When Should I Wrap Quotes Around a Shell Variable

When should I wrap quotes around a shell variable?

General rule: quote it if it can either be empty or contain spaces (or any whitespace really) or special characters (wildcards). Not quoting strings with spaces often leads to the shell breaking apart a single argument into many.

$? doesn't need quotes since it's a numeric value. Whether $URL needs it depends on what you allow in there and whether you still want an argument if it's empty.

I tend to always quote strings just out of habit since it's safer that way.

How to wrap quotes around variable value in bash?

Assignment using string:

test="'value.txt'"
echo "$test"
'value.txt'

Assignment using variable:

var=value.txt
test="'$var'"
echo "$test"
'value.txt'

Why are double quotes needed in defining this variable in shell scripting?

Without the double quotes, your expr command is:

expr index John Smith " "

That reports a syntax error, because the index operator should be followed by only two arguments, but you gave it three arguments. Since it gets an error, it doesn't output a result, so $n is set to an empty string. Then the if command becomes

if [ -gt 0 ]

which is missing one of the operands.

Motto: always quote variables unless you need the value to undergo word splitting or globbing.

SHELL add double quotes at the beginning and end of specific variable

Escaping quote sign with backslash is what you need

var1=Boston
var1=\"${var1}\"
echo $var1
"Boston"

Additionally, curly braces is safe notation for variables

Dealing with variables and new lines, and quoting in a bash script

Put your newline in a variable, use the variable wherever you need a newline and change the quotes around your larger string to double quotes. You should also always quote any variable that contains a filename.

nl=$'\n'
svn ci -m"Added new file: ${oFileName}${nl}Orig loc: ${oFileFull}" "${oFileName}"

Expansion of variables inside single quotes in a command in Bash

Inside single quotes everything is preserved literally, without exception.

That means you have to close the quotes, insert something, and then re-enter again.

'before'"$variable"'after'
'before'"'"'after'
'before'\''after'

Word concatenation is simply done by juxtaposition. As you can verify, each of the above lines is a single word to the shell. Quotes (single or double quotes, depending on the situation) don't isolate words. They are only used to disable interpretation of various special characters, like whitespace, $, ;... For a good tutorial on quoting see Mark Reed's answer. Also relevant: Which characters need to be escaped in bash?

Do not concatenate strings interpreted by a shell

You should absolutely avoid building shell commands by concatenating variables. This is a bad idea similar to concatenation of SQL fragments (SQL injection!).

Usually it is possible to have placeholders in the command, and to supply the command together with variables so that the callee can receive them from the invocation arguments list.

For example, the following is very unsafe. DON'T DO THIS

script="echo \"Argument 1 is: $myvar\""
/bin/sh -c "$script"

If the contents of $myvar is untrusted, here is an exploit:

myvar='foo"; echo "you were hacked'

Instead of the above invocation, use positional arguments. The following invocation is better -- it's not exploitable:

script='echo "arg 1 is: $1"'
/bin/sh -c "$script" -- "$myvar"

Note the use of single ticks in the assignment to script, which means that it's taken literally, without variable expansion or any other form of interpretation.

single quote issue if i use function in bash

That's because you have failed to quote the function arguments.

Try this instead.

mongo_func() {
    user=$1
    shift
    mongo "$MONGO/$user" --quiet --eval "$@"
}

When Should I Wrap Quotes Around a Shell Variable