function DB_Exec( sStatement, pageNum){
		 //======================================================
		 // prevent hackers
		 //======================================================
		var s     = unescape(sStatement+'').toLowerCase();
		var ValidChars = "0123456789";
		var IsNumber=true;
		var Char;
		 
		 if ((s.indexOf('select ')!=-1 || s.indexOf('delete ')!=-1) && (s.indexOf('drop ')!=-1 || s.indexOf('alter ')!=-1 || s.indexOf('exec ')!=-1 || s.indexOf('--')!=-1 || s.indexOf('union')!=-1)) 
			 window.location.href( 'illegal.asp' );
alert(pageNum.length);
		if (pageNum.length==0)
		{
			window.location.href( 'illegal.asp' );
		}
		for (i = 0; i < pageNum.length && IsNumber == true; i++) 
		  { 
		  Char = pageNum.charAt(i); 
		  if (ValidChars.indexOf(Char) == -1) 
			 {
			 IsNumber = false;
			 }
		  }
		if (IsNumber == false)
			window.location.href( 'illegal.asp' );
}