cfchart /cfide/graphdata.cfm issue

Report · Mar 14, 2011

Hi,

Debated a bit between posting this in the Administration forum or the main forum since it's a little bit of both. Hopefully I picked right

We don't make heavy usage of cfchart so we never noticed this issue, but I believe the issue is present since upgrading to CF 9, from CF MX.

Problem: When using cfchart, the code is generated on the page where the chart should be

Issue is with the src attribute: /CFIDE/GraphData.cfm from what I gathered online that file doesn't really exist on the file system it's just a special alias for ColdFusion.

Problem is that we restricted access to the /CFIDE with a url rerwrite rule to prevent external access to the Administrator from the outside, the rule is for everything in /CFIDE. If I modify it to only lock /CFIDE/Administrator the charts work again.

My concern is that is there any danger to exposing CFIDE to the public? I seem to recall a bug with the bundled version of fckeditor that would allow anyone to upload files if the access wasn't restricted.

--

JF

Report · Mar 14, 2011

Basically you're right on every level

Yes the mapping is needed for any CF ajax or charting stuff to work. Yes this can be an issue, so I tend to use rewrite rules just on the /administrator and /adminapi folders. In the past I've completely deleted the fckedited rubbish if I know I won't be using it.

There is one way around it - in your code you can write cfchart to a variable rather than just outputting it, using <cfimage action="write"...> you can then write that to any folder on the server. Create yourself a mapping to that folder IIS/apache and just use a standard <img> tag to reference it.

Obviously you'll need to make sure the names are unique, uuid or whatever. And you'll also need some method of mopping them up once you're done with them, but that's probably easier than dealing with the whole /cfide security issue for the sake of a few charts

Report · Mar 14, 2011

Thanks Owain,

Very good idea to not use the CFIDE at all outputing to an image instead. For now I'll use the rewrite rule suggested in this thread as it's definitely easier, but next time I play with a chart I'll take the time to implement that solution as a custom tag probably.

Lot safer until Adobe decide to fix the underlying issues with using stuff from CFIDE.

Report · Mar 14, 2011

Can you just mod your rewrite rule, along these lines:

RewriteCond %{REQUEST_URI} !/CFIDE/graphdata.cfm [NC]
RewriteRule /CFIDE/ /bog/off/mate.html [NC,L]

?

--

Adam

Report · Mar 14, 2011

Good point!

That's the solution I'll use for now... tad bit more flexible if we ever need the other fancy stuff in /CFIDE the rule can be modified.

I really wish Adobe would get their act together, shared components that need to be publicly accessible shouldn't be in a directory with Administrator stuff...

Report · Mar 14, 2011

Basically you're right on every level

Yes the mapping is needed for any CF ajax or standard charting stuff to work. Yes this can be an issue, so I tend to use rewrite rules just on the /administrator and /adminapi folders. In the past I've completely deleted the fckeditor rubbish if I know I won't be using it.

There is one way around it - in your code you can write cfchart to a variable rather than just outputting it, using <cfimage action="write"...> you can then write that to any folder on the server. Create yourself a mapping to that folder IIS/apache and just use a standard <img> tag to reference it.

Obviously you'll need to make sure the names are unique, uuid or whatever. And you'll also need some method of mopping them up once you're done with them, but that's probably easier than dealing with the whole /cfide security issue for the sake of a few charts

Report · Nov 08, 2012

I'm running into this same problem. I recently upgraded from CF9 to CF10 and for some reason my chart images stopped displaying. When I right click the x'd out image it says not found /CFIDE/GraphData.cfm.

However, I did find that the images are indeed getting created but are being stored in the ColdFusion10/cfusion/charting/cache/ directory. So at least they are getting created, I just need to figure out a way to point to that folder so the images display when the graph is being generated.

Any ideas how to get that cache directory to output?

Report · Mar 05, 2013

I just ran into the exact same problem, idesdema. Did you ever get an answer or figure it out?

Report · Mar 06, 2013

Same thing here. Upgraded to ColdFusion 10 last night and now all my charts are broken. Who has the answer?

Report · Mar 06, 2013

I am in touch with CF support to see if they can give me an answer. I will also check with my hosting provider to see if they're encountering problems, now that they are pushing us to migrate to to CF10. I am sorry but I have become accustomed to having CF functionality work right out of the box and am wondering what other surprises are in store. (e.g., CGI.PATH_INFO going blank).

Report · Mar 07, 2013

Just as an FYI, here is what CF Support told me to do after sending them a ton of info.

Navigate to the web_root/CFIDE directory, typically located at \inetpub\wwwroot\CFIDE.
Create a blank file named GraphData.cfm.
Create a directory called main.
Navigate to the new directory at web_root/CFIDE/main.
Create a blank file titled ide.cfm.
Restart

Just so you know, it didn't work.

Report · Mar 11, 2013

Simple answer: I uninstalled CF10 and CF8, in that order, and then reinstalled CF10 and all the updates and, voila, charts worked. I guess CF10 and CF8 didn't play well together. CF support, take note, as you were of no help in this!

Adobe Community

cfchart /cfide/graphdata.cfm issue

1 Correct answer