- Patch #87372 by crunchywelch: work around PHP session bug.

includes/session.inc

@@ -85,6 +85,16 @@ function sess_write($key, $value) {
 function sess_regenerate() {
   $old_session_id = session_id();
   session_regenerate_id();
+
+  // We code around http://bugs.php.net/bug.php?id=32802 by destroying
+  // the session cookie by setting expiration in the past (a negative
+  // value).  This issue only arises in PHP versions before 4.4.0,
+  // regardless of the Drupal configuration.
+  // TODO: remove this when we require at least PHP 4.4.0
+  if (isset($_COOKIE[session_name()])) {
+    setcookie(session_name(), '', time() - 42000, '/');
+  }
+
   db_query("UPDATE {sessions} SET sid = '%s' WHERE sid = '%s'", session_id(), $old_session_id);
 }
 
@@ -127,4 +137,4 @@ function sess_gc($lifetime) {
   db_query("DELETE FROM {sessions} WHERE timestamp < %d", time() - $lifetime);
 
   return TRUE;
-}
+}