session_regenerate_id

I am not sure that session_regenerate_id does what is says. Without optional parameter it just creates another ssid you can access current session with.
Try to use one of previously generated ssids a you will see that it is still valid for the current session. Any suggestions?

I have modified the _RegenerateId() method to this (according the phpmanual:
hu2.php.net/manual/en/function.sess ... ,
see this post: Nicolas dot Chachereau at Infomaniak dot ch, 02-Jun-2005 08:40)
The problem was that in php4 there isn't the optional parameter!

function _RegenerateId()
{
if ($this->regenerate_id && function_exists('session_regenerate_id'))
{
$old_session_id = session_id();
session_regenerate_id();
$new_session_id = session_id();
session_id($old_session_id);
session_destroy();
$old_session = $_SESSION;
session_id($new_session_id);
session_start();
$_SESSION = $old_session;
}
}

Note from Nicolas dot Chachereau: "this technique will send 3 Set-Cookie headers (one on each session_start() and one on session_regenerate_id()). I don't think this is a problem, ..."

PS: and thanks for these great packages that You supplied, Vagharshak ! There're a lot of good idea ...

New _RegenerateId() function not work!

Cannot login with session

Sorry, It not work beacause I dont delete old session files