{var%20f='http://v.t.sina.com.cn/share/share.php?appkey=1515056452',u=z||d.location,p=['&url=',e(u),'&title=',e(t||d.title),'&source=',e(r),'&sourceUrl=',e(l),'&content=',c||'gb2312','&pic=',e(p||'')].join('');function%20a(){if(!window.open([f,p].join(''),'mb',['toolbar=0,status=0,resizable=1,width=440,height=430,left=',(s.width-440)/2,',top=',(s.height-430)/2].join('')))u.href=[f,p].join('');};if(/Firefox/.test(navigator.userAgent))setTimeout(a,0);else%20a();})(screen,document,encodeURIComponent,'','','https://www.manongdao.com/data/attach/logo/logo.png', '推荐 聊天终结者 的问题《Escape variable in sqlcmd / Invoke-SqlCmd》','https://www.manongdao.com/q-807505.html','页面编码gb2312|utf-8默认gb2312'));){kind=link}
I am using powershell and using Invoke-SqlCmd. I am able to pass variables to SQL:
$variables = @( "MyVariable='hello'" )
Invoke-SqlCmd `
-ServerInstance 'localhost' `
-Database 'master' `
-Username 'matthew' `
-Password 'qwerty' `
-Query 'SELECT $(MyVariable) AS foo' `
-Variable $variables
This gives me back hello as expected. However, if I have a variable with a value containing an equals (=):
$variables = @("MyVariable='aGVsbG8NCg=='") # base64 encoded 'hello'
It gives me the following error:
The format used to define the new variable for
Invoke-Sqlcmdcmdlet is invalid. Please use the 'var=value' format for defining a new variable.
I could not find any documentation on either sqlcmd or Invoke-SqlCmd on how I should escape values properly.
How do I escape variables sent to sqlcmd / Invoke-SqlCmd?
I encounted this issue recently and had success using the answer from TheMadTechnician at:
Replace Single Quotes in PowerShell Or Excel CSV
After investigating using some reflection on
Looking at
ExecutionProcessor's constructor, the following lines reveal the problem that it will fail if there are more than one equals sign in the variable definition.My recommendation for anyone else trying to use
Invoke-SqlCmdis to save your time and sanity and just use the open source alternative Invoke-SqlCmd2 instead.Microsoft, please fix.