Sessions are handled on the server and by the browser. You do not have to manually deal with sessions in the C2 client.
The way it works is that you have a login script: login.php. THAT script is where you create and set parameters in the session. When the client logs in using that script, the server will set (on PHP's request) a session with a session ID in the Response Headers and the browser will store it as a cookie and return it to the server every request. You will be able to see this in the developer tools in Chrome (ctrl-shift-i) under the network tab and Headers.
So, long story short, you only deal with sessions in PHP, not in C2.
Some links to help:
http://machinesaredigging.com/2013/10/2 ... sion-work/
http://stackoverflow.com/questions/1009 ... gin-script
https://www.formget.com/login-form-in-php/