Powershell variable help
-
This is the type of error you get if there are special characters in the subject line that is being search.
Unable to execute the task. Reason: The name of the compliance search "11/10/2020-14:25 "Baby yoda shouldn't eat frog eggs"" contains invalid character(s): ""'"". -
@DustinB3403 said in Powershell variable help:
This is the type of error you get if there are special characters in the subject line that is being search.
Unable to execute the task. Reason: The name of the compliance search "11/10/2020-14:25 "Baby yoda shouldn't eat frog eggs"" contains invalid character(s): ""'"".Ah, so the problem isn't getting the search variable in a string, it's using that string to search?
Normally in these cases you need to encode the string.
-
@Pete-S right, there really isn't a great way to fix it and have the ps1 still be flexible for the types of cases one might expect to see.
-
The biggest issue is that if there are special characters, it kind of breaks the whole ordeal, as the $SubjectLine either can't have hyphenated words, or you have to enter the query in double-quotations.
I haven't been able to find a way to sort out the above case so I could simply copy:
New HR policy hasn't been implemented yet, but here's what to look forfrom a client request and past and go.It's mostly there in that I can still search for that, but I have to manually double-quote the $SubjectLine in the prompt to be able to create the query and have it succeed.
-
Of course to see what I'm talking about one simply needs to copy the code above to a local PS and test with some made up email subject in your O365 tenant.
-
Would this work?
$foo = Read-Host $foo = '"' + $foo + '"'Result should be
"Your string enclosed in quotes." -
@DustinB3403 said in Powershell variable help:
@Pete-S right, there really isn't a great way to fix it and have the ps1 still be flexible for the types of cases one might expect to see.
This is part of the line where you use set up a search on the subject line using the string the user entered:
-ContentMatchQuery ("Subject:" + "$SubjectLine")The search query should be formatted according to KQL, Keyword Query Language.
https://docs.microsoft.com/en-us/sharepoint/dev/general-development/keyword-query-language-kql-syntax-referenceWhat you are doing is just passing the user input to the query but it has to be sanitized before you can do that. Or a user could enter KQL keywords inside the search and it would mess everything up. That's why you have a problem I believe.
-
@Pete-S said in Powershell variable help:
@DustinB3403 said in Powershell variable help:
@Pete-S right, there really isn't a great way to fix it and have the ps1 still be flexible for the types of cases one might expect to see.
This is part of the line where you use set up a search on the subject line using the string the user entered:
-ContentMatchQuery ("Subject:" + "$SubjectLine")The search query should be formatted according to KQL, Keyword Query Language.
https://docs.microsoft.com/en-us/sharepoint/dev/general-development/keyword-query-language-kql-syntax-referenceWhat you are doing is just passing the user input to the query but it has to be sanitized before you can do that. Or a user could enter KQL keywords inside the search and it would mess everything up. That's why you have a problem I believe.
To sanitize user input you have to decide what you want the user to be able to enter and what not.
For instance should the user be allowed to enter wildcards (*) in the query? International characters? -
@Pete-S That is going to be complete subjective based on the type of spam that might come in.
I follow what you're saying but I'm kind of stuck between having something functional or not (due to this).
-
@DustinB3403 said in Powershell variable help:
@Pete-S That is going to be complete subjective based on the type of spam that might come in.
I follow what you're saying but I'm kind of stuck between having something functional or not (due to this).
Well, you need to decide what you are allowing and not. For instance you have already decided to just use the subject line and not any of the other parts of the email, for instance author.
You need to run the string through regex or something like that to remove characters you are not allowing. It might take more than one string operation to sanitize. I think you can escape any special character you want to allow with backtick `.
Another option would be to allow the user to enter the entire KQL query themselves.
Also if you get an error when trying to apply the search you put out an error "Invalid search input!" and go back to prompt the user for input again. That would be one way so solve problems.
