Надеюсь, у тебя все хорошо ...! Мы используем приложение на основе апплета. Здесь проблема в том, что мне нужно исправить межсайтовый скриптинг на основе DOM в файле JSP. как это происходит, хакеры пытаются ввести полезную нагрузку в URL. Другими словами, манипулирование URL-адресом. Исходный URL http://rs123.mt.att.com:8001/w4/query.jsp Подделанный URL http://rs123.mt.att.com:8001/w4/query.jsp?option=%3E%22%27%3E%3Cscript%3Ealert%281702%29%3C%2Fscript%3E&cloption=%3E%22%2 7%3E%3Cscript%3Ealert%281702%29%3C%2Fscript%3E Как я могу это ограничить ?? Даже я пытался использовать библиотеки, к сожалению, это не помогает в этом случае, поскольку этот клиентский файл. Прилагаю запрос. jsp файл.
--%>
<%@ page contentType="text/html" import="java.net.*, glbl.jtn.*" %>
<%@ include file="getnetinfo.jsp" %>
<%! boolean RFlag ;%>
<%
String cl = "",line="";
BufferedReader input = new BufferedReader(new FileReader("/topnet/etc/177141e_cb"));
//String cl = "";
cl = "N";
cl = input.readLine();
/*while((line = input.readLine())!= null)
{
if (!(line.startsWith("#")))
cl= line;
}*/
%>
<%
Date date = new Date();
String option = request.getParameter("option");
String cloption = request.getParameter("cloption");
String toption = request.getParameter("toption");
String title = "",ffile = "", sfile = "";
int row1 = 0,row2 = 0,row3 = 0,row4 = 0,row5 = 0;
boolean allFlag=false;
boolean result=false;
System.out.println("user");
if (option.equals("verify")) {
row1 = 50;
row2 = 0;
row3 = 30;
row4 = 20;
row5 = 30;
title = "Select NSA Switch CLLI";
}
else if(option.equals("rc")) {
row1 = 100;
row2 = 0;
row3 = 20;
row4 = 10;
row5 = 20;
title = "RC BUNDLE QUERY";
}
}
else if(option.equals("cptan")) {
row1 = 90;
row2 = 0;
row3 = 25;
row4 = 20;
row5 = 25;
title = "Select 4E Trunk by TAN/OTAN";
}
%>
<html>
<head>
<meta http-equiv="Pragma" content="no-cache;">
<link rel="stylesheet" type="text/css">
<script language="JavaScript" src="cllimatch.js"> </script>
<script language="JavaScript" src="GetAllStream.js"> </script>
<script language="JavaScript" >
var localArray = new Array();
var genericArray = new Array();
var isSwLocal = false;
var winversion=0 ;
var browser = "netscape";
var fmtFile = "";
var sortFile = "";
//var allFlag = false;
var RFlag=false;
var webhost =window.location.hostname;
var userid ='<%= uid%>';
<%
String userid =uid;
String webhost =java.net.InetAddress.getLocalHost().getHostName();
allFlag = GetAllStream.isAllStream(userid,webhost);
%>
if ((navigator.appVersion.toLowerCase()).lastIndexOf("win") != -1) {
winversion=1 ;
}
else {
winversion=0 ;
}
if(navigator.appVersion.indexOf("MSIE") != -1)
browser = "IE";
function loadLocalArray(str) {
localArray = str.split(",");
}
function loadGenricArray(str) {
genericArray = str.split(",");
}
function showBody1() {
var cll = '<%= cl%>';
var body1doc = parent.body1.document;
body1doc.open();
body1doc.writeln("<% if(option.equals("clfi")) { %>");
body1doc.writeln('<html><body text=#000000 bgcolor=#d3d3d3 leftmargin=0 topmargin=0 onload=\'parent.loadClliArray(<%= getString(sw4eList) %>); parent.loadClliAlias(<%= getString(aliasList) %>); parent.loadLocalArray(<%= getString(local4eList) %>); parent.loadGenricArray(<%= getString(swGenList) %>); document.form1.desig.focus(); \'>');
body1doc.writeln("<%} if(option.equals("clcid")) { %>");
body1doc.writeln('<html><body text=#000000 bgcolor=#d3d3d3 leftmargin=0 topmargin=0 onload=\'parent.loadClliArray(<%= getString(sw4eList) %>); parent.loadClliAlias(<%= getString(aliasList) %>); parent.loadLocalArray(<%= getString(local4eList) %>); parent.loadGenricArray(<%= getString(swGenList) %>); document.form1.tfn.focus(); \'>');
body1doc.writeln("<%} else { %>");
body1doc.writeln('<html><body text=#000000 bgcolor=#d3d3d3 leftmargin=0 topmargin=0 onload=\'parent.loadClliArray(<%= getString(sw4eList) %>); parent.loadClliAlias(<%= getString(aliasList) %>); parent.loadLocalArray(<%= getString(local4eList) %>); parent.loadGenricArray(<%= getString(swGenList) %>); document.form1.ssclcid.focus(); \'>');
body1doc.writeln("<%}%>");
body1doc.writeln("<center>");
body1doc.writeln("<form method=post name=form1>");
body1doc.writeln("<table>");
body1doc.writeln("<% if(option.equals("insvcssclcid")) { %>");
body1doc.writeln("<tr>");
body1doc.writeln("<td align='right'><B>SS CLCID:</B></td>");
if(cll == "Y")
{
body1doc.writeln("<td align='left'><B><input type='text' name='ssclcid' value='' size=24 ></B></td>");
}
else
{
body1doc.writeln("<td align='left'><B><input type='text' name='ssclcid' value='' size=24 maxlength=24 ></B></td>");
}
body1doc.writeln("</tr>");
body1doc.writeln("<tr>");
body1doc.writeln("<td align='right'><B>End point CLLI:</B></td>");
body1doc.writeln("<td align='left'><B><input type='text' name='aclli' value='' size=11 maxlength=11></B></td>");
body1doc.writeln("</tr>");
body1doc.writeln("<% } %>");
body1doc.writeln("<% if(!option.equals("cltgi") && !option.equals("clcid") && !option.equals("clfi") && !option.equals("cptan") && !option.equals("insvcssclcid")) { %>");
body1doc.writeln("<tr>");
body1doc.writeln("<td align='right'><B>Switch CLLI:</B></td>");
body1doc.writeln("<td align='left'><B><input type='text' name='aclli' value='' size=11 maxlength=11></B></td>");
body1doc.writeln("</tr>");
body1doc.writeln("<% } %>");
body1doc.writeln("<td align='right'><B>SS_CLCID:</B></td>");
function showBody4(opt) {
var body4doc = parent.body1.document;
var cpinsTanW;
body4doc.open();
body4doc.writeln("<html><body text='#000000' bgcolor='#d3d3d3' leftmargin=0 topmargin=0>");
body4doc.writeln("<center>");
body4doc.writeln("<form method=post name=form4>");
body4doc.writeln("<table>");
if (opt=="tan") {
cpinsTanW=window.open("/w4eqry/query.jsp?option=cptan&toption=tan","_blank","scrollbars,resizable,status,width=420,height=220,left=0,top=0,screenx=50,screeny=300");
cpinsTanW.focus();
top.close();
}
else if (opt=="otan") {
cpinsTanW=window.open("/w4eqry/query.jsp?option=cptan&toption=otan","_blank","scrollbars,resizable,status,width=420,height=220,left=0,top=0,screenx=50,screeny=300");
cpinsTanW.focus();
top.close();
}
body4doc.writeln("</table>");
body4doc.writeln("</form>");
body4doc.writeln("<center>");
body4doc.writeln("</body></html>");
body4doc.close();
}
function showBody3() {
var body3doc = parent.body3.document;
body3doc.open();
var allf = '<%= allFlag %>';
body3doc.writeln("<html><body text='#000000' bgcolor='#d3d3d3' leftmargin=0 topmargin=0>");
if(winversion == 0) // for solaris only
{
body3doc.writeln("<style type=text/css>");
body3doc.writeln("input, button {");
body3doc.writeln("font: bold small Verdana;");
body3doc.writeln("background-color: #FFCC99;");
body3doc.writeln("color: #00008A;");
body3doc.writeln("}");
body3doc.writeln("</style>");
}
body3doc.writeln("<center>");
body3doc.writeln("<form method=post name=form3>");
body3doc.writeln("<table>");
body3doc.writeln("<table>");
body3doc.writeln("<% if(!option.equals("cltgi") && !option.equals("clcid") && !option.equals("clfi") && !option.equals("rc") && !option.equals("cptan")) { %>");
body3doc.writeln("<tr>");
if(allf == "true")
{
//alert('ALLF1 ==='+allf);
body3doc.writeln("<td align='right'><B><input type='button' name='matchclli' value='Match SW CLLI' onClick='parent.allMatchClli(parent.body1.document.form1.aclli);'></B></td>");
}
else
{
//alert('ALLF2 ==='+allf);
body3doc.writeln("<td align='right'><B><input type='button' name='matchclli' value='Match SW CLLI' onClick='parent.matchClli(parent.body1.document.form1.aclli);'></B></td>");
}
body3doc.writeln("<% if(!option.equals("verify") && !option.equals("selord") && !option.equals("cptan") && !option.equals("insvcssclcid")) { %>");
if(allf == "true")
{
body3doc.writeln("<td align='right'><B><input type='button' name='matchclli' value='Match FE CLLI' onClick='parent.allMatchClli(parent.body1.document.form1.zclli);'></B></td>");
}
if( cll == "Y")
{
body3doc.writeln("<% if(option.equals("insvcssclcid") || option.equals("ssclcid") ) { %>");
body3doc.writeln("<td><B><input type='button' name='Help' value='Help' onClick='parent.do_help()'></B></td>");
body3doc.writeln("<% } %>");
}
body3doc.writeln("</tr>");
body3doc.writeln("<% } %>");
body3doc.writeln("<% if(option.equals("cltgi") || option.equals("clcid") || option.equals("clfi")) { %>");
body3doc.writeln("<tr>");
if(allf == "true"){
body3doc.writeln("<td align='right'><B><input type='button' name='matchclli' value='Match A' onClick='parent.allMatchClli(parent.body1.document.form1.aclli);'></B></td>");
body3doc.writeln("<td align='right'><B><input type='button' name='matchclli' value='Match Z' onClick='parent.allMatchClli(parent.body1.document.form1.zclli);'></B></td>");
}
else
{
body3doc.writeln("<td align='right'><B><input type='button' name='matchclli' value='Match CLLI' onClick='parent.matchClli(parent.body1.document.form1.aclli);'></B></td>");
}
body3doc.writeln("<td><B><input type='button' name='execute' value='Search' onClick='parent.doExecution()'></B></td>");
body3doc.writeln("<td><B><input type='button' name='Quit' value='Quit' onClick='top.close()'></B></td>");
body3doc.writeln("</tr>");
body3doc.writeln("<% } %>");
body3doc.writeln("</table>");
body3doc.writeln("</form>");
body3doc.writeln("<center>");
body3doc.writeln("</table>");
body3doc.writeln("</form>");
body3doc.writeln("<center>");
body3doc.writeln("</body></html>");
body3doc.close();
}
function getSelectedRadioValue(buttonGroup)
{
for (var i=0; i<buttonGroup.length; i++)
{
if (buttonGroup[i].checked)
{
return buttonGroup[i].value;
}
}
return "A";
}
function getRadioValue()
{
if ((parent.getSelectedRadioValue(parent.body1.document.form1.wchswch))=="aend")
RFlag=false;
else
RFlag=true;
//alert("RFlag in getRadioValue--> "+RFlag);
}
function doFormat()
{
<%
ffile = "/tmp/" + uid + date.getTime()+ ".w4ewl";
%>
var fileName = '<%= ffile %>';
var win;
var myUrl="/cgi-bin/w4edispfmt/WL/trans?file="+escape(fileName);
win = window.open(myUrl,"<%= date.getTime() %>","resizable=yes,scrollbars=yes,status,width=640,height=750");
fmtFile = '<%= uid + date.getTime() %>';
}
function doSort()
{
<%
sfile = "/tmp/" + uid + date.getTime()+ ".w4esort";
%>
var fileName = '<%= sfile %>';
var win;
var myUrl="/cgi-bin/w4eprovsort/trans?file="+escape(fileName);
win = window.open(myUrl,"<%= date.getTime() %>","resizable=yes,scrollbars=yes,status,width=450,height=550");
sortFile = '<%= uid + date.getTime() %>';
}
function is4eLocal(clli)
{
var i;
var localClli;
var sClli;
sClli = clli.toUpperCase();
for (i=0; i<localArray.length; i++)
{
var index = localArray[i].indexOf(sClli);
if(index >= 12)
{
localClli = localArray[i].substr(0,11);
isSwLocal = true;
}
else if(index != -1)
{
localClli = localArray[i].substr(12,localArray[i].length);
}
}
return localClli;
}
function getGeneric(clli)
{
var i;
var generic;
var sClli;
sClli = clli.toUpperCase();
for (i=0; i<genericArray.length; i++)
{
var index = genericArray[i].indexOf(sClli);
if(index != -1)
generic = genericArray[i].substr(genericArray[i].indexOf(":")+1,genericArray[i].length);
}
return generic;
}
function getActionCode()
{
var actcode = "";
var actType = parent.getSelectedRadioValue(parent.body1.document.form1.actioncode);
if(actType == "Chg")
actcode = "C";
else if(actType == "Add")
actcode = "A";
else if(actType == "Disc")
actcode = "D";
else
actcode = "";
return actcode;
}
function validateCustomer()
{
parent.showMessage("");
var cust = parent.getSelectedRadioValue(parent.body1.document.form1.customer);
if(cust == "ALL")
{
parent.showMessage("Customer ID/Name is required...");
return "false";
}
else if(cust == "Id")
{
var cusid = parent.body2.document.form2.custid.value ;
if(cusid == "" || cusid.length == 0)
{
parent.showMessage("Customer ID is required...");
return "false";
}
}
else if(cust == "Name")
{
var cusnme = parent.body2.document.form2.custname.value ;
if(cusnme == "" || cusnme.length == 0)
{
parent.showMessage("Customer Name is required...");
return "false";
}
}
return cust;
}
function validatetfn(tfn)
{
parent.showMessage("");
var tfnVal;
tfnVal = tfn.value;
tfn.value=tfn.value.toUpperCase();
if(tfnVal == "" || tfnVal.length == 0)
{
parent.showMessage("Number is required... ");
return false;
}
return true;
}
function validateclfi(clfi)
{
parent.showMessage("");
clfi.value = clfi.value.toUpperCase();
if(clfi.value == "" || clfi.value.length == 0)
{
parent.showMessage("Alphanumeric is required... ");
return false;
}
return true;
}
function validatessclcid(ssclcid)
{
parent.showMessage("");
ssclcid.value = ssclcid.value.toUpperCase();
if(ssclcid.value == "" || ssclcid.value.length == 0)
{
parent.showMessage("CLCID_SS is required... ");
return false;
}
return true;
}
function trim(str)
{
return str.replace(/^\s+|\s+$/g,"");
}
function resize() {
alert("inside resize()");
}
function do_help()
{
helpWin=window.open("/help/reports_help.htm","RPT_ISDN_HELP","scrollbars,menubar,toolbar,status,resizable,width=600,height=780") ;
helpWin.focus() ;
}
function doExecution()
{
parent.showMessage("");
var win;
var qryWinName = '<%= option %>';
var userid = '<%= uid %>';
var debug = '<%= debug %>';
var webhost=window.location.hostname;
var allf = '<%= allFlag %>';
//var cflag = false;
if(qryWinName =="clcid")
{
var swType = parent.getSelectedRadioValue(parent.body1.document.form1.wchswch);
var swclli = parent.body1.document.form1.aclli;
var feclli = parent.body1.document.form1.zclli;
var cllia =swclli.value;
var clliz=feclli.value;
if(swType == "aend")
{
if(parent.validateClli(swclli) != true)
{
if(allf == "true")
{
if(parent.allMatchClli(swclli) == false)
parent.showMessage("A End CLLI must be an Allstream CLLI");
}
return;
}
}
if(allf != "true")
{
if(parent.validateFeClli(feclli) != true)
return;
parent.showMessage("");
}
if(swType == "zend")
{
if(parent.validateClli(feclli) != true)
{
if(allf == "true")
{
if(parent.allMatchClli(feclli) == false)
parent.showMessage("Z End CLLI must be an Allstream CLLI");
}
return;
}
if(allf != "true")
{
if(parent.validateFeClli(swclli) != true)
return;
parent.showMessage("");
}
}
var wid = 950;
var ht = 560;
var htfile = "w4eitmrpt.ht";
var cloption = '<%= cloption %>';
if(cloption == "insvc")
{
htfile = "w4einsvc.ht";
wid = 500;
ht = 650;
}
if(cloption == "cpinsvc")
{
htfile = "w4ecpinsvc.ht";
var generic = parent.getGeneric(parent.body1.document.form1.aclli.value);
wid = 950;
ht = 950;
}
var clType = "T";
if(parent.validatetfn(parent.body1.document.form1.tfn) == true)
{
var myUrl="/cgi-bin/espserve?file="+escape(htfile)+"&uid="+escape(userid)+"&isSwLocal="+escape(isSwLocal)+"&sw_name="+escape(parent.body1.document.form1.aclli.value)+"&fe_clli="+escape(parent.body1.document.form1.zclli.value)+"&lcl_clli="+escape(lclClli)+"&tfn="+escape(parent.body1.document.form1.tfn.value)+"&swType="+escape(swType)+"&option="+escape(clType)+"&debug="+escape(debug)+"&generic="+escape(generic);
win = window.open(myUrl,"_blank","scrollbars,status,width="+wid+",height="+ht);
top.close();
}
return;
}
if(qryWinName =="clfi")
{
var swType = parent.getSelectedRadioValue(parent.body1.document.form1.wchswch);
var swclli = parent.body1.document.form1.aclli;
var feclli = parent.body1.document.form1.zclli;
var cllia =swclli.value;
var clliz=feclli.value;
if(swType == "aend")
{
if(parent.validateClli(swclli) != true)
{
if(allf == "true")
{
if(parent.allMatchClli(swclli) == false)
parent.showMessage("A End CLLI must be an Allstream CLLI");
}
return;
}
}
if(allf != "true")
{
if(parent.validateFeClli(feclli) != true)
return;
parent.showMessage("");
}
if(swType == "zend")
{
if(parent.validateClli(feclli) != true)
{
if(allf == "true")
{
if(parent.allMatchClli(feclli) == false)
parent.showMessage("Z End CLLI must be an Allstream CLLI");
}
return;
}
if(allf != "true")
{
if(parent.validateFeClli(swclli) != true)
return;
parent.showMessage("");
}
var wid = 950;
var ht = 560;
var htfile = "w4eitmrpt.ht";
var clType = "F";
if(parent.validateclfi(parent.body1.document.form1.desig) == true && parent.validateclfi(parent.body1.document.form1.type) == true)
{
var myUrl="/cgi-bin/espserve?file="+escape(htfile)+"&uid="+escape(userid)+"&isSwLocal="+escape(isSwLocal)+"&sw_name="+escape(parent.body1.document.form1.aclli.value)+"&fe_clli="+escape(parent.body1.document.form1.zclli.value)+"&lcl_clli="+escape(lclClli)+"&type="+escape(parent.body1.document.form1.type.value)+"&desig="+escape(parent.body1.document.form1.desig.value)+"&swType="+escape(swType)+"&option="+escape(clType)+"&debug="+escape(debug)+"&generic="+escape(generic);
win = window.open(myUrl,"_blank","scrollbars,status,width="+wid+",height="+ht);
top.close();
}
return;
}
if(qryWinName =="cltgi")
{
var swType = parent.getSelectedRadioValue(parent.body1.document.form1.wchswch);
var swclli = parent.body1.document.form1.aclli;
var feclli = parent.body1.document.form1.zclli;
if(swType == "aend")
{
if(parent.validateClli(swclli) != true)
{
if(allf == "true")
{
if(parent.allMatchClli(swclli) == false)
parent.showMessage("A End CLLI must be an Allstream CLLI");
}
return;
}
}
if(allf != "true")
{
if(parent.validateFeClli(feclli) != true)
return;
parent.showMessage("");
}
if(swType == "zend")
{
if(parent.validateClli(feclli) != true)
{
if(allf == "true")
{
if(parent.allMatchClli(feclli) == false)
parent.showMessage("Z End CLLI must be an Allstream CLLI");
}
return;
}
if(allf != "true")
{
if(parent.validateFeClli(swclli) != true)
return;
parent.showMessage("");
}
var wid = 500;
var ht = 650;
var htfile = "w4einsvc.ht";
var cloption = '<%= cloption %>';
if(cloption == "cpinsvc")
{
var generic = parent.getGeneric(parent.body1.document.form1.aclli.value);
htfile = "w4ecpinsvc.ht";
var wid = 950;
var ht = 950;
}
var clType = "G";
var myUrl="/cgi-bin/espserve?file="+escape(htfile)+"&uid="+escape(userid)+"&isSwLocal="+escape(isSwLocal)+"&sw_name="+escape(parent.body1.document.form1.aclli.value)+"&fe_clli="+escape(parent.body1.document.form1.zclli.value)+"&lcl_clli="+escape(lclClli)+"&tfn="+escape(parent.body1.document.form1.tfn.value)+"&swType="+escape(swType)+"&option="+escape(clType)+"&debug="+escape(debug)+"&generic="+escape(generic);
win = window.open(myUrl,"_blank","scrollbars,status,width="+wid+",height="+ht);
top.close();
return;
}
if(qryWinName =="cptan")
{
var swclli = parent.body1.document.form1.aclli;
if(parent.validateClli(swclli) != true)
return;
var generic = parent.getGeneric(parent.body1.document.form1.aclli.value);
var wid = 950;
var ht = 950;
var htfile = "c.ht";
htfile = "w4ecpinsvc.ht";
var generic = parent.getGeneric(parent.body1.document.form1.aclli.value);
var clType = "O";
var myUrl="/cgi-bin/espserve?file="+escape(htfile)+"&uid="+escape(userid)+"&isSwLocal="+escape(isSwLocal)+"&ep_clli="+escape(parent.body1.document.form1.aclli.value)+"&tan="+ escape(parent.body1.document.form1.tan.value)+"&option="+escape(clType)+"&debug="+escape(debug)+"&generic="+escape(generic);
win = window.open(myUrl,"_blank","scrollbars,status,width="+wid+",height="+ht);
top.close();
return;
}
if(parent.validateClli(parent.body1.document.form1.aclli) == true)
{
var lclClli = parent.is4eLocal(parent.body1.document.form1.aclli.value);
var generic = parent.getGeneric(parent.body1.document.form1.aclli.value);
if(qryWinName =="insvcssclcid")
{
var htfile = "w4einsvc.ht";
var cloption = '<%= cloption %>';
if(cloption == "cpinsvc")
htfile = "w4ecpinsvc.ht";
var clType = "S";
if(parent.validatessclcid(parent.body1.document.form1.ssclcid) == true)
{
var myUrl="/cgi-bin/espserve?file="+escape(htfile)+"&uid="+escape(userid)+"&isSwLocal="+escape(isSwLocal)+"&ep_clli="+escape(parent.body1.document.form1.aclli.value)+"&lcl_clli="+escape(lclClli)+"&ssclcid='"+escape(parent.body1.document.form1.ssclcid.value)+"'&option="+escape(clType)+"&debug="+escape(debug)+"&generic="+escape(generic);
if(cloption == "cpinsvc")
{
win = window.open(myUrl,"_blank","scrollbars,status,width=950,height=950");
}
else
win = window.open(myUrl,"_blank","scrollbars,status,width=500,height=650");
top.close();
}
return;
}
parent.body1.document.form1.zclli.value = parent.body1.document.form1.zclli.value.toUpperCase();
if(qryWinName =="ssclcid")
{
var feclli = parent.body1.document.form1.zclli;
if(parent.validateFeClli(feclli) != true)
return;
var htfile = "w4eitmrpt.ht";
var clType = "S";
if(parent.validatessclcid(parent.body1.document.form1.ssclcid) == true)
{
var myUrl="/cgi-bin/espserve?file="+escape(htfile)+"&uid="+escape(userid)+"&isSwLocal="+escape(isSwLocal)+"&sw_name="+escape(parent.body1.document.form1.aclli.value)+"&fe_clli="+escape(parent.body1.document.form1.zclli.value)+"&lcl_clli="+escape(lclClli)+"&ssclcid='"+escape(parent.body1.document.form1.ssclcid.value)+"'&option="+escape(clType)+"&debug="+escape(debug)+"&generic="+escape(generic);
win = window.open(myUrl,"_blank","scrollbars,status,width=930,height=560");
top.close();
}
return;
}
if(qryWinName =="nct")
{
var feclli = parent.body1.document.form1.zclli.value;
if(feclli == "" || feclli.length == 0)
{
parent.showMessage("Far End CLLI is required... ");
return;
}
if(parent.validateBtfn(parent.body1.document.form1.btfn) == true)
{
var myUrl="/cgi-bin/espserve?file=w4enctdisp.ht&uid="+escape(userid)+"&isSwLocal="+escape(isSwLocal)+"&sw_name="+escape(parent.body1.document.form1.aclli.value)+"&fe_clli="+escape(parent.body1.document.form1.zclli.value)+"&lcl_clli="+escape(lclClli)+"&btfn="+escape(parent.body1.document.form1.btfn.value)+"&debug="+escape(debug)+"&generic="+escape(generic);
win = window.open(myUrl,"_blank","scrollbars,status,width=900,height=870");
top.close();
}
else
{
return;
}
}
var trknType = parent.getSelectedRadioValue(parent.body1.document.form1.trunkType);
var intlType;
if(trknType == "INTL")
intlType = parent.getSelectedRadioValue(parent.body2.document.form2.serviceType);
if(qryWinName =="all")
{
var feclli = parent.body1.document.form1.zclli.value;
if( (feclli != "") && ( (trim(feclli)).length != 0) )
{
if(validateFeClli(parent.body1.document.form1.zclli) == false )
{
return;
}
}
var myUrl="/cgi-bin/espserve?file=w4ewldisp.ht&uid="+escape(userid)+"&option=all"+"&isSwLocal="+escape(isSwLocal)+"&sw_name="+escape(parent.body1.document.form1.aclli.value)+"&fe_clli="+escape(parent.body1.document.form1.zclli.value)+"&lcl_clli="+escape(lclClli)+"&trk_type="+escape(trknType)+"&intl_type="+escape(intlType)+"&debug="+escape(debug)+"&ffile="+escape(fmtFile)+"&sfile="+escape(sortFile)+"&$TITLE=ALL%20ORDERS"+"&generic="+escape(generic);
if(browser == "IE")
win = window.open(myUrl,"_blank","scrollbars,status,width=970,height=590");
else
win = window.open(myUrl,"_blank","scrollbars,status,width=955,height=560");
top.close();
return;
}
if(qryWinName =="coorddisc")
{
var myUrl="/cgi-bin/espserve?file=w4ewldisp.ht&uid="+escape(userid)+"&option=coorddisc"+"&isSwLocal="+escape(isSwLocal)+"&sw_name="+escape(parent.body1.document.form1.aclli.value)+"&fe_clli="+escape(parent.body1.document.form1.zclli.value)+"&lcl_clli="+escape(lclClli)+"&trk_type="+escape(trknType)+"&intl_type="+escape(intlType)+"&debug="+escape(debug)+"&ffile="+escape(fmtFile)+"&sfile="+escape(sortFile)+"&$TITLE=COORD.DISCS%26ADDS"+"&generic="+escape(generic);
if(browser == "IE")
win = window.open(myUrl,"_blank","scrollbars,status,width=970,height=590");
else
win = window.open(myUrl,"_blank","scrollbars,status,width=955,height=560");
top.close();
return;
}
if(browser == "IE")
win = window.open(myUrl,"_blank","scrollbars,status,width=970,height=590");
else
win = window.open(myUrl,"_blank","scrollbars,status,width=955,height=560");
top.close();
return;
}
}
}
</script>
</head>
<title><%= title %></title>
<frameset border=0 rows="<%= row1 %>,<%= row2 %>,<%= row3%>,<%= row4 %>,<%= row5 %>">
<frame src="javascript:parent.showBody1();" name="body1" marginwidth=0 scrolling=no>
<frame src="javascript:parent.showBody2('qry','N');" name="body2" marginwidth=0 scrolling=no>
<frame src="javascript:parent.showBody3();" name="body3" marginwidth=0 scrolling=no>
<!frame src="javascript:parent.showBody4('qry');" name="body4" marginwidth=0 scrolling=no>
<frame src="javascript:parent.showMessage('');" name="msgbody" marginwidth=0 scrolling=no>
<frame src="javascript:parent.showFooter();" name="footer" marginwidth=0 scrolling=no>
</frameset>
</html>
Заранее спасибо ...!