After a lot of testing I discovered that the process of clearing cookies that is part of the ‘remember me’ function wasn’t working correctly.
When the logout menu option is called it runs onExecute from the menu:
if({sc_script_name} == 'login'){
if(isset($_COOKIE['usr_data'])){
unset($_COOKIE['usr_data']);
} sc_logged_out([logged_user], [logged_date_login]);
}
However, it turns out (at least on Firefox) this won’t work - the cookie is not destroyed - just the session variable $_COOKIE, so next time the login page loads it still seems to read the stored cookie.
This was fixed by correcting it to:
if({sc_script_name} == 'login'){ if(isset($_COOKIE['usr_data'])){ unset($_COOKIE['usr_data']); setcookie("usr_data", '',time()-3600,'/'); }
which expires the cookie and causes the browser to destroy it.
See also: https://stackoverflow.com/questions/20323284/cookie-unset-not-working-properly/20324115