青青草原综合久久大伊人导航_色综合久久天天综合_日日噜噜夜夜狠狠久久丁香五月_热久久这里只有精品

啤酒

一個(gè)空白者

 

帶有界面的“讀取日志”! 不知道哪位會(huì)作分析,算法不會(huì)呀!只讀沒(méi)意思呀

// Read_EventDlg.cpp : implementation file
//

#include "stdafx.h"
#include "Read_Event.h"
#include "Read_EventDlg.h"
#include "DescriptionDiaLog.h"

#ifdef _DEBUG
#define new DEBUG_NEW
#undef THIS_FILE
static char THIS_FILE[] = __FILE__;
#endif

/////////////////////////////////////////////////////////////////////
//int event_auditsucceed_num;??//記錄審核成功記錄的個(gè)數(shù)
//int event_info_num;????//記錄信息記錄的個(gè)數(shù)
//int event_error_num;????//記錄錯(cuò)誤記錄的個(gè)數(shù)?
//int event_warn_num;????//記錄警告記錄的個(gè)數(shù)
//int event_auditdefeat_num;??//記錄審核失敗的個(gè)數(shù)

//char *event_category;?????//事件類(lèi)
//char *event_sourcename=NULL;???//事件來(lái)源
//char *event_computername=NULL;??//事件計(jì)算機(jī)名
//char *event_descriptive_msg=NULL;??//事件描述
//char event_el_user[257];????//事件用戶
//char event_el_domain[257];???//事件域
//char host_final_out_msg[1024];??//最后輸出的信息

FILE *fp;????????//保存的文件
int hh=0;????????//記錄類(lèi)型的標(biāo)志,用于位圖的選擇
int event_record=0;??????//事件記錄的個(gè)數(shù)
os_el el[1];
int nItem=0;???????//對(duì)于索引記錄的當(dāng)前標(biāo)志
int istype=0;???????//用于事件類(lèi)型的標(biāo)志
BOOL issub;????????//一個(gè)開(kāi)關(guān)項(xiàng)
/////////////////////////////////////////////////////////////////////////////
// CAboutDlg dialog used for App About

class CAboutDlg : public CDialog
{
public:
?CAboutDlg();

// Dialog Data
?//{{AFX_DATA(CAboutDlg)
?enum { IDD = IDD_ABOUTBOX };
?//}}AFX_DATA

?// ClassWizard generated virtual function overrides
?//{{AFX_VIRTUAL(CAboutDlg)
?protected:
?virtual void DoDataExchange(CDataExchange* pDX);??? // DDX/DDV support
?//}}AFX_VIRTUAL

// Implementation
protected:
?//{{AFX_MSG(CAboutDlg)
?//}}AFX_MSG
?DECLARE_MESSAGE_MAP()
};

CAboutDlg::CAboutDlg() : CDialog(CAboutDlg::IDD)
{
?//{{AFX_DATA_INIT(CAboutDlg)
?//}}AFX_DATA_INIT
}

void CAboutDlg::DoDataExchange(CDataExchange* pDX)
{
?CDialog::DoDataExchange(pDX);
?//{{AFX_DATA_MAP(CAboutDlg)
?//}}AFX_DATA_MAP
}

BEGIN_MESSAGE_MAP(CAboutDlg, CDialog)
?//{{AFX_MSG_MAP(CAboutDlg)
??// No message handlers
?//}}AFX_MSG_MAP
END_MESSAGE_MAP()

/////////////////////////////////////////////////////////////////////////////
// CRead_EventDlg dialog

CRead_EventDlg::CRead_EventDlg(CWnd* pParent /*=NULL*/)
?: CDialog(CRead_EventDlg::IDD, pParent)
{
?//{{AFX_DATA_INIT(CRead_EventDlg)
?m_mm_host_state = _T("");
?//}}AFX_DATA_INIT
?// Note that LoadIcon does not require a subsequent DestroyIcon in Win32
?m_hIcon = AfxGetApp()->LoadIcon(IDR_MAINFRAME);

}

void CRead_EventDlg::DoDataExchange(CDataExchange* pDX)
{
?CDialog::DoDataExchange(pDX);
?//{{AFX_DATA_MAP(CRead_EventDlg)
?DDX_Control(pDX, IDC_LIST, m_mm_host_ListCtrl);
?DDX_Text(pDX, IDC_STATE, m_mm_host_state);
?//}}AFX_DATA_MAP
}

BEGIN_MESSAGE_MAP(CRead_EventDlg, CDialog)
?//{{AFX_MSG_MAP(CRead_EventDlg)
?ON_WM_SYSCOMMAND()
?ON_WM_PAINT()
?ON_WM_QUERYDRAGICON()
?ON_BN_CLICKED(IDC_SECURE, OnSecure)
?ON_BN_CLICKED(IDC_SYSTEM, OnSystem)
?ON_BN_CLICKED(IDC_APPLICATION, OnApplication)
?ON_NOTIFY(NM_CLICK, IDC_LIST, OnClickList)
?ON_BN_CLICKED(IDC_DELETE, OnDelete)
?ON_BN_CLICKED(IDC_DETAIL, OnDetail)
?ON_BN_CLICKED(IDC_SAVE, OnSave)
?ON_BN_CLICKED(IDC_SAVEHARD, OnSave_Hard)
?//}}AFX_MSG_MAP
END_MESSAGE_MAP()

/////////////////////////////////////////////////////////////////////////////
// CRead_EventDlg message handlers

BOOL CRead_EventDlg::OnInitDialog()
{
?CDialog::OnInitDialog();

?// Add "About..." menu item to system menu.

?// IDM_ABOUTBOX must be in the system command range.
?ASSERT((IDM_ABOUTBOX & 0xFFF0) == IDM_ABOUTBOX);
?ASSERT(IDM_ABOUTBOX < 0xF000);

?CMenu* pSysMenu = GetSystemMenu(FALSE);
?if (pSysMenu != NULL)
?{
??CString strAboutMenu;
??strAboutMenu.LoadString(IDS_ABOUTBOX);
??if (!strAboutMenu.IsEmpty())
??{
???pSysMenu->AppendMenu(MF_SEPARATOR);
???pSysMenu->AppendMenu(MF_STRING, IDM_ABOUTBOX, strAboutMenu);
??}
?}

?// Set the icon for this dialog.? The framework does this automatically
?//? when the application's main window is not a dialog
?SetIcon(m_hIcon, TRUE);???// Set big icon
?SetIcon(m_hIcon, FALSE);??// Set small icon
?
?// TODO: Add extra initialization here
?

//////////////////////////我加的///////////////////////

?issub=false;
?//給各項(xiàng)事件數(shù)目初始化
?Set_EventNum();???????

?m_mm_host_ListCtrl.SetRedraw(FALSE);
??? //更新內(nèi)容
??? m_mm_host_ListCtrl.SetRedraw(TRUE);
??? m_mm_host_ListCtrl.Invalidate();
??? m_mm_host_ListCtrl.UpdateWindow();
?//刪除所有的列
?m_mm_host_ListCtrl.DeleteAllItems();


?//給圖表初始化
?Init_ImageList();
?//設(shè)置m_mm_host_ListCtrl風(fēng)格
?LONG lStyle;
??? lStyle = GetWindowLong(m_mm_host_ListCtrl.m_hWnd, GWL_STYLE);//獲取當(dāng)前窗口style
??? lStyle &= ~LVS_TYPEMASK; //清除顯示方式位
??? lStyle |= LVS_REPORT; //設(shè)置style
??? SetWindowLong(m_mm_host_ListCtrl.m_hWnd, GWL_STYLE, lStyle);//設(shè)置style
?
??? DWORD dwStyle = m_mm_host_ListCtrl.GetExtendedStyle();
??? dwStyle |= LVS_EX_FULLROWSELECT;//選中某行使整行高亮(只適用與report風(fēng)格的listctrl)
??? dwStyle |= LVS_EX_GRIDLINES;//網(wǎng)格線(只適用與report風(fēng)格的listctrl)
??? dwStyle |= LVS_EX_CHECKBOXES;//item前生成checkbox控件
?dwStyle |=LVS_EX_HEADERDRAGDROP;
?dwStyle |=LVS_EX_SUBITEMIMAGES;
??? m_mm_host_ListCtrl.SetExtendedStyle(dwStyle); //設(shè)置擴(kuò)展風(fēng)格


?//插入列
?m_mm_host_ListCtrl.InsertColumn(0,"日志序號(hào)",LVCFMT_CENTER,60,0);
?m_mm_host_ListCtrl.InsertColumn(1,"分類(lèi)",LVCFMT_CENTER,80,4);
?m_mm_host_ListCtrl.InsertColumn(2,"來(lái)源",LVCFMT_CENTER,80,1);
?m_mm_host_ListCtrl.InsertColumn(3,"日期",LVCFMT_CENTER,80,2);
?m_mm_host_ListCtrl.InsertColumn(4,"時(shí)間",LVCFMT_CENTER,80,3);
?m_mm_host_ListCtrl.InsertColumn(5,"ID",LVCFMT_CENTER,50,5);
?m_mm_host_ListCtrl.InsertColumn(6,"用戶",LVCFMT_CENTER,120,6);
?m_mm_host_ListCtrl.InsertColumn(7,"計(jì)算機(jī)",LVCFMT_CENTER,120,7);
?m_mm_host_ListCtrl.InsertColumn(8,"描述",LVCFMT_CENTER,250,7);
//////////////////////////我加的///////////////////////


?return TRUE;? // return TRUE? unless you set the focus to a control
}

void CRead_EventDlg::OnSysCommand(UINT nID, LPARAM lParam)
{
?if ((nID & 0xFFF0) == IDM_ABOUTBOX)
?{
??CAboutDlg dlgAbout;
??dlgAbout.DoModal();
?}
?else
?{
??CDialog::OnSysCommand(nID, lParam);
?}
}

// If you add a minimize button to your dialog, you will need the code below
//? to draw the icon.? For MFC applications using the document/view model,
//? this is automatically done for you by the framework.

void CRead_EventDlg::OnPaint()
{
?if (IsIconic())
?{
??CPaintDC dc(this); // device context for painting

??SendMessage(WM_ICONERASEBKGND, (WPARAM) dc.GetSafeHdc(), 0);

??// Center icon in client rectangle
??int cxIcon = GetSystemMetrics(SM_CXICON);
??int cyIcon = GetSystemMetrics(SM_CYICON);
??CRect rect;
??GetClientRect(&rect);
??int x = (rect.Width() - cxIcon + 1) / 2;
??int y = (rect.Height() - cyIcon + 1) / 2;

??// Draw the icon
??dc.DrawIcon(x, y, m_hIcon);
?}
?else
?{
??CDialog::OnPaint();
?}
}

// The system calls this to obtain the cursor to display while the user drags
//? the minimized window.

HCURSOR CRead_EventDlg::OnQueryDragIcon()
{
?return (HCURSOR) m_hIcon;
}
///////////////////////////////////////////////////////////
void CRead_EventDlg::OnSecure()
{
?// TODO: Add your control notification handler code here
?UpdateData(TRUE);
?Set_EventNum();
?m_mm_host_state=_T("安全日志列表");
?Win_startel("Security");
?istype=1;
?UpdateData(FALSE);
}
////////////////////////////////////////////////////////////
void CRead_EventDlg::OnSystem()
{
?// TODO: Add your control notification handler code here
?UpdateData(TRUE);
?Set_EventNum();
?m_mm_host_state=_T("系統(tǒng)日志列表");
?Win_startel("System");
?istype=2;
?UpdateData(FALSE);
}
///////////////////////////////////////////////////////////
void CRead_EventDlg::OnApplication()
{
?// TODO: Add your control notification handler code here
?UpdateData(TRUE);
?Set_EventNum();
?m_mm_host_state=_T("應(yīng)用日志列表");
?Win_startel("Application");
?istype=3;
?UpdateData(FALSE);
}
////////////////////////////////////////////////////////////
char* CRead_EventDlg::El_GetCategory(int category_id)
{
?//得到事件記錄的類(lèi)型并且返回
?char *cat;
?if(!issub)
?{
??switch(category_id)
??{
???case EVENTLOG_AUDIT_SUCCESS:
????cat = "審核成功";
????event_auditsucceed_num++;
????hh=1;
????break;
???case EVENTLOG_INFORMATION_TYPE:
????cat = "信息";
????event_info_num++;
????hh=2;
????break;
???case EVENTLOG_ERROR_TYPE:
????cat = "錯(cuò)誤";
????event_error_num++;
????hh=3;
????break;
???case EVENTLOG_WARNING_TYPE:
????cat = "警告";
????event_warn_num++;
????hh=4;
????break;
???case EVENTLOG_AUDIT_FAILURE:
????cat = "審核失敗";
????event_auditdefeat_num++;
????hh=5;
????break;
???default:
????cat = "Unknown";
????break;
??}
?}
?else
?{
??switch(category_id)
??{
???case EVENTLOG_AUDIT_SUCCESS:
????cat = "審核成功";
????hh=1;
????break;
???case EVENTLOG_INFORMATION_TYPE:
????cat = "信息";
????hh=2;
????break;
???case EVENTLOG_ERROR_TYPE:
????cat = "錯(cuò)誤";
????hh=3;
????break;
???case EVENTLOG_WARNING_TYPE:
????cat = "警告";
????hh=4;
????break;
???case EVENTLOG_AUDIT_FAILURE:
????cat = "審核失敗";
????hh=5;
????break;
???default:
????cat = "Unknown";
????break;
??}
?}
???
??? return(cat);
}
////////////////////////////////////////////////////////////////
int CRead_EventDlg::El_getEventDLL(char *evt_name, char *event_sourcename1, char *event)
{
?HKEY key;
??? DWORD ret;
??? char keyname[256];


??? keyname[255] = '\0';

??? _snprintf(keyname, 254,
??????????? "System\\CurrentControlSet\\Services\\EventLog\\%s\\%s",
??????????? evt_name,
??????????? event_sourcename1);

??? // 打開(kāi)注冊(cè)表Opening registry ????
??? if(RegOpenKeyEx(HKEY_LOCAL_MACHINE, keyname, 0, KEY_ALL_ACCESS, &key)
??????????? != ERROR_SUCCESS)
??? {
??????? return(0);???
??? }


??? ret = MAX_PATH -1;?
??? if (RegQueryValueEx(key, "EventMessageFile", NULL,
??????????????? NULL, (LPBYTE)event, &ret) != ERROR_SUCCESS)
??? {
??????? event[0] = '\0';?
??????? return(0);
??? }

??? RegCloseKey(key);
??? return(1);
}
////////////////////////////////////////////////////////////////
char* CRead_EventDlg::El_GetMessage(EVENTLOGRECORD *er, char *event_name, char *event_sourcename2, LPTSTR *el_sstring)
{
?DWORD fm_flags = 0;
??? char tmp_str[257];
??? char event[MAX_PATH +1];
??? char *curr_str;
??? char *next_str;
??? LPSTR message = NULL;

??? HMODULE hevt;

??? // Initializing variables
??? event[MAX_PATH] = '\0';
??? tmp_str[256] = '\0';

??? //Flags for format event
??? fm_flags |= FORMAT_MESSAGE_FROM_HMODULE;
??? fm_flags |= FORMAT_MESSAGE_ALLOCATE_BUFFER;
??? fm_flags |= FORMAT_MESSAGE_ARGUMENT_ARRAY;

??? //Get the file name from the registry (stored on event)
??? if(!El_getEventDLL(event_name, event_sourcename2, event))
??? {
??????? return(NULL);????
??? }????

??? curr_str = event;

??? // If our event has multiple libraries, try each one of them?
??? while((next_str = strchr(curr_str, ';')))
??? {
??????? *next_str = '\0';
??????? next_str++;

??????? ExpandEnvironmentStrings(curr_str, tmp_str, 255);
??????? hevt = LoadLibraryEx(tmp_str, NULL, DONT_RESOLVE_DLL_REFERENCES);
??????? if(hevt)
??????? {
??????????? if(!FormatMessage(fm_flags, hevt, er->EventID,
??????????????????????? 0,
??????????????????????? (LPTSTR) &message, 0, el_sstring))
??????????? {
??????????????? message = NULL;???
??????????? }
??????????? FreeLibrary(hevt);

??????????? /* If we have a message, we can return it */
??????????? if(message)
??????????????? return(message);
??????? }

??????? curr_str = next_str;??
??? }

??? ExpandEnvironmentStrings(curr_str, tmp_str, 255);
??? hevt = LoadLibraryEx(tmp_str, NULL, DONT_RESOLVE_DLL_REFERENCES);
??? if(hevt)
??? {
??????? int hr;???
??????? if(!(hr = FormatMessage(fm_flags, hevt, er->EventID,
??????????????????????? 0,
??????????????????????? (LPTSTR) &message, 0, el_sstring)))
??????? {
??????????? message = NULL;???
??????? }
??????? FreeLibrary(hevt);

??????? /* If we have a message, we can return it */
??????? if(message)
??????????? return(message);
??? }

??? return(NULL);
}
/////////////////////////////////////////////////////////////////
BOOL CRead_EventDlg::Init_ImageList()
{
?//給圖表初始化設(shè)置
??HIMAGELIST hList = ImageList_Create(32,32, ILC_COLOR8 |ILC_MASK , 6, 1);
??m_cImageListNormal.Attach(hList);
?
??hList = ImageList_Create(16, 16, ILC_COLOR8 | ILC_MASK, 6, 1);
??m_cImageListSmall.Attach(hList);

??// Load the large icons
??CBitmap cBmp;
?
??cBmp.LoadBitmap(IDB_BITMAP1);
??m_cImageListNormal.Add(&cBmp, RGB(255,0, 255));
??cBmp.DeleteObject();
?
??// Load the small icons
??cBmp.LoadBitmap(IDB_BITMAP2);
??m_cImageListSmall.Add(&cBmp, RGB(255,0, 255));
?
??// Attach them
??m_mm_host_ListCtrl.SetImageList(&m_cImageListNormal, LVSIL_NORMAL);
??m_mm_host_ListCtrl.SetImageList(&m_cImageListSmall, LVSIL_SMALL);
?
??return TRUE;
}
///////////////////////////////////////////////////////////////
void CRead_EventDlg::Insert_Record()
{
?//在列表中插入列表項(xiàng)
?CString str;?
?LVITEM lvi;

?lvi.mask =? LVIF_TEXT;
?lvi.iItem = event_record;
?str.Format(_T("%d"),event_record+1);
?lvi.iSubItem = 0;
?lvi.pszText = (LPTSTR)(LPCTSTR)(str);
?m_mm_host_ListCtrl.InsertItem(&lvi);


?str.Format(_T("%s"), event_category);
?lvi.iSubItem = 1;
?lvi.mask =? LVIF_IMAGE | LVIF_TEXT;
?lvi.pszText = (LPTSTR)(LPCTSTR)(str);
?//選擇位圖??
?switch(hh)
?{
?case 0:
??lvi.iImage = 0;?
??break;
?case 1:
??lvi.iImage = 1;
??break;
?case 2:
??lvi.iImage = 2;
??break;
?case 3:
??lvi.iImage = 3;
??break;
?case 4:
??lvi.iImage = 4;
??break;
?default:
??lvi.iImage = 5;
??break;
?}
?
?m_mm_host_ListCtrl.SetItem(&lvi);

?//輸出來(lái)源??
?str.Format(_T("%s"),event_sourcename);
?lvi.iSubItem = 2;
?lvi.mask = LVIF_TEXT;
?lvi.pszText = (LPTSTR)(LPCTSTR)(str);
?m_mm_host_ListCtrl.SetItem(&lvi);
?//輸出日期??
?tm? *event_time = localtime((const? long? *)&el->er->TimeWritten);
?str.Format(_T("%4hd-%2hd-%2hd"),event_time->tm_year + 1900,event_time->tm_mon + 1,event_time->tm_mday);
?lvi.iSubItem = 3;
?lvi.pszText = (LPTSTR)(LPCTSTR)(str);
?m_mm_host_ListCtrl.SetItem(&lvi);
?//輸出時(shí)間??
?str.Format(_T("%.2hd:%.2hd:%.2hd"),event_time->tm_hour,event_time->tm_min,event_time->tm_sec);
?lvi.iSubItem = 4;
?lvi.pszText = (LPTSTR)(LPCTSTR)(str);
?m_mm_host_ListCtrl.SetItem(&lvi);

?//輸出ID
?str.Format(_T("%d"),(WORD)el->er->EventID);
?lvi.iSubItem = 5;
?lvi.pszText = (LPTSTR)(LPCTSTR)(str);
?m_mm_host_ListCtrl.SetItem(&lvi);
?//輸出用戶??
?str.Format(_T("%s/%s"),event_el_domain,event_el_user);
?lvi.iSubItem = 6;
?lvi.pszText = (LPTSTR)(LPCTSTR)(str);
?m_mm_host_ListCtrl.SetItem(&lvi);
?//輸出計(jì)算機(jī)??
?str.Format(_T("%s"),event_computername);
?lvi.iSubItem = 7;
?lvi.pszText = (LPTSTR)(LPCTSTR)(str);
?m_mm_host_ListCtrl.SetItem(&lvi);
?//輸出描述
?str.Format(_T("%s"),event_descriptive_msg);
?lvi.iSubItem = 8;
?lvi.pszText = (LPTSTR)(LPCTSTR)(str);
?m_mm_host_ListCtrl.SetItem(&lvi);
}
///////////////////////////////////////////////////////////////////////
void CRead_EventDlg::OnClickList(NMHDR* pNMHDR, LRESULT* pResult)
{
?//當(dāng)鼠標(biāo)在類(lèi)別中點(diǎn)擊時(shí),返回被點(diǎn)中的記錄號(hào)
?// TODO: Add your control notification handler code here
?nItem = -1;
?LPNMITEMACTIVATE lpNMItemActivate = (LPNMITEMACTIVATE)pNMHDR;

?if(lpNMItemActivate != NULL)
?{
??nItem = lpNMItemActivate->iItem+1;
?}
?
?*pResult = 0;
}
//////////////////////////////////////////////////////////////
void CRead_EventDlg::OnDelete()
{
?//刪除被選中的記錄
?// TODO: Add your control notification handler code here
?//判斷是否選擇了日志類(lèi)型,如果沒(méi)有退出
?if ((istype!=1)&&(istype!=2)&&(istype!=3))
?{
??MessageBox("請(qǐng)選擇日志類(lèi)型!","警告!",MB_OK|MB_ICONEXCLAMATION);
??return ;
?}
?//判斷是否選中了記錄,如果沒(méi)有退出
?if (nItem==0)
?{
??MessageBox("請(qǐng)選擇日志記錄!","警告!",MB_OK|MB_ICONEXCLAMATION);
??return ;
?}

?int i,iState;
?int nItemSelected=m_mm_host_ListCtrl.GetSelectedCount();//得到所選表項(xiàng)數(shù)
?int nItemCount=m_mm_host_ListCtrl.GetItemCount();//得到表項(xiàng)總數(shù)
?
?//如果沒(méi)有選中,退出
?if(nItemSelected<1)
?{
??MessageBox("請(qǐng)選擇日志記錄!","警告!",MB_OK|MB_ICONEXCLAMATION);?
??return; ?
?}

?//對(duì)選中的記錄進(jìn)行刪除
?for(i=nItemCount-1;i>=0;i--)
?{

??iState=m_mm_host_ListCtrl.GetItemState(i,LVIS_SELECTED);

??if(iState!=0)
??{
???m_mm_host_ListCtrl.DeleteItem(i);
???nItem=0;
??}??
?}
?
?if (((istype!=1)&&(istype!=2)&&(istype!=3)))
?{
??MessageBox("請(qǐng)選擇日志類(lèi)型!","警告!",MB_OK|MB_ICONEXCLAMATION);
??return ;
?}


}
//////////////////////////////////////////////////////////////////////
void CRead_EventDlg::OnDetail()
{
?//按鈕響應(yīng)函數(shù)
?//判斷是否選中類(lèi)型,沒(méi)有就退出
?if ((istype!=1)&&(istype!=2)&&(istype!=3))
?{
??MessageBox("請(qǐng)選擇日志類(lèi)型!","警告!",MB_OK|MB_ICONEXCLAMATION);
??return ;
?}
?//判斷選中記錄,沒(méi)有就退出
?if (nItem==0)
?{
??MessageBox("請(qǐng)選擇日志記錄!","警告!",MB_OK|MB_ICONEXCLAMATION);
??return ;
?}
?//如果選中類(lèi)型就調(diào)用DescriptionDiaLog對(duì)話框
?if ((istype==1)||(istype==2)||(istype==3))
?{
??DescriptionDiaLog DescriptionDlg;
??DescriptionDlg.DoModal();
?}
?
?else
?{
??MessageBox("請(qǐng)選擇日志類(lèi)型!","警告!",MB_OK|MB_ICONINFORMATION);

??return ;
?}

?// TODO: Add your control notification handler code here

}
/////////////////////////////////////////////////////////////////////
void CRead_EventDlg::OnSave()
{
?// TODO: Add your control notification handler code here
?//對(duì)日志進(jìn)行列表保存
?//判斷列表是否有記錄
?switch(istype)
?{
?case 1:
??break;
?case 2:
??break;
?case 3:
??break;
?default:
??MessageBox("請(qǐng)選擇日志類(lèi)型","警告!",MB_OK|MB_ICONEXCLAMATION);
??return;
? ?}
?//得到列表中記錄的總數(shù)
?event_record=m_mm_host_ListCtrl.GetItemCount();
?//對(duì)日志進(jìn)行保存
?//保存單個(gè)記錄
?CString sFileName;
?sFileName.Format("");

?CFileDialog dlg(FALSE, "txt", sFileName,
?????OFN_OVERWRITEPROMPT|OFN_HIDEREADONLY,
?????"文本文件(*.txt)|*.txt|文本文件(*.doc)|*.doc||", this);?
?if (nItem!=0)
?{
??if(IDCANCEL == (MessageBox("您確定要保存一個(gè)日志記錄?","提示!",MB_OKCANCEL|MB_ICONQUESTION)))
??{
???nItem=0;
???return;
??}
??if (dlg.DoModal() == IDOK)
??{
???dlg.m_ofn.lpstrTitle = _T("保存日志記錄");
???CString fileName = dlg.GetPathName();
???fp = fopen(fileName,"w");
???Save_Single_Record(nItem);

??}
??nItem=0;
??return ;
?}

?///////////////////////////////////
?//保存整個(gè)列表記錄
?if(IDCANCEL==(MessageBox("您確定要保存日志文件?","提示!",MB_OKCANCEL|MB_ICONQUESTION)))
?{
??nItem=0;
??return;
?}


?if (dlg.DoModal() == IDOK)
?{
??dlg.m_ofn.lpstrTitle = _T("保存日志文件");
??CString fileName = dlg.GetPathName();

??fp = fopen(fileName,"w");
??switch(istype)
??{
??case 1:
???Save_Security();
???break;
??case 2:
???Save_System();
???break;
??case 3:
???Save_Application();
???break;
??default:
???MessageBox("請(qǐng)選擇日志類(lèi)型","警告!",MB_OK|MB_ICONEXCLAMATION);
???return;
? ??}

?}
}
//////////////////////////////////////////////////////////////////////
void CRead_EventDlg::Read_event(os_el *el, int printit)
{
?//讀取日志
?DWORD nstr;
??? DWORD user_size;
??? DWORD domain_size;
??? DWORD read, needed;
??? int size_left;
??? int str_size;

??? char *mbuffer[BUFFER_SIZE];
??? LPSTR sstr = NULL;
?//int i=0;
?char *tmp_str = NULL;


?char el_string[1025];
??? LPSTR el_sstring[57];

??? //Er must point to the mbuffer
??? el->er = (EVENTLOGRECORD *) &mbuffer;

??? /* Zeroing the last values */
??? el_string[1024] = '\0';
??? event_el_user[256] = '\0';
??? event_el_domain[256] = '\0';
??? host_final_out_msg[1023] = '\0';
??? el_sstring[56] = NULL;
?//判斷是否有記錄
?if( my_host_IsListCtrl == true)
?{
??my_host_IsListCtrl = false;
??m_mm_host_ListCtrl.DeleteAllItems();
?}

??? //讀日志記錄???
??? while(ReadEventLog(el->h,
??????????????? EVENTLOG_FORWARDS_READ | EVENTLOG_SEQUENTIAL_READ,
??????????????? 0,
??????????????? el->er, BUFFER_SIZE -1, &read, &needed))
??? {

??????? while(read > 0)
??????? {


???//得到事件的類(lèi)型
??????????? event_category = El_GetCategory(el->er->EventType);
???//得到事件來(lái)源
??????????? event_sourcename = (LPSTR) ((LPBYTE) el->er + sizeof(EVENTLOGRECORD));
???//得到計(jì)算機(jī)名
??????????? event_computername = event_sourcename + strlen(event_sourcename) + 1;
???//給描述信息初始化
??????????? event_descriptive_msg = NULL;


??????????? // 初始化domain/user尺寸
??????????? user_size = 255; domain_size = 255;
??????????? event_el_domain[0] = '\0';
??????????? event_el_user[0] = '\0';

???
??????????? // 設(shè)置事件的一些描述
??????????? if(el->er->NumStrings)
??????????? {?
??????????????? size_left = 1020;?

??????????????? sstr = (LPSTR)((LPBYTE)el->er + el->er->StringOffset);
??????????????? el_string[0] = '\0';

??????????????? for (nstr = 0;nstr < el->er->NumStrings;nstr++)
??????????????? {
??????????????????? str_size = strlen(sstr);?
??????????????????? strncat(el_string, sstr, size_left);

??????????????????? tmp_str= strchr(el_string, '\0');
??????????????????? if(tmp_str)
??????????????????? {
??????????????????????? *tmp_str = ' ';??
??????????????????????? tmp_str++; *tmp_str = '\0';
??????????????????? }
??????????????????? size_left-=str_size + 1;

??????????????????? if(nstr <= 54)
??????????????????????? el_sstring[nstr] = (LPSTR)sstr;

??????????????????? sstr = strchr( (LPSTR)sstr, '\0');
??????????????????? sstr++;
?????
??????????????? }

??????????????? // 得到事件描述
??????????????? event_descriptive_msg = El_GetMessage(el->er, el->event_name, event_sourcename, el_sstring);
??????????????? if(event_descriptive_msg != NULL)
??????????????? {
?????????????????
??????????????????? tmp_str = event_descriptive_msg;???
??????????????????? while((tmp_str = strchr(tmp_str, '\n')))
??????????????????? {
??????????????????????? *tmp_str = ' ';
??????????????????????? tmp_str++;?????????
??????????????????? }???

??????????????????? tmp_str = event_descriptive_msg;???
??????????????????? while((tmp_str = strchr(tmp_str, '\r')))
??????????????????? {
??????????????????????? *tmp_str = ' ';
??????????????????????? tmp_str++;
??????//strchr(tmp_str, '\n');
??????????????????? }???
??????????????? }
??????????? }
??????????? else
??????????? {
??????????????? strncpy(el_string, "(no message)", 1020);?
??????????? }
??????????? // 得到username
??????????? if (el->er->UserSidLength)
??????????? {
??????????????? SID_NAME_USE account_type;
??????????????? if(!LookupAccountSid(NULL, (SID *)((LPSTR)el->er + el->er->UserSidOffset),
??????????????????????????? event_el_user, &user_size, event_el_domain, &domain_size, &account_type))??
??????????????? {
??????????????????? strncpy(event_el_user, "(no user)", 255);
??????????????????? strncpy(event_el_domain, "no domain", 255);
??????????????? }

??????????? }

??????????? else
??????????? {
??????????????? strncpy(event_el_user, "A", 255);?
??????????????? strncpy(event_el_domain, "N", 255);?
??????????? }
???
???/////////////////////////////////////
???//插入列表
???Insert_Record();
???////////////////////////////////////
???
??????????? if(event_descriptive_msg != NULL)
??????????????? LocalFree(event_descriptive_msg);

??????????? // Changing the point to the er
???//i++;
???event_record++;
??????????? read -= el->er->Length;
??????????? el->er = (EVENTLOGRECORD *)((LPBYTE) el->er + el->er->Length);
???
??????? }?
??my_host_IsListCtrl = true;
??
??CString strlove;
??//輸出事件個(gè)數(shù)
??strlove.Format("%d",event_record);
??GetDlgItem(IDC_EVENTNUM)->SetWindowText(strlove);
??//輸出事件錯(cuò)誤個(gè)數(shù)
??strlove.Format("%d",event_error_num);
??GetDlgItem(IDC_ERRORNUM)->SetWindowText(strlove);
??//輸出事件信息個(gè)數(shù)
??strlove.Format("%d",event_info_num);
??GetDlgItem(IDC_INFONUM)->SetWindowText(strlove);
??//輸出事件警告?zhèn)€數(shù)
??strlove.Format("%d",event_warn_num);
??GetDlgItem(IDC_WARNNUM)->SetWindowText(strlove);
??//輸出事件審核成功個(gè)數(shù)??
??strlove.Format("%d",event_auditsucceed_num);
??GetDlgItem(IDC_AUDITSUCCEEDNUM)->SetWindowText(strlove);
??//輸出事件審核失敗個(gè)數(shù)??
??strlove.Format("%d",event_auditdefeat_num);
??GetDlgItem(IDC_AUDITDEFEATNUM)->SetWindowText(strlove);

??????? // Setting er to the beginning of the buffer?
??????? el->er = (EVENTLOGRECORD *)&mbuffer;??
??? }
?event_record=0;
}
///////////////////////////////////////////////////////////////////////////
void CRead_EventDlg::Set_EventNum()
{?
?//給記錄數(shù)字初始化
?event_record=0;
?event_auditsucceed_num=0;
?event_info_num=0;
?event_error_num=0;
?event_warn_num=0;
?event_auditdefeat_num=0;

}
///////////////////////////////////////////////////////////////////
int CRead_EventDlg::Start_EL(char *app, os_el *el)
{

?el->h = OpenEventLog(NULL, app);
??? if(!el->h)
??? {
??????? return(0);????
??? }

??? el->event_name = app;
??? GetOldestEventLogRecord(el->h, &el->record);

??? return(1);
}
////////////////////////////////////////////////////////////////////////
void CRead_EventDlg::Win_startel(char *eventlog)
{
?Start_EL(eventlog,el);
??? Read_event(el,1);
}
////////////////////////////////////////////////////////////////////
void CRead_EventDlg::Save_event(os_el *el, int printit)
{
?event_record=0;
?DWORD nstr;
??? DWORD user_size;
??? DWORD domain_size;
??? DWORD read, needed;
??? int size_left;
??? int str_size;

??? char *mbuffer[BUFFER_SIZE];
??? LPSTR sstr = NULL;
?//int i=0;
?char *tmp_str = NULL;
?
??? char el_string[1025];
??? char final_out_msg[1024];??//最后輸出的信息
??? LPSTR el_sstring[57];

??? /* Er must point to the mbuffer */
??? el->er = (EVENTLOGRECORD *) &mbuffer;

??? // Zeroing the last values
??? el_string[1024] = '\0';
??? event_el_user[256] = '\0';
??? event_el_domain[256] = '\0';
??? final_out_msg[1023] = '\0';
??? el_sstring[56] = NULL;

??? // Reading the event log ????
??? while(ReadEventLog(el->h,
??????????????? EVENTLOG_FORWARDS_READ | EVENTLOG_SEQUENTIAL_READ,
??????????????? 0,
??????????????? el->er, BUFFER_SIZE -1, &read, &needed))
??? {
??????? while(read > 0)
??????? {
???//得到事件的類(lèi)型
??????????? event_category = El_GetCategory(el->er->EventType);
???//得到事件來(lái)源
??????????? event_sourcename = (LPSTR) ((LPBYTE) el->er + sizeof(EVENTLOGRECORD));
???//得到計(jì)算機(jī)名
??????????? event_computername = event_sourcename + strlen(event_sourcename) + 1;
???//給描述信息初始化
??????????? event_descriptive_msg = NULL;


??????????? //初始化domain/user尺寸
??????????? user_size = 255; domain_size = 255;
??????????? event_el_domain[0] = '\0';
??????????? event_el_user[0] = '\0';


??????????? // 設(shè)置事件的一些描述
??????????? if(el->er->NumStrings)
??????????? {?
??????????????? size_left = 1020;?

??????????????? sstr = (LPSTR)((LPBYTE)el->er + el->er->StringOffset);
??????????????? el_string[0] = '\0';

??????????????? for (nstr = 0;nstr < el->er->NumStrings;nstr++)
??????????????? {
??????????????????? str_size = strlen(sstr);?
??????????????????? strncat(el_string, sstr, size_left);

??????????????????? tmp_str= strchr(el_string, '\0');
??????????????????? if(tmp_str)
??????????????????? {
??????????????????????? *tmp_str = ' ';??
??????????????????????? tmp_str++; *tmp_str = '\0';
??????????????????? }
??????????????????? size_left-=str_size + 1;

??????????????????? if(nstr <= 54)
??????????????????????? el_sstring[nstr] = (LPSTR)sstr;

??????????????????? sstr = strchr( (LPSTR)sstr, '\0');
??????????????????? sstr++;
?????
??????????????? }

??????????????? //Get a more descriptive message (if available)
??????????????? event_descriptive_msg = El_GetMessage(el->er, el->event_name, event_sourcename, el_sstring);
??????????????? if(event_descriptive_msg != NULL)
??????????????? {
??????????????????? // Remove any \n or \r
??????????????????? tmp_str = event_descriptive_msg;???
??????????????????? while((tmp_str = strchr(tmp_str, '\n')))
??????????????????? {
??????????????????????? *tmp_str = ' ';
??????????????????????? tmp_str++;
???????????
??????????????????? }???

??????????????????? tmp_str = event_descriptive_msg;???
??????????????????? while((tmp_str = strchr(tmp_str, '\r')))
??????????????????? {
??????????????????????? *tmp_str = ' ';
??????????????????????? tmp_str++;
??????//strchr(tmp_str, '\n');

??????????????????? }???
??????????????? }
??????????? }
??????????? else
??????????? {
??????????????? strncpy(el_string, "(no message)", 1020);?
??????????? }


??????????? // 得到username
??????????? if (el->er->UserSidLength)
??????????? {
??????????????? SID_NAME_USE account_type;
??????????????? if(!LookupAccountSid(NULL, (SID *)((LPSTR)el->er + el->er->UserSidOffset),
??????????????????????????? event_el_user, &user_size, event_el_domain, &domain_size, &account_type))??
??????????????? {
??????????????????? strncpy(event_el_user, "(no user)", 255);
??????????????????? strncpy(event_el_domain, "no domain", 255);
??????????????? }

??????????? }

??????????? else
??????????? {
??????????????? strncpy(event_el_user, "A", 255);?
??????????????? strncpy(event_el_domain, "N", 255);?
??????????? }

??????????? if(printit)
??????????? {
??????????????? tm?? *event_time?? =?? localtime((const?? long?? *)&el->er->TimeWritten);

??????????????? _snprintf(final_out_msg, 1022,
??????????????????????? "事件記錄序號(hào):%d\n事件:%s\n日期:%.4hd-%2hd-%2hd\n時(shí)間:%.2hd:%.2hd:%.2hd\n事件類(lèi)型:%s\n事件來(lái)源:%s\n事件ID:(%u)\n用戶:%s/%s\n計(jì)算機(jī):%s\n描述:\n%s\n\n\n",
??????event_record,
??????el->event_name,
??????event_time->tm_year + 1900,
??????event_time->tm_mon + 1,
??????event_time->tm_mday,
??????event_time->tm_hour,
??????event_time->tm_min,
??????event_time->tm_sec,?
??????
??????????????????????? event_category,
??????event_sourcename,
???????????????????????
??????????????????????? (WORD)el->er->EventID,
??????????????????????? event_el_domain,
??????????????????????? event_el_user,
???????????????????????
??????event_computername,
??????????????????????? event_descriptive_msg != NULL?event_descriptive_msg:el_string);?
??????????????
??????? ?fprintf(fp, "%s\n", final_out_msg);?
??????????? }

??????????? if(event_descriptive_msg != NULL)
??????????????? LocalFree(event_descriptive_msg);

??????????? // Changing the point to the er
??????????? read -= el->er->Length;
??????????? el->er = (EVENTLOGRECORD *)((LPBYTE) el->er + el->er->Length);
???event_record++;
??????? }??

??????? // Setting er to the beginning of the buffer ?
??????? el->er = (EVENTLOGRECORD *)&mbuffer;
??
??? }
}
//////////////////////////////////////////////////////////////////////

void CRead_EventDlg::Save_Application()
{
?//從列表中保存應(yīng)用日志
?if(!fp)
?{
??MessageBox("怎么沒(méi)打開(kāi)呢!","警告!",MB_OK|MB_ICONEXCLAMATION);
??exit(1);
?}
?else
?{
??MessageBox("應(yīng)用日志文件打開(kāi)了!","信息!",MB_OK|MB_ICONINFORMATION);
?}

?fprintf(fp, "\n\n***********應(yīng)用日志列表***********\n\n\n");
?Save_List(1,event_record);

?fclose(fp);
?if(fclose(fp))
?{
??MessageBox("應(yīng)用日志文件關(guān)閉了!","信息!",MB_OK|MB_ICONINFORMATION);?
?}
?else
?{
??MessageBox("還開(kāi)著呢了,,抓緊關(guān)它吧!","錯(cuò)誤!",MB_OK|MB_ICONSTOP);??

?}

}
//////////////////////////////////////////////////////////////////

void CRead_EventDlg::Save_Security()
{
?//從列表中保存安全日志
?if(!fp)
?{
??MessageBox("怎么沒(méi)打開(kāi)呢!","警告!",MB_OK|MB_ICONEXCLAMATION);

??exit(1);
?}
?else
?{
??
??MessageBox("安全日志文件打開(kāi)了!","信息!",MB_OK|MB_ICONINFORMATION);

?}


?fprintf(fp, "\n\n***********安全日志列表***********\n\n\n");?

?Save_List(1,event_record);

?fclose(fp);
?if(fclose(fp))
?{
??MessageBox("安全日志文件關(guān)閉了!","信息!",MB_OK|MB_ICONINFORMATION);
?}
?else
?{
??MessageBox("還開(kāi)著呢了,,抓緊關(guān)它吧!","錯(cuò)誤!",MB_OK|MB_ICONSTOP);
?}

}
////////////////////////////////////////////////////
void CRead_EventDlg::Save_System()
{
?//從列表中保存系統(tǒng)日志
?if(!fp)
?{
??MessageBox("怎么沒(méi)打開(kāi)呢!","警告!",MB_OK|MB_ICONEXCLAMATION);
??exit(1);
?}
?else
?{
??MessageBox("系統(tǒng)日志文件打開(kāi)了!","信息!",MB_OK|MB_ICONINFORMATION);
?}
?fprintf(fp, "\n\n***********系統(tǒng)日志列表***********\n\n\n");?

?Save_List(1,event_record);

?fclose(fp);
?if(fclose(fp))
?{
??MessageBox("系統(tǒng)日志文件關(guān)閉了!","信息!",MB_OK|MB_ICONINFORMATION);??
?}
?else
?{
??MessageBox("還開(kāi)著呢了,,抓緊關(guān)它吧!","錯(cuò)誤!",MB_OK|MB_ICONSTOP);
?}

}
/////////////////////////////////////////////////////////////////////////
void CRead_EventDlg::Save_Single_Record(int single_record)
{
?//從列表中保存單個(gè)記錄
?if(!fp)
?{
??MessageBox("怎么沒(méi)打開(kāi)呢!","警告!",MB_OK|MB_ICONEXCLAMATION);??
??exit(1);
?}
?else
?{
??MessageBox("一個(gè)記錄正要保存了!","信息!",MB_OK|MB_ICONINFORMATION);??
?}

?fprintf(fp, "\n\n***********第%d記錄***********\n\n\n",nItem);
?
?Save_List(single_record,single_record);


?fclose(fp);
?if(fclose(fp))
?{
??MessageBox("日志記錄關(guān)閉了!","信息!",MB_OK|MB_ICONINFORMATION);?
?}
?else
?{
??MessageBox("還有一個(gè)記錄開(kāi)著呢!","錯(cuò)誤!",MB_OK|MB_ICONSTOP);??
?}
}
/////////////////////////////////////////////////////////////////////
void CRead_EventDlg::Save_List(int record_initialize, int record_num)
{
?//保存列表記錄
?CString save_event_record;
?CString save_event_category;
?CString save_event_sourcename;
?CString save_event_date;
?CString save_event_time;
?CString save_event_id;
?CString save_event_user;
?CString save_event_computername;
?CString save_event_descriptive_msg;
?CString save_event_name;
?
?switch(istype)
?{
?case 1:
??save_event_name="Security";
??break;
?case 2:
??save_event_name="System";
??break;
?case 3:
??save_event_name="Application";
??break;
?default:
??return;
? ?}

?for(int i=record_initialize-1;i<record_num;i++)
?{
??save_event_record=m_mm_host_ListCtrl.GetItemText(i,0);
??save_event_category=m_mm_host_ListCtrl.GetItemText(i,1);
??save_event_sourcename=m_mm_host_ListCtrl.GetItemText(i,2);
??save_event_date=m_mm_host_ListCtrl.GetItemText(i,3);
??save_event_time=m_mm_host_ListCtrl.GetItemText(i,4);
??save_event_id=m_mm_host_ListCtrl.GetItemText(i,5);
??save_event_user=m_mm_host_ListCtrl.GetItemText(i,6);
??save_event_computername=m_mm_host_ListCtrl.GetItemText(i,7);
??save_event_descriptive_msg=m_mm_host_ListCtrl.GetItemText(i,8);
??fprintf(fp, "事件記錄序號(hào):%s\n事件:%s\n日期:%s\n時(shí)間:%s\n類(lèi)型:%s\n事件來(lái)源:%s\n事件ID:%s\n用戶:%s\n計(jì)算機(jī):%s\n描述:\n%s\n\n\n\n",
????save_event_record,
????save_event_name,
????save_event_date,
????save_event_time,
????save_event_category,
????save_event_sourcename,
????save_event_id,
????save_event_user,
????save_event_computername,
????save_event_descriptive_msg);

?}

}
////////////////////////////////////////////////////
void CRead_EventDlg::Save_Hard_Application()
{
?//從系統(tǒng)中保存應(yīng)用日志
?if(!fp)
?{
??MessageBox("怎么沒(méi)打開(kāi)呢!","警告!",MB_OK|MB_ICONEXCLAMATION);
??exit(1);
?}
?else
?{
??MessageBox("應(yīng)用日志文件打開(kāi)了!","信息!",MB_OK|MB_ICONINFORMATION);
?}

?fprintf(fp, "\n\n***********應(yīng)用日志列表***********\n\n\n");
?
?Start_EL("application",el);
?Save_event(el, 1);
?
?fclose(fp);
?if(fclose(fp))
?{
??MessageBox("應(yīng)用日志文件關(guān)閉了!","信息!",MB_OK|MB_ICONINFORMATION);?
?}
?else
?{
??MessageBox("還開(kāi)著呢了,,抓緊關(guān)它吧!","錯(cuò)誤!",MB_OK|MB_ICONSTOP);??

?}

}
////////////////////////////////////////////////////////////////////


void CRead_EventDlg::Save_Hard_Security()
{
?//從系統(tǒng)中保存安全記錄
?if(!fp)
?{
??MessageBox("怎么沒(méi)打開(kāi)呢!","警告!",MB_OK|MB_ICONEXCLAMATION);

??exit(1);
?}
?else
?{
??
??MessageBox("安全日志文件打開(kāi)了!","信息!",MB_OK|MB_ICONINFORMATION);

?}


?fprintf(fp, "\n\n***********安全日志列表***********\n\n\n");?

?Start_EL("Security",el);
?Save_event(el, 1);

?fclose(fp);
?if(fclose(fp))
?{
??MessageBox("安全日志文件關(guān)閉了!","信息!",MB_OK|MB_ICONINFORMATION);
?}
?else
?{
??MessageBox("還開(kāi)著呢了,,抓緊關(guān)它吧!","錯(cuò)誤!",MB_OK|MB_ICONSTOP);
?}
}
//////////////////////////////////////////////////////////////
void CRead_EventDlg::Save_Hard_System()
{
?//從系統(tǒng)中保存系統(tǒng)日志
?if(!fp)
?{
??MessageBox("怎么沒(méi)打開(kāi)呢!","警告!",MB_OK|MB_ICONEXCLAMATION);
??exit(1);
?}
?else
?{
??MessageBox("系統(tǒng)日志文件打開(kāi)了!","信息!",MB_OK|MB_ICONINFORMATION);
?}

?fprintf(fp, "\n\n***********系統(tǒng)日志列表***********\n\n\n");?

?Start_EL("System",el);
?Save_event(el, 1);

?fclose(fp);
?if(fclose(fp))
?{
??MessageBox("系統(tǒng)日志文件關(guān)閉了!","信息!",MB_OK|MB_ICONINFORMATION);??
?}
?else
?{
??MessageBox("還開(kāi)著呢了,,抓緊關(guān)它吧!","錯(cuò)誤!",MB_OK|MB_ICONSTOP);
?}

}
/////////////////////////////////////////////////////////////////

void CRead_EventDlg::OnSave_Hard()
{
?//從系統(tǒng)中保存記錄的響應(yīng)函數(shù)
?// TODO: Add your control notification handler code here
?switch(istype)
?{
?case 1:
??break;
?case 2:
??break;
?case 3:
??break;
?default:
??MessageBox("請(qǐng)選擇日志類(lèi)型","警告!",MB_OK|MB_ICONEXCLAMATION);
??return;
? ?}

?CString sFileName;
?sFileName.Format("");

?CFileDialog dlg(FALSE, "txt", sFileName,
?????OFN_OVERWRITEPROMPT|OFN_HIDEREADONLY,
?????"文本文件(*.txt)|*.txt|文本文件(*.doc)|*.doc||", this);?

?/////////////////////////////////////////
?//從系統(tǒng)中保存整個(gè)日志
?if(IDCANCEL==(MessageBox("您確定要從系統(tǒng)中保存日志文件?","提示!",MB_OKCANCEL|MB_ICONQUESTION)))
?{
??nItem=0;
??return;
?}

?if (dlg.DoModal() == IDOK)
?{
??dlg.m_ofn.lpstrTitle = _T("從系統(tǒng)中保存日志文件");
??CString fileName = dlg.GetPathName();

??fp = fopen(fileName,"w");
??switch(istype)
??{
??case 1:
???Save_Hard_Security();
???break;
??case 2:
???Save_Hard_System();
???break;
??case 3:
???Save_Hard_Application();
???break;
??default:
???MessageBox("請(qǐng)選擇日志類(lèi)型","警告!",MB_OK|MB_ICONEXCLAMATION);
???return;
? ??}
?}
?nItem=0;
?
}
/////////////////////////////////////////////////////////////////
/////////////////////////////////////////////////////////////////
/////////////////////////////////////////////////////////////////
// DescriptionDiaLog.cpp : implementation file
//

#include "stdafx.h"
#include "Read_Event.h"
#include "DescriptionDiaLog.h"
#include "Read_EventDlg.h"

#ifdef _DEBUG
#define new DEBUG_NEW
#undef THIS_FILE
static char THIS_FILE[] = __FILE__;
#endif

extern int istype;
extern int nItem;
extern int event_record;
extern CString m_mm_host_state;
extern os_el el[1];
extern BOOL issub;
BOOL isShow=FALSE;
/////////////////////////////////////////////////////////////////////////////
// DescriptionDiaLog dialog


DescriptionDiaLog::DescriptionDiaLog(CWnd* pParent /*=NULL*/)
?: CDialog(DescriptionDiaLog::IDD, pParent)
{
?//{{AFX_DATA_INIT(DescriptionDiaLog)
?m_sub_event_computername = _T("");
?//}}AFX_DATA_INIT
}


void DescriptionDiaLog::DoDataExchange(CDataExchange* pDX)
{
?CDialog::DoDataExchange(pDX);
?//{{AFX_DATA_MAP(DescriptionDiaLog)
?DDX_Text(pDX, IDC_SBUEVENTCOMPUTERNAME, m_sub_event_computername);
?//}}AFX_DATA_MAP
}


BEGIN_MESSAGE_MAP(DescriptionDiaLog, CDialog)
?//{{AFX_MSG_MAP(DescriptionDiaLog)
?ON_BN_CLICKED(IDC_SHOW, OnShow)
?ON_BN_CLICKED(IDC_PRESHOW, OnPreshow)
?ON_BN_CLICKED(IDC_NEXTSHOW, OnNextshow)
?//}}AFX_MSG_MAP
END_MESSAGE_MAP()

/////////////////////////////////////////////////////////////////////////////
// DescriptionDiaLog message handlers

BOOL DescriptionDiaLog::OnInitDialog()
{
?CDialog::OnInitDialog();
?
?// TODO: Add extra initialization here
?issub=true;
?return TRUE;? // return TRUE unless you set the focus to a control
?????????????? // EXCEPTION: OCX Property Pages should return FALSE
}
//////////////////////////////////////////////////////////
void DescriptionDiaLog::Sub_Prepare()
{

?char *m_sub_cTemp;
?switch(istype)
?{
?case 1:
??m_sub_cTemp ="Security";
??break;
?case 2:
??m_sub_cTemp ="System";
??break;
?default:
??m_sub_cTemp ="application";
?}
?Sub_Show(nItem);
}
///////////////////////////////////////////////////////
void DescriptionDiaLog::OnShow()
{
?//顯示記錄內(nèi)容
?// TODO: Add your control notification handler code here
?//判斷是否有記錄被選中
?if (nItem==0)
?{
??MessageBox("錯(cuò)了!","錯(cuò)誤!",MB_OK|MB_ICONSTOP);
??CDialog::OnOK();
?}
?//如果是選中的是列表中第一條記錄,向前觀察按鈕失效
?if(nItem==1)
?{
??GetDlgItem(IDC_PRESHOW)->EnableWindow(FALSE);
??GetDlgItem(IDC_NEXTSHOW)->EnableWindow(TRUE);
?}
?//如果是選中的是列表中最后一條記錄,向后觀察按鈕失效
?if(nItem==event_record)
?{
??GetDlgItem(IDC_PRESHOW)->EnableWindow(TRUE);
??GetDlgItem(IDC_NEXTSHOW)->EnableWindow(FALSE);
?}
?Sub_Prepare();
?isShow=TRUE;
}
///////////////////////////////////////////////////////////
void DescriptionDiaLog::OnPreshow()
{?
?//向前觀察按鈕響應(yīng)函數(shù)
?// TODO: Add your control notification handler code here
?if (!isShow)
?{
??MessageBox("請(qǐng)回去選擇記錄!","警告!",MB_OK|MB_ICONEXCLAMATION);
??CDialog::OnOK();
?}
?nItem--;
?//如果是選中的是列表中第一條記錄,向前觀察按鈕失效
?if(nItem==1)
?{
??GetDlgItem(IDC_PRESHOW)->EnableWindow(FALSE);
?}
?GetDlgItem(IDC_NEXTSHOW)->EnableWindow(TRUE);
?Sub_Prepare();

}
//////////////////////////////////////////////////////////////////
void DescriptionDiaLog::OnNextshow()
{?
?//向后觀察按鈕
?// TODO: Add your control notification handler code here
?nItem++;
?//如果是選中的是列表中最后一條記錄,向后觀察按鈕失效
?if(nItem==event_record)
?{
??GetDlgItem(IDC_NEXTSHOW)->EnableWindow(FALSE);
?}
?GetDlgItem(IDC_PRESHOW)->EnableWindow(TRUE);
?Sub_Prepare();

}
//////////////////////////////////////////////////////////////

void DescriptionDiaLog::OnOK()
{
?// TODO: Add extra validation here
?nItem=0;
?CDialog::OnOK();
}

void DescriptionDiaLog::OnCancel()
{
?// TODO: Add extra cleanup here
?nItem=0;
?CDialog::OnCancel();
}
////////////////////////////////////////////////////////////////
void DescriptionDiaLog::Sub_Show(int sub_nItem)
{
?//顯示詳細(xì)記錄按鈕的響應(yīng)函數(shù)
?CRead_EventDlg* dlg = (CRead_EventDlg *)AfxGetMainWnd();
?CString sub_event;

?//事件序列
?sub_event=dlg->m_mm_host_ListCtrl.GetItemText(sub_nItem-1,0);
?GetDlgItem(IDC_SBUEVENTRECORD)->SetWindowText(sub_event);
?//事件類(lèi)型
?sub_event=dlg->m_mm_host_ListCtrl.GetItemText(sub_nItem-1,1);
?GetDlgItem(IDC_SBUEVENTCATEGORY)->SetWindowText(sub_event);
?//事件來(lái)源
?sub_event=dlg->m_mm_host_ListCtrl.GetItemText(sub_nItem-1,2);
?GetDlgItem(IDC_SUBEVENTSOURCENAME)->SetWindowText(sub_event);
?//事件日期
?sub_event=dlg->m_mm_host_ListCtrl.GetItemText(sub_nItem-1,3);
?GetDlgItem(IDC_SUBEVENTDATA)->SetWindowText(sub_event);
?//事件時(shí)間
?sub_event=dlg->m_mm_host_ListCtrl.GetItemText(sub_nItem-1,4);
?GetDlgItem(IDC_SBUEVENTTIME)->SetWindowText(sub_event);
?//事件ID
?sub_event=dlg->m_mm_host_ListCtrl.GetItemText(sub_nItem-1,5);
?GetDlgItem(IDC_SBUEVENTID)->SetWindowText(sub_event);
?//用戶
?sub_event=dlg->m_mm_host_ListCtrl.GetItemText(sub_nItem-1,6);
?GetDlgItem(IDC_SBUEVENTUSERNAME)->SetWindowText(sub_event);
?//計(jì)算機(jī)
?sub_event=dlg->m_mm_host_ListCtrl.GetItemText(sub_nItem-1,7);
?GetDlgItem(IDC_SBUEVENTCOMPUTERNAME)->SetWindowText(sub_event);
?//詳細(xì)描述
?sub_event=dlg->m_mm_host_ListCtrl.GetItemText(sub_nItem-1,8);
?GetDlgItem(IDC_EDIT_SBUEVENTMESSAGE)->SetWindowText(sub_event);
?
?switch(istype)
?{
?case 1:
??sub_event="Security";
??break;
?case 2:
??sub_event="System";
??break;
?case 3:
??sub_event="Application";
??break;
?default:
??MessageBox("請(qǐng)選擇日志類(lèi)型!","警告!",MB_OK|MB_ICONEXCLAMATION);
??return;
? ?}
?//事件
?GetDlgItem(IDC_SUBEVENT)->SetWindowText(sub_event);

}
/////////////////////////////////////////////////////////////////

posted on 2006-09-07 14:37 啤酒 閱讀(832) 評(píng)論(0)  編輯 收藏 引用


只有注冊(cè)用戶登錄后才能發(fā)表評(píng)論。
網(wǎng)站導(dǎo)航: 博客園   IT新聞   BlogJava   博問(wèn)   Chat2DB   管理


導(dǎo)航

統(tǒng)計(jì)

常用鏈接

留言簿(2)

隨筆檔案

收藏夾

搜索

最新評(píng)論

閱讀排行榜

評(píng)論排行榜

青青草原综合久久大伊人导航_色综合久久天天综合_日日噜噜夜夜狠狠久久丁香五月_热久久这里只有精品

    • <ins id="pjuwb"></ins>
    <blockquote id="pjuwb"><pre id="pjuwb"></pre></blockquote>

    <noscript id="pjuwb"></noscript>
          <sup id="pjuwb"><pre id="pjuwb"></pre></sup>

            <dd id="pjuwb"></dd>
            <abbr id="pjuwb"></abbr>
            
久久精品亚洲|
国产亚洲亚洲|
一区二区三区三区在线|
亚洲免费一级电影|
国产午夜精品在线观看|
久久免费少妇高潮久久精品99|
久久综合色播五月|
日韩亚洲欧美综合|
国产精品国产一区二区|
久久精品视频免费|
亚洲国产黄色|
亚洲一区二区三区中文字幕|
国产精品嫩草久久久久|
久久久av网站|
亚洲精品小视频在线观看|
亚洲欧美国内爽妇网|
怡红院精品视频|
欧美日韩和欧美的一区二区|
性久久久久久久|
亚洲国产精品久久久久秋霞影院|
亚洲一卡久久|
亚洲第一主播视频|
国产精品美女主播|
欧美成人精品激情在线观看
|
99riav1国产精品视频|
亚洲欧美中文在线视频|
亚洲黄色有码视频|
国产精自产拍久久久久久|
六月婷婷一区|
香蕉久久夜色精品国产使用方法|
欧美激情视频一区二区三区不卡|
午夜视频一区在线观看|
亚洲国产欧美一区二区三区久久|
国产精品美女999|
免费成人黄色av|
性久久久久久久久|
99热在这里有精品免费|
欧美aⅴ一区二区三区视频|
午夜精品久久久久久久99樱桃
|
亚洲精品免费一区二区三区|
国产精品亚洲第一区在线暖暖韩国|
久久伊人一区二区|
亚洲欧美伊人|
一区二区三区高清|
亚洲片区在线|
欧美国产第二页|
另类天堂视频在线观看|
欧美中文字幕在线视频|
亚洲影视中文字幕|
亚洲免费成人av|
亚洲国产欧美不卡在线观看|
狠狠色狠狠色综合人人|
国产精品婷婷|
国产精品乱码人人做人人爱|
欧美日韩999|
欧美激情一区二区三区成人|
六月天综合网|
免费精品99久久国产综合精品|
欧美亚洲一级片|
午夜欧美精品|
欧美在线播放高清精品|
欧美一区影院|
欧美一级大片在线观看|
午夜激情综合网|
亚洲欧美日本日韩|
亚洲欧美www|
亚洲女优在线|
久久er99精品|
久久久精品性|
麻豆亚洲精品|
欧美成人精品h版在线观看|
欧美寡妇偷汉性猛交|
欧美成人一区二区三区在线观看|
久久中文在线|
欧美激情一区二区|
欧美日韩亚洲高清|
国产精品久久久久9999|
国产精品入口日韩视频大尺度|
国产精品久久久久久亚洲毛片|
国产精品狠色婷|
国产模特精品视频久久久久
|
亚洲——在线|
西瓜成人精品人成网站|
欧美制服丝袜|
免费成人高清|
欧美日韩一区在线观看|
国产精品毛片在线看|
国产午夜精品全部视频播放|
国精品一区二区三区|
亚洲成人在线网站|
亚洲美女av电影|
亚洲女人小视频在线观看|
欧美一区亚洲二区|
男女精品网站|
99国产精品99久久久久久粉嫩|
亚洲午夜精品17c|
久久久久久黄|
欧美久久久久久|
国产精品综合久久久|
在线欧美福利|
亚洲伊人一本大道中文字幕|
久久国产色av|
亚洲全黄一级网站|
亚洲综合国产精品|
男女av一区三区二区色多|
欧美性jizz18性欧美|
国产综合精品一区|
一本大道久久精品懂色aⅴ|
欧美专区在线|
亚洲欧洲一区二区三区在线观看
|
亚洲欧美伊人|
免费成人高清视频|
国产精品亚洲а∨天堂免在线|
黄色日韩网站|
亚洲一区二区在线视频|
久久嫩草精品久久久精品|
亚洲人成高清|
久久久噜噜噜久噜久久|
欧美三级电影一区|
亚洲第一中文字幕|
欧美一区二区三区四区夜夜大片|
亚洲高清久久久|
欧美在线短视频|
国产精品v日韩精品v欧美精品网站|
一区二区在线观看av|
午夜精品一区二区三区电影天堂
|
亚洲一区国产|
欧美精品日韩www.p站|
很黄很黄激情成人|
亚洲欧美国产视频|
91久久精品一区二区别|
久久不见久久见免费视频1|
欧美视频福利|
日韩视频精品|
欧美/亚洲一区|
久久国产精品第一页|
国产精品久久久久aaaa樱花|
亚洲美女av在线播放|
欧美88av|
久久久久久久成人|
国产一区二区丝袜高跟鞋图片
|
国产精品qvod|
99一区二区|
亚洲精品护士|
欧美大香线蕉线伊人久久国产精品|
国产一区在线观看视频|
久久av最新网址|
一区二区三区日韩|
欧美体内she精视频|
一本色道久久综合亚洲精品不|
亚洲风情亚aⅴ在线发布|
久久一区中文字幕|
在线精品高清中文字幕|
麻豆91精品|
久久久久久亚洲精品不卡4k岛国|
国产午夜亚洲精品理论片色戒
|
免费亚洲一区二区|
久久精品99国产精品酒店日本|
国产午夜精品全部视频播放|
欧美一区二区三区在线视频|
亚洲欧美日韩在线综合|
国产精品视频一二|
欧美一区二区国产|
欧美一区二区三区视频在线|
国产午夜精品美女毛片视频|
久久久久久欧美|
久久精品国产欧美亚洲人人爽|
国内自拍一区|
欧美第十八页|
欧美精品电影在线|
亚洲视频在线观看|
亚洲一区三区电影在线观看|
国产伦精品一区二区|
久久免费精品视频|
蜜臀久久久99精品久久久久久|
亚洲精品久久久蜜桃|
夜夜嗨av一区二区三区免费区|
欧美视频免费在线|
欧美在线免费播放|
久久精品国产欧美激情|
91久久中文|
一本色道88久久加勒比精品
|
亚洲第一网站免费视频|
欧美激情网友自拍|
亚洲欧美在线看|
久久9热精品视频|
亚洲日本免费电影|
一本色道久久综合|
国产一区二区久久|
亚洲第一精品夜夜躁人人躁|
欧美日精品一区视频|
久久国产手机看片|
免费国产一区二区|
亚洲欧美另类国产|
久久午夜视频|
亚洲欧美日韩国产一区二区三区|
欧美一区日韩一区|
a91a精品视频在线观看|
午夜亚洲性色福利视频|
亚洲精品免费一二三区|