From 95537fb60e0c1a8c28b7617fe39f6d16da742aae Mon Sep 17 00:00:00 2001
From: Joshua Ramon Enslin <joshua@museum-digital.de>
Date: Thu, 12 Nov 2020 19:54:43 +0100
Subject: [PATCH] Extend MD_JAIL with .user_ini proposals for restricting
 maximum inputs

---
 MD_JAIL.php | 11 +++++++----
 1 file changed, 7 insertions(+), 4 deletions(-)

diff --git a/MD_JAIL.php b/MD_JAIL.php
index 01470bb..d1ba860 100644
--- a/MD_JAIL.php
+++ b/MD_JAIL.php
@@ -42,7 +42,7 @@ final class MD_JAIL {
      * Static function providing an advisory on how to harden the php.ini or
      * .user.ini.
      *
-     * @param array{shell_access_whitelist: string[], sys_function_whitelist: string[], file_function_whitelist: string[], file_uploads: bool, allow_url_fopen: bool, max_input_vars: integer, max_input_nesting_level: integer, curl: bool} $requested_resources Requested resources.
+     * @param array{shell_access_whitelist: string[], sys_function_whitelist: string[], file_function_whitelist: string[], file_uploads: bool, allow_url_fopen: bool, max_input_vars: integer, max_input_nesting_level: integer, post_max_size: string, curl: bool} $requested_resources Requested resources.
      *
      * @return string
      */
@@ -96,13 +96,16 @@ final class MD_JAIL {
         $output .= PHP_EOL . PHP_EOL . '## .user.ini' . PHP_EOL;
 
         if ($requested_resources['file_uploads'] === false) {
-            $output .= PHP_EOL . "php_value[upload_max_filesize] = 1";
+            $output .= PHP_EOL . "upload_max_filesize = 1";
         }
         if ($requested_resources['max_input_vars'] != ini_get("max_input_vars")) {
-            $output .= PHP_EOL . "php_value[max_input_vars] = " . $requested_resources['max_input_vars'];
+            $output .= PHP_EOL . "max_input_vars = " . $requested_resources['max_input_vars'];
         }
         if ($requested_resources['max_input_nesting_level'] != ini_get("max_input_nesting_level")) {
-            $output .= PHP_EOL . "php_value[max_input_nesting_level] = " . $requested_resources['max_input_nesting_level'];
+            $output .= PHP_EOL . "max_input_nesting_level = " . $requested_resources['max_input_nesting_level'];
+        }
+        if ($requested_resources['post_max_size'] != ini_get("post_max_size")) {
+            $output .= PHP_EOL . "post_max_size = " . $requested_resources['post_max_size'];
         }
 
         $output .= PHP_EOL . PHP_EOL . '## PHPStan Directives' . PHP_EOL . PHP_EOL . "    disallowedFunctionCalls:" . PHP_EOL;