Well, someone told me I shouldn't be so reliant on $_SESSION because it is easier to break - especially with Tabbed Browsing. (I didn't really understand what the person meant at the time, but sine then, I have been trying to get more comfortable passing stuff from page to page via the Query String *IF* I think it is safe data to pass, and thus the whole point of this thread?! :)
The generally accepted rule of thumb is to use GET (i.e. in URL) to "get" stuff - a page, json etc. and POST (i.e. in a form) to post (send) stuff to the server for further handling.