"this variable is unsafe consider using strtok_S instead"
these are warnings to try to get you to use 'safer' versions that prevent buffer overflow type security attacks. It is only a warning, and does not matter unless your program is vulnerable to attacks (is commercial grade software rather than learning / at home stuff) but you may as well learn to use it.
char * is how C does strings, a "c-string" as it is called by programmers. std::string can be constructed from one, or accept them in various assignment statements or cast operations and you can go backwards with string.cstr() or if very carful about what you do, &string is a char*
but, lets back up. strtok is a C function for a C data type. Lets not do that to ourself; re-read above you you will see: use strtok, or some modern equivalent
give this a read, and consider using a stringstream instead:
strtok is an important function (you may frequently use it on command line argument passing if nowhere else): it is efficient and it gets the job done. But its rather messy, and if you are unfamiliar with C style string work, dangerous (bug prone). Use it if you want, but brush up on C string processing if you are not well versed.
regx is something you should keep in your back pocket if you need it, but its a very large hammer for this problem which just needs a gentle tap :)