逃避在web.config中的连接字符串报价 [英] Escape quote in web.config connection string
问题描述
我有一个连接字符串在我的web配置:
<添加名称=MyConString的connectionString =服务器= dbsrv;用户ID = myDbUser;密码= somepass字的providerName =System.Data.SqlClient的/>
正如你所见,有一个引号符号(),密码(与其他部门给出。我不能改变这个数据库的用户密码)。
我怎么都逃脱这个报价连接字符串中?
BTW:我已经尝试过和放大器; QUOT;在字符串。没有工作 - ado.net有一个ArgumenException则:初始化字符串的格式不符合规范开始于指数57.
57是其中&放大器; QUOT;在我的连接字符串。
我也试过在封闭'的密码部分 - 也不能工作。
也试过和\\ - web.config中不能再解析
感谢您的解决方案:
我不得不把双引号的逸出,并把密码用单引号结合:
<添加名称=MyConString的connectionString =服务器= dbsrv;用户ID = myDbUser;密码='somepass&放大器; QUOT;字'的providerName =System.Data.SqlClient的/>
使用&放大器; QUOT; 而不是逃吧。
web.config文件是一个XML文件,所以你应该使用XML转义。
的connectionString =服务器= dbsrv;用户ID = myDbUser;密码= somepass&放大器; QUOT;单词
请参阅this论坛主题。
更新
&放大器; QUOT; 应该工作,但因为它没有,你尝试过一些针对.NET另一个字符串转义序列? \\和,?
更新2:
拉升的connectionString单引号:
的connectionString ='服务器= dbsrv;用户ID = myDbUser;密码= somepass字
或者
的connectionString ='服务器= dbsrv;用户ID = myDbUser;密码= somepass&放大器; QUOT;单词
更新3:
从<一个href=\"http://msdn.microsoft.com/en-us/library/system.data.sqlclient.sqlconnection.connectionstring.aspx\">MSDN (SqlConnection.ConnectionString属性):
要包括含有分号,单引号字符或双引号字符值,该值必须用双引号。如果该值同时包含分号和双引号字符,该值可以用单引号。
所以:
的connectionString =服务器= dbsrv;用户ID = myDbUser;密码='somepass&放大器; QUOT;字'。这个问题是不是与web.config中,但连接字符串的格式。在(键 - 值对)值的连接字符串,如果你有一个
,则需要在来包围值。所以,虽然密码= somepass字不起作用,密码='somepass字一样。I have a connection string in my web config:
<add name="MyConString" connectionString="Server=dbsrv;User ID=myDbUser;Password=somepass"word" providerName="System.Data.SqlClient" />As you see, there is a quotation sign ( " ) in the password (given from other dept. I can't change this db users password).
How do I have to escape the quote in this connection string?
Btw: I already tried & quot; in the string. That didn't work - ado.net got an ArgumenException then: "Format of the initialization string does not conform to specification starting at index 57." 57 is where the & quot; is in my connection string. I also tried enclosing the password part in ' - didn't work either.
Also tried "" and \" - web.config can't be parsed then.
Thanks for the solution:
I had to combine the escaping of the double quote and putting the password in single quotes:
<add name="MyConString" connectionString="Server=dbsrv;User ID=myDbUser;Password='somepass"word'" providerName="System.Data.SqlClient" />
解决方案Use
"instead of"to escape it.web.config is an XML file so you should use XML escaping.
connectionString="Server=dbsrv;User ID=myDbUser;Password=somepass"word"See this forum thread.
Update:
"should work, but as it doesn't, have you tried some of the other string escape sequences for .NET?\"and""?Update 2:
Try single quotes for the connectionString:
connectionString='Server=dbsrv;User ID=myDbUser;Password=somepass"word'Or:
connectionString='Server=dbsrv;User ID=myDbUser;Password=somepass"word'Update 3:
From MSDN (SqlConnection.ConnectionString Property):
To include values that contain a semicolon, single-quote character, or double-quote character, the value must be enclosed in double quotation marks. If the value contains both a semicolon and a double-quote character, the value can be enclosed in single quotation marks.
So:
connectionString="Server=dbsrv;User ID=myDbUser;Password='somepass"word'"The issue is not with web.config, but the format of the connection string. In a connection string, if you have a
"in a value (of the key-value pair), you need to enclose the value in'. So, whilePassword=somepass"worddoes not work,Password='somepass"word'does.这篇关于逃避在web.config中的连接字符串报价的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
