diff options
| author | Dries Buytaert <dries@buytaert.net> | 2010-08-22 22:00:16 +0000 |
|---|---|---|
| committer | Dries Buytaert <dries@buytaert.net> | 2010-08-22 22:00:16 +0000 |
| commit | 80befb6c7e27d32b3e91cfce09bfe8e71b2c6203 (patch) | |
| tree | f32025c695dfd771d083f01a07e1a10338a09b79 /modules/openid/openid.inc | |
| parent | 479b71232be6634e59868d72471d798c4fbabfce (diff) | |
| download | brdo-80befb6c7e27d32b3e91cfce09bfe8e71b2c6203.tar.gz brdo-80befb6c7e27d32b3e91cfce09bfe8e71b2c6203.tar.bz2 | |
- Patch #886982 by Berdir, Heine: incomplete verification of assertions.
Diffstat (limited to 'modules/openid/openid.inc')
| -rw-r--r-- | modules/openid/openid.inc | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/modules/openid/openid.inc b/modules/openid/openid.inc index 4d4163805..5a9326905 100644 --- a/modules/openid/openid.inc +++ b/modules/openid/openid.inc @@ -359,8 +359,8 @@ function _openid_parse_message($message) { * Return a nonce value - formatted per OpenID spec. */ function _openid_nonce() { - // YYYY-MM-DDThh:mm:ssTZD UTC, plus some optional extra unique chars - return gmstrftime('%Y-%m-%dT%H:%M:%S%Z') . + // YYYY-MM-DDThh:mm:ssZ, plus some optional extra unique characters. + return gmdate('Y-m-d\TH:i:s\Z') . chr(mt_rand(0, 25) + 65) . chr(mt_rand(0, 25) + 65) . chr(mt_rand(0, 25) + 65) . |