You should replace any calls to WinExec
and OpenFile with calls to the CreateProcess and CreateFile
functions. Internally, the old functions call the new functions anyway. The big
problem with the old functions is that they don't accept Unicode strings and
they typically offer fewer features. When you call these functions, you must
pass ANSI strings.
To write safe code, you should no longer use any of the
familiar C run-time functions that modify a string. (Functions such as strlen, wcslen, and
_tcslen are OK, however, because they do not
attempt to modify the string passed to them even though they assume that the
string is 0 terminated, which might not be the
case.) Instead, you should take advantage of the new secure string functions
defined by Microsoft's StrSafe.h file.
Avoid printf family
functions, especially by using %s and %S field types to convert
ANSI to Unicode strings and vice versa. Use MultiByteToWideChar
and WideCharToMultiByte instead, as shown in
"Translating
Strings Between Unicode and ANSI" below.
There are two kinds of strings that we compare in our code.
Programmatic strings are file names, paths, XML elements and attributes, and
registry keys/values. For these, use CompareStringOrdinal,
as it is very fast and does not take the user's locale into account. This is
good because these strings remain the same no matter where your application is
running in the world. User strings are typically strings that appear in the
user interface. For these, call CompareString(Ex),
as it takes the locale into account when comparing strings.
|
|
Note
|
You can use the C run-time
function _chdir instead of the Windows SetCurrentDirectory function to change the current
directory. The _chdir function calls SetCurrentDirectory internally, but _chdir also adds or modifies the environment
variables by calling SetEnvironmentVariable
so that the current directory of different drives is preserved
|
