From eb49a729990f860249ec42bd23490c00e5267f5b Mon Sep 17 00:00:00 2001
From: Graham Campbell <graham@bugsnag.com>
Date: Thu, 1 Sep 2016 13:44:26 +0100
Subject: [PATCH] Fix session id collisions

---
 src/Illuminate/Session/Store.php | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/src/Illuminate/Session/Store.php b/src/Illuminate/Session/Store.php
index 72f77f90c1fd..4fddd4300f48 100755
--- a/src/Illuminate/Session/Store.php
+++ b/src/Illuminate/Session/Store.php
@@ -184,7 +184,7 @@ public function setId($id)
      */
     public function isValidId($id)
     {
-        return is_string($id) && preg_match('/^[a-f0-9]{40}$/', $id);
+        return is_string($id) && ctype_alnum($id) && strlen($id) === 40;
     }
 
     /**
@@ -194,7 +194,7 @@ public function isValidId($id)
      */
     protected function generateSessionId()
     {
-        return sha1(uniqid('', true).Str::random(25).microtime(true));
+        return Str::random(40);
     }
 
     /**