On 23/02/12 23:53, Jure Kodzoman wrote: > I would go with what bill said. Clean out the sessions that don't have > cart. As Grant already pointed out, it leaves sensitive data exposed when there is a shopping cart. Peter