Hi all, There are too many things that I would like to improve ;)
https://bugs.php.net/bug.php?id=69127 This bug is known fatal bug for session module. I proposed "lazy_destroy" to fix this before, but it declined. I think the name was wrong. With the proposal, session module destories session data with lazy manner, but it's actually precise manner. i.e. Session module and browser is _not_ synced, so destroy must be done async manner (~= lazy manner. For example, delete session data 60 seconds later). The reason why session_regenerate_id(true) fails is it deletes session data immediately even if session and browser is not in sync. Session and browser cannot sync because there is no means in HTTP/Cookie. Is there any other better idea for this? Regards, -- Yasuo Ohgaki yohg...@ohgaki.net