Hello again folks! I just downloaded and tried out Core Session Tracking. Let me just say that I am impressed. This is so much nicer than manually setting cookies... Or trying to, and failing. :-) First question: Say my cookies are set to last 14 days, but my session data manager only stores session data for 60 minutes... What happens? Say a visitor comes, sets some preferences, leaves and comes back two days later. A new session oject is created. Are the old cookies "imported" in the new object or is the data lost? Second question (not really as important for me): Is a Core Session Trackink-enabled site not more vulnerable to DOS attacks? Are there plans to eventually add sometghing to protect against OOM situations due to DOS attacks, like limiting the maximum amount of RAM used by core session tracking? PS: BTW, thanks again for Core Session Tracking. So far, it looks really cool: powerful and dead simple to use. The documentation in help/ seems needlessly compicated, though. -- Jérôme Loisel Lévinux: GNU/Linux dans les communautés à Lévis