Restore auth: backup and restore runtime HMAC secret files during the file stage so post-complete token verification survives uploads directory overwrite during restore.
Restore: exclude .restore-auth-* runtime auth files from backup ZIP export so imported archives cannot overwrite destination auth state.
Restore Safe Mode: register wp_ajax_nopriv_museder_restoreone_exit_safe_mode and authorize exit via the same verify_restore_progress_request path as progress polling when admin session is lost after DB import.
Restore UI: bind completion overlay Exit Safe Mode to completedRestoreJobId and ensure poll completionMeta carries jobId for token grants.
2.7.275
Restore UI: Step 3 success is now a one-way state — once REST final-status confirms completion, the UI no longer re-enters admin-ajax polling or resets progress when a stale “running” payload arrives.
Restore UI: when admin-ajax or wp-login interim-login is blocked (403/400), Step 3 switches to a REST-only completion loop instead of retrying nonce refresh and tight admin-ajax polling.
Restore UI: suppresses WordPress auth-check / Heartbeat interim-login modals during restore and raises the completion overlay above auth-check layers so “Restore Completed” is visible on hostile shared hosts.
Restore UI: long-running restores now use a wider history match window and strict payload.job parsing so Step 3 no longer gets stuck at “100% / Waiting for action” after the backend has already completed and cleaned active jobs.
Restore UI: final-status polling now falls back from stale /wp-json routes to query-style ?rest_route= URLs, detects “HTTP 200 HTML” non-JSON responses, and adds a read-only admin-ajax restore_final_status endpoint as a final completion source.
Restore auth: restore token verification now uses a plugin-controlled stable HMAC secret so token checks survive wp-config.php salt replacement during restore (including post-complete read grants).
Restore UI: page reload/resume now restores the active job’s short-lived restore token from server bootstrap so Step 3 monitoring continues after DB import session loss without recurring admin-ajax 403 popups.
Restore UI: completed overlay Exit Safe Mode now accepts post-complete restore-token grant fallback when nonce/session continuity is broken after restore, preventing generic red error toasts.
Restore UI: preserve the completed job’s restore token until Safe Mode exit succeeds, and make both completion overlay and Safe Mode notice buttons send the same job-bound token/grant payload instead of relying on nonce-only requests.
Restore UI: Step 3 now hard-blocks full-site execution when preflight says overwrite is required but not enabled, so the button state matches server preconditions instead of failing with late 400 errors.
Restore UI: auth-check interruptions now use a restore-specific login redirect (wp-login.php?redirect_to=…restore…) to keep reauth return paths pinned to Restore page resume flow instead of drifting to host-specific admin routes.
Restore UI: harden auth-check race handling by removing late-injected WordPress interim-login/thickbox modals while restore is running or final success is locked.
Restore runtime policy: preserve destination permalink_structure and rewrite_rules across DB import, then flush rewrite rules to keep /wp-json pretty routes available alongside ?rest_route= fallback.
Restore: prefix migration now performs collision-safe targeted key migration for WordPress role/capability keys (*_user_roles, *_capabilities, *_user_level) instead of broad prefix key renames that could fail with duplicate option_name entries on populated targets.
2.7.274
Restore: sliced ZIP extraction now writes to a sidecar *.museder-restoreone-partial file and atomically renames on completion so WordPress core files are never left half-written when a time slice ends (fixes admin critical errors mid-restore on shared hosting).
Restore: phase-aware file-stage progress (wp-content vs core) uses filtered entry counts instead of whole-archive index ratios (fixes misleading ~85% at start of core extraction).
Restore: stale-tick watchdog re-schedules WP-Cron when a running job has not progressed recently.
Restore: defer wp-config.php until the file stage completes; on populated hosts with db_then_files, backup mode now merges live DB credentials and table prefix instead of overwriting mid-restore (fixes database connection errors after reload).
Restore: wp-config merge uses parenthesis-aware parsing so define() values with nested calls (e.g. Docker getenv_docker()) are preserved without PHP parse errors.
Restore: media path reconciliation now advances past index building and repairs UTF-8 database attachment paths that map to ASCII filenames on disk, preventing restored pages from showing missing images.
Backup: detects and logs attachment DB-to-disk media path drift before packaging so future archives surface filename mismatches instead of silently preserving them.
Restore: media path reconciliation now expands attachment pairs to thumbnail size variants (-WxH), scans post content and post meta for stale uploads URLs, and rewrites attachment metadata so Elementor and inline images resolve after restore.
Restore: media path apply_pairs now runs as a time-sliced database search-replace with row checkpoints so large pair sets no longer hit PHP max_execution_time during cleanup on shared hosting.
Restore: reject unsafe media path pairs (empty filename stems) and map menu-icon attachments to on-disk ICON filenames when ASCII-fold matching is ambiguous.
Restore: rehydrate active restore jobs from the restore lock after fatal timeouts so cron and the admin UI can resume cleanup instead of leaving Restore History stuck on Running.
Restore: Image Widget / Max Mega Menu media URLs are synchronized from fixed attachment paths after restore so serialized widget raw URLs no longer keep stale uploads filenames.
Restore UI: auth-check, session, or admin-ajax 403/500 interruptions during Step 3 keep monitoring the background job and reconcile to success when history/status shows completion.
Restore UI: reload the Restore page after a completed job to show the success state when host polling was blocked mid-run.
Restore UI: completed jobs now show a success notification from status polling, and repeated 401/403 polling blocks show a clearer host-blocking message.
Restore UI: admin-ajax 400/403 host interruptions during Step 3 now stay in background monitoring mode instead of resetting the wizard before the backend job can report success.
Restore: excludes RestoreOne runtime locks, active-job pointers, restore tokens, and transients from backup export/import, then clears stale imported runtime options after restore completion.
Restore UI: adds a token-based REST final-status confirmation path so Step 3 can show success even when admin-ajax/auth-check is blocked after the backend job completes.
Restore UI: failed cancel requests no longer reset the wizard while cron may still be restoring; the UI now keeps the active job and rechecks final status.
2.7.273
Backup: fix post-close archive verification false failures on large ZipArchive backups (entry-index lookup + core-path prefix fallback) so shared hosts no longer trigger a destructive full PclZip repack.
Backup: remove automatic full-archive PclZip repack after verify failure; accept structurally sound archives and fail fast when the archive is truly incomplete.
Backup: defer finalize/verify to the tick after ZipArchive::close() so the closed archive is readable before verification runs.
2.7.272
Backup Auto mode: align “large site” detection with the Backups page estimate warning (>1 GB total) — Auto now enables Fast mode and Smart Exclude when size or cached estimate exceeds threshold, not only when file count exceeds 50,000.
Backup UI: clarify Auto status when standard (Balanced) mode applies on sites below Auto thresholds.
2.7.271
Restore Step 3: page bootstrap now uses map_restore_service_status_to_job() so reload during an active restore resumes monitoring instead of resetting to “Ready to start”.
Restore Step 3: polling/history fallbacks keep in-progress UI on transient AJAX errors; restore history table updates during same-page sessions.
Restore: files-only jobs force wp_config_mode: keep so wp-config.php is not overwritten when the database is skipped.
Restore: ZIP file-stage progress no longer jumps to 93% at the start of core extraction.
2.7.270
Restore Step 1: separate analysis from execute preflight — populated-site overwrite requirement is a Step 2 warning, not a Step 1 failure (fixes “Analysis complete” + empty Summary + “Analysis failed” on chunk finalize).
Restore: profile detection ignores this plugin in active-plugin count and excludes uploads/museder-restoreone/ from uploads heuristics (reduces test-site false “populated” classification).
2.7.269
Restore Step 1: cache archive analysis after chunk finalize so Load Info on large backups reuses results instead of re-scanning the ZIP (fixes timeout on 500MB+ server files).
Restore Step 1: fix wizard UI when Load Info fails — no more stale File Summary with “Analysis failed”; reuse valid session summary when the same backup was already analyzed.
Restore upload: chunk finalize now calls MusederRestoreOneUI.handleSummaryResponse first (wizard unlock without page reload).
2.7.268
Restore: large-site reliability — after database import, progress polling continues via a file-backed restore token (survives session/nonce loss during NDJSON restore).
Restore: nopriv AJAX handlers for restore progress (job_status, restore_tick) so polling works when the WordPress login cookie is invalidated mid-restore.
Restore: post-complete read grant so the UI can confirm 100% success after the token is revoked at job completion.
Restore: media path reconcile — after restore, match uploads database paths to on-disk filenames (UTF-8 vs ASCII) and log MEDIA_PATHS_RECONCILE_DONE.
Restore: stable job meta paths (canonical storage), multi-slice tick drain, and improved restore_job_status mapping after DB import.
Restore: make zip_archive_has_wp_core() public so preflight can detect full-site archives without a fatal error (BUG-SUN-001).
Restore bootstrap: register WordPress stubs before bootstrap_root(); add esc_attr() stub; define trailingslashit before ABSPATH (BUG-SUN-003, BUG-SUN-004).
2.7.267
Restore (Approach B): site profile detection (existing / fresh / no core), preflight blocks, and Step 2 restore order, scope, wp-config mode (backup / keep / merge), and pause other plugins (default on).
Restore: populated sites require a pre-restore snapshot; default order database then files (user can switch to files-first).
Restore: fresh / empty profiles default to files then database with UI notices (including DB overwrite on fresh installs).
Restore: empty docroot full-site restores can use museder-restoreone-restore-bootstrap.php (copy to site root) for loopback file slices before WordPress core exists.
Restore: ZIP restores use a two-phase file stage (wp-content, then WordPress core and site root files when present in the archive).
Restore: includes 2.7.265 mid-restore plugin isolation, restore token, and safe-plugin reapply after restore.
Restore: writes a fallback .htaccess when missing after permalink flush (Apache).
2.7.262
Backup reliability: when PclZip compatibility repack is active, the async job runner no longer keeps a long-lived ZipArchive handle on the same .zip file (PclZip and ZipArchive were both mutating the archive, making close() extremely slow on large sites and risking central-directory corruption).
Backup verification: post-close archive checks now resolve ZIP entry names more robustly (zip_archive_has_entry() — forward slashes, optional ./ prefix, and ZipArchive::FL_NOCASE when available) so false “verification failed” results are less likely to trigger a full repack.
2.7.261
Developer / review automation (not shipped in the WordPress.org ZIP): WP-CLI matrices for all registered wp_ajax_museder_restoreone_* actions, REST routes under museder-restoreone/v1 + v2, and admin_post_museder_restoreone_* downloads (capability + nonce / referer expectations); nginx reverse-proxy smoke in front of the stock Apache WordPress image; ZIP clean install + Plugin Check; Multisite 2-site stack + network uninstall option/cron verification; mail pipeline smoke (wp_mail / Email_Handler::test_email reaches PHPMailer); PHPCS tooling (phpcs.xml.dist + tools/phpcs Composer kit) with run-phpcs-summary.sh.
Documentation: docs/2026-05-06__v2.7.261__readme-key-features__admin-ui-map.md maps readme Key features to admin page= slugs for manual review.
Maintenance: restore job AJAX handlers that “clean” output now use ob_clean() instead of ob_end_clean() so they flush stray bytes without popping the whole output-buffer stack (same idea for REST chunk prepare_request_environment()). Behavior for real browsers is unchanged; this avoids breaking nested buffers in automated tests and CLI.
2.7.260
Security: REST chunk v2 upload_id limited to UUID v4 (same format as wp_generate_uuid4()); status / chunk / finalize / abort and temp directory helpers reject garbage ids; cleanup skips non-UUID folders under v2-uploads.
Security: museder_restoreone_get_chunk_path() second argument now uses museder_restoreone_safe_path_join() (no traversal via relative fragments).
Security: WPress safe_join() final check uses directory-prefix boundary (aligned with other path helpers).
Review UX: admin script globals MusederRestoreOneAddon (primary) with MusederRestoreOnePro kept as an alias for backward compatibility; strings unchanged.
UI: fixed [data-bl-theme=”dark”] selectors in admin-style.css that were escaped incorrectly so dark-theme list/table header styles apply.
Multisite: uninstall.php processes sites in batches to reduce memory spikes on large networks (readme Privacy note updated).
Documentation: readme External services (loopback wp-cron.php, local assets/vendor JS/CSS), Privacy / uninstall aligned with uninstall.php, FAQ on third-party format compatibility (no endorsement).
Maintenance: added root uninstall.php (options, transients, job-lock rows, museder_restoreone_* crons only — no backup/log/report file deletion). create-package.sh ships uninstall.php in the ZIP.
Developer tooling: tools/functional-test/ adds REST permission smoke, safe_path_join traversal checks, external-URL scan script, and uninstall manifest verification (still not included in the WordPress.org ZIP).
Security: museder_restoreone_get_backup_path() now compares backup directory roots with a trailing-slash boundary after realpath() normalization, preventing ambiguous prefix matches between similarly named directories.
Multisite: when WordPress Multisite is enabled, RestoreOne admin screens show a non-blocking notice that Multisite is experimental (readme stance unchanged).
Documentation: FAQ entries for PclZip performance, REST chunk / php://input, cron and mail dependencies, and large-archive restore limits; Privacy notes optional local build/version log heartbeat after upgrades.
Developer tooling: added tools/functional-test/ scripts (not shipped in the WordPress.org ZIP) to reproduce small-site, large-site, PclZip-forced, chunk REST smoke, and cron listing checks via Docker/WP-CLI.
Email: test email body no longer uses emoji (broader mail client compatibility).
2.7.257
UI: Improved dark-theme contrast for Settings field labels, helper text under General Settings, Environment Compatibility success badges, and System Diagnostics uppercase labels (avoids light-theme label colors on dark cards).
Documentation: Readme feature line for schedules now matches optional scheduling (no longer implies a minimum number of schedules).
Maintenance: Removed unused legacy template templates/restore-page.php (Restore admin screen uses page-restore.php only) to avoid mixed-language placeholder strings in the distributed tree.
2.7.256
WordPress.org review follow-up: core admin include paths are now built in segments (root + directory parts + whitelisted filename), avoiding a single literal core-relative include path while preserving graceful fallback behavior.
Developer filters: added museder_restoreone_core_admin_include_path for non-standard WordPress directory layouts; invalid or unreadable filtered paths are ignored.
Documentation: FAQ now explains custom languages, mu-plugins, and core admin include path filters for advanced non-standard installs.
2.7.255
WordPress.org review: replaced hardcoded/internal WordPress path constants used for core includes and language/mu-plugin directory discovery with helper-based path resolution derived from WordPress APIs (wp_upload_dir(), plugin path helpers) and graceful fallbacks.
Backup scope: language and mu-plugin directory prefixes are now resolved through plugin helpers and filters (museder_restoreone_languages_dir, museder_restoreone_mu_plugins_dir) instead of WP_LANG_DIR / WPMU_PLUGIN_DIR.
Restore/upload helpers: core admin include loading is centralized in museder_restoreone_get_core_admin_include_path() and avoids ABSPATH path concatenation; missing core helpers fail gracefully instead of fataling.
2.7.254
REST: Chunk upload (includes/class-chunk-handler-v2.php) permission_check now uses the same two-step REST nonce pattern as v2 restore (check_permissions): X-WP-Nonce then rest_nonce parameter, empty token vs wp_verify_nonce as separate WP_Error branches; HTTP 401 for invalid/missing nonce and shared museder_restoreone_invalid_nonce / museder_restoreone_forbidden codes with v2 restore.
REST: Free AI REST permission_check nonce failures now return 401 with museder_restoreone_invalid_nonce (aligned with v2 restore; same user-facing message).
Readme: added == Privacy == (data locations, third parties, optional add-ons, retention) and explicit Multisite stance in Description + FAQ.
Security hygiene: added index.php sentinels under includes/, includes/wpress/, templates/, assets/ (+ assets/css/, assets/js/), and languages/ to avoid directory listing on misconfigured hosts.
2.7.253
Compliance / Plugin Check: PclZip fallback now loads WordPress core’s PclZip file instead of shipping a duplicate includes/vendor/pclzip copy, so the broader plugin-check.ruleset.xml scan is not dominated by third-party PHPCS violations in bundled library code.
Documentation: Clarifies that changelog lines mentioning tests/ or tools/docker/ refer to the public development repository only; those paths are not part of the distributed plugin ZIP from WordPress.org.
2.7.252
Developer / WordPress Plugin Check: Report download wp_die() branches use per-status literal response codes with inline esc_html() / esc_html__() so OutputNotEscaped passes under Plugin Check.
Developer: tests/php-regression/final_review_248_regression.php uses esc_html() on CLI output and wraps checks in museder_restoreone_final_review_248_regression_run() to satisfy prefix / escaping static analysis.
Docker sync (tools/docker/setup.sh): exclude root .DS_Store from the plugin tarball so Plugin Check does not flag hidden files in wp-content/plugins.
2.7.251
WordPress Plugin Check: Report download error path now passes HTTP status to wp_die() via the response args array (avoids OutputNotEscaped on a dynamic third-argument integer).
2.7.250
Security: NDJSON database import now applies the same table prefix allow-list as the SQL restore path before DROP TABLE / replace(); disallowed names are skipped and logged.
Stability: get_ai_recommendations() checks class_exists( ‘Museder_Restoreone_AI_Service’ ) before calling it (avoids fatal if an add-on filter is misconfigured).
WordPress.org review: AI schedule recommendation errors use neutral codes/messages (addon_not_active, addon_service_missing) instead of pro_required.
REST (v2 restore): check_permissions validates X-WP-Nonce / _wpnonce in two steps (empty check, then wp_verify_nonce), matching the AI REST controller pattern.
2.7.249
WordPress.org strict review: AJAX museder_restoreone_refresh_nonce now requires a valid existing nonce before issuing a new one; admin JS sends the current nonce on refresh.
AI (free): removed daily scan quota / remaining / dailyScans from the hosted build (local preview only; no trialware-style limits in API responses).
Safe mode: readme, Restore/Dashboard notices, restore options help text, and admin toasts now match implementation — snapshot + marker only; Exit Safe Mode clears the marker without claiming automatic plugin activation changes.
2.7.248
WordPress.org review: add_option() job locks now use an explicitly prefixed $option_key built from OPTION_LOCK_PREFIX at the call site (addresses static analysis / human review feedback on dynamic option names).
WordPress.org guidelines: removed the free-tier limit of a single backup schedule; multiple local schedules are allowed for all users.
Schedules: cron pattern, exclude paths, and retention policy fields are saved for all installs (local features; not gated on a separate add-on).
Backups: optional backup labels apply to archive names and metadata for all users; encryption and cloud destination metadata/upload remain add-on scoped, with a class_exists() guard on cloud upload.
Admin log download: check_admin_referer() runs immediately after resolving the log basename and before reading the file from disk.
2.7.247
Security & WordPress.org review: Added explicit check_ajax_referer() calls in admin AJAX handlers (UI, restore, logs, settings, email) so tooling and reviewers can see nonce verification in each handler.
Backup download (admin-post): For nonce-based links, check_admin_referer() now runs before reading $_GET[‘file’]; signed-token downloads unchanged. Clearer error when the filename is missing after a valid nonce.
Report download: Replaced missing Pro controller with Museder_Restoreone_Restore_Report::download() plus check_admin_referer( ‘museder_restoreone_download_report’ ), path confinement under the reports directory, and safe streaming headers.
Backup jobs: Clarified comments for dynamic add_option() lock keys (no invalid PHPCS ignore).
2.7.246
Admin UI: improved text contrast when using dark appearance (data-bl-theme=”dark”) — Restore Center step cards, glass cards, and status colors align with theme tokens (–text-dark, –surface, –glass-*).
Restore Center: progress track uses a deeper neutral background; percentage label uses a subtle text shadow so it stays readable at low fill levels.
Safe mode notices (Restore + Dashboard) use var(–text-muted) so body copy follows the active theme.
Legacy restore wizard (restore.css): completed-step label uses a brighter green in dark mode.
2.7.245
WordPress.org review follow-up: readme — single Changelog section (removed duplicate header); FAQ documents local wp-cron.php loopback requests. Code — trigger_restore_job() formatting in class-restore-handler.php; AI REST API namespace aligned to museder-restoreone/v1 for consistency with the plugin slug.
2.7.244
WordPress.org review hardening: removed bundled PRO activation, license verification, embedded PRO modules, and review-facing upgrade messaging from the free plugin package. Free build now keeps only the core backup, restore, schedule, logs, and settings experience, while preserving a clean add-on detection boundary for a separate plugin.
2.7.243
Schedule handler: GLOB_BRACE fallback for PHP builds that omit it; retention apply_retention_rules file_exists check before filemtime to avoid warnings. Restore page: Exit Safe Mode button id unified to museder-restoreone-exit-safe-mode-btn with JS fallback for backup-lite-exit-safe-mode-btn. Small-site flow verified (backup, restore, settings, schedules, safe mode exit).
2.7.242
WP.org compliance: Plugin Check 1.7.0 clean (0 errors, 0 warnings). Security and request handling (nonce/capability, sanitize/validate, json whitelist). Path and storage under wp_upload_dir. Removed direct core includes where possible; ABSPATH guards. Naming: menu/REST/JS prefixes unified to museder-restoreone. Readme external services (S3, OpenAI); Plugin URI updated.
2.7.223
Compliance: Reworked deprecated download handler to avoid bootstrapping WordPress and route downloads via admin-post.php.
Compliance: Documented external services with plain Terms/Privacy URLs for review tooling.
Security: Added explicit nonce checks in key AJAX handlers for clearer automated detection.
Security: Hardened restore SQL import with a conservative allow/deny statement strategy.
Compatibility: Reduced reliance on hard-coded WP_* directory constants by using wp_upload_dir()-derived paths where possible.
2.7.220
WP.org compliance hardening (nonce/cap checks, sanitization/escaping, uploads storage under wp_upload_dir).
S3: migrate cURL usage to WordPress HTTP API (wp_remote_request) with multipart upload support.
Security: Enhanced NonceVerification and ValidatedSanitizedInput fixes in class-ui.php – changed phpcs:ignore to phpcs:disable/enable for better tool recognition
Code Quality: Fixed fread error in class-ui.php – changed phpcs:ignore to phpcs:disable/enable for better tool recognition
2.7.16
Code Quality: Added phpcs:ignore comments for all AlternativeFunctions in class-restore.php (fopen, fclose, fread, fwrite, unlink, rename)
Code Quality: Added phpcs:ignore comments for all AlternativeFunctions in class-backup.php (fopen, fwrite, fclose, unlink)
Code Quality: Added phpcs:ignore comments for AlternativeFunctions in class-ai1wm-converter.php (fopen, fread, fclose)
Code Quality: Added phpcs:ignore comments for all AlternativeFunctions in class-restore-handler.php (fopen, fclose, unlink, rename)
Security: Fixed NonceVerification and ValidatedSanitizedInput warnings in class-restore-handler.php
Code Quality: Added phpcs:ignore comments for DevelopmentFunctions (set_time_limit, ini_set) in class-restore.php and class-backup.php
2.7.15
Code Quality: Added phpcs:ignore comments for AlternativeFunctions in class-chunk-handler-v2.php (fopen, fclose, fwrite, unlink, rename, fread)
Code Quality: Fixed unlink comment format in class-chunk-handler-v2.php – changed from file_system_operations_unlink to unlink_unlink
Code Quality: Added phpcs:ignore comment for error_log in class-chunk-handler-v2.php
2.7.14
Security: Fixed NonceVerification warnings – added phpcs:ignore comments for all AJAX handlers that use verify_ajax_request()
Security: Fixed ValidatedSanitizedInput warnings – added proper validation and sanitization comments for $_FILES and $_POST inputs
Code Quality: Fixed PreparedSQL error in class-estimate-size.php – added phpcs:ignore comment for prepared query
Code Quality: Added phpcs:ignore comments for necessary AlternativeFunctions (readfile, rename, unlink, fopen, chmod) in backup/restore operations
2.7.13
Security: Enhanced ExceptionNotEscaped fixes in class-chunk-handler.php – all exception array values are now properly escaped using esc_html() and wrapped with phpcs:disable/enable comments
Code Quality: Improved escaping for all exception data array values to ensure complete security compliance
2.7.12
Security: Fixed ExceptionNotEscaped issues in class-chunk-handler.php – all exception array values are now properly sanitized and escaped
Code Quality: Added missing translators comments for all __() functions with placeholders
Code Quality: Fixed OutputNotEscaped issues in templates – all output values are now properly escaped using absint() and esc_html()
Code Quality: Excluded create-package.sh from plugin package (development tool only)
2.7.11
Security: Fixed json_decode() sanitization issues – all JSON-decoded arrays are now properly sanitized using recursive array_map() and sanitize_text_field()
Security: Fixed REST API permission_callback – all REST API routes now use proper permission checks (manage_options + nonce verification) instead of ‘__return_true’
Security: Added ABSPATH checks to download-handler.php to prevent direct file access
Code Quality: Replaced all parse_url() calls with wp_parse_url() for WordPress compatibility
Code Quality: Replaced all mkdir() calls with wp_mkdir_p() for WordPress compatibility
Code Quality: Removed all inline and tags from templates – now using wp_add_inline_style() and wp_add_inline_script() in enqueue_assets()
WordPress Compliance: All changes maintain existing functionality while meeting WordPress.org Plugin Directory guidelines
2.7.10
Feature: Added Backup Size Estimation feature – estimate database and file sizes before creating backups
Enhancement: Database size estimation using information_schema queries for fast, non-blocking database size calculation
Enhancement: File size scanning with asynchronous batch processing (3000 files per batch) to prevent timeouts on large sites
Enhancement: Smart caching system – scan results cached for 48 hours to avoid repeated scans
Enhancement: Real-time progress tracking with visual progress bar during file scanning
Enhancement: Large site detection – shows warning when estimated backup size exceeds 1GB with recommendations for chunk mode
Enhancement: Excludes backup directories, log directories, cache folders, and system files (.git, .svn, .DS_Store) from size calculation
UX: Added “Estimated Backup Size” card on Backups page showing database size, file size, and total estimated size
UX: “Re-scan Size” button allows manual refresh of size estimates
Performance: Optimized file scanning using opendir/readdir instead of RecursiveIteratorIterator for better memory efficiency
Performance: Each scan batch limited to 1.5 seconds execution time to prevent server overload
Security: All AJAX endpoints require manage_options capability and nonce verification
Security: File scanning only accessible to administrators and only on plugin admin pages
2.7.09
Enhancement: Added PHP native extraction fallback for .wpress files when tar command fails. Attempts to use gzopen() for gzip-compressed files.
Enhancement: Improved error messages for .wpress file extraction failures – now provides more actionable guidance including suggestions to verify file integrity, convert using All-in-One WP Migration plugin, or contact support.
Fix: Enhanced .wpress file extraction error handling to provide clearer diagnostic information when all extraction methods fail.
2.7.08
Fix: Fixed issue where progress bar would immediately jump to 100% when restore fails, but network polling would continue. Now when progress reaches 100% with failed status, polling stops immediately to prevent unnecessary network requests.
Fix: Enhanced failure detection logic – when progress is 100% and status is ‘failed’, the system now immediately stops all polling and displays the error message, preventing continued network activity in the background.
2.7.07
Fix: Enhanced .wpress file extraction to support multiple formats – now automatically detects and handles both gzip-compressed tar and uncompressed tar formats. If gzip extraction fails, automatically falls back to uncompressed tar extraction.
Fix: Improved file format detection by reading file headers to determine the correct extraction method before attempting extraction.
Fix: Fixed issue where restore would immediately complete at 100% when .wpress file format was not gzip-compressed tar.
2.7.06
Fix: Added direct .wpress file extraction support using tar command. All-in-One WP Migration .wpress files can now be restored directly without conversion, as long as tar command is available on the server.
Fix: Improved error handling for .wpress file extraction failures – provides specific error messages when tar command is unavailable or extraction fails.
Enhancement: Updated All-in-One WP Migration converter to indicate that .wpress files can be restored directly without conversion.
Enhancement: Enhanced archive extraction logic to detect .wpress files and attempt tar extraction before falling back to ZIP methods.
2.7.05
Fix: Fixed restore completion/failure detection – restore status messages now appear immediately without requiring page refresh. Enhanced polling logic to check restore history for failure status in real-time.
Fix: Improved error handling for archive extraction failures – added detailed logging and better error messages for .wpress and ZIP file extraction issues.
Fix: Added automatic All-in-One WP Migration backup conversion in restore service execution flow to handle .wpress files properly.
Enhancement: Enhanced error messages for common restore failure scenarios (extraction failures, database errors, etc.) with more actionable information.
Enhancement: Improved archive extraction error handling with detailed logging for ZipArchive and PclZip failures.
2.7.04
Enhancement: Added Safe Mode after restore — records active plugins and shows an admin notice; Exit Safe Mode clears the marker (no automatic plugin activation changes).
Enhancement: Enhanced URL search-replace functionality – now handles http/https, www/non-www, and subdirectory path variations automatically for better cross-domain migration support.
Enhancement: Added restore completion hooks – backup_lite_after_restore and backup_lite_after_restore_safe_mode hooks allow other plugins to integrate with restore workflow.
Enhancement: Improved diagnostic logging – added detailed logs for database import (siteurl/home changes), URL replacement pairs, and safe mode marker handling for easier troubleshooting.
Security: All new features follow WordPress coding standards and security best practices.
2.7.03
Fix: Optimized large file processing for All-in-One backup conversion. Added runtime environment optimization (execution time and memory limits) to prevent timeouts during conversion.
Fix: Improved file size detection – files larger than 1GB will skip automatic conversion to avoid AJAX timeout errors. Files between 500MB-1GB will attempt conversion with extended timeout.
Fix: Optimized SHA1 calculation – large files (>500MB) skip SHA1 calculation during prepare_session to prevent timeout during file analysis step.
Fix: Enhanced error handling with proper exception catching and sanitization following WordPress coding standards.
2.7.02
Fix: Improved error handling for All-in-One WP Migration backup conversion. Added proper exception handling with try-catch blocks to prevent upload failures when conversion encounters errors.
Fix: Enhanced error messages following WordPress coding standards. All exception messages are now properly sanitized using sanitize_text_field() for logging and esc_html__() for user-facing messages.
Fix: Added file existence checks after conversion to ensure converted files are valid before proceeding with restore session preparation.
Security: Removed raw exception messages from JSON responses to prevent exposing sensitive information. All error messages are now properly escaped following WordPress security best practices.
Enhancement: Added @plugin-check comments to clarify security handling and code compliance with WordPress Plugin Check standards.
2.7.01
Feature: Added All-in-One WP Migration backup converter. The plugin now automatically detects and …
