MokoConsulting/MokoSuiteBackup
1
0
Fork 0
Code Issues 5 Pull Requests Packages Releases 3 Wiki Activity

feat: per-profile retention, ntfy notifications, extension checks #46

Merged
jmiller merged 20 commits from dev into main 2026-06-18 16:07:21 +00:00
Conversation 0 Commits 20 Files Changed 26
+423 -112
jmiller commented 2026-06-18 15:09:52 +00:00
Owner
Copy Link
Copy Source

Summary

Per-profile Backup Retention

  • retention_days and retention_count fields per profile (0 = use global default)
  • Cleanup logic iterates per-profile with individual thresholds
  • Orphaned records cleaned up, log files removed alongside archives
  • deleteBackupRecord() helper with error logging

ntfy Push Notifications

  • Per-profile ntfy topic, server URL, and access token
  • Priority 5 (urgent) for failures, 3 (default) for success
  • cURL extension check before sending
  • 10-second timeout, truncated response logging

Database Prefix Abstraction

  • Database dumps use #__ placeholder instead of live prefix
  • Backups portable across sites with different prefixes
  • Both DatabaseImporter and MokoRestore replace #__ with target prefix on import

Stepped Backup Improvements

  • Notifications (email + ntfy) now fire on both success and failure
  • SHA-256 checksum computed and stored on completion
  • Download link includes CSRF token (fixes security token error)

MokoRestore Security Gate

  • Writes .mokorestore-security.php with random 8-char code to site root
  • User must enter code from filesystem to prove server access
  • All actions blocked until verified, file auto-deleted after

PHP Extension Checks (#22)

  • BackupEngine checks zip, pdo, pdo_mysql, mbstring before running
  • Installer preflight warns about missing extensions
  • composer.json declares all six required extensions

Error Handling (Review Fixes)

  • Wrap cleanupOldBackups() in try-catch (prevents admin panel crash)
  • Failure notification record includes all required fields
  • deleteBackupRecord() logs unlink failures, wraps DB delete in try-catch
  • runPreActionBackup catches \Throwable instead of \Exception
  • Encryption warns on skipped files
  • sendNtfy checks for ext-curl before curl_init()

Test plan

  • Backup with DB: verify database.sql uses #__ prefix
  • Restore with MokoRestore: verify prefix replacement works
  • ntfy notification: all fields populated (type, archive, size)
  • Security gate: code required before any restore actions
  • Per-profile retention: different days/count per profile
  • Download button: no CSRF token error
  • Stepped backup: checksum stored, notifications sent
## Summary ### Per-profile Backup Retention - `retention_days` and `retention_count` fields per profile (0 = use global default) - Cleanup logic iterates per-profile with individual thresholds - Orphaned records cleaned up, log files removed alongside archives - `deleteBackupRecord()` helper with error logging ### ntfy Push Notifications - Per-profile ntfy topic, server URL, and access token - Priority 5 (urgent) for failures, 3 (default) for success - cURL extension check before sending - 10-second timeout, truncated response logging ### Database Prefix Abstraction - Database dumps use `#__` placeholder instead of live prefix - Backups portable across sites with different prefixes - Both DatabaseImporter and MokoRestore replace `#__` with target prefix on import ### Stepped Backup Improvements - Notifications (email + ntfy) now fire on both success and failure - SHA-256 checksum computed and stored on completion - Download link includes CSRF token (fixes security token error) ### MokoRestore Security Gate - Writes `.mokorestore-security.php` with random 8-char code to site root - User must enter code from filesystem to prove server access - All actions blocked until verified, file auto-deleted after ### PHP Extension Checks (#22) - BackupEngine checks zip, pdo, pdo_mysql, mbstring before running - Installer preflight warns about missing extensions - composer.json declares all six required extensions ### Error Handling (Review Fixes) - Wrap cleanupOldBackups() in try-catch (prevents admin panel crash) - Failure notification record includes all required fields - deleteBackupRecord() logs unlink failures, wraps DB delete in try-catch - runPreActionBackup catches \Throwable instead of \Exception - Encryption warns on skipped files - sendNtfy checks for ext-curl before curl_init() ## Test plan - [ ] Backup with DB: verify database.sql uses `#__` prefix - [ ] Restore with MokoRestore: verify prefix replacement works - [ ] ntfy notification: all fields populated (type, archive, size) - [ ] Security gate: code required before any restore actions - [ ] Per-profile retention: different days/count per profile - [ ] Download button: no CSRF token error - [ ] Stepped backup: checksum stored, notifications sent
jmiller added 10 commits 2026-06-18 15:09:52 +00:00
feat: per-profile backup retention (days and count)
Generic: Repo Health / Access control (push) Successful in 1s
Details
Generic: Repo Health / Site Health (push) Has been skipped
Details
Universal: Auto Version Bump / Version Bump (push) Successful in 3s
Details
Generic: Project CI / Lint & Validate (push) Successful in 8s
Details
Universal: Pre-Release / Build Pre-Release (${{ inputs.stability || github.ref_name }}) (push) Successful in 6s
Details
Generic: Project CI / Tests (push) Has been cancelled
Details
Generic: Repo Health / Scripts governance (push) Has been cancelled
Details
Generic: Repo Health / Repository health (push) Has been cancelled
Details
Generic: Repo Health / Report Issues (push) Has been cancelled
Details
11141f27f4 
Each profile can now set its own retention_days and retention_count.
A value of 0 means use the global default from component options.

Cleanup logic refactored to iterate per-profile with individual
retention thresholds. Also cleans up orphaned records where the
parent profile was deleted. Log files alongside archives are now
removed during cleanup.

Extracted deleteBackupRecord() helper for consistent file+DB cleanup.
chore(version): pre-release bump to 01.21.01-dev [skip ci] d8367d7beb
chore(version): pre-release bump to 01.22.00-rc [skip ci] 9a908e2e3c
chore(version): pre-release bump to 01.22.01-dev [skip ci] dd09b65cc4
chore(version): pre-release bump to 01.22.02-dev [skip ci] b3928915fe
fix: expand PHP extension checks (#22)
Generic: Project CI / Tests (push) Blocked by required conditions
Details
Generic: Repo Health / Scripts governance (push) Blocked by required conditions
Details
Generic: Repo Health / Repository health (push) Blocked by required conditions
Details
Generic: Repo Health / Report Issues (push) Blocked by required conditions
Details
Generic: Repo Health / Access control (push) Successful in 1s
Details
Generic: Repo Health / Site Health (push) Has been skipped
Details
Universal: Auto Version Bump / Version Bump (push) Successful in 4s
Details
Generic: Project CI / Lint & Validate (push) Successful in 8s
Details
Universal: Pre-Release / Build Pre-Release (${{ inputs.stability || github.ref_name }}) (push) Successful in 5s
Details
2a4676c999 
BackupEngine: check ext-zip, ext-pdo, ext-pdo_mysql, ext-mbstring
before running (was only zip + mbstring).

Installer preflight: warn about missing extensions (zip, pdo,
pdo_mysql, mbstring, curl) during install/update. Warns but does
not block installation so the component can still be configured.

MokoRestore already checks ext-zip, ext-pdo_mysql, ext-mbstring,
ext-json in its preflight step.

composer.json already declares all six extensions as requirements
(zip, pdo, pdo_mysql, curl, ftp, mbstring) — composer install
fails if any are missing, which CI enforces.

Closes #22
chore(version): pre-release bump to 01.22.03-dev [skip ci] 2c58ebed38
chore(version): pre-release bump to 01.22.04-dev [skip ci] ee48b150f5
fix: include backup_type and archivename in notification record
Generic: Project CI / Tests (push) Blocked by required conditions
Details
Generic: Repo Health / Scripts governance (push) Blocked by required conditions
Details
Generic: Repo Health / Repository health (push) Blocked by required conditions
Details
Generic: Repo Health / Report Issues (push) Blocked by required conditions
Details
Generic: Repo Health / Site Health (push) Has been skipped
Details
Generic: Repo Health / Access control (push) Successful in 1s
Details
Universal: Auto Version Bump / Version Bump (push) Successful in 4s
Details
Generic: Project CI / Lint & Validate (push) Successful in 18s
Details
b2eab66d27 
The update object passed to NotificationSender only had fields
being updated in the DB (total_size, checksum, etc). It was missing
backup_type, archivename, description, origin, and backupstart —
which are set on the initial insert and don't change. This caused
ntfy notifications to show empty Type and Archive fields.
chore(version): pre-release bump to 01.22.05-dev [skip ci] 6810edcd7f
jmiller added 1 commit 2026-06-18 15:19:47 +00:00
fix: notifications for AJAX backups, download CSRF token
Generic: Project CI / Tests (push) Blocked by required conditions
Details
Generic: Project CI / Tests (pull_request) Blocked by required conditions
Details
Joomla: Extension CI / Tests (PHP 8.2) (pull_request) Blocked by required conditions
Details
Generic: Repo Health / Scripts governance (push) Blocked by required conditions
Details
Joomla: Extension CI / Tests (PHP 8.3) (pull_request) Blocked by required conditions
Details
Generic: Repo Health / Repository health (push) Blocked by required conditions
Details
Joomla: Extension CI / PHPStan Analysis (pull_request) Blocked by required conditions
Details
Joomla: Extension CI / Build RC Pre-Release (pull_request) Blocked by required conditions
Details
Generic: Repo Health / Report Issues (push) Blocked by required conditions
Details
Universal: PR Check / Build RC Package (pull_request) Blocked by required conditions
Details
Universal: PR Check / Report Issues (pull_request) Blocked by required conditions
Details
Generic: Repo Health / Scripts governance (pull_request) Blocked by required conditions
Details
Generic: Repo Health / Repository health (pull_request) Blocked by required conditions
Details
Generic: Repo Health / Report Issues (pull_request) Blocked by required conditions
Details
Generic: Repo Health / Site Health (push) Has been skipped
Details
Generic: Repo Health / Access control (push) Successful in 1s
Details
Universal: PR Check / Branch Policy (pull_request) Successful in 1s
Details
Universal: Auto Version Bump / Version Bump (push) Successful in 4s
Details
Joomla: Extension CI / Release Readiness Check (pull_request) Failing after 4s
Details
Generic: Repo Health / Access control (pull_request) Successful in 2s
Details
Generic: Repo Health / Site Health (pull_request) Has been skipped
Details
Universal: Secret Scanning / Gitleaks Secret Scan (pull_request) Successful in 7s
Details
Generic: Project CI / Lint & Validate (push) Successful in 11s
Details
Generic: Project CI / Lint & Validate (pull_request) Successful in 11s
Details
Universal: Pre-Release / Build Pre-Release (${{ inputs.stability || github.ref_name }}) (push) Successful in 12s
Details
Universal: PR Check / Validate PR (pull_request) Failing after 48s
Details
Joomla: Extension CI / Lint & Validate (pull_request) Failing after 54s
Details
36ec6dd5a3 
SteppedBackupEngine now sends email + ntfy notifications on both
success (completeRecord) and failure (failRecord). Previously only
BackupEngine (synchronous CLI/toolbar path) sent notifications.

Download link in backups template now includes the CSRF token in
the URL query string, fixing "security token did not match" error
when clicking download buttons.
jmiller added 1 commit 2026-06-18 15:20:02 +00:00
chore(version): pre-release bump to 01.22.06-dev [skip ci] f47a99636b
jmiller added 1 commit 2026-06-18 15:26:51 +00:00
fix: PR #46 review — error handling, failure notifications, cleanup
Generic: Project CI / Tests (push) Blocked by required conditions
Details
Generic: Project CI / Tests (pull_request) Blocked by required conditions
Details
Joomla: Extension CI / Tests (PHP 8.2) (pull_request) Blocked by required conditions
Details
Joomla: Extension CI / Tests (PHP 8.3) (pull_request) Blocked by required conditions
Details
Joomla: Extension CI / PHPStan Analysis (pull_request) Blocked by required conditions
Details
Joomla: Extension CI / Build RC Pre-Release (pull_request) Blocked by required conditions
Details
Generic: Repo Health / Scripts governance (push) Blocked by required conditions
Details
Generic: Repo Health / Repository health (push) Blocked by required conditions
Details
Generic: Repo Health / Report Issues (push) Blocked by required conditions
Details
Universal: PR Check / Build RC Package (pull_request) Blocked by required conditions
Details
Universal: PR Check / Report Issues (pull_request) Blocked by required conditions
Details
Generic: Repo Health / Scripts governance (pull_request) Blocked by required conditions
Details
Generic: Repo Health / Repository health (pull_request) Blocked by required conditions
Details
Generic: Repo Health / Report Issues (pull_request) Blocked by required conditions
Details
Generic: Repo Health / Access control (push) Successful in 1s
Details
Generic: Repo Health / Site Health (push) Has been skipped
Details
Joomla: Extension CI / Release Readiness Check (pull_request) Failing after 7s
Details
Generic: Project CI / Lint & Validate (push) Successful in 11s
Details
Universal: Auto Version Bump / Version Bump (push) Successful in 4s
Details
Universal: PR Check / Branch Policy (pull_request) Successful in 2s
Details
Universal: Secret Scanning / Gitleaks Secret Scan (pull_request) Successful in 10s
Details
Generic: Repo Health / Site Health (pull_request) Has been skipped
Details
Generic: Repo Health / Access control (pull_request) Successful in 2s
Details
Universal: Pre-Release / Build Pre-Release (${{ inputs.stability || github.ref_name }}) (push) Successful in 8s
Details
Universal: PR Check / Validate PR (pull_request) Failing after 8s
Details
Generic: Project CI / Lint & Validate (pull_request) Successful in 35s
Details
Joomla: Extension CI / Lint & Validate (pull_request) Failing after 38s
Details
9656a2a92b 
Critical:
- Wrap cleanupOldBackups() in try-catch to prevent admin panel crash
- Add missing fields (total_size, files_count, etc.) to failure record
  so failure notifications actually send

High:
- Log unlink failures in deleteBackupRecord() instead of silent return
- Wrap DB delete in try-catch so one failed record doesn't abort loop
- Check for ext-curl before calling curl_init() in sendNtfy()

Medium:
- Change runPreActionBackup catch from \Exception to \Throwable
- Log warning for skipped files during archive encryption
- Truncate ntfy response body in error logs (200 chars max)
jmiller added 1 commit 2026-06-18 15:27:11 +00:00
chore(version): pre-release bump to 01.22.07-dev [skip ci] b3e7c8ec72
jmiller added 1 commit 2026-06-18 15:42:13 +00:00
feat: abstract DB prefix, stepped checksum, restore security gate
Generic: Project CI / Tests (push) Blocked by required conditions
Details
Generic: Project CI / Tests (pull_request) Blocked by required conditions
Details
Joomla: Extension CI / Tests (PHP 8.2) (pull_request) Blocked by required conditions
Details
Joomla: Extension CI / Tests (PHP 8.3) (pull_request) Blocked by required conditions
Details
Generic: Repo Health / Scripts governance (push) Blocked by required conditions
Details
Joomla: Extension CI / PHPStan Analysis (pull_request) Blocked by required conditions
Details
Generic: Repo Health / Repository health (push) Blocked by required conditions
Details
Joomla: Extension CI / Build RC Pre-Release (pull_request) Blocked by required conditions
Details
Generic: Repo Health / Report Issues (push) Blocked by required conditions
Details
Universal: PR Check / Build RC Package (pull_request) Blocked by required conditions
Details
Universal: PR Check / Report Issues (pull_request) Blocked by required conditions
Details
Generic: Repo Health / Scripts governance (pull_request) Blocked by required conditions
Details
Generic: Repo Health / Repository health (pull_request) Blocked by required conditions
Details
Generic: Repo Health / Report Issues (pull_request) Blocked by required conditions
Details
Generic: Repo Health / Site Health (push) Has been skipped
Details
Generic: Repo Health / Access control (push) Successful in 1s
Details
Universal: PR Check / Branch Policy (pull_request) Successful in 1s
Details
Joomla: Extension CI / Release Readiness Check (pull_request) Failing after 4s
Details
Generic: Repo Health / Access control (pull_request) Successful in 2s
Details
Generic: Repo Health / Site Health (pull_request) Has been skipped
Details
Universal: Secret Scanning / Gitleaks Secret Scan (pull_request) Successful in 6s
Details
Universal: PR Check / Validate PR (pull_request) Failing after 7s
Details
Universal: Auto Version Bump / Version Bump (push) Successful in 3s
Details
Universal: Pre-Release / Build Pre-Release (${{ inputs.stability || github.ref_name }}) (push) Successful in 6s
Details
Generic: Project CI / Lint & Validate (pull_request) Successful in 32s
Details
Generic: Project CI / Lint & Validate (push) Successful in 32s
Details
Joomla: Extension CI / Lint & Validate (pull_request) Failing after 35s
Details
b2874f32f2 
Database prefix abstraction:
- DatabaseDumper uses #__ placeholder instead of live prefix in all
  SQL output (DROP TABLE, CREATE TABLE, INSERT INTO)
- SteppedBackupEngine::dumpSingleTable() same #__ replacement
- DatabaseImporter replaces #__ with current site prefix on import
- MokoRestore replaces #__ with user-specified prefix on import
- Backups are now portable across sites with different prefixes

Stepped backup checksum:
- completeRecord() now computes and stores SHA-256 checksum

MokoRestore security gate:
- Writes .mokorestore-security.php with random 8-char code to site root
- User must read code from filesystem and enter it in browser
- Proves filesystem access before any restore actions are allowed
- Security file auto-deleted after successful verification
- All AJAX actions blocked until verification completes
jmiller added 1 commit 2026-06-18 15:42:30 +00:00
chore(version): pre-release bump to 01.22.08-dev [skip ci] 682538e4de
jmiller added 1 commit 2026-06-18 15:56:06 +00:00
fix: critical review — infinite recursion, SQL injection, FK prefix
Generic: Project CI / Tests (push) Blocked by required conditions
Details
Generic: Project CI / Tests (pull_request) Blocked by required conditions
Details
Generic: Repo Health / Scripts governance (push) Blocked by required conditions
Details
Joomla: Extension CI / Tests (PHP 8.2) (pull_request) Blocked by required conditions
Details
Generic: Repo Health / Repository health (push) Blocked by required conditions
Details
Joomla: Extension CI / Tests (PHP 8.3) (pull_request) Blocked by required conditions
Details
Joomla: Extension CI / PHPStan Analysis (pull_request) Blocked by required conditions
Details
Generic: Repo Health / Report Issues (push) Blocked by required conditions
Details
Joomla: Extension CI / Build RC Pre-Release (pull_request) Blocked by required conditions
Details
Universal: PR Check / Build RC Package (pull_request) Blocked by required conditions
Details
Universal: PR Check / Report Issues (pull_request) Blocked by required conditions
Details
Generic: Repo Health / Scripts governance (pull_request) Blocked by required conditions
Details
Generic: Repo Health / Repository health (pull_request) Blocked by required conditions
Details
Generic: Repo Health / Report Issues (pull_request) Blocked by required conditions
Details
Generic: Repo Health / Site Health (push) Has been skipped
Details
Generic: Repo Health / Access control (push) Successful in 1s
Details
Universal: PR Check / Branch Policy (pull_request) Successful in 1s
Details
Universal: Auto Version Bump / Version Bump (push) Successful in 4s
Details
Joomla: Extension CI / Release Readiness Check (pull_request) Failing after 5s
Details
Universal: Secret Scanning / Gitleaks Secret Scan (pull_request) Successful in 5s
Details
Generic: Repo Health / Site Health (pull_request) Has been skipped
Details
Generic: Repo Health / Access control (pull_request) Successful in 1s
Details
Universal: PR Check / Validate PR (pull_request) Failing after 7s
Details
Universal: Pre-Release / Build Pre-Release (${{ inputs.stability || github.ref_name }}) (push) Successful in 7s
Details
Generic: Project CI / Lint & Validate (push) Successful in 31s
Details
Generic: Project CI / Lint & Validate (pull_request) Successful in 31s
Details
Joomla: Extension CI / Lint & Validate (pull_request) Failing after 35s
Details
a4c03d0032 
Critical:
- Fix infinite recursion in getValidatedPrefix() — was calling itself
  instead of extracting from $data array
- Fix SQL injection in actionResetAdmin() — prefix not validated,
  now uses getValidatedPrefix()

High:
- Fix prefix abstraction to cover FK REFERENCES — str_replace now
  targets backtick+prefix pattern to catch all table references in
  CREATE TABLE output, not just the current table name

Medium:
- Security gate file write check — skip verification gracefully if
  file cannot be written (don't lock user out)
- Stepped notification catch \Throwable instead of \Exception
jmiller added 1 commit 2026-06-18 15:56:17 +00:00
chore(version): pre-release bump to 01.22.09-dev [skip ci] 7ecc855e40
jmiller added 1 commit 2026-06-18 15:59:51 +00:00
fix: remaining review items — prefix in trailing SQL, dead code, indent
Generic: Project CI / Tests (push) Blocked by required conditions
Details
Generic: Project CI / Tests (pull_request) Blocked by required conditions
Details
Joomla: Extension CI / Tests (PHP 8.2) (pull_request) Blocked by required conditions
Details
Generic: Repo Health / Scripts governance (push) Blocked by required conditions
Details
Joomla: Extension CI / Tests (PHP 8.3) (pull_request) Blocked by required conditions
Details
Generic: Repo Health / Repository health (push) Blocked by required conditions
Details
Joomla: Extension CI / PHPStan Analysis (pull_request) Blocked by required conditions
Details
Joomla: Extension CI / Build RC Pre-Release (pull_request) Blocked by required conditions
Details
Generic: Repo Health / Report Issues (push) Blocked by required conditions
Details
Universal: PR Check / Build RC Package (pull_request) Blocked by required conditions
Details
Universal: PR Check / Report Issues (pull_request) Blocked by required conditions
Details
Generic: Repo Health / Scripts governance (pull_request) Blocked by required conditions
Details
Generic: Repo Health / Repository health (pull_request) Blocked by required conditions
Details
Generic: Repo Health / Report Issues (pull_request) Blocked by required conditions
Details
Generic: Repo Health / Access control (push) Successful in 1s
Details
Universal: Auto Version Bump / Version Bump (push) Successful in 3s
Details
Generic: Repo Health / Site Health (push) Has been skipped
Details
Joomla: Extension CI / Release Readiness Check (pull_request) Failing after 4s
Details
Universal: PR Check / Branch Policy (pull_request) Successful in 1s
Details
Generic: Repo Health / Access control (pull_request) Successful in 1s
Details
Generic: Repo Health / Site Health (pull_request) Has been skipped
Details
Universal: Secret Scanning / Gitleaks Secret Scan (pull_request) Successful in 4s
Details
Universal: Pre-Release / Build Pre-Release (${{ inputs.stability || github.ref_name }}) (push) Successful in 7s
Details
Generic: Project CI / Lint & Validate (push) Successful in 42s
Details
Generic: Project CI / Lint & Validate (pull_request) Successful in 42s
Details
Universal: PR Check / Validate PR (pull_request) Failing after 38s
Details
Joomla: Extension CI / Lint & Validate (pull_request) Failing after 44s
Details
55954ba081 
- DatabaseImporter: apply #__ prefix replacement on trailing statement
  (was missing for SQL not terminated by semicolon)
- SteppedBackupEngine: remove unused DatabaseDumper instantiation
- SteppedBackupEngine: fix misaligned indentation in stepDatabase()
jmiller added 1 commit 2026-06-18 16:00:00 +00:00
chore(version): pre-release bump to 01.22.10-dev [skip ci]
Universal: Build & Release / Promote to RC (pull_request) Has been skipped
Details
Branch Cleanup / Delete merged branch (pull_request) Has been skipped
Details
RC Revert / Rename rc/ back to dev/ (pull_request) Has been skipped
Details
Universal: Build & Release / Build & Release Pipeline (pull_request) Successful in 11s
Details
2e7e49fa60
jmiller merged commit b2630fbc87 into main 2026-06-18 16:07:21 +00:00
Sign in to join this conversation.
Reviewers
No Reviewers
Labels
Clear labels
component: admin
Admin UI and views
 component: api
REST API
 component: engine
Backup/restore engine
 component: remote
Remote storage (FTP/GDrive)
 component: scheduler
Scheduled tasks
No labels
Priority -
Type -
Milestone
No items
No Milestone
Assignees
Clear assignees
jmiller (Jonathan Miller)
No Assignees
1 Participants
Notifications
Due Date
No due date set.
Dependencies

No dependencies set.

Reference: MokoConsulting/MokoSuiteBackup#46
Delete Branch "dev"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?