堆栈内存溢出
  简体   繁体   English

使用DOTNET REGEX匹配正确转义的引号

[英]Matching properly escaped quotes with DOTNET REGEX

 原文  2012-12-18 01:44:56       .net/ regex/ powershell

问题描述

I have a circumstance where I can avoid injecting a user provided string into my PowerShell Code. 我有一种情况可以避免将用户提供的字符串注入到我的PowerShell代码中。 While I do have code the escape it correctly (duplicating each quote, and powershell with single quoted strings accepts 5 different quote characters including smart quotes, let for now lets just assume it accepts ' What i want to do is have a regex to tell me whether the string is properly escaped, and escaping is done by doubling the quotes so a string as follows 虽然我确实已经对代码进行了正确的转义(复制每个引号,并且带单引号的字符串的powershell接受5个不同的引号字符,包括智能引号,但现在让我们假设它接受'我想做的就是让一个正则表达式告诉我字符串是否正确转义,并通过加倍引号完成转义,因此字符串如下 

hello ' there

is bad while 不好 

hello '' there

is safe 是安全的

However 3 quotes (or 5 or 7 etc) is also bad so 但是3个引号(或5或7等)也很糟糕 

hello ''' there

is also dangerous 也很危险

so i'm trying to find a regex that can validate that the string is properly escaped, in that there are no odd numbered single quote patterns. 所以我试图找到一个可以验证字符串是否正确转义的正则表达式,因为其中没有奇数单引号模式。

I know with standard regex counting groups like this is not possible, but with dotnet capture groups i hoped to do something like this. 我知道用这样的标准正则表达式计数组是不可能的,但是我希望使用dotnet捕获组这样做。 

('\b(?<DEPTH>)|\b'(?<-DEPTH>)|[^']*)*(?(DEPTH)(?!))

but i can't get it to work. 但我无法使它正常工作。

2 个解决方案

解决方案1
 6 已采纳  2012-12-18 18:12:37

Just because it's you, @klumsy: 只是因为是你,@ klumsy: 

"(?ix:                 # ignore whitespace and comments
    ^                  # start at the beginning
    (?(D)              # if 'D' is defined...
        (?<-D>')       #    match a quote and undefine D
        |              # otherwise
        (?:
            (?<D>')    #    match a quote and define D
            |
            [^']       #    or match anything else
            )
    )+                 # as many times as we can
    (?(D)              # if 'D' is STILL defined...
        ($!)           #    then don't match
        |              # otherwise
        [^']*          #    match anything except '
    )$                 # all the way to the end
)"

This will match only those strings which always have the quotes in pairs, but not those strings where a single quote ' or an odd number of quotes ''' appear. 这将仅匹配始终带有成对引号的那些字符串,而不匹配出现单引号'或奇数个引号'''的那些字符串。 Only works with .Net regex, as far as I'm aware. 据我所知,仅适用于.Net正则表达式。

You can, of course, omit the first and last lines, as long as you remove all whitespace and comments. 当然,只要删除所有空白和注释,就可以省略第一行和最后一行。

解决方案2
 0  2012-12-18 08:27:54

Why not simply replace one ' with two '': 为什么不简单地用两个''代替一个': 

> $a = read-host
foo ' bar
> $a
foo ' bar
> $a -replace "'","''"
foo '' bar

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 正则表达式匹配不在引号或转义引号中的字符 - Regex match for character not in quotes or escaped quotes 正则表达式,用于将html标签与转义字符进行匹配 - Regex for matching html tags with escaped characters 匹配右括号的正则表达式不在引号中 - Regex matching closing bracket not in quotes .NET 正则表达式,用于匹配不在引号中的单词 - .NET regex for matching words NOT in quotes .NET Regex无法正确匹配 - .NET Regex not matching properly 使用正则表达式将带引号的字符串与嵌入的非转义引号匹配 - Using Regex to match quoted string with embedded, non-escaped quotes 当括号可能“转义”时,如何进行正则表达式平衡匹配 - How to do regex balance matching, when the brackets are possibly 'escaped' 字典中的字符无法正确转义 - Characters are not escaped properly in a Dictionary 正则表达式识别转义字符问题 - Regex to identify escaped characters issue 如果包含转义的单引号,如何用文字替换单引号字符串? - How to replace single quotes string with literal if it contains escaped single quotes?
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM