By default, PHP uses the 'PHPSESSID' cookie to propagate session data across multiple pages, and by default it uses the current top-level domain and subdomain in the cookie declaration.

Example: www.domain.com

The downside to this is that the session data can't travel with you to other subdomains. So if you started a session on www.domain.com, the session data would become unavailable on forums.domain.com. The solution is to change the domain PHP uses when it sets the 'PHPSESSID' cookie.

Assuming you have an init file that you include at the top of every PHP page, you can use the ini_set() function. Just add this to the top of your init page:

ini_set('session.cookie_domain',
substr($_SERVER['SERVER_NAME'],strpos($_SERVER['SERVER_NAME'],"."),100));

This line of code takes the domain and lops off the subdomain.

Example: forums.domain.com -> .domain.com

Now, every time PHP sets the 'PHPSESSID' cookie, the cookie will be available to all subdomains!

Editor P.S: Also we can use the statement session_set_cookie_params(0, '/', '.domain.com'); to achieve the same effect. Remember to put this statement at the beginning of the page

Source : http://www.epigroove.com/posts/87/using_php_sessions_across_subdomains