Index: session_api.module
===================================================================
--- session_api.module	(revision 991)
+++ session_api.module	(working copy)
@@ -23,47 +23,44 @@
  * 1. http://php.net/manual/en/function.session-id.php
  */
 function session_api_get_sid() {
+  static $sid;
+
   if (!session_api_available()) {
     return FALSE;
   }
 
-  if (!is_numeric($_SESSION['session_api_id'])) {
+  if (!isset($sid)) {
     $sid = FALSE;
 
-    // First, check if the session ID has changed by pulling down the
-    // Session API cookie.
-    if (isset($_COOKIE['session_api_session']) && $_COOKIE['session_api_session'] != session_id()) {
-      // Check if this sid exists.
-      $sid = db_result(db_query("SELECT sid FROM {session_api} WHERE session_id = '%s'", array(':session_id' => $_COOKIE['session_api_session'])));
+    // First, check if we already have an active session.
+    if (isset($_COOKIE['session_api_session'])) {
+      $session_id = $_COOKIE['session_api_session'];
+      $sid = db_result(db_query("SELECT sid FROM {session_api} WHERE session_id = '%s'", array(':session_id' => $session_id)));
     }
+    else {
+       $session_id = md5(ip_address() . time() . drupal_get_private_key());
+    }
 
+    // Update the session timeout.
     if ($sid) {
-      // Update with new session ID.
       $rec = new stdClass;
       $rec->sid = $sid;
-      $rec->session_id = session_id();
+      $rec->session_id = $session_id;
       drupal_write_record('session_api', $rec, 'sid');
-      setcookie('session_api_session', session_id(), time() + variable_get('session_api_cookie_expire_time', 2592000));
+      setcookie('session_api_session', $session_id, time() + variable_get('session_api_cookie_expire_time', 2592000), '/');
     }
+    // No sid exists, create new one.
     else {
-      // Secondly, check if id exists in db.
-      $sid = db_result(db_query("SELECT sid FROM {session_api} WHERE session_id = '%s'", array(':session_id' => session_id())));
-    }
-    
-    if (!$sid) {
-      // No sid exists, create new one.
       $rec = new stdClass();
-      $rec->session_id = session_id();
+      $rec->session_id = $session_id;
       drupal_write_record('session_api', $rec);
       $sid = $rec->sid;
 
       // Set cookie.
-      setcookie('session_api_session', session_id(), time() + variable_get('session_api_cookie_expire_time', 2592000));
+      setcookie('session_api_session', $session_id, time() + variable_get('session_api_cookie_expire_time', 2592000), '/');
     }
-      
-    $_SESSION['session_api_id'] = $sid;
   }
-  return $_SESSION['session_api_id'];
+  return $sid;
 }
 
 /**