diff --git a/include/class.client.php b/include/class.client.php
index 087215ce7919e45331e5f6f813a7a56bd8e24156..a650adbbe68140c3a0f8d807f46df2a9d7771460 100644
--- a/include/class.client.php
+++ b/include/class.client.php
@@ -185,7 +185,7 @@ class Client {
                 $_SESSION['_client']['token'] = $user->getSessionToken();
                 $_SESSION['TZ_OFFSET'] = $cfg->getTZoffset();
                 $_SESSION['TZ_DST'] = $cfg->observeDaylightSaving();
-                
+                $user->refreshSession(); //set the hash.
                 //Log login info...
                 $msg=sprintf('%s/%s logged in [%s]', $ticket->getEmail(), $ticket->getExtId(), $_SERVER['REMOTE_ADDR']);
                 $ost->logDebug('User login', $msg);
@@ -193,11 +193,9 @@ class Client {
                 //Regenerate session ID.
                 $sid=session_id(); //Current session id.
                 session_regenerate_id(TRUE); //get new ID.
-                if(($session=$ost->getSession()) && is_object($session) && $sid)
+                if(($session=$ost->getSession()) && is_object($session) && $sid!=session_id())
                     $session->destroy($sid);
 
-                session_write_close();
-
                 return $user;
 
             } 
diff --git a/include/class.staff.php b/include/class.staff.php
index 778041e7ca6fd707d16b91b5f3a9a4669fe3076a..08e1a79e2ec5f8ddc878eacbb51d4d670f4ae54e 100644
--- a/include/class.staff.php
+++ b/include/class.staff.php
@@ -594,10 +594,8 @@ class Staff {
             $sid=session_id(); //Current id
             session_regenerate_id(TRUE);
             //Destroy old session ID - needed for PHP version < 5.1.0 TODO: remove when we move to php 5.3 as min. requirement.
-            if(($session=$ost->getSession()) && is_object($session) && $sid)
+            if(($session=$ost->getSession()) && is_object($session) && $sid!=session_id())
                 $session->destroy($sid);
-
-            session_write_close();
         
             return $user;
         }