/*
01：checkStr(ob,mStr)
    判断控件ob的值的各个字符是否在mStr中存在
02:RTrim(string):去除右边的空格
03:RTrim(string):去除右边的空格
04:Trim(string):去除前后空格



*/

/*
*功能：判断ob的值的各个字符是否在mStr中存在
        即判断ob是否mStr的各个字符的组合
*/
function checkStr(ob,mStr){
  var str=ob;
  var le=str.length;
  var flag=true;
  for( i=0;i<le;i++){
    var j;
    j=mStr.indexOf(str.charAt(i));
    if(j==(-1)){
       flag=false;
	  break;
    }
  }//
  return flag;
}//end fu

/*
功能：只有输入数字，否则不能一直定位为该控件为焦点
*/
function isNumCh(ob){
var str=ob.value;
if(!checkStr(str,"0123456789")){
 alert("输入非法，含有非数字！");
 ob.focus();
  }
}


/*

==================================================================

LTrim(string):去除左边的空格

==================================================================

*/

function LTrim(str)
{
    var whitespace = new String(" \t\n\r");

    var s = new String(str);
    if (whitespace.indexOf(s.charAt(0)) != -1)
    {
        var j=0, i = s.length;
        while (j < i && whitespace.indexOf(s.charAt(j)) != -1)
        {
            j++;
        }
        s = s.substring(j, i);
    }

    return s;
}

/*

==================================================================

RTrim(string):去除右边的空格

==================================================================
*/

function RTrim(str)
{
    var whitespace = new String(" \t\n\r");
    var s = new String(str);
    if (whitespace.indexOf(s.charAt(s.length-1)) != -1)
    {
        var i = s.length - 1;
        while (i >= 0 && whitespace.indexOf(s.charAt(i)) != -1)
        {
            i--;
        }
        s = s.substring(0, i+1);
    }
    return s;
}
/*

==================================================================

Trim(string):去除前后空格

==================================================================

*/

function Trim(str)
{
    return RTrim(LTrim(str));
}

/*
=========================


检测SQL和XSS攻击的可疑代码

==========================
*/

function  CheckForSql(ss){
		 var strBadChar	= new Array ("and","exec","insert","select","delete","update","count","or","*"
				 ,"%" ,":","\'","\"","chr","mid","master","truncate","char","declare","SiteName","net user","xp_cmdshell"
				 ,"/add" ,"exec master.dbo.xp_cmdshell","net localgroup administrators","%3C","%3c","%3E","%3e","<",">");
		 var s=ss;
		 if(s.length>0){
			for (i=0;i<strBadChar.length;i++){
			  if(s.indexOf(strBadChar[i])!=-1){   
			        return true;   
			      }   
			}
		}
		return false;
	 }