Check out CGI::Session. It can transparently handle sessions via cookies or sessionids for every URL.

Update: Forgot to add that you can store information on the server that is associated with a session, so cookies aren't needed.