The cleanest way is probably to keep your session variables in hidden fields and pass these along from page to page.

Cookies are used for it as well, sometimes in combination with a database (to store the session data).

If your web-server is Apache, there are numerous session-modules who play nice with Apache!

Or you could have your users log-in and use their log-in name as the key to a database storage of their session data.