如何获取包含插入符号 (^) 的密码,该密码未更改作为参数传递给 Windows 批处理文件?
声明:本页面是StackOverFlow热门问题的中英对照翻译,遵循CC BY-SA 4.0协议,如果您需要使用它,必须同样遵循CC BY-SA许可,注明原文地址和作者信息,同时你必须将它归于原作者(不是我):StackOverFlow
原文地址: http://stackoverflow.com/questions/5254460/
Warning: these are provided under cc-by-sa 4.0 license. You are free to use/share it, But you must attribute it to the original authors (not me):
StackOverFlow
How can I get a password containing a caret (^) passed unchanged as a parameter to a Windows batch file?
提问by chaotic3quilibrium
Summary:
From the command line (on Windows Server 2003 R2), I type:
摘要:
从命令行(在 Windows Server 2003 R2 上),我键入:
> SET password=a^b
> ECHO %password%
And the result is "ab". Where'd the freakin caret (^) go? I then attempted to "escape" it with ^^, `^, %^, ^^^, and none of these worked to ever have a caret pass through to the echo command. This batch file is in the middle. So, I can neither change the source system's password to avoid using the caret, nor can I change the target system's password to be out of sync with the source system.
结果是“ab”。那个奇怪的插入符号 (^) 去哪儿了?然后我试图用 ^^、`^、%^、^^^ 来“转义”它,但这些都没有让插入符号传递到 echo 命令。这个批处理文件在中间。因此,我既不能更改源系统的密码以避免使用插入符号,也不能将目标系统的密码更改为与源系统不同步。
Details:
I searched Google and then SO. And while I now have a bazillion tips on how to better engineer my bloody Windows batch file, my problem remains.
详细信息:
我搜索了谷歌,然后搜索了 SO。虽然我现在有无数关于如何更好地设计我该死的 Windows 批处理文件的技巧,但我的问题仍然存在。
I have a batch file, called run.bat, which consists of a series of SET statements setting up the context for running a Java command line application. After "cd"ing to the proper folder, at the prompt on the command line (on Windows Server 2003 R2) I type:
我有一个名为 run.bat 的批处理文件,它由一系列 SET 语句组成,用于设置运行 Java 命令行应用程序的上下文。在“cd”到正确的文件夹后,在命令行(在 Windows Server 2003 R2 上)的提示下,我输入:
> run the_name the_pass^word
When I look at the output echoed to the command line, I see "java...config.user_name=the_name config.password=the_password" where the ... is a bunch of parameters and libraries noise not relevant to this problem. The bloody caret (^) has disappeared.
当我查看回显到命令行的输出时,我看到“java...config.user_name=the_name config.password=the_password”,其中 ... 是一堆与此问题无关的参数和库噪声。血腥的插入符号 (^) 消失了。
I have tried every kind of escaping strategy I could find trying to get the caret to show up. I have not been able to find anything that will cause the caret to appear...except surrounding the password with quote, as in I type:
我已经尝试了我能找到的所有类型的转义策略,试图让插入符号出现。我找不到任何会导致插入符号出现的东西......除了用引号包围密码,就像我输入的那样:
> run the_name "the_pass^word"
...and then the resulting command line looks like:
...然后生成的命令行如下所示:
java...config.user_name=the_name config.password="the_pass^word"
i.e. I get the caret, but the quotes are now appearing IN the content of the string...which naturally doesn't work for the application to which they are being passed.
即我得到了插入符号,但引号现在出现在字符串的内容中......这自然不适用于它们被传递到的应用程序。
Does anyone have an obvious tip or trick I have missed to have what is typed in as parameters on the command line passed through UNTOUCHED to my internal utilization? The value is in fact arriving in the batch file variable of %2. But, it's been "defrocked" by the time I get to see the contents of %2 the first time.
有没有人有一个明显的提示或技巧,我错过了将命令行上作为参数输入的内容通过 UNTOUCHED 传递给我的内部使用?该值实际上是到达 %2 的批处理文件变量中。但是,当我第一次看到 %2 的内容时,它已经“解除了”。
UGH, I'm no fan of Windows batch files.
呃,我不喜欢 Windows 批处理文件。
Update:
A big thanks to Joshua McKinnon's response. I selected his as the answer as it solved my immediate problem. However, I wanted to elaborate further on the solutions (yes, plural).
更新:
非常感谢 Joshua McKinnon 的回应。我选择他作为答案,因为它解决了我眼前的问题。但是,我想进一步详细说明解决方案(是的,复数)。
- No need to use any form of SetLocal/EndLocal
- Must use the %~1 style syntax - found no form of the %1 syntax which worked to preserve the caret
- Solution: Unquoted, use 4 consecutive carets (ex: use pass^^^^word to produce pass^word)
- Solution: Quoted, use 2 consecutive carets (ex: use "pass^^word" to produce pass^word)
- 无需使用任何形式的 SetLocal/EndLocal
- 必须使用 %~1 样式语法 - 找不到可以保留插入符号的 %1 语法形式
- 解决方案:不加引号,使用4个连续的插入符号(例如:使用pass^^^^word产生pass^word)
- 解决方案:引用,使用2个连续的插入符号(例如:使用“pass^^word”来产生pass^word)
Within the batch file "run.bat", use the %~1 syntax as in:
在批处理文件“run.bat”中,使用 %~1 语法,如下所示:
java MyClass username=%~1 password=%~2
...and then at the command line, type:
...然后在命令行中输入:
> run mr_clean puke^^^^boy
or
或者
> run mr_clean "puke^^boy"
which will then result in the final executed statement to look like:
这将导致最终执行的语句如下所示:
java MyClass username=mr_clean password=puke^boy
Hope this helps other save some time. I ended up on 6 hours of tangents trying to hunt down this idiosyncrasy (more like idiot-synchronicity).
希望这有助于其他人节省一些时间。我结束了 6 个小时的切线试图追捕这种特质(更像是白痴同步)。
采纳答案by Joshua McKinnon
According to this page, & | ( < > ^are all reserved characters in windows batch files. ^ is an escape character, as well as line continuation character. ^^ should give you a ^, but then that ^ may need to be escaped.
根据这个页面,& | ( < > ^都是 windows 批处理文件中的保留字符。^ 是转义字符,也是行继续符。^^ 应该给你一个 ^,但 ^ 可能需要转义。
To get a password through the input, have you tried quadrupling the number of carets?
要通过输入获取密码,您是否尝试过将插入符号的数量增加四倍?
e.g.: my_batch.cmd the_pass^^^^word
回答by Explorer09
This explains the problem:
这解释了这个问题:
http://www.robvanderwoude.com/battech_inputvalidation_commandline.php
http://www.robvanderwoude.com/battech_inputvalidation_commandline.php
If you process some arbitrary strings in batch file / CMD script, don't pass it through command line arguments! Instead, put them into a file and let the batch file read it. Because validation and sanitization in command line arguments is never fool-proof.
如果您在批处理文件/CMD 脚本中处理一些任意字符串,请不要通过命令行参数传递它!相反,将它们放入一个文件中,让批处理文件读取它。因为命令行参数中的验证和清理从来都不是万无一失的。
回答by jeb
The main problem is that carets and other special characters are handled always, when they are found in a line (outside of quotes).
The content is parsed also when it is expanded by %var%, but not for the delayed expansion with !var!
主要问题是插入符号和其他特殊字符在一行中(引号之外)出现时总是被处理。
内容在被扩展时也会被解析%var%,但不会被延迟扩展!var!
Sample
样本
@echo off
setlocal Enabledelayedexpansion
set variabl=-^^"^^-
set variabl
echo delayed !variabl!
echo percent %variabl%
--- Output ---
variabl=-^"^^-
delayed -^"^^-
percent -"^-
The content of variabl is -^"^^-, that is the problem of the setline.
But the carets are only works as escape characters again, when using them with %var%.
variabl 的内容是-^"^^-,就是set线路的问题。但是插入符号只能再次用作转义字符,当它们与%var%.
