Index: branches/RC/core/kernel/session/session.php
===================================================================
diff -u -r10591 -r10780
--- branches/RC/core/kernel/session/session.php	(.../session.php)	(revision 10591)
+++ branches/RC/core/kernel/session/session.php	(.../session.php)	(revision 10780)
@@ -245,7 +245,9 @@
 							WHERE '.$this->IDField.' = '.$sessionlog_table.'.SessionId
 						)
 					WHERE Status = 0 AND SessionId IN ('.join(',', $expired_sids).')';
-			$this->Conn->Query($session_log_sql);
+			if ($sessionlog_table) {
+				$this->Conn->Query($session_log_sql);
+			}
 
 			$where_clause = ' WHERE '.$this->IDField.' IN ("'.implode('","',$expired_sids).'")';
 			$sql = 'DELETE FROM '.$this->SessionDataTable.$where_clause;
@@ -395,6 +397,8 @@
 	var $Expiration;
 
 	var $SID;
+	
+	var $SessionSet = false;
 
 	/**
 	 * Enter description here...
@@ -405,7 +409,19 @@
 
 	var $CachedNeedQueryString = null;
 
+	/**
+	 * Session Data array
+	 *
+	 * @var Params
+	 */
 	var $Data;
+	
+	/**
+	 * Names of optional session keys (which does not need to be always stored
+	 *
+	 * @var array
+	 */
+	var $OptionalData = array();
 
 
 	function Session($mode=smAUTO)
@@ -464,19 +480,8 @@
 		$this->Data = new Params();
 
 		$tmp_sid = $this->GetPassedSIDValue();
-//		if (!$tmp_sid) return;
 
 		$check = $this->Check();
-		if( !(defined('IS_INSTALL') && IS_INSTALL) )
-		{
-			$expired_sids = $this->DeleteExpired();
-			if ( ( $expired_sids && in_array($tmp_sid,$expired_sids) ) || ( $tmp_sid && !$check )  ) {
-				$this->SetSession();
-				$this->Application->HandleEvent($event, 'u:OnSessionExpire');
-				return ;
-			}
-		}
-
 		if ($check) {
 			$this->SID = $this->GetPassedSIDValue();
 			$this->Refresh();
@@ -488,6 +493,21 @@
 
 		if (!is_null($this->OriginalMode)) $this->SetMode($this->OriginalMode);
 	}
+	
+	function ValidateExpired() {
+		if( !(defined('IS_INSTALL') && IS_INSTALL) )
+		{
+			$expired_sids = $this->DeleteExpired();
+			if ( ( $expired_sids && in_array($this->CachedSID,$expired_sids) ) || ( $this->CachedSID && !$this->SessionSet )  ) {
+				$this->RemoveSessionCookie();
+				// true was here to force new session creation, but I used RemoveCookie a line above, to avoid redirect loop with expired sid not being removed
+				// setSession with true was used before, to set NEW session cookie
+				$this->SetSession(); 
+				$this->Application->HandleEvent($event, 'u:OnSessionExpire');
+				return ;
+			}
+		}
+	}
 
 	function IsHTTPSRedirect()
 	{
@@ -607,6 +627,8 @@
 		//try to load session by sid, if everything is fine
 		$result = $this->LoadSession($sid);
 
+		$this->SessionSet = $result;
+		
 		return $result;
 	}
 
@@ -712,10 +734,25 @@
 		$this->SID=$new_sid;
 		$this->Application->SetVar($this->GETName,$new_sid);
 	}
+	
+	function NeedSession()
+	{
+		$data = $this->Data->GetParams();
+		$data_keys = array_keys($data);
+		$optional_keys = array_unique($this->OptionalData);
+		$real_keys = array_diff($data_keys, $optional_keys);
+		return $real_keys ? true : false;
+	}
 
-	function SetSession()
+	function SetSession($force = false)
 	{
-		$this->GenerateSID();
+		if ($this->SessionSet && !$force) return true;
+		if (!$force && !($this->Application->IsAdmin() || $this->Application->GetVar('admin')) && !$this->NeedSession()) {
+			$this->GenerateSID();
+			return false;
+		}
+		
+		if (!$this->SID || $force) $this->GenerateSID();
 		$this->Expiration = adodb_mktime() + $this->SessionTimeout;
 		switch ($this->Mode) {
 			case smAUTO:
@@ -742,6 +779,8 @@
 		}
 
 		$this->Application->resetCounters('UserSession');
+		$this->SessionSet = true;
+		return true;
 	}
 
 	/**
@@ -781,6 +820,13 @@
 		$this->SetCookie($this->CookieName.'_live', $this->SID);
 		$_COOKIE[$this->CookieName] = $this->SID;	// for compatibility with in-portal
 	}
+	
+	function RemoveSessionCookie()
+	{
+		$this->SetCookie($this->CookieName, '');
+		$this->SetCookie($this->CookieName.'_live', '');
+		$_COOKIE[$this->CookieName] = null;	// for compatibility with in-portal
+	}
 
 	/**
 	 * Refreshes session expiration time
@@ -806,7 +852,7 @@
 		$this->Data = new Params();
 		$this->SID = '';
 		if ($this->CookiesEnabled) $this->SetSessionCookie(); //will remove the cookie due to value (sid) is empty
-		$this->SetSession(); //will create a new session
+		$this->SetSession(true); //will create a new session, true to force
 	}
 
 	function NeedQueryString($use_cache = 1)
@@ -867,6 +913,9 @@
 
 	function SaveData()
 	{
+		if (!$this->SetSession()) { // call it here - it may be not set before, because there was no need; if there is a need, it will be set here
+			return;
+		}
 		if (!$this->Application->GetVar('skip_last_template') && $this->Application->GetVar('ajax') != 'yes') {
 			$this->SaveLastTemplate( $this->Application->GetVar('t') );
 		}
@@ -940,9 +989,12 @@
 		return $ret;
 	}
 
-	function StoreVar($name, $value)
+	function StoreVar($name, $value, $optional = false)
 	{
 		$this->Data->Set($name, $value);
+		if ($optional) {
+			$this->OptionalData[] = $name;
+		}
 	}
 
 	function StorePersistentVar($name, $value)
@@ -955,12 +1007,12 @@
 		$this->Storage->LoadPersistentVars($this);
 	}
 
-	function StoreVarDefault($name, $value)
+	function StoreVarDefault($name, $value, $optional=false)
 	{
 		$tmp = $this->RecallVar($name);
 		if($tmp === false || $tmp == '')
 		{
-			$this->StoreVar($name, $value);
+			$this->StoreVar($name, $value, $optional);
 		}
 	}