ZF-5084: Zend_Session::rememberMe() ALWAYS calls Zend_Session::regenerateId()

Issue Type: Improvement Created: 2008-11-27T14:24:02.000+0000 Last Updated: 2012-11-20T20:53:09.000+0000 Status: Closed Fix version(s): Reporter: Tim Nagel (merk) Assignee: None Tags: - Zend_Session

Related issues: Attachments:


At the end of Zend_Session::rememberUntil()

   // normally "rememberMe()" represents a security context change, so should use new session id

I believe this may be the case in many circumstances, but if I want to extend the cookie lifetime, it is not currently possible without regenerating the sessionId which is not something that always needs to happen.

Maybe an extra parameter to rememberMe and rememberUntil that defaults to regeneration so the caller can decide if its appropriate to regenerate?


Posted by julien PAULI (doctorrock83) on 2008-12-02T04:09:52.000+0000

I agree

Posted by Rob Allen (rob) on 2012-11-20T20:53:09.000+0000

Bulk change of all issues last updated before 1st January 2010 as "Won't Fix".

Feel free to re-open and provide a patch if you want to fix this issue.

Have you found an issue?

See the Overview section for more details.


© 2006-2016 by Zend, a Rogue Wave Company. Made with by awesome contributors.

This website is built using zend-expressive and it runs on PHP 7.