function formvalidator(frmName)
{
    var blnSubmit = true;
    var oFrm = document.getElementById(frmName);
    var arEl = oFrm.getElementsByTagName('input');
    var arr = new Array();
    arr[0] = 'script'; 
    arr[1] = 'select'; 
    arr[2] = 'sysobjects';
    arr[3] = 'sys.objects';
    arr[4] = 'update';
    arr[5] = 'insert';
    arr[6] = '--';
    arr[7] = '\/*';
    arr[8] = 'xp_';
    arr[9] = 'drop';
    arr[10] = 'create';
    try{
        for(i=0;i<=arEl.length-1;i++)
        {
       
            if(arEl[i].type=='text')
            {
            
                for(n=0;n<=arr.length-1;n++)
                {
             
                    if(arEl[i].value.indexOf(arr[n]) >= 0 )
                    {
                    blnSubmit= false;
                    arEl[i].value = '';
                    throw 'err1';
                 
                    }
                } 
            }
        } 
    }
    catch(er){
     alert('Invalid characters were detected\nThe form has not been submitted')
     return false;
    }
    if(blnSubmit)
       oFrm.submit();
       
}