Add performance, security, and reliability improvements

- Consolidate all 20 API files to use centralized Database helper
- Add optimistic locking to ticket updates to prevent concurrent conflicts
- Add caching to StatsModel (60s TTL) for dashboard performance
- Add health check endpoint (api/health.php) for monitoring
- Improve rate limit cleanup with cron script and efficient DirectoryIterator
- Enable rate limit response headers (X-RateLimit-*)
- Add audit logging for workflow transitions
- Log Discord webhook failures instead of silencing
- Fix visibility check on export_tickets.php
- Add database migration system with performance indexes
- Fix cron recurring tickets to use assignTicket method

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>

api/add_comment.php

@@ -27,6 +27,7 @@ try {
     require_once $configPath;
     require_once $commentModelPath;
     require_once $auditLogModelPath;
+    require_once dirname(__DIR__) . '/helpers/Database.php';
 
     // Check authentication via session
     session_start();
@@ -49,17 +50,8 @@ try {
     $currentUser = $_SESSION['user'];
     $userId = $currentUser['user_id'];
 
-    // Create database connection
-    $conn = new mysqli(
-        $GLOBALS['config']['DB_HOST'],
-        $GLOBALS['config']['DB_USER'],
-        $GLOBALS['config']['DB_PASS'],
-        $GLOBALS['config']['DB_NAME']
-    );
-
-    if ($conn->connect_error) {
-        throw new Exception("Database connection failed: " . $conn->connect_error);
-    }
+    // Use centralized database connection
+    $conn = Database::getConnection();
 
     // Get POST data
     $data = json_decode(file_get_contents('php://input'), true);