diff --git a/htdocs/contact/exportimport.php b/htdocs/contact/exportimport.php
index 9b909394e25..6ed7e8889f4 100644
--- a/htdocs/contact/exportimport.php
+++ b/htdocs/contact/exportimport.php
@@ -1,5 +1,5 @@
 <?php
-/* Copyright (C) 2005 Laurent Destailleur  <eldy@users.sourceforge.net>
+/* Copyright (C) 2006 Laurent Destailleur  <eldy@users.sourceforge.net>
  *
  * This program is free software; you can redistribute it and/or modify
  * it under the terms of the GNU General Public License as published by
@@ -29,32 +29,40 @@
 require("./pre.inc.php");
 require_once(DOL_DOCUMENT_ROOT."/contact.class.php");
 
+$user->getrights('commercial');
+
 $langs->load("companies");
 
 // Protection quand utilisateur externe
 $contactid = isset($_GET["id"])?$_GET["id"]:'';
 
+$scoid=0;
 if ($user->societe_id > 0)
 {
     $socid = $user->societe_id;
 }
 
 // Protection restriction commercial
-if ($contactid)
+if ($contactid && ! $user->rights->commercial->client->voir)
 {
-        $sql = "SELECT sc.fk_soc, sp.fk_soc";
-        $sql .= " FROM ".MAIN_DB_PREFIX."societe_commerciaux as sc, ".MAIN_DB_PREFIX."socpeople as sp";
-        $sql .= " WHERE sp.idp = ".$contactid;
-        if (!$user->rights->commercial->client->voir && !$user->societe_id > 0)
-        {
-        	$sql .= " AND sc.fk_soc = sp.fk_soc AND sc.fk_user = ".$user->id;
-        }
-        if ($user->societe_id > 0) $sql .= " AND sp.fk_soc = ".$socid;
+    $sql = "SELECT sc.fk_soc, sp.fk_soc";
+    $sql .= " FROM ".MAIN_DB_PREFIX."societe_commerciaux as sc, ".MAIN_DB_PREFIX."socpeople as sp";
+    $sql .= " WHERE sp.idp = ".$contactid;
+    if (! $user->rights->commercial->client->voir && ! $socid)
+    {
+    	$sql .= " AND sc.fk_soc = sp.fk_soc AND sc.fk_user = ".$user->id;
+    }
+    if ($socid) $sql .= " AND sp.fk_soc = ".$socid;
 
-        if ( $db->query($sql) )
-        {
-          if ( $db->num_rows() == 0) accessforbidden();
-        }
+    $resql=$db->query($sql);
+    if ($resql)
+    {
+    	if ($db->num_rows() == 0) accessforbidden();
+    }
+    else
+    {
+    	dolibarr_print_error($db);
+    }
 }
 
 
diff --git a/htdocs/contact/info.php b/htdocs/contact/info.php
index af5346db836..b106864f905 100644
--- a/htdocs/contact/info.php
+++ b/htdocs/contact/info.php
@@ -1,6 +1,6 @@
 <?php
-/* Copyright (C) 2004 Rodolphe Quiedeville <rodolphe@quiedeville.org>
- * Copyright (C) 2004 Laurent Destailleur  <eldy@users.sourceforge.net>
+/* Copyright (C) 2004      Rodolphe Quiedeville <rodolphe@quiedeville.org>
+ * Copyright (C) 2004-2006 Laurent Destailleur  <eldy@users.sourceforge.net>
  *
  * This program is free software; you can redistribute it and/or modify
  * it under the terms of the GNU General Public License as published by
@@ -31,34 +31,47 @@
 require("./pre.inc.php");
 require_once(DOL_DOCUMENT_ROOT."/contact.class.php");
 
+$user->getrights('commercial');
+
 $langs->load("companies");
 
 // Protection quand utilisateur externe
 $contactid = isset($_GET["id"])?$_GET["id"]:'';
 
+$socid=0;
 if ($user->societe_id > 0)
 {
     $socid = $user->societe_id;
 }
 
 // Protection restriction commercial
-if ($contactid)
+if ($contactid && ! $user->rights->commercial->client->voir)
 {
-        $sql = "SELECT sc.fk_soc, sp.fk_soc";
-        $sql .= " FROM ".MAIN_DB_PREFIX."societe_commerciaux as sc, ".MAIN_DB_PREFIX."socpeople as sp";
-        $sql .= " WHERE sp.idp = ".$contactid;
-        if (!$user->rights->commercial->client->voir && !$user->societe_id > 0)
-        {
-        	$sql .= " AND sc.fk_soc = sp.fk_soc AND sc.fk_user = ".$user->id;
-        }
-        if ($user->societe_id > 0) $sql .= " AND sp.fk_soc = ".$socid;
+    $sql = "SELECT sc.fk_soc, sp.fk_soc";
+    $sql .= " FROM ".MAIN_DB_PREFIX."societe_commerciaux as sc, ".MAIN_DB_PREFIX."socpeople as sp";
+    $sql .= " WHERE sp.idp = ".$contactid;
+    if (! $user->rights->commercial->client->voir && ! $socid)
+    {
+    	$sql .= " AND sc.fk_soc = sp.fk_soc AND sc.fk_user = ".$user->id;
+    }
+    if ($socid) $sql .= " AND sp.fk_soc = ".$socid;
 
-        if ( $db->query($sql) )
-        {
-          if ( $db->num_rows() == 0) accessforbidden();
-        }
+    $resql=$db->query($sql);
+    if ($resql)
+    {
+    	if ($db->num_rows() == 0) accessforbidden();
+    }
+    else
+    {
+    	dolibarr_print_error($db);
+    }
 }
 
+
+/*
+ * Fiche info
+ */
+
 llxHeader();
 
 
diff --git a/htdocs/contact/perso.php b/htdocs/contact/perso.php
index 6d5fa074ada..bcecdb92894 100644
--- a/htdocs/contact/perso.php
+++ b/htdocs/contact/perso.php
@@ -1,6 +1,6 @@
 <?php
 /* Copyright (C) 2004      Rodolphe Quiedeville <rodolphe@quiedeville.org>
- * Copyright (C) 2004-2005 Laurent Destailleur  <eldy@users.sourceforge.net>
+ * Copyright (C) 2004-2006 Laurent Destailleur  <eldy@users.sourceforge.net>
  *
  * This program is free software; you can redistribute it and/or modify
  * it under the terms of the GNU General Public License as published by
@@ -31,32 +31,41 @@ require("./pre.inc.php");
 require_once(DOL_DOCUMENT_ROOT."/contact.class.php");
 require_once(DOL_DOCUMENT_ROOT."/lib/vcard/vcard.class.php");
 
+$user->getrights('commercial');
+
 $langs->load("companies");
 
 // Protection quand utilisateur externe
 $contactid = isset($_GET["id"])?$_GET["id"]:'';
 
+$socid=0;
 if ($user->societe_id > 0)
 {
     $socid = $user->societe_id;
 }
 
-// Protection restriction commercial
-if ($contactid)
-{
-        $sql = "SELECT sc.fk_soc, sp.fk_soc";
-        $sql .= " FROM ".MAIN_DB_PREFIX."societe_commerciaux as sc, ".MAIN_DB_PREFIX."socpeople as sp";
-        $sql .= " WHERE sp.idp = ".$contactid;
-        if (!$user->rights->commercial->client->voir && !$user->societe_id > 0)
-        {
-        	$sql .= " AND sc.fk_soc = sp.fk_soc AND sc.fk_user = ".$user->id;
-        }
-        if ($user->societe_id > 0) $sql .= " AND sp.fk_soc = ".$socid;
 
-        if ( $db->query($sql) )
-        {
-          if ( $db->num_rows() == 0) accessforbidden();
-        }
+// Protection restriction commercial
+if ($contactid && ! $user->rights->commercial->client->voir)
+{
+    $sql = "SELECT sc.fk_soc, sp.fk_soc";
+    $sql .= " FROM ".MAIN_DB_PREFIX."societe_commerciaux as sc, ".MAIN_DB_PREFIX."socpeople as sp";
+    $sql .= " WHERE sp.idp = ".$contactid;
+    if (! $user->rights->commercial->client->voir && ! $socid)
+    {
+    	$sql .= " AND sc.fk_soc = sp.fk_soc AND sc.fk_user = ".$user->id;
+    }
+    if ($socid) $sql .= " AND sp.fk_soc = ".$socid;
+
+    $resql=$db->query($sql);
+    if ($resql)
+    {
+    	if ($db->num_rows() == 0) accessforbidden();
+    }
+    else
+    {
+    	dolibarr_print_error($db);
+    }
 }
 
 if ($_POST["action"] == 'update')
diff --git a/htdocs/docsoc.php b/htdocs/docsoc.php
index 765614e5cae..bf025e741f9 100644
--- a/htdocs/docsoc.php
+++ b/htdocs/docsoc.php
@@ -33,14 +33,13 @@ require("./pre.inc.php");
 $langs->load("companies");
 $langs->load('other');
 
+$user->getrights('commercial');
 
 $mesg = "";
 
 // Sécurité accés client
 $socid = isset($_GET["socid"])?$_GET["socid"]:'';
-
 if ($socid == '') accessforbidden();
-
 if ($user->societe_id > 0)
 {
     $action = '';
diff --git a/htdocs/socnote.php b/htdocs/socnote.php
index 4e7e0515e2c..eeb269c3d70 100644
--- a/htdocs/socnote.php
+++ b/htdocs/socnote.php
@@ -32,6 +32,8 @@ require("./pre.inc.php");
 
 $langs->load("companies");
 
+$user->getrights('commercial');
+
 // Protection quand utilisateur externe
 $socidp = isset($_GET["socid"])?$_GET["socid"]:'';