/[Path='/'].applicationPool:"ASP.NET v4.0"
This whole line is actually a parameter, so I would like to put single quotes around it. But it doesn't work because it already includes single quotes.
I have tried the ` in front of the single quoates without success.
Any suggestions?
You have to surround with quotes and escape the inner quotes with backtick:
"/[Path='/'].applicationPool:`"ASP.NET v4.0`""
Another way would be to double each nested single quote:
'/[Path=''/''].applicationPool:"ASP.NET v4.0"'
Related
I've found plenty of post explaining how to literally escape both single and double quotation marks using either """" for one double quotation mark, or '''' for a single quotation mark (or just doing `"). I find myself in a situation where I need to search through a list of names that is input in a different query:
Foreach($Username in $AllMyUsers.Username){
$Filter = "User = '$Username'"
# do some more code here using $Filter
}
The problem occurs when I reach a username like O'toole or O'brian which contains quotation marks. If the string is literal I could escape it with
O`'toole
O''brian
etc.
But, since it's in a loop I need to escape the quotation mark for each user.
I tried to use [regex]::Escape() but that doesn't escape quotation marks.
I could probably do something like $Username.Replace("'","''") but it feels like there should be a more generic solution than having to manually escape the quotation marks. In other circumstances I might need to escape both single and double, and just tacking on .Replace like so $VariableName.Replace("'","''").Replace('"','""') doesn't feel like it's the most efficient way to code.
Any help is appreciated!
EDIT: This feels exactly like a "how can I avoid SQL injection?" question but for handling strings in Powershell. I guess I'm looking for something like mysqli_real_escape_string but for Powershell.
I could probably do something like $Username.Replace("'","''") but it feels like there should be a more generic solution than having to manually escape the quotation marks
As implied by Mathias R. Jessen's comment, there is no generic solution, given that you're dealing with an embedded '...' string, and the escaping requirements entirely depend on the ultimate target API or utility - which is unlikely to be PowerShell itself (where ' inside a '...' string must be doubled, i.e. represented as '').
In the case at hand, where you're passing the filter string to a System.Data.DataTable's .DataView's .RowFilter property, '' is required as well.
The conceptually cleanest way to handle the required escaping is to use -f, the format operator, combined with a separate string-replacement operation:
$Filter = "User = '{0}'" -f ($UserName -replace "'", "''")
Note how PowerShell's -replace operator - rather than the .NET [string] type's .Replace() method - is used to perform the replacement.
Aside from being more PowerShell-idiomatic (with respect to: syntax, being case-insensitive by default, accepting arrays as input, converting to strings on demand), -replace is regex-based, which also makes performing multiple replacements easier.
To demonstrate with your hypothetical .Replace("'","''").Replace('"','""') example:
#'
I'm "fine".
'# -replace '[''"]', '$0$0'
Output:
I''m ""fine"".
I'm creating a powershell task in vsts, the parameter I'm using contains spaces in it, this causes the PowerShell task to fail by splitting the file.
I have tried to use "`" but this removes the space making it wrong again.
(the space is between Corporate and Systems)
-Path "$\Corporate Systemes\Payment\Dev\src\payment.Web\app\config.js"
I think this would be fixed using single quote '' rather than double quotes ""
PowerShell tries to evaluate anything inside double quotes so it's always good practice to use single quotes unless double quotes are necessary :)
Get-Help about_quoting_rules
I'm using Powershell with ODBC to transfer table data between Sage 50 and MariaDb.
Some data rows in a text column in Sage can contain both single and double quotes that need to be retained when the data is imported into MariaDb.
I'm struggling to get PowerShell to replace for the Values portion of the Insert statement:
I need to replace a single quote ' with backslash single quote \', and also a double quote " with backslash double quote \"
For anyone else searching for this the answer is :
For single quotes
[regex]::replace($text, "'", "\'")
For double quotes
[regex]::replace($DETAILS, "`"", "\'")
I found this URL helpful https://vwiki.co.uk/MySQL_and_PowerShell and as stated you may wish to put this in a function.
I have a replace statement in my code whereby Band's is being replaced by Cig's. However when I put single quote it took the first sentence... Example 'Band'
I tried to use double quote but it does not work. Do you know how to escape the single quote sign?
-replace 'Band's', 'Cig's'
See Escape characters, Delimiters and Quotes and Get-Help about_Quoting_Rules from the built-in help (as pointed out by as Nacimota).
To include a ' inside a single-quoted string, simply double it up as ''. (Single-quote literals don't support any of the other escape characters.)
> "Band's Toothpaste" -replace 'Band''s', 'Cig''s'
Or, simply switch to double-quotes. (Double-quote literals are required when wishing to use interpolation or escape characters.)
> "Band's Toothpaste" -replace "Band's", "Cig's"
(Don't forget that -replace uses a regular expression)
Escape a single quote with two single quotes:
"Band's Toothpaste" -replace 'Band''s', 'Cig''s'
Also, this is a duplicate of
Can I use a single quote in a Powershell 'string'?
For trivial cases, you can use embedded escape characters. For more complex cases, you can use here-strings.
$Find = [regex]::escape(#'
Band's
'#)
$Replace = #'
Cig's
'#
"Band's Toothpaste" -replace $Find,$Replace
Then put the literal text you want to search for and replace in the here-strings.
Normal quoting rules don't apply within the here-string #' - '# delimiters, so you can put whatever kind of quotes you want, wherever you want them without needing any escape characters.
The [regex]::excape() on $Find will take care of doing the backslash escapes on any regex reserved characters that might be in the search pattern.
All,
I am trying to clean up data in a SQLite database, that contains tons of escaped single and double quotes.
Example: \"Text\" has \'junk\' like this all over the place.
When I do a SELECT to see if the REPLACE function has the correct pattern, the REPLACE is not working:
-- replace escaped single quotes
SELECT id,subject,body,replace(body,"\\'","'") as `clean-body`
FROM article
WHERE id=1118
Thanks for looking
There is no need to escape the backslash. Try this in place of your original call to replace:
replace(body,"\'","'")