diff --git a/ext/session/session.c b/ext/session/session.c
index 553f1ede663..c6f5f5230f3 100644
--- a/ext/session/session.c
+++ b/ext/session/session.c
@@ -2201,6 +2201,11 @@ static PHP_FUNCTION(session_start)
 		RETURN_FALSE;
 	}
 
+	if (PS(id) && !(PS(id)->len)) {
+		php_error_docref(NULL TSRMLS_CC, E_WARNING, "Cannot start session with empty session ID");
+		RETURN_FALSE;
+	}
+
 	/* set options */
 	if (options) {
 		ZEND_HASH_FOREACH_KEY_VAL(Z_ARRVAL_P(options), num_idx, str_idx, value) {
diff --git a/ext/session/tests/bug68063.phpt b/ext/session/tests/bug68063.phpt
new file mode 100644
index 00000000000..d3da470d06d
--- /dev/null
+++ b/ext/session/tests/bug68063.phpt
@@ -0,0 +1,20 @@
+--TEST--
+Bug #68063 (Empty session IDs do still start sessions)
+--SKIPIF--
+<?php include('skipif.inc'); ?>
+--INI--
+--FILE--
+<?php
+// Could also be set with a cookie like "PHPSESSID=; path=/"
+session_id('');
+
+// Will still start the session and return true
+var_dump(session_start());
+
+// Returns an empty string
+var_dump(session_id());
+?>
+--EXPECTF--
+Warning: session_start(): Cannot start session with empty session ID in %s on line %d
+bool(false)
+string(0) ""