Windows Registry Programming

Windows Registry

1 Functions of the Registry

Registry is very important in Windows, it is a large database, which holds a large number of system information, such as the storage of software hardware configuration information, computer system settings, performance records.

If the registry is compromised, it can have an impact on the entire system, or even a system crash.

2 Structure of the Registry

The registry is a tree-like hierarchy: A primary key----a subkey--and a subkey----the subkey-->......--> the key value. Each of these keys has a key value, and the key value consists of 3 parts: The value name, the value type, and the value itself. A bit like the rhythm of int x =0 ha. Each key has a default value, so the default value is that the value has no name. Of course, you can add other values for this key, if they are worth having names.

3 primary key of the registry

<1>hkey_users

<2>hkey_current_user

<3>hkey_current_config

<4>hkey_classes_root

<5>hkey_local_machine

<6>hkey_dyn_data

This key preserves the dynamic data of the system at runtime, because each time the display is changed, the information under this root key is not placed in the registry.

4 Permissions to access the registry

Sometimes the following error occurs when the program executes, such as the following code:

LONG X1 =regcreatekey (Hkey_local_machine,text ("Software\\vc++mfc\\adminss"), &hkey);

After running X1 = 5, the corresponding error message is "Access Denied". Of course, this program does not create a key in the registry after the reason is that the previous said that there is no permission, specifically, the user currently logged on does not have access to the registry.

Workaround:

Registry--Edit Permissions--Add (groups and user names)--Enter object names to select--Check Names--ok

You will then be presented with the account name you added in the list of groups and users. Click it to view the permissions that it has on the Operation registry.

5 common functions for accessing the registry

We can do the same as access to the file, key value creation, key value open, key value read, key value write operation. The usual functions are as follows:

<1>regcreatekey

LONG WINAPI RegCreateKey (_in_               HKEY       HKEY, _in_opt_       lpctstr          lpsubkey, _out_            phkey    phkresult) ;

Return value: The error ID that represents the registry access failure, only the return value of Error_succrss (0) indicates a successful access, and the others represent a variety of errors.

HKey: A handle to the currently open table entry, or one of the predefined reserved handles, Hkey_classes_root,hkey_users,hkey_current_user,hkey_current_config,hkey_local_ Machine.

Lpsubkey: A string that ends with an empty ' \ ' to indicate the name of the key to be created or opened

Phkresult: Returns a value that points to the handle of the key to be created or opened. Closed with the RegCloseKey function when no longer in use.

Example:

RegCreateKey (Hkey_local_machine,text ("Software\\vc++mfc\\adminss"), &hkey);

Results:

Run the program we can see the newly created key in the registry

<2>regopenkey

LONG WINAPI RegOpenKey (  _in_            HKEY     HKEY,  _in_opt_        lpctstr  lpsubkey,  _out_           Phkey    Phkresult);

Hkey,lpsubkey with the same name parameter in RegCreateKey, Phkresult represents the handle of the currently open key value

<3>regsetvalue

LONG WINAPI regsetvalue (  _in_      HKEY     HKEY,  _in_opt_      lpctstr  lpsubkey,  _in_      DWORD    dwtype,  _in_      lpctstr  lpdata,  _in_      DWORD    cbdata);

Hkey,lpsubkey with the above function. The value of another key has three attributes, a value name, a value type, and the value itself. The key set by this function is the default (no Name), dwtype represents a value type, lpdata represents the set value, and cbdata represents the length of the current set value.

Note: When Lpsubkey = null, the value set at this time is the value of the key represented by the handle hkey.

<4>regsetvalueex

When you want to set the name of the key to know, you need to use this function

LONG WINAPI RegSetValueEx (  _in_            HKEY      HKEY,  _in_opt_        lpctstr  lpvaluename,  _reserved_    DWORD    Reserved,  _in_            DWORD    dwtype,  _in_            const BYTE *lpdata,  _in_            DWORD    cbdata);

Lpvaluename: Indicates the name of the key

Reserved: Reserved value, must be set to 0

Dwtype: Value type. Can be for Reg_sz,reg_dword, etc.

Lpdata: A value that points to a buffer that represents a value

The Cbdata:lpdata parameter points to the size of the data, in bytes

Examples are as follows:

Regsetvaluea (Hkey,null,reg_sz,text ("Fun for Test"), strlen (TEXT ("Fun for Test")); Regsetvaluea (Hkey,text ("Test"), Reg_sz,text ("Fun for Fun"), strlen (TEXT ("Fun for Fun")); Regsetvalueexa (Hkey,text ("Test1"), 0,REG_SZ, (const byte*) TEXT ("Funforname"), strlen (TEXT ("Fun forname")); HKEY keytest;//long x= RegOpenKey (Hkey_local_machine,text ("Test"), &keytest); RegOpenKey (Hkey_local_machine,text ("Software\\vc++mfc\\adminss\\test"), &keytest); RegSetValueEx (Keytest,text ("Test2"), 0,REG_SZ, (const byte*) TEXT ("Test ' sname value"), Strlen (TEXT ("Test ' sname value" )));

Results:

It also shows that when the key value is set, the key value is created if no key value exists.

<5>regqueryvalue

LONG WINAPI regqueryvalue (  _in_            HKEY     HKEY,  _in_opt_        lpctstr  lpsubkey,  _out_opt_       LPTSTR   lpvalue,  _inout_opt_     plong    lpcbvalue);

HKey: The specified key handle, or 5 large primary key handle reserved

Lpsubkey: The name of the subkey, when NULL indicates that the query hkey represents the default value of the key

Lpvalue: Return value

Lpcbvalue: Specifies the size of the buffer represented by the Lpvalue. Only the size of the stored value

<6> RegQueryValueEx

You can use this to query the value of a key value with a name.

LONG WINAPI RegQueryValueEx (  _in_            HKEY     HKEY,  _in_opt_        lpctstr  Lpvaluename,  _ Reserved_      lpdword  lpreserved,  _out_opt_       lpdword lptype  ,  _out_opt_       lpbyte   lpdata,  _inout_opt_     lpdword  lpcbdata);

Lpvalue: The name of the value

lpreserved: Reserved value, must be null

Lptype: Return value, representing the type of the value

Lpdata: Return value, representing the value's own content

Lpcbdata: The university that determines the contents of the value itself, cannot be set to NULL

6 Complete function Code:

void Cmfcfileview::onregwrite () {//TODO: Add Command handler code here HKEY HKEY;         LPSTR buf;         LONG X1 =regcreatekey (Hkey_local_machine,text ("Software\\vc++mfc\\adminss"), &hkey); FormatMessage (format_message_allocate_buffer| Format_message_from_system,null, X1, Makelangid (lang_chinese,sublang_chinese_simplified), (LPTSTR) &bu         F,0,null);                 LocalFree (BUF);         Regsetvaluea (Hkey,null,reg_sz,text ("Fun for Test"), strlen (TEXT ("Fun for Test"));         Regsetvaluea (Hkey,text ("Test"), Reg_sz,text ("Fun for Fun"), strlen (TEXT ("Fun for Fun"));          Regsetvalueexa (Hkey,text ("Test1"), 0,REG_SZ, (const byte*) TEXT ("funfor name"), strlen (TEXT ("Fun forname"));         HKEY keytest;         LONG x =regopenkey (Hkey_local_machine,text ("Test"), &keytest);         RegOpenKey (Hkey_local_machine,text ("Software\\vc++mfc\\adminss\\test"), &keytest); RegSetValueEx (Keytest,text ("Test2"), 0,REG_SZ, (const byte*) TEXT("Test ' sname value"), Strlen (TEXT ("Test ' sname value"));         RegCloseKey (HKey);  RegCloseKey (keytest);}         void Cmfcfileview::onregread () {//TODO: Add Command handler code here//get thedefault value of the key LONG sz;         RegQueryValue (Hkey_local_machine,text ("Software\\vc++mfc\\adminss\\test"), Null,&sz);         tchar* PV = Newtchar[sz];         RegQueryValue (Hkey_local_machine,text ("Software\\vc++mfc\\adminss\\test"), Pv,&sz);         DELETEPV;          PV = NULL;         Get thename value of the key DWORD Sb,dwtype;         TCHAR V[20];         HKEY HKEY;         RegOpenKey (Hkey_local_machine,text ("Software\\vc++mfc\\adminss\\test"), &hkey); RegQueryValueEx (Hkey,text ("Test2"), Null,&dwtype, (LPBYTE) V,&SB);//ok RegQueryValueEx (Hkey,text ("Test2")         ), NULL,&DWTYPE,NULL,&SB);         tchar* PS = newtchar[sb] (); RegQueryValueEx (Hkey,text ("Test2"), Null,&dwtype, (LPBYTE) PS,&SB);//cann ' t pass NULL to theLast parameter deleteps;         PS = NULL; RegCloseKey (HKey);}