diff -r 6641e941ef1e -r ff1a9aa48cfd app/django/contrib/sessions/backends/db.py
--- a/app/django/contrib/sessions/backends/db.py	Tue Oct 14 12:36:55 2008 +0000
+++ b/app/django/contrib/sessions/backends/db.py	Tue Oct 14 16:00:59 2008 +0000
@@ -1,33 +1,23 @@
-from django.conf import settings
+import datetime
 from django.contrib.sessions.models import Session
-from django.contrib.sessions.backends.base import SessionBase
+from django.contrib.sessions.backends.base import SessionBase, CreateError
 from django.core.exceptions import SuspiciousOperation
-import datetime
+from django.db import IntegrityError, transaction
+from django.utils.encoding import force_unicode
 
 class SessionStore(SessionBase):
     """
-    Implements database session store
+    Implements database session store.
     """
-    def __init__(self, session_key=None):
-        super(SessionStore, self).__init__(session_key)
-
     def load(self):
         try:
             s = Session.objects.get(
                 session_key = self.session_key,
                 expire_date__gt=datetime.datetime.now()
             )
-            return self.decode(s.session_data)
+            return self.decode(force_unicode(s.session_data))
         except (Session.DoesNotExist, SuspiciousOperation):
-
-            # Create a new session_key for extra security.
-            self.session_key = self._get_new_session_key()
-            self._session_cache = {}
-
-            # Save immediately to minimize collision
-            self.save()
-            # Ensure the user is notified via a new cookie.
-            self.modified = True
+            self.create()
             return {}
 
     def exists(self, session_key):
@@ -37,14 +27,46 @@
             return False
         return True
 
-    def save(self):
-        Session.objects.create(
+    def create(self):
+        while True:
+            self.session_key = self._get_new_session_key()
+            try:
+                # Save immediately to ensure we have a unique entry in the
+                # database.
+                self.save(must_create=True)
+            except CreateError:
+                # Key wasn't unique. Try again.
+                continue
+            self.modified = True
+            self._session_cache = {}
+            return
+
+    def save(self, must_create=False):
+        """
+        Saves the current session data to the database. If 'must_create' is
+        True, a database error will be raised if the saving operation doesn't
+        create a *new* entry (as opposed to possibly updating an existing
+        entry).
+        """
+        obj = Session(
             session_key = self.session_key,
-            session_data = self.encode(self._session),
-            expire_date = datetime.datetime.now() + datetime.timedelta(seconds=settings.SESSION_COOKIE_AGE)
+            session_data = self.encode(self._get_session(no_load=must_create)),
+            expire_date = self.get_expiry_date()
         )
+        sid = transaction.savepoint()
+        try:
+            obj.save(force_insert=must_create)
+        except IntegrityError:
+            if must_create:
+                transaction.savepoint_rollback(sid)
+                raise CreateError
+            raise
 
-    def delete(self, session_key):
+    def delete(self, session_key=None):
+        if session_key is None:
+            if self._session_key is None:
+                return
+            session_key = self._session_key
         try:
             Session.objects.get(session_key=session_key).delete()
         except Session.DoesNotExist: