消息钩子入门篇(4)---示例__外壳钩子(WH_SHELL)

这个例子程序完成记录系统所有启动的程序的功能，并保存到文件中。
依然建立的是MFC扩展动态链接库。步骤同前面的例子。
ShellHook.h文件中声明导出类
class AFX_EXT_CLASS CShellHook:public CObject
{
public:
    CShellHook();
    ~CShellHook();
    void SetShellHook();
    void unSetShellHook();
};

ShellHook.cpp文件的内容：

#include "stdafx.h"
#include <afxdllx.h>
#include "ShellHook.h"
#ifdef _DEBUG
#define new DEBUG_NEW
#undef THIS_FILE
static char THIS_FILE[] = __FILE__;
#endif
HHOOK glShellHook;
HINSTANCE hInst;
LRESULT CALLBACK ShellHookProc(int nCode,WPARAM wParam,LPARAM lParam);
void SaveLog(CString str);
static AFX_EXTENSION_MODULE ShellHookDLL = { NULL, NULL };

extern "C" int APIENTRY
DllMain(HINSTANCE hInstance, DWORD dwReason, LPVOID lpReserved)
{
    // Remove this if you use lpReserved
    UNREFERENCED_PARAMETER(lpReserved);

    if (dwReason == DLL_PROCESS_ATTACH)
    {
        TRACE0("SHELLHOOK.DLL Initializing!/n");
       
        // Extension DLL one-time initialization
        if (!AfxInitExtensionModule(ShellHookDLL, hInstance))
            return 0;

        // Insert this DLL into the resource chain
        // NOTE: If this Extension DLL is being implicitly linked to by
        //  an MFC Regular DLL (such as an ActiveX Control)
        //  instead of an MFC application, then you will want to
        //  remove this line from DllMain and put it in a separate
        //  function exported from this Extension DLL.  The Regular DLL
        //  that uses this Extension DLL should then explicitly call that
        //  function to initialize this Extension DLL.  Otherwise,
        //  the CDynLinkLibrary object will not be attached to the
        //  Regular DLL's resource chain, and serious problems will
        //  result.

        new CDynLinkLibrary(ShellHookDLL);
        hInst=hInstance;
    }
    else if (dwReason == DLL_PROCESS_DETACH)
    {
        TRACE0("SHELLHOOK.DLL Terminating!/n");
        // Terminate the library before destructors are called
        AfxTermExtensionModule(ShellHookDLL);
    }
    return 1;   // ok
}
CShellHook::CShellHook()
{
}
CShellHook::~CShellHook()
{
unSetShellHook();
}
void CShellHook::SetShellHook()
{
    glShellHook=(HHOOK)SetWindowsHookEx(WH_SHELL,ShellHookProc,hInst,0);
}
void CShellHook::unSetShellHook()
{
    if (glShellHook)
    {
        BOOL bRet=UnhookWindowsHookEx(glShellHook);
        if (bRet)
        {
            glShellHook=NULL;
        }
    }
}
LRESULT CALLBACK ShellHookProc(int nCode,WPARAM wParam,LPARAM lParam)
{
    if (nCode==HSHELL_WINDOWCREATED)
    {
        CWnd* pwnd=CWnd::FromHandle((HWND)wParam);
        CString strName;
        pwnd->GetWindowText(strName);
        SaveLog(strName);
        if (strName=="扫雷")
        {
           PostMessage(pwnd->GetSafeHwnd(),WM_CLOSE,0,0);
        }
    }
    return 0;
}
void SaveLog(CString str)
{
    CTime tm=CTime::GetCurrentTime();
    CString name;
    name.Format("D://shellhook_%d_%d.log",tm.GetMonth(),tm.GetDay());
    CFile file;
    if (!file.Open(name,CFile::modeReadWrite))
    {
        file.Open(name,CFile::modeCreate|CFile::modeReadWrite);
    }
    file.SeekToEnd();
    file.Write(str.GetBuffer(128),str.GetLength());
    CString strTime;
    strTime.Format("/t%02d:%02d:%02d/r/n",tm.GetHour(),tm.GetMinute(),tm.GetSecond());
    file.Write(strTime.GetBuffer(128),strTime.GetLength());
    file.Close();
}
学习内容：文件操作中的问题，（1）文件定位到文件末尾（2）在文本文件中输入回车符用"/r/n"