diff --git a/modules/exampleauth/www/authpage.php b/modules/exampleauth/www/authpage.php
index 6c34995ec79627eb8e458e5aba5fe6eb858b8910..7bc87a5a16ba627e1f08df434ae94993f9c20a3d 100644
--- a/modules/exampleauth/www/authpage.php
+++ b/modules/exampleauth/www/authpage.php
@@ -18,7 +18,7 @@ $returnTo = \SimpleSAML\Utils\HTTP::checkURLAllowed($_REQUEST['ReturnTo']);
 /*
  * The following piece of code would never be found in a real authentication page. Its
  * purpose in this example is to make this example safer in the case where the
- * administrator of * the IdP leaves the exampleauth-module enabled in a production
+ * administrator of the IdP leaves the exampleauth-module enabled in a production
  * environment.
  *
  * What we do here is to extract the $state-array identifier, and check that it belongs to