function validate_form(form)
{
  if ( form.user_id.value == "" || form.password.value == "" )
  {
    alert( "Enter a username and password." );
    return false;
  }
  //short-cut if challenge/response is disabled.
  if ( !_useChallenge )
  {
    form.encoded_pw.value = base64encode( form.password.value );
    form.encoded_pw_unicode.value = b64_unicode( form.password.value );
    form.password.value =  "";
    return true;
  }
  ...
}