So I have this piece of code which is written for reading the user input which is supposed to be between the numbers 1-9. In the code there is and int "choice" declared. But instead of directly scanning the user input using scanf("%d", choice); the programmer has used a char buffer and scanned the buffer instead and then used the atoi function to convert the char input to an integer. I'm confused why has it been done like that instead of directly doing it the easy way. My assumption is that the programmer has done this so that if the user enters a character instead of a number, the code doesn't malfunction. But if that's the case then how would the atoi convert an alphabet to an integer? Here's the code:
int readMenuChoice() {
while (1) {
char buffer[50];
size_t buffLen = 10;
int choice;
showMenu(); //another function that displays all options from 1 to 9
printf("Choose a menu option: ");
scanf("%[^\n]", buffer);
getchar();
choice = atoi(buffer);
if (choice > 0 && choice < 9) {
return choice;
}
printf("Invalid input\n\n");
}
}
We can only guess intention from the coder.
But a pretty likely reason is to make sure that the input stream is empty between each input. I personally do things like that too. But I would have done like this instead:
while (1) {
char buffer[50];
int choice;
showMenu();
printf("Choose a menu option: ");
if(!fgets(buffer, sizeof buffer, stdin)) {
/* Handle error */
}
if(sscanf(buffer, "%d", &choice) != 1) {
/* Handle error */
}
if (choice > 0 && choice < 9) {
return choice;
}
printf("Invalid input\n\n");
}
atoi is an unsafe function. If the argument cannot be parsed to a number, it invokes undefined behavior. And since x = atoi(s) is completely equivalent to sscanf(s, "%d", &x), there's no reason to use the unsafe function. sscanf returns the number of successful assignments, so it CAN be error checked.
The problem of reading user input safely, limiting the input to a certain set of "allowed" inputs, while cleanly disregarding "disallowed" inputs, can be a surprisingly tricky one.
Also surprising, perhaps, is how poor a function scanf is for performing this task, and how difficult it is to solve the problem completely using any algorithm built around scanf.
You asked why this code didn't "directly do it the easy way". By "the easy way" I assume you mean something like
scanf("%d", &choice);
The problem here is that, yes, it can be remarkably difficult to proceed correctly if the user types some non-numeric input.
There are two general avenues to take when trying to handle the possibility that the user types something wrong:
Continue to call scanf("%d") to read the input, but then, try to patch things up if scanf fails. (Obviously the first step here is to check scanf's return value.)
Read a line of input, as text, using something other than scanf. Then attempt to validate that line, and convert it to the desired form.
In my opinion, there is only one choice here, and it is #2. This answer will become far too long if I discuss all the reasons, but the bottom line is that approach #1 is futile. The scanf function has one virtue and one virtue only, and that is that a call like scanf("%d", &choice) is indeed very simple. But the error handling is almost useless. By the time you've built up a reasonable amount of error handling around it, the amount of work you'll have had to do is about three times as much as for approach #2, and you still won't have fully satisfactory results.
So most experienced C programmers will agree that #2 is the only viable approach in the long run. There's a central question advising on good ways of doing input using something other than scanf.
The problem with the code you've posted, IMO, is that it manages to combine the worst of both worlds. It does try to read a line of input as text, then process it later, but the way it reads that line of input is with... the dreaded scanf! And despite trying to be careful in several other ways, this code doesn't even check scanf's return value, so there are some classic problems (like premature EOF) that this code is still vulnerable to.
This code also contains a mysterious extra call to getchar, which is typical of scanf-using code, since stray newlines are almost always a problem.
This code also uses %[...], which is my least favorite scanf format. As I said, scanf's only virtue is simplicity, but a locution like "%[^\n]" is anything but simple. Yes, I know what it does, but IMO it completely defeats the purpose of using scanf for dirt-simple (if less than robust) user input.
But, yes, the primary intent of writing the code this way is probably "so that if the user enters a character instead of a number, the code doesn't malfunction". The code reads a line of text, as text, then attempts to convert the text to a number. You asked what the atoi function does with alphabetic input, and the answer is that (most of the time, anyway) it quietly returns 0. Since 0 isn't a valid input, this code will reject it, so in that sense it works.
To improve this function, the first thing to do would be to replace the calls to scanf and getchar with fgets. The next thing to do would be to replace atoi with strtol. And then it wouldn't be too bad.
I have very frequently seen people discouraging others from using scanf and saying that there are better alternatives. However, all I end up seeing is either "don't use scanf" or "here's a correct format string", and never any examples of the "better alternatives" mentioned.
For example, let's take this snippet of code:
scanf("%c", &c);
This reads the whitespace that was left in the input stream after the last conversion. The usual suggested solution to this is to use:
scanf(" %c", &c);
or to not use scanf.
Since scanf is bad, what are some ANSI C options for converting input formats that scanf can usually handle (such as integers, floating-point numbers, and strings) without using scanf?
The most common ways of reading input are:
using fgets with a fixed size, which is what is usually suggested, and
using fgetc, which may be useful if you're only reading a single char.
To convert the input, there are a variety of functions that you can use:
strtoll, to convert a string into an integer
strtof/d/ld, to convert a string into a floating-point number
sscanf, which is not as bad as simply using scanf, although it does have most of the downfalls mentioned below
There are no good ways to parse a delimiter-separated input in plain ANSI C. Either use strtok_r from POSIX or strtok, which is not thread-safe. You could also roll your own thread-safe variant using strcspn and strspn, as strtok_r doesn't involve any special OS support.
It may be overkill, but you can use lexers and parsers (flex and bison being the most common examples).
No conversion, simply just use the string
Since I didn't go into exactly why scanf is bad in my question, I'll elaborate:
With the conversion specifiers %[...] and %c, scanf does not eat up whitespace. This is apparently not widely known, as evidenced by the many duplicates of this question.
There is some confusion about when to use the unary & operator when referring to scanf's arguments (specifically with strings).
It's very easy to ignore the return value from scanf. This could easily cause undefined behavior from reading an uninitialized variable.
It's very easy to forget to prevent buffer overflow in scanf. scanf("%s", str) is just as bad as, if not worse than, gets.
You cannot detect overflow when converting integers with scanf. In fact, overflow causes undefined behavior in these functions.
TL;DR
fgets is for getting the input. sscanf is for parsing it afterwards. scanf tries to do both at the same time. That's a recipe for trouble. Read first and parse later.
Why is scanf bad?
The main problem is that scanf was never intended to deal with user input. It's intended to be used with "perfectly" formatted data. I quoted the word "perfectly" because it's not completely true. But it is not designed to parse data that are as unreliable as user input. By nature, user input is not predictable. Users misunderstands instructions, makes typos, accidentally press enter before they are done etc. One might reasonably ask why a function that should not be used for user input reads from stdin. If you are an experienced *nix user the explanation will not come as a surprise but it might confuse Windows users. In *nix systems, it is very common to build programs that work via piping, which means that you send the output of one program to another by piping the stdout of the first program to the stdin of the second. This way, you can make sure that the output and input are predictable. During these circumstances, scanf actually works well. But when working with unpredictable input, you risk all sorts of trouble.
So why aren't there any easy-to-use standard functions for user input? One can only guess here, but I assume that old hardcore C hackers simply thought that the existing functions were good enough, even though they are very clunky. Also, when you look at typical terminal applications they very rarely read user input from stdin. Most often you pass all the user input as command line arguments. Sure, there are exceptions, but for most applications, user input is a very minor thing.
So what can you do?
First of all, gets is NOT an alternative. It's dangerous and should NEVER be used. Read here why: Why is the gets function so dangerous that it should not be used?
My favorite is fgets in combination with sscanf. I once wrote an answer about that, but I will re-post the complete code. Here is an example with decent (but not perfect) error checking and parsing. It's good enough for debugging purposes.
Note
I don't particularly like asking the user to input two different things on one single line. I only do that when they belong to each other in a natural way. Like for instance printf("Enter the price in the format <dollars>.<cent>: "); fgets(buffer, bsize, stdin); and then use sscanf(buffer "%d.%d", &dollar, ¢). I would never do something like printf("Enter height and base of the triangle: "). The main point of using fgets below is to encapsulate the inputs to ensure that one input does not affect the next.
#define bsize 100
void error_function(const char *buffer, int no_conversions) {
fprintf(stderr, "An error occurred. You entered:\n%s\n", buffer);
fprintf(stderr, "%d successful conversions", no_conversions);
exit(EXIT_FAILURE);
}
char c, buffer[bsize];
int x,y;
float f, g;
int r;
printf("Enter two integers: ");
fflush(stdout); // Make sure that the printf is executed before reading
if(! fgets(buffer, bsize, stdin)) error_function(buffer, 0);
if((r = sscanf(buffer, "%d%d", &x, &y)) != 2) error_function(buffer, r);
// Unless the input buffer was to small we can be sure that stdin is empty
// when we come here.
printf("Enter two floats: ");
fflush(stdout);
if(! fgets(buffer, bsize, stdin)) error_function(buffer, 0);
if((r = sscanf(buffer, "%f%f", &f, &g)) != 2) error_function(buffer, r);
// Reading single characters can be especially tricky if the input buffer
// is not emptied before. But since we're using fgets, we're safe.
printf("Enter a char: ");
fflush(stdout);
if(! fgets(buffer, bsize, stdin)) error_function(buffer, 0);
if((r = sscanf(buffer, "%c", &c)) != 1) error_function(buffer, r);
printf("You entered %d %d %f %c\n", x, y, f, c);
If you do a lot of these, I could recommend creating a wrapper that always flushes:
int printfflush (const char *format, ...)
{
va_list arg;
int done;
va_start (arg, format);
done = vfprintf (stdout, format, arg);
fflush(stdout);
va_end (arg);
return done;
}
Doing like this will eliminate a common problem, which is the trailing newline that can mess with the nest input. But it has another issue, which is if the line is longer than bsize. You can check that with if(buffer[strlen(buffer)-1] != '\n'). If you want to remove the newline, you can do that with buffer[strcspn(buffer, "\n")] = 0.
In general, I would advise to not expect the user to enter input in some weird format that you should parse to different variables. If you want to assign the variables height and width, don't ask for both at the same time. Allow the user to press enter between them. Also, this approach is very natural in one sense. You will never get the input from stdin until you hit enter, so why not always read the whole line? Of course this can still lead to issues if the line is longer than the buffer. Did I remember to mention that user input is clunky in C? :)
To avoid problems with lines longer than the buffer you can use a function that automatically allocates a buffer of appropriate size, you can use getline(). The drawback is that you will need to free the result afterwards. This function is not guaranteed to exist by the standard, but POSIX has it. You could also implement your own, or find one on SO. How can I read an input string of unknown length?
Stepping up the game
If you're serious about creating programs in C with user input, I would recommend having a look at a library like ncurses. Because then you likely also want to create applications with some terminal graphics. Unfortunately, you will lose some portability if you do that, but it gives you far better control of user input. For instance, it gives you the ability to read a key press instantly instead of waiting for the user to press enter.
Interesting reading
Here is a rant about scanf: https://web.archive.org/web/20201112034702/http://sekrit.de/webdocs/c/beginners-guide-away-from-scanf.html
scanf is awesome when you know your input is always well-structured and well-behaved. Otherwise...
IMO, here are the biggest problems with scanf:
Risk of buffer overflow - if you do not specify a field width for the %s and %[ conversion specifiers, you risk a buffer overflow (trying to read more input than a buffer is sized to hold). Unfortunately, there's no good way to specify that as an argument (as with printf) - you have to either hardcode it as part of the conversion specifier or do some macro shenanigans.
Accepts inputs that should be rejected - If you're reading an input with the %d conversion specifier and you type something like 12w4, you would expect scanf to reject that input, but it doesn't - it successfully converts and assigns the 12, leaving w4 in the input stream to foul up the next read.
So, what should you use instead?
I usually recommend reading all interactive input as text using fgets - it allows you to specify a maximum number of characters to read at a time, so you can easily prevent buffer overflow:
char input[100];
if ( !fgets( input, sizeof input, stdin ) )
{
// error reading from input stream, handle as appropriate
}
else
{
// process input buffer
}
One quirk of fgets is that it will store the trailing newline in the buffer if there's room, so you can do an easy check to see if someone typed in more input than you were expecting:
char *newline = strchr( input, '\n' );
if ( !newline )
{
// input longer than we expected
}
How you deal with that is up to you - you can either reject the whole input out of hand, and slurp up any remaining input with getchar:
while ( getchar() != '\n' )
; // empty loop
Or you can process the input you got so far and read again. It depends on the problem you're trying to solve.
To tokenize the input (split it up based on one or more delimiters), you can use strtok, but beware - strtok modifies its input (it overwrites delimiters with the string terminator), and you can't preserve its state (i.e., you can't partially tokenize one string, then start to tokenize another, then pick up where you left off in the original string). There's a variant, strtok_s, that preserves the state of the tokenizer, but AFAIK its implementation is optional (you'll need to check that __STDC_LIB_EXT1__ is defined to see if it's available).
Once you've tokenized your input, if you need to convert strings to numbers (i.e., "1234" => 1234), you have options. strtol and strtod will convert string representations of integers and real numbers to their respective types. They also allow you to catch the 12w4 issue I mentioned above - one of their arguments is a pointer to the first character not converted in the string:
char *text = "12w4";
char *chk;
long val;
long tmp = strtol( text, &chk, 10 );
if ( !isspace( *chk ) && *chk != 0 )
// input is not a valid integer string, reject the entire input
else
val = tmp;
In this answer I'm going to assume that you are reading and
interpreting lines of text.
Perhaps you're prompting the user, who is typing something and
hitting RETURN. Or perhaps you're reading lines of structured
text from a data file of some kind.
Since you're reading lines of text, it makes sense to organize
your code around a library function that reads, well, a line of
text.
The Standard function is fgets(), although there are others (including getline). And then the next step is to interpret
that line of text somehow.
Here's the basic recipe for calling fgets to read a line of
text:
char line[512];
printf("type something:\n");
fgets(line, 512, stdin);
printf("you typed: %s", line);
This simply reads in one line of text and prints it back out.
As written it has a couple of limitations, which we'll get to in
a minute. It also has a very great feature: that number 512 we
passed as the second argument to fgets is the size of the array
line we're asking fgets to read into. This fact -- that we can
tell fgets how much it's allowed to read -- means that we can
be sure that fgets won't overflow the array by reading too much
into it.
So now we know how to read a line of text, but what if we really
wanted to read an integer, or a floating-point number, or a
single character, or a single word? (That is, what if the
scanf call we're trying to improve on had been using a format
specifier like %d, %f, %c, or %s?)
It's easy to reinterpret a line of text -- a string -- as any of these things.
To convert a string to an integer, the simplest (though
imperfect) way to do it is to call atoi().
To convert to a floating-point number, there's atof().
(And there are also better ways, as we'll see in a minute.)
Here's a very simple example:
printf("type an integer:\n");
fgets(line, 512, stdin);
int i = atoi(line);
printf("type a floating-point number:\n");
fgets(line, 512, stdin);
float f = atof(line);
printf("you typed %d and %f\n", i, f);
If you wanted the user to type a single character (perhaps y or
n as a yes/no response), you can literally just grab the first
character of the line, like this:
printf("type a character:\n");
fgets(line, 512, stdin);
char c = line[0];
printf("you typed %c\n", c);
(This ignores, of course, the possibility that the user typed a
multi-character response; it quietly ignores any extra characters
that were typed.)
Finally, if you wanted the user to type a string definitely not containing
whitespace, if you wanted to treat the input line
hello world!
as the string "hello" followed by something else (which is what
the scanf format %s would have done), well, in that case, I
fibbed a little, it's not quite so easy to reinterpret the line
in that way, after all, so the answer to that part of the question will have
to wait for a bit.
But first I want to go back to three things I skipped over.
(1) We've been calling
fgets(line, 512, stdin);
to read into the array line, and where 512 is the size of the
array line so fgets knows not to overflow it. But to make
sure that 512 is the right number (especially, to check if maybe
someone tweaked the program to change the size), you have to read
back to wherever line was declared. That's a nuisance, so
there are two much better ways to keep the sizes in sync.
You could, (a) use the preprocessor to make a name for the size:
#define MAXLINE 512
char line[MAXLINE];
fgets(line, MAXLINE, stdin);
Or, (b) use C's sizeof operator:
fgets(line, sizeof(line), stdin);
(2) The second problem is that we haven't been checking for
error. When you're reading input, you should always check for
the possibility of error. If for whatever reason fgets can't
read the line of text you asked it to, it indicates this by
returning a null pointer. So we should have been doing things like
printf("type something:\n");
if(fgets(line, 512, stdin) == NULL) {
printf("Well, never mind, then.\n");
exit(1);
}
Finally, there's the issue that in order to read a line of text,
fgets reads characters and fills them into your array until it
finds the \n character that terminates the line, and it fills
the \n character into your array, too. You can see this if
you modify our earlier example slightly:
printf("you typed: \"%s\"\n", line);
If I run this and type "Steve" when it prompts me, it prints out
you typed: "Steve
"
That " on the second line is because the string it read and
printed back out was actually "Steve\n".
Sometimes that extra newline doesn't matter (like when we called
atoi or atof, since they both ignore any extra non-numeric
input after the number), but sometimes it matters a lot. So
often we'll want to strip that newline off. There are several
ways to do that, which I'll get to in a minute. (I know I've been
saying that a lot. But I will get back to all those things, I promise.)
At this point, you may be thinking: "I thought you said scanf
was no good, and this other way would be so much better.
But fgets is starting to look like a nuisance.
Calling scanf was so easy! Can't I keep using it?"
Sure, you can keep using scanf, if you want. (And for really
simple things, in some ways it is simpler.) But, please, don't
come crying to me when it fails you due to one of its 17 quirks
and foibles, or goes into an infinite loop because of input your
didn't expect, or when you can't figure out how to use it to do
something more complicated. And let's take a look at fgets's
actual nuisances:
You always have to specify the array size. Well, of course,
that's not a nuisance at all -- that's a feature, because buffer
overflow is a Really Bad Thing.
You have to check the return value. Actually, that's a wash,
because to use scanf correctly, you have to check its return
value, too.
You have to strip the \n back off. This is, I admit, a true
nuisance. I wish there were a Standard function I could point
you to that didn't have this little problem. (Please nobody
bring up gets.) But compared to scanf's 17 different
nuisances, I'll take this one nuisance of fgets any day.
So how do you strip that newline? There are many ways:
(a) Obvious way:
char *p = strchr(line, '\n');
if(p != NULL) *p = '\0';
(b) Tricky & compact way:
strtok(line, "\n");
Unfortunately this doesn't work quite right on empty lines.
(c) Another compact and mildly obscure way:
line[strcspn(line, "\n")] = '\0';
And there are other ways as well. Me, I always just use (a), since it's simple & obvious, if less than concise.
See this question, or this question, for more (much more) on stripping the \n from what fgets gives you.
And now that that's out of the way, we can get back to another
thing I skipped over: the imperfections of atoi() and atof().
The problem with those is they don't give you any useful
indication of success of success or failure: they quietly ignore
trailing nonnumeric input, and they quietly return 0 if there's
no numeric input at all. The preferred alternatives -- which
also have certain other advantages -- are strtol and strtod.
strtol also lets you use a base other than 10, meaning you can
get the effect of (among other things) %o or %x with scanf.
But showing how to use these functions correctly is a story in itself,
and would be too much of a distraction from what is already turning
into a pretty fragmented narrative, so I'm not going to say
anything more about them now.
The rest of the main narrative concerns input you might be trying
to parse that's more complicated than just a single number or
character. What if you want to read a line containing two
numbers, or multiple whitespace-separated words, or specific
framing punctuation? That's where things get interesting, and
where things were probably getting complicated if you were trying
to do things using scanf, and where there are vastly more
options now that you've cleanly read one line of text using fgets,
although the full story on all those options could probably fill
a book, so we're only going to be able to scratch the surface here.
My favorite technique is to break the line up into
whitespace-separated "words", then do something further with each
"word". One principal Standard function for doing this is
strtok (which also has its issues, and which also rates a whole
separate discussion). My own preference is a dedicated function
for constructing an array of pointers to each broken-apart
"word", a function I describe in
these course notes.
At any rate, once you've got "words", you can further process
each one, perhaps with the same atoi/atof/strtol/strtod
functions we've already looked at.
Paradoxically, even though we've been spending a fair amount of
time and effort here figuring out how to move away from scanf,
another fine way to deal with the line of text we just read with
fgets is to pass it to sscanf. In this way, you end up with
most of the advantages of scanf, but without most of the
disadvantages.
If your input syntax is particularly complicated, it might be appropriate to use a "regexp" library to parse it.
Finally, you can use whatever ad hoc parsing solutions suit
you. You can move through the line a character at a time with a
char * pointer checking for characters you expect. Or you can
search for specific characters using functions like strchr or strrchr,
or strspn or strcspn, or strpbrk. Or you can parse/convert
and skip over groups of digit characters using the strtol or
strtod functions that we skipped over earlier.
There's obviously much more that could be said, but hopefully
this introduction will get you started.
What can I use to parse input instead of scanf?
Instead of scanf(some_format, ...), consider fgets() with sscanf(buffer, some_format_and %n, ...)
By using " %n", code can simply detect if all the format was successfully scanned and that no extra non-white-space junk was at the end.
// scanf("%d %f fred", &some_int, &some_float);
#define EXPECTED_LINE_MAX 100
char buffer[EXPECTED_LINE_MAX * 2]; // Suggest 2x, no real need to be stingy.
if (fgets(buffer, sizeof buffer, stdin)) {
int n = 0;
// add ----------------> " %n" -----------------------, &n
sscanf(buffer, "%d %f fred %n", &some_int, &some_float, &n);
// Did scan complete, and to the end?
if (n > 0 && buffer[n] == '\0') {
// success, use `some_int, some_float`
} else {
; // Report bad input and handle desired.
}
Let's state the requirements of parsing as:
valid input must be accepted (and converted into some other form)
invalid input must be rejected
when any input is rejected, it is necessary to provide the user with a descriptive message that explains (in clear "easily understood by normal people who are not programmers" language) why it was rejected (so that people can figure out how to fix the problem)
To keep things very simple, lets consider parsing a single simple decimal integer (that was typed in by the user) and nothing else. Possible reasons for the user's input to be rejected are:
the input contained unacceptable characters
the input represents a number that is lower than the accepted minimum
the input represents a number that is higher than the accepted maximum
the input represents a number that has a non-zero fractional part
Let's also define "input contained unacceptable characters" properly; and say that:
leading whitespace and trailing whitespace will be ignored (e.g. "
5 " will be treated as "5")
zero or one decimal point is allowed (e.g. "1234." and "1234.000" are both treated the same as "1234")
there must be at least one digit (e.g. "." is rejected)
no more than one decimal point is allowed (e.g. "1.2.3" is rejected)
commas that are not between digits will be rejected (e.g. ",1234" is rejected)
commas that are after a decimal point will be rejected (e.g. "1234.000,000" is rejected)
commas that are after another comma are rejected (e.g. "1,,234" is rejected)
all other commas will be ignored (e.g. "1,234" will be treated as "1234")
a minus sign that is not the first non-whitespace character is rejected
a positive sign that is not the first non-whitespace character is rejected
From this we can determine that the following error messages are needed:
"Unknown character at start of input"
"Unknown character at end of input"
"Unknown character in middle of input"
"Number is too low (minimum is ....)"
"Number is too high (maximum is ....)"
"Number is not an integer"
"Too many decimal points"
"No decimal digits"
"Bad comma at start of number"
"Bad comma at end of number"
"Bad comma in middle of number"
"Bad comma after decimal point"
From this point we can see that a suitable function to convert a string into an integer would need to distinguish between very different types of errors; and that something like "scanf()" or "atoi()" or "strtoll()" is completely and utterly worthless because they fail to give you any indication of what was wrong with the input (and use a completely irrelevant and inappropriate definition of what is/isn't "valid input").
Instead, lets start writing something that isn't useless:
char *convertStringToInteger(int *outValue, char *string, int minValue, int maxValue) {
return "Code not implemented yet!";
}
int main(int argc, char *argv[]) {
char *errorString;
int value;
if(argc < 2) {
printf("ERROR: No command line argument.\n");
return EXIT_FAILURE;
}
errorString = convertStringToInteger(&value, argv[1], -10, 2000);
if(errorString != NULL) {
printf("ERROR: %s\n", errorString);
return EXIT_FAILURE;
}
printf("SUCCESS: Your number is %d\n", value);
return EXIT_SUCCESS;
}
To meet the stated requirements; this convertStringToInteger() function is likely to end up being several hundred lines of code all by itself.
Now, this was just "parsing a single simple decimal integer". Imagine if you wanted to parse something complex; like a list of "name, street address, phone number, email address" structures; or maybe like a programming language. For these cases you might need to write thousands of lines of code to create a parse that isn't a crippled joke.
In other words...
What can I use to parse input instead of scanf?
Write (potentially thousands of lines) of code yourself, to suit your requirements.
Here is an example of using flex to scan a simple input, in this case a file of ASCII floating point numbers that might be in either US (n,nnn.dd) or European (n.nnn,dd) formats. This is just copied from a much larger program, so there may be some unresolved references:
/* This scanner reads a file of numbers, expecting one number per line. It */
/* allows for the use of European-style comma as decimal point. */
%{
#include <stdlib.h>
#include <stdio.h>
#include <string.h>
#ifdef WINDOWS
#include <io.h>
#endif
#include "Point.h"
#define YY_NO_UNPUT
#define YY_DECL int f_lex (double *val)
double atofEuro (char *);
%}
%option prefix="f_"
%option nounput
%option noinput
EURONUM [-+]?[0-9]*[,]?[0-9]+([eE][+-]?[0-9]+)?
NUMBER [-+]?[0-9]*[\.]?[0-9]+([eE][+-]?[0-9]+)?
WS [ \t\x0d]
%%
[!##%&*/].*\n
^{WS}*{EURONUM}{WS}* { *val = atofEuro (yytext); return (1); }
^{WS}*{NUMBER}{WS}* { *val = atof (yytext); return (1); }
[\n]
.
%%
/*------------------------------------------------------------------------*/
int scan_f (FILE *in, double *vals, int max)
{
double *val;
int npts, rc;
f_in = in;
val = vals;
npts = 0;
while (npts < max)
{
rc = f_lex (val);
if (rc == 0)
break;
npts++;
val++;
}
return (npts);
}
/*------------------------------------------------------------------------*/
int f_wrap ()
{
return (1);
}
One of the most common uses of scanf is to read a single int as input from the user. Therefore, my answer will focus on this one problem only.
Here is an example of how scanf is commonly used for reading an int from the user:
int num;
printf( "Please enter an integer: " );
if ( scanf( "%d", &num ) != 1 )
{
printf( "Error converting input!\n" );
}
else
{
printf( "The input was successfully converted to %d.\n", num );
}
Using scanf in this manner has several problems:
The function scanf will not always read a whole line of input.
If the input conversion fails due to the user entering bad input such as abc, then the bad input will be left on the input stream. If this bad input is not discarded afterwards, then all further calls to scanf with the %d format specifier will immediately fail, without waiting for the user to enter further input. This may cause an infinite loop.
Even if the input conversion succeeds, any trailing bad input will be left on the input stream. For example, if the user enters 6abc, then scanf will successfully convert the 6, but leave abc on the input stream. If this input is not discarded, then we will once again have the problem of all further calls to scanf with the %d format specifier immediately failing, which may cause an infinite loop.
Even in the case of the input succeeding and the user not entering any trailing bad input, the mere fact that scanf generally leaves the newline character on the input stream can cause trouble, as demonstrated in this question.
Another issue with using scanf with the %d format spcifier is that if the result of the conversion is not representable as an int (e.g. if the result is larger than INT_MAX), then, according to §7.21.6.2 ¶10 of the ISO C11 standard, the behavior of the program is undefined, which means that you cannot rely on any specific behavior.
In order to solve all of the issues mentioned above, it is generally better to use the function fgets, which will always read an entire line of input at once, if possible. This function will read the input as a string. After doing this, you can use the function strtol to attempt to convert the string to an integer. Here is an example program:
#include <stdio.h>
#include <stdlib.h>
int main( void )
{
char line[200], *p;
int num;
//prompt user for input
printf( "Enter a number: " );
//attempt to read one line of input
if ( fgets( line, sizeof line, stdin ) == NULL )
{
printf( "Input failure!\n" );
exit( EXIT_FAILURE );
}
//attempt to convert string to integer
num = strtol( line, &p, 10 );
if ( p == line )
{
printf( "Unable to convert to integer!\n" );
exit( EXIT_FAILURE );
}
//print result
printf( "Conversion successful! The number is %d.\n", num );
}
However, this code has the following issues:
It does not check whether the input line was too long to fit into the buffer.
It does not check whether the converted number is representable as an int, for example whether the number is too large to be stored in an int.
It will accept 6abc as valid input for the number 6. This is not as bad as scanf, because scanf will leave abc on the input stream, whereas fgets will not. However, it would probably still be better to reject the input instead of accepting it.
All of these issues can be solved by doing the following:
Issue #1 can be solved by checking
whether the input buffer contains a newline character, or
whether end-of-file has been reached, which can be treated as equivalent to a newline character, because it also indicates the end of the line.
Issue #2 can be solved by checking whether the function strtol set errno to the value of the macro constant ERANGE, to determine whether the converted value is representable as a long. In order to determine whether this value is also representable as an int, the value returned by strtol should be compared against INT_MIN and INT_MAX.
Issue #3 can be solved by checking all remaining characters on the line. Since strtol accepts leading whitespace characters, it would probably also be appropriate to accept trailing whitespace characters. However, if the input contains any other trailing characters, the input should probably be rejected.
Here is an improved version of the code, which solves all of the issues mentioned above and also puts everything into a function named get_int_from_user. This function will automatically reprompt the user for input, until the input is valid.
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <ctype.h>
#include <limits.h>
#include <errno.h>
int get_int_from_user( const char *prompt )
{
//loop forever until user enters a valid number
for (;;)
{
char buffer[1024], *p;
long l;
//prompt user for input
fputs( prompt, stdout );
//get one line of input from input stream
if ( fgets( buffer, sizeof buffer, stdin ) == NULL )
{
fprintf( stderr, "Unrecoverable input error!\n" );
exit( EXIT_FAILURE );
}
//make sure that entire line was read in (i.e. that
//the buffer was not too small)
if ( strchr( buffer, '\n' ) == NULL && !feof( stdin ) )
{
int c;
printf( "Line input was too long!\n" );
//discard remainder of line
do
{
c = getchar();
if ( c == EOF )
{
fprintf( stderr, "Unrecoverable error reading from input!\n" );
exit( EXIT_FAILURE );
}
} while ( c != '\n' );
continue;
}
//attempt to convert string to number
errno = 0;
l = strtol( buffer, &p, 10 );
if ( p == buffer )
{
printf( "Error converting string to number!\n" );
continue;
}
//make sure that number is representable as an "int"
if ( errno == ERANGE || l < INT_MIN || l > INT_MAX )
{
printf( "Number out of range error!\n" );
continue;
}
//make sure that remainder of line contains only whitespace,
//so that input such as "6abc" gets rejected
for ( ; *p != '\0'; p++ )
{
if ( !isspace( (unsigned char)*p ) )
{
printf( "Unexpected input encountered!\n" );
//cannot use `continue` here, because that would go to
//the next iteration of the innermost loop, but we
//want to go to the next iteration of the outer loop
goto continue_outer_loop;
}
}
return l;
continue_outer_loop:
continue;
}
}
int main( void )
{
int number;
number = get_int_from_user( "Enter a number: " );
printf( "Input was valid.\n" );
printf( "The number is: %d\n", number );
return 0;
}
This program has the following behavior:
Enter a number: abc
Error converting string to number!
Enter a number: 6000000000
Number out of range error!
Enter a number: 6 7 8
Unexpected input encountered!
Enter a number: 6abc
Unexpected input encountered!
Enter a number: 6
Input was valid.
The number is: 6
Other answers give the right low-level details, so I'll limit myself to a higher-level: First, analyse what you expect each input line to look like. Try to describe the input with a formal syntax - with luck, you will find it can be described using a regular grammar, or at least a context-free grammar. If a regular grammar suffices, then you can code up a finite-state machine which recognizes and interprets each command-line one character at a time. Your code will then read a line (as explained in other replies), then scan the chars in the buffer through the state-machine. At certain states you stop and convert the substring scanned thus far to a number or whatever. You can probably 'roll your own' if it is this simple; if you find you require a full context-free grammar you are better off figuring out how to use existing parsing tools (re: lex and yacc or their variants).
I've been having a lot of problems trying to figure out how to use scanf(). It seems to work fine with integers, being fairly straight forward scanf("%d", &i).
Where I am running into issues is using scanf() in loops trying to read input. For example:
do {
printf("counter: %d: ", counter);
scanf("%c %c%d", &command, &prefix, &input);
} while (command != 'q');
When I enter in a validly structured input like c P101, it seems to loop again before prompting me. This seems to happen even with a single:
scanf("%c", &c)
in a while loop. It'll do the loop twice before prompting me again. What is making it loop twice, and how do I stop it?
When I enter in less amount of input that programmatically wouldn't have another character or number such as q, pressing enter seems to prompt me to enter more. How do I get scanf() to process both single and double character entries?
When you enter "c P101" the program actually receives "c P101\n". Most of the conversion specifiers skip leading whitespace including newlines but %c does not. The first time around everything up til the "\n" is read, the second time around the "\n" is read into command, "c" is read into prefix, and "P" is left which is not a number so the conversion fails and "P101\n" is left on the stream. The next time "P" is stored into command, "1" is stored into prefix, and 1 (from the remaining "01") is stored into input with the "\n" still on the stream for next time. You can fix this issue by putting a space at the beginning of the format string which will skip any leading whitespace including newlines.
A similiar thing is happening for the second case, when you enter "q", "q\n" is entered into the stream, the first time around the "q" is read, the second time the "\n" is read, only on the third call is the second "q" read, you can avoid the problem again by adding a space character at the beginning of the format string.
A better way to do this would be to use something like fgets() to process a line at a time and then use sscanf() to do the parsing.
It's really broken! I didn't know it
#include <stdio.h>
int main(void)
{
int counter = 1;
char command, prefix;
int input;
do
{
printf("counter: %d: ", counter);
scanf("%c %c%d", &command, &prefix, &input);
printf("---%c %c%d---\n", command, prefix, input);
counter++;
} while (command != 'q');
}
counter: 1: a b1
---a b1---
counter: 2: c d2
---
c1---
counter: 3: e f3
---d 21---
counter: 4: ---e f3---
counter: 5: g h4
---
g3---
The output seems to fit with Robert's answer.
Once you have the string that contains the line. i.e. "C P101", you can use the parsing abilities of sscanf.
See:
http://www.cplusplus.com/reference/clibrary/cstdio/sscanf.html
For question 1, I suspect that you've got a problem with your printf(), since there is no terminating "\n".
The default behavior of printf is to buffer output until it has a complete line. That is unless you explicitly change the buffering on stdout.
For question 2, you've just hit one of the biggest problems with scanf(). Unless your input exactly matches the scan string that you've specified, your results are going to be nothing like what you expect.
If you've got an option you'll have better results (and fewer security issues) by ignoring scanf() and doing your own parsing. For example, use fgets() to read an entire line into a string, and then process the individual fields of the string — maybe even using sscanf().
Perhaps using a while loop, not a do...while loop will help. This way the condition is tested before execution of the code.
Try the following code snippet:
while(command != 'q')
{
//statements
}
Also, if you know the string length ahead of time, 'for' loops can be much easier to work with than 'while' loops. There are also some trickier ways to dynamically determine the length as well.
As a final rant: scanf() does not "suck." It does what it does and that is all.
The gets() function is very dangerous (though convenient for no-risk applications), since it does not natively do any checking of the input. It is VERY commonly known as a point of exploit, specifically buffer overflow attacks, overwriting space in registers not allocated for that variable. Therefore if you choose to use it, spend some time putting some solid error checking/correction in.
However, almost invariably, either fgets() or POSIX getline() should be used to read the line — noting that the functions both include the newline in the input string, unlike gets(). You can remove the trailing newline from string read by either fgets() or getline() using string[strcspn(string, "\n")] = '\0'; — this works reliably.
I've been having a lot of problems trying to figure out how to use scanf(). It seems to work fine with integers, being fairly straight forward scanf("%d", &i).
Where I am running into issues is using scanf() in loops trying to read input. For example:
do {
printf("counter: %d: ", counter);
scanf("%c %c%d", &command, &prefix, &input);
} while (command != 'q');
When I enter in a validly structured input like c P101, it seems to loop again before prompting me. This seems to happen even with a single:
scanf("%c", &c)
in a while loop. It'll do the loop twice before prompting me again. What is making it loop twice, and how do I stop it?
When I enter in less amount of input that programmatically wouldn't have another character or number such as q, pressing enter seems to prompt me to enter more. How do I get scanf() to process both single and double character entries?
When you enter "c P101" the program actually receives "c P101\n". Most of the conversion specifiers skip leading whitespace including newlines but %c does not. The first time around everything up til the "\n" is read, the second time around the "\n" is read into command, "c" is read into prefix, and "P" is left which is not a number so the conversion fails and "P101\n" is left on the stream. The next time "P" is stored into command, "1" is stored into prefix, and 1 (from the remaining "01") is stored into input with the "\n" still on the stream for next time. You can fix this issue by putting a space at the beginning of the format string which will skip any leading whitespace including newlines.
A similiar thing is happening for the second case, when you enter "q", "q\n" is entered into the stream, the first time around the "q" is read, the second time the "\n" is read, only on the third call is the second "q" read, you can avoid the problem again by adding a space character at the beginning of the format string.
A better way to do this would be to use something like fgets() to process a line at a time and then use sscanf() to do the parsing.
It's really broken! I didn't know it
#include <stdio.h>
int main(void)
{
int counter = 1;
char command, prefix;
int input;
do
{
printf("counter: %d: ", counter);
scanf("%c %c%d", &command, &prefix, &input);
printf("---%c %c%d---\n", command, prefix, input);
counter++;
} while (command != 'q');
}
counter: 1: a b1
---a b1---
counter: 2: c d2
---
c1---
counter: 3: e f3
---d 21---
counter: 4: ---e f3---
counter: 5: g h4
---
g3---
The output seems to fit with Robert's answer.
Once you have the string that contains the line. i.e. "C P101", you can use the parsing abilities of sscanf.
See:
http://www.cplusplus.com/reference/clibrary/cstdio/sscanf.html
For question 1, I suspect that you've got a problem with your printf(), since there is no terminating "\n".
The default behavior of printf is to buffer output until it has a complete line. That is unless you explicitly change the buffering on stdout.
For question 2, you've just hit one of the biggest problems with scanf(). Unless your input exactly matches the scan string that you've specified, your results are going to be nothing like what you expect.
If you've got an option you'll have better results (and fewer security issues) by ignoring scanf() and doing your own parsing. For example, use fgets() to read an entire line into a string, and then process the individual fields of the string — maybe even using sscanf().
Perhaps using a while loop, not a do...while loop will help. This way the condition is tested before execution of the code.
Try the following code snippet:
while(command != 'q')
{
//statements
}
Also, if you know the string length ahead of time, 'for' loops can be much easier to work with than 'while' loops. There are also some trickier ways to dynamically determine the length as well.
As a final rant: scanf() does not "suck." It does what it does and that is all.
The gets() function is very dangerous (though convenient for no-risk applications), since it does not natively do any checking of the input. It is VERY commonly known as a point of exploit, specifically buffer overflow attacks, overwriting space in registers not allocated for that variable. Therefore if you choose to use it, spend some time putting some solid error checking/correction in.
However, almost invariably, either fgets() or POSIX getline() should be used to read the line — noting that the functions both include the newline in the input string, unlike gets(). You can remove the trailing newline from string read by either fgets() or getline() using string[strcspn(string, "\n")] = '\0'; — this works reliably.