Compare commits

..

13 Commits

Author SHA1 Message Date
gitea-actions[bot] 9c1ce2bd44 chore(version): pre-release bump to 01.45.07-dev [skip ci] 2026-06-29 15:28:04 +00:00
gitea-actions[bot] 2b36fa47e3 chore(version): auto-bump patch 01.45.06-dev [skip ci] 2026-06-29 15:27:47 +00:00
jmiller c21e237c38 chore: migrate update server URLs to MokoGitea
Universal: Auto Version Bump / Version Bump (push) Successful in 11s
Universal: Pre-Release / Build Pre-Release (${{ inputs.stability || github.ref_name }}) (push) Successful in 21s
2026-06-29 15:22:53 +00:00
gitea-actions[bot] 0b21c61578 chore(version): pre-release bump to 01.45.05-dev [skip ci]
RC Revert / Rename rc/ back to dev/ (pull_request) Has been skipped
Branch Cleanup / Delete merged branch (pull_request) Failing after 2s
2026-06-29 15:11:27 +00:00
jmiller 433eb6a967 chore: migrate update server URLs to MokoGitea
Universal: PR Check / Branch Policy (pull_request) Successful in 2s
Universal: PR Check / Validate PR (pull_request) Failing after 7s
Generic: Project CI / Lint & Validate (pull_request) Successful in 15s
Universal: PR Check / Secret Scan (pull_request) Successful in 13s
Universal: Pre-Release / Build Pre-Release (${{ inputs.stability || github.ref_name }}) (push) Successful in 30s
Joomla: Metadata Validation / Validate Joomla Metadata (pull_request) Successful in 1m2s
Generic: Project CI / Tests (pull_request) Has been cancelled
Universal: PR Check / Build RC Package (pull_request) Has been cancelled
Universal: PR Check / Report Issues (pull_request) Has been cancelled
2026-06-29 15:11:04 +00:00
gitea-actions[bot] 611d9588f4 chore(version): pre-release bump to 01.45.03-dev [skip ci] 2026-06-29 11:36:41 +00:00
gitea-actions[bot] 7303d363f2 chore(version): pre-release bump to 01.45.02-dev [skip ci] 2026-06-29 11:36:17 +00:00
jmiller c6c6000d53 Merge pull request 'fix: Bootstrap modals' (#163) from fix/bootstrap-modals into dev
Universal: Auto Version Bump / Version Bump (push) Has been skipped
Universal: Pre-Release / Build Pre-Release (${{ inputs.stability || github.ref_name }}) (push) Successful in 22s
2026-06-29 11:35:38 +00:00
jmiller bed685e203 Merge pull request 'fix: MokoRestore improvements' (#162) from fix/mokorestore-improvements into dev
Universal: Auto Version Bump / Version Bump (push) Has been skipped
Universal: Pre-Release / Build Pre-Release (${{ inputs.stability || github.ref_name }}) (push) Successful in 25s
2026-06-29 11:35:30 +00:00
jmiller 35fd11cde9 chore: retrigger CI
Universal: PR Check / Branch Policy (pull_request) Successful in 1s
Universal: PR Check / Validate PR (pull_request) Failing after 8s
Universal: PR Check / Secret Scan (pull_request) Successful in 12s
RC Revert / Rename rc/ back to dev/ (pull_request) Has been skipped
Branch Cleanup / Delete merged branch (pull_request) Failing after 2s
Joomla: Metadata Validation / Validate Joomla Metadata (pull_request) Successful in 12s
Universal: Pre-Release / Build Pre-Release (${{ inputs.stability || github.ref_name }}) (push) Failing after 6s
Generic: Project CI / Lint & Validate (pull_request) Successful in 54s
Generic: Project CI / Tests (pull_request) Has been cancelled
Universal: PR Check / Build RC Package (pull_request) Has been cancelled
Universal: PR Check / Report Issues (pull_request) Has been cancelled
2026-06-29 06:33:42 -05:00
jmiller 6e731f2bca fix: remove run/backup buttons, move actions to detail view, custom restore script name, version bump 01.43.11-dev
Universal: PR Check / Branch Policy (pull_request) Successful in 1s
Universal: PR Check / Validate PR (pull_request) Failing after 6s
Generic: Project CI / Lint & Validate (pull_request) Successful in 12s
Universal: PR Check / Secret Scan (pull_request) Successful in 10s
Branch Cleanup / Delete merged branch (pull_request) Successful in 3s
RC Revert / Rename rc/ back to dev/ (pull_request) Has been skipped
Universal: Pre-Release / Build Pre-Release (${{ inputs.stability || github.ref_name }}) (push) Successful in 27s
Joomla: Metadata Validation / Validate Joomla Metadata (pull_request) Successful in 1m1s
Generic: Project CI / Tests (pull_request) Has been cancelled
Universal: PR Check / Build RC Package (pull_request) Has been cancelled
Universal: PR Check / Report Issues (pull_request) Has been cancelled
- Remove Run Backup / Backup Now buttons from profiles list, profile edit toolbar, and backup records view
- Move download, browse archive, and view log from backup list rows into individual backup record detail view
- Add download button to backup detail toolbar
- Link profile column in backup records list to profile edit
- Complete restore script filename customization across BackupEngine, SteppedBackupEngine, and MokoRestore
- Remove ordering field from profiles, default sort by ID ascending
- Fix untranslated JFIELD language keys
- Bump all manifests to 01.43.11-dev
2026-06-29 06:33:00 -05:00
gitea-actions[bot] 438a2fdaec chore(version): pre-release bump to 01.44.03-dev [skip ci] 2026-06-28 19:12:58 +00:00
gitea-actions[bot] 27a2008675 chore(version): auto-bump patch 01.44.02-dev [skip ci] 2026-06-28 19:12:46 +00:00
29 changed files with 172 additions and 133 deletions
+1 -3
View File
@@ -7,7 +7,7 @@
# INGROUP: mokocli.Release # INGROUP: mokocli.Release
# REPO: https://git.mokoconsulting.tech/mokoconsulting-tech/mokocli # REPO: https://git.mokoconsulting.tech/mokoconsulting-tech/mokocli
# PATH: /templates/workflows/universal/auto-release.yml.template # PATH: /templates/workflows/universal/auto-release.yml.template
# VERSION: 05.01.00 # VERSION: 05.00.00
# BRIEF: Universal build & release detects platform from manifest.xml # BRIEF: Universal build & release detects platform from manifest.xml
# #
# +=======================================================================+ # +=======================================================================+
@@ -75,7 +75,6 @@ jobs:
with: with:
token: ${{ secrets.MOKOGITEA_TOKEN }} token: ${{ secrets.MOKOGITEA_TOKEN }}
fetch-depth: 1 fetch-depth: 1
submodules: recursive
- name: Setup mokocli tools - name: Setup mokocli tools
env: env:
@@ -174,7 +173,6 @@ jobs:
with: with:
token: ${{ secrets.MOKOGITEA_TOKEN }} token: ${{ secrets.MOKOGITEA_TOKEN }}
fetch-depth: 0 fetch-depth: 0
submodules: recursive
- name: Configure git for bot pushes - name: Configure git for bot pushes
run: | run: |
+1 -1
View File
@@ -5,7 +5,7 @@
# FILE INFORMATION # FILE INFORMATION
# DEFGROUP: Gitea.Workflow # DEFGROUP: Gitea.Workflow
# INGROUP: mokocli.Automation # INGROUP: mokocli.Automation
# VERSION: 02.52.18 # VERSION: 01.45.07
# BRIEF: Auto-create feature branch when an issue is opened # BRIEF: Auto-create feature branch when an issue is opened
name: "Universal: Issue Branch" name: "Universal: Issue Branch"
+132 -12
View File
@@ -1,17 +1,7 @@
# Changelog # Changelog
## [Unreleased] ## [Unreleased]
## [02.52.18] --- 2026-06-30
## [02.52.18] --- 2026-06-30
## [01.45.00] --- 2026-06-28
## [01.45.00] --- 2026-06-28
## [01.43.35] --- 2026-06-28
### Added ### Added
- Customizable restore script filename per backup profile (reduces discoverability on remote servers) - Customizable restore script filename per backup profile (reduces discoverability on remote servers)
- MokoRestore standalone mode: multi-ZIP selector when multiple backup archives are present - MokoRestore standalone mode: multi-ZIP selector when multiple backup archives are present
@@ -27,7 +17,6 @@
- MokoRestore cleanup and security messages now reference the actual script filename instead of hardcoded "restore.php" - MokoRestore cleanup and security messages now reference the actual script filename instead of hardcoded "restore.php"
### Fixed ### Fixed
- SSH key indicator detection and missing delete language key
- Bootstrap 5 modal conversion for snapshots view (data-bs-dismiss, modal-footer, getOrCreateInstance) - Bootstrap 5 modal conversion for snapshots view (data-bs-dismiss, modal-footer, getOrCreateInstance)
- ntfy default URL changed from ntfy.sh to ntfy.mokoconsulting.tech - ntfy default URL changed from ntfy.sh to ntfy.mokoconsulting.tech
- Untranslated JFIELD_ORDERING_ASC / JFIELD_ORDERING_LABEL language keys replaced with component-specific keys - Untranslated JFIELD_ORDERING_ASC / JFIELD_ORDERING_LABEL language keys replaced with component-specific keys
@@ -36,3 +25,134 @@
- MokoRestore stalling: unhandled promise rejections from network errors or non-JSON responses left UI in loading state - MokoRestore stalling: unhandled promise rejections from network errors or non-JSON responses left UI in loading state
## [01.43.00] --- 2026-06-24 ## [01.43.00] --- 2026-06-24
## [01.43.00] --- 2026-06-24
## [01.42.00] --- 2026-06-23
## [01.42.00] --- 2026-06-23
## [01.41.00] — 2026-06-23
### Added — Multi-Remote Storage
- New `#__mokosuitebackup_remotes` table for multiple destinations per profile
- Remote destinations UI: AJAX-driven add/edit/delete/toggle modal on profile edit
- Engine uploads to ALL enabled destinations (BackupEngine + SteppedBackupEngine)
- Migration auto-converts existing SFTP/S3/GDrive/FTP profile columns to new table
- Backward compatibility: falls back to legacy single-remote columns if table empty
- Secrets masked in API responses, merged from DB on save
### Added — Content Snapshots
- Lightweight JSON snapshots of articles, categories, and modules
- Includes tags, custom fields, workflow associations, field values
- Restore modes: Replace (clean slate), Merge (upsert), Selective (per-article)
- Snapshot retention: max count + max age with automatic cleanup
- Scheduled snapshot task via com_scheduler
- CLI: `mokosuitebackup:snapshot create|restore|list|delete`
- REST API: create, list, restore, delete, download snapshots
- Tabbed browse modal: Articles / Categories / Modules with item counts
### Added — SFTP Remote Storage
- SFTP support with SSH key file authentication (key stored base64 in database)
- Auth type dropdown: Password / Key File / Key File + Passphrase
- SshKeyField: file upload via FileReader, key never exposed in HTML
- SFTP remote directory browser for path selection
- `__KEEP_EXISTING__` sentinel preserves key on profile re-save
### Added — MokoRestore Wizard (9 steps)
- Per-table conflict resolution: Replace / Skip / Merge / Data Only
- Preset buttons: "All Replace", "All Skip", "Everything except users"
- Post-restore actions: reset passwords, hits, versions, sessions, cache
- Auto-detect sanitized passwords and prompt for reset (random temp password)
- Standalone mode: restore.php scans directory for ZIP files
- Wrapped mode: restore.php bundled inside backup ZIP
- Security gate with filesystem verification + path traversal protection
### Added — Data Sanitization
- Sanitize user passwords: replace hashes with invalid sentinel
- Sanitize user emails: replace with dummy values
- Clear session data: exclude `#__session` table
- Preserve super admin credentials (optional)
- GDPR-friendly backup sharing for demos and staging sites
### Added — Backup Engine
- Pre-flight validation: directory, disk space, extensions, credentials, running backups
- Auto-verify archive integrity after creation (ZIP, tar.gz, 7z)
- 7z archive format via system 7za/7z CLI binary with native encryption
- Streaming database dump to temp file (prevents OOM on large sites)
- S3 streaming upload via CURLOPT_PUT (prevents OOM)
- Graceful remote degradation: local backup preserved if upload fails
- DatabaseDumper::dumpToFile() for memory-efficient operation
### Added — Admin UI
- Dashboard: snapshot widget, 30-day backup trend chart, per-profile storage breakdown
- CPanel admin dashboard module (mod_mokosuitebackup_cpanel) with quick actions
- Backup type filter dropdown in backups list
- Backup comparison: select two backups for side-by-side diff
- Archive browser: view files inside backup without extracting
- Manual purge: delete backups older than a date with count preview
- Backup count badges on profile list
- "Do not navigate away" warning in backup/restore progress modals
- Clickable placeholder pills for backup directory and archive name fields
- Comprehensive help modal with absolute/relative/placeholder path documentation
- Placeholder resolution display with EXAMPLE prefix
- All placeholders UPPERCASE: [HOST], [SITE_NAME], [DATE], [DATETIME], etc.
### Added — CLI & API
- `mokosuitebackup:restore` with --files-only, --db-only, --password options
- `mokosuitebackup:snapshot` with create, restore, list, delete actions
- REST API for snapshots: create, list, restore, delete, download
- Profile credentials masked in API responses
### Added — Notifications & Logging
- Email/ntfy notifications for site restore, snapshot create/restore
- Joomla Action Logs for restore, snapshot, and snapshot restore events
- Global ntfy server/topic/token settings (fallback for profiles)
### Added — Security & Configuration
- Webcron secret field with CSPRNG generator + strength meter
- IP whitelist field with current IP detection + one-click "Add my IP"
- 10 ACL permissions with full enforcement audit across all controllers
- Config defaults: archive format, MokoRestore mode, sanitization settings
- Path traversal protection on all archive extraction (ZIP, tar.gz, JPA)
### Fixed
- CLI RestoreCommand passed wrong arguments (filepath instead of record ID)
- JPA path traversal: reject `../` in archive entry paths
- S3Uploader OOM: streaming upload instead of file_get_contents
- DatabaseDumper OOM: streaming to file instead of in-memory string
- AkeebaImporter: removed unserialize() (PHP object injection risk)
- BackupTable: delete DB row before file (prevents data loss)
- RestoreEngine: staging path sanitized with preg_replace
- API profiles: sensitive fields masked with `***`
- Webcron: missing return after sendJsonResponse on auth failure
- loadFormData(): cast array to object (PHP 8.x TypeError fix)
- MokoRestore data-only mode: uses REPLACE INTO for existing rows
- Plaintext archive deleted on encryption failure
- TarGzArchiver: intermediate .tar cleaned in finally block
- Install script: single-line comments converted to block comments
- Orphaned root-level webservices plugin files removed
- include_mokorestore column: TINYINT changed to VARCHAR(20)
- Snapshot fields_values: scoped dump and restore to com_content.article (previously destroyed values for contacts, users, etc.)
- Run Backup button: accept CSRF token from GET (fixes "token did not match" on profile edit)
- SFTP fields: moved into remote fieldset for showon visibility; removed required attr that blocked non-SFTP saves
- Script.php merge conflict markers resolved
## [01.24.00] — 2026-06-02
### Added
- Initial release: full-site backup and restore for Joomla 6
- Database, files, and configuration backup
- ZIP and tar.gz archive formats with AES-256 encryption
- Differential backups based on file manifests
- FTP/FTPS, S3, Google Drive remote storage
- MokoRestore standalone restore wizard
- CLI backup and restore commands
- REST API for remote management
- Scheduled tasks via com_scheduler
- Email and ntfy push notifications
- Per-profile retention, exclusions, and notifications
- Akeeba Backup migration tool
- Admin dashboard with system health checks
+1 -1
View File
@@ -23,7 +23,7 @@ DEFGROUP: Template-Joomla
INGROUP: Template-Joomla.Documentation INGROUP: Template-Joomla.Documentation
REPO: https://git.mokoconsulting.tech/MokoConsulting/Template-Joomla REPO: https://git.mokoconsulting.tech/MokoConsulting/Template-Joomla
PATH: /SECURITY.md PATH: /SECURITY.md
VERSION: 02.52.18 VERSION: 01.45.07
BRIEF: Security vulnerability reporting and handling policy BRIEF: Security vulnerability reporting and handling policy
--> -->
@@ -7,7 +7,7 @@
--> -->
<extension type="component" method="upgrade"> <extension type="component" method="upgrade">
<name>MokoSuiteBackup</name> <name>MokoSuiteBackup</name>
<version>02.52.18</version> <version>01.45.07</version>
<creationDate>2026-06-02</creationDate> <creationDate>2026-06-02</creationDate>
<author>Moko Consulting</author> <author>Moko Consulting</author>
<authorEmail>hello@mokoconsulting.tech</authorEmail> <authorEmail>hello@mokoconsulting.tech</authorEmail>
@@ -0,0 +1 @@
/* 01.44.02 — no schema changes */
@@ -0,0 +1 @@
/* 01.44.03 — no schema changes */
@@ -1 +0,0 @@
/* 01.45.00 — no schema changes */
@@ -0,0 +1 @@
/* 01.45.02 — no schema changes */
@@ -0,0 +1 @@
/* 01.45.03 — no schema changes */
@@ -0,0 +1 @@
/* 01.45.05 — no schema changes */
@@ -0,0 +1 @@
/* 01.45.06 — no schema changes */
@@ -0,0 +1 @@
/* 01.45.07 — no schema changes */
@@ -1 +0,0 @@
/* 02.52.16 — no schema changes */
@@ -1 +0,0 @@
/* 02.52.17 — no schema changes */
@@ -1 +0,0 @@
/* 02.52.18 — no schema changes */
@@ -547,16 +547,7 @@ class BackupEngine
*/ */
private function createUploaderFromParams(string $type, array $params): RemoteUploaderInterface private function createUploaderFromParams(string $type, array $params): RemoteUploaderInterface
{ {
$prefixMap = ['ftp' => 'ftp_', 'sftp' => 'sftp_', 's3' => 's3_', 'google_drive' => 'gdrive_']; $fake = (object) $params;
$prefix = $prefixMap[$type] ?? '';
$prefixed = [];
foreach ($params as $key => $value) {
$prefixed[$prefix . $key] = $value;
}
$fake = (object) $prefixed;
return match ($type) { return match ($type) {
'ftp' => new FtpUploader($fake), 'ftp' => new FtpUploader($fake),
@@ -346,9 +346,6 @@ define('MOKOJOOMBACKUP_RESTORE', 1);
define('RESTORE_DIR', __DIR__); define('RESTORE_DIR', __DIR__);
define('BACKUP_FILE', RESTORE_DIR . '/site-backup.zip'); define('BACKUP_FILE', RESTORE_DIR . '/site-backup.zip');
error_log('MokoRestore: Script loaded — RESTORE_DIR=' . RESTORE_DIR);
error_log('MokoRestore: PHP ' . PHP_VERSION . ', SAPI=' . php_sapi_name() . ', memory_limit=' . ini_get('memory_limit'));
session_start(); session_start();
if (empty($_SESSION['restore_token'])) { if (empty($_SESSION['restore_token'])) {
@@ -361,37 +358,25 @@ $token = $_SESSION['restore_token'];
// Write a security file to the web root with a random code. // Write a security file to the web root with a random code.
// The user must read the code from the file and enter it in the browser // The user must read the code from the file and enter it in the browser
// to prove they have filesystem access before any restore actions are allowed. // to prove they have filesystem access before any restore actions are allowed.
$securityFile = RESTORE_DIR . '/mokorestore-security.php'; $securityFile = RESTORE_DIR . '/.mokorestore-security.php';
$securityCode = $_SESSION['security_code'] ?? ''; $securityCode = $_SESSION['security_code'] ?? '';
if (empty($securityCode)) { if (empty($securityCode)) {
$securityCode = strtoupper(substr(bin2hex(random_bytes(4)), 0, 8)); $securityCode = strtoupper(substr(bin2hex(random_bytes(4)), 0, 8));
$_SESSION['security_code'] = $securityCode; $_SESSION['security_code'] = $securityCode;
$_SESSION['security_verified'] = false; $_SESSION['security_verified'] = false;
}
// Write (or recreate) the security file whenever verification is still pending
if (empty($_SESSION['security_verified']) && !is_file($securityFile)) {
error_log('MokoRestore: Writing security file: ' . $securityFile);
error_log('MokoRestore: Target directory: ' . RESTORE_DIR . ' (writable: ' . (is_writable(RESTORE_DIR) ? 'yes' : 'NO') . ')');
// Write security file with the code
$securityContent = "<?php die('MokoRestore Security Code: " . $securityCode . "'); ?>\n" $securityContent = "<?php die('MokoRestore Security Code: " . $securityCode . "'); ?>\n"
. "MokoRestore Security Verification\n" . "MokoRestore Security Verification\n"
. "==================================\n" . "==================================\n"
. "Code: " . $securityCode . "\n" . "Code: " . $securityCode . "\n"
. "Enter this code in the MokoRestore browser interface to proceed.\n" . "Enter this code in the MokoRestore browser interface to proceed.\n"
. "This file will be deleted automatically after verification.\n"; . "This file will be deleted automatically after verification.\n";
if (file_put_contents($securityFile, $securityContent) === false) {
$written = @file_put_contents($securityFile, $securityContent); // Cannot write security file — skip verification to avoid locking user out
if ($written === false) {
$err = error_get_last();
error_log('MokoRestore: FAILED to write security file — ' . ($err['message'] ?? 'unknown error'));
error_log('MokoRestore: Directory permissions: ' . decoct(@fileperms(RESTORE_DIR) & 0777) . ', owner: ' . @fileowner(RESTORE_DIR) . ', PHP user: ' . (function_exists('posix_getuid') ? posix_getuid() : 'n/a'));
error_log('MokoRestore: Security verification SKIPPED — user will not be challenged');
$_SESSION['security_verified'] = true; $_SESSION['security_verified'] = true;
} else { error_log('MokoRestore: Cannot write security file — verification skipped (check directory permissions)');
error_log('MokoRestore: Security file created (' . $written . ' bytes)');
} }
} }
@@ -402,17 +387,15 @@ if ($_SERVER['REQUEST_METHOD'] === 'POST' && isset($_POST['action']) && $_POST['
if ($inputCode === $securityCode) { if ($inputCode === $securityCode) {
$_SESSION['security_verified'] = true; $_SESSION['security_verified'] = true;
error_log('MokoRestore: Security code VERIFIED');
// Delete the security file
if (is_file($securityFile)) { if (is_file($securityFile)) {
@unlink($securityFile); @unlink($securityFile);
error_log('MokoRestore: Security file deleted');
} }
echo json_encode(['success' => true, 'message' => 'Security verified']); echo json_encode(['success' => true, 'message' => 'Security verified']);
} else { } else {
error_log('MokoRestore: Security code REJECTED (input=' . $inputCode . ')'); echo json_encode(['success' => false, 'message' => 'Incorrect security code. Check the file: .mokorestore-security.php']);
echo json_encode(['success' => false, 'message' => 'Incorrect security code. Check the file: mokorestore-security.php']);
} }
exit; exit;
@@ -431,7 +414,7 @@ if ($_SERVER['REQUEST_METHOD'] === 'POST' && isset($_POST['action'])) {
} }
if (!$securityVerified) { if (!$securityVerified) {
echo json_encode(['success' => false, 'message' => 'Security verification required. Enter the code from mokorestore-security.php']); echo json_encode(['success' => false, 'message' => 'Security verification required. Enter the code from .mokorestore-security.php']);
exit; exit;
} }
@@ -441,12 +424,9 @@ if ($_SERVER['REQUEST_METHOD'] === 'POST' && isset($_POST['action'])) {
@ignore_user_abort(true); @ignore_user_abort(true);
try { try {
error_log('MokoRestore: Action dispatched — ' . $_POST['action']);
$result = handleAction($_POST['action'], $_POST); $result = handleAction($_POST['action'], $_POST);
error_log('MokoRestore: Action ' . $_POST['action'] . ' completed — ' . ($result['success'] ? 'OK' : 'FAIL: ' . ($result['message'] ?? '')));
echo json_encode($result); echo json_encode($result);
} catch (Throwable $e) { } catch (Throwable $e) {
error_log('MokoRestore: Action ' . $_POST['action'] . ' EXCEPTION — ' . $e->getMessage());
echo json_encode(['success' => false, 'message' => $e->getMessage()]); echo json_encode(['success' => false, 'message' => $e->getMessage()]);
} }
@@ -571,14 +551,10 @@ function actionPreflight(): array
function actionExtract(array $data): array function actionExtract(array $data): array
{ {
error_log('MokoRestore: Extract — target=' . BACKUP_FILE . ', exists=' . (file_exists(BACKUP_FILE) ? 'yes' : 'no'));
if (!file_exists(BACKUP_FILE)) { if (!file_exists(BACKUP_FILE)) {
throw new RuntimeException('Backup file not found: site-backup.zip'); throw new RuntimeException('Backup file not found: site-backup.zip');
} }
error_log('MokoRestore: Extract — archive size=' . number_format(filesize(BACKUP_FILE) / 1048576, 2) . ' MB');
$zip = new ZipArchive(); $zip = new ZipArchive();
if ($zip->open(BACKUP_FILE) !== true) { if ($zip->open(BACKUP_FILE) !== true) {
@@ -615,8 +591,6 @@ function actionExtract(array $data): array
$count = $zip->numFiles; $count = $zip->numFiles;
$zip->close(); $zip->close();
error_log('MokoRestore: Extract — ' . $count . ' files extracted to ' . RESTORE_DIR);
// Pre-fill from configuration.php.bak (sanitized backup) or // Pre-fill from configuration.php.bak (sanitized backup) or
// configuration.php (legacy/unsanitized backup). Skip [SANITIZED:] values. // configuration.php (legacy/unsanitized backup). Skip [SANITIZED:] values.
$existingConfig = []; $existingConfig = [];
@@ -745,8 +719,6 @@ function actionDatabase(array $data): array
$user = $data['db_user'] ?? ''; $user = $data['db_user'] ?? '';
$pass = $data['db_pass'] ?? ''; $pass = $data['db_pass'] ?? '';
error_log('MokoRestore: Database import — host=' . $host . ', db=' . $name . ', user=' . $user);
if (empty($name) || empty($user)) { if (empty($name) || empty($user)) {
throw new RuntimeException('Database name and user are required'); throw new RuntimeException('Database name and user are required');
} }
@@ -754,12 +726,9 @@ function actionDatabase(array $data): array
$sqlFile = RESTORE_DIR . '/database.sql'; $sqlFile = RESTORE_DIR . '/database.sql';
if (!is_file($sqlFile)) { if (!is_file($sqlFile)) {
error_log('MokoRestore: Database import — no database.sql found, skipping');
return ['success' => true, 'message' => 'No database.sql found — skipped', 'statements' => 0, 'errors' => 0]; return ['success' => true, 'message' => 'No database.sql found — skipped', 'statements' => 0, 'errors' => 0];
} }
error_log('MokoRestore: Database import — SQL file size=' . number_format(filesize($sqlFile) / 1048576, 2) . ' MB');
$pdo = new PDO( $pdo = new PDO(
"mysql:host={$host};dbname={$name};charset=utf8mb4", "mysql:host={$host};dbname={$name};charset=utf8mb4",
$user, $user,
@@ -866,14 +835,6 @@ function actionDatabase(array $data): array
$msg .= " ({$errors} warnings)"; $msg .= " ({$errors} warnings)";
} }
error_log('MokoRestore: Database import — ' . $msg);
if (!empty($errorList)) {
foreach ($errorList as $i => $err) {
error_log('MokoRestore: DB error ' . ($i + 1) . ': ' . $err);
}
}
return [ return [
'success' => ($statements > 0 || $errors === 0), 'success' => ($statements > 0 || $errors === 0),
'message' => $msg, 'message' => $msg,
@@ -886,7 +847,6 @@ function actionDatabase(array $data): array
function actionConfig(array $data): array function actionConfig(array $data): array
{ {
error_log('MokoRestore: Config rebuild started');
$host = $data['db_host'] ?? 'localhost'; $host = $data['db_host'] ?? 'localhost';
$dbName = $data['db_name'] ?? ''; $dbName = $data['db_name'] ?? '';
$dbUser = $data['db_user'] ?? ''; $dbUser = $data['db_user'] ?? '';
@@ -907,7 +867,6 @@ function actionConfig(array $data): array
// debug, cache, SEF, editor, etc.). Fall back to existing config // debug, cache, SEF, editor, etc.). Fall back to existing config
// for legacy/unsanitized backups, or build from scratch if neither exists. // for legacy/unsanitized backups, or build from scratch if neither exists.
$basePath = is_file($bakPath) ? $bakPath : (is_file($configPath) ? $configPath : null); $basePath = is_file($bakPath) ? $bakPath : (is_file($configPath) ? $configPath : null);
error_log('MokoRestore: Config — base template: ' . ($basePath ?? 'none (building from scratch)'));
if ($basePath !== null) { if ($basePath !== null) {
$config = file_get_contents($basePath); $config = file_get_contents($basePath);
@@ -960,12 +919,9 @@ function actionConfig(array $data): array
} }
if (file_put_contents($configPath, $config) === false) { if (file_put_contents($configPath, $config) === false) {
error_log('MokoRestore: Config — FAILED to write ' . $configPath);
return ['success' => false, 'message' => 'Failed to write Joomla config file — check directory permissions']; return ['success' => false, 'message' => 'Failed to write Joomla config file — check directory permissions'];
} }
error_log('MokoRestore: Config — written to ' . $configPath . ' (' . filesize($configPath) . ' bytes)');
// Remove .bak after successful rebuild // Remove .bak after successful rebuild
if (is_file($bakPath)) { if (is_file($bakPath)) {
@unlink($bakPath); @unlink($bakPath);
@@ -1219,8 +1175,6 @@ function actionResetAdmin(array $data): array
$userId = (int) ($data['admin_id'] ?? 0); $userId = (int) ($data['admin_id'] ?? 0);
$password = $data['new_password'] ?? ''; $password = $data['new_password'] ?? '';
error_log('MokoRestore: Admin password reset — user_id=' . $userId);
if ($userId < 1 || strlen($password) < 8) { if ($userId < 1 || strlen($password) < 8) {
throw new RuntimeException('Select an admin and enter a password (8+ characters)'); throw new RuntimeException('Select an admin and enter a password (8+ characters)');
} }
@@ -1234,7 +1188,6 @@ function actionResetAdmin(array $data): array
throw new RuntimeException('User not found or password unchanged'); throw new RuntimeException('User not found or password unchanged');
} }
error_log('MokoRestore: Admin password reset — success');
return ['success' => true, 'message' => 'Admin password updated successfully']; return ['success' => true, 'message' => 'Admin password updated successfully'];
} }
@@ -1244,7 +1197,6 @@ function actionPostRestore(array $data): array
$prefix = getValidatedPrefix($data); $prefix = getValidatedPrefix($data);
$tasks = json_decode($data['tasks'] ?? '[]', true) ?: []; $tasks = json_decode($data['tasks'] ?? '[]', true) ?: [];
$results = []; $results = [];
error_log('MokoRestore: Post-restore — ' . count($tasks) . ' task(s): ' . implode(', ', $tasks));
foreach ($tasks as $task) { foreach ($tasks as $task) {
try { try {
@@ -1367,7 +1319,6 @@ function actionProvision(array $data): array
$prefix = getValidatedPrefix($data); $prefix = getValidatedPrefix($data);
$tasks = json_decode($data['tasks'] ?? '[]', true) ?: []; $tasks = json_decode($data['tasks'] ?? '[]', true) ?: [];
$results = []; $results = [];
error_log('MokoRestore: Provisioning — ' . count($tasks) . ' task(s): ' . implode(', ', $tasks));
foreach ($tasks as $task) { foreach ($tasks as $task) {
try { try {
@@ -1444,24 +1395,16 @@ function actionProvision(array $data): array
function actionCleanup(): array function actionCleanup(): array
{ {
error_log('MokoRestore: Cleanup started');
$removed = []; $removed = [];
foreach (['database.sql', 'site-backup.zip', 'mokorestore-security.php'] as $file) { foreach (['database.sql', 'site-backup.zip'] as $file) {
$path = RESTORE_DIR . '/' . $file; $path = RESTORE_DIR . '/' . $file;
if (is_file($path)) { if (is_file($path) && @unlink($path)) {
if (@unlink($path)) { $removed[] = $file;
$removed[] = $file;
error_log('MokoRestore: Cleanup — removed ' . $file);
} else {
error_log('MokoRestore: Cleanup — FAILED to remove ' . $file);
}
} }
} }
error_log('MokoRestore: Cleanup complete — removed ' . count($removed) . ' file(s)');
return [ return [
'success' => true, 'success' => true,
'message' => 'Removed: ' . (empty($removed) ? '(none)' : implode(', ', $removed)) 'message' => 'Removed: ' . (empty($removed) ? '(none)' : implode(', ', $removed))
@@ -1627,14 +1570,14 @@ body{font-family:-apple-system,BlinkMacSystemFont,'Segoe UI',Roboto,'Helvetica N
<!-- Step 0: Security Verification --> <!-- Step 0: Security Verification -->
<div class="mr-panel <?php echo $securityVerified ? '' : 'visible'; ?>" id="panel0"> <div class="mr-panel <?php echo $securityVerified ? '' : 'visible'; ?>" id="panel0">
<h2>Security Verification</h2> <h2>Security Verification</h2>
<p class="mr-desc">To prevent unauthorized access, enter the security code from the file <code>mokorestore-security.php</code> in your site root.</p> <p class="mr-desc">To prevent unauthorized access, enter the security code from the file <code>.mokorestore-security.php</code> in your site root.</p>
<div style="border:1px solid #e2e8f0;border-radius:8px;padding:1.25rem;margin-bottom:1.25rem;background:#f8fafc"> <div style="border:1px solid #e2e8f0;border-radius:8px;padding:1.25rem;margin-bottom:1.25rem;background:#f8fafc">
<div style="font-weight:600;font-size:0.9rem;color:#334155;margin-bottom:1rem;display:flex;align-items:center;gap:0.5rem"> <div style="font-weight:600;font-size:0.9rem;color:#334155;margin-bottom:1rem;display:flex;align-items:center;gap:0.5rem">
<span style="font-size:1.1rem">&#128274;</span> How to find the code <span style="font-size:1.1rem">&#128274;</span> How to find the code
</div> </div>
<ol style="margin:0;padding-left:1.25rem;color:#475569;font-size:0.9rem;line-height:1.6"> <ol style="margin:0;padding-left:1.25rem;color:#475569;font-size:0.9rem;line-height:1.6">
<li>Connect to your server via FTP, SSH, or file manager</li> <li>Connect to your server via FTP, SSH, or file manager</li>
<li>Open <code>mokorestore-security.php</code> in the site root directory</li> <li>Open <code>.mokorestore-security.php</code> in the site root directory</li>
<li>Copy the 8-character code and enter it below</li> <li>Copy the 8-character code and enter it below</li>
</ol> </ol>
</div> </div>
@@ -394,14 +394,8 @@ class SteppedBackupEngine
$restoreScriptName = MokoRestore::sanitizeScriptName($restoreScriptName); $restoreScriptName = MokoRestore::sanitizeScriptName($restoreScriptName);
$restoreDir = dirname($session->archivePath); $restoreDir = dirname($session->archivePath);
$session->restoreScriptPath = $restoreDir . '/' . $restoreScriptName; $session->restoreScriptPath = $restoreDir . '/' . $restoreScriptName;
MokoRestore::generateStandalone($session->restoreScriptPath);
try { $session->log('Standalone ' . $restoreScriptName . ' generated');
MokoRestore::generateStandalone($session->restoreScriptPath);
$session->log('Standalone ' . $restoreScriptName . ' generated');
} catch (\Throwable $e) {
$session->log('MokoRestore error: ' . $e->getMessage() . ' in ' . $e->getFile() . ':' . $e->getLine());
$session->log('Stack trace: ' . $e->getTraceAsString());
}
} }
// Update record // Update record
@@ -889,16 +883,7 @@ class SteppedBackupEngine
*/ */
private function createUploaderFromParams(string $type, array $params): RemoteUploaderInterface private function createUploaderFromParams(string $type, array $params): RemoteUploaderInterface
{ {
$prefixMap = ['ftp' => 'ftp_', 'sftp' => 'sftp_', 's3' => 's3_', 'google_drive' => 'gdrive_']; $fake = (object) $params;
$prefix = $prefixMap[$type] ?? '';
$prefixed = [];
foreach ($params as $key => $value) {
$prefixed[$prefix . $key] = $value;
}
$fake = (object) $prefixed;
return match ($type) { return match ($type) {
'ftp' => new FtpUploader($fake), 'ftp' => new FtpUploader($fake),
@@ -8,7 +8,7 @@
--> -->
<extension type="module" client="administrator" method="upgrade"> <extension type="module" client="administrator" method="upgrade">
<name>mod_mokosuitebackup_cpanel</name> <name>mod_mokosuitebackup_cpanel</name>
<version>02.52.18</version> <version>01.45.07</version>
<creationDate>2026-06-23</creationDate> <creationDate>2026-06-23</creationDate>
<author>Moko Consulting</author> <author>Moko Consulting</author>
<authorEmail>hello@mokoconsulting.tech</authorEmail> <authorEmail>hello@mokoconsulting.tech</authorEmail>
@@ -7,7 +7,7 @@
--> -->
<extension type="plugin" group="actionlog" method="upgrade"> <extension type="plugin" group="actionlog" method="upgrade">
<name>Action Log - MokoSuiteBackup</name> <name>Action Log - MokoSuiteBackup</name>
<version>02.52.18</version> <version>01.45.07</version>
<creationDate>2026-06-04</creationDate> <creationDate>2026-06-04</creationDate>
<author>Moko Consulting</author> <author>Moko Consulting</author>
<authorEmail>hello@mokoconsulting.tech</authorEmail> <authorEmail>hello@mokoconsulting.tech</authorEmail>
@@ -7,7 +7,7 @@
--> -->
<extension type="plugin" group="console" method="upgrade"> <extension type="plugin" group="console" method="upgrade">
<name>Console - MokoSuiteBackup</name> <name>Console - MokoSuiteBackup</name>
<version>02.52.18</version> <version>01.45.07</version>
<creationDate>2026-06-04</creationDate> <creationDate>2026-06-04</creationDate>
<author>Moko Consulting</author> <author>Moko Consulting</author>
<authorEmail>hello@mokoconsulting.tech</authorEmail> <authorEmail>hello@mokoconsulting.tech</authorEmail>
@@ -7,7 +7,7 @@
--> -->
<extension type="plugin" group="content" method="upgrade"> <extension type="plugin" group="content" method="upgrade">
<name>Content - MokoSuiteBackup</name> <name>Content - MokoSuiteBackup</name>
<version>02.52.18</version> <version>01.45.07</version>
<creationDate>2026-06-04</creationDate> <creationDate>2026-06-04</creationDate>
<author>Moko Consulting</author> <author>Moko Consulting</author>
<authorEmail>hello@mokoconsulting.tech</authorEmail> <authorEmail>hello@mokoconsulting.tech</authorEmail>
@@ -1,7 +1,7 @@
<?xml version="1.0" encoding="UTF-8"?> <?xml version="1.0" encoding="UTF-8"?>
<extension type="plugin" group="quickicon" method="upgrade"> <extension type="plugin" group="quickicon" method="upgrade">
<name>Quick Icon - MokoSuiteBackup</name> <name>Quick Icon - MokoSuiteBackup</name>
<version>02.52.18</version> <version>01.45.07</version>
<creationDate>2026-06-02</creationDate> <creationDate>2026-06-02</creationDate>
<author>Moko Consulting</author> <author>Moko Consulting</author>
<authorEmail>hello@mokoconsulting.tech</authorEmail> <authorEmail>hello@mokoconsulting.tech</authorEmail>
@@ -7,7 +7,7 @@
--> -->
<extension type="plugin" group="system" method="upgrade"> <extension type="plugin" group="system" method="upgrade">
<name>System - MokoSuiteBackup</name> <name>System - MokoSuiteBackup</name>
<version>02.52.18</version> <version>01.45.07</version>
<creationDate>2026-06-02</creationDate> <creationDate>2026-06-02</creationDate>
<author>Moko Consulting</author> <author>Moko Consulting</author>
<authorEmail>hello@mokoconsulting.tech</authorEmail> <authorEmail>hello@mokoconsulting.tech</authorEmail>
@@ -7,7 +7,7 @@
--> -->
<extension type="plugin" group="task" method="upgrade"> <extension type="plugin" group="task" method="upgrade">
<name>Task - MokoSuiteBackup</name> <name>Task - MokoSuiteBackup</name>
<version>02.52.18</version> <version>01.45.07</version>
<creationDate>2026-06-02</creationDate> <creationDate>2026-06-02</creationDate>
<author>Moko Consulting</author> <author>Moko Consulting</author>
<authorEmail>hello@mokoconsulting.tech</authorEmail> <authorEmail>hello@mokoconsulting.tech</authorEmail>
@@ -7,7 +7,7 @@
--> -->
<extension type="plugin" group="webservices" method="upgrade"> <extension type="plugin" group="webservices" method="upgrade">
<name>Web Services - MokoSuiteBackup</name> <name>Web Services - MokoSuiteBackup</name>
<version>02.52.18</version> <version>01.45.07</version>
<creationDate>2026-06-02</creationDate> <creationDate>2026-06-02</creationDate>
<author>Moko Consulting</author> <author>Moko Consulting</author>
<authorEmail>hello@mokoconsulting.tech</authorEmail> <authorEmail>hello@mokoconsulting.tech</authorEmail>
+3 -4
View File
@@ -8,14 +8,14 @@
<extension type="package" method="upgrade"> <extension type="package" method="upgrade">
<name>Package - MokoSuiteBackup</name> <name>Package - MokoSuiteBackup</name>
<packagename>mokosuitebackup</packagename> <packagename>mokosuitebackup</packagename>
<version>02.52.18</version> <version>01.45.07</version>
<creationDate>2026-06-02</creationDate> <creationDate>2026-06-02</creationDate>
<author>Moko Consulting</author> <author>Moko Consulting</author>
<authorEmail>hello@mokoconsulting.tech</authorEmail> <authorEmail>hello@mokoconsulting.tech</authorEmail>
<authorUrl>https://mokoconsulting.tech</authorUrl> <authorUrl>https://mokoconsulting.tech</authorUrl>
<copyright>Copyright (C) 2026 Moko Consulting. All rights reserved.</copyright> <copyright>Copyright (C) 2026 Moko Consulting. All rights reserved.</copyright>
<license>GPL-3.0-or-later</license> <license>GPL-3.0-or-later</license>
<description>PKG_MOKOJOOMBACKUP_DESCRIPTION</description> <description>PKG_MOKOJOOMBCKUP_DESCRIPTION</description>
<scriptfile>script.php</scriptfile> <scriptfile>script.php</scriptfile>
@@ -29,7 +29,6 @@
<file type="plugin" id="mokosuitebackup" group="content">plg_content_mokosuitebackup.zip</file> <file type="plugin" id="mokosuitebackup" group="content">plg_content_mokosuitebackup.zip</file>
<file type="plugin" id="mokosuitebackup" group="actionlog">plg_actionlog_mokosuitebackup.zip</file> <file type="plugin" id="mokosuitebackup" group="actionlog">plg_actionlog_mokosuitebackup.zip</file>
<file type="module" id="mod_mokosuitebackup_cpanel" client="administrator">mod_mokosuitebackup_cpanel.zip</file> <file type="module" id="mod_mokosuitebackup_cpanel" client="administrator">mod_mokosuitebackup_cpanel.zip</file>
<file type="package" id="pkg_mokosuiteclient">MokoSuiteClient.zip</file>
</files> </files>
<languages> <languages>
@@ -37,7 +36,7 @@
</languages> </languages>
<updateservers> <updateservers>
<server type="extension" name="MokoSuiteBackup Updates">https://git.mokoconsulting.tech/MokoConsulting/MokoSuiteBackup/updates.xml</server> <server type="extension" name="MokoSuiteBackup Updates">https://git.mokoconsulting.tech/api/packages/MokoConsulting/generic/MokoSuiteBackup/latest/updates.xml</server>
</updateservers> </updateservers>
<dlid prefix="dlid=" suffix=""/> <dlid prefix="dlid=" suffix=""/>
<blockChildUninstall>true</blockChildUninstall> <blockChildUninstall>true</blockChildUninstall>