From 527ff13f77af4a392e93b92e51774938a5ce9885 Mon Sep 17 00:00:00 2001
From: Friendika <info@friendika.com>
Date: Sun, 2 Jan 2011 21:25:38 -0800
Subject: [PATCH] validate the openid url as well. We won't change it if it's
 bogus, but we won't use it either.

---
 mod/settings.php | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/mod/settings.php b/mod/settings.php
index 079c835b5a..eb27de06ef 100644
--- a/mod/settings.php
+++ b/mod/settings.php
@@ -117,7 +117,8 @@ function settings_post(&$a) {
 	// If openid has changed or if there's an openid but no openidserver, try and discover it.
 
 	if($openid != $a->user['openid'] || (strlen($openid) && (! strlen($openidserver)))) {
-		if(strlen($openid)) {
+		$tmp_str = $openid;
+		if(strlen($tmp_str) && validate_url($tmp_str)) {
 			logger('updating openidserver');
 			require_once('library/openid.php');
 			$open_id_obj = new LightOpenID;