Newsgroups: php.internals Path: news.php.net Xref: news.php.net php.internals:16049 Return-Path: Mailing-List: contact internals-help@lists.php.net; run by ezmlm Delivered-To: mailing list internals@lists.php.net Received: (qmail 32170 invoked by uid 1010); 20 Apr 2005 17:00:57 -0000 Delivered-To: ezmlm-scan-internals@lists.php.net Delivered-To: ezmlm-internals@lists.php.net Received: (qmail 32147 invoked from network); 20 Apr 2005 17:00:57 -0000 Received: from unknown (HELO pb1.pair.com) (127.0.0.1) by localhost with SMTP; 20 Apr 2005 17:00:57 -0000 X-Host-Fingerprint: 69.60.120.90 iconoclast.caedmon.net Linux 2.4/2.6 Received: from ([69.60.120.90:36360] helo=iconoclast.caedmon.net) by pb1.pair.com (ecelerity 1.2.12rc1 r(5476:5477)) with SMTP id FF/EF-45122-8CA86624 for ; Wed, 20 Apr 2005 13:00:56 -0400 Received: from localhost ([127.0.0.1]) by iconoclast.caedmon.net with esmtp (Exim 3.35 #1 (Debian)) id 1DOIZB-0003uE-00; Wed, 20 Apr 2005 13:00:45 -0400 Message-ID: <42668AC0.1010607@caedmon.net> Date: Wed, 20 Apr 2005 13:00:48 -0400 User-Agent: Mozilla Thunderbird 1.0 (Windows/20041206) X-Accept-Language: en-us, en MIME-Version: 1.0 To: "Daniel J Cain Jr." CC: internals@lists.php.net References: <4266894D.1070702@cain.sh> In-Reply-To: <4266894D.1070702@cain.sh> X-Enigmail-Version: 0.90.0.0 X-Enigmail-Supports: pgp-inline, pgp-mime Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Subject: Re: [PHP-DEV] [PATCH] Modifications for ext/session/ From: sean@caedmon.net (Sean Coates) Daniel J Cain Jr. wrote: > One change adds a PHP function session_is_started() to determine if a > session has already been, well... started. :) > > It also adds an optional id parameter to session_regenerate_id() > allowing the user to provide their own id instead of PHP generating a > new one. I'm not implying there is anything wrong with PHP generating a > new id. I just need session_regenerate_id() to behave like > session_id($myID), only after a session has already been started. Provided that the code is good: +1 These sounds like great features (especially for session fixation/hijack prevention). S