"System shutdown" is a basic service in windows. Function: "Shut down the system", "log off the user", and "lock the workstation" 3. The SDK provides several functions to call this service.
The "Disable System" function enables the computer to be safely disabled. All buffered content in the file system is forcibly written to the disk. Then, a dialog box is displayed, prompting you that your computer will be shut down or you are ready to be shut down. Generally, the computer restarts after it is disabled, rather than directly powering off the power.
If a process calls the "deregister" function, all processes in the security environment of the process are terminated, causing the current user to exit the system. A Login Dialog Box is displayed, and new users are expected to log on.
The "Lock workstation" function allows you to protect the computer screen from being viewed by unauthorized users when you leave the computer. To unlock the lock, you must log on again with the account and password of the administrator or authorized user.
How to shut down the system:
The program can shut down the local computer or remote computer in two ways.
Directly shut down the system
Shut down the system and restart it.
Windows NT/2000 and later versions: The program must have the se_shutdown_name permission to successfully call and close the function.
The exitwindowsex function can be used to shut down the system. If the function is successfully called, the system sends a wm_queryendsession message to each window and asks whether the program to which the window belongs can be terminated. The program that receives the message should respond, clear the environment to release resources, and return true to indicate that it can be terminated. However, if exw_force is specified when exitdomainwex is called, The system forcibly terminates the related process and closes it, which may cause data loss.
This is a program that calls exitdomainwex in NT/2000 to close the system (force close all programs ).
In Windows 95/98/Me, You can directly call exitdomainwex.
Bytes -----------------------------------------------------------------------------------------------------------
Handle htoken;
Token_privileges tkp;
// Get a token for this process.
If (! Openprocesstoken (getcurrentprocess (),
Token_adjust_privileges | token_query, & htoken ))
Error ("openprocesstoken ");
// Get the luid for the shutdown privilege.
Lookupprivilegevalue (null, se_shutdown_name,
& Tkp. Privileges [0]. luid );
Tkp. privilegecount = 1; // One privilege to set
Tkp. Privileges [0]. Attributes = se_privilege_enabled;
// Get the shutdown privilege for this process.
Adjusttokenprivileges (htoken, false, & tkp, 0,
(Ptoken_privileges) null, 0 );
// Cannot test the return value of adjusttokenprivileges.
If (getlasterror ()! = Error_success)
Error ("adjusttokenprivileges ");
// Shut down the system and force all applications to close.
If (! Exitwindowsex (ewx_shutdown | ewx_force, 0 ))
Error ("exitwindowsex ");
Bytes -----------------------------------------------------------------------------------------------------------
Windows NT/2000 and later versions:
The initiatesystemshutdown function can specify a latency. When calculating the latency, a dialog box is displayed on the disabled target computer, prompting you to log out as soon as possible. Once the Count ends, the system is immediately shut down. Previously, you can call the abortsystemshutdown function to stop counting and cancel the corresponding shutdown operation. Initiatesystemshutdown can also be used to restart the system.
Initiatesystemshutdown has a parameter lptstr lpmachinename, which can be specified as the name of the computer on the network, that is, you can disable the computer on the Network (If your user has sufficient permissions on the computer ).
The following example calls the initiatesystemshutdown function to disable the local computer that the user has logged on to (to disable the remote computer, change the first parameter of initsystemshutdown from null to the correct computer name or ). Similarly, you must first obtain the se_shutdown_name permission.
Bytes ---------------------------------------------------------------------------------------------------------
Handle htoken; // handle to process token
Token_privileges tkp; // pointer to token Structure
Bool fresult; // system shutdown flag
// Get the current process token handle so we can get Shutdown
// Privilege.
If (! Openprocesstoken (getcurrentprocess (),
Token_adjust_privileges | token_query, & htoken ))
Errorhandler ("openprocesstoken failed .");
// Get the luid for shutdown privilege.
Lookupprivilegevalue (null, se_shutdown_name,
& Tkp. Privileges [0]. luid );
Tkp. privilegecount = 1; // One privilege to set
Tkp. Privileges [0]. Attributes = se_privilege_enabled;
// Get shutdown privilege for this process.
Adjusttokenprivileges (htoken, false, & tkp, 0,
(Ptoken_privileges) null, 0 );
// Cannot test the return value of adjusttokenprivileges.
If (getlasterror ()! = Error_success)
Errorhandler ("adjusttokenprivileges enable failed .");
// Display the shutdown dialog box and start the time-out countdown.
Fresult = initiatesystemshutdown (null, // Shut Down Local Computer
"Click on the main window and press/
The Escape key to cancel shutdown. ", // message to user
20, // time-out period
False, // ask user to close apps
True); // reboot after Shutdown
If (! Fresult)
{
Errorhandler ("initiatesystemshutdown failed .");
}
// Disable shutdown privilege.
Tkp. Privileges [0]. Attributes = 0;
Adjusttokenprivileges (htoken, false, & tkp, 0,
(Ptoken_privileges) null, 0 );
If (getlasterror ()! = Error_success)
{
Errorhandler ("adjusttokenprivileges disable failed .");
}
Bytes ---------------------------------------------------------------------------------------------
The code for canceling the initialsystemshutdown operation using abortsystemshutoown is as follows (remember that the code can only take effect before the delay ends
// Get the current process token handle so we can get Shutdown
// Privilege.
If (! Openprocesstoken (getcurrentprocess (),
Token_adjust_privileges | token_query, & htoken ))
{
Errorhandler ("openprocesstoken failed .");
}
// Get the luid for shutdown privilege.
Lookupprivilegevalue (null, se_shutdown_name,
& Tkp. Privileges [0]. luid );
Tkp. privilegecount = 1; // One privilege to set
Tkp. Privileges [0]. Attributes = se_privilege_enabled;
// Get shutdown privilege for this process.
Adjusttokenprivileges (htoken, false, & tkp, 0,
(Ptoken_privileges) null, 0 );
// Cannot test the return value of adjusttokenprivileges.
If (getlasterror ()! = Error_success)
{
Errorhandler ("adjusttokenprivileges enable failed .");
}
// Prevent the system from shutting down.
Fresult = abortsystemshutdown (null );
If (! Fresult)
{
Errorhandler ("abortsystemshutdown failed .");
}
// Disable shutdown privilege.
Tkp. Privileges [0]. Attributes = 0;
Adjusttokenprivileges (htoken, false, & tkp, 0,
(Ptoken_privileges) null, 0 );
If (getlasterror ()! = Error_success)
{
Errorhandler ("adjusttokenprivileges disable failed .");
}
Break;
For more information about privileges, see msdn
How to log out of the current user
You can use the exitwindows or exitwindowsex function to log out of the current user.
By default, when the program calls exitwindows or exitwindowsex to log out, the wm_queryendsession message is also sent to each window in the system. The program to which the window belongs responds to this message and returns true, indicating that the message can be closed. If any program returns false, the logout operation will be canceled.
Windows NT/2000 and later versions:
When a program responds to wm_queryendsession and returns true, it immediately receives the wm_endsession message and ends immediately, regardless of how other programs respond to the wm_queryendsession message.
Windows 95/98/me: only when all programs in the system respond to true to the wm_queryendsession message will they receive the wm_endsession message together and end.
To forcibly close all programs, use the exitwindowsex function and specify the exw_force flag. In this case, the system directly terminates the running program without sending the wm_queryendsession message.
When you log out, the system also sends the ctrl_logoff_event control code to each process. The console program can register a handlerroutine routine to process this control code (using the setconsolectrlhandler function ). (For more information about the console control code, see "handlerroutine" in msdn)
To sum up, the logout operation can be successful only when all programs are allowed to exit. If a program responds to wm_queryendsession and returns false, the user cannot be logged out. In this way, you can write programs that prevent users from logging out or shutting down (unforced ).
// This is the code for canceling the current user
Exitwindows (0, 0 );
// Respond to the wm_queryendsession message. If no is selected in the pop-up message box, cancel the cancellation.
Case wm_queryendsession:
{
Int R;
R = MessageBox (null, "shut down? "," Wm_queryendsession ", mb_yesno );
// Return true to Allow shutdown, false to stop.
Return r = idyes;
Break;
}
How to lock a workstation
Use the lockworkstation function to lock the workstation. The system displays a Lock dialog box that tells the user that the workstation is in use and has been locked. The user or administrator can be locked to unlock it, the unlock method is to press ctrl_alt_del and log in with the correct account and password.
When the lockworkstation function is successfully called, the following conditions are met:
The caller must be a general process running on the system interaction desktop.
A user must have logged on to the system.
The workstation is not locked.
Programs with normal windows and message queues receive closed notifications through wm_queryendsession or wm_endsession messages.
In the console, the notification is closed in the handle routines process. To register a console control process, use the setconsolectrlhandler function.
The Service Program receives the exit notification in its control flow. To register a service control process, use the registerservicectrlhandlerex function.
Disable system function list
Function Name Function Description
Abortsystemshutdown cancels the system shutdown operation caused by initsystemshutdown
Exitwindows logs out the current user
Exitwindowsex: log out of the user, shut down the computer, shut down the computer, and restart
Initiatesystemshutdown. You can choose to shut down and restart the system.
Initiatesystemshutdownex is the same as initiatesystemshutdown.
Write a user-specified dubyte code in Event Log (event no. 6006)
Lockworkstation
System close message
Wm_endsession
Wparam
Indicates whether to terminate the program. If it is true, the command stops the program; otherwise, the command is false.
Lparam
Indicates whether the user logs out or the system is disabled. If this parameter contains the endsession_logoff (lparam here is a bit of value), it indicates that the user logs out.
Windows 2000 and later versions: If lparam = 0, the system is disabled.
The program receives the message. If wparam is true, the program may be closed at any time after message processing is completed. Therefore, in the process of message processing, we should try our best to complete the work required before the program is destroyed.
Wm_queryendsession
Wparam
Reserved, unused
Lparam
Same as wm_endsession;
Defwindowproc returns true by default.
From: http://blog.csdn.net/chief1985/archive/2008/03/07/2157029.aspx