Pull Request for Issue #15542. Replaces PR #15576

Pinging @mbabker @wilsonge @PhilETaylor

Summary of Changes

• Replaced Akeeba Restore (restore.php) with up-to-date version
• Modified Joomla! Update model to pass an Akeeba Restore parameter which prevents the latter from renaming system files (.htaccess, web.config, php.ini, .user.ini) while they are extracted from the update file. Kindly read the technical notes at the end.
• Modified Joomla! Update model to pass an Akeeba Restore parameter which prevents the latter from renaming backup copies of system files (htaccess.bak to .htaccess and web.config.bak to web.config) during the finalization step of the update process.

Testing Instructions

• Create a htaccess.bak file with the line # WRONG FILE
• Make sure you have a .htaccess file with the line # RIGHT FILE
• Run Joomla! Update to update Joomla!

ATTENTION! Major caveat testing the fix. If you try to install an existing update to Joomla! you will NOT be able to confirm the fix. That's because restore.php will be overwritten during the update, therefore the old, not fixed version of the file will be read by PHP when Joomla! Update runs the finalization step. As a result the issue will occur all over again. You must test using a doctored update ZIP file which DOES NOT contain the administrator/components/com_joomlaupdate folder.

Expected result

The .htaccess file is the right one, i.e. the one with the line # RIGHT FILE

Actual result

The .htaccess file is the wrong one, i.e. the one with the line # WRONG FILE

Documentation Changes Required

You may need to tell affected parties to install the new com_joomlaupdate version prior to updating to the next version of Joomla!.

Technical notes

The first change in the model (telling Akeeba Restore not to rename files) is inconsequential to how Joomla! Update works and has no effect on this issue as far as official Joomla! update ZIP files go. This Akeeba Restore feature renames files included in the ZIP archive, as they are extracted. It does not apply to files already on disk. That is to say, if Joomla! were to include a file named .htaccess in the ZIP archive it would be extracted as htaccess.bak. Since Joomla! does not ship such files in the update ZIP file this code has no effect. So why did I add the relevant parameter in the model to disable this feature? Simply put, to prevent any good intentioned but inadvertently confused developers from wasting their time trying to fix an issue that's not there :)

You do need to install a new com_joomlaupdate version if you are affected by this issue and you MUST only update to a version of Joomla! that includes this fix as well. That's because the fix is a two pronged solution. One end lies in restore.php itself which is overwritten by the update, hence the need to use an update package that includes this fix. The other end lies in the Joomla! Update Model itself which creates the restoration.php file before extracting the update. Therefore the Model needs to be update before running the Joomla! update itself.

My commits are signed with my public GPG key. Click on the Verified badge to see they key hash. You can verify the key hash with the public, verified copy of my key at https://keybase.io/nikosdion