feat: content snapshots, restore UI, and config hardening (v01.25.00)

Add content snapshot system for lightweight article/category/module
versioning independent of full backups. Snapshots store as JSON files
with replace or merge restore modes, wrapped in DB transactions.

- SnapshotEngine: dumps articles, categories, modules + related tables
  (workflow_associations, tag maps, frontpage) to JSON
- SnapshotRestoreEngine: replace (clean slate) or merge (upsert) mode
- Full MVC: controller, models, view, template with create/restore modals
- New ACL permission: mokosuitebackup.snapshot.manage
- Submenu entry with camera icon, upgrade SQL for snapshots table

Improve full-site restore UI with confirmation modal offering options
for files, database, preserve config, and encryption password.

Config improvements:
- WebcronSecretField: CSPRNG generator, strength meter, rejects weak
  patterns (password, admin, secret), enforces min 16 chars
- IpWhitelistField: table-based management, current IP detection with
  one-click "Add my IP" button
- Default profile shows "Title (#ID)" format
- Default backup dir uses [DEFAULT_DIR] placeholder
- Install script generates random 32-char webcron secret
- Dashboard quick actions: full-width dropdown with button below

source/script.php

@@ -150,6 +150,9 @@ class Pkg_MokoSuiteBackupInstallerScript
 			// Create default backup directory in site root
 			$this->createBackupDirectory();
 
+			// Generate a random webcron secret word
+			$this->generateWebcronSecret();
+
 			// Create default scheduled task for backup automation
 			$this->createDefaultScheduledTask();
 		}
@@ -185,6 +188,53 @@ class Pkg_MokoSuiteBackupInstallerScript
 		}
 	}
 
+	/**
+	 * Generate a cryptographically random webcron secret word on fresh install.
+	 */
+	private function generateWebcronSecret(): void
+	{
+		try {
+			$db = Factory::getDbo();
+
+			// Load current component params
+			$query = $db->getQuery(true)
+				->select($db->quoteName('params'))
+				->from($db->quoteName('#__extensions'))
+				->where($db->quoteName('element') . ' = ' . $db->quote('com_mokosuitebackup'))
+				->where($db->quoteName('type') . ' = ' . $db->quote('component'))
+				->setLimit(1);
+			$db->setQuery($query);
+			$rawParams = $db->loadResult();
+
+			$params = json_decode($rawParams ?: '{}', true) ?: [];
+
+			// Only generate if not already set
+			if (!empty($params['webcron_secret'])) {
+				return;
+			}
+
+			$chars  = 'ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789';
+			$secret = '';
+			$bytes  = random_bytes(32);
+
+			for ($i = 0; $i < 32; $i++) {
+				$secret .= $chars[ord($bytes[$i]) % strlen($chars)];
+			}
+
+			$params['webcron_secret'] = $secret;
+
+			$query = $db->getQuery(true)
+				->update($db->quoteName('#__extensions'))
+				->set($db->quoteName('params') . ' = ' . $db->quote(json_encode($params)))
+				->where($db->quoteName('element') . ' = ' . $db->quote('com_mokosuitebackup'))
+				->where($db->quoteName('type') . ' = ' . $db->quote('component'));
+			$db->setQuery($query);
+			$db->execute();
+		} catch (\Exception $e) {
+			error_log('MokoSuiteBackup: generateWebcronSecret() failed: ' . $e->getMessage());
+		}
+	}
+
 	private function enableBundledPlugins(): void
 	{
 		$folders = ['system', 'quickicon', 'task', 'webservices', 'console', 'content', 'actionlog'];
@@ -388,6 +438,12 @@ class Pkg_MokoSuiteBackupInstallerScript
 				'img'       => 'class:database',
 				'menu_icon' => 'icon-database',
 			],
+			[
+				'link'      => 'index.php?option=com_mokosuitebackup&view=snapshots',
+				'title'     => 'COM_MOKOJOOMBACKUP_SUBMENU_SNAPSHOTS',
+				'img'       => 'class:camera',
+				'menu_icon' => 'icon-camera',
+			],
 			[
 				'link'      => 'index.php?option=com_mokosuitebackup&view=profiles',
 				'title'     => 'COM_MOKOJOOMBACKUP_SUBMENU_PROFILES',
@@ -522,6 +578,7 @@ class Pkg_MokoSuiteBackupInstallerScript
 		$iconMap = [
 			'view=dashboard' => 'class:home',
 			'view=backups'   => 'class:database',
+			'view=snapshots' => 'class:camera',
 			'view=profiles'  => 'class:cog',
 		];