+ private function setCommentCookie() {
+ if (!isset($_COOKIE['comment_info_xorg']) || $_COOKIE['comment_info_xorg'] != $this->user_id) {
+ $cookie = $this->getInfo('user_displayname') . "\n" . $this->getInfo('user_email') . "\n" . $this->getInfo('user_url');
+ setcookie('comment_info_xorg', $this->user_id, time() + 30 * 86400, '/');
+ setrawcookie('comment_info', rawurlencode($cookie), time() + 30 * 86400, '/');
+ }
+ }
+
+ public function createUser() {
+ global $core;
+ if (!$core->userExists($_SESSION['auth-xorg'])) {
+ $cur = new cursor($this->con, 'dc_user');
+ $cur->user_id = $_SESSION['auth-xorg'];
+ $cur->user_pwd = md5(rand());
+ $cur->user_super = ($_SESSION['auth-xorg-perms'] == 'admin') ? '1' : '0';
+ $cur->user_lang = 'fr';
+ $cur->user_name = $_SESSION['auth-xorg-nom'];
+ $cur->user_firstname = $_SESSION['auth-xorg-prenom'];
+ $cur->user_displayname = $cur->user_firstname . ' ' . $cur->user_name;
+ $cur->user_email = $_SESSION['auth-xorg'] . '@polytechnique.org';
+ $cur->user_url = 'https://www.polytechnique.org/profile/' . $_SESSION['auth-xorg'];
+ $defaults = $core->userDefaults();
+ $defaults['post_xorg_perms'] = 'public';
+ $cur->user_options = $defaults;
+ $cur->user_lang = 'fr';
+ $cur->user_tz = 'Europe/Paris';
+ $cur->user_default_blog = $_SERVER['DC_BLOG_ID'];
+ $core->addUser($cur);
+ }
+ }
+
+ public function updateUserPerms($blog) {
+ global $core;
+ $this->buildFromSession();
+ if (!isset($_SESSION['auth-xorg'])) {
+ return;
+ }
+ $type = $blog->settings->xorgauth->get('xorg_blog_type');
+ $owner = $blog->settings->xorgauth->get('xorg_blog_owner');
+ $level = $this->xorg_infos['grpauth'];
+ $rec = $core->getUser($this->user_id);
+ $wasAdmin = $rec->f('user_super');
+ $isAdmin = $this->xorg_infos['perms'] == 'admin';
+ if (($wasAdmin && !$isAdmin) || (!$wasAdmin && $isAdmin)) {
+ $cur = new cursor($this->con, 'dc_user');
+ $cur->user_super = $isAdmin ? '1' : '0';
+ $core->updUser($this->user_id, $cur);
+ }
+ if ($_SESSION['xorg-group'] != $owner) {
+ $this->killSession();
+ return;
+ }
+ if (($type == 'group-admin' || $type == 'group-member' || $type == 'connected') && $level == 'admin') {
+ $perms = array('usage' => true,
+ 'contentadmin' => true,
+ 'admin' => true);
+ } else if ($type == 'group-member' && $level == 'membre') {
+ $perms = array('usage' => true);
+ } else if ($type == 'connected' && $this->xorg_infos['forlife'] != '') {
+ $perms = array('usage' => true);
+ } else if ($type == 'user' && $owner == $this->xorg_infos['forlife']) {
+ $perms = array('usage' => true,
+ 'contentadmin' => true,
+ 'admin' => true);
+ } else if ($type != 'user') {
+ $perms = array();
+ } else {
+ return;