#3073 (feature/session): Implement automatic ID regeneration
diff --git a/system/libraries/Session/Session.php b/system/libraries/Session/Session.php
index 7908bad..f250c3d 100644
--- a/system/libraries/Session/Session.php
+++ b/system/libraries/Session/Session.php
@@ -122,9 +122,20 @@
 
 		session_start();
 
+		if (($regenerate_time = config_item('sess_time_to_update')) > 0)
+		{
+			if ( ! isset($_SESSION['__ci_last_regenerate']))
+			{
+				$_SESSION['__ci_last_regenerate'] = time();
+			}
+			elseif ($_SESSION['__ci_last_regenerate'] < (time() - $regenerate_time))
+			{
+				$this->sess_regenerate(FALSE);
+			}
+		}
 		// Another work-around ... PHP doesn't seem to send the session cookie
 		// unless it is being currently created or regenerated
-		if (isset($_COOKIE[$this->_config['cookie_name']]) && $_COOKIE[$this->_config['cookie_name']] === session_id())
+		elseif (isset($_COOKIE[$this->_config['cookie_name']]) && $_COOKIE[$this->_config['cookie_name']] === session_id())
 		{
 			setcookie(
 				$this->_config['cookie_name'],
@@ -138,7 +149,6 @@
 		}
 
 		$this->_ci_init_vars();
-
 /*
 		Need to test if this is necessary for a custom driver or if it's only
 		relevant to PHP's own files handler.
@@ -584,6 +594,7 @@
 	 */
 	public function sess_regenerate($destroy = FALSE)
 	{
+		$_SESSION['__ci_last_regenerate'] = time();
 		session_regenerate_id($destroy);
 	}