Hi!
> It could have signature like
>
> string session_id(string $prefix_or_id [, bool $use_prefix]);
I'm not sure what prefix has to do with this RFC. Didn't we talk about
secure setting? Where the prefix came from and why we need the prefix at
all?
> We have to decide what we will do about use_strict_mode behavior.
> It may be easier automatically set use_strict_mode=FALSE.
I'm not sure I understand. So if strict mode is on, when I do
session_id('foo') and session with ID foo does not exist, what would
happen? Would session_start() create it or would it generate new ID,
effectively ignoring my session_id command silently?
> I would like to expand uniqid() or create new function that returns
> secure random string, so session_create_id() is not mandatory.
Don't we have such function already?
http://us1.php.net/manual/en/function.mcrypt-create-iv.php
--
Stanislav Malyshev, Software Architect
SugarCRM: http://www.sugarcrm.com/
(408)454-6900 ext. 227