Couple of corrections:

A logout doesn't delete the session info from the server unless the developer chooses to do so. It's more common to retain it so that the user can be greeted etc. on return

Getting the session ID from the cookie is one of two default behaviours. The other is to look for a CGISESSID among the URL parameters. The latter method has disadvantages but would solve this requirement in that each 'tab' could then have its own session and login status.