While developing something for facebook I noticed that the PHP session of my code was vanishing - but only in InternetExplorer. After searching, it seemed the issue was to do with iFrames (as facebook opens the code in an iFrame). If the domain of the website inside the iFrame doesn't match the domain of the browser (esentially the site hosting the iFrame), then all cookies from that website are declined as they are seen as third party and potentially dangerous.
At present it appears that IE is the only browser to act in this manner, implementing Platform for Privacy Preferences (P3P) Project. However, there are two ways to resolve the issue. The first is to reduce the security settings of the browser, which is not very practical for the developer; and the second is to implement a P3P header with specific tokens set to allow the cookies. For PHP, this would be:
header('P3P: CP="CAO PSA OUR"');