ReactOS 0.4.16-dev-1223-gddcd5f7
Classes | Macros | Typedefs | Functions | Variables
eventvwr.c File Reference
#include "eventvwr.h"
#include "evtdetctl.h"
#include <sddl.h>
#include <shellapi.h>
#include <shlwapi.h>
#include <pseh/pseh2.h>
Include dependency graph for eventvwr.c:

Go to the source code of this file.

Classes

struct  _SETTINGS
 
struct  param_strings_format_data
 

Macros

#define LVM_PROGRESS   (WM_APP + 1)
 
#define EVENT_MESSAGE_EVENTTEXT_BUFFER   (1024*10)
 
#define EVENT_MESSAGE_FILE_BUFFER   (1024*10)
 
#define EVENT_DLL_SEPARATOR   L";"
 
#define EVENT_CATEGORY_MESSAGE_FILE   L"CategoryMessageFile"
 
#define EVENT_MESSAGE_FILE   L"EventMessageFile"
 
#define EVENT_PARAMETER_MESSAGE_FILE   L"ParameterMessageFile"
 
#define MAX_LOADSTRING   255
 
#define SPLIT_WIDTH   4
 

Typedefs

typedef struct _SETTINGS SETTINGS
 
typedef struct _SETTINGSPSETTINGS
 

Functions

static DWORD WINAPI StartStopEnumEventsThread (IN LPVOID lpParameter)
 
VOID OpenUserEventLogFile (IN LPCWSTR lpszFileName)
 
VOID BuildLogListAndFilterList (IN LPCWSTR lpComputerName)
 
VOID FreeLogList (VOID)
 
VOID FreeLogFilterList (VOID)
 
ATOM MyRegisterClass (HINSTANCE)
 
BOOL InitInstance (HINSTANCE)
 
LRESULT CALLBACK WndProc (HWND, UINT, WPARAM, LPARAM)
 
INT_PTR EventLogProperties (HINSTANCE, HWND, PEVENTLOGFILTER)
 
INT_PTR CALLBACK EventDetails (HWND, UINT, WPARAM, LPARAM)
 
VOID ShowWin32Error (IN DWORD dwError)
 
VOID DisplayUsage (VOID)
 
BOOL ProcessCmdLine (IN LPWSTR lpCmdLine)
 
BOOL LoadSettings (int nDefCmdShow)
 
BOOL SaveSettings (VOID)
 
int APIENTRY wWinMain (HINSTANCE hInstance, HINSTANCE hPrevInstance, LPWSTR lpCmdLine, int nCmdShow)
 
VOID EventTimeToSystemTime (IN DWORD EventTime, OUT PSYSTEMTIME pSystemTime)
 
LPWSTR GetMessageStringFromDll (IN LPCWSTR lpMessageDll, IN DWORD dwFlags, IN DWORD dwMessageId, IN DWORD nSize, IN va_list *Arguments OPTIONAL)
 
LPWSTR GetMessageStringFromDllList (IN LPCWSTR lpMessageDllList, IN DWORD dwFlags, IN DWORD dwMessageId, IN DWORD nSize, IN va_list *Arguments OPTIONAL)
 
DWORD ApplyParameterStringsToMessage (IN LPCWSTR lpMessageDllList, IN BOOL bMessagePreFormatted, IN CONST LPCWSTR pMessage, OUT LPWSTR *pFinalMessage)
 
UINT FormatInteger (LONGLONG Num, LPWSTR pwszResult, UINT cchResultMax)
 
UINT FormatByteSize (LONGLONG cbSize, LPWSTR pwszResult, UINT cchResultMax)
 
LPWSTR FormatFileSizeWithBytes (const PULARGE_INTEGER lpQwSize, LPWSTR pwszResult, UINT cchResultMax)
 
BOOL GetFileTimeString (LPFILETIME lpFileTime, LPWSTR pwszResult, UINT cchResult)
 
HTREEITEM TreeViewAddItem (IN HWND hTreeView, IN HTREEITEM hParent, IN LPWSTR lpText, IN INT Image, IN INT SelectedImage, IN LPARAM lParam)
 
PEVENTLOG AllocEventLog (IN PCWSTR ComputerName OPTIONAL, IN PCWSTR LogName, IN BOOL Permanent)
 
VOID EventLog_Free (IN PEVENTLOG EventLog)
 
PWSTR AllocAndCopyMultiStr (IN PCWSTR MultiStr OPTIONAL)
 
PEVENTLOGFILTER AllocEventLogFilter (IN BOOL Information, IN BOOL Warning, IN BOOL Error, IN BOOL AuditSuccess, IN BOOL AuditFailure, IN PCWSTR Sources OPTIONAL, IN PCWSTR Users OPTIONAL, IN PCWSTR ComputerNames OPTIONAL, IN ULONG NumOfEventLogs, IN PEVENTLOG *EventLogs)
 
VOID EventLogFilter_Free (IN PEVENTLOGFILTER EventLogFilter)
 
LONG EventLogFilter_AddRef (IN PEVENTLOGFILTER EventLogFilter)
 
LONG EventLogFilter_Release (IN PEVENTLOGFILTER EventLogFilter)
 
void TrimNulls (LPWSTR s)
 
SIZE_T GetExpandedFilePathName (_In_opt_ PCWSTR ComputerName, _In_ PCWSTR FileName, _Out_writes_z_(nSize) PWSTR pFullFileName, _In_ SIZE_T nSize)
 
BOOL GetEventMessageFileDLL (_In_ PCWSTR LogName, _In_ PCWSTR SourceName, _In_ PCWSTR EntryName, _Out_writes_z_(cchName) PWSTR pModuleName, _In_ SIZE_T cchName)
 
BOOL GetEventCategory (_In_ PCWSTR KeyName, _In_ PCWSTR SourceName, _In_ PEVENTLOGRECORD pevlr, _Out_writes_z_(cchName) PWSTR CategoryName, _In_ SIZE_T cchName)
 
BOOL GetEventMessage (_In_ PCWSTR KeyName, _In_ PCWSTR SourceName, _In_ PEVENTLOGRECORD pevlr, _Out_writes_z_(cchText) PWSTR EventText, _In_ SIZE_T cchText)
 
VOID GetEventType (_In_ WORD dwEventType, _Out_writes_z_(cchText) PWSTR pszEventType, _In_ SIZE_T cchText)
 
BOOL GetEventUserName (_In_ PEVENTLOGRECORD pelr, _Inout_ PSID *pLastSid, _Out_writes_z_(cchUser) PWSTR pszUser, _In_ SIZE_T cchUser)
 
static VOID FreeRecords (VOID)
 
BOOL FilterByType (IN PEVENTLOGFILTER EventLogFilter, IN PEVENTLOGRECORD pevlr)
 
BOOL FilterByString (IN PCWSTR FilterString, IN PWSTR String)
 
static DWORD WINAPI EnumEventsThread (IN LPVOID lpParameter)
 
VOID EnumEvents (IN PEVENTLOGFILTER EventLogFilter)
 
PEVENTLOGFILTER GetSelectedFilter (OUT HTREEITEM *phti OPTIONAL)
 
VOID OpenUserEventLog (VOID)
 
VOID SaveEventLog (IN PEVENTLOGFILTER EventLogFilter)
 
VOID CloseUserEventLog (IN PEVENTLOGFILTER EventLogFilter, IN HTREEITEM hti)
 
BOOL ClearEvents (IN PEVENTLOGFILTER EventLogFilter)
 
VOID Refresh (IN PEVENTLOGFILTER EventLogFilter)
 
BOOL GetDisplayNameFileAndID (_In_ PCWSTR LogName, _Out_writes_z_(cchName) PWSTR pModuleName, _In_ SIZE_T cchName, _Out_ PDWORD pdwMessageID)
 
VOID ResizeWnd (INT cx, INT cy)
 
static VOID InitPropertiesDlg (HWND hDlg, PEVENTLOG EventLog)
 
static VOID SavePropertiesDlg (HWND hDlg, PEVENTLOG EventLog)
 
INT_PTR CALLBACK EventLogPropProc (HWND hDlg, UINT uMsg, WPARAM wParam, LPARAM lParam)
 

Variables

static const LPCWSTR EVENTVWR_WNDCLASS = L"EVENTVWR"
 
static const LPCWSTR EVENTLOG_BASE_KEY = L"SYSTEM\\CurrentControlSet\\Services\\EventLog\\"
 
static const LPCWSTR EVNTVWR_PARAM_KEY = L"SOFTWARE\\Microsoft\\Windows NT\\CurrentVersion\\Event Viewer"
 
static const LPCWSTR SystemLogs []
 
HINSTANCE hInst
 
WCHAR szTitle [MAX_LOADSTRING]
 
WCHAR szTitleTemplate [MAX_LOADSTRING]
 
WCHAR szStatusBarTemplate [MAX_LOADSTRING]
 
WCHAR szLoadingWait [MAX_LOADSTRING]
 
WCHAR szEmptyList [MAX_LOADSTRING]
 
WCHAR szSaveFilter [MAX_LOADSTRING]
 
INT nVSplitPos
 
INT nHSplitPos
 
BYTE bSplit = 0
 
HWND hwndMainWindow = NULL
 
HWND hwndTreeView
 
HWND hwndListView
 
HWND hwndEventDetails
 
HWND hwndStatus
 
HWND hwndStatusProgress
 
HMENU hMainMenu
 
HTREEITEM htiSystemLogs = NULL
 
HTREEITEM htiAppLogs = NULL
 
HTREEITEM htiUserLogs = NULL
 
LPWSTR lpComputerName = NULL
 
LPWSTR lpszzUserLogsToLoad = NULL
 
SIZE_T cbUserLogsSize = 0
 
HKEY hkMachine = NULL
 
DWORD g_TotalRecords = 0
 
PEVENTLOGRECORDg_RecordPtrs = NULL
 
LIST_ENTRY EventLogList
 
LIST_ENTRY EventLogFilterList
 
PEVENTLOGFILTER ActiveFilter = NULL
 
HANDLE hEnumEventsThread = NULL
 
HANDLE hStopEnumEvent = NULL
 
PEVENTLOGFILTER EnumFilter = NULL
 
HANDLE hStartStopEnumEvent = NULL
 
HANDLE hStartEnumEvent = NULL
 
OPENFILENAMEW sfn
 
SETTINGS Settings
 
static HWND hWndDetailsCtrl = NULL
 
static HWND hWndGrip = NULL
 
static INT cxMin
 
static INT cyMin
 
static INT cxOld
 
static INT cyOld
 

Macro Definition Documentation

◆ EVENT_CATEGORY_MESSAGE_FILE

#define EVENT_CATEGORY_MESSAGE_FILE   L"CategoryMessageFile"

Definition at line 39 of file eventvwr.c.

◆ EVENT_DLL_SEPARATOR

#define EVENT_DLL_SEPARATOR   L";"

Definition at line 38 of file eventvwr.c.

◆ EVENT_MESSAGE_EVENTTEXT_BUFFER

#define EVENT_MESSAGE_EVENTTEXT_BUFFER   (1024*10)

Definition at line 36 of file eventvwr.c.

◆ EVENT_MESSAGE_FILE

#define EVENT_MESSAGE_FILE   L"EventMessageFile"

Definition at line 40 of file eventvwr.c.

◆ EVENT_MESSAGE_FILE_BUFFER

#define EVENT_MESSAGE_FILE_BUFFER   (1024*10)

Definition at line 37 of file eventvwr.c.

◆ EVENT_PARAMETER_MESSAGE_FILE

#define EVENT_PARAMETER_MESSAGE_FILE   L"ParameterMessageFile"

Definition at line 41 of file eventvwr.c.

◆ LVM_PROGRESS

#define LVM_PROGRESS   (WM_APP + 1)

Definition at line 21 of file eventvwr.c.

◆ MAX_LOADSTRING

#define MAX_LOADSTRING   255

Definition at line 43 of file eventvwr.c.

◆ SPLIT_WIDTH

#define SPLIT_WIDTH   4

Definition at line 45 of file eventvwr.c.

Typedef Documentation

◆ PSETTINGS

typedef struct _SETTINGS * PSETTINGS

◆ SETTINGS

typedef struct _SETTINGS SETTINGS

Function Documentation

◆ AllocAndCopyMultiStr()

PWSTR AllocAndCopyMultiStr ( IN PCWSTR MultiStr  OPTIONAL)

Definition at line 1338 of file eventvwr.c.

1339{
1340 PWSTR pStr;
1341 ULONG Length;
1342
1343 if (!MultiStr)
1344 return NULL;
1345
1346 pStr = (PWSTR)MultiStr;
1347 while (*pStr) pStr += (wcslen(pStr) + 1);
1348 Length = MultiStr - pStr + 2;
1349
1350 pStr = HeapAlloc(GetProcessHeap(), 0, Length * sizeof(WCHAR));
1351 // NOTE: If we failed allocating the string, then fall back into no filter!
1352 if (pStr)
1353 CopyMemory(pStr, MultiStr, Length * sizeof(WCHAR));
1354
1355 return pStr;
1356}
NULL
#define NULL
Definition: types.h:112
GetProcessHeap
#define GetProcessHeap()
Definition: compat.h:736
HeapAlloc
#define HeapAlloc
Definition: compat.h:733
wcslen
_CRTIMP size_t __cdecl wcslen(_In_z_ const wchar_t *_Str)
Length
_In_ ULONG _In_ ULONG _In_ ULONG Length
Definition: ntddpcm.h:102
PWSTR
uint16_t * PWSTR
Definition: typedefs.h:56
ULONG
uint32_t ULONG
Definition: typedefs.h:59
CopyMemory
#define CopyMemory
Definition: winbase.h:1751
WCHAR
__wchar_t WCHAR
Definition: xmlstorage.h:180

Referenced by AllocEventLogFilter().

◆ AllocEventLog()

PEVENTLOG AllocEventLog ( IN PCWSTR ComputerName  OPTIONAL,
IN PCWSTR  LogName,
IN BOOL  Permanent 
)

Definition at line 1283 of file eventvwr.c.

1286{
1287 PEVENTLOG EventLog;
1288 SIZE_T cchName;
1289
1290 /* Allocate a new event log entry */
1291 EventLog = HeapAlloc(GetProcessHeap(), HEAP_ZERO_MEMORY, sizeof(*EventLog));
1292 if (!EventLog)
1293 return NULL;
1294
1295 /* Allocate the computer name string (optional) and copy it */
1296 if (ComputerName)
1297 {
1298 cchName = wcslen(ComputerName) + 1;
1299 EventLog->ComputerName = HeapAlloc(GetProcessHeap(), 0, cchName * sizeof(WCHAR));
1300 if (EventLog->ComputerName)
1301 StringCchCopyW(EventLog->ComputerName, cchName, ComputerName);
1302 }
1303
1304 /* Allocate the event log name string and copy it */
1305 cchName = wcslen(LogName) + 1;
1306 EventLog->LogName = HeapAlloc(GetProcessHeap(), 0, cchName * sizeof(WCHAR));
1307 if (!EventLog->LogName)
1308 {
1309 if (EventLog->ComputerName)
1310 HeapFree(GetProcessHeap(), 0, EventLog->ComputerName);
1311 HeapFree(GetProcessHeap(), 0, EventLog);
1312 return NULL;
1313 }
1314 StringCchCopyW(EventLog->LogName, cchName, LogName);
1315
1316 EventLog->Permanent = Permanent;
1317
1318 return EventLog;
1319}
HeapFree
#define HeapFree(x, y, z)
Definition: compat.h:735
HEAP_ZERO_MEMORY
#define HEAP_ZERO_MEMORY
Definition: compat.h:134
StringCchCopyW
STRSAFEAPI StringCchCopyW(STRSAFE_LPWSTR pszDest, size_t cchDest, STRSAFE_LPCWSTR pszSrc)
Definition: strsafe.h:149
_EVENTLOG
Definition: eventvwr.h:85
_EVENTLOG::LogName
PWSTR LogName
Definition: eventvwr.h:93
_EVENTLOG::ComputerName
PWSTR ComputerName
Definition: eventvwr.h:90
_EVENTLOG::Permanent
BOOL Permanent
Definition: eventvwr.h:97
SIZE_T
ULONG_PTR SIZE_T
Definition: typedefs.h:80
cchName
_In_ PSID _Out_writes_to_opt_ cchName LPSTR _Inout_ LPDWORD cchName
Definition: winbase.h:2808

Referenced by BuildLogListAndFilterList(), and OpenUserEventLogFile().

◆ AllocEventLogFilter()

PEVENTLOGFILTER AllocEventLogFilter ( IN BOOL  Information,
IN BOOL  Warning,
IN BOOL  Error,
IN BOOL  AuditSuccess,
IN BOOL  AuditFailure,
IN PCWSTR Sources  OPTIONAL,
IN PCWSTR Users  OPTIONAL,
IN PCWSTR ComputerNames  OPTIONAL,
IN ULONG  NumOfEventLogs,
IN PEVENTLOG EventLogs 
)

Definition at line 1359 of file eventvwr.c.

1370{
1371 PEVENTLOGFILTER EventLogFilter;
1372
1373 /* Allocate a new event log filter entry, big enough to accommodate the list of logs */
1374 EventLogFilter = HeapAlloc(GetProcessHeap(),
1375 HEAP_ZERO_MEMORY,
1376 FIELD_OFFSET(EVENTLOGFILTER, EventLogs[NumOfEventLogs]));
1377 if (!EventLogFilter)
1378 return NULL;
1379
1380 EventLogFilter->Information = Information;
1381 EventLogFilter->Warning = Warning;
1382 EventLogFilter->Error = Error;
1383 EventLogFilter->AuditSuccess = AuditSuccess;
1384 EventLogFilter->AuditFailure = AuditFailure;
1385
1386 /* Allocate and copy the sources, users, and computers multi-strings */
1387 EventLogFilter->Sources = AllocAndCopyMultiStr(Sources);
1388 EventLogFilter->Users = AllocAndCopyMultiStr(Users);
1389 EventLogFilter->ComputerNames = AllocAndCopyMultiStr(ComputerNames);
1390
1391 /* Copy the list of event logs */
1392 EventLogFilter->NumOfEventLogs = NumOfEventLogs;
1393 CopyMemory(EventLogFilter->EventLogs, EventLogs, NumOfEventLogs * sizeof(PEVENTLOG));
1394
1395 /* Initialize the filter reference count */
1396 EventLogFilter->ReferenceCount = 1;
1397
1398 return EventLogFilter;
1399}
Error
BOOL Error
Definition: chkdsk.c:66
AllocAndCopyMultiStr
PWSTR AllocAndCopyMultiStr(IN PCWSTR MultiStr OPTIONAL)
Definition: eventvwr.c:1338
_EVENTLOGFILTER
Definition: eventvwr.h:106
_EVENTLOGFILTER::EventLogs
PEVENTLOG EventLogs[ANYSIZE_ARRAY]
Definition: eventvwr.h:138
_EVENTLOGFILTER::NumOfEventLogs
ULONG NumOfEventLogs
Definition: eventvwr.h:137
_EVENTLOGFILTER::Warning
BOOL Warning
Definition: eventvwr.h:118
_EVENTLOGFILTER::AuditSuccess
BOOL AuditSuccess
Definition: eventvwr.h:120
_EVENTLOGFILTER::Users
PWSTR Users
Definition: eventvwr.h:133
_EVENTLOGFILTER::Information
BOOL Information
Definition: eventvwr.h:117
_EVENTLOGFILTER::Error
BOOL Error
Definition: eventvwr.h:119
_EVENTLOGFILTER::ComputerNames
PWSTR ComputerNames
Definition: eventvwr.h:134
_EVENTLOGFILTER::Sources
PWSTR Sources
Definition: eventvwr.h:132
_EVENTLOGFILTER::AuditFailure
BOOL AuditFailure
Definition: eventvwr.h:121
_EVENTLOGFILTER::ReferenceCount
LONG ReferenceCount
Definition: eventvwr.h:109
FIELD_OFFSET
#define FIELD_OFFSET(t, f)
Definition: typedefs.h:255
Information
_In_ WDFREQUEST _In_ NTSTATUS _In_ ULONG_PTR Information
Definition: wdfrequest.h:1049

Referenced by BuildLogListAndFilterList(), and OpenUserEventLogFile().

◆ ApplyParameterStringsToMessage()

DWORD ApplyParameterStringsToMessage ( IN LPCWSTR  lpMessageDllList,
IN BOOL  bMessagePreFormatted,
IN CONST LPCWSTR  pMessage,
OUT LPWSTR pFinalMessage 
)

Definition at line 903 of file eventvwr.c.

908{
909 /*
910 * This code is heavily adapted from the MSDN example:
911 * https://learn.microsoft.com/en-us/windows/win32/eventlog/querying-for-event-source-messages
912 * with bugs removed.
913 */
914
915 DWORD Status = ERROR_SUCCESS;
916 DWORD dwParamCount = 0; // Number of insertion strings found in pMessage
917 size_t cchBuffer = 0; // Size of the buffer in characters
918 size_t cchParams = 0; // Number of characters in all the parameter strings
919 size_t cch = 0;
920 DWORD i = 0;
921 param_strings_format_data* pParamData = NULL; // Array of pointers holding information about each parameter string in pMessage
922 LPWSTR pTempMessage = (LPWSTR)pMessage;
923 LPWSTR pTempFinalMessage = NULL;
924
925 *pFinalMessage = NULL;
926
927 /* Determine the number of parameter insertion strings in pMessage */
928 if (bMessagePreFormatted)
929 {
930 while ((pTempMessage = wcschr(pTempMessage, L'%')))
931 {
932 pTempMessage++;
933 if (iswdigit(*pTempMessage))
934 {
935 dwParamCount++;
936 while (iswdigit(*++pTempMessage)) ;
937 }
938 }
939 }
940 else
941 {
942 while ((pTempMessage = wcsstr(pTempMessage, L"%%")))
943 {
944 pTempMessage += 2;
945 if (iswdigit(*pTempMessage))
946 {
947 dwParamCount++;
948 while (iswdigit(*++pTempMessage)) ;
949 }
950 }
951 }
952
953 /* If there are no parameter insertion strings in pMessage, just return */
954 if (dwParamCount == 0)
955 {
956 // *pFinalMessage = NULL;
957 goto Cleanup;
958 }
959
960 /* Allocate the array of parameter string format data */
961 pParamData = HeapAlloc(GetProcessHeap(), HEAP_ZERO_MEMORY, dwParamCount * sizeof(param_strings_format_data));
962 if (!pParamData)
963 {
964 Status = ERROR_OUTOFMEMORY;
965 goto Cleanup;
966 }
967
968 /*
969 * Retrieve each parameter in pMessage and the beginning and end of the
970 * insertion string, as well as the message identifier of the parameter.
971 */
972 pTempMessage = (LPWSTR)pMessage;
973 if (bMessagePreFormatted)
974 {
975 while ((pTempMessage = wcschr(pTempMessage, L'%')) && (i < dwParamCount))
976 {
977 pTempMessage++;
978 if (iswdigit(*pTempMessage))
979 {
980 pParamData[i].pStartingAddress = pTempMessage-1;
981 pParamData[i].pParameterID = (DWORD)_wtol(pTempMessage);
982
983 while (iswdigit(*++pTempMessage)) ;
984
985 pParamData[i].pEndingAddress = pTempMessage;
986 i++;
987 }
988 }
989 }
990 else
991 {
992 while ((pTempMessage = wcsstr(pTempMessage, L"%%")) && (i < dwParamCount))
993 {
994 pTempMessage += 2;
995 if (iswdigit(*pTempMessage))
996 {
997 pParamData[i].pStartingAddress = pTempMessage-2;
998 pParamData[i].pParameterID = (DWORD)_wtol(pTempMessage);
999
1000 while (iswdigit(*++pTempMessage)) ;
1001
1002 pParamData[i].pEndingAddress = pTempMessage;
1003 i++;
1004 }
1005 }
1006 }
1007
1008 /* Retrieve each parameter string */
1009 for (i = 0; i < dwParamCount; i++)
1010 {
1011 // pParamData[i].pParameter = GetMessageString(pParamData[i].pParameterID, 0, NULL);
1012 pParamData[i].pParameter =
1013 GetMessageStringFromDllList(lpMessageDllList,
1014 FORMAT_MESSAGE_ALLOCATE_BUFFER | FORMAT_MESSAGE_FROM_HMODULE |
1015 FORMAT_MESSAGE_IGNORE_INSERTS | FORMAT_MESSAGE_MAX_WIDTH_MASK,
1016 pParamData[i].pParameterID,
1017 0, NULL);
1018 if (!pParamData[i].pParameter)
1019 {
1020 /* Skip the insertion string */
1021 continue;
1022 }
1023
1024 cchParams += wcslen(pParamData[i].pParameter);
1025 }
1026
1027 /*
1028 * Allocate the final message buffer, the size of which is based on the
1029 * length of the original message and the length of each parameter string.
1030 */
1031 cchBuffer = wcslen(pMessage) + cchParams + 1;
1032 *pFinalMessage = HeapAlloc(GetProcessHeap(), HEAP_ZERO_MEMORY, cchBuffer * sizeof(WCHAR));
1033 if (!*pFinalMessage)
1034 {
1035 Status = ERROR_OUTOFMEMORY;
1036 goto Cleanup;
1037 }
1038
1039 pTempFinalMessage = *pFinalMessage;
1040
1041 /* Build the final message string */
1042 pTempMessage = (LPWSTR)pMessage;
1043 for (i = 0; i < dwParamCount; i++)
1044 {
1045 /* Append the segment from pMessage */
1046 cch = pParamData[i].pStartingAddress - pTempMessage;
1047 StringCchCopyNW(pTempFinalMessage, cchBuffer, pTempMessage, cch);
1048 pTempMessage = pParamData[i].pEndingAddress;
1049 cchBuffer -= cch;
1050 pTempFinalMessage += cch;
1051
1052 /* Append the parameter string */
1053 if (pParamData[i].pParameter)
1054 {
1055 StringCchCopyW(pTempFinalMessage, cchBuffer, pParamData[i].pParameter);
1056 cch = wcslen(pParamData[i].pParameter); // pTempFinalMessage
1057 }
1058 else
1059 {
1060 /*
1061 * We failed to retrieve the parameter string before, so just
1062 * place back the original string placeholder.
1063 */
1064 cch = pParamData[i].pEndingAddress /* == pTempMessage */ - pParamData[i].pStartingAddress;
1065 StringCchCopyNW(pTempFinalMessage, cchBuffer, pParamData[i].pStartingAddress, cch);
1066 // cch = wcslen(pTempFinalMessage);
1067 }
1068 cchBuffer -= cch;
1069 pTempFinalMessage += cch;
1070 }
1071
1072 /* Append the last segment from pMessage */
1073 StringCchCopyW(pTempFinalMessage, cchBuffer, pTempMessage);
1074
1075Cleanup:
1076
1077 // if (Status != ERROR_SUCCESS)
1078 // *pFinalMessage = NULL;
1079
1080 if (pParamData)
1081 {
1082 for (i = 0; i < dwParamCount; i++)
1083 {
1084 if (pParamData[i].pParameter)
1085 LocalFree(pParamData[i].pParameter);
1086 }
1087
1088 HeapFree(GetProcessHeap(), 0, pParamData);
1089 }
1090
1091 return Status;
1092}
ERROR_OUTOFMEMORY
#define ERROR_OUTOFMEMORY
Definition: deptool.c:13
ERROR_SUCCESS
#define ERROR_SUCCESS
Definition: deptool.c:10
wcschr
#define wcschr
Definition: compat.h:17
cchBuffer
static DWORD cchBuffer
Definition: fusion.c:85
Cleanup
static const WCHAR Cleanup[]
Definition: register.c:80
GetMessageStringFromDllList
LPWSTR GetMessageStringFromDllList(IN LPCWSTR lpMessageDllList, IN DWORD dwFlags, IN DWORD dwMessageId, IN DWORD nSize, IN va_list *Arguments OPTIONAL)
Definition: eventvwr.c:842
DWORD
unsigned long DWORD
Definition: ntddk_ex.h:95
Status
Status
Definition: gdiplustypes.h:25
i
GLsizei GLenum const GLvoid GLsizei GLenum GLbyte GLbyte GLbyte GLdouble GLdouble GLdouble GLfloat GLfloat GLfloat GLint GLint GLint GLshort GLshort GLshort GLubyte GLubyte GLubyte GLuint GLuint GLuint GLushort GLushort GLushort GLbyte GLbyte GLbyte GLbyte GLdouble GLdouble GLdouble GLdouble GLfloat GLfloat GLfloat GLfloat GLint GLint GLint GLint GLshort GLshort GLshort GLshort GLubyte GLubyte GLubyte GLubyte GLuint GLuint GLuint GLuint GLushort GLushort GLushort GLushort GLboolean const GLdouble const GLfloat const GLint const GLshort const GLbyte const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLdouble const GLfloat const GLfloat const GLint const GLint const GLshort const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort GLenum GLenum GLenum GLfloat GLenum GLint GLenum GLenum GLenum GLfloat GLenum GLenum GLint GLenum GLfloat GLenum GLint GLint GLushort GLenum GLenum GLfloat GLenum GLenum GLint GLfloat const GLubyte GLenum GLenum GLenum const GLfloat GLenum GLenum const GLint GLenum GLint GLint GLsizei GLsizei GLint GLenum GLenum const GLvoid GLenum GLenum const GLfloat GLenum GLenum const GLint GLenum GLenum const GLdouble GLenum GLenum const GLfloat GLenum GLenum const GLint GLsizei GLuint GLfloat GLuint GLbitfield GLfloat GLint GLuint GLboolean GLenum GLfloat GLenum GLbitfield GLenum GLfloat GLfloat GLint GLint const GLfloat GLenum GLfloat GLfloat GLint GLint GLfloat GLfloat GLint GLint const GLfloat GLint GLfloat GLfloat GLint GLfloat GLfloat GLint GLfloat GLfloat const GLdouble const GLfloat const GLdouble const GLfloat GLint i
Definition: glfuncs.h:248
LocalFree
HLOCAL NTAPI LocalFree(HLOCAL hMem)
Definition: heapmem.c:1594
iswdigit
#define iswdigit(_c)
Definition: ctype.h:667
_wtol
_Check_return_ _CRTIMP long __cdecl _wtol(_In_z_ const wchar_t *_Str)
wcsstr
_CONST_RETURN wchar_t *__cdecl wcsstr(_In_z_ const wchar_t *_Str, _In_z_ const wchar_t *_SubStr)
cch
static DWORD DWORD void LPSTR DWORD cch
Definition: str.c:202
DWORD
#define DWORD
Definition: nt_native.h:44
L
#define L(x)
Definition: ntvdm.h:50
StringCchCopyNW
STRSAFEAPI StringCchCopyNW(STRSAFE_LPWSTR pszDest, size_t cchDest, STRSAFE_LPCWSTR pszSrc, size_t cchToCopy)
Definition: strsafe.h:236
param_strings_format_data
Definition: eventvwr.c:895
param_strings_format_data::pParameterID
DWORD pParameterID
Definition: eventvwr.c:898
param_strings_format_data::pParameter
LPWSTR pParameter
Definition: eventvwr.c:899
param_strings_format_data::pStartingAddress
LPWSTR pStartingAddress
Definition: eventvwr.c:896
param_strings_format_data::pEndingAddress
LPWSTR pEndingAddress
Definition: eventvwr.c:897
FORMAT_MESSAGE_MAX_WIDTH_MASK
#define FORMAT_MESSAGE_MAX_WIDTH_MASK
Definition: winbase.h:458
FORMAT_MESSAGE_IGNORE_INSERTS
#define FORMAT_MESSAGE_IGNORE_INSERTS
Definition: winbase.h:453
FORMAT_MESSAGE_ALLOCATE_BUFFER
#define FORMAT_MESSAGE_ALLOCATE_BUFFER
Definition: winbase.h:452
FORMAT_MESSAGE_FROM_HMODULE
#define FORMAT_MESSAGE_FROM_HMODULE
Definition: winbase.h:455
LPWSTR
WCHAR * LPWSTR
Definition: xmlstorage.h:184

Referenced by GetEventMessage().

◆ BuildLogListAndFilterList()

VOID BuildLogListAndFilterList ( IN LPCWSTR  lpComputerName)

Definition at line 2857 of file eventvwr.c.

2858{
2859 LONG Result;
2860 HKEY hEventLogKey, hLogKey;
2861 DWORD dwNumLogs = 0;
2862 DWORD dwIndex, dwMaxKeyLength;
2863 DWORD dwType;
2864 PEVENTLOG EventLog;
2865 PEVENTLOGFILTER EventLogFilter;
2866 LPWSTR LogName = NULL;
2867 WCHAR szModuleName[MAX_PATH];
2868 DWORD lpcName;
2869 DWORD dwMessageID;
2870 LPWSTR lpDisplayName;
2871 HTREEITEM hRootNode = NULL, hItem = NULL, hItemDefault = NULL;
2872
2873 if (hkMachine && hkMachine != HKEY_LOCAL_MACHINE)
2874 {
2875 /* We are connected to some other computer, close the old connection */
2876 RegCloseKey(hkMachine);
2877 hkMachine = NULL;
2878 }
2879 if (!lpComputerName || !*lpComputerName)
2880 {
2881 /* Use the local computer registry */
2882 hkMachine = HKEY_LOCAL_MACHINE;
2883 }
2884 else
2885 {
2886 /* Connect to the remote computer registry */
2887 Result = RegConnectRegistry(lpComputerName, HKEY_LOCAL_MACHINE, &hkMachine);
2888 if (Result != ERROR_SUCCESS)
2889 {
2890 /* Connection failed, display a message and bail out */
2891 hkMachine = NULL;
2892 ShowWin32Error(GetLastError());
2893 return;
2894 }
2895 }
2896
2897 /* Open the EventLog key */
2898 Result = RegOpenKeyExW(hkMachine, EVENTLOG_BASE_KEY, 0, KEY_READ, &hEventLogKey);
2899 if (Result != ERROR_SUCCESS)
2900 {
2901 return;
2902 }
2903
2904 /* Retrieve the number of event logs enumerated as registry keys */
2905 Result = RegQueryInfoKeyW(hEventLogKey, NULL, NULL, NULL, &dwNumLogs, &dwMaxKeyLength,
2906 NULL, NULL, NULL, NULL, NULL, NULL);
2907 if (Result != ERROR_SUCCESS)
2908 {
2909 goto Quit;
2910 }
2911 if (!dwNumLogs)
2912 goto Quit;
2913
2914 /* Take the NULL terminator into account */
2915 ++dwMaxKeyLength;
2916
2917 /* Allocate the temporary buffer */
2918 LogName = HeapAlloc(GetProcessHeap(), 0, dwMaxKeyLength * sizeof(WCHAR));
2919 if (!LogName)
2920 goto Quit;
2921
2922 /* Enumerate and retrieve each event log name */
2923 for (dwIndex = 0; dwIndex < dwNumLogs; dwIndex++)
2924 {
2925 lpcName = dwMaxKeyLength;
2926 Result = RegEnumKeyExW(hEventLogKey, dwIndex, LogName, &lpcName, NULL, NULL, NULL, NULL);
2927 if (Result != ERROR_SUCCESS)
2928 continue;
2929
2930 /* Take the NULL terminator into account */
2931 ++lpcName;
2932
2933 /* Allocate a new event log entry */
2934 EventLog = AllocEventLog(lpComputerName, LogName, TRUE);
2935 if (EventLog == NULL)
2936 continue;
2937
2938 /* Allocate a new event log filter entry for this event log */
2939 EventLogFilter = AllocEventLogFilter(// LogName,
2940 TRUE, TRUE, TRUE, TRUE, TRUE,
2941 NULL, NULL, NULL,
2942 1, &EventLog);
2943 if (EventLogFilter == NULL)
2944 {
2945 EventLog_Free(EventLog);
2946 continue;
2947 }
2948
2949 /* Add the event log and the filter into their lists */
2950 InsertTailList(&EventLogList, &EventLog->ListEntry);
2951 InsertTailList(&EventLogFilterList, &EventLogFilter->ListEntry);
2952
2953 EventLog->FileName = NULL;
2954
2955 /* Retrieve and cache the event log file */
2956 Result = RegOpenKeyExW(hEventLogKey,
2957 LogName,
2958 0,
2959 KEY_QUERY_VALUE,
2960 &hLogKey);
2961 if (Result == ERROR_SUCCESS)
2962 {
2963 lpcName = 0;
2964 Result = RegQueryValueExW(hLogKey,
2965 L"File",
2966 NULL,
2967 &dwType,
2968 NULL,
2969 &lpcName);
2970 if ((Result != ERROR_SUCCESS) || (dwType != REG_EXPAND_SZ && dwType != REG_SZ))
2971 {
2972 // Windows' EventLog uses some kind of default value, we do not.
2973 EventLog->FileName = NULL;
2974 }
2975 else
2976 {
2977 lpcName = ROUND_DOWN(lpcName, sizeof(WCHAR));
2978 EventLog->FileName = HeapAlloc(GetProcessHeap(), 0, lpcName);
2979 if (EventLog->FileName)
2980 {
2981 Result = RegQueryValueExW(hLogKey,
2982 L"File",
2983 NULL,
2984 &dwType,
2985 (LPBYTE)EventLog->FileName,
2986 &lpcName);
2987 if (Result != ERROR_SUCCESS)
2988 {
2989 HeapFree(GetProcessHeap(), 0, EventLog->FileName);
2990 EventLog->FileName = NULL;
2991 }
2992 else
2993 {
2994 EventLog->FileName[lpcName / sizeof(WCHAR) - 1] = UNICODE_NULL;
2995 }
2996 }
2997 }
2998
2999 RegCloseKey(hLogKey);
3000 }
3001
3002 /* Get the display name for the event log */
3003 lpDisplayName = NULL;
3004
3005 *szModuleName = UNICODE_NULL;
3006 if (GetDisplayNameFileAndID(LogName, szModuleName, _countof(szModuleName), &dwMessageID))
3007 {
3008 /* Retrieve the message string without appending extra newlines */
3009 lpDisplayName =
3010 GetMessageStringFromDll(szModuleName,
3011 FORMAT_MESSAGE_ALLOCATE_BUFFER | FORMAT_MESSAGE_FROM_HMODULE |
3012 FORMAT_MESSAGE_IGNORE_INSERTS | FORMAT_MESSAGE_MAX_WIDTH_MASK,
3013 dwMessageID,
3014 0,
3015 NULL);
3016 }
3017
3018 /*
3019 * Select the correct tree root node, whether the log is a System
3020 * or an Application log. Default to Application log otherwise.
3021 */
3022 hRootNode = htiAppLogs;
3023 for (lpcName = 0; lpcName < ARRAYSIZE(SystemLogs); ++lpcName)
3024 {
3025 /* Check whether the log name is part of the system logs */
3026 if (_wcsicmp(LogName, SystemLogs[lpcName]) == 0)
3027 {
3028 hRootNode = htiSystemLogs;
3029 break;
3030 }
3031 }
3032
3033 hItem = TreeViewAddItem(hwndTreeView, hRootNode,
3034 (lpDisplayName ? lpDisplayName : LogName),
3035 2, 3, (LPARAM)EventLogFilter);
3036
3037 /* Try to get the default event log: "Application" */
3038 if ((hItemDefault == NULL) && (_wcsicmp(LogName, SystemLogs[0]) == 0))
3039 {
3040 hItemDefault = hItem;
3041 }
3042
3043 /* Free the buffer allocated by FormatMessage */
3044 if (lpDisplayName)
3045 LocalFree(lpDisplayName);
3046 }
3047
3048 HeapFree(GetProcessHeap(), 0, LogName);
3049
3050Quit:
3051 RegCloseKey(hEventLogKey);
3052
3053 /* Select the default event log */
3054 if (hItemDefault)
3055 {
3056 // TreeView_Expand(hwndTreeView, hRootNode, TVE_EXPAND);
3057 TreeView_SelectItem(hwndTreeView, hItemDefault);
3058 TreeView_EnsureVisible(hwndTreeView, hItemDefault);
3059 }
3060 InvalidateRect(hwndTreeView, NULL, FALSE);
3061 SetFocus(hwndTreeView);
3062
3063 return;
3064}
RegCloseKey
#define RegCloseKey(hKey)
Definition: registry.h:49
TRUE
#define TRUE
Definition: types.h:120
FALSE
#define FALSE
Definition: types.h:117
ARRAYSIZE
#define ARRAYSIZE(array)
Definition: filtermapper.c:47
RegOpenKeyExW
LONG WINAPI RegOpenKeyExW(HKEY hKey, LPCWSTR lpSubKey, DWORD ulOptions, REGSAM samDesired, PHKEY phkResult)
Definition: reg.c:3333
RegEnumKeyExW
LONG WINAPI RegEnumKeyExW(_In_ HKEY hKey, _In_ DWORD dwIndex, _Out_ LPWSTR lpName, _Inout_ LPDWORD lpcbName, _Reserved_ LPDWORD lpReserved, _Out_opt_ LPWSTR lpClass, _Inout_opt_ LPDWORD lpcbClass, _Out_opt_ PFILETIME lpftLastWriteTime)
Definition: reg.c:2504
RegQueryInfoKeyW
LONG WINAPI RegQueryInfoKeyW(HKEY hKey, LPWSTR lpClass, LPDWORD lpcClass, LPDWORD lpReserved, LPDWORD lpcSubKeys, LPDWORD lpcMaxSubKeyLen, LPDWORD lpcMaxClassLen, LPDWORD lpcValues, LPDWORD lpcMaxValueNameLen, LPDWORD lpcMaxValueLen, LPDWORD lpcbSecurityDescriptor, PFILETIME lpftLastWriteTime)
Definition: reg.c:3662
RegQueryValueExW
LONG WINAPI RegQueryValueExW(_In_ HKEY hkeyorg, _In_ LPCWSTR name, _In_ LPDWORD reserved, _In_ LPDWORD type, _In_ LPBYTE data, _In_ LPDWORD count)
Definition: reg.c:4103
MAX_PATH
#define MAX_PATH
Definition: compat.h:34
InsertTailList
#define InsertTailList(ListHead, Entry)
Definition: env_spec_w32.h:1003
SystemLogs
static const LPCWSTR SystemLogs[]
Definition: eventvwr.c:28
ShowWin32Error
VOID ShowWin32Error(IN DWORD dwError)
Definition: eventvwr.c:140
EventLog_Free
VOID EventLog_Free(IN PEVENTLOG EventLog)
Definition: eventvwr.c:1322
AllocEventLog
PEVENTLOG AllocEventLog(IN PCWSTR ComputerName OPTIONAL, IN PCWSTR LogName, IN BOOL Permanent)
Definition: eventvwr.c:1283
htiAppLogs
HTREEITEM htiAppLogs
Definition: eventvwr.c:72
lpComputerName
LPWSTR lpComputerName
Definition: eventvwr.c:74
GetMessageStringFromDll
LPWSTR GetMessageStringFromDll(IN LPCWSTR lpMessageDll, IN DWORD dwFlags, IN DWORD dwMessageId, IN DWORD nSize, IN va_list *Arguments OPTIONAL)
Definition: eventvwr.c:738
EventLogFilterList
LIST_ENTRY EventLogFilterList
Definition: eventvwr.c:86
hkMachine
HKEY hkMachine
Definition: eventvwr.c:78
EVENTLOG_BASE_KEY
static const LPCWSTR EVENTLOG_BASE_KEY
Definition: eventvwr.c:24
hwndTreeView
HWND hwndTreeView
Definition: eventvwr.c:65
EventLogList
LIST_ENTRY EventLogList
Definition: eventvwr.c:85
TreeViewAddItem
HTREEITEM TreeViewAddItem(IN HWND hTreeView, IN HTREEITEM hParent, IN LPWSTR lpText, IN INT Image, IN INT SelectedImage, IN LPARAM lParam)
Definition: eventvwr.c:1253
GetDisplayNameFileAndID
BOOL GetDisplayNameFileAndID(_In_ PCWSTR LogName, _Out_writes_z_(cchName) PWSTR pModuleName, _In_ SIZE_T cchName, _Out_ PDWORD pdwMessageID)
Definition: eventvwr.c:2771
AllocEventLogFilter
PEVENTLOGFILTER AllocEventLogFilter(IN BOOL Information, IN BOOL Warning, IN BOOL Error, IN BOOL AuditSuccess, IN BOOL AuditFailure, IN PCWSTR Sources OPTIONAL, IN PCWSTR Users OPTIONAL, IN PCWSTR ComputerNames OPTIONAL, IN ULONG NumOfEventLogs, IN PEVENTLOG *EventLogs)
Definition: eventvwr.c:1359
htiSystemLogs
HTREEITEM htiSystemLogs
Definition: eventvwr.c:72
ROUND_DOWN
#define ROUND_DOWN(n, align)
Definition: eventvwr.h:33
REG_SZ
#define REG_SZ
Definition: layer.c:22
szModuleName
LPCWSTR LPCWSTR szModuleName
Definition: env.c:37
KEY_READ
#define KEY_READ
Definition: nt_native.h:1023
KEY_QUERY_VALUE
#define KEY_QUERY_VALUE
Definition: nt_native.h:1016
REG_EXPAND_SZ
#define REG_EXPAND_SZ
Definition: nt_native.h:1494
UNICODE_NULL
#define UNICODE_NULL
LONG
long LONG
Definition: pedump.c:60
TreeView_SelectItem
#define TreeView_SelectItem(hwnd, hitem)
Definition: commctrl.h:3486
TreeView_EnsureVisible
#define TreeView_EnsureVisible(hwnd, hitem)
Definition: commctrl.h:3550
_wcsicmp
_Check_return_ _CRTIMP int __cdecl _wcsicmp(_In_z_ const wchar_t *_Str1, _In_z_ const wchar_t *_Str2)
_countof
#define _countof(array)
Definition: sndvol32.h:70
_EVENTLOGFILTER::ListEntry
LIST_ENTRY ListEntry
Definition: eventvwr.h:107
_EVENTLOG::FileName
PWSTR FileName
Definition: eventvwr.h:94
_EVENTLOG::ListEntry
LIST_ENTRY ListEntry
Definition: eventvwr.h:86
_TREEITEM
Definition: treeview.c:137
hItem
HTREEITEM hItem
Definition: treelist.h:37
LPBYTE
unsigned char * LPBYTE
Definition: typedefs.h:53
lpDisplayName
_In_ LPCSTR _Out_writes_to_opt_ cchDisplayName LPSTR lpDisplayName
Definition: winbase.h:2831
GetLastError
DWORD WINAPI GetLastError(void)
Definition: except.c:1042
LPARAM
LONG_PTR LPARAM
Definition: windef.h:208
HKEY_LOCAL_MACHINE
#define HKEY_LOCAL_MACHINE
Definition: winreg.h:12
RegConnectRegistry
#define RegConnectRegistry
Definition: winreg.h:495
SetFocus
HWND WINAPI SetFocus(_In_opt_ HWND)
InvalidateRect
BOOL WINAPI InvalidateRect(_In_opt_ HWND, _In_opt_ LPCRECT, _In_ BOOL)
Result
_At_(*)(_In_ PWSK_CLIENT Client, _In_opt_ PUNICODE_STRING NodeName, _In_opt_ PUNICODE_STRING ServiceName, _In_opt_ ULONG NameSpace, _In_opt_ GUID *Provider, _In_opt_ PADDRINFOEXW Hints, _Outptr_ PADDRINFOEXW *Result, _In_opt_ PEPROCESS OwningProcess, _In_opt_ PETHREAD OwningThread, _Inout_ PIRP Irp Result)(Mem)) NTSTATUS(WSKAPI *PFN_WSK_GET_ADDRESS_INFO
Definition: wsk.h:409

Referenced by wWinMain().

◆ ClearEvents()

BOOL ClearEvents ( IN PEVENTLOGFILTER  EventLogFilter)

Definition at line 2674 of file eventvwr.c.

2675{
2676 BOOL Success;
2677 PEVENTLOG EventLog;
2678 HANDLE hEventLog;
2679 WCHAR szFileName[MAX_PATH];
2680 WCHAR szMessage[MAX_LOADSTRING];
2681
2682 /* Bail out if there is no available filter */
2683 if (!EventLogFilter)
2684 return FALSE;
2685
2686 ZeroMemory(szFileName, sizeof(szFileName));
2687 ZeroMemory(szMessage, sizeof(szMessage));
2688
2689 LoadStringW(hInst, IDS_CLEAREVENTS_MSG, szMessage, ARRAYSIZE(szMessage));
2690
2691 sfn.lpstrFile = szFileName;
2692 sfn.nMaxFile = ARRAYSIZE(szFileName);
2693
2694 switch (MessageBoxW(hwndMainWindow, szMessage, szTitle, MB_YESNOCANCEL | MB_ICONINFORMATION))
2695 {
2696 case IDCANCEL:
2697 return FALSE;
2698
2699 case IDNO:
2700 sfn.lpstrFile = NULL;
2701 break;
2702
2703 case IDYES:
2704 if (!GetSaveFileNameW(&sfn))
2705 return FALSE;
2706 break;
2707 }
2708
2709 EventLogFilter_AddRef(EventLogFilter);
2710
2711 EventLog = EventLogFilter->EventLogs[0];
2712 hEventLog = OpenEventLogW(EventLog->ComputerName, EventLog->LogName);
2713
2714 EventLogFilter_Release(EventLogFilter);
2715
2716 if (!hEventLog)
2717 {
2718 ShowWin32Error(GetLastError());
2719 return FALSE;
2720 }
2721
2722 Success = ClearEventLogW(hEventLog, sfn.lpstrFile);
2723 if (!Success)
2724 ShowWin32Error(GetLastError());
2725
2726 CloseEventLog(hEventLog);
2727 return Success;
2728}
IDS_CLEAREVENTS_MSG
#define IDS_CLEAREVENTS_MSG
Definition: resource.h:105
OpenEventLogW
HANDLE WINAPI OpenEventLogW(IN LPCWSTR lpUNCServerName, IN LPCWSTR lpSourceName)
Definition: eventlog.c:985
ClearEventLogW
BOOL WINAPI ClearEventLogW(IN HANDLE hEventLog, IN LPCWSTR lpBackupFileName)
Definition: eventlog.c:367
CloseEventLog
BOOL WINAPI CloseEventLog(IN HANDLE hEventLog)
Definition: eventlog.c:427
GetSaveFileNameW
BOOL WINAPI GetSaveFileNameW(LPOPENFILENAMEW ofn)
Definition: filedlg.c:4801
Success
@ Success
Definition: eventcreate.c:712
EventLogFilter_AddRef
LONG EventLogFilter_AddRef(IN PEVENTLOGFILTER EventLogFilter)
Definition: eventvwr.c:1416
EventLogFilter_Release
LONG EventLogFilter_Release(IN PEVENTLOGFILTER EventLogFilter)
Definition: eventvwr.c:1422
MAX_LOADSTRING
#define MAX_LOADSTRING
Definition: eventvwr.c:43
hInst
HINSTANCE hInst
Definition: eventvwr.c:48
sfn
OPENFILENAMEW sfn
Definition: eventvwr.c:101
hwndMainWindow
HWND hwndMainWindow
Definition: eventvwr.c:64
szTitle
WCHAR szTitle[MAX_LOADSTRING]
Definition: eventvwr.c:49
BOOL
unsigned int BOOL
Definition: ntddk_ex.h:94
tagOFNW::lpstrFile
LPWSTR lpstrFile
Definition: commdlg.h:367
tagOFNW::nMaxFile
DWORD nMaxFile
Definition: commdlg.h:368
ZeroMemory
#define ZeroMemory
Definition: winbase.h:1753
IDCANCEL
#define IDCANCEL
Definition: winuser.h:842
LoadStringW
int WINAPI LoadStringW(_In_opt_ HINSTANCE hInstance, _In_ UINT uID, _Out_writes_to_(cchBufferMax, return+1) LPWSTR lpBuffer, _In_ int cchBufferMax)
MessageBoxW
int WINAPI MessageBoxW(_In_opt_ HWND hWnd, _In_opt_ LPCWSTR lpText, _In_opt_ LPCWSTR lpCaption, _In_ UINT uType)
IDNO
#define IDNO
Definition: winuser.h:847
MB_ICONINFORMATION
#define MB_ICONINFORMATION
Definition: winuser.h:813
IDYES
#define IDYES
Definition: winuser.h:846
MB_YESNOCANCEL
#define MB_YESNOCANCEL
Definition: winuser.h:829

Referenced by EventLogPropProc(), and WndProc().

◆ CloseUserEventLog()

VOID CloseUserEventLog ( IN PEVENTLOGFILTER  EventLogFilter,
IN HTREEITEM  hti 
)

Definition at line 2639 of file eventvwr.c.

2640{
2641 /* Bail out if there is no available filter */
2642 if (!EventLogFilter)
2643 return;
2644
2645 if (InterlockedCompareExchangePointer((PVOID*)&ActiveFilter, NULL, NULL) == EventLogFilter)
2646 {
2647 /* Signal the enumerator thread we want to stop enumerating events */
2648 // EnumEvents(NULL);
2649 InterlockedExchangePointer((PVOID*)&EnumFilter, NULL);
2650 SetEvent(hStartEnumEvent);
2651 }
2652
2653 /*
2654 * The deletion of the item automatically triggers a TVN_SELCHANGED
2655 * notification, that will reset the ActiveFilter (in case the item
2656 * selected is a filter). Otherwise we reset it there.
2657 */
2658 TreeView_DeleteItem(hwndTreeView, hti);
2659
2660 /* Remove the filter from the list */
2661 RemoveEntryList(&EventLogFilter->ListEntry);
2662 EventLogFilter_Release(EventLogFilter);
2663
2664 // /* Select the default event log */
2665 // // TreeView_Expand(hwndTreeView, htiUserLogs, TVE_EXPAND);
2666 // TreeView_SelectItem(hwndTreeView, hItem);
2667 // TreeView_EnsureVisible(hwndTreeView, hItem);
2668 InvalidateRect(hwndTreeView, NULL, FALSE);
2669 SetFocus(hwndTreeView);
2670}
InterlockedExchangePointer
#define InterlockedExchangePointer(Target, Value)
Definition: dshow.h:45
RemoveEntryList
#define RemoveEntryList(Entry)
Definition: env_spec_w32.h:986
ActiveFilter
PEVENTLOGFILTER ActiveFilter
Definition: eventvwr.c:87
hStartEnumEvent
HANDLE hStartEnumEvent
Definition: eventvwr.c:98
EnumFilter
PEVENTLOGFILTER EnumFilter
Definition: eventvwr.c:96
InterlockedCompareExchangePointer
#define InterlockedCompareExchangePointer
Definition: interlocked.h:144
TreeView_DeleteItem
#define TreeView_DeleteItem(hwnd, hitem)
Definition: commctrl.h:3420
SetEvent
BOOL WINAPI DECLSPEC_HOTPATCH SetEvent(IN HANDLE hEvent)
Definition: synch.c:733

Referenced by WndProc().

◆ DisplayUsage()

VOID DisplayUsage ( VOID  )

Definition at line 164 of file eventvwr.c.

165{
166 LPWSTR lpBuffer;
167 LPCWSTR lpUsage;
168 INT iUsageLen = LoadStringW(hInst, IDS_USAGE, (LPWSTR)&lpUsage, 0);
169
170 if (iUsageLen == 0)
171 return;
172
173 lpBuffer = HeapAlloc(GetProcessHeap(), 0, (iUsageLen + 1) * sizeof(WCHAR));
174 if (!lpBuffer)
175 return;
176
177 StringCchCopyNW(lpBuffer, iUsageLen + 1, lpUsage, iUsageLen);
178 MessageBoxW(NULL, lpBuffer, szTitle, MB_OK | MB_ICONINFORMATION);
179
180 HeapFree(GetProcessHeap(), 0, lpBuffer);
181}
IDS_USAGE
#define IDS_USAGE
Definition: resource.h:3
lpBuffer
static TAGREF LPCWSTR LPDWORD LPVOID lpBuffer
Definition: db.cpp:175
INT
int32_t INT
Definition: typedefs.h:58
MB_OK
#define MB_OK
Definition: winuser.h:801
LPCWSTR
const WCHAR * LPCWSTR
Definition: xmlstorage.h:185

Referenced by ProcessCmdLine().

◆ EnumEvents()

VOID EnumEvents ( IN PEVENTLOGFILTER  EventLogFilter)

Definition at line 2484 of file eventvwr.c.

2485{
2486 /* Signal the enumerator thread we want to enumerate events */
2487 InterlockedExchangePointer((PVOID*)&EnumFilter, EventLogFilter);
2488 SetEvent(hStartEnumEvent);
2489 return;
2490}

Referenced by Refresh(), and WndProc().

◆ EnumEventsThread()

static DWORD WINAPI EnumEventsThread ( IN LPVOID  lpParameter)
static

HACK!!

Definition at line 2014 of file eventvwr.c.

2015{
2016 PEVENTLOGFILTER EventLogFilter = (PEVENTLOGFILTER)lpParameter;
2017 PEVENTLOG EventLog;
2018
2019 ULONG LogIndex;
2020 HANDLE hEventLog;
2021 PEVENTLOGRECORD pEvlr = NULL;
2022 PBYTE pEvlrEnd;
2023 PBYTE pEvlrBuffer;
2024 DWORD dwWanted, dwRead, dwNeeded, dwStatus = ERROR_SUCCESS;
2025 DWORD dwTotalRecords = 0, dwCurrentRecord = 0;
2026 DWORD dwFlags, dwMaxLength;
2027 size_t cchRemaining;
2028 LPWSTR lpszSourceName;
2029 LPWSTR lpszComputerName;
2030 BOOL bResult = TRUE; /* Read succeeded */
2031 HANDLE hProcessHeap = GetProcessHeap();
2032 PSID pLastSid = NULL;
2033
2034 UINT uStep = 0, uStepAt = 0, uPos = 0;
2035
2036 WCHAR szWindowTitle[MAX_PATH];
2037 WCHAR szStatusText[MAX_PATH];
2038 WCHAR szLocalDate[MAX_PATH];
2039 WCHAR szLocalTime[MAX_PATH];
2040 WCHAR szEventID[MAX_PATH];
2041 WCHAR szEventTypeText[MAX_LOADSTRING];
2042 WCHAR szCategoryID[MAX_PATH];
2043 WCHAR szUsername[MAX_PATH];
2044 WCHAR szNoUsername[MAX_PATH];
2045 WCHAR szCategory[MAX_PATH];
2046 WCHAR szNoCategory[MAX_PATH];
2047 PWCHAR lpTitleTemplateEnd;
2048
2049 SYSTEMTIME time;
2050 LVITEMW lviEventItem;
2051
2052 /* Disable the Previous/Next buttons */
2053 SendMessageW(hwndEventDetails, EVT_DISPLAY, FALSE, (LPARAM)-1);
2054
2055 /* Save the current event log filter globally */
2056 EventLogFilter_AddRef(EventLogFilter);
2057 ActiveFilter = EventLogFilter;
2058
2060 EventLog = EventLogFilter->EventLogs[0];
2061
2062 // FIXME: Use something else instead of EventLog->LogName !!
2063
2064 /*
2065 * Use a different formatting, whether the event log filter holds
2066 * only one log, or many logs (the latter case is WIP TODO!)
2067 */
2068 if (EventLogFilter->NumOfEventLogs <= 1)
2069 {
2070 StringCchPrintfExW(szWindowTitle,
2071 ARRAYSIZE(szWindowTitle),
2072 &lpTitleTemplateEnd,
2073 &cchRemaining,
2074 0,
2075 szTitleTemplate, szTitle, EventLog->LogName); /* i = number of characters written */
2076 dwMaxLength = (DWORD)cchRemaining;
2077 if (!EventLog->ComputerName)
2078 GetComputerNameW(lpTitleTemplateEnd, &dwMaxLength);
2079 else
2080 StringCchCopyW(lpTitleTemplateEnd, dwMaxLength, EventLog->ComputerName);
2081
2082 StringCbPrintfW(szStatusText,
2083 sizeof(szStatusText),
2084 szStatusBarTemplate,
2085 EventLog->LogName,
2086 0,
2087 0);
2088 }
2089 else
2090 {
2091 // TODO: Use a different title & implement filtering for multi-log filters !!
2092 // (EventLogFilter->NumOfEventLogs > 1)
2093 MessageBoxW(hwndMainWindow,
2094 L"Many-logs filtering is not implemented yet!!",
2095 szTitle,
2096 MB_OK | MB_ICONINFORMATION);
2097 }
2098
2099 /* Set the window title */
2100 SetWindowTextW(hwndMainWindow, szWindowTitle);
2101
2102 /* Update the status bar */
2103 StatusBar_SetText(hwndStatus, 0, szStatusText);
2104
2105
2106 /* Disable list view redraw */
2107 SendMessageW(hwndListView, WM_SETREDRAW, FALSE, 0);
2108
2109 /* Clear the list view and free the cached records */
2110 ListView_DeleteAllItems(hwndListView);
2111 FreeRecords();
2112
2113 SendMessageW(hwndListView, LVM_PROGRESS, 0, TRUE);
2114 ProgressBar_SetRange(hwndStatusProgress, 0);
2115 StatusBar_SetText(hwndStatus, 0, NULL);
2116 ShowWindow(hwndStatusProgress, SW_SHOW);
2117
2118 /* Do a loop over the logs enumerated in the filter */
2119 // FIXME: For now we only support 1 event log per filter!
2120 LogIndex = 0;
2121 // for (LogIndex = 0; LogIndex < EventLogFilter->NumOfEventLogs; ++LogIndex)
2122 {
2123
2124 EventLog = EventLogFilter->EventLogs[LogIndex];
2125
2126 /* Open the event log */
2127 if (EventLog->Permanent)
2128 hEventLog = OpenEventLogW(EventLog->ComputerName, EventLog->LogName);
2129 else
2130 hEventLog = OpenBackupEventLogW(EventLog->ComputerName, EventLog->LogName); // FileName
2131
2132 if (hEventLog == NULL)
2133 {
2134 ShowWin32Error(GetLastError());
2135 goto Cleanup;
2136 }
2137
2138 // GetOldestEventLogRecord(hEventLog, &dwThisRecord);
2139
2140 /* Get the total number of event log records */
2141 GetNumberOfEventLogRecords(hEventLog, &dwTotalRecords);
2142
2143 if (dwTotalRecords > 0)
2144 {
2145 EnableMenuItem(hMainMenu, IDM_CLEAR_EVENTS, MF_BYCOMMAND | MF_ENABLED);
2146 EnableMenuItem(hMainMenu, IDM_SAVE_EVENTLOG, MF_BYCOMMAND | MF_ENABLED);
2147 }
2148 else
2149 {
2150 EnableMenuItem(hMainMenu, IDM_CLEAR_EVENTS, MF_BYCOMMAND | MF_GRAYED);
2151 EnableMenuItem(hMainMenu, IDM_SAVE_EVENTLOG, MF_BYCOMMAND | MF_GRAYED);
2152 }
2153
2154 /* Set up the event records cache */
2155 g_RecordPtrs = HeapAlloc(hProcessHeap, HEAP_ZERO_MEMORY, dwTotalRecords * sizeof(*g_RecordPtrs));
2156 if (!g_RecordPtrs)
2157 {
2158 // ShowWin32Error(GetLastError());
2159 goto Quit;
2160 }
2161 g_TotalRecords = dwTotalRecords;
2162
2163 if (WaitForSingleObject(hStopEnumEvent, 0) == WAIT_OBJECT_0)
2164 goto Quit;
2165
2166 LoadStringW(hInst, IDS_NOT_AVAILABLE, szNoUsername, ARRAYSIZE(szNoUsername));
2167 LoadStringW(hInst, IDS_NONE, szNoCategory, ARRAYSIZE(szNoCategory));
2168
2169 ProgressBar_SetRange(hwndStatusProgress, MAKELPARAM(0, 100));
2170 uStepAt = (dwTotalRecords / 100) + 1;
2171
2172 dwFlags = EVENTLOG_SEQUENTIAL_READ | (Settings.bNewestEventsFirst ? EVENTLOG_FORWARDS_READ : EVENTLOG_BACKWARDS_READ);
2173
2174 /* 0x7ffff is the maximum buffer size ReadEventLog will accept */
2175 dwWanted = 0x7ffff;
2176 pEvlr = HeapAlloc(hProcessHeap, 0, dwWanted);
2177
2178 if (!pEvlr)
2179 goto Quit;
2180
2181 while (dwStatus == ERROR_SUCCESS)
2182 {
2183 bResult = ReadEventLogW(hEventLog, dwFlags, 0, pEvlr, dwWanted, &dwRead, &dwNeeded);
2184 dwStatus = GetLastError();
2185
2186 if (!bResult && dwStatus == ERROR_INSUFFICIENT_BUFFER)
2187 {
2188 pEvlr = HeapReAlloc(hProcessHeap, 0, pEvlr, dwNeeded);
2189 dwWanted = dwNeeded;
2190
2191 if (!pEvlr)
2192 break;
2193
2194 bResult = ReadEventLogW(hEventLog, dwFlags, 0, pEvlr, dwNeeded, &dwRead, &dwNeeded);
2195
2196 if (!bResult)
2197 break;
2198 }
2199 else if (!bResult)
2200 {
2201 /* Exit on other errors (ERROR_HANDLE_EOF) */
2202 break;
2203 }
2204
2205 pEvlrBuffer = (LPBYTE)pEvlr;
2206 pEvlrEnd = pEvlrBuffer + dwRead;
2207
2208 while (pEvlrBuffer < pEvlrEnd)
2209 {
2210 PEVENTLOGRECORD pEvlrTmp = (PEVENTLOGRECORD)pEvlrBuffer;
2211 PWSTR lpszUsername, lpszCategoryName;
2212 g_RecordPtrs[dwCurrentRecord] = NULL;
2213
2214 // ProgressBar_StepIt(hwndStatusProgress);
2215 uStep++;
2216 if (uStep % uStepAt == 0)
2217 {
2218 ++uPos;
2219 ProgressBar_SetPos(hwndStatusProgress, uPos);
2220 }
2221
2222 if (WaitForSingleObject(hStopEnumEvent, 0) == WAIT_OBJECT_0)
2223 goto Quit;
2224
2225 /* Filter by event type */
2226 if (!FilterByType(EventLogFilter, pEvlrTmp))
2227 goto SkipEvent;
2228
2229 /* Get the event source name and filter it */
2230 lpszSourceName = (LPWSTR)(pEvlrBuffer + sizeof(EVENTLOGRECORD));
2231 if (!FilterByString(EventLogFilter->Sources, lpszSourceName))
2232 goto SkipEvent;
2233
2234 /* Get the computer name and filter it */
2235 lpszComputerName = (LPWSTR)(pEvlrBuffer + sizeof(EVENTLOGRECORD) + (wcslen(lpszSourceName) + 1) * sizeof(WCHAR));
2236 if (!FilterByString(EventLogFilter->ComputerNames, lpszComputerName))
2237 goto SkipEvent;
2238
2239 /* Compute the event time */
2240 EventTimeToSystemTime(pEvlrTmp->TimeWritten, &time);
2241 GetDateFormatW(LOCALE_USER_DEFAULT, DATE_SHORTDATE, &time, NULL, szLocalDate, ARRAYSIZE(szLocalDate));
2242 GetTimeFormatW(LOCALE_USER_DEFAULT, 0, &time, NULL, szLocalTime, ARRAYSIZE(szLocalTime));
2243
2244 /* Get the username that generated the event, and filter it */
2245 lpszUsername = GetEventUserName(pEvlrTmp, &pLastSid,
2246 szUsername, _countof(szUsername))
2247 ? szUsername : szNoUsername;
2248
2249 if (!FilterByString(EventLogFilter->Users, lpszUsername))
2250 goto SkipEvent;
2251
2252 // TODO: Filter by event ID and category
2253 GetEventType(pEvlrTmp->EventType, szEventTypeText, _countof(szEventTypeText));
2254
2255 lpszCategoryName = GetEventCategory(EventLog->LogName, lpszSourceName, pEvlrTmp,
2256 szCategory, _countof(szCategory))
2257 ? szCategory : szNoCategory;
2258
2259 StringCbPrintfW(szEventID, sizeof(szEventID), L"%u", (pEvlrTmp->EventID & 0xFFFF));
2260 StringCbPrintfW(szCategoryID, sizeof(szCategoryID), L"%u", pEvlrTmp->EventCategory);
2261
2262 g_RecordPtrs[dwCurrentRecord] = HeapAlloc(hProcessHeap, 0, pEvlrTmp->Length);
2263 CopyMemory(g_RecordPtrs[dwCurrentRecord], pEvlrTmp, pEvlrTmp->Length);
2264
2265 lviEventItem.mask = LVIF_IMAGE | LVIF_TEXT | LVIF_PARAM;
2266 lviEventItem.iItem = 0;
2267 lviEventItem.iSubItem = 0;
2268 lviEventItem.lParam = (LPARAM)g_RecordPtrs[dwCurrentRecord];
2269 lviEventItem.pszText = szEventTypeText;
2270
2271 switch (pEvlrTmp->EventType)
2272 {
2273 case EVENTLOG_SUCCESS:
2274 case EVENTLOG_INFORMATION_TYPE:
2275 lviEventItem.iImage = 0;
2276 break;
2277
2278 case EVENTLOG_WARNING_TYPE:
2279 lviEventItem.iImage = 1;
2280 break;
2281
2282 case EVENTLOG_ERROR_TYPE:
2283 lviEventItem.iImage = 2;
2284 break;
2285
2286 case EVENTLOG_AUDIT_SUCCESS:
2287 lviEventItem.iImage = 3;
2288 break;
2289
2290 case EVENTLOG_AUDIT_FAILURE:
2291 lviEventItem.iImage = 4;
2292 break;
2293 }
2294
2295 lviEventItem.iItem = ListView_InsertItem(hwndListView, &lviEventItem);
2296
2297 ListView_SetItemText(hwndListView, lviEventItem.iItem, 1, szLocalDate);
2298 ListView_SetItemText(hwndListView, lviEventItem.iItem, 2, szLocalTime);
2299 ListView_SetItemText(hwndListView, lviEventItem.iItem, 3, lpszSourceName);
2300 ListView_SetItemText(hwndListView, lviEventItem.iItem, 4, lpszCategoryName);
2301 ListView_SetItemText(hwndListView, lviEventItem.iItem, 5, szEventID);
2302 ListView_SetItemText(hwndListView, lviEventItem.iItem, 6, lpszUsername);
2303 ListView_SetItemText(hwndListView, lviEventItem.iItem, 7, lpszComputerName);
2304
2305SkipEvent:
2306 pEvlrBuffer += pEvlrTmp->Length;
2307 dwCurrentRecord++;
2308 }
2309 }
2310
2311Quit:
2312
2313 if (pEvlr)
2314 HeapFree(hProcessHeap, 0, pEvlr);
2315
2316 /* Close the event log */
2317 CloseEventLog(hEventLog);
2318
2319 } // end-for (LogIndex)
2320
2321 /* All events loaded */
2322
2323Cleanup:
2324 ShowWindow(hwndStatusProgress, SW_HIDE);
2325 SendMessageW(hwndListView, LVM_PROGRESS, 0, FALSE);
2326
2327 // FIXME: Use something else instead of EventLog->LogName !!
2328
2329 /*
2330 * Use a different formatting, whether the event log filter holds
2331 * only one log, or many logs (the latter case is WIP TODO!)
2332 */
2333 if (EventLogFilter->NumOfEventLogs <= 1)
2334 {
2335 StringCbPrintfW(szStatusText,
2336 sizeof(szStatusText),
2337 szStatusBarTemplate,
2338 EventLog->LogName,
2339 dwTotalRecords,
2340 ListView_GetItemCount(hwndListView));
2341 }
2342 else
2343 {
2344 // TODO: Use a different title & implement filtering for multi-log filters !!
2345 // (EventLogFilter->NumOfEventLogs > 1)
2346 }
2347
2348 /* Update the status bar */
2349 StatusBar_SetText(hwndStatus, 0, szStatusText);
2350
2351 /* Resume list view redraw */
2352 SendMessageW(hwndListView, WM_SETREDRAW, TRUE, 0);
2353
2354 /* Re-enable the Previous/Next buttons, keeping the current event details
2355 * displayed, if any. Don't auto-select the first list item but wait for
2356 * the user to do it. */
2357 SendMessageW(hwndEventDetails, EVT_DISPLAY, FALSE, 0);
2358
2359 EventLogFilter_Release(EventLogFilter);
2360
2361 CloseHandle(hStopEnumEvent);
2362 InterlockedExchangePointer((PVOID*)&hStopEnumEvent, NULL);
2363
2364 return 0;
2365}
IDS_NOT_AVAILABLE
#define IDS_NOT_AVAILABLE
Definition: resource.h:145
IDS_NONE
#define IDS_NONE
Definition: resource.h:144
IDM_SAVE_EVENTLOG
#define IDM_SAVE_EVENTLOG
Definition: resource.h:76
IDM_CLEAR_EVENTS
#define IDM_CLEAR_EVENTS
Definition: resource.h:78
hProcessHeap
HANDLE hProcessHeap
Definition: explorer.cpp:25
GetComputerNameW
BOOL WINAPI GetComputerNameW(LPWSTR lpBuffer, LPDWORD lpnSize)
Definition: compname.c:446
ERROR_INSUFFICIENT_BUFFER
#define ERROR_INSUFFICIENT_BUFFER
Definition: dderror.h:10
GetNumberOfEventLogRecords
BOOL WINAPI GetNumberOfEventLogRecords(IN HANDLE hEventLog, OUT PDWORD NumberOfRecords)
Definition: eventlog.c:570
OpenBackupEventLogW
HANDLE WINAPI OpenBackupEventLogW(IN LPCWSTR lpUNCServerName, IN LPCWSTR lpFileName)
Definition: eventlog.c:830
ReadEventLogW
BOOL WINAPI ReadEventLogW(IN HANDLE hEventLog, IN DWORD dwReadFlags, IN DWORD dwRecordOffset, OUT LPVOID lpBuffer, IN DWORD nNumberOfBytesToRead, OUT DWORD *pnBytesRead, OUT DWORD *pnMinNumberOfBytesNeeded)
Definition: eventlog.c:1154
CloseHandle
#define CloseHandle
Definition: compat.h:739
HeapReAlloc
#define HeapReAlloc
Definition: compat.h:734
hStopEnumEvent
HANDLE hStopEnumEvent
Definition: eventvwr.c:90
EventTimeToSystemTime
VOID EventTimeToSystemTime(IN DWORD EventTime, OUT PSYSTEMTIME pSystemTime)
Definition: eventvwr.c:713
hwndEventDetails
HWND hwndEventDetails
Definition: eventvwr.c:67
FilterByString
BOOL FilterByString(IN PCWSTR FilterString, IN PWSTR String)
Definition: eventvwr.c:1957
LVM_PROGRESS
#define LVM_PROGRESS
Definition: eventvwr.c:21
GetEventCategory
BOOL GetEventCategory(_In_ PCWSTR KeyName, _In_ PCWSTR SourceName, _In_ PEVENTLOGRECORD pevlr, _Out_writes_z_(cchName) PWSTR CategoryName, _In_ SIZE_T cchName)
Definition: eventvwr.c:1600
szTitleTemplate
WCHAR szTitleTemplate[MAX_LOADSTRING]
Definition: eventvwr.c:50
szStatusBarTemplate
WCHAR szStatusBarTemplate[MAX_LOADSTRING]
Definition: eventvwr.c:51
hMainMenu
HMENU hMainMenu
Definition: eventvwr.c:70
FilterByType
BOOL FilterByType(IN PEVENTLOGFILTER EventLogFilter, IN PEVENTLOGRECORD pevlr)
Definition: eventvwr.c:1941
hwndStatus
HWND hwndStatus
Definition: eventvwr.c:68
g_TotalRecords
DWORD g_TotalRecords
Definition: eventvwr.c:81
GetEventType
VOID GetEventType(_In_ WORD dwEventType, _Out_writes_z_(cchText) PWSTR pszEventType, _In_ SIZE_T cchText)
Definition: eventvwr.c:1815
FreeRecords
static VOID FreeRecords(VOID)
Definition: eventvwr.c:1923
g_RecordPtrs
PEVENTLOGRECORD * g_RecordPtrs
Definition: eventvwr.c:82
hwndStatusProgress
HWND hwndStatusProgress
Definition: eventvwr.c:69
GetEventUserName
BOOL GetEventUserName(_In_ PEVENTLOGRECORD pelr, _Inout_ PSID *pLastSid, _Out_writes_z_(cchUser) PWSTR pszUser, _In_ SIZE_T cchUser)
Definition: eventvwr.c:1847
hwndListView
HWND hwndListView
Definition: eventvwr.c:66
ProgressBar_SetRange
#define ProgressBar_SetRange(hwndCtl, range)
Definition: eventvwr.h:60
ProgressBar_SetPos
#define ProgressBar_SetPos(hwndCtl, pos)
Definition: eventvwr.h:58
StatusBar_SetText
#define StatusBar_SetText(hwndCtl, index, data)
Definition: eventvwr.h:69
PEVENTLOGFILTER
struct _EVENTLOGFILTER * PEVENTLOGFILTER
EVT_DISPLAY
#define EVT_DISPLAY
Definition: evtdetctl.h:21
GetTimeFormatW
INT WINAPI GetTimeFormatW(LCID lcid, DWORD dwFlags, const SYSTEMTIME *lpTime, LPCWSTR lpFormat, LPWSTR lpTimeStr, INT cchOut)
Definition: lcformat.c:1089
GetDateFormatW
INT WINAPI GetDateFormatW(LCID lcid, DWORD dwFlags, const SYSTEMTIME *lpTime, LPCWSTR lpFormat, LPWSTR lpDateStr, INT cchOut)
Definition: lcformat.c:989
time
__u16 time
Definition: mkdosfs.c:8
UINT
unsigned int UINT
Definition: ndis.h:50
LOCALE_USER_DEFAULT
#define LOCALE_USER_DEFAULT
PBYTE
BYTE * PBYTE
Definition: pedump.c:66
ListView_InsertItem
#define ListView_InsertItem(hwnd, pitem)
Definition: commctrl.h:2413
ListView_GetItemCount
#define ListView_GetItemCount(hwnd)
Definition: commctrl.h:2312
LVIF_PARAM
#define LVIF_PARAM
Definition: commctrl.h:2316
ListView_DeleteAllItems
#define ListView_DeleteAllItems(hwnd)
Definition: commctrl.h:2419
ListView_SetItemText
#define ListView_SetItemText(hwndLV, i, iSubItem_, pszText_)
Definition: commctrl.h:2696
LVIF_TEXT
#define LVIF_TEXT
Definition: commctrl.h:2314
LVIF_IMAGE
#define LVIF_IMAGE
Definition: commctrl.h:2315
dwStatus
DWORD dwStatus
Definition: mediaobj.idl:95
StringCchPrintfExW
STRSAFEAPI StringCchPrintfExW(STRSAFE_LPWSTR pszDest, size_t cchDest, STRSAFE_LPWSTR *ppszDestEnd, size_t *pcchRemaining, STRSAFE_DWORD dwFlags, STRSAFE_LPCWSTR pszFormat,...)
Definition: strsafe.h:585
StringCbPrintfW
STRSAFEAPI StringCbPrintfW(STRSAFE_LPWSTR pszDest, size_t cbDest, STRSAFE_LPCWSTR pszFormat,...)
Definition: strsafe.h:557
_EVENTLOGRECORD
Definition: winnt_old.h:2882
_EVENTLOGRECORD::EventType
WORD EventType
Definition: winnt_old.h:2889
_EVENTLOGRECORD::TimeWritten
DWORD TimeWritten
Definition: winnt_old.h:2887
_EVENTLOGRECORD::EventID
DWORD EventID
Definition: winnt_old.h:2888
_EVENTLOGRECORD::EventCategory
WORD EventCategory
Definition: winnt_old.h:2891
_EVENTLOGRECORD::Length
DWORD Length
Definition: winnt_old.h:2883
_SID
Definition: ms-dtyp.idl:198
_SYSTEMTIME
Definition: winbase.h:945
tagLVITEMW::pszText
LPWSTR pszText
Definition: commctrl.h:2370
tagLVITEMW::iSubItem
int iSubItem
Definition: commctrl.h:2367
tagLVITEMW::mask
UINT mask
Definition: commctrl.h:2365
tagLVITEMW::lParam
LPARAM lParam
Definition: commctrl.h:2373
tagLVITEMW::iImage
int iImage
Definition: commctrl.h:2372
WaitForSingleObject
DWORD WINAPI WaitForSingleObject(IN HANDLE hHandle, IN DWORD dwMilliseconds)
Definition: synch.c:82
PWCHAR
uint16_t * PWCHAR
Definition: typedefs.h:56
Settings
_Must_inspect_result_ _In_ WDFDEVICE _In_ PWDF_DEVICE_POWER_POLICY_IDLE_SETTINGS Settings
Definition: wdfdevice.h:2595
WAIT_OBJECT_0
#define WAIT_OBJECT_0
Definition: winbase.h:439
dwFlags
_In_ PCCERT_CONTEXT _In_ DWORD dwFlags
Definition: wincrypt.h:1176
DATE_SHORTDATE
#define DATE_SHORTDATE
Definition: winnls.h:209
EVENTLOG_ERROR_TYPE
#define EVENTLOG_ERROR_TYPE
Definition: winnt_old.h:2876
EVENTLOG_SEQUENTIAL_READ
#define EVENTLOG_SEQUENTIAL_READ
Definition: winnt_old.h:2870
EVENTLOG_AUDIT_FAILURE
#define EVENTLOG_AUDIT_FAILURE
Definition: winnt_old.h:2880
EVENTLOG_INFORMATION_TYPE
#define EVENTLOG_INFORMATION_TYPE
Definition: winnt_old.h:2878
EVENTLOG_AUDIT_SUCCESS
#define EVENTLOG_AUDIT_SUCCESS
Definition: winnt_old.h:2879
EVENTLOG_BACKWARDS_READ
#define EVENTLOG_BACKWARDS_READ
Definition: winnt_old.h:2873
EVENTLOG_SUCCESS
#define EVENTLOG_SUCCESS
Definition: winnt_old.h:2875
EVENTLOG_FORWARDS_READ
#define EVENTLOG_FORWARDS_READ
Definition: winnt_old.h:2872
EVENTLOG_WARNING_TYPE
#define EVENTLOG_WARNING_TYPE
Definition: winnt_old.h:2877
PEVENTLOGRECORD
struct _EVENTLOGRECORD * PEVENTLOGRECORD
SW_HIDE
#define SW_HIDE
Definition: winuser.h:779
MF_BYCOMMAND
#define MF_BYCOMMAND
Definition: winuser.h:202
MAKELPARAM
#define MAKELPARAM(l, h)
Definition: winuser.h:4084
ShowWindow
BOOL WINAPI ShowWindow(_In_ HWND, _In_ int)
SetWindowTextW
BOOL WINAPI SetWindowTextW(_In_ HWND, _In_opt_ LPCWSTR)
MF_ENABLED
#define MF_ENABLED
Definition: winuser.h:128
SW_SHOW
#define SW_SHOW
Definition: winuser.h:786
EnableMenuItem
BOOL WINAPI EnableMenuItem(_In_ HMENU, _In_ UINT, _In_ UINT)
SendMessageW
LRESULT WINAPI SendMessageW(_In_ HWND, _In_ UINT, _In_ WPARAM, _In_ LPARAM)
MF_GRAYED
#define MF_GRAYED
Definition: winuser.h:129
WM_SETREDRAW
#define WM_SETREDRAW
Definition: winuser.h:1635

Referenced by StartStopEnumEventsThread().

◆ EventDetails()

INT_PTR CALLBACK EventDetails ( HWND  hDlg,
UINT  uMsg,
WPARAM  wParam,
LPARAM  lParam 
)

Definition at line 4344 of file eventvwr.c.

4345{
4346 switch (uMsg)
4347 {
4348 case WM_INITDIALOG:
4349 {
4350 LONG_PTR dwStyle;
4351 RECT rcWnd, rect;
4352 INT iEventItem;
4353
4354 hWndDetailsCtrl = CreateEventDetailsCtrl(hInst, hDlg, lParam);
4355 if (!hWndDetailsCtrl)
4356 {
4357 EndDialog(hDlg, 0);
4358 return (INT_PTR)TRUE;
4359 }
4360
4361 /* Create a size grip if the dialog has a sizing border */
4362 GetClientRect(hDlg, &rcWnd);
4363 dwStyle = GetWindowLongPtrW(hDlg, GWL_STYLE);
4364 if (dwStyle & WS_THICKFRAME /* == WS_SIZEBOX */)
4365 {
4366 INT sbVXSize = GetSystemMetrics(SM_CXVSCROLL);
4367 INT sbHYSize = GetSystemMetrics(SM_CYHSCROLL);
4368
4369 hWndGrip = CreateWindowW(WC_SCROLLBARW,
4370 NULL,
4371 WS_CHILD | WS_VISIBLE | WS_CLIPSIBLINGS | SBS_SIZEGRIP | SBS_SIZEBOXBOTTOMRIGHTALIGN,
4372 rcWnd.right - sbVXSize,
4373 rcWnd.bottom - sbHYSize,
4374 sbVXSize, sbHYSize,
4375 hDlg,
4376 NULL,
4377 hInst,
4378 NULL);
4379 }
4380
4381 // SetWindowLongPtrW(hDlg, DWLP_USER, (LONG_PTR)hWndDetailsCtrl);
4382
4383 /*
4384 * Compute the minimum window size (in window coordinates) by
4385 * adding the widths/heights of the "Help" and "Close" buttons,
4386 * together with the margins, and add some minimal spacing
4387 * between the buttons.
4388 */
4389 GetWindowRect(hDlg, &rcWnd);
4390 cxMin = cyMin = 0;
4391
4392 GetWindowRect(GetDlgItem(hDlg, IDHELP), &rect);
4393 cxMin += (rect.right - rect.left) + (rect.left - rcWnd.left); // == (rect.right - rcWnd.left);
4394 cyMin += (rect.bottom - rect.top) + (rcWnd.bottom - rect.bottom); // == (rcWnd.bottom - rect.top);
4395
4396 GetWindowRect(GetDlgItem(hDlg, IDOK), &rect);
4397 cxMin += (rect.right - rect.left) + (rcWnd.right - rect.right); // == (rcWnd.right - rect.left);
4398 cyMin += (rect.bottom - rect.top) + (rcWnd.bottom - rect.bottom); // == (rcWnd.bottom - rect.top);
4399
4400 /*
4401 * Convert the window rect from window to client coordinates
4402 * in order to retrieve the sizes of the left and top margins,
4403 * and add some extra space.
4404 */
4405 MapWindowPoints(HWND_DESKTOP /*NULL*/, hDlg, (LPPOINT)&rcWnd, sizeof(RECT)/sizeof(POINT));
4406
4407 cxMin += -2*rcWnd.left; // Minimal spacing between the buttons == 2 * left margin
4408 cyMin += -rcWnd.top + 12; // Add some space on top
4409
4410 GetClientRect(hDlg, &rcWnd);
4411 cxOld = rcWnd.right - rcWnd.left;
4412 cyOld = rcWnd.bottom - rcWnd.top;
4413
4414 /* Display the event info in the dialog */
4415 iEventItem = (lParam != 0 ? ((PEVENTDETAIL_INFO)lParam)->iEventItem : -1);
4416 SendMessageW(hWndDetailsCtrl, EVT_DISPLAY, TRUE, (LPARAM)iEventItem);
4417
4418 // SetWindowPos(hWndDetailsCtrl, NULL,
4419 // 0, 0,
4420 // (rcWnd.right - rcWnd.left),
4421 // (rcWnd.bottom - rcWnd.top),
4422 // SWP_NOZORDER | SWP_NOACTIVATE | SWP_SHOWWINDOW);
4423
4424 /*
4425 * Hide the placeholder static control and show the event details
4426 * control instead. Note that the placeholder is here so far just
4427 * to get the dimensions right in the dialog resource editor.
4428 * I plan to remove it and use a custom control with a suitable
4429 * window class for it, that would create the event details control
4430 * instead.
4431 */
4432 ShowWindow(GetDlgItem(hDlg, IDC_STATIC), SW_HIDE);
4433 ShowWindow(hWndDetailsCtrl, SW_SHOW);
4434 return (INT_PTR)TRUE;
4435 }
4436
4437 case WM_DESTROY:
4438 if (IsWindow(hWndDetailsCtrl))
4439 DestroyWindow(hWndDetailsCtrl);
4440 hWndDetailsCtrl = NULL;
4441 return (INT_PTR)TRUE;
4442
4443 case WM_COMMAND:
4444 switch (LOWORD(wParam))
4445 {
4446 case IDOK:
4447 case IDCANCEL:
4448 EndDialog(hDlg, LOWORD(wParam));
4449 return (INT_PTR)TRUE;
4450
4451 case IDHELP:
4452 MessageBoxW(hDlg,
4453 L"Help not implemented yet!",
4454 szTitle,
4455 MB_OK | MB_ICONINFORMATION);
4456 return (INT_PTR)TRUE;
4457
4458 default:
4459 break;
4460 }
4461 break;
4462
4463 case WM_SETCURSOR:
4464 if (((HWND)wParam == hWndGrip) && (LOWORD(lParam) == HTCLIENT))
4465 {
4466 SetCursor(LoadCursorW(NULL, IDC_SIZENWSE));
4467 SetWindowLongPtrW(hDlg, DWLP_MSGRESULT, TRUE);
4468 return (INT_PTR)TRUE;
4469 }
4470 break;
4471
4472 case WM_SIZING:
4473 {
4474 /* Forbid resizing the dialog smaller than its minimal size */
4475 PRECT dragRect = (PRECT)lParam;
4476
4477 if ((wParam == WMSZ_LEFT) || (wParam == WMSZ_TOPLEFT) || (wParam == WMSZ_BOTTOMLEFT))
4478 {
4479 if (dragRect->right - dragRect->left < cxMin)
4480 dragRect->left = dragRect->right - cxMin;
4481 }
4482
4483 if ((wParam == WMSZ_RIGHT) || (wParam == WMSZ_TOPRIGHT) || (wParam == WMSZ_BOTTOMRIGHT))
4484 {
4485 if (dragRect->right - dragRect->left < cxMin)
4486 dragRect->right = dragRect->left + cxMin;
4487 }
4488
4489 if ((wParam == WMSZ_TOP) || (wParam == WMSZ_TOPLEFT) || (wParam == WMSZ_TOPRIGHT))
4490 {
4491 if (dragRect->bottom - dragRect->top < cyMin)
4492 dragRect->top = dragRect->bottom - cyMin;
4493 }
4494
4495 if ((wParam == WMSZ_BOTTOM) || (wParam == WMSZ_BOTTOMLEFT) || (wParam == WMSZ_BOTTOMRIGHT))
4496 {
4497 if (dragRect->bottom - dragRect->top < cyMin)
4498 dragRect->bottom = dragRect->top + cyMin;
4499 }
4500
4501 SetWindowLongPtrW(hDlg, DWLP_MSGRESULT, TRUE);
4502 return (INT_PTR)TRUE;
4503 }
4504
4505 case WM_SIZE:
4506 {
4507 INT cx = LOWORD(lParam);
4508 INT cy = HIWORD(lParam);
4509
4510 HDWP hdwp;
4511 HWND hItemWnd;
4512 RECT rect;
4513
4514 hdwp = BeginDeferWindowPos(4);
4515
4516 /* Resize the event details control window */
4517
4518 hItemWnd = hWndDetailsCtrl;
4519 GetWindowRect(hItemWnd, &rect);
4520 MapWindowPoints(HWND_DESKTOP /*NULL*/, hDlg, (LPPOINT)&rect, sizeof(RECT)/sizeof(POINT));
4521
4522 if (hdwp)
4523 hdwp = DeferWindowPos(hdwp,
4524 hItemWnd,
4525 HWND_TOP,
4526 0, 0,
4527 (rect.right - rect.left) + (cx - cxOld),
4528 (rect.bottom - rect.top) + (cy - cyOld),
4529 SWP_NOMOVE | SWP_NOZORDER | SWP_NOACTIVATE);
4530
4531 /* Move the buttons */
4532
4533 hItemWnd = GetDlgItem(hDlg, IDHELP);
4534 GetWindowRect(hItemWnd, &rect);
4535 MapWindowPoints(HWND_DESKTOP /*NULL*/, hDlg, (LPPOINT)&rect, sizeof(RECT)/sizeof(POINT));
4536
4537 if (hdwp)
4538 hdwp = DeferWindowPos(hdwp,
4539 hItemWnd,
4540 HWND_TOP,
4541 rect.left,
4542 rect.top + (cy - cyOld),
4543 0, 0,
4544 SWP_NOSIZE | SWP_NOZORDER | SWP_NOACTIVATE);
4545
4546 hItemWnd = GetDlgItem(hDlg, IDOK);
4547 GetWindowRect(hItemWnd, &rect);
4548 MapWindowPoints(HWND_DESKTOP /*NULL*/, hDlg, (LPPOINT)&rect, sizeof(RECT)/sizeof(POINT));
4549
4550 if (hdwp)
4551 hdwp = DeferWindowPos(hdwp,
4552 hItemWnd,
4553 HWND_TOP,
4554 rect.left + (cx - cxOld),
4555 rect.top + (cy - cyOld),
4556 0, 0,
4557 SWP_NOSIZE | SWP_NOZORDER | SWP_NOACTIVATE);
4558
4559 /* Move the size grip */
4560 if (hWndGrip && hdwp)
4561 {
4562 GetWindowRect(hWndGrip, &rect);
4563 MapWindowPoints(HWND_DESKTOP /*NULL*/, hDlg, (LPPOINT)&rect, sizeof(RECT)/sizeof(POINT));
4564
4565 hdwp = DeferWindowPos(hdwp,
4566 hWndGrip,
4567 HWND_TOP,
4568 rect.left + (cx - cxOld),
4569 rect.top + (cy - cyOld),
4570 0, 0,
4571 SWP_NOSIZE | SWP_NOZORDER | SWP_NOACTIVATE);
4572 }
4573
4574 if (hdwp)
4575 EndDeferWindowPos(hdwp);
4576
4577 /* Hide the size grip if we are in maximized mode */
4578 if (hWndGrip)
4579 ShowWindow(hWndGrip, (wParam == SIZE_MAXIMIZED) ? SW_HIDE : SW_SHOW);
4580
4581 cxOld = cx;
4582 cyOld = cy;
4583
4584 SetWindowLongPtrW(hDlg, DWLP_MSGRESULT, 0);
4585 return (INT_PTR)TRUE;
4586 }
4587 }
4588
4589 return (INT_PTR)FALSE;
4590}
IDC_STATIC
#define IDC_STATIC
Definition: resource.h:4
wParam
WPARAM wParam
Definition: combotst.c:138
lParam
LPARAM lParam
Definition: combotst.c:139
cxMin
static INT cxMin
Definition: eventvwr.c:4340
cyMin
static INT cyMin
Definition: eventvwr.c:4340
cxOld
static INT cxOld
Definition: eventvwr.c:4341
hWndGrip
static HWND hWndGrip
Definition: eventvwr.c:4339
hWndDetailsCtrl
static HWND hWndDetailsCtrl
Definition: eventvwr.c:4338
cyOld
static INT cyOld
Definition: eventvwr.c:4341
CreateEventDetailsCtrl
HWND CreateEventDetailsCtrl(HINSTANCE hInstance, HWND hParentWnd, LPARAM lParam)
Definition: evtdetctl.c:1305
PEVENTDETAIL_INFO
struct _EVENTDETAIL_INFO * PEVENTDETAIL_INFO
LONG_PTR
__int3264 LONG_PTR
Definition: mstsclib_h.h:276
LOWORD
#define LOWORD(l)
Definition: pedump.c:82
WS_CHILD
#define WS_CHILD
Definition: pedump.c:617
WS_VISIBLE
#define WS_VISIBLE
Definition: pedump.c:620
WS_CLIPSIBLINGS
#define WS_CLIPSIBLINGS
Definition: pedump.c:618
WS_THICKFRAME
#define WS_THICKFRAME
Definition: pedump.c:630
cy
_Out_opt_ int _Out_opt_ int * cy
Definition: commctrl.h:586
cx
_Out_opt_ int * cx
Definition: commctrl.h:585
WC_SCROLLBARW
#define WC_SCROLLBARW
Definition: commctrl.h:4734
IDHELP
#define IDHELP
Definition: resource_2.h:8
rect
& rect
Definition: startmenu.cpp:1413
tagRECT::right
LONG right
Definition: windef.h:308
tagRECT::bottom
LONG bottom
Definition: windef.h:309
tagRECT::top
LONG top
Definition: windef.h:307
tagRECT::left
LONG left
Definition: windef.h:306
INT_PTR
int32_t INT_PTR
Definition: typedefs.h:64
HIWORD
#define HIWORD(l)
Definition: typedefs.h:247
PRECT
#define PRECT
Definition: precomp.h:27
IsWindow
BOOL WINAPI IsWindow(_In_opt_ HWND)
SWP_NOACTIVATE
#define SWP_NOACTIVATE
Definition: winuser.h:1253
GetWindowLongPtrW
#define GetWindowLongPtrW
Definition: winuser.h:4905
SBS_SIZEGRIP
#define SBS_SIZEGRIP
Definition: winuser.h:332
WMSZ_BOTTOMRIGHT
#define WMSZ_BOTTOMRIGHT
Definition: winuser.h:2490
WMSZ_BOTTOMLEFT
#define WMSZ_BOTTOMLEFT
Definition: winuser.h:2489
GetWindowRect
BOOL WINAPI GetWindowRect(_In_ HWND, _Out_ LPRECT)
SM_CXVSCROLL
#define SM_CXVSCROLL
Definition: winuser.h:972
WM_SIZE
#define WM_SIZE
Definition: winuser.h:1630
SWP_NOMOVE
#define SWP_NOMOVE
Definition: winuser.h:1255
WM_COMMAND
#define WM_COMMAND
Definition: winuser.h:1759
WMSZ_TOP
#define WMSZ_TOP
Definition: winuser.h:2485
IDC_SIZENWSE
#define IDC_SIZENWSE
Definition: winuser.h:700
SetCursor
HCURSOR WINAPI SetCursor(_In_opt_ HCURSOR)
SWP_NOSIZE
#define SWP_NOSIZE
Definition: winuser.h:1256
WM_INITDIALOG
#define WM_INITDIALOG
Definition: winuser.h:1758
EndDeferWindowPos
BOOL WINAPI EndDeferWindowPos(_In_ HDWP)
LoadCursorW
HCURSOR WINAPI LoadCursorW(_In_opt_ HINSTANCE, _In_ LPCWSTR)
Definition: cursoricon.c:2442
MapWindowPoints
int WINAPI MapWindowPoints(_In_opt_ HWND hWndFrom, _In_opt_ HWND hWndTo, _Inout_updates_(cPoints) LPPOINT lpPoints, _In_ UINT cPoints)
WMSZ_LEFT
#define WMSZ_LEFT
Definition: winuser.h:2483
SM_CYHSCROLL
#define SM_CYHSCROLL
Definition: winuser.h:973
GetDlgItem
HWND WINAPI GetDlgItem(_In_opt_ HWND, _In_ int)
IDOK
#define IDOK
Definition: winuser.h:841
HWND_DESKTOP
#define HWND_DESKTOP
Definition: winuser.h:1220
WMSZ_TOPLEFT
#define WMSZ_TOPLEFT
Definition: winuser.h:2486
GetClientRect
BOOL WINAPI GetClientRect(_In_ HWND, _Out_ LPRECT)
HWND_TOP
#define HWND_TOP
Definition: winuser.h:1218
SIZE_MAXIMIZED
#define SIZE_MAXIMIZED
Definition: winuser.h:2526
WMSZ_TOPRIGHT
#define WMSZ_TOPRIGHT
Definition: winuser.h:2487
HTCLIENT
#define HTCLIENT
Definition: winuser.h:2494
CreateWindowW
#define CreateWindowW(a, b, c, d, e, f, g, h, i, j, k)
Definition: winuser.h:4392
WMSZ_BOTTOM
#define WMSZ_BOTTOM
Definition: winuser.h:2488
WM_SIZING
#define WM_SIZING
Definition: winuser.h:1826
SBS_SIZEBOXBOTTOMRIGHTALIGN
#define SBS_SIZEBOXBOTTOMRIGHTALIGN
Definition: winuser.h:330
DWLP_MSGRESULT
#define DWLP_MSGRESULT
Definition: winuser.h:881
WMSZ_RIGHT
#define WMSZ_RIGHT
Definition: winuser.h:2484
WM_SETCURSOR
#define WM_SETCURSOR
Definition: winuser.h:1655
DeferWindowPos
HDWP WINAPI DeferWindowPos(_In_ HDWP, _In_ HWND, _In_opt_ HWND, _In_ int, _In_ int, _In_ int, _In_ int, _In_ UINT)
WM_DESTROY
#define WM_DESTROY
Definition: winuser.h:1628
SWP_NOZORDER
#define SWP_NOZORDER
Definition: winuser.h:1258
SetWindowLongPtrW
#define SetWindowLongPtrW
Definition: winuser.h:5431
GWL_STYLE
#define GWL_STYLE
Definition: winuser.h:863
DestroyWindow
BOOL WINAPI DestroyWindow(_In_ HWND)
GetSystemMetrics
int WINAPI GetSystemMetrics(_In_ int)
BeginDeferWindowPos
HDWP WINAPI BeginDeferWindowPos(_In_ int)
EndDialog
BOOL WINAPI EndDialog(_In_ HWND, _In_ INT_PTR)

Referenced by WndProc().

◆ EventLog_Free()

VOID EventLog_Free ( IN PEVENTLOG  EventLog)

Definition at line 1322 of file eventvwr.c.

1323{
1324 if (EventLog->LogName)
1325 HeapFree(GetProcessHeap(), 0, EventLog->LogName);
1326
1327 if (EventLog->ComputerName)
1328 HeapFree(GetProcessHeap(), 0, EventLog->ComputerName);
1329
1330 if (EventLog->FileName)
1331 HeapFree(GetProcessHeap(), 0, EventLog->FileName);
1332
1333 HeapFree(GetProcessHeap(), 0, EventLog);
1334}

Referenced by BuildLogListAndFilterList(), FreeLogList(), and OpenUserEventLogFile().

◆ EventLogFilter_AddRef()

LONG EventLogFilter_AddRef ( IN PEVENTLOGFILTER  EventLogFilter)

Definition at line 1416 of file eventvwr.c.

1417{
1418 ASSERT(EventLogFilter);
1419 return InterlockedIncrement(&EventLogFilter->ReferenceCount);
1420}
InterlockedIncrement
#define InterlockedIncrement
Definition: armddk.h:53
ASSERT
#define ASSERT(a)
Definition: mode.c:44

Referenced by ClearEvents(), EnumEventsThread(), EventLogProperties(), SaveEventLog(), and WndProc().

◆ EventLogFilter_Free()

VOID EventLogFilter_Free ( IN PEVENTLOGFILTER  EventLogFilter)

Definition at line 1402 of file eventvwr.c.

1403{
1404 if (EventLogFilter->Sources)
1405 HeapFree(GetProcessHeap(), 0, EventLogFilter->Sources);
1406
1407 if (EventLogFilter->Users)
1408 HeapFree(GetProcessHeap(), 0, EventLogFilter->Users);
1409
1410 if (EventLogFilter->ComputerNames)
1411 HeapFree(GetProcessHeap(), 0, EventLogFilter->ComputerNames);
1412
1413 HeapFree(GetProcessHeap(), 0, EventLogFilter);
1414}

Referenced by EventLogFilter_Release(), and FreeLogFilterList().

◆ EventLogFilter_Release()

LONG EventLogFilter_Release ( IN PEVENTLOGFILTER  EventLogFilter)

RemoveEntryList(&EventLogFilter->ListEntry);

Definition at line 1422 of file eventvwr.c.

1423{
1424 LONG RefCount;
1425
1426 ASSERT(EventLogFilter);
1427
1428 /* When the reference count reaches zero, delete the filter */
1429 RefCount = InterlockedDecrement(&EventLogFilter->ReferenceCount);
1430 if (RefCount <= 0)
1431 {
1432 /* Remove the filter from the list */
1434 EventLogFilter_Free(EventLogFilter);
1435 }
1436
1437 return RefCount;
1438}
InterlockedDecrement
#define InterlockedDecrement
Definition: armddk.h:52
EventLogFilter_Free
VOID EventLogFilter_Free(IN PEVENTLOGFILTER EventLogFilter)
Definition: eventvwr.c:1402

Referenced by ClearEvents(), CloseUserEventLog(), EnumEventsThread(), EventLogProperties(), SaveEventLog(), and WndProc().

◆ EventLogProperties()

INT_PTR EventLogProperties ( HINSTANCE  hInstance,
HWND  hWndParent,
PEVENTLOGFILTER  EventLogFilter 
)

Definition at line 4278 of file eventvwr.c.

4279{
4280 INT_PTR ret = 0;
4281 PROPSHEETHEADERW psh;
4282 PROPSHEETPAGEW psp[1]; // 2
4283
4284 /*
4285 * Bail out if there is no available filter, or if the filter
4286 * contains more than one log.
4287 */
4288 if (!EventLogFilter)
4289 return 0;
4290
4291 EventLogFilter_AddRef(EventLogFilter);
4292
4293 if (EventLogFilter->NumOfEventLogs > 1 ||
4294 EventLogFilter->EventLogs[0] == NULL)
4295 {
4296 goto Quit;
4297 }
4298
4299 /* Header */
4300 psh.dwSize = sizeof(psh);
4301 psh.dwFlags = PSH_PROPSHEETPAGE /*| PSH_USEICONID */ | PSH_PROPTITLE | PSH_HASHELP /*| PSH_NOCONTEXTHELP */ /*| PSH_USECALLBACK */;
4302 psh.hInstance = hInstance;
4303 psh.hwndParent = hWndParent;
4304 // psh.pszIcon = MAKEINTRESOURCEW(IDI_APPICON); // Disabled because it only sets the small icon; the big icon is a stretched version of the small one.
4305 psh.pszCaption = EventLogFilter->EventLogs[0]->LogName;
4306 psh.nStartPage = 0;
4307 psh.ppsp = psp;
4308 psh.nPages = ARRAYSIZE(psp);
4309 // psh.pfnCallback = PropSheetCallback;
4310
4311 /* Log properties page */
4312 psp[0].dwSize = sizeof(psp[0]);
4313 psp[0].dwFlags = PSP_HASHELP;
4314 psp[0].hInstance = hInstance;
4315 psp[0].pszTemplate = MAKEINTRESOURCEW(IDD_LOGPROPERTIES_GENERAL);
4316 psp[0].pfnDlgProc = EventLogPropProc;
4317 psp[0].lParam = (LPARAM)EventLogFilter->EventLogs[0];
4318
4319#if 0
4320 /* TODO: Log sources page */
4321 psp[1].dwSize = sizeof(psp[1]);
4322 psp[1].dwFlags = PSP_HASHELP;
4323 psp[1].hInstance = hInstance;
4324 psp[1].pszTemplate = MAKEINTRESOURCEW(IDD_GENERAL_PAGE);
4325 psp[1].pfnDlgProc = GeneralPageWndProc;
4326 psp[1].lParam = (LPARAM)EventLogFilter->EventLogs[0];
4327#endif
4328
4329 /* Create the property sheet */
4330 ret = PropertySheetW(&psh);
4331
4332Quit:
4333 EventLogFilter_Release(EventLogFilter);
4334 return ret;
4335}
IDD_GENERAL_PAGE
#define IDD_GENERAL_PAGE
Definition: resource.h:6
IDD_LOGPROPERTIES_GENERAL
#define IDD_LOGPROPERTIES_GENERAL
Definition: resource.h:34
hInstance
HINSTANCE hInstance
Definition: charmap.c:19
PropertySheetW
INT_PTR WINAPI PropertySheetW(LPCPROPSHEETHEADERW lppsh)
Definition: propsheet.c:2916
EventLogPropProc
INT_PTR CALLBACK EventLogPropProc(HWND hDlg, UINT uMsg, WPARAM wParam, LPARAM lParam)
Definition: eventvwr.c:4157
GeneralPageWndProc
INT_PTR CALLBACK GeneralPageWndProc(HWND hDlg, UINT message, WPARAM wParam, LPARAM lParam)
Definition: generalpage.c:25
PSP_HASHELP
#define PSP_HASHELP
Definition: prsht.h:28
PSH_PROPTITLE
#define PSH_PROPTITLE
Definition: prsht.h:40
PSH_HASHELP
#define PSH_HASHELP
Definition: prsht.h:49
PSH_PROPSHEETPAGE
#define PSH_PROPSHEETPAGE
Definition: prsht.h:43
_PROPSHEETHEADERW
Definition: prsht.h:292
_PROPSHEETHEADERW::ppsp
LPCPROPSHEETPAGEW ppsp
Definition: prsht.h:308
_PROPSHEETHEADERW::hInstance
HINSTANCE hInstance
Definition: prsht.h:296
_PROPSHEETHEADERW::dwSize
DWORD dwSize
Definition: prsht.h:293
_PROPSHEETHEADERW::dwFlags
DWORD dwFlags
Definition: prsht.h:294
_PROPSHEETHEADERW::hwndParent
HWND hwndParent
Definition: prsht.h:295
_PROPSHEETHEADERW::nStartPage
UINT nStartPage
Definition: prsht.h:304
_PROPSHEETHEADERW::pszCaption
LPCWSTR pszCaption
Definition: prsht.h:301
_PROPSHEETHEADERW::nPages
UINT nPages
Definition: prsht.h:302
_PROPSHEETPAGEW
Definition: prsht.h:213
_PROPSHEETPAGEW::pfnDlgProc
DLGPROC pfnDlgProc
Definition: prsht.h:226
_PROPSHEETPAGEW::dwSize
DWORD dwSize
Definition: prsht.h:214
_PROPSHEETPAGEW::dwFlags
DWORD dwFlags
Definition: prsht.h:215
_PROPSHEETPAGEW::lParam
LPARAM lParam
Definition: prsht.h:227
_PROPSHEETPAGEW::pszTemplate
LPCWSTR pszTemplate
Definition: prsht.h:218
_PROPSHEETPAGEW::hInstance
HINSTANCE hInstance
Definition: prsht.h:216
ret
int ret
Definition: wcstombs-tests.c:31
MAKEINTRESOURCEW
#define MAKEINTRESOURCEW(i)
Definition: winuser.h:582

Referenced by WndProc().

◆ EventLogPropProc()

INT_PTR CALLBACK EventLogPropProc ( HWND  hDlg,
UINT  uMsg,
WPARAM  wParam,
LPARAM  lParam 
)

Definition at line 4157 of file eventvwr.c.

4158{
4159 PEVENTLOG EventLog;
4160 WCHAR szText[MAX_LOADSTRING];
4161
4162 EventLog = (PEVENTLOG)GetWindowLongPtrW(hDlg, DWLP_USER);
4163
4164 switch (uMsg)
4165 {
4166 case WM_INITDIALOG:
4167 {
4168 EventLog = (PEVENTLOG)((LPPROPSHEETPAGE)lParam)->lParam;
4169 SetWindowLongPtrW(hDlg, DWLP_USER, (LONG_PTR)EventLog);
4170
4171 InitPropertiesDlg(hDlg, EventLog);
4172
4173 PropSheet_UnChanged(GetParent(hDlg), hDlg);
4174 return (INT_PTR)TRUE;
4175 }
4176
4177 case WM_DESTROY:
4178 return (INT_PTR)TRUE;
4179
4180 case WM_NOTIFY:
4181 switch (((LPNMHDR)lParam)->code)
4182 {
4183 case PSN_APPLY:
4184 PropSheet_UnChanged(GetParent(hDlg), hDlg);
4185 SavePropertiesDlg(hDlg, EventLog);
4186 return (INT_PTR)TRUE;
4187 }
4188 break;
4189
4190 case WM_COMMAND:
4191 switch (LOWORD(wParam))
4192 {
4193 case IDOK:
4194 case IDCANCEL:
4195 EndDialog(hDlg, LOWORD(wParam));
4196 return (INT_PTR)TRUE;
4197
4198 case ID_CLEARLOG:
4199 {
4200 PEVENTLOGFILTER EventLogFilter = GetSelectedFilter(NULL);
4201 if (EventLogFilter && ClearEvents(EventLogFilter))
4202 {
4203 Refresh(EventLogFilter);
4204 InitPropertiesDlg(hDlg, EventLog);
4205 }
4206 return (INT_PTR)TRUE;
4207 }
4208
4209 case IDC_EDIT_EVENTS_AGE:
4210 case IDC_EDIT_MAXLOGSIZE:
4211 if (HIWORD(wParam) == EN_CHANGE)
4212 {
4213 PropSheet_Changed(GetParent(hDlg), hDlg);
4214 }
4215 return (INT_PTR)TRUE;
4216
4217 case IDC_OVERWRITE_AS_NEEDED:
4218 {
4219 CheckRadioButton(hDlg, IDC_OVERWRITE_AS_NEEDED, IDC_NO_OVERWRITE, IDC_OVERWRITE_AS_NEEDED);
4220 EnableDlgItem(hDlg, IDC_EDIT_EVENTS_AGE, FALSE);
4221 EnableDlgItem(hDlg, IDC_UPDOWN_EVENTS_AGE, FALSE);
4222 PropSheet_Changed(GetParent(hDlg), hDlg);
4223 return (INT_PTR)TRUE;
4224 }
4225
4226 case IDC_OVERWRITE_OLDER_THAN:
4227 {
4228 CheckRadioButton(hDlg, IDC_OVERWRITE_AS_NEEDED, IDC_NO_OVERWRITE, IDC_OVERWRITE_OLDER_THAN);
4229 EnableDlgItem(hDlg, IDC_EDIT_EVENTS_AGE, TRUE);
4230 EnableDlgItem(hDlg, IDC_UPDOWN_EVENTS_AGE, TRUE);
4231 PropSheet_Changed(GetParent(hDlg), hDlg);
4232 return (INT_PTR)TRUE;
4233 }
4234
4235 case IDC_NO_OVERWRITE:
4236 {
4237 CheckRadioButton(hDlg, IDC_OVERWRITE_AS_NEEDED, IDC_NO_OVERWRITE, IDC_NO_OVERWRITE);
4238 EnableDlgItem(hDlg, IDC_EDIT_EVENTS_AGE, FALSE);
4239 EnableDlgItem(hDlg, IDC_UPDOWN_EVENTS_AGE, FALSE);
4240 PropSheet_Changed(GetParent(hDlg), hDlg);
4241 return (INT_PTR)TRUE;
4242 }
4243
4244 case IDC_RESTOREDEFAULTS:
4245 {
4246 LoadStringW(hInst, IDS_RESTOREDEFAULTS, szText, _countof(szText));
4247
4248 if (MessageBoxW(hDlg, szText, szTitle, MB_YESNO | MB_ICONQUESTION) == IDYES)
4249 {
4250 CheckRadioButton(hDlg, IDC_OVERWRITE_AS_NEEDED, IDC_NO_OVERWRITE, IDC_OVERWRITE_AS_NEEDED);
4251 /* Workstation: 512 KB; Server: 16384 KB */
4252 SetDlgItemInt(hDlg, IDC_EDIT_MAXLOGSIZE, 5120, FALSE);
4253 SetDlgItemInt(hDlg, IDC_EDIT_EVENTS_AGE, 7, FALSE);
4254 EnableDlgItem(hDlg, IDC_EDIT_EVENTS_AGE, FALSE);
4255 EnableDlgItem(hDlg, IDC_UPDOWN_EVENTS_AGE, FALSE);
4256 PropSheet_Changed(GetParent(hDlg), hDlg);
4257 }
4258 return (INT_PTR)TRUE;
4259 }
4260
4261 case IDHELP:
4262 MessageBoxW(hDlg,
4263 L"Help not implemented yet!",
4264 szTitle,
4265 MB_OK | MB_ICONINFORMATION);
4266 return (INT_PTR)TRUE;
4267
4268 default:
4269 break;
4270 }
4271 break;
4272 }
4273
4274 return (INT_PTR)FALSE;
4275}
IDC_UPDOWN_EVENTS_AGE
#define IDC_UPDOWN_EVENTS_AGE
Definition: resource.h:67
IDC_NO_OVERWRITE
#define IDC_NO_OVERWRITE
Definition: resource.h:68
IDC_OVERWRITE_AS_NEEDED
#define IDC_OVERWRITE_AS_NEEDED
Definition: resource.h:64
IDS_RESTOREDEFAULTS
#define IDS_RESTOREDEFAULTS
Definition: resource.h:107
ID_CLEARLOG
#define ID_CLEARLOG
Definition: resource.h:71
IDC_OVERWRITE_OLDER_THAN
#define IDC_OVERWRITE_OLDER_THAN
Definition: resource.h:65
IDC_EDIT_MAXLOGSIZE
#define IDC_EDIT_MAXLOGSIZE
Definition: resource.h:62
IDC_EDIT_EVENTS_AGE
#define IDC_EDIT_EVENTS_AGE
Definition: resource.h:66
IDC_RESTOREDEFAULTS
#define IDC_RESTOREDEFAULTS
Definition: resource.h:69
GetSelectedFilter
PEVENTLOGFILTER GetSelectedFilter(OUT HTREEITEM *phti OPTIONAL)
Definition: eventvwr.c:2494
ClearEvents
BOOL ClearEvents(IN PEVENTLOGFILTER EventLogFilter)
Definition: eventvwr.c:2674
SavePropertiesDlg
static VOID SavePropertiesDlg(HWND hDlg, PEVENTLOG EventLog)
Definition: eventvwr.c:4098
InitPropertiesDlg
static VOID InitPropertiesDlg(HWND hDlg, PEVENTLOG EventLog)
Definition: eventvwr.c:3908
PEVENTLOG
struct _EVENTLOG * PEVENTLOG
EnableDlgItem
#define EnableDlgItem(hDlg, nID, bEnable)
Definition: eventvwr.h:55
Refresh
void Refresh(void)
Definition: magnifier.c:317
PropSheet_Changed
#define PropSheet_Changed(d, w)
Definition: prsht.h:344
PropSheet_UnChanged
#define PropSheet_UnChanged(d, w)
Definition: prsht.h:358
PSN_APPLY
#define PSN_APPLY
Definition: prsht.h:117
LPPROPSHEETPAGE
#define LPPROPSHEETPAGE
Definition: prsht.h:390
WM_NOTIFY
#define WM_NOTIFY
Definition: richedit.h:61
code
Definition: inflate.c:139
DWLP_USER
#define DWLP_USER
Definition: winuser.h:883
MB_YESNO
#define MB_YESNO
Definition: winuser.h:828
SetDlgItemInt
BOOL WINAPI SetDlgItemInt(_In_ HWND, _In_ int, _In_ UINT, _In_ BOOL)
GetParent
HWND WINAPI GetParent(_In_ HWND)
CheckRadioButton
BOOL WINAPI CheckRadioButton(_In_ HWND, _In_ int, _In_ int, _In_ int)
MB_ICONQUESTION
#define MB_ICONQUESTION
Definition: winuser.h:800
EN_CHANGE
#define EN_CHANGE
Definition: winuser.h:2041

Referenced by EventLogProperties().

◆ EventTimeToSystemTime()

VOID EventTimeToSystemTime ( IN DWORD  EventTime,
OUT PSYSTEMTIME  pSystemTime 
)

Definition at line 713 of file eventvwr.c.

715{
716 SYSTEMTIME st1970 = { 1970, 1, 0, 1, 0, 0, 0, 0 };
717 FILETIME ftLocal;
718 union
719 {
720 FILETIME ft;
721 ULONGLONG ll;
722 } u1970, uUCT;
723
724 uUCT.ft.dwHighDateTime = 0;
725 uUCT.ft.dwLowDateTime = EventTime;
726 SystemTimeToFileTime(&st1970, &u1970.ft);
727 uUCT.ll = uUCT.ll * 10000000 + u1970.ll;
728 FileTimeToLocalFileTime(&uUCT.ft, &ftLocal);
729 FileTimeToSystemTime(&ftLocal, pSystemTime);
730}
ll
w ll
Definition: byte_order.h:167
FileTimeToSystemTime
BOOL WINAPI FileTimeToSystemTime(IN CONST FILETIME *lpFileTime, OUT LPSYSTEMTIME lpSystemTime)
Definition: time.c:188
SystemTimeToFileTime
BOOL WINAPI SystemTimeToFileTime(IN CONST SYSTEMTIME *lpSystemTime, OUT LPFILETIME lpFileTime)
Definition: time.c:158
FileTimeToLocalFileTime
BOOL WINAPI FileTimeToLocalFileTime(IN CONST FILETIME *lpFileTime, OUT LPFILETIME lpLocalFileTime)
Definition: time.c:221
_FILETIME
Definition: mapidefs.h:60
ULONGLONG
uint64_t ULONGLONG
Definition: typedefs.h:67

Referenced by EnumEventsThread().

◆ FilterByString()

BOOL FilterByString ( IN PCWSTR  FilterString,
IN PWSTR  String 
)

Definition at line 1957 of file eventvwr.c.

1959{
1960 PCWSTR pStr;
1961
1962 /* The filter string is NULL so it does not filter anything */
1963 if (!FilterString)
1964 return TRUE;
1965
1966 /*
1967 * If the filter string filters for an empty string AND the source string
1968 * is an empty string, we have a match (particular case of the last one).
1969 */
1970 if (!*FilterString && !*String)
1971 return TRUE;
1972
1973 // if (*FilterString || *String)
1974
1975 /*
1976 * If the filter string is empty BUT the source string is not empty,
1977 * OR vice-versa, we cannot have a match.
1978 */
1979 if ( (!*FilterString && *String) || (*FilterString && !*String) )
1980 return FALSE;
1981
1982 /*
1983 * If the filter string filters for at least a non-empty string,
1984 * browse it and search for a string that matches the source string.
1985 */
1986 // else if (*FilterString && *String)
1987 {
1988 pStr = FilterString;
1989 while (*pStr)
1990 {
1991 if (_wcsicmp(pStr, String) == 0)
1992 {
1993 /* We have a match, break the loop */
1994 break;
1995 }
1996
1997 pStr += (wcslen(pStr) + 1);
1998 }
1999 if (!*pStr) // && *String
2000 {
2001 /* We do not have a match */
2002 return FALSE;
2003 }
2004 }
2005
2006 /* We have a match */
2007 return TRUE;
2008}
PCWSTR
const uint16_t * PCWSTR
Definition: typedefs.h:57
String
_Must_inspect_result_ _In_ WDFDEVICE _In_ WDFSTRING String
Definition: wdfdevice.h:2433

Referenced by EnumEventsThread().

◆ FilterByType()

BOOL FilterByType ( IN PEVENTLOGFILTER  EventLogFilter,
IN PEVENTLOGRECORD  pevlr 
)

Definition at line 1941 of file eventvwr.c.

1943{
1944 if ((pevlr->EventType == EVENTLOG_SUCCESS && !EventLogFilter->Information ) ||
1945 (pevlr->EventType == EVENTLOG_INFORMATION_TYPE && !EventLogFilter->Information ) ||
1946 (pevlr->EventType == EVENTLOG_WARNING_TYPE && !EventLogFilter->Warning ) ||
1947 (pevlr->EventType == EVENTLOG_ERROR_TYPE && !EventLogFilter->Error ) ||
1948 (pevlr->EventType == EVENTLOG_AUDIT_SUCCESS && !EventLogFilter->AuditSuccess) ||
1949 (pevlr->EventType == EVENTLOG_AUDIT_FAILURE && !EventLogFilter->AuditFailure))
1950 {
1951 return FALSE;
1952 }
1953 return TRUE;
1954}

Referenced by EnumEventsThread().

◆ FormatByteSize()

UINT FormatByteSize ( LONGLONG  cbSize,
LPWSTR  pwszResult,
UINT  cchResultMax 
)

Definition at line 1161 of file eventvwr.c.

1162{
1163 UINT cchWritten, cchRemaining;
1164 LPWSTR pwszEnd;
1165 size_t cchStringRemaining;
1166
1167 /* Write formated bytes count */
1168 cchWritten = FormatInteger(cbSize, pwszResult, cchResultMax);
1169 if (!cchWritten)
1170 return 0;
1171
1172 /* Copy " bytes" to buffer */
1173 pwszEnd = pwszResult + cchWritten;
1174 cchRemaining = cchResultMax - cchWritten;
1175 StringCchCopyExW(pwszEnd, cchRemaining, L" ", &pwszEnd, &cchStringRemaining, 0);
1176 cchRemaining = (UINT)cchStringRemaining;
1177 cchWritten = LoadStringW(hInst, IDS_BYTES_FORMAT, pwszEnd, cchRemaining);
1178 cchRemaining -= cchWritten;
1179
1180 return cchResultMax - cchRemaining;
1181}
IDS_BYTES_FORMAT
#define IDS_BYTES_FORMAT
Definition: resource.h:122
FormatInteger
UINT FormatInteger(LONGLONG Num, LPWSTR pwszResult, UINT cchResultMax)
Definition: eventvwr.c:1101
StringCchCopyExW
STRSAFEAPI StringCchCopyExW(STRSAFE_LPWSTR pszDest, size_t cchDest, STRSAFE_LPCWSTR pszSrc, STRSAFE_LPWSTR *ppszDestEnd, size_t *pcchRemaining, STRSAFE_DWORD dwFlags)
Definition: strsafe.h:184

Referenced by FormatFileSizeWithBytes().

◆ FormatFileSizeWithBytes()

LPWSTR FormatFileSizeWithBytes ( const PULARGE_INTEGER  lpQwSize,
LPWSTR  pwszResult,
UINT  cchResultMax 
)

Definition at line 1184 of file eventvwr.c.

1185{
1186 UINT cchWritten, cchRemaining;
1187 LPWSTR pwszEnd;
1188 size_t cchCopyRemaining;
1189
1190 /* Format bytes in KBs, MBs etc */
1191 if (StrFormatByteSizeW(lpQwSize->QuadPart, pwszResult, cchResultMax) == NULL)
1192 return NULL;
1193
1194 /* If there is less bytes than 1KB, we have nothing to do */
1195 if (lpQwSize->QuadPart < 1024)
1196 return pwszResult;
1197
1198 /* Concatenate " (" */
1199 cchWritten = (UINT)wcslen(pwszResult);
1200 pwszEnd = pwszResult + cchWritten;
1201 cchRemaining = cchResultMax - cchWritten;
1202 StringCchCopyExW(pwszEnd, cchRemaining, L" (", &pwszEnd, &cchCopyRemaining, 0);
1203 cchRemaining = (UINT)cchCopyRemaining;
1204
1205 /* Write formated bytes count */
1206 cchWritten = FormatByteSize(lpQwSize->QuadPart, pwszEnd, cchRemaining);
1207 pwszEnd += cchWritten;
1208 cchRemaining -= cchWritten;
1209
1210 /* Copy ")" to the buffer */
1211 StringCchCopyW(pwszEnd, cchRemaining, L")");
1212
1213 return pwszResult;
1214}
StrFormatByteSizeW
LPWSTR WINAPI StrFormatByteSizeW(LONGLONG llBytes, LPWSTR lpszDest, UINT cchMax)
Definition: string.c:2394
FormatByteSize
UINT FormatByteSize(LONGLONG cbSize, LPWSTR pwszResult, UINT cchResultMax)
Definition: eventvwr.c:1161
_ULARGE_INTEGER::QuadPart
ULONGLONG QuadPart
Definition: ms-dtyp.idl:185

Referenced by InitPropertiesDlg().

◆ FormatInteger()

UINT FormatInteger ( LONGLONG  Num,
LPWSTR  pwszResult,
UINT  cchResultMax 
)

Definition at line 1101 of file eventvwr.c.

1102{
1103 WCHAR wszNumber[24];
1104 WCHAR wszDecimalSep[8], wszThousandSep[8];
1105 NUMBERFMTW nf;
1106 WCHAR wszGrouping[12];
1107 INT cchGrouping;
1108 INT cchResult;
1109 INT i;
1110
1111 // Print the number in uniform mode
1112 swprintf(wszNumber, L"%I64u", Num);
1113
1114 // Get system strings for decimal and thousand separators.
1115 GetLocaleInfoW(LOCALE_USER_DEFAULT, LOCALE_SDECIMAL, wszDecimalSep, _countof(wszDecimalSep));
1116 GetLocaleInfoW(LOCALE_USER_DEFAULT, LOCALE_STHOUSAND, wszThousandSep, _countof(wszThousandSep));
1117
1118 // Initialize format for printing the number in bytes
1119 ZeroMemory(&nf, sizeof(nf));
1120 nf.lpDecimalSep = wszDecimalSep;
1121 nf.lpThousandSep = wszThousandSep;
1122
1123 // Get system string for groups separator
1124 cchGrouping = GetLocaleInfoW(LOCALE_USER_DEFAULT,
1125 LOCALE_SGROUPING,
1126 wszGrouping,
1127 _countof(wszGrouping));
1128
1129 // Convert grouping specs from string to integer
1130 for (i = 0; i < cchGrouping; i++)
1131 {
1132 WCHAR wch = wszGrouping[i];
1133
1134 if (wch >= L'0' && wch <= L'9')
1135 nf.Grouping = nf.Grouping * 10 + (wch - L'0');
1136 else if (wch != L';')
1137 break;
1138 }
1139
1140 if ((nf.Grouping % 10) == 0)
1141 nf.Grouping /= 10;
1142 else
1143 nf.Grouping *= 10;
1144
1145 // Format the number
1146 cchResult = GetNumberFormatW(LOCALE_USER_DEFAULT,
1147 0,
1148 wszNumber,
1149 &nf,
1150 pwszResult,
1151 cchResultMax);
1152
1153 if (!cchResult)
1154 return 0;
1155
1156 // GetNumberFormatW returns number of characters including UNICODE_NULL
1157 return cchResult - 1;
1158}
GetLocaleInfoW
INT WINAPI GetLocaleInfoW(LCID lcid, LCTYPE lctype, LPWSTR buffer, INT len)
Definition: locale.c:1666
swprintf
#define swprintf
Definition: precomp.h:40
GetNumberFormatW
INT WINAPI GetNumberFormatW(LCID lcid, DWORD dwFlags, LPCWSTR lpszValue, const NUMBERFMTW *lpFormat, LPWSTR lpNumberStr, int cchOut)
Definition: lcformat.c:1208
_numberfmtW
Definition: winnls.h:661
_numberfmtW::lpDecimalSep
LPWSTR lpDecimalSep
Definition: winnls.h:665
_numberfmtW::Grouping
UINT Grouping
Definition: winnls.h:664
_numberfmtW::lpThousandSep
LPWSTR lpThousandSep
Definition: winnls.h:666
LOCALE_SGROUPING
#define LOCALE_SGROUPING
Definition: winnls.h:51
LOCALE_SDECIMAL
#define LOCALE_SDECIMAL
Definition: winnls.h:49
LOCALE_STHOUSAND
#define LOCALE_STHOUSAND
Definition: winnls.h:50

Referenced by FormatByteSize().

◆ FreeLogFilterList()

VOID FreeLogFilterList ( VOID  )

Definition at line 3083 of file eventvwr.c.

3084{
3085 PLIST_ENTRY Entry;
3086 PEVENTLOGFILTER EventLogFilter;
3087
3088 while (!IsListEmpty(&EventLogFilterList))
3089 {
3090 Entry = RemoveHeadList(&EventLogFilterList);
3091 EventLogFilter = (PEVENTLOGFILTER)CONTAINING_RECORD(Entry, EVENTLOGFILTER, ListEntry);
3092 EventLogFilter_Free(EventLogFilter);
3093 }
3094
3095 ActiveFilter = NULL;
3096
3097 return;
3098}
IsListEmpty
#define IsListEmpty(ListHead)
Definition: env_spec_w32.h:954
RemoveHeadList
#define RemoveHeadList(ListHead)
Definition: env_spec_w32.h:964
Entry
base of all file and directory entries
Definition: entries.h:83
_LIST_ENTRY
Definition: typedefs.h:120
CONTAINING_RECORD
#define CONTAINING_RECORD(address, type, field)
Definition: typedefs.h:260

Referenced by wWinMain().

◆ FreeLogList()

VOID FreeLogList ( VOID  )

Definition at line 3067 of file eventvwr.c.

3068{
3069 PLIST_ENTRY Entry;
3070 PEVENTLOG EventLog;
3071
3072 while (!IsListEmpty(&EventLogList))
3073 {
3074 Entry = RemoveHeadList(&EventLogList);
3075 EventLog = (PEVENTLOG)CONTAINING_RECORD(Entry, EVENTLOG, ListEntry);
3076 EventLog_Free(EventLog);
3077 }
3078
3079 return;
3080}

Referenced by wWinMain().

◆ FreeRecords()

static VOID FreeRecords ( VOID  )
static

Definition at line 1923 of file eventvwr.c.

1924{
1925 DWORD iIndex;
1926
1927 if (!g_RecordPtrs)
1928 return;
1929
1930 for (iIndex = 0; iIndex < g_TotalRecords; iIndex++)
1931 {
1932 if (g_RecordPtrs[iIndex])
1933 HeapFree(GetProcessHeap(), 0, g_RecordPtrs[iIndex]);
1934 }
1935 HeapFree(GetProcessHeap(), 0, g_RecordPtrs);
1936 g_RecordPtrs = NULL;
1937 g_TotalRecords = 0;
1938}

Referenced by EnumEventsThread(), and StartStopEnumEventsThread().

◆ GetDisplayNameFileAndID()

BOOL GetDisplayNameFileAndID ( _In_ PCWSTR  LogName,
_Out_writes_z_(cchName) PWSTR  pModuleName,
_In_ SIZE_T  cchName,
_Out_ PDWORD  pdwMessageID 
)

Definition at line 2771 of file eventvwr.c.

2776{
2777 BOOL Success = FALSE;
2778 LONG Result;
2779 HKEY hLogKey;
2780 PWSTR KeyPath;
2781 SIZE_T cbKeyPath;
2782 DWORD dwType, cbData;
2783 DWORD dwMessageID = 0;
2784 WCHAR szModuleName[MAX_PATH];
2785
2786 /* Use a default value for the message ID */
2787 *pdwMessageID = 0;
2788
2789 if (cchName == 0)
2790 return FALSE;
2791
2792 cbKeyPath = (wcslen(EVENTLOG_BASE_KEY) + wcslen(LogName) + 1) * sizeof(WCHAR);
2793 KeyPath = HeapAlloc(GetProcessHeap(), 0, cbKeyPath);
2794 if (!KeyPath)
2795 {
2796 ShowWin32Error(ERROR_NOT_ENOUGH_MEMORY);
2797 return FALSE;
2798 }
2799
2800 StringCbCopyW(KeyPath, cbKeyPath, EVENTLOG_BASE_KEY);
2801 StringCbCatW(KeyPath, cbKeyPath, LogName);
2802
2803 Result = RegOpenKeyExW(hkMachine, KeyPath, 0, KEY_QUERY_VALUE, &hLogKey);
2804 HeapFree(GetProcessHeap(), 0, KeyPath);
2805 if (Result != ERROR_SUCCESS)
2806 {
2807 ShowWin32Error(Result);
2808 return FALSE;
2809 }
2810
2811 cbData = sizeof(szModuleName);
2812 Result = RegQueryValueExW(hLogKey,
2813 L"DisplayNameFile",
2814 NULL,
2815 &dwType,
2816 (LPBYTE)szModuleName,
2817 &cbData);
2818 if ((Result != ERROR_SUCCESS) || (dwType != REG_EXPAND_SZ && dwType != REG_SZ))
2819 {
2820 *szModuleName = UNICODE_NULL;
2821 }
2822 else
2823 {
2824 /* NULL-terminate the string and expand it */
2825 szModuleName[cbData / sizeof(WCHAR) - 1] = UNICODE_NULL;
2826 Success =
2827 (GetExpandedFilePathName(lpComputerName, szModuleName,
2828 pModuleName, cchName) != 0 && *pModuleName);
2829 }
2830
2831 /*
2832 * If we have a 'DisplayNameFile', query for 'DisplayNameID';
2833 * otherwise it's not really useful. 'DisplayNameID' is optional.
2834 */
2835 if (Success)
2836 {
2837 cbData = sizeof(dwMessageID);
2838 Result = RegQueryValueExW(hLogKey,
2839 L"DisplayNameID",
2840 NULL,
2841 &dwType,
2842 (LPBYTE)&dwMessageID,
2843 &cbData);
2844 if ((Result != ERROR_SUCCESS) || (dwType != REG_DWORD))
2845 dwMessageID = 0;
2846
2847 *pdwMessageID = dwMessageID;
2848 }
2849
2850 RegCloseKey(hLogKey);
2851
2852 return Success;
2853}
ERROR_NOT_ENOUGH_MEMORY
#define ERROR_NOT_ENOUGH_MEMORY
Definition: dderror.h:7
GetExpandedFilePathName
SIZE_T GetExpandedFilePathName(_In_opt_ PCWSTR ComputerName, _In_ PCWSTR FileName, _Out_writes_z_(nSize) PWSTR pFullFileName, _In_ SIZE_T nSize)
Definition: eventvwr.c:1455
REG_DWORD
#define REG_DWORD
Definition: sdbapi.c:596
StringCbCopyW
STRSAFEAPI StringCbCopyW(STRSAFE_LPWSTR pszDest, size_t cbDest, STRSAFE_LPCWSTR pszSrc)
Definition: strsafe.h:166
StringCbCatW
STRSAFEAPI StringCbCatW(STRSAFE_LPWSTR pszDest, size_t cbDest, STRSAFE_LPCWSTR pszSrc)
Definition: strsafe.h:342

Referenced by BuildLogListAndFilterList().

◆ GetEventCategory()

BOOL GetEventCategory ( _In_ PCWSTR  KeyName,
_In_ PCWSTR  SourceName,
_In_ PEVENTLOGRECORD  pevlr,
_Out_writes_z_(cchName) PWSTR  CategoryName,
_In_ SIZE_T  cchName 
)

Definition at line 1600 of file eventvwr.c.

1606{
1607 BOOL Success = FALSE;
1608 WCHAR szMessageDLL[MAX_PATH];
1609 LPWSTR lpMsgBuf;
1610
1611 if (cchName == 0)
1612 return FALSE;
1613
1614 if (!GetEventMessageFileDLL(KeyName, SourceName, EVENT_CATEGORY_MESSAGE_FILE,
1615 szMessageDLL, _countof(szMessageDLL)))
1616 {
1617 goto Quit;
1618 }
1619
1620 /* Retrieve the message string without appending extra newlines */
1621 lpMsgBuf =
1622 GetMessageStringFromDllList(szMessageDLL,
1623 FORMAT_MESSAGE_ALLOCATE_BUFFER | FORMAT_MESSAGE_FROM_HMODULE |
1624 FORMAT_MESSAGE_IGNORE_INSERTS | FORMAT_MESSAGE_MAX_WIDTH_MASK,
1625 pevlr->EventCategory,
1626 EVENT_MESSAGE_FILE_BUFFER,
1627 NULL);
1628 if (lpMsgBuf)
1629 {
1630 /* Trim the string */
1631 TrimNulls(lpMsgBuf);
1632
1633 /* Copy the category name */
1634 StringCchCopyW(CategoryName, cchName, lpMsgBuf);
1635
1636 /* Free the buffer allocated by FormatMessage */
1637 LocalFree(lpMsgBuf);
1638
1639 /* The ID was found and the message was formatted */
1640 Success = TRUE;
1641 }
1642
1643Quit:
1644 if (!Success)
1645 {
1646 if (pevlr->EventCategory != 0)
1647 {
1648 StringCchPrintfW(CategoryName, cchName, L"(%lu)", pevlr->EventCategory);
1649 Success = TRUE;
1650 }
1651 }
1652
1653 return Success;
1654}
SourceName
WCHAR SourceName[256]
Definition: arping.c:28
TrimNulls
void TrimNulls(LPWSTR s)
Definition: eventvwr.c:1441
EVENT_CATEGORY_MESSAGE_FILE
#define EVENT_CATEGORY_MESSAGE_FILE
Definition: eventvwr.c:39
GetEventMessageFileDLL
BOOL GetEventMessageFileDLL(_In_ PCWSTR LogName, _In_ PCWSTR SourceName, _In_ PCWSTR EntryName, _Out_writes_z_(cchName) PWSTR pModuleName, _In_ SIZE_T cchName)
Definition: eventvwr.c:1530
EVENT_MESSAGE_FILE_BUFFER
#define EVENT_MESSAGE_FILE_BUFFER
Definition: eventvwr.c:37
StringCchPrintfW
STRSAFEAPI StringCchPrintfW(STRSAFE_LPWSTR pszDest, size_t cchDest, STRSAFE_LPCWSTR pszFormat,...)
Definition: strsafe.h:530
KeyName
_Must_inspect_result_ _In_ WDFDEVICE _In_ PCUNICODE_STRING KeyName
Definition: wdfdevice.h:2699

Referenced by EnumEventsThread().

◆ GetEventMessage()

BOOL GetEventMessage ( _In_ PCWSTR  KeyName,
_In_ PCWSTR  SourceName,
_In_ PEVENTLOGRECORD  pevlr,
_Out_writes_z_(cchText) PWSTR  EventText,
_In_ SIZE_T  cchText 
)

Definition at line 1658 of file eventvwr.c.

1664{
1665 BOOL Success = FALSE;
1666 DWORD i;
1667 size_t cch;
1668 WCHAR SourceModuleName[1024];
1669 WCHAR ParameterModuleName[1024];
1670 BOOL IsParamModNameCached = FALSE;
1671 LPWSTR lpMsgBuf;
1672 LPWSTR szStringArray, szMessage;
1673 LPWSTR *szArguments;
1674
1675 if (cchText == 0)
1676 return FALSE;
1677
1678 /* Get the event string array */
1679 szStringArray = (LPWSTR)((LPBYTE)pevlr + pevlr->StringOffset);
1680
1681 /* NOTE: GetEventMessageFileDLL can return a comma-separated list of DLLs */
1682 if (!GetEventMessageFileDLL(KeyName, SourceName, EVENT_MESSAGE_FILE,
1683 SourceModuleName, _countof(SourceModuleName)))
1684 {
1685 goto Quit;
1686 }
1687
1688 /* Allocate space for insertion strings */
1689 szArguments = HeapAlloc(GetProcessHeap(), 0, pevlr->NumStrings * sizeof(LPVOID));
1690 if (!szArguments)
1691 goto Quit;
1692
1693 // TODO: Revisit this whole IsParamModNameCached later,
1694 // see commits c1ecc98f60 (r71368) and d5ba2a3784 (r71958).
1695 *ParameterModuleName = UNICODE_NULL; // TEMP fix in case GetEventMessageFileDLL fails.
1696 if (!IsParamModNameCached)
1697 {
1698 /* Now that the parameter file list is loaded, no need to reload it at the next run! */
1699 IsParamModNameCached = GetEventMessageFileDLL(KeyName, SourceName, EVENT_PARAMETER_MESSAGE_FILE,
1700 ParameterModuleName, _countof(ParameterModuleName));
1701 // FIXME: If the string loading failed the first time, no need to retry it just after???
1702 }
1703
1704 if (IsParamModNameCached)
1705 {
1706 /* Not yet support for reading messages from parameter message DLL */
1707 }
1708
1709 szMessage = szStringArray;
1710 /*
1711 * HACK:
1712 * We do some hackish preformatting of the cached event strings...
1713 * That's because below, we pass the string to FormatMessage
1714 * (via GetMessageStringFromDllList) with the FORMAT_MESSAGE_ARGUMENT_ARRAY
1715 * flag, instead of ignoring the insertion parameters and do the formatting
1716 * by ourselves. Therefore, the resulting string should have the parameter
1717 * string placeholders starting with a single '%' instead of a mix of one
1718 * and two '%'.
1719 */
1720 /* HACK part 1: Compute the full length of the string array */
1721 cch = 0;
1722 for (i = 0; i < pevlr->NumStrings; i++)
1723 {
1724 szMessage += wcslen(szMessage) + 1;
1725 }
1726 cch = szMessage - szStringArray;
1727
1728 /* HACK part 2: Now do the HACK proper! */
1729 szMessage = szStringArray;
1730 for (i = 0; i < pevlr->NumStrings; i++)
1731 {
1732 lpMsgBuf = szMessage;
1733 while ((lpMsgBuf = wcsstr(lpMsgBuf, L"%%")))
1734 {
1735 if (iswdigit(lpMsgBuf[2]))
1736 {
1737 MoveMemory(lpMsgBuf, lpMsgBuf+1, ((szStringArray + cch) - lpMsgBuf - 1) * sizeof(WCHAR));
1738 }
1739 }
1740
1741 szArguments[i] = szMessage;
1742 szMessage += wcslen(szMessage) + 1;
1743 }
1744
1745 /* Retrieve the message string without appending extra newlines */
1746 lpMsgBuf =
1747 GetMessageStringFromDllList(SourceModuleName,
1748 FORMAT_MESSAGE_ALLOCATE_BUFFER | FORMAT_MESSAGE_FROM_HMODULE |
1749 FORMAT_MESSAGE_ARGUMENT_ARRAY | FORMAT_MESSAGE_MAX_WIDTH_MASK,
1750 pevlr->EventID,
1751 0,
1752 (va_list*)szArguments);
1753 if (lpMsgBuf)
1754 {
1755 /* Trim the string */
1756 TrimNulls(lpMsgBuf);
1757
1758 szMessage = NULL;
1759 Success = (ApplyParameterStringsToMessage(ParameterModuleName,
1760 TRUE,
1761 lpMsgBuf,
1762 &szMessage) == ERROR_SUCCESS);
1763 if (Success && szMessage)
1764 {
1765 /* Free the buffer allocated by FormatMessage */
1766 LocalFree(lpMsgBuf);
1767 lpMsgBuf = szMessage;
1768 }
1769
1770 /* Copy the event text */
1771 StringCchCopyW(EventText, cchText, lpMsgBuf);
1772
1773 /* Free the buffer allocated by FormatMessage */
1774 LocalFree(lpMsgBuf);
1775 }
1776
1777 HeapFree(GetProcessHeap(), 0, szArguments);
1778
1779Quit:
1780 if (!Success)
1781 {
1782 /* Get a read-only pointer to the "Event-Not-Found" string */
1783 SIZE_T cchResLen =
1784 LoadStringW(hInst, IDS_EVENTSTRINGIDNOTFOUND, (PWSTR)&szMessage, 0);
1785
1786 lpMsgBuf = HeapAlloc(GetProcessHeap(), 0, (cchResLen + 1) * sizeof(WCHAR));
1787 if (lpMsgBuf)
1788 {
1789 StringCchCopyNW(lpMsgBuf, cchResLen + 1, szMessage, cchResLen);
1790 szMessage = lpMsgBuf;
1791 }
1792 else
1793 {
1794 /* Use a hardcoded format string */
1795 szMessage = L"Event ID ( %lu ), Source ( %s )\n\n";
1796 }
1797 StringCchPrintfW(EventText, cchText, szMessage, (pevlr->EventID & 0xFFFF), SourceName);
1798 if (lpMsgBuf)
1799 HeapFree(GetProcessHeap(), 0, lpMsgBuf);
1800
1801 /* Append the strings */
1802 szMessage = szStringArray;
1803 for (i = 0; i < pevlr->NumStrings; i++)
1804 {
1805 StringCchCatW(EventText, cchText, szMessage);
1806 StringCchCatW(EventText, cchText, L"\n");
1807 szMessage += wcslen(szMessage) + 1;
1808 }
1809 }
1810
1811 return Success;
1812}
va_list
char * va_list
Definition: acmsvcex.h:78
IDS_EVENTSTRINGIDNOTFOUND
#define IDS_EVENTSTRINGIDNOTFOUND
Definition: resource.h:106
ApplyParameterStringsToMessage
DWORD ApplyParameterStringsToMessage(IN LPCWSTR lpMessageDllList, IN BOOL bMessagePreFormatted, IN CONST LPCWSTR pMessage, OUT LPWSTR *pFinalMessage)
Definition: eventvwr.c:903
EVENT_PARAMETER_MESSAGE_FILE
#define EVENT_PARAMETER_MESSAGE_FILE
Definition: eventvwr.c:41
EVENT_MESSAGE_FILE
#define EVENT_MESSAGE_FILE
Definition: eventvwr.c:40
StringCchCatW
STRSAFEAPI StringCchCatW(STRSAFE_LPWSTR pszDest, size_t cchDest, STRSAFE_LPCWSTR pszSrc)
Definition: strsafe.h:325
MoveMemory
#define MoveMemory
Definition: winbase.h:1750
FORMAT_MESSAGE_ARGUMENT_ARRAY
#define FORMAT_MESSAGE_ARGUMENT_ARRAY
Definition: winbase.h:457
cchText
_In_ int cchText
Definition: winuser.h:4541

Referenced by DisplayEvent().

◆ GetEventMessageFileDLL()

BOOL GetEventMessageFileDLL ( _In_ PCWSTR  LogName,
_In_ PCWSTR  SourceName,
_In_ PCWSTR  EntryName,
_Out_writes_z_(cchName) PWSTR  pModuleName,
_In_ SIZE_T  cchName 
)

Definition at line 1530 of file eventvwr.c.

1536{
1537 BOOL Success = FALSE;
1538 LONG Result;
1539 DWORD dwType, dwSize;
1540 WCHAR szModuleName[MAX_PATH];
1541 PWSTR KeyPath;
1542 SIZE_T cbKeyPath;
1543 HKEY hLogKey = NULL;
1544 HKEY hSourceKey = NULL;
1545
1546 if (cchName == 0)
1547 return FALSE;
1548
1549 cbKeyPath = (wcslen(EVENTLOG_BASE_KEY) + wcslen(LogName) + 1) * sizeof(WCHAR);
1550 KeyPath = HeapAlloc(GetProcessHeap(), 0, cbKeyPath);
1551 if (!KeyPath)
1552 {
1553 ShowWin32Error(ERROR_NOT_ENOUGH_MEMORY);
1554 return FALSE;
1555 }
1556
1557 StringCbCopyW(KeyPath, cbKeyPath, EVENTLOG_BASE_KEY);
1558 StringCbCatW(KeyPath, cbKeyPath, LogName);
1559
1560 Result = RegOpenKeyExW(hkMachine, KeyPath, 0, KEY_READ, &hLogKey);
1561 HeapFree(GetProcessHeap(), 0, KeyPath);
1562 if (Result != ERROR_SUCCESS)
1563 return FALSE;
1564
1565 Result = RegOpenKeyExW(hLogKey,
1566 SourceName,
1567 0,
1568 KEY_QUERY_VALUE,
1569 &hSourceKey);
1570 RegCloseKey(hLogKey);
1571 if (Result != ERROR_SUCCESS)
1572 return FALSE;
1573
1574 dwSize = sizeof(szModuleName);
1575 Result = RegQueryValueExW(hSourceKey,
1576 EntryName,
1577 NULL,
1578 &dwType,
1579 (LPBYTE)szModuleName,
1580 &dwSize);
1581 if ((Result != ERROR_SUCCESS) || (dwType != REG_EXPAND_SZ && dwType != REG_SZ))
1582 {
1583 *szModuleName = UNICODE_NULL;
1584 }
1585 else
1586 {
1587 /* NULL-terminate the string and expand it */
1588 szModuleName[dwSize / sizeof(WCHAR) - 1] = UNICODE_NULL;
1589 Success =
1590 (GetExpandedFilePathName(lpComputerName, szModuleName,
1591 pModuleName, cchName) != 0 && *pModuleName);
1592 }
1593
1594 RegCloseKey(hSourceKey);
1595
1596 return Success;
1597}
dwSize
PSDBQUERYRESULT_VISTA PVOID DWORD * dwSize
Definition: env.c:56

Referenced by GetEventCategory(), and GetEventMessage().

◆ GetEventType()

VOID GetEventType ( _In_ WORD  dwEventType,
_Out_writes_z_(cchText) PWSTR  pszEventType,
_In_ SIZE_T  cchText 
)

Definition at line 1815 of file eventvwr.c.

1819{
1820 switch (dwEventType)
1821 {
1822 case EVENTLOG_ERROR_TYPE:
1823 LoadStringW(hInst, IDS_EVENTLOG_ERROR_TYPE, pszEventType, cchText);
1824 break;
1825 case EVENTLOG_WARNING_TYPE:
1826 LoadStringW(hInst, IDS_EVENTLOG_WARNING_TYPE, pszEventType, cchText);
1827 break;
1828 case EVENTLOG_INFORMATION_TYPE:
1829 LoadStringW(hInst, IDS_EVENTLOG_INFORMATION_TYPE, pszEventType, cchText);
1830 break;
1831 case EVENTLOG_SUCCESS:
1832 LoadStringW(hInst, IDS_EVENTLOG_SUCCESS, pszEventType, cchText);
1833 break;
1834 case EVENTLOG_AUDIT_SUCCESS:
1835 LoadStringW(hInst, IDS_EVENTLOG_AUDIT_SUCCESS, pszEventType, cchText);
1836 break;
1837 case EVENTLOG_AUDIT_FAILURE:
1838 LoadStringW(hInst, IDS_EVENTLOG_AUDIT_FAILURE, pszEventType, cchText);
1839 break;
1840 default:
1841 LoadStringW(hInst, IDS_EVENTLOG_UNKNOWN_TYPE, pszEventType, cchText);
1842 break;
1843 }
1844}
IDS_EVENTLOG_INFORMATION_TYPE
#define IDS_EVENTLOG_INFORMATION_TYPE
Definition: resource.h:116
IDS_EVENTLOG_SUCCESS
#define IDS_EVENTLOG_SUCCESS
Definition: resource.h:119
IDS_EVENTLOG_AUDIT_FAILURE
#define IDS_EVENTLOG_AUDIT_FAILURE
Definition: resource.h:118
IDS_EVENTLOG_ERROR_TYPE
#define IDS_EVENTLOG_ERROR_TYPE
Definition: resource.h:114
IDS_EVENTLOG_WARNING_TYPE
#define IDS_EVENTLOG_WARNING_TYPE
Definition: resource.h:115
IDS_EVENTLOG_UNKNOWN_TYPE
#define IDS_EVENTLOG_UNKNOWN_TYPE
Definition: resource.h:120
IDS_EVENTLOG_AUDIT_SUCCESS
#define IDS_EVENTLOG_AUDIT_SUCCESS
Definition: resource.h:117

Referenced by EnumEventsThread().

◆ GetEventUserName()

BOOL GetEventUserName ( _In_ PEVENTLOGRECORD  pelr,
_Inout_ PSID pLastSid,
_Out_writes_z_(cchUser) PWSTR  pszUser,
_In_ SIZE_T  cchUser 
)

Definition at line 1847 of file eventvwr.c.

1852{
1853 PSID pCurrentSid;
1854 PWSTR StringSid;
1855 WCHAR szName[1024];
1856 WCHAR szDomain[1024];
1857 SID_NAME_USE peUse;
1858 DWORD cchName = _countof(szName);
1859 DWORD cchDomain = _countof(szDomain);
1860 BOOL Success = FALSE;
1861
1862 if (cchUser == 0)
1863 return FALSE;
1864
1865 /* Point to the SID */
1866 pCurrentSid = (PSID)((LPBYTE)pelr + pelr->UserSidOffset);
1867
1868 if (!IsValidSid(pCurrentSid))
1869 {
1870 *pLastSid = NULL;
1871 return FALSE;
1872 }
1873 else if (*pLastSid && EqualSid(*pLastSid, pCurrentSid))
1874 {
1875 return TRUE;
1876 }
1877
1878 /* User SID */
1879 if (pelr->UserSidLength > 0)
1880 {
1881 /*
1882 * Try to retrieve the user account name and domain name corresponding
1883 * to the SID. If it cannot be retrieved, try to convert the SID to a
1884 * string-form. It should not be bigger than the user-provided buffer
1885 * 'pszUser', otherwise we return an error.
1886 */
1887 if (LookupAccountSidW(lpComputerName,
1888 pCurrentSid,
1889 szName,
1890 &cchName,
1891 szDomain,
1892 &cchDomain,
1893 &peUse))
1894 {
1895 StringCchCopyW(pszUser, cchUser, szName);
1896 Success = TRUE;
1897 }
1898 else if (ConvertSidToStringSidW(pCurrentSid, &StringSid))
1899 {
1900 /* Copy the string only if the user-provided buffer is big enough */
1901 if (wcslen(StringSid) + 1 <= cchUser) // + 1 for NULL-terminator
1902 {
1903 StringCchCopyW(pszUser, cchUser, StringSid);
1904 Success = TRUE;
1905 }
1906 else
1907 {
1908 SetLastError(ERROR_NOT_ENOUGH_MEMORY);
1909 Success = FALSE;
1910 }
1911
1912 /* Free the allocated buffer */
1913 LocalFree(StringSid);
1914 }
1915 }
1916
1917 *pLastSid = Success ? pCurrentSid : NULL;
1918
1919 return Success;
1920}
LookupAccountSidW
BOOL WINAPI LookupAccountSidW(LPCWSTR pSystemName, PSID pSid, LPWSTR pAccountName, LPDWORD pdwAccountName, LPWSTR pDomainName, LPDWORD pdwDomainName, PSID_NAME_USE peUse)
Definition: misc.c:537
ConvertSidToStringSidW
BOOL WINAPI ConvertSidToStringSidW(PSID Sid, LPWSTR *StringSid)
Definition: security.c:3583
IsValidSid
BOOL WINAPI IsValidSid(PSID pSid)
Definition: security.c:819
EqualSid
BOOL WINAPI EqualSid(PSID pSid1, PSID pSid2)
Definition: security.c:829
SetLastError
#define SetLastError(x)
Definition: compat.h:752
SID_NAME_USE
enum _SID_NAME_USE SID_NAME_USE
PSID
struct _SID * PSID
Definition: eventlog.c:35
szName
static const WCHAR szName[]
Definition: powrprof.c:45
peUse
_In_ LPCSTR _Out_writes_bytes_to_opt_ cbSid PSID _Inout_ LPDWORD _Out_writes_to_opt_ cchReferencedDomainName LPSTR _Inout_ LPDWORD _Out_ PSID_NAME_USE peUse
Definition: winbase.h:2787

Referenced by EnumEventsThread().

◆ GetExpandedFilePathName()

SIZE_T GetExpandedFilePathName ( _In_opt_ PCWSTR  ComputerName,
_In_ PCWSTR  FileName,
_Out_writes_z_(nSize) PWSTR  pFullFileName,
_In_ SIZE_T  nSize 
)

Definition at line 1455 of file eventvwr.c.

1460{
1461 SIZE_T dwLength;
1462
1463 if (nSize == 0)
1464 return 0;
1465
1466 /* Determine the needed size after expansion of any environment strings */
1467 dwLength = ExpandEnvironmentStringsW(FileName, NULL, 0);
1468 if (dwLength == 0)
1469 {
1470 /* We failed, bail out */
1471 return 0;
1472 }
1473
1474 /* If the file path is on a remote computer, estimate its length */
1475 // FIXME: Use WNetGetUniversalName instead?
1476 if (ComputerName && *ComputerName)
1477 {
1478 /* Skip any leading backslashes */
1479 while (*ComputerName == L'\\')
1480 ++ComputerName;
1481
1482 if (*ComputerName)
1483 {
1484 /* Count 2 backslashes plus the computer name and one backslash separator */
1485 dwLength += 2 + wcslen(ComputerName) + 1;
1486 }
1487 }
1488
1489 /* Check whether we have enough space */
1490 if (dwLength > nSize)
1491 {
1492 /* No, return the needed size in characters (includes NULL-terminator) */
1493 *pFullFileName = UNICODE_NULL;
1494 return dwLength;
1495 }
1496
1497 /* Now expand the file path */
1498
1499 /* Expand any existing environment strings */
1500 if (ExpandEnvironmentStringsW(FileName, pFullFileName, dwLength) == 0)
1501 {
1502 /* We failed, bail out */
1503 return 0;
1504 }
1505
1506 /* If the file path is on a remote computer, retrieve the network share form of the file name */
1507 // FIXME: Use WNetGetUniversalName instead?
1508 if (ComputerName && *ComputerName)
1509 {
1510 /* Note that we previously skipped any potential leading backslashes */
1511
1512 /* Replace ':' by '$' in the drive letter */
1513 if (*pFullFileName && pFullFileName[1] == L':')
1514 pFullFileName[1] = L'$';
1515
1516 /* Prepend the computer name */
1517 MoveMemory(pFullFileName + 2 + wcslen(ComputerName) + 1,
1518 pFullFileName, dwLength * sizeof(WCHAR) - (2 + wcslen(ComputerName) + 1) * sizeof(WCHAR));
1519 pFullFileName[0] = L'\\';
1520 pFullFileName[1] = L'\\';
1521 wcsncpy(pFullFileName + 2, ComputerName, wcslen(ComputerName));
1522 pFullFileName[2 + wcslen(ComputerName)] = L'\\';
1523 }
1524
1525 /* Return the number of stored characters (includes NULL-terminator) */
1526 return dwLength;
1527}
wcsncpy
wcsncpy
Definition: corecrt_wstring.h:201
dwLength
static DWORD DWORD * dwLength
Definition: fusion.c:86
ExpandEnvironmentStringsW
DWORD WINAPI ExpandEnvironmentStringsW(IN LPCWSTR lpSrc, IN LPWSTR lpDst, IN DWORD nSize)
Definition: environ.c:519
_FileName
Definition: filecomp.c:348
nSize
*nSize LPSTR _Inout_ LPDWORD nSize
Definition: winbase.h:2125

Referenced by GetDisplayNameFileAndID(), GetEventMessageFileDLL(), and InitPropertiesDlg().

◆ GetFileTimeString()

BOOL GetFileTimeString ( LPFILETIME  lpFileTime,
LPWSTR  pwszResult,
UINT  cchResult 
)

Definition at line 1218 of file eventvwr.c.

1219{
1220 FILETIME ft;
1221 SYSTEMTIME st;
1222 int cchWritten;
1223 UINT cchRemaining = cchResult;
1224 size_t cchCopyRemaining;
1225 LPWSTR pwszEnd = pwszResult;
1226
1227 if (!FileTimeToLocalFileTime(lpFileTime, &ft) || !FileTimeToSystemTime(&ft, &st))
1228 return FALSE;
1229
1230 cchWritten = GetDateFormatW(LOCALE_USER_DEFAULT, DATE_LONGDATE, &st, NULL, pwszEnd, cchRemaining);
1231 if (cchWritten)
1232 --cchWritten; // GetDateFormatW returns count with terminating zero
1233 // else
1234 // ERR("GetDateFormatW failed\n");
1235
1236 cchRemaining -= cchWritten;
1237 pwszEnd += cchWritten;
1238
1239 StringCchCopyExW(pwszEnd, cchRemaining, L", ", &pwszEnd, &cchCopyRemaining, 0);
1240 cchRemaining = (UINT)cchCopyRemaining;
1241
1242 cchWritten = GetTimeFormatW(LOCALE_USER_DEFAULT, 0, &st, NULL, pwszEnd, cchRemaining);
1243 if (cchWritten)
1244 --cchWritten; // GetTimeFormatW returns count with terminating zero
1245 // else
1246 // ERR("GetTimeFormatW failed\n");
1247
1248 return TRUE;
1249}
DATE_LONGDATE
#define DATE_LONGDATE
Definition: winnls.h:210

Referenced by InitPropertiesDlg().

◆ GetMessageStringFromDll()

LPWSTR GetMessageStringFromDll ( IN LPCWSTR  lpMessageDll,
IN DWORD  dwFlags,
IN DWORD  dwMessageId,
IN DWORD  nSize,
IN va_list *Arguments  OPTIONAL 
)

Definition at line 738 of file eventvwr.c.

744{
745 HMODULE hLibrary;
746 DWORD dwLength;
747 LPWSTR lpMsgBuf = NULL;
748
749 hLibrary = LoadLibraryExW(lpMessageDll, NULL,
750 /* LOAD_LIBRARY_AS_IMAGE_RESOURCE | */ LOAD_LIBRARY_AS_DATAFILE);
751 if (hLibrary == NULL)
752 return NULL;
753
754 /* Sanitize dwFlags */
755 dwFlags &= ~FORMAT_MESSAGE_FROM_STRING;
756 dwFlags |= FORMAT_MESSAGE_FROM_HMODULE;
757
758 _SEH2_TRY
759 {
760 /*
761 * Retrieve the message string without appending extra newlines.
762 * Wrap in SEH to protect from invalid string parameters.
763 */
764 _SEH2_TRY
765 {
766 dwLength = FormatMessageW(dwFlags,
767 /* FORMAT_MESSAGE_ALLOCATE_BUFFER | FORMAT_MESSAGE_FROM_HMODULE |
768 FORMAT_MESSAGE_IGNORE_INSERTS | FORMAT_MESSAGE_MAX_WIDTH_MASK, */
769 hLibrary,
770 dwMessageId,
771 LANG_USER_DEFAULT,
772 (LPWSTR)&lpMsgBuf,
773 nSize,
774 Arguments);
775 }
776 _SEH2_EXCEPT(EXCEPTION_EXECUTE_HANDLER)
777 {
778 dwLength = 0;
779
780 /*
781 * An exception occurred while calling FormatMessage, this is usually
782 * the sign that a parameter was invalid, either 'lpMsgBuf' was NULL
783 * but we did not pass the flag FORMAT_MESSAGE_ALLOCATE_BUFFER, or the
784 * array pointer 'Arguments' was NULL or did not contain enough elements,
785 * and we did not pass the flag FORMAT_MESSAGE_IGNORE_INSERTS, and the
786 * message string expected too many inserts.
787 * In this last case only, we can call again FormatMessage but ignore
788 * explicitly the inserts. The string that we will return to the user
789 * will not be pre-formatted.
790 */
791 if (((dwFlags & FORMAT_MESSAGE_ALLOCATE_BUFFER) || lpMsgBuf) &&
792 !(dwFlags & FORMAT_MESSAGE_IGNORE_INSERTS))
793 {
794 /* Remove any possible harmful flags and always ignore inserts */
795 dwFlags &= ~FORMAT_MESSAGE_ARGUMENT_ARRAY;
796 dwFlags |= FORMAT_MESSAGE_IGNORE_INSERTS;
797
798 /* If this call also throws an exception, we are really dead */
799 dwLength = FormatMessageW(dwFlags,
800 hLibrary,
801 dwMessageId,
802 LANG_USER_DEFAULT,
803 (LPWSTR)&lpMsgBuf,
804 nSize,
805 NULL /* Arguments */);
806 }
807 }
808 _SEH2_END;
809 }
810 _SEH2_FINALLY
811 {
812 FreeLibrary(hLibrary);
813 }
814 _SEH2_END;
815
816 if (dwLength == 0)
817 {
818 ASSERT(lpMsgBuf == NULL);
819 lpMsgBuf = NULL;
820 }
821 else
822 {
823 LPWSTR ptr;
824
825 ASSERT(lpMsgBuf);
826
827 /* Trim any trailing whitespace */
828 ptr = lpMsgBuf + dwLength - 1;
829 while (iswspace(*ptr))
830 *ptr-- = UNICODE_NULL;
831 }
832
833 return lpMsgBuf;
834}
hLibrary
HMODULE hLibrary
Definition: odbccp32.c:12
FreeLibrary
#define FreeLibrary(x)
Definition: compat.h:748
LoadLibraryExW
HINSTANCE WINAPI DECLSPEC_HOTPATCH LoadLibraryExW(LPCWSTR lpLibFileName, HANDLE hFile, DWORD dwFlags)
Definition: loader.c:288
FormatMessageW
DWORD WINAPI FormatMessageW(DWORD dwFlags, LPCVOID lpSource, DWORD dwMessageId, DWORD dwLanguageId, LPWSTR lpBuffer, DWORD nSize, __ms_va_list *args)
Definition: format_msg.c:583
iswspace
#define iswspace(_c)
Definition: ctype.h:669
EXCEPTION_EXECUTE_HANDLER
#define EXCEPTION_EXECUTE_HANDLER
Definition: excpt.h:90
ptr
static PVOID ptr
Definition: dispmode.c:27
_SEH2_EXCEPT
#define _SEH2_EXCEPT(...)
Definition: pseh2_64.h:82
_SEH2_FINALLY
#define _SEH2_FINALLY
Definition: pseh2_64.h:130
_SEH2_END
#define _SEH2_END
Definition: pseh2_64.h:171
_SEH2_TRY
#define _SEH2_TRY
Definition: pseh2_64.h:71
LANG_USER_DEFAULT
#define LANG_USER_DEFAULT
Definition: tnerror.cpp:50
LOAD_LIBRARY_AS_DATAFILE
#define LOAD_LIBRARY_AS_DATAFILE
Definition: winbase.h:375

Referenced by BuildLogListAndFilterList(), and GetMessageStringFromDllList().

◆ GetMessageStringFromDllList()

LPWSTR GetMessageStringFromDllList ( IN LPCWSTR  lpMessageDllList,
IN DWORD  dwFlags,
IN DWORD  dwMessageId,
IN DWORD  nSize,
IN va_list *Arguments  OPTIONAL 
)

Definition at line 842 of file eventvwr.c.

848{
849 BOOL Success = FALSE;
850 SIZE_T cbLength;
851 LPWSTR szMessageDllList;
852 LPWSTR szDll;
853 LPWSTR lpMsgBuf = NULL;
854
855 /* Allocate a local buffer for the DLL list that can be tokenized */
856 // TODO: Optimize that!! Maybe we can cleverly use lpMessageDllList in read/write mode
857 // and cleverly temporarily replace the ';' by UNICODE_NULL, do our job, then reverse the change.
858 cbLength = (wcslen(lpMessageDllList) + 1) * sizeof(WCHAR);
859 szMessageDllList = HeapAlloc(GetProcessHeap(), HEAP_ZERO_MEMORY, cbLength);
860 if (!szMessageDllList)
861 return NULL;
862 CopyMemory(szMessageDllList, lpMessageDllList, cbLength);
863
864 /* Loop through the list of message DLLs */
865 szDll = wcstok(szMessageDllList, EVENT_DLL_SEPARATOR);
866 while ((szDll != NULL) && !Success)
867 {
868 // Uses LANG_USER_DEFAULT
869 lpMsgBuf = GetMessageStringFromDll(szDll,
870 dwFlags,
871 dwMessageId,
872 nSize,
873 Arguments);
874 if (lpMsgBuf)
875 {
876 /* The ID was found and the message was formatted */
877 Success = TRUE;
878 break;
879 }
880
881 /*
882 * The DLL could not be loaded, or the message could not be found,
883 * try the next DLL, if any.
884 */
885 szDll = wcstok(NULL, EVENT_DLL_SEPARATOR);
886 }
887
888 HeapFree(GetProcessHeap(), 0, szMessageDllList);
889
890 return lpMsgBuf;
891}
EVENT_DLL_SEPARATOR
#define EVENT_DLL_SEPARATOR
Definition: eventvwr.c:38
wcstok
_CRT_RESTORE_GCC_WARNINGS _Check_return_ _CRTIMP wchar_t *__cdecl wcstok(_Inout_opt_z_ wchar_t *_Str, _In_z_ const wchar_t *_Delim)

Referenced by ApplyParameterStringsToMessage(), GetEventCategory(), and GetEventMessage().

◆ GetSelectedFilter()

PEVENTLOGFILTER GetSelectedFilter ( OUT HTREEITEM *phti  OPTIONAL)

Definition at line 2494 of file eventvwr.c.

2495{
2496 TVITEMEXW tvItemEx;
2497 HTREEITEM hti;
2498
2499 if (phti)
2500 *phti = NULL;
2501
2502 /* Get index of selected item */
2503 hti = TreeView_GetSelection(hwndTreeView);
2504 if (hti == NULL)
2505 return NULL; // No filter
2506
2507 tvItemEx.mask = TVIF_PARAM;
2508 tvItemEx.hItem = hti;
2509
2510 TreeView_GetItem(hwndTreeView, &tvItemEx);
2511
2512 if (phti)
2513 *phti = tvItemEx.hItem;
2514
2515 return (PEVENTLOGFILTER)tvItemEx.lParam;
2516}
TreeView_GetSelection
#define TreeView_GetSelection(hwnd)
Definition: commctrl.h:3478
TreeView_GetItem
#define TreeView_GetItem(hwnd, pitem)
Definition: commctrl.h:3495
TVIF_PARAM
#define TVIF_PARAM
Definition: commctrl.h:3273
tagTVITEMEXW::lParam
LPARAM lParam
Definition: commctrl.h:3360
tagTVITEMEXW::hItem
HTREEITEM hItem
Definition: commctrl.h:3352

Referenced by EventLogPropProc(), and WndProc().

◆ InitInstance()

BOOL InitInstance ( HINSTANCE  hInstance)

Definition at line 3101 of file eventvwr.c.

3102{
3103 RECT rcClient, rs;
3104 LONG StatusHeight;
3105 HIMAGELIST hSmall;
3106 LVCOLUMNW lvc = {0};
3107 WCHAR szTemp[256];
3108 INT iColumn;
3109 static const struct
3110 {
3111 WORD width;
3112 WORD uID;
3113 } columnItems[] =
3114 {
3115 { 90, IDS_COLUMNTYPE },
3116 { 70, IDS_COLUMNDATE },
3117 { 70, IDS_COLUMNTIME },
3118 { 150, IDS_COLUMNSOURCE },
3119 { 100, IDS_COLUMNCATEGORY },
3120 { 60, IDS_COLUMNEVENT },
3121 { 120, IDS_COLUMNUSER },
3122 { 100, IDS_COLUMNCOMPUTER },
3123 };
3124
3125 /* Create the main window */
3126 rs = Settings.wpPos.rcNormalPosition;
3127 hwndMainWindow = CreateWindowW(EVENTVWR_WNDCLASS,
3128 szTitle,
3129 WS_OVERLAPPEDWINDOW | WS_CLIPCHILDREN,
3130 rs.left, rs.top,
3131 (rs.right != CW_USEDEFAULT && rs.left != CW_USEDEFAULT) ? rs.right - rs.left : CW_USEDEFAULT,
3132 (rs.bottom != CW_USEDEFAULT && rs.top != CW_USEDEFAULT) ? rs.bottom - rs.top : CW_USEDEFAULT,
3133 NULL,
3134 NULL,
3135 hInstance,
3136 NULL);
3137 if (!hwndMainWindow)
3138 return FALSE;
3139
3140 /* Create the status bar */
3141 hwndStatus = CreateWindowExW(0, // no extended styles
3142 STATUSCLASSNAMEW, // status bar
3143 L"", // no text
3144 WS_CHILD | WS_VISIBLE | CCS_BOTTOM | SBARS_SIZEGRIP, // styles
3145 0, 0, 0, 0, // x, y, cx, cy
3146 hwndMainWindow, // parent window
3147 (HMENU)100, // window ID
3148 hInstance, // instance
3149 NULL); // window data
3150
3151 GetClientRect(hwndMainWindow, &rcClient);
3152 GetWindowRect(hwndStatus, &rs);
3153 StatusHeight = rs.bottom - rs.top;
3154
3155 /* Create a progress bar in the status bar (hidden by default) */
3156 StatusBar_GetItemRect(hwndStatus, 0, &rs);
3157 hwndStatusProgress = CreateWindowExW(0, // no extended styles
3158 PROGRESS_CLASSW, // status bar
3159 NULL, // no text
3160 WS_CHILD | PBS_SMOOTH, // styles
3161 rs.left, rs.top, // x, y
3162 rs.right - rs.left, rs.bottom - rs.top, // cx, cy
3163 hwndStatus, // parent window
3164 NULL, // window ID
3165 hInstance, // instance
3166 NULL); // window data
3167 /* Remove its static edge */
3168 SetWindowLongPtrW(hwndStatusProgress, GWL_EXSTYLE,
3169 GetWindowLongPtrW(hwndStatusProgress, GWL_EXSTYLE) & ~WS_EX_STATICEDGE);
3170 ProgressBar_SetStep(hwndStatusProgress, 1);
3171
3172 /* Initialize the splitter default positions */
3173 nVSplitPos = Settings.nVSplitPos;
3174 nHSplitPos = Settings.nHSplitPos;
3175
3176 /* Create the TreeView */
3177 hwndTreeView = CreateWindowExW(WS_EX_CLIENTEDGE,
3178 WC_TREEVIEWW,
3179 NULL,
3180 // WS_CHILD | WS_VISIBLE | TVS_HASLINES | TVS_SHOWSELALWAYS,
3181 WS_CHILD | WS_VISIBLE | /* WS_TABSTOP | */ TVS_HASLINES | TVS_HASBUTTONS | TVS_LINESATROOT | TVS_EDITLABELS | TVS_SHOWSELALWAYS,
3182 0, 0,
3183 nVSplitPos - SPLIT_WIDTH/2,
3184 (rcClient.bottom - rcClient.top) - StatusHeight,
3185 hwndMainWindow,
3186 NULL,
3187 hInstance,
3188 NULL);
3189
3190 /* Create the ImageList */
3191 hSmall = ImageList_Create(GetSystemMetrics(SM_CXSMICON),
3192 GetSystemMetrics(SM_CYSMICON),
3193 ILC_COLOR32 | ILC_MASK, // ILC_COLOR24
3194 1, 1);
3195
3196 /* Add event type icons to the ImageList: closed/opened folder, event log (normal/viewed) */
3197 ImageList_AddIcon(hSmall, LoadIconW(hInstance, MAKEINTRESOURCEW(IDI_CLOSED_CATEGORY)));
3198 ImageList_AddIcon(hSmall, LoadIconW(hInstance, MAKEINTRESOURCEW(IDI_OPENED_CATEGORY)));
3199 ImageList_AddIcon(hSmall, LoadIconW(hInstance, MAKEINTRESOURCEW(IDI_EVENTLOG)));
3200 ImageList_AddIcon(hSmall, LoadIconW(hInstance, MAKEINTRESOURCEW(IDI_EVENTVWR)));
3201
3202 /* Assign the ImageList to the Tree View */
3203 TreeView_SetImageList(hwndTreeView, hSmall, TVSIL_NORMAL);
3204
3205 /* Add the event logs nodes */
3206 // "System Logs"
3207 LoadStringW(hInstance, IDS_EVENTLOG_SYSTEM, szTemp, ARRAYSIZE(szTemp));
3208 htiSystemLogs = TreeViewAddItem(hwndTreeView, NULL, szTemp, 0, 1, (LPARAM)NULL);
3209 // "Application Logs"
3210 LoadStringW(hInstance, IDS_EVENTLOG_APP, szTemp, ARRAYSIZE(szTemp));
3211 htiAppLogs = TreeViewAddItem(hwndTreeView, NULL, szTemp, 0, 1, (LPARAM)NULL);
3212 // "User Logs"
3213 LoadStringW(hInstance, IDS_EVENTLOG_USER, szTemp, ARRAYSIZE(szTemp));
3214 htiUserLogs = TreeViewAddItem(hwndTreeView, NULL, szTemp, 0, 1, (LPARAM)NULL);
3215
3216 /* Create the Event details pane (optional) */
3217 hwndEventDetails = CreateEventDetailsCtrl(hInst, hwndMainWindow, (LPARAM)NULL);
3218 if (hwndEventDetails)
3219 {
3220 SetWindowLongPtrW(hwndEventDetails, GWL_EXSTYLE,
3221 GetWindowLongPtrW(hwndEventDetails, GWL_EXSTYLE) | WS_EX_CLIENTEDGE);
3222 SetWindowPos(hwndEventDetails, NULL,
3223 nVSplitPos + SPLIT_WIDTH/2,
3224 nHSplitPos + SPLIT_WIDTH/2,
3225 (rcClient.right - rcClient.left) - nVSplitPos - SPLIT_WIDTH/2,
3226 (rcClient.bottom - rcClient.top) - nHSplitPos - SPLIT_WIDTH/2 - StatusHeight,
3227 SWP_NOZORDER | SWP_NOACTIVATE | (Settings.bShowDetailsPane ? SWP_SHOWWINDOW : SWP_HIDEWINDOW));
3228 }
3229
3230 /* Create the ListView */
3231 hwndListView = CreateWindowExW(WS_EX_CLIENTEDGE,
3232 WC_LISTVIEWW,
3233 NULL,
3234 WS_CHILD | WS_VISIBLE | LVS_SHOWSELALWAYS | LVS_REPORT,
3235 nVSplitPos + SPLIT_WIDTH/2,
3236 0,
3237 (rcClient.right - rcClient.left) - nVSplitPos - SPLIT_WIDTH/2,
3238 hwndEventDetails && Settings.bShowDetailsPane
3239 ? nHSplitPos - SPLIT_WIDTH/2
3240 : (rcClient.bottom - rcClient.top) - StatusHeight,
3241 hwndMainWindow,
3242 NULL,
3243 hInstance,
3244 NULL);
3245
3246 /* Add the extended ListView styles */
3247 ListView_SetExtendedListViewStyle(hwndListView, LVS_EX_HEADERDRAGDROP | LVS_EX_FULLROWSELECT | LVS_EX_LABELTIP | (Settings.bShowGrid ? LVS_EX_GRIDLINES : 0));
3248
3249 /* Create the ImageList */
3250 hSmall = ImageList_Create(GetSystemMetrics(SM_CXSMICON),
3251 GetSystemMetrics(SM_CYSMICON),
3252 ILC_COLOR32 | ILC_MASK, // ILC_COLOR24
3253 1, 1);
3254
3255 /* Add event type icons to the ImageList */
3256 ImageList_AddIcon(hSmall, LoadIconW(hInstance, MAKEINTRESOURCEW(IDI_INFORMATIONICON)));
3257 ImageList_AddIcon(hSmall, LoadIconW(hInstance, MAKEINTRESOURCEW(IDI_WARNINGICON)));
3258 ImageList_AddIcon(hSmall, LoadIconW(hInstance, MAKEINTRESOURCEW(IDI_ERRORICON)));
3259 ImageList_AddIcon(hSmall, LoadIconW(hInstance, MAKEINTRESOURCEW(IDI_AUDITSUCCESSICON)));
3260 ImageList_AddIcon(hSmall, LoadIconW(hInstance, MAKEINTRESOURCEW(IDI_AUDITFAILUREICON)));
3261
3262 /* Assign the ImageList to the List View */
3263 ListView_SetImageList(hwndListView, hSmall, LVSIL_SMALL);
3264
3265 /* Now set up the listview with its columns */
3266 lvc.mask = LVCF_TEXT | LVCF_WIDTH;
3267 lvc.pszText = szTemp;
3268 for (iColumn = 0; iColumn < ARRAYSIZE(columnItems); ++iColumn)
3269 {
3270 lvc.cx = columnItems[iColumn].width;
3271 LoadStringW(hInstance, columnItems[iColumn].uID, szTemp, ARRAYSIZE(szTemp));
3272 ListView_InsertColumn(hwndListView, iColumn, &lvc);
3273 }
3274
3275 /* Initialize the save Dialog */
3276 ZeroMemory(&sfn, sizeof(sfn));
3277 ZeroMemory(szSaveFilter, sizeof(szSaveFilter));
3278
3279 LoadStringW(hInst, IDS_SAVE_FILTER, szSaveFilter, ARRAYSIZE(szSaveFilter));
3280
3281 sfn.lStructSize = sizeof(sfn);
3282 sfn.hwndOwner = hwndMainWindow;
3283 sfn.hInstance = hInstance;
3284 sfn.lpstrFilter = szSaveFilter;
3285 sfn.lpstrInitialDir = NULL;
3286 sfn.Flags = OFN_EXPLORER | OFN_HIDEREADONLY | OFN_SHAREAWARE;
3287 sfn.lpstrDefExt = L"evt";
3288
3289 ShowWindow(hwndMainWindow, Settings.wpPos.showCmd);
3290 UpdateWindow(hwndMainWindow);
3291
3292 return TRUE;
3293}
IDI_EVENTVWR
#define IDI_EVENTVWR
Definition: resource.h:13
IDI_CLOSED_CATEGORY
#define IDI_CLOSED_CATEGORY
Definition: resource.h:15
IDS_COLUMNTIME
#define IDS_COLUMNTIME
Definition: resource.h:126
IDS_COLUMNSOURCE
#define IDS_COLUMNSOURCE
Definition: resource.h:127
IDI_OPENED_CATEGORY
#define IDI_OPENED_CATEGORY
Definition: resource.h:16
IDI_EVENTLOG
#define IDI_EVENTLOG
Definition: resource.h:14
IDS_COLUMNTYPE
#define IDS_COLUMNTYPE
Definition: resource.h:124
IDS_COLUMNCOMPUTER
#define IDS_COLUMNCOMPUTER
Definition: resource.h:131
IDS_COLUMNEVENT
#define IDS_COLUMNEVENT
Definition: resource.h:129
IDI_AUDITFAILUREICON
#define IDI_AUDITFAILUREICON
Definition: resource.h:21
IDI_ERRORICON
#define IDI_ERRORICON
Definition: resource.h:19
IDI_AUDITSUCCESSICON
#define IDI_AUDITSUCCESSICON
Definition: resource.h:20
IDI_INFORMATIONICON
#define IDI_INFORMATIONICON
Definition: resource.h:17
IDS_EVENTLOG_SYSTEM
#define IDS_EVENTLOG_SYSTEM
Definition: resource.h:101
IDS_SAVE_FILTER
#define IDS_SAVE_FILTER
Definition: resource.h:104
IDS_EVENTLOG_APP
#define IDS_EVENTLOG_APP
Definition: resource.h:102
IDS_COLUMNUSER
#define IDS_COLUMNUSER
Definition: resource.h:130
IDI_WARNINGICON
#define IDI_WARNINGICON
Definition: resource.h:18
IDS_COLUMNCATEGORY
#define IDS_COLUMNCATEGORY
Definition: resource.h:128
IDS_COLUMNDATE
#define IDS_COLUMNDATE
Definition: resource.h:125
IDS_EVENTLOG_USER
#define IDS_EVENTLOG_USER
Definition: resource.h:103
OFN_EXPLORER
#define OFN_EXPLORER
Definition: commdlg.h:104
OFN_SHAREAWARE
#define OFN_SHAREAWARE
Definition: commdlg.h:119
OFN_HIDEREADONLY
#define OFN_HIDEREADONLY
Definition: commdlg.h:107
ImageList_Create
HIMAGELIST WINAPI ImageList_Create(INT cx, INT cy, UINT flags, INT cInitial, INT cGrow)
Definition: imagelist.c:814
SPLIT_WIDTH
#define SPLIT_WIDTH
Definition: eventvwr.c:45
htiUserLogs
HTREEITEM htiUserLogs
Definition: eventvwr.c:72
EVENTVWR_WNDCLASS
static const LPCWSTR EVENTVWR_WNDCLASS
Definition: eventvwr.c:23
nVSplitPos
INT nVSplitPos
Definition: eventvwr.c:56
nHSplitPos
INT nHSplitPos
Definition: eventvwr.c:57
szSaveFilter
WCHAR szSaveFilter[MAX_LOADSTRING]
Definition: eventvwr.c:54
StatusBar_GetItemRect
#define StatusBar_GetItemRect(hwndCtl, index, lprc)
Definition: eventvwr.h:67
ProgressBar_SetStep
#define ProgressBar_SetStep(hwndCtl, inc)
Definition: eventvwr.h:62
WORD
unsigned short WORD
Definition: ntddk_ex.h:93
width
GLint GLint GLsizei width
Definition: gl.h:1546
HMENU
static const CLSID *static CLSID *static const GUID VARIANT VARIANT *static IServiceProvider DWORD *static HMENU
Definition: ordinal.c:63
WS_OVERLAPPEDWINDOW
#define WS_OVERLAPPEDWINDOW
Definition: pedump.c:637
WS_CLIPCHILDREN
#define WS_CLIPCHILDREN
Definition: pedump.c:619
LVSIL_SMALL
#define LVSIL_SMALL
Definition: commctrl.h:2304
TVS_LINESATROOT
#define TVS_LINESATROOT
Definition: commctrl.h:3254
PROGRESS_CLASSW
#define PROGRESS_CLASSW
Definition: commctrl.h:2181
LVS_EX_LABELTIP
#define LVS_EX_LABELTIP
Definition: commctrl.h:2748
ListView_InsertColumn
#define ListView_InsertColumn(hwnd, iCol, pcol)
Definition: commctrl.h:2641
LVS_EX_GRIDLINES
#define LVS_EX_GRIDLINES
Definition: commctrl.h:2734
ListView_SetImageList
#define ListView_SetImageList(hwnd, himl, iImageList)
Definition: commctrl.h:2309
WC_LISTVIEWW
#define WC_LISTVIEWW
Definition: commctrl.h:2262
LVS_EX_HEADERDRAGDROP
#define LVS_EX_HEADERDRAGDROP
Definition: commctrl.h:2738
CCS_BOTTOM
#define CCS_BOTTOM
Definition: commctrl.h:2249
LVS_SHOWSELALWAYS
#define LVS_SHOWSELALWAYS
Definition: commctrl.h:2272
LVS_REPORT
#define LVS_REPORT
Definition: commctrl.h:2267
TVSIL_NORMAL
#define TVSIL_NORMAL
Definition: commctrl.h:3448
LVCF_WIDTH
#define LVCF_WIDTH
Definition: commctrl.h:2592
STATUSCLASSNAMEW
#define STATUSCLASSNAMEW
Definition: commctrl.h:1941
TVS_SHOWSELALWAYS
#define TVS_SHOWSELALWAYS
Definition: commctrl.h:3257
ILC_COLOR32
#define ILC_COLOR32
Definition: commctrl.h:358
LVS_EX_FULLROWSELECT
#define LVS_EX_FULLROWSELECT
Definition: commctrl.h:2739
TVS_HASLINES
#define TVS_HASLINES
Definition: commctrl.h:3253
ListView_SetExtendedListViewStyle
#define ListView_SetExtendedListViewStyle(hwndLV, dw)
Definition: commctrl.h:2730
PBS_SMOOTH
#define PBS_SMOOTH
Definition: commctrl.h:2185
WC_TREEVIEWW
#define WC_TREEVIEWW
Definition: commctrl.h:3248
ImageList_AddIcon
#define ImageList_AddIcon(himl, hicon)
Definition: commctrl.h:415
TVS_HASBUTTONS
#define TVS_HASBUTTONS
Definition: commctrl.h:3252
ILC_MASK
#define ILC_MASK
Definition: commctrl.h:351
SBARS_SIZEGRIP
#define SBARS_SIZEGRIP
Definition: commctrl.h:1928
TVS_EDITLABELS
#define TVS_EDITLABELS
Definition: commctrl.h:3255
LVCF_TEXT
#define LVCF_TEXT
Definition: commctrl.h:2593
TreeView_SetImageList
#define TreeView_SetImageList(hwnd, himl, iImage)
Definition: commctrl.h:3452
_IMAGELIST
Definition: imagelist.c:84
tagLVCOLUMNW::pszText
LPWSTR pszText
Definition: commctrl.h:2572
tagOFNW::hInstance
HINSTANCE hInstance
Definition: commdlg.h:362
tagOFNW::hwndOwner
HWND hwndOwner
Definition: commdlg.h:361
tagOFNW::Flags
DWORD Flags
Definition: commdlg.h:373
tagOFNW::lpstrInitialDir
LPCWSTR lpstrInitialDir
Definition: commdlg.h:371
tagOFNW::lpstrDefExt
LPCWSTR lpstrDefExt
Definition: commdlg.h:376
tagOFNW::lStructSize
DWORD lStructSize
Definition: commdlg.h:360
tagOFNW::lpstrFilter
LPCWSTR lpstrFilter
Definition: commdlg.h:363
WS_EX_STATICEDGE
#define WS_EX_STATICEDGE
Definition: winuser.h:403
SetWindowPos
BOOL WINAPI SetWindowPos(_In_ HWND, _In_opt_ HWND, _In_ int, _In_ int, _In_ int, _In_ int, _In_ UINT)
SM_CYSMICON
#define SM_CYSMICON
Definition: winuser.h:1024
SM_CXSMICON
#define SM_CXSMICON
Definition: winuser.h:1023
CreateWindowExW
HWND WINAPI CreateWindowExW(_In_ DWORD dwExStyle, _In_opt_ LPCWSTR lpClassName, _In_opt_ LPCWSTR lpWindowName, _In_ DWORD dwStyle, _In_ int X, _In_ int Y, _In_ int nWidth, _In_ int nHeight, _In_opt_ HWND hWndParent, _In_opt_ HMENU hMenu, _In_opt_ HINSTANCE hInstance, _In_opt_ LPVOID lpParam)
UpdateWindow
BOOL WINAPI UpdateWindow(_In_ HWND)
SWP_SHOWWINDOW
#define SWP_SHOWWINDOW
Definition: winuser.h:1259
CW_USEDEFAULT
#define CW_USEDEFAULT
Definition: winuser.h:225
SWP_HIDEWINDOW
#define SWP_HIDEWINDOW
Definition: winuser.h:1252
WS_EX_CLIENTEDGE
#define WS_EX_CLIENTEDGE
Definition: winuser.h:384
LoadIconW
HICON WINAPI LoadIconW(_In_opt_ HINSTANCE hInstance, _In_ LPCWSTR lpIconName)
Definition: cursoricon.c:2412
GWL_EXSTYLE
#define GWL_EXSTYLE
Definition: winuser.h:862

Referenced by wWinMain().

◆ InitPropertiesDlg()

static VOID InitPropertiesDlg ( HWND  hDlg,
PEVENTLOG  EventLog 
)
static

Definition at line 3908 of file eventvwr.c.

3909{
3910 LPWSTR lpLogName = EventLog->LogName;
3911
3912 DWORD Result, dwType;
3913 DWORD dwMaxSize = 0, dwRetention = 0;
3914 BOOL Success;
3915 WIN32_FIND_DATAW FileInfo; // WIN32_FILE_ATTRIBUTE_DATA
3916 ULARGE_INTEGER FileSize;
3917 WCHAR wszBuf[MAX_PATH];
3918 WCHAR szTemp[MAX_LOADSTRING];
3919 LPWSTR FileName;
3920
3921 HKEY hLogKey;
3922 PWSTR KeyPath;
3923 SIZE_T cbKeyPath;
3924 DWORD cbData;
3925
3926 if (EventLog->Permanent)
3927 {
3928
3929 cbKeyPath = (wcslen(EVENTLOG_BASE_KEY) + wcslen(lpLogName) + 1) * sizeof(WCHAR);
3930 KeyPath = HeapAlloc(GetProcessHeap(), 0, cbKeyPath);
3931 if (!KeyPath)
3932 {
3933 ShowWin32Error(ERROR_NOT_ENOUGH_MEMORY);
3934 goto Quit;
3935 }
3936
3937 StringCbCopyW(KeyPath, cbKeyPath, EVENTLOG_BASE_KEY);
3938 StringCbCatW(KeyPath, cbKeyPath, lpLogName);
3939
3940 Result = RegOpenKeyExW(hkMachine, KeyPath, 0, KEY_QUERY_VALUE, &hLogKey);
3941 HeapFree(GetProcessHeap(), 0, KeyPath);
3942 if (Result != ERROR_SUCCESS)
3943 {
3944 ShowWin32Error(Result);
3945 goto Quit;
3946 }
3947
3948
3949 cbData = sizeof(dwMaxSize);
3950 Result = RegQueryValueExW(hLogKey,
3951 L"MaxSize",
3952 NULL,
3953 &dwType,
3954 (LPBYTE)&dwMaxSize,
3955 &cbData);
3956 if ((Result != ERROR_SUCCESS) || (dwType != REG_DWORD))
3957 {
3958 // dwMaxSize = 512 * 1024; /* 512 kBytes */
3959 /* Workstation: 512 KB; Server: 16384 KB */
3960 dwMaxSize = 16384 * 1024;
3961 }
3962 /* Convert in KB */
3963 dwMaxSize /= 1024;
3964
3965 cbData = sizeof(dwRetention);
3966 Result = RegQueryValueExW(hLogKey,
3967 L"Retention",
3968 NULL,
3969 &dwType,
3970 (LPBYTE)&dwRetention,
3971 &cbData);
3972 if ((Result != ERROR_SUCCESS) || (dwType != REG_DWORD))
3973 {
3974 /* By default, it is 604800 (secs) == 7 days. On Server, the retention is zeroed out. */
3975 dwRetention = 0;
3976 }
3977 /* Convert in days, rounded up */
3978 if (dwRetention != INFINITE)
3979 dwRetention = (dwRetention + 24*3600 - 1) / (24*3600);
3980
3981 RegCloseKey(hLogKey);
3982
3983 }
3984
3985Quit:
3986
3987 SetDlgItemTextW(hDlg, IDC_DISPLAYNAME, lpLogName); // FIXME!
3988 SetDlgItemTextW(hDlg, IDC_LOGNAME, lpLogName);
3989
3990 FileName = EventLog->FileName;
3991 if (FileName && *FileName)
3992 {
3993 /* Expand the file name. If the log file is on a remote computer, retrieve the network share form of the file name. */
3994 GetExpandedFilePathName(EventLog->ComputerName, FileName, wszBuf, _countof(wszBuf));
3995 FileName = wszBuf;
3996 }
3997 else
3998 {
3999 FileName = L"";
4000 }
4001 SetDlgItemTextW(hDlg, IDC_LOGFILE, FileName);
4002
4003 if (FileName && *FileName)
4004 {
4005 /*
4006 * The general problem here (and in the shell as well) is that
4007 * GetFileAttributesEx fails for files that are opened without
4008 * shared access. To retrieve file information for those we need
4009 * to use something else: FindFirstFile, on the full file name.
4010 */
4011 Success = GetFileAttributesExW(FileName,
4012 GetFileExInfoStandard,
4013 (LPWIN32_FILE_ATTRIBUTE_DATA)&FileInfo);
4014 if (!Success)
4015 {
4016 HANDLE hFind = FindFirstFileW(FileName, &FileInfo);
4017 Success = (hFind != INVALID_HANDLE_VALUE);
4018 if (Success)
4019 FindClose(hFind);
4020 }
4021 }
4022 else
4023 {
4024 Success = FALSE;
4025 }
4026
4027 /* Starting there, FileName becomes invalid because we are reusing wszBuf */
4028
4029 if (Success)
4030 {
4031 FileSize.u.LowPart = FileInfo.nFileSizeLow;
4032 FileSize.u.HighPart = FileInfo.nFileSizeHigh;
4033 if (FormatFileSizeWithBytes(&FileSize, wszBuf, ARRAYSIZE(wszBuf)))
4034 SetDlgItemTextW(hDlg, IDC_SIZE_LABEL, wszBuf);
4035
4036 LoadStringW(hInst, IDS_NOT_AVAILABLE, szTemp, ARRAYSIZE(szTemp));
4037
4038 if (GetFileTimeString(&FileInfo.ftCreationTime, wszBuf, ARRAYSIZE(wszBuf)))
4039 SetDlgItemTextW(hDlg, IDC_CREATED_LABEL, wszBuf);
4040 else
4041 SetDlgItemTextW(hDlg, IDC_CREATED_LABEL, szTemp);
4042
4043 if (GetFileTimeString(&FileInfo.ftLastWriteTime, wszBuf, ARRAYSIZE(wszBuf)))
4044 SetDlgItemTextW(hDlg, IDC_MODIFIED_LABEL, wszBuf);
4045 else
4046 SetDlgItemTextW(hDlg, IDC_MODIFIED_LABEL, szTemp);
4047
4048 if (GetFileTimeString(&FileInfo.ftLastAccessTime, wszBuf, ARRAYSIZE(wszBuf)))
4049 SetDlgItemTextW(hDlg, IDC_ACCESSED_LABEL, wszBuf);
4050 else
4051 SetDlgItemTextW(hDlg, IDC_MODIFIED_LABEL, szTemp);
4052 }
4053 else
4054 {
4055 LoadStringW(hInst, IDS_NOT_AVAILABLE, szTemp, ARRAYSIZE(szTemp));
4056
4057 SetDlgItemTextW(hDlg, IDC_SIZE_LABEL, szTemp);
4058 SetDlgItemTextW(hDlg, IDC_CREATED_LABEL, szTemp);
4059 SetDlgItemTextW(hDlg, IDC_MODIFIED_LABEL, szTemp);
4060 SetDlgItemTextW(hDlg, IDC_ACCESSED_LABEL, szTemp);
4061 }
4062
4063 if (EventLog->Permanent)
4064 {
4065 SendDlgItemMessageW(hDlg, IDC_UPDOWN_MAXLOGSIZE, UDM_SETRANGE32, (WPARAM)1, (LPARAM)0x3FFFC0);
4066 SendDlgItemMessageW(hDlg, IDC_UPDOWN_EVENTS_AGE, UDM_SETRANGE, 0, (LPARAM)MAKELONG(365, 1));
4067
4068 SetDlgItemInt(hDlg, IDC_EDIT_MAXLOGSIZE, dwMaxSize, FALSE);
4069 SetDlgItemInt(hDlg, IDC_EDIT_EVENTS_AGE, (dwRetention == 0) ? 7 : dwRetention, FALSE);
4070
4071 if (dwRetention == 0)
4072 {
4073 CheckRadioButton(hDlg, IDC_OVERWRITE_AS_NEEDED, IDC_NO_OVERWRITE, IDC_OVERWRITE_AS_NEEDED);
4074 EnableDlgItem(hDlg, IDC_EDIT_EVENTS_AGE, FALSE);
4075 EnableDlgItem(hDlg, IDC_UPDOWN_EVENTS_AGE, FALSE);
4076 }
4077 else if (dwRetention == INFINITE)
4078 {
4079 CheckRadioButton(hDlg, IDC_OVERWRITE_AS_NEEDED, IDC_NO_OVERWRITE, IDC_NO_OVERWRITE);
4080 EnableDlgItem(hDlg, IDC_EDIT_EVENTS_AGE, FALSE);
4081 EnableDlgItem(hDlg, IDC_UPDOWN_EVENTS_AGE, FALSE);
4082 }
4083 else
4084 {
4085 CheckRadioButton(hDlg, IDC_OVERWRITE_AS_NEEDED, IDC_NO_OVERWRITE, IDC_OVERWRITE_OLDER_THAN);
4086 EnableDlgItem(hDlg, IDC_EDIT_EVENTS_AGE, TRUE);
4087 EnableDlgItem(hDlg, IDC_UPDOWN_EVENTS_AGE, TRUE);
4088 }
4089 }
4090 else
4091 {
4092 // TODO: Hide the unused controls! Or, just use another type of property sheet!
4093 }
4094}
IDC_DISPLAYNAME
#define IDC_DISPLAYNAME
Definition: resource.h:55
IDC_UPDOWN_MAXLOGSIZE
#define IDC_UPDOWN_MAXLOGSIZE
Definition: resource.h:63
IDC_LOGFILE
#define IDC_LOGFILE
Definition: resource.h:57
IDC_CREATED_LABEL
#define IDC_CREATED_LABEL
Definition: resource.h:59
IDC_SIZE_LABEL
#define IDC_SIZE_LABEL
Definition: resource.h:58
IDC_MODIFIED_LABEL
#define IDC_MODIFIED_LABEL
Definition: resource.h:60
IDC_ACCESSED_LABEL
#define IDC_ACCESSED_LABEL
Definition: resource.h:61
IDC_LOGNAME
#define IDC_LOGNAME
Definition: resource.h:56
INVALID_HANDLE_VALUE
#define INVALID_HANDLE_VALUE
Definition: compat.h:731
GetFileAttributesExW
BOOL WINAPI GetFileAttributesExW(LPCWSTR lpFileName, GET_FILEEX_INFO_LEVELS fInfoLevelId, LPVOID lpFileInformation)
Definition: fileinfo.c:552
FindFirstFileW
HANDLE WINAPI FindFirstFileW(IN LPCWSTR lpFileName, OUT LPWIN32_FIND_DATAW lpFindFileData)
Definition: find.c:320
FindClose
BOOL WINAPI FindClose(HANDLE hFindFile)
Definition: find.c:502
INFINITE
#define INFINITE
Definition: serial.h:102
GetFileTimeString
BOOL GetFileTimeString(LPFILETIME lpFileTime, LPWSTR pwszResult, UINT cchResult)
Definition: eventvwr.c:1218
FormatFileSizeWithBytes
LPWSTR FormatFileSizeWithBytes(const PULARGE_INTEGER lpQwSize, LPWSTR pwszResult, UINT cchResultMax)
Definition: eventvwr.c:1184
FileName
struct _FileName FileName
Definition: fatprocs.h:897
FileSize
_Must_inspect_result_ _Out_ PLARGE_INTEGER FileSize
Definition: fsrtlfuncs.h:108
UDM_SETRANGE
#define UDM_SETRANGE
Definition: commctrl.h:2146
UDM_SETRANGE32
#define UDM_SETRANGE32
Definition: commctrl.h:2156
WIN32_FIND_DATAA
Definition: shtypes.idl:80
_ULARGE_INTEGER
Definition: ms-dtyp.idl:184
_WIN32_FILE_ATTRIBUTE_DATA
Definition: winbase.h:959
MAKELONG
#define MAKELONG(a, b)
Definition: typedefs.h:249
_LARGE_INTEGER::u
struct _LARGE_INTEGER::@2397 u
GetFileExInfoStandard
@ GetFileExInfoStandard
Definition: winbase.h:1202
WPARAM
UINT_PTR WPARAM
Definition: windef.h:207
SetDlgItemTextW
BOOL WINAPI SetDlgItemTextW(_In_ HWND, _In_ int, _In_ LPCWSTR)
SendDlgItemMessageW
LRESULT WINAPI SendDlgItemMessageW(_In_ HWND, _In_ int, _In_ UINT, _In_ WPARAM, _In_ LPARAM)

Referenced by EventLogPropProc().

◆ LoadSettings()

BOOL LoadSettings ( int  nDefCmdShow)

Definition at line 347 of file eventvwr.c.

348{
349 LONG Result;
350 HKEY hKeyEventVwr;
351 DWORD dwType, cbData;
352 WCHAR buffer[100];
353
354 /* Load the default values */
355 Settings.bSaveSettings = TRUE;
356 Settings.bShowDetailsPane = TRUE;
357 Settings.bShowGrid = FALSE;
358 Settings.bNewestEventsFirst = TRUE;
359 Settings.nVSplitPos = 250; /* Splitter default positions */
360 Settings.nHSplitPos = 250;
361 ZeroMemory(&Settings.wpPos, sizeof(Settings.wpPos));
362 Settings.wpPos.length = sizeof(Settings.wpPos);
363 SetRect(&Settings.wpPos.rcNormalPosition,
364 CW_USEDEFAULT, CW_USEDEFAULT, CW_USEDEFAULT, CW_USEDEFAULT);
365 Settings.wpPos.showCmd = nDefCmdShow; // SW_SHOWNORMAL;
366
367 /* Try to open the Event Viewer user key */
368 if (RegOpenKeyExW(HKEY_CURRENT_USER,
369 EVNTVWR_PARAM_KEY,
370 0,
371 KEY_QUERY_VALUE,
372 &hKeyEventVwr) != ERROR_SUCCESS)
373 {
374 return FALSE;
375 }
376
377 // Result = RegQueryValueExW(hKeyEventVwr, L"Filter", NULL, &dwType, (LPBYTE)&szFilter, &cbData); // REG_SZ
378 // Result = RegQueryValueExW(hKeyEventVwr, L"Find", NULL, &dwType, (LPBYTE)&szFind, &cbData); // REG_SZ
379 // Result = RegQueryValueExW(hKeyEventVwr, L"Module", NULL, &dwType, (LPBYTE)&szModule, &cbData); // REG_SZ
380
381 cbData = sizeof(buffer);
382 Result = RegQueryValueExW(hKeyEventVwr, L"SaveSettings", NULL, &dwType, (LPBYTE)buffer, &cbData);
383 if (Result == ERROR_SUCCESS)
384 {
385 if (dwType == REG_SZ)
386 {
387 buffer[cbData / sizeof(WCHAR) - 1] = UNICODE_NULL;
388 Settings.bSaveSettings = !!(DWORD)_wtoi(buffer);
389 }
390 else if (dwType == REG_DWORD && cbData == sizeof(DWORD))
391 {
392 Settings.bSaveSettings = !!*(PDWORD)buffer;
393 }
394 }
395
396 cbData = sizeof(buffer);
397 Result = RegQueryValueExW(hKeyEventVwr, L"DetailsPane", NULL, &dwType, (LPBYTE)buffer, &cbData);
398 if (Result == ERROR_SUCCESS)
399 {
400 if (dwType == REG_SZ)
401 {
402 buffer[cbData / sizeof(WCHAR) - 1] = UNICODE_NULL;
403 Settings.bShowDetailsPane = !!(DWORD)_wtoi(buffer);
404 }
405 else if (dwType == REG_DWORD && cbData == sizeof(DWORD))
406 {
407 Settings.bShowDetailsPane = !!*(PDWORD)buffer;
408 }
409 }
410
411 cbData = sizeof(buffer);
412 Result = RegQueryValueExW(hKeyEventVwr, L"ShowGrid", NULL, &dwType, (LPBYTE)buffer, &cbData);
413 if (Result == ERROR_SUCCESS)
414 {
415 if (dwType == REG_SZ)
416 {
417 buffer[cbData / sizeof(WCHAR) - 1] = UNICODE_NULL;
418 Settings.bShowGrid = !!(DWORD)_wtoi(buffer);
419 }
420 else if (dwType == REG_DWORD && cbData == sizeof(DWORD))
421 {
422 Settings.bShowGrid = !!*(PDWORD)buffer;
423 }
424 }
425
426 cbData = sizeof(buffer);
427 Result = RegQueryValueExW(hKeyEventVwr, L"SortOrder", NULL, &dwType, (LPBYTE)buffer, &cbData);
428 if (Result == ERROR_SUCCESS)
429 {
430 if (dwType == REG_SZ)
431 {
432 buffer[cbData / sizeof(WCHAR) - 1] = UNICODE_NULL;
433 Settings.bNewestEventsFirst = !!(DWORD)_wtoi(buffer);
434 }
435 else if (dwType == REG_DWORD && cbData == sizeof(DWORD))
436 {
437 Settings.bNewestEventsFirst = !!*(PDWORD)buffer;
438 }
439 }
440
441 /* Retrieve the splitter positions */
442 cbData = sizeof(buffer);
443 Result = RegQueryValueExW(hKeyEventVwr, L"VSplitPos", NULL, &dwType, (LPBYTE)buffer, &cbData);
444 if (Result == ERROR_SUCCESS)
445 {
446 if (dwType == REG_SZ)
447 {
448 buffer[cbData / sizeof(WCHAR) - 1] = UNICODE_NULL;
449 Settings.nVSplitPos = (DWORD)_wtoi(buffer);
450 }
451 else if (dwType == REG_DWORD && cbData == sizeof(DWORD))
452 {
453 Settings.nVSplitPos = *(PDWORD)buffer;
454 }
455 }
456
457 cbData = sizeof(buffer);
458 Result = RegQueryValueExW(hKeyEventVwr, L"HSplitPos", NULL, &dwType, (LPBYTE)buffer, &cbData);
459 if (Result == ERROR_SUCCESS)
460 {
461 if (dwType == REG_SZ)
462 {
463 buffer[cbData / sizeof(WCHAR) - 1] = UNICODE_NULL;
464 Settings.nHSplitPos = (DWORD)_wtoi(buffer);
465 }
466 else if (dwType == REG_DWORD && cbData == sizeof(DWORD))
467 {
468 Settings.nHSplitPos = *(PDWORD)buffer;
469 }
470 }
471
472 /* Retrieve the geometry of the main window */
473 cbData = sizeof(buffer);
474 Result = RegQueryValueExW(hKeyEventVwr, L"Window", NULL, &dwType, (LPBYTE)buffer, &cbData);
475 if ((Result == ERROR_SUCCESS) && (dwType == REG_SZ))
476 buffer[cbData / sizeof(WCHAR) - 1] = UNICODE_NULL;
477 else
478 buffer[0] = UNICODE_NULL;
479
480 if (swscanf(buffer, L"%d %d %d %d %d",
481 &Settings.wpPos.rcNormalPosition.left,
482 &Settings.wpPos.rcNormalPosition.top,
483 &Settings.wpPos.rcNormalPosition.right,
484 &Settings.wpPos.rcNormalPosition.bottom,
485 &Settings.wpPos.showCmd) != 5)
486 {
487 /* Parsing failed, use defaults */
488 SetRect(&Settings.wpPos.rcNormalPosition,
489 CW_USEDEFAULT, CW_USEDEFAULT, CW_USEDEFAULT, CW_USEDEFAULT);
490 Settings.wpPos.showCmd = nDefCmdShow; // SW_SHOWNORMAL;
491 }
492
493 RegCloseKey(hKeyEventVwr);
494 return TRUE;
495}
EVNTVWR_PARAM_KEY
static const LPCWSTR EVNTVWR_PARAM_KEY
Definition: eventvwr.c:25
buffer
GLuint buffer
Definition: glext.h:5915
swscanf
_Check_return_ _CRTIMP int __cdecl swscanf(_In_z_ const wchar_t *_Src, _In_z_ _Scanf_format_string_ const wchar_t *_Format,...)
_wtoi
_Check_return_ _CRTIMP int __cdecl _wtoi(_In_z_ const wchar_t *_Str)
PDWORD
DWORD * PDWORD
Definition: pedump.c:68
HKEY_CURRENT_USER
#define HKEY_CURRENT_USER
Definition: winreg.h:11
SetRect
BOOL WINAPI SetRect(_Out_ LPRECT, _In_ int, _In_ int, _In_ int, _In_ int)

◆ MyRegisterClass()

ATOM MyRegisterClass ( HINSTANCE  hInstance)

Definition at line 2744 of file eventvwr.c.

2745{
2746 WNDCLASSEXW wcex;
2747
2748 wcex.cbSize = sizeof(wcex);
2749 wcex.style = 0;
2750 wcex.lpfnWndProc = WndProc;
2751 wcex.cbClsExtra = 0;
2752 wcex.cbWndExtra = 0;
2753 wcex.hInstance = hInstance;
2754 wcex.hIcon = LoadIconW(hInstance, MAKEINTRESOURCEW(IDI_EVENTVWR));
2755 wcex.hCursor = LoadCursorW(NULL, IDC_ARROW);
2756 wcex.hbrBackground = (HBRUSH)(COLOR_3DFACE + 1); // COLOR_WINDOW + 1
2757 wcex.lpszMenuName = MAKEINTRESOURCEW(IDM_EVENTVWR);
2758 wcex.lpszClassName = EVENTVWR_WNDCLASS;
2759 wcex.hIconSm = (HICON)LoadImageW(hInstance,
2760 MAKEINTRESOURCEW(IDI_EVENTVWR),
2761 IMAGE_ICON,
2762 16,
2763 16,
2764 LR_SHARED);
2765
2766 return RegisterClassExW(&wcex);
2767}
IDM_EVENTVWR
#define IDM_EVENTVWR
Definition: resource.h:74
WndProc
LRESULT CALLBACK WndProc(HWND, UINT, WPARAM, LPARAM)
Definition: eventvwr.c:3365
HICON
static HICON
Definition: imagelist.c:80
_WNDCLASSEXW
Definition: winuser.h:3291
_WNDCLASSEXW::lpszClassName
LPCWSTR lpszClassName
Definition: winuser.h:3302
_WNDCLASSEXW::lpszMenuName
LPCWSTR lpszMenuName
Definition: winuser.h:3301
_WNDCLASSEXW::hbrBackground
HBRUSH hbrBackground
Definition: winuser.h:3300
_WNDCLASSEXW::lpfnWndProc
WNDPROC lpfnWndProc
Definition: winuser.h:3294
_WNDCLASSEXW::cbSize
UINT cbSize
Definition: winuser.h:3292
_WNDCLASSEXW::cbWndExtra
int cbWndExtra
Definition: winuser.h:3296
_WNDCLASSEXW::hCursor
HCURSOR hCursor
Definition: winuser.h:3299
_WNDCLASSEXW::hIconSm
HICON hIconSm
Definition: winuser.h:3303
_WNDCLASSEXW::hInstance
HINSTANCE hInstance
Definition: winuser.h:3297
_WNDCLASSEXW::style
UINT style
Definition: winuser.h:3293
_WNDCLASSEXW::cbClsExtra
int cbClsExtra
Definition: winuser.h:3295
_WNDCLASSEXW::hIcon
HICON hIcon
Definition: winuser.h:3298
IMAGE_ICON
#define IMAGE_ICON
Definition: winuser.h:212
LoadImageW
HANDLE WINAPI LoadImageW(_In_opt_ HINSTANCE hInst, _In_ LPCWSTR name, _In_ UINT type, _In_ int cx, _In_ int cy, _In_ UINT fuLoad)
Definition: cursoricon.c:2540
IDC_ARROW
#define IDC_ARROW
Definition: winuser.h:695
RegisterClassExW
ATOM WINAPI RegisterClassExW(_In_ CONST WNDCLASSEXW *)
LR_SHARED
#define LR_SHARED
Definition: winuser.h:1111
COLOR_3DFACE
#define COLOR_3DFACE
Definition: winuser.h:940

Referenced by wWinMain().

◆ OpenUserEventLog()

VOID OpenUserEventLog ( VOID  )

Definition at line 2584 of file eventvwr.c.

2585{
2586 WCHAR szFileName[MAX_PATH];
2587
2588 ZeroMemory(szFileName, sizeof(szFileName));
2589
2590 sfn.lpstrFile = szFileName;
2591 sfn.nMaxFile = ARRAYSIZE(szFileName);
2592
2593 if (!GetOpenFileNameW(&sfn))
2594 return;
2595 sfn.lpstrFile[sfn.nMaxFile-1] = UNICODE_NULL;
2596
2597 OpenUserEventLogFile(sfn.lpstrFile);
2598}
GetOpenFileNameW
BOOL WINAPI GetOpenFileNameW(OPENFILENAMEW *ofn)
Definition: filedlg.c:4736
OpenUserEventLogFile
VOID OpenUserEventLogFile(IN LPCWSTR lpszFileName)
Definition: eventvwr.c:2520

Referenced by WndProc().

◆ OpenUserEventLogFile()

VOID OpenUserEventLogFile ( IN LPCWSTR  lpszFileName)

Definition at line 2520 of file eventvwr.c.

2521{
2522 WIN32_FIND_DATAW FindData;
2523 HANDLE hFind;
2524 PEVENTLOG EventLog;
2525 PEVENTLOGFILTER EventLogFilter;
2526 SIZE_T cchFileName;
2527 HTREEITEM hItem = NULL;
2528
2529 /* Check whether the file actually exists */
2530 hFind = FindFirstFileW(lpszFileName, &FindData);
2531 if (hFind == INVALID_HANDLE_VALUE)
2532 {
2533 ShowWin32Error(GetLastError());
2534 return;
2535 }
2536 FindClose(hFind);
2537
2538 /* Allocate a new event log entry */
2539 EventLog = AllocEventLog(NULL, lpszFileName, FALSE);
2540 if (EventLog == NULL)
2541 {
2542 ShowWin32Error(ERROR_NOT_ENOUGH_MEMORY);
2543 return;
2544 }
2545
2546 /* Allocate a new event log filter entry for this event log */
2547 EventLogFilter = AllocEventLogFilter(// LogName,
2548 TRUE, TRUE, TRUE, TRUE, TRUE,
2549 NULL, NULL, NULL,
2550 1, &EventLog);
2551 if (EventLogFilter == NULL)
2552 {
2553 ShowWin32Error(ERROR_NOT_ENOUGH_MEMORY);
2554 EventLog_Free(EventLog);
2555 return;
2556 }
2557
2558 /* Add the event log and the filter into their lists */
2559 InsertTailList(&EventLogList, &EventLog->ListEntry);
2560 InsertTailList(&EventLogFilterList, &EventLogFilter->ListEntry);
2561
2562 /* Retrieve and cache the event log file */
2563 cchFileName = wcslen(lpszFileName) + 1;
2564 EventLog->FileName = HeapAlloc(GetProcessHeap(), 0, cchFileName * sizeof(WCHAR));
2565 if (EventLog->FileName)
2566 StringCchCopyW(EventLog->FileName, cchFileName, lpszFileName);
2567
2568 hItem = TreeViewAddItem(hwndTreeView, htiUserLogs,
2569 (LPWSTR)lpszFileName,
2570 2, 3, (LPARAM)EventLogFilter);
2571
2572 /* Select the event log */
2573 if (hItem)
2574 {
2575 // TreeView_Expand(hwndTreeView, htiUserLogs, TVE_EXPAND);
2576 TreeView_SelectItem(hwndTreeView, hItem);
2577 TreeView_EnsureVisible(hwndTreeView, hItem);
2578 }
2579 InvalidateRect(hwndTreeView, NULL, FALSE);
2580 SetFocus(hwndTreeView);
2581}

Referenced by OpenUserEventLog(), and wWinMain().

◆ ProcessCmdLine()

BOOL ProcessCmdLine ( IN LPWSTR  lpCmdLine)

Definition at line 184 of file eventvwr.c.

185{
186 BOOL Success = FALSE;
187 INT i, argc;
188 LPWSTR* argv;
189
190 /* Skip any leading whitespace */
191 if (lpCmdLine)
192 {
193 while (iswspace(*lpCmdLine))
194 ++lpCmdLine;
195 }
196
197 /* No command line means no processing needed */
198 if (!lpCmdLine || !*lpCmdLine)
199 return TRUE;
200
201 /* Build the arguments vector */
202 argv = CommandLineToArgvW(lpCmdLine, &argc);
203 if (!argv)
204 return FALSE;
205
206 /* Parse the command line for options (skip the program name) */
207 for (i = 1; i < argc; ++i)
208 {
209 /* Check for new options */
210 if (argv[i][0] == L'-' || argv[i][0] == L'/')
211 {
212 if (argv[i][1] == L'?' && argv[i][2] == 0)
213 {
214 /* Display help */
215 DisplayUsage();
216 goto Quit;
217 }
218 else
219 if (argv[i][2] == L':')
220 {
221 switch (towupper(argv[i][1]))
222 {
223 case L'L':
224 {
225 LPWSTR lpNewBuffer;
226 LPWSTR lpFileName = argv[i] + 3;
227 SIZE_T cbFileName;
228
229 /* Check for a quoted file name */
230 if (*lpFileName == L'\"')
231 {
232 /* Skip this quote, and the last one too if any */
233 ++lpFileName;
234 cbFileName = wcslen(lpFileName);
235 if (cbFileName > 0 && lpFileName[cbFileName - 1] == L'\"')
236 lpFileName[cbFileName - 1] = UNICODE_NULL;
237 }
238
239 /* Skip this one if we do not actually have a file name */
240 if (!*lpFileName)
241 continue;
242
243 cbFileName = (wcslen(lpFileName) + 1) * sizeof(WCHAR);
244
245 /* Reallocate the list of user logs to load */
246 if (lpszzUserLogsToLoad)
247 {
248 lpNewBuffer = HeapReAlloc(GetProcessHeap(),
249 HEAP_ZERO_MEMORY,
250 lpszzUserLogsToLoad,
251 /* Count the multi-string NULL-terminator */
252 cbUserLogsSize + cbFileName + sizeof(WCHAR));
253 }
254 else
255 {
256 cbUserLogsSize = 0;
257 lpNewBuffer = HeapAlloc(GetProcessHeap(),
258 HEAP_ZERO_MEMORY,
259 /* Count the multi-string NULL-terminator */
260 cbUserLogsSize + cbFileName + sizeof(WCHAR));
261 }
262
263 if (!lpNewBuffer)
264 {
265 ShowWin32Error(ERROR_NOT_ENOUGH_MEMORY);
266 goto Quit;
267 }
268
269 lpszzUserLogsToLoad = lpNewBuffer;
270 lpNewBuffer = (LPWSTR)((ULONG_PTR)lpNewBuffer + cbUserLogsSize);
271 cbUserLogsSize += cbFileName;
272
273 /* Save the file name */
274 StringCbCopyW(lpNewBuffer, cbFileName, lpFileName);
275
276 continue;
277 }
278
279 default:
280 break;
281 }
282 }
283
284 /* Unknown argument: display help and bail out */
285 DisplayUsage();
286 goto Quit;
287 }
288 else
289 {
290 /*
291 * An argument that does not start with the switch character.
292 * If this is the first argument then this corresponds to the
293 * optional computer name. Otherwise this is a wrong argument.
294 */
295 if (i == 1)
296 {
297 /* Store the computer name */
298 LPWSTR lpTemp = argv[i];
299 SIZE_T cbLength;
300
301 /* Strip any leading backslashes */
302 while (*lpTemp == L'\\')
303 ++lpTemp;
304
305 cbLength = (wcslen(lpTemp) + 1) * sizeof(WCHAR);
306 lpComputerName = HeapAlloc(GetProcessHeap(), HEAP_ZERO_MEMORY, cbLength);
307 if (lpComputerName)
308 {
309 StringCbCopyW(lpComputerName, cbLength, lpTemp);
310 }
311 /* else, fall back to local computer */
312 }
313 else
314 {
315 /* Invalid syntax: display help and bail out */
316 DisplayUsage();
317 goto Quit;
318 }
319 }
320 }
321
322 Success = TRUE;
323
324Quit:
325 /* In case of failure, free anything we have allocated */
326 if (!Success)
327 {
328 if (lpszzUserLogsToLoad)
329 {
330 cbUserLogsSize = 0;
331 HeapFree(GetProcessHeap(), 0, lpszzUserLogsToLoad);
332 lpszzUserLogsToLoad = NULL;
333 }
334 if (lpComputerName)
335 {
336 HeapFree(GetProcessHeap(), 0, lpComputerName);
337 lpComputerName = NULL;
338 }
339 }
340
341 /* Free the arguments vector and exit */
342 LocalFree(argv);
343 return Success;
344}
argc
static int argc
Definition: ServiceArgs.c:12
cbUserLogsSize
SIZE_T cbUserLogsSize
Definition: eventvwr.c:76
lpszzUserLogsToLoad
LPWSTR lpszzUserLogsToLoad
Definition: eventvwr.c:75
DisplayUsage
VOID DisplayUsage(VOID)
Definition: eventvwr.c:164
argv
#define argv
Definition: mplay32.c:18
CommandLineToArgvW
LPWSTR *WINAPI CommandLineToArgvW(LPCWSTR lpCmdline, int *numargs)
Definition: shell32_main.c:79
towupper
#define towupper(c)
Definition: wctype.h:99
ULONG_PTR
uint32_t ULONG_PTR
Definition: typedefs.h:65
lpFileName
_In_ LPCSTR lpFileName
Definition: winbase.h:3112

Referenced by regdump(), and wWinMain().

◆ Refresh()

VOID Refresh ( IN PEVENTLOGFILTER  EventLogFilter)

Definition at line 2732 of file eventvwr.c.

2733{
2734 /* Bail out if there is no available filter */
2735 if (!EventLogFilter)
2736 return;
2737
2738 /* Reenumerate the events through the filter */
2739 EnumEvents(EventLogFilter);
2740}
EnumEvents
VOID EnumEvents(IN PEVENTLOGFILTER EventLogFilter)
Definition: eventvwr.c:2484

◆ ResizeWnd()

VOID ResizeWnd ( INT  cx,
INT  cy 
)

Definition at line 3295 of file eventvwr.c.

3296{
3297 RECT rs;
3298 LONG StatusHeight;
3299 LONG_PTR dwExStyle;
3300 HDWP hdwp;
3301
3302 /* Resize the status bar -- now done in WM_SIZE */
3303 // SendMessageW(hwndStatus, WM_SIZE, 0, 0);
3304 GetWindowRect(hwndStatus, &rs);
3305 StatusHeight = rs.bottom - rs.top;
3306
3307 /*
3308 * Move the progress bar -- Take into account for extra size due to the static edge
3309 * (AdjustWindowRectEx() does not seem to work for the progress bar).
3310 */
3311 StatusBar_GetItemRect(hwndStatus, 0, &rs);
3312 dwExStyle = GetWindowLongPtrW(hwndStatusProgress, GWL_EXSTYLE);
3313 SetWindowLongPtrW(hwndStatusProgress, GWL_EXSTYLE, dwExStyle | WS_EX_STATICEDGE);
3314 MoveWindow(hwndStatusProgress,
3315 rs.left, rs.top, rs.right - rs.left, rs.bottom - rs.top,
3316 IsWindowVisible(hwndStatusProgress) ? TRUE : FALSE);
3317 SetWindowLongPtrW(hwndStatusProgress, GWL_EXSTYLE, dwExStyle);
3318
3319 /*
3320 * TODO: Adjust the splitter positions:
3321 * - Vertical splitter (1) : fixed position from the left window side.
3322 * - Horizontal splitter (2): fixed position from the bottom window side.
3323 */
3324 nVSplitPos = min(max(nVSplitPos, SPLIT_WIDTH/2), cx - SPLIT_WIDTH/2); // OK
3325 nHSplitPos = min(max(nHSplitPos, SPLIT_WIDTH/2), cy - SPLIT_WIDTH/2 - StatusHeight); // FIXME!
3326
3327 hdwp = BeginDeferWindowPos(3);
3328
3329 if (hdwp)
3330 hdwp = DeferWindowPos(hdwp,
3331 hwndTreeView,
3332 HWND_TOP,
3333 0, 0,
3334 nVSplitPos - SPLIT_WIDTH/2,
3335 cy - StatusHeight,
3336 SWP_NOZORDER | SWP_NOACTIVATE);
3337
3338 if (hdwp)
3339 hdwp = DeferWindowPos(hdwp,
3340 hwndListView,
3341 HWND_TOP,
3342 nVSplitPos + SPLIT_WIDTH/2, 0,
3343 cx - nVSplitPos - SPLIT_WIDTH/2,
3344 hwndEventDetails && Settings.bShowDetailsPane
3345 ? nHSplitPos - SPLIT_WIDTH/2
3346 : cy - StatusHeight,
3347 SWP_NOZORDER | SWP_NOACTIVATE);
3348
3349 if (hwndEventDetails && Settings.bShowDetailsPane && hdwp)
3350 hdwp = DeferWindowPos(hdwp,
3351 hwndEventDetails,
3352 HWND_TOP,
3353 nVSplitPos + SPLIT_WIDTH/2,
3354 nHSplitPos + SPLIT_WIDTH/2,
3355 cx - nVSplitPos - SPLIT_WIDTH/2,
3356 cy - nHSplitPos - SPLIT_WIDTH/2 - StatusHeight,
3357 SWP_NOZORDER | SWP_NOACTIVATE);
3358
3359 if (hdwp)
3360 EndDeferWindowPos(hdwp);
3361}
min
#define min(a, b)
Definition: monoChain.cc:55
max
#define max(a, b)
Definition: svc.c:63
IsWindowVisible
BOOL WINAPI IsWindowVisible(_In_ HWND)
MoveWindow
BOOL WINAPI MoveWindow(_In_ HWND, _In_ int, _In_ int, _In_ int, _In_ int, _In_ BOOL)

Referenced by LoadSettings(), and WndProc().

◆ SaveEventLog()

VOID SaveEventLog ( IN PEVENTLOGFILTER  EventLogFilter)

Definition at line 2601 of file eventvwr.c.

2602{
2603 PEVENTLOG EventLog;
2604 HANDLE hEventLog;
2605 WCHAR szFileName[MAX_PATH];
2606
2607 /* Bail out if there is no available filter */
2608 if (!EventLogFilter)
2609 return;
2610
2611 ZeroMemory(szFileName, sizeof(szFileName));
2612
2613 sfn.lpstrFile = szFileName;
2614 sfn.nMaxFile = ARRAYSIZE(szFileName);
2615
2616 if (!GetSaveFileNameW(&sfn))
2617 return;
2618
2619 EventLogFilter_AddRef(EventLogFilter);
2620
2621 EventLog = EventLogFilter->EventLogs[0];
2622 hEventLog = OpenEventLogW(EventLog->ComputerName, EventLog->LogName);
2623
2624 EventLogFilter_Release(EventLogFilter);
2625
2626 if (!hEventLog)
2627 {
2628 ShowWin32Error(GetLastError());
2629 return;
2630 }
2631
2632 if (!BackupEventLogW(hEventLog, szFileName))
2633 ShowWin32Error(GetLastError());
2634
2635 CloseEventLog(hEventLog);
2636}
BackupEventLogW
BOOL WINAPI BackupEventLogW(IN HANDLE hEventLog, IN LPCWSTR lpBackupFileName)
Definition: eventlog.c:245

Referenced by WndProc().

◆ SavePropertiesDlg()

static VOID SavePropertiesDlg ( HWND  hDlg,
PEVENTLOG  EventLog 
)
static

Definition at line 4098 of file eventvwr.c.

4099{
4100 LPWSTR lpLogName = EventLog->LogName;
4101
4102 LONG Result;
4103 DWORD dwMaxSize = 0, dwRetention = 0;
4104 HKEY hLogKey;
4105 PWSTR KeyPath;
4106 SIZE_T cbKeyPath;
4107
4108 if (!EventLog->Permanent)
4109 return;
4110
4111 cbKeyPath = (wcslen(EVENTLOG_BASE_KEY) + wcslen(lpLogName) + 1) * sizeof(WCHAR);
4112 KeyPath = HeapAlloc(GetProcessHeap(), 0, cbKeyPath);
4113 if (!KeyPath)
4114 {
4115 ShowWin32Error(ERROR_NOT_ENOUGH_MEMORY);
4116 return;
4117 }
4118
4119 StringCbCopyW(KeyPath, cbKeyPath, EVENTLOG_BASE_KEY);
4120 StringCbCatW(KeyPath, cbKeyPath, lpLogName);
4121
4122 Result = RegOpenKeyExW(hkMachine, KeyPath, 0, KEY_SET_VALUE, &hLogKey);
4123 HeapFree(GetProcessHeap(), 0, KeyPath);
4124 if (Result != ERROR_SUCCESS)
4125 {
4126 ShowWin32Error(Result);
4127 return;
4128 }
4129
4130 dwMaxSize = GetDlgItemInt(hDlg, IDC_EDIT_MAXLOGSIZE, NULL, FALSE) * 1024;
4131 RegSetValueExW(hLogKey,
4132 L"MaxSize",
4133 0,
4134 REG_DWORD,
4135 (LPBYTE)&dwMaxSize,
4136 sizeof(dwMaxSize));
4137
4138 if (IsDlgButtonChecked(hDlg, IDC_OVERWRITE_AS_NEEDED) == BST_CHECKED)
4139 dwRetention = 0;
4140 else if (IsDlgButtonChecked(hDlg, IDC_NO_OVERWRITE) == BST_CHECKED)
4141 dwRetention = INFINITE;
4142 else // if (IsDlgButtonChecked(hDlg, IDC_OVERWRITE_OLDER_THAN) == BST_CHECKED)
4143 dwRetention = GetDlgItemInt(hDlg, IDC_EDIT_EVENTS_AGE, NULL, FALSE) * (24*3600);
4144
4145 RegSetValueExW(hLogKey,
4146 L"Retention",
4147 0,
4148 REG_DWORD,
4149 (LPBYTE)&dwRetention,
4150 sizeof(dwRetention));
4151
4152 RegCloseKey(hLogKey);
4153}
RegSetValueExW
LONG WINAPI RegSetValueExW(_In_ HKEY hKey, _In_ LPCWSTR lpValueName, _In_ DWORD Reserved, _In_ DWORD dwType, _In_ CONST BYTE *lpData, _In_ DWORD cbData)
Definition: reg.c:4882
KEY_SET_VALUE
#define KEY_SET_VALUE
Definition: nt_native.h:1017
IsDlgButtonChecked
UINT WINAPI IsDlgButtonChecked(_In_ HWND, _In_ int)
GetDlgItemInt
UINT WINAPI GetDlgItemInt(_In_ HWND, _In_ int, _Out_opt_ PBOOL, _In_ BOOL)
BST_CHECKED
#define BST_CHECKED
Definition: winuser.h:197

Referenced by EventLogPropProc().

◆ SaveSettings()

BOOL SaveSettings ( VOID  )

Definition at line 498 of file eventvwr.c.

499{
500 HKEY hKeyEventVwr;
501 DWORD dwSize;
502 WCHAR buffer[100];
503
504 /* Try to create/open the Event Viewer user key */
505 if (RegCreateKeyExW(HKEY_CURRENT_USER,
506 EVNTVWR_PARAM_KEY,
507 0,
508 NULL,
509 REG_OPTION_NON_VOLATILE,
510 KEY_SET_VALUE,
511 NULL,
512 &hKeyEventVwr,
513 NULL) != ERROR_SUCCESS)
514 {
515 return FALSE;
516 }
517
518 dwSize = sizeof(Settings.bSaveSettings);
519 RegSetValueExW(hKeyEventVwr, L"SaveSettings", 0, REG_DWORD, (LPBYTE)&Settings.bSaveSettings, dwSize);
520
521 /* Do not save more settings if we are not asked to do so */
522 if (!Settings.bSaveSettings)
523 goto Quit;
524
525 dwSize = sizeof(Settings.bShowDetailsPane);
526 RegSetValueExW(hKeyEventVwr, L"DetailsPane", 0, REG_DWORD, (LPBYTE)&Settings.bShowDetailsPane, dwSize);
527
528 dwSize = sizeof(Settings.bShowGrid);
529 RegSetValueExW(hKeyEventVwr, L"ShowGrid", 0, REG_DWORD, (LPBYTE)&Settings.bShowGrid, dwSize);
530
531 dwSize = sizeof(Settings.bNewestEventsFirst);
532 RegSetValueExW(hKeyEventVwr, L"SortOrder", 0, REG_DWORD, (LPBYTE)&Settings.bNewestEventsFirst, dwSize);
533
534 Settings.nVSplitPos = nVSplitPos;
535 dwSize = sizeof(Settings.nVSplitPos);
536 RegSetValueExW(hKeyEventVwr, L"VSplitPos", 0, REG_DWORD, (LPBYTE)&Settings.nVSplitPos, dwSize);
537
538 Settings.nHSplitPos = nHSplitPos;
539 dwSize = sizeof(Settings.nHSplitPos);
540 RegSetValueExW(hKeyEventVwr, L"HSplitPos", 0, REG_DWORD, (LPBYTE)&Settings.nHSplitPos, dwSize);
541
542 StringCbPrintfW(buffer, sizeof(buffer),
543 L"%d %d %d %d %d",
544 Settings.wpPos.rcNormalPosition.left,
545 Settings.wpPos.rcNormalPosition.top,
546 Settings.wpPos.rcNormalPosition.right,
547 Settings.wpPos.rcNormalPosition.bottom,
548 Settings.wpPos.showCmd);
549
550 dwSize = (DWORD)((wcslen(buffer) + 1) * sizeof(WCHAR));
551 RegSetValueExW(hKeyEventVwr, L"Window", 0, REG_SZ, (LPBYTE)buffer, dwSize);
552
553Quit:
554 RegCloseKey(hKeyEventVwr);
555 return TRUE;
556}
RegCreateKeyExW
LONG WINAPI RegCreateKeyExW(_In_ HKEY hKey, _In_ LPCWSTR lpSubKey, _In_ DWORD Reserved, _In_opt_ LPWSTR lpClass, _In_ DWORD dwOptions, _In_ REGSAM samDesired, _In_opt_ LPSECURITY_ATTRIBUTES lpSecurityAttributes, _Out_ PHKEY phkResult, _Out_opt_ LPDWORD lpdwDisposition)
Definition: reg.c:1096
REG_OPTION_NON_VOLATILE
#define REG_OPTION_NON_VOLATILE
Definition: nt_native.h:1057

◆ ShowWin32Error()

VOID ShowWin32Error ( IN DWORD  dwError)

Definition at line 140 of file eventvwr.c.

141{
142 LPWSTR lpMessageBuffer;
143
144 if (dwError == ERROR_SUCCESS)
145 return;
146
147 if (!FormatMessageW(FORMAT_MESSAGE_ALLOCATE_BUFFER |
148 FORMAT_MESSAGE_FROM_SYSTEM |
149 FORMAT_MESSAGE_IGNORE_INSERTS,
150 NULL,
151 dwError,
152 LANG_USER_DEFAULT,
153 (LPWSTR)&lpMessageBuffer,
154 0, NULL))
155 {
156 return;
157 }
158
159 MessageBoxW(hwndMainWindow, lpMessageBuffer, szTitle, MB_OK | MB_ICONERROR);
160 LocalFree(lpMessageBuffer);
161}
FORMAT_MESSAGE_FROM_SYSTEM
#define FORMAT_MESSAGE_FROM_SYSTEM
Definition: winbase.h:456
MB_ICONERROR
#define MB_ICONERROR
Definition: winuser.h:798

Referenced by BuildLogListAndFilterList(), ClearEvents(), EnumEventsThread(), GetDisplayNameFileAndID(), GetEventMessageFileDLL(), InitPropertiesDlg(), OpenUserEventLogFile(), ProcessCmdLine(), SaveEventLog(), SavePropertiesDlg(), ShutDown_Hibernate(), ShutDown_LockComputer(), ShutDown_LogOffUser(), ShutDown_PowerOff(), ShutDown_Reboot(), and ShutDown_StandBy().

◆ StartStopEnumEventsThread()

static DWORD WINAPI StartStopEnumEventsThread ( IN LPVOID  lpParameter)
static

Definition at line 2373 of file eventvwr.c.

2374{
2375 HANDLE WaitHandles[2];
2376 DWORD WaitResult;
2377
2378 WaitHandles[0] = hStartStopEnumEvent; // End-of-application event
2379 WaitHandles[1] = hStartEnumEvent; // Command event
2380
2381 while (TRUE)
2382 {
2383 WaitResult = WaitForMultipleObjects(ARRAYSIZE(WaitHandles),
2384 WaitHandles,
2385 FALSE, // WaitAny
2386 INFINITE);
2387 switch (WaitResult)
2388 {
2389 case WAIT_OBJECT_0 + 0:
2390 {
2391 /* End-of-application event signaled, quit this thread */
2392
2393 /* Stop the previous enumeration */
2394 if (hEnumEventsThread)
2395 {
2396 if (hStopEnumEvent)
2397 {
2398 SetEvent(hStopEnumEvent);
2399 WaitForSingleObject(hEnumEventsThread, INFINITE);
2400 // NOTE: The following is done by the enumeration thread just before terminating.
2401 // hStopEnumEvent = NULL;
2402 }
2403
2404 CloseHandle(hEnumEventsThread);
2405 hEnumEventsThread = NULL;
2406 }
2407
2408 /* Clear the list view and free the cached records */
2409 ListView_DeleteAllItems(hwndListView);
2410 FreeRecords();
2411
2412 /* Reset the active filter */
2413 ActiveFilter = NULL;
2414
2415 return 0;
2416 }
2417
2418 case WAIT_OBJECT_0 + 1:
2419 {
2420 /* Restart a new enumeration if needed */
2421 PEVENTLOGFILTER EventLogFilter;
2422
2423 /* Stop the previous enumeration */
2424 if (hEnumEventsThread)
2425 {
2426 if (hStopEnumEvent)
2427 {
2428 SetEvent(hStopEnumEvent);
2429 WaitForSingleObject(hEnumEventsThread, INFINITE);
2430 // NOTE: The following is done by the enumeration thread just before terminating.
2431 // hStopEnumEvent = NULL;
2432 }
2433
2434 CloseHandle(hEnumEventsThread);
2435 hEnumEventsThread = NULL;
2436 }
2437
2438 /* Clear the list view and free the cached records */
2439 ListView_DeleteAllItems(hwndListView);
2440 FreeRecords();
2441
2442 /* Reset the active filter */
2443 ActiveFilter = NULL;
2444
2445 EventLogFilter = InterlockedExchangePointer((PVOID*)&EnumFilter, NULL);
2446 if (!EventLogFilter)
2447 break;
2448
2449 // Manual-reset event
2450 hStopEnumEvent = CreateEventW(NULL, TRUE, FALSE, NULL);
2451 if (!hStopEnumEvent)
2452 break;
2453
2454 hEnumEventsThread = CreateThread(NULL,
2455 0,
2456 EnumEventsThread,
2457 (LPVOID)EventLogFilter,
2458 CREATE_SUSPENDED,
2459 NULL);
2460 if (!hEnumEventsThread)
2461 {
2462 CloseHandle(hStopEnumEvent);
2463 hStopEnumEvent = NULL;
2464 break;
2465 }
2466 // CloseHandle(hEnumEventsThread);
2467 ResumeThread(hEnumEventsThread);
2468
2469 break;
2470 }
2471
2472 default:
2473 {
2474 /* Unknown command, must never go there! */
2475 return GetLastError();
2476 }
2477 }
2478 }
2479
2480 return 0;
2481}
ResumeThread
DWORD WINAPI ResumeThread(IN HANDLE hThread)
Definition: thread.c:567
CreateThread
HANDLE WINAPI DECLSPEC_HOTPATCH CreateThread(IN LPSECURITY_ATTRIBUTES lpThreadAttributes, IN DWORD dwStackSize, IN LPTHREAD_START_ROUTINE lpStartAddress, IN LPVOID lpParameter, IN DWORD dwCreationFlags, OUT LPDWORD lpThreadId)
Definition: thread.c:137
hEnumEventsThread
HANDLE hEnumEventsThread
Definition: eventvwr.c:89
hStartStopEnumEvent
HANDLE hStartStopEnumEvent
Definition: eventvwr.c:97
EnumEventsThread
static DWORD WINAPI EnumEventsThread(IN LPVOID lpParameter)
Definition: eventvwr.c:2014
WaitForMultipleObjects
DWORD WINAPI WaitForMultipleObjects(IN DWORD nCount, IN CONST HANDLE *lpHandles, IN BOOL bWaitAll, IN DWORD dwMilliseconds)
Definition: synch.c:151
CreateEventW
HANDLE WINAPI DECLSPEC_HOTPATCH CreateEventW(IN LPSECURITY_ATTRIBUTES lpEventAttributes OPTIONAL, IN BOOL bManualReset, IN BOOL bInitialState, IN LPCWSTR lpName OPTIONAL)
Definition: synch.c:651
CREATE_SUSPENDED
#define CREATE_SUSPENDED
Definition: winbase.h:188

Referenced by wWinMain().

◆ TreeViewAddItem()

HTREEITEM TreeViewAddItem ( IN HWND  hTreeView,
IN HTREEITEM  hParent,
IN LPWSTR  lpText,
IN INT  Image,
IN INT  SelectedImage,
IN LPARAM  lParam 
)

Definition at line 1253 of file eventvwr.c.

1259{
1260 TV_INSERTSTRUCTW Insert;
1261
1262 ZeroMemory(&Insert, sizeof(Insert));
1263
1264 Insert.item.mask = TVIF_TEXT | TVIF_PARAM | TVIF_IMAGE | TVIF_SELECTEDIMAGE;
1265 Insert.hInsertAfter = TVI_LAST;
1266 Insert.hParent = hParent;
1267 Insert.item.pszText = lpText;
1268 Insert.item.iImage = Image;
1269 Insert.item.iSelectedImage = SelectedImage;
1270 Insert.item.lParam = lParam;
1271
1272 Insert.item.mask |= TVIF_STATE;
1273 Insert.item.stateMask = TVIS_OVERLAYMASK;
1274 Insert.item.state = INDEXTOOVERLAYMASK(1);
1275
1276 return TreeView_InsertItem(hTreeView, &Insert);
1277}
TVI_LAST
#define TVI_LAST
Definition: commctrl.h:3375
TVIF_TEXT
#define TVIF_TEXT
Definition: commctrl.h:3271
TVIF_IMAGE
#define TVIF_IMAGE
Definition: commctrl.h:3272
TV_INSERTSTRUCTW
#define TV_INSERTSTRUCTW
Definition: commctrl.h:3381
TVIS_OVERLAYMASK
#define TVIS_OVERLAYMASK
Definition: commctrl.h:3292
INDEXTOOVERLAYMASK
#define INDEXTOOVERLAYMASK(i)
Definition: commctrl.h:425
TreeView_InsertItem
#define TreeView_InsertItem(hwnd, lpis)
Definition: commctrl.h:3417
TVIF_SELECTEDIMAGE
#define TVIF_SELECTEDIMAGE
Definition: commctrl.h:3276
TVIF_STATE
#define TVIF_STATE
Definition: commctrl.h:3274

Referenced by BuildLogListAndFilterList(), InitInstance(), and OpenUserEventLogFile().

◆ TrimNulls()

void TrimNulls ( LPWSTR  s)

Definition at line 1441 of file eventvwr.c.

1442{
1443 PWCHAR c;
1444
1445 if (s != NULL)
1446 {
1447 c = s + wcslen(s) - 1;
1448 while (c >= s && iswspace(*c))
1449 --c;
1450 *++c = L'\0';
1451 }
1452}
s
GLdouble s
Definition: gl.h:2039
c
const GLubyte * c
Definition: glext.h:8905
c
#define c
Definition: ke_i.h:80

Referenced by GetEventCategory(), and GetEventMessage().

◆ WndProc()

LRESULT CALLBACK WndProc ( HWND  hWnd,
UINT  uMsg,
WPARAM  wParam,
LPARAM  lParam 
)

FIXME: Reenable this check once menu items are correctly disabled when no event is selected, etc. MessageBoxW(hWnd, L"No selected items!", szTitle, MB_OK | MB_ICONERROR);

Definition at line 3365 of file eventvwr.c.

3366{
3367 RECT rect;
3368
3369 switch (uMsg)
3370 {
3371 case WM_CREATE:
3372 hMainMenu = GetMenu(hWnd);
3373 break;
3374
3375 case WM_DESTROY:
3376 {
3377 GetWindowPlacement(hwndMainWindow, &Settings.wpPos);
3378 PostQuitMessage(0);
3379 break;
3380 }
3381
3382 case WM_NOTIFY:
3383 {
3384 LPNMHDR hdr = (LPNMHDR)lParam;
3385
3386 if (hdr->hwndFrom == hwndListView)
3387 {
3388 switch (hdr->code)
3389 {
3390 case LVN_ITEMCHANGED:
3391 {
3392 LPNMLISTVIEW pnmv = (LPNMLISTVIEW)lParam;
3393
3394 if ( (pnmv->uChanged & LVIF_STATE) && /* The state has changed */
3395 (pnmv->uNewState & LVIS_SELECTED) /* The item has been (de)selected */ )
3396 {
3397 if (!hwndEventDetails)
3398 break;
3399
3400 /* Verify the index of selected item */
3401 if (pnmv->iItem == -1)
3402 {
3403 MessageBoxW(hWnd,
3404 L"No selected items!",
3405 szTitle,
3406 MB_OK | MB_ICONERROR);
3407 break;
3408 }
3409 SendMessageW(hwndEventDetails, EVT_DISPLAY, TRUE, (LPARAM)pnmv->iItem);
3410 }
3411 break;
3412 }
3413
3414#ifdef LVN_ITEMACTIVATE
3415 case LVN_ITEMACTIVATE:
3416 {
3417 /* Get the index of the single focused selected item */
3418 LPNMITEMACTIVATE lpnmitem = (LPNMITEMACTIVATE)lParam;
3419 INT iItem = lpnmitem->iItem;
3420 if (iItem != -1)
3421 SendMessageW(hWnd, WM_COMMAND, IDM_EVENT_DETAILS, (LPARAM)iItem);
3422 break;
3423 }
3424#else // LVN_ITEMACTIVATE
3425 case NM_DBLCLK:
3426 case NM_RETURN:
3427 {
3428 /* Get the index of the single focused selected item */
3429 INT iItem = ListView_GetNextItem(hwndListView, -1, LVNI_FOCUSED | LVNI_SELECTED);
3430 if (iItem != -1)
3431 SendMessageW(hWnd, WM_COMMAND, IDM_EVENT_DETAILS, (LPARAM)iItem);
3432 break;
3433 }
3434#endif // LVN_ITEMACTIVATE
3435 }
3436 }
3437 else if (hdr->hwndFrom == hwndTreeView)
3438 {
3439 switch (hdr->code)
3440 {
3441 case TVN_BEGINLABELEDIT:
3442 {
3443 HTREEITEM hItem = ((LPNMTVDISPINFO)lParam)->item.hItem;
3444
3445 /* Disable label editing for root nodes */
3446 return ((hItem == htiSystemLogs) ||
3447 (hItem == htiAppLogs) ||
3448 (hItem == htiUserLogs));
3449 }
3450
3451 case TVN_ENDLABELEDIT:
3452 {
3453 TVITEMW item = ((LPNMTVDISPINFO)lParam)->item;
3454 HTREEITEM hItem = item.hItem;
3455
3456 /* Disable label editing for root nodes */
3457 if ((hItem == htiSystemLogs) ||
3458 (hItem == htiAppLogs) ||
3459 (hItem == htiUserLogs))
3460 {
3461 return FALSE;
3462 }
3463
3464 if (item.pszText)
3465 {
3466 LPWSTR pszText = item.pszText;
3467
3468 /* Trim leading whitespace */
3469 while (*pszText && iswspace(*pszText))
3470 ++pszText;
3471
3472 if (!*pszText)
3473 return FALSE;
3474
3475 return TRUE;
3476 }
3477 else
3478 {
3479 return FALSE;
3480 }
3481 }
3482
3483 case TVN_SELCHANGED:
3484 {
3485 PEVENTLOGFILTER EventLogFilter =
3486 (PEVENTLOGFILTER)((LPNMTREEVIEW)lParam)->itemNew.lParam;
3487
3488 // FIXME: It might be nice to reference here the filter,
3489 // so that we don't have to reference/dereference it many times
3490 // in the other functions???
3491
3492 // FIXME: This is a hack!!
3493 if (hwndEventDetails && EventLogFilter)
3494 {
3495 SendMessageW(hwndEventDetails, EVT_SETFILTER, 0, (LPARAM)EventLogFilter);
3496 }
3497
3498 if (EventLogFilter)
3499 {
3500 /*
3501 * If we have selected a filter, enable the menu commands;
3502 * they will possibly be updated after events enumeration.
3503 */
3504 EnableMenuItem(hMainMenu, IDM_SAVE_EVENTLOG, MF_BYCOMMAND | MF_ENABLED);
3505 EnableMenuItem(hMainMenu, IDM_CLOSE_EVENTLOG, MF_BYCOMMAND | MF_ENABLED);
3506 EnableMenuItem(hMainMenu, IDM_CLEAR_EVENTS, MF_BYCOMMAND | MF_ENABLED);
3507 EnableMenuItem(hMainMenu, IDM_RENAME_EVENTLOG, MF_BYCOMMAND | MF_ENABLED);
3508 EnableMenuItem(hMainMenu, IDM_EVENTLOG_SETTINGS, MF_BYCOMMAND | MF_ENABLED);
3509 }
3510 else
3511 {
3512 EnableMenuItem(hMainMenu, IDM_SAVE_EVENTLOG, MF_BYCOMMAND | MF_GRAYED);
3513 EnableMenuItem(hMainMenu, IDM_CLOSE_EVENTLOG, MF_BYCOMMAND | MF_GRAYED);
3514 EnableMenuItem(hMainMenu, IDM_CLEAR_EVENTS, MF_BYCOMMAND | MF_GRAYED);
3515 EnableMenuItem(hMainMenu, IDM_RENAME_EVENTLOG, MF_BYCOMMAND | MF_GRAYED);
3516 EnableMenuItem(hMainMenu, IDM_EVENTLOG_SETTINGS, MF_BYCOMMAND | MF_GRAYED);
3517 }
3518
3519 /*
3520 * The enumeration thread that is triggered by EnumEvents
3521 * will set a new value for the 'ActiveFilter'.
3522 */
3523 if (EventLogFilter)
3524 EnumEvents(EventLogFilter);
3525
3526 break;
3527 }
3528 }
3529 }
3530 break;
3531 }
3532
3533 case WM_COMMAND:
3534 {
3535 /* Parse the menu selections */
3536 switch (LOWORD(wParam))
3537 {
3538 case IDM_OPEN_EVENTLOG:
3539 OpenUserEventLog();
3540 break;
3541
3542 case IDM_SAVE_EVENTLOG:
3543 SaveEventLog(GetSelectedFilter(NULL));
3544 break;
3545
3546 case IDM_CLOSE_EVENTLOG:
3547 {
3548 HTREEITEM hti;
3549 PEVENTLOGFILTER EventLogFilter = GetSelectedFilter(&hti);
3550 CloseUserEventLog(EventLogFilter, hti);
3551 break;
3552 }
3553
3554 case IDM_CLEAR_EVENTS:
3555 {
3556 PEVENTLOGFILTER EventLogFilter = GetSelectedFilter(NULL);
3557 if (EventLogFilter && ClearEvents(EventLogFilter))
3558 Refresh(EventLogFilter);
3559 break;
3560 }
3561
3562 case IDM_RENAME_EVENTLOG:
3563 if (GetFocus() == hwndTreeView)
3564 TreeView_EditLabel(hwndTreeView, TreeView_GetSelection(hwndTreeView));
3565 break;
3566
3567 case IDM_EVENTLOG_SETTINGS:
3568 {
3569 PEVENTLOGFILTER EventLogFilter = GetSelectedFilter(NULL);
3570 // TODO: Check the returned value?
3571 if (EventLogFilter)
3572 EventLogProperties(hInst, hWnd, EventLogFilter);
3573 break;
3574 }
3575
3576 case IDM_LIST_NEWEST:
3577 case IDM_LIST_OLDEST:
3578 {
3579 BOOL bNewest = (LOWORD(wParam) == IDM_LIST_NEWEST);
3580 CheckMenuRadioItem(hMainMenu, IDM_LIST_NEWEST, IDM_LIST_OLDEST, LOWORD(wParam), MF_BYCOMMAND);
3581
3582 if (bNewest != Settings.bNewestEventsFirst)
3583 {
3584 Settings.bNewestEventsFirst = bNewest;
3585 Refresh(GetSelectedFilter(NULL));
3586 }
3587 break;
3588 }
3589
3590 case IDM_EVENT_DETAILS:
3591 {
3592 INT iItem;
3593 PEVENTLOGFILTER EventLogFilter;
3594
3595 /* Get the index of the single focused selected item */
3596 iItem = ListView_GetNextItem(hwndListView, -1, LVNI_FOCUSED | LVNI_SELECTED);
3597 if (iItem == -1)
3598 {
3607 break;
3608 }
3609
3610 EventLogFilter = GetSelectedFilter(NULL);
3611 if (EventLogFilter)
3612 {
3613 EVENTDETAIL_INFO DetailInfo = {EventLogFilter, iItem};
3614
3615 EventLogFilter_AddRef(EventLogFilter);
3616 DialogBoxParamW(hInst,
3617 MAKEINTRESOURCEW(IDD_EVENTDETAILS_DLG),
3618 hWnd,
3619 EventDetails,
3620 (LPARAM)&DetailInfo);
3621 EventLogFilter_Release(EventLogFilter);
3622 }
3623 break;
3624 }
3625
3626 case IDM_REFRESH:
3627 Refresh(GetSelectedFilter(NULL));
3628 break;
3629
3630 case IDM_EVENT_DETAILS_VIEW:
3631 {
3632 Settings.bShowDetailsPane = !Settings.bShowDetailsPane;
3633 CheckMenuItem(hMainMenu, IDM_EVENT_DETAILS_VIEW,
3634 MF_BYCOMMAND | (Settings.bShowDetailsPane ? MF_CHECKED : MF_UNCHECKED));
3635
3636 GetClientRect(hWnd, &rect);
3637 if (Settings.bShowDetailsPane)
3638 {
3639 ResizeWnd(rect.right - rect.left, rect.bottom - rect.top);
3640 ShowWindow(hwndEventDetails, SW_SHOW);
3641 }
3642 else
3643 {
3644 ShowWindow(hwndEventDetails, SW_HIDE);
3645 ResizeWnd(rect.right - rect.left, rect.bottom - rect.top);
3646 }
3647
3648 break;
3649 }
3650
3651 case IDM_LIST_GRID_LINES:
3652 {
3653 Settings.bShowGrid = !Settings.bShowGrid;
3654 CheckMenuItem(hMainMenu, IDM_LIST_GRID_LINES,
3655 MF_BYCOMMAND | (Settings.bShowGrid ? MF_CHECKED : MF_UNCHECKED));
3656
3657 ListView_SetExtendedListViewStyleEx(hwndListView, LVS_EX_GRIDLINES, (Settings.bShowGrid ? LVS_EX_GRIDLINES : 0));
3658 break;
3659 }
3660
3661 case IDM_SAVE_SETTINGS:
3662 {
3663 Settings.bSaveSettings = !Settings.bSaveSettings;
3664 CheckMenuItem(hMainMenu, IDM_SAVE_SETTINGS,
3665 MF_BYCOMMAND | (Settings.bSaveSettings ? MF_CHECKED : MF_UNCHECKED));
3666 break;
3667 }
3668
3669 case IDM_ABOUT:
3670 {
3671 WCHAR szCopyright[MAX_LOADSTRING];
3672
3673 LoadStringW(hInst, IDS_COPYRIGHT, szCopyright, ARRAYSIZE(szCopyright));
3674 ShellAboutW(hWnd, szTitle, szCopyright,
3675 LoadIconW(hInst, MAKEINTRESOURCEW(IDI_EVENTVWR)));
3676 break;
3677 }
3678
3679 case IDM_HELP:
3680 MessageBoxW(hWnd,
3681 L"Help not implemented yet!",
3682 szTitle,
3683 MB_OK | MB_ICONINFORMATION);
3684 break;
3685
3686 case IDM_EXIT:
3687 DestroyWindow(hWnd);
3688 break;
3689
3690 default:
3691 return DefWindowProcW(hWnd, uMsg, wParam, lParam);
3692 }
3693 break;
3694 }
3695
3696 case WM_INITMENU:
3697 {
3698 if ((HMENU)wParam != hMainMenu)
3699 break;
3700
3701 CheckMenuRadioItem(hMainMenu, IDM_LIST_NEWEST, IDM_LIST_OLDEST,
3702 Settings.bNewestEventsFirst ? IDM_LIST_NEWEST : IDM_LIST_OLDEST,
3703 MF_BYCOMMAND);
3704
3705 if (!hwndEventDetails)
3706 {
3707 EnableMenuItem(hMainMenu, IDM_EVENT_DETAILS_VIEW,
3708 MF_BYCOMMAND | MF_GRAYED);
3709 }
3710 CheckMenuItem(hMainMenu, IDM_EVENT_DETAILS_VIEW,
3711 MF_BYCOMMAND | (Settings.bShowDetailsPane ? MF_CHECKED : MF_UNCHECKED));
3712
3713 CheckMenuItem(hMainMenu, IDM_LIST_GRID_LINES,
3714 MF_BYCOMMAND | (Settings.bShowGrid ? MF_CHECKED : MF_UNCHECKED));
3715
3716 CheckMenuItem(hMainMenu, IDM_SAVE_SETTINGS,
3717 MF_BYCOMMAND | (Settings.bSaveSettings ? MF_CHECKED : MF_UNCHECKED));
3718
3719 break;
3720 }
3721
3722#if 0
3723 case WM_INITMENUPOPUP:
3724 lParam = lParam;
3725 break;
3726#endif
3727
3728 case WM_CONTEXTMENU:
3729 {
3730 RECT rc;
3731 HTREEITEM hItem;
3732 TVHITTESTINFO hInfo = {0};
3733
3734 INT xPos = GET_X_LPARAM(lParam);
3735 INT yPos = GET_Y_LPARAM(lParam);
3736
3737 GetWindowRect(hwndTreeView, &rc);
3738 hInfo.pt.x = xPos - rc.left;
3739 hInfo.pt.y = yPos - rc.top;
3740
3741 hItem = TreeView_HitTest(hwndTreeView, &hInfo);
3742 if (hItem)
3743 {
3744 TreeView_SelectItem(hwndTreeView, hItem);
3745
3746 if (TreeView_GetParent(hwndTreeView, hItem))
3747 {
3748 HMENU hCtxMenu = GetSubMenu(LoadMenuW(hInst, MAKEINTRESOURCEW(IDM_EVENTWR_CTX)), 0);
3749
3750 DWORD dwCmdID = TrackPopupMenuEx(hCtxMenu,
3751 TPM_LEFTALIGN | TPM_TOPALIGN | TPM_NONOTIFY | TPM_RETURNCMD,
3752 xPos, yPos, hWnd, NULL);
3753 SendMessageW(hWnd, WM_COMMAND, (WPARAM)dwCmdID, (LPARAM)hwndTreeView);
3754 }
3755 }
3756 break;
3757 }
3758
3759 case WM_SETCURSOR:
3760 {
3761 POINT pt;
3762
3763 if (LOWORD(lParam) != HTCLIENT)
3764 goto Default;
3765
3766 GetCursorPos(&pt);
3767 ScreenToClient(hWnd, &pt);
3768
3769 /* Set the cursor for the vertical splitter */
3770 if (pt.x >= nVSplitPos - SPLIT_WIDTH/2 && pt.x < nVSplitPos + SPLIT_WIDTH/2 + 1)
3771 {
3772 RECT rs;
3773 GetClientRect(hWnd, &rect);
3774 GetWindowRect(hwndStatus, &rs);
3775 if (pt.y >= rect.top && pt.y < rect.bottom - (rs.bottom - rs.top))
3776 {
3777 SetCursor(LoadCursorW(NULL, IDC_SIZEWE));
3778 return TRUE;
3779 }
3780 }
3781 else
3782 /* Set the cursor for the horizontal splitter, if the Event details pane is displayed */
3783 if (hwndEventDetails && Settings.bShowDetailsPane &&
3784 (pt.y >= nHSplitPos - SPLIT_WIDTH/2 && pt.y < nHSplitPos + SPLIT_WIDTH/2 + 1))
3785 {
3786 // RECT rs;
3787 GetClientRect(hWnd, &rect);
3788 // GetWindowRect(hwndStatus, &rs);
3789 if (pt.x >= nVSplitPos + SPLIT_WIDTH/2 + 1 /* rect.left + (rs.bottom - rs.top) */ &&
3790 pt.x < rect.right)
3791 {
3792 SetCursor(LoadCursorW(NULL, IDC_SIZENS));
3793 return TRUE;
3794 }
3795 }
3796 goto Default;
3797 }
3798
3799 case WM_LBUTTONDOWN:
3800 {
3801 INT x = GET_X_LPARAM(lParam);
3802 INT y = GET_Y_LPARAM(lParam);
3803
3804 /* Reset the splitter state */
3805 bSplit = 0;
3806
3807 /* Capture the cursor for the vertical splitter */
3808 if (x >= nVSplitPos - SPLIT_WIDTH/2 && x < nVSplitPos + SPLIT_WIDTH/2 + 1)
3809 {
3810 bSplit = 1;
3811 SetCapture(hWnd);
3812 }
3813 else
3814 /* Capture the cursor for the horizontal splitter, if the Event details pane is displayed */
3815 if (hwndEventDetails && Settings.bShowDetailsPane &&
3816 (y >= nHSplitPos - SPLIT_WIDTH/2 && y < nHSplitPos + SPLIT_WIDTH/2 + 1))
3817 {
3818 bSplit = 2;
3819 SetCapture(hWnd);
3820 }
3821 break;
3822 }
3823
3824 case WM_LBUTTONUP:
3825 case WM_RBUTTONDOWN:
3826 {
3827 if (GetCapture() != hWnd)
3828 break;
3829
3830 /* Adjust the correct splitter position */
3831 if (bSplit == 1)
3832 nVSplitPos = GET_X_LPARAM(lParam);
3833 else if (bSplit == 2)
3834 nHSplitPos = GET_Y_LPARAM(lParam);
3835
3836 /* If we are splitting, resize the windows */
3837 if (bSplit != 0)
3838 {
3839 GetClientRect(hWnd, &rect);
3840 ResizeWnd(rect.right - rect.left, rect.bottom - rect.top);
3841 }
3842
3843 /* Reset the splitter state */
3844 bSplit = 0;
3845
3846 ReleaseCapture();
3847 break;
3848 }
3849
3850 case WM_MOUSEMOVE:
3851 {
3852 if (GetCapture() != hWnd)
3853 break;
3854
3855 /* Move the correct splitter */
3856 if (bSplit == 1)
3857 {
3858 INT x = GET_X_LPARAM(lParam);
3859
3860 GetClientRect(hWnd, &rect);
3861
3862 x = min(max(x, SPLIT_WIDTH/2), rect.right - rect.left - SPLIT_WIDTH/2);
3863 if (nVSplitPos != x)
3864 {
3865 nVSplitPos = x;
3866 ResizeWnd(rect.right - rect.left, rect.bottom - rect.top);
3867 }
3868 }
3869 else if (bSplit == 2)
3870 {
3871 RECT rs;
3872 INT y = GET_Y_LPARAM(lParam);
3873
3874 GetClientRect(hWnd, &rect);
3875 GetWindowRect(hwndStatus, &rs);
3876
3877 y = min(max(y, SPLIT_WIDTH/2), rect.bottom - rect.top - SPLIT_WIDTH/2 - (rs.bottom - rs.top));
3878 if (nHSplitPos != y)
3879 {
3880 nHSplitPos = y;
3881 ResizeWnd(rect.right - rect.left, rect.bottom - rect.top);
3882 }
3883 }
3884 break;
3885 }
3886
3887 case WM_SIZE:
3888 {
3889 if (wParam != SIZE_MINIMIZED)
3890 {
3891 SendMessageW(hwndStatus, WM_SIZE, 0, 0);
3892 ResizeWnd(LOWORD(lParam), HIWORD(lParam));
3893 break;
3894 }
3895 /* Fall through the default case */
3896 }
3897
3898 default: Default:
3899 return DefWindowProcW(hWnd, uMsg, wParam, lParam);
3900 }
3901
3902 return 0;
3903}
hWnd
HWND hWnd
Definition: settings.c:17
IDM_ABOUT
#define IDM_ABOUT
Definition: resource.h:29
IDM_EXIT
#define IDM_EXIT
Definition: resource.h:27
IDM_EVENT_DETAILS_VIEW
#define IDM_EVENT_DETAILS_VIEW
Definition: resource.h:86
IDM_OPEN_EVENTLOG
#define IDM_OPEN_EVENTLOG
Definition: resource.h:75
IDM_CLOSE_EVENTLOG
#define IDM_CLOSE_EVENTLOG
Definition: resource.h:77
IDM_EVENTWR_CTX
#define IDM_EVENTWR_CTX
Definition: resource.h:91
IDM_RENAME_EVENTLOG
#define IDM_RENAME_EVENTLOG
Definition: resource.h:79
IDM_LIST_OLDEST
#define IDM_LIST_OLDEST
Definition: resource.h:83
IDM_EVENTLOG_SETTINGS
#define IDM_EVENTLOG_SETTINGS
Definition: resource.h:80
IDM_LIST_GRID_LINES
#define IDM_LIST_GRID_LINES
Definition: resource.h:87
IDM_EVENT_DETAILS
#define IDM_EVENT_DETAILS
Definition: resource.h:84
IDM_SAVE_SETTINGS
#define IDM_SAVE_SETTINGS
Definition: resource.h:88
IDM_HELP
#define IDM_HELP
Definition: resource.h:89
IDM_REFRESH
#define IDM_REFRESH
Definition: resource.h:85
IDD_EVENTDETAILS_DLG
#define IDD_EVENTDETAILS_DLG
Definition: resource.h:32
IDS_COPYRIGHT
#define IDS_COPYRIGHT
Definition: resource.h:95
IDM_LIST_NEWEST
#define IDM_LIST_NEWEST
Definition: resource.h:82
pt
#define pt(x, y)
Definition: drawing.c:79
ResizeWnd
VOID ResizeWnd(INT cx, INT cy)
Definition: eventvwr.c:3295
CloseUserEventLog
VOID CloseUserEventLog(IN PEVENTLOGFILTER EventLogFilter, IN HTREEITEM hti)
Definition: eventvwr.c:2639
bSplit
BYTE bSplit
Definition: eventvwr.c:58
OpenUserEventLog
VOID OpenUserEventLog(VOID)
Definition: eventvwr.c:2584
EventLogProperties
INT_PTR EventLogProperties(HINSTANCE, HWND, PEVENTLOGFILTER)
Definition: eventvwr.c:4278
SaveEventLog
VOID SaveEventLog(IN PEVENTLOGFILTER EventLogFilter)
Definition: eventvwr.c:2601
EventDetails
INT_PTR CALLBACK EventDetails(HWND, UINT, WPARAM, LPARAM)
Definition: eventvwr.c:4344
EVT_SETFILTER
#define EVT_SETFILTER
Definition: evtdetctl.h:20
x
GLint GLint GLint GLint GLint x
Definition: gl.h:1548
y
GLint GLint GLint GLint GLint GLint y
Definition: gl.h:1548
hdr
char hdr[14]
Definition: iptest.cpp:33
if
if(dx< 0)
Definition: linetemp.h:194
item
static ATOM item
Definition: dde.c:856
stdole::Default
@ Default
Definition: stdole2.idl:392
TVN_SELCHANGED
#define TVN_SELCHANGED
Definition: commctrl.h:3740
ListView_SetExtendedListViewStyleEx
#define ListView_SetExtendedListViewStyleEx(hwndLV, dwMask, dw)
Definition: commctrl.h:2731
NM_DBLCLK
#define NM_DBLCLK
Definition: commctrl.h:131
TVN_BEGINLABELEDIT
#define TVN_BEGINLABELEDIT
Definition: commctrl.h:3748
LVIF_STATE
#define LVIF_STATE
Definition: commctrl.h:2317
LVNI_SELECTED
#define LVNI_SELECTED
Definition: commctrl.h:2429
LPNMTREEVIEW
#define LPNMTREEVIEW
Definition: commctrl.h:3648
LVNI_FOCUSED
#define LVNI_FOCUSED
Definition: commctrl.h:2428
TreeView_GetParent
#define TreeView_GetParent(hwnd, hitem)
Definition: commctrl.h:3474
ListView_GetNextItem
#define ListView_GetNextItem(hwnd, i, flags)
Definition: commctrl.h:2439
TVN_ENDLABELEDIT
#define TVN_ENDLABELEDIT
Definition: commctrl.h:3749
LPNMITEMACTIVATE
struct tagNMITEMACTIVATE * LPNMITEMACTIVATE
LVIS_SELECTED
#define LVIS_SELECTED
Definition: commctrl.h:2324
NM_RETURN
#define NM_RETURN
Definition: commctrl.h:132
LPNMLISTVIEW
struct tagNMLISTVIEW * LPNMLISTVIEW
TreeView_EditLabel
#define TreeView_EditLabel(hwnd, hitem)
Definition: commctrl.h:3509
LPNMTVDISPINFO
#define LPNMTVDISPINFO
Definition: commctrl.h:3681
LVN_ITEMCHANGED
#define LVN_ITEMCHANGED
Definition: commctrl.h:3136
TreeView_HitTest
#define TreeView_HitTest(hwnd, lpht)
Definition: commctrl.h:3518
LVN_ITEMACTIVATE
#define LVN_ITEMACTIVATE
Definition: commctrl.h:3152
WM_CONTEXTMENU
#define WM_CONTEXTMENU
Definition: richedit.h:64
ShellAboutW
BOOL WINAPI ShellAboutW(HWND hWnd, LPCWSTR szApp, LPCWSTR szOtherStuff, HICON hIcon)
Definition: shell32_main.c:1314
_EVENTDETAIL_INFO
Definition: evtdetctl.h:15
tagNMLISTVIEW::uNewState
UINT uNewState
Definition: commctrl.h:3041
tagPOINT::y
long y
Definition: polytest.cpp:48
tagPOINT::x
long x
Definition: polytest.cpp:48
GET_Y_LPARAM
#define GET_Y_LPARAM(lp)
Definition: windowsx.h:300
GET_X_LPARAM
#define GET_X_LPARAM(lp)
Definition: windowsx.h:299
GetFocus
HWND WINAPI GetFocus(void)
Definition: window.c:1863
SetCapture
HWND WINAPI SetCapture(_In_ HWND hWnd)
ReleaseCapture
BOOL WINAPI ReleaseCapture(void)
Definition: message.c:2890
DefWindowProcW
LRESULT WINAPI DefWindowProcW(_In_ HWND, _In_ UINT, _In_ WPARAM, _In_ LPARAM)
GetWindowPlacement
BOOL WINAPI GetWindowPlacement(_In_ HWND, _Inout_ WINDOWPLACEMENT *)
WM_CREATE
#define WM_CREATE
Definition: winuser.h:1627
PostQuitMessage
__analysis_noreturn void WINAPI PostQuitMessage(_In_ int)
GetCursorPos
BOOL WINAPI GetCursorPos(_Out_ LPPOINT)
Definition: cursoricon.c:3032
MF_CHECKED
#define MF_CHECKED
Definition: winuser.h:132
WM_MOUSEMOVE
#define WM_MOUSEMOVE
Definition: winuser.h:1794
GetCapture
HWND WINAPI GetCapture(void)
Definition: message.c:2881
SIZE_MINIMIZED
#define SIZE_MINIMIZED
Definition: winuser.h:2525
WM_INITMENU
#define WM_INITMENU
Definition: winuser.h:1764
TPM_NONOTIFY
#define TPM_NONOTIFY
Definition: winuser.h:2405
WM_LBUTTONDOWN
#define WM_LBUTTONDOWN
Definition: winuser.h:1795
TrackPopupMenuEx
BOOL WINAPI TrackPopupMenuEx(_In_ HMENU, _In_ UINT, _In_ int, _In_ int, _In_ HWND, _In_opt_ LPTPMPARAMS)
MF_UNCHECKED
#define MF_UNCHECKED
Definition: winuser.h:204
TPM_TOPALIGN
#define TPM_TOPALIGN
Definition: winuser.h:2402
CheckMenuItem
DWORD WINAPI CheckMenuItem(_In_ HMENU, _In_ UINT, _In_ UINT)
WM_RBUTTONDOWN
#define WM_RBUTTONDOWN
Definition: winuser.h:1798
IDC_SIZENS
#define IDC_SIZENS
Definition: winuser.h:703
GetSubMenu
HMENU WINAPI GetSubMenu(_In_ HMENU, _In_ int)
WM_INITMENUPOPUP
#define WM_INITMENUPOPUP
Definition: winuser.h:1765
TPM_LEFTALIGN
#define TPM_LEFTALIGN
Definition: winuser.h:2396
LPNMHDR
struct tagNMHDR * LPNMHDR
WM_LBUTTONUP
#define WM_LBUTTONUP
Definition: winuser.h:1796
CheckMenuRadioItem
BOOL WINAPI CheckMenuRadioItem(_In_ HMENU, _In_ UINT, _In_ UINT, _In_ UINT, _In_ UINT)
LoadMenuW
HMENU WINAPI LoadMenuW(_In_opt_ HINSTANCE, _In_ LPCWSTR)
TPM_RETURNCMD
#define TPM_RETURNCMD
Definition: winuser.h:2406
IDC_SIZEWE
#define IDC_SIZEWE
Definition: winuser.h:702
GetMenu
HMENU WINAPI GetMenu(_In_ HWND)
DialogBoxParamW
INT_PTR WINAPI DialogBoxParamW(_In_opt_ HINSTANCE, _In_ LPCWSTR, _In_opt_ HWND, _In_opt_ DLGPROC, _In_ LPARAM)
ScreenToClient
BOOL WINAPI ScreenToClient(_In_ HWND, _Inout_ LPPOINT)

Referenced by MyRegisterClass().

◆ wWinMain()

int APIENTRY wWinMain ( HINSTANCE  hInstance,
HINSTANCE  hPrevInstance,
LPWSTR  lpCmdLine,
int  nShowCmd 
)

This file has no copyright assigned and is placed in the Public Domain. This file is part of the w64 mingw-runtime package. No warranty is given; refer to the file DISCLAIMER.PD within this package.

Definition at line 559 of file eventvwr.c.

563{
564 HANDLE hThread;
565 INITCOMMONCONTROLSEX iccx;
566 HMODULE hRichEdit;
567 HACCEL hAccelTable;
568 MSG msg;
569
570 UNREFERENCED_PARAMETER(hPrevInstance);
571 UNREFERENCED_PARAMETER(lpCmdLine);
572
573 /* Whenever any of the common controls are used in your app,
574 * you must call InitCommonControlsEx() to register the classes
575 * for those controls. */
576 iccx.dwSize = sizeof(iccx);
577 iccx.dwICC = ICC_LISTVIEW_CLASSES;
578 InitCommonControlsEx(&iccx);
579
580 /* Load the RichEdit DLL to add support for RichEdit controls */
581 hRichEdit = LoadLibraryW(L"riched20.dll");
582 if (!hRichEdit)
583 return -1;
584
585 msg.wParam = (WPARAM)-1;
586
587 /* Store the instance handle in the global variable */
588 hInst = hInstance;
589
590 /* Initialize global strings */
591 LoadStringW(hInstance, IDS_APP_TITLE, szTitle, ARRAYSIZE(szTitle));
592 LoadStringW(hInstance, IDS_APP_TITLE_EX, szTitleTemplate, ARRAYSIZE(szTitleTemplate));
593 LoadStringW(hInstance, IDS_STATUS_MSG, szStatusBarTemplate, ARRAYSIZE(szStatusBarTemplate));
594 LoadStringW(hInstance, IDS_LOADING_WAIT, szLoadingWait, ARRAYSIZE(szLoadingWait));
595 LoadStringW(hInstance, IDS_NO_ITEMS, szEmptyList, ARRAYSIZE(szEmptyList));
596
597 /*
598 * Process the command-line arguments. Note that we need the full
599 * command-line, with the program file included, and not just what
600 * WinMain() provides in its lpCmdLine parameter.
601 */
602 if (!ProcessCmdLine(GetCommandLineW()))
603 goto Quit;
604
605 if (!MyRegisterClass(hInstance))
606 goto Quit;
607
608 /* Load the settings */
609 LoadSettings(nCmdShow);
610
611 /* Perform application initialization */
612 if (!InitInstance(hInstance))
613 goto Quit;
614
615 hAccelTable = LoadAcceleratorsW(hInstance, MAKEINTRESOURCEW(IDA_EVENTVWR));
616
617 /* Create the Start/Stop enumerator thread */
618 // Manual-reset event
619 hStartStopEnumEvent = CreateEventW(NULL, TRUE, FALSE, NULL);
620 if (!hStartStopEnumEvent)
621 goto Cleanup;
622
623 // Auto-reset event
624 hStartEnumEvent = CreateEventW(NULL, FALSE, FALSE, NULL);
625 if (!hStartEnumEvent)
626 goto Cleanup;
627
628 hThread = CreateThread(NULL, 0,
629 StartStopEnumEventsThread,
630 NULL, 0, NULL);
631 if (!hThread)
632 goto Cleanup;
633
634 /* Retrieve the available event logs on this computer and create filters for them */
635 InitializeListHead(&EventLogList);
636 InitializeListHead(&EventLogFilterList);
637 BuildLogListAndFilterList(lpComputerName);
638
639 /* Open the user-specified logs if any are present on the command-line */
640 if (lpszzUserLogsToLoad)
641 {
642 LPWSTR lpUserLog;
643 for (lpUserLog = lpszzUserLogsToLoad; *lpUserLog; lpUserLog += wcslen(lpUserLog) + 1)
644 {
645 OpenUserEventLogFile(lpUserLog);
646 }
647
648 /* Now cleanup the list of user logs */
649 cbUserLogsSize = 0;
650 HeapFree(GetProcessHeap(), 0, lpszzUserLogsToLoad);
651 lpszzUserLogsToLoad = NULL;
652 }
653
654 /* Main message loop */
655 while (GetMessageW(&msg, NULL, 0, 0))
656 {
657 if (!TranslateAcceleratorW(hwndMainWindow, hAccelTable, &msg))
658 {
659 TranslateMessage(&msg);
660 DispatchMessageW(&msg);
661 }
662 }
663
664 /* Save the settings */
665 SaveSettings();
666
667 /* Disconnect from computer */
668 if (hkMachine && hkMachine != HKEY_LOCAL_MACHINE)
669 {
670 /* We are connected to some other computer, close the old connection */
671 RegCloseKey(hkMachine);
672 hkMachine = NULL;
673 }
674
675 /* Stop the enumerator thread */
676 SetEvent(hStartStopEnumEvent);
677 WaitForSingleObject(hThread, INFINITE);
678 CloseHandle(hThread);
679
680 /* Free the filters list and the event logs list */
681 FreeLogFilterList();
682 FreeLogList();
683
684Cleanup:
685 /* Handle cleanup */
686 if (hStartEnumEvent)
687 CloseHandle(hStartEnumEvent);
688 if (hStartStopEnumEvent)
689 CloseHandle(hStartStopEnumEvent);
690
691Quit:
692 /* Final cleanup */
693 if (lpszzUserLogsToLoad)
694 {
695 cbUserLogsSize = 0;
696 HeapFree(GetProcessHeap(), 0, lpszzUserLogsToLoad);
697 lpszzUserLogsToLoad = NULL;
698 }
699 if (lpComputerName)
700 {
701 HeapFree(GetProcessHeap(), 0, lpComputerName);
702 lpComputerName = NULL;
703 }
704 FreeLibrary(hRichEdit);
705
706 return (int)msg.wParam;
707}
msg
#define msg(x)
Definition: auth_time.c:54
SaveSettings
void SaveSettings(void)
Definition: settings.c:115
LoadSettings
void LoadSettings(void)
Definition: settings.c:53
IDS_APP_TITLE
#define IDS_APP_TITLE
Definition: resource.h:10
IDS_STATUS_MSG
#define IDS_STATUS_MSG
Definition: resource.h:98
IDS_NO_ITEMS
#define IDS_NO_ITEMS
Definition: resource.h:100
IDS_APP_TITLE_EX
#define IDS_APP_TITLE_EX
Definition: resource.h:97
IDA_EVENTVWR
#define IDA_EVENTVWR
Definition: resource.h:28
IDS_LOADING_WAIT
#define IDS_LOADING_WAIT
Definition: resource.h:99
InitCommonControlsEx
BOOL WINAPI InitCommonControlsEx(const INITCOMMONCONTROLSEX *lpInitCtrls)
Definition: commctrl.c:904
LoadLibraryW
#define LoadLibraryW(x)
Definition: compat.h:747
GetCommandLineW
LPWSTR WINAPI GetCommandLineW(VOID)
Definition: proc.c:2019
InitializeListHead
#define InitializeListHead(ListHead)
Definition: env_spec_w32.h:944
szEmptyList
WCHAR szEmptyList[MAX_LOADSTRING]
Definition: eventvwr.c:53
StartStopEnumEventsThread
static DWORD WINAPI StartStopEnumEventsThread(IN LPVOID lpParameter)
Definition: eventvwr.c:2373
BuildLogListAndFilterList
VOID BuildLogListAndFilterList(IN LPCWSTR lpComputerName)
Definition: eventvwr.c:2857
MyRegisterClass
ATOM MyRegisterClass(HINSTANCE)
Definition: eventvwr.c:2744
ProcessCmdLine
BOOL ProcessCmdLine(IN LPWSTR lpCmdLine)
Definition: eventvwr.c:184
szLoadingWait
WCHAR szLoadingWait[MAX_LOADSTRING]
Definition: eventvwr.c:52
FreeLogList
VOID FreeLogList(VOID)
Definition: eventvwr.c:3067
FreeLogFilterList
VOID FreeLogFilterList(VOID)
Definition: eventvwr.c:3083
InitInstance
BOOL InitInstance(HINSTANCE)
Definition: eventvwr.c:3101
hThread
HANDLE hThread
Definition: wizard.c:28
UNREFERENCED_PARAMETER
#define UNREFERENCED_PARAMETER(P)
Definition: ntbasedef.h:329
ICC_LISTVIEW_CLASSES
#define ICC_LISTVIEW_CLASSES
Definition: commctrl.h:58
MSG
TW_UINT32 TW_UINT16 TW_UINT16 MSG
Definition: twain.h:1829
TranslateMessage
BOOL WINAPI TranslateMessage(_In_ const MSG *)
GetMessageW
BOOL WINAPI GetMessageW(_Out_ LPMSG, _In_opt_ HWND, _In_ UINT, _In_ UINT)
LoadAcceleratorsW
HACCEL WINAPI LoadAcceleratorsW(_In_opt_ HINSTANCE, _In_ LPCWSTR)
DispatchMessageW
LRESULT WINAPI DispatchMessageW(_In_ const MSG *)
TranslateAcceleratorW
int WINAPI TranslateAcceleratorW(_In_ HWND, _In_ HACCEL, _In_ LPMSG)

Variable Documentation

◆ ActiveFilter

PEVENTLOGFILTER ActiveFilter = NULL

Definition at line 87 of file eventvwr.c.

Referenced by CloseUserEventLog(), EnumEventsThread(), FreeLogFilterList(), and StartStopEnumEventsThread().

◆ bSplit

BYTE bSplit = 0

Definition at line 58 of file eventvwr.c.

Referenced by WndProc().

◆ cbUserLogsSize

SIZE_T cbUserLogsSize = 0

Definition at line 76 of file eventvwr.c.

Referenced by ProcessCmdLine(), and wWinMain().

◆ cxMin

INT cxMin
static

Definition at line 4340 of file eventvwr.c.

Referenced by EventDetails(), LISTVIEW_SetColumnWidth(), TextTool::OnButtonUp(), and OnSize().

◆ cxOld

INT cxOld
static

Definition at line 4341 of file eventvwr.c.

Referenced by AdjustStatusMessageWindow(), and EventDetails().

◆ cyMin

INT cyMin
static

Definition at line 4340 of file eventvwr.c.

Referenced by EventDetails(), TextTool::OnButtonUp(), and OnSize().

◆ cyOld

INT cyOld
static

Definition at line 4341 of file eventvwr.c.

Referenced by AdjustStatusMessageWindow(), and EventDetails().

◆ EnumFilter

PEVENTLOGFILTER EnumFilter = NULL

Definition at line 96 of file eventvwr.c.

Referenced by CloseUserEventLog(), EnumEvents(), and StartStopEnumEventsThread().

◆ EVENTLOG_BASE_KEY

const LPCWSTR EVENTLOG_BASE_KEY = L"SYSTEM\\CurrentControlSet\\Services\\EventLog\\"
static

Definition at line 24 of file eventvwr.c.

Referenced by BuildLogListAndFilterList(), GetDisplayNameFileAndID(), GetEventMessageFileDLL(), InitPropertiesDlg(), and SavePropertiesDlg().

◆ EventLogFilterList

LIST_ENTRY EventLogFilterList

Definition at line 86 of file eventvwr.c.

Referenced by BuildLogListAndFilterList(), FreeLogFilterList(), OpenUserEventLogFile(), and wWinMain().

◆ EventLogList

LIST_ENTRY EventLogList

Definition at line 85 of file eventvwr.c.

Referenced by BuildLogListAndFilterList(), FreeLogList(), OpenUserEventLogFile(), and wWinMain().

◆ EVENTVWR_WNDCLASS

const LPCWSTR EVENTVWR_WNDCLASS = L"EVENTVWR"
static

Definition at line 23 of file eventvwr.c.

Referenced by InitInstance(), and MyRegisterClass().

◆ EVNTVWR_PARAM_KEY

const LPCWSTR EVNTVWR_PARAM_KEY = L"SOFTWARE\\Microsoft\\Windows NT\\CurrentVersion\\Event Viewer"
static

Definition at line 25 of file eventvwr.c.

Referenced by LoadSettings(), and SaveSettings().

◆ g_RecordPtrs

PEVENTLOGRECORD* g_RecordPtrs = NULL

Definition at line 82 of file eventvwr.c.

Referenced by EnumEventsThread(), and FreeRecords().

◆ g_TotalRecords

DWORD g_TotalRecords = 0

Definition at line 81 of file eventvwr.c.

Referenced by EnumEventsThread(), and FreeRecords().

◆ hEnumEventsThread

HANDLE hEnumEventsThread = NULL

Definition at line 89 of file eventvwr.c.

Referenced by StartStopEnumEventsThread().

◆ hInst

HINSTANCE hInst

Definition at line 48 of file eventvwr.c.

Referenced by ClearEvents(), DisplayUsage(), EnumEventsThread(), EventDetails(), EventLogPropProc(), FormatByteSize(), GetEventMessage(), GetEventType(), InitInstance(), InitPropertiesDlg(), WndProc(), and wWinMain().

◆ hkMachine

HKEY hkMachine = NULL

Definition at line 78 of file eventvwr.c.

Referenced by BuildLogListAndFilterList(), GetDisplayNameFileAndID(), GetEventMessageFileDLL(), InitPropertiesDlg(), SavePropertiesDlg(), and wWinMain().

◆ hMainMenu

HMENU hMainMenu

Definition at line 70 of file eventvwr.c.

Referenced by EnumEventsThread(), and WndProc().

◆ hStartEnumEvent

HANDLE hStartEnumEvent = NULL

Definition at line 98 of file eventvwr.c.

Referenced by CloseUserEventLog(), EnumEvents(), StartStopEnumEventsThread(), and wWinMain().

◆ hStartStopEnumEvent

HANDLE hStartStopEnumEvent = NULL

Definition at line 97 of file eventvwr.c.

Referenced by StartStopEnumEventsThread(), and wWinMain().

◆ hStopEnumEvent

HANDLE hStopEnumEvent = NULL

Definition at line 90 of file eventvwr.c.

Referenced by EnumEventsThread(), and StartStopEnumEventsThread().

◆ htiAppLogs

HTREEITEM htiAppLogs = NULL

Definition at line 72 of file eventvwr.c.

Referenced by BuildLogListAndFilterList(), InitInstance(), and WndProc().

◆ htiSystemLogs

HTREEITEM htiSystemLogs = NULL

Definition at line 72 of file eventvwr.c.

Referenced by BuildLogListAndFilterList(), InitInstance(), and WndProc().

◆ htiUserLogs

HTREEITEM htiUserLogs = NULL

Definition at line 72 of file eventvwr.c.

Referenced by InitInstance(), OpenUserEventLogFile(), and WndProc().

◆ hWndDetailsCtrl

HWND hWndDetailsCtrl = NULL
static

Definition at line 4338 of file eventvwr.c.

Referenced by EventDetails().

◆ hwndEventDetails

HWND hwndEventDetails

Definition at line 67 of file eventvwr.c.

Referenced by EnumEventsThread(), InitInstance(), ResizeWnd(), and WndProc().

◆ hWndGrip

HWND hWndGrip = NULL
static

Definition at line 4339 of file eventvwr.c.

Referenced by EventDetails().

◆ hwndListView

HWND hwndListView

Definition at line 66 of file eventvwr.c.

Referenced by CDesktopBrowser::_Resize(), AddEmptyItem(), AddUserProfile(), AddUserProfiles(), AddValuesToList(), AdvProcDetailsDlgProc(), BrowseRequiredFolder(), ChangeUserProfileType(), CopyUserProfile(), DeleteUserProfile(), DisplayClassCoinstallers(), DisplayClassProperties(), DisplayCsFlags(), DisplayCurrentPowerState(), DisplayDeviceCoinstallers(), DisplayDeviceProperties(), DisplayDevicePropertyText(), DisplayDeviceRelations(), DisplayDevNodeEnumerator(), DisplayDevNodeFlags(), DisplayEvent(), DisplayMatchingDeviceId(), DisplayPowerCapabilities(), DisplayPowerStateMappings(), EditVariableDlgProc(), EnableNavigationArrows(), EnumEventsThread(), EventDetailsCtrl(), GatherDataFromListView(), GetEnvironmentVariables(), GetSelectedListViewItem(), CDesktopBrowser::Initialize(), InitInstance(), MoveListItem(), NtUserSetShellWindowEx(), OnDeleteVariable(), OnEditVariable(), OnGroupsPageInitDialog(), OnInitDialog(), OnInitEnvironmentDialog(), OnNewVariable(), ReleaseListViewItems(), ResizeWnd(), SetAllVars(), SetEnvironmentDialogListViewColumns(), SetGroupsListColumns(), SetListViewColumns(), SetUsersListColumns(), StartStopEnumEventsThread(), UpdateButtonState(), UpdateDetailsDlg(), UpdateGroupsList(), UpdateUsersList(), and WndProc().

◆ hwndMainWindow

HWND hwndMainWindow = NULL

Definition at line 64 of file eventvwr.c.

Referenced by ClearEvents(), EnumEventsThread(), InitInstance(), ShowWin32Error(), WndProc(), and wWinMain().

◆ hwndStatus

HWND hwndStatus

Definition at line 68 of file eventvwr.c.

Referenced by EnumEventsThread(), InitInstance(), ResizeWnd(), and WndProc().

◆ hwndStatusProgress

HWND hwndStatusProgress

Definition at line 69 of file eventvwr.c.

Referenced by EnumEventsThread(), InitInstance(), and ResizeWnd().

◆ hwndTreeView

HWND hwndTreeView

Definition at line 65 of file eventvwr.c.

Referenced by BuildLogListAndFilterList(), Child_WndProc(), CloseUserEventLog(), GetSelectedFilter(), InitInstance(), OpenUserEventLogFile(), ResizeWnd(), ShowContextMenu(), TreeView_GetItemData(), ViewDlg_OnInitDialog(), ViewDlg_OnTreeViewClick(), ViewDlg_OnTreeViewKeyDown(), and WndProc().

◆ lpComputerName

LPWSTR lpComputerName = NULL

Definition at line 74 of file eventvwr.c.

Referenced by BuildLogListAndFilterList(), DeleteProfileA(), DeleteProfileW(), GetDisplayNameFileAndID(), GetEventMessageFileDLL(), GetEventUserName(), IsValidComputerName(), ProcessCmdLine(), SetComputerNameA(), SetComputerNameW(), and wWinMain().

◆ lpszzUserLogsToLoad

LPWSTR lpszzUserLogsToLoad = NULL

Definition at line 75 of file eventvwr.c.

Referenced by ProcessCmdLine(), and wWinMain().

◆ nHSplitPos

INT nHSplitPos

Definition at line 57 of file eventvwr.c.

Referenced by InitInstance(), ResizeWnd(), SaveSettings(), and WndProc().

◆ nVSplitPos

INT nVSplitPos

Definition at line 56 of file eventvwr.c.

Referenced by InitInstance(), ResizeWnd(), SaveSettings(), and WndProc().

◆ Settings

SETTINGS Settings

Definition at line 116 of file eventvwr.c.

◆ sfn

OPENFILENAMEW sfn

Definition at line 101 of file eventvwr.c.

Referenced by ClearEvents(), create_name(), DialogSaveFile(), CMainWindow::GetSaveFileName(), InitInstance(), OpenUserEventLog(), Preview_pSaveImageAs(), SaveClipboardToFile(), and SaveEventLog().

◆ SystemLogs

const LPCWSTR SystemLogs[]
static
Initial value:
=
{
L"Application",
L"Security",
L"System"
}

Definition at line 28 of file eventvwr.c.

Referenced by BuildLogListAndFilterList().

◆ szEmptyList

WCHAR szEmptyList[MAX_LOADSTRING]

Definition at line 53 of file eventvwr.c.

Referenced by wWinMain().

◆ szLoadingWait

WCHAR szLoadingWait[MAX_LOADSTRING]

Definition at line 52 of file eventvwr.c.

Referenced by wWinMain().

◆ szSaveFilter

WCHAR szSaveFilter[MAX_LOADSTRING]

Definition at line 54 of file eventvwr.c.

Referenced by InitInstance().

◆ szStatusBarTemplate

WCHAR szStatusBarTemplate[MAX_LOADSTRING]

Definition at line 51 of file eventvwr.c.

Referenced by EnumEventsThread(), and wWinMain().

◆ szTitle

WCHAR szTitle[MAX_LOADSTRING]

Definition at line 49 of file eventvwr.c.

Referenced by ClearEvents(), DisplayUsage(), EnumEventsThread(), EventDetails(), EventLogPropProc(), InitInstance(), ShowWin32Error(), WndProc(), and wWinMain().

◆ szTitleTemplate

WCHAR szTitleTemplate[MAX_LOADSTRING]

Definition at line 50 of file eventvwr.c.

Referenced by EnumEventsThread(), and wWinMain().