Just because this came up recently elsewhere, be careful with use of sub-domains (include
www.), as that can impact whether or not the client sends the session cookie to a given page. It might explain why it would work in some situation and not in others, as if some links just specify "yourdomain.com' but others hit 'www.yourdomain.com', you may not receive the session cookie back from the browser. You can help prevent any such problem with:
session_set_cookie_params(60 * 60 * 24, '/', '.yourdomain.com'); // note leading dot for domain
This is a useful thing to stick into any start-up script you
require on each page, as the cookie will then be exchanged regardless of whether any sub-domain is specified or not.