simple ajax question

[ohdang888]

say i have a page "mydomian.com/test.php"

and in that code, there is a line like this that has AJAX in it:

<script src="http://kyforobama.com/test.js" language="javascript" type="text/javascript"></script>

 

and the file it has in the ajax involves: Receive.php

 

would receive.php have to be on mydomain, or kyforobama?

 

Thanks!

[Psycho]

There is no reason that a server-side page used for AJAX needs to be on the same domain that the page with the calling javascript is on.

[ohdang888]

thats what i thought, but i'm getting some problems on this:

Theres no errors, but nothing comes up... i type in the box (on test.php) and nothing happens...

 

Go to http://kyforobama.com/test.js for the ajax that i'm calling

 

heres the code on my localhost test.php page:

<html>
<body>
<script src="http://kyforobama.com/test.js" language="javascript" type="text/javascript"></script>

<form name="myForm" method="POST">
Name: <input type="text"
onkeyup="ajaxFunction();" name="username" />
Time: <input type="text" name="time" />
</form>
<div id="testDIV"></div>
</body>
</html>

 

and on receive.php, all it has in it is this:

"this was from kyforobama.com"

 

Thanks!

[Psycho]

Well, a quick look at the js file and I saw one erro right off th ebat:

 

  xmlHttp.onreadystatechange=function()
    {
    if(xmlHttp.readyState==4)
      {
      document.getElementById('testDIV'). innerHTML = xmlHttp.responseText;
      }
    }

 

There is an errant space in the reference to the div object.

[xtopolis]

There are security problems loading pages from another domain through AJAX.  The trick is to have your server load them instead.  Just search about it.

[ohdang888]

ok so maybe i'm looking into the wrong thing...

this is what i want:

User page --> calls file on different server--> file (such as php) is excuted on the same server as the file --> results are sent back to user page

 

 

any idea what i'm looking for?

[xtopolis]

About Security

Apache Solution

 

Other solution:

Ajax call to YOUR server.  Your server's php file does a cURL or fopen or w/e to access the site instead, prints the same results you would want to gather off the remote site on your local page.  You get the same data, and handle accordingly.

 

The bypass is that your server opens the other server instead of making javascript do it which usually ends up with the security alerts.

[ohdang888]

i'm alittle confused....

 

if the user page requests a php page, will that php page be excuted on my server or the one the user is on?

 

[xtopolis]

A php page is executed on the server it's running on.  I was just saying that when you try to call a page that's not running on the same server as the page you're on, you usually get security warnings that stop you.  The work around is to have your ajax call a php page on your server, and have that page call the php page on the other server since php doesn't complain about getting data from remote servers.

[cngodles]

Yeah, I'm pretty sure you can't load pages from other servers using ajax. Javascript just doesn't allow it. Kinda smart, I could imagine a bad page that interactivly loaded bad content from many different sources.

[ohdang888]

i'm doing this as a learning project....

 

so i guess this could sum up my question... how do the ad networks do it??? They just javascript to call another javascript file on the ad servers and then display the ads from there(i think)... But you can't use javascript to query mysql stuff.. and some ad networks use php and mysql, so that's confusing me.

[cngodles]

I'm not 100% sure, but I would assume they work like Google Analytics where they link to an external .js file. Your allowed to do that, then anything that company runs on their own site is ok within their domain. That then gets returned to your site via the .js inclusion.

[ohdang888]

whats a javascript inclusion?

[cngodles]

Like:

 

<script type="text/javascript" src="http://www.somesite.com/core.js" language="javascript"></script>

 

That's how I used to do include files before I learned PHP, lol.

[ohdang888]

so if , in your example, core.js contained the javascript to set up the ajax between the user and the ad server, then its secure?

 

 

[azfar siddiqui]

While using ajax, the scripts have to be on the same domain! .