As an addition here is the comparison of zen_recreate_session function code in different ZC vesrions.
v1.2.2 - short and simple?:
Code:
function zen_session_recreate() {
if (PHP_VERSION >= 4.1) {
$session_backup = $_SESSION;
unset($_COOKIE[zen_session_name()]);
zen_session_destroy();
if (STORE_SESSIONS == 'db') {
session_set_save_handler('_sess_open', '_sess_close', '_sess_read', '_sess_write', '_sess_destroy', '_sess_gc');
}
zen_session_start();
$_SESSION = $session_backup;
unset($session_backup);
}
}
v1.3.8a - removed the remed code out:
Code:
function zen_session_recreate() {
global $http_domain, $https_domain, $current_domain;
if ($http_domain == $https_domain) {
$saveSession = $_SESSION;
$oldSessID = session_id();
session_regenerate_id();
$newSessID = session_id();
session_id($oldSessID);
session_id($newSessID);
if (STORE_SESSIONS == 'db') {
session_set_save_handler('_sess_open', '_sess_close', '_sess_read', '_sess_write', '_sess_destroy', '_sess_gc');
}
session_start();
$_SESSION = $saveSession;
if (IS_ADMIN_FLAG !== true) {
whos_online_session_recreate($oldSessID, $newSessID);
}
}
}
Also there was a proposition from CJPinder to modify the code into - even simplier:
Code:
function zen_session_recreate() {
global $http_domain, $https_domain, $current_domain;
if ($http_domain == $https_domain) {
$oldSessID = session_id();
session_regenerate_id();
$newSessID = session_id();
whos_online_session_recreate($oldSessID, $newSessID);
}
}
I am gonna test the CJPinder solution probably in next 24 hours.
Maurice
Bookmarks