- MFH Fix bug #37510 session_regenerate_id changes session_id() even on failure

2 files changed, 7 insertions, 1 deletions

diff --git a/NEWS b/NEWS
index d086eab1b5..4557cf66b9 100644
--- a/NEWS
+++ b/NEWS
@@ -4,6 +4,8 @@ PHP 4                                                                      NEWS
 - Updated PCRE to version 6.6. (Andrei)
 - Added overflow checks to wordwrap() function. (Ilia)
 - Added a check for special characters in the session name. (Ilia)
+- Fixed bug #37510 session_regenerate_id changes session_id() even on failure).
+  (Hannes)
 - Fixed bug #34360 (bad gif size) (Pierre)
 - Fixed bug #37348 (make PEAR install ignore open_basedir). (Ilia)
 - Fixed bug #37346 (invalid colormap format) (Pierre)
diff --git a/ext/session/session.c b/ext/session/session.c
index f02884c175..98980e9280 100644
--- a/ext/session/session.c
+++ b/ext/session/session.c
@@ -1351,6 +1351,10 @@ PHP_FUNCTION(session_id)
    Update the current session id with a newly generated one. */
 PHP_FUNCTION(session_regenerate_id)
 {
+	if (SG(headers_sent)) {
+		php_error_docref(NULL TSRMLS_CC, E_WARNING, "Cannot regenerate session id - headers already sent");
+		RETURN_FALSE;
+	}
 	if (PS(session_status) == php_session_active) {
 		if (PS(id)) efree(PS(id));
 	
@@ -1780,6 +1784,6 @@ PHP_MINFO_FUNCTION(session)
  * tab-width: 4
  * c-basic-offset: 4
  * End:
- * vim600: sw=4 ts=4 fdm=marker
+ * vim600: noet sw=4 ts=4 fdm=marker
  * vim<600: sw=4 ts=4
  */