SA-CORE-2009-008

2 files changed, 6 insertions, 5 deletions

diff --git a/modules/openid/openid.module b/modules/openid/openid.module
index df8395497..79be321f6 100644
--- a/modules/openid/openid.module
+++ b/modules/openid/openid.module
@@ -206,7 +206,7 @@ function openid_begin($claimed_id, $return_to = '', $form_values = array()) {
   }
 
   if (isset($services[0]['types']) && is_array($services[0]['types']) && in_array(OPENID_NS_2_0 . '/server', $services[0]['types'])) {
-    $identity = 'http://specs.openid.net/auth/2.0/identifier_select';
+    $claimed_id = $identity = 'http://specs.openid.net/auth/2.0/identifier_select';
   }
   $authn_request = openid_authentication_request($claimed_id, $identity, $return_to, $assoc_handle, $services[0]['version']);
 
diff --git a/modules/openid/openid.pages.inc b/modules/openid/openid.pages.inc
index d189ac982..bc76eef00 100644
--- a/modules/openid/openid.pages.inc
+++ b/modules/openid/openid.pages.inc
@@ -83,10 +83,11 @@ function openid_user_add_validate($form, &$form_state) {
   if (db_query("SELECT authname FROM {authmap} WHERE authname = :authname", (array(':authname' => $claimed_id)))->fetchField()) {
     form_set_error('openid_identifier', t('That OpenID is already in use on this site.'));
   }
-  else {
-    $return_to = url('user/' . arg(1) . '/openid', array('absolute' => TRUE));
-    openid_begin($form_state['values']['openid_identifier'], $return_to);
-  }
+}
+
+function openid_user_add_submit($form, &$form_state) {
+  $return_to = url('user/' . arg(1) . '/openid', array('absolute' => TRUE));
+  openid_begin($form_state['values']['openid_identifier'], $return_to);
 }
 
 /**