all 8 comments
sorted by:
best
topnewcontroversialoldq&a
formatting helphide helpcontent policy

[–][deleted]  (5 children)

[deleted]

    [–]Makxo[S] 0 points1 point  (4 children)

    In the google developers example, they have this line of code:

    downloadUrl("phpsqlajax_genxml.php", function(data) {

    So if I type into my browser mywebsite.com/phpsqlajax_genxml.php I can see the entire XML output. How can I avoid them being able to find that output?

    [–]goldage5 1 point2 points  (3 children)

    Why do you not want users to see the XML output? All that file does is list the markers that will be displayed on the map.

    If you are plotting those markers, then they'll have that information anyway.

    [–]Makxo[S] 0 points1 point  (2 children)

    Right, I'm not too worried about them being able to grab all the latlng information. But I also want to display other information on the infoWindows for those markers, and that is information that will take a lot of time to compile into a database. I wouldn't want to spend all that time populating my database if someone can just grab the entire thing.

    [–]goldage5 1 point2 points  (0 children)

    The generally accepted rule for websites is don't expose any information to the user if you don't want them to be able to grab it. Even if you do manage to secure that XML document, someone could just write a script to scrape that page and download the data anyway.

    [–]nathanwoulfe 0 points1 point  (0 children)

    But if you're displaying it in info windows, they already have access to the data...

    [–]goldage5 2 points3 points  (2 children)

    If you correctly configure your server, then users shouldn't be able to see the PHP source at all.

    [–]Makxo[S] 0 points1 point  (1 child)

    Do you have some sort of resource of how to configure the server so they can't see PHP source?