Hi, http://trac.symfony-project.com/changeset/10040
Regenerating the session id on credential/athentication status changes is a real good security enhancement. But I think it would be better to have something like regenerateOnce() (once per request) in the storage. What does session_regenerate_id() do actually? Does it call the read/ write methods of the storage? I just would like to avoid unnecessary storage (in my case database) calls. regards Matthias --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "symfony developers" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/symfony-devs?hl=en -~----------~----~----~----~------~----~------~--~---
