The "session" associated with web storage's sessionStorage
has nothing to do with the PHP session. You can use sessionStorage
whether or not your PHP server is doing sessions.
Cookies are also unrelated to PHP's sessions, other than that PHP will use a cookie to try to remember the session if you have sessions enabled.
Is it that a cookie needs a session ID so that the site can recognize it?
More the other way around: The PHP session's ID is stored in a cookie, if you use PHP sessions. Cookies relate to the domain, and persist for that domain until either their expiration time is reached, the user clears cookies, or the browser decides it needs to discard the cookie because it has too much cookie data.
So yes, you can use both cookies and sessionStorage
even if PHP's sessions are turned off.