Maintaining data between request is the whole point of the session mechanism. Is there a reason why this is not an option for you?
Aside from sessions, you're pretty much limited to the standard HTTP methods of passing data: the POST and GET protocols, and the cookies. None of these are altogether appealing for large amounts of data, especially sensitive data, since it's always passed back and forth between the server and client, thus wasting bandwidth and exposing it to hijacking.
Note that PHP's standard session mechanism is not the only way to maintain data in a session. You could use a custom file, or more complex storage devices such as databases or in-memory storage (like Memcache.) There are a number of ways you could achieve such a thing, ranging from using PHPs normal sessions to store IDs to overriding PHP's normal session handling with your own.