Museder RestoreOne

2.7.276 Fixes Exit Safe Mode failing with a generic error after restore when DB import breaks admin-ajax session or overwrites the restore HMAC secret in uploads. This release preserves runtime auth files across the file stage, adds a nopriv Safe Mode exit path with post-complete token grants, and hardens completion overlay job/token binding. Strongly recommended if restore completes but Exit Safe Mode shows “An unexpected error occurred.” 2.7.275 Fixes Restore Step 3 on shared hosts where admin-ajax and wp-login interim-login return 403 after DB import: the UI now converges to “Restore Completed” via REST-only polling, query-style REST fallback, and read-only AJAX final-status fallback even when /wp-json becomes stale or returns HTML. This update also restores resume token continuity after page reload, keeps the completion token available until Safe Mode exit succeeds, aligns Step 3 button gating with overwrite preconditions, pins reauth redirects back to Restore page, adds post-restore safe-mode-exit auth fallback, suppresses late auth-check 403 modals, preserves destination permalink/rewrite policy across import, stabilizes restore-token verification across wp-config.php salt changes, fixes long-running restores that could show 100% while still stuck on “Waiting for action,” and hardens prefix migration against duplicate-key failures. Strongly recommended if Step 3 shows 403 errors while the backend restore actually succeeds. 2.7.274 Fixes full-site restores that could break wp-admin with a critical error when core file extraction was interrupted mid-slice, and improves Step 3 success recovery when shared hosts block admin-ajax/auth-check polling or cancel confirmation. Strongly recommended before restoring over live WordPress core on shared hosting. 2.7.273 Fixes large-site backups that never finish after ZipArchive packing completes (false verify failure → hours-long PclZip repack). Recommended if backups stall near 100% on shared hosting. 2.7.272 Fixes Backup Auto mode staying on Balanced with Smart Exclude Off when the site shows “Large site detected” (>1 GB). Recommended if Auto backup does not switch to Fast on large sites. 2.7.271 Fixes Restore Step 3 UI resetting during active jobs; recommended if you reload the restore page mid-restore. Also keeps wp-config unchanged on files-only restores and improves large-backup file-stage progress accuracy. 2.7.270 Fixes Restore Step 1 showing “Analysis failed” after a successful chunk upload on sites that need “Overwrite existing data” in Step 2. Recommended if large backup analysis completes but the wizard stays failed with an empty summary. 2.7.269 Fixes Restore Step 1 on large server backups (Load Info timeout and stale summary after analysis). Recommended if 500MB+ backups fail at Step 1 or require a page reload to unlock Step 2. 2.7.268 Improves large-site restore reliability: progress polling survives session loss via restore token, nopriv progress handlers, and post-complete read grant. Recommended for long restores on production sites. 2.7.267 Adds restore site profile detection, preflight warnings, restore order/scope/wp-config options, and bootstrap support for empty document roots. Recommended before full-site restores on existing or fresh installs. 2.7.262 Fixes large-site backup jobs that could appear stuck near 95% after a failed post-close verification (PclZip repack conflicting with an open ZipArchive handle). Recommended if you run large full-site backups on production. 2.7.261 No behavior change intended for production sites; this release mainly adds reviewer-oriented automation in the development repository (endpoint matrices, nginx+Apache smoke, ZIP install check, Multisite uninstall verification, mail/PHPCS tooling) and readme↔admin UI mapping for manual checks. 2.7.260 Stricter REST chunk session ids; safer chunk/WPress paths; neutral MusederRestoreOneAddon global (Pro alias retained); dark-theme CSS selector fix; batched Multisite uninstall. 2.7.259 Path-boundary hardening for helpers and download handlers; neutral add-on/“AI” admin copy; uninstall.php for clean option/cron removal without deleting your backups; functional-test helpers in the development repository. 2.7.258 Tightens backup-path directory prefix checks; Multisite admin notice; expanded FAQ for chunk uploads, PclZip, cron/mail, and large restores; optional functional-test tooling in the development repository. 2.7.257 UI contrast fixes for dark theme on Settings and dashboard status badges; readme schedule wording aligned with optional schedules; legacy unused restore template removed. 2.7.256 Further reduces review risk around path determination: segmented core admin include path resolution, a documented override filter for non-standard layouts, and FAQ guidance for custom language / mu-plugin paths. 2.7.255 Addresses WordPress.org feedback on determining plugin/content directories correctly: no ABSPATH-based core includes, no WP_LANG_DIR / WPMU_PLUGIN_DIR in backup scope; centralized core include helper with graceful failures. Recommended before resubmitting to the Plugin Directory. 2.7.254 REST nonce handling aligned across Chunk, AI, and v2 restore; readme adds Privacy and Multisite statements; directory index sentinels. Recommended before WordPress.org resubmission. 2.7.253 Loads PclZip from WordPress core (no bundled duplicate library); readme clarifies dev-only paths. Recommended before running full Plugin Check ruleset or resubmitting to WordPress.org. 2.7.252 Plugin Check–clean report download handling, regression test script escaping, and Docker exclude for .DS_Store. Recommended before resubmitting Plugin Check results. 2.7.251 Plugin Check / escaping fix for report download wp_die() status handling. Recommended update before WordPress.org Plugin Check resubmission. 2.7.250 Tighter NDJSON import table policy, safer AI recommendations hook, REST nonce checks aligned with AI routes. Recommended update before directory resubmission. 2.7.249 Stricter admin AJAX nonce refresh, AI scan response without quota fields, safe mode copy aligned with actual behavior. Recommended before WordPress.org resubmission. 2.7.248 Review-driven fixes: visible prefixed option keys for job locks, unlimited local schedules, backup labels for everyone, safer log download nonce order. Recommended before resubmitting to WordPress.org. 2.7.247 Security and directory-review hardening: clearer nonce checks in AJAX handlers, safer backup download order, working admin report download handler. Recommended update before WordPress.org resubmission. 2.7.246 UI polish: better dark-theme contrast on Restore Center and related cards; clearer restore progress label. Recommended update for admin readability. 2.7.245 Readme and review polish: unified changelog, FAQ for local wp-cron loopback, code formatting and AI REST namespace alignment. Update recommended before WordPress.org resubmission. 2.7.21 Security & compliance: Hardened security with comprehensive nonce verification, input sanitization, and WordPress.org standards compliance. Fixed Restore History timestamp accuracy and restore success detection. Update recommended for all users. 2.7.20 Critical fixes: Enhanced file path validation for restore operations, fixed Restore History timestamp accuracy, improved security with wp_delete_file(). Update recommended for all users. 2.7.19 Bug fixes: Fixed restore file path errors and download white screen issue. Removed hardcoded timezone offsets - all time displays now respect WordPress timezone settings. Update recommended if experiencing restore or download issues. 2.7.18 Timezone fix: All time displays now correctly use WordPress local timezone. Restore History, Dashboard, Logs, and Schedules pages now show accurate local times. Update recommended if timestamps are incorrect. 2.7.17 Code quality and security improvements: Fixed remaining AlternativeFunctions errors, enhanced NonceVerification and ValidatedSanitizedInput fixes. Improved tool recognition for phpcs comments. Update recommended for better WordPress Plugin Check compliance.