//Updated on 04122008 by PKVerma- allowed ? in inputvalidator script 


function validatorFunction(doc)
{

var ptrCount=doc.elements;
//alert(ptrCount.length);
//alert("count="+ptrCount[3].type);
for(var i=0;i<ptrCount.length;i++)
{
if(ptrCount[i].type=='text' || ptrCount[i].type=='textarea')
if(freeFromCharacter( ptrCount[i].value.toLowerCase()))
{
alert("Special character or DB query keywords are not allowed. e.g. ' , * , ; , ^ , = , % , -- , // , insert, update, create, delete, select, alter, sp_, xp_,javascript");
ptrCount[i].focus();
return false;
}
}
return true;
}
function freeFromCharacter( ctrl)
{
if(ctrl.indexOf(';')!=-1 || ctrl.indexOf('--')!=-1 ||
   ctrl.indexOf('*')!=-1 || ctrl.indexOf("'")!=-1 || 
   ctrl.indexOf('=')!=-1 || ctrl.indexOf("%")!=-1 ||
   ctrl.indexOf('^')!=-1 ||  
   ctrl.indexOf('sp_')!=-1 || ctrl.indexOf("xp_")!=-1 ||
   ctrl.indexOf("//")!=-1 ||ctrl.indexOf("drop")!=-1||
   ctrl.indexOf("update")!=-1 ||ctrl.indexOf("insert")!=-1 ||
   ctrl.indexOf("create")!=-1 ||ctrl.indexOf("delete")!=-1 ||
   ctrl.indexOf("select")!=-1 ||ctrl.indexOf("javascript")!=-1 ||ctrl.indexOf("alter")!=-1)
{
return true;
}
return false;
}