//Vulnerability Fix (VF 2010)
//Liviu Morrison - Feb. 17, 2010

function isDigit(d) {

      if ((d >= '0') && (d <= '9'))
	    return true;
	  else
	    return false;

}

//VF BEGIN

function validateInput(input)
{
    var regExp = new RegExp("[\x0d\x0a\|&;$%@\'\"<>\(\)\+\,\\\\]");   
    if(input.match(regExp))       
        return false;   
    else
        return true;
}
function validateEmail(input)
{
    var email = /^[a-zA-Z0-9._-]+@[a-zA-Z0-9.-]+\.[a-zA-Z]{2,4}$/;

    if(email.test(input))       
        return true;   
    else
        return false;
}

//VF END

function ignoreSpaces(string) {
	var temp = "";
	string = '' + string;
	splitstring = string.split(" ");
	for(i = 0; i < splitstring.length; i++)
		temp += splitstring[i];
	return temp;
}

function MM_validateForm() { //v2.0
    
	var i,intTotal,strTol,strMsg
	strMsg=""
	strTol=""
	intTotal=document.INFO.length 
	for (i=0;i<intTotal;i++){
	
		if (document.INFO.elements(i).className=='Quantity'){
		
			strTol=strTol+document.INFO.elements(i).value
		}
	}
	if (strTol.length==0){
		strMsg="No quantity entered." + '\n';		
	}
	
	strTol = ignoreSpaces(strTol);
	
	for(i=0; i < strTol.length; i++) {
	  var s = strTol.charAt(i);
      	  if (!isDigit(s)) {
             strMsg=strMsg + "Quantity must be a number." + '\n';
             break;
          }
    	}
    	
	//Validate NAME field
	if(document.INFO.name.value == "")
	{	
		strMsg=strMsg + "Your name is required." + '\n';
	}
	else if(!(validateInput(document.INFO.name.value)))
	{  
  		strMsg=strMsg + "Name field contains invalid characters." + '\n';
  	}
  	
  	//Validate ORANIZATION field
	if(document.INFO.organization.value == "")
	{	
		strMsg=strMsg + "Your organization is required." + '\n';
	}
	else if(!(validateInput(document.INFO.organization.value)))
	{  		
		strMsg=strMsg + "Organization field contains invalid characters." + '\n';
  	}
  	
	//Validate DEPARTMENT field
	if(document.INFO.department.value != "" && 
  	(!(validateInput(document.INFO.department.value))))
  	{  	
  		strMsg=strMsg + "Department field contains invalid characters." + '\n';
  	}
  	
  	//Validate CODE field (only allow numeric input)
	if(document.INFO.code.value == "")
	{	
		strMsg=strMsg + "Your employer code is required." + '\n';
	}	
	else if(!(validateInput(document.INFO.code.value)))
	{		
		strMsg=strMsg + "Employer code field contains invalid characters." + '\n';
  	}
	else
	{
		strTol = ignoreSpaces(document.INFO.code.value);
	
		for(i=0; i < strTol.length; i++)
		{
			var s = strTol.charAt(i);
      	if (!isDigit(s))
      	{
             strMsg=strMsg + "Employer Code must be a number." + '\n';
             break;
         }
    	}
	}

	//Validate ADDRESS field  
	if(document.INFO.address.value == "")
	{	
		strMsg=strMsg + "Your address is required." + '\n';
	}
	else if(!(validateInput(document.INFO.address.value)))
	{    	
		strMsg=strMsg + "Address field contains invalid characters." + '\n';
  	}
  	
	//Validate PHONE field  	
	if(document.INFO.phone.value == "")
	{
		strMsg=strMsg + "Your phone number is required." + '\n';
	}
	else if(!(validateInput(document.INFO.phone.value)))
	{  
		strMsg=strMsg + "Phone number field contains invalid characters." + '\n';
	}
  	
	//Validate EMAIL field  	
	if(document.INFO.email.value == "")
	{
		strMsg=strMsg + "Your e-mail address is required." + '\n';
	}
	else if (!(validateEmail(document.INFO.email.value)))
	{ 
		strMsg=strMsg + "Please enter a correct e-mail address." +'\n';
	}

  
	if (strMsg.length>0)
	{	
		alert(strMsg)
		return(false)
	}
	else
	{
		return(true);	
	}
}
//-->