以下示例使用各种线程特定的钩子过程来监视系统影响线程的事件。它演示了如何处理以下类型的钩子过程的事件:
WH_CALLWNDPROC
WH_CBT
WH_DEBUG
WH_GETMESSAGE
WH_KEYBOARD
WH_MOUSE
WH_MSGFILTER
用户可以使用菜单安装和删除挂钩过程。当安装挂钩过程并发生由过程监视的事件时,过程将有关事件的信息写入应用程序主窗口的客户端区域。
#define NUMHOOKS 7
//全局变量
typedef struct _MYHOOKDATAenen
{
int nType;
HOOKPROC hkprc;
HHOOK hhook;
} MYHOOKDATA;
MYHOOKDATA myhookdata[NUMHOOKS];
LRESULT WINAPI MainWndProc(HWND hwndMain,UINT uMsg,WPARAM wParam,
LPARAM lParam)
{
static BOOL afHooks[NUMHOOKS];
int index;
static HMENU hmenu;
开关(uMsg)
{
case WM_CREATE:
//保存菜单句柄。
hmenu = GetMenu(hwndMain);
//使用挂钩数据初始化结构。菜单项
//标识符定义为0到6
//头文件。它们可用于识别阵列
//这里和WM_COMMAND期间的元素
// 信息。
myhookdata[IDM_CALLWNDPROC].nType = WH_CALLWNDPROC;
myhookdata[IDM_CALLWNDPROC].hkprc = CallWndProc;
myhookdata[IDM_CBT].nType = WH_CBT;
myhookdata[IDM_CBT].hkprc = CBTProc;
myhookdata[IDM_DEBUG].nType = WH_DEBUG;
myhookdata[IDM_DEBUG].hkprc = DebugProc;
myhookdata[IDM_GETMESSAGE].nType = WH_GETMESSAGE;
myhookdata[IDM_GETMESSAGE].hkprc = GetMsgProc;
myhookdata[IDM_KEYBOARD].nType = WH_KEYBOARD;
myhookdata[IDM_KEYBOARD].hkprc = KeyboardProc;
myhookdata[IDM_MOUSE].nType = WH_MOUSE;
myhookdata[IDM_MOUSE].hkprc = MouseProc;
myhookdata[IDM_MSGFILTER].nType = WH_MSGFILTER;
myhookdata[IDM_MSGFILTER].hkprc = MessageProc;
//将数组中的所有标志初始化为FALSE。
memset(afHooks, FALSE, sizeof(afHooks));
return 0;
case WM_COMMAND:
开关(LOWORD(wParam))
{
//用户从菜单中选择了一个钩子命令。
case IDM_CALLWNDPROC:
case IDM_CBT:
case IDM_DEBUG:
case IDM_GETMESSAGE:
case IDM_KEYBOARD:
case IDM_MOUSE:
case IDM_MSGFILTER:
//使用菜单项标识符作为索引
//进入具有挂钩数据的结构数组。
index = LOWORD(wParam);
//如果选择类型的挂钩过程不是
//安装了,安装它并检查
//相关的菜单项。
if(!afHooks [index])
{
myhookdata[index].hhook = SetWindowsHookEx(
myhookdata [index] .nType,
myhookdata .hkprc [index],
(HINSTANCE) NULL, GetCurrentThreadId());
CheckMenuItem(hmenu,index,
MF_BYCOMMAND | MF_CHECKED);
afHooks[index] = TRUE;
}
//如果选择的挂钩过程类型为
//已安装,删除它并删除
//相关菜单项中的复选标记。
其他
{
UnhookWindowsHookEx(myhookdata[index].hhook);
CheckMenuItem(hmenu,index,
MF_BYCOMMAND | MF_UNCHECKED);
afHooks[index] = FALSE;
}
默认:
return(DefWindowProc(hwndMain,uMsg,wParam,
lParam));
}
break;
//
//处理其他消息。
//
默认:
return DefWindowProc(hwndMain, uMsg, wParam, lParam);
}
return NULL;
}
/****************************************************************
WH_CALLWNDPROC钩子程序
****************************************************************/
LRESULT WINAPI CallWndProc(int nCode,WPARAM wParam,LPARAM lParam)
{
CHAR szCWPBuf[256];
CHAR szMsg[16];
HDC hdc;
static int c = 0;
int cch;
if (nCode < 0) //不要处理消息
返回CallNextHookEx(myhookdata [CALLWNDPROC] .hhook,nCode,
wParam, lParam);
//调用转换消息的应用程序定义函数
//常量到字符串并将其复制到缓冲区。
LookUpTheMessage((PMSG) lParam, szMsg);
hdc = GetDC(hwndMain);
开关(nCode)
{
case HC_ACTION:
cch = wsprintf(szCWPBuf,
“CALLWNDPROC - tsk:%ld,msg:%s,%d times”,
wParam, szMsg, c++);
TextOut(hdc, 2, 15, szCWPBuf, cch);
break;
默认:
break;
}
ReleaseDC(hwndMain, hdc);
返回CallNextHookEx(myhookdata [CALLWNDPROC] .hhook,nCode,
wParam, lParam);
}
/****************************************************************
WH_GETMESSAGE钩子程序
****************************************************************/
LRESULT CALLBACK GetMsgProc(int nCode,WPARAM wParam,LPARAM lParam)
{
CHAR szMSGBuf[256];
CHAR szRem[16];
CHAR szMsg[16];
HDC hdc;
static int c = 0;
int cch;
if (nCode < 0) //不要处理消息
返回CallNextHookEx(myhookdata [GETMESSAGE] .hhook,nCode,
wParam, lParam);
开关(nCode)
{
case HC_ACTION:
开关(wParam)
{
case PM_REMOVE:
lstrcpy(szRem, "PM_REMOVE");
break;
case PM_NOREMOVE:
lstrcpy(szRem, "PM_NOREMOVE");
break;
默认:
lstrcpy(szRem, "Unknown");
break;
}
//调用转换a的应用程序定义函数
//将字符串的常量复制到一个字符串
// 缓冲。
LookUpTheMessage((PMSG) lParam, szMsg);
hdc = GetDC(hwndMain);
cch = wsprintf(szMSGBuf,
“GETMESSAGE - wParam:%s,msg:%s,%d times”,
szRem, szMsg, c++);
TextOut(hdc, 2, 35, szMSGBuf, cch);
break;
默认:
break;
}
ReleaseDC(hwndMain, hdc);
返回CallNextHookEx(myhookdata [GETMESSAGE] .hhook,nCode,
wParam, lParam);
}
/****************************************************************
WH_DEBUG钩子程序
****************************************************************/
LRESULT CALLBACK DebugProc(int nCode,WPARAM wParam,LPARAM lParam)
{
CHAR szBuf[128];
HDC hdc;
static int c = 0;
int cch;
if (nCode < 0) //不要处理消息
返回CallNextHookEx(myhookdata [DEBUG] .hhook,nCode,
wParam, lParam);
hdc = GetDC(hwndMain);
开关(nCode)
{
case HC_ACTION:
cch = wsprintf(szBuf,
“DEBUG - nCode:%d,tsk:%ld,%d times”,
nCode,wParam, c++);
TextOut(hdc, 2, 55, szBuf, cch);
break;
默认:
break;
}
ReleaseDC(hwndMain, hdc);
返回CallNextHookEx(myhookdata [DEBUG] .hhook,nCode,wParam,
lParam);
}
/****************************************************************
WH_CBT钩子程序
****************************************************************/
LRESULT CALLBACK CBTProc(int nCode,WPARAM wParam,LPARAM lParam)
{
CHAR szBuf[128];
CHAR szCode[128];
HDC hdc;
static int c = 0;
int cch;
if (nCode < 0) //不要处理消息
return CallNextHookEx(myhookdata [CBT] .hhook,nCode,wParam,
lParam);
hdc = GetDC(hwndMain);
开关(nCode)
{
case HCBT_ACTIVATE:
lstrcpy(szCode, "HCBT_ACTIVATE");
break;
case HCBT_CLICKSKIPPED:
lstrcpy(szCode, "HCBT_CLICKSKIPPED");
break;
case HCBT_CREATEWND:
lstrcpy(szCode, "HCBT_CREATEWND");
break;
case HCBT_DESTROYWND:
lstrcpy(szCode, "HCBT_DESTROYWND");
break;
case HCBT_KEYSKIPPED:
lstrcpy(szCode, "HCBT_KEYSKIPPED");
break;
case HCBT_MINMAX:
lstrcpy(szCode, "HCBT_MINMAX");
break;
case HCBT_MOVESIZE:
lstrcpy(szCode, "HCBT_MOVESIZE");
break;
case HCBT_QS:
lstrcpy(szCode, "HCBT_QS");
break;
case HCBT_SETFOCUS:
lstrcpy(szCode, "HCBT_SETFOCUS");
break;
case HCBT_SYSCOMMAND:
lstrcpy(szCode, "HCBT_SYSCOMMAND");
break;
默认:
lstrcpy(szCode, "Unknown");
break;
}
cch = wsprintf(szBuf, "CBT - nCode: %s, tsk: %ld, %d times ",
szCode, wParam, c++);
TextOut(hdc, 2, 75, szBuf, cch);
ReleaseDC(hwndMain, hdc);
return CallNextHookEx(myhookdata [CBT] .hhook,nCode,wParam,
lParam);
}
/****************************************************************
WH_MOUSE钩子程序
****************************************************************/
LRESULT CALLBACK MouseProc(int nCode,WPARAM wParam,LPARAM lParam)
{
CHAR szBuf[128];
CHAR szMsg[16];
HDC hdc;
static int c = 0;
int cch;
if (nCode < 0) //不处理消息
return CallNextHookEx(myhookdata [MOUSE] .hhook,nCode,
wParam, lParam);
//调用转换消息的应用程序定义函数
//常量到字符串并将其复制到缓冲区。
LookUpTheMessage((PMSG) lParam, szMsg);
hdc = GetDC(hwndMain);
cch = wsprintf(szBuf,
“MOUSE - nCode:%d,msg:%s,x:%d,y:%d,%d times”,
nCode, szMsg, LOWORD(lParam), HIWORD(lParam), c++);
TextOut(hdc, 2, 95, szBuf, cch);
ReleaseDC(hwndMain, hdc);
返回CallNextHookEx(myhookdata [MOUSE] .hhook,nCode,wParam,
lParam);
}
/****************************************************************
WH_KEYBOARD钩子程序
****************************************************************/
LRESULT CALLBACK KeyboardProc(int nCode,WPARAM wParam,LPARAM lParam)
{
CHAR szBuf[128];
HDC hdc;
static int c = 0;
int cch;
if (nCode < 0) //不要处理消息
返回CallNextHookEx(myhookdata [KEYBOARD] .hhook,nCode,
wParam, lParam);
hdc = GetDC(hwndMain);
cch = wsprintf(szBuf, "KEYBOARD - nCode: %d, vk: %d, %d times ",
nCode, wParam, c++);
TextOut(hdc, 2, 115, szBuf, cch);
ReleaseDC(hwndMain, hdc);
return CallNextHookEx(myhookdata [KEYBOARD] .hhook,nCode,wParam,
lParam);
}
/****************************************************************
WH_MSGFILTER钩子程序
****************************************************************/
LRESULT CALLBACK MessageProc(int nCode,WPARAM wParam,LPARAM lParam)
{
CHAR szBuf[128];
CHAR szMsg[16];
CHAR szCode[32];
HDC hdc;
static int c = 0;
int cch;
if (nCode < 0) //不要处理消息
返回CallNextHookEx(myhookdata [MSGFILTER] .hhook,nCode,
wParam, lParam);
开关(nCode)
{
case MSGF_DIALOGBOX:
lstrcpy(szCode, "MSGF_DIALOGBOX");
break;
case MSGF_MENU:
lstrcpy(szCode, "MSGF_MENU");
break;
case MSGF_SCROLLBAR:
lstrcpy(szCode, "MSGF_SCROLLBAR");
break;
case MSGF_NEXTWINDOW:
lstrcpy(szCode, "MSGF_NEXTWINDOW");
break;
默认:
wsprintf(szCode, "Unknown: %d", nCode);
break;
}
//调用转换消息的应用程序定义函数
//常量到字符串并将其复制到缓冲区。
LookUpTheMessage((PMSG) lParam, szMsg);
hdc = GetDC(hwndMain);
cch = wsprintf(szBuf,
“MSGFILTER nCode:%s,msg:%s,%d times”,
szCode, szMsg, c++);
TextOut(hdc, 2, 135, szBuf, cch);
ReleaseDC(hwndMain, hdc);
返回CallNextHookEx(myhookdata [MSGFILTER] .hhook,nCode,
wParam, lParam);
}
