Marcus
Well-known member
Each visitor gets a xf_session cookie. With the login you also get a xf_user cookie. When you disable the xf_session cookie after login, the xf_user cookie lets you still browsing the community as a logged in member. What are the purposes of the xf_session cookies? I found these:
Why is the xf_session cookie not removed when a user logs in?
As a sidenote: The xf_user cookie lets you browse the community pages without the xf_session cookie. The xf_admin cookie only works with the xf_session cookie.
- guest personalized settings like "disable this information"
- the login pages - I guess as well as the register pages - only work with this cookie
Why is the xf_session cookie not removed when a user logs in?
As a sidenote: The xf_user cookie lets you browse the community pages without the xf_session cookie. The xf_admin cookie only works with the xf_session cookie.
Last edited: