static function regenerateId($initSession = false, $restartNew = true)
{
self::$regenerated = true;
if (self::$adapter) {
self::$adapter->reset();
self::$adapter = false;
}
if ($initSession) {
self::$DATA = array();
}
// Generate a new anti-CSRF token
p::getAntiCsrfToken(true);
if (!$initSession || $restartNew) {
$sid = p::strongId();
$sid[0] = dechex(mt_rand(0, 15));
self::$sslid = (isset($_SERVER['HTTPS']) ? '' : '-') . p::strongId();
self::setSID($sid);
self::$adapter = new self(self::$SID);
self::$lastseen = self::$birthtime = $_SERVER['REQUEST_TIME'];
} else {
self::$sslid = $sid = '';
}
setcookie('SID', $sid, 0, self::$cookiePath, self::$cookieDomain, false, true);
setcookie('SSL', self::$sslid, 0, self::$cookiePath, self::$cookieDomain, true, true);
// 304 Not Modified response code does not allow Set-Cookie headers,
// so we remove any header that could trigger a 304
unset($_SERVER['HTTP_IF_NONE_MATCH'], $_SERVER['HTTP_IF_MODIFIED_SINCE']);
}