diff --git a/htdocs/categories/class/categorie.class.php b/htdocs/categories/class/categorie.class.php
index 4ab19b7f915..9f4be55eb40 100644
--- a/htdocs/categories/class/categorie.class.php
+++ b/htdocs/categories/class/categorie.class.php
@@ -528,13 +528,13 @@ class Categorie
 	}
 
 	/**
-	 * 	Return list of contents of a category
+	 * 	Return list of id of elements having this category
 	 *
 	 * 	@param	string	$field				Field name for select in table. Full field name will be fk_field.
 	 * 	@param	string	$classname			PHP Class of object to store entity
 	 * 	@param	string	$category_table		Table name for select in table. Full table name will be PREFIX_categorie_table.
 	 *	@param	string	$object_table		Table name for select in table. Full table name will be PREFIX_table.
-	 *	@return	void
+	 *	@return	mixed						-1 if KO, array of instance of object if OK
 	 */
 	function get_type($field,$classname,$category_table='',$object_table='')
 	{
diff --git a/htdocs/categories/viewcat.php b/htdocs/categories/viewcat.php
index 6316436f69a..7aa9aa0b964 100644
--- a/htdocs/categories/viewcat.php
+++ b/htdocs/categories/viewcat.php
@@ -365,6 +365,8 @@ if($object->type == 2)
 			$var=true;
 			foreach ($socs as $key => $soc)
 			{
+				if ($user->societe_id > 0 && $soc->id != $user->societe_id)	continue; 	// External user always see only themself
+
 				$i++;
 				$var=!$var;
 				print "\t<tr ".$bc[$var].">\n";
diff --git a/htdocs/core/class/conf.class.php b/htdocs/core/class/conf.class.php
index 2ed38d94e4a..64dd4c8b9fa 100644
--- a/htdocs/core/class/conf.class.php
+++ b/htdocs/core/class/conf.class.php
@@ -403,7 +403,7 @@ class Conf
 		$this->maxfilesize = (empty($this->global->MAIN_UPLOAD_DOC) ? 0 : $this->global->MAIN_UPLOAD_DOC * 1024);
 
 		// Define list of limited modules
-		if (! isset($this->global->MAIN_MODULES_FOR_EXTERNAL)) $this->global->MAIN_MODULES_FOR_EXTERNAL='user,facture,commande,fournisseur,contact,propal,projet,contrat,societe,ficheinter,expedition,agenda';	// '' means 'all'. Note that contact is added here as it should be a module later.
+		if (! isset($this->global->MAIN_MODULES_FOR_EXTERNAL)) $this->global->MAIN_MODULES_FOR_EXTERNAL='user,facture,categorie,commande,fournisseur,contact,propal,projet,contrat,societe,ficheinter,expedition,agenda';	// '' means 'all'. Note that contact is added here as it should be a module later.
 
 		// Timeouts
         if (empty($this->global->MAIN_USE_CONNECT_TIMEOUT)) $this->global->MAIN_USE_CONNECT_TIMEOUT=10;
diff --git a/htdocs/core/lib/security.lib.php b/htdocs/core/lib/security.lib.php
index 24227832370..b9dcda4b55a 100644
--- a/htdocs/core/lib/security.lib.php
+++ b/htdocs/core/lib/security.lib.php
@@ -341,7 +341,7 @@ function restrictedArea($user, $features, $objectid=0, $dbtablename='', $feature
                     $sql.= " AND dbt.entity IN (".getEntity($sharedelement, 1).")";
                 }
             }
-            else if (in_array($feature,$checksoc))
+            else if (in_array($feature,$checksoc))	// We check feature = checksoc
             {
                 // If external user: Check permission for external users
                 if ($user->societe_id > 0)
@@ -450,7 +450,7 @@ function restrictedArea($user, $features, $objectid=0, $dbtablename='', $feature
                 }
             }
 
-            //print $sql."<br>";
+            //print "sql=".$sql."<br>";
             if ($sql)
             {
                 $resql=$db->query($sql);