<!--
function validatePasswords(frm) {
	var minLength = 8;				// Minimum length
	var hasChar = "no";				// Alpha character indicator
	var hasNumb = "no";				// Numeric character indicator
	var hasSpec = "no";				// Special character indicator
	var temp;

	// check for aemail address
	//if (frm.Email) var email = frm.Email.value;
	//if (frm.Email && (frm.Email.value == '') {
	//	alert('Please enter an email address.');
	//	return false;
	//	}

	if (!frm.Password1) return true;
	var pw1 = frm.Password1.value;
	if (frm.Password2) var pw2 = frm.Password2.value;
	if (frm.Password0) var pw0 = frm.Password0.value;
	
	// check for a value in both fields.
	if (frm.Password2 && (pw1 == '' || pw2 == '')) {
		alert('Please enter your password twice.');
		return false;
		}

	// check for same password as existing.
	if (frm.Password0 && (pw0 == pw1)) {
		alert('Your new password must be different from your current password.\rPlease correct your new password.');
		return false;
		}
		
	// check for minimum length
	if (pw1.length < minLength) {
		alert('Your password must be at least ' + minLength + ' characters long. \rPlease correct your password.');
		return false;
		}
	
	// check for alphanumeric
	if (!isAlphaNumeric(pw1)) {
		alert('Your password can only contain alphanumeric characters A-Z, a-z, 0-9.\rIt cannot contain spaces or special characters.  Please correct your password.');
		return false;
		}

	// check for at least 1 number and character
	for (var i=0; i < pw1.length; i++) {
		temp = "" + pw1.substring(i, i+1);
		if (isAlpha(temp)) hasChar = "yes";
		if (isNumeric(temp)) hasNumb = "yes";
		}

	if ((hasChar == "no") || (hasNumb == "no")) {
		alert('Your password must contain at least: \r - one alpha character A-Z a-z \r - one numeric digit 0-9.\rPlease correct your password.');
		return false;
		}


	// check for matching password(s)
	if (frm.Password2 && (pw1 != pw2)) {
		alert ("You did not enter the same new password twice. Please re-enter your password.");
		return false;
		}

	// check for matching password(s) if expired (cannot be the same)
	if (frm.Password0 && (pw0 == pw1)) {
		alert ("Your new password must be different from your current expired password.");
		return false;
		}

	return true;
	}
	

// returns true if the string only contains characters A-Z, a-z or 0-9
function isAlphaNumeric(str){
	var re = /[^a-zA-Z0-9]/g
	if (re.test(str)) return false;
	return true;
	}


// returns true if the string only contains characters A-Z or a-z
function isAlpha(str){
	var re = /[^a-zA-Z]/g
	if (re.test(str)) return false;
	return true;
	}
	
// returns true if the string only contains characters 0-9
function isNumeric(str){
	var re = /[\D]/g
	if (re.test(str)) return false;
	return true;
	}


<!-- Begin
function emailCheck (emailStr) {

// Make the email string case insensitive
emailStr = emailStr.ToLowerCase();

/* The following variable tells the rest of the function whether or not
to verify that the address ends in a two-letter country or well-known
TLD.  1 means check it, 0 means don't. */

var checkTLD=1;

/* The following is the list of known TLDs that an e-mail address must end with. */

var knownDomsPat=/^(com|net|org|edu|int|mil|gov|arpa|biz|aero|name|coop|info|pro|museum)$/;

/* The following pattern is used to check if the entered e-mail address
fits the user@domain format.  It also is used to separate the username
from the domain. */

var emailPat=/^(.+)@(.+)$/;

/* The following string represents the pattern for matching all special
characters.  We don't want to allow special characters in the address. 
These characters include ( ) < > @ , ; : \ " . [ ] */

var specialChars="\\(\\)><@,;:\\\\\\\"\\.\\[\\]";

/* The following string represents the range of characters allowed in a 
username or domainname.  It really states which chars aren't allowed.*/

var validChars="\[^\\s" + specialChars + "\]";

/* The following pattern applies if the "user" is a quoted string (in
which case, there are no rules about which characters are allowed
and which aren't; anything goes).  E.g. "jiminy cricket"@disney.com
is a legal e-mail address. */

var quotedUser="(\"[^\"]*\")";

/* The following pattern applies for domains that are IP addresses,
rather than symbolic names.  E.g. joe@[123.124.233.4] is a legal
e-mail address. NOTE: The square brackets are required. */

var ipDomainPat=/^\[(\d{1,3})\.(\d{1,3})\.(\d{1,3})\.(\d{1,3})\]$/;

/* The following string represents an atom (basically a series of non-special characters.) */

var atom=validChars + '+';

/* The following string represents one word in the typical username.
For example, in john.doe@somewhere.com, john and doe are words.
Basically, a word is either an atom or quoted string. */

var word="(" + atom + "|" + quotedUser + ")";

// The following pattern describes the structure of the user

var userPat=new RegExp("^" + word + "(\\." + word + ")*$");

/* The following pattern describes the structure of a normal symbolic
domain, as opposed to ipDomainPat, shown above. */

var domainPat=new RegExp("^" + atom + "(\\." + atom +")*$");

/* Finally, let's start trying to figure out if the supplied address is valid. */

/* Begin with the coarse pattern to simply break up user@domain into
different pieces that are easy to analyze. */

var matchArray=emailStr.match(emailPat);

if (matchArray==null) {

/* Too many/few @'s or something; basically, this address doesn't
even fit the general mould of a valid e-mail address. */

alert("Email address seems incorrect (check @ and .'s)");
return false;
}
var user=matchArray[1];
var domain=matchArray[2];

// Start by checking that only basic ASCII characters are in the strings (0-127).

for (i=0; i<user.length; i++) {
if (user.charCodeAt(i)>127) {
alert("Ths username contains invalid characters.");
return false;
   }
}
for (i=0; i<domain.length; i++) {
if (domain.charCodeAt(i)>127) {
alert("Ths domain name contains invalid characters.");
return false;
   }
}

// See if "user" is valid 

if (user.match(userPat)==null) {

// user is not valid

alert("The username doesn't seem to be valid.");
return false;
}

/* if the e-mail address is at an IP address (as opposed to a symbolic
host name) make sure the IP address is valid. */

var IPArray=domain.match(ipDomainPat);
if (IPArray!=null) {

// this is an IP address

for (var i=1;i<=4;i++) {
if (IPArray[i]>255) {
alert("Destination IP address is invalid!");
return false;
   }
}
return true;
}

// Domain is symbolic name.  Check if it's valid.
 
var atomPat=new RegExp("^" + atom + "$");
var domArr=domain.split(".");
var len=domArr.length;
for (i=0;i<len;i++) {
if (domArr[i].search(atomPat)==-1) {
alert("The domain name does not seem to be valid.");
return false;
   }
}

/* domain name seems valid, but now make sure that it ends in a
known top-level domain (like com, edu, gov) or a two-letter word,
representing country (uk, nl), and that there's a hostname preceding 
the domain or country. */

if (checkTLD && domArr[domArr.length-1].length!=2 && 
domArr[domArr.length-1].search(knownDomsPat)==-1) {
alert("The address must end in a well-known domain or two letter " + "country.");
return false;
}

// Make sure there's a host name preceding the domain.

if (len<2) {
alert("This address is missing a hostname!");
return false;
}

// If we've gotten this far, everything's valid!
return true;
}

//  End -->