From eaf0573ebdcca11a984f4f98577ca77a6c63654e Mon Sep 17 00:00:00 2001
From: Christian Weiske <cweiske@cweiske.de>
Date: Tue, 18 Sep 2012 23:51:29 +0200
Subject: [PATCH] verify openid AX email type

---
 www/login.php | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/www/login.php b/www/login.php
index a97246f..bba7c99 100644
--- a/www/login.php
+++ b/www/login.php
@@ -122,7 +122,10 @@ $email = isset($openid['openid.ext2.value.email']) && !isset($email)
 $email = isset($openid['openid.sreg.email']) && !isset($email)
     ? $openid['openid.sreg.email']
     : $email;
-$email = isset($openid['openid.ax.value.email']) && !isset($email)
+$email = isset($openid['openid.ax.value.email'])
+    && isset($openid['openid.ax.type.email'])
+    && $openid['openid.ax.type.email'] == 'http://axschema.org/contact/email'
+    && !isset($email)
     ? $openid['openid.ax.value.email']
     : $email;
 $_SESSION['email'] = isset($email)
-- 
2.30.2