Application Security Testing: An Integral Part of DevOps
Lesson 5: Dialog-Based Applications
We won't build a dialog application just yet, but I will tell you enough here so that you get the picture of what's going on in dialog applications. Dialog apps are the simplest apps in my opinion. In the IDE, go to File, New, Projects, MFC AppWizard(exe), and type in a project name. Hit next. Select Dialog Application as the type of application and then hit finish. Next go to the File View. You will see the source files created automagically. You should be able to compile and run the application as it is.
What is going on in all these files? Everything boils down to
CWinApp derived class and the
CDialog derived class
(which is derived from
CWnd). Look in the source file named after
your project. You should see a the
InitInstance() function there.
Inside of that function you can see that a dialog class is constructed,
it is set as the 'main window' of the application, and it is displayed
DoModal() function. Once you exit your dialog app, the
DoModal() function returns and your dialog is hidden.
FALSE and your application ends. Now the question
is, "What is
DoModal()function. It returns either
IDCANCELdepending on how you exited the dialog. Internally the
OnInitDialog()which is a good place to initialize your dialog variables. If you create a dialog app, you will notice that a default dialog class and resource is created for you. The file name for the class will be your project name with a 'Dlg' tacked on at the end.
Though we aren't making an application just yet, I have to tell you how to put something useful on the dialog. First open up the resource view. Open up your dialog in the editor. Right click on the dialog and select 'properties'. Make sure the 'Visible' checkbox is checked. If it isn't, you won't be able to see your dialog. (Remember this, it will come back to haunt you in the future). You can change the Dialog's caption here as well as other things.
Now drag a button control onto the dialog somewhere. Right click on
it and select properties. You can change the ID of the button to something
more descriptive like
IDC_SHOWMESSAGE. You can also change the
text on the button to something more descriptive like 'Show Message'. You
have a button now. But it does nothing. You can easily fix that. Press
Ctrl-W to bring up the class wizard. Make sure you are on the first tab.
You should see your dialogs name and the button's ID in the list on the
left. If you select the dialog's name you can
see all of the functions and messages that the class wizard will let you add code for on the right. You can see the
WM_PAINT and all
the other messages we talked about. If you select the ID of the button
you can see the messages that the button sends. Double click on the
CLICK message and accept the default function name. You see that
it appears in the list at the bottom. Now double-click on the function
in the bottom list. Shazam, you are transported right to the cpp file where
you need to fill in the code. Let's do something easy. Just add the line:
Compile, build and run your application (just press Ctrl-F5). If you
press the button, you should see a message box pop up when you press the
new button. (There are some
Afx... functions that are useful.
I think the message box one is the most useful out of all of them. It is
That was dead simple. You see how to add message handlers now (like
for the button click), but you need at least one more vital bit of information
to make a useful dialog box. How to use the automatic data handling stuff
in MFC. This is best described by going back to the code again. Bring up
the resource editor one more time and this time add an Edit Box to your
dialog. Again right click on it and give it a nice and friendly ID. Hit
Ctrl-W and bring up the class wizard. This time go to the second Tab. Here
is where you add member variables that are associated with the controls
on your dialog. Double click on the Edit Box's ID. You now have the choice
to add a variable to your project. Give it a name like
since it will be a string for our message box. Make sure the data type
CString there at the bottom. Press OK. And press it
again to get out of the class wizard.
When you add a member variable to a dialog like this, you can set the value to that in the control of the dialog by calling
Likewise you can change the data displayed in the dialog to represent your variable's value by calling
Let's put this to use and finish up this lesson. Go towards the end
OnInitDialog() function and in it put the two lines:
m_strMessage = "Initial text"; UpdateData(FALSE);
Then go to the function which is called when the button is pressed and
AfxMessageBox() line with these two lines:
Ok, we are done. What we just did was set the initial text in the edit
box to "Initial text" with the
UpdateData(FALSE). Then when the
button is pressed the text in the message box is displayed since we get
the text from the dialog with
By playing around and by reading the help (or a good book) you will learn how to use the other controls. On of the trickiest to figure out with out help is the slider bar. If you use one of these you will have to handle the dialog's scroll messages. That's just a hint for you.