Added new project

[Sailesh3000]

Fixes #

Proposed Changes

• Added a new C project
• Based on the login system
  -Using SQLITE3

[guardrails]

⚠️ We detected 3 security issues in this pull request:

Insecure Processing of Data (3)

Severity	Details	Docs
Medium	Title: Missing width for format specifier in scanf function https://github.com/aravindvnair99/C/blob/19cb1e5c5151953661a284baf81f377bd5a48e33/Source Codes/C Based Login System/login.c#L38	📚
Medium	Title: Missing width for format specifier in scanf function https://github.com/aravindvnair99/C/blob/19cb1e5c5151953661a284baf81f377bd5a48e33/Source Codes/C Based Login System/loginus.c#L20	📚
Medium	Title: Inherently dangerous sprintf family function https://github.com/aravindvnair99/C/blob/19cb1e5c5151953661a284baf81f377bd5a48e33/Source Codes/C Based Login System/loginus.c#L25	📚

More info on how to fix Insecure Processing of Data in C/C++.

---

👉 Go to the dashboard for detailed results.

📥 Happy? Share your feedback with us.

[Sailesh3000]

Can my project be approved

[aravindvnair99]

@Sailesh3000 Please remove Source Codes/CLog/sqlite3.c and Source Codes/CLog/sqlite3.h as it's not required to keep them in the repository. These can be retrieved from the SQLite library installed via package managers. For example, on AL2023, you can do yum install sqlite-devel and then do gcc loginus.c -lsqlite3 -o loginus to compile.

Also a person who would want to try your project would normally run your code directly and they might get the feeling that your code is broken:

$ ./loginus 
Enter Username: 
abc

User not found
Enter Username: 
123

User not found
Enter Username: 

Unless they open your database:

$ sqlite3 login.db 
SQLite version 3.40.0 2023-06-02 12:56:32
Enter ".help" for usage hints.
sqlite> .dump
PRAGMA foreign_keys=OFF;
BEGIN TRANSACTION;
CREATE TABLE users (
    id INTEGER PRIMARY KEY AUTOINCREMENT,
    username TEXT NOT NULL,
    password TEXT NOT NULL
);
INSERT INTO users VALUES(1,'user1','password123');
INSERT INTO users VALUES(2,'user2','pass456');
INSERT INTO users VALUES(3,'another_user','securePass789');
DELETE FROM sqlite_sequence;
INSERT INTO sqlite_sequence VALUES('users',3);
COMMIT;

And try with those users:

$ ./loginus 
Enter Username: 
user1

Enter your Password: password123


******LOGIN SUCCESSFUL******

Thus I would recommend:

• implementing both sign-up and login workflows
• document the same in your README.
• Additionally:
  • prompt the password a secure way instead of displaying it as normal text
  • and remove the extra enter / return key needed for username.

[Sailesh3000]

requested changes have been added

[aravindvnair99]

@Sailesh3000 Status checks are failing now. Please have them pass so that I can review and merge them.

[Sailesh3000]

All checks are successful I guess

[Sailesh3000]

I think now everything is good