This is a suggestion of compilation directive to use when compiling PHP specifically for the audited code.
The selection made below is based on the extension usage, found in the code (--enable, --with) and also the absence of usage (--disable, --without).
Some local extensions (--pdo-mysql, --with-libmbfl...) are also mentionned for help.
;;;;;;;;;;;;;;;;;;;;;;;;
; PHP configure list ;
;;;;;;;;;;;;;;;;;;;;;;;;
./configure
--disable-ctype
--disable-dom
--disable-fileinfo
--disable-filter
--disable-hash
--without-iconv
--disable-json
--disable-libxml
--with-mysqli
--enable-pdo
--with-pdo-odbc
--with-pdo-mysql
--with-pdo-pgsql
--with-pdo-oci
--with-pdo-firebird
--with-pdo-dblib
--with-pdo-cubrid
--without-pear
--disable-posix
--disable-session
--without-sqlite3
--disable-tokenizer
--disable-xml
--disable-xmlreader
--with-xmlrpc[=DIR]
--disable-xmlwriter
; For debug purposes
;--enable-dtrace
;--disable-phpdbg
;--enable-zend-signals
;--disable-opcache