2 * ReactOS Win32 Applications
3 * Copyright (C) 2007 ReactOS Team
5 * This program is free software; you can redistribute it and/or modify
6 * it under the terms of the GNU General Public License as published by
7 * the Free Software Foundation; either version 2 of the License, or
8 * (at your option) any later version.
10 * This program is distributed in the hope that it will be useful,
11 * but WITHOUT ANY WARRANTY; without even the implied warranty of
12 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
13 * GNU General Public License for more details.
15 * You should have received a copy of the GNU General Public License
16 * along with this program; if not, write to the Free Software
17 * Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
20 * COPYRIGHT : See COPYING in the top level directory
21 * PROJECT : Event Log Viewer
23 * PROGRAMMER: Marc Piulachs (marc.piulachs at codexchange [dot] net)
27 #include <windows.h> // Standard windows include file
28 #include <commctrl.h> // For ListView control APIs
29 #include <tchar.h> // For TCHAR and string functions.
34 #pragma warning(disable: 4996) // 'strdup' was declared deprecated
35 #define _CRT_SECURE_NO_DEPRECATE // all deprecated 'unsafe string functions
38 static const LPSTR EVENT_SOURCE_APPLICATION
= "Application";
39 static const LPSTR EVENT_SOURCE_SECURITY
= "Security";
40 static const LPSTR EVENT_SOURCE_SYSTEM
= "System";
41 static const TCHAR szWindowClass
[] = _T("EVENTVWR"); // the main window class name
43 //MessageFile message buffer size
44 #define EVENT_MESSAGE_EVENTTEXT_BUFFER 1024*10
45 #define EVENT_MESSAGE_FILE_BUFFER 1024*10
46 #define EVENT_DLL_SEPARATOR ";"
47 #define EVENT_MESSAGE_FILE "EventMessageFile"
48 #define EVENT_CATEGORY_MESSAGE_FILE "CategoryMessageFile"
49 #define EVENT_PARAMETER_MESSAGE_FILE "ParameterMessageFile"
51 #define MAX_LOADSTRING 255
54 HINSTANCE hInst
; // current instance
55 TCHAR szTitle
[MAX_LOADSTRING
]; // The title bar text
58 HWND hwndMainWindow
; // Main window
59 HWND hwndListView
; // ListView control
60 HWND hwndStatus
; // Status bar
62 LPTSTR lpSourceLogName
= NULL
;
63 LPTSTR lpComputerName
= NULL
;
65 // Forward declarations of functions included in this code module:
66 ATOM
MyRegisterClass(HINSTANCE hInstance
);
67 BOOL
InitInstance(HINSTANCE
, int);
68 LRESULT CALLBACK
WndProc (HWND
, UINT
, WPARAM
, LPARAM
);
69 INT_PTR CALLBACK
About (HWND
, UINT
, WPARAM
, LPARAM
);
70 INT_PTR CALLBACK
EventDetails (HWND
, UINT
, WPARAM
, LPARAM
);
71 static INT_PTR CALLBACK
StatusMessageWindowProc (HWND
, UINT
, WPARAM
, LPARAM
);
73 int APIENTRY
_tWinMain(HINSTANCE hInstance
,
74 HINSTANCE hPrevInstance
,
80 INITCOMMONCONTROLSEX iccx
;
82 UNREFERENCED_PARAMETER(hPrevInstance
);
83 UNREFERENCED_PARAMETER(lpCmdLine
);
85 // Whenever any of the common controls are used in your app,
86 // you must call InitCommonControlsEx() to register the classes
87 // for those controls.
88 iccx
.dwSize
= sizeof(INITCOMMONCONTROLSEX
);
89 iccx
.dwICC
= ICC_LISTVIEW_CLASSES
;
90 InitCommonControlsEx(&iccx
);
92 // Initialize global strings
93 LoadString(hInstance
, IDS_APP_TITLE
, szTitle
, MAX_LOADSTRING
);
94 MyRegisterClass(hInstance
);
96 // Perform application initialization:
97 if (!InitInstance (hInstance
, nCmdShow
))
102 hAccelTable
= LoadAccelerators(hInstance
, MAKEINTRESOURCE(IDC_EVENTVWR
));
104 // Main message loop:
105 while (GetMessage(&msg
, NULL
, 0, 0))
107 if (!TranslateAccelerator(msg
.hwnd
, hAccelTable
, &msg
))
109 TranslateMessage(&msg
);
110 DispatchMessage(&msg
);
114 return (int) msg
.wParam
;
117 VOID
EventTimeToSystemTime (DWORD EventTime
, SYSTEMTIME
*pSystemTime
)
119 SYSTEMTIME st1970
= { 1970, 1, 0, 1, 0, 0, 0, 0 };
126 uUCT
.ft
.dwHighDateTime
= 0;
127 uUCT
.ft
.dwLowDateTime
= EventTime
;
128 SystemTimeToFileTime(&st1970
, &u1970
.ft
);
129 uUCT
.ll
= uUCT
.ll
* 10000000 + u1970
.ll
;
130 FileTimeToLocalFileTime(&uUCT
.ft
, &ftLocal
);
131 FileTimeToSystemTime(&ftLocal
, pSystemTime
);
135 TrimNulls ( LPSTR s
)
139 if ( s
!= (char *) NULL
)
141 c
= s
+ strlen ( s
) - 1;
142 while ( c
>= s
&& isspace ( *c
) )
148 BOOL
GetEventMessageFileDLL(
149 IN LPCTSTR lpLogName
,
150 IN LPCTSTR SourceName
,
151 IN LPCTSTR EntryName
,
152 OUT LPSTR ExpandedName
)
155 BYTE szModuleName
[MAX_PATH
];
156 TCHAR szKeyName
[MAX_PATH
];
158 HKEY hSourceKey
= NULL
;
159 BOOL bReturn
= FALSE
; // Return
161 _tcscpy(szKeyName
, TEXT("SYSTEM\\CurrentControlSet\\Services\\EventLog"));
162 _tcscat(szKeyName
, _T("\\"));
163 _tcscat(szKeyName
, lpLogName
);
170 &hAppKey
) == ERROR_SUCCESS
)
177 &hSourceKey
) == ERROR_SUCCESS
)
185 (LPBYTE
)szModuleName
,
186 &dwSize
) == ERROR_SUCCESS
)
188 // Returns a string containing the requested substituted environment variable.
189 ExpandEnvironmentStrings ((LPCTSTR
)szModuleName
, ExpandedName
, MAX_PATH
);
199 _TEXT("Registry access failed!") ,
201 MB_OK
| MB_ICONINFORMATION
);
204 if (hSourceKey
!= NULL
)
205 RegCloseKey(hSourceKey
);
208 RegCloseKey(hAppKey
);
213 BOOL
GetEventCategory(
215 IN LPCTSTR SourceName
,
216 IN EVENTLOGRECORD
*pevlr
,
217 OUT LPTSTR CategoryName
)
219 HANDLE hLibrary
= NULL
;
220 TCHAR szMessageDLL
[MAX_PATH
];
221 LPVOID lpMsgBuf
= NULL
;
223 if(GetEventMessageFileDLL (KeyName
, SourceName
, EVENT_CATEGORY_MESSAGE_FILE
, szMessageDLL
))
225 hLibrary
= LoadLibraryEx(
228 DONT_RESOLVE_DLL_REFERENCES
| LOAD_LIBRARY_AS_DATAFILE
);
232 // Retrieve the message string.
234 FORMAT_MESSAGE_FROM_SYSTEM
| FORMAT_MESSAGE_ALLOCATE_BUFFER
| FORMAT_MESSAGE_FROM_HMODULE
| FORMAT_MESSAGE_ARGUMENT_ARRAY
,
236 pevlr
->EventCategory
,
237 MAKELANGID(LANG_NEUTRAL
, SUBLANG_DEFAULT
),
239 EVENT_MESSAGE_FILE_BUFFER
,
245 TrimNulls ((LPSTR
)lpMsgBuf
);
247 // Copy the category name
248 strcpy (CategoryName
, (LPCTSTR
)lpMsgBuf
);
252 strcpy (CategoryName
, (LPCTSTR
)lpMsgBuf
);
255 strcpy (CategoryName
, "None");
259 FreeLibrary(hLibrary
);
261 // Free the buffer allocated by FormatMessage
269 strcpy (CategoryName
, "None");
274 BOOL
GetEventMessage(
276 IN LPCTSTR SourceName
,
277 IN EVENTLOGRECORD
*pevlr
,
278 OUT LPTSTR EventText
)
281 HANDLE hLibrary
= NULL
;
282 char SourceModuleName
[1000];
283 char ParameterModuleName
[1000];
284 LPTSTR lpMsgBuf
= NULL
;
285 TCHAR szStringIDNotFound
[MAX_LOADSTRING
];
291 /* TODO : GetEventMessageFileDLL can return a comma separated list of DLLs */
292 if (GetEventMessageFileDLL (KeyName
, SourceName
, EVENT_MESSAGE_FILE
, SourceModuleName
))
294 // Get the event message
295 szMessage
= (LPTSTR
)((LPBYTE
)pevlr
+ pevlr
->StringOffset
);
297 // Allocate space for parameters
298 szArguments
= (LPTSTR
*)malloc(sizeof(LPVOID
)* pevlr
->NumStrings
);
300 for (i
= 0; i
< pevlr
->NumStrings
; i
++)
302 if (strstr(szMessage
, "%%"))
304 if (GetEventMessageFileDLL (KeyName
, SourceName
, EVENT_PARAMETER_MESSAGE_FILE
, ParameterModuleName
))
306 //Not yet support for reading messages from parameter message DLL
309 szArguments
[i
] = szMessage
;
310 szMessage
+= strlen(szMessage
) + 1;
314 szArguments
[i
] = szMessage
;
315 szMessage
+= strlen(szMessage
) + 1;
319 szDll
= strtok(SourceModuleName
, EVENT_DLL_SEPARATOR
);
320 while ((szDll
!= NULL
) && (!bDone
))
322 hLibrary
= LoadLibraryEx(
325 DONT_RESOLVE_DLL_REFERENCES
| LOAD_LIBRARY_AS_DATAFILE
);
327 if (hLibrary
== NULL
)
329 // The DLL could not be loaded try the next one (if any)
330 szDll
= strtok (NULL
, EVENT_DLL_SEPARATOR
);
334 // Retrieve the message string.
336 FORMAT_MESSAGE_FROM_SYSTEM
|
337 FORMAT_MESSAGE_ALLOCATE_BUFFER
|
338 FORMAT_MESSAGE_FROM_HMODULE
|
339 FORMAT_MESSAGE_ARGUMENT_ARRAY
,
342 MAKELANGID(LANG_NEUTRAL
, SUBLANG_DEFAULT
),
347 // We haven't found the string , get next DLL (if any)
348 szDll
= strtok (NULL
, EVENT_DLL_SEPARATOR
);
354 // The ID was found and the message was formated
358 TrimNulls ((LPSTR
)lpMsgBuf
);
360 // Copy the event text
361 strcpy (EventText
,lpMsgBuf
);
365 FreeLibrary (hLibrary
);
371 LoadString(hInst
, IDC_EVENTSTRINGIDNOTFOUND
, szStringIDNotFound
, MAX_LOADSTRING
);
372 wsprintf (EventText
, szStringIDNotFound
, (DWORD
)(pevlr
->EventID
& 0xFFFF) , SourceName
);
375 // No more dlls to try , return result
379 LoadString(hInst
, IDC_EVENTSTRINGIDNOTFOUND
, szStringIDNotFound
, MAX_LOADSTRING
);
380 wsprintf (EventText
, szStringIDNotFound
, (DWORD
)(pevlr
->EventID
& 0xFFFF) , SourceName
);
386 GetEventType (WORD dwEventType
, OUT LPSTR eventTypeText
)
390 case EVENTLOG_ERROR_TYPE
:
391 LoadString(hInst
, IDC_EVENTLOG_ERROR_TYPE
, eventTypeText
, MAX_LOADSTRING
);
393 case EVENTLOG_WARNING_TYPE
:
394 LoadString(hInst
, IDC_EVENTLOG_WARNING_TYPE
, eventTypeText
, MAX_LOADSTRING
);
396 case EVENTLOG_INFORMATION_TYPE
:
397 LoadString(hInst
, IDC_EVENTLOG_INFORMATION_TYPE
, eventTypeText
, MAX_LOADSTRING
);
399 case EVENTLOG_AUDIT_SUCCESS
:
400 LoadString(hInst
, IDC_EVENTLOG_AUDIT_SUCCESS
, eventTypeText
, MAX_LOADSTRING
);
402 case EVENTLOG_AUDIT_FAILURE
:
403 LoadString(hInst
, IDC_EVENTLOG_AUDIT_FAILURE
, eventTypeText
, MAX_LOADSTRING
);
405 case EVENTLOG_SUCCESS
:
406 LoadString(hInst
, IDC_EVENTLOG_SUCCESS
, eventTypeText
, MAX_LOADSTRING
);
409 LoadString(hInst
, IDC_EVENTLOG_UNKNOWN_TYPE
, eventTypeText
, MAX_LOADSTRING
);
415 GetEventUserName (EVENTLOGRECORD
*pelr
, OUT LPSTR pszUser
)
422 DWORD cbDomain
= 1024;
425 lpSid
= (PSID
)((LPBYTE
) pelr
+ pelr
->UserSidOffset
);
428 if(pelr
->UserSidLength
> 0)
430 if (LookupAccountSid(
439 strcpy (pszUser
, szName
);
448 ShowStatusMessageThread(
449 IN LPVOID lpParameter
)
451 HWND
*phWnd
= (HWND
*)lpParameter
;
455 hWnd
= CreateDialogParam(
457 MAKEINTRESOURCE(IDD_PROGRESSBOX
),
459 StatusMessageWindowProc
,
465 ShowWindow(hWnd
, SW_SHOW
);
467 /* Message loop for the Status window */
468 while (GetMessage(&Msg
, NULL
, 0, 0))
470 TranslateMessage(&Msg
);
471 DispatchMessage(&Msg
);
477 VOID
QueryEventMessages (
478 LPTSTR lpMachineName
,
483 EVENTLOGRECORD
*pevlr
;
484 BYTE bBuffer
[MAX_PATH
];
485 DWORD dwRead
, dwNeeded
, dwThisRecord
, dwTotalRecords
, dwCurrentRecord
= 1 , dwRecordsToRead
= 0 , dwFlags
;
487 LPSTR lpComputerName
;
490 BOOL bResult
= TRUE
; // Read succeeded.
492 char szWindowTitle
[MAX_PATH
];
493 char szStatusText
[MAX_PATH
];
494 char szLocalDate
[MAX_PATH
];
495 char szLocalTime
[MAX_PATH
];
496 char szEventID
[MAX_PATH
];
497 char szEventTypeText
[MAX_PATH
];
498 char szCategoryID
[MAX_PATH
];
499 char szUsername
[MAX_PATH
];
500 char szEventText
[EVENT_MESSAGE_FILE_BUFFER
];
501 char szCategory
[MAX_PATH
];
506 dwFlags
= EVENTLOG_FORWARDS_READ
| EVENTLOG_SEQUENTIAL_READ
;
508 lpSourceLogName
= lpLogName
;
509 lpComputerName
= lpMachineName
;
511 // Open the event log.
512 hEventLog
= OpenEventLog(
516 if (hEventLog
== NULL
)
519 _TEXT("Could not open the event log.") ,
521 MB_OK
| MB_ICONINFORMATION
);
525 //Disable listview redraw
526 SendMessage(hwndListView
, WM_SETREDRAW
, FALSE
, 0);
528 // Clear the list view
529 (void)ListView_DeleteAllItems (hwndListView
);
531 // Initialize the event record buffer.
532 pevlr
= (EVENTLOGRECORD
*)&bBuffer
;
534 // Get the record number of the oldest event log record.
535 GetOldestEventLogRecord(hEventLog
, &dwThisRecord
);
537 // Get the total number of event log records.
538 GetNumberOfEventLogRecords (hEventLog
, &dwTotalRecords
);
540 //If we have at least 1000 records show the waiting dialog
541 if (dwTotalRecords
> 1000)
546 ShowStatusMessageThread
,
552 while (dwCurrentRecord
< dwTotalRecords
)
554 pevlr
= (EVENTLOGRECORD
*)malloc(MAX_PATH
);
556 bResult
= ReadEventLog(
557 hEventLog
, // Event log handle
558 dwFlags
, // Sequential read
559 0, // Ignored for sequential read
560 pevlr
, // Pointer to buffer
561 MAX_PATH
, // Size of buffer
562 &dwRead
, // Number of bytes read
563 &dwNeeded
); // Bytes in the next record
565 if((!bResult
) && (GetLastError () == ERROR_INSUFFICIENT_BUFFER
))
567 pevlr
= (EVENTLOGRECORD
*)malloc (dwNeeded
);
570 hEventLog
, // event log handle
571 dwFlags
, // read flags
572 0, // offset; default is 0
573 pevlr
, // pointer to buffer
574 dwNeeded
, // size of buffer
575 &dwRead
, // number of bytes read
576 &dwNeeded
); // bytes in next record
581 strcpy (szUsername
, "N/A");
582 strcpy (szEventText
, "N/A");
583 strcpy (szCategory
, "None");
585 // Get the event source name.
586 lpSourceName
= (LPSTR
) ((LPBYTE
) pevlr
+ sizeof(EVENTLOGRECORD
));
588 // Get the computer name
589 lpComputerName
= (LPSTR
) ((LPBYTE
) pevlr
+ sizeof(EVENTLOGRECORD
) + lstrlen(lpSourceName
) + 1);
591 // This ist the data section of the current event
592 lpData
= (LPSTR
) ((LPBYTE
)pevlr
+ pevlr
->DataOffset
);
594 // This is the text of the current event
595 lpEventStr
= (LPSTR
) ((LPBYTE
) pevlr
+ pevlr
->StringOffset
);
597 // Compute the event type
598 EventTimeToSystemTime(pevlr
->TimeWritten
, &time
);
600 // Get the username that generated the event
601 GetEventUserName (pevlr
, szUsername
);
603 GetDateFormat( LOCALE_USER_DEFAULT
, DATE_SHORTDATE
, &time
, NULL
, szLocalDate
, MAX_PATH
);
604 GetTimeFormat( LOCALE_USER_DEFAULT
, TIME_NOSECONDS
, &time
, NULL
, szLocalTime
, MAX_PATH
);
606 GetEventType (pevlr
->EventType
, szEventTypeText
);
607 GetEventCategory (lpLogName
, lpSourceName
, pevlr
, szCategory
);
609 wsprintf (szEventID
, "%u", (DWORD
)(pevlr
->EventID
& 0xFFFF));
610 wsprintf (szCategoryID
, "%u", (DWORD
)(pevlr
->EventCategory
));
612 lviEventItem
.mask
= LVIF_IMAGE
| LVIF_TEXT
| LVIF_PARAM
;
613 lviEventItem
.iItem
= 0;
614 lviEventItem
.iSubItem
= 0;
615 lviEventItem
.lParam
= (LPARAM
)pevlr
;
616 lviEventItem
.pszText
= szEventTypeText
;
618 switch(pevlr
->EventType
)
620 case EVENTLOG_ERROR_TYPE
:
621 lviEventItem
.iImage
= 2;
623 case EVENTLOG_AUDIT_FAILURE
:
624 lviEventItem
.iImage
= 2;
626 case EVENTLOG_WARNING_TYPE
:
627 lviEventItem
.iImage
= 1;
629 case EVENTLOG_INFORMATION_TYPE
:
630 lviEventItem
.iImage
= 0;
632 case EVENTLOG_AUDIT_SUCCESS
:
633 lviEventItem
.iImage
= 0;
635 case EVENTLOG_SUCCESS
:
636 lviEventItem
.iImage
= 0;
640 lviEventItem
.iItem
= ListView_InsertItem(hwndListView
, &lviEventItem
);
642 ListView_SetItemText(hwndListView
, lviEventItem
.iItem
, 1, szLocalDate
);
643 ListView_SetItemText(hwndListView
, lviEventItem
.iItem
, 2, szLocalTime
);
644 ListView_SetItemText(hwndListView
, lviEventItem
.iItem
, 3, lpSourceName
);
645 ListView_SetItemText(hwndListView
, lviEventItem
.iItem
, 4, szCategory
);
646 ListView_SetItemText(hwndListView
, lviEventItem
.iItem
, 5, szEventID
);
647 ListView_SetItemText(hwndListView
, lviEventItem
.iItem
, 6, szUsername
); //User
648 ListView_SetItemText(hwndListView
, lviEventItem
.iItem
, 7, lpComputerName
); //Computer
649 ListView_SetItemText(hwndListView
, lviEventItem
.iItem
, 8, lpData
); //Event Text
651 dwRead
-= pevlr
->Length
;
652 pevlr
= (EVENTLOGRECORD
*) ((LPBYTE
) pevlr
+ pevlr
->Length
);
658 pevlr
= (EVENTLOGRECORD
*) &bBuffer
;
662 EndDialog(hwndDlg
, 0);
664 wsprintf (szWindowTitle
, "%s - %s Log on \\\\%s", szTitle
, lpLogName
, lpComputerName
);
665 wsprintf (szStatusText
, "%s has %d event(s)", lpLogName
, dwTotalRecords
);
667 //Update the status bar
668 SendMessage (hwndStatus
, SB_SETTEXT
, (WPARAM
)0, (LPARAM
)szStatusText
);
670 //Set the window title
671 SetWindowText ( hwndMainWindow
, szWindowTitle
);
673 //Resume list view redraw
674 SendMessage(hwndListView
, WM_SETREDRAW
, TRUE
, 0);
676 // Close the event log.
677 CloseEventLog(hEventLog
);
689 // FUNCTION: MyRegisterClass()
691 // PURPOSE: Registers the window class.
695 // This function and its usage are only necessary if you want this code
696 // to be compatible with Win32 systems prior to the 'RegisterClassEx'
697 // function that was added to Windows 95. It is important to call this function
698 // so that the application will get 'well formed' small icons associated
701 ATOM
MyRegisterClass(HINSTANCE hInstance
)
705 wcex
.cbSize
= sizeof(WNDCLASSEX
);
707 wcex
.style
= CS_HREDRAW
| CS_VREDRAW
;
708 wcex
.lpfnWndProc
= WndProc
;
711 wcex
.hInstance
= hInstance
;
712 wcex
.hIcon
= LoadIcon(hInstance
, MAKEINTRESOURCE(IDI_EVENTVWR
));
713 wcex
.hCursor
= LoadCursor(NULL
, IDC_ARROW
);
714 wcex
.hbrBackground
= (HBRUSH
)(COLOR_WINDOW
+1);
715 wcex
.lpszMenuName
= MAKEINTRESOURCE(IDC_EVENTVWR
);
716 wcex
.lpszClassName
= szWindowClass
;
717 wcex
.hIconSm
= LoadIcon(wcex
.hInstance
, MAKEINTRESOURCE(IDI_SMALL
));
719 return RegisterClassEx(&wcex
);
723 // FUNCTION: InitInstance(HINSTANCE, int)
725 // PURPOSE: Saves instance handle and creates main window
729 // In this function, we save the instance handle in a global variable and
730 // create and display the main program window.
732 BOOL
InitInstance(HINSTANCE hInstance
, int nCmdShow
)
737 hInst
= hInstance
; // Store instance handle in our global variable
739 hwndMainWindow
= CreateWindow(
743 CW_USEDEFAULT
, 0, CW_USEDEFAULT
, 0,
754 hwndStatus
= CreateWindowEx(
755 0, // no extended styles
756 STATUSCLASSNAME
, // status bar
758 WS_CHILD
| WS_BORDER
| WS_VISIBLE
, // styles
759 0, 0, 0, 0, // x, y, cx, cy
760 hwndMainWindow
, // parent window
761 (HMENU
)100, // window ID
762 hInstance
, // instance
763 NULL
); // window data
765 // Create our listview child window. Note that I use WS_EX_CLIENTEDGE
766 // and WS_BORDER to create the normal "sunken" look. Also note that
767 // LVS_EX_ styles cannot be set in CreateWindowEx().
768 hwndListView
= CreateWindowEx(
772 LVS_SHOWSELALWAYS
| WS_CHILD
| WS_VISIBLE
| LVS_REPORT
,
782 // After the ListView is created, we can add extended list view styles.
783 (void)ListView_SetExtendedListViewStyle (hwndListView
, LVS_EX_FULLROWSELECT
);
785 // Create the ImageList
786 hSmall
= ImageList_Create(
787 GetSystemMetrics(SM_CXSMICON
),
788 GetSystemMetrics(SM_CYSMICON
),
793 // Add event type icons to ImageList
794 ImageList_AddIcon (hSmall
, LoadIcon(hInstance
, MAKEINTRESOURCE(IDI_INFORMATIONICON
)));
795 ImageList_AddIcon (hSmall
, LoadIcon(hInstance
, MAKEINTRESOURCE(IDI_WARNINGICON
)));
796 ImageList_AddIcon (hSmall
, LoadIcon(hInstance
, MAKEINTRESOURCE(IDI_ERRORICON
)));
798 // Assign ImageList to List View
799 (void)ListView_SetImageList (hwndListView
, hSmall
, LVSIL_SMALL
);
801 // Now set up the listview with its columns.
802 lvc
.mask
= LVCF_TEXT
| LVCF_WIDTH
;
804 lvc
.pszText
= _T("Type");
805 (void)ListView_InsertColumn(hwndListView
, 0, &lvc
);
808 lvc
.pszText
= _T("Date");
809 (void)ListView_InsertColumn(hwndListView
, 1, &lvc
);
812 lvc
.pszText
= _T("Time");
813 (void)ListView_InsertColumn(hwndListView
, 2, &lvc
);
816 lvc
.pszText
= _T("Source");
817 (void)ListView_InsertColumn(hwndListView
, 3, &lvc
);
820 lvc
.pszText
= _T("Category");
821 (void)ListView_InsertColumn(hwndListView
, 4, &lvc
);
824 lvc
.pszText
= _T("Event");
825 (void)ListView_InsertColumn(hwndListView
, 5, &lvc
);
828 lvc
.pszText
= _T("User");
829 (void)ListView_InsertColumn(hwndListView
, 6, &lvc
);
832 lvc
.pszText
= _T("Computer");
833 (void)ListView_InsertColumn(hwndListView
, 7, &lvc
);
836 lvc
.pszText
= _T("Event Data");
837 (void)ListView_InsertColumn(hwndListView
, 8, &lvc
);
839 ShowWindow(hwndMainWindow
, nCmdShow
);
840 UpdateWindow(hwndMainWindow
);
843 lpComputerName
, // Use the local computer.
844 EVENT_SOURCE_APPLICATION
); // The event log category
850 // FUNCTION: WndProc(HWND, UINT, WPARAM, LPARAM)
852 // PURPOSE: Processes messages for the main window.
854 // WM_COMMAND - process the application menu
855 // WM_PAINT - Paint the main window
856 // WM_DESTROY - post a quit message and return
859 LRESULT CALLBACK
WndProc(HWND hWnd
, UINT message
, WPARAM wParam
, LPARAM lParam
)
869 switch(((LPNMHDR
)lParam
)->code
)
872 hdr
= (NMHDR FAR
*)lParam
;
873 if(hdr
->hwndFrom
== hwndListView
)
875 LPNMITEMACTIVATE lpnmitem
= (LPNMITEMACTIVATE
)lParam
;
877 if(lpnmitem
->iItem
!= -1)
879 DialogBox (hInst
, MAKEINTRESOURCE(IDD_EVENTDETAILDIALOG
), hWnd
, EventDetails
);
886 wmId
= LOWORD(wParam
);
887 wmEvent
= HIWORD(wParam
);
889 if ((wmId
== ID_LOG_APPLICATION
) ||
890 (wmId
== ID_LOG_SYSTEM
) ||
891 (wmId
== ID_LOG_SECURITY
))
893 hMenu
= GetMenu (hWnd
) ; // get the menu handle. Use it below
895 CheckMenuItem (hMenu
, ID_LOG_APPLICATION
, MF_UNCHECKED
) ;
896 CheckMenuItem (hMenu
, ID_LOG_SYSTEM
, MF_UNCHECKED
) ;
897 CheckMenuItem (hMenu
, ID_LOG_SECURITY
, MF_UNCHECKED
) ;
901 CheckMenuItem (hMenu
, wmId
, MF_CHECKED
) ;
905 // Parse the menu selections:
908 case ID_LOG_APPLICATION
:
910 lpComputerName
, // Use the local computer.
911 EVENT_SOURCE_APPLICATION
); // The event log category
915 lpComputerName
, // Use the local computer.
916 EVENT_SOURCE_SYSTEM
); // The event log category
918 case ID_LOG_SECURITY
:
920 lpComputerName
, // Use the local computer.
921 EVENT_SOURCE_SECURITY
); // The event log category
927 DialogBox(hInst
, MAKEINTRESOURCE(IDD_ABOUTBOX
), hWnd
, About
);
932 _TEXT("Help not implemented yet!") ,
934 MB_OK
| MB_ICONINFORMATION
);
940 return DefWindowProc(hWnd
, message
, wParam
, lParam
);
945 //Gets the window rectangle
946 GetClientRect(hWnd
, &rect
);
948 //Relocate the listview
957 // Resize the statusbar;
958 SendMessage (hwndStatus
, message
, wParam
, lParam
);
965 return DefWindowProc(hWnd
, message
, wParam
, lParam
);
970 // Message handler for about box.
971 INT_PTR CALLBACK
About(HWND hDlg
, UINT message
, WPARAM wParam
, LPARAM lParam
)
973 UNREFERENCED_PARAMETER(lParam
);
978 return (INT_PTR
)TRUE
;
981 if (LOWORD(wParam
) == IDOK
|| LOWORD(wParam
) == IDCANCEL
)
983 EndDialog(hDlg
, LOWORD(wParam
));
984 return (INT_PTR
)TRUE
;
989 return (INT_PTR
)FALSE
;
993 DisplayEvent (HWND hDlg
)
995 char szEventType
[MAX_PATH
];
996 char szTime
[MAX_PATH
];
997 char szDate
[MAX_PATH
];
998 char szUser
[MAX_PATH
];
999 char szComputer
[MAX_PATH
];
1000 char szSource
[MAX_PATH
];
1001 char szCategory
[MAX_PATH
];
1002 char szEventID
[MAX_PATH
];
1003 char szEventText
[EVENT_MESSAGE_EVENTTEXT_BUFFER
];
1004 char szEventData
[MAX_PATH
];
1005 BOOL bEventData
= FALSE
;
1007 EVENTLOGRECORD
* pevlr
;
1009 // Get index of selected item
1010 int iIndex
= (int)SendMessage (hwndListView
,LVM_GETNEXTITEM
, -1 , LVNI_SELECTED
| LVNI_FOCUSED
);
1012 li
.mask
= LVIF_PARAM
;
1016 (void)ListView_GetItem(hwndListView
, &li
);
1018 pevlr
= (EVENTLOGRECORD
*)li
.lParam
;
1022 ListView_GetItemText (hwndListView
, iIndex
, 0 , szEventType
, sizeof( szEventType
));
1023 ListView_GetItemText (hwndListView
, iIndex
, 1 , szDate
, sizeof( szDate
));
1024 ListView_GetItemText (hwndListView
, iIndex
, 2 , szTime
, sizeof( szTime
));
1025 ListView_GetItemText (hwndListView
, iIndex
, 3 , szSource
, sizeof( szSource
));
1026 ListView_GetItemText (hwndListView
, iIndex
, 4 , szCategory
, sizeof( szCategory
));
1027 ListView_GetItemText (hwndListView
, iIndex
, 5 , szEventID
, sizeof( szEventID
));
1028 ListView_GetItemText (hwndListView
, iIndex
, 6 , szUser
, sizeof( szUser
));
1029 ListView_GetItemText (hwndListView
, iIndex
, 7 , szComputer
, sizeof( szComputer
));
1030 ListView_GetItemText (hwndListView
, iIndex
, 8 , szEventData
, sizeof( szEventData
));
1032 bEventData
= !(strlen(szEventData
) == 0);
1034 GetEventMessage (lpSourceLogName
, szSource
, pevlr
, szEventText
);
1036 EnableWindow(GetDlgItem(hDlg
, IDC_BYTESRADIO
) , bEventData
);
1037 EnableWindow(GetDlgItem(hDlg
, IDC_WORDRADIO
) , bEventData
);
1039 SetDlgItemText (hDlg
, IDC_EVENTDATESTATIC
, szDate
);
1040 SetDlgItemText (hDlg
, IDC_EVENTTIMESTATIC
, szTime
);
1041 SetDlgItemText (hDlg
, IDC_EVENTUSERSTATIC
, szUser
);
1042 SetDlgItemText (hDlg
, IDC_EVENTSOURCESTATIC
, szSource
);
1043 SetDlgItemText (hDlg
, IDC_EVENTCOMPUTERSTATIC
, szComputer
);
1044 SetDlgItemText (hDlg
, IDC_EVENTCATEGORYSTATIC
, szCategory
);
1045 SetDlgItemText (hDlg
, IDC_EVENTIDSTATIC
, szEventID
);
1046 SetDlgItemText (hDlg
, IDC_EVENTTYPESTATIC
, szEventType
);
1047 SetDlgItemText (hDlg
, IDC_EVENTTEXTEDIT
, szEventText
);
1048 SetDlgItemText (hDlg
, IDC_EVENTDATAEDIT
, szEventData
);
1054 "No Items in ListView",
1056 MB_OK
| MB_ICONINFORMATION
);
1061 INT_PTR CALLBACK
StatusMessageWindowProc(
1067 UNREFERENCED_PARAMETER(wParam
);
1079 // Message handler for event details box.
1080 INT_PTR CALLBACK
EventDetails(HWND hDlg
, UINT message
, WPARAM wParam
, LPARAM lParam
)
1082 UNREFERENCED_PARAMETER(lParam
);
1087 // Show event info on dialog box
1088 DisplayEvent (hDlg
);
1089 return (INT_PTR
)TRUE
;
1093 if (LOWORD(wParam
) == IDOK
|| LOWORD(wParam
) == IDCANCEL
)
1095 EndDialog(hDlg
, LOWORD(wParam
));
1096 return (INT_PTR
)TRUE
;
1098 if (LOWORD(wParam
) == IDPREVIOUS
)
1100 SendMessage (hwndListView
, WM_KEYDOWN
, VK_UP
, 0);
1102 // Show event info on dialog box
1103 DisplayEvent (hDlg
);
1104 return (INT_PTR
)TRUE
;
1107 if (LOWORD(wParam
) == IDNEXT
)
1109 SendMessage (hwndListView
, WM_KEYDOWN
, VK_DOWN
, 0);
1111 // Show event info on dialog box
1112 DisplayEvent (hDlg
);
1113 return (INT_PTR
)TRUE
;
1116 if (LOWORD(wParam
) == IDC_BYTESRADIO
)
1118 return (INT_PTR
)TRUE
;
1121 if (LOWORD(wParam
) == IDC_WORDRADIO
)
1123 return (INT_PTR
)TRUE
;
1126 if (LOWORD(wParam
) == IDHELP
)
1129 _TEXT("Help not implemented yet!") ,
1130 _TEXT("Event Log") ,
1131 MB_OK
| MB_ICONINFORMATION
);
1132 return (INT_PTR
)TRUE
;
1136 return (INT_PTR
)FALSE
;