To start a PHP session in your script, simply call the session_start() function.
If this is a new session, this function generates a unique SID for the session and sends it to the browser as a cookie called PHPSESSID (by default).
However, if the browser has sent a PHPSESSID cookie to the server because a session already exists, session_start() uses this existing session:
session_start() needs to send the PHPSESSID cookie in an HTTP header when it creates a session, you must call it before you output anything to the browser, much like you do with setcookie():
The following code generates a "Cannot send session cookie-headers already sent" warning, since 'Hi there!' is outputed first.
Hi there! <?php session_start(); ?>