/*
	this file check's for XSS in the header's search form
	has the following dependencies, the following libraries must be called first:
		<script src="/jsscripts/js_Common.js"></script>
		<script src="/jsscripts/js_htmlCodeCheck.js"></script>
	
*/ 

/* creates a handle to the search form */
function getNCSHeaderSearchForm() {
	var theForm = eval("document.aspnetForm");
	if( theForm  != null ) {
		return theForm
	}
	else {
		return null;
	}
}

/* 
determines if the ENTER key were pressed (called via onKeyDown event)
if so, processes form submit via NCSHeaderSearchSubmit()
*/
function doNCSHeaderSearchKeyDown(e, NCSHeaderSearchField) {
	var enterKey = '13';
	var keynum = '';
	
	if (document.all)  // IE
		keynum = e.keyCode;
	else 
		keynum = e.keyCode;

	//alert(keynum);
	// if the enter key was pressed, then submit the form
	if(keynum == enterKey) {
		NCSHeaderSearchSubmit(NCSHeaderSearchField);
	}
}
/* 
disbles the ENTER key (called via onKeyPress event) 
bug in FF with simple forms (forms that only have 1 text-type input field) when users hit the ENTER key while in the text input field, 
	then the form does a FULL POST submit which bypasses our form submit logic
*/
function disableEnterKey(e) {
	var key;
	if(window.event)
		key = window.event.keyCode;     //IE
	else
		key = e.which;     //firefox
	if(key == 13)
		return false;
	else
		return true;
}

/* blanks out the *default* search text as the user clicks into the search field */
function NCSHeaderSearchOnClick(NCSHeaderSearchField) {
	// PLEASE NOTE: the default search string text is set in NCSWebControls.NCSSearchForm
	var theForm = getNCSHeaderSearchForm();
	var ncs_defa_search_str_field = theForm.ncs_defa_search_str_field.value;
	
	if( NCSHeaderSearchField.value == ncs_defa_search_str_field ) {
		NCSHeaderSearchField.value = "";
	}
}

/* 
wrapper to handle the form submit 
validates the form data via checkandsubmitNCSHeaderSearch()
originally named "NCSHeaderSearch()" renamed on 11/15/2011
*/
function NCSHeaderSearchSubmit(NCSHeaderSearchField) {
	var bContinue = false;
	var ncs_search_results_page = "/pages/search.aspx";
	var the_target_page = ncs_search_results_page + '?q=';
	//alert('NCSHeaderSearchField.value: ' + NCSHeaderSearchField.value);
	bContinue = checkandsubmitNCSHeaderSearch(NCSHeaderSearchField); // validate the form data
	if( bContinue ) {
		// this is stored in form field
		var theForm = getNCSHeaderSearchForm();
		if( theForm && theForm.ncs_search_results_page_field ) {
			ncs_search_results_page = theForm.ncs_search_results_page_field.value; 
			the_target_page = ncs_search_results_page + '?q=' + NCSHeaderSearchField.value;
		}
		//alert('the_target_page: ' + the_target_page;);
		window.location.href =  the_target_page;
	}
}

/* form validation */
function checkandsubmitNCSHeaderSearch(NCSHeaderSearchField){
	var missing = false;
	var htmlcheck_fail = false;
	var missing_str = "You have not provided the following:\n\n";
	var htmlcheck_fail_str = "";
	var test = "";
	// test for html
	test = htmlCodeCheck(NCSHeaderSearchField, 'The Search String', false, false);
	if( test != "" ) {
		htmlcheck_fail_str += test;
		htmlcheck_fail = true;
	}
	if (!NCSHeaderSearchField.value){
		missing = true;
		missing_str += "Search String\n";
	}
	if (missing){
		alert(missing_str);
		return false;
	}
	else if (htmlcheck_fail){
		alert(htmlcheck_fail_str);
		return false;
	}	
	else{
		return true;
	}
}