Description: ------------ Sorry about my English but u had strange problem. On my web-site i have different private-zones. On each zone i use different session name for auth (setSessionName). But, in IE and Opera, when i login to one private zone (for client), and then in different tab i login the second private zone (for admin panel) it dont login. I find the problem many hours :) and found it. When i comment up session_regenerate_id(true); on line 830 it works without bug! But its mirror for fixation atack. Real. I made this: if (!$this->regenerateSessionId and !$this- >_isAdvancedSecurityEnabled()) { session_regenerate_id(true); } If AdvadsedSecurity is off - it dont need to regenerate session id, because checking for user ip and agent is the best difference for fixation atack. Please think about my problem. I think i am no ONE who had it. And also. In IE and Opera not every time work fine cookiechallenge advansedsecurity. In my situation i switch it off. And now all work fine.