function checkForMalCode(theForm)
{
	var returnBool = true;
	for(i=0; i<theForm.elements.length; i++)
	{
		if(theForm.elements[i].type == "textarea" || theForm.elements[i].type == "text" || theForm.elements[i].type == "password")
		{
			if(containsMalCode(theForm.elements[i].value, theForm.elements[i].name))
			{
				returnBool = false;
				break;
			}
		}
	}
	return returnBool;
}

function containsMalCode(inputStr, inputName)
{
	var scriptTag 	= new RegExp("<scr"+"ipt", "i");
	var embedTag 	= new RegExp("<embed", "i");
	var objectTag 	= new RegExp("<object", "i");
	var appletTag 	= new RegExp("<applet", "i");
	var formTag 	= new RegExp("<form", "i");
	var anchorTag 	= new RegExp("<a ", "i");
	
	if(inputStr.search(scriptTag) != -1)
		return true;
	else if(inputStr.search(embedTag) != -1)
		return true;
	else if(inputStr.search(objectTag) != -1)
		return true;
	else if(inputStr.search(appletTag) != -1)
		return true;
	else if(inputStr.search(formTag) != -1)
		return true;
	else if(inputStr.search(anchorTag) != -1 && inputName != "body" && inputName != "htmlMsg") // need to allow anchor tag for DHTML editor
		return true;
	else
		return false;
}