// 12/22/2006, jstrimpe
// loops through all forms and form fields to check for cross
// site hacking.

//isScript = /(<script|<\sscript|<\/|<\s\/|src\=|href\=|url\=)\w+$/i;
isScript = /(<script|<\sscript|<\/|<\s\/|src\=|href\=|url\=|link\=)/;

function CrossSite() {	
	
	ErrorMessage = '';
  Count = 0;	
	
	for(f=0; f<document.forms.length; f++)
	{		
		for(i=0; i<document.forms[f].elements.length; i++)
		{	
			if (isScript.test(document.forms[f].elements[i].value)) {
				ErrorMessage += '\n'+document.forms[f].elements[i].name +' - Error:23';
				Count++;
			}			
		}
	}
	if (Count > 0) {
		ErrorMessage ="The following field(s) is/are either empty or incorrectly entered:\n" +
		ErrorMessage + "\n______________________________________________" +
		"\n            PLEASE RE-ENTER AND SUBMIT AGAIN!";
		alert(ErrorMessage);
		message = 'Error:23';
 		cnt = 1;
		return false;
	} else {
		return true;
	}
}