diff --git a/main/work/download.php b/main/work/download.php
index 7d9be0f18f..b3dd9d8ea6 100755
--- a/main/work/download.php
+++ b/main/work/download.php
@@ -18,17 +18,16 @@ $this_section = SECTION_COURSES;
 // Course protection
 api_protect_course_script(true);
 
-$id = intval($_GET['id']);
-
+$id = isset($_GET['id']) ? (int) $_GET['id'] : 0;
 $courseInfo = api_get_course_info();
 
-if (empty($courseInfo)) {
+if (empty($courseInfo) || empty($id)) {
     api_not_allowed(true);
 }
 
 $correction = isset($_REQUEST['correction']) ? true : false;
 $result = downloadFile($id, $courseInfo, $correction);
-if ($result == false) {
+if ($result === false) {
     api_not_allowed(true);
 }
 
diff --git a/main/work/work.lib.php b/main/work/work.lib.php
index 8880e6bef7..07d4bd6c4d 100755
--- a/main/work/work.lib.php
+++ b/main/work/work.lib.php
@@ -2008,10 +2008,10 @@ function get_work_user_list(
                 $work['type'] = DocumentManager::build_document_icon_tag('file', $work['url']);
 
                 // File name.
-                $link_to_download = null;
+                $linkToDownload = '';
                 // If URL is present then there's a file to download keep BC.
                 if ($work['contains_file'] || !empty($work['url'])) {
-                    $link_to_download = '<a href="'.$url.'download.php?id='.$item_id.'&'.api_get_cidreq().'">'.$saveIcon.'</a> ';
+                    $linkToDownload = '<a href="'.$url.'download.php?id='.$item_id.'&'.api_get_cidreq().'">'.$saveIcon.'</a> ';
                 }
 
                 $send_to = Portfolio::share(
@@ -2188,7 +2188,7 @@ function get_work_user_list(
                     $qualificator_id = Display::label(get_lang('Revised'), 'success');
                 }
                 $work['qualificator_id'] = $qualificator_id.' '.$hasCorrection;
-                $work['actions'] = '<div class="work-action">'.$send_to.$link_to_download.$action.'</div>';
+                $work['actions'] = '<div class="work-action">'.$send_to.$linkToDownload.$action.'</div>';
                 $work['correction'] = $correction;
                 $works[] = $work;
             }