diff --git a/webform.module b/webform.module
index 31ee56c..21c6867 100644
--- a/webform.module
+++ b/webform.module
@@ -2400,35 +2400,43 @@ function _webform_client_form_add_component($node, $component, $component_value,
  * Form API #validate handler for the webform_client_form() form.
  */
 function webform_client_form_validate($form, &$form_state) {
+  module_load_include('inc', 'webform', 'includes/webform.submissions');
+
   $node = $form['#node'];
   $finished = $form_state['values']['details']['finished'];
 
-  // Check that the submissions have not exceeded the total submission limit.
-  if ($node->webform['total_submit_limit'] != -1) {
-    module_load_include('inc', 'webform', 'includes/webform.submissions');
-    // Check if the total number of entries was reached before the user submitted
-    // the form.
-    if (!$finished && $total_limit_exceeded = webform_submission_total_limit_check($node)) {
-      // Show the user the limit has exceeded.
-      theme('webform_view_messages', array('node' => $node, 'teaser' => 0, 'page' => 1, 'submission_count' => 0, 'total_limit_exceeded' => $total_limit_exceeded, 'allowed_roles' => array_keys(user_roles()), 'closed' => FALSE, 'cached' => FALSE));
-      form_set_error('', NULL);
-      return;
+  // Check if the user is allowed to submit based on role. This check is
+  // repeated here to ensure the user is still logged in at the time of
+  // submission, otherwise a stale form in another window may be allowed.
+  $allowed_role = TRUE;
+  if (variable_get('webform_submission_access_control', 1) && !$finished) {
+    foreach ($node->webform['roles'] as $rid) {
+      $allowed_roles[$rid] = isset($user->roles[$rid]) ? TRUE : FALSE;
+    }
+    if (array_search(TRUE, $allowed_roles) === FALSE) {
+      $allowed_role = FALSE;
     }
   }
 
+  // Check that the submissions have not exceeded the total submission limit.
+  $total_limit_exceeded = FALSE;
+  if ($node->webform['total_submit_limit'] != -1 && !$finished) {
+    $total_limit_exceeded = webform_submission_total_limit_check($node)
+  }
+
   // Check that the user has not exceeded the submission limit.
   // This usually will only apply to anonymous users when the page cache is
   // enabled, because they may submit the form even if they do not have access.
-  if ($node->webform['submit_limit'] != -1) { // -1: Submissions are never throttled.
-    module_load_include('inc', 'webform', 'includes/webform.submissions');
+  $user_limit_exceeded = FALSE;
+  if ($node->webform['submit_limit'] != -1 && !$finished) {
+    $user_limit_exceeded = webform_submission_user_limit_check($node);
+  }
 
-    if (!$finished && $user_limit_exceeded = webform_submission_user_limit_check($node)) {
-      // Assume that webform_view_messages will print out the necessary message,
-      // then stop the processing of the form with an empty form error.
-      theme('webform_view_messages', array('node' => $node, 'teaser' => 0, 'page' => 1, 'submission_count' => 0, 'user_limit_exceeded' => $user_limit_exceeded, 'allowed_roles' => array_keys(user_roles()), 'closed' => FALSE, 'cached' => FALSE));
-      form_set_error('', NULL);
-      return;
-    }
+  // Prevent submission by throwing an error.
+  if (!$allowed_role || $total_limit_exceeded || $user_limit_exceeded) {
+    theme('webform_view_messages', array('node' => $node, 'teaser' => 0, 'page' => 1, 'submission_count' => 0, 'user_limit_exceeded' => $user_limit_exceeded, 'total_limit_exceeded' => $total_limit_exceeded, 'allowed_roles' => array_keys(user_roles()), 'closed' => FALSE, 'cached' => FALSE));
+    form_set_error('', NULL);
+    return;
   }
 
   // Assemble an array of all past and new input values that will determine if