Critical scenarios checked for Pixmenia

1. Deleting all site files during update
Risk: customer images break if stored inside app folders.
Fix: Persistent Assets stores customer assets outside replaceable app code.

2. Importing a full database over production
Risk: deletes customers, credits, invoices, image records, legal approvals.
Fix: Use migrations only. If you still overwrite DB, repair can only fix links that still have records.

3. Persistent folder exists but public URL not mapped
Risk: files exist but browser shows 404.
Fix: create symlink public_html/assets-persistent -> persistent folder.

4. Persistent folder not writable
Risk: new generated images remain inside temporary app folders and can be lost.
Fix: check Admin > Persistent Assets health and set permissions 755/775.

5. Duplicate payment webhooks
Risk: credits added twice.
Required: payment table must enforce unique transaction/session IDs and webhook idempotency.

6. Failed image generation
Risk: credit deducted but no image.
Required: deduct before generation, refund automatically on failure, log both in credit_transactions.

7. Full SQL import resetting packages/settings
Risk: admin settings, payment keys, SEO, packages reset.
Required: never run destructive CREATE/DROP SQL on production without backup.

8. Logo/favicons/invoice PDFs stored inside app folder
Risk: branding and old invoice PDFs disappear after update.
Fix: store logos and invoices in persistent assets too.

9. Image deletion from admin
Risk: deleting customer asset permanently.
Required: soft delete preferred, or move to trash folder before permanent deletion.

10. Backups
Required: daily database backup + persistent assets backup. Database alone is not enough.
