CS Documentation Help Central
Back to Main

Questions and Answers. If you have a question, send it to saboteur@kolumbus.fi and I'll post an answer here ASAP! (And mail it to you personally if you wish.)

  1. Bans
  2. Cookies and Logging In
  3. Creating Accounts
  4. Can You Really See My Password
  5. Source Codes
  6. Bruteforcing

  1. What about bans?
    A ban may be placed upon an IP address or e-mail address. In the latter case you will not be able to log in with an account that has a banned e-mail address, nor will you be able to register an account with a banned e-mail address into the system. In the former case you will not be able to access CS from the banned IP address at all. You may be subjected to a ban for submitting a registration that's deemed inappropriate or abusing the password reset utility or for any other reason deemed severe enough by the administrator.

  2. Cookies and Logging In
    If you don't want to log in separately every time you visit the service, you can select the Use Cookie-option when logging in. This will store a cookie on your computer that will make the system remember you when you return, and you will be automatically logged in. This cookie will last in your system for 7 days until it expires. If you don't visit the service within a week, you'll need to login again. If you do visit before the cookie expires, the expiration will automatically reset to 7 days from that visit. If you want to remove the cookie before that time, just click Log Out. Logging out will always remove the cookie. Note that you will (obviously!) need to have cookies enabled for this to work!

  3. About Creating Accounts
    There are quite a few restrictions for opening an account. First and foremost, you must have a valid e-mail address. When you create an account, it is only pre-registered, and only activated once you click an activation link that will be sent to your reported e-mail address. If you later change your e-mail from the account editor you must reactivate your account. When selecting a user name, there are restrictions: You must select one that has not been reserved by another user. Your username must also not contain special characters, use only letters and numbers to be safe. Your password must be between 4 and 32 characters in length. This is for your security so it's not too easy to bruteforce your account. You must not leave any fields empty when registering. Your school year means how long you have been in the school. It dictates the time table that will be shown to you.

  4. Can You Really See My Password?
    In a word, no. I really, really can't see your secret password, and neither can anybody else. It's in fact so secure, even you can't see it. The reason for this is that your password is stored encrypted. If you type the word 'black' into the password field, I might see something like '1ffd9e753c8054cc61456ac7fac1ac89' in the data file. When you type in your password when logging in, it is encrypted again and matched against the already encrypted password in the datafile. The encryption is one-way and cannot be reversed. For those more technically inclined, the encryption is done via md5 hashing. If you want to see how your password is stored, you can log in using a cookie and then go into your Cookies-folder and read the cookie stored by this script. Your password will be there, but you won't be able to make any sense of it.

  5. The Source Code of CS
    Class Scheduler is completely written in PHP (plus a little Javascript to smoothen the edges) by Saboteur (Marko Lappeteläinen). The script uses flat ASCII files as databases and requires a MTA to function. The source is not immediately available for anonymous viewing, but if you e-mail me, I'm sure I could provide it for you.

  6. What is Bruteforcing?
    Bruteforcing is a hacking technique for cracking passwords. It is possible to break any password by simply randomly trying all possible letter combinations at all possible string lengths. You don't have to worry, however. Bruteforcing is very inefficient and in practice impossible to successfully apply.