1

I am trying to drop an external file (from windows file explorer) onto a ListView control. I have done this before but can't seem to get the events to fire.

My steps are as follows:

  • Create a ListView Control
  • Set the View property to 3 - lvwReport
  • Set the OLEDropMode property to 1 -ccOLEDropManual

I thought that was all I had to do but my ListView1_OLEDragDrop event does not fire.

I populated the ListView with a couple of items just in case.

I tried setting the Effect = vbDropEffectCopy in the ListView1_OLEDragOver and the ListView1_OLEGiveFeedback but this seems to have no effect either (this doesn't even change the cursor)

Note: I can get the StartDrag event to fire when dragging out of the control

Can someone confirm that this still works on windows 7?

Matt Wilko
  • 26,994
  • 10
  • 93
  • 143
  • I can confirm it works. All I did was set the listview1.oledropmode to ccOLEdropmanual and the oledrapdrop event does fire. I did get a wierd error when trying to add the 'MS Windows Common Controls 6.0', and couldn't add the component, but I just re-registered the ocx file (C:\Windows\SysWOW64\MSCOMCTL.ocx) the error went away. – Motomotes Mar 04 '13 at 22:19
  • @motes - thanks, with reference to my answer, can you try running as admin and seeing if it still fires? – Matt Wilko Mar 05 '13 at 12:22

2 Answers2

1

It appears to be UIPI (User Interface Privilege Isolation), a new security feature that wont allow lower privilege applications to interface with higher privliege applications. It can be bypassed, mainly to allow for UI automation applications. To bypass three things must be done:

1. Create a pfx file and import it as a trusted root certificate authority.

To create a pfx file download Openssl and from a command prompt run:

openssl req -x509 -nodes -days 365 -newkey rsa:1024 -keyout mycert.pem -out mycert.pem

Then,

openssl pkcs12 -export -out mycert.pfx -in mycert.pem -name "My Certificate"

Then import the certificate: Select Certificate Store

2. Sign your program with your certifcate with signtool, which comes with Visual Studio, by entering the following in a command prompt:

signtool sign /t http://timestamp.digicert.com /f "c:\path\to\mycert.pfx" /p pfxpassword "c:\path\to\file.exe"

3. Include a trustInfo section with the UIaccess definition set to true in a manifest file for your exe. I did this using Make My Manifest:

MMM

Now, the app should be able to bypass UIPI, but only when run from a secure location, such as "C:\Program Files\", "C:\Windows\", or a subdirectory of either.

Alternatively, you could just disable UAC.

Motomotes
  • 4,111
  • 1
  • 25
  • 24
0

It appears that dragging and dropping onto the ListView does not work when Running as Administrator.

  • When I try this in the IDE (which is set to run As Admin) it doesn't work.
  • If I use my compiled exe it works, but if I run my compiled exe as Admin (right click Run As Admin) it doesn't work.

I don't know why is doesn't work however

Matt Wilko
  • 26,994
  • 10
  • 93
  • 143
  • I believe that's a "security feature". – Mark Hurd Mar 05 '13 at 14:34
  • @MarkHurd - surely if it was a security feature you would expect it to work the other way round? – Matt Wilko Mar 05 '13 at 15:44
  • 1
    Explorer runs with a medium integrity level, admin is high, so Windows OS doesn't trust what Window's Explorer is doing to your program. I suppose Explorer runs with medium integrity to stop normal admin users from deleting important things or to make it harder from malware to use Explorer to control the system, etc. – Motomotes Mar 05 '13 at 15:52
  • You see it most simply when just wanting to get the filename of what you're dropping to paste into a CMD prompt running as admin. It doesn't seem to gain much security there when a copy'n'paste _will_ do exactly the same thing... – Mark Hurd Mar 06 '13 at 01:14