Program doesn't give expect output-CodePudding

When I execute and put in the response "YES" or "NO.", the program always outputs "Not a valid response." from the else{} statement.

#include<stdio.h>
#include<stdlib.h>

int main()
{
    int response[3];
    char password[15];
    printf("Insert Password with 8 characters:");
    gets(password);
    printf("Your current password is:'%s',do you want to keep it?(YES or NO.):",password);
    gets(response);
    if (response == "YES") {
        printf("password stored 'not actually lol'\n");
    }
    else if (response == "NO.") {
        printf("we dont know what else you want to do.\n");
    }
    else {
        printf("Not a valid response.\n");
    }
    return 0;
}

It doesnt even work when the program doesnt take input from the user, I think there is a problem with the if statement but I'm not sure

#include<stdio.h>
#include<stdlib.h>

int main()
{
    int response = "NO.";
    char password[15];
    printf("Insert Password with 8 characters:");
    gets(password);
    printf("Your current password is:'%s',do you want to keep it?(YES or NO.)\n",password);
    //gets(response);
    if (response == "YES") {
        printf("password stored 'not actually lol'\n");
    }
    else if (response == "NO.") {
        printf("we dont know what else you want to do.\n");
    }
    else {
        printf("Not a valid response.\n");
    }
    return 0;
}

CodePudding user response：

#include<stdio.h>
#include<stdlib.h>

int main()
{
    // You used response[3] sized response which stores 2 characters the user gives, and one character as NULL, hence, it is always suggested to used required size   1 for characters
    // Also, "NO." is a char array and not an int array
    char response[4];
    char password[15];
    printf("Insert Password with 8 characters:");
    gets(password);
    printf("Your current password is:'%s',do you want to keep it?(YES or NO.):",password);
    gets(response);
    // String comparison is done using strcmp(s1, s2) and not s1 == s2
    // If two strings are equal, it returns 0, else 1 or -1
    if (strcmp(response, "YES") == 0) {
        printf("password stored 'not actually lol'\n");
    }
    else if (strcmp(response, "NO.") == 0) {
        printf("we dont know what else you want to do.\n");
    }
    else {
        printf("Not a valid response.\n");
    }
    return 0;
}

Also, please read these web pages for a better understanding of why not to use gets() or scanf()

strcmp usage | How to properly take input in C

CodePudding user response：

It is not wise to use gets() in your code. it can lead to buffer overflow. I have pased below snippet from cppreference. https://en.cppreference.com/w/c/io/gets

You can alternately try with scanf but need to make sure bound checking. please refer this Am I using scanf incorrectly?

The gets() function does not perform bounds checking, therefore this function is extremely vulnerable to buffer-overflow attacks. It cannot be used safely (unless the program runs in an environment which restricts what can appear on stdin)

Here is my code implementation using fgets()

#include<stdio.h>
#include<string.h>
#include<stdlib.h>

int main()
{
    char response[3];
    char password[15];
    printf("Insert Password with 8 characters:");
    fgets(password, 15, stdin);

    printf("Your current password is:'%s',do you want to keep it?(YES or NO.):",password);
    fgets(response, 3, stdin);



    if (strcmp(response,"YES")== 0)
    {
        printf("password stored 'not actually lol'\n");
    }
    else if (strcmp(response,"NO")== 0)
    {
        printf("we dont know what else you want to do.\n");
    }
    else {
        printf("Not a valid response.\n");
    }
    return 0;
}

Output:

@MacBook-Air% ./a.out 
Insert Password with 8 characters:abcdefas
Your current password is:'abcdefas
',do you want to keep it?(YES or NO.):YES
Not a valid response.

if you want to know more why not to use gets, please read this

Why is the gets function so dangerous that it should not be used?