First, whenever my login cookie expires and I refresh the page, it logs me out as usual. However, clicking the login option with the middle mouse button to open it in a new tab (since I'm a neat freak and don't want the tab to navigate away) opens the login screen in a new tab and redirects the old tab to the board index, with the old session ID in the URL bar as a PHP argument.
Second, after I get logged out by cookie expiration and log in, any forum pages I had loaded before the forced logout has &sid=[long hexadecimal number] appended to every topic link. Trying to open any topic from this page causes an error message like this:
No route found for "GET /thread/17518/If-______-was-directing-EVA/&sid=5c59393476e71920df25da4b7235e31b"
Refreshing the page or copypasting the URL and manually deleting the bad argument fixes the problem, but only until the next logout/login cycle. I'm not all that good in web programming, but I think I can see what's wrong: whatever part of the site engine handles link generation gets erroneous input. That is, whatever gives the link generator the URLs is trying to pass on a PHP argument, but doesn't check whether the URL itself points at a PHP file or a HTML directory request and causes the error in the latter case.