Hi!
For example, it is easy to find cases with google code search, that users are setting ID while they really should do is session_regenerate_id(). These kind of mistakes would be better to be prevented under strict mode, IMHO.
I'm not sure how that would help in this case - so the set would be rejected, then the users will turn the strict mode off to make their code work and thus lose the protection it provides. How that improves anything? Setting session ID and protection against adoption are two different things, why you need to turn off the latter to get the former working?
-- Stanislav Malyshev, Software Architect SugarCRM: http://www.sugarcrm.com/ (408)454-6900 ext. 227 -- PHP Internals - PHP Runtime Development Mailing List To unsubscribe, visit: http://www.php.net/unsub.php
