Sessions seem sort of scary, but they are actually pretty simple, and can make life much easier.
Get into sessions, and when you find a new security concern, or potential problem, attack the problem in terms of your existing session code, rather than trying to get it all worked out before you even try to use them.
