In the example above, '$session_dir' is given the path of a directory that can be written to freely by the web server. '/tmp' is an ideal candidate but if you are planning to scale this solution to a lot of users or a lot of sessions held over time, it may be a good idea to choose an area of file space that is much bigger or look at using another storage method. CGI::Session has support for Berkley DB and SQL databases such as MySQL.
The session itself has a 'shelf life' here of 1 hour as too does the cookie.
The cookie 'name' of CGISESSID is the 'default' name that CGI::Session expects to find but this behavior can be changed – see the manual pages for CGI::Session.
$session->id is a function that returns a string that is unique to the current user which can then be used to identify said user in a later HTTP transaction.
$session->param('some_value') is CGI::Session's method for retrieving a value from a previous session.
$session->param('some_value', $data) is the method for saving data BACK to the parameter of name 'some_value'
NB: not just scalar values can be saved to the session in this way but also references to data structures, if passed to the 'param' method for saving will be 'serialized' and stored by the module.
Indeed, entire objects can be saved in this way,
save_param($cgi)
where $cgi is a reference to a CGI.pm object, saves the current CGI variables to a CGI::Session object