Issue #2245003 by znerol, YesCT, sun, damiankloip: Use a random seed instead of the session_id for CSRF token generation.
Issue #2239181 by sun, znerol: SessionManager::isStarted() returns TRUE even after session_write_close() has been called.
Issue #2228341 by sun, znerol, skipyT, ParisLiakos: Objectify session management functions + remove session.inc.
