function getDocElement(p_element_id) { if (document.layers){ //Netscape 4 specific code pre = 'document.'; post = ''; } if (document.getElementById){ //Netscape 6 specific code pre = 'document.getElementById("'; post = '")'; } if (document.all){ //IE4+ specific code pre = 'document.all.'; post = ''; } var l_element = eval(pre + p_element_id + post); return(l_element); } function submitConstructedForm(p_form) { document.body.appendChild(p_form); p_form.submit(); } /* The purpose of this code is to dynamically generate forms * that can be used for submitting content to the web server. * NB: This dynamic form generation is not intended to be used * for user accessable forms, hence the reason for the forms * display style being set to none. */ function constructForm(p_form, p_elements) { var l_form; var l_element; var l_len; var l_name; var l_value; var l_tag; var l_type; var l_i; l_form = document.createElement('form'); l_form.method = p_form.method; l_form.action = p_form.action; l_form.style.display = 'none'; l_len = p_elements.length; for (l_i = 0; l_i < l_len; l_i++) { l_name = p_elements[l_i][0]; l_value = p_elements[l_i][1]; l_tag = p_elements[l_i][2]; l_type = p_elements[l_i][3]; try { l_element = document.createElement('<' + l_tag + ' name="' + l_name + '"' + (l_type == null ? '' : ' type="' + l_type + '"') + '>'); } catch (e) {} if (!l_element || l_element.nodeName.toLowerCase() != l_tag.toLowerCase()) { l_element = document.createElement(l_tag); l_element.setAttribute('name', l_name); if (l_type != null) l_element.setAttribute('type', l_type); } if (l_element) { if (l_tag.toLowerCase() == 'textarea') { l_element.innerHTML = l_value; } else { l_element.setAttribute('value', l_value); } } l_form.appendChild(l_element); } return l_form; } /** * Checks for potential cross site scripting text. * * @param p_str * @return */ function containsXSS(p_str) { var lower = p_str.toLowerCase(); var l_containsXSS = false; if(lower.match(/