function submitConstructedForm(p_form) {
   document.body.appendChild(p_form);
   p_form.submit();
}

/* The purpose of this code is to dynamically generate forms
 * that can be used for submitting content to the web server.
 * NB: This dynamic form generation is not intended to be used
 * for user accessable forms, hence the reason for the forms
 * display style being set to none.
 */
function constructForm(p_form, p_elements) {
   var l_form;
   var l_element;
   var l_len;
   var l_name;
   var l_value;
   var l_tag;
   var l_type;
   var l_i;
   
   l_form = document.createElement('form');
   
   l_form.method = p_form.get('method');
   l_form.action = p_form.get('action');

   l_form.style.display = 'none';
   
   l_len = p_elements.length;   
   for (l_i = 0; l_i < l_len; l_i++) {
      l_name = p_elements[l_i][0];
      l_value = p_elements[l_i][1];
      l_tag = p_elements[l_i][2];
      l_type = p_elements[l_i][3];
      try {
         l_element = document.createElement('<' + l_tag + ' name="' + l_name + '"' + (l_type == null ? '' : ' type="' + l_type + '"') + '>');
      } catch (e) {
    	 l_element = document.createElement(l_tag);
    	 l_element.setAttribute('name', l_name);
    	 if (l_type != null) l_element.setAttribute('type', l_type);
      }
      if (l_element) {
         if (l_tag.toLowerCase() == 'textarea') {
            l_element.innerHTML = l_value;
         } else {
            l_element.setAttribute('value', l_value);
         }
      }
      l_form.appendChild(l_element);
   }
   
   return l_form;
}

/**
 * Checks for potential cross site scripting text.
 * 
 * @param p_str
 * @return
 */
function containsXSS(p_str) {
    var lower = p_str.toLowerCase();
    var l_containsXSS = false;
    if(lower.match(/<script/)
    		|| lower.match(/<\/script/)
    		|| lower.match(/javascript:/)
    		|| lower.match(/href=/)
    		|| lower.match(/<img/)
    		|| lower.match(/<object/) ) {
    	
    	l_containsXSS = true; 
	} 
    
    return l_containsXSS;
}

/**
 * Checks for potential XSS attack in element. 
 * Always returns false if element cant be found, or it doesnt have a 'value' attribute. 
 * 
 * @param p_elemName
 * @return
 */
function elementContainsXSS(p_elemName) {
	if ($(p_elemName)) {
		if ($(p_elemName).value) {
			return containsXSS($(p_elemName).value);
		}
	}
	return false;
}

function trimResult(p_str) {
  return jQuery.trim(p_str);
}

function toggleLayer(p_selector) {
  jQuery(p_selector).toggle();
}

function hideLayer(p_selector) {
  jQuery(p_selector).hide();
}

function showLayer(p_selector) {
  jQuery(p_selector).show();
}

function setHtml(p_selector, p_content) {
  jQuery(p_selector).html(p_content);
}

function setValue(p_selector, p_value) {
  jQuery(p_selector).val(p_value);
}

/* Load response straight into the DOM
 *
 * parameters:
 * p_elements - DOM elements to update
 * p_url - resource to request
 * 3rd parameter - JSON data to be sent in request (optional)
 * 4th parameter - function to call with response (optional)
 */
function ajaxLoadIntoPage(p_elements, p_url) {
  if (arguments.length == 2) {
    jQuery(p_elements).load(p_url);
  } else if (arguments.length == 3) {
    jQuery(p_elements).load(p_url, arguments[2]);
  } else if (arguments.length == 4) {
    jQuery(p_elements).load(p_url, arguments[2], arguments[3]);
  }
}

/* Perform a http request and return the reponse, optionally perform processing
 * 
 * parameters:
 * p_url - resource to request
 * p_extra - see http://docs.jquery.com/Ajax/jQuery.ajax#options
 *
 * The idea with this function is that at a later stage if a migration away from jQuery takes place we'll be better positioned.
 */
function ajaxRequest(p_url, p_extra) {
  var response;
  var request = p_extra;
  
  request.url = p_url;
  
  if (typeof(p_extra.async) == 'undefined' || p_extra.async) {
    jQuery.ajax(request);
  } else {
    response = jQuery.ajax(request);
    return response.responseText;
  }
}

function ajaxFormPost(p_formId, p_url, p_resultDivId) { 
	var fieldscontainXSS = false;
	jQuery("#" + p_formId).find("input").each(function(i){
	  if(containsXSS($(this).value)){
	  	fieldscontainXSS = true;
	  }
	}); 
	
	if(!fieldscontainXSS){
			jQuery.post(p_url, jQuery("#" + p_formId).serialize(), function(data,status){
					jQuery("#" + p_resultDivId).html(data);
			});  
	} else{
		alert('Could not post form');
	}
}

function displayLoadingIcon(p_resultDivId) {
  jQuery("#" + p_resultDivId).html("<p><img src='/images/loadinganimation_small.gif' alt='Loading...' border='0' /></p>");
}

function ajaxSearchPost(p_formId, p_resultDivId, p_webId, p_includeExistingQueryString) { 
  var l_url = '/public/search.aspx';
  var l_params = '';
  var l_fieldsContainXSS = false;
  
	jQuery("#" + p_formId).find("input").each(function(i){
	  if(containsXSS($(this).value)){
	  	l_fieldsContainXSS = true;
	  }
	}); 
	
	if(l_fieldsContainXSS){
		alert('Invalid Search');
	} else{

		displayLoadingIcon(p_resultDivId);

		if (p_includeExistingQueryString) {
			if (location.href.indexOf('?') > -1) {
				l_params = location.href.substring(location.href.indexOf('?') + 1);
			}
		}

		if (l_params.indexOf('f_abstract_enabled') < 0) {
			l_params += (l_params == '' ? '' : '&') +
            			'f_abstract_enabled=' + m_abstract_enabled + 
            			'&f_abstract_fragment_count=' + m_abstract_fragment_count + 
            			'&f_abstract_fragment_size=' + m_abstract_fragment_size + 
            			'&f_abstract_fragment_separator=' + m_abstract_fragment_separator;
		}

		l_params += (l_params == '' ? '' : '&') +
		            'f_web_id=' + p_webId;

		if (l_params != '') {
			l_url = l_url + '?' + l_params;
		}

		ajaxFormPost(p_formId, l_url, p_resultDivId);     
	}
}

function ajaxEditModeLinkPost(p_resultDivId) { 
  var l_url = '/public/editmodelink.aspx';
  var l_params = 'f_helpertext_in_edit_mode=' + m_editmodelink_helpertext_in_edit_mode + 
                 '&f_helpertext_in_normal_mode=' + m_editmodelink_helpertext_in_normal_mode + 
                 '&f_page_id=' + m_editmodelink_page_id +
                 '&f_web_id=' + m_editmodelink_web_id +
                 '&f_url=' + m_editmodelink_url_disp +
                 '&f_url_layout=' + m_editmodelink_url_edit;

  ajaxRequest(l_url, { data: l_params, cache: false,  success: function(html) { setHtml("#" + p_resultDivId, trimResult(html)); } });    
}

function ajaxEditModeLinkUpdate() { 
  var l_url = '/public/editmodelink.aspx';
  
  var l_params = 'f_action=change' +
                 '&f_page_id=' + m_editmodelink_page_id +
                 '&f_web_id=' + m_editmodelink_web_id +
                 '&f_url=' + m_editmodelink_url_disp +
                 '&f_url_layout=' + m_editmodelink_url_edit;
  
  ajaxRequest(l_url, { data: l_params, cache: false, success: function(html) { location.href = trimResult(html); } });
}

function ajaxShareAdd(p_url, p_resourceId, p_returnPageId, p_successMsg, p_failureMsg) {
  var l_params = '';

  if (p_url.indexOf('?') > -1) {
    l_params = p_url.substring(p_url.indexOf('?') + 1);
    p_url = p_url.substring(0, p_url.indexOf('?'));
  }

  l_params += (l_params == '' ? '' : '&') +
              'pid=' + p_resourceId +
              '&returnto=' + p_returnPageId;  
  
  ajaxRequest(p_url, { data: l_params, cache: false, success: function(html) { alert(p_successMsg); } });  
}

function ajaxListingPost(p_divId, p_thes) {
  setValue("#type", p_thes);
  document.filterForm.submit();
}