I use a session script which should pass all variables to a secure connection.

Like when someone enters [mydomain.com...] he is able to to fill a shopping cart (no ssl) and can switch to a secure connection (let's assume it's [mydomain.com)...]

but however all my session data is lost once I switch to an SSL connection. How can I get the session data to be available through both connections?

My session script looks like this:

<?php
session_cache_limiter('private');
session_cache_limiter();
session_start();
if(isset($HTTP_GET_VARS["session_id"])) {
 $_SESSION["session_id"] = $HTTP_GET_VARS["session_id"];
 $session_id = $HTTP_GET_VARS["session_id"];
}
if(!isset($_SESSION["session_id"]) ¦¦ $_SESSION["session_id"] == ""){
  $_SESSION["session_id"] = session_id();
}
$session_id = $_SESSION["session_id"];
if(isset($username) && $username!= "") {
 $_SESSION["username"] = $username;
 $username = $_SESSION["username"];
}
?>

So I want the session_id and username to be available on SSL as without SSL.

any ideas?
I also do not want to set a cookie specifically using setcookie since I want the session only to be alive during open browser window, once it's closed the session should be gone...

thanks in advance