csrfProtector::init PHP Method

        public static function init($length = null, $action = null)
        {
            /*
             * if mod_csrfp already enabled, no verification, no filtering
             * Already done by mod_csrfp
             */
            if (getenv('mod_csrfp_enabled')) {
                return;
            }
            //start session in case its not
            if (session_id() == '') {
                require_once __DIR__ . "/../../../../../sources/sessions.php";
                session_start();
            }
            /*
             * load configuration file and properties
             * Check locally for a config.php then check for
             * a config/csrf_config.php file in the root folder
             * for composer installations
             */
            $standard_config_location = __DIR__ . "/../csrfp.config.php";
            $composer_config_location = __DIR__ . "/../../../../../config/csrf_config.php";
            if (file_exists($standard_config_location)) {
                self::$config = (include $standard_config_location);
            } elseif (file_exists($composer_config_location)) {
                self::$config = (include $composer_config_location);
            } else {
                throw new configFileNotFoundException("OWASP CSRFProtector: configuration file not found for CSRFProtector!");
            }
            //overriding length property if passed in parameters
            if ($length != null) {
                self::$config['tokenLength'] = intval($length);
            }
            //action that is needed to be taken in case of failed authorisation
            if ($action != null) {
                self::$config['failedAuthAction'] = $action;
            }
            if (self::$config['CSRFP_TOKEN'] == '') {
                self::$config['CSRFP_TOKEN'] = CSRFP_TOKEN;
            }
            // Validate the config if everythings filled out
            foreach (self::$requiredConfigurations as $value) {
                if (!isset(self::$config[$value]) || self::$config[$value] == '') {
                    throw new incompleteConfigurationException("OWASP CSRFProtector: Incomplete configuration file!");
                    exit;
                }
            }
            // Authorise the incoming request
            self::authorizePost();
            // Initialize output buffering handler
            ob_start('csrfProtector::ob_handler');
            if (!isset($_COOKIE[self::$config['CSRFP_TOKEN']]) || !isset($_SESSION[self::$config['CSRFP_TOKEN']]) || !is_array($_SESSION[self::$config['CSRFP_TOKEN']]) || !in_array($_COOKIE[self::$config['CSRFP_TOKEN']], $_SESSION[self::$config['CSRFP_TOKEN']])) {
                self::refreshToken();
            }
            // Set protected by CSRF Protector header
            header('X-CSRF-Protection: OWASP CSRFP 1.0.0');
        }

 /**
  * Test for exception thrown when env variable is set by mod_csrfprotector
  */
 public function testModCSRFPEnabledException()
 {
     putenv('mod_csrfp_enabled=true');
     $temp = $_COOKIE[csrfprotector::$config['CSRFP_TOKEN']] = 'abc';
     $_SESSION[csrfprotector::$config['CSRFP_TOKEN']] = array('abc');
     csrfProtector::init();
     // Assuming no cookie change
     $this->assertTrue($temp == $_SESSION[csrfprotector::$config['CSRFP_TOKEN']][0]);
     $this->assertTrue($temp == $_COOKIE[csrfprotector::$config['CSRFP_TOKEN']]);
 }