- Add pagination to ShopController (50 per page)
- Add throttle:3,10 to radio application store route
- Replace mixed Dutch/English labels in RadioWizardController (English only)
- Replace Dutch error messages in RadioController and RadioSetupController
- Add config('habbo.defaults.avatar_look') for SocialAuthController
- Remove hardcoded default stream URL from RadioSetupController
- Add database indexes for radio_listener_points.earned_at and bans.ip
HIGH:
- Add missing import RadioSongRequestFormRequest (fixes crash on POST)
- Add Purify XSS sanitization for article full_story
- Fix duplicate radio API routes (/api/radio vs /api/radio/v2)
- Add try-catch guards in InstallationController for missing records
MEDIUM:
- Fix N+1: eager load comments.user in ArticleController::show()
- Fix GuestbookController authorization logic
- Remove dead doSetup() method and duplicate route
- Extract shared HasRadioDefaults trait (remove code duplication)
- Use named routes in ForceStaffTwoFactorMiddleware
- Fix WebsiteHelpCenterTicket::isOpen() (no permission leak)
- Enable on WebsiteHelpCenterTicket (matches schema)
- Replace WebsiteTeam::all()->pluck() with direct pluck()
- Replace CatalogPage::all()->pluck() with direct pluck()
- Replace WebsiteBadge::all() with direct pluck()
- Add throttle middleware to guestbook store, logo-generator, radio embed
LOW:
- Remove unused imports
- Remove dead /inertia-test route
- Consolidate cache keys in RadioController
root