NOTE: getchar() returns an int:
getchar(3): input of char/strings - Linux man page. That is so it can return all valid character values, plus any "special" values like EOF. Thus, your response variable should be declared int to properly handle this, and your loops that call getchar() should also handle the possibility of EOF.
As for your second question, you seem to understand it more or less correctly. I would say item 4 is really a sub-section of item 2. Item 3 is incorrect in that, the while loop doesn't evaluate the 'n', it calls getchar(), which takes the next character out of the input buffer, whatever it may be ('n', 'y', '\n' or something else).
The inner while loop is used to flush the input buffer, i.e. "eat" any leftover characters up to and including the newline from you pressing enter (a more robust flush method would check for EOF as well as '\n'). The reason pressing enter right off the bat gives you "Sorry..." has to do with the use of two calls to getchar. When you start your program, and it hits the first getchar() on line 13, you press enter. You read that newline, removing it from the buffer. It is not a 'y', so it enters the loop. Since '\n' is also not 'n', you get the sorry message. Then, your inner while loop attempts to eat everything up to the next newline, which is your second line of input, i.e. the second line of input is thus ignored.
As you can see, this is not a very robust way to get input from the user, since it fails when you press enter right off the bat, which is a common enough error that should be handled properly. The vast majority of the time, my preference is to read a line of input into a char array (e.g. char input[256]
with fgets, strip any newline (
link) then use
sscanf or strtol (and related funcs) to scan the input, or to access the input directly, like input[0], or strcmp(input, "some string"), etc. This tends to be much more fault tolerant, and is easy to recover from errors.