True or false condition in C programming

Question

My assignment is to create a password judging program which will determine if the password I entered is strong or not. I can't figure out how to set the criteria to true.

Here are the criteria.

It should have at least eight (8) characters. It should have at least one (1) digit. It should have at least one (1) lowercase letter. It should have at least one (1) uppercase letter.

and here is what I made so far.

#include <stdio.h>
#include <ctype.h>
#include <string.h>
#define T 100
#define MAX 255

int main(){
    char string[T][MAX];
    int t;
    int i, j;
    int crit1[T], crit2[T], crit3[T], crit4[T];

    scanf("%d", &t);
    getchar();
    for (i=0; i<t; i++){
        fgets(string[i], sizeof(string[i]), stdin);
        if(strlen(string[i])>=8)
                crit1[i]=1;
    }

    for (i=0; i<t; i++){
        for(j=0; j<strlen(string[i]); j++){
            if(!isdigit(string[i][j])){
                crit2[i]=1;
                }
            if(!islower(string[i][j])){
                crit3[i]=1;
                }
            if(!isupper(string[i][j])){
                crit4[i]=1;
                }
        }
    }

    for (i=0; i<t; i++){
        if (crit1[i]==1 && crit2[i]==1 && crit3[i]==1 && crit4[i]==1)
        printf("Case #%d: STRONG\n", i+1);

        else
        printf("Case #%d: NOT STRONG\n", i+1);
    }

    return 0;
}

If I enter "password123" for the first case and "Password123" for the second case. The program will output STRONG for both cases when it should only recognize the 2nd case STRONG and the 1st case should output NOT STRONG.

Answer 1

As stated by many others, you have a clear problem of uninitialized array, but it would be very unlikely that in that initialized memory you would find "ones". The actual source of your wrong result is that you shouldn't negate your conditions, e.g.: !islower(string[i][j]) should be simply islower(string[i][j])

Answer 2

Several things.

First, declare a function that will say whether a password is strong. You should be able to pass a string into the function, and it will return an answer telling you whether the password is strong.

Then you can look in detail at the conditions with fewer distractions like that extra loop variable i that's in the middle of everything for no good reason in the old code.

The problem with your conditions turns out to be quite simple: they are all "inverted". That is, when you see a digit, you don't check off the criterion crit2, but you do check off crit3 and crit4. So now if you see either a lowercase or uppercase letter, you will check off crit2 (and redundantly check off one other criterion) and you will say "strong" at the end.

So give your variables names that say what they do. Never crit1, crit2, and so forth. Maybe is_long_enough, has_digit, etc. That way when you write is_digit = 1 at least you have an immediate clue that you should be looking at a digit. Then you are less likely to make silly mistakes like setting this criterion true when !isdigit(c) is true, as that is exactly opposite from the condition you are trying to satisfy.

You also have some uninitialized arrays here, as others have observed, but if you take the advice to write a function to tell whether a single password is strong, and call that function once for each password, four of your arrays simply disappear from the code. They are replaced by four variables inside the function that only have to indicate the strength of one password (the one that function is working on at the moment). Just remember that every variable gets an initializer when you declare it, pick the obvious initializer for each of these, and you'll be OK.

Answer 3

You will have to initialize crit1[], crit2[], et c. to 0.

for (i=0; i<T; i++)
  crit1[i] = crit2[i] = crit3[i] = crit4[i] = 0