//this function is called when clicking on the 
//Go button in the free search area
function goFreeTextSearch()
{
    
    //base url hidden control
    var baseURL = document.getElementById('ctl00_topContentPlaceHolder_PageTopControl_SearchControl1_csnFreeSearch_baseURL').value;
    
    //current url hidden control
	var currentURL = document.getElementById('ctl00_topContentPlaceHolder_PageTopControl_SearchControl1_csnFreeSearch_currentURL').value;
	
	//input box for search terms
	var freeTextValue = document.getElementById('txtSearchText').value;
	
	if (freeTextValue == '')
		return false;
	//use functions below to remove terms that could be used for injection
	freeTextValue = removeInjection(freeTextValue);
	
	var dt = new Date();

	//building the next search parameters URL
	var withinResults = false;
	//get the checkbox control for within results
	var withinResultsObj = document.getElementById('InResultsSearch');
	
	//canned trigger control
	var cannedTrigger = document.getElementById('ctl00_defaultContentPlaceHolder_MercadoSearchControl1_cannedTrigger');
	
	if (withinResultsObj) withinResults = withinResultsObj.checked;
	
	if (withinResults)
	{
	  //add ? if not exist, known to happen using "within results" before previous search is done
	  if (currentURL.indexOf("?") == -1) { currentURL = currentURL + "?"; }
	  
	  //if withing results, take the current url and add the free text to it
		var url = currentURL + '&free_text|' + dt.getTime() + '=' + freeTextValue;
		if (cannedTrigger) 
		{
			if (cannedTrigger.value != "")
				url += '&canned_results_trigger=' + cannedTrigger.value;
		}
			
		window.location.href= url;

	}
	else
	{
	  //if new free search, take the basic url and the free text to it 
	  window.location.href = baseURL + '&free_text|' + dt.getTime() + '=' + freeTextValue;
		
	}	
	
	return false;
}
//James Tower created function
//break out terms and pass to another function to replace bad terms
//return the string with the bad terms removed
function removeInjection(searchTerms)
{
    var revisedSearchTerms = "";
    var iCount;
    var termArray = new Array(searchTerms.split(" ").length);
    termArray = searchTerms.split(" ");

    for (iCount in termArray )
    {
        //rebuild string of terms without bad terms
        revisedSearchTerms = revisedSearchTerms + replaceBadTerms(termArray[iCount]);

        //add a space between words, but not on the last term
        if (iCount != searchTerms.split(" ").length)
        {
        revisedSearchTerms = revisedSearchTerms + " ";
        }
    }

    return revisedSearchTerms;
    
}

//James Tower created function
//replace any single bad term found, case insensitive
function replaceBadTerms(singleTerm)
{
    //convert to lower case to make the match case insensitive
    var lcTerm = singleTerm.toLowerCase();
    //look for any of these terms
    lcTerm = lcTerm.replace(/--|script|javascript|viewstate|select|update|insert|drop|xp_|exec|grant|revoke|union|delete/, '');
    
    //leave single quote, as escaping breaks category link and code behind handles it
    if (lcTerm.indexOf("'") == -1)
    {
        //use escape to keep it free from JavaScript errors
        lcTerm = escape(lcTerm);
    }
    
    return lcTerm;
}