Do not trust a deleted cookie to indicate a logout. Instead, use a long-life cookie to "brand" a browser, and associate a branded browser with a "session" on the server side that will eventually time out, or be destroyed if explicit action is taken.

I detail the strategy and provide sample code at one of my most-frequently referenced columns.