diff --git a/main/document/download.php b/main/document/download.php
old mode 100755
new mode 100644
index 92f1427e9c..752b82ec0f
--- a/main/document/download.php
+++ b/main/document/download.php
@@ -74,17 +74,16 @@ if (Security::check_abs_path($sys_course_path.$doc_url, $sys_course_path.'/')) {
     // Check visibility of document and paths    doc_url
     //var_dump($document_id, api_get_course_id(), api_get_session_id(), api_get_user_id());
     $is_visible = false;
-    $course_info   = api_get_course_info(api_get_course_id());
-    $document_id = DocumentManager::get_document_id($course_info, $doc_url);
+    //$course_info   = api_get_course_info(api_get_course_id());
+    //$document_id = DocumentManager::get_document_id($course_info, $doc_url);
     
-    if ($document_id) {
+    //HotPotatoes_files
+    //if ($document_id) {
     	// Correct choice for strict security (only show if whole tree visible)
-	//$is_visible = DocumentManager::check_visibility_tree($document_id, api_get_course_id(), api_get_session_id(), api_get_user_id());
+        //$is_visible = DocumentManager::check_visibility_tree($document_id, api_get_course_id(), api_get_session_id(), api_get_user_id());
         // Correct choice for usability
     	$is_visible = DocumentManager::is_visible($doc_url, $_course, api_get_session_id());
-    }
-    
-    //$is_visible = DocumentManager::is_visible($doc_url, $_course, api_get_session_id());
+    //}
     if (!api_is_allowed_to_edit() && !$is_visible) {
     	Display::display_error_message(get_lang('ProtectedDocument'));//api_not_allowed backbutton won't work.
     	exit; // You shouldn't be here anyway.
diff --git a/main/inc/lib/document.lib.php b/main/inc/lib/document.lib.php
index e16c5851ef..450c66a057 100755
--- a/main/inc/lib/document.lib.php
+++ b/main/inc/lib/document.lib.php
@@ -1182,10 +1182,15 @@ class DocumentManager {
 
         //When using hotpotatoes files, new files are generated in the hotpotatoe folder, if user_id=1 does the exam a new html file will be generated: hotpotatoe.html.(user_id).t.html
         //so we remove that string in order to find correctly the origin file
-        if (strpos($doc_path, 'HotPotatoes_files')) {
-            $doc_path = substr($doc_path, 0, strlen($doc_path) - 8);
+         
+        if (strpos($doc_path, 'HotPotatoes_files')) {       
+            $doc_path = str_replace(api_get_user_id(), '', $doc_path);
+            $doc_path = str_replace('.t.html', '', $doc_path);                       
+            $path_info = pathinfo($doc_path);            
+            $explode_result = explode('.', $path_info['basename']);            
+            $doc_path = str_replace($path_info['basename'], $explode_result[0].'.'.$path_info['extension'], $doc_path);
         }
-
+        
         if (!in_array($file_type, array('file','folder'))) {
             $file_type = 'file';
         }