I'm writing a custom registration module that collects lots of user-entered details in forms spread across several pages (I've tried various modules, e.g. nf_registration_mod, accounttypes, rolesignup, pageroute, etc., but none work in quite the way I need). I don't want to create a new user until all the details have been collected so the plan is to save the details as $_SESSION variables in between pages, e.g. $SESSION['first_name']. Each form has 'Forward' and 'Back' buttons and each form field is set to display the appropriate $_SESSION variable if it is set (or $user->field_name if an existing user is editing their details), e.g.
$form['first_name'] = array(
'#type' => 'textfield',
'#title' => t('First name'),
'#default_value' => (isset($_SESSION['first_name'])) ? $_SESSION['first_name'] : $user->first_name,
'#description' => t('Your legal first name.'),
However, if I'm not logged in, when I hit the 'Back' button on one of these forms, all the fields on the previous form are empty - but if I log in at this point, all the variables suddenly appear. It seems that anonymous users can write to, but can't read from the session. Is Drupal designed to work like this? If so, is there a way to allow anonymous users to see the $_SESSION variables?