Originally Posted by
Elysia
The biggest flaw of scanf is that it the default way of doing it means you don't specify the size of your buffer, which means in the user enters a too long string, you get a buffer overrun, which is very bad™.
You can specify buffer size to scanf, BUT is has to be encoded in the string. So you'll probably have to mess around with creating a proper string from piecing together the format and the buffer size.
On the other hand, fgets does all this for you. It reads from the specified file as you tell it, you can pass the buffer size as an argument (which means you can pass something such as sizeof(mybuffer)), plus it takes a char* argument IIRC, which means you'll get a warning if you pass an incompatible pointer (in C).
So all in all, fgets is superior to scanf when reading strings.