Powershell variable help



  • @DustinB3403 I'd like to see the error you're getting when you try to set $SubjectLineto a string that includes special characters using Read-Host from your original post.

    As far as your above code block, yes, encasing $Search in double quotes is likely going to be your answer.



  • @Pete-S Fixed, good eye!



  • @EddieJennings said in Powershell variable help:

    @DustinB3403 I'd like to see the error you're getting when you try to set $SubjectLineto a string that includes special characters using Read-Host from your original post.

    As far as your above code block, yes, encasing $Search in double quotes is likely going to be your answer.

    It wasn't erroring out, powershell was simply taking Halloween as the search and trying to pass the rest off as options. Using this approach gets around that.



  • I was curious about how $ would be treated. Since if you wanted store it as a string, you'd have to do something like this to actually capture the $ as a string rather than a special character.

    $foo = 'This is a $string'

    Here are the results from some tests with everything behaving as I suspected it would.

    e7f4cbbf-cde6-4165-bdc4-c26cb6d8ece5-image.png



  • @EddieJennings Yeah there's always a weird off, but I didn't think about if the $ was in the subject, but the subject doesn't need to be exact, just close enough to find the email in question.

    This could probably be modified to be more robust for these cases, I'm just unsure of what would fix those types.



  • This is the type of error you get if there are special characters in the subject line that is being search.

    Unable to execute the task. Reason: The name of the compliance search "11/10/2020-14:25 "Baby yoda shouldn't eat frog eggs"" contains invalid character(s): ""'"".



  • @DustinB3403 said in Powershell variable help:

    This is the type of error you get if there are special characters in the subject line that is being search.

    Unable to execute the task. Reason: The name of the compliance search "11/10/2020-14:25 "Baby yoda shouldn't eat frog eggs"" contains invalid character(s): ""'"".

    Ah, so the problem isn't getting the search variable in a string, it's using that string to search?

    Normally in these cases you need to encode the string.



  • @Pete-S right, there really isn't a great way to fix it and have the ps1 still be flexible for the types of cases one might expect to see.



  • The biggest issue is that if there are special characters, it kind of breaks the whole ordeal, as the $SubjectLine either can't have hyphenated words, or you have to enter the query in double-quotations.

    I haven't been able to find a way to sort out the above case so I could simply copy:

    New HR policy hasn't been implemented yet, but here's what to look for from a client request and past and go.

    It's mostly there in that I can still search for that, but I have to manually double-quote the $SubjectLine in the prompt to be able to create the query and have it succeed.



  • Of course to see what I'm talking about one simply needs to copy the code above to a local PS and test with some made up email subject in your O365 tenant.

    😉



  • Would this work?

    $foo = Read-Host
    $foo = '"' + $foo + '"'
    

    Result should be "Your string enclosed in quotes."



  • @DustinB3403 said in Powershell variable help:

    @Pete-S right, there really isn't a great way to fix it and have the ps1 still be flexible for the types of cases one might expect to see.

    This is part of the line where you use set up a search on the subject line using the string the user entered:

    -ContentMatchQuery ("Subject:" + "$SubjectLine")
    

    The search query should be formatted according to KQL, Keyword Query Language.
    https://docs.microsoft.com/en-us/sharepoint/dev/general-development/keyword-query-language-kql-syntax-reference

    What you are doing is just passing the user input to the query but it has to be sanitized before you can do that. Or a user could enter KQL keywords inside the search and it would mess everything up. That's why you have a problem I believe.



  • @Pete-S said in Powershell variable help:

    @DustinB3403 said in Powershell variable help:

    @Pete-S right, there really isn't a great way to fix it and have the ps1 still be flexible for the types of cases one might expect to see.

    This is part of the line where you use set up a search on the subject line using the string the user entered:

    -ContentMatchQuery ("Subject:" + "$SubjectLine")
    

    The search query should be formatted according to KQL, Keyword Query Language.
    https://docs.microsoft.com/en-us/sharepoint/dev/general-development/keyword-query-language-kql-syntax-reference

    What you are doing is just passing the user input to the query but it has to be sanitized before you can do that. Or a user could enter KQL keywords inside the search and it would mess everything up. That's why you have a problem I believe.

    To sanitize user input you have to decide what you want the user to be able to enter and what not.
    For instance should the user be allowed to enter wildcards (*) in the query? International characters?



  • @Pete-S That is going to be complete subjective based on the type of spam that might come in.

    I follow what you're saying but I'm kind of stuck between having something functional or not (due to this).



  • @DustinB3403 said in Powershell variable help:

    @Pete-S That is going to be complete subjective based on the type of spam that might come in.

    I follow what you're saying but I'm kind of stuck between having something functional or not (due to this).

    Well, you need to decide what you are allowing and not. For instance you have already decided to just use the subject line and not any of the other parts of the email, for instance author.

    You need to run the string through regex or something like that to remove characters you are not allowing. It might take more than one string operation to sanitize. I think you can escape any special character you want to allow with backtick `.

    Another option would be to allow the user to enter the entire KQL query themselves.

    Also if you get an error when trying to apply the search you put out an error "Invalid search input!" and go back to prompt the user for input again. That would be one way so solve problems.


Log in to reply