diff --git a/include/class.ostsession.php b/include/class.ostsession.php
index 78b118299f2ceac11acc85206ab212740cb8079a..d27debae7a795859e7b37a0596e19516ee4aa1bc 100644
--- a/include/class.ostsession.php
+++ b/include/class.ostsession.php
@@ -18,6 +18,7 @@ class osTicketSession {
 
     var $ttl = SESSION_TTL;
     var $data = '';
+    var $data_hash = '';
     var $id = '';
 
     function osTicketSession($ttl=0){
@@ -87,12 +88,16 @@ class osTicketSession {
                 list($this->data)=db_fetch_row($res);
             $this->id = $id;
         }
+        $this->data_hash = md5($this->data);
         return $this->data;
     }
 
     function write($id, $data){
         global $thisstaff;
 
+        if (md5($data) == $this->data_hash)
+            return;
+
         $ttl = ($this && get_class($this) == 'osTicketSession')
             ? $this->getTTL() : SESSION_TTL;
 
diff --git a/include/class.usersession.php b/include/class.usersession.php
index c24bb76ab85188829654cd6ba8b86fdd37d36d7d..e77f65fac77f63853cb3c6a4dea99d93e51ea491 100644
--- a/include/class.usersession.php
+++ b/include/class.usersession.php
@@ -66,6 +66,14 @@ class UserSession {
       return($token);
    }
 
+   function getLastUpdate($htoken) {
+       if (!$htoken)
+           return 0;
+
+       @list($hash,$expire,$ip)=explode(":",$htoken);
+       return $expire;
+   }
+
    function isvalidSession($htoken,$maxidletime=0,$checkip=false){
         global $cfg;
 
@@ -122,7 +130,10 @@ class ClientSession extends Client {
     }
 
     function refreshSession(){
-        global $_SESSION;
+        $time = $this->session->getLastUpdate($_SESSION['_client']['token']);
+        // Deadband session token updates to once / 30-seconds
+        if (time() - $time < 30)
+            return;
         $_SESSION['_client']['token']=$this->getSessionToken();
         //TODO: separate expire time from hash??
     }
@@ -160,7 +171,11 @@ class StaffSession extends Staff {
     }
 
     function refreshSession(){
-        global $_SESSION;
+        $time = $this->session->getLastUpdate($_SESSION['_staff']['token']);
+        // Deadband session token updates to once / 30-seconds
+        if (time() - $time < 30)
+            return;
+
         $_SESSION['_staff']['token']=$this->getSessionToken();
     }
 
diff --git a/scp/ajax.php b/scp/ajax.php
index bc6c920bc76e6fc2b5c4f93c9b3b5e96d7224e75..a5e56bd409c67381fcf2461dc627723d7a92460f 100644
--- a/scp/ajax.php
+++ b/scp/ajax.php
@@ -21,6 +21,7 @@ function staffLoginPage($msg='Unauthorized') {
     exit;
 }
 
+define('AJAX_REQUEST', 1);
 require('staff.inc.php');
 
 //Clean house...don't let the world see your crap.
diff --git a/scp/autocron.php b/scp/autocron.php
index ec7cb4c744b6b170da3d5186d09b59fc0e424342..1e2460786f13405b24139bb7e4ca6bddc363c579 100644
--- a/scp/autocron.php
+++ b/scp/autocron.php
@@ -14,6 +14,7 @@
 
     vim: expandtab sw=4 ts=4 sts=4:
 **********************************************************************/
+define('AJAX_REQUEST', 1);
 require('staff.inc.php');
 ignore_user_abort(1);//Leave me a lone bro!
 @set_time_limit(0); //useless when safe_mode is on