The code looks pretty straight forward compared to mine.
For the expired sessions, you'll want to make sure the Courses DispForm.aspx page is set up to pass in the proper query string parameters so that the Register.aspx page can parse it properly. It builds a hyperlink like:
<xsl:variable name="RegisterURL" select="concat('../../Lists/Registrations/Register.aspx?CourseID=',$Rows/@ID,'&CourseTitle=',ddwrt:UrlEncode($Rows/@Title),'&CourseStartTime=',$Rows/@EventDate,'&CourseEndTime=',$Rows/@EndDate,'&IsAvailableSeating=',$IsAvailableSeating)" />
Since it looks like you renamed the Course names to Session, you'll want to make sure that it's being properly passed in. If it isn't than that would explain why you could sign up for past sessions.
It might also explain why you can dual register sometimes.
The only registration issues we've seen is that very infrequently users can overbook the course. This has only happened once in several hundred courses. It was a high demand class and many registered at once, so the workflow wasn't keeping up with the demand.