啤酒

一个空白者

 

带有界面的“读取日志”! 不知道哪位会作分析,算法不会呀!只读没意思呀

// Read_EventDlg.cpp : implementation file
//

#include "stdafx.h"
#include "Read_Event.h"
#include "Read_EventDlg.h"
#include "DescriptionDiaLog.h"

#ifdef _DEBUG
#define new DEBUG_NEW
#undef THIS_FILE
static char THIS_FILE[] = __FILE__;
#endif

/////////////////////////////////////////////////////////////////////
//int event_auditsucceed_num;  //记录审核成功记录的个数
//int event_info_num;    //记录信息记录的个数
//int event_error_num;    //记录错误记录的个数 
//int event_warn_num;    //记录警告记录的个数
//int event_auditdefeat_num;  //记录审核失败的个数

//char *event_category;     //事件类
//char *event_sourcename=NULL;   //事件来源
//char *event_computername=NULL;  //事件计算机名
//char *event_descriptive_msg=NULL;  //事件描述
//char event_el_user[257];    //事件用户
//char event_el_domain[257];   //事件域
//char host_final_out_msg[1024];  //最后输出的信息

FILE *fp;        //保存的文件
int hh=0;        //记录类型的标志,用于位图的选择
int event_record=0;      //事件记录的个数
os_el el[1];
int nItem=0;       //对于索引记录的当前标志
int istype=0;       //用于事件类型的标志
BOOL issub;        //一个开关项
/////////////////////////////////////////////////////////////////////////////
// CAboutDlg dialog used for App About

class CAboutDlg : public CDialog
{
public:
 CAboutDlg();

// Dialog Data
 //{{AFX_DATA(CAboutDlg)
 enum { IDD = IDD_ABOUTBOX };
 //}}AFX_DATA

 // ClassWizard generated virtual function overrides
 //{{AFX_VIRTUAL(CAboutDlg)
 protected:
 virtual void DoDataExchange(CDataExchange* pDX);    // DDX/DDV support
 //}}AFX_VIRTUAL

// Implementation
protected:
 //{{AFX_MSG(CAboutDlg)
 //}}AFX_MSG
 DECLARE_MESSAGE_MAP()
};

CAboutDlg::CAboutDlg() : CDialog(CAboutDlg::IDD)
{
 //{{AFX_DATA_INIT(CAboutDlg)
 //}}AFX_DATA_INIT
}

void CAboutDlg::DoDataExchange(CDataExchange* pDX)
{
 CDialog::DoDataExchange(pDX);
 //{{AFX_DATA_MAP(CAboutDlg)
 //}}AFX_DATA_MAP
}

BEGIN_MESSAGE_MAP(CAboutDlg, CDialog)
 //{{AFX_MSG_MAP(CAboutDlg)
  // No message handlers
 //}}AFX_MSG_MAP
END_MESSAGE_MAP()

/////////////////////////////////////////////////////////////////////////////
// CRead_EventDlg dialog

CRead_EventDlg::CRead_EventDlg(CWnd* pParent /*=NULL*/)
 : CDialog(CRead_EventDlg::IDD, pParent)
{
 //{{AFX_DATA_INIT(CRead_EventDlg)
 m_mm_host_state = _T("");
 //}}AFX_DATA_INIT
 // Note that LoadIcon does not require a subsequent DestroyIcon in Win32
 m_hIcon = AfxGetApp()->LoadIcon(IDR_MAINFRAME);

}

void CRead_EventDlg::DoDataExchange(CDataExchange* pDX)
{
 CDialog::DoDataExchange(pDX);
 //{{AFX_DATA_MAP(CRead_EventDlg)
 DDX_Control(pDX, IDC_LIST, m_mm_host_ListCtrl);
 DDX_Text(pDX, IDC_STATE, m_mm_host_state);
 //}}AFX_DATA_MAP
}

BEGIN_MESSAGE_MAP(CRead_EventDlg, CDialog)
 //{{AFX_MSG_MAP(CRead_EventDlg)
 ON_WM_SYSCOMMAND()
 ON_WM_PAINT()
 ON_WM_QUERYDRAGICON()
 ON_BN_CLICKED(IDC_SECURE, OnSecure)
 ON_BN_CLICKED(IDC_SYSTEM, OnSystem)
 ON_BN_CLICKED(IDC_APPLICATION, OnApplication)
 ON_NOTIFY(NM_CLICK, IDC_LIST, OnClickList)
 ON_BN_CLICKED(IDC_DELETE, OnDelete)
 ON_BN_CLICKED(IDC_DETAIL, OnDetail)
 ON_BN_CLICKED(IDC_SAVE, OnSave)
 ON_BN_CLICKED(IDC_SAVEHARD, OnSave_Hard)
 //}}AFX_MSG_MAP
END_MESSAGE_MAP()

/////////////////////////////////////////////////////////////////////////////
// CRead_EventDlg message handlers

BOOL CRead_EventDlg::OnInitDialog()
{
 CDialog::OnInitDialog();

 // Add "About..." menu item to system menu.

 // IDM_ABOUTBOX must be in the system command range.
 ASSERT((IDM_ABOUTBOX & 0xFFF0) == IDM_ABOUTBOX);
 ASSERT(IDM_ABOUTBOX < 0xF000);

 CMenu* pSysMenu = GetSystemMenu(FALSE);
 if (pSysMenu != NULL)
 {
  CString strAboutMenu;
  strAboutMenu.LoadString(IDS_ABOUTBOX);
  if (!strAboutMenu.IsEmpty())
  {
   pSysMenu->AppendMenu(MF_SEPARATOR);
   pSysMenu->AppendMenu(MF_STRING, IDM_ABOUTBOX, strAboutMenu);
  }
 }

 // Set the icon for this dialog.  The framework does this automatically
 //  when the application's main window is not a dialog
 SetIcon(m_hIcon, TRUE);   // Set big icon
 SetIcon(m_hIcon, FALSE);  // Set small icon
 
 // TODO: Add extra initialization here
 

//////////////////////////我加的///////////////////////

 issub=false;
 //给各项事件数目初始化
 Set_EventNum();       

 m_mm_host_ListCtrl.SetRedraw(FALSE);
    //更新内容
    m_mm_host_ListCtrl.SetRedraw(TRUE);
    m_mm_host_ListCtrl.Invalidate();
    m_mm_host_ListCtrl.UpdateWindow();
 //删除所有的列
 m_mm_host_ListCtrl.DeleteAllItems();


 //给图表初始化
 Init_ImageList();
 //设置m_mm_host_ListCtrl风格
 LONG lStyle;
    lStyle = GetWindowLong(m_mm_host_ListCtrl.m_hWnd, GWL_STYLE);//获取当前窗口style
    lStyle &= ~LVS_TYPEMASK; //清除显示方式位
    lStyle |= LVS_REPORT; //设置style
    SetWindowLong(m_mm_host_ListCtrl.m_hWnd, GWL_STYLE, lStyle);//设置style
 
    DWORD dwStyle = m_mm_host_ListCtrl.GetExtendedStyle();
    dwStyle |= LVS_EX_FULLROWSELECT;//选中某行使整行高亮(只适用与report风格的listctrl)
    dwStyle |= LVS_EX_GRIDLINES;//网格线(只适用与report风格的listctrl)
    dwStyle |= LVS_EX_CHECKBOXES;//item前生成checkbox控件
 dwStyle |=LVS_EX_HEADERDRAGDROP;
 dwStyle |=LVS_EX_SUBITEMIMAGES;
    m_mm_host_ListCtrl.SetExtendedStyle(dwStyle); //设置扩展风格


 //插入列
 m_mm_host_ListCtrl.InsertColumn(0,"日志序号",LVCFMT_CENTER,60,0);
 m_mm_host_ListCtrl.InsertColumn(1,"分类",LVCFMT_CENTER,80,4);
 m_mm_host_ListCtrl.InsertColumn(2,"来源",LVCFMT_CENTER,80,1);
 m_mm_host_ListCtrl.InsertColumn(3,"日期",LVCFMT_CENTER,80,2);
 m_mm_host_ListCtrl.InsertColumn(4,"时间",LVCFMT_CENTER,80,3);
 m_mm_host_ListCtrl.InsertColumn(5,"ID",LVCFMT_CENTER,50,5);
 m_mm_host_ListCtrl.InsertColumn(6,"用户",LVCFMT_CENTER,120,6);
 m_mm_host_ListCtrl.InsertColumn(7,"计算机",LVCFMT_CENTER,120,7);
 m_mm_host_ListCtrl.InsertColumn(8,"描述",LVCFMT_CENTER,250,7);
//////////////////////////我加的///////////////////////


 return TRUE;  // return TRUE  unless you set the focus to a control
}

void CRead_EventDlg::OnSysCommand(UINT nID, LPARAM lParam)
{
 if ((nID & 0xFFF0) == IDM_ABOUTBOX)
 {
  CAboutDlg dlgAbout;
  dlgAbout.DoModal();
 }
 else
 {
  CDialog::OnSysCommand(nID, lParam);
 }
}

// If you add a minimize button to your dialog, you will need the code below
//  to draw the icon.  For MFC applications using the document/view model,
//  this is automatically done for you by the framework.

void CRead_EventDlg::OnPaint()
{
 if (IsIconic())
 {
  CPaintDC dc(this); // device context for painting

  SendMessage(WM_ICONERASEBKGND, (WPARAM) dc.GetSafeHdc(), 0);

  // Center icon in client rectangle
  int cxIcon = GetSystemMetrics(SM_CXICON);
  int cyIcon = GetSystemMetrics(SM_CYICON);
  CRect rect;
  GetClientRect(&rect);
  int x = (rect.Width() - cxIcon + 1) / 2;
  int y = (rect.Height() - cyIcon + 1) / 2;

  // Draw the icon
  dc.DrawIcon(x, y, m_hIcon);
 }
 else
 {
  CDialog::OnPaint();
 }
}

// The system calls this to obtain the cursor to display while the user drags
//  the minimized window.

HCURSOR CRead_EventDlg::OnQueryDragIcon()
{
 return (HCURSOR) m_hIcon;
}
///////////////////////////////////////////////////////////
void CRead_EventDlg::OnSecure()
{
 // TODO: Add your control notification handler code here
 UpdateData(TRUE);
 Set_EventNum();
 m_mm_host_state=_T("安全日志列表");
 Win_startel("Security");
 istype=1;
 UpdateData(FALSE);
}
////////////////////////////////////////////////////////////
void CRead_EventDlg::OnSystem()
{
 // TODO: Add your control notification handler code here
 UpdateData(TRUE);
 Set_EventNum();
 m_mm_host_state=_T("系统日志列表");
 Win_startel("System");
 istype=2;
 UpdateData(FALSE);
}
///////////////////////////////////////////////////////////
void CRead_EventDlg::OnApplication()
{
 // TODO: Add your control notification handler code here
 UpdateData(TRUE);
 Set_EventNum();
 m_mm_host_state=_T("应用日志列表");
 Win_startel("Application");
 istype=3;
 UpdateData(FALSE);
}
////////////////////////////////////////////////////////////
char* CRead_EventDlg::El_GetCategory(int category_id)
{
 //得到事件记录的类型并且返回
 char *cat;
 if(!issub)
 {
  switch(category_id)
  {
   case EVENTLOG_AUDIT_SUCCESS:
    cat = "审核成功";
    event_auditsucceed_num++;
    hh=1;
    break;
   case EVENTLOG_INFORMATION_TYPE:
    cat = "信息";
    event_info_num++;
    hh=2;
    break;
   case EVENTLOG_ERROR_TYPE:
    cat = "错误";
    event_error_num++;
    hh=3;
    break;
   case EVENTLOG_WARNING_TYPE:
    cat = "警告";
    event_warn_num++;
    hh=4;
    break;
   case EVENTLOG_AUDIT_FAILURE:
    cat = "审核失败";
    event_auditdefeat_num++;
    hh=5;
    break;
   default:
    cat = "Unknown";
    break;
  }
 }
 else
 {
  switch(category_id)
  {
   case EVENTLOG_AUDIT_SUCCESS:
    cat = "审核成功";
    hh=1;
    break;
   case EVENTLOG_INFORMATION_TYPE:
    cat = "信息";
    hh=2;
    break;
   case EVENTLOG_ERROR_TYPE:
    cat = "错误";
    hh=3;
    break;
   case EVENTLOG_WARNING_TYPE:
    cat = "警告";
    hh=4;
    break;
   case EVENTLOG_AUDIT_FAILURE:
    cat = "审核失败";
    hh=5;
    break;
   default:
    cat = "Unknown";
    break;
  }
 }
   
    return(cat);
}
////////////////////////////////////////////////////////////////
int CRead_EventDlg::El_getEventDLL(char *evt_name, char *event_sourcename1, char *event)
{
 HKEY key;
    DWORD ret;
    char keyname[256];


    keyname[255] = '\0';

    _snprintf(keyname, 254,
            "System\\CurrentControlSet\\Services\\EventLog\\%s\\%s",
            evt_name,
            event_sourcename1);

    // 打开注册表Opening registry     
    if(RegOpenKeyEx(HKEY_LOCAL_MACHINE, keyname, 0, KEY_ALL_ACCESS, &key)
            != ERROR_SUCCESS)
    {
        return(0);   
    }


    ret = MAX_PATH -1; 
    if (RegQueryValueEx(key, "EventMessageFile", NULL,
                NULL, (LPBYTE)event, &ret) != ERROR_SUCCESS)
    {
        event[0] = '\0'; 
        return(0);
    }

    RegCloseKey(key);
    return(1);
}
////////////////////////////////////////////////////////////////
char* CRead_EventDlg::El_GetMessage(EVENTLOGRECORD *er, char *event_name, char *event_sourcename2, LPTSTR *el_sstring)
{
 DWORD fm_flags = 0;
    char tmp_str[257];
    char event[MAX_PATH +1];
    char *curr_str;
    char *next_str;
    LPSTR message = NULL;

    HMODULE hevt;

    // Initializing variables
    event[MAX_PATH] = '\0';
    tmp_str[256] = '\0';

    //Flags for format event
    fm_flags |= FORMAT_MESSAGE_FROM_HMODULE;
    fm_flags |= FORMAT_MESSAGE_ALLOCATE_BUFFER;
    fm_flags |= FORMAT_MESSAGE_ARGUMENT_ARRAY;

    //Get the file name from the registry (stored on event)
    if(!El_getEventDLL(event_name, event_sourcename2, event))
    {
        return(NULL);    
    }    

    curr_str = event;

    // If our event has multiple libraries, try each one of them 
    while((next_str = strchr(curr_str, ';')))
    {
        *next_str = '\0';
        next_str++;

        ExpandEnvironmentStrings(curr_str, tmp_str, 255);
        hevt = LoadLibraryEx(tmp_str, NULL, DONT_RESOLVE_DLL_REFERENCES);
        if(hevt)
        {
            if(!FormatMessage(fm_flags, hevt, er->EventID,
                        0,
                        (LPTSTR) &message, 0, el_sstring))
            {
                message = NULL;   
            }
            FreeLibrary(hevt);

            /* If we have a message, we can return it */
            if(message)
                return(message);
        }

        curr_str = next_str;  
    }

    ExpandEnvironmentStrings(curr_str, tmp_str, 255);
    hevt = LoadLibraryEx(tmp_str, NULL, DONT_RESOLVE_DLL_REFERENCES);
    if(hevt)
    {
        int hr;   
        if(!(hr = FormatMessage(fm_flags, hevt, er->EventID,
                        0,
                        (LPTSTR) &message, 0, el_sstring)))
        {
            message = NULL;   
        }
        FreeLibrary(hevt);

        /* If we have a message, we can return it */
        if(message)
            return(message);
    }

    return(NULL);
}
/////////////////////////////////////////////////////////////////
BOOL CRead_EventDlg::Init_ImageList()
{
 //给图表初始化设置
  HIMAGELIST hList = ImageList_Create(32,32, ILC_COLOR8 |ILC_MASK , 6, 1);
  m_cImageListNormal.Attach(hList);
 
  hList = ImageList_Create(16, 16, ILC_COLOR8 | ILC_MASK, 6, 1);
  m_cImageListSmall.Attach(hList);

  // Load the large icons
  CBitmap cBmp;
 
  cBmp.LoadBitmap(IDB_BITMAP1);
  m_cImageListNormal.Add(&cBmp, RGB(255,0, 255));
  cBmp.DeleteObject();
 
  // Load the small icons
  cBmp.LoadBitmap(IDB_BITMAP2);
  m_cImageListSmall.Add(&cBmp, RGB(255,0, 255));
 
  // Attach them
  m_mm_host_ListCtrl.SetImageList(&m_cImageListNormal, LVSIL_NORMAL);
  m_mm_host_ListCtrl.SetImageList(&m_cImageListSmall, LVSIL_SMALL);
 
  return TRUE;
}
///////////////////////////////////////////////////////////////
void CRead_EventDlg::Insert_Record()
{
 //在列表中插入列表项
 CString str; 
 LVITEM lvi;

 lvi.mask =  LVIF_TEXT;
 lvi.iItem = event_record;
 str.Format(_T("%d"),event_record+1);
 lvi.iSubItem = 0;
 lvi.pszText = (LPTSTR)(LPCTSTR)(str);
 m_mm_host_ListCtrl.InsertItem(&lvi);


 str.Format(_T("%s"), event_category);
 lvi.iSubItem = 1;
 lvi.mask =  LVIF_IMAGE | LVIF_TEXT;
 lvi.pszText = (LPTSTR)(LPCTSTR)(str);
 //选择位图  
 switch(hh)
 {
 case 0:
  lvi.iImage = 0; 
  break;
 case 1:
  lvi.iImage = 1;
  break;
 case 2:
  lvi.iImage = 2;
  break;
 case 3:
  lvi.iImage = 3;
  break;
 case 4:
  lvi.iImage = 4;
  break;
 default:
  lvi.iImage = 5;
  break;
 }
 
 m_mm_host_ListCtrl.SetItem(&lvi);

 //输出来源  
 str.Format(_T("%s"),event_sourcename);
 lvi.iSubItem = 2;
 lvi.mask = LVIF_TEXT;
 lvi.pszText = (LPTSTR)(LPCTSTR)(str);
 m_mm_host_ListCtrl.SetItem(&lvi);
 //输出日期  
 tm  *event_time = localtime((const  long  *)&el->er->TimeWritten);
 str.Format(_T("%4hd-%2hd-%2hd"),event_time->tm_year + 1900,event_time->tm_mon + 1,event_time->tm_mday);
 lvi.iSubItem = 3;
 lvi.pszText = (LPTSTR)(LPCTSTR)(str);
 m_mm_host_ListCtrl.SetItem(&lvi);
 //输出时间  
 str.Format(_T("%.2hd:%.2hd:%.2hd"),event_time->tm_hour,event_time->tm_min,event_time->tm_sec);
 lvi.iSubItem = 4;
 lvi.pszText = (LPTSTR)(LPCTSTR)(str);
 m_mm_host_ListCtrl.SetItem(&lvi);

 //输出ID
 str.Format(_T("%d"),(WORD)el->er->EventID);
 lvi.iSubItem = 5;
 lvi.pszText = (LPTSTR)(LPCTSTR)(str);
 m_mm_host_ListCtrl.SetItem(&lvi);
 //输出用户  
 str.Format(_T("%s/%s"),event_el_domain,event_el_user);
 lvi.iSubItem = 6;
 lvi.pszText = (LPTSTR)(LPCTSTR)(str);
 m_mm_host_ListCtrl.SetItem(&lvi);
 //输出计算机  
 str.Format(_T("%s"),event_computername);
 lvi.iSubItem = 7;
 lvi.pszText = (LPTSTR)(LPCTSTR)(str);
 m_mm_host_ListCtrl.SetItem(&lvi);
 //输出描述
 str.Format(_T("%s"),event_descriptive_msg);
 lvi.iSubItem = 8;
 lvi.pszText = (LPTSTR)(LPCTSTR)(str);
 m_mm_host_ListCtrl.SetItem(&lvi);
}
///////////////////////////////////////////////////////////////////////
void CRead_EventDlg::OnClickList(NMHDR* pNMHDR, LRESULT* pResult)
{
 //当鼠标在类别中点击时,返回被点中的记录号
 // TODO: Add your control notification handler code here
 nItem = -1;
 LPNMITEMACTIVATE lpNMItemActivate = (LPNMITEMACTIVATE)pNMHDR;

 if(lpNMItemActivate != NULL)
 {
  nItem = lpNMItemActivate->iItem+1;
 }
 
 *pResult = 0;
}
//////////////////////////////////////////////////////////////
void CRead_EventDlg::OnDelete()
{
 //删除被选中的记录
 // TODO: Add your control notification handler code here
 //判断是否选择了日志类型,如果没有退出
 if ((istype!=1)&&(istype!=2)&&(istype!=3))
 {
  MessageBox("请选择日志类型!","警告!",MB_OK|MB_ICONEXCLAMATION);
  return ;
 }
 //判断是否选中了记录,如果没有退出
 if (nItem==0)
 {
  MessageBox("请选择日志记录!","警告!",MB_OK|MB_ICONEXCLAMATION);
  return ;
 }

 int i,iState;
 int nItemSelected=m_mm_host_ListCtrl.GetSelectedCount();//得到所选表项数
 int nItemCount=m_mm_host_ListCtrl.GetItemCount();//得到表项总数
 
 //如果没有选中,退出
 if(nItemSelected<1)
 {
  MessageBox("请选择日志记录!","警告!",MB_OK|MB_ICONEXCLAMATION); 
  return;  
 }

 //对选中的记录进行删除
 for(i=nItemCount-1;i>=0;i--)
 {

  iState=m_mm_host_ListCtrl.GetItemState(i,LVIS_SELECTED);

  if(iState!=0)
  {
   m_mm_host_ListCtrl.DeleteItem(i);
   nItem=0;
  }  
 }
 
 if (((istype!=1)&&(istype!=2)&&(istype!=3)))
 {
  MessageBox("请选择日志类型!","警告!",MB_OK|MB_ICONEXCLAMATION);
  return ;
 }


}
//////////////////////////////////////////////////////////////////////
void CRead_EventDlg::OnDetail()
{
 //按钮响应函数
 //判断是否选中类型,没有就退出
 if ((istype!=1)&&(istype!=2)&&(istype!=3))
 {
  MessageBox("请选择日志类型!","警告!",MB_OK|MB_ICONEXCLAMATION);
  return ;
 }
 //判断选中记录,没有就退出
 if (nItem==0)
 {
  MessageBox("请选择日志记录!","警告!",MB_OK|MB_ICONEXCLAMATION);
  return ;
 }
 //如果选中类型就调用DescriptionDiaLog对话框
 if ((istype==1)||(istype==2)||(istype==3))
 {
  DescriptionDiaLog DescriptionDlg;
  DescriptionDlg.DoModal();
 }
 
 else
 {
  MessageBox("请选择日志类型!","警告!",MB_OK|MB_ICONINFORMATION);

  return ;
 }

 // TODO: Add your control notification handler code here

}
/////////////////////////////////////////////////////////////////////
void CRead_EventDlg::OnSave()
{
 // TODO: Add your control notification handler code here
 //对日志进行列表保存
 //判断列表是否有记录
 switch(istype)
 {
 case 1:
  break;
 case 2:
  break;
 case 3:
  break;
 default:
  MessageBox("请选择日志类型","警告!",MB_OK|MB_ICONEXCLAMATION);
  return;
   }
 //得到列表中记录的总数
 event_record=m_mm_host_ListCtrl.GetItemCount();
 //对日志进行保存
 //保存单个记录
 CString sFileName;
 sFileName.Format("");

 CFileDialog dlg(FALSE, "txt", sFileName,
     OFN_OVERWRITEPROMPT|OFN_HIDEREADONLY,
     "文本文件(*.txt)|*.txt|文本文件(*.doc)|*.doc||", this); 
 if (nItem!=0)
 {
  if(IDCANCEL == (MessageBox("您确定要保存一个日志记录?","提示!",MB_OKCANCEL|MB_ICONQUESTION)))
  {
   nItem=0;
   return;
  }
  if (dlg.DoModal() == IDOK)
  {
   dlg.m_ofn.lpstrTitle = _T("保存日志记录");
   CString fileName = dlg.GetPathName();
   fp = fopen(fileName,"w");
   Save_Single_Record(nItem);

  }
  nItem=0;
  return ;
 }

 ///////////////////////////////////
 //保存整个列表记录
 if(IDCANCEL==(MessageBox("您确定要保存日志文件?","提示!",MB_OKCANCEL|MB_ICONQUESTION)))
 {
  nItem=0;
  return;
 }


 if (dlg.DoModal() == IDOK)
 {
  dlg.m_ofn.lpstrTitle = _T("保存日志文件");
  CString fileName = dlg.GetPathName();

  fp = fopen(fileName,"w");
  switch(istype)
  {
  case 1:
   Save_Security();
   break;
  case 2:
   Save_System();
   break;
  case 3:
   Save_Application();
   break;
  default:
   MessageBox("请选择日志类型","警告!",MB_OK|MB_ICONEXCLAMATION);
   return;
    }

 }
}
//////////////////////////////////////////////////////////////////////
void CRead_EventDlg::Read_event(os_el *el, int printit)
{
 //读取日志
 DWORD nstr;
    DWORD user_size;
    DWORD domain_size;
    DWORD read, needed;
    int size_left;
    int str_size;

    char *mbuffer[BUFFER_SIZE];
    LPSTR sstr = NULL;
 //int i=0;
 char *tmp_str = NULL;


 char el_string[1025];
    LPSTR el_sstring[57];

    //Er must point to the mbuffer
    el->er = (EVENTLOGRECORD *) &mbuffer;

    /* Zeroing the last values */
    el_string[1024] = '\0';
    event_el_user[256] = '\0';
    event_el_domain[256] = '\0';
    host_final_out_msg[1023] = '\0';
    el_sstring[56] = NULL;
 //判断是否有记录
 if( my_host_IsListCtrl == true)
 {
  my_host_IsListCtrl = false;
  m_mm_host_ListCtrl.DeleteAllItems();
 }

    //读日志记录   
    while(ReadEventLog(el->h,
                EVENTLOG_FORWARDS_READ | EVENTLOG_SEQUENTIAL_READ,
                0,
                el->er, BUFFER_SIZE -1, &read, &needed))
    {

        while(read > 0)
        {


   //得到事件的类型
            event_category = El_GetCategory(el->er->EventType);
   //得到事件来源
            event_sourcename = (LPSTR) ((LPBYTE) el->er + sizeof(EVENTLOGRECORD));
   //得到计算机名
            event_computername = event_sourcename + strlen(event_sourcename) + 1;
   //给描述信息初始化
            event_descriptive_msg = NULL;


            // 初始化domain/user尺寸
            user_size = 255; domain_size = 255;
            event_el_domain[0] = '\0';
            event_el_user[0] = '\0';

   
            // 设置事件的一些描述
            if(el->er->NumStrings)
            { 
                size_left = 1020; 

                sstr = (LPSTR)((LPBYTE)el->er + el->er->StringOffset);
                el_string[0] = '\0';

                for (nstr = 0;nstr < el->er->NumStrings;nstr++)
                {
                    str_size = strlen(sstr); 
                    strncat(el_string, sstr, size_left);

                    tmp_str= strchr(el_string, '\0');
                    if(tmp_str)
                    {
                        *tmp_str = ' ';  
                        tmp_str++; *tmp_str = '\0';
                    }
                    size_left-=str_size + 1;

                    if(nstr <= 54)
                        el_sstring[nstr] = (LPSTR)sstr;

                    sstr = strchr( (LPSTR)sstr, '\0');
                    sstr++;
     
                }

                // 得到事件描述
                event_descriptive_msg = El_GetMessage(el->er, el->event_name, event_sourcename, el_sstring);
                if(event_descriptive_msg != NULL)
                {
                 
                    tmp_str = event_descriptive_msg;   
                    while((tmp_str = strchr(tmp_str, '\n')))
                    {
                        *tmp_str = ' ';
                        tmp_str++;         
                    }   

                    tmp_str = event_descriptive_msg;   
                    while((tmp_str = strchr(tmp_str, '\r')))
                    {
                        *tmp_str = ' ';
                        tmp_str++;
      //strchr(tmp_str, '\n');
                    }   
                }
            }
            else
            {
                strncpy(el_string, "(no message)", 1020); 
            }
            // 得到username
            if (el->er->UserSidLength)
            {
                SID_NAME_USE account_type;
                if(!LookupAccountSid(NULL, (SID *)((LPSTR)el->er + el->er->UserSidOffset),
                            event_el_user, &user_size, event_el_domain, &domain_size, &account_type))  
                {
                    strncpy(event_el_user, "(no user)", 255);
                    strncpy(event_el_domain, "no domain", 255);
                }

            }

            else
            {
                strncpy(event_el_user, "A", 255); 
                strncpy(event_el_domain, "N", 255); 
            }
   
   /////////////////////////////////////
   //插入列表
   Insert_Record();
   ////////////////////////////////////
   
            if(event_descriptive_msg != NULL)
                LocalFree(event_descriptive_msg);

            // Changing the point to the er
   //i++;
   event_record++;
            read -= el->er->Length;
            el->er = (EVENTLOGRECORD *)((LPBYTE) el->er + el->er->Length);
   
        } 
  my_host_IsListCtrl = true;
  
  CString strlove;
  //输出事件个数
  strlove.Format("%d",event_record);
  GetDlgItem(IDC_EVENTNUM)->SetWindowText(strlove);
  //输出事件错误个数
  strlove.Format("%d",event_error_num);
  GetDlgItem(IDC_ERRORNUM)->SetWindowText(strlove);
  //输出事件信息个数
  strlove.Format("%d",event_info_num);
  GetDlgItem(IDC_INFONUM)->SetWindowText(strlove);
  //输出事件警告个数
  strlove.Format("%d",event_warn_num);
  GetDlgItem(IDC_WARNNUM)->SetWindowText(strlove);
  //输出事件审核成功个数  
  strlove.Format("%d",event_auditsucceed_num);
  GetDlgItem(IDC_AUDITSUCCEEDNUM)->SetWindowText(strlove);
  //输出事件审核失败个数  
  strlove.Format("%d",event_auditdefeat_num);
  GetDlgItem(IDC_AUDITDEFEATNUM)->SetWindowText(strlove);

        // Setting er to the beginning of the buffer 
        el->er = (EVENTLOGRECORD *)&mbuffer;  
    }
 event_record=0;
}
///////////////////////////////////////////////////////////////////////////
void CRead_EventDlg::Set_EventNum()

 //给记录数字初始化
 event_record=0;
 event_auditsucceed_num=0;
 event_info_num=0;
 event_error_num=0;
 event_warn_num=0;
 event_auditdefeat_num=0;

}
///////////////////////////////////////////////////////////////////
int CRead_EventDlg::Start_EL(char *app, os_el *el)
{

 el->h = OpenEventLog(NULL, app);
    if(!el->h)
    {
        return(0);    
    }

    el->event_name = app;
    GetOldestEventLogRecord(el->h, &el->record);

    return(1);
}
////////////////////////////////////////////////////////////////////////
void CRead_EventDlg::Win_startel(char *eventlog)
{
 Start_EL(eventlog,el);
    Read_event(el,1);
}
////////////////////////////////////////////////////////////////////
void CRead_EventDlg::Save_event(os_el *el, int printit)
{
 event_record=0;
 DWORD nstr;
    DWORD user_size;
    DWORD domain_size;
    DWORD read, needed;
    int size_left;
    int str_size;

    char *mbuffer[BUFFER_SIZE];
    LPSTR sstr = NULL;
 //int i=0;
 char *tmp_str = NULL;
 
    char el_string[1025];
    char final_out_msg[1024];  //最后输出的信息
    LPSTR el_sstring[57];

    /* Er must point to the mbuffer */
    el->er = (EVENTLOGRECORD *) &mbuffer;

    // Zeroing the last values
    el_string[1024] = '\0';
    event_el_user[256] = '\0';
    event_el_domain[256] = '\0';
    final_out_msg[1023] = '\0';
    el_sstring[56] = NULL;

    // Reading the event log     
    while(ReadEventLog(el->h,
                EVENTLOG_FORWARDS_READ | EVENTLOG_SEQUENTIAL_READ,
                0,
                el->er, BUFFER_SIZE -1, &read, &needed))
    {
        while(read > 0)
        {
   //得到事件的类型
            event_category = El_GetCategory(el->er->EventType);
   //得到事件来源
            event_sourcename = (LPSTR) ((LPBYTE) el->er + sizeof(EVENTLOGRECORD));
   //得到计算机名
            event_computername = event_sourcename + strlen(event_sourcename) + 1;
   //给描述信息初始化
            event_descriptive_msg = NULL;


            //初始化domain/user尺寸
            user_size = 255; domain_size = 255;
            event_el_domain[0] = '\0';
            event_el_user[0] = '\0';


            // 设置事件的一些描述
            if(el->er->NumStrings)
            { 
                size_left = 1020; 

                sstr = (LPSTR)((LPBYTE)el->er + el->er->StringOffset);
                el_string[0] = '\0';

                for (nstr = 0;nstr < el->er->NumStrings;nstr++)
                {
                    str_size = strlen(sstr); 
                    strncat(el_string, sstr, size_left);

                    tmp_str= strchr(el_string, '\0');
                    if(tmp_str)
                    {
                        *tmp_str = ' ';  
                        tmp_str++; *tmp_str = '\0';
                    }
                    size_left-=str_size + 1;

                    if(nstr <= 54)
                        el_sstring[nstr] = (LPSTR)sstr;

                    sstr = strchr( (LPSTR)sstr, '\0');
                    sstr++;
     
                }

                //Get a more descriptive message (if available)
                event_descriptive_msg = El_GetMessage(el->er, el->event_name, event_sourcename, el_sstring);
                if(event_descriptive_msg != NULL)
                {
                    // Remove any \n or \r
                    tmp_str = event_descriptive_msg;   
                    while((tmp_str = strchr(tmp_str, '\n')))
                    {
                        *tmp_str = ' ';
                        tmp_str++;
           
                    }   

                    tmp_str = event_descriptive_msg;   
                    while((tmp_str = strchr(tmp_str, '\r')))
                    {
                        *tmp_str = ' ';
                        tmp_str++;
      //strchr(tmp_str, '\n');

                    }   
                }
            }
            else
            {
                strncpy(el_string, "(no message)", 1020); 
            }


            // 得到username
            if (el->er->UserSidLength)
            {
                SID_NAME_USE account_type;
                if(!LookupAccountSid(NULL, (SID *)((LPSTR)el->er + el->er->UserSidOffset),
                            event_el_user, &user_size, event_el_domain, &domain_size, &account_type))  
                {
                    strncpy(event_el_user, "(no user)", 255);
                    strncpy(event_el_domain, "no domain", 255);
                }

            }

            else
            {
                strncpy(event_el_user, "A", 255); 
                strncpy(event_el_domain, "N", 255); 
            }

            if(printit)
            {
                tm   *event_time   =   localtime((const   long   *)&el->er->TimeWritten);

                _snprintf(final_out_msg, 1022,
                        "事件记录序号:%d\n事件:%s\n日期:%.4hd-%2hd-%2hd\n时间:%.2hd:%.2hd:%.2hd\n事件类型:%s\n事件来源:%s\n事件ID:(%u)\n用户:%s/%s\n计算机:%s\n描述:\n%s\n\n\n",
      event_record,
      el->event_name,
      event_time->tm_year + 1900,
      event_time->tm_mon + 1,
      event_time->tm_mday,
      event_time->tm_hour,
      event_time->tm_min,
      event_time->tm_sec, 
      
                        event_category,
      event_sourcename,
                       
                        (WORD)el->er->EventID,
                        event_el_domain,
                        event_el_user,
                       
      event_computername,
                        event_descriptive_msg != NULL?event_descriptive_msg:el_string); 
              
         fprintf(fp, "%s\n", final_out_msg); 
            }

            if(event_descriptive_msg != NULL)
                LocalFree(event_descriptive_msg);

            // Changing the point to the er
            read -= el->er->Length;
            el->er = (EVENTLOGRECORD *)((LPBYTE) el->er + el->er->Length);
   event_record++;
        }  

        // Setting er to the beginning of the buffer  
        el->er = (EVENTLOGRECORD *)&mbuffer;
  
    }
}
//////////////////////////////////////////////////////////////////////

void CRead_EventDlg::Save_Application()
{
 //从列表中保存应用日志
 if(!fp)
 {
  MessageBox("怎么没打开呢!","警告!",MB_OK|MB_ICONEXCLAMATION);
  exit(1);
 }
 else
 {
  MessageBox("应用日志文件打开了!","信息!",MB_OK|MB_ICONINFORMATION);
 }

 fprintf(fp, "\n\n***********应用日志列表***********\n\n\n");
 Save_List(1,event_record);

 fclose(fp);
 if(fclose(fp))
 {
  MessageBox("应用日志文件关闭了!","信息!",MB_OK|MB_ICONINFORMATION); 
 }
 else
 {
  MessageBox("还开着呢了,,抓紧关它吧!","错误!",MB_OK|MB_ICONSTOP);  

 }

}
//////////////////////////////////////////////////////////////////

void CRead_EventDlg::Save_Security()
{
 //从列表中保存安全日志
 if(!fp)
 {
  MessageBox("怎么没打开呢!","警告!",MB_OK|MB_ICONEXCLAMATION);

  exit(1);
 }
 else
 {
  
  MessageBox("安全日志文件打开了!","信息!",MB_OK|MB_ICONINFORMATION);

 }


 fprintf(fp, "\n\n***********安全日志列表***********\n\n\n"); 

 Save_List(1,event_record);

 fclose(fp);
 if(fclose(fp))
 {
  MessageBox("安全日志文件关闭了!","信息!",MB_OK|MB_ICONINFORMATION);
 }
 else
 {
  MessageBox("还开着呢了,,抓紧关它吧!","错误!",MB_OK|MB_ICONSTOP);
 }

}
////////////////////////////////////////////////////
void CRead_EventDlg::Save_System()
{
 //从列表中保存系统日志
 if(!fp)
 {
  MessageBox("怎么没打开呢!","警告!",MB_OK|MB_ICONEXCLAMATION);
  exit(1);
 }
 else
 {
  MessageBox("系统日志文件打开了!","信息!",MB_OK|MB_ICONINFORMATION);
 }
 fprintf(fp, "\n\n***********系统日志列表***********\n\n\n"); 

 Save_List(1,event_record);

 fclose(fp);
 if(fclose(fp))
 {
  MessageBox("系统日志文件关闭了!","信息!",MB_OK|MB_ICONINFORMATION);  
 }
 else
 {
  MessageBox("还开着呢了,,抓紧关它吧!","错误!",MB_OK|MB_ICONSTOP);
 }

}
/////////////////////////////////////////////////////////////////////////
void CRead_EventDlg::Save_Single_Record(int single_record)
{
 //从列表中保存单个记录
 if(!fp)
 {
  MessageBox("怎么没打开呢!","警告!",MB_OK|MB_ICONEXCLAMATION);  
  exit(1);
 }
 else
 {
  MessageBox("一个记录正要保存了!","信息!",MB_OK|MB_ICONINFORMATION);  
 }

 fprintf(fp, "\n\n***********第%d记录***********\n\n\n",nItem);
 
 Save_List(single_record,single_record);


 fclose(fp);
 if(fclose(fp))
 {
  MessageBox("日志记录关闭了!","信息!",MB_OK|MB_ICONINFORMATION); 
 }
 else
 {
  MessageBox("还有一个记录开着呢!","错误!",MB_OK|MB_ICONSTOP);  
 }
}
/////////////////////////////////////////////////////////////////////
void CRead_EventDlg::Save_List(int record_initialize, int record_num)
{
 //保存列表记录
 CString save_event_record;
 CString save_event_category;
 CString save_event_sourcename;
 CString save_event_date;
 CString save_event_time;
 CString save_event_id;
 CString save_event_user;
 CString save_event_computername;
 CString save_event_descriptive_msg;
 CString save_event_name;
 
 switch(istype)
 {
 case 1:
  save_event_name="Security";
  break;
 case 2:
  save_event_name="System";
  break;
 case 3:
  save_event_name="Application";
  break;
 default:
  return;
   }

 for(int i=record_initialize-1;i<record_num;i++)
 {
  save_event_record=m_mm_host_ListCtrl.GetItemText(i,0);
  save_event_category=m_mm_host_ListCtrl.GetItemText(i,1);
  save_event_sourcename=m_mm_host_ListCtrl.GetItemText(i,2);
  save_event_date=m_mm_host_ListCtrl.GetItemText(i,3);
  save_event_time=m_mm_host_ListCtrl.GetItemText(i,4);
  save_event_id=m_mm_host_ListCtrl.GetItemText(i,5);
  save_event_user=m_mm_host_ListCtrl.GetItemText(i,6);
  save_event_computername=m_mm_host_ListCtrl.GetItemText(i,7);
  save_event_descriptive_msg=m_mm_host_ListCtrl.GetItemText(i,8);
  fprintf(fp, "事件记录序号:%s\n事件:%s\n日期:%s\n时间:%s\n类型:%s\n事件来源:%s\n事件ID:%s\n用户:%s\n计算机:%s\n描述:\n%s\n\n\n\n",
    save_event_record,
    save_event_name,
    save_event_date,
    save_event_time,
    save_event_category,
    save_event_sourcename,
    save_event_id,
    save_event_user,
    save_event_computername,
    save_event_descriptive_msg);

 }

}
////////////////////////////////////////////////////
void CRead_EventDlg::Save_Hard_Application()
{
 //从系统中保存应用日志
 if(!fp)
 {
  MessageBox("怎么没打开呢!","警告!",MB_OK|MB_ICONEXCLAMATION);
  exit(1);
 }
 else
 {
  MessageBox("应用日志文件打开了!","信息!",MB_OK|MB_ICONINFORMATION);
 }

 fprintf(fp, "\n\n***********应用日志列表***********\n\n\n");
 
 Start_EL("application",el);
 Save_event(el, 1);
 
 fclose(fp);
 if(fclose(fp))
 {
  MessageBox("应用日志文件关闭了!","信息!",MB_OK|MB_ICONINFORMATION); 
 }
 else
 {
  MessageBox("还开着呢了,,抓紧关它吧!","错误!",MB_OK|MB_ICONSTOP);  

 }

}
////////////////////////////////////////////////////////////////////


void CRead_EventDlg::Save_Hard_Security()
{
 //从系统中保存安全记录
 if(!fp)
 {
  MessageBox("怎么没打开呢!","警告!",MB_OK|MB_ICONEXCLAMATION);

  exit(1);
 }
 else
 {
  
  MessageBox("安全日志文件打开了!","信息!",MB_OK|MB_ICONINFORMATION);

 }


 fprintf(fp, "\n\n***********安全日志列表***********\n\n\n"); 

 Start_EL("Security",el);
 Save_event(el, 1);

 fclose(fp);
 if(fclose(fp))
 {
  MessageBox("安全日志文件关闭了!","信息!",MB_OK|MB_ICONINFORMATION);
 }
 else
 {
  MessageBox("还开着呢了,,抓紧关它吧!","错误!",MB_OK|MB_ICONSTOP);
 }
}
//////////////////////////////////////////////////////////////
void CRead_EventDlg::Save_Hard_System()
{
 //从系统中保存系统日志
 if(!fp)
 {
  MessageBox("怎么没打开呢!","警告!",MB_OK|MB_ICONEXCLAMATION);
  exit(1);
 }
 else
 {
  MessageBox("系统日志文件打开了!","信息!",MB_OK|MB_ICONINFORMATION);
 }

 fprintf(fp, "\n\n***********系统日志列表***********\n\n\n"); 

 Start_EL("System",el);
 Save_event(el, 1);

 fclose(fp);
 if(fclose(fp))
 {
  MessageBox("系统日志文件关闭了!","信息!",MB_OK|MB_ICONINFORMATION);  
 }
 else
 {
  MessageBox("还开着呢了,,抓紧关它吧!","错误!",MB_OK|MB_ICONSTOP);
 }

}
/////////////////////////////////////////////////////////////////

void CRead_EventDlg::OnSave_Hard()
{
 //从系统中保存记录的响应函数
 // TODO: Add your control notification handler code here
 switch(istype)
 {
 case 1:
  break;
 case 2:
  break;
 case 3:
  break;
 default:
  MessageBox("请选择日志类型","警告!",MB_OK|MB_ICONEXCLAMATION);
  return;
   }

 CString sFileName;
 sFileName.Format("");

 CFileDialog dlg(FALSE, "txt", sFileName,
     OFN_OVERWRITEPROMPT|OFN_HIDEREADONLY,
     "文本文件(*.txt)|*.txt|文本文件(*.doc)|*.doc||", this); 

 /////////////////////////////////////////
 //从系统中保存整个日志
 if(IDCANCEL==(MessageBox("您确定要从系统中保存日志文件?","提示!",MB_OKCANCEL|MB_ICONQUESTION)))
 {
  nItem=0;
  return;
 }

 if (dlg.DoModal() == IDOK)
 {
  dlg.m_ofn.lpstrTitle = _T("从系统中保存日志文件");
  CString fileName = dlg.GetPathName();

  fp = fopen(fileName,"w");
  switch(istype)
  {
  case 1:
   Save_Hard_Security();
   break;
  case 2:
   Save_Hard_System();
   break;
  case 3:
   Save_Hard_Application();
   break;
  default:
   MessageBox("请选择日志类型","警告!",MB_OK|MB_ICONEXCLAMATION);
   return;
    }
 }
 nItem=0;
 
}
/////////////////////////////////////////////////////////////////
/////////////////////////////////////////////////////////////////
/////////////////////////////////////////////////////////////////
// DescriptionDiaLog.cpp : implementation file
//

#include "stdafx.h"
#include "Read_Event.h"
#include "DescriptionDiaLog.h"
#include "Read_EventDlg.h"

#ifdef _DEBUG
#define new DEBUG_NEW
#undef THIS_FILE
static char THIS_FILE[] = __FILE__;
#endif

extern int istype;
extern int nItem;
extern int event_record;
extern CString m_mm_host_state;
extern os_el el[1];
extern BOOL issub;
BOOL isShow=FALSE;
/////////////////////////////////////////////////////////////////////////////
// DescriptionDiaLog dialog


DescriptionDiaLog::DescriptionDiaLog(CWnd* pParent /*=NULL*/)
 : CDialog(DescriptionDiaLog::IDD, pParent)
{
 //{{AFX_DATA_INIT(DescriptionDiaLog)
 m_sub_event_computername = _T("");
 //}}AFX_DATA_INIT
}


void DescriptionDiaLog::DoDataExchange(CDataExchange* pDX)
{
 CDialog::DoDataExchange(pDX);
 //{{AFX_DATA_MAP(DescriptionDiaLog)
 DDX_Text(pDX, IDC_SBUEVENTCOMPUTERNAME, m_sub_event_computername);
 //}}AFX_DATA_MAP
}


BEGIN_MESSAGE_MAP(DescriptionDiaLog, CDialog)
 //{{AFX_MSG_MAP(DescriptionDiaLog)
 ON_BN_CLICKED(IDC_SHOW, OnShow)
 ON_BN_CLICKED(IDC_PRESHOW, OnPreshow)
 ON_BN_CLICKED(IDC_NEXTSHOW, OnNextshow)
 //}}AFX_MSG_MAP
END_MESSAGE_MAP()

/////////////////////////////////////////////////////////////////////////////
// DescriptionDiaLog message handlers

BOOL DescriptionDiaLog::OnInitDialog()
{
 CDialog::OnInitDialog();
 
 // TODO: Add extra initialization here
 issub=true;
 return TRUE;  // return TRUE unless you set the focus to a control
               // EXCEPTION: OCX Property Pages should return FALSE
}
//////////////////////////////////////////////////////////
void DescriptionDiaLog::Sub_Prepare()
{

 char *m_sub_cTemp;
 switch(istype)
 {
 case 1:
  m_sub_cTemp ="Security";
  break;
 case 2:
  m_sub_cTemp ="System";
  break;
 default:
  m_sub_cTemp ="application";
 }
 Sub_Show(nItem);
}
///////////////////////////////////////////////////////
void DescriptionDiaLog::OnShow()
{
 //显示记录内容
 // TODO: Add your control notification handler code here
 //判断是否有记录被选中
 if (nItem==0)
 {
  MessageBox("错了!","错误!",MB_OK|MB_ICONSTOP);
  CDialog::OnOK();
 }
 //如果是选中的是列表中第一条记录,向前观察按钮失效
 if(nItem==1)
 {
  GetDlgItem(IDC_PRESHOW)->EnableWindow(FALSE);
  GetDlgItem(IDC_NEXTSHOW)->EnableWindow(TRUE);
 }
 //如果是选中的是列表中最后一条记录,向后观察按钮失效
 if(nItem==event_record)
 {
  GetDlgItem(IDC_PRESHOW)->EnableWindow(TRUE);
  GetDlgItem(IDC_NEXTSHOW)->EnableWindow(FALSE);
 }
 Sub_Prepare();
 isShow=TRUE;
}
///////////////////////////////////////////////////////////
void DescriptionDiaLog::OnPreshow()

 //向前观察按钮响应函数
 // TODO: Add your control notification handler code here
 if (!isShow)
 {
  MessageBox("请回去选择记录!","警告!",MB_OK|MB_ICONEXCLAMATION);
  CDialog::OnOK();
 }
 nItem--;
 //如果是选中的是列表中第一条记录,向前观察按钮失效
 if(nItem==1)
 {
  GetDlgItem(IDC_PRESHOW)->EnableWindow(FALSE);
 }
 GetDlgItem(IDC_NEXTSHOW)->EnableWindow(TRUE);
 Sub_Prepare();

}
//////////////////////////////////////////////////////////////////
void DescriptionDiaLog::OnNextshow()

 //向后观察按钮
 // TODO: Add your control notification handler code here
 nItem++;
 //如果是选中的是列表中最后一条记录,向后观察按钮失效
 if(nItem==event_record)
 {
  GetDlgItem(IDC_NEXTSHOW)->EnableWindow(FALSE);
 }
 GetDlgItem(IDC_PRESHOW)->EnableWindow(TRUE);
 Sub_Prepare();

}
//////////////////////////////////////////////////////////////

void DescriptionDiaLog::OnOK()
{
 // TODO: Add extra validation here
 nItem=0;
 CDialog::OnOK();
}

void DescriptionDiaLog::OnCancel()
{
 // TODO: Add extra cleanup here
 nItem=0;
 CDialog::OnCancel();
}
////////////////////////////////////////////////////////////////
void DescriptionDiaLog::Sub_Show(int sub_nItem)
{
 //显示详细记录按钮的响应函数
 CRead_EventDlg* dlg = (CRead_EventDlg *)AfxGetMainWnd();
 CString sub_event;

 //事件序列
 sub_event=dlg->m_mm_host_ListCtrl.GetItemText(sub_nItem-1,0);
 GetDlgItem(IDC_SBUEVENTRECORD)->SetWindowText(sub_event);
 //事件类型
 sub_event=dlg->m_mm_host_ListCtrl.GetItemText(sub_nItem-1,1);
 GetDlgItem(IDC_SBUEVENTCATEGORY)->SetWindowText(sub_event);
 //事件来源
 sub_event=dlg->m_mm_host_ListCtrl.GetItemText(sub_nItem-1,2);
 GetDlgItem(IDC_SUBEVENTSOURCENAME)->SetWindowText(sub_event);
 //事件日期
 sub_event=dlg->m_mm_host_ListCtrl.GetItemText(sub_nItem-1,3);
 GetDlgItem(IDC_SUBEVENTDATA)->SetWindowText(sub_event);
 //事件时间
 sub_event=dlg->m_mm_host_ListCtrl.GetItemText(sub_nItem-1,4);
 GetDlgItem(IDC_SBUEVENTTIME)->SetWindowText(sub_event);
 //事件ID
 sub_event=dlg->m_mm_host_ListCtrl.GetItemText(sub_nItem-1,5);
 GetDlgItem(IDC_SBUEVENTID)->SetWindowText(sub_event);
 //用户
 sub_event=dlg->m_mm_host_ListCtrl.GetItemText(sub_nItem-1,6);
 GetDlgItem(IDC_SBUEVENTUSERNAME)->SetWindowText(sub_event);
 //计算机
 sub_event=dlg->m_mm_host_ListCtrl.GetItemText(sub_nItem-1,7);
 GetDlgItem(IDC_SBUEVENTCOMPUTERNAME)->SetWindowText(sub_event);
 //详细描述
 sub_event=dlg->m_mm_host_ListCtrl.GetItemText(sub_nItem-1,8);
 GetDlgItem(IDC_EDIT_SBUEVENTMESSAGE)->SetWindowText(sub_event);
 
 switch(istype)
 {
 case 1:
  sub_event="Security";
  break;
 case 2:
  sub_event="System";
  break;
 case 3:
  sub_event="Application";
  break;
 default:
  MessageBox("请选择日志类型!","警告!",MB_OK|MB_ICONEXCLAMATION);
  return;
   }
 //事件
 GetDlgItem(IDC_SUBEVENT)->SetWindowText(sub_event);

}
/////////////////////////////////////////////////////////////////

posted on 2006-09-07 14:37 啤酒 阅读(802) 评论(0)  编辑 收藏 引用


只有注册用户登录后才能发表评论。
网站导航: 博客园   IT新闻   BlogJava   博问   Chat2DB   管理


导航

统计

常用链接

留言簿(2)

随笔档案

收藏夹

搜索

最新评论

阅读排行榜

评论排行榜