public static function create() { $session_id = ''; $user_data =& self::$_session_options['user_data']; $is_remember = (bool) (isset($user_data['remember']) and $user_data['remember'] === TRUE); while (strlen($session_id) < 32) { $session_id .= mt_rand(0, mt_getrandmax()); } // To make the session ID even more secure we'll combine it with the user's IP $session_id .= get_ip(); $session_id = md5(uniqid($session_id, TRUE)); if ($is_remember) { $life_time = get_time() + self::$_lifetime; } else { $life_time = get_time() + self::$_short_lifetime; } $user_agent = isset($_SERVER['HTTP_USER_AGENT']) ? substr($_SERVER['HTTP_USER_AGENT'], 0, 120) : "unknown robot"; $session_data = array('%sid' => $session_id, '%life_time' => $life_time, '%user_data' => '', '%user_agent' => $user_agent, '%ip_address' => ip2long(get_ip()), '%user_id' => 0); if (self::$_session_state == self::ST_OUTDATED and $is_remember) { $session_data['%user_data'] = Format::converter($user_data, config('settings', 'db_format')); $session_data['%user_id'] = self::get_uid(); // Set the old cookie $client_data = self::$_session_client; $client_data['session_id'] = $session_id; setcookie(self::SESSION_KEY, Format::converter($client_data, config('session', 'web_format')), $life_time + self::$_lifetime, '/', '.' . config('settings', 'site')); } else { // Set the new cookie setcookie(self::SESSION_KEY, Format::converter(array('session_id' => $session_id), config('session', 'web_format')), 0, '/', '.' . config('settings', 'site')); } db::simple_query(self::Q_SET_SID, $session_data, TRUE); self::$_cache_sid = $session_id; }