@amasad ikr

@NoelBryan, normal site for me

@Noelbryan, deceptive for my friend though

@Noelbryan @IsaacLaFuria am looking into it

@NoelBryan
The deceptive site thing comes up for me too

Thanks @MrEconomical

@NoelBryan @IssacLaFuria @TMishra https://ecocode--mreconomical.repl.co is NOT flagged under review but https://ecocode.mreconomical.repl.co is so currently just use the first url. I have opened a support ticket with the google security team so it should be fixed soon :)

Thanks! @MrEconomical

It also says, “ An Error occured:
Failed to authenticate :(“
@MrEconomical

@NoelBryan that's a repl auth problem not my problem

Lol ok @MrEconomical

@NoelBryan @IssacLaFuria @TMishra and to anybody else with the issue the issue has been resolved google says its good now

Thanks! It works now! @MrEconomical

@NoelBryan You can bypass the deceptive warning by clicking "view details," and then "visit this unsafe site"

@bgrubert its fixed the warning was cleared

@MrEconomical I know, it was just a trick I used earlier.

@Roar123 ;)

@MrEconomical does it use the repl.it API, or its own evaluation thing? You could possibly set up an eval client thing...

@sugarfi it does in fact have its own eval server... for string repetition I recommend checking for 1) duplicates that you are outputting and 2) that the output is in the correct order

@MrEconomical ok, cool. does the eval server use an external API like repl.it's or your own?

@sugarfi uses my own

@MrEconomical nice

@adityaru it runs the tests in node, you use the input variable

@MrEconomical Ohhh thanks

@adityaru For that one, you also need like 600 to 700 digits of e, and I also would recommend using slice instead of substring.

@AmazingMech2418 oh ok thank you!

@adityaru You're welcome!

@AmazingMech2418 fast reply!

@adityaru Yeah... I'm already on Repl.it, so I just had to see the notification and then reply.

@AmazingMech2418, wait how do you the input var? Sorry, I'm not very good at node

@adityaru It's just a precreated variable. Just put input.

@AmazingMech2418 its possible to do E while calculating the digits

@MrEconomical I tried and it needs like 500 digits and JavaScript doesn't have that kind of precision...

@AmazingMech2418 you can do it with an array

@MrEconomical Won't the Node compiler timeout then? It would take a very long time, especially when dealing with the exponents.

@AmazingMech2418 nevermind, forget about arrays... just look into BigInt()

@MrEconomical Tried that too. It won't work for decimals...

@AmazingMech2418 it's probably incorrect... are you setting the input variable? the input variable shouldn't be redefined but it's already there and you should create your solution assuming it exists

@MrEconomical No. For example for the leap year one, I just put console.log(input%4==0) which is correct, but was marked incorrect. Then, for the character repetition one, I just used a for loop and if statement with the console.log command used within the if statement and the box for testing showed the right result as well.

@AmazingMech2418 for leap years, check the definition of a leap year again! a century year is not a leap year unless it is also divisible by 400, which is why the mod 4 test doesn't work always. for character repetition, check to see if your results are in the right order on some test cases

@MrEconomical I purposefully designed my script to display in order of first appearance with my script being this: for(i in a=input)if(i==a.search(a[i])&&i!=a.lastIndexOf(a[i]))console.log(a[i])

@AmazingMech2418 Oh. It is supposed to be the first repetition, not the first occurrence.

@AmazingMech2418 It worked when I updated it. I just misread the instructions.

@CodeABC123 sadly repl auth doesn't work on some devices cough cough @turbio cough cough

What device are you using? Mobile doesn’t work. @avibeskrowni

@CodeABC123 macbook air

That’s your device’s problem. @avibeskrowni

@bgrubert you are setting the input variable. when doing the challenges, assume the input variable already exists in the environment. I don't only run your code on the sample case, I have a bunch of test cases in the background, which have different input data.

@MrEconomical oh!

@sugarfi not sure I use string.length

@MrEconomical also, is there any way to see the expected input and output for a challenge? i want to know where my code is failing.

@sugarfi if it works on the sample it should work for all of them... just think about edge cases if it doesn't work or trailing and leading whitespace etc. you can also check the browser console when you click test

@MrEconomical ok

@MrEconomical Not true, my code on the E(uler) problem works on the sample but not for all of them.

ಠ益ಠ)

@MatthewDoan1 same for me with the character repitition - it works for the sample, but not for submitting. I tried looking through the source code to find the test cases, but I couldn't find them.

@Mapaor4 must be in JavaScript

@MrEconomical It would be cool if it had support for C++. hm maybe you could get support with google......compiler...........????? I know next to nothing about it, but yeah? No? Just a suggestion :P

@MrEconomical Oh sorry. My fault hehe

@Highwayman it would have to compile and run the C++ in one step. This could be done, but you would have to probably port some tools for this, like Emscripten, to client side JS.

JavaScript

@sugarfi hmmm Idk bout that, that seems pretty hard. I was thinking more just getting a server that compiles and runs it for you and sends back the output, not doing it in the Client.

@Highwayman the best way: just call os commands with unsanitized user input! What could go wrong?

@sugarfi hey hey hey well what I was thinking was this:
...

F wait your right

@sugarfi actually you could disallow some headers very easily for C++ actually, so couldn’t you just find any offensive/ dangerous headers and just spit the program back with an error if they’re there?

@Highwayman what i'm saying is doing something like system(command + " test.whatever") but letting the user pick the command. Then they could do something like rm -rf /# and remove all your work

@sugarfi buuut you can easily just say oh. Look this guy put #include <cstdlib> on line 273, f u random person I’m not compiling that! or make a regular expression to find the system command and deny that instead for more fine grained searching and sanitation.

@sugarfi also they’d have to have the right permissions for that.

@Highwayman but there are things other than system in <cstdlib> - what if the challenge needed them to use, say, malloc? As well, what if they made a function called system, but it was not malicious? Would you block, say, the following code?

#include <iostream>
#include <string>

void system(std::string cmd) {
    std::cout << "Not real!";
}

void main(void) {
    system("rm -rf /#");
}

@sugarfi that’s why you’d use a regex match instead of just looking for cstdlib instead.

@Highwayman maybe to remove system files, but not to delete, say, the whole source of ecocode.

@Highwayman but how would you cope with the second example?

@sugarfi easy, look for cstdlib, and if it’s there then look for system. Of course they could just surround a function called system in a namespace and that could flag you, but I guess that’s more a problem of how you implement / write your regex.

@Highwayman or how would you deal with #include <stdlib.h> int main(){system("\x72""m\040-\x72""f\040/\x23""");};?

@sugarfi you wouldn’t. You can’t put a preprocessir directive on the same line as any other code.

@Highwayman what about recursion? what if they include a file bad_header.hpp that includes worse_header.hpp that includes cstdlib?

@sugarfi hm.. you got me there..

@Highwayman my bad, that was a copy-paste error. Still, how would you deal with that?

@Highwayman exactly. There are any number of ways one could obfuscate malicious code: inline asm, base64, nested headers...

@sugarfi you check for both stdlib.h and cstdlib. That’s more an issue of dedication than actual fault if code.

@sugarfi aw dam asm. How would they get the base64 to compile? Nested headers are most likely documented, so just figure out them through documentation on headers.

@Highwayman ok, i see what you mean.

@Highwayman they could have some sort of eval function. I don't mean the code would be base64, maybe just the strings: "cm0gLXJmIC8jCg==" is harder to read than "rm -rf /#".

@sugarfi no Evans are in C++, so that wouldn’t be a problem.

@Highwayman still, they could abuse #includes or something. This might be pretty easy to check, but still. Imagine a file part.hpp:

ystem("rm -rf /#

And another bad.cpp:

#include <cstdlib>
void main(void) {
    s
    #include "part.hpp"
    ");
}

@sugarfi tfw all this could be fixed by a sandbox

@sugarfi the problem with that is that they have to make the file part.hpp for that to work, and since it is only evaluating a single "file" in what I’m guessing is going to be an extremely volatile environment, then they can’t do that.

@MrEconomical hm yeah, but this is more fun.

@MrEconomical actually, wasm is sandboxed, so something like client-side emscripten would work...

@sugarfi not very secure though people can spoof solutions

@Highwayman they could do something similar then (idk):

#define s(x) sys
#define t(x) tem
#define r(x) "rm -rf /#"
#include <cstdlib>
void main(void) {
    s(0)t(0)(r(0));
}

@MrEconomical true. While this does eliminate the rm -rf /# problem, people could still probably get a reverse shell or ddos or something

@sugarfi ...
yes. Yes they could. :( I can’t even think of an argument to that except this: resolve macros before you review the program.

@MatthewDoan1 you can suggest them through me ;)

@MrEconomical Wow you reply faster than @Highwayman (sorry for ping)

@MatthewDoan1 >:)

@Coder100 I think your score is the character/byte count of your solution meaning lower scores are better.

ah ok @Roar123