diff --git a/source/packages/com_mokosuitebackup/src/Engine/DatabaseDumper.php b/source/packages/com_mokosuitebackup/src/Engine/DatabaseDumper.php
index 63609ca..4beb213 100644
--- a/source/packages/com_mokosuitebackup/src/Engine/DatabaseDumper.php
+++ b/source/packages/com_mokosuitebackup/src/Engine/DatabaseDumper.php
@@ -114,8 +114,9 @@ class DatabaseDumper
 					continue;
 				}
 
-				// Replace live prefix with #__ in CREATE TABLE output
-				$createSql = str_replace($table, $abstractName, $createRow[1]);
+				// Replace all occurrences of the live prefix with #__ in CREATE TABLE
+				// output — covers the table itself and FK REFERENCES to other tables
+				$createSql = str_replace('`' . $prefix, '`#__', $createRow[1]);
 				$output[] = 'DROP TABLE IF EXISTS `' . $abstractName . '`;';
 				$output[] = $createSql . ';';
 				$output[] = '';
diff --git a/source/packages/com_mokosuitebackup/src/Engine/MokoRestore.php b/source/packages/com_mokosuitebackup/src/Engine/MokoRestore.php
index db95b2f..4c2f63f 100644
--- a/source/packages/com_mokosuitebackup/src/Engine/MokoRestore.php
+++ b/source/packages/com_mokosuitebackup/src/Engine/MokoRestore.php
@@ -128,7 +128,11 @@ if (empty($securityCode)) {
         . "Code: " . $securityCode . "\n"
         . "Enter this code in the MokoRestore browser interface to proceed.\n"
         . "This file will be deleted automatically after verification.\n";
-    file_put_contents($securityFile, $securityContent);
+    if (file_put_contents($securityFile, $securityContent) === false) {
+        // Cannot write security file — skip verification to avoid locking user out
+        $_SESSION['security_verified'] = true;
+        error_log('MokoRestore: Cannot write security file — verification skipped (check directory permissions)');
+    }
 }
 
 // Handle security code verification via POST
@@ -731,7 +735,7 @@ HTACCESS;
 
 function getValidatedPrefix(array $data): string
 {
-    $prefix = getValidatedPrefix($data);
+    $prefix = trim($data['db_prefix'] ?? 'moko_');
 
     if (!preg_match('/^[a-zA-Z][a-zA-Z0-9_]{0,20}$/', $prefix)) {
         throw new RuntimeException('Invalid table prefix format');
@@ -766,7 +770,7 @@ function actionListAdmins(array $data): array
 function actionResetAdmin(array $data): array
 {
     $pdo      = getDbConnection($data);
-    $prefix   = $data['db_prefix'] ?? 'moko_';
+    $prefix   = getValidatedPrefix($data);
     $userId   = (int) ($data['admin_id'] ?? 0);
     $password = $data['new_password'] ?? '';
 
diff --git a/source/packages/com_mokosuitebackup/src/Engine/SteppedBackupEngine.php b/source/packages/com_mokosuitebackup/src/Engine/SteppedBackupEngine.php
index f910cff..4e9c53c 100644
--- a/source/packages/com_mokosuitebackup/src/Engine/SteppedBackupEngine.php
+++ b/source/packages/com_mokosuitebackup/src/Engine/SteppedBackupEngine.php
@@ -473,7 +473,7 @@ class SteppedBackupEngine
 
 				NotificationSender::send($profile, $record, true, $logContent);
 			}
-		} catch (\Exception $e) {
+		} catch (\Throwable $e) {
 			error_log('MokoSuiteBackup: SteppedBackupEngine notification failed: ' . $e->getMessage());
 		}
 	}
@@ -548,7 +548,8 @@ class SteppedBackupEngine
 			return '';
 		}
 
-		$createSql = str_replace($table, $abstractName, $createRow[1]);
+		// Replace all occurrences of the live prefix — covers FK REFERENCES too
+		$createSql = str_replace('`' . $prefix, '`#__', $createRow[1]);
 		$output[] = 'DROP TABLE IF EXISTS `' . $abstractName . '`;';
 		$output[] = $createSql . ';';
 		$output[] = '';