From c975e6e6e2cec52f5379f08460b0343a6c34cf36 Mon Sep 17 00:00:00 2001
From: "copilot-swe-agent[bot]" <198982749+Copilot@users.noreply.github.com>
Date: Mon, 1 Jun 2026 17:00:42 +0000
Subject: [PATCH 1/5] Replace gamemanager log full refresh with AJAX polling

---
 Panel/modules/gamemanager/ajax_log.php |  98 +++++++++++++
 Panel/modules/gamemanager/log.php      | 193 ++++++++++++++++---------
 2 files changed, 223 insertions(+), 68 deletions(-)
 create mode 100644 Panel/modules/gamemanager/ajax_log.php

diff --git a/Panel/modules/gamemanager/ajax_log.php b/Panel/modules/gamemanager/ajax_log.php
new file mode 100644
index 00000000..970df217
--- /dev/null
+++ b/Panel/modules/gamemanager/ajax_log.php
@@ -0,0 +1,98 @@
+<?php
+
+$panel_root = realpath(__DIR__ . '/../../');
+
+require_once($panel_root . '/includes/functions.php');
+require_once($panel_root . '/includes/helpers.php');
+require_once($panel_root . '/includes/config.inc.php');
+require_once($panel_root . '/modules/config_games/server_config_parser.php');
+require_once($panel_root . '/includes/lib_remote.php');
+
+startSession();
+
+header('Content-Type: text/plain; charset=UTF-8');
+header('Cache-Control: no-store, no-cache, must-revalidate, max-age=0');
+header('Pragma: no-cache');
+header('Expires: 0');
+
+if (!isset($_SESSION['user_id'])) {
+	http_response_code(403);
+	exit;
+}
+
+$home_id = isset($_GET['home_id']) ? (int)$_GET['home_id'] : 0;
+$mod_id = isset($_GET['mod_id']) ? (int)$_GET['mod_id'] : 0;
+$ip = isset($_GET['ip']) ? sanitizeInputStr($_GET['ip']) : '';
+$port = isset($_GET['port']) ? (int)$_GET['port'] : 0;
+
+if ($home_id <= 0 || $mod_id <= 0) {
+	http_response_code(400);
+	exit;
+}
+
+$db = createDatabaseConnection($db_type, $db_host, $db_user, $db_pass, $db_name, $table_prefix, isset($db_port) ? $db_port : NULL);
+if (!$db instanceof OGPDatabase) {
+	http_response_code(500);
+	exit;
+}
+
+$user_id = (int)$_SESSION['user_id'];
+$isAdmin = $db->isAdmin($user_id);
+$home_info = $isAdmin ? $db->getGameHome($home_id) : $db->getUserGameHome($user_id, $home_id);
+if ($home_info === FALSE) {
+	http_response_code(403);
+	exit;
+}
+
+if ($ip !== '' && $port > 0) {
+	$hasMatchingIpPort = false;
+	foreach ((array)$home_info['ipports'] as $home_ip_port) {
+		if (isset($home_ip_port['ip']) && isset($home_ip_port['port']) && $home_ip_port['ip'] == $ip && (int)$home_ip_port['port'] == $port) {
+			$hasMatchingIpPort = true;
+			break;
+		}
+	}
+	if (!$hasMatchingIpPort) {
+		http_response_code(403);
+		exit;
+	}
+}
+
+$server_xml = read_server_config(SERVER_CONFIG_LOCATION . "/" . $home_info['home_cfg_file']);
+if (!$server_xml) {
+	http_response_code(404);
+	exit;
+}
+
+$remote = new OGPRemoteLibrary($home_info['agent_ip'], $home_info['agent_port'], $home_info['encryption_key'], $home_info['timeout']);
+$home_log = "";
+
+if (isset($server_xml->console_log)) {
+	$log_retval = $remote->get_log(
+		OGP_SCREEN_TYPE_HOME,
+		$home_info['home_id'],
+		clean_path($home_info['home_path']),
+		$home_log,
+		100,
+		(string)$server_xml->console_log
+	);
+} else {
+	$log_retval = $remote->get_log(
+		OGP_SCREEN_TYPE_HOME,
+		$home_info['home_id'],
+		clean_path($home_info['home_path'] . "/" . $server_xml->exe_location),
+		$home_log
+	);
+}
+
+if ($log_retval == 1 || $log_retval == 2) {
+	if (hasValue($home_log)) {
+		$home_log = utf8_encode($home_log);
+	}
+	echo $home_log;
+	exit;
+}
+
+http_response_code(204);
+exit;
+?>
diff --git a/Panel/modules/gamemanager/log.php b/Panel/modules/gamemanager/log.php
index b41b0d04..954a633a 100644
--- a/Panel/modules/gamemanager/log.php
+++ b/Panel/modules/gamemanager/log.php
@@ -73,81 +73,138 @@
 			$home_log = utf8_encode($home_log);
 		}
 		
-		// Using the refreshed class
-		if( isset($_GET['refreshed']) )
+		echo "<h2>".htmlentities($home_info['home_name'])."</h2>";
+		if($log_retval == 1)
 		{
-			echo "<pre class='log'>".htmlentities($home_log)."</pre>";
-		}
-		else
-		{
-			echo "<h2>".htmlentities($home_info['home_name'])."</h2>";
-			if($log_retval == 1)
+			if( isset( $_GET['size'] ) and $_GET['size'] == "+" )
 			{
-				require_once("includes/refreshed.php");
-				
-				$control = '<form method="GET" >
-							<input type="hidden" name="m" value="gamemanager" />
-							<input type="hidden" name="p" value="log" />
-							<input type="hidden" name="home_id-mod_id-ip-port" value="'.$_GET['home_id-mod_id-ip-port'].'" />';
-				if(isset($_GET['setInterval']))
-					$control .= "<input type='hidden' name='setInterval' value='" . $_GET['setInterval'] . "' />";
-				if(isset($_GET['view_player_commands']))
-					$control .= "<input type='hidden' name='view_player_commands' value='" . $_GET['view_player_commands'] . "' />";
-				$control .= '<input type="submit" name="size" value="';
-				if( isset( $_GET['size'] ) and $_GET['size'] == "+" )
-				{
-					$height = "100%";
-					$control .= '-';
-				}	
-				else
-				{
-					$height = "500px";
-					$control .= '+';
-				}
-				$control .= '" /></form>';
-				
-				$intervals = array( "4s" => "4000",
-									"8s" => "8000",
-									"30s" => "30000",
-									"2m" => "120000",
-									"5m" => "300000" );
-									
-				$intSel = '<form action="" method="GET" >
-						   <input type="hidden" name="m" value="gamemanager" />
-						   <input type="hidden" name="p" value="log" />
-						   <input type="hidden" name="home_id-mod_id-ip-port" value="'.$_GET['home_id-mod_id-ip-port'].'" />';
-				if(isset($_GET['size']))
-					$intSel .= "<input type='hidden' name='size' value='" . $_GET['size'] . "' />";
-				if(isset($_GET['view_player_commands']))
-					$intSel .= "<input type='hidden' name='view_player_commands' value='" . $_GET['view_player_commands'] . "' />";
-				$intSel .= get_lang("refresh_interval") . ':<select name="setInterval" onchange="this.form.submit();">';
-				foreach ((array)$intervals as $interval => $value )
-				{
-					$selected = "";
-					if ( isset( $_GET['setInterval'] ) AND $_GET['setInterval'] == $value )
-						$selected = 'selected="selected"';
-					$intSel .= '<option value="'.$value.'" '.$selected.' >'.$interval.'</option>';
-				}					
-				$intSel .= "</select></form>";
-										
-				$setInterval = isset($_GET['setInterval']) ? $_GET['setInterval'] : 4000;
-				$refresh = new refreshed();
-				$pos = $refresh->add("home.php?m=gamemanager&p=log&type=cleared&refreshed&home_id-mod_id-ip-port=". $_GET['home_id-mod_id-ip-port']);
-				echo $refresh->getdiv($pos,"height:".$height.";overflow:auto;max-width:1600px;");
-				?><script type="text/javascript">$(document).ready(function(){ <?php echo $refresh->build("$setInterval"); ?>} ); </script><?php
-				echo "<table class='center' ><tr><td>$intSel</td><td>$control</td></tr></table>";
-				if(	($server_xml->control_protocol and preg_match("/^r?l?con2?$/", $server_xml->control_protocol)) OR
-					($server_xml->gameq_query_name and $server_xml->gameq_query_name == "minecraft") OR 
-					($server_xml->lgsl_query_name  and $server_xml->lgsl_query_name == "7dtd") )
-					require('modules/gamemanager/rcon.php');
+				$height = "100%";
+				$size_control = "-";
 			}
 			else
 			{
-				echo "<pre class='log'>" . htmlentities($home_log) . "</pre>";
-				print_failure( get_lang("server_not_running") );
+				$height = "500px";
+				$size_control = "+";
 			}
-			echo create_back_button( $_GET['m'], 'game_monitor&home_id-mod_id-ip-port='.$_GET['home_id-mod_id-ip-port'] );
+			
+			$intervals = array( "1s" => "1000",
+								"2s" => "2000",
+								"4s" => "4000",
+								"8s" => "8000",
+								"30s" => "30000",
+								"2m" => "120000",
+								"5m" => "300000" );
+			$allowed_intervals = array_values($intervals);
+			$setInterval = isset($_GET['setInterval']) ? (int)$_GET['setInterval'] : 4000;
+			if( !in_array((string)$setInterval, $allowed_intervals, true) )
+			{
+				$setInterval = 4000;
+			}
+
+			$intSel = get_lang("refresh_interval") . ':<select id="gm-log-refresh-interval" name="setInterval">';
+			foreach ((array)$intervals as $interval => $value )
+			{
+				$selected = ($setInterval == (int)$value) ? 'selected="selected"' : "";
+				$intSel .= '<option value="'.$value.'" '.$selected.' >'.$interval.'</option>';
+			}
+			$intSel .= "</select>";
+
+			$ajax_home_id = isset($home_id) ? (int)$home_id : 0;
+			$ajax_mod_id = isset($mod_id) ? (int)$mod_id : 0;
+			$ajax_ip = isset($ip) ? rawurlencode($ip) : "";
+			$ajax_port = isset($port) ? rawurlencode($port) : "";
+			$ajax_log_url = "modules/gamemanager/ajax_log.php?home_id=".$ajax_home_id."&mod_id=".$ajax_mod_id."&ip=".$ajax_ip."&port=".$ajax_port;
+
+			echo "<table class='center' ><tr><td>$intSel</td><td><button type='button' id='gm-log-size-toggle'>".$size_control."</button></td></tr></table>";
+			echo "<pre id='gm-log-output' class='log' style='height:".$height.";overflow:auto;max-width:1600px;'>".htmlentities($home_log)."</pre>";
+			?>
+			<script type="text/javascript">
+			(function($) {
+				var $log = $('#gm-log-output');
+				var $interval = $('#gm-log-refresh-interval');
+				var $sizeToggle = $('#gm-log-size-toggle');
+				var endpoint = '<?php echo $ajax_log_url; ?>';
+				var pollTimer = null;
+				var lastLogText = $log.text();
+
+				function isFollowingBottom() {
+					var node = $log.get(0);
+					return (node.scrollHeight - node.scrollTop - node.clientHeight) <= 50;
+				}
+
+				function scrollToBottom() {
+					var node = $log.get(0);
+					node.scrollTop = node.scrollHeight;
+				}
+
+				function refreshLog() {
+					console.log('Log refresh started...');
+					var shouldFollow = isFollowingBottom();
+					$.ajax({
+						url: endpoint,
+						cache: false,
+						dataType: 'text'
+					}).done(function(data) {
+						if (typeof data !== 'string') {
+							data = '';
+						}
+						if (data !== lastLogText) {
+							$log.text(data);
+							lastLogText = data;
+							if (shouldFollow) {
+								scrollToBottom();
+							}
+						}
+						console.log('Log refresh successful...');
+					}).fail(function(jqXHR, textStatus, errorThrown) {
+						console.log('Log refresh failed...', textStatus, errorThrown);
+					});
+				}
+
+				function restartPolling() {
+					var selectedInterval = parseInt($interval.val(), 10);
+					if (isNaN(selectedInterval) || selectedInterval < 1000) {
+						selectedInterval = 4000;
+						$interval.val('4000');
+					}
+					if (pollTimer !== null) {
+						clearInterval(pollTimer);
+					}
+					pollTimer = setInterval(refreshLog, selectedInterval);
+				}
+
+				$interval.on('change', function() {
+					restartPolling();
+					refreshLog();
+				});
+
+				$sizeToggle.on('click', function() {
+					var expanded = $log.css('height') === '500px';
+					if (expanded) {
+						$log.css('height', '100%');
+						$sizeToggle.text('-');
+					} else {
+						$log.css('height', '500px');
+						$sizeToggle.text('+');
+					}
+				});
+
+				scrollToBottom();
+				restartPolling();
+			})(jQuery);
+			</script>
+			<?php
+			if(	($server_xml->control_protocol and preg_match("/^r?l?con2?$/", $server_xml->control_protocol)) OR
+				($server_xml->gameq_query_name and $server_xml->gameq_query_name == "minecraft") OR 
+				($server_xml->lgsl_query_name  and $server_xml->lgsl_query_name == "7dtd") )
+				require('modules/gamemanager/rcon.php');
+		}
+		else
+		{
+			echo "<pre class='log'>" . htmlentities($home_log) . "</pre>";
+			print_failure( get_lang("server_not_running") );
 		}
+		echo create_back_button( $_GET['m'], 'game_monitor&home_id-mod_id-ip-port='.$_GET['home_id-mod_id-ip-port'] );
     }
     else
     {

From 050ab401da285ea4e4407b060a696510feb93cf0 Mon Sep 17 00:00:00 2001
From: "copilot-swe-agent[bot]" <198982749+Copilot@users.noreply.github.com>
Date: Mon, 1 Jun 2026 17:02:11 +0000
Subject: [PATCH 2/5] Apply follow-up review fixes

---
 Panel/modules/gamemanager/ajax_log.php | 12 +++++++++---
 Panel/modules/gamemanager/log.php      |  4 +++-
 2 files changed, 12 insertions(+), 4 deletions(-)

diff --git a/Panel/modules/gamemanager/ajax_log.php b/Panel/modules/gamemanager/ajax_log.php
index 970df217..b74498a4 100644
--- a/Panel/modules/gamemanager/ajax_log.php
+++ b/Panel/modules/gamemanager/ajax_log.php
@@ -86,8 +86,15 @@
 }
 
 if ($log_retval == 1 || $log_retval == 2) {
-	if (hasValue($home_log)) {
-		$home_log = utf8_encode($home_log);
+	if (hasValue($home_log) && !mb_check_encoding($home_log, 'UTF-8')) {
+		if (function_exists('mb_convert_encoding')) {
+			$home_log = mb_convert_encoding($home_log, 'UTF-8', 'ISO-8859-1');
+		} elseif (function_exists('iconv')) {
+			$converted_log = @iconv('ISO-8859-1', 'UTF-8//IGNORE', $home_log);
+			if ($converted_log !== false) {
+				$home_log = $converted_log;
+			}
+		}
 	}
 	echo $home_log;
 	exit;
@@ -95,4 +102,3 @@
 
 http_response_code(204);
 exit;
-?>
diff --git a/Panel/modules/gamemanager/log.php b/Panel/modules/gamemanager/log.php
index 954a633a..0d3b5696 100644
--- a/Panel/modules/gamemanager/log.php
+++ b/Panel/modules/gamemanager/log.php
@@ -95,6 +95,7 @@
 								"2m" => "120000",
 								"5m" => "300000" );
 			$allowed_intervals = array_values($intervals);
+			$minimum_interval = (int)min($allowed_intervals);
 			$setInterval = isset($_GET['setInterval']) ? (int)$_GET['setInterval'] : 4000;
 			if( !in_array((string)$setInterval, $allowed_intervals, true) )
 			{
@@ -125,6 +126,7 @@
 				var $sizeToggle = $('#gm-log-size-toggle');
 				var endpoint = '<?php echo $ajax_log_url; ?>';
 				var pollTimer = null;
+				var minimumInterval = <?php echo $minimum_interval; ?>;
 				var lastLogText = $log.text();
 
 				function isFollowingBottom() {
@@ -163,7 +165,7 @@ function refreshLog() {
 
 				function restartPolling() {
 					var selectedInterval = parseInt($interval.val(), 10);
-					if (isNaN(selectedInterval) || selectedInterval < 1000) {
+					if (isNaN(selectedInterval) || selectedInterval < minimumInterval) {
 						selectedInterval = 4000;
 						$interval.val('4000');
 					}

From d7e3a8d068b8df5365a7f13a0c31fdb816651933 Mon Sep 17 00:00:00 2001
From: "copilot-swe-agent[bot]" <198982749+Copilot@users.noreply.github.com>
Date: Mon, 1 Jun 2026 17:02:56 +0000
Subject: [PATCH 3/5] Handle additional validation findings

---
 Panel/modules/gamemanager/ajax_log.php | 4 ++++
 Panel/modules/gamemanager/log.php      | 4 ++--
 2 files changed, 6 insertions(+), 2 deletions(-)

diff --git a/Panel/modules/gamemanager/ajax_log.php b/Panel/modules/gamemanager/ajax_log.php
index b74498a4..3310834c 100644
--- a/Panel/modules/gamemanager/ajax_log.php
+++ b/Panel/modules/gamemanager/ajax_log.php
@@ -29,6 +29,10 @@
 	http_response_code(400);
 	exit;
 }
+if ($ip !== '' && filter_var($ip, FILTER_VALIDATE_IP) === false) {
+	http_response_code(400);
+	exit;
+}
 
 $db = createDatabaseConnection($db_type, $db_host, $db_user, $db_pass, $db_name, $table_prefix, isset($db_port) ? $db_port : NULL);
 if (!$db instanceof OGPDatabase) {
diff --git a/Panel/modules/gamemanager/log.php b/Panel/modules/gamemanager/log.php
index 0d3b5696..c22dcae8 100644
--- a/Panel/modules/gamemanager/log.php
+++ b/Panel/modules/gamemanager/log.php
@@ -181,8 +181,8 @@ function restartPolling() {
 				});
 
 				$sizeToggle.on('click', function() {
-					var expanded = $log.css('height') === '500px';
-					if (expanded) {
+					var isCollapsed = $log.css('height') === '500px';
+					if (isCollapsed) {
 						$log.css('height', '100%');
 						$sizeToggle.text('-');
 					} else {

From 059646364039ceb91399b4d0c3cc09c7b9358369 Mon Sep 17 00:00:00 2001
From: "copilot-swe-agent[bot]" <198982749+Copilot@users.noreply.github.com>
Date: Mon, 1 Jun 2026 17:03:50 +0000
Subject: [PATCH 4/5] Finalize validation cleanups

---
 Panel/modules/gamemanager/ajax_log.php |  9 +++++++--
 Panel/modules/gamemanager/log.php      | 11 +++++++----
 2 files changed, 14 insertions(+), 6 deletions(-)

diff --git a/Panel/modules/gamemanager/ajax_log.php b/Panel/modules/gamemanager/ajax_log.php
index 3310834c..8cf9d3f0 100644
--- a/Panel/modules/gamemanager/ajax_log.php
+++ b/Panel/modules/gamemanager/ajax_log.php
@@ -1,6 +1,10 @@
 <?php
 
 $panel_root = realpath(__DIR__ . '/../../');
+if ($panel_root === false || !is_dir($panel_root)) {
+	http_response_code(500);
+	exit;
+}
 
 require_once($panel_root . '/includes/functions.php');
 require_once($panel_root . '/includes/helpers.php');
@@ -22,17 +26,18 @@
 
 $home_id = isset($_GET['home_id']) ? (int)$_GET['home_id'] : 0;
 $mod_id = isset($_GET['mod_id']) ? (int)$_GET['mod_id'] : 0;
-$ip = isset($_GET['ip']) ? sanitizeInputStr($_GET['ip']) : '';
+$raw_ip = isset($_GET['ip']) ? trim($_GET['ip']) : '';
 $port = isset($_GET['port']) ? (int)$_GET['port'] : 0;
 
 if ($home_id <= 0 || $mod_id <= 0) {
 	http_response_code(400);
 	exit;
 }
-if ($ip !== '' && filter_var($ip, FILTER_VALIDATE_IP) === false) {
+if ($raw_ip !== '' && filter_var($raw_ip, FILTER_VALIDATE_IP) === false) {
 	http_response_code(400);
 	exit;
 }
+$ip = $raw_ip !== '' ? sanitizeInputStr($raw_ip) : '';
 
 $db = createDatabaseConnection($db_type, $db_host, $db_user, $db_pass, $db_name, $table_prefix, isset($db_port) ? $db_port : NULL);
 if (!$db instanceof OGPDatabase) {
diff --git a/Panel/modules/gamemanager/log.php b/Panel/modules/gamemanager/log.php
index c22dcae8..28a74050 100644
--- a/Panel/modules/gamemanager/log.php
+++ b/Panel/modules/gamemanager/log.php
@@ -94,10 +94,10 @@
 								"30s" => "30000",
 								"2m" => "120000",
 								"5m" => "300000" );
-			$allowed_intervals = array_values($intervals);
+			$allowed_intervals = array_map('intval', array_values($intervals));
 			$minimum_interval = (int)min($allowed_intervals);
 			$setInterval = isset($_GET['setInterval']) ? (int)$_GET['setInterval'] : 4000;
-			if( !in_array((string)$setInterval, $allowed_intervals, true) )
+			if( !in_array($setInterval, $allowed_intervals, true) )
 			{
 				$setInterval = 4000;
 			}
@@ -116,7 +116,8 @@
 			$ajax_port = isset($port) ? rawurlencode($port) : "";
 			$ajax_log_url = "modules/gamemanager/ajax_log.php?home_id=".$ajax_home_id."&mod_id=".$ajax_mod_id."&ip=".$ajax_ip."&port=".$ajax_port;
 
-			echo "<table class='center' ><tr><td>$intSel</td><td><button type='button' id='gm-log-size-toggle'>".$size_control."</button></td></tr></table>";
+			$is_collapsed = $height == "500px" ? "1" : "0";
+			echo "<table class='center' ><tr><td>$intSel</td><td><button type='button' id='gm-log-size-toggle' data-collapsed='".$is_collapsed."'>".$size_control."</button></td></tr></table>";
 			echo "<pre id='gm-log-output' class='log' style='height:".$height.";overflow:auto;max-width:1600px;'>".htmlentities($home_log)."</pre>";
 			?>
 			<script type="text/javascript">
@@ -181,13 +182,15 @@ function restartPolling() {
 				});
 
 				$sizeToggle.on('click', function() {
-					var isCollapsed = $log.css('height') === '500px';
+					var isCollapsed = $sizeToggle.data('collapsed') == 1;
 					if (isCollapsed) {
 						$log.css('height', '100%');
 						$sizeToggle.text('-');
+						$sizeToggle.data('collapsed', 0);
 					} else {
 						$log.css('height', '500px');
 						$sizeToggle.text('+');
+						$sizeToggle.data('collapsed', 1);
 					}
 				});
 

From 5a29271d9c9d1ad759a3ffd5acb1de25fb3ce405 Mon Sep 17 00:00:00 2001
From: "copilot-swe-agent[bot]" <198982749+Copilot@users.noreply.github.com>
Date: Mon, 1 Jun 2026 17:04:35 +0000
Subject: [PATCH 5/5] Refine gamemanager AJAX log endpoint handling

---
 Panel/modules/gamemanager/ajax_log.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/Panel/modules/gamemanager/ajax_log.php b/Panel/modules/gamemanager/ajax_log.php
index 8cf9d3f0..932dcd9b 100644
--- a/Panel/modules/gamemanager/ajax_log.php
+++ b/Panel/modules/gamemanager/ajax_log.php
@@ -99,7 +99,7 @@
 		if (function_exists('mb_convert_encoding')) {
 			$home_log = mb_convert_encoding($home_log, 'UTF-8', 'ISO-8859-1');
 		} elseif (function_exists('iconv')) {
-			$converted_log = @iconv('ISO-8859-1', 'UTF-8//IGNORE', $home_log);
+			$converted_log = iconv('ISO-8859-1', 'UTF-8//IGNORE', $home_log);
 			if ($converted_log !== false) {
 				$home_log = $converted_log;
 			}