function highlight(elementID) { var highlight = document.getElementById(elementID).style; highlight.backgroundColor = highlight.backgroundColor = "#cccccc"; } function lowlight(elementID) { var lowlight = document.getElementById(elementID).style; lowlight.backgroundColor = lowlight.backgroundColor = "#eeeeee"; } function update_cart(AutoID,TableID) { var quantity = document.getElementById("qty" + AutoID).value; var ring = document.getElementById("ddl" + AutoID); var ringsize; if(ring != null) { ringsize = ring.options[ring.selectedIndex].value; } else { ring = document.getElementById("bracelet" + AutoID); ringsize = ring.innerHTML; } var URL = "cart.asp?action=update&autoID=" + AutoID + "&ringsize=" + ringsize + "&quantity=" + quantity + "&tableID=" + TableID; window.location = URL; } function validate_contact() { var dom, errorstring, error dom = document.all error = false errorstring = "The following problems were found: \n\n" if (document.getElementById("firstname").value == "" || CheckSQLInject(document.getElementById("firstname").value) == 1) { error = true errorstring = errorstring + "* You have not entered your firstname\n" } if (document.getElementById("surname").value == "" || CheckSQLInject(document.getElementById("surname").value) == 1) { error = true errorstring = errorstring + "* You have not entered your surname\n" } if (document.getElementById("address1").value == "" || CheckSQLInject(document.getElementById("address1").value) == 1) { error = true errorstring = errorstring + "* You have not entered your address\n" } if (CheckSQLInject(document.getElementById("address2").value) == 1) { error = true } if (CheckSQLInject(document.getElementById("address3").value) == 1) { error = true } if (document.getElementById("town").value == "" || CheckSQLInject(document.getElementById("town").value) == 1) { error = true errorstring = errorstring + "* You have not entered your county\n" } if (document.getElementById("postcode").value == "" || CheckSQLInject(document.getElementById("postcode").value) == 1) { error = true errorstring = errorstring + "* You have not entered your postcode\n" } if (document.getElementById("tel").value == "" || CheckSQLInject(document.getElementById("tel").value) == 1) { error = true errorstring = errorstring + "* You have not entered your telephone number\n" } if (document.getElementById("email").value == "" || CheckSQLInject(document.getElementById("email").value) == 1) { error = true errorstring = errorstring + "* You have not entered your e-mail address \n" } else { // If its not blank, check that it contains an @ symbol var r, re re = /@/i r = document.getElementById("email").value.search(re) if(r == -1) { error = true errorstring = errorstring + "* Your email address does not appear to be valid, please check and try again \n" } } if(error == true) { alert(errorstring) return false; } else { document.contactdetails.submit() } } function validate_editcontact() { var dom, errorstring, error dom = document.all error = false errorstring = "The following problems were found: \n\n" if (document.getElementById("firstname").value == "" || CheckSQLInject(document.getElementById("firstname").value) == 1) { error = true errorstring = errorstring + "* You have not entered your firstname\n" } if (document.getElementById("surname").value == "" || CheckSQLInject(document.getElementById("surname").value) == 1) { error = true errorstring = errorstring + "* You have not entered your surname\n" } if (document.getElementById("address1").value == "" || CheckSQLInject(document.getElementById("address1").value) == 1) { error = true errorstring = errorstring + "* You have not entered your address\n" } if (CheckSQLInject(document.getElementById("address2").value) == 1) { error = true } if (CheckSQLInject(document.getElementById("address3").value) == 1) { error = true } if (document.getElementById("town").value == "" || CheckSQLInject(document.getElementById("town").value) == 1) { error = true errorstring = errorstring + "* You have not entered your county\n" } if (document.getElementById("postcode").value == "" || CheckSQLInject(document.getElementById("postcode").value) == 1) { error = true errorstring = errorstring + "* You have not entered your postcode\n" } if (document.getElementById("tel").value == "" || CheckSQLInject(document.getElementById("tel").value) == 1) { error = true errorstring = errorstring + "* You have not entered your telephone number\n" } if (document.getElementById("email").value == "" || CheckSQLInject(document.getElementById("email").value) == 1) { error = true errorstring = errorstring + "* You have not entered your e-mail address \n" } else { // If its not blank, check that it contains an @ symbol var r, re re = /@/i r = document.getElementById("email").value.search(re) if(r == -1) { error = true errorstring = errorstring + "* Your email address does not appear to be valid, please check and try again \n" } } if(error == true) { alert(errorstring) return false; } else { document.editcontact.submit() } } function sfHover() { var sfEls = document.getElementById("topnav").getElementsByTagName("li"); for (var i=0; i-1) { this.className=this.className.replace(" sfhover", ""); }else{ this.className=this.className.replace(new RegExp("sfhover\\b"), ""); } } } } function validatecompetition() { var dom, errorstring, error,errormsg dom = document.all error = false errorstring = "The following problems were found: \n\n" if (document.getElementById("firstname").value == "" || CheckSQLInject(document.getElementById("firstname").value) == 1) { error = true errorstring = errorstring + "* You have not entered your Firstname\n" } if (document.getElementById("surname").value == "" || CheckSQLInject(document.getElementById("surname").value) == 1) { error = true errorstring = errorstring + "* You have not entered your Surname\n" } if (document.getElementById("txtemail").value == "" || CheckSQLInject(document.getElementById("txtemail").value) == 1) { error = true; errorstring = errorstring + '* Please Enter Your Email Address\n'; } else { // If its not blank, check that it contains an @ symbol var r, re re = /@/i r = document.getElementById("txtemail").value.search(re) if(r == -1) { error = true errorstring = errorstring + "* Your email address does not appear to be valid, please check and try again \n" } } if(error == true) { alert(errorstring) return false; } else { document.competition.submit() } } function validate_brochure() { var dom, errorstring, error dom = document.all error = false errorstring = "The following problems were found: \n\n" if (dom.firstname.value == "" || CheckSQLInject(dom.firstname.value) == 1) { error = true errorstring = errorstring + "* You have not entered your firstname\n" } if (dom.surname.value == "" || CheckSQLInject(dom.surname.value) == 1) { error = true errorstring = errorstring + "* You have not entered your surname\n" } if (dom.address1.value == "" || CheckSQLInject(dom.address1.value) == 1) { error = true errorstring = errorstring + "* You have not entered your address\n" } if (CheckSQLInject(dom.address2.value) == 1) { error = true } if (CheckSQLInject(dom.address3.value) == 1) { error = true } if (dom.town.value == "" || CheckSQLInject(dom.town.value) == 1) { error = true errorstring = errorstring + "* You have not entered your town/city\n" } if (dom.postcode.value == "" || CheckSQLInject(dom.postcode.value) == 1) { error = true errorstring = errorstring + "* You have not entered your postcode\n" } if (dom.tel.value == "" || CheckSQLInject(dom.tel.value) == 1) { error = true errorstring = errorstring + "* You have not entered your telephone number\n" } if (dom.email.value == "" || CheckSQLInject(dom.email.value) == 1) { error = true; errorstring = errorstring + '* Please Enter Your Email Address\n'; } else { // If its not blank, check that it contains an @ symbol var r, re re = /@/i r = dom.email.value.search(re) if(r == -1) { error = true errorstring = errorstring + "* Your email address does not appear to be valid, please check and try again \n" } } if(error == true) { alert(errorstring); return false; } else { document.brochure.submit(); } } function CheckSQLInject(str) { var error; error = 0; str = str.toUpperCase(); if(str.indexOf('http')>=0) {error = 1;} if(str.indexOf('SELECT')>=0) {error = 1;} if(str.indexOf('UPDATE')>=0) {error = 1;} if(str.indexOf('INSERT')>=0) {error = 1;} if(str.indexOf('DELETE')>=0) {error = 1;} if(str.indexOf('EXEC')>=0) {error = 1;} return error; }