Index: branches/5.0.x/core/kernel/session/session.php
===================================================================
diff -u -r12399 -r12450
--- branches/5.0.x/core/kernel/session/session.php	(.../session.php)	(revision 12399)
+++ branches/5.0.x/core/kernel/session/session.php	(.../session.php)	(revision 12450)
@@ -1,6 +1,6 @@
 <?php
 /**
-* @version	$Id: session.php 12399 2009-09-01 18:40:51Z alex $
+* @version	$Id: session.php 12450 2009-09-05 13:39:05Z alex $
 * @package	In-Portal
 * @copyright	Copyright (C) 1997 - 2009 Intechnic. All rights reserved.
 * @license      GNU/GPL
@@ -121,7 +121,7 @@
 			'HTTP_USER_AGENT', 'SERVER_PROTOCOL',
 			'HTTP_ACCEPT_CHARSET', 'HTTP_ACCEPT_ENCODING', 'HTTP_ACCEPT_LANGUAGE'
 		);
-		
+
 		$ret = '';
 
 		foreach ($signature_parts as $signature_part) {
@@ -132,7 +132,7 @@
 
 		return md5( substr($ret, 3) );
 	}
-	
+
 	function StoreSession(&$session, $additional_fields = Array())
 	{
 		if (defined('IS_INSTALL') && IS_INSTALL && !$this->Application->TableFound($this->TableName)) {
@@ -180,7 +180,7 @@
 				FROM ' . $this->TableName . '
 				WHERE ' . $this->IDField . ' = ' . $this->Conn->qstr($sid);
 		$result = $this->Conn->GetRow($sql);
-		
+
 		if ($result === false) {
 			return false;
 		}
@@ -189,16 +189,16 @@
 		if ($this->Application->ConfigValue('SessionBrowserSignatureCheck') && ($result['BrowserSignature'] != $this->_getBrowserSignature())) {
 			return false;
 		}
-		
+
 		if ($this->Application->ConfigValue('SessionIPAddressCheck') && ($result['IpAddress'] != $_SERVER['REMOTE_ADDR'])) {
 			// most secure, except for cases where NAT (Network Address Translation)
 			// is used and two or more computers can have same IP address
 			return false;
 		}
-		
+
 		$this->DirectVars = $result;
 		$this->Expiration = $result[$this->TimestampField];
-		
+
 		return true;
 	}
 
@@ -688,7 +688,7 @@
 	function Check()
 	{
 		// don't check referer here, because it doesn't provide any security option and can be easily falsified
-		
+
 		$sid = $this->GetPassedSIDValue();
 
 		if (empty($sid)) {
@@ -797,18 +797,21 @@
 	 */
 	function GenerateSID()
 	{
-		list($usec, $sec) = explode(" ",microtime());
+		list ($usec, $sec) = explode(' ', microtime());
 
 		$sid_part_1 = substr($usec, 4, 4);
-		$sid_part_2 = mt_rand(1,9);
+		$sid_part_2 = mt_rand(1, 9);
 		$sid_part_3 = substr($sec, 6, 4);
 		$digit_one = substr($sid_part_1, 0, 1);
+
 		if ($digit_one == 0) {
-			$digit_one = mt_rand(1,9);
-			$sid_part_1 = ereg_replace("^0","",$sid_part_1);
-			$sid_part_1=$digit_one.$sid_part_1;
+			$digit_one = mt_rand(1, 9);
+			$sid_part_1 = preg_replace('/^0/', '', $sid_part_1);
+			$sid_part_1 = $digit_one . $sid_part_1;
 		}
-		$this->setSID($sid_part_1.$sid_part_2.$sid_part_3);
+
+		$this->setSID($sid_part_1 . $sid_part_2 . $sid_part_3);
+
 		return $this->SID;
 	}
 
@@ -1020,13 +1023,13 @@
 				$data_keys = array_keys($session_data);
 				$optional_keys = array_keys($this->OptionalData);
 				$real_keys = array_diff($data_keys, $optional_keys);
-	
+
 				if ($real_keys) {
 					$ret = '';
 					foreach ($real_keys as $real_key) {
 						$ret .= '[' . $real_key . '] = [' . $session_data[$real_key] . ']<br/>';
 					}
-	
+
 					$this->Application->Debugger->appendHTML('Real Keys:<br/> ' . $ret);
 				}
 			}
