在WH_JOURNALRECORD钩子的钩子过程函数: LRESULT CALLBACK JournalRecordProc( int code, // hook code WPARAM wParam, // not used LPARAM lParam // message being processed );把参数lParam convert to 结构体EVENTMSG。该结构体内容: typedef struct tagEVENTMSG { UINT message; UINT paramL; UINT paramH; DWORD time; HWND hwnd; } EVENTMSG, *PEVENTMSG; 各参数含义: message Specifies the message. paramL Specifies additional information about the message. The exact meaning depends on the message value. paramH Specifies additional information about the message. The exact meaning depends on the message value. time Specifies the time at which the message was posted. hwnd Handle to the window to which the message was posted. 然后就可以对上面的属性进行操作了,当然可以实现你说的保存。回放的话判断HC_GETNEXT,赋值lParam参数,返回延时。 If code is HC_GETNEXT and the return value is greater than zero, the system sleeps for the number of milliseconds specified by the return value. When the system continues, it calls the hook procedure again with code set to HC_GETNEXT to retrieve the same message. The return value from this new call to JournalPlaybackProc should be zero; otherwise, the system will go back to sleep for the number of milliseconds specified by the return value, call JournalPlaybackProc again, and so on. The system will appear to be hung. 具体的例子例子http://blog.csdn.net/BigFanOfCpp/archive/2005/03/27/332159.aspx
LRESULT CALLBACK JournalRecordProc(
int code, // hook code
WPARAM wParam, // not used
LPARAM lParam // message being processed
);把参数lParam convert to 结构体EVENTMSG。该结构体内容:
typedef struct tagEVENTMSG {
UINT message;
UINT paramL;
UINT paramH;
DWORD time;
HWND hwnd;
} EVENTMSG, *PEVENTMSG; 各参数含义:
message
Specifies the message.
paramL
Specifies additional information about the message. The exact meaning depends on the message value.
paramH
Specifies additional information about the message. The exact meaning depends on the message value.
time
Specifies the time at which the message was posted.
hwnd
Handle to the window to which the message was posted. 然后就可以对上面的属性进行操作了,当然可以实现你说的保存。回放的话判断HC_GETNEXT,赋值lParam参数,返回延时。
If code is HC_GETNEXT and the return value is greater than zero, the system sleeps for the number of milliseconds specified by the return value. When the system continues, it calls the hook procedure again with code set to HC_GETNEXT to retrieve the same message. The return value from this new call to JournalPlaybackProc should be zero; otherwise, the system will go back to sleep for the number of milliseconds specified by the return value, call JournalPlaybackProc again, and so on. The system will appear to be hung. 具体的例子例子http://blog.csdn.net/BigFanOfCpp/archive/2005/03/27/332159.aspx