Something equivalent to sstream library from C ++ to C

Question

Something equivalent to sstream library from C ++ to C

Navigation

#1 by (1 votes)

0

I need something similar to the stringstream that has in C language for C language, I need a lot of it because I want to perform querys on a database using C (C mysql connector).

As I had no idea something like what I had in the sstream library for C I thought about using strncat, but it did not go as expected, note:

#include <string.h>
#include <stdio.h>

int main(){

    char username[25];
    char passwd[45];

    printf("Input your name ->");
    fgets(username, 25, stdin);

    printf("Input your password->");
    fgets(passwd, 45, stdin);

    char query[128]="select username, password from accounts where username='";
    char and[18]="' and password='";

    strncat(query, username, 25);
    strncat(query, and, 16);
    strncat(query, passwd, 45);
    strncat(query, "';\n", 4);

    printf("%s", query);

    return 0;

    //OBS: Código de exemplo
}

When I run the program:

gcc main.c
./a.out
Input your name ->linus
Input your password->123
select username, password from accounts where username='linus
' and password='123
';

Note that it jumped a line and gave some spaces and that in a query could generate error.

mysql c c++ string char

asked by anonymous 01.03.2018 / 02:39

1 answer

What is the "asp-fallback" in ASP.NET MVC, Razor Pages? Promise Javascript

score 1 · Accepted Answer

The problem is that fgets also reads \n and stores it in the buffer read. You can resolve this by manually removing the \n which was the last read:

fgets(username, 25, stdin);
size_t ultima_pos = strlen(username) - 1;
if (username[ultima_pos] == '\n'){
    username[ultima_pos] = 'void ler_string(char *destino, size_t tamanho){
    fgets(destino, tamanho, stdin);
    size_t ultima_pos = strlen(destino) - 1;
    if (destino[ultima_pos] == '\n'){
        destino[ultima_pos] = 'ler_string(username, 25);
';
    }
}
'; //terminar a string no local onde está o '\n'
}

In order not to have to repeat this logic for all readings, I suggest you abstract it through a reading function:

sprintf(query,"select username, password from accounts where username='%s' and password='%s'\n", username, passwd);

Calling it like this:

#include <string.h>
#include <stdio.h>

void ler_string(char *destino, size_t tamanho){
    fgets(destino, tamanho, stdin);
    size_t ultima_pos = strlen(destino) - 1;
    if (destino[ultima_pos] == '\n'){
        destino[ultima_pos] = 'fgets(username, 25, stdin);
size_t ultima_pos = strlen(username) - 1;
if (username[ultima_pos] == '\n'){
    username[ultima_pos] = 'void ler_string(char *destino, size_t tamanho){
    fgets(destino, tamanho, stdin);
    size_t ultima_pos = strlen(destino) - 1;
    if (destino[ultima_pos] == '\n'){
        destino[ultima_pos] = 'ler_string(username, 25);
';
    }
}
'; //terminar a string no local onde está o '\n'
}
';
    }
}

int main(){
    char username[25];
    char passwd[45];

    printf("Input your name ->");
    ler_string(username, 25);

    printf("Input your password->");
    ler_string(passwd, 45);

    char query[128];
    sprintf(query,"select username, password from accounts where username='%s' and password='%s'\n", username, passwd);
    printf("%s", query);

    return 0;
}

For what you are trying to build it becomes much simpler to interpolate the values you want within string using sprintf , which avoids having to do multiple concatenations:

sprintf(query,"select username, password from accounts where username='%s' and password='%s'\n", username, passwd);

Putting it all together your program would look like this:

#include <string.h>
#include <stdio.h>

void ler_string(char *destino, size_t tamanho){
    fgets(destino, tamanho, stdin);
    size_t ultima_pos = strlen(destino) - 1;
    if (destino[ultima_pos] == '\n'){
        destino[ultima_pos] = '%pre%';
    }
}

int main(){
    char username[25];
    char passwd[45];

    printf("Input your name ->");
    ler_string(username, 25);

    printf("Input your password->");
    ler_string(passwd, 45);

    char query[128];
    sprintf(query,"select username, password from accounts where username='%s' and password='%s'\n", username, passwd);
    printf("%s", query);

    return 0;
}

See your run on Ideone

Note :

I recommend that you pay attention to MySQL injection attacks, which is something that is susceptible to this approach without controlling the input that the user gives in the program.