File login system

Question

I've just started my way into files in c and I'm trying to create a bit of a silly program that asks asks you to login or create a new account by typing in your name and a password. So the problem is, when I decide to create a new account, i fill in my name and my password and after that I manage to login and the program closes successfully. When i run it again, considering I have already made an account, I login with the same information and it works again. But the third time I run it, it doesn't. It tells me that the information I've given is incorrect and when I open the file it is completely blank. I've went all over my book again and again looking for examples and stuff but still I can't work this out. Here's what I've tried:

#include <stdio.h>
#include <stdlib.h>
#include <string.h>

void login(void);
void create(void);

int main()
{
    char ans[10];

    printf("Welcome to Facebook!\n\n");
    printf("Type yes to login or no to create a new account: ");
    gets(ans);

    if (strcmp(ans, "yes") == 0) {
        login();
    } else {
        create();
        login();
    }

    return 0;
}

void login(void)
{
    FILE *fp;
    char name[50], fname[50];
    int pin, fpin;

    printf("~Login~\n");

    do {
        fp = fopen("test.txt", "r");

        printf("Name: ");
        scanf("%s", name);

        printf("Password: ");
        scanf("%d", &pin);

        getchar();

        fscanf(fp, "%s%d", fname, &fpin);

        if ((strcmp(name, fname) == 0) && (pin == fpin)) {
            printf("You have successfully logged in!\n");
            fclose(fp);
        } else {
            printf("The information you gave is incorrect. Try again... \n");
        }
    } while ((strcmp(name, fname) != 0) || (pin != fpin));
}

void create(void)
{
    FILE *fp;
    char name[50];
    int pin;

    fp = fopen("test.txt", "w");

    printf("\nEnter your name: ");
    gets(name);
    fprintf(fp, "%s\n", name);

    printf("Enter a numerical password: ");
    scanf("%d", &pin);
    getchar();
    fprintf(fp, "%d", pin);

    printf("\nYour new account has been created! Use your info to login!\n");

    fclose(fp);

    login();
}

Answer 1

Most of the problems we have already covered in the comments above. The big issue you are running into is the confusion you cause be including login() in your create() function and vice-versa. The design choice leading you to do so is the fact that the void return type chosen for both cannot indicate success or failure on function return.

Don't mix your chocolate and peanut-butter

Meaning, your login() function should provide the code necessary to login() to the system and should not include create() within the login() function. Likewise, the create() function is independent of login() and should just provide the code necessary to create the credentials in the credential file.

To fix this situation (and with every function you write), choose a meaningful return type that can adequately indicate success or failure of your function operation so you can handle the error (or success) properly back in the calling function. Here you simply need to know whether login() and create() succeeded or failed, a simple true/false or 1/0 indication is all you need. A simple return type of int is all you need. Here for true/false we will return 1 if the function succeeds, and 0 if it fails

(note: it is equally correct to choose 1 to indicate error and 0 to indicate no-error -- your choice)

With a meaningful return, your function prototypes become:

int login(void);    /* choose a "meaningful" return type for all functions */
int create(void);   /* int is fine for 1-true/0-false information */

Let's also talk about the 10 and 50 Magic-Numbers you include in your code and the hardcoded filename "test.txt". Avoid using Magic-Numbers and hardcoding filenames. How?

#define MAXC 256    /* if you need a constant, #define one (or more) */
#define TRIES  3
#define CREDFILE "dat/credfile.txt"

(this provides a single convenient location at the top of your source file where you can make changes without having to pick though array declarations, loop definitions, etc..)

Now let's look at login with the changes made as described in the comment on Why gets() is so dangerous it should never be used!. Further, your inclusion of stray getchar(); here and there in you code is symptomatic of a problem you need to fix. Currently you are using getchar() to consume the stray '\n' left in stdin following your scanf of pin. This is horribly fragile. What if the user enters "1234a" as the pin? Your getchar() reads the 'a' but misses the '\n' and you end up skipping your next name input...

How do you solve this problem? Read All Input Into A Buffer with fgets(). Then parse the integer (or whatever) values you need from the buffer using sscanf instead of scanf. Why? With fgets() and a sufficiently sized buffer -- you ensure a complete line of input is consumed on each read, and what remains in stdin does NOT depend on the conversion specifier used and whether a matching failure occurred. Example:

    printf ("Password: ");
    if (!fgets (buf, MAXC, stdin)) {        /* read pin with fgets()!!! */
        fputs ("(user canceled input)\n", stderr);
        return 0;
    }
    if (sscanf (buf, "%d", &pin) != 1) {    /* now use sscanf to parse int */
        fputs ("error: invalid integer input.\n", stderr);
        return 0;
    }

This is the preferred way of handing mixed character and integer input. The only caveat is that all line-oriented functions (fgets() and POSIX getline()) read and include the trailing '\n' in the buffers they fill. You simply need to trim the trailing '\n' by overwriting the '\n' with '\0' (or simply the equivalent 0). strcspn provides a simple way of getting the number of characters (not including the '\n') which allows a simple way to trim the '\n', e.g.

    printf("Type yes to login or no to create a new account: ");
    if (!fgets (ans, MAXC, stdin)) {            /* NEVER EVER use gets() */
        fputs ("(user canceled input)\n", stderr);
        return 1;
    }
    ans[strcspn(ans, "\n")] = 0;                /* trim trialing '\n' */

The other problem you have is failing to VALIDATE each input (whether from the user or from a file). You must validate every input succeeds or handle the error. Otherwise, you invite Undefined Behavior in your code.

Adding the validations to login() and create(), and giving the user 3-tries to login or create an account, you can do something like the following:

#include <stdio.h>
#include <stdlib.h>
#include <string.h>

#define MAXC 256    /* if you need a constant, #define one (or more) */
#define TRIES  3
#define CREDFILE "dat/credfile.txt"

int login(void);    /* choose a "meaningful" return type for all functions */
int create(void);   /* int is fine for 1-true/0-false information */

int main(void)
{
    char ans[MAXC];

    printf("Welcome to Facebook!\n\n");
    printf("Type yes to login or no to create a new account: ");
    if (!fgets (ans, MAXC, stdin)) {            /* NEVER EVER use gets() */
        fputs ("(user canceled input)\n", stderr);
        return 1;
    }
    ans[strcspn(ans, "\n")] = 0;                /* trim trialing '\n' */

    if (strcmp(ans, "yes") == 0) {          /* handle login */
        int tries = TRIES, success = 0;     /* 3-tries and success flag */
        while (tries--)                     /* loop at most 3 times */
            if ((success = login()))        /* on success break loop */
                break;
        if (!success) { /* if login was not a success, handle error */
            fprintf (stderr, "error: %d login tries exhausted.\n", TRIES);
            return 1;
        }
    }
    else {  /* otherwise create() */
        int tries = TRIES, success = 0;     /* same 3-tries */
        while (tries--)                     /* loop at most 3-times */
            if ((success = create()))       /* on success break loop */
                break;
        if (!success) { /* if create was not a success, handle error */
            fprintf (stderr, "error: %d create tries exhausted.\n", TRIES);
            return 1;
        }
        login();    /* now you can have user login to verify account */
    }

    return 0;
}

/* returns 1 on success, 0 otherwise */
int login (void)
{
    FILE *fp;
    char name[MAXC], fname[MAXC], buf[MAXC];    /* buf - read all with fgets */
    int pin, fpin;

    printf("~Login~\n");

    printf ("Name: ");
    if (!fgets (name, MAXC, stdin)) {       /* using fgets() */
        fputs ("(user canceled input)\n", stderr);
        return 0;
    }
    name[strcspn (name, "\n")] = 0;         /* so trim trailing '\n' */

    printf ("Password: ");
    if (!fgets (buf, MAXC, stdin)) {        /* read pin with fgets()!!! */
        fputs ("(user canceled input)\n", stderr);
        return 0;
    }
    if (sscanf (buf, "%d", &pin) != 1) {    /* now use sscanf to parse int */
        fputs ("error: invalid integer input.\n", stderr);
        return 0;
    }

    if (!(fp = fopen (CREDFILE, "r"))) {    /* open/validate file open */
        perror ("fopen-file");
        exit (EXIT_FAILURE);
    }

    if (fscanf (fp, " %255s%d", fname, &fpin) != 2) {   /* read fname/fpin */
        fputs ("error: read of fname/fpin failed.\n", stderr);
        exit (EXIT_FAILURE);
    }
    fclose (fp);

    if ((strcmp(name, fname) == 0) && (pin == fpin)) {  /* validate login */
        printf ("You have successfully logged in!\n");
        return 1;   /* return success */
    }

    printf ("The information you gave is incorrect. Try again... \n");

    return 0;       /* return failure */
}

/* returns 1 on success, 0 otherwise */
int create (void)
{
    FILE *fp;
    char name[MAXC], buf[MAXC];
    int pin;

    printf ("\nEnter your name: ");
    if (!fgets (name, MAXC, stdin)) {       /* using fgets() */
        fputs ("(user canceled input.}\n", stderr);
        return 0;
    }
    name[strcspn (name, "\n")] = 0;         /* so trim trailing '\n' */

    printf ("Enter a numerical password: ");
    if (!fgets (buf, MAXC, stdin)) {        /* read pin with fgets()!!! */
        fputs ("(user canceled input)\n", stderr);
        return 0;
    }
    if (sscanf (buf, "%d", &pin) != 1) {    /* now use sscanf to parse int */
        fputs ("error: invalid integer input.\n", stderr);
        return 0;
    }

    if (!(fp = fopen(CREDFILE, "w"))) {    /* open/validate file open */
        perror ("fopen-failed");
        exit (EXIT_FAILURE);
    }

    fprintf (fp, "%s\n%d\n", name, pin);    /* write creditials to file */
    fclose(fp);

    printf("\nYour new account has been created!\n"
            "You may now login to the system!\n");

    return 1;       /* return success */
}

Example Use/Output

Testing the code.

Create example:

$ ./bin/loginsimple
Welcome to Facebook!

Type yes to login or no to create a new account: no

Enter your name: david
Enter a numerical password: 1234

Your new account has been created!
You may now login to the system!
~Login~
Name: david
Password: 1234
You have successfully logged in!

Checking credential file:

$ cat dat/credfile.txt
david
1234

Login example:

$ ./bin/loginsimple
Welcome to Facebook!

Type yes to login or no to create a new account: yes
~Login~
Name: david
Password: 1234
You have successfully logged in!

You can adjust things to fit your needs. Look things over and let me know if you have further questions.