$_SESSION questions

After setting variables with the $_SESSION array and redirecting the user to another page, I tried checking for the existence of the variables I set, but it was as if I had never initialized them. Then, after looking at some threads here I noticed them using session_start() before accessing the session variables.

I was mistakenly under the impression that you only used the session_start() function to actually begin the session, but after reading php.net's description of it, I realized it also makes session variables available to the current script.

Is checking if a session variable is set a good way to see if a user is logged in? Should I do anything in addition for added security? I'm currently also recording the session id and ip address into a mysql db for additional verification, but since I have limited experience, I was wondering if that is actually useful, or if it's just overkill.

Also, I was wondering how the session variables are stored. I am currently using the 'only use cookies' setting, and I was just curious about how it is actually accessed. Are all of the variables stored in the cookie, or is it just the session id, which is then used to access the variables from a server-side cache?

Thanks for the helpful site, I've been teaching myself web development techniques using this and other similar sites, and appreciate the generosity of knowledge and experience that I get for nothing more than my time.