function formSanitize(theForm) {
    for (var i = 0; i < theForm.elements.length; i++) {
       if (theForm.elements[i].value.length > 0 && (theForm.elements[i].getAttribute("type") == "text" || theForm.elements[i].getAttribute("type") == "password")) {
		    if(!containsAny(theForm.elements[i].value, ["drop", "alter", "update", ";","insert", "exec", ".js" ,"<script>","</script>"] ))
			{											
            	theForm.elements[i].focus();
				alert("Entered string/text not allowed for the input.");
            	return false;
			}
        }
}
    return true;
}

function containsAny(str, substrings) {
	    var str = str.toLowerCase();
        for (var i = 0; i != substrings.length; i++) {
           var substrng = substrings[i];
           if (str.indexOf(substrng) != - 1) {
             return false;
           }
        }
        return true; 
}