如果获取用户发出的关机注销重起等命令?
WIN2K/XP下如何获取用户发出的/包括其它应用程序发出的关机注销重起等命令的消息?
[解决办法]
你是说VC下的?还是系统的.楼上说的那种方法可以,用对话框接消息
[解决办法]
关机
shutdown -s
注销
shutdown -l
重起
shutdown -r
你可以自己去看shutdown的帮助
shutdown /?
[解决办法]
[Ref]
The collective minds of ros-kernel describe the logout/shutdown process as follows:
App (usually explorer) calls ExitWindowsEx()
ExitWindowsEx() sends a message to CSRSS
CSRSS impersonates the caller and sends a message to a hidden WinLogon window
WinLogon checks if the caller has the required privileges
WinLogon enters pending log-out state
WinLogon impersonates the interactive user and calls ExitWindowsEx() again,
passing some special internal flags
CSRSS loops over all processes of the interactive user (sorted by their
SetProcessShutdownParameters() level), sending WM_QUERYENDSESSION and WM_ENDSESSION messages to its top-level windows. If the messages aren 't processed within the timeout period (registry key HKCU\Control Panel\Desktop\HungAppTimeout) CSRSS will put up a dialog box asking if the process should be terminated. Using the registry key HKCU\Control Panel\Desktop\AutoEndTask you can specify that the dialog box shouldn 't be shown and CSRSS should just terminate the thread. If the the WM_ENDSESSION message is processed but the thread doesn 't terminate within the timeout specified by HKCU\Control Panel\Desktop\WaitToKillAppTimeout CSRSS will terminate the thread. When all the top-level windows have been destroyed CSRSS will terminate the process. If the process is a console process, CSRSS will send a CTRL_LOGOFF_EVENT to the console control handler on logoff. No event is sent on shutdown. If the handler doesn 't respond in time the same activities as for GUI apps (i.e. display dialog box etc) take place. This also happens if the handler returns TRUE.
This ends the processing for the first ExitWindowsEx() call from WinLogon.
Execution continues in WinLogon, which calls ExitWindowsEx() again to terminate COM processes in the interactive user 's session.
WinLogon stops impersonating the interactive user (whos processes are
all dead by now). and enters logged-out state
If the ExitWindowsEx() request was for a logoff, WinLogon sends a SAS
event (to display the "press ctrl+alt+del ") to the GINA. WinLogon then waits for the GINA to send a SAS event to login.
If the ExitWindowsEx() request was for shutdown/restart, WinLogon calls
ExitWindowsEx() again in the system process context.
CSRSS goes through the motions of sending WM_QUERYENDSESSION/WM_ENDSESSION
to GUI processes running in the system process context but won 't display dialog boxes or kill threads/processes. Same for console processes, using the CTRL_SHUTDOWN_EVENT. The Service Control Manager is one of these console processes and has a special timeout value WaitToKillServiceTimeout.
WinLogon issues a "InitiateSystemShutdown " request to the SM (SMSS API # 1)
the SM propagates the shutdown request to every environment subsystem it
started since bootstrap time (still active ones, of course)
each environment subsystem, on shutdown request, releases every resource
it aquired during its life (processes, memory etc), then dies
when every environment subsystem has gone to bed, the SM actually initiates
the kernel and executive shutdown by calling NtShutdownSystem.
[解决办法]
要扑捉关机,其实响应几个消息就可以了
比如
WM_QUERYENDSESSION
WM_ENDSESSION
你要用hook api的方式干什么呢
关机不一直都调这几个api吧
比如系统带的
shutdown.exe 命令,你知道它调的是什么api吗?
[解决办法]
而且你应该hook的是
AbortSystemShutdownW
而不是
AbortSystemShutdown
[解决办法]
hook钩子
[解决办法]
消息钩子 hook
[解决办法]
参考一下这里
http://community.csdn.net/Expert/TopicView3.asp?id=5315007
[解决办法]
LRESULT CALLBACK WindowProc(
HWND hwnd, // handle to window
UINT uMsg, // message identifier
WPARAM wParam, // end-session option
LPARAM lParam // logoff option
);
Parameters
hwnd
Handle to window.
uMsg
WM_ENDSESSION identifier.
wParam
If the session is being ended, this parameter is TRUE; otherwise, it is FALSE.
lParam
If this parameter includes ENDSESSION_LOGOFF, the user is logging off; otherwise, the user is shutting down the system. (Note that this parameter is a bit mask. To test for this value, use a bit-wise operation; do not test for equality.)
If this parameter is zero, the system is shutting down.
[解决办法]
你看看 lParam
If this parameter includes ENDSESSION_LOGOFF, the user is logging off; otherwise, the user is shutting down the system. (Note that this parameter is a bit mask. To test for this value, use a bit-wise operation; do not test for equality.)
If this parameter is zero, the system is shutting down.
[解决办法]
这个肯定要用hook来做,具体只有参阅文档了