用拷贝钩子实现对文件夹的监控

[转自CSDN]

ICopyHook是一个用于创建拷贝钩子处理程序COM接口,它决定一个文件夹或者打印机对象是否可以被移动,拷贝,重命名或删除。Shell在执行这些操作之前,会调用ICopyHook接口的CopyCallback方法对它们进行验证。CopyCallback返回一个int值指示Shell是否应该继续执行这个操作。返回值IDYES表示继续,而返回值IDNO和IDCANCEL则表示终止。

一个文件夹对象可以安装多个拷贝钩子处理程序。如果出现这种情况,Shell会依次调用每个处理程序。只有当每个处理程序都返回IDYES时,Shell才真正执行用户请求的操作。

拷贝钩子处理程序的作用是在上述四种操作执行前对它们进行验证,但是Shell并不会把操作的结果通知给拷贝钩子处理程序。而windows提供的API函数FindFirstChangeNotification和FindNextChangeNotification却可以实现这个功能。因此,只有把这种两种方法结合起来,才能对一个文件夹的状态进行完全的监控。

拷贝钩子处理程序实现并不困难,首先创建一个作为进程内组件的COM对象,它只需要暴露一个ICopyHook接口(当然还有IUnknown)。然后用regsrv32.exe注册这个COM组件。最后一步是向Shell注册你的这个拷贝钩子处理程序,方法是在注册表HKEY_CLASSES_ROOT/Directory/Shellex/CopyHookHandlers下创建一个名称任意的sub key,在此sub key中创建一个类型为REG_SZ的项并将你的COM对象的CLSID作为它的默认值就可以了。

下面就是一个拷贝钩子的实现程序

 

// CCopyHook.h 

//CCopyHook类实现了ICopyHook接口,CClassFactory实现了IClassFactory接口

#include <shlobj.h>

class CCopyHook: public ICopyHook

{

public:

            CCopyHook():m_refcnt(0)  {  }

            STDMETHODIMP QueryInterface(REFIID iid,void** ppvObject);

            STDMETHODIMP_(ULONG) AddRef();

            STDMETHODIMP_(ULONG) Release();

            STDMETHODIMP_(UINT) CopyCallback(HWND hwnd,UINT wFunc,UINT wFlags,

                                                     LPCTSTR pszSrcFile,DWORD dwSrcAttribs,

                                                     LPCTSTR pszDestFile,DWORD dwDestAttribs);

private:

            int m_refcnt;

};

class CClassFactory:public IClassFactory

{

public:

            CClassFactory():m_refcnt(0)  {   }

            STDMETHODIMP QueryInterface(REFIID iid,void** ppvObject);

            STDMETHODIMP_(ULONG) AddRef();

            STDMETHODIMP_(ULONG) Release();

            STDMETHODIMP CreateInstance(IUnknown * pUnkOuter,REFIID riid,void ** ppvObject);

            STDMETHODIMP LockServer(BOOL fLock);

private:

            int m_refcnt;

};

 

// CCopyHook.cpp

//CCopyHook对象和CClassFactory对象的实现文件

#include <stdio.h>

#include "CCopyHook.h"

 

extern LONG nLocks;          //对象计数,用于DllCanUnloadNow

 

ULONG __stdcall CCopyHook::AddRef(){

            if(m_refcnt==0)

                        nLocks++;

            m_refcnt++;

            return m_refcnt;

}

ULONG __stdcall CCopyHook::Release(){

            int nNewCnt=--m_refcnt;

            if(nNewCnt<=0){

                        nLocks--;

                        delete this;

            }

            return nNewCnt;

}

HRESULT __stdcall CCopyHook::QueryInterface(REFIID iid,void** ppvObject){

            if(iid==IID_IUnknown)

                        *ppvObject=static_cast<IUnknown*>(this);

            else

                        if(iid==IID_IShellCopyHook)

                            *ppvObject=static_cast<ICopyHook*>(this);

            else

                         return E_NOINTERFACE;

            reinterpret_cast<IUnknown*>(*ppvObject)->AddRef();

            return S_OK;

}

//这就是CopyCallback方法,拷贝钩子的所有功能由它实现。参数的具体值参看MSDN

UINT __stdcall CCopyHook::CopyCallback(HWND hwnd,UINT wFunc,UINT wFlags,

                                                     LPCTSTR pszSrcFile,DWORD dwSrcAttribs,

                                                     LPCTSTR pszDestFile,DWORD dwDestAttribs){

            char szMessage[MAX_PATH+14];

            sprintf(szMessage,"对%s进行的操作,是否继续?",pszSrcFile);

            return MessageBox(NULL,szMessage,"确认",MB_YESNO|MB_ICONEXCLAMATION);

}

ULONG __stdcall CClassFactory::AddRef(){

            if(m_refcnt==0)

                        nLocks++;

            m_refcnt++;

            return m_refcnt;

}

ULONG __stdcall CClassFactory::Release(){

            int nNewCnt=--m_refcnt;

            if(nNewCnt<=0){

                        nLocks--;

                        delete this;

            }

            return nNewCnt;

}

HRESULT __stdcall CClassFactory::QueryInterface(REFIID iid,void** ppvObject){

            if(iid==IID_IUnknown)

                        *ppvObject=static_cast<IUnknown*>(this);

            else

                        if(iid==IID_IClassFactory)

                            *ppvObject=static_cast<IClassFactory*>(this);

            else

                         return E_NOINTERFACE;

            reinterpret_cast<IUnknown*>(*ppvObject)->AddRef();

            return S_OK;

}

HRESULT __stdcall CClassFactory::CreateInstance(IUnknown* pUnkownOuter,REFIID riid,void** ppvObj){

            if(pUnkownOuter!=NULL)

                        return CLASS_E_NOAGGREGATION;

            CCopyHook* pObj=new CCopyHook;

            pObj->AddRef();

            HRESULT hr=pObj->QueryInterface(riid,ppvObj);

    pObj->Release();

            return hr;

}

HRESULT __stdcall CClassFactory::LockServer(BOOL fLock){

            if(fLock)

                nLocks++;

            else

                        nLocks--;

            return S_OK;

}

// main.cpp

//主要实现了几个COM对象标准的导出函数。

#include <objbase.h>

#include <olectl.h>

#include "CCopyHook.h"

 

//这是要添加到注册表中的项,注意如果你要使用这段代码,应该用UUIDGEN.exe生成一

//个新的CLSID。

const char* szRegTable[][3]={

{"CLSID//{7e10a039-fe03-4f9c-b7e1-c5eeeaf53735}",0,"CopyHook"},

{"CLSID//{7e10a039-fe03-4f9c-b7e1-c5eeeaf53735}//InProcServer32",0,(const char*)-1},

{"CLSID//{7e10a039-fe03-4f9c-b7e1-c5eeeaf53735}//InProcServer32","ThreadingModel","Apartment"},

{"CLSID//{7e10a039-fe03-4f9c-b7e1-c5eeeaf53735}//ProgID",0,"webber84.CopyHook.1"},

{"webber84.CopyHook.1",0,"CopyHook"},

{"webber84.CopyHook.1//CLSID",0,"{7e10a039-fe03-4f9c-b7e1-c5eeeaf53735}"}};

HMODULE hInstance=NULL;

LONG nLocks=0;

BOOL APIENTRY DllMain( HANDLE hModule,

                       DWORD  ul_reason_for_call,

                       LPVOID lpReserved

                                                             ){

            if(ul_reason_for_call==DLL_PROCESS_ATTACH)

                        hInstance=(HMODULE)hModule;

    return TRUE;

}

STDAPI DllUnregisterServer(){

            HRESULT hr=S_OK;         LONG ret=0;

            int items=sizeof(szRegTable)/sizeof(szRegTable[0]);

            for(int i=items-1;i>=0;i--){

                        const char* szKeyName=szRegTable[i][0];

                        if( (i==items-1) || stricmp(szRegTable[i+1][0],szKeyName)!=0)

                             ret=RegDeleteKey(HKEY_CLASSES_ROOT,szKeyName);

        if(ret!=ERROR_SUCCESS)

                                    hr=SELFREG_E_CLASS;

            }

            return hr;

}

//可重用的DllRegisterServer函数,只要照上面的格式把注册表项放到一个数组中,就可以//用这段代码完成对任意组件的注册。

STDAPI DllRegisterServer(void){

            HRESULT hr=S_OK;

            int items=sizeof(szRegTable)/sizeof(szRegTable[0]);

            char szDllPath[MAX_PATH];

            GetModuleFileName(hInstance,szDllPath,MAX_PATH);

            for(int i=0;i<items && SUCCEEDED(hr);i++){

                        const char* szKeyName=szRegTable[i][0];

                        const char* szValueName=szRegTable[i][1];

                        const char* szValue=szRegTable[i][2];

                        if(szValue==(const char*)-1)

                                    szValue=szDllPath;

                        HKEY hKey;

                        LONG ret=RegCreateKey(HKEY_CLASSES_ROOT,szKeyName,&hKey);

                        if(ret==ERROR_SUCCESS){

                                    RegSetValueEx(hKey,szValueName,0,REG_SZ,(const BYTE*)szValue,

strlen(szValue)+1);

                                    RegCloseKey(hKey);

                        }

                        if(ret!=ERROR_SUCCESS){

                                    hr=SELFREG_E_CLASS;

                                    DllUnregisterServer();

                        }

            }

            return hr;

}

STDAPI DllGetClassObject (REFCLSID rclsid, REFIID riid, void** ppvObj) {

    HRESULT hr = E_OUTOFMEMORY;

    *ppvObj = NULL;

    CClassFactory *pClassFactory = new CClassFactory;

    if (pClassFactory != NULL)

        hr = pClassFactory->QueryInterface(riid, ppvObj);

    return hr;

}

STDAPI DllCanUnloadNow(){

            return nLocks==0 ? S_OK : S_FALSE;

}

作者Blog:http://blog.csdn.net/webber84/

评论 2
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包
实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值