It's a cross domain issue. There is a way around it, but you open yourself up to potential misuse by doing so.
You can setup the headers at the beginning of your php file to allow any domain (or specific domains) to access the php script.
Personally, I setup my ajax call to send a variable called "key" and the script will look for the key variable and if it sees it, it added the header. If it doesn't, it just does things normally so calls from the same domain still work.
Do a Google search for cross domain ajax php header to find out more info on how to set it up. If you still have issues with it, I might be persuaded to write a tutorial like I did for the Highschore table without a plugin via php/ajax that's on my site if I have time this week.