I’ve found strange behavior of the system. When you duplicate a tab in the browser, the session (and cookie) are regenerated with same data. So if you logout from first tab you are still connected in the second tab.
This is caused because of a ‘session_regenerate_id’ function in the top of main_screen.php file.
I haven’t found a similar behavior in other systems.
I think it can cause security problems because a logout command doesn’t delete all the open sessions.
Why does it work that way?