Zend Session error when session.sid_bits_per_character change

[Blount]

When the value of "session.sid_bits_per_character" changed, an error occurs when initializing a new instance of Zend_Session_Namespace. In Zend_Session::start(), the session ID is checked but before session_start() the value returned by session_id() is empty an pass the validation. After session started, when you create an new instance of Zend_Session_Namespace, Zend_Session::start() is called again and now session_id() return the value from the cookie. If the ID is invalid, Zend_Session attempt to change it with Zend_Session::setId() and generate the error "The session has already been started" because session have previously started.

This is a problem when you migrate from older config to newer one because you cannot force a new browser session by deleting the session data from the server.

I think, checking session ID is not the role of Zend Framework but of PHP.

I suggest to remove this code portion from Zend_Session::start :

        // Check to see if we've been passed an invalid session ID
        if ( self::getId() && !self::_checkId(self::getId()) ) {
            // Generate a valid, temporary replacement
            self::setId(md5(self::getId()));
            // Force a regenerate after session is started
            self::$_regenerateIdState = -1;
        }