How come my PHP sessions aren't carrying across?

Question

You can find all source files at http://github.com/a2h/Sponge-CMS/tree/master

Okay, here is my login page, and here is a function isloggedin():

function isloggedin()
{   
    // is the user set to remember?
    if (pisset('cookie',array('cookuname','cookpwd')))
    {
     pset('session',array('uname'=>$_COOKIE['cookuname'],'pwd'=>$_COOKIE['cookpwd']));
    }

    // user's session is still active
    if (pisset('session',array('uname','pwd')))
    {
     // but is their user/pass pair correct?
     if (isexistinguser($_SESSION['uname'], $_SESSION['pwd'], true) != 1)
     {
      // NO? gtfo
      punset('session',array('uname','pwd'));
      return false;
     }
     return true;
    }
    // user isn't active D:
    else
    {
     return false;
    }
}

EDIT: I've added new functions prefixed with p that handle $_SESSION and $_COOKIE values - refer to functions.php line 228.

This used to work, but for some reason not any longer.

Accessing every part of the script is through index.php in the root folder, which first off calls session_start().

I've been placing var_dump($_SESSION) right below session_start() in index.php and I've noticed it shows Array( ), but putting die(var_dump($_SESSION)) after the login script sets the session values shows that the $_SESSION values have been set.

Yet. Every page load, $_SESSION blanks. Why is this the case?

I've tried to check whether the session_id() on the login script and in index.php are the same, and they are.

Logging in does report back that it has successfully logged me in.

UPDATE: In template.php line 131 - function outputAll() - I have put print_r($_SESSION); right before echo $this->build(); and after it; on the login page when it has received the $_POST data, it shows the expected $_SESSION above the page (i.e. the print_r above the call to build()), and "Array ( )" below the page. So somewhere in build() the session must have had something done to it. But... this is build()...

function build()
{
 if ($this->disabled)
 {
  return $this->content;
 }
 else
 {
  global $footer;
  ob_start();
  $location = $this->location;
  include($this->location['theme_nr'].'/overall.php');
  return ob_get_clean();
 }
}

UPDATE: Narrowed it down to line 32 of the aforementioned overall.php. print_r($_SESSION); shows expected output before it only.

if (isloggedin())
{
 echo '<b>Logged in as: '.$_SESSION['uname'].'</b>
 (<a href="index.php?p=admin">admin</a> |
 <a href="'.$location['admin'].'&amp;s=logout">logout</a>)';
}
else
{
 echo '<b>Not logged in</b>
 (<a href="index.php?p=admin">login</a> |
 <a href="'.$location['admin'].'&amp;s=register">register</a>)';
}

Answer 1

Is there an issue maybe with your tmp dir, where the session data/files are stored? Probably a long shot, but I've had that issue once before.

Answer 2

Surprisingly, I have been led around a long hunt and I have been led back into a loop to find that this is the cause.

if (isexistinguser($_SESSION['uname'], $_SESSION['pwd'], true) != 1)
{
 // NO? gtfo
 punset('session',array('uname','pwd'));
 return false;
}

The != on the first line of the snippet should have been a ==... *facepalm*