diff --git a/ecrire/exec/documenter.php b/ecrire/exec/documenter.php
index 6f73fc4f5a2360e71fca5c4d189440e9df9efbb8..5d6d78b562f2405d0e17e3119a6a0ef136e6c9f8 100644
--- a/ecrire/exec/documenter.php
+++ b/ecrire/exec/documenter.php
@@ -19,6 +19,14 @@ function exec_documenter_dist()
 	$id = intval($id);
 	$id_document = intval($id_document);
 
+	if (!($type == 'article' 
+		? acces_article($id)
+		: acces_rubrique($id))) {
+		spip_log("Tentative d'intrusion de " . $GLOBALS['auteur_session']['nom'] . " dans " . $GLOBALS['exec']);
+		include_spip('inc/minipres');
+		minipres(_T('info_acces_interdit'));
+	}
+
 	include_spip('inc/documents');
 	include_spip('inc/presentation');
 
diff --git a/ecrire/exec/petitionner.php b/ecrire/exec/petitionner.php
index 5d42d4d503ff4184b9492c83d2746acf98d91f08..3f7f03ac44255eb806732ff078f18f87ead577d0 100644
--- a/ecrire/exec/petitionner.php
+++ b/ecrire/exec/petitionner.php
@@ -18,6 +18,12 @@ function exec_petitionner_dist()
 	global $id_article, $script;
 	$id_article = intval($id_article);
 
+	if (!acces_article($id_article)) {
+		spip_log("Tentative d'intrusion de " . $GLOBALS['auteur_session']['nom'] . " dans " . $GLOBALS['exec']);
+		include_spip('inc/minipres');
+		minipres(_T('info_acces_interdit'));
+	}
+
 	include_spip('inc/petition');
 	include_spip('inc/presentation');
 	include_spip('inc/actions');
diff --git a/ecrire/exec/poster.php b/ecrire/exec/poster.php
index b7617d9e683493198494813acedcd4616b76723a..659d3c3679870ee967e146a75752a58f64c42f37 100644
--- a/ecrire/exec/poster.php
+++ b/ecrire/exec/poster.php
@@ -18,6 +18,12 @@ function exec_poster_dist()
 	global $id_article, $script;
 	$id_article = intval($id_article);
 
+	if (!acces_article($id_article)) {
+		spip_log("Tentative d'intrusion de " . $GLOBALS['auteur_session']['nom'] . " dans " . $GLOBALS['exec']);
+		include_spip('inc/minipres');
+		minipres(_T('info_acces_interdit'));
+	}
+
 	include_spip('inc/forum');
 	include_spip('inc/actions');
 
diff --git a/ecrire/exec/tourner.php b/ecrire/exec/tourner.php
index c0190d5b096d2a06973ad30288355081b245fbaf..049600a3806566651641ca0c8978ca9efabbd528 100644
--- a/ecrire/exec/tourner.php
+++ b/ecrire/exec/tourner.php
@@ -19,6 +19,14 @@ function exec_tourner_dist()
 	$id = intval($id);
 	$id_document = intval($id_document);
 
+	if (!($type == 'article' 
+		? acces_article($id)
+		: acces_rubrique($id))) {
+		spip_log("Tentative d'intrusion de " . $GLOBALS['auteur_session']['nom'] . " dans " . $GLOBALS['exec']);
+		include_spip('inc/minipres');
+		minipres(_T('info_acces_interdit'));
+	}
+
 	include_spip('inc/documents');
 	include_spip('inc/presentation');
 
diff --git a/ecrire/exec/virtualiser.php b/ecrire/exec/virtualiser.php
index d4f125ddef18fb1f8cc7988e59086d5a077bcc59..e20013e26a07355b32dad8f2e7b6fceedd5ea43a 100644
--- a/ecrire/exec/virtualiser.php
+++ b/ecrire/exec/virtualiser.php
@@ -40,7 +40,7 @@ function formulaire_virtualiser($id_article, $virtuel, $script, $args)
 	. _T('bouton_changer')
 	. "' style='font-size:10px' /></div>";
 
-	return ajax_action_auteur('virtualiser', $id_article, $r, $script, $args, $args);
+	return ajax_action_auteur('virtualiser', $id_article, $script, $args, $r);
 }
 
 // http://doc.spip.org/@exec_virtualiser_dist
@@ -49,9 +49,15 @@ function exec_virtualiser_dist()
 	global $id_article, $script;
 	$id_article = intval($id_article);
 
+	if (!acces_article($id_article)) {
+		spip_log("Tentative d'intrusion de " . $GLOBALS['auteur_session']['nom'] . " dans " . $GLOBALS['exec']);
+		include_spip('inc/minipres');
+		minipres(_T('info_acces_interdit'));
+	}
+
 	include_spip('inc/actions');
 
-	return formulaire_virtualiser($id_article, 'ajax', $script, "&id_article=$id_article");
+	return formulaire_virtualiser($id_article, 'ajax', $script, "id_article=$id_article");
 }
 
 ?>
diff --git a/ecrire/inc/auth.php b/ecrire/inc/auth.php
index 0a9ebca352e539005de839b6d8476c39146f4eb0..0787d68e6e781078928240a17f773250b79338b0 100644
--- a/ecrire/inc/auth.php
+++ b/ecrire/inc/auth.php
@@ -40,6 +40,23 @@ function acces_mots() {
 	return $connect_toutes_rubriques;
 }
 
+function acces_article($id_article)
+{
+	global $connect_id_auteur;
+
+	$row = spip_fetch_array(spip_query("SELECT id_rubrique, statut FROM spip_articles WHERE id_article=$id_article"));
+
+	if (acces_rubrique($row['id_rubrique'])) return true;
+
+	$s = spip_num_rows(spip_query("SELECT id_auteur FROM spip_auteurs_articles WHERE id_article=$id_article AND id_auteur=$connect_id_auteur LIMIT 1"));
+
+	if (!$s) return false;
+
+	$s = $row['statut'];
+
+	return ($s == 'prepa' OR $s == 'prop' OR $s == 'poubelle');
+}
+
 // http://doc.spip.org/@auth_rubrique
 function auth_rubrique()
 {