Don't see why not. The browser will still have the session variable in its cookie, and (unless they spent a long time at PayPal) the server won't have expired it...

Of course, if the browser's not accepting cookies then the browser will lose the session ID (because it must have been in the URL) when it goes to the Paypal site and then the session is dead.

Well,

Since the entire site (my own) is based on sessions, i guess customers checking out must have accepted cookies.

So i guess the session will stay alive.

It's quite important because when the customer returns, he/she should be able to download whatever he/she selected to begin with, which on the site is identified by session_id();

On the site, i create directories named after the session_id(), so the customer should get into that specific dir.

thefisherman