Escaping double quotes within String.Format in C#

Question

I am attempting to get the 'Id' property of the Parameter element to be enclosed in double quotes. I first attempted to simply escape the quotations and this is the first thing I tried to achieve this:

buffer = String.Format("{0}" + "<Parameter Id=" + "{1}" + ">" + "{2}" + "</Parameter>", buffer, id, param);

With the above code I get this back, as you can see the escape characters are showing up, along with the quotation:

<Conquest><User>ArchElf</User><Token>0123456789012345678901234567890</Token><Command>validate</Command><Parameter Id=\"1\">Gemstone3</Parameter>

My second attempt is based on advised I received on IRC, a fellow advised that I may be able to use '"' to get my quotations, ala:

buffer = String.Format("{0}" + "<Parameter Id=" + "&quot;" + "{1}" + "&quot;" + ">" + "{2}" + "</Parameter>", buffer, id, param);

This method only yielded the literal '"' string in the end result:

<Conquest><User>ArchElf</User><Token>0123456789012345678901234567890</Token><Command>validate</Command><Parameter Id=&quot;1&quot;>Gemstone3</Parameter>

In desperation I went ahead and just added the literal double quotes baked into the string.

I did this because I read at This Codeproject Article that the only characters in a String.Format that I need to worry about escaping are curly braces and(surprise, surprise) this isn't even compile-able, WITH and WITHOUT the preceding @. Shouting at me a bunch of errors including:

Only assignment, call, increment, decrement, await, and new object expressions can be used as a statement ; Expected ) Expected ...and so on

Any help on this matter would be greatly appreciated. I know this has got to be something trivial I am missing, the best kind of conundrums. :/

Here is the entire BuildCommand method:

public string BuildCommand(string _command, string[] _parameters = null)
    {
        int id = 1;
        string buffer = String.Format("<Conquest><User>"+"{0}"+"</User><Token>"+"{1}"+"</Token><Command>"+"{2}"+"</Command>", _playerName, _token, _command);
        if (_parameters != null)
        {
            foreach (string param in _parameters)
            {
                if (param.Length < 1 || param == null)
                    break;
                buffer = String.Format("{0}" + "<Parameter Id=" + "{1}" + ">" + "{2}" + "</Parameter>", buffer, id, param);

                // buffer = String.Format(@"""{0}""<Parameter Id=""{1}"">""{2}""</Parameter>", buffer, id, param);
                id += 1;
            }
        }

Answer 1

You have to escape " with \\ :

String.Format("\"{0}\"<Parameter Id=\"{1}\">\"{2}\"</Parameter>", buffer, id, param);

You could also use a verbatim string literal, then you have to use double quotes:

String.Format(@"""{0}""<Parameter Id=""{1}"">""{2}""</Parameter>", buffer, id, param);

Answer 2

You could do it the right way

using System;
using System.Collections.Generic;
using System.Linq;
using System.Text;
using System.Xml;
using System.Xml.Linq;

namespace ConsoleApplication1
{
    class Program
    {
        static void Main(string[] args)
        {
            //<Conquest><User>ArchElf</User><Token>0123456789012345678901234567890</Token><Command>validate</Command><Parameter Id=\"1\">Gemstone3</Parameter>

            string user = "ArchElf";
            string token = "0123456789012345678901234567890";
            string command = "validate";
            int id = 1;
            string value = "Gemstrone3";
            XElement conquest = new XElement("Conquest");

            conquest.Add(new XElement("User", user));

            conquest.Add(new XElement("Token", token));

            conquest.Add(new XElement("Command", command));

            XElement e_parameter = new XElement("Parameter", value);
            e_parameter.Add(new XAttribute("Id", id));
            conquest.Add(e_parameter);
        }
    }
}
​