Add THttpSession::regenerate() to update the current session id with a newly generated one

2 files changed, 16 insertions, 0 deletions

diff --git a/HISTORY b/HISTORY
index ac6ad32f..c010556e 100644
--- a/HISTORY
+++ b/HISTORY
@@ -18,6 +18,7 @@ BUG: Issue#246: TQueue::peek returns the top not the bottom (Christophe)
 CHG/ENH: Change behavior of THttpRequest::getBaseUrl() & THttpRequest::getAbsoluteApplicationUrl() to make it possible to force either http or https (Yves)
 EHN: Add property SecureConnection to TUrlMappingPattern and related enum TUrlMappingPatternSecureConnection to make it possible to to define wether to use http or https on pattern level (Yves)
 EHN: Add second parameter to THttpResponse::appendHeader whether the header should replace a previous similar header, or add a second header of the same type (Yves)
+ENH: Add THttpSession::regenerate() to update the current session id with a newly generated one (Yves)
 
 Version 3.1.7 February 22, 2010
 ENH: Issue#24  - Specify needed fields on demand (Yves) 
diff --git a/framework/Web/THttpSession.php b/framework/Web/THttpSession.php
index bec4c126..adb91752 100644
--- a/framework/Web/THttpSession.php
+++ b/framework/Web/THttpSession.php
@@ -159,6 +159,21 @@ class THttpSession extends TApplicationComponent implements IteratorAggregate,Ar
 			$this->_started=false;

 		}

 	}

+	

+	/**

+	 * Update the current session id with a newly generated one

+	 *

+	 * @param boolean $deleteOld Whether to delete the old associated session or not.

+	 * @return string old session id

+	 * @link http://php.net/manual/en/function.session-regenerate-id.php

+	 */

+	public function regenerate($deleteOld=false)

+	{

+		$old = $this->getID();

+		session_regenerate_id($deleteOld);

+		$this->setID(session_id());

+		return $old;

+	}

 

 	/**

 	 * @return boolean whether the session has started