Add parameter validation to 6 more functions + QA improvements

PARAMETER VALIDATION FIXES (6 functions):
1. lib/common-functions.sh:219 - format_duration()
2. lib/php-detector.sh:277 - get_fpm_process_count()
3. lib/user-manager.sh:263 - get_plesk_user_domains()
4. modules/performance/hardware-health-check.sh:44 - add_finding()
5. modules/performance/hardware-health-check.sh:55 - command_exists()
6. modules/performance/network-bandwidth-analyzer.sh:45 - add_finding()
7. modules/performance/network-bandwidth-analyzer.sh:56 - command_exists()

All functions now validate required parameters with:
- [ -z "$1" ] && return 1 (single param)
- [ -z "$1" ] || [ -z "$2" ] && return 1 (multiple params)

QA SCRIPT IMPROVEMENTS:
- tools/toolkit-qa-check.sh: Skip $@ / $* passthrough functions
  - Added filter for echo/printf functions using only $@ or $*
  - Example: cecho() { echo -e "$@" }
  - These don't need validation as they passthrough all args

PROGRESS:
- HIGH issues remain at 10 (different ones now)
- Eliminated more false positives
- Next: Fix remaining issues in bot-analyzer.sh

tools/toolkit-qa-check.sh

@@ -475,6 +475,11 @@ while read -r file; do
         # Get function body and filter out awk/sed commands before checking for $1-9
         func_body=$(grep -A 20 "^[[:space:]]*$func_name()" "$file" 2>/dev/null | grep -v 'awk\|sed' || true)
 
+        # Skip functions that only use $@ or $* (passthrough/wrapper functions)
+        if echo "$func_body" | grep -E '^\s*(echo|printf).*\$[@*]' | grep -qv '\$[1-9]'; then
+            continue
+        fi
+
         if echo "$func_body" | grep -q '\$[1-9]'; then
             # Skip if uses safe default pattern: ${1:-default}
             if grep -A 5 "^[[:space:]]*$func_name()" "$file" 2>/dev/null | grep -qE '\$\{[1-9]:-'; then