Skip to content

Commit 1124a30

Browse files
mebjasmebjas
committed
Merge pull request #35 from stephenlawrence/issue34-config-file-location
issue34-config-file-location - add config option for composer The library checks for config location { path relative to lib | composer config} and use one that exist.
2 parents 8204ba2 + 54d048f commit 1124a30

File tree

2 files changed

+21
-4
lines changed

2 files changed

+21
-4
lines changed

libs/csrf/csrfprotector.php

Lines changed: 15 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -104,11 +104,22 @@ public static function init($length = null, $action = null)
104104
if (session_id() == '')
105105
session_start();
106106

107-
if (!file_exists(__DIR__ ."/../config.php"))
108-
throw new configFileNotFoundException("OWASP CSRFProtector: configuration file not found for CSRFProtector!");
107+
/*
108+
* load configuration file and properties
109+
* Check locally for a config.php then check for
110+
* a config/csrf_config.php file in the root folder
111+
* for composer installations
112+
*/
113+
$standard_config_location = __DIR__ ."/../config.php";
114+
$composer_config_location = __DIR__ ."/../../../../../config/csrf_config.php";
109115

110-
//load configuration file and properties
111-
self::$config = include(__DIR__ ."/../config.php");
116+
if (file_exists($standard_config_location)) {
117+
self::$config = include($standard_config_location);
118+
} elseif(file_exists($composer_config_location)) {
119+
self::$config = include($composer_config_location);
120+
} else {
121+
throw new configFileNotFoundException("OWASP CSRFProtector: configuration file not found for CSRFProtector!");
122+
}
112123

113124
//overriding length property if passed in parameters
114125
if ($length != null)

readme.md

Lines changed: 6 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -23,6 +23,12 @@ php composer.phar install
2323
```
2424
This will add CSRFP (library will be downloaded at ./vendor/owasp/csrf-protector-php) to your project directory. View [packagist.org](https://packagist.org/) for more help with composer!
2525

26+
Configuration
27+
==========
28+
For composer installations: Copy the config.sample.php file into your root folder at config/csrf_config.php
29+
For non-composer installations: Copy the libs/csrf/config.sample.php file into libs/csrc/config.php
30+
Edit config accordingly. See Detailed Information link below.
31+
2632
How to use
2733
==========
2834
```php

0 commit comments

Comments
 (0)