Paul,
I have just been asking/answering that very same question. If you use PHP4 you can compile it with --enable-trans-sid and then alter the php.ini file. Look for session.use_cookies and set that to 0. Now PHP will not use any cookies at all, and all relative URL's will have the SID (session ID) appended automagically. Just have a session_start on each page and off you go.
Also quite useful for making sure people do not circumvent login's etc as you can check for valid users etc.
Hope this helps
Tom
