Hi Lan Mind, 1. In the default configuration a web server (eg Apache) will serve html files without interpreting any PHP tags in them. If it sees a PHP file extension then it will pass the whole thing to the PHP interpreter module. It is possible to configure Apache pass all HTML files to the PHP interpreter but that's not recommended. So you need to configure the home page of your site to be a php page.
2. I'm not sure which is the better method to use, because hackers would find it easy to use both methods. Using a secure token makes allows you to use the GET method with confidence. The POST method doesn't really hide much for determined hackers. 3. The Google Maps API method GXmlHttp.create() gives you back a XMLHttpRequest, which is an object created by the browser and not part of the Google Maps API. See http://en.wikipedia.org/wiki/XMLHttpRequest Also you will need to add the new security token to the XML in the returned results, and update the hidden field in the form, so the next search request has the correct token. Perhaps it is more convenient to store the security token in your webpage as a javascript variable rather than a hidden field in a form, because the form processing is done by AJAX. --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Google Maps API" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/Google-Maps-API?hl=en -~----------~----~----~----~------~----~------~--~---
