function hasInvalidCharacters(form) { var bHasInvalidCharacter = false; for(var i=0;i]+/.test(form.elements[i].value))) { // special case for profile and mailing list if((form.name == 'Profile') || (form.name == 'MailingList') || (form.name == 'Login') || (form.name == 'MyBilling')) { // allow / for birthday and anniversary fields but still need to check other characters //if((form.elements[i].name == 'textBirthday') || (form.elements[i].name == 'textAnniversary')) if((IsUniqueIDEqControlID(form.elements[i].name, 'textBirthday')) || (IsUniqueIDEqControlID(form.elements[i].name, 'textAnniversary'))) { if(/[\'"\)\(;~\|\-%\\<>]+/.test(form.elements[i].value)) { bHasInvalidCharacter = true; break; } } if((form.elements[i].name == 'textBirthday') || (form.elements[i].name == 'textAnniversary')) //if((IsUniqueIDEqControlID(form.elements[i].name, 'textBirthday')) || (IsUniqueIDEqControlID(form.elements[i].name, 'textAnniversary'))) { if(/[\'"\)\(;~\|\-%\\<>]+/.test(form.elements[i].value)) { bHasInvalidCharacter = true; break; } } // allow -() for phone number fields and email //else if((form.elements[i].name == 'textHomePhone') || (form.elements[i].name == 'textWorkPhone') || (form.elements[i].name == 'textFax')) else if((IsUniqueIDEqControlID(form.elements[i].name, 'textHomePhone')) || (IsUniqueIDEqControlID(form.elements[i].name, 'textWorkPhone')) || (IsUniqueIDEqControlID(form.elements[i].name, 'textFax'))) { if(/[\'";~\|%\\/<>]+/.test(form.elements[i].value)) { bHasInvalidCharacter = true; break; } } // allow - for email field and zip code //else if((form.elements[i].name == 'textEmail') || (form.elements[i].name == 'textConfirmEmail') || (form.elements[i].name == 'Email') || (form.elements[i].name == 'textZip')) else if((IsUniqueIDEqControlID(form.elements[i].name, 'textEmail')) || (IsUniqueIDEqControlID(form.elements[i].name, 'textConfirmEmail')) || (IsUniqueIDEqControlID(form.elements[i].name, 'Email')) || (IsUniqueIDEqControlID(form.elements[i].name, 'textZip'))) { if(/[\'"\)\(;~\|%\\/<>]+/.test(form.elements[i].value)) { bHasInvalidCharacter = true; break; } } else { bHasInvalidCharacter = true; break; } } else if(form.name == 'Personal') { // allow -() for phone number fields and email if((IsUniqueIDEqControlID(form.elements[i].name, 'telephone')) || (IsUniqueIDEqControlID(form.elements[i].name, 'shippingTelephone'))) { if(/[\'";~\|%\\/<>]+/.test(form.elements[i].value)) { bHasInvalidCharacter = true; break; } } // allow - for email field //else if((form.elements[i].name == 'email') || (form.elements[i].name == 'emailConfirm')) else if((IsUniqueIDEqControlID(form.elements[i].name, 'email')) || (IsUniqueIDEqControlID(form.elements[i].name, 'emailConfirm'))) { if(/[\'"\)\(;~\|%\\/<>]+/.test(form.elements[i].value)) { bHasInvalidCharacter = true; break; } } else { bHasInvalidCharacter = true; break; } } // added by Rajan - for both promo code input box validation else if(form.name == 'MyEvening') { // allow percent (%) dollar sign ($) double quote (“) and slash (/) for both promotion code fields //if((form.elements[i].name == 'promo') || (form.elements[i].name == 'promo2')) if((IsUniqueIDEqControlID(form.elements[i].name, 'promo')) || (IsUniqueIDEqControlID(form.elements[i].name, 'promo2'))) { if(/[\'\)\(;~\|\\<>]+/.test(form.elements[i].value)) { bHasInvalidCharacter = true; break; } } else { bHasInvalidCharacter = true; break; } } else { bHasInvalidCharacter = true; break; } } } // check to see if invalid character was entered if(bHasInvalidCharacter) { // confirm the removal if(confirm("The information entered contain at least one illegal character(s) which include:\n" + "\t ' (single quote)\n" + "\t \" (double quote)\n" + "\t ; (semi-colon)\n" + "\t ~ (tilda)\n" + "\t | (pipe)\n" + "\t % (percent)\n" + "\t < (less than)\n" + "\t > (greater than)\n" + "\t \\ (backward slash)\n" + "\t - (dash, only allow for email and phone #)\n" + "\t / (forward slash, only allow for date field)\n" + "\t ) (close parenthesis, only allow for phone #)\n" + "\t ( (open parenthesis, only allow for phone #)\n\n" + "Would you like to remove it and continue?")) { for(var i=0;i]+/.test(form.elements[i].value)) { // special case for profile and mailing list if((form.name == 'Profile') || (form.name == 'MailingList') || (form.name == 'Login') || (form.name == 'MyBilling')) { // allow / for birthday and anniversary fields but still need to check other characters //if((form.elements[i].name == 'textBirthday') || (form.elements[i].name == 'textAnniversary')) if((IsUniqueIDEqControlID(form.elements[i].name, 'textBirthday')) || (IsUniqueIDEqControlID(form.elements[i].name, 'textAnniversary'))) { form.elements[i].value = form.elements[i].value.replace(/[\'"\)\(;~\|\-%\\<>]+/g, ''); } // allow -() for phone number fields and email //else if((form.elements[i].name == 'textHomePhone') || (form.elements[i].name == 'textWorkPhone') || (form.elements[i].name == 'textFax')) else if((IsUniqueIDEqControlID(form.elements[i].name, 'textHomePhone')) || (IsUniqueIDEqControlID(form.elements[i].name, 'textWorkPhone')) || (IsUniqueIDEqControlID(form.elements[i].name, 'textFax'))) { form.elements[i].value = form.elements[i].value.replace(/[\'";~\|%\\/<>]+/g, ''); } // allow - for email field & zip code //else if((form.elements[i].name == 'textEmail') || (form.elements[i].name == 'textConfirmEmail') || (form.elements[i].name == 'Email')) //now adding zipcode too else if((IsUniqueIDEqControlID(form.elements[i].name, 'textEmail')) || (IsUniqueIDEqControlID(form.elements[i].name, 'textConfirmEmail')) || (IsUniqueIDEqControlID(form.elements[i].name, 'Email')) || (IsUniqueIDEqControlID(form.elements[i].name, 'textZip'))) { form.elements[i].value = form.elements[i].value.replace(/[\'"\)\(;~\|%\\/<>]+/g, ''); } else { form.elements[i].value = form.elements[i].value.replace(/[\'"\)\(;~\|\-%\\/<>]+/g, ''); } } else if(form.name == 'Personal') { // allow -() for phone number fields if((IsUniqueIDEqControlID(form.elements[i].name, 'telephone')) || (IsUniqueIDEqControlID(form.elements[i].name, 'shippingTelephone'))) { form.elements[i].value = form.elements[i].value.replace(/[\'";~\|%\\/<>]+/g, ''); } // allow - for email field //else if((form.elements[i].name == 'email') || (form.elements[i].name == 'emailConfirm')) else if((IsUniqueIDEqControlID(form.elements[i].name, 'email')) || (IsUniqueIDEqControlID(form.elements[i].name, 'emailConfirm'))) { form.elements[i].value = form.elements[i].value.replace(/[\'"\)\(;~\|%\\/<>]+/g, ''); } else { form.elements[i].value = form.elements[i].value.replace(/[\'"\)\(;~\|\-%\\/<>]+/g, ''); } } // added by Rajan - for promo code input box validation else if(form.name == 'MyEvening') { // allow percent (%) dollar sign ($) double quote (“) and slash (/) for both promotion code fields //if((form.elements[i].name == 'promo') || (form.elements[i].name == 'promo2')) if((IsUniqueIDEqControlID(form.elements[i].name, 'promo')) || (IsUniqueIDEqControlID(form.elements[i].name, 'promo2'))) { form.elements[i].value = form.elements[i].value.replace(/[\'\)\(;~\|\\<>]+/g, ''); } else { form.elements[i].value = form.elements[i].value.replace(/[\'"\)\(;~\|%\\/<>]+/g, ''); } } else { form.elements[i].value = form.elements[i].value.replace(/[\'"\)\(;~\|%\\/<>]+/g, ''); } } } bHasInvalidCharacter = false; } } return bHasInvalidCharacter; } //decides whether asp.net generated control unique id is same as developer created control id function IsUniqueIDEqControlID(uniqueID, controlID) { var found=0; var pos = uniqueID.indexOf(controlID); if(pos >= 0) { found = 1; } if(found == 1) { return true; } else { return false; } } /* BELOW EXTRA CODE TO BE DELETED LATER // get asp.net client unique id object reference function GetUniqueId(strid) { var count=document.forms[0].length; var i=0; var eleName; var found=0; for (i=0; i < count; i++ ) { eleName=document.forms[0].elements[i].id; pos=eleName.indexOf(strid); if(pos>=0) { found = 1; break; } } if(found == 1) { return eleName; } else { return null; } } */ /* if((form.elements[i].name == 'telephone') || (form.elements[i].name == 'shippingTelephone')) { if(/[\'";~\|%\\/<>]+/.test(form.elements[i].value)) { bHasInvalidCharacter = true; break; } }*/ /* if((GetUniqueId('telephone')) || (GetUniqueId('shippingTelephone'))) { if((/[\'";~\|%\\/<>]+/.test(GetElementById('telephone').value)) || (/[\'";~\|%\\/<>]+/.test(GetElementById('shippingTelephone').value)) ) { bHasInvalidCharacter = true; break; } } */ /* if((form.elements[i].name == 'telephone') || (form.elements[i].name == 'shippingTelephone')) { alert("coming here2"); form.elements[i].value = form.elements[i].value.replace(/[\'";~\|%\\/<>]+/g, ''); } */ /* if(GetUniqueId('telephone')) { alert("coming here3"); GetElementById('telephone').value = GetElementById('telephone').value.replace(/[\'";~\|%\\/<>]+/g, ''); } else if(GetUniqueId('shippingTelephone')) { alert("coming here4"); GetElementById('shippingTelephone').value = GetElementById('shippingTelephone').value.replace(/[\'";~\|%\\/<>]+/g, ''); }*/