Fixed a subtle corner case whereby sending a bad session ID generates new (unused) session entries in the database table.

git-svn-id: http://code.djangoproject.com/svn/django/trunk@7001 bcc190cf-cafb-0310-a4f2-bffc1f526a37

django/contrib/sessions/backends/db.py

@@ -26,6 +26,8 @@ class SessionStore(SessionBase):
 
             # Save immediately to minimize collision
             self.save()
+            # Ensure the user is notified via a new cookie.
+            self.modified = True
             return {}
 
     def exists(self, session_key):

django/contrib/sessions/backends/file.py

@@ -46,6 +46,8 @@ class SessionStore(SessionBase):
                     self._session_key = self._get_new_session_key()
                     self._session_cache = {}
                     self.save()
+                    # Ensure the user is notified via a new cookie.
+                    self.modified = True
             finally:
                 session_file.close()
         except(IOError):