function gb2utf8(data){
	        var glbEncode = [];
	        gb2utf8_data = data;
	        execScript("gb2utf8_data = MidB(gb2utf8_data, 1)", "VBScript");
	        var t=escape(gb2utf8_data).replace(/%u/g,"").replace(/(.{2})(.{2})/g,"%$2%$1").replace(/%([A-Z].)%(.{2})/g,"@$1$2");
	        t=t.split("@");
	        var i=0,j=t.length,k;
	        while(++i<j) {
		    k=t[i].substring(0,4);
		    if(!glbEncode[k]) {
			gb2utf8_char = eval("0x"+k);
			execScript("gb2utf8_char = Chr(gb2utf8_char)", "VBScript");
			glbEncode[k]=escape(gb2utf8_char).substring(1,6);
		    }
		   t[i]=glbEncode[k]+t[i].substring(4);
	        }
	       gb2utf8_data = gb2utf8_char = null;
	       return unescape(t.join("%"));
           }

           var xmlHttp;
           function createXMLHttpRequest() {
           if (window.ActiveXObject) {
           xmlHttp = new ActiveXObject("Microsoft.XMLHTTP");
           } 
           else if (window.XMLHttpRequest) {
           xmlHttp = new XMLHttpRequest();
           }
          }

         function YdefProdsearch() {
          var uname,passd;
          uname=document.getElementById('username').value;
          passd=document.getElementById('password').value;
	  createXMLHttpRequest();
          xmlHttp.onreadystatechange = YdefProdsearch_1;
	  xmlHttp.open("GET","login.asp?username="+uname+"&password="+passd, true);
          xmlHttp.send(null);
       }
	   
     function YdefProdsearch_1(){
       if(xmlHttp.readyState == 4) {
		 
       if(xmlHttp.status == 200) {
	   
       alert(xmlHttp.responseText);
       window.location.href="index.asp?"+Math.random();
		}
	}
   }