From d58359d78bead7e75d43538bbd0a60b3743b10d7 Mon Sep 17 00:00:00 2001
From: Linus Xu <linus_xu@live.com>
Date: Fri, 24 Apr 2026 13:17:28 +0800
Subject: [PATCH 1/2] Fix reversed comment for {,un}encrypted file uploads

I opted to move the `export` statements since the note on the encrypted option somewhat requires the unencrypted one as pretext for comparison.
---
 .env | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/.env b/.env
index 0f94d1a7..10e7f4b7 100644
--- a/.env
+++ b/.env
@@ -240,14 +240,14 @@ export MICROBIN_ENCRYPTION_SERVER_SIDE=true
 # export MICROBIN_DEFAULT_PRIVACY=
 
 # Limit the maximum file size users can upload without
-# encryption. Default value: 256.
-export MICROBIN_MAX_FILE_SIZE_ENCRYPTED_MB=256
+# encryption. Default value: 2048.
+export MICROBIN_MAX_FILE_SIZE_UNENCRYPTED_MB=2048
 
 # Limit the maximum file size users can upload with
 # encryption (more strain on your server than without
 # encryption, so the limit should be lower. Secrets tend to
-# be tiny files usually anyways.) Default value: 2048.
-export MICROBIN_MAX_FILE_SIZE_UNENCRYPTED_MB=2048
+# be tiny files usually anyways.) Default value: 256.
+export MICROBIN_MAX_FILE_SIZE_ENCRYPTED_MB=256
 
 # Disables the feature that checks for available updates
 #  when opening the admin screen.

From 36800e6828ace63ba26c58d7e68b9f6ff0b14fcb Mon Sep 17 00:00:00 2001
From: Linus Xu <linus_xu@live.com>
Date: Fri, 24 Apr 2026 13:24:26 +0800
Subject: [PATCH 2/2] Fix ordering for {client,server}-side encryption

Secret is a higher level than private so not changing the export orders.
---
 .env | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/.env b/.env
index 10e7f4b7..39175e37 100644
--- a/.env
+++ b/.env
@@ -221,14 +221,14 @@ export MICROBIN_HASH_IDS=false
 # server sees everything that the user submits, therefore
 # the user does not have complete and absolute protection.
 # Default value: false
-export MICROBIN_ENCRYPTION_CLIENT_SIDE=true
+export MICROBIN_ENCRYPTION_SERVER_SIDE=true
 
 # Enables client-side encryption. This will add the secret
 # privacy level where the user's browser encrypts all data
 # with JavaScript before sending it over to MicroBin, which
 # encrypt the data once again on server side.
 # Default value: false
-export MICROBIN_ENCRYPTION_SERVER_SIDE=true
+export MICROBIN_ENCRYPTION_CLIENT_SIDE=true
 
 # Sets the default privacy level for new pastas. Available options:
 # public - shows in listing, no password required