HOOK鉤子機制學(xué)習(xí)筆記(2) - 鉤子類型MSDN翻譯整理 收藏
作者:MaybeHelios???? blog: http://blog.csdn.net/maybehelios/???
???? 從現(xiàn)在開始,介紹全部鉤子類型,一共有15種。由于本人現(xiàn)在使用C#,所以將原文中的Function都翻譯為了“方法”,實際上翻譯為“函數(shù)”可能更準確。原文中的”callback function”翻譯為“回調(diào)函數(shù)”。
Each type of hook enables an application to monitor a different aspect of the system's message-handling mechanism.
每種類型的鉤子使應(yīng)用程序能夠監(jiān)視系統(tǒng)的消息處理機制的不同方面。
鉤子類型1-2:WH_CALLWNDPROC and WH_CALLWNDPROCRET Hooks
The WH_CALLWNDPROC and WH_CALLWNDPROCRET hooks enable you to monitor messages sent to window procedures. The system calls a WH_CALLWNDPROC hook procedure before passing the message to the receiving window procedure, and calls the WH_CALLWNDPROCRET hook procedure after the window procedure has processed the message.
WH_CALLWNDPROC 和 WH_CALLWNDPROCRET鉤子使你能夠監(jiān)視發(fā)送到window程序的消息。系統(tǒng)在將消息傳遞給正在接收的window程序之前,調(diào)用WH_CALLWNDPROC鉤子子程;在window程序處理完消息之后,調(diào)用WH_CALLWNDPROCRET鉤子子程。
The WH_CALLWNDPROCRET hook passes a pointer to a CWPRETSTRUCT structure to the hook procedure. The structure contains the return value from the window procedure that processed the message, as well as the message parameters associated with the message. Subclassing the window does not work for messages set between processes.
WH_CALLWNDPROCRET鉤子將一個指向CWPRETSTRUCT結(jié)構(gòu)的的指針傳遞給鉤子子程。該結(jié)構(gòu)包含有來自處理該消息的window程序的返回值,以及消息中的參數(shù)。子類窗體不能處理進程間的消息集。
鉤子類型3:WH_CBT Hook
The system calls a WH_CBT hook procedure before activating, creating, destroying, minimizing, maximizing, moving, or sizing a window; before completing a system command; before removing a mouse or keyboard event from the system message queue; before setting the input focus; or before synchronizing with the system message queue. The value the hook procedure returns determines whether the system allows or prevents one of these operations. The WH_CBT hook is intended primarily for computer-based training (CBT) applications.
在以下事件發(fā)生之前,系統(tǒng)會調(diào)用WH_CBT 鉤子子程:
1、窗臺被激活、創(chuàng)建、銷毀、最小化、最大化、移動或者改變大小;
2、執(zhí)行完系統(tǒng)命令;
3、從系統(tǒng)消息隊列中移除鼠標或者鍵盤事件;
4、設(shè)置輸入焦點;
5、同步系統(tǒng)消息隊列;
鉤子子程的返回值決定了系統(tǒng)是允許了還是阻止了這些操作中的一個。WH_CBT鉤子主要是用在基于計算機的練習(xí)(CBT) 程序中。
鉤子類型4:WH_DEBUG Hook
The system calls a WH_DEBUG hook procedure before calling hook procedures associated with any other hook in the system. You can use this hook to determine whether to allow the system to call hook procedures associated with other types of hooks.
在調(diào)用與系統(tǒng)中任何其他鉤子關(guān)聯(lián)的鉤子子程之前,系統(tǒng)會調(diào)用WH_DEBUG 鉤子子程。使用該鉤子來決定是否允許系統(tǒng)調(diào)用與其他類型的鉤子相關(guān)聯(lián)的鉤子子程。
鉤子類型5:WH_FOREGROUNDIDLE Hook
The WH_FOREGROUNDIDLE hook enables you to perform low priority tasks during times when its foreground thread is idle. The system calls a WH_FOREGROUNDIDLE hook procedure when the application's foreground thread is about to become idle.
WH_FOREGROUNDIDLE 鉤子允許當(dāng)前臺線程空閑時,執(zhí)行低權(quán)限的任務(wù)。系統(tǒng)在應(yīng)用程序的前臺線程即將空閑時,調(diào)用WH_FOREGROUNDIDLE鉤子子程。
鉤子類型6:WH_GETMESSAGE Hook
The WH_GETMESSAGE hook enables an application to monitor messages about to be returned by the GetMessage or PeekMessage function. You can use the WH_GETMESSAGE hook to monitor mouse and keyboard input and other messages posted to the message queue.
WH_GETMESSAGE程序允許應(yīng)用程序監(jiān)視即將由方法GetMessage 或者PeekMessage返回的消息。可以使用WH_GETMESSAGE鉤子監(jiān)視鼠標和鍵盤輸入,以及其他傳遞給消息隊列的消息。
鉤子類型7:WH_JOURNALPLAYBACK Hook
The WH_JOURNALPLAYBACK hook enables an application to insert messages into the system message queue. You can use this hook to play back a series of mouse and keyboard events recorded earlier by using the WH_JOURNALRECORD Hook. Regular mouse and keyboard input is disabled as long as a WH_JOURNALPLAYBACK hook is installed. A WH_JOURNALPLAYBACK hook is a global hook — it cannot be used as a thread-specific hook.
The WH_JOURNALPLAYBACK hook returns a time-out value. This value tells the system how many milliseconds to wait before processing the current message from the playback hook. This enables the hook to control the timing of the events it plays back.
WH_JOURNALPLAYBACK鉤子允許應(yīng)用程序?qū)⑾⒉迦氲较到y(tǒng)消息隊列中。使用該鉤子回放先前使用WH_JOURNALRECORD 鉤子記錄的一系列鼠標和鍵盤事件。在WH_JOURNALPLAYBACK被安裝后,常規(guī)的鼠標和鍵盤輸入被禁用。WH_JOURNALPLAYBACK鉤子是全局鉤子,不能被用作線程鉤子。WH_JOURNALPLAYBACK鉤子返回一個超時值。該值告訴系統(tǒng)在處理來自回放鉤子的當(dāng)前消息之前等待了多少毫秒。這允許該鉤子控制回放事件的速度。
鉤子類型8:WH_JOURNALRECORD Hook
The WH_JOURNALRECORD hook enables you to monitor and record input events. Typically, you use this hook to record a sequence of mouse and keyboard events to play back later by using the WH_JOURNALPLAYBACK Hook. The WH_JOURNALRECORD hook is a global hook — it cannot be used as a thread-specific hook.
WH_JOURNALRECORD鉤子允許監(jiān)視并且記錄輸入事件。典型的,使用該鉤子來記錄順序的的鼠標和鍵盤事件,以后可以使用WH_JOURNALPLAYBACK.鉤子進行回放。 該鉤子是全局鉤子,不能被用作進程鉤子。
鉤子類型9:WH_KEYBOARD_LL Hook
The WH_KEYBOARD_LL hook enables you to monitor keyboard input events about to be posted in a thread input queue.
WH_KEYBOARD_LL鉤子監(jiān)視在線程輸入隊列中,即將被傳遞的鍵盤輸入事件。
鉤子類型10:WH_KEYBOARD Hook
The WH_KEYBOARD hook enables an application to monitor message traffic for WM_KEYDOWN and WM_KEYUP messages about to be returned by the GetMessage or PeekMessage function. You can use the WH_KEYBOARD hook to monitor keyboard input posted to a message queue.
WH_KEYBOARD鉤子允許應(yīng)用程序監(jiān)視即將被GetMessage 或者 PeekMessage方法返回的WM_KEYDOWN 或者 WM_KEYUP消息。使用WH_KEYBOARD鉤子可以監(jiān)視傳遞到消息隊列中的鍵盤輸入。
鉤子類型11:WH_MOUSE_LL Hook
The WH_MOUSE_LL hook enables you to monitor mouse input events about to be posted in a thread input queue.
WH_MOUSE_LL鉤子監(jiān)視在線程輸入隊列中,即將被傳遞的鼠標輸入事件。
鉤子類型12:WH_MOUSE Hook
The WH_MOUSE hook enables you to monitor mouse messages about to be returned by the GetMessage or PeekMessage function. You can use the WH_MOUSE hook to monitor mouse input posted to a message queue.
WH_MOUSE鉤子允許監(jiān)視即將被GetMessage或者 PeekMessage方法返回的鼠標消息。使用該鉤子監(jiān)視傳遞到線程輸入隊列的鼠標輸入。
本文來自CSDN博客,轉(zhuǎn)載請標明出處:http://blog.csdn.net/jiangxinyu/archive/2010/02/03/5284086.aspx