password code improvement
I am new to the programming stuff.
The following the program to input a password and check it with the predefined password, "rambo", this program is working ok. Please let me know about the improvements needed in the code.//To Input and check the password.
Your suggestions will be appreciated.
_________________________________________________________________________
#include<stdio.h>
#include<conio.h>
void main()
{
char a[15];
int i,flag=0,x,y,post=0;
char g[]="rambo"; //predefining the password
clrscr();
i=0;
x=2;
y=10;
gotoxy(x,y);
printf("\n Please Enter the password:");
x=29;
y=11;
do
{
if(i<0) //limiting the value of i to 0
{
i=0;
}
if(x<29)
{
x=29;
}
a[i]=getch(); //getch() as it do not show the characters being //entered
if((a[i]=='\b') && (post==0))
{
post=1;
x=x-1;
}
if(a[i]=='\b')
{
--i;
gotoxy(--x,11);
continue;
}
i++;
gotoxy(x++,y);
}while(a[i-1]!=13);
a[i]=NULL;
for(i=0;a[i]!='\0' && g[i]!='\0';i++)
{
if(a[i]!=g[i])
{
flag=1;
}
}
gotoxy(15,15);
if(flag==0)
printf("\n The password is correct");
else
{
clrscr();
textcolor(5);
gotoxy(60,50);
cprintf("\n ACESS DENIED");
}
getch();
}
_______________________________END_______________________________
thanx.
My mods to make it work in Dev-C++
My compiler (Dev-C++) is complaining that the main() function doesn't return an integer. It also hasn't heard of the functions:
clrscr();
gotoxy();
textcolor();
I'm guessing this is stuff specific to your compiler, and reading the variable names I think I understand what they are for.
Here is what I did to your code:
removed the textcolor(), and the gotoxy(), and replace clrscr() with system("CLS") - which pretty much runs the MS-DOS Command CLS
Changed the line a[i]=NULL; into a[i]='\0'; since I knew you wanted it to terminate the character array
Got rid of variables x and y since I removed the function that used them
Hopefully fixed a potential buffer overflow in your do..while loop. (I think that 15 is the number to use in this case, so it should work - try typing in a lot of characters in your version, and press enter, then on the ACCESS DENIED screen press spacebar instead of return it should exit with errors and windows complaining)
To make it compile in Dev-C++, I used this code:
#include <stdio.h>
#include <conio.h>
int main(void)
{
char a[15];
int i,flag=0,post=0;
char g[]="rambo"; //predefining the password
system("CLS");
i=0;
printf("\n Please Enter the password:");
do
{
if(i<0) //limiting the value of i to 0
{
i=0;
}
a[i]=getch(); //getch() as it do not show the characters being //entered
if((a[i]=='\b') && (post==0))
{
post=1;
}
if(a[i]=='\b')
{
--i;
continue;
}
i++;
// prevent buffer overflow - (i<15)
}while((a[i-1]!=13) & (i<15));
a[i]='\0';
for(i=0;a[i]!='\0' && g[i]!='\0';i++)
{
if(a[i]!=g[i])
{
flag=1;
}
}
if(flag==0)
printf("\n The password is correct");
else
{
system("CLS");
cprintf("\n ACESS DENIED");
}
getch();
return;
}
Overall nice program. I've tried myself to use getch() for a password application very similar to yours, but I never got it working. Congradulations on getting it to work in your program. Could I use that do..while loop of yours in the future?
Oh, BTW, if you take the time to HEX edit the executable this turns into, you can find the password "rambo" in the code. The only way to prevent this is to use a one-way function, and to store the result of that one-way function as the password to compare to, and run the user's input through that one way function, and see if they match - because if you run the same values through the one way function, the output will be the same. Anyways, hope that suggestion helps.
