Fix: ws session extraction

2025-04-08 18:55:09 +02:00 · 2019-12-11 13:04:45 +01:00 · 2019-12-11 13:04:45 +01:00 · bb093482a7
commit bb093482a7
parent 6bdfe87bc0
1 changed files with 12 additions and 4 deletions
--- a/pandora_console/include/lib/WSManager.php
+++ b/pandora_console/include/lib/WSManager.php
@ -271,12 +271,20 @@ class WSManager extends WebSocketServer
    {
        global $config;

-        $php_session_id = \str_replace(
-            'PHPSESSID=',
-            '',
-            $user->headers['cookie']
+        $match;
+        $php_session_id = '';
+        \preg_match(
+            '/PHPSESSID=(.*)/',
+            $user->headers['cookie'],
+            $match
        );

+        if (is_array($match) === true) {
+                $php_session_id = $match[1];
+        }
+
+        $php_session_id = \preg_replace('/;.*$/', '', $php_session_id);
+
        // If being redirected from proxy.
        if (isset($user->headers['x-forwarded-for']) === true) {
            $user->address = $user->headers['x-forwarded-for'];