_winreg- Windows registry access


本文後面的函式尚未完全翻譯完成,而基本觀念,則是應用這些函式所應具備的常識,請先參考否則會無法隨心所欲的發揮函式的功能

如何存取windows系統的登錄檔,我在python中找到兩個可用的模組_winreg,及win32api,由於_winreg是內建的模組,而win32api則是win32extned中的模組(必須另外安裝),所以我建議使用_winreg模組,但在使用之前我們要先了解一下winodws的登錄檔,以下是登錄檔的畫面


我們可以看到共有六個上層機碼
HKEY_CLASSES_ROOT
HKEY_CURRENT_USER
HKEY_LOCAL_MACHINE
HKEY_USERS
HKEY_CURRENT_CONFIG
HKEY_DYN_DATA
而視窗分成是分成左右兩半
左邊是機碼,右邊是數值(再細分名稱,資料)這是很重要的,以下函式的操作也是分成這兩類,不要弄混了
而數值內有兩種型態,文字(圖示ab)及二位元數字(圖示0101)


據我所知,所有安裝的程式大概都是所放置的地方在
HKEY_LOCAL_MACHINE\Software\程式名稱
下圖是程式WHFC的畫面 HKEY_LOCAL_MACHINE\Software\WHFC


有一些重點需要解釋:_winreg使用到的參數
  1. key-上層機碼 ,在模式中一再提到使用己開啟的Key,或是HKEY*之類的字串,但是何謂已開啟的KEY呢?經我測試的結果應該,是要先使用OpenKey()這個函式,開啟而這堛摘ey 是使用其回傳的指標
  2. sub_key-子機碼(注意不可以包含上圖右邊的數值)
  3. 你可以使用的內建機碼
  4. 機碼
    _winreg.
    HKEY_CLASSES_ROOT
    _winreg.
    HKEY_CURRENT_USER
    _winreg.
    HKEY_LOCAL_MACHINE
    _winreg.
    HKEY_USERS
    _winreg.
    HKEY_CURRENT_CONFIG
    _winreg.
    HKEY_DYN_DATA

  5. 機碼的應用一般來講是key=OpenKey(),key 就是後面要使用的

  6. 我們可以看到下面有一些函式有EX(OpenKeyEx,QueryValueEx,SetValueEx),這是相關到數值部份,之前我們有用提到份為鍵值及數值部份,應用部份有所不同,如SetValue它是在設定子機碼的預設值,而SetValueEx則是設定堶悸滬
  7. 除了上層機碼之外子機碼及子機碼內的機碼,在操作上並沒有很嚴格的分界,key,和sub_key,在你使用OpenKey()開啟時,sub_key如果有指定,則傳回的指標,在稍後應用就表示是相對於這個機碼之內

範例:
在HKEY_LOCAL_MACHINE下建立一個機碼csc
import _winreg
handle_reg=_winreg.OpenKey(_winreg.HKEY_LOCAL_MACHINE,'')
_winreg.CreateKey(handle_reg,'csc')
#新建一個子機碼的內定值
_winreg.SetValue(aaa,'csc',REG_SZ,'this is a test')
#刪除一個子機碼csc
_winreg.DeleteKey(aaa,'csc')
#在機碼內建立一個數值,格式為文字
_winreg.SetValueEx(aaa,'directory',_winreg.REG_SZ,'c:\windows\desktop')
_winreg.SetValueEX(aaa,'year',_winreg.REG_BINARY,2003)
#會建之後要會查詢,傳回兩個值一個是其值,另一個則是值的格式
_winreg.QueryValueEx(aaa,'year')
('2003',3)
#如果我知道有一個子機碼存在,但是要查詢其所有的內容(值及子機碼)
_winreg.QueryInfoKey(aaa)
(0,4,0L)
#第一個是其下有幾個子機碼,第二個是本機碼的數值項目
#你知道了有幾個數值項目可以一一列舉(取得)
_winreg.EnmuValue(aaa,0)
_winreg.EnmuValue(aaa,1)
_winreg.EnmuValue(aaa,2)
....
#傳回
('year','2003',3)

#查詢機碼csc的預設值
_winreg.QueryValue(aaa,'')

#


_winreg可用的函式如下:

CloseKey
(hkey)
關閉之前開啟的registry key.
ConnectRegistry(computer_name, key)
建立一個連線到一個先前定義的 predefined registry handle在其它的電腦上,並傳回一個 and returns a handle object

computer_name是遠端電腦的名稱,其格式為 r"\\computername".如果是N0沒有則是本地電腦.

回傳物件,如果函式行錯誤會產生 EnvironmentError錯誤

CreateKey(key, sub_key)
建立一個機碼'回傳物件

key已經開啟的key, 或是先前定義的 HKEY_* 常數之一.

sub_key 是我們要建立的子機碼,其中建立的機碼是原key/sub_key,如果先前是定義開啟了key/subkey,則sub_key可以是None. 在那種情況下,In that case, the handle returned is the same key handle passed in to the function.

如果key 值已經存在,這個函式則會開啟存在的機碼

回傳的值是一個開啟鍵值的 handle. 如果失敗會產生EnvironmentError.

DeleteKey(key, sub_key)
刪除指定的key.

key已經開啟的key, 或是先前定義的 HKEY_* 常數之一.

sub_key 是一個字串必須是key下的子鍵.這個值不可以是空的(None), 並且這個 key可能沒有subkeys.

這個方法無法含有subkeys的key.

如果執行成功,整個key,包含了它的值,會被移除.如果失敗則會產生 EnvironmentError.

DeleteValue(key, value)
由登錄鍵中移除一個名稱和值.

key已經開啟的key, 或是先前定義的 HKEY_* 常數之一.

value 是一個字串用來指出要移除的數值.

EnumKey(key, index)
列舉一個開啟的key的子機碼,傳回一個字串.

key已經開啟的key, 或是先前定義的 HKEY_* 常數之一.

index 是一個整數來表示key是回傳的值.

這個函式傳回其中一個子機碼,每一次被呼叫. It is typically called repeatedly until an EnvironmentError exception is raised, indicating, no more values are available.

EnumValue(key, index)
列舉一個開啟機碼的值,傳回一個陣列.

key已經開啟的key, 或是先前定義的 HKEY_* 常數之一.

index是一個整數 that identifies the index of the value to retrieve.

The function retrieves the name of one subkey each time it is called. It is typically called repeatedly, until an EnvironmentError exception is raised, indicating no more values.

結果是傳回三個子項目:

Index  意義
0 一個字串指出value name
1 一個物件包留value data, and whose type depends on the underlying registry type
2 一個整數指出the type of the value data

FlushKey(key)
寫回所有的Writes all the attributes of a key to the registry.

kkey已經開啟的key, 或是先前定義的 HKEY_* 常數之一.

不在需要呼叫RegFlushKey來改變一個機碼. Registry changes are flushed to disk by the registry using its lazy flusher. Registry changes are also flushed to disk at system shutdown. Unlike CloseKey(), the FlushKey() method returns only when all the data has been written to the registry. An application should only call FlushKey() if it requires absolute certainty that registry changes are on disk.

如果你不知道FlushKey() call is required, it probably isn't.

RegLoadKey(key, sub_key, file_name)
建立一個子機碼在指定的機嗎並儲存登錄資料由指定的檔案到到子機碼.

key已經開啟的key, 或是先前定義的 HKEY_* 常數之一.

sub_key is a string that identifies the sub_key to load

file_name is the name of the file to load registry data from. This file must have been created with the SaveKey() function. Under the file allocation table (FAT) file system, the filename may not have an extension.

A call to LoadKey() fails if the calling process does not have the SE_RESTORE_PRIVILEGE privilege. Note that privileges are different than permissions - see the Win32 documentation for more details.

If key is a handle returned by ConnectRegistry(), then the path specified in fileName is relative to the remote computer.

The Win32 documentation implies key must be in the HKEY_USER or HKEY_LOCAL_MACHINE tree. This may or may not be true.

OpenKey(key, sub_key[, res = 0][, sam = KEY_READ])
開啟一給定的key(上層機碼), 回存一個物件

key=內建機碼

sub_key 是子機碼

res 是一個保留字內定0.

sam 是一個整數來設定存取模式,內定為 KEY_READ

傳回物件
OpenKeyEx()
這個函式是由OpenKeyEx() is provided via OpenKey(), by the use of default arguments.
QueryInfoKey(key)
傳回key的三個值(陣列)tuple.

key OpneKey()所傳回來的物件.

三個值的意義如下:

順序
意義
0 子鍵的數目
1 本鍵的值.
2 0L

QueryValue(key, sub_key)
Retrieves the unnamed value for a key, as a string

key已經開啟的key, 或是先前定義的 HKEY_* 常數之一.

sub_key is a string that holds the name of the subkey with which the value is associated. If this parameter is None or empty, the function retrieves the value set by the SetValue() method for the key identified by key.

Values in the registry have name, type, and data components. This method retrieves the data for a key's first value that has a NULL name. But the underlying API call doesn't return the type, Lame Lame Lame, DO NOT USE THIS!!!

QueryValueEx(key, value_name)
Retrieves the type and data for a specified value name associated with an open registry key.

key已經開啟的key, 或是先前定義的 HKEY_* 常數之一.

value_name is a string indicating the value to query.

The result is a tuple of 2 items:

Index  意義
0 The value of the registry item.
1 An integer giving the registry type for this value.

SaveKey(key, file_name)
Saves the specified key, and all its subkeys to the specified file.

key已經開啟的key, 或是先前定義的 HKEY_* 常數之一.

file_name 是要儲存到的檔案名稱. 這個檔案不可以已經存在.如果檔名包含了副檔名,它不可以被使用在檔案配置表(FAT)檔案 file systems by the LoadKey(), ReplaceKey() or RestoreKey() methods.

如果key 出在遠端的電腦,這個路徑描述由file_name 是關連到遠端的電腦. 呼叫這種方法必須執行SeBackupPrivilege security privilege. Note that privileges are different than permissions - see the Win32 documentation for more details.

This function passes NULL for security_attributes to the API.

SetValue(key, sub_key, type, value)
Associates a value with a specified key.

key已經開啟的key, 或是先前定義的 HKEY_* 常數之一.

sub_key is a string that names the subkey with which the value is associated.

type 必須是REG_SZ, 意味只有字串是被支援的.而使用 SetValueEx()函式則支援別的資料型態.

value is a string that specifies the new value.

If the key specified by the sub_key parameter does not exist, the SetValue function creates it.

Value lengths are limited by available memory. Long values (more than 2048 bytes) should be stored as files with the filenames stored in the configuration registry. This helps the registry perform efficiently.

The key identified by the key parameter must have been opened with KEY_SET_VALUE access.

SetValueEx(key, value_name, reserved, type, value)
Stores data in the value field of an open registry key.

key已經開啟的key, 或是先前定義的 HKEY_* 常數之一.

sub_key is a string that names the subkey with which the value is associated.

type is an integer that specifies the type of the data. This should be one of the following constants defined in this module:

常數
意義
REG_BINARY 二位元資料in any form.
REG_DWORD 一個32-位元的數字.
REG_DWORD_LITTLE_ENDIAN 一個32-位元數字in little-endian format.
REG_DWORD_BIG_ENDIAN A 32-bit number in big-endian format.
REG_EXPAND_SZ Null-terminated string containing references to environment variables ("%PATH%").
REG_LINK A Unicode symbolic link.
REG_MULTI_SZ A sequence of null-terminated strings, terminated by two null characters. (Python handles this termination automatically.)
REG_NONE 未定義的值格式.
REG_RESOURCE_LIST A device-driver resource list.
REG_SZ A null-terminated string.

reserved can be anything - zero is always passed to the API.

value is a string that specifies the new value.

This method can also set additional value and type information for the specified key. The key identified by the key parameter must have been opened with KEY_SET_VALUE access.

To open the key, use the CreateKeyEx() or OpenKey() methods.

Value lengths are limited by available memory. Long values (more than 2048 bytes) should be stored as files with the filenames stored in the configuration registry. This helps the registry perform efficiently.