Batch file escape characters

Posted on 2009-07-01
Last Modified: 2012-05-07
Hi there,

Our application runs a Windows batch file passing in a string argument. This string is derived from customer data, and so it can contain quotes, ampersands, percentages and so on.

What is the best way of escaping these special characters s the data gets passed into the batch file correctly?

For example, we may call a batchfile 'lookup.bat' that accepts a Product Code as an argument. We recently had trouble with product codes containing ampersands so we changed it from running 'lookup ABC&123" to 'lookup "ABC&123"' That works fine. However, product codes legitimately containing quotes now cause a problem.

Can anyone offer any advice? We need to be able to handle quotes,ampersands and spaces in the same string.

For reference, the contents of this batchfile do something akin to the following:-

run lookup-program :"%1":  

This format is required due to the programming language involved

Question by:Robmonster
  • 4
LVL 67

Accepted Solution

sirbounty earned 250 total points
ID: 24756041
Try using the escape character carat (^)

lookup ABC^&123
does that work?
LVL 69

Expert Comment

ID: 24756065
You will have to escape any of this characters by prefixing a caret::

LVL 16

Assisted Solution

t0t0 earned 250 total points
ID: 24770457
Please read this reply carefully as it explores several possible solutions.

There is no way to selectively escape certain characters that are part of the command tail. For example, the '&' is used to separate commands therefore, entering something like the following:

   BATCHFILE abc&123

would treat 'BATCHFILE abc' and '123' as two separate commands.

Consider the following line of code for example:

   ECHO abc & ECHO 123

This consists of two echo commands which will result in the following output:


Even if we remove the space between the 'c' and the '&' as in:

   ECHO abc& ECHO 123

we would still get the same results - and of course, this is also the case if we remove the space between the '&' and the 'E' as in:

   ECHO abc&ECHO 123

Unfortunately, there's no way to force DOS to treat the '&' as part of a string.

The only way to accept certain special characters is to pass them inside double-quotes as in the following example:

   BATCHFILE "abc&123"

There should be no problem with this approach. You would normally pass this on to your LOOKUP program in the following manner:

   LOOKUP %1

because the doubl-quotes are a part of the string (%1) and DOS would expand this to:

   LOOKUP "abc&123"

However, your LOOKUP application expects to be called in the following format:

   LOOKUP :code:

where 'code' is the data and 'code' is surrounded either side by ':' (colon) characters.

Furthermore, you state you are unable to pass double-quoted data to your LOOKUP application. Have you tried including the colons as part of the double-quoted string as in the following example:

   SET Code=":%~1:"
   LOOKUP %Code%

then call your batch file using double-quotes like this:

   BATCHFILE "abc&123"

If that doesn't work, how about substituting the '&' with '^&' as in the following code:

   SET Code=":%~1:"
   SET Code=%Code:&=^&%
   LOOKUP %Code%

or as in the following:

   SET Code=%1
   SET Code=:%Code:&=^&%:
   LOOKUP %Code%

This is a tough one. I have explored probably every way of using redirection too however, I'm wondering if something like the following might work:

   ECHO ":%~1:">Code.txt
   LOOKUP <Code.txt

This last offering is a complete re-write to the previous idea of getting the ':code:' redirected onto the LOOKUP command line however, in order to that, the '&' has to be included in the text file being redirected but without the surrounding double-quotes.

What this program does:

Firstly, ignore everything past the label ':Dec2Hex' as this is self-explanatory - it takes a variable's name whose value is converted from decimal to hexadecimal. This is needed because the DEBUG only works with hexadecimal values.

The program starts by redirecting the parameter (the code) with surrounding colons inside sourrounding double-quotes to a file so that we can get the length of the code itself. Next various caluculations are carried out and converted to hexadecimal which will serve to tell DEBUG how to manipulate the code. Then, the DEBUG's instructions are assembled and written to a file which DEBUG will read in and carry out. Finlly, DEBUG is executed and this neatly removes the surrounding double-quotes from the code.

The last line: 'MORE <lookup.txt' should be changed to run your LOOKUP application as in: 'LOOKUP <lookup.txt'.

If you run the program as it stands, you will notice the output for "abc&123" is just :abc&123: - without the double-quotes and including the surrounding colons. Here's the batch file:


SET Code=":%~1:"
ECHO %Code%>Lookup.txt
FOR %%a IN (Lookup.txt) DO SET FileLen=%%~za

SET /a FileLen-=2
SET /a CodeLen=FileLen-2
CALL :Dec2Hex FileLen
CALL :Dec2Hex CodeLen
SET /a Address=256+CodeLen
CALL :Dec2hex Address

 >Lookup.bug ECHO m101 l %CodeLen% 100
>>Lookup.bug ECHO e%Address% 0d 0a
>>Lookup.bug ECHO rcx
>>Lookup.bug ECHO %FileLen%
>>Lookup.bug ECHO w
>>Lookup.bug ECHO q

>NUL DEBUG Lookup.txt <Lookup.bug

REM Change the next line to: LOOKUP <lookup.txt
MORE <Lookup.txt

SET Hex=
SET HexDigits=0123456789ABCDEF
SET h0=!%1!
SET /A h1=%h0%/16
SET /A h3=%h0%-16*%h1%
SET h3=!HexDigits:~%h3%,1!
SET Hex=%h3%%Hex%
SET h0=%h1%
IF %h0% GTR 0 GOTO Loop
SET %1=%Hex%

Well, it might be long but it's the only method I could think of at the time of writing after trying several other methds. This was tested working on an XP machine.
MIM Survival Guide for Service Desk Managers

Major incidents can send mastered service desk processes into disorder. Systems and tools produce the data needed to resolve these incidents, but your challenge is getting that information to the right people fast. Check out the Survival Guide and begin bringing order to chaos.

LVL 16

Expert Comment

ID: 24770482
I foirgot to add. If you run the program in my previous post like this:

   BATCHFILE "abc&123"

It will output the following code:


Using redirection, this would form the command tails of your LOOKUP program.
LVL 16

Expert Comment

ID: 24773940
Oh, BTW, what's the name of your application and what version is it?
LVL 16

Expert Comment

ID: 25086806
Thank you for asking an interesting question.

Featured Post

DevOps Toolchain Recommendations

Read this Gartner Research Note and discover how your IT organization can automate and optimize DevOps processes using a toolchain architecture.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
bash script to unzip a file 5 54
how to use wail2ban ?? 13 129
Copy dir and files with robocopy 2 58
Bat File Script - HELP 2 16
YESTERDAY YESTERDAY.BAT is inspired by a previous article I wrote entitled: TOMORROW.BAT ( The crux of this batch f…
How to remove superseded packages in windows w60 or w61 installation media (.wim) or online system to prevent unnecessary space. w60 means Windows Vista or Windows Server 2008. w61 means Windows 7 or Windows Server 2008 R2. There are various …
This Micro Tutorial will teach you how to censor certain areas of your screen. The example in this video will show a little boy's face being blurred. This will be demonstrated using Adobe Premiere Pro CS6.
A short tutorial showing how to set up an email signature in Outlook on the Web (previously known as OWA). For free email signatures designs, visit If you want to manage em…

825 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question