ohdang888 Posted June 24, 2008 Share Posted June 24, 2008 say i have a page "mydomian.com/test.php" and in that code, there is a line like this that has AJAX in it: <script src="http://kyforobama.com/test.js" language="javascript" type="text/javascript"></script> and the file it has in the ajax involves: Receive.php would receive.php have to be on mydomain, or kyforobama? Thanks! Quote Link to comment Share on other sites More sharing options...
Psycho Posted June 24, 2008 Share Posted June 24, 2008 There is no reason that a server-side page used for AJAX needs to be on the same domain that the page with the calling javascript is on. Quote Link to comment Share on other sites More sharing options...
ohdang888 Posted June 24, 2008 Author Share Posted June 24, 2008 thats what i thought, but i'm getting some problems on this: Theres no errors, but nothing comes up... i type in the box (on test.php) and nothing happens... Go to http://kyforobama.com/test.js for the ajax that i'm calling heres the code on my localhost test.php page: <html> <body> <script src="http://kyforobama.com/test.js" language="javascript" type="text/javascript"></script> <form name="myForm" method="POST"> Name: <input type="text" onkeyup="ajaxFunction();" name="username" /> Time: <input type="text" name="time" /> </form> <div id="testDIV"></div> </body> </html> and on receive.php, all it has in it is this: "this was from kyforobama.com" Thanks! Quote Link to comment Share on other sites More sharing options...
Psycho Posted June 24, 2008 Share Posted June 24, 2008 Well, a quick look at the js file and I saw one erro right off th ebat: xmlHttp.onreadystatechange=function() { if(xmlHttp.readyState==4) { document.getElementById('testDIV'). innerHTML = xmlHttp.responseText; } } There is an errant space in the reference to the div object. Quote Link to comment Share on other sites More sharing options...
xtopolis Posted June 24, 2008 Share Posted June 24, 2008 There are security problems loading pages from another domain through AJAX. The trick is to have your server load them instead. Just search about it. Quote Link to comment Share on other sites More sharing options...
ohdang888 Posted June 25, 2008 Author Share Posted June 25, 2008 ok so maybe i'm looking into the wrong thing... this is what i want: User page --> calls file on different server--> file (such as php) is excuted on the same server as the file --> results are sent back to user page any idea what i'm looking for? Quote Link to comment Share on other sites More sharing options...
xtopolis Posted June 25, 2008 Share Posted June 25, 2008 About Security Apache Solution Other solution: Ajax call to YOUR server. Your server's php file does a cURL or fopen or w/e to access the site instead, prints the same results you would want to gather off the remote site on your local page. You get the same data, and handle accordingly. The bypass is that your server opens the other server instead of making javascript do it which usually ends up with the security alerts. Quote Link to comment Share on other sites More sharing options...
ohdang888 Posted June 25, 2008 Author Share Posted June 25, 2008 i'm alittle confused.... if the user page requests a php page, will that php page be excuted on my server or the one the user is on? Quote Link to comment Share on other sites More sharing options...
xtopolis Posted June 25, 2008 Share Posted June 25, 2008 A php page is executed on the server it's running on. I was just saying that when you try to call a page that's not running on the same server as the page you're on, you usually get security warnings that stop you. The work around is to have your ajax call a php page on your server, and have that page call the php page on the other server since php doesn't complain about getting data from remote servers. Quote Link to comment Share on other sites More sharing options...
cngodles Posted June 25, 2008 Share Posted June 25, 2008 Yeah, I'm pretty sure you can't load pages from other servers using ajax. Javascript just doesn't allow it. Kinda smart, I could imagine a bad page that interactivly loaded bad content from many different sources. Quote Link to comment Share on other sites More sharing options...
ohdang888 Posted June 25, 2008 Author Share Posted June 25, 2008 i'm doing this as a learning project.... so i guess this could sum up my question... how do the ad networks do it??? They just javascript to call another javascript file on the ad servers and then display the ads from there(i think)... But you can't use javascript to query mysql stuff.. and some ad networks use php and mysql, so that's confusing me. Quote Link to comment Share on other sites More sharing options...
cngodles Posted June 25, 2008 Share Posted June 25, 2008 I'm not 100% sure, but I would assume they work like Google Analytics where they link to an external .js file. Your allowed to do that, then anything that company runs on their own site is ok within their domain. That then gets returned to your site via the .js inclusion. Quote Link to comment Share on other sites More sharing options...
ohdang888 Posted June 25, 2008 Author Share Posted June 25, 2008 whats a javascript inclusion? Quote Link to comment Share on other sites More sharing options...
cngodles Posted June 25, 2008 Share Posted June 25, 2008 Like: <script type="text/javascript" src="http://www.somesite.com/core.js" language="javascript"></script> That's how I used to do include files before I learned PHP, lol. Quote Link to comment Share on other sites More sharing options...
ohdang888 Posted June 25, 2008 Author Share Posted June 25, 2008 so if , in your example, core.js contained the javascript to set up the ajax between the user and the ad server, then its secure? Quote Link to comment Share on other sites More sharing options...
azfar siddiqui Posted July 4, 2008 Share Posted July 4, 2008 While using ajax, the scripts have to be on the same domain! . Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.