Move over omatlahdot.fi, here comes lähdöt.fi!

The “Omat Lähdöt” service by HSL has been bugging me for a while now.

The idea behind the service is great; Allow users of Helsinki area public transport to compile their own timetables, including any number of stops in the timetable.

Unfortunately, the implementation is sub-par. I’ve listed some of the problems below. I’ve also come up with solutions to the problems.

The registration

  • The registration link is not next to the login box. Sure, it’s minor, but it would be so easy to fix.
  • The length of the username has been limited. And so you can’t use your email address.
  • ..so there’s no password recovery functionality.
  • And what’s worse, the password is written in plaintext to the database, not hashed. How do I know this? Because you can see the password in the page’s source code when you’re changing your password.

The user registration and login handling has not been implemented according to the very basic best practises used in the industry. It’s not safe. Luckily, no sensitive data can be exposed, even if the system is compromised.

..apart from the password, that is. Seeing as people tend to use the same password in several places, there’s potential for harm.

So, if you’re using the same password somewhere else, it might be a good idea to change it. Remember all those recent break-ins, where even crypted passwords were compromised?

Anyway, I see registering and logging in to a service such as this mostly unnecessary. The functionality that allows the creation of personalized timetables could be done without logging in as well.

The timetables

Creating a compiled timetable is absolutely cryptic. The UI is worse than confusing. I work with web application development, and even I had trouble figuring out how to create my own timetables.

The button “Etsi pysäkki” is one the the worst problems. The fact that it’s a button, when a link would be appropriate, is very confusing. Then, once you manage to find the timetable you’re looking for, you need to save that on top of an existing timetable to create the compilation timetable.

Searching for the stops. Why are there two search fields? It would be trivial to allow searching for a stop by it’s name, address or code from a single field.

The bookmarks. Yes, it’s great that you can create quick links to your own timetables, but I just haven’t been able to get it to work. I guess the Javascript implementation doesn’t like the browsers I use. Generating a regular HTML link that would contain all the information about the compiled timetable would be easy enough. This way there would be no need to keep anything on the server.

Links like this could be used by companies, who could add a simple HTML link to their website, allowing customers etc. to see the nearest departures.

Solutions?

Ok, so the service isn’t great. “Why don’t you make a better one, then”, I hear some of you say. So I did: Lähdöt.fi.

This service implements all the improvements I could think of, based on the rant above. My service isn’t perfect either, but I basically created it over a weekend, as a hobby. I shudder to think how much HSL paid for omatlahdot.fi.

Lähdöt.fi uses the Reittiopas API (plus some creative scraping), since that was all there was available at the time I wrote it. Since then, the Omat Lähdöt API has been opened, so I guess I should re-write Lähdöt.fi using that. That would allow showing real-time timetable data, including canceled and delayed departures. It’s own my TODO-list. The list is long.

Leave a comment

Your email address will not be published. Required fields are marked *