diff --git a/main/auth/courses.php b/main/auth/courses.php
index 91183f75a1..75671d28b0 100755
--- a/main/auth/courses.php
+++ b/main/auth/courses.php
@@ -62,6 +62,7 @@ if (isset($_GET['action']) && in_array($_GET['action'], $actions)) {
 }
 
 $categoryCode = isset($_GET['category_code']) && !empty($_GET['category_code']) ? $_GET['category_code'] : 'ALL';
+$searchTerm = isset($_REQUEST['search_term']) ? Security::remove_XSS($_REQUEST['search_term']) : '';
 
 $nameTools = CourseCategory::getCourseCatalogNameTools($action);
 if (empty($nameTools)) {
@@ -145,13 +146,14 @@ if (isset($_POST['create_course_category']) &&
 if (isset($_REQUEST['search_course'])) {
     if ($ctok == $_REQUEST['sec_token']) {
         $courses_controller->search_courses(
-            $_REQUEST['search_term'],
+            $searchTerm,
             null,
             null,
             null,
             $limit,
             true
         );
+        exit;
     }
 }
 
@@ -160,7 +162,7 @@ if (isset($_REQUEST['subscribe_course'])) {
     if ($ctok == $_GET['sec_token']) {
         $courses_controller->subscribe_user(
             $_GET['subscribe_course'],
-            $_GET['search_term'],
+            $searchTerm,
             $categoryCode
         );
     }
@@ -168,11 +170,10 @@ if (isset($_REQUEST['subscribe_course'])) {
 
 // We are unsubscribing from a course (=Unsubscribe from course).
 if (isset($_GET['unsubscribe'])) {
-    $search_term = isset($_GET['search_term']) ? $_GET['search_term'] : null;
     if ($ctok == $_GET['sec_token']) {
         $courses_controller->unsubscribe_user_from_course(
             $_GET['unsubscribe'],
-            $search_term,
+            $searchTerm,
             $categoryCode
         );
     }
@@ -188,7 +189,7 @@ switch ($action) {
     case 'subscribe_user_with_password':
         $courses_controller->subscribe_user(
             isset($_POST['subscribe_user_with_password']) ? $_POST['subscribe_user_with_password'] : '',
-            isset($_POST['search_term']) ? $_POST['search_term'] : '',
+            $searchTerm,
             isset($_POST['category_code']) ? $_POST['category_code'] : ''
         );
         break;
diff --git a/main/auth/courses_categories.php b/main/auth/courses_categories.php
index 9c8bbb9f27..b5a33a392a 100755
--- a/main/auth/courses_categories.php
+++ b/main/auth/courses_categories.php
@@ -19,7 +19,7 @@ $pageCurrent = isset($pageCurrent) ? $pageCurrent : isset($_GET['pageCurrent'])
 $pageLength = isset($pageLength) ? $pageLength : isset($_GET['pageLength']) ? intval($_GET['pageLength']) : CoursesAndSessionsCatalog::PAGE_LENGTH;
 $pageTotal = intval(ceil(intval($countCoursesInCategory) / $pageLength));
 $cataloguePagination = $pageTotal > 1 ? CourseCategory::getCatalogPagination($pageCurrent, $pageLength, $pageTotal) : '';
-$search_term = isset($search_term) ? $search_term : null;
+$searchTerm = isset($_REQUEST['search_term']) ? Security::remove_XSS($_REQUEST['search_term']) : '';
 
 if ($showSessions && isset($_POST['date'])) {
     $date = $_POST['date'];
@@ -78,7 +78,7 @@ $code = isset($code) ? $code : null;
                                     <input class="form-control" type="text" name="search_term"
                                            value="<?php echo(empty($_POST['search_term'])
                                                ? ''
-                                               : api_htmlentities(Security::remove_XSS($_POST['search_term']))); ?>"/>
+                                               : api_htmlentities($searchTerm)); ?>"/>
                                     <div class="input-group-btn">
                                         <button class="btn btn-default" type="submit">
                                             <em class="fa fa-search"></em> <?php echo get_lang('Search'); ?>
@@ -158,8 +158,8 @@ if ($showCourses && $action != 'display_sessions') {
         echo $content;
     }
 
-    if (!empty($search_term)) {
-        echo "<p><strong>".get_lang('SearchResultsFor')." ".Security::remove_XSS($_POST['search_term'])."</strong><br />";
+    if (!empty($searchTerm)) {
+        echo "<p><strong>".get_lang('SearchResultsFor')." ".$searchTerm."</strong><br />";
     }
 
     $ajax_url = api_get_path(WEB_AJAX_PATH).'course.ajax.php?a=add_course_vote';
@@ -202,7 +202,7 @@ if ($showCourses && $action != 'display_sessions') {
             $html .= returnThumbnail($course, $userRegistered);
 
             $separator = null;
-            $subscribeButton = return_register_button($course, $stok, $code, $search_term);
+            $subscribeButton = return_register_button($course, $stok, $code, $searchTerm);
 
             // start buycourse validation
             // display the course price and buy button if the buycourses plugin is enabled and this course is configured
@@ -239,13 +239,13 @@ if ($showCourses && $action != 'display_sessions') {
                 $html .= return_already_registered_label('student');
                 if (!$course_closed) {
                     if ($course_unsubscribe_allowed) {
-                        $html .= return_unregister_button($course, $stok, $search_term, $code);
+                        $html .= return_unregister_button($course, $stok, $searchTerm, $code);
                     }
                 }
             } elseif ($userRegisteredInCourseAsTeacher) {
                 // if user registered as teacher
                 if ($course_unsubscribe_allowed) {
-                    $html .= return_unregister_button($course, $stok, $search_term, $code);
+                    $html .= return_unregister_button($course, $stok, $searchTerm, $code);
                 }
             } else {
                 // if user not registered in the course
diff --git a/main/auth/courses_controller.php b/main/auth/courses_controller.php
index 51c2a0c7e6..79f7fa2b03 100755
--- a/main/auth/courses_controller.php
+++ b/main/auth/courses_controller.php
@@ -101,14 +101,21 @@ class CoursesController
         $data['countCoursesInCategory'] = $this->model->count_courses_in_category($category_code);
         if ($action === 'display_random_courses') {
             // Random value is used instead limit filter
-            $data['browse_courses_in_category'] = $this->model->browse_courses_in_category(null, 12);
+            $data['browse_courses_in_category'] = $this->model->browse_courses_in_category(
+                null,
+                12
+            );
             $data['countCoursesInCategory'] = count($data['browse_courses_in_category']);
         } else {
             if (!isset($category_code)) {
                 $category_code = $browse_course_categories[0][1]['code']; // by default first category
             }
             $limit = isset($limit) ? $limit : CourseCategory::getLimitArray();
-            $data['browse_courses_in_category'] = $this->model->browse_courses_in_category($category_code, null, $limit);
+            $data['browse_courses_in_category'] = $this->model->browse_courses_in_category(
+                $category_code,
+                null,
+                $limit
+            );
         }
 
         $data['browse_course_categories'] = $browse_course_categories;
@@ -170,10 +177,16 @@ class CoursesController
         $data = array();
         $limit = !empty($limit) ? $limit : CourseCategory::getLimitArray();
         $browse_course_categories = $this->model->browse_course_categories();
-        $data['countCoursesInCategory'] = $this->model->count_courses_in_category('ALL', $search_term);
-        $data['browse_courses_in_category'] = $this->model->search_courses($search_term, $limit, $justVisible);
+        $data['countCoursesInCategory'] = $this->model->count_courses_in_category(
+            'ALL',
+            $search_term
+        );
+        $data['browse_courses_in_category'] = $this->model->search_courses(
+            $search_term,
+            $limit,
+            $justVisible
+        );
         $data['browse_course_categories']   = $browse_course_categories;
-
         $data['search_term'] = Security::remove_XSS($search_term); //filter before showing in template
 
         // getting all the courses to which the user is subscribed to
@@ -254,9 +267,16 @@ class CoursesController
     {
         $result = $this->model->store_course_category($category_title);
         if ($result) {
-            Display::addFlash(Display::return_message(get_lang('CourseCategoryStored')));
+            Display::addFlash(
+                Display::return_message(get_lang('CourseCategoryStored'))
+            );
         } else {
-            Display::addFlash(Display::return_message(get_lang('ACourseCategoryWithThisNameAlreadyExists'), 'error'));
+            Display::addFlash(
+                Display::return_message(
+                    get_lang('ACourseCategoryWithThisNameAlreadyExists'),
+                    'error'
+                )
+            );
         }
         $action = 'sortmycourses';
         $this->courses_list($action);
@@ -275,7 +295,9 @@ class CoursesController
 
         $result = $this->model->updateCourseCategory($courseId, $category_id);
         if ($result) {
-            Display::addFlash(Display::return_message(get_lang('EditCourseCategorySucces')));
+            Display::addFlash(
+                Display::return_message(get_lang('EditCourseCategorySucces'))
+            );
         }
         $action = 'sortmycourses';
         $this->courses_list($action);
@@ -292,7 +314,9 @@ class CoursesController
     {
         $result = $this->model->move_course($move, $course_code, $category_id);
         if ($result) {
-            Display::addFlash(Display::return_message(get_lang('CourseSortingDone')));
+            Display::addFlash(
+                Display::return_message(get_lang('CourseSortingDone'))
+            );
         }
         $action = 'sortmycourses';
         $this->courses_list($action);
@@ -308,7 +332,9 @@ class CoursesController
     {
         $result = $this->model->move_category($move, $category_id);
         if ($result) {
-            Display::addFlash(Display::return_message(get_lang('CategorySortingDone')));
+            Display::addFlash(
+                Display::return_message(get_lang('CategorySortingDone'))
+            );
         }
         $action = 'sortmycourses';
         $this->courses_list($action);
@@ -324,7 +350,9 @@ class CoursesController
     {
         $result = $this->model->store_edit_course_category($title, $category);
         if ($result) {
-            Display::addFlash(Display::return_message(get_lang('CourseCategoryEditStored')));
+            Display::addFlash(
+                Display::return_message(get_lang('CourseCategoryEditStored'))
+            );
         }
         $action = 'sortmycourses';
         $this->courses_list($action);
@@ -339,7 +367,9 @@ class CoursesController
     {
         $result = $this->model->delete_course_category($category_id);
         if ($result) {
-            Display::addFlash(Display::return_message(get_lang('CourseCategoryDeleted')));
+            Display::addFlash(
+                Display::return_message(get_lang('CourseCategoryDeleted'))
+            );
         }
         $action = 'sortmycourses';
         $this->courses_list($action);
@@ -352,21 +382,30 @@ class CoursesController
      * @param string $search_term
      * @param string $category_code
      */
-    public function unsubscribe_user_from_course($course_code, $search_term = null, $category_code = null)
-    {
+    public function unsubscribe_user_from_course(
+        $course_code,
+        $search_term = null,
+        $category_code = null
+    ) {
         $result = $this->model->remove_user_from_course($course_code);
         $message = '';
         $error = '';
 
         if ($result) {
-            Display::addFlash(Display::return_message(get_lang('YouAreNowUnsubscribed')));
+            Display::addFlash(
+                Display::return_message(get_lang('YouAreNowUnsubscribed'))
+            );
         }
-        $action = 'sortmycourses';
 
         if (!empty($search_term)) {
             $this->search_courses($search_term, $message, $error);
         } else {
-            $this->courses_categories('subcribe', $category_code, $message, $error);
+            $this->courses_categories(
+                'subcribe',
+                $category_code,
+                $message,
+                $error
+            );
         }
     }
 
@@ -390,19 +429,21 @@ class CoursesController
 
                 $html .= '<li>';
 
+                $categoryLink = CourseCategory::getCourseCategoryUrl(
+                    1,
+                    $limit['length'],
+                    $categoryCode,
+                    $hiddenLinks,
+                    $action
+                );
+
                 if ($code == $categoryCode) {
                     $html .= '<strong>';
                     $html .= "$categoryName ($categoryCourses)";
                     $html .= '</strong>';
                 } else {
                     if (!empty($categoryCourses)) {
-                        $html .= '<a href="'.CourseCategory::getCourseCategoryUrl(
-                                1,
-                                $limit['length'],
-                                $categoryCode,
-                                $hiddenLinks,
-                                $action
-                            ).'">';
+                        $html .= '<a href="'.$categoryLink.'">';
                         $html .= "$categoryName ($categoryCourses)";
                         $html .= '</a>';
                     } else {
@@ -421,13 +462,7 @@ class CoursesController
                         if ($code == $subCategory1Code) {
                             $html .= "<strong>$subCategory1Name ($subCategory1Courses)</strong>";
                         } else {
-                            $html .= '<a href="'.CourseCategory::getCourseCategoryUrl(
-                                    1,
-                                    $limit['length'],
-                                    $categoryCode,
-                                    $hiddenLinks,
-                                    $action
-                                ).'">';
+                            $html .= '<a href="'.$categoryLink.'">';
                             $html .= "$subCategory1Name ($subCategory1Courses)";
                             $html .= '</a>';
                         }
@@ -445,13 +480,7 @@ class CoursesController
                                 if ($code == $subCategory2Code) {
                                     $html .= "<strong>$subCategory2Name ($subCategory2Courses)</strong>";
                                 } else {
-                                    $html .= '<a href="'.CourseCategory::getCourseCategoryUrl(
-                                            1,
-                                            $limit['length'],
-                                            $categoryCode,
-                                            $hiddenLinks,
-                                            $action
-                                        ).'">';
+                                    $html .= '<a href="'.$categoryLink.'">';
                                     $html .= "$subCategory2Name ($subCategory2Courses)";
                                     $html .= '</a>';
                                 }
@@ -469,13 +498,7 @@ class CoursesController
                                         if ($code == $subCategory3Code) {
                                             $html .= "<strong>$subCategory3Name ($subCategory3Courses)</strong>";
                                         } else {
-                                            $html .= '<a href="'.CourseCategory::getCourseCategoryUrl(
-                                                    1,
-                                                    $limit['length'],
-                                                    $categoryCode,
-                                                    $hiddenLinks,
-                                                    $action
-                                                ).'">';
+                                            $html .= '<a href="'.$categoryLink.'">';
                                             $html .= "$subCategory3Name ($subCategory3Courses)";
                                             $html .= '</a>';
                                         }