RodionGork's blog

By RodionGork, 11 years ago, In English

CodeAbbey — is the site which I'm building in my spare time. It is basically a problem set targeted for beginner programmers.

Hope you'll like its archaic design yelling "bring back the internet of mid 90-s!!!" — just a joke, probably I'll be able to improve it in future :)

Functionality is after the manner of ProjectEuler:

  • user reads the problem statement;
  • along with it he/she receives input data (usually randomized);
  • these data should be processed (so usually user will write some program) to get answer;
  • answer is submitted along with source code (this is optional) and checked by server.

Users are ranked according to number of problems solved (more precisely according to sum of points gained for these problems).

After solving the problem one can see other people's solutions, and probably, can learn something from them.

Among the recent additions there were two new classes of problems — brainfuck puzzles which require user to submit valid brainfuck code which is tested on server — and challenges for which users can gain less or more points depending on how optimal the answer is.

I would be glad to receive ideas / suggestions or criticism — and even more I would be glad to cooperate in some way with authors of programming related blogs or people who like inventing problems and puzzles.

  • Vote: I like it
  • +74
  • Vote: I do not like it

| Write comment?
»
11 years ago, # |
  Vote: I like it +12 Vote: I do not like it

Just have to say, I love the design. It might not be super polished, but it's well thought of from a UX point of view and feels very good to me.

  • »
    »
    11 years ago, # ^ |
      Vote: I like it 0 Vote: I do not like it

    Thanks, you are too kind :)

    I should say that many users' advices helped me improve it significantly, so I'm greatly thankful to them.

»
11 years ago, # |
  Vote: I like it 0 Vote: I do not like it

Which technology stack do you use?

  • »
    »
    11 years ago, # ^ |
    Rev. 2   Vote: I like it 0 Vote: I do not like it

    Initially my goal was to learn PHP (because I'm java developer by occupation), so the stack is quite simple: PHP (with PhpLayout — my own light framework) and MySQL.

    UPD: well, of course here are few minor details:

    • some statements show pictures in embedded SVG;
    • demos for some problems use javascript / jQuery either with canvas or with JsMonoTermexample1, example2.
    • »
      »
      »
      11 years ago, # ^ |
        Vote: I like it +1 Vote: I do not like it

      do you consider to open source the CodeAbbey?

      • »
        »
        »
        »
        11 years ago, # ^ |
        Rev. 3   Vote: I like it 0 Vote: I do not like it

        I see no great reason for this, though the early version of it really is opened at http://sourceforge.net/projects/messcoder/

        Though I really consider making some open-source additions to it — they'll be in PHP and JavaScript. One of them which is "at hand" is kind of BrainFuck debugger...

»
11 years ago, # |
  Vote: I like it +19 Vote: I do not like it

A few suggestions about security and UX:

  • The username length is irritating. I can't use my usual nick because it is too short. I think 4 characters should at least be allowed
  • The registration was a bit awkward because I did not read the restrictions about nick name length and password complexity, so I had a few failed form submissions. It would be nice to check the constraints on the client side using JS, so that one can see the mistakes before submitting (and thus resetting the form). Alternatively, the filled in fields should be refilled if submission fails and not be cleared
  • I like that you have a privacy policy. However it does not mention how you store passwords. The page (and the code here) indicate that my password could be sent to me via email, which would mean that it is stored in plain text. Never ever do that, use a salted iterated strong hash algorithm. I can recomment bcrypt with lots of iterations (maybe as much as thousands of rounds, if you can afford it). There's really no need to store user passwords, in case somebody forgets their password, just let them generate a new one. Remember that users commonly use the same password for multiple pages, so it's not only your service that would be affected by a compromise of your database.
  • I did not test this, but make sure to HTML-escape comment text to prevent XSS flaws and use prepared statements with emulation turned off explicitly for SQL queries, like described here.
  • »
    »
    11 years ago, # ^ |
      Vote: I like it +8 Vote: I do not like it

    Thanks a lot for your elaborate research on the functionality and vulnerabilities! I'll try to answer to each point below:

    • Yes, my fault! :) Initially it was supposed the users will login via FB or Gmail account to simplify matters for them and for me — so when I added "direct login", I tried to make it "just a bit more complicated" so that user have time to reconsider other login options :)
    • Well... Agreed, I'll try to provide JS verification as soon as possible.
    • Thanks! I've added just now explanation about storing passwords to privacy policy (you are pretty correct, I use hashing with salt — framework have just "mock" implementation — perhaps I should update it);
    • Comments and Info in user profile allow using markdown, but with html turned off to restrict inserting funny javascripts — also they are not stored plaintext to avoid problems with SQL.
»
11 years ago, # |
  Vote: I like it +2 Vote: I do not like it

This is a great website and i appreciate your idea but i have an opinion : you can change the design and make it better and set many contests like CF :)

»
7 years ago, # |
  Vote: I like it -60 Vote: I do not like it

Site for a beginner from a blue, lol. Bro, practice and maybe you will get purple one day. Don't get into this bullshit crap. Thank me later! :)

  • »
    »
    7 years ago, # ^ |
      Vote: I like it +2 Vote: I do not like it

    I think you have lost it . Last time he participated was in 2014 and he left coding competition with his best rank that shows that he could have reached more and more if he would have continued............So so can't throw tantrums at him like that :(