,45 +440,45 @@ if ($_GET['action']=='more') {
     echo '</table>';
 
     //Submenu Dead end pages
-    //echo '<li><a href="index.php?cidReq='.$_course['id'].'&action=deadend&session_id='.$session_id.'&group_id='.$_clean['group_id'].'">'.get_lang('DeadEndPages').'</a></li>';//TODO:
+    //echo '<li><a href="index.php?cidReq='.$_course['id'].'&action=deadend&session_id='.$session_id.'&group_id='.$groupId.'">'.get_lang('DeadEndPages').'</a></li>';//TODO:
 
     //Submenu Most new pages (not versions)
-    //echo '<li><a href="index.php?cidReq='.$_course['id'].'&action=mnew&session_id='.$session_id.'&group_id='.$_clean['group_id'].'">'.get_lang('MostNewPages').'</a></li>';//TODO:
+    //echo '<li><a href="index.php?cidReq='.$_course['id'].'&action=mnew&session_id='.$session_id.'&group_id='.$groupId.'">'.get_lang('MostNewPages').'</a></li>';//TODO:
 
     //Submenu Most long pages
-    //echo '<li><a href="index.php?cidReq='.$_course['id'].'&action=mnew&session_id='.$session_id.'&group_id='.$_clean['group_id'].'">'.get_lang('MostLongPages').'</a></li>';//TODO:
+    //echo '<li><a href="index.php?cidReq='.$_course['id'].'&action=mnew&session_id='.$session_id.'&group_id='.$groupId.'">'.get_lang('MostLongPages').'</a></li>';//TODO:
 
     //Submenu Protected pages
-    //echo '<li><a href="index.php?cidReq='.$_course['id'].'&action=protected&session_id='.$session_id.'&group_id='.$_clean['group_id'].'">'.get_lang('ProtectedPages').'</a></li>';//TODO:
+    //echo '<li><a href="index.php?cidReq='.$_course['id'].'&action=protected&session_id='.$session_id.'&group_id='.$groupId.'">'.get_lang('ProtectedPages').'</a></li>';//TODO:
 
     //Submenu Hidden pages
-    //echo '<li><a href="index.php?cidReq='.$_course['id'].'&action=hidden&session_id='.$session_id.'&group_id='.$_clean['group_id'].'">'.get_lang('HiddenPages').'</a></li>';//TODO:
+    //echo '<li><a href="index.php?cidReq='.$_course['id'].'&action=hidden&session_id='.$session_id.'&group_id='.$groupId.'">'.get_lang('HiddenPages').'</a></li>';//TODO:
 
     //Submenu Most discuss pages
-    //echo '<li><a href="index.php?cidReq='.$_course['id'].'&action=mdiscuss&session_id='.$session_id.'&group_id='.$_clean['group_id'].'">'.get_lang('MostDiscussPages').'</a></li>';//TODO:
+    //echo '<li><a href="index.php?cidReq='.$_course['id'].'&action=mdiscuss&session_id='.$session_id.'&group_id='.$groupId.'">'.get_lang('MostDiscussPages').'</a></li>';//TODO:
 
     //Submenu Best scored pages
-    //echo '<li><a href="index.php?cidReq='.$_course['id'].'&action=mscored&session_id='.$session_id.'&group_id='.$_clean['group_id'].'">'.get_lang('BestScoredPages').'</a></li>';//TODO:
+    //echo '<li><a href="index.php?cidReq='.$_course['id'].'&action=mscored&session_id='.$session_id.'&group_id='.$groupId.'">'.get_lang('BestScoredPages').'</a></li>';//TODO:
 
     //Submenu Pages with more progress
-    //echo '<li><a href="index.php?cidReq='.$_course['id'].'&action=mprogress&session_id='.$session_id.'&group_id='.$_clean['group_id'].'">'.get_lang('MProgressPages').'</a></li>';//TODO:
+    //echo '<li><a href="index.php?cidReq='.$_course['id'].'&action=mprogress&session_id='.$session_id.'&group_id='.$groupId.'">'.get_lang('MProgressPages').'</a></li>';//TODO:
 
     //Submenu Most active users in discuss
-    //echo '<li><a href="index.php?cidReq='.$_course['id'].'&action=mactiveusers&session_id='.$session_id.'&group_id='.$_clean['group_id'].'">'.get_lang('MostDiscussUsers').'</a></li>';//TODO:
+    //echo '<li><a href="index.php?cidReq='.$_course['id'].'&action=mactiveusers&session_id='.$session_id.'&group_id='.$groupId.'">'.get_lang('MostDiscussUsers').'</a></li>';//TODO:
 
     //Submenu Random page
-    //echo '<li><a href="index.php?cidReq='.$_course['id'].'&action=mrandom&session_id='.$session_id.'&group_id='.$_clean['group_id'].'">'.get_lang('RandomPage').'</a></li>';//TODO:
+    //echo '<li><a href="index.php?cidReq='.$_course['id'].'&action=mrandom&session_id='.$session_id.'&group_id='.$groupId.'">'.get_lang('RandomPage').'</a></li>';//TODO:
 
 	//Submenu Task
-	//echo '<li><a href="index.php?cidReq='.$_course['id'].'&action=datetasks&session_id='.$session_id.'&group_id='.$_clean['group_id'].'">'.get_lang('Task').'</a></li>';//TODO:task list order by start date or end date
+	//echo '<li><a href="index.php?cidReq='.$_course['id'].'&action=datetasks&session_id='.$session_id.'&group_id='.$groupId.'">'.get_lang('Task').'</a></li>';//TODO:task list order by start date or end date
 
 	//Submenu Who and Where
-	//echo '<li><a href="index.php?cidReq='.$_course['id'].'&action=whoandwhere&session_id='.$session_id.'&group_id='.$_clean['group_id'].'">'.get_lang('WhoAndWhere').'</a></li>';//TODO:Who and where everyone is working now?
+	//echo '<li><a href="index.php?cidReq='.$_course['id'].'&action=whoandwhere&session_id='.$session_id.'&group_id='.$groupId.'">'.get_lang('WhoAndWhere').'</a></li>';//TODO:Who and where everyone is working now?
 }
 
 // Statistics Juan Carlos Raña Trabado
 
-if ($_GET['action']=='statistics' && (api_is_allowed_to_edit(false,true) || api_is_platform_admin())) {
+if ($action =='statistics' && (api_is_allowed_to_edit(false,true) || api_is_platform_admin())) {
 	echo '<div class="actions">'.get_lang('Statistics').'</div>';
 
 
@@ -998,7 +966,7 @@ echo '<br/>';
 
 // Most active users Juan Carlos Raña Trabado
 
-if ($_GET['action']=='mactiveusers') {
+if ($action =='mactiveusers') {
     echo '<div class="actions">'.get_lang('MostActiveUsers').'</div>';
 
     $sql='SELECT *, COUNT(*) AS NUM_EDIT FROM '.$tbl_wiki.'  WHERE  c_id = '.$course_id.' AND '.$groupfilter.$condition_session.' GROUP BY user_id';
@@ -1026,7 +994,7 @@ if ($_GET['action']=='mactiveusers') {
         }
 
         $table = new SortableTableFromArrayConfig($rows,1,10,'MostActiveUsersA_table','','','DESC');
-        $table->set_additional_parameters(array('cidReq' =>Security::remove_XSS($_GET['cidReq']),'action'=>Security::remove_XSS($_GET['action']),'session_id'=>Security::remove_XSS($_GET['session_id']),'group_id'=>Security::remove_XSS($_GET['group_id'])));
+        $table->set_additional_parameters(array('cidReq' =>Security::remove_XSS($_GET['cidReq']),'action'=>Security::remove_XSS($action),'session_id'=>Security::remove_XSS($_GET['session_id']),'group_id'=>Security::remove_XSS($_GET['group_id'])));
         $table->set_header(0,get_lang('Author'), true);
         $table->set_header(1,get_lang('Contributions'), true,array ('style' => 'width:30px;'));
         $table->display();
@@ -1035,7 +1003,7 @@ if ($_GET['action']=='mactiveusers') {
 
 // User contributions Juan Carlos Raña Trabado
 
-if ($_GET['action']=='usercontrib') {
+if ($action =='usercontrib') {
     $userinfo=Database::get_user_info_from_id($_GET['user_id']);
     $username = api_htmlentities(sprintf(get_lang('LoginX'), $userinfo['username']), ENT_QUOTES);
 
@@ -1050,7 +1018,7 @@ if ($_GET['action']=='usercontrib') {
         $sql='SELECT * FROM '.$tbl_wiki.'  WHERE c_id = '.$course_id.' AND '.$groupfilter.$condition_session.' AND user_id="'.Database::escape_string($_GET['user_id']).'" AND visibility=1';
     }
 
-    $allpages=Database::query($sql);
+    $allpages = Database::query($sql);
 
     //show table
     if (Database::num_rows($allpages) > 0) {
@@ -1083,19 +1051,14 @@ if ($_GET['action']=='usercontrib') {
             $row[] = '<a href="'.api_get_self().'?cidReq='.$_course['id'].'&action=showpage&title='.api_htmlentities(urlencode($obj->reflink)).'&view='.$obj->id.'&session_id='.api_htmlentities(urlencode($_GET['$session_id'])).'&group_id='.api_htmlentities(urlencode($_GET['group_id'])).'">'.api_htmlentities($obj->title).'</a>';
             $row[] =Security::remove_XSS($obj->version);
             $row[] =Security::remove_XSS($obj->comment);
-            //$row[] = api_strlen($obj->comment)>30 ? Security::remove_XSS(api_substr($obj->comment,0,30)).'...' : Security::remove_XSS($obj->comment);
             $row[] =Security::remove_XSS($obj->progress).' %';
             $row[] =Security::remove_XSS($obj->score);
-            //if(api_is_allowed_to_edit() || api_is_platform_admin())
-            //{
-                //$row[] =Security::remove_XSS($obj->user_ip);
-            //}
             $rows[] = $row;
 
         }
 
         $table = new SortableTableFromArrayConfig($rows,2,10,'UsersContributions_table','','','ASC');
-        $table->set_additional_parameters(array('cidReq' =>Security::remove_XSS($_GET['cidReq']),'action'=>Security::remove_XSS($_GET['action']),'user_id'=>Security::remove_XSS($_GET['user_id']),'session_id'=>Security::remove_XSS($_GET['session_id']),'group_id'=>Security::remove_XSS($_GET['group_id'])));
+        $table->set_additional_parameters(array('cidReq' =>Security::remove_XSS($_GET['cidReq']),'action'=>Security::remove_XSS($action ),'user_id'=>Security::remove_XSS($_GET['user_id']),'session_id'=>Security::remove_XSS($_GET['session_id']),'group_id'=>Security::remove_XSS($_GET['group_id'])));
 
         $table->set_header(0,get_lang('Date'), true, array ('style' => 'width:200px;'));
         $table->set_header(1,get_lang('Type'), true, array ('style' => 'width:30px;'));
@@ -1104,18 +1067,13 @@ if ($_GET['action']=='usercontrib') {
         $table->set_header(4,get_lang('Comment'), true, array ('style' => 'width:200px;'));
         $table->set_header(5,get_lang('Progress'), true, array ('style' => 'width:30px;'));
         $table->set_header(6,get_lang('Rating'), true, array ('style' => 'width:30px;'));
-        //if(api_is_allowed_to_edit() || api_is_platform_admin())
-        //{
-            //$table->set_header(7,get_lang('IP'), true, array ('style' => 'width:30px;'));
-        //}
-
         $table->display();
     }
 }
 
-/////////////////////// Most changed pages /////////////////////// Juan Carlos Raña Trabado
+/* Most changed pages */
 
-if ($_GET['action']=='mostchanged') {
+if ($action =='mostchanged') {
     echo '<div class="actions">'.get_lang('MostChangedPages').'</div>';
 
 
@@ -1148,7 +1106,7 @@ if ($_GET['action']=='mostchanged') {
         }
 
         $table = new SortableTableFromArrayConfig($rows,2,10,'MostChangedPages_table','','','DESC');
-        $table->set_additional_parameters(array('cidReq' =>Security::remove_XSS($_GET['cidReq']),'action'=>Security::remove_XSS($_GET['action']),'session_id'=>Security::remove_XSS($_GET['session_id']),'group_id'=>Security::remove_XSS($_GET['group_id'])));
+        $table->set_additional_parameters(array('cidReq' =>Security::remove_XSS($_GET['cidReq']),'action'=>Security::remove_XSS($action ),'session_id'=>Security::remove_XSS($_GET['session_id']),'group_id'=>Security::remove_XSS($_GET['group_id'])));
         $table->set_header(0,get_lang('Type'), true, array ('style' => 'width:30px;'));
         $table->set_header(1,get_lang('Title'), true);
         $table->set_header(2,get_lang('Changes'), true);
@@ -1156,9 +1114,9 @@ if ($_GET['action']=='mostchanged') {
     }
 }
 
-/////////////////////// Most visited pages /////////////////////// Juan Carlos Raña Trabado
+/* Most visited pages */
 
-if ($_GET['action']=='mvisited') {
+if ($action =='mvisited') {
     echo '<div class="actions">'.get_lang('MostVisitedPages').'</div>';
 
     if (api_is_allowed_to_edit(false,true) || api_is_platform_admin()) { //only by professors if page is hidden
@@ -1190,7 +1148,7 @@ if ($_GET['action']=='mvisited') {
         }
 
         $table = new SortableTableFromArrayConfig($rows,2,10,'MostVisitedPages_table','','','DESC');
-        $table->set_additional_parameters(array('cidReq' =>Security::remove_XSS($_GET['cidReq']),'action'=>Security::remove_XSS($_GET['action']),'session_id'=>Security::remove_XSS($_GET['session_id']),'group_id'=>Security::remove_XSS($_GET['group_id'])));
+        $table->set_additional_parameters(array('cidReq' =>Security::remove_XSS($_GET['cidReq']),'action'=>Security::remove_XSS($action ),'session_id'=>Security::remove_XSS($_GET['session_id']),'group_id'=>Security::remove_XSS($_GET['group_id'])));
         $table->set_header(0,get_lang('Type'), true, array ('style' => 'width:30px;'));
         $table->set_header(1,get_lang('Title'), true);
         $table->set_header(2,get_lang('Visits'), true);
@@ -1198,9 +1156,9 @@ if ($_GET['action']=='mvisited') {
     }
 }
 
-/////////////////////// Wanted pages /////////////////////// Juan Carlos Raña Trabado
+/* Wanted pages */
 
-if ($_GET['action']=='wanted') {
+if ($action =='wanted') {
     echo '<div class="actions">'.get_lang('WantedPages').'</div>';
 
     $pages = array();
@@ -1222,7 +1180,7 @@ if ($_GET['action']=='wanted') {
     $sql = 'SELECT  *  FROM   '.$tbl_wiki.' s1
     		WHERE s1.c_id = '.$course_id.' AND id=(SELECT MAX(s2.id) FROM '.$tbl_wiki.' s2 WHERE s2.c_id = '.$course_id.' AND s1.reflink = s2.reflink AND '.$groupfilter.$condition_session.')';
 
-    $allpages=Database::query($sql);
+    $allpages = Database::query($sql);
 
     while ($row=Database::fetch_array($allpages)) {
 
@@ -1251,14 +1209,14 @@ if ($_GET['action']=='wanted') {
         }
 
         $table = new SortableTableFromArrayConfig($rows,0,10,'WantedPages_table','','','DESC');
-        $table->set_additional_parameters(array('cidReq' =>Security::remove_XSS($_GET['cidReq']),'action'=>Security::remove_XSS($_GET['action']),'session_id'=>Security::remove_XSS($_GET['session_id']),'group_id'=>Security::remove_XSS($_GET['group_id'])));
+        $table->set_additional_parameters(array('cidReq' =>Security::remove_XSS($_GET['cidReq']),'action'=>Security::remove_XSS($action ),'session_id'=>Security::remove_XSS($_GET['session_id']),'group_id'=>Security::remove_XSS($_GET['group_id'])));
         $table->set_header(0,get_lang('Title'), true);
         $table->display();
 }
 
-/////////////////////// Orphaned pages /////////////////////// Juan Carlos Raña Trabado
+/* Orphaned pages */
 
-if ($_GET['action']=='orphaned') {
+if ($action =='orphaned') {
     echo '<div class="actions">'.get_lang('OrphanedPages').'</div>';
 
     $pages = array();
@@ -1326,7 +1284,7 @@ if ($_GET['action']=='orphaned') {
         }
 
         $table = new SortableTableFromArrayConfig($rows,1,10,'OrphanedPages_table','','','DESC');
-        $table->set_additional_parameters(array('cidReq' =>Security::remove_XSS($_GET['cidReq']),'action'=>Security::remove_XSS($_GET['action']),'session_id'=>Security::remove_XSS($_GET['session_id']),'group_id'=>Security::remove_XSS($_GET['group_id'])));
+        $table->set_additional_parameters(array('cidReq' =>Security::remove_XSS($_GET['cidReq']),'action'=>Security::remove_XSS($action ),'session_id'=>Security::remove_XSS($_GET['session_id']),'group_id'=>Security::remove_XSS($_GET['group_id'])));
        $table->set_header(0,get_lang('Type'), true, array ('style' => 'width:30px;'));
 	   $table->set_header(1,get_lang('Title'), true);
        $table->display();
@@ -1334,7 +1292,7 @@ if ($_GET['action']=='orphaned') {
 
 /////////////////////// Most linked pages /////////////////////// Juan Carlos Raña Trabado
 
-if ($_GET['action']=='mostlinked') {
+if ($action =='mostlinked') {
     echo '<div class="actions">'.get_lang('MostLinkedPages').'</div>';
 	$pages = array();
     $refs = array();
@@ -1382,7 +1340,7 @@ if ($_GET['action']=='mostlinked') {
         }
 
         $table = new SortableTableFromArrayConfig($rows,0,10,'LinkedPages_table','','','DESC');
-        $table->set_additional_parameters(array('cidReq' =>Security::remove_XSS($_GET['cidReq']),'action'=>Security::remove_XSS($_GET['action']),'session_id'=>Security::remove_XSS($_GET['session_id']),'group_id'=>Security::remove_XSS($_GET['group_id'])));
+        $table->set_additional_parameters(array('cidReq' =>Security::remove_XSS($_GET['cidReq']),'action'=>Security::remove_XSS($action ),'session_id'=>Security::remove_XSS($_GET['session_id']),'group_id'=>Security::remove_XSS($_GET['group_id'])));
         $table->set_header(0,get_lang('Title'), true);
         $table->display();
 
@@ -1390,7 +1348,7 @@ if ($_GET['action']=='mostlinked') {
 
 /////////////////////// delete current page /////////////////////// Juan Carlos Raña Trabado
 
-if ($_GET['action']=='delete') {
+if ($action =='delete') {
 
     if (!$_GET['title']) {
         Display::display_error_message(get_lang('MustSelectPage'));
@@ -1436,7 +1394,7 @@ if ($_GET['action']=='delete') {
 
 /////////////////////// delete all wiki /////////////////////// Juan Carlos Raña Trabado
 
-if ($_GET['action']=='deletewiki') {
+if ($action =='deletewiki') {
 
     echo '<div class="actions">'.get_lang('DeleteWiki').'</div>';
     echo '<div style="overflow:hidden">';
@@ -1459,7 +1417,7 @@ if ($_GET['action']=='deletewiki') {
 
 /////////////////////// search wiki pages ///////////////////////
 
-if ($_GET['action']=='searchpages') {
+if ($action =='searchpages') {
 
     echo '<div class="actions">'.get_lang('SearchPages').'</div>';
     echo '<div style="overflow:hidden">';
@@ -1474,7 +1432,7 @@ if ($_GET['action']=='searchpages') {
 	} else {
 
 		// initiate the object
-		$form = new FormValidator('wiki_search','post', api_get_self().'?cidReq='.api_htmlentities($_GET['cidReq']).'&action='.api_htmlentities($_GET['action']).'&session_id='.api_htmlentities($_GET['session_id']).'&group_id='.api_htmlentities($_GET['group_id']).'&mode_table=yes1&search_term='.api_htmlentities($_GET['search_term']).'&search_content='.api_htmlentities($_GET['search_content']).'&all_vers='.api_htmlentities($_GET['all_vers']));
+		$form = new FormValidator('wiki_search','post', api_get_self().'?cidReq='.api_htmlentities($_GET['cidReq']).'&action='.api_htmlentities($action ).'&session_id='.api_htmlentities($_GET['session_id']).'&group_id='.api_htmlentities($_GET['group_id']).'&mode_table=yes1&search_term='.api_htmlentities($_GET['search_term']).'&search_content='.api_htmlentities($_GET['search_content']).'&all_vers='.api_htmlentities($_GET['all_vers']));
 
 		// settting the form elements
 
@@ -1501,7 +1459,7 @@ if ($_GET['action']=='searchpages') {
 
 ///////////////////////  What links here. Show pages that have linked this page /////////////////////// Juan Carlos Raña Trabado
 
-if ($_GET['action']=='links') {
+if ($action =='links') {
 
     if (!$_GET['title']) {
         Display::display_error_message(get_lang("MustSelectPage"));
@@ -1586,7 +1544,7 @@ if ($_GET['action']=='links') {
             }
 
             $table = new SortableTableFromArrayConfig($rows,1,10,'AllPages_table','','','ASC');
-            $table->set_additional_parameters(array('cidReq' =>Security::remove_XSS($_GET['cidReq']),'action'=>Security::remove_XSS($_GET['action']),'group_id'=>Security::remove_XSS($_GET['group_id'])));
+            $table->set_additional_parameters(array('cidReq' =>Security::remove_XSS($_GET['cidReq']),'action'=>Security::remove_XSS($action ),'group_id'=>Security::remove_XSS($_GET['group_id'])));
             $table->set_header(0,get_lang('Type'), true, array ('style' => 'width:30px;'));
             $table->set_header(1,get_lang('Title'), true);
             $table->set_header(2,get_lang('Author'), true);
@@ -1602,7 +1560,7 @@ if ($_GET['action']=='links') {
 
 // Display the form for adding a new wiki page
 echo '<div style="overflow:hidden">';
-if ($_GET['action']=='addnew') {
+if ($action =='addnew') {
     if (api_get_session_id()!=0 && api_is_allowed_to_session_edit(false,true)==false) {
         api_not_allowed();
     }
@@ -1631,14 +1589,14 @@ if ($_GET['action']=='addnew') {
 
 // Show home page
 
-if (!$_GET['action'] OR $_GET['action']=='show' AND !isset($_POST['SaveWikiNew'])) {
+if (!$action  OR $action =='show' AND !isset($_POST['SaveWikiNew'])) {
     display_wiki_entry($newtitle);
 }
 
 // Show current page
 
 
-if ($_GET['action']=='showpage' AND !isset($_POST['SaveWikiNew'])) {
+if ($action =='showpage' AND !isset($_POST['SaveWikiNew'])) {
     if ($_GET['title']) {
         display_wiki_entry($newtitle);
     } else {
@@ -1648,14 +1606,12 @@ if ($_GET['action']=='showpage' AND !isset($_POST['SaveWikiNew'])) {
 
 // Edit current page
 
-if ($_GET['action']=='edit') {
+if (isset($action ) && $action =='edit') {
 
     if (api_get_session_id()!=0 && api_is_allowed_to_session_edit(false,true)==false) {
         api_not_allowed();
     }
 
-    $_clean['group_id']=(int)$_SESSION['_gid'];
-
     $sql = 'SELECT * FROM '.$tbl_wiki.', '.$tbl_wiki_conf.'
     		WHERE
     		'.$tbl_wiki.'.c_id = '.$course_id.' AND
@@ -1692,7 +1648,7 @@ if ($_GET['action']=='edit') {
         $PassEdit=false;
 
         //check if is a wiki group
-        if ($_clean['group_id']!=0) {
+        if ($groupId!=0) {
             //Only teacher, platform admin and group members can edit a wiki group
             if (api_is_allowed_to_edit(false,true) || api_is_platform_admin() || GroupManager :: is_user_in_group($_user['user_id'],intval($_GET['group_id']))) {
                 $PassEdit=true;
@@ -2029,14 +1985,12 @@ if ($_GET['action']=='edit') {
 
 // Page history
 
-if ($_GET['action']=='history' or $_POST['HistoryDifferences']) {
+if ($action =='history' or $_POST['HistoryDifferences']) {
     if (!$_GET['title']) {
         Display::display_error_message(get_lang("MustSelectPage"));
         exit;
     }
-
     echo '<div style="overflow:hidden">';
-    $_clean['group_id']=(int)$_SESSION['_gid'];
 
     //First, see the property visibility that is at the last register and therefore we should select descending order. But to give ownership to each record, this is no longer necessary except for the title. TODO: check this
 
@@ -2203,8 +2157,8 @@ if ($_GET['action']=='history' or $_POST['HistoryDifferences']) {
 
 // @todo rss feed
 
-if ($_GET['action']=='recentchanges') {
-    $_clean['group_id']=(int)$_SESSION['_gid'];
+if ($action =='recentchanges') {
+    $groupId=(int)$_SESSION['_gid'];
 
     if ( api_is_allowed_to_session_edit(false,true) ) {
         if (check_notify_all()==1) {
@@ -2278,7 +2232,7 @@ if ($_GET['action']=='recentchanges') {
         }
 
         $table = new SortableTableFromArrayConfig($rows,0,10,'RecentPages_table','','','DESC');
-        $table->set_additional_parameters(array('cidReq' =>Security::remove_XSS($_GET['cidReq']),'action'=>Security::remove_XSS($_GET['action']),'session_id'=>Security::remove_XSS($_GET['session_id']),'group_id'=>Security::remove_XSS($_GET['group_id'])));
+        $table->set_additional_parameters(array('cidReq' =>Security::remove_XSS($_GET['cidReq']),'action'=>Security::remove_XSS($action ),'session_id'=>Security::remove_XSS($_GET['session_id']),'group_id'=>Security::remove_XSS($_GET['group_id'])));
         $table->set_header(0,get_lang('Date'), true, array ('style' => 'width:200px;'));
         $table->set_header(1,get_lang('Type'), true, array ('style' => 'width:30px;'));
         $table->set_header(2,get_lang('Title'), true);
@@ -2292,12 +2246,9 @@ if ($_GET['action']=='recentchanges') {
 
 // All pages
 
-
-if ($_GET['action']=='allpages') {
+if ($action  == 'allpages') {
     echo '<div class="actions">'.get_lang('AllPages').'</div>';
 
-    $_clean['group_id']=(int)$_SESSION['_gid'];
-
     if (api_is_allowed_to_edit(false,true) || api_is_platform_admin()) { //only by professors if page is hidden
         $sql = 'SELECT  *  FROM  '.$tbl_wiki.' s1
         		WHERE s1.c_id = '.$course_id.' AND id=(
@@ -2359,7 +2310,7 @@ if ($_GET['action']=='allpages') {
         }
 
         $table = new SortableTableFromArrayConfig($rows,1,10,'AllPages_table','','','ASC');
-        $table->set_additional_parameters(array('cidReq' =>Security::remove_XSS($_GET['cidReq']),'action'=>Security::remove_XSS($_GET['action']),'group_id'=>Security::remove_XSS($_GET['group_id'])));
+        $table->set_additional_parameters(array('cidReq' =>Security::remove_XSS($_GET['cidReq']),'action'=>Security::remove_XSS($action ),'group_id'=>Security::remove_XSS($_GET['group_id'])));
         $table->set_header(0,get_lang('Type'), true, array ('style' => 'width:30px;'));
         $table->set_header(1,get_lang('Title'), true);
         $table->set_header(2,get_lang('Author').' ('.get_lang('LastVersion').')', true);
@@ -2373,7 +2324,7 @@ if ($_GET['action']=='allpages') {
 
 // Discuss pages
 
-if ($_GET['action']=='discuss') {
+if ($action == 'discuss') {
     if (api_get_session_id()!=0 && api_is_allowed_to_session_edit(false,true)==false) {
         api_not_allowed();
     }
@@ -2661,7 +2612,4 @@ echo '</div>'; // echo "<div style="overflow:hidden">";
 echo "</div>"; // echo "<div id='mainwiki'>";
 echo "</div>"; // echo "<div id='wikiwrapper'>";
 
-/*
-FOOTER
-*/
-Display::display_footer();
\ No newline at end of file
+Display::display_footer();
diff --git a/main/wiki/wiki.inc.php b/main/wiki/wiki.inc.php
index 6372e600a8..bb2a181690 100644
--- a/main/wiki/wiki.inc.php
+++ b/main/wiki/wiki.inc.php
@@ -10,11 +10,11 @@
 
 /* FUNCTIONS FOR WIKI */
 /**
- * Create a reference link for a given new page title (adds incremental number 
- * to the title). It is a recursive function because every newly created 
+ * Create a reference link for a given new page title (adds incremental number
+ * to the title). It is a recursive function because every newly created
  * reflink suggestion has to be checked also
  * @author Patrick Cool <patrick.cool@ugent.be>, Ghent University
- * @param 
+ * @param
  */
 function createreflink($testvalue) {
     $counter='';
@@ -30,7 +30,7 @@ function createreflink($testvalue) {
 
 
 /**
- * Check whether this title is already used 
+ * Check whether this title is already used
  * @param string title
  * @return bool  False if title is already taken
  * @author Patrick Cool <patrick.cool@ugent.be>, Ghent University
@@ -39,9 +39,9 @@ function checktitle($paramwk) {
     global $tbl_wiki;
     global $groupfilter;
     global $condition_session;
-    
+
     $course_id = api_get_course_int_id();
-    
+
     $sql = 'SELECT * FROM '.$tbl_wiki.' WHERE c_id = '.$course_id.' AND reflink="'.Database::escape_string($paramwk).'" AND '.$groupfilter.$condition_session.'';
     $result=Database::query($sql);
     $numberofresults=Database::num_rows($result);
@@ -129,7 +129,7 @@ function detect_mail_link($input) {
     return $output;
 }
 
-/** 
+/**
  * detect and add style to ftp links
  * @author Juan Carlos Raña Trabado
 **/
@@ -171,35 +171,25 @@ function detect_irc_link($input) {
  **/
 function make_wiki_link_clickable($input) {
     global $_course;
-
-    if (isset($_SESSION['_gid'])) {
-        $_clean['group_id']=intval($_SESSION['_gid']);
-    }
-    if (isset($_GET['group_id'])) {
-        $_clean['group_id']=intval($_GET['group_id']);
-    }
-    $session_id=api_get_session_id(); // TODO: check
-
+    $groupId = api_get_group_id();
+    $session_id = api_get_session_id(); // TODO: check
 
     $input_array=preg_split("/(\[\[|\]\])/",$input,-1, PREG_SPLIT_DELIM_CAPTURE); //now doubles brackets
 
-    foreach ($input_array as $key=>$value)
-    {
-
-        if ($input_array[$key-1]=='[[' AND $input_array[$key+1]==']]') //now doubles brackets
-        {
-		
+    foreach ($input_array as $key=>$value) {
+        //now doubles brackets
+        if ($input_array[$key-1]=='[[' AND $input_array[$key+1]==']]') {
         /////////// TODO: metawiki
         /*
         if ($session_id==0)
         {
-             if ($_clean['group_id']==0)
+             if ($groupId==0)
             {
                 $titleg_ex='';
             }
             else
             {
-                $group_properties  = GroupManager :: get_group_properties($_clean['group_id']);
+                $group_properties  = GroupManager :: get_group_properties($groupId);
                 $group_name= $group_properties['name'];
                 $titleg_ex='<sup><img src="css/wgroup.gif" alt="('.$group_name.')" title="Link to Wikigroup:'.$group_name.'"/></sup>';
             }
@@ -211,7 +201,7 @@ function make_wiki_link_clickable($input) {
 
         */
         /////////
-		
+
             //now full wikilink
             if (api_strpos($value, "|") !== false){
                 $full_link_array=explode("|", $value);
@@ -235,11 +225,11 @@ function make_wiki_link_clickable($input) {
             if (checktitle(strtolower(str_replace(' ','_',$link))))
             {
                 $link = api_html_entity_decode($link);
-                $input_array[$key]='<a href="'.api_get_path(WEB_PATH).'main/wiki/index.php?'.api_get_cidreq().'&action=addnew&amp;title='.api_htmlentities(urlencode($link)).'&group_id='.$_clean['group_id'].'" class="new_wiki_link">'.$title.'</a>';
+                $input_array[$key]='<a href="'.api_get_path(WEB_PATH).'main/wiki/index.php?'.api_get_cidreq().'&action=addnew&amp;title='.api_htmlentities(urlencode($link)).'&group_id='.$groupId.'" class="new_wiki_link">'.$title.'</a>';
             }
             else
             {
-                $input_array[$key]='<a href="'.api_get_path(WEB_PATH).'main/wiki/index.php?'.api_get_cidreq().'&action=showpage&amp;title='.urlencode(strtolower(str_replace(' ','_',$link))).'&group_id='.$_clean['group_id'].'" class="wiki_link">'.$title.'</a>';
+                $input_array[$key]='<a href="'.api_get_path(WEB_PATH).'main/wiki/index.php?'.api_get_cidreq().'&action=showpage&amp;title='.urlencode(strtolower(str_replace(' ','_',$link))).'&group_id='.$groupId.'" class="wiki_link">'.$title.'</a>';
             }
             unset($input_array[$key-1]);
             unset($input_array[$key+1]);
@@ -261,7 +251,7 @@ function save_wiki() {
 
     // cleaning the variables
     $_clean['page_id']		= Database::escape_string($_POST['page_id']);
-    $_clean['reflink']		= Database::escape_string(trim($_POST['reflink'])); 
+    $_clean['reflink']		= Database::escape_string(trim($_POST['reflink']));
     $_clean['title']		= Database::escape_string(trim($_POST['title']));
     $_clean['content']		= Database::escape_string($_POST['content']);
 	if (api_get_setting('htmlpurifier_wiki') == 'true'){
@@ -277,20 +267,11 @@ function save_wiki() {
 
     $dtime = date( "Y-m-d H:i:s" );
     $session_id = api_get_session_id();
-
-    if (isset($_SESSION['_gid']))
-    {
-          $_clean['group_id']=Database::escape_string($_SESSION['_gid']);
-    }
-    if (isset($_GET['group_id']))
-    {
-            $_clean['group_id']=Database::escape_string($_GET['group_id']);
-    }
+    $groupId = api_get_group_id();
 
     //cleaning config variables
 
-    if(!empty($_POST['task']))
-    {
+    if(!empty($_POST['task'])) {
         $_clean['task']= Database::escape_string($_POST['task']);
     }
     if(!empty($_POST['feedback1']) || !empty($_POST['feedback2']) || !empty($_POST['feedback3'])) {
@@ -327,11 +308,11 @@ function save_wiki() {
         $_clean['max_text']	=Database::escape_string($_POST['max_text']);
         $_clean['max_version']=Database::escape_string($_POST['max_version']);
     }
-    
+
     $course_id = api_get_course_int_id();
-    
+
     $sql = "INSERT INTO ".$tbl_wiki." (c_id, page_id, reflink, title, content, user_id, group_id, dtime, assignment, comment, progress, version, linksto, user_ip, session_id)
-            VALUES ($course_id, '".$_clean['page_id']."','".$_clean['reflink']."','".$_clean['title']."','".$_clean['content']."','".$_clean['user_id']."','".$_clean['group_id']."','".$dtime."','".$_clean['assignment']."','".$_clean['comment']."','".$_clean['progress']."','".$_clean['version']."','".$_clean['linksto']."','".Database::escape_string($_SERVER['REMOTE_ADDR'])."', '".Database::escape_string($session_id)."')";
+            VALUES ($course_id, '".$_clean['page_id']."','".$_clean['reflink']."','".$_clean['title']."','".$_clean['content']."','".$_clean['user_id']."','".$groupId."','".$dtime."','".$_clean['assignment']."','".$_clean['comment']."','".$_clean['progress']."','".$_clean['version']."','".$_clean['linksto']."','".Database::escape_string($_SERVER['REMOTE_ADDR'])."', '".Database::escape_string($session_id)."')";
 
 
     $result	= Database::query($sql);
@@ -339,7 +320,7 @@ function save_wiki() {
 
     if ($Id > 0) {
         //insert into item_property
-        api_item_property_update(api_get_course_info(), TOOL_WIKI, $Id, 'WikiAdded', api_get_user_id(), $_clean['group_id']);
+        api_item_property_update(api_get_course_info(), TOOL_WIKI, $Id, 'WikiAdded', api_get_user_id(), $groupId);
     }
 
     if ($_clean['page_id']	==0) {
@@ -352,11 +333,11 @@ function save_wiki() {
         $sql="INSERT INTO ".$tbl_wiki_conf." (c_id, page_id, task, feedback1, feedback2, feedback3, fprogress1, fprogress2, fprogress3, max_text, max_version, startdate_assig, enddate_assig, delayedsubmit)
               VALUES ($course_id, '".$Id."','".$_clean['task']."','".$_clean['feedback1']."','".$_clean['feedback2']."','".$_clean['feedback3']."','".$_clean['fprogress1']."','".$_clean['fprogress2']."','".$_clean['fprogress3']."','".$_clean['max_text']."','".$_clean['max_version']."','".$_clean['startdate_assig']."','".$_clean['enddate_assig']."','".$_clean['delayedsubmit']."')";
     } else {
-        $sql='UPDATE'.$tbl_wiki_conf.' SET task="'.$_clean['task'].'", feedback1="'.$_clean['feedback1'].'", feedback2="'.$_clean['feedback2'].'", feedback3="'.$_clean['feedback3'].'",  fprogress1="'.$_clean['fprogress1'].'",  fprogress2="'.$_clean['fprogress2'].'",  fprogress3="'.$_clean['fprogress3'].'", max_text="'.$_clean['max_text'].'", max_version="'.$_clean['max_version'].'", startdate_assig="'.$_clean['startdate_assig'].'", enddate_assig="'.$_clean['enddate_assig'].'", delayedsubmit="'.$_clean['delayedsubmit'].'" 
+        $sql='UPDATE'.$tbl_wiki_conf.' SET task="'.$_clean['task'].'", feedback1="'.$_clean['feedback1'].'", feedback2="'.$_clean['feedback2'].'", feedback3="'.$_clean['feedback3'].'",  fprogress1="'.$_clean['fprogress1'].'",  fprogress2="'.$_clean['fprogress2'].'",  fprogress3="'.$_clean['fprogress3'].'", max_text="'.$_clean['max_text'].'", max_version="'.$_clean['max_version'].'", startdate_assig="'.$_clean['startdate_assig'].'", enddate_assig="'.$_clean['enddate_assig'].'", delayedsubmit="'.$_clean['delayedsubmit'].'"
         	  WHERE page_id="'.$_clean['page_id'].'" AND c_id = '.$course_id;
     }
     Database::query($sql);
-    api_item_property_update($_course, 'wiki', $Id, 'WikiAdded', api_get_user_id(), $_clean['group_id']);
+    api_item_property_update($_course, 'wiki', $Id, 'WikiAdded', api_get_user_id(), $groupId);
     check_emailcue($_clean['reflink'], 'P', $dtime, $_clean['user_id']);
     return get_lang('ChangesStored');
 }
@@ -375,7 +356,7 @@ function restore_wikipage($r_page_id, $r_reflink, $r_title, $r_content, $r_group
     $session_id = api_get_session_id();
     $course_id = api_get_course_int_id();
 
-    $sql="INSERT INTO ".$tbl_wiki." (c_id, page_id, reflink, title, content, user_id, group_id, dtime, assignment, comment, progress, version, linksto, user_ip, session_id) VALUES 
+    $sql="INSERT INTO ".$tbl_wiki." (c_id, page_id, reflink, title, content, user_id, group_id, dtime, assignment, comment, progress, version, linksto, user_ip, session_id) VALUES
     ($course_id, '".$r_page_id."','".$r_reflink."','".$r_title."','".$r_content."','".$r_user_id."','".$r_group_id."','".$r_dtime."','".$r_assignment."','".$r_comment."','".$r_progress."','".$r_version."','".$r_linksto."','".Database::escape_string($_SERVER['REMOTE_ADDR'])."','".Database::escape_string($session_id)."')";
 
     $result=Database::query($sql);
@@ -394,13 +375,13 @@ function restore_wikipage($r_page_id, $r_reflink, $r_title, $r_content, $r_group
 **/
 function delete_wiki() {
     global $tbl_wiki, $tbl_wiki_conf, $tbl_wiki_discuss, $tbl_wiki_mailcue, $groupfilter, $condition_session;
-	
+
     $course_id = api_get_course_int_id();
-	
+
     //identify the first id by group = identify wiki
     $sql = 'SELECT * FROM '.$tbl_wiki.'  WHERE  c_id = '.$course_id.' AND '.$groupfilter.$condition_session.' ORDER BY id DESC';
     $allpages = Database::query($sql);
-    
+
 
     while ($row=Database::fetch_array($allpages))	{
         $id 		= $row['id'];
@@ -444,18 +425,18 @@ function save_new_wiki() {
     $_clean['reflink'] = Database::escape_string(strip_tags(api_htmlentities($page)));
     $_clean['title']   = Database::escape_string(strip_tags(trim($_POST['title'])));
     $_clean['content'] = Database::escape_string($_POST['content']);
-	
+
 	if (api_get_setting('htmlpurifier_wiki') == 'true'){
 		$purifier = new HTMLPurifier();
 		$_clean['content'] = $purifier->purify($_clean['content']);
 	}
-	
+
 	//re-check after strip_tags if the title is empty
 	if(empty($_clean['title']) || empty($_clean['reflink'])){
-        
+
 		return false;
 	}
-	
+
     if($_clean['assignment']==2)  {//config by default for individual assignment (students)
 
          $_clean['user_id']=(int)Database::escape_string($assig_user_id);//Identifies the user as a creator, not the teacher who created
@@ -477,14 +458,7 @@ function save_new_wiki() {
     $_clean['progress']=Database::escape_string($_POST['progress']);
     $_clean['version']=1;
 
-    if (isset($_SESSION['_gid']))
-      {
-      $_clean['group_id']=(int)$_SESSION['_gid'];
-    }
-    if (isset($_GET['group_id']))
-      {
-       $_clean['group_id']=(int)Database::escape_string($_GET['group_id']);
-    }
+    $groupId = api_get_group_id();
 
     $_clean['linksto'] = links_to($_clean['content']);	//check wikilinks
 
@@ -512,9 +486,9 @@ function save_new_wiki() {
     $_clean['delayedsubmit']=Database::escape_string($_POST['delayedsubmit']);
     $_clean['max_text']=Database::escape_string($_POST['max_text']);
     $_clean['max_version']=Database::escape_string($_POST['max_version']);
-    
+
     $course_id = api_get_course_int_id();
-    
+
     //filter no _uass
     if (api_eregi('_uass', $_POST['title']) || (api_strtoupper(trim($_POST['title'])) == 'INDEX' || api_strtoupper(trim(api_htmlentities($_POST['title'], ENT_QUOTES, $charset))) == api_strtoupper(api_htmlentities(get_lang('DefaultTitle'), ENT_QUOTES, $charset)))) {
         $message= get_lang('GoAndEditMainPage');
@@ -526,21 +500,21 @@ function save_new_wiki() {
            return get_lang('WikiPageTitleExist').'<a href="index.php?action=edit&amp;title='.$var.'&group_id='.$group_id.'">'.$_POST['title'].'</a>';
         } else {
             $dtime = date( "Y-m-d H:i:s" );
-            $sql = "INSERT INTO ".$tbl_wiki." (c_id, reflink, title, content, user_id, group_id, dtime, visibility, visibility_disc, ratinglock_disc, assignment, comment, progress, version, linksto, user_ip, session_id) VALUES 
-            		($course_id, '".$_clean['reflink']."','".$_clean['title']."','".$_clean['content']."','".$_clean['user_id']."','".$_clean['group_id']."','".$dtime."','".$_clean['visibility']."','".$_clean['visibility_disc']."','".$_clean['ratinglock_disc']."','".$_clean['assignment']."','".$_clean['comment']."','".$_clean['progress']."','".$_clean['version']."','".$_clean['linksto']."','".Database::escape_string($_SERVER['REMOTE_ADDR'])."', '".Database::escape_string($session_id)."')";
+            $sql = "INSERT INTO ".$tbl_wiki." (c_id, reflink, title, content, user_id, group_id, dtime, visibility, visibility_disc, ratinglock_disc, assignment, comment, progress, version, linksto, user_ip, session_id) VALUES
+            		($course_id, '".$_clean['reflink']."','".$_clean['title']."','".$_clean['content']."','".$_clean['user_id']."','".$groupId."','".$dtime."','".$_clean['visibility']."','".$_clean['visibility_disc']."','".$_clean['ratinglock_disc']."','".$_clean['assignment']."','".$_clean['comment']."','".$_clean['progress']."','".$_clean['version']."','".$_clean['linksto']."','".Database::escape_string($_SERVER['REMOTE_ADDR'])."', '".Database::escape_string($session_id)."')";
             $result = Database::query($sql);
             $Id = Database::insert_id();
 
                if ($Id > 0) {
                 //insert into item_property
-                api_item_property_update(api_get_course_info(), TOOL_WIKI, $Id, 'WikiAdded', api_get_user_id(), $_clean['group_id']);
+                api_item_property_update(api_get_course_info(), TOOL_WIKI, $Id, 'WikiAdded', api_get_user_id(), $groupId);
             }
 
            $sql='UPDATE '.$tbl_wiki.' SET page_id="'.$Id.'" WHERE c_id = '.$course_id.' AND id="'.$Id.'"';
            Database::query($sql);
 
             //insert wiki config
-           $sql="INSERT INTO ".$tbl_wiki_conf." (c_id, page_id, task, feedback1, feedback2, feedback3, fprogress1, fprogress2, fprogress3, max_text, max_version, startdate_assig, enddate_assig, delayedsubmit) VALUES 
+           $sql="INSERT INTO ".$tbl_wiki_conf." (c_id, page_id, task, feedback1, feedback2, feedback3, fprogress1, fprogress2, fprogress3, max_text, max_version, startdate_assig, enddate_assig, delayedsubmit) VALUES
           		($course_id, '".$Id."','".$_clean['task']."','".$_clean['feedback1']."','".$_clean['feedback2']."','".$_clean['feedback3']."','".$_clean['fprogress1']."','".$_clean['fprogress2']."','".$_clean['fprogress3']."','".$_clean['max_text']."','".$_clean['max_version']."','".$_clean['startdate_assig']."','".$_clean['enddate_assig']."','".$_clean['delayedsubmit']."')";
            Database::query($sql);
 
@@ -584,10 +558,8 @@ return true;
     echo '<div id="wikititle" style="min-height:30px;">';
     echo  '<div style="width:70%;float:left;"><span class="form_required">*</span> '.get_lang(Title).': <input type="text" id="wiki_title" name="title" value="'.api_htmlentities($_GET['title']).'" size="40"></div>';
 
-    if(api_is_allowed_to_edit(false,true) || api_is_platform_admin())
-    {
-
-        $_clean['group_id']=(int)$_SESSION['_gid']; // TODO: check if delete ?
+    if(api_is_allowed_to_edit(false,true) || api_is_platform_admin()) {
+        $groupId = api_get_group_id();
 
         echo'<a href="javascript://" onclick="advanced_parameters()" ><span id="plus_minus" style="float:right">&nbsp;'.Display::return_icon('div_show.gif',get_lang('Show'),array('style'=>'vertical-align:middle')).'&nbsp;'.get_lang('AdvancedParameters').'</span></a>';
         echo '<div id="options" style="display:none; margin: 20px;" >';
@@ -750,14 +722,14 @@ return true;
 function display_wiki_entry($newtitle) {
     global $charset, $tbl_wiki, $tbl_wiki_conf, $groupfilter, $condition_session, $page;
     $course_id = api_get_course_int_id();
-    
+
     if($newtitle) {
         $pageMIX=$newtitle; //display the page after it is created
     } else {
         $pageMIX=$page;//display current page
     }
 
-    $_clean['group_id']=(int)$_SESSION['_gid'];
+    $groupId = api_get_group_id();
     $session_id=api_get_session_id();
 
     if ($_GET['view']) {
@@ -771,23 +743,23 @@ function display_wiki_entry($newtitle) {
     $result=Database::query($sql);
     $row=Database::fetch_array($result);
     $KeyVisibility=$row['visibility'];
-    
-    
+
+
 
     // second, show the last version
-    $sql='SELECT * FROM '.$tbl_wiki.' w , '.$tbl_wiki_conf.' wc    	 
+    $sql='SELECT * FROM '.$tbl_wiki.' w , '.$tbl_wiki_conf.' wc
     	  WHERE wc.c_id 	  = '.$course_id.' AND
     	  		w.c_id 		  = '.$course_id.' AND
-    			wc.page_id	  = w.page_id AND 
-    			w.reflink	  = "'.Database::escape_string($pageMIX).'" AND 
-    			w.session_id  = '.$session_id.' AND 
-    			w.'.$groupfilter.'  '.$filter.' 
+    			wc.page_id	  = w.page_id AND
+    			w.reflink	  = "'.Database::escape_string($pageMIX).'" AND
+    			w.session_id  = '.$session_id.' AND
+    			w.'.$groupfilter.'  '.$filter.'
     			ORDER BY id DESC';
-				
+
     $result = Database::query($sql);
     $row    = Database::fetch_array($result); // we do not need a while loop since we are always displaying the last version
-    
-	
+
+
 	//update visits
     if ($row['id']) {
         $sql='UPDATE '.$tbl_wiki.' SET hits=(hits+1) WHERE c_id = '.$course_id.' AND id='.$row['id'].'';
@@ -796,7 +768,7 @@ function display_wiki_entry($newtitle) {
 
     // if both are empty and we are displaying the index page then we display the default text.
     if ($row['content']=='' AND $row['title']=='' AND $page=='index') {
-        if (api_is_allowed_to_edit(false,true) || api_is_platform_admin() || GroupManager :: is_user_in_group(api_get_user_id(),$_SESSION['_gid'])) {
+        if (api_is_allowed_to_edit(false,true) || api_is_platform_admin() || GroupManager :: is_user_in_group(api_get_user_id(), api_get_group_id())) {
             //Table structure for better export to pdf
             $default_table_for_content_Start='<table align="center" border="0"><tr><td align="center">';
             $default_table_for_content_End='</td></tr></table>';
@@ -861,7 +833,7 @@ function display_wiki_entry($newtitle) {
                 $lock_unlock_visibility='visible';
             }
         }
-        
+
         if ($row['id']) {
             echo '<span style="float:right;">';
             echo '<a href="index.php?action=showpage&amp;actionpage='.$lock_unlock_visibility.'&amp;title='.api_htmlentities(urlencode($page)).'">'.$visibility_page.'</a>';
@@ -878,11 +850,11 @@ function display_wiki_entry($newtitle) {
                 $lock_unlock_notify_page='locknotify';
             }
         }
-        
+
         echo '<span style="float:right;">';
         echo '<a href="index.php?action=showpage&amp;actionpage='.$lock_unlock_notify_page.'&amp;title='.api_htmlentities(urlencode($page)).'">'.$notify_page.'</a>';
         echo '</span>';
-        
+
          //ONly available if row['id'] is set
         if ($row['id']) {
             //page action: export to pdf
@@ -893,13 +865,13 @@ function display_wiki_entry($newtitle) {
             echo '<input type="image" src="../img/icons/22/pdf.png" border ="0" title="'.get_lang('ExportToPDF').'" alt="'.get_lang('ExportToPDF').'" style=" width:22px; border:none; margin-top: -9px">';
             echo '</form>';
             echo '</span>';
-    
+
             //page action: copy last version to doc area
             if (api_is_allowed_to_edit(false,true) || api_is_platform_admin()) {
                 echo '<span style="float:right;">';
                 echo '<form name="form_export2DOC" method="post" action="index.php" >';
                 echo '<input type=hidden name="export2DOC" value="export2doc">';
-                echo '<input type=hidden name="doc_id" value="'.$row['id'].'">';            
+                echo '<input type=hidden name="doc_id" value="'.$row['id'].'">';
                 echo '<input type="image" src="../img/icons/22/export_to_documents.png" border ="0" title="'.get_lang('ExportToDocArea').'" alt="'.get_lang('ExportToDocArea').'" style=" width:22px; border:none; margin-top: -6px">';
                 echo '</form>';
                 echo '</span>';
@@ -918,7 +890,7 @@ function display_wiki_entry($newtitle) {
         }
         </script>
         <?php
-        echo '<span style="float:right; cursor: pointer;">';		
+        echo '<span style="float:right; cursor: pointer;">';
 	    echo Display::return_icon('printer.png', get_lang('Print'),array('onclick' => "javascript: goprint();"),ICON_SIZE_SMALL);
         echo '</span>';
 
@@ -939,7 +911,7 @@ function display_wiki_entry($newtitle) {
         echo '<div id="wikifooter">'.get_lang('Progress').': '.$row['progress'].'%&nbsp;&nbsp;&nbsp;'.get_lang('Rating').': '.$row['score'].'&nbsp;&nbsp;&nbsp;'.get_lang('Words').': '.word_count($content).'</div>';
 
     }//end filter visibility
-    
+
 } // end function display_wiki_entry
 
 
@@ -960,18 +932,18 @@ function word_count($document) {
     $document = preg_replace($search, '', $document);
 
       # strip all html tags
-      $wc = strip_tags($document);	   
+      $wc = strip_tags($document);
 	  $wc = html_entity_decode($wc, ENT_NOQUOTES, 'UTF-8');// TODO:test also old html_entity_decode(utf8_encode($wc))
-	  
+
 	  # remove 'words' that don't consist of alphanumerical characters or punctuation. And fix accents and some letters
- 	  $pattern = "#[^(\w|\d|\'|\"|\.|\!|\?|;|,|\\|\/|\-|:|\&|@|á|é|í|ó|ú|à|è|ì|ò|ù|ä|ë|ï|ö|ü|Á|É|Í|Ó|Ú|À|È|Ò|Ù|Ä|Ë|Ï|Ö|Ü|â|ê|î|ô|û|Â|Ê|Î|Ô|Û|ñ|Ñ|ç|Ç)]+#";	 
+ 	  $pattern = "#[^(\w|\d|\'|\"|\.|\!|\?|;|,|\\|\/|\-|:|\&|@|á|é|í|ó|ú|à|è|ì|ò|ù|ä|ë|ï|ö|ü|Á|É|Í|Ó|Ú|À|È|Ò|Ù|Ä|Ë|Ï|Ö|Ü|â|ê|î|ô|û|Â|Ê|Î|Ô|Û|ñ|Ñ|ç|Ç)]+#";
       $wc = trim(preg_replace($pattern, " ", $wc));
-	 		  
+
 	  # remove one-letter 'words' that consist only of punctuation
       $wc = trim(preg_replace("#\s*[(\'|\"|\.|\!|\?|;|,|\\|\/|\-|:|\&|@)]\s*#", " ", $wc));
-	  
+
 	  # remove superfluous whitespace
-      $wc = preg_replace("/\s\s+/", " ", $wc);	
+      $wc = preg_replace("/\s\s+/", " ", $wc);
 
       # split string into an array of words
       $wc = explode(" ", $wc);
@@ -992,7 +964,7 @@ function wiki_exist($title) {
     global $tbl_wiki;
     global $groupfilter;
     global $condition_session;
-    
+
     $course_id = api_get_course_int_id();
 
     $sql='SELECT id FROM '.$tbl_wiki.'WHERE c_id = '.$course_id.' AND title="'.Database::escape_string($title).'" AND '.$groupfilter.$condition_session.' ORDER BY id ASC';
@@ -1035,8 +1007,7 @@ function check_addnewpagelock() {
     global $tbl_wiki;
     global $groupfilter;
     global $condition_session;
-    $_clean['group_id']=(int)$_SESSION['_gid'];
-    
+    $groupId = api_get_group_id();
     $course_id = api_get_course_int_id();
 
     $sql='SELECT * FROM '.$tbl_wiki.' WHERE c_id = '.$course_id.' AND '.$groupfilter.$condition_session.' ORDER BY id ASC';
@@ -1047,15 +1018,11 @@ function check_addnewpagelock() {
 
 
     //change status
-    if (api_is_allowed_to_edit(false,true) || api_is_platform_admin())
-    {
-
-        if ($_GET['actionpage']=='lockaddnew' && $status_addlock==1)
-        {
+    if (api_is_allowed_to_edit(false,true) || api_is_platform_admin()) {
+        if (isset($_GET['actionpage']) && $_GET['actionpage'] =='lockaddnew' && $status_addlock==1) {
             $status_addlock=0;
         }
-        if ($_GET['actionpage']=='unlockaddnew' && $status_addlock==0)
-        {
+        if (isset($_GET['actionpage']) && $_GET['actionpage'] =='unlockaddnew' && $status_addlock==0) {
             $status_addlock=1;
         }
 
@@ -1083,25 +1050,23 @@ function check_protect_page() {
     global $page;
     global $groupfilter;
     global $condition_session;
-    
-    $course_id = api_get_course_int_id();
 
-    $_clean['group_id']=(int)$_SESSION['_gid'];
+    $course_id = api_get_course_int_id();
+    $groupId = api_get_group_id();
 
     $sql='SELECT * FROM '.$tbl_wiki.'WHERE c_id = '.$course_id.' AND reflink="'.Database::escape_string($page).'" AND '.$groupfilter.$condition_session.' ORDER BY id ASC';
 
     $result=Database::query($sql);
     $row=Database::fetch_array($result);
-
     $status_editlock=$row['editlock'];
-    $id=$row['id'];
+    $id = $row['id'];
 
     ///change status
     if (api_is_allowed_to_edit(false,true) || api_is_platform_admin()) {
-        if ($_GET['actionpage']=='lock' && $status_editlock==0) {
+        if (isset($_GET['actionpage']) && $_GET['actionpage']=='lock' && $status_editlock==0) {
             $status_editlock=1;
         }
-        if ($_GET['actionpage']=='unlock' && $status_editlock==1) {
+        if (isset($_GET['actionpage']) && $_GET['actionpage']=='unlock' && $status_editlock==1) {
             $status_editlock=0;
         }
         $sql='UPDATE '.$tbl_wiki.' SET editlock="'.Database::escape_string($status_editlock).'" WHERE c_id = '.$course_id.' AND id="'.$id.'"';
@@ -1114,23 +1079,24 @@ function check_protect_page() {
     return $row['editlock'];
 }
 
-
 /**
  * Visibility page
  * @author Juan Carlos Raña <herodoto@telefonica.net>
  * return current database status of visibility and change it if get action
  */
-function check_visibility_page() {
-
+function check_visibility_page()
+{
     global $tbl_wiki;
     global $page;
     global $groupfilter;
     global $condition_session;
 
-    $_clean['group_id']=(int)$_SESSION['_gid'];
+    $groupId = api_get_group_id();
     $course_id = api_get_course_int_id();
 
-    $sql='SELECT * FROM '.$tbl_wiki.' WHERE c_id = '.$course_id.' AND reflink="'.Database::escape_string($page).'" AND '.$groupfilter.$condition_session.' ORDER BY id ASC';
+    $sql='SELECT * FROM '.$tbl_wiki.'
+         WHERE c_id = '.$course_id.' AND reflink="'.Database::escape_string($page).'" AND '.$groupfilter.$condition_session.'
+         ORDER BY id ASC';
     $result=Database::query($sql);
     $row=Database::fetch_array($result);
 
@@ -1140,11 +1106,11 @@ function check_visibility_page() {
     //change status
 
     if (api_is_allowed_to_edit(false,true) || api_is_platform_admin()) {
-        if ($_GET['actionpage']=='visible' && $status_visibility==0) {
+        if (isset($_GET['actionpage']) && $_GET['actionpage']=='visible' && $status_visibility==0) {
             $status_visibility=1;
 
         }
-        if ($_GET['actionpage']=='invisible' && $status_visibility==1) {
+        if (isset($_GET['actionpage']) && $_GET['actionpage']=='invisible' && $status_visibility==1) {
             $status_visibility=0;
         }
 
@@ -1152,10 +1118,9 @@ function check_visibility_page() {
         Database::query($sql);
 
         //Although the value now is assigned to all (not only the first), these three lines remain necessary. They do that by changing the page state is made when you press the button and not have to wait to change his page
-        $sql='SELECT * FROM '.$tbl_wiki.' WHERE c_id = '.$course_id.' AND reflink="'.Database::escape_string($page).'" AND '.$groupfilter.$condition_session.' ORDER BY id ASC';
+        $sql = 'SELECT * FROM '.$tbl_wiki.' WHERE c_id = '.$course_id.' AND reflink="'.Database::escape_string($page).'" AND '.$groupfilter.$condition_session.' ORDER BY id ASC';
         $result=Database::query($sql);
-        $row=Database::fetch_array($result);
-
+        $row = Database::fetch_array($result);
     }
 
     if (empty($row['id'])) {
@@ -1178,7 +1143,6 @@ function check_visibility_discuss() {
     global $groupfilter;
     global $condition_session;
 
-    $_clean['group_id']=(int)$_SESSION['_gid'];
     $course_id = api_get_course_int_id();
 
     $sql='SELECT * FROM '.$tbl_wiki.' WHERE  c_id = '.$course_id.' AND reflink="'.Database::escape_string($page).'" AND '.$groupfilter.$condition_session.' ORDER BY id ASC';
@@ -1190,11 +1154,11 @@ function check_visibility_discuss() {
     //change status
     if (api_is_allowed_to_edit(false,true) || api_is_platform_admin())
     {
-        if ($_GET['actionpage']=='showdisc' && $status_visibility_disc==0)
+        if (isset($_GET['actionpage']) && $_GET['actionpage'] =='showdisc' && $status_visibility_disc==0)
         {
             $status_visibility_disc=1;
         }
-        if ($_GET['actionpage']=='hidedisc' && $status_visibility_disc==1)
+        if (isset($_GET['actionpage']) && $_GET['actionpage'] =='hidedisc' && $status_visibility_disc==1)
         {
             $status_visibility_disc=0;
         }
@@ -1225,7 +1189,7 @@ function check_addlock_discuss() {
     global $groupfilter;
     global $condition_session;
     $course_id = api_get_course_int_id();
-    $_clean['group_id']=(int)$_SESSION['_gid'];
+    $groupId = api_get_group_id();
 
     $sql='SELECT * FROM '.$tbl_wiki.' WHERE c_id = '.$course_id.' AND reflink="'.Database::escape_string($page).'" AND '.$groupfilter.$condition_session.' ORDER BY id ASC';
     $result=Database::query($sql);
@@ -1237,16 +1201,16 @@ function check_addlock_discuss() {
     if (api_is_allowed_to_edit() || api_is_platform_admin())
     {
 
-        if ($_GET['actionpage']=='lockdisc' && $status_addlock_disc==0)
+        if (isset($_GET['actionpage']) && $_GET['actionpage'] =='lockdisc' && $status_addlock_disc==0)
         {
             $status_addlock_disc=1;
             }
-        if ($_GET['actionpage']=='unlockdisc' && $status_addlock_disc==1)
+        if (isset($_GET['actionpage']) && $_GET['actionpage'] =='unlockdisc' && $status_addlock_disc==1)
         {
             $status_addlock_disc=0;
         }
 
-        $sql='UPDATE '.$tbl_wiki.' SET addlock_disc="'.Database::escape_string($status_addlock_disc).'" 
+        $sql='UPDATE '.$tbl_wiki.' SET addlock_disc="'.Database::escape_string($status_addlock_disc).'"
               WHERE c_id = '.$course_id.' AND reflink="'.Database::escape_string($page).'" AND '.$groupfilter.$condition_session;
         Database::query($sql);
 
@@ -1274,7 +1238,6 @@ function check_ratinglock_discuss() {
     global $groupfilter;
     global $condition_session;
 
-    $_clean['group_id']=(int)$_SESSION['_gid'];
     $course_id = api_get_course_int_id();
 
     $sql='SELECT * FROM '.$tbl_wiki.'
@@ -1288,16 +1251,16 @@ function check_ratinglock_discuss() {
     //change status
     if (api_is_allowed_to_edit(false,true) || api_is_platform_admin())
     {
-        if ($_GET['actionpage']=='lockrating' && $status_ratinglock_disc==0)
+        if (isset($_GET['actionpage']) && $_GET['actionpage'] =='lockrating' && $status_ratinglock_disc==0)
         {
             $status_ratinglock_disc=1;
         }
-        if ($_GET['actionpage']=='unlockrating' && $status_ratinglock_disc==1)
+        if (isset($_GET['actionpage']) && $_GET['actionpage'] =='unlockrating' && $status_ratinglock_disc==1)
         {
             $status_ratinglock_disc=0;
         }
 
-        $sql='UPDATE '.$tbl_wiki.' SET ratinglock_disc="'.Database::escape_string($status_ratinglock_disc).'" 
+        $sql='UPDATE '.$tbl_wiki.' SET ratinglock_disc="'.Database::escape_string($status_ratinglock_disc).'"
              WHERE c_id = '.$course_id.' AND reflink="'.Database::escape_string($page).'" AND '.$groupfilter.$condition_session; //Visibility. Value to all,not only for the first
         Database::query($sql);
 
@@ -1325,7 +1288,7 @@ function check_notify_page($reflink) {
     global $tbl_wiki_mailcue;
     global $condition_session;
 
-    $_clean['group_id']=(int)$_SESSION['_gid'];
+    $groupId = api_get_group_id();
     $session_id=api_get_session_id();
     $course_id = api_get_course_int_id();
 
@@ -1349,20 +1312,20 @@ function check_notify_page($reflink) {
     {
         $status_notify=1;
     }
-    
-    
-    
+
+
+
     //change status
-    if ($_GET['actionpage']=='locknotify' && $status_notify==0) {
-        $sql="INSERT INTO ".$tbl_wiki_mailcue." (c_id, id, user_id, type, group_id, session_id) VALUES 
-        ($course_id, '".$id."','".api_get_user_id()."','P','".$_clean['group_id']."','".$session_id."')";
+    if (isset($_GET['actionpage']) && $_GET['actionpage'] =='locknotify' && $status_notify==0) {
+        $sql="INSERT INTO ".$tbl_wiki_mailcue." (c_id, id, user_id, type, group_id, session_id) VALUES
+        ($course_id, '".$id."','".api_get_user_id()."','P','".$groupId."','".$session_id."')";
         Database::query($sql);
 
         $status_notify=1;
     }
-    if ($_GET['actionpage']=='unlocknotify' && $status_notify==1) {
-        $sql = 'DELETE FROM '.$tbl_wiki_mailcue.' 
-        		WHERE id="'.$id.'" AND user_id="'.api_get_user_id().'" AND type="P" AND c_id = '.$course_id; //$_clean['group_id'] not necessary. CHECK FOR SESSIONS
+    if (isset($_GET['actionpage']) && $_GET['actionpage'] =='unlocknotify' && $status_notify==1) {
+        $sql = 'DELETE FROM '.$tbl_wiki_mailcue.'
+        		WHERE id="'.$id.'" AND user_id="'.api_get_user_id().'" AND type="P" AND c_id = '.$course_id;
         Database::query($sql);
 
         $status_notify=0;
@@ -1383,9 +1346,8 @@ function check_notify_discuss($reflink) {
     global $tbl_wiki_mailcue;
     global $condition_session;
     $course_id = api_get_course_int_id();
-
-    $_clean['group_id']=(int)$_SESSION['_gid'];
-    $session_id=api_get_session_id();
+    $groupId = api_get_group_id();
+    $session_id = api_get_session_id();
 
     $sql='SELECT * FROM '.$tbl_wiki.'WHERE c_id = '.$course_id.' AND reflink="'.$reflink.'" AND '.$groupfilter.$condition_session.' ORDER BY id ASC';
     $result=Database::query($sql);
@@ -1399,26 +1361,21 @@ function check_notify_discuss($reflink) {
 
     $idm=$row['id'];
 
-    if (empty($idm))
-    {
+    if (empty($idm)) {
         $status_notify_disc=0;
-    }
-    else
-    {
+    } else {
         $status_notify_disc=1;
     }
-    
+
     //change status
-    if ($_GET['actionpage']=='locknotifydisc' && $status_notify_disc==0) {
-        $sql="INSERT INTO ".$tbl_wiki_mailcue." (c_id, id, user_id, type, group_id, session_id) VALUES 
-        ($course_id, '".$id."','".api_get_user_id()."','D','".$_clean['group_id']."','".$session_id."')";
+    if (isset($_GET['actionpage']) && $_GET['actionpage'] =='locknotifydisc' && $status_notify_disc==0) {
+        $sql="INSERT INTO ".$tbl_wiki_mailcue." (c_id, id, user_id, type, group_id, session_id) VALUES
+        ($course_id, '".$id."','".api_get_user_id()."','D','".$groupId."','".$session_id."')";
         Database::query($sql);
         $status_notify_disc=1;
-
-     }
-    if ($_GET['actionpage']=='unlocknotifydisc' && $status_notify_disc==1)
-    {
-        $sql='DELETE FROM '.$tbl_wiki_mailcue.' WHERE c_id = '.$course_id.' AND id="'.$id.'" AND user_id="'.api_get_user_id().'" AND type="D" AND c_id = '.$course_id; //$_clean['group_id'] not necessary TODO:CHECK FOR SESSIONS
+    }
+    if (isset($_GET['actionpage']) && $_GET['actionpage'] =='unlocknotifydisc' && $status_notify_disc==1) {
+        $sql='DELETE FROM '.$tbl_wiki_mailcue.' WHERE c_id = '.$course_id.' AND id="'.$id.'" AND user_id="'.api_get_user_id().'" AND type="D" AND c_id = '.$course_id;
         Database::query($sql);
         $status_notify_disc=0;
     }
@@ -1437,38 +1394,32 @@ function check_notify_discuss($reflink) {
 function check_notify_all() {
     global $tbl_wiki_mailcue;
     $course_id = api_get_course_int_id();
-
-    $_clean['group_id']=(int)$_SESSION['_gid'];
+    $groupId = api_get_group_id();
     $session_id=api_get_session_id();
 
-    $sql='SELECT * FROM '.$tbl_wiki_mailcue.' WHERE  c_id = '.$course_id.' AND user_id="'.api_get_user_id().'" AND type="F" AND group_id="'.$_clean['group_id'].'" AND session_id="'.$session_id.'"';
+    $sql='SELECT * FROM '.$tbl_wiki_mailcue.' WHERE  c_id = '.$course_id.' AND user_id="'.api_get_user_id().'" AND type="F" AND group_id="'.$groupId.'" AND session_id="'.$session_id.'"';
     $result=Database::query($sql);
     $row=Database::fetch_array($result);
 
     $idm=$row['user_id'];
 
-    if (empty($idm))
-    {
+    if (empty($idm)) {
         $status_notify_all=0;
-    }
-    else
-    {
+    } else {
         $status_notify_all=1;
     }
-    
-    
-    //change status
-    if ($_GET['actionpage']=='locknotifyall' && $status_notify_all==0)
-    {
-            $sql="INSERT INTO ".$tbl_wiki_mailcue." (c_id, user_id, type, group_id, session_id) VALUES 
-            ($course_id, '".api_get_user_id()."','F','".$_clean['group_id']."','".$session_id."')";
-            Database::query($sql);
 
-            $status_notify_all=1;
+    //change status
+    if (isset($_GET['actionpage']) && $_GET['actionpage'] =='locknotifyall' && $status_notify_all==0) {
+        $sql="INSERT INTO ".$tbl_wiki_mailcue." (c_id, user_id, type, group_id, session_id) VALUES
+        ($course_id, '".api_get_user_id()."','F','".$groupId."','".$session_id."')";
+        Database::query($sql);
+        $status_notify_all=1;
     }
-    if ($_GET['actionpage']=='unlocknotifyall' && $status_notify_all==1) {
-        $sql ='DELETE FROM '.$tbl_wiki_mailcue.' 
-        	   WHERE  c_id = '.$course_id.' AND user_id="'.api_get_user_id().'" AND type="F" AND group_id="'.$_clean['group_id'].'" AND session_id="'.$session_id.'" AND c_id = '.$course_id;
+
+    if (isset($_GET['actionpage']) && isset($_GET['actionpage']) && $_GET['actionpage']  =='unlocknotifyall' && $status_notify_all==1) {
+        $sql ='DELETE FROM '.$tbl_wiki_mailcue.'
+        	   WHERE  c_id = '.$course_id.' AND user_id="'.api_get_user_id().'" AND type="F" AND group_id="'.$groupId.'" AND session_id="'.$session_id.'" AND c_id = '.$course_id;
         Database::query($sql);
         $status_notify_all=0;
     }
@@ -1487,19 +1438,17 @@ function check_emailcue($id_or_ref, $type, $lastime='', $lastuser='') {
     global $_course;
     global $condition_session;
 
-    $_clean['group_id']=(int)$_SESSION['_gid'];
+    $groupId = api_get_group_id();
     $session_id=api_get_session_id();
     $course_id = api_get_course_int_id();
 
-    $group_properties  = GroupManager :: get_group_properties($_clean['group_id']);
+    $group_properties  = GroupManager :: get_group_properties($groupId);
     $group_name= $group_properties['name'];
 
     $allow_send_mail=false; //define the variable to below
 
-    if ($type=='P')
-    {
-    //if modifying a wiki page
-
+    if ($type=='P') {
+        //if modifying a wiki page
         //first, current author and time
         //Who is the author?
         $userinfo=	Database::get_user_info_from_id($lastuser);
@@ -1522,22 +1471,16 @@ function check_emailcue($id_or_ref, $type, $lastime='', $lastuser='') {
 
         $id=$row['id'];
         $email_page_name=$row['title'];
-
-
-        if ($row['visibility']==1)
-        {
+        if ($row['visibility']==1) {
             $allow_send_mail=true; //if visibility off - notify off
 
-            $sql='SELECT * FROM '.$tbl_wiki_mailcue.' WHERE c_id = '.$course_id.' AND id="'.$id.'" AND type="'.$type.'" OR type="F" AND group_id="'.$_clean['group_id'].'" AND session_id="'.$session_id.'"'; //type: P=page, D=discuss, F=full.
+            $sql='SELECT * FROM '.$tbl_wiki_mailcue.' WHERE c_id = '.$course_id.' AND id="'.$id.'" AND type="'.$type.'" OR type="F" AND group_id="'.$groupId.'" AND session_id="'.$session_id.'"'; //type: P=page, D=discuss, F=full.
             $result=Database::query($sql);
 
             $emailtext=get_lang('EmailWikipageModified').' <strong>'.$email_page_name.'</strong> '.get_lang('Wiki');
         }
-
-    }
-    elseif ($type=='D')
-    {
-    //if added a post to discuss
+    } elseif ($type=='D') {
+        //if added a post to discuss
 
         //first, current author and time
         //Who is the author of last message?
@@ -1569,7 +1512,7 @@ function check_emailcue($id_or_ref, $type, $lastime='', $lastuser='') {
         {
             $allow_send_mail=true; //if visibility off - notify off
 
-            $sql='SELECT * FROM '.$tbl_wiki_mailcue.'WHERE c_id = '.$course_id.' AND id="'.$id.'" AND type="'.$type.'" OR type="F" AND group_id="'.$_clean['group_id'].'" AND session_id="'.$session_id.'"'; //type: P=page, D=discuss, F=full
+            $sql='SELECT * FROM '.$tbl_wiki_mailcue.'WHERE c_id = '.$course_id.' AND id="'.$id.'" AND type="'.$type.'" OR type="F" AND group_id="'.$groupId.'" AND session_id="'.$session_id.'"'; //type: P=page, D=discuss, F=full
             $result=Database::query($sql);
 
             $emailtext=get_lang('EmailWikiPageDiscAdded').' <strong>'.$email_page_name.'</strong> '.get_lang('Wiki');
@@ -1615,7 +1558,7 @@ function check_emailcue($id_or_ref, $type, $lastime='', $lastuser='') {
             $allow_send_mail=false; //Mode tasks: avoids notifications to all users about all users
         }
 
-        $sql='SELECT * FROM '.$tbl_wiki_mailcue.' WHERE c_id = '.$course_id.' AND  id="'.$id.'" AND type="F" AND group_id="'.$_clean['group_id'].'" AND session_id="'.$session_id.'"'; //type: P=page, D=discuss, F=full
+        $sql='SELECT * FROM '.$tbl_wiki_mailcue.' WHERE c_id = '.$course_id.' AND  id="'.$id.'" AND type="F" AND group_id="'.$groupId.'" AND session_id="'.$session_id.'"'; //type: P=page, D=discuss, F=full
         $result=Database::query($sql);
 
         $emailtext=get_lang('EmailWikiPageAdded').' <strong>'.$email_page_name.'</strong> '.get_lang('In').' '. get_lang('Wiki');
@@ -1635,7 +1578,7 @@ function check_emailcue($id_or_ref, $type, $lastime='', $lastuser='') {
         $today = date('r');		//current time
         $email_date_changes=$today;
 
-        $sql='SELECT * FROM '.$tbl_wiki_mailcue.'WHERE c_id = '.$course_id.' AND id="'.$id.'" AND type="F" AND group_id="'.$_clean['group_id'].'" AND session_id="'.$session_id.'"'; //type: P=page, D=discuss, F=wiki
+        $sql='SELECT * FROM '.$tbl_wiki_mailcue.'WHERE c_id = '.$course_id.' AND id="'.$id.'" AND type="F" AND group_id="'.$groupId.'" AND session_id="'.$session_id.'"'; //type: P=page, D=discuss, F=wiki
         $result=Database::query($sql);
 
         $emailtext=get_lang('EmailWikipageDedeleted');
@@ -1674,17 +1617,17 @@ function check_emailcue($id_or_ref, $type, $lastime='', $lastuser='') {
  * @author Juan Carlos Raña <herodoto@telefonica.net>
  */
 function export2doc($doc_id) {
-    
+
 	global $_course;
 	$groupId 	= api_get_group_id();
-    $session_id	= api_get_session_id();    
+    $session_id	= api_get_session_id();
     $data       = get_wiki_data($doc_id);
-    
+
     if (empty($data)) {
     	return false;
-    }    
+    }
     $wikiTitle 		= $data['title'];
-    $wikiContents 	= $data['content'];    
+    $wikiContents 	= $data['content'];
 
     $template =
         '<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
@@ -1754,7 +1697,7 @@ function export2doc($doc_id) {
     $i = 1;
     while ( file_exists($exportDir . '/' .$exportFile.'_'.$i.'.html') ) $i++; //only export last version, but in new export new version in document area
     $wikiFileName = $exportFile . '_' . $i . '.html';
-    $exportPath = $exportDir . '/' . $wikiFileName;    
+    $exportPath = $exportDir . '/' . $wikiFileName;
     file_put_contents( $exportPath, $wikiContents );
     $doc_id = add_document($_course, $groupPath.'/'.$wikiFileName, 'file', filesize($exportPath), $wikiTitle);
     api_item_property_update($_course, TOOL_DOCUMENT, $doc_id, 'DocumentAdded', api_get_user_id(), $groupId);
@@ -1767,19 +1710,19 @@ function export2doc($doc_id) {
  * Exports the wiki page to PDF
  */
 function export_to_pdf($id, $course_code) {
-    $data        = get_wiki_data($id);	
+    $data        = get_wiki_data($id);
 
     require_once api_get_path(LIBRARY_PATH).'pdf.lib.php';
 
     $data        = get_wiki_data($id);
-	
-	
+
+
     $content_pdf = api_html_entity_decode($data['content'], ENT_QUOTES, api_get_system_encoding());
-	
+
 	//clean wiki links
     $content_pdf=trim(preg_replace("/\[[\[]?([^\]|]*)[|]?([^|\]]*)\][\]]?/", "$1", $content_pdf));
     //TODO: It should be better to display the link insted of the tile but it is hard for [[title]] links
-	
+
     $title_pdf   = api_html_entity_decode($data['title'], ENT_QUOTES, api_get_system_encoding());
 
     $title_pdf   = api_utf8_encode($title_pdf, api_get_system_encoding());
@@ -1798,7 +1741,7 @@ function export_to_pdf($id, $course_code) {
     <setpagefooter name="odds" page="O" value="on" />
 
     mpdf-->'.$content_pdf;
-    
+
 
     $css_file = api_get_path(TO_SYS, WEB_CSS_PATH).api_get_setting('stylesheets').'/print.css';
     if (file_exists($css_file)) {
@@ -1814,7 +1757,7 @@ function export_to_pdf($id, $course_code) {
 
 /**
  * Function prevent double post (reload or F5)
- * 
+ *
  */
 function double_post($wpost_id) {
     if (isset($_SESSION['wpost_id'])) {
@@ -1837,25 +1780,20 @@ function double_post($wpost_id) {
 function auto_add_page_users($assignment_type) {
     global $assig_user_id, $session_id; //$assig_user_id is need to identify end reflinks
 
-    $_clean['group_id']=(int)$_SESSION['_gid'];
+    $groupId = api_get_group_id();
 
-    if($_clean['group_id']==0)
-      {
+    if($groupId==0) {
           //extract course members
-        if(!empty($session_id)){
+        if(!empty($session_id)) {
             $a_users_to_add = CourseManager :: get_user_list_from_course_code($_SESSION['_course']['id'], $session_id);
-        }
-        else
-        {
+        } else {
             $a_users_to_add = CourseManager :: get_user_list_from_course_code($_SESSION['_course']['id'], 0);
         }
-    }
-    else
-    {
+    } else {
         //extract group members
-        $subscribed_users = GroupManager :: get_subscribed_users($_clean['group_id']);
-        $subscribed_tutors = GroupManager :: get_subscribed_tutors($_clean['group_id']);
-        $a_users_to_add_with_duplicates=array_merge($subscribed_users, $subscribed_tutors);
+        $subscribed_users = GroupManager :: get_subscribed_users($groupId);
+        $subscribed_tutors = GroupManager :: get_subscribed_tutors($groupId);
+        $a_users_to_add_with_duplicates = array_merge($subscribed_users, $subscribed_tutors);
 
         //remove duplicates
         $a_users_to_add = $a_users_to_add_with_duplicates;
@@ -1890,15 +1828,13 @@ function auto_add_page_users($assignment_type) {
     //first: teacher name, photo, and assignment description (original content)
    // $content_orig_A='<div align="center" style="background-color: #F5F8FB;  border:double">'.$photo.'<br />'.api_get_person_name($userinfo['firstname'], $userinfo['lastname']).'<br />('.get_lang('Teacher').')</div><br/><div>';
     $content_orig_A='<div align="center" style="background-color: #F5F8FB; border:solid; border-color: #E6E6E6"><table border="0"><tr><td style="font-size:24px">'.get_lang('AssignmentDesc').'</td></tr><tr><td>'.$photo.'<br />'.Display::tag('span', api_get_person_name($userinfo['firstname'], $userinfo['lastname']), array('title'=>$username)).'</td></tr></table></div>';
-
     $content_orig_B='<br/><div align="center" style="font-size:24px">'.get_lang('AssignmentDescription').': '.$title_orig.'</div><br/>'.$_POST['content'];
 
     //Second: student list (names, photo and links to their works).
     //Third: Create Students work pages.
 
 
-       foreach($a_users_to_add as $user_id=>$o_user_to_add)
-    {
+    foreach($a_users_to_add as $user_id=>$o_user_to_add) {
         if($o_user_to_add['user_id'] != api_get_user_id()) //except that puts the task
         {
             $assig_user_id= $o_user_to_add['user_id']; //identifies each page as created by the student, not by teacher
@@ -1909,28 +1845,20 @@ function auto_add_page_users($assignment_type) {
             $name = api_get_person_name($o_user_to_add['firstname'], $o_user_to_add['lastname'])." . ".$username;
             $photo= '<img src="'.$image_repository.$existing_image.'" alt="'.$name.'"  width="40" height="50" align="bottom" title="'.$name.'"  />';
 
-            $is_tutor_of_group = GroupManager :: is_tutor_of_group($assig_user_id,$_clean['group_id']); //student is tutor
-            $is_tutor_and_member = (GroupManager :: is_tutor_of_group($assig_user_id,$_clean['group_id']) && GroupManager :: is_subscribed($assig_user_id, $_clean['group_id'])); //student is tutor and member
+            $is_tutor_of_group = GroupManager :: is_tutor_of_group($assig_user_id,$groupId); //student is tutor
+            $is_tutor_and_member = (GroupManager :: is_tutor_of_group($assig_user_id,$groupId) && GroupManager :: is_subscribed($assig_user_id, $groupId)); //student is tutor and member
 
-            if($is_tutor_and_member)
-            {
+            if($is_tutor_and_member) {
                 $status_in_group=get_lang('GroupTutorAndMember');
-
-            }
-            else
-            {
-                if($is_tutor_of_group)
-                {
+            } else {
+                if($is_tutor_of_group) {
                     $status_in_group=get_lang('GroupTutor');
-                }
-                else
-                {
+                } else {
                     $status_in_group=" "; //get_lang('GroupStandardMember')
                 }
             }
 
-            if($assignment_type==1)
-            {
+            if($assignment_type==1) {
                 $_POST['title']= $title_orig;
                 $_POST['comment']=get_lang('AssignmentFirstComToStudent');
                 $_POST['content']='<div align="center" style="background-color: #F5F8FB; border:solid; border-color: #E6E6E6"><table border="0"><tr><td style="font-size:24px">'.get_lang('AssignmentWork').'</td></tr><tr><td>'.$photo.'<br />'.$name.'</td></tr></table></div>[['.$link2teacher.' | '.get_lang('AssignmentLinktoTeacherPage').']] '; //If $content_orig_B is added here, the task written by the professor was copied to the page of each student. TODO: config options
@@ -1939,36 +1867,24 @@ function auto_add_page_users($assignment_type) {
                  $all_students_pages[] = '<li>'.
                  Display::tag('span', strtoupper($o_user_to_add['lastname']).', '.$o_user_to_add['firstname'], array('title'=>$username)).
                  ' [['.$_POST['title']."_uass".$assig_user_id.' | '.$photo.']] '.$status_in_group.'</li>'; //don't change this line without guaranteeing that users will be ordered by last names in the following format (surname, name)
-
-                //$all_students_pages[] = '<li><table border="0"><tr><td width="200">'.api_get_person_name($o_user_to_add['lastname'], $o_user_to_add['firstname']).'</td><td>[['.$_POST['title']."_uass".$assig_user_id.' | '.$photo.']] '.$status_in_group.'</td></tr></table></li>';
-
                 $_POST['assignment']=2;
-
             }
             save_new_wiki();
         }
-
     }//end foreach for each user
 
-    foreach($a_users_to_add as $user_id=>$o_user_to_add)
-    {
-
-        if($o_user_to_add['user_id'] == api_get_user_id())
-        {
+    foreach ($a_users_to_add as $user_id=>$o_user_to_add) {
+        if($o_user_to_add['user_id'] == api_get_user_id()) {
             $assig_user_id=$o_user_to_add['user_id'];
-            if($assignment_type==1)
-             {
+            if($assignment_type==1) {
                 $_POST['title']= $title_orig;
                 $_POST['comment']=get_lang('AssignmentDesc');
                 sort($all_students_pages);
                 $_POST['content']=$content_orig_A.$content_orig_B.'<br/><div align="center" style="font-size:18px; background-color: #F5F8FB; border:solid; border-color:#E6E6E6">'.get_lang('AssignmentLinkstoStudentsPage').'</div><br/><div style="background-color: #F5F8FB; border:solid; border-color:#E6E6E6"><ol>'.implode($all_students_pages).'</ol></div><br/>';
-                 $_POST['assignment']=1;
-
+                $_POST['assignment']=1;
              }
-
             save_new_wiki();
         }
-
     } //end foreach to teacher
 }
 
@@ -1984,32 +1900,31 @@ function display_wiki_search_results($search_term, $search_content=0, $all_vers=
 
     echo '<legend>'.get_lang('WikiSearchResults').'</legend>';
 
-    $_clean['group_id']=(int)$_SESSION['_gid'];
+    $groupId = api_get_group_id();
     $session_id=api_get_session_id();
-
     $course_id = api_get_course_int_id();
-    
-	//only by professors when page is hidden   
-    if (api_is_allowed_to_edit(false,true) || api_is_platform_admin()) {  
+
+	//only by professors when page is hidden
+    if (api_is_allowed_to_edit(false,true) || api_is_platform_admin()) {
 		if ($all_vers=='1') {
 			if ($search_content=='1') {
-				$sql="SELECT * FROM ".$tbl_wiki." 
+				$sql="SELECT * FROM ".$tbl_wiki."
 						WHERE c_id = $course_id AND title LIKE '%".Database::escape_string($search_term)."%' OR content LIKE '%".Database::escape_string($search_term)."%' AND ".$groupfilter.$condition_session."";//search all pages and all versions
 			} else {
-				$sql="SELECT * FROM ".$tbl_wiki." 
+				$sql="SELECT * FROM ".$tbl_wiki."
 						WHERE c_id = $course_id AND title LIKE '%".Database::escape_string($search_term)."%' AND ".$groupfilter.$condition_session."";//search all pages and all versions
-			}			
+			}
 		} else {
 			if ($search_content=='1') {
-			   $sql = "SELECT * FROM ".$tbl_wiki." s1 
-						WHERE s1.c_id = $course_id AND title LIKE '%".Database::escape_string($search_term)."%' OR content LIKE '%".Database::escape_string($search_term)."%' AND 
+			   $sql = "SELECT * FROM ".$tbl_wiki." s1
+						WHERE s1.c_id = $course_id AND title LIKE '%".Database::escape_string($search_term)."%' OR content LIKE '%".Database::escape_string($search_term)."%' AND
 			   			id=(SELECT MAX(s2.id) FROM ".$tbl_wiki." s2 WHERE s2.c_id = $course_id AND s1.reflink = s2.reflink AND ".$groupfilter.$condition_session.")";// warning don't use group by reflink because don't return the last version
 			}
 			else {
-			   $sql = " SELECT * FROM ".$tbl_wiki." s1 
-			   			WHERE s1.c_id = $course_id AND title LIKE '%".Database::escape_string($search_term)."%' AND 
+			   $sql = " SELECT * FROM ".$tbl_wiki." s1
+			   			WHERE s1.c_id = $course_id AND title LIKE '%".Database::escape_string($search_term)."%' AND
 			   			id=(SELECT MAX(s2.id) FROM ".$tbl_wiki." s2 WHERE s2.c_id = $course_id AND s1.reflink = s2.reflink AND ".$groupfilter.$condition_session.")";// warning don't use group by reflink because don't return the last version
-			}		
+			}
 		}
 	} else {
 		if($all_vers=='1') {
@@ -2017,15 +1932,15 @@ function display_wiki_search_results($search_term, $search_content=0, $all_vers=
 				$sql="SELECT * FROM ".$tbl_wiki." WHERE c_id = $course_id AND visibility=1 AND title LIKE '%".Database::escape_string($search_term)."%' OR content LIKE '%".Database::escape_string($search_term)."%' AND ".$groupfilter.$condition_session."";//search all pages and all versions
 			} else {
 				$sql="SELECT * FROM ".$tbl_wiki." WHERE c_id = $course_id AND visibility=1 AND title LIKE '%".Database::escape_string($search_term)."%' AND ".$groupfilter.$condition_session."";//search all pages and all versions
-			}			
-		} else {		
+			}
+		} else {
 			if($search_content=='1') {
-			   $sql = " SELECT * FROM ".$tbl_wiki." s1 
-			   		    WHERE s1.c_id = $course_id AND visibility=1 AND title LIKE '%".Database::escape_string($search_term)."%' OR content LIKE '%".Database::escape_string($search_term)."%' AND 
+			   $sql = " SELECT * FROM ".$tbl_wiki." s1
+			   		    WHERE s1.c_id = $course_id AND visibility=1 AND title LIKE '%".Database::escape_string($search_term)."%' OR content LIKE '%".Database::escape_string($search_term)."%' AND
 			   			id=(SELECT MAX(s2.id) FROM ".$tbl_wiki." s2 WHERE s2.c_id = $course_id AND  s1.reflink = s2.reflink AND ".$groupfilter.$condition_session.")";// warning don't use group by reflink because don't return the last version
 		} else {
-			   $sql = " SELECT * FROM ".$tbl_wiki." s1 
-			   			WHERE s1.c_id = $course_id AND visibility=1 AND title LIKE '%".Database::escape_string($search_term)."%' AND 
+			   $sql = " SELECT * FROM ".$tbl_wiki." s1
+			   			WHERE s1.c_id = $course_id AND visibility=1 AND title LIKE '%".Database::escape_string($search_term)."%' AND
 			   			id=(SELECT MAX(s2.id) FROM ".$tbl_wiki." s2 WHERE s2.c_id = $course_id AND s1.reflink = s2.reflink AND ".$groupfilter.$condition_session.")";// warning don't use group by reflink because don't return the last version
 			}
 		}
@@ -2064,13 +1979,13 @@ function display_wiki_search_results($search_term, $search_content=0, $all_vers=
 
             $row = array ();
             $row[] =$ShowAssignment;
-			
+
 			if($all_vers=='1') {
 				$row[] = '<a href="'.api_get_self().'?cidReq='.$_course['id'].'&action=showpage&title='.api_htmlentities(urlencode($obj->reflink)).'&view='.$obj->id.'&session_id='.api_htmlentities(urlencode($_GET['$session_id'])).'&group_id='.api_htmlentities(urlencode($_GET['group_id'])).'">'.api_htmlentities($obj->title).'</a>';
 			}
-			else {			
+			else {
 				$row[] = '<a href="'.api_get_self().'?cidReq='.$_course[id].'&action=showpage&title='.api_htmlentities(urlencode($obj->reflink)).'&session_id='.api_htmlentities($_GET['session_id']).'&group_id='.api_htmlentities($_GET['group_id']).'">'.$obj->title.'</a>';
-			}       
+			}
 
 			$row[] = $obj->user_id <>0 ? '<a href="../user/userInfo.php?uInfo='.$userinfo['user_id'].'">'.api_htmlentities(api_get_person_name($userinfo['firstname'], $userinfo['lastname'])).'</a>' : get_lang('Anonymous').' ('.$obj->user_ip.')';
             $row[] = $year.'-'.$month.'-'.$day.' '.$hours.":".$minutes.":".$seconds;
@@ -2081,7 +1996,7 @@ function display_wiki_search_results($search_term, $search_content=0, $all_vers=
 			else {
 				if(api_is_allowed_to_edit(false,true)|| api_is_platform_admin()) {
 					$showdelete=' <a href="'.api_get_self().'?cidReq='.$_course[id].'&action=delete&title='.api_htmlentities(urlencode($obj->reflink)).'&group_id='.api_htmlentities($_GET['group_id']).'">'.Display::return_icon('delete.png', get_lang('Delete'),'',ICON_SIZE_SMALL);
-				}				
+				}
 				$row[] = '<a href="'.api_get_self().'?cidReq='.$_course[id].'&action=edit&title='.api_htmlentities(urlencode($obj->reflink)).'&group_id='.api_htmlentities($_GET['group_id']).'">'.Display::return_icon('edit.png', get_lang('EditPage'),'',ICON_SIZE_SMALL).'</a> <a href="'.api_get_self().'?cidReq='.$_course[id].'&action=discuss&title='.api_htmlentities(urlencode($obj->reflink)).'&session_id='.api_htmlentities($_GET['session_id']).'&group_id='.api_htmlentities($_GET['group_id']).'">'.Display::return_icon('discuss.png', get_lang('Discuss'),'',ICON_SIZE_SMALL).'</a> <a href="'.api_get_self().'?cidReq='.$_course[id].'&action=history&title='.api_htmlentities(urlencode($obj->reflink)).'&session_id='.api_htmlentities($_GET['session_id']).'&group_id='.api_htmlentities($_GET['group_id']).'">'.Display::return_icon('history.png', get_lang('History'),'',ICON_SIZE_SMALL).'</a> <a href="'.api_get_self().'?cidReq='.$_course[id].'&action=links&title='.api_htmlentities(urlencode($obj->reflink)).'&group_id='.api_htmlentities($_GET['group_id']).'">'.Display::return_icon('what_link_here.png', get_lang('LinksPages'),'',ICON_SIZE_SMALL).'</a>'.$showdelete;
 			}
 
@@ -2089,7 +2004,7 @@ function display_wiki_search_results($search_term, $search_content=0, $all_vers=
         }
 
         $table = new SortableTableFromArrayConfig($rows,1,10,'SearchPages_table','','','ASC');
-		$table->set_additional_parameters(array('cidReq' =>$_GET['cidReq'],'action'=>$_GET['action'],'group_id'=>Security::remove_XSS($_GET['group_id']),'mode_table'=>'yes2','search_term'=>$search_term, 'search_content'=>$search_content, 'all_vers'=>$all_vers));	
+		$table->set_additional_parameters(array('cidReq' =>$_GET['cidReq'],'action'=>$_GET['action'],'group_id'=>Security::remove_XSS($_GET['group_id']),'mode_table'=>'yes2','search_term'=>$search_term, 'search_content'=>$search_content, 'all_vers'=>$all_vers));
 		$table->set_header(0,get_lang('Type'), true, array ('style' => 'width:30px;'));
 		$table->set_header(1,get_lang('Title'), true);
 		if($all_vers=='1') {
@@ -2097,15 +2012,13 @@ function display_wiki_search_results($search_term, $search_content=0, $all_vers=
 			$table->set_header(3,get_lang('Date'), true);
 			$table->set_header(4,get_lang('Version'), true);
 		}
-		else {			
+		else {
 			$table->set_header(2,get_lang('Author').' ('.get_lang('LastVersion').')', true);
-			$table->set_header(3,get_lang('Date').' ('.get_lang('LastVersion').')', true);		
+			$table->set_header(3,get_lang('Date').' ('.get_lang('LastVersion').')', true);
 			$table->set_header(4,get_lang('Actions'), false, array ('style' => 'width:130px;'));
 		}
 		$table->display();
-    }
-    else
-    {
+    } else {
         echo get_lang('NoSearchResults');
     }
 }
@@ -2185,7 +2098,7 @@ function two_digits($number) {
  * @param   int     wiki id
  * @return  array   wiki data
  */
-function get_wiki_data($id) {    
+function get_wiki_data($id) {
     global $tbl_wiki;
     $course_id = api_get_course_int_id();
     $id = intval($id);

From ff17b0001c7783497469daa8a933327d505e45bb Mon Sep 17 00:00:00 2001
From: Julio Montoya <gugli100@gmail.com>
Date: Fri, 29 Nov 2013 16:01:17 +0100
Subject: [PATCH 4/4] Fixing session filter in course list (fast fix)  - needs
 revision see BT#7011

---
 main/admin/course_list.php     | 71 +++++++++++++++++++---------------
 main/inc/ajax/session.ajax.php |  2 +-
 2 files changed, 41 insertions(+), 32 deletions(-)

diff --git a/main/admin/course_list.php b/main/admin/course_list.php
index 2cbb21455b..57f70d0466 100644
--- a/main/admin/course_list.php
+++ b/main/admin/course_list.php
@@ -20,6 +20,8 @@ require_once '../gradebook/lib/be/gradebookitem.class.php';
 require_once '../gradebook/lib/be/category.class.php';
 require_once api_get_path(LIBRARY_PATH).'course_category.lib.php';
 
+$sessionId = isset($_GET['session_id']) ? $_GET['session_id'] : null;
+
 /**
  * Get the number of courses which will be displayed
  */
@@ -58,6 +60,11 @@ function get_number_of_courses() {
 
 /**
  * Get course data to display
+ * @param int $from
+ * @param int $number_of_items
+ * @param int $column
+ * @param string $direction
+ * @return array
  */
 function get_course_data($from, $number_of_items, $column, $direction) {
     $course_table = Database::get_main_table(TABLE_MAIN_COURSE);
@@ -115,10 +122,17 @@ function get_course_data($from, $number_of_items, $column, $direction) {
     }
     return $courses;
 }
+
 /**
  * Get course data to display filtered by session name
+ * @param int $from
+ * @param int $number_of_items
+ * @param int $column
+ * @param string $direction
+ * @return array
  */
-function get_course_data_by_session($from, $number_of_items, $column, $direction) {
+function get_course_data_by_session($from, $number_of_items, $column, $direction)
+{
     $course_table = Database::get_main_table(TABLE_MAIN_COURSE);
     $session_rel_course = Database::get_main_table(TABLE_MAIN_SESSION_COURSE);
     $session = Database::get_main_table(TABLE_MAIN_SESSION);
@@ -138,14 +152,14 @@ function get_course_data_by_session($from, $number_of_items, $column, $direction
             INNER JOIN $session_rel_course r ON c.code = r.course_code
             INNER JOIN $session s ON r.id_session = s.id
             ";
-    if (isset($_GET['session'])) {
-        $session = Database::escape_string(trim($_GET['session']));
-        $sql.= " WHERE s.name LIKE '%" . $session . "%'";
+
+    if (isset($_GET['session_id']) && !empty($_GET['session_id'])) {
+        $sessionId = intval($_GET['session_id']);
+        $sql.= " WHERE s.id = ".$sessionId;
     }
 
     $sql .= " ORDER BY col$column $direction ";
     $sql .= " LIMIT $from,$number_of_items";
-
     $res = Database::query($sql);
     $courses = array ();
     while ($course = Database::fetch_array($res)) {
@@ -162,7 +176,8 @@ function get_course_data_by_session($from, $number_of_items, $column, $direction
 /**
  * Filter to display the edit-buttons
  */
-function modify_filter($code) {
+function modify_filter($code)
+{
 	$icourse = api_get_course_info($code);
         return
         '<a href="course_information.php?code='.$code.'">'.Display::return_icon('synthese_view.gif', get_lang('Info')).'</a>&nbsp;'.
@@ -203,7 +218,7 @@ function get_course_visibility_icon($v) {
 if (isset ($_POST['action'])) {
     switch ($_POST['action']) {
         // Delete selected courses
-        case 'delete_courses' :
+        case 'delete_courses':
             $course_codes = $_POST['course'];
             if (count($course_codes) > 0) {
                 foreach ($course_codes as $course_code) {
@@ -258,7 +273,7 @@ if (isset ($_GET['search']) && $_GET['search'] == 'advanced') {
     $form->addElement('radio', 'keyword_unsubscribe', get_lang('Unsubscription'), get_lang('AllowedToUnsubscribe'), 1);
     $form->addElement('radio', 'keyword_unsubscribe', null, get_lang('NotAllowedToUnsubscribe'), 0);
     $form->addElement('radio', 'keyword_unsubscribe', null, get_lang('All'), '%');
-    $form->addElement('style_submit_button', 'submit', get_lang('SearchCourse'),'class="btn"');
+    $form->addElement('style_submit_button', 'submit', get_lang('SearchCourse'), 'class="btn"');
     $defaults['keyword_language'] = '%';
     $defaults['keyword_visibility'] = '%';
     $defaults['keyword_subscribe'] = '%';
@@ -295,33 +310,27 @@ if (isset ($_GET['search']) && $_GET['search'] == 'advanced') {
     $form->addElement('style_submit_button', 'submit', get_lang('SearchCourse'), 'class="btn"');
     $form->addElement('static', 'search_advanced_link', null, '<a href="course_list.php?search=advanced">'.get_lang('AdvancedSearch').'</a>');
 
-    //Create a filter by session
-    /*$sessionFilter = new FormValidator('course_filter', 'get', '', '', array('class'=> 'form-search'), false);
+    // Create a filter by session
+    $sessionFilter = new FormValidator('course_filter', 'get', '', '', array('class'=> 'form-search'), false);
     $url = api_get_path(WEB_AJAX_PATH).'session.ajax.php?a=search_session';
-    $sessionFilter->addElement('select_ajax', 'session_name', get_lang('SearchCourseBySession'), null, array('url' => $url));
-
-    $actions = '
-    <script type="text/javascript">
-    <!--
-    function jumpMenu(targ,selObj,restore){ // v3.0
-        eval(targ+".location=\'"+selObj.options[selObj.selectedIndex].value+"\'");
-        if (restore) selObj.selectedIndex=0;
+    $sessionList = array();
+    if (!empty($sessionId)) {
+        $sessionList = array();
+        $sessionInfo = SessionManager::fetch($sessionId);
+        $sessionList[] = array('id' => $sessionInfo['id'], 'text' => $sessionInfo['name']);
     }
+    $sessionFilter->addElement('select_ajax', 'session_name', get_lang('SearchCourseBySession'), null, array('url' => $url, 'defaults' => $sessionList));
+    $courseListUrl = api_get_self();
+    $actions = '
+    <script>
     $(function() {
-        //alert($);
-        //jumpMenu(\'parent\',this,0)
-        $(\'ul.select2-results .select2-result-label\').on(\'click\',function(){
-            console.log($(\'ul.select2-results li\'));
-        });
-        //console.log($(\'#s2id_session_name\'));
-        $(\'.select2-chosen\').on(\'change\',function(){
-            console.log(\'test\');
+        $("#session_name").on("change", function() {
+           var sessionId = $(this).val();
+           window.location = "'.$courseListUrl.'?session_id="+sessionId;
         });
     });
-    //-->
-    </script>';*/
-    //$actions .= $sessionFilter->return_form();
-
+    </script>';
+    $actions .= $sessionFilter->return_form();
 
     $actions .= '<div style="float: right; ">';
     $actions .= '<a href="course_add.php">'.Display::return_icon('new_course.png', get_lang('AddCourse'),'',ICON_SIZE_MEDIUM).'</a> ';
@@ -332,7 +341,7 @@ if (isset ($_GET['search']) && $_GET['search'] == 'advanced') {
     $actions .= '</div>';
     $actions .= $form->return_form();
 
-    if (isset ($_GET['search']) && $_GET['search'] == 'session') {
+    if (isset($_GET['session_id']) && !empty($_GET['session_id'])) {
         // Create a sortable table with the course data filtered by session
         $table = new SortableTable('courses', 'get_number_of_courses', 'get_course_data_by_session', 2);
     } else {
diff --git a/main/inc/ajax/session.ajax.php b/main/inc/ajax/session.ajax.php
index 5005a7ee2f..b81f2a626a 100644
--- a/main/inc/ajax/session.ajax.php
+++ b/main/inc/ajax/session.ajax.php
@@ -31,7 +31,7 @@ switch ($action) {
             if (!empty($results)) {
                 foreach ($results as $item) {
                     $item2 = array();
-                    foreach ($item as $id => $internal ){
+                    foreach ($item as $id => $internal) {
                         if ($id == 'id') {
                             $item2[$id] = $internal;
                         }