--- session.inc?rev=1.14	2005-04-02 02:15:39.000000000 +0200
+++ session.inc	2005-04-02 21:40:07.000000000 +0200
@@ -8,6 +8,22 @@
 
 session_set_save_handler("sess_open", "sess_close", "sess_read", "sess_write", "sess_destroy", "sess_gc");
 session_start();
+if ($user->uid) {
+  sess_destroy(session_id());
+  session_regenerate_id();
+}
+
+function _sess_set_update($value = NULL) {
+  static $update = FALSE;
+  if ($value) {
+    $update = $value;
+  }
+  return $update;
+}
+
+function _sess_get_update() {
+  return _sess_set_update();
+}
 
 /*** Session functions *****************************************************/
 
@@ -25,11 +41,14 @@ function sess_read($key) {
   $result = db_query_range("SELECT u.*, s.* FROM {users} u INNER JOIN {sessions} s ON u.uid = s.uid WHERE s.sid = '%s' AND u.status < 3", $key, 0, 1);
 
   if (!db_num_rows($result)) {
-    db_query("INSERT INTO {sessions} (sid, uid, hostname, timestamp) VALUES ('%s', 0, '%s', %d)", $key, $_SERVER["REMOTE_ADDR"], time());
     $result = db_query("SELECT u.* FROM {users} u WHERE u.uid = 0");
   }
+  else {
+    $update = TRUE;
+  }
 
   $user = db_fetch_object($result);
+  _sess_set_update(!$user->uid && $update);
   $user = drupal_unpack($user);
   $user->roles = array();
 
@@ -44,9 +63,12 @@ function sess_read($key) {
 
 function sess_write($key, $value) {
   global $user;
-
-  db_query("UPDATE {sessions} SET uid = %d, hostname = '%s', session = '%s', timestamp = %d WHERE sid = '%s'", $user->uid, $_SERVER["REMOTE_ADDR"], $value, time(), $key);
-
+  if (_sess_get_update()) {
+    db_query("UPDATE {sessions} SET uid = %d, hostname = '%s', session = '%s', timestamp = %d WHERE sid = '%s'", $user->uid, $_SERVER["REMOTE_ADDR"], $value, time(), $key);
+  }
+  else {
+    db_query("INSERT INTO {sessions} (sid, uid, hostname, timestamp, session) VALUES ('%s', %d, '%s', %d, '%s')", $key, $user->uid, $_SERVER["REMOTE_ADDR"], time(), $value);
+  }
   return '';
 }