You're not escaping your quotes within your strings. Because you're passing the command line argument as a string (i.e., within double quotes), as soon as it hits the next double quote it thinks it's the end of the command. With what you have there, the easiest option is to change the quotes within the command with single quotes instead of double:

powershell -ExecutionPolicy Bypass -Command "Add-Type -AssemblyName System.Web; $server = 'http://website.com/index.php'; foreach ($path in [System.IO.Directory]::EnumerateFiles('C:\path\to\dir','*.xml','AllDirectories')) { try { $oXml = New-Object System.XML.XMLDocument; $oXml.Load($path); <more commands here>;} catch {}}"

You could also just use double double quotes, ie:

powershell -ExecutionPolicy Bypass -Command "Add-Type -AssemblyName System.Web; $server = ""http://website.com/index.php""; foreach ($path in [System.IO.Directory]::EnumerateFiles(""C:\path\to\dir"",""*.xml"",""AllDirectories"")) { try { $oXml = New-Object System.XML.XMLDocument; $oXml.Load($path); <more commands here>;} catch {}}"

There's other ways to escape as well, but either of those should do what you need.

Either use ' instead of ", or you need to escape the quotes:

C:\>powershell -Command "echo "Hello, World!"; echo "Hello, World!""
Hello
World!
Hello
World!

Powershell sees this as echo Hello, World!, which prints each word on a separate line. Now we escape the quotes:

C:\>powershell -Command "echo \"Hello, World!\"; echo \"Hello, World!\""
Hello, World!
Hello, World!

Powershell sees this as echo "Hello, World!", which gives you what you want.

So, your line becomes (split for readability):

powershell -ExecutionPolicy Bypass -Command "Add-Type -AssemblyName System.Web;
    $server = \"http://website.com/index.php\";
    foreach ($path in [System.IO.Directory]::EnumerateFiles(\"C:\path\to\dir\",\"*.xml\",
             \"AllDirectories\")) 
    { try { $oXml = New-Object System.XML.XMLDocument; $oXml.Load($path); <more commands here>;} catch {}}"

However, in this case @Drew's comment is probably a better approach...

The key is to ensure you stick to the double quotes in your powershell command. eg.

Powershell.exe -Command "foobar"

Then everything in your command should use single quotes. eg.

Powershell.exe -Command "Write-Host 'foobar'"

Sometimes you end up having to reuse double quotes within your single quotes, and so you can work around this by using either the escape character (\). eg.

Powershell.exe -Command "Write-Host \"foobar\""

Or escape using double-double quotes (""). eg.

Powershell.exe -Command "Write-Host ""foobar"""

Lastly, when things in your command get tricky, you can also use the grave accent escape character (`). eg.

Powershell.exe -Command "Write-Host `'foobar`'"

I hope this helps.

I think this is the simplest and clearest way because it don't requires any superfluous switch; just plain PowerShell code:

PowerShell  ^
   Add-Type -AssemblyName System.Web;  ^
   $server = \"http://website.com/index.php\";  ^
   foreach ($path in [System.IO.Directory]::EnumerateFiles(\"C:\path\to\dir\",\"*.xml\",\"AllDirectories\")) {  ^
     try {  ^
       $oXml = New-Object System.XML.XMLDocument;  ^
       $oXml.Load($path);  ^
       <more commands here>;  ^
     } catch {}  ^
   }
%End PowerShell%

Just add a ^ at end of each line and escape each quote with backslash.

This way is much more readable than just a very long line...

Nicole, you have two options here.

First is similar to the technique that you are using now but replace any of the double quotes in the script with single quotes. Wrap the whole script in double quotes with an ampersand and brackets. This would give you something like this...

powershell -ExecutionPolicy Bypass -Command "& {Add-Type -AssemblyName System.Web; $server = 'http://website.com/index.php'; foreach ($path in [System.IO.Directory]::EnumerateFiles('C:\path\to\dir','*.xml','AllDirectories')) { try { $oXml = New-Object System.XML.XMLDocument; $oXml.Load($path); <more commands here>;} catch {}}}"

Your second option is to base64 encode the script so you don't have to worry about how complex the script it. Then launch powershell.exe using the -EncodedCommand option.

To do this, you would prepare the base64 encoded script first like this

$Script = @'
Add-Type -AssemblyName System.Web;

$server = "http://website.com/index.php";

foreach ($path in [System.IO.Directory]::EnumerateFiles("C:\path\to\dir","*.xml","AllDirectories")) {

  try {
    $oXml = New-Object System.XML.XMLDocument;
    $oXml.Load($path);
    <more commands here>;
  } catch {}

}
'@

$ByteScript  = [System.Text.Encoding]::Unicode.GetBytes($Script)
[System.Convert]::ToBase64String($ByteScript)

Notice that your actual script is between the multiline string literal with @' and '@ on separate lines around it. The output from that command is a base64 encoded string of your script. Now you just use that in your command line

powershell.exe -EncodedCommand "QQBkAGQALQBUAHkAcABlACAALQBBAHMAcwBlAG0AYgBsAHkATgBhAG0AZQAgAFMAeQBzAHQAZQBtAC4AVwBlAGIAOwANAAoADQAKACQAcwBlAHIAdgBlA
HIAIAA9ACAAIgBoAHQAdABwADoALwAvAHcAZQBiAHMAaQB0AGUALgBjAG8AbQAvAGkAbgBkAGUAeAAuAHAAaABwACIAOwANAAoADQAKAGYAbwByAGUAYQ
BjAGgAIAAoACQAcABhAHQAaAAgAGkAbgAgAFsAUwB5AHMAdABlAG0ALgBJAE8ALgBEAGkAcgBlAGMAdABvAHIAeQBdADoAOgBFAG4AdQBtAGUAcgBhAHQ
AZQBGAGkAbABlAHMAKAAiAEMAOgBcAHAAYQB0AGgAXAB0AG8AXABkAGkAcgAiACwAIgAqAC4AeABtAGwAIgAsACIAQQBsAGwARABpAHIAZQBjAHQAbwBy
AGkAZQBzACIAKQApACAAewANAAoADQAKACAAIAB0AHIAeQAgAHsADQAKACAAIAAgACAAJABvAFgAbQBsACAAPQAgAE4AZQB3AC0ATwBiAGoAZQBjAHQAI
ABTAHkAcwB0AGUAbQAuAFgATQBMAC4AWABNAEwARABvAGMAdQBtAGUAbgB0ADsADQAKACAAIAAgACAAJABvAFgAbQBsAC4ATABvAGEAZAAoACQAcABhAH
QAaAApADsADQAKACAAIAAgACAAPABtAG8AcgBlACAAYwBvAG0AbQBhAG4AZABzACAAaABlAHIAZQA+ADsADQAKACAAIAB9ACAAYwBhAHQAYwBoACAAewB
9AA0ACgANAAoAfQA="

The only main drawback to this would be that Base64 Encoded strings are larger than the original string.