function check_code(thecode) {
  xmlHttp=GetXmlHttpObject();
  document.getElementById("code_result").innerHTML = ""; 
  var url="functions/check_code.php";
  var to_send = "code="+thecode.value;
  xmlHttp.onreadystatechange=stateChanged;
  xmlHttp.open("POST",url,true);
  xmlHttp.setRequestHeader("Content-Type", "application/x-www-form-urlencoded");
  xmlHttp.send(to_send);
}
function stateChanged() {
  thecode = document.getElementById("security_code");
  document.getElementById("code_result").innerHTML = "";
  if (xmlHttp.readyState==4 && xmlHttp.status == 200) var returned_text = xmlHttp.responseText;
  if (xmlHttp.readyState==3) document.getElementById("code_result").innerHTML = 'Checking...';
  if (returned_text == 'ok') document.getElementById("code_result").innerHTML = 'Correct!'; 
  if (returned_text == 'wrong') { 
	document.getElementById("code_result").innerHTML = 'Wrong Code!!';
	thecode.value = 'Try Again';
	thecode.select();
	thecode.focus();
	}
}