Jonathan Miller
026b72deed
Generic: Repo Health / Release configuration (push) Blocked by required conditions
Generic: Repo Health / Scripts governance (push) Blocked by required conditions
Generic: Repo Health / Repository health (push) Blocked by required conditions
Generic: Repo Health / Report Issues (push) Blocked by required conditions
Generic: Repo Health / Site Health (push) Has been skipped
Generic: Repo Health / Access control (push) Successful in 2s
Universal: Auto Version Bump / Version Bump (push) Failing after 15s
Joomla: Extension CI / Tests (PHP 8.2) (pull_request) Blocked by required conditions
Joomla: Extension CI / Tests (PHP 8.3) (pull_request) Blocked by required conditions
Joomla: Extension CI / PHPStan Analysis (pull_request) Blocked by required conditions
Universal: PR Check / Build RC Package (pull_request) Blocked by required conditions
Universal: PR Check / Report Issues (pull_request) Blocked by required conditions
Generic: Repo Health / Release configuration (pull_request) Blocked by required conditions
Generic: Repo Health / Scripts governance (pull_request) Blocked by required conditions
Generic: Repo Health / Repository health (pull_request) Blocked by required conditions
Generic: Repo Health / Report Issues (pull_request) Blocked by required conditions
Universal: PR Check / Branch Policy (pull_request) Successful in 1s
Generic: Repo Health / Site Health (pull_request) Has been skipped
Generic: Repo Health / Access control (pull_request) Successful in 1s
Joomla: Extension CI / Release Readiness Check (pull_request) Failing after 4s
Joomla: Extension CI / Lint & Validate (pull_request) Failing after 6s
Universal: Secret Scanning / Gitleaks Secret Scan (pull_request) Successful in 6s
Universal: PR Check / Validate PR (pull_request) Failing after 7s
Security: - browseDir restricted to JPATH_ROOT and current user $HOME (not all /home/) - MokoRestore db_prefix validated with regex to prevent SQL injection - MokoRestore DB import returns failure when zero statements succeed Error handling (fatal — would produce corrupt backups): - BackupEngine/SteppedEngine mkdir() checked, returns error on failure - SteppedSession save() checked, throws on write failure - SteppedEngine SQL dump file_put_contents checked, throws on failure - MokoRestore configuration.php write checked, throws on failure Error handling (logged — secondary operations): - BackupEngine dispatchAfterRun catch block logs to error_log - BackupEngine/SteppedEngine log file write failures logged - NotificationSender user group email resolution logged - script.php download key save/restore logged Operational fixes: - Cleanup plugin: don't delete DB record if file unlink fails (prevents orphans) - BackupEngine: count and log skipped unreadable files - BackupEngine: handle MokoRestore rename failure gracefully - SteppedEngine: add S3Uploader to stepUpload match (feature parity) Authored-by: Moko Consulting Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
286 lines
9.1 KiB
PHP
286 lines
9.1 KiB
PHP
<?php
|
|
|
|
/**
|
|
* @package MokoJoomBackup
|
|
* @author Moko Consulting <hello@mokoconsulting.tech>
|
|
* @copyright Copyright (C) 2026 Moko Consulting. All rights reserved.
|
|
* @license GNU General Public License version 3 or later; see LICENSE
|
|
*/
|
|
|
|
defined('_JEXEC') or die;
|
|
|
|
use Joomla\CMS\Factory;
|
|
use Joomla\CMS\Installer\InstallerAdapter;
|
|
use Joomla\CMS\Language\Text;
|
|
use Joomla\CMS\Router\Route;
|
|
|
|
class Pkg_MokoJoomBackupInstallerScript
|
|
{
|
|
/**
|
|
* Minimum Joomla version required
|
|
*
|
|
* @var string
|
|
*/
|
|
protected $minimumJoomla = '4.0.0';
|
|
|
|
/**
|
|
* Minimum PHP version required
|
|
*
|
|
* @var string
|
|
*/
|
|
protected $minimumPhp = '8.1.0';
|
|
|
|
/**
|
|
* Called before any install/update/uninstall action.
|
|
*
|
|
* @param string $type Action type (install, update, uninstall)
|
|
* @param InstallerAdapter $parent Installer adapter
|
|
*
|
|
* @return bool
|
|
*/
|
|
public function preflight(string $type, InstallerAdapter $parent): bool
|
|
{
|
|
if (version_compare(PHP_VERSION, $this->minimumPhp, '<')) {
|
|
Factory::getApplication()->enqueueMessage(
|
|
Text::sprintf('PKG_MOKOJOOMBACKUP_PHP_VERSION_ERROR', $this->minimumPhp),
|
|
'error'
|
|
);
|
|
|
|
return false;
|
|
}
|
|
|
|
// Save download key before Joomla re-registers the update site
|
|
if ($type === 'update') {
|
|
$this->preflight_saveKey();
|
|
}
|
|
|
|
return true;
|
|
}
|
|
|
|
/**
|
|
* Called after install/update.
|
|
*
|
|
* @param string $type Action type
|
|
* @param InstallerAdapter $parent Installer adapter
|
|
*
|
|
* @return void
|
|
*/
|
|
/**
|
|
* Called before install/update to preserve the download key.
|
|
*
|
|
* Joomla re-registers update sites from the manifest on every update,
|
|
* which can reset the extra_query (download key). We save it here
|
|
* and restore it in postflight.
|
|
*/
|
|
private ?string $savedDownloadKey = null;
|
|
|
|
public function preflight_saveKey(): void
|
|
{
|
|
try {
|
|
$db = Factory::getDbo();
|
|
$query = $db->getQuery(true)
|
|
->select($db->quoteName('us.extra_query'))
|
|
->from($db->quoteName('#__update_sites', 'us'))
|
|
->join(
|
|
'INNER',
|
|
$db->quoteName('#__update_sites_extensions', 'use')
|
|
. ' ON ' . $db->quoteName('use.update_site_id') . ' = ' . $db->quoteName('us.update_site_id')
|
|
)
|
|
->join(
|
|
'INNER',
|
|
$db->quoteName('#__extensions', 'e')
|
|
. ' ON ' . $db->quoteName('e.extension_id') . ' = ' . $db->quoteName('use.extension_id')
|
|
)
|
|
->where($db->quoteName('e.element') . ' = ' . $db->quote('pkg_mokojoombackup'))
|
|
->where($db->quoteName('e.type') . ' = ' . $db->quote('package'))
|
|
->setLimit(1);
|
|
$db->setQuery($query);
|
|
$key = $db->loadResult();
|
|
|
|
if (!empty($key)) {
|
|
$this->savedDownloadKey = $key;
|
|
}
|
|
} catch (\Throwable $e) {
|
|
error_log('MokoJoomBackup: Could not save download key: ' . $e->getMessage());
|
|
}
|
|
}
|
|
|
|
public function postflight(string $type, InstallerAdapter $parent): void
|
|
{
|
|
// Restore download key if it was saved before update
|
|
if ($this->savedDownloadKey !== null) {
|
|
$this->restoreDownloadKey();
|
|
}
|
|
|
|
if ($type === 'install') {
|
|
// Enable the system plugin automatically on fresh install
|
|
$db = Factory::getDbo();
|
|
$query = $db->getQuery(true)
|
|
->update($db->quoteName('#__extensions'))
|
|
->set($db->quoteName('enabled') . ' = 1')
|
|
->where($db->quoteName('type') . ' = ' . $db->quote('plugin'))
|
|
->where($db->quoteName('folder') . ' = ' . $db->quote('system'))
|
|
->where($db->quoteName('element') . ' = ' . $db->quote('mokojoombackup'));
|
|
|
|
$db->setQuery($query);
|
|
$db->execute();
|
|
|
|
// Enable the quickicon plugin automatically
|
|
$query = $db->getQuery(true)
|
|
->update($db->quoteName('#__extensions'))
|
|
->set($db->quoteName('enabled') . ' = 1')
|
|
->where($db->quoteName('type') . ' = ' . $db->quote('plugin'))
|
|
->where($db->quoteName('folder') . ' = ' . $db->quote('quickicon'))
|
|
->where($db->quoteName('element') . ' = ' . $db->quote('mokojoombackup'));
|
|
|
|
$db->setQuery($query);
|
|
$db->execute();
|
|
|
|
// Enable the task plugin automatically
|
|
$query = $db->getQuery(true)
|
|
->update($db->quoteName('#__extensions'))
|
|
->set($db->quoteName('enabled') . ' = 1')
|
|
->where($db->quoteName('type') . ' = ' . $db->quote('plugin'))
|
|
->where($db->quoteName('folder') . ' = ' . $db->quote('task'))
|
|
->where($db->quoteName('element') . ' = ' . $db->quote('mokojoombackup'));
|
|
|
|
$db->setQuery($query);
|
|
$db->execute();
|
|
|
|
// Enable the webservices plugin automatically
|
|
$query = $db->getQuery(true)
|
|
->update($db->quoteName('#__extensions'))
|
|
->set($db->quoteName('enabled') . ' = 1')
|
|
->where($db->quoteName('type') . ' = ' . $db->quote('plugin'))
|
|
->where($db->quoteName('folder') . ' = ' . $db->quote('webservices'))
|
|
->where($db->quoteName('element') . ' = ' . $db->quote('mokojoombackup'));
|
|
|
|
$db->setQuery($query);
|
|
$db->execute();
|
|
|
|
// Enable the console plugin automatically
|
|
$query = $db->getQuery(true)
|
|
->update($db->quoteName('#__extensions'))
|
|
->set($db->quoteName('enabled') . ' = 1')
|
|
->where($db->quoteName('type') . ' = ' . $db->quote('plugin'))
|
|
->where($db->quoteName('folder') . ' = ' . $db->quote('console'))
|
|
->where($db->quoteName('element') . ' = ' . $db->quote('mokojoombackup'));
|
|
|
|
$db->setQuery($query);
|
|
$db->execute();
|
|
|
|
// Enable the content plugin automatically
|
|
$query = $db->getQuery(true)
|
|
->update($db->quoteName('#__extensions'))
|
|
->set($db->quoteName('enabled') . ' = 1')
|
|
->where($db->quoteName('type') . ' = ' . $db->quote('plugin'))
|
|
->where($db->quoteName('folder') . ' = ' . $db->quote('content'))
|
|
->where($db->quoteName('element') . ' = ' . $db->quote('mokojoombackup'));
|
|
|
|
$db->setQuery($query);
|
|
$db->execute();
|
|
|
|
// Enable the actionlog plugin automatically
|
|
$query = $db->getQuery(true)
|
|
->update($db->quoteName('#__extensions'))
|
|
->set($db->quoteName('enabled') . ' = 1')
|
|
->where($db->quoteName('type') . ' = ' . $db->quote('plugin'))
|
|
->where($db->quoteName('folder') . ' = ' . $db->quote('actionlog'))
|
|
->where($db->quoteName('element') . ' = ' . $db->quote('mokojoombackup'));
|
|
|
|
$db->setQuery($query);
|
|
$db->execute();
|
|
|
|
// Create default backup directory
|
|
$backupDir = JPATH_ADMINISTRATOR . '/components/com_mokojoombackup/backups';
|
|
|
|
if (!is_dir($backupDir)) {
|
|
mkdir($backupDir, 0755, true);
|
|
|
|
// Protect backup directory with .htaccess
|
|
file_put_contents($backupDir . '/.htaccess', "Order deny,allow\nDeny from all\n");
|
|
file_put_contents($backupDir . '/index.html', '<!DOCTYPE html><title></title>');
|
|
}
|
|
}
|
|
|
|
// Warn if no license key configured
|
|
$this->warnMissingLicenseKey();
|
|
}
|
|
|
|
/**
|
|
* Restore the download key to the (possibly new) update site record.
|
|
*/
|
|
private function restoreDownloadKey(): void
|
|
{
|
|
try {
|
|
$db = Factory::getDbo();
|
|
$query = $db->getQuery(true)
|
|
->select($db->quoteName('us.update_site_id'))
|
|
->from($db->quoteName('#__update_sites', 'us'))
|
|
->join(
|
|
'INNER',
|
|
$db->quoteName('#__update_sites_extensions', 'use')
|
|
. ' ON ' . $db->quoteName('use.update_site_id') . ' = ' . $db->quoteName('us.update_site_id')
|
|
)
|
|
->join(
|
|
'INNER',
|
|
$db->quoteName('#__extensions', 'e')
|
|
. ' ON ' . $db->quoteName('e.extension_id') . ' = ' . $db->quoteName('use.extension_id')
|
|
)
|
|
->where($db->quoteName('e.element') . ' = ' . $db->quote('pkg_mokojoombackup'))
|
|
->where($db->quoteName('e.type') . ' = ' . $db->quote('package'))
|
|
->setLimit(1);
|
|
$db->setQuery($query);
|
|
$updateSiteId = (int) $db->loadResult();
|
|
|
|
if ($updateSiteId > 0) {
|
|
$query = $db->getQuery(true)
|
|
->update($db->quoteName('#__update_sites'))
|
|
->set($db->quoteName('extra_query') . ' = ' . $db->quote($this->savedDownloadKey))
|
|
->where($db->quoteName('update_site_id') . ' = ' . $updateSiteId);
|
|
$db->setQuery($query);
|
|
$db->execute();
|
|
}
|
|
} catch (\Throwable $e) {
|
|
error_log('MokoJoomBackup: Could not restore download key: ' . $e->getMessage());
|
|
}
|
|
}
|
|
|
|
private function warnMissingLicenseKey(): void
|
|
{
|
|
try
|
|
{
|
|
$db = Factory::getDbo();
|
|
$db->setQuery(
|
|
$db->getQuery(true)
|
|
->select([$db->quoteName('update_site_id'), $db->quoteName('extra_query')])
|
|
->from($db->quoteName('#__update_sites'))
|
|
->where('(' . $db->quoteName('name') . ' LIKE ' . $db->quote('%MokoJoomBackup%') . ' OR ' . $db->quoteName('location') . ' LIKE ' . $db->quote('%MokoJoomBackup%') . ')')
|
|
->setLimit(1)
|
|
);
|
|
$site = $db->loadObject();
|
|
|
|
if ($site)
|
|
{
|
|
$eq = (string) ($site->extra_query ?? '');
|
|
if (!empty($eq) && strpos($eq, 'dlid=') !== false) { parse_str($eq, $p); if (!empty($p['dlid'])) { return; } }
|
|
$editUrl = 'index.php?option=com_installer&task=updatesite.edit&update_site_id=' . (int) $site->update_site_id;
|
|
}
|
|
else
|
|
{
|
|
$editUrl = 'index.php?option=com_installer&view=updatesites';
|
|
}
|
|
|
|
Factory::getApplication()->enqueueMessage(
|
|
'<strong>Moko Consulting License Key Required</strong> — '
|
|
. 'No download key is configured. Updates will not be available until a valid license key is entered. '
|
|
. '<a href="' . $editUrl . '" class="btn btn-sm btn-warning ms-2">Enter License Key</a>',
|
|
'warning'
|
|
);
|
|
}
|
|
catch (\Throwable $e) {
|
|
error_log('MokoJoomBackup: License key check failed: ' . $e->getMessage());
|
|
}
|
|
}
|
|
}
|