Windows Registry
1 Functions of the Registry
Registry is very important in Windows, it is a large database, which holds a large number of system information, such as the storage of software hardware configuration information, computer system settings, performance records.
If the registry is compromised, it can have an impact on the entire system, or even a system crash.
2 Structure of the Registry
The registry is a tree-like hierarchy: A primary key----a subkey--and a subkey----the subkey-->......--> the key value. Each of these keys has a key value, and the key value consists of 3 parts: The value name, the value type, and the value itself. A bit like the rhythm of int x =0 ha. Each key has a default value, so the default value is that the value has no name. Of course, you can add other values for this key, if they are worth having names.
3 primary key of the registry
<1>hkey_users
<2>hkey_current_user
<3>hkey_current_config
<4>hkey_classes_root
<5>hkey_local_machine
<6>hkey_dyn_data
This key preserves the dynamic data of the system at runtime, because each time the display is changed, the information under this root key is not placed in the registry.
4 Permissions to access the registry
Sometimes the following error occurs when the program executes, such as the following code:
LONG X1 =regcreatekey (Hkey_local_machine,text ("Software\\vc++mfc\\adminss"), &hkey);
After running X1 = 5, the corresponding error message is "Access Denied". Of course, this program does not create a key in the registry after the reason is that the previous said that there is no permission, specifically, the user currently logged on does not have access to the registry.
Workaround:
Registry--Edit Permissions--Add (groups and user names)--Enter object names to select--Check Names--ok
You will then be presented with the account name you added in the list of groups and users. Click it to view the permissions that it has on the Operation registry.
5 common functions for accessing the registry
We can do the same as access to the file, key value creation, key value open, key value read, key value write operation. The usual functions are as follows:
<1>regcreatekey
LONG WINAPI RegCreateKey (_in_ HKEY HKEY, _in_opt_ lpctstr lpsubkey, _out_ phkey phkresult) ;
Return value: The error ID that represents the registry access failure, only the return value of Error_succrss (0) indicates a successful access, and the others represent a variety of errors.
HKey: A handle to the currently open table entry, or one of the predefined reserved handles, Hkey_classes_root,hkey_users,hkey_current_user,hkey_current_config,hkey_local_ Machine.
Lpsubkey: A string that ends with an empty ' \ ' to indicate the name of the key to be created or opened
Phkresult: Returns a value that points to the handle of the key to be created or opened. Closed with the RegCloseKey function when no longer in use.
Example:
RegCreateKey (Hkey_local_machine,text ("Software\\vc++mfc\\adminss"), &hkey);
Results:
Run the program we can see the newly created key in the registry
<2>regopenkey
LONG WINAPI RegOpenKey ( _in_ HKEY HKEY, _in_opt_ lpctstr lpsubkey, _out_ Phkey Phkresult);
Hkey,lpsubkey with the same name parameter in RegCreateKey, Phkresult represents the handle of the currently open key value
<3>regsetvalue
LONG WINAPI regsetvalue ( _in_ HKEY HKEY, _in_opt_ lpctstr lpsubkey, _in_ DWORD dwtype, _in_ lpctstr lpdata, _in_ DWORD cbdata);
Hkey,lpsubkey with the above function. The value of another key has three attributes, a value name, a value type, and the value itself. The key set by this function is the default (no Name), dwtype represents a value type, lpdata represents the set value, and cbdata represents the length of the current set value.
Note: When Lpsubkey = null, the value set at this time is the value of the key represented by the handle hkey.
<4>regsetvalueex
When you want to set the name of the key to know, you need to use this function
LONG WINAPI RegSetValueEx ( _in_ HKEY HKEY, _in_opt_ lpctstr lpvaluename, _reserved_ DWORD Reserved, _in_ DWORD dwtype, _in_ const BYTE *lpdata, _in_ DWORD cbdata);
Lpvaluename: Indicates the name of the key
Reserved: Reserved value, must be set to 0
Dwtype: Value type. Can be for Reg_sz,reg_dword, etc.
Lpdata: A value that points to a buffer that represents a value
The Cbdata:lpdata parameter points to the size of the data, in bytes
Examples are as follows:
Regsetvaluea (Hkey,null,reg_sz,text ("Fun for Test"), strlen (TEXT ("Fun for Test")); Regsetvaluea (Hkey,text ("Test"), Reg_sz,text ("Fun for Fun"), strlen (TEXT ("Fun for Fun")); Regsetvalueexa (Hkey,text ("Test1"), 0,REG_SZ, (const byte*) TEXT ("Funforname"), strlen (TEXT ("Fun forname")); HKEY keytest;//long x= RegOpenKey (Hkey_local_machine,text ("Test"), &keytest); RegOpenKey (Hkey_local_machine,text ("Software\\vc++mfc\\adminss\\test"), &keytest); RegSetValueEx (Keytest,text ("Test2"), 0,REG_SZ, (const byte*) TEXT ("Test ' sname value"), Strlen (TEXT ("Test ' sname value" )));
Results:
It also shows that when the key value is set, the key value is created if no key value exists.
<5>regqueryvalue
LONG WINAPI regqueryvalue ( _in_ HKEY HKEY, _in_opt_ lpctstr lpsubkey, _out_opt_ LPTSTR lpvalue, _inout_opt_ plong lpcbvalue);
HKey: The specified key handle, or 5 large primary key handle reserved
Lpsubkey: The name of the subkey, when NULL indicates that the query hkey represents the default value of the key
Lpvalue: Return value
Lpcbvalue: Specifies the size of the buffer represented by the Lpvalue. Only the size of the stored value
<6> RegQueryValueEx
You can use this to query the value of a key value with a name.
LONG WINAPI RegQueryValueEx ( _in_ HKEY HKEY, _in_opt_ lpctstr Lpvaluename, _ Reserved_ lpdword lpreserved, _out_opt_ lpdword lptype , _out_opt_ lpbyte lpdata, _inout_opt_ lpdword lpcbdata);
Lpvalue: The name of the value
lpreserved: Reserved value, must be null
Lptype: Return value, representing the type of the value
Lpdata: Return value, representing the value's own content
Lpcbdata: The university that determines the contents of the value itself, cannot be set to NULL
6 Complete function Code:
void Cmfcfileview::onregwrite () {//TODO: Add Command handler code here HKEY HKEY; LPSTR buf; LONG X1 =regcreatekey (Hkey_local_machine,text ("Software\\vc++mfc\\adminss"), &hkey); FormatMessage (format_message_allocate_buffer| Format_message_from_system,null, X1, Makelangid (lang_chinese,sublang_chinese_simplified), (LPTSTR) &bu F,0,null); LocalFree (BUF); Regsetvaluea (Hkey,null,reg_sz,text ("Fun for Test"), strlen (TEXT ("Fun for Test")); Regsetvaluea (Hkey,text ("Test"), Reg_sz,text ("Fun for Fun"), strlen (TEXT ("Fun for Fun")); Regsetvalueexa (Hkey,text ("Test1"), 0,REG_SZ, (const byte*) TEXT ("funfor name"), strlen (TEXT ("Fun forname")); HKEY keytest; LONG x =regopenkey (Hkey_local_machine,text ("Test"), &keytest); RegOpenKey (Hkey_local_machine,text ("Software\\vc++mfc\\adminss\\test"), &keytest); RegSetValueEx (Keytest,text ("Test2"), 0,REG_SZ, (const byte*) TEXT("Test ' sname value"), Strlen (TEXT ("Test ' sname value")); RegCloseKey (HKey); RegCloseKey (keytest);} void Cmfcfileview::onregread () {//TODO: Add Command handler code here//get thedefault value of the key LONG sz; RegQueryValue (Hkey_local_machine,text ("Software\\vc++mfc\\adminss\\test"), Null,&sz); tchar* PV = Newtchar[sz]; RegQueryValue (Hkey_local_machine,text ("Software\\vc++mfc\\adminss\\test"), Pv,&sz); DELETEPV; PV = NULL; Get thename value of the key DWORD Sb,dwtype; TCHAR V[20]; HKEY HKEY; RegOpenKey (Hkey_local_machine,text ("Software\\vc++mfc\\adminss\\test"), &hkey); RegQueryValueEx (Hkey,text ("Test2"), Null,&dwtype, (LPBYTE) V,&SB);//ok RegQueryValueEx (Hkey,text ("Test2") ), NULL,&DWTYPE,NULL,&SB); tchar* PS = newtchar[sb] (); RegQueryValueEx (Hkey,text ("Test2"), Null,&dwtype, (LPBYTE) PS,&SB);//cann ' t pass NULL to theLast parameter deleteps; PS = NULL; RegCloseKey (HKey);}