I am implemeting an e-commerce site with credit-card processing done
by an external payment processor. Right now I am evaluating
itransact.com.

They have a feature where I can send a ret_addr (a full url of a script
on my server, say, fromPP.php) and variable name/value pairs to them
when I "submit" a form. Then they do a POST to fromPP.php and pass the
variables as POST variables along with the status code etc. One of the
variables I am passing is the session id, say, SESSid, when I submit
the form to their site.

The idea is to maintain the state in fromPP.php by doing a
session_id($SESSid). I am able to get the right SESSid from the
payment processor and after doing session_id($SESSid) I am able to
access all session variables declared before submitting the form, but
when I try to register new session variables in fromPP.php, for
example, by calling session_register("FROMPP_xid"), nothing happens.
There are no errors but this variable does not actually get registered.
If I start a new session in fromPP.php, then it works fine, but I
lose the state.

This looks like a bug to me.