Session.php: After setting the QFQ cookie lifetime AND calling setcookie() after session_start(), the QFQ session remains. Also, skipping Session::clearAll() protects against broken SIP after logout!