hardening: replace eval-based callback execution in syslog autocomplete JS

[somethingwithproof]

Summary

Autocomplete callback currently executes callback text via eval().

Evidence

js/functions.js:593-595 in initSyslogAutocomplete():

if (onChange) {
  eval(onChange);
}

Risk

eval() increases client-side code execution risk and makes static security analysis harder.

Expected fix

Use function references or a whitelist/map of allowed callback names instead of eval().