Rather than relying on the older format of cookies; Rollator’s administrative interface is now closely-knit with PHP’s session management. I’ll most likely create a bit more of an abstract layer for handling all of this.

As it stands, I’m now nearly cookie free, with everything nice and encrypted, mostly server-side. All that’s transmitted after the initial login is your cookie ID for PHP’s internal session management.