WINDOWS unapproved function revealed
This introduction is how to use the Windows Unprecedented Function to implement system file operation monitoring. With this feature, you can operate any files, folders, folders; delete files; change file size, etc., can be recorded. First, to achieve the above described operation does not disclose two functions: SHChangeNotifyRegister definitions and SHChangeNotifyDeregister, SHChangeNotifyRegister function is as follows: Declare Function SHChangeNotifyRegister Lib "shell32" Alias "# 2" _ (ByVal hWnd As Long, _ByVal uFlags As SHCN_ItemFlags, _ByVal dwEventID As SHWVAL CITIDS, BYVAL UMSG AS long, _BYVAL CITEMS ASTRUCT AS LONG These parameter hWnd Specifies the window handle of the system advertisement, the parameter UMSG specifies the message value. If the function call is successful, the system will add the window specified by the HWND. In the system advertisement chain, and return the system adverb handle. When there is a system operation such as a setup file, the system sends a UMSG message to the window specified by the HWND, and the other parameters will be described below. The function ShchangenNotifydedegegister is defined as follows: Declare Function Shchange Notify Deregister lib "shell32" Alias "# 4" _ (Byval Hnotify As long) AS Boolean is the handle of the parameter hnotify specifies the handle of the system notification. Here is the specific VB example: first establish a new project, add a TextBox control in Form1. Add the following code in the Form1's code window: Option ExplicitPrivate Sub Form_Load () if SubClass (HWND) THEN 'Change Form1 Message Processing IF Iside Tentext1.Text = VBCRLF & _ "A Windows file directory operation instant monitoring program, "& VBCRLF &" can monitor rename, new, delete "& _vbcrlf &" pieces or directories in Explore; change file associations; insert, remove CD and add "& VBCRLF &" to delete network sharing can be subject to record it.
"End IfCall SHNotify_Register (hWnd) ElseText1 =" operating system does not support the monitoring program :-) "End IfMove Screen.Width - Width, Screen.Height - HeightEnd SubPrivate Function IsIDE () As BooleanOn Error GoTo OutDebug.Print 1 / 0Out: IsIDE = ErrEnd FunctionPrivate Sub Form_Unload (Cancel As Integer) Call SHNotify_UnregisterCall unSubClass (hWnd) End SubPublic Sub NotificationReceipt (wParam As Long, lParam As Long) Dim sOut As StringDim shns As SHNOTIFYSTRUCTDim sDisplayname1 As StringDim sDisplayname2 As StringMoveMemory shns, ByVal wParam, Len (shns ) If shns.dwItem1 ThensDisplayname1 = GetDisplayNameFromPIDL (shns.dwItem1) End IfIf shns.dwItem2 ThensDisplayname2 = GetDisplayNameFromPIDL (shns.dwItem2) End IfsOut = SHNotify_ GetEvent Str (sDisplayname1, sDisplayname2, lParam) & vbCrLfText1 = Text1 & sOut & vbCrLfText1.SelStart = Len (Text1) End Sub then adds three modules (BAS) files in the project, saved three files as mdef.bas, mshell.bas, msub.bas.
Add the following code in MDEF.BAS: 'MDEF.BAS contains the function of the shell operation and the definition of the data type Option ExplicitDeclare Sub MoveMEMORY LIB "kernel32" Alias "RTLMOVEMEMORY" (PDEST As Any, _psource as any, byval dwlingth as long) Declare Sub CoTaskMemFree Lib "ole32.dll" (ByVal pv As Long) Public Const MAX_PATH = 260Public Const NOERROR = 0'SHGetSpecialFolderLocation obtain a location for a particular directory, if the function returns successfully NOERROR 'or an OLE error Declare function SHGetSpecialFolderLocation Lib " shell32.dll "_ (ByVal hwndOwner As Long, _ByVal nFolder As SHSpecialFolderIDs, _pidl As Long) As LongPublic Enum SHSpecialFolderIDs' list IDCSIDL_DESKTOP all Windows special folders = & H0CSIDL_INTERNET = & H1CSIDL_PROGRAMS = & H2CSIDL_CONTROLS = & H3CSIDL_PRINTERS = & H4CSIDL_PERSONAL = & H5CSIDL_FAVORITES = & H6CSIDL_STARTUP = & H7CSIDL_RECENT = & H8CSIDL_SENDTO = & H9CSIDL_BITBUCKET = & HACSIDL_STARTMENU = & HBCSIDL_DESKTOPDIRECTORY = & H10CSIDL_DRIVES = & H11CSIDL_NETWORK = & H12CSIDL_NETHOOD = & H13CSIDL_FONTS = & H14CSIDL_TEMPLATES = & H15CSIDL_COMMON_STARTMENU = & H16CSIDL_COMMON_PROGRAMS = & H17CSIDL_COMMON_STARTUP = & H18CSIDL_COMMON_DESKTOPDIRECTORY = & H19CSIDL_APPDATA = & H1ACSIDL_PRINTHOOD = & H1BCSIDL_ALTSTARTUP = & H1DCSIDL_COMMON_ALTSTARTUP = & H1ECSIDL_COMMON_FAVORITES = & H1FCSIDL_INTERNET_CACHE = & H20CSIDL_COOKIES = & H21CSIDL_HISTORY = & H22End Enum'SHGetPathFromIDList Item function to convert a file path Declare Function SHGetPathFromIDList Lib "shell32.dll" Alias "SHGetPathFromIDListA"
