Project Euler Returns

Announcements, comments, ideas, feedback, and "How do I... ?" questions
User avatar
euler
Administrator
Posts: 3139
Joined: Sun Mar 05, 2006 4:49 pm
Location: Cheshire, England
Contact:

Project Euler Returns

Post by euler » Fri Aug 15, 2014 8:11 am

14 August 2014: Project Euler Returns

It is with the greatest of pleasure that the team can officially announce the return of Project Euler. The current website will go offline for a short period on Saturday 16 August 2014 at approximately 9am [BST] to restore full functionality.

The new site should look very familiar, but you can be assured that there has been a complete rewrite of the website engine. Along with such big changes it is quite possible that members will encounter teething issues as, hopefully only, minor bugs will be discovered. We would ask that anyone who spots any problems to report them to this thread.

Although full functionality will be restored: sign in/out, tracking which problems have been solved, access to the discussion threads, progression through levels, awards, and statistics, there is one significant change which we must make you aware of. After much discussion and consideration a decision has been made to no longer store email addresses. For a number of members this will not be a problem, as they had already used disposable email addresses to register, but for others this could have one major consequence: Account recovery will no longer be possible. With respect to this issue it is quite possible that some members will have genuinely forgotten passwords. There will be a link on the sign-in page which will outline the process for account recovery, but please be aware that initially this will only be available to members who have solved 200+ problems. The process will be handled manually so depending on the volume of requests the service will either be halted or we may move the threshold down from 200 problems.

The decision to no longer store any private/personal information in no way reflects a lack in confidence of the steps we have taken to make the new website secure, but if history teaches us one thing it is that for every "unsinkable" Titanic built there will always be icebergs. We hope you understand our reasons for this decision and accept that it was not made lightly. However, we would prefer to focus on the good news, which is the imminent return of Project Euler. We apologise for the long delay in restoring the website and we appreciate the patience shown by our members, but understandably the rewrite was no small undertaking.

You should also be aware that once you have successfully signed in you will be asked to change your password before you can do anything else.

Finally, we would like to thank you everyone for the positive and supportive comments made during the challenging time we faced whilst being offline.
[edit]The threshold for password reset requests have now been lowered to 100+ problems.[/edit]
Image
impudens simia et macrologus profundus fabulae

User avatar
angzhiping
Posts: 32
Joined: Sat Aug 09, 2014 2:51 pm
Location: Jurong East, Singapore
Contact:

Re: Project Euler Returns

Post by angzhiping » Fri Aug 15, 2014 12:06 pm

Good work to the team at Project Euler!
Image
170825_b3d528c2bf87aaeff2a0ff93382fba94

User avatar
nicolas.patrois
Posts: 117
Joined: Fri Jul 26, 2013 3:54 pm
Contact:

Re: Project Euler Returns

Post by nicolas.patrois » Fri Aug 15, 2014 1:33 pm

Grrr, I did not solve 200 problems but 35 less. :-|
Image

User avatar
mpiotte
Administrator
Posts: 1914
Joined: Tue May 08, 2012 4:40 pm
Location: Montréal, Canada

Re: Project Euler Returns

Post by mpiotte » Fri Aug 15, 2014 1:36 pm

nicolas.patrois wrote:Grrr, I did not solve 200 problems but 35 less. :-|
If you remember your password it is not an issue. The 200 limit is only for password recovery.
Image

User avatar
nicolas.patrois
Posts: 117
Joined: Fri Jul 26, 2013 3:54 pm
Contact:

Re: Project Euler Returns

Post by nicolas.patrois » Fri Aug 15, 2014 1:41 pm

OK, thanks.
Image

User avatar
aamiel
Posts: 2
Joined: Wed Jul 24, 2013 9:25 pm
Location: Woking, United-Kingdom

Re: Project Euler Returns

Post by aamiel » Fri Aug 15, 2014 2:09 pm

Does it mean that if I forget my password I will need to recreate an account with a different ID?
Arnaud Amiel

Image

User avatar
bret_bryan
Posts: 1
Joined: Wed Jul 09, 2014 5:20 pm

Re: Project Euler Returns

Post by bret_bryan » Fri Aug 15, 2014 2:14 pm

Dear Project Euler Team -
Thank you so much for the tremendous effort it must have taken you all to rewrite the site. I have a pretty good idea how much toil must have been involved. I have been checking every day since June 15 for any updates, and was very pleased to see the news today. To celebrate, I plan to solve several new problems as soon as I get home from work. Congratulations on a job well done!
Last edited by bret_bryan on Fri Aug 15, 2014 7:09 pm, edited 1 time in total.
Regards, Bret

User avatar
mpiotte
Administrator
Posts: 1914
Joined: Tue May 08, 2012 4:40 pm
Location: Montréal, Canada

Re: Project Euler Returns

Post by mpiotte » Fri Aug 15, 2014 2:28 pm

aamiel wrote:Does it mean that if I forget my password I will need to recreate an account with a different ID?
If you forgot your password, you will need to create a new account with a different ID, unless you have solved 200+ problems, in which case you can ask for manual password recovery. The 200 limit might be lowered after a while depending on the volume of requests.
Image

User avatar
TheEvil
Posts: 84
Joined: Sun Nov 13, 2011 10:38 am
Location: Szeged, Hungary

Re: Project Euler Returns

Post by TheEvil » Fri Aug 15, 2014 5:11 pm

Thank you for the whole team for this work. I am very happy that even this is summer and lots of people take rest in their work, you still recovered the site.
Image

magiko
Posts: 1
Joined: Fri Aug 15, 2014 7:06 pm

Re: Project Euler Returns

Post by magiko » Fri Aug 15, 2014 7:19 pm

<-- web guy here (created a forum account just to make this comment)

If you would like to store email addresses and be guaranteed that a database breach wouldn't give anything up, there is a fairly easy method. You can do it with the data that you have now, and with little additional effort.

Encrypt all of the email address strings with something (md5, for instance). This turns the email strings into a hash string. Store this hash value in the table (not the email address). This meets your requirement of not hosting the email address.

Then when someone comes to do a password reset, their experience is not very different than before. You say "ok - what's your email address?" - they give you their email address, you hash it, check the table for where that hash exists (be sure to set up a db index on the hashed field since you're searching on it!), and then if it finds the hash, you can send the reset email to the email they just gave for you to re-hash (not a stored email, since you literally don't have it).

If you'd like to implement, your first step would be to temporarily re-add your email address column, add a brand new column, write a script to go through and hash the email addresses into the new column, and at that point the email column is not necessary and can be removed.

Incidentally, this is also how you're supposed to store passwords (not in plain text!). You're supposed to hash passwords each time they give it to you, and compare it to a stored hash.

( //begin tangent
And so then the next task is, when you send the email, to also put some "token" in the db with their account to mark that they've been given a url with that same token (something hashed string again... the current date & time... the time plus their email address... something that will change with time, to make sure it's unique each attempt...) - you compare the user id (or username), the token (probably given with a GET argument) and if those two are right they obviously also had access to the email address and are allowed to choose a new password - when they are successful at resetting their password, you clear the token

The reset url they're sent can be something like:

/resetpassword?id=934&reset=HASHHASHHASHHASHHASHHASHHASHHASH

//be sure to remember to not try to look up the hash it is not present (remember, empty hash field by default in the db - but it's easy to simply do nothing if no hash is given)
//also, remember the lesson learned from little Bobby Tables... http://xkcd.com/327/
) // end tangent

fefifofu
Posts: 1
Joined: Sat Aug 16, 2014 3:53 am

Re: Project Euler Returns

Post by fefifofu » Sat Aug 16, 2014 4:05 am

<-- web guy #2 here (I also just registered now to post this comment).

Everything web guy #1 said is standard procedure for a website. In other words, implementing his suggestion is way easier than some of the euler problems. Popular web frameworks such as Ruby on Rails and Django will hash and sanitize for you automagically. I wish I had the time to volunteer.

roosephu
Posts: 5
Joined: Sat Aug 16, 2014 7:47 am

Re: Project Euler Returns

Post by roosephu » Sat Aug 16, 2014 7:54 am

I'm sorry, but I cannot log in. It seems that I didn't set my timezone...
It reports:

_Thanks for reporting the details (noted and removed by euler)_

User avatar
euler
Administrator
Posts: 3139
Joined: Sun Mar 05, 2006 4:49 pm
Location: Cheshire, England
Contact:

Re: Project Euler Returns

Post by euler » Sat Aug 16, 2014 8:00 am

Hmm? Try now.
Image
impudens simia et macrologus profundus fabulae

roosephu
Posts: 5
Joined: Sat Aug 16, 2014 7:47 am

Re: Project Euler Returns

Post by roosephu » Sat Aug 16, 2014 8:02 am

I tried another browser, but nothing different...

roosephu
Posts: 5
Joined: Sat Aug 16, 2014 7:47 am

Re: Project Euler Returns

Post by roosephu » Sat Aug 16, 2014 8:03 am

Oh it works! Thank you~

User avatar
euler
Administrator
Posts: 3139
Joined: Sun Mar 05, 2006 4:49 pm
Location: Cheshire, England
Contact:

Re: Project Euler Returns

Post by euler » Sat Aug 16, 2014 8:05 am

Phew! Is it too optimistic to hope that is the only bug? :wink:
Image
impudens simia et macrologus profundus fabulae

roosephu
Posts: 5
Joined: Sat Aug 16, 2014 7:47 am

Re: Project Euler Returns

Post by roosephu » Sat Aug 16, 2014 8:29 am

A strange problem(maybe it's my own problem?): in my Firefox, the text "check" in problem page is rgb(182,​ 215,​ 221), the background color is rgb(187,​ 187,​ 187). It's difficult to distinguish the text from background. Could you please add a css rule for the text color(along with the input text color)? My color theme is dark.

If it's not convenient for you, I can change css by hand(using Pentadactyl). But maybe others can meet the same problem :(

EDIT: it works well in Chromium, but I prefer Firefox. I know it's hard to make everything look the same in different browsers, because I have the similar experience during maintaining my blog.

User avatar
euler
Administrator
Posts: 3139
Joined: Sun Mar 05, 2006 4:49 pm
Location: Cheshire, England
Contact:

Re: Project Euler Returns

Post by euler » Sat Aug 16, 2014 8:36 am

I've tested this and I don't seem to have that problem. Could you provide a screenshot of the affected area?
Image
impudens simia et macrologus profundus fabulae

roosephu
Posts: 5
Joined: Sat Aug 16, 2014 7:47 am

Re: Project Euler Returns

Post by roosephu » Sat Aug 16, 2014 8:52 am

It looks like this.
My system is also dark theme. Does this make sense?
Attachments
pe.png
pe.png (17.89 KiB) Viewed 2927 times

User avatar
euler
Administrator
Posts: 3139
Joined: Sun Mar 05, 2006 4:49 pm
Location: Cheshire, England
Contact:

Re: Project Euler Returns

Post by euler » Sat Aug 16, 2014 8:59 am

This is what I see in Firefox using dark theme:
dark_theme_firefox_submit_answer.png
dark_theme_firefox_submit_answer.png (22.51 KiB) Viewed 2925 times
I don't know why your text is light coloured. It should be black. Are you sure you're not already overriding the default?
Image
impudens simia et macrologus profundus fabulae

Post Reply