//转义特殊字符
function replaceChars(entry) {
outlt = "<"; // replace this
outgt = ">"
outsingle = "'";
addlt = "<"; // with this
addgt = ">";
addsingle="''";
temp = "" + entry; // temporary holder
while (temp.indexOf(outlt)>-1) {
poslt= temp.indexOf(outlt);
temp = "" + (temp.substring(0, poslt) + addlt +
temp.substring((poslt + outlt.length), temp.length));
}
while (temp.indexOf(outgt)>-1) {
posgt= temp.indexOf(outgt);
temp = "" + (temp.substring(0, posgt) + addgt +
temp.substring((posgt + outgt.length), temp.length));
}
temp1=temp;
temp2="";
while (temp1.indexOf(outsingle)>-1) {
possingle= temp1.indexOf(outsingle);
temp2=""+(temp2.substring(0,temp2.length)+temp1.substring(0,possingle)+addsingle);
temp1= "" + (temp1.substring((possingle+ outsingle.length),temp1.length));
}
temp2=""+(temp2.substring(0,temp2.length)+temp1.substring(0,temp1.length));
if (temp2!="")
temp=temp2;
document.postform.temp.value = temp;
}