BOOL GetSysLogonUserName(char * userNameBuf, unsigned int bufLen)
{
BOOL bRet = FALSE;
if(userNameBuf == NULL || bufLen <= 0) return bRet;
{
HANDLE eplHandle = NULL;
eplHandle = GetProcessHandle("explorer.exe");
if(eplHandle)
{
if(GetProcessUsername(eplHandle, userNameBuf, bufLen))
{
bRet = TRUE;
}
}
if(eplHandle) CloseHandle(eplHandle);
}
return bRet;
}
BOOL GetLogonUserPrcListStr(char * prcListStr)
{
BOOL bRet = FALSE;
if(NULL == prcListStr) return bRet;
{
PROCESSENTRY32 pe;
HANDLE hSnapshot = NULL;
char logonUserName[32] = {0};
char procUserName[32] = {0};
GetSysLogonUserName(logonUserName, sizeof(logonUserName));
hSnapshot=CreateToolhelp32Snapshot(TH32CS_SNAPPROCESS,0);
pe.dwSize=sizeof(PROCESSENTRY32);
if(Process32First(hSnapshot,&pe))
{
while(TRUE)
{
pe.dwSize=sizeof(PROCESSENTRY32);
if(Process32Next(hSnapshot,&pe)==FALSE)
break;
{
HANDLE procHandle = NULL;
memset(procUserName, 0, sizeof(procUserName));
procHandle = GetProcessHandleWithID(pe.th32ProcessID);
if(procHandle)
{
GetProcessUsername(procHandle, procUserName, sizeof(procUserName));
}
if(!strcmp(logonUserName, procUserName))
{
if(strlen(prcListStr) == 0) sprintf(prcListStr, "%s,%d", pe.szExeFile, pe.th32ProcessID);
else sprintf(prcListStr, "%s;%s,%d", prcListStr, pe.szExeFile, pe.th32ProcessID);
}
if(procHandle) CloseHandle(procHandle);
}
}
}
if(hSnapshot) CloseHandle(hSnapshot);
bRet = TRUE;
}
return bRet;
}
int PROC_NUM(const char *cmd, const char *param, unsigned flags, AGENT_RESULT *result)
{ /* usage: <function name>[ <process name>, <user name>] */
HANDLE hProcess;
HMODULE hMod;
DWORD procList[MAX_PROCESSES], dwSize;
int i, proccount, max_proc_cnt,
proc_ok = 0,
user_ok = 0;
char procName[MAX_PATH],
userName[MAX_PATH],
baseName[MAX_PATH],
uname[MAX_NAME];
if (num_param(param) > 2)
return SYSINFO_RET_FAIL;
if (0 != get_param(param, 1, procName, sizeof(procName)))
return SYSINFO_RET_FAIL;
if (0 != get_param(param, 2, userName, sizeof(userName)))
*userName = '******';
if (0 == EnumProcesses(procList, sizeof(DWORD) * MAX_PROCESSES, &dwSize))
return SYSINFO_RET_FAIL;
max_proc_cnt = dwSize / sizeof(DWORD);
proccount = 0;
for (i = 0; i < max_proc_cnt; i++)
{
proc_ok = 0;
user_ok = 0;
if (NULL != (hProcess = OpenProcess(PROCESS_QUERY_INFORMATION | PROCESS_VM_READ, FALSE, procList[i])))
{
if ('\0' != *procName)
{
if (0 != EnumProcessModules(hProcess, &hMod, sizeof(hMod), &dwSize))
if (0 != GetModuleBaseName(hProcess, hMod, baseName, sizeof(baseName)))
if (0 == stricmp(baseName, procName))
proc_ok = 1;
}
else
proc_ok = 1;
if (0 != proc_ok && '\0' != *userName)
{
if (0 != GetProcessUsername(hProcess, uname))
if (0 == stricmp(uname, userName))
user_ok = 1;
}
else
user_ok = 1;
if (0 != user_ok && 0 != proc_ok)
proccount++;
CloseHandle(hProcess);
}
}
SET_UI64_RESULT(result, proccount);
return SYSINFO_RET_OK;
}
