projects / scpubgit/Q-Branch.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | history | HEAD
ensure _order_by_chunks returns what it used to
[scpubgit/Q-Branch.git] / lib / SQL / Abstract.pm
CommitLineData
96449e8e 1package SQL::Abstract; # see doc at end of file
2
96449e8e 3use strict;
4use warnings;
9d9d5bd6 5use Carp ();
312d830b 6use List::Util ();
7use Scalar::Util ();
96449e8e 8
0da0fe34 9use Exporter 'import';
10our @EXPORT_OK = qw(is_plain_value is_literal_value);
11
12BEGIN {
13 if ($] < 5.009_005) {
14 require MRO::Compat;
15 }
16 else {
17 require mro;
18 }
843a94b5 19
20 *SQL::Abstract::_ENV_::DETECT_AUTOGENERATED_STRINGIFICATION = $ENV{SQLA_ISVALUE_IGNORE_AUTOGENERATED_STRINGIFICATION}
21 ? sub () { 0 }
22 : sub () { 1 }
23 ;
0da0fe34 24}
25
96449e8e 26#======================================================================
27# GLOBALS
28#======================================================================
29
dc6afcf8 30our $VERSION = '1.86';
7479e27e 31
22f1a437 32# This would confuse some packagers
c520207b 33$VERSION = eval $VERSION if $VERSION =~ /_/; # numify for warning-free dev releases
96449e8e 34
35our $AUTOLOAD;
36
37# special operators (-in, -between). May be extended/overridden by user.
38# See section WHERE: BUILTIN SPECIAL OPERATORS below for implementation
39my @BUILTIN_SPECIAL_OPS = (
f663e672 40 {regex => qr/^ (?: not \s )? between $/ix, handler => sub { die "NOPE" }},
41 {regex => qr/^ (?: not \s )? in $/ix, handler => sub { die "NOPE" }},
87c8e45b 42 {regex => qr/^ is (?: \s+ not )? $/ix, handler => sub { die "NOPE" }},
96449e8e 43);
44
45#======================================================================
46# DEBUGGING AND ERROR REPORTING
47#======================================================================
48
49sub _debug {
50 return unless $_[0]->{debug}; shift; # a little faster
51 my $func = (caller(1))[3];
52 warn "[$func] ", @_, "\n";
53}
54
55sub belch (@) {
56 my($func) = (caller(1))[3];
9d9d5bd6 57 Carp::carp "[$func] Warning: ", @_;
96449e8e 58}
59
60sub puke (@) {
61 my($func) = (caller(1))[3];
9d9d5bd6 62 Carp::croak "[$func] Fatal: ", @_;
96449e8e 63}
64
0da0fe34 65sub is_literal_value ($) {
66 ref $_[0] eq 'SCALAR' ? [ ${$_[0]} ]
67 : ( ref $_[0] eq 'REF' and ref ${$_[0]} eq 'ARRAY' ) ? [ @${ $_[0] } ]
0da0fe34 68 : undef;
69}
70
71# FIXME XSify - this can be done so much more efficiently
72sub is_plain_value ($) {
73 no strict 'refs';
966200cc 74 ! length ref $_[0] ? \($_[0])
0da0fe34 75 : (
76 ref $_[0] eq 'HASH' and keys %{$_[0]} == 1
77 and
78 exists $_[0]->{-value}
966200cc 79 ) ? \($_[0]->{-value})
0da0fe34 80 : (
a1c9e0ff 81 # reuse @_ for even moar speedz
82 defined ( $_[1] = Scalar::Util::blessed $_[0] )
0da0fe34 83 and
84 # deliberately not using Devel::OverloadInfo - the checks we are
85 # intersted in are much more limited than the fullblown thing, and
86 # this is a very hot piece of code
87 (
e8d729d4 88 # simply using ->can('(""') can leave behind stub methods that
89 # break actually using the overload later (see L<perldiag/Stub
90 # found while resolving method "%s" overloading "%s" in package
91 # "%s"> and the source of overload::mycan())
44e54b41 92 #
0da0fe34 93 # either has stringification which DBI SHOULD prefer out of the box
a1c9e0ff 94 grep { *{ (qq[${_}::(""]) }{CODE} } @{ $_[2] = mro::get_linear_isa( $_[1] ) }
0da0fe34 95 or
20e178a8 96 # has nummification or boolification, AND fallback is *not* disabled
0da0fe34 97 (
843a94b5 98 SQL::Abstract::_ENV_::DETECT_AUTOGENERATED_STRINGIFICATION
99 and
20e178a8 100 (
101 grep { *{"${_}::(0+"}{CODE} } @{$_[2]}
102 or
103 grep { *{"${_}::(bool"}{CODE} } @{$_[2]}
104 )
0da0fe34 105 and
106 (
107 # no fallback specified at all
a1c9e0ff 108 ! ( ($_[3]) = grep { *{"${_}::()"}{CODE} } @{$_[2]} )
0da0fe34 109 or
110 # fallback explicitly undef
a1c9e0ff 111 ! defined ${"$_[3]::()"}
0da0fe34 112 or
113 # explicitly true
a1c9e0ff 114 !! ${"$_[3]::()"}
0da0fe34 115 )
116 )
117 )
966200cc 118 ) ? \($_[0])
0da0fe34 119 : undef;
120}
121
122
96449e8e 123
124#======================================================================
125# NEW
126#======================================================================
127
128sub new {
129 my $self = shift;
130 my $class = ref($self) || $self;
131 my %opt = (ref $_[0] eq 'HASH') ? %{$_[0]} : @_;
132
133 # choose our case by keeping an option around
134 delete $opt{case} if $opt{case} && $opt{case} ne 'lower';
135
136 # default logic for interpreting arrayrefs
ef559da3 137 $opt{logic} = $opt{logic} ? uc $opt{logic} : 'OR';
96449e8e 138
139 # how to return bind vars
96449e8e 140 $opt{bindtype} ||= 'normal';
141
142 # default comparison is "=", but can be overridden
143 $opt{cmp} ||= '=';
144
3af02ccb 145 # try to recognize which are the 'equality' and 'inequality' ops
3cdadcbe 146 # (temporary quickfix (in 2007), should go through a more seasoned API)
147 $opt{equality_op} = qr/^( \Q$opt{cmp}\E | \= )$/ix;
148 $opt{inequality_op} = qr/^( != | <> )$/ix;
149
150 $opt{like_op} = qr/^ (is\s+)? r?like $/xi;
151 $opt{not_like_op} = qr/^ (is\s+)? not \s+ r?like $/xi;
96449e8e 152
153 # SQL booleans
154 $opt{sqltrue} ||= '1=1';
155 $opt{sqlfalse} ||= '0=1';
156
9d48860e 157 # special operators
30af97c5 158 $opt{special_ops} ||= [];
159
b6251592 160 # regexes are applied in order, thus push after user-defines
96449e8e 161 push @{$opt{special_ops}}, @BUILTIN_SPECIAL_OPS;
162
9d48860e 163 # unary operators
59f23b3d 164 $opt{unary_ops} ||= [];
59f23b3d 165
3af02ccb 166 # rudimentary sanity-check for user supplied bits treated as functions/operators
b6251592 167 # If a purported function matches this regular expression, an exception is thrown.
168 # Literal SQL is *NOT* subject to this check, only functions (and column names
169 # when quoting is not in effect)
96449e8e 170
b6251592 171 # FIXME
172 # need to guard against ()'s in column names too, but this will break tons of
173 # hacks... ideas anyone?
174 $opt{injection_guard} ||= qr/
175 \;
176 |
177 ^ \s* go \s
178 /xmi;
96449e8e 179
b07681b1 180 $opt{node_types} = +{
181 map +("-$_" => '_render_'.$_),
182 qw(op func value bind ident literal)
183 };
184
ec19b759 185 $opt{expand_unary} = {};
186
b6251592 187 return bless \%opt, $class;
188}
96449e8e 189
e175845b 190sub sqltrue { +{ -literal => [ $_[0]->{sqltrue} ] } }
191sub sqlfalse { +{ -literal => [ $_[0]->{sqlfalse} ] } }
170e6c33 192
193sub _assert_pass_injection_guard {
194 if ($_[1] =~ $_[0]->{injection_guard}) {
195 my $class = ref $_[0];
196 puke "Possible SQL injection attempt '$_[1]'. If this is indeed a part of the "
197 . "desired SQL use literal SQL ( \'...' or \[ '...' ] ) or supply your own "
198 . "{injection_guard} attribute to ${class}->new()"
199 }
200}
201
202
96449e8e 203#======================================================================
204# INSERT methods
205#======================================================================
206
207sub insert {
02288357 208 my $self = shift;
209 my $table = $self->_table(shift);
210 my $data = shift || return;
211 my $options = shift;
96449e8e 212
213 my $method = $self->_METHOD_FOR_refkind("_insert", $data);
02288357 214 my ($sql, @bind) = $self->$method($data);
96449e8e 215 $sql = join " ", $self->_sqlcase('insert into'), $table, $sql;
02288357 216
e82e648a 217 if ($options->{returning}) {
ca4f826a 218 my ($s, @b) = $self->_insert_returning($options);
e82e648a 219 $sql .= $s;
220 push @bind, @b;
02288357 221 }
222
96449e8e 223 return wantarray ? ($sql, @bind) : $sql;
224}
225
60f3fd3f 226# So that subclasses can override INSERT ... RETURNING separately from
227# UPDATE and DELETE (e.g. DBIx::Class::SQLMaker::Oracle does this)
b17a3ece 228sub _insert_returning { shift->_returning(@_) }
229
95904db5 230sub _returning {
e82e648a 231 my ($self, $options) = @_;
6b1fe79d 232
e82e648a 233 my $f = $options->{returning};
234
ff96fdd4 235 my ($sql, @bind) = $self->_render_expr(
236 $self->_expand_maybe_list_expr($f, undef, -ident)
237 );
238 return wantarray
239 ? $self->_sqlcase(' returning ') . $sql
240 : ($self->_sqlcase(' returning ').$sql, @bind);
6b1fe79d 241}
242
96449e8e 243sub _insert_HASHREF { # explicit list of fields and then values
244 my ($self, $data) = @_;
245
246 my @fields = sort keys %$data;
247
fe3ae272 248 my ($sql, @bind) = $self->_insert_values($data);
96449e8e 249
250 # assemble SQL
251 $_ = $self->_quote($_) foreach @fields;
252 $sql = "( ".join(", ", @fields).") ".$sql;
253
254 return ($sql, @bind);
255}
256
257sub _insert_ARRAYREF { # just generate values(?,?) part (no list of fields)
258 my ($self, $data) = @_;
259
260 # no names (arrayref) so can't generate bindtype
261 $self->{bindtype} ne 'columns'
262 or belch "can't do 'columns' bindtype when called with arrayref";
263
19b6ccce 264 my (@values, @all_bind);
265 foreach my $value (@$data) {
266 my ($values, @bind) = $self->_insert_value(undef, $value);
267 push @values, $values;
268 push @all_bind, @bind;
269 }
270 my $sql = $self->_sqlcase('values')." ( ".join(", ", @values)." )";
271 return ($sql, @all_bind);
fe3ae272 272}
273
274sub _insert_ARRAYREFREF { # literal SQL with bind
275 my ($self, $data) = @_;
276
277 my ($sql, @bind) = @${$data};
278 $self->_assert_bindval_matches_bindtype(@bind);
279
280 return ($sql, @bind);
281}
282
283
284sub _insert_SCALARREF { # literal SQL without bind
285 my ($self, $data) = @_;
286
287 return ($$data);
288}
289
290sub _insert_values {
291 my ($self, $data) = @_;
292
96449e8e 293 my (@values, @all_bind);
fe3ae272 294 foreach my $column (sort keys %$data) {
19b6ccce 295 my ($values, @bind) = $self->_insert_value($column, $data->{$column});
296 push @values, $values;
297 push @all_bind, @bind;
298 }
299 my $sql = $self->_sqlcase('values')." ( ".join(", ", @values)." )";
300 return ($sql, @all_bind);
301}
96449e8e 302
19b6ccce 303sub _insert_value {
304 my ($self, $column, $v) = @_;
96449e8e 305
720ca4f7 306 return $self->_render_expr(
307 $self->_expand_insert_value($column, $v)
308 );
309}
96449e8e 310
720ca4f7 311sub _expand_insert_value {
312 my ($self, $column, $v) = @_;
96449e8e 313
720ca4f7 314 if (ref($v) eq 'ARRAY') {
315 if ($self->{array_datatypes}) {
316 return +{ -bind => [ $column, $v ] };
317 }
318 my ($sql, @bind) = @$v;
319 $self->_assert_bindval_matches_bindtype(@bind);
320 return +{ -literal => $v };
321 }
322 if (ref($v) eq 'HASH') {
323 if (grep !/^-/, keys %$v) {
324 belch "HASH ref as bind value in insert is not supported";
325 return +{ -bind => [ $column, $v ] };
326 }
327 }
328 if (!defined($v)) {
329 return +{ -bind => [ $column, undef ] };
330 }
331 local our $Cur_Col_Meta = $column;
332 return $self->_expand_expr($v);
96449e8e 333}
334
335
96449e8e 336
337#======================================================================
338# UPDATE methods
339#======================================================================
340
341
342sub update {
95904db5 343 my $self = shift;
344 my $table = $self->_table(shift);
345 my $data = shift || return;
346 my $where = shift;
347 my $options = shift;
96449e8e 348
349 # first build the 'SET' part of the sql statement
96449e8e 350 puke "Unsupported data type specified to \$sql->update"
351 unless ref $data eq 'HASH';
352
9ade906e 353 my ($sql, @all_bind) = $self->_update_set_values($data);
a9e94508 354 $sql = $self->_sqlcase('update ') . $table . $self->_sqlcase(' set ')
9ade906e 355 . $sql;
356
357 if ($where) {
358 my($where_sql, @where_bind) = $self->where($where);
359 $sql .= $where_sql;
360 push @all_bind, @where_bind;
361 }
362
363 if ($options->{returning}) {
364 my ($returning_sql, @returning_bind) = $self->_update_returning($options);
365 $sql .= $returning_sql;
366 push @all_bind, @returning_bind;
367 }
368
369 return wantarray ? ($sql, @all_bind) : $sql;
370}
371
372sub _update_set_values {
373 my ($self, $data) = @_;
374
89690da2 375 return $self->_render_expr(
376 $self->_expand_update_set_values($data),
377 );
378}
96449e8e 379
89690da2 380sub _expand_update_set_values {
381 my ($self, $data) = @_;
382 $self->_expand_maybe_list_expr( [
383 map {
384 my ($k, $set) = @$_;
c4ed66f4 385 $set = { -bind => $_ } unless defined $set;
89690da2 386 +{ -op => [ '=', { -ident => $k }, $set ] };
387 }
388 map {
389 my $k = $_;
390 my $v = $data->{$k};
391 (ref($v) eq 'ARRAY'
392 ? ($self->{array_datatypes}
393 ? [ $k, +{ -bind => [ $k, $v ] } ]
394 : [ $k, +{ -literal => $v } ])
395 : do {
396 local our $Cur_Col_Meta = $k;
397 [ $k, $self->_expand_expr($v) ]
398 }
399 );
400 } sort keys %$data
401 ] );
96449e8e 402}
403
60f3fd3f 404# So that subclasses can override UPDATE ... RETURNING separately from
405# INSERT and DELETE
20bb2ad5 406sub _update_returning { shift->_returning(@_) }
96449e8e 407
408
409
410#======================================================================
411# SELECT
412#======================================================================
413
414
415sub select {
416 my $self = shift;
417 my $table = $self->_table(shift);
418 my $fields = shift || '*';
419 my $where = shift;
420 my $order = shift;
421
daa4ccdd 422 my ($fields_sql, @bind) = $self->_select_fields($fields);
96449e8e 423
daa4ccdd 424 my ($where_sql, @where_bind) = $self->where($where, $order);
425 push @bind, @where_bind;
426
427 my $sql = join(' ', $self->_sqlcase('select'), $fields_sql,
96449e8e 428 $self->_sqlcase('from'), $table)
429 . $where_sql;
430
9d48860e 431 return wantarray ? ($sql, @bind) : $sql;
96449e8e 432}
433
daa4ccdd 434sub _select_fields {
435 my ($self, $fields) = @_;
de63ce57 436 return $fields unless ref($fields);
27592e2b 437 return $self->_render_expr(
438 $self->_expand_maybe_list_expr($fields, undef, '-ident')
439 );
daa4ccdd 440}
441
96449e8e 442#======================================================================
443# DELETE
444#======================================================================
445
446
447sub delete {
85327cd5 448 my $self = shift;
449 my $table = $self->_table(shift);
450 my $where = shift;
451 my $options = shift;
96449e8e 452
453 my($where_sql, @bind) = $self->where($where);
a9e94508 454 my $sql = $self->_sqlcase('delete from ') . $table . $where_sql;
96449e8e 455
85327cd5 456 if ($options->{returning}) {
ca4f826a 457 my ($returning_sql, @returning_bind) = $self->_delete_returning($options);
85327cd5 458 $sql .= $returning_sql;
459 push @bind, @returning_bind;
460 }
461
9d48860e 462 return wantarray ? ($sql, @bind) : $sql;
96449e8e 463}
464
60f3fd3f 465# So that subclasses can override DELETE ... RETURNING separately from
466# INSERT and UPDATE
85327cd5 467sub _delete_returning { shift->_returning(@_) }
468
469
96449e8e 470
471#======================================================================
472# WHERE: entry point
473#======================================================================
474
475
476
477# Finally, a separate routine just to handle WHERE clauses
478sub where {
479 my ($self, $where, $order) = @_;
480
7ad12721 481 local $self->{convert_where} = $self->{convert};
482
96449e8e 483 # where ?
e175845b 484 my ($sql, @bind) = defined($where)
485 ? $self->_recurse_where($where)
486 : (undef);
417dd15e 487 $sql = (defined $sql and length $sql) ? $self->_sqlcase(' where ') . "( $sql )" : '';
96449e8e 488
489 # order by?
490 if ($order) {
26fe4d30 491 my ($order_sql, @order_bind) = $self->_order_by($order);
492 $sql .= $order_sql;
493 push @bind, @order_bind;
96449e8e 494 }
495
9d48860e 496 return wantarray ? ($sql, @bind) : $sql;
96449e8e 497}
498
a2cd381d 499sub _expand_expr {
2558b622 500 my ($self, $expr, $logic, $default_scalar_to) = @_;
501 local our $Default_Scalar_To = $default_scalar_to if $default_scalar_to;
3ae10d16 502 our $Expand_Depth ||= 0; local $Expand_Depth = $Expand_Depth + 1;
252518da 503 return undef unless defined($expr);
59588695 504 if (ref($expr) eq 'HASH') {
505 if (keys %$expr > 1) {
506 $logic ||= 'and';
77617257 507 return +{ -op => [
508 $logic,
59588695 509 map $self->_expand_expr_hashpair($_ => $expr->{$_}, $logic),
510 sort keys %$expr
511 ] };
512 }
1c0c0f41 513 return { -literal => [ '' ] } unless keys %$expr;
59588695 514 return $self->_expand_expr_hashpair(%$expr, $logic);
a2cd381d 515 }
08264f40 516 if (ref($expr) eq 'ARRAY') {
99a65fa8 517 my $logic = lc($logic || $self->{logic});
08264f40 518 $logic eq 'and' or $logic eq 'or' or puke "unknown logic: $logic";
519
1c0c0f41 520 #my @expr = @$expr;
521 my @expr = grep {
522 (ref($_) eq 'ARRAY' and @$_)
523 or (ref($_) eq 'HASH' and %$_)
524 or 1
525 } @$expr;
08264f40 526
527 my @res;
528
529 while (my ($el) = splice @expr, 0, 1) {
530 puke "Supplying an empty left hand side argument is not supported in array-pairs"
531 unless defined($el) and length($el);
532 my $elref = ref($el);
533 if (!$elref) {
534 push(@res, $self->_expand_expr({ $el, shift(@expr) }));
535 } elsif ($elref eq 'ARRAY') {
536 push(@res, $self->_expand_expr($el)) if @$el;
ec857800 537 } elsif (my $l = is_literal_value($el)) {
538 push @res, { -literal => $l };
08264f40 539 } elsif ($elref eq 'HASH') {
1b630cfe 540 push @res, $self->_expand_expr($el) if %$el;
08264f40 541 } else {
da4a0964 542 die "notreached";
08264f40 543 }
544 }
2143604f 545 return { -op => [ $logic, @res ] };
08264f40 546 }
ca3da680 547 if (my $literal = is_literal_value($expr)) {
548 return +{ -literal => $literal };
549 }
99a65fa8 550 if (!ref($expr) or Scalar::Util::blessed($expr)) {
2558b622 551 if (my $d = $Default_Scalar_To) {
552 return +{ $d => $expr };
553 }
99a65fa8 554 if (my $m = our $Cur_Col_Meta) {
555 return +{ -bind => [ $m, $expr ] };
556 }
252518da 557 return +{ -value => $expr };
558 }
252518da 559 die "notreached";
a2cd381d 560}
96449e8e 561
0fc68377 562my $Nest_Warned = 0;
74156ee9 563
59588695 564sub _expand_expr_hashpair {
565 my ($self, $k, $v, $logic) = @_;
d13725da 566 unless (defined($k) and length($k)) {
2d64004f 567 if (defined($k) and my $literal = is_literal_value($v)) {
d13725da 568 belch 'Hash-pairs consisting of an empty string with a literal are deprecated, and will be removed in 2.0: use -and => [ $literal ] instead';
2d64004f 569 return { -literal => $literal };
d13725da 570 }
571 puke "Supplying an empty left hand side argument is not supported";
572 }
ef071fad 573 if ($k =~ /^-/) {
99a65fa8 574 $self->_assert_pass_injection_guard($k =~ /^-(.*)$/s);
575 if ($k =~ s/ [_\s]? \d+ $//x ) {
576 belch 'Use of [and|or|nest]_N modifiers is deprecated and will be removed in SQLA v2.0. '
577 . "You probably wanted ...-and => [ $k => COND1, $k => COND2 ... ]";
578 }
ef071fad 579 if ($k eq '-nest') {
0fc68377 580 # DBIx::Class requires a nest warning to be emitted once but the private
581 # method it overrode to do so no longer exists
582 if (ref($self) =~ /^DBIx::Class::SQLMaker/) {
583 unless ($Nest_Warned) {
584 belch(
585 "-nest in search conditions is deprecated, you most probably wanted:\n"
586 .q|{..., -and => [ \%cond0, \@cond1, \'cond2', \[ 'cond3', [ col => bind ] ], etc. ], ... }|
587 );
588 $Nest_Warned = 1;
589 }
590 }
ef071fad 591 return $self->_expand_expr($v);
592 }
6ab1562a 593 if ($k eq '-bool') {
594 if (ref($v)) {
595 return $self->_expand_expr($v);
596 }
597 puke "-bool => undef not supported" unless defined($v);
598 return { -ident => $v };
599 }
99a65fa8 600 if ($k eq '-not') {
0c7e3af0 601 return { -op => [ 'not', $self->_expand_expr($v) ] };
99a65fa8 602 }
ce3bc4b0 603 if (my ($rest) = $k =~/^-not[_ ](.*)$/) {
0c7e3af0 604 return +{ -op => [
605 'not',
99a65fa8 606 $self->_expand_expr_hashpair("-${rest}", $v, $logic)
0c7e3af0 607 ] };
ce3bc4b0 608 }
99a65fa8 609 if (my ($logic) = $k =~ /^-(and|or)$/i) {
dd2d5bf7 610 if (ref($v) eq 'HASH') {
611 return $self->_expand_expr($v, $logic);
612 }
99a65fa8 613 if (ref($v) eq 'ARRAY') {
614 return $self->_expand_expr($v, $logic);
615 }
dd2d5bf7 616 }
99a65fa8 617 {
618 my $op = $k;
619 $op =~ s/^-// if length($op) > 1;
620
621 # top level special ops are illegal in general
3ae10d16 622 # note that, arguably, if it makes no sense at top level, it also
623 # makes no sense on the other side of an = sign or similar but DBIC
624 # gets disappointingly upset if I disallow it
625 if (
626 (our $Expand_Depth) == 1
627 and List::Util::first { $op =~ $_->{regex} } @{$self->{special_ops}}
628 ) {
629 puke "Illegal use of top-level '-$op'"
630 }
96a8d74a 631 if (my $us = List::Util::first { $op =~ $_->{regex} } @{$self->{unary_ops}}) {
632 return { -op => [ $op, $v ] };
633 }
99a65fa8 634 }
635 if ($k eq '-value' and my $m = our $Cur_Col_Meta) {
636 return +{ -bind => [ $m, $v ] };
637 }
ec19b759 638 if (my $custom = $self->{expand_unary}{$k}) {
639 return $self->$custom($v);
640 }
b07681b1 641 if ($self->{node_types}{$k}) {
99a65fa8 642 return { $k => $v };
d13725da 643 }
711892b1 644 if (
645 ref($v) eq 'HASH'
646 and keys %$v == 1
647 and (keys %$v)[0] =~ /^-/
648 ) {
649 my ($func) = $k =~ /^-(.*)$/;
3ae10d16 650 if (List::Util::first { $func =~ $_->{regex} } @{$self->{special_ops}}) {
651 return +{ -op => [ $func, $self->_expand_expr($v) ] };
652 }
711892b1 653 return +{ -func => [ $func, $self->_expand_expr($v) ] };
654 }
655 if (!ref($v) or is_literal_value($v)) {
99a65fa8 656 return +{ -op => [ $k =~ /^-(.*)$/, $self->_expand_expr($v) ] };
59588695 657 }
99a65fa8 658 }
659 if (
660 !defined($v)
661 or (
662 ref($v) eq 'HASH'
663 and exists $v->{-value}
664 and not defined $v->{-value}
665 )
666 ) {
667 return $self->_expand_expr_hashpair($k => { $self->{cmp} => undef });
668 }
669 if (!ref($v) or Scalar::Util::blessed($v)) {
ec19b759 670 my $d = our $Default_Scalar_To;
99a65fa8 671 return +{
672 -op => [
673 $self->{cmp},
674 { -ident => $k },
ec19b759 675 ($d ? { $d => $v } : { -bind => [ $k, $v ] })
99a65fa8 676 ]
677 };
678 }
679 if (ref($v) eq 'HASH') {
680 if (keys %$v > 1) {
e175845b 681 return { -op => [
682 'and',
99a65fa8 683 map $self->_expand_expr_hashpair($k => { $_ => $v->{$_} }),
684 sort keys %$v
685 ] };
686 }
687 my ($vk, $vv) = %$v;
688 $vk =~ s/^-//;
689 $vk = lc($vk);
690 $self->_assert_pass_injection_guard($vk);
691 if ($vk =~ s/ [_\s]? \d+ $//x ) {
692 belch 'Use of [and|or|nest]_N modifiers is deprecated and will be removed in SQLA v2.0. '
693 . "You probably wanted ...-and => [ -$vk => COND1, -$vk => COND2 ... ]";
694 }
695 if ($vk =~ /^(?:not[ _])?between$/) {
696 local our $Cur_Col_Meta = $k;
697 my @rhs = map $self->_expand_expr($_),
698 ref($vv) eq 'ARRAY' ? @$vv : $vv;
699 unless (
700 (@rhs == 1 and ref($rhs[0]) eq 'HASH' and $rhs[0]->{-literal})
701 or
702 (@rhs == 2 and defined($rhs[0]) and defined($rhs[1]))
703 ) {
704 puke "Operator '${\uc($vk)}' requires either an arrayref with two defined values or expressions, or a single literal scalarref/arrayref-ref";
b5b18861 705 }
99a65fa8 706 return +{ -op => [
707 join(' ', split '_', $vk),
708 { -ident => $k },
709 @rhs
710 ] }
711 }
712 if ($vk =~ /^(?:not[ _])?in$/) {
713 if (my $literal = is_literal_value($vv)) {
714 my ($sql, @bind) = @$literal;
715 my $opened_sql = $self->_open_outer_paren($sql);
10d07c4e 716 return +{ -op => [
99a65fa8 717 $vk, { -ident => $k },
718 [ { -literal => [ $opened_sql, @bind ] } ]
10d07c4e 719 ] };
720 }
99a65fa8 721 my $undef_err =
722 'SQL::Abstract before v1.75 used to generate incorrect SQL when the '
723 . "-${\uc($vk)} operator was given an undef-containing list: !!!AUDIT YOUR CODE "
724 . 'AND DATA!!! (the upcoming Data::Query-based version of SQL::Abstract '
725 . 'will emit the logically correct SQL instead of raising this exception)'
726 ;
727 puke("Argument passed to the '${\uc($vk)}' operator can not be undefined")
728 if !defined($vv);
729 my @rhs = map $self->_expand_expr($_),
730 map { ref($_) ? $_ : { -bind => [ $k, $_ ] } }
731 map { defined($_) ? $_: puke($undef_err) }
732 (ref($vv) eq 'ARRAY' ? @$vv : $vv);
e175845b 733 return $self->${\($vk =~ /^not/ ? 'sqltrue' : 'sqlfalse')} unless @rhs;
99a65fa8 734
735 return +{ -op => [
736 join(' ', split '_', $vk),
737 { -ident => $k },
738 \@rhs
739 ] };
740 }
741 if ($vk eq 'ident') {
02b8fe35 742 if (! defined $vv or (ref($vv) and ref($vv) eq 'ARRAY')) {
743 puke "-$vk requires a single plain scalar argument (a quotable identifier) or an arrayref of identifier parts";
f7778474 744 }
99a65fa8 745 return +{ -op => [
746 $self->{cmp},
747 { -ident => $k },
748 { -ident => $vv }
749 ] };
750 }
751 if ($vk eq 'value') {
752 return $self->_expand_expr_hashpair($k, undef) unless defined($vv);
753 return +{ -op => [
754 $self->{cmp},
755 { -ident => $k },
756 { -bind => [ $k, $vv ] }
757 ] };
758 }
759 if ($vk =~ /^is(?:[ _]not)?$/) {
760 puke "$vk can only take undef as argument"
761 if defined($vv)
762 and not (
763 ref($vv) eq 'HASH'
764 and exists($vv->{-value})
765 and !defined($vv->{-value})
766 );
767 $vk =~ s/_/ /g;
768 return +{ -op => [ $vk.' null', { -ident => $k } ] };
769 }
770 if ($vk =~ /^(and|or)$/) {
771 if (ref($vv) eq 'HASH') {
e62fe58a 772 return +{ -op => [
773 $vk,
99a65fa8 774 map $self->_expand_expr_hashpair($k, { $_ => $vv->{$_} }),
775 sort keys %$vv
7d7868d1 776 ] };
777 }
e28d9b13 778 }
30af97c5 779 if (my $us = List::Util::first { $vk =~ $_->{regex} } @{$self->{special_ops}}) {
99a65fa8 780 return { -op => [ $vk, { -ident => $k }, $vv ] };
7dbe1183 781 }
96a8d74a 782 if (my $us = List::Util::first { $vk =~ $_->{regex} } @{$self->{unary_ops}}) {
783 return { -op => [
784 $self->{cmp},
785 { -ident => $k },
786 { -op => [ $vk, $vv ] }
787 ] };
788 }
99a65fa8 789 if (ref($vv) eq 'ARRAY') {
790 my ($logic, @values) = (
791 (defined($vv->[0]) and $vv->[0] =~ /^-(and|or)$/i)
792 ? @$vv
793 : (-or => @$vv)
794 );
795 if (
796 $vk =~ $self->{inequality_op}
797 or join(' ', split '_', $vk) =~ $self->{not_like_op}
798 ) {
799 if (lc($logic) eq '-or' and @values > 1) {
800 my $op = uc join ' ', split '_', $vk;
801 belch "A multi-element arrayref as an argument to the inequality op '$op' "
802 . 'is technically equivalent to an always-true 1=1 (you probably wanted '
803 . "to say ...{ \$inequality_op => [ -and => \@values ] }... instead)"
804 ;
805 }
ef071fad 806 }
b3cb13e8 807 unless (@values) {
808 # try to DWIM on equality operators
809 my $op = join ' ', split '_', $vk;
810 return
e175845b 811 $op =~ $self->{equality_op} ? $self->sqlfalse
812 : $op =~ $self->{like_op} ? belch("Supplying an empty arrayref to '@{[ uc $op]}' is deprecated") && $self->sqlfalse
813 : $op =~ $self->{inequality_op} ? $self->sqltrue
814 : $op =~ $self->{not_like_op} ? belch("Supplying an empty arrayref to '@{[ uc $op]}' is deprecated") && $self->sqltrue
b3cb13e8 815 : puke "operator '$op' applied on an empty array (field '$k')";
816 }
63c97a0b 817 return +{ -op => [
818 $logic =~ /^-(.*)$/,
99a65fa8 819 map $self->_expand_expr_hashpair($k => { $vk => $_ }),
820 @values
821 ] };
822 }
823 if (
824 !defined($vv)
825 or (
826 ref($vv) eq 'HASH'
827 and exists $vv->{-value}
828 and not defined $vv->{-value}
829 )
830 ) {
831 my $op = join ' ', split '_', $vk;
832 my $is =
833 $op =~ /^not$/i ? 'is not' # legacy
834 : $op =~ $self->{equality_op} ? 'is'
835 : $op =~ $self->{like_op} ? belch("Supplying an undefined argument to '@{[ uc $op]}' is deprecated") && 'is'
836 : $op =~ $self->{inequality_op} ? 'is not'
837 : $op =~ $self->{not_like_op} ? belch("Supplying an undefined argument to '@{[ uc $op]}' is deprecated") && 'is not'
838 : puke "unexpected operator '$op' with undef operand";
839 return +{ -op => [ $is.' null', { -ident => $k } ] };
840 }
841 local our $Cur_Col_Meta = $k;
842 return +{ -op => [
843 $vk,
844 { -ident => $k },
845 $self->_expand_expr($vv)
846 ] };
847 }
848 if (ref($v) eq 'ARRAY') {
e175845b 849 return $self->sqlfalse unless @$v;
99a65fa8 850 $self->_debug("ARRAY($k) means distribute over elements");
851 my $this_logic = (
852 $v->[0] =~ /^-((?:and|or))$/i
853 ? ($v = [ @{$v}[1..$#$v] ], $1)
854 : ($self->{logic} || 'or')
855 );
cba28f66 856 return +{ -op => [
857 $this_logic,
858 map $self->_expand_expr({ $k => $_ }, $this_logic), @$v
859 ] };
99a65fa8 860 }
861 if (my $literal = is_literal_value($v)) {
862 unless (length $k) {
863 belch 'Hash-pairs consisting of an empty string with a literal are deprecated, and will be removed in 2.0: use -and => [ $literal ] instead';
864 return \$literal;
865 }
866 my ($sql, @bind) = @$literal;
867 if ($self->{bindtype} eq 'columns') {
868 for (@bind) {
6fb2bd90 869 $self->_assert_bindval_matches_bindtype($_);
aa8d7bdb 870 }
331e2209 871 }
99a65fa8 872 return +{ -literal => [ $self->_quote($k).' '.$sql, @bind ] };
331e2209 873 }
99a65fa8 874 die "notreached";
59588695 875}
876
e175845b 877sub _render_expr {
878 my ($self, $expr) = @_;
879 my ($k, $v, @rest) = %$expr;
880 die "No" if @rest;
b07681b1 881 if (my $meth = $self->{node_types}{$k}) {
181dcebf 882 return $self->$meth($v);
e175845b 883 }
884 die "notreached: $k";
885}
886
96449e8e 887sub _recurse_where {
888 my ($self, $where, $logic) = @_;
889
99a65fa8 890#print STDERR Data::Dumper::Concise::Dumper([ $where, $logic ]);
891
5492d4c2 892 # Special case: top level simple string treated as literal
893
894 my $where_exp = (ref($where)
895 ? $self->_expand_expr($where, $logic)
896 : { -literal => [ $where ] });
1c0c0f41 897#::Dwarn([ EXPANDED => $where_exp ]);
a2cd381d 898
99a65fa8 899#print STDERR Data::Dumper::Concise::Dumper([ EXP => $where_exp ]);
900
96449e8e 901 # dispatch on appropriate method according to refkind of $where
e175845b 902# my $method = $self->_METHOD_FOR_refkind("_where", $where_exp);
903
904# my ($sql, @bind) = $self->$method($where_exp, $logic);
311b2151 905
e175845b 906 my ($sql, @bind) = defined($where_exp) ? $self->_render_expr($where_exp) : (undef);
abe1a491 907 # DBIx::Class used to call _recurse_where in scalar context
908 # something else might too...
909 if (wantarray) {
910 return ($sql, @bind);
911 }
912 else {
913 belch "Calling _recurse_where in scalar context is deprecated and will go away before 2.0";
914 return $sql;
915 }
96449e8e 916}
917
181dcebf 918sub _render_ident {
919 my ($self, $ident) = @_;
cc422895 920
9cf28dfb 921 return $self->_convert($self->_quote($ident));
cc422895 922}
923
181dcebf 924sub _render_value {
925 my ($self, $value) = @_;
cc422895 926
52511ae3 927 return ($self->_convert('?'), $self->_bindtype(undef, $value));
cc422895 928}
929
c452734e 930my %unop_postfix = map +($_ => 1),
931 'is null', 'is not null',
932 'asc', 'desc',
933;
d13725da 934
b5b18861 935my %special = (
936 (map +($_ => do {
937 my $op = $_;
938 sub {
939 my ($self, $args) = @_;
940 my ($left, $low, $high) = @$args;
941 my ($rhsql, @rhbind) = do {
942 if (@$args == 2) {
943 puke "Single arg to between must be a literal"
944 unless $low->{-literal};
945 @{$low->{-literal}}
946 } else {
e56dd780 947 my ($l, $h) = map [ $self->_render_expr($_) ], $low, $high;
b5b18861 948 (join(' ', $l->[0], $self->_sqlcase('and'), $h->[0]),
949 @{$l}[1..$#$l], @{$h}[1..$#$h])
950 }
951 };
e56dd780 952 my ($lhsql, @lhbind) = $self->_render_expr($left);
b5b18861 953 return (
954 join(' ', '(', $lhsql, $self->_sqlcase($op), $rhsql, ')'),
955 @lhbind, @rhbind
956 );
957 }
958 }), 'between', 'not between'),
10d07c4e 959 (map +($_ => do {
960 my $op = $_;
961 sub {
962 my ($self, $args) = @_;
963 my ($lhs, $rhs) = @$args;
964 my @in_bind;
965 my @in_sql = map {
0ce981f8 966 my ($sql, @bind) = $self->_render_expr($_);
10d07c4e 967 push @in_bind, @bind;
968 $sql;
969 } @$rhs;
0ce981f8 970 my ($lhsql, @lbind) = $self->_render_expr($lhs);
10d07c4e 971 return (
972 $lhsql.' '.$self->_sqlcase($op).' ( '
973 .join(', ', @in_sql)
974 .' )',
975 @lbind, @in_bind
976 );
977 }
978 }), 'in', 'not in'),
b5b18861 979);
980
181dcebf 981sub _render_op {
982 my ($self, $v) = @_;
d13725da 983 my ($op, @args) = @$v;
984 $op =~ s/^-// if length($op) > 1;
cba28f66 985 $op = lc($op);
b5b18861 986 if (my $h = $special{$op}) {
987 return $self->$h(\@args);
988 }
3ae10d16 989 my $us = List::Util::first { $op =~ $_->{regex} } @{$self->{special_ops}};
990 if ($us and @args > 1) {
99a65fa8 991 puke "Special op '${op}' requires first value to be identifier"
992 unless my ($k) = map $_->{-ident}, grep ref($_) eq 'HASH', $args[0];
993 return $self->${\($us->{handler})}($k, $op, $args[1]);
994 }
96a8d74a 995 if (my $us = List::Util::first { $op =~ $_->{regex} } @{$self->{unary_ops}}) {
996 return $self->${\($us->{handler})}($op, $args[0]);
997 }
99a65fa8 998 my $final_op = $op =~ /^(?:is|not)_/ ? join(' ', split '_', $op) : $op;
2143604f 999 if (@args == 1 and $op !~ /^(and|or)$/) {
ec857800 1000 my ($expr_sql, @bind) = $self->_render_expr($args[0]);
d13725da 1001 my $op_sql = $self->_sqlcase($final_op);
1002 my $final_sql = (
1003 $unop_postfix{lc($final_op)}
1004 ? "${expr_sql} ${op_sql}"
1005 : "${op_sql} ${expr_sql}"
1006 );
3ae10d16 1007 return (($op eq 'not' || $us ? '('.$final_sql.')' : $final_sql), @bind);
1c0c0f41 1008 #} elsif (@args == 0) {
1009 # return '';
16d9289c 1010 } else {
1c0c0f41 1011 my @parts = grep length($_->[0]), map [ $self->_render_expr($_) ], @args;
1012 return '' unless @parts;
230812fc 1013 my $is_andor = !!($op =~ /^(and|or)$/);
1014 return @{$parts[0]} if $is_andor and @parts == 1;
1015 my ($final_sql) = map +($is_andor ? "( ${_} )" : $_), join(
2f9c5405 1016 ($final_op eq ',' ? '' : ' ').$self->_sqlcase($final_op).' ',
77617257 1017 map $_->[0], @parts
1018 );
99a65fa8 1019 return (
77617257 1020 $final_sql,
16d9289c 1021 map @{$_}[1..$#$_], @parts
99a65fa8 1022 );
d13725da 1023 }
1024 die "unhandled";
1025}
1026
181dcebf 1027sub _render_func {
1028 my ($self, $rest) = @_;
711892b1 1029 my ($func, @args) = @$rest;
1030 my @arg_sql;
1031 my @bind = map {
1032 my @x = @$_;
1033 push @arg_sql, shift @x;
1034 @x
0f199fce 1035 } map [ $self->_render_expr($_) ], @args;
711892b1 1036 return ($self->_sqlcase($func).'('.join(', ', @arg_sql).')', @bind);
1037}
1038
181dcebf 1039sub _render_bind {
1040 my ($self, $bind) = @_;
d13725da 1041 return ($self->_convert('?'), $self->_bindtype(@$bind));
1042}
1043
181dcebf 1044sub _render_literal {
1045 my ($self, $literal) = @_;
465d43fd 1046 $self->_assert_bindval_matches_bindtype(@{$literal}[1..$#$literal]);
aa8d7bdb 1047 return @$literal;
1048}
1049
4a1f01a3 1050# Some databases (SQLite) treat col IN (1, 2) different from
1051# col IN ( (1, 2) ). Use this to strip all outer parens while
1052# adding them back in the corresponding method
1053sub _open_outer_paren {
1054 my ($self, $sql) = @_;
a5f91feb 1055
ca4f826a 1056 while (my ($inner) = $sql =~ /^ \s* \( (.*) \) \s* $/xs) {
a5f91feb 1057
1058 # there are closing parens inside, need the heavy duty machinery
1059 # to reevaluate the extraction starting from $sql (full reevaluation)
ca4f826a 1060 if ($inner =~ /\)/) {
a5f91feb 1061 require Text::Balanced;
1062
1063 my (undef, $remainder) = do {
1064 # idiotic design - writes to $@ but *DOES NOT* throw exceptions
1065 local $@;
ca4f826a 1066 Text::Balanced::extract_bracketed($sql, '()', qr/\s*/);
a5f91feb 1067 };
1068
1069 # the entire expression needs to be a balanced bracketed thing
1070 # (after an extract no remainder sans trailing space)
1071 last if defined $remainder and $remainder =~ /\S/;
1072 }
1073
1074 $sql = $inner;
1075 }
1076
1077 $sql;
4a1f01a3 1078}
1079
96449e8e 1080
96449e8e 1081#======================================================================
1082# ORDER BY
1083#======================================================================
1084
33177570 1085sub _expand_order_by {
96449e8e 1086 my ($self, $arg) = @_;
1087
33177570 1088 return unless defined($arg) and not (ref($arg) eq 'ARRAY' and !@$arg);
2b6158af 1089
4325df6a 1090 my $expander = sub {
1091 my ($self, $dir, $expr) = @_;
52ca537e 1092 my @to_expand = ref($expr) eq 'ARRAY' ? @$expr : $expr;
1093 foreach my $arg (@to_expand) {
1094 if (
1095 ref($arg) eq 'HASH'
1096 and keys %$arg > 1
1097 and grep /^-(asc|desc)$/, keys %$arg
1098 ) {
1099 puke "ordering direction hash passed to order by must have exactly one key (-asc or -desc)";
1100 }
1101 }
4325df6a 1102 my @exp = map +(defined($dir) ? { -op => [ $dir => $_ ] } : $_),
74156ee9 1103 map $self->_expand_expr($_, undef, -ident),
1104 map ref($_) eq 'ARRAY' ? @$_ : $_, @to_expand;
4325df6a 1105 return (@exp > 1 ? { -op => [ ',', @exp ] } : $exp[0]);
1106 };
18c743c8 1107
ec19b759 1108 local @{$self->{expand_unary}}{qw(-asc -desc)} = (
1109 sub { shift->$expander(asc => @_) },
1110 sub { shift->$expander(desc => @_) },
1111 );
f267b646 1112
33177570 1113 return $self->$expander(undef, $arg);
1114}
1115
1116sub _order_by {
1117 my ($self, $arg) = @_;
1118
1119 return '' unless defined(my $expanded = $self->_expand_order_by($arg));
4325df6a 1120
1121 my ($sql, @bind) = $self->_render_expr($expanded);
1122
1123 my $final_sql = $self->_sqlcase(' order by ').$sql;
1124
1125 return wantarray ? ($final_sql, @bind) : $final_sql;
f267b646 1126}
1127
2e3cc357 1128# _order_by no longer needs to call this so doesn't but DBIC uses it.
1129
33177570 1130sub _order_by_chunks {
1131 my ($self, $arg) = @_;
1132
1133 return () unless defined(my $expanded = $self->_expand_order_by($arg));
1134
2e3cc357 1135 return $self->_chunkify_order_by($expanded);
1136}
1137
1138sub _chunkify_order_by {
1139 my ($self, $expanded) = @_;
1b630cfe 1140
1141 return $self->_render_expr($expanded)
1142 if $expanded->{-ident} or @{$expanded->{-literal}||[]} == 1;
1143
33177570 1144 for ($expanded) {
1145 if (ref() eq 'HASH' and my $op = $_->{-op}) {
1146 if ($op->[0] eq ',') {
2e3cc357 1147 return map $self->_chunkify_order_by($_), @{$op}[1..$#$op];
33177570 1148 }
1149 }
1150 return [ $self->_render_expr($_) ];
1151 }
1152}
1153
96449e8e 1154#======================================================================
1155# DATASOURCE (FOR NOW, JUST PLAIN TABLE OR LIST OF TABLES)
1156#======================================================================
1157
1158sub _table {
1159 my $self = shift;
1160 my $from = shift;
7ad12721 1161 ($self->_render_expr(
8476c6a3 1162 $self->_expand_maybe_list_expr($from, undef, -ident)
7ad12721 1163 ))[0];
96449e8e 1164}
1165
1166
1167#======================================================================
1168# UTILITY FUNCTIONS
1169#======================================================================
1170
8476c6a3 1171sub _expand_maybe_list_expr {
1172 my ($self, $expr, $logic, $default) = @_;
bba04f52 1173 my $e = do {
1174 if (ref($expr) eq 'ARRAY') {
1175 return { -op => [
8476c6a3 1176 ',', map $self->_expand_expr($_, $logic, $default), @$expr
bba04f52 1177 ] } if @$expr > 1;
1178 $expr->[0]
1179 } else {
1180 $expr
1181 }
1182 };
1183 return $self->_expand_expr($e, $logic, $default);
8476c6a3 1184}
1185
955e77ca 1186# highly optimized, as it's called way too often
96449e8e 1187sub _quote {
955e77ca 1188 # my ($self, $label) = @_;
96449e8e 1189
955e77ca 1190 return '' unless defined $_[1];
955e77ca 1191 return ${$_[1]} if ref($_[1]) eq 'SCALAR';
d3162b5c 1192 puke 'Identifier cannot be hashref' if ref($_[1]) eq 'HASH';
96449e8e 1193
d3162b5c 1194 unless ($_[0]->{quote_char}) {
1195 if (ref($_[1]) eq 'ARRAY') {
1196 return join($_[0]->{name_sep}||'.', @{$_[1]});
1197 } else {
1198 $_[0]->_assert_pass_injection_guard($_[1]);
1199 return $_[1];
1200 }
1201 }
96449e8e 1202
07d7c35c 1203 my $qref = ref $_[0]->{quote_char};
439834d3 1204 my ($l, $r) =
1205 !$qref ? ($_[0]->{quote_char}, $_[0]->{quote_char})
1206 : ($qref eq 'ARRAY') ? @{$_[0]->{quote_char}}
1207 : puke "Unsupported quote_char format: $_[0]->{quote_char}";
1208
46be4313 1209 my $esc = $_[0]->{escape_char} || $r;
96449e8e 1210
07d7c35c 1211 # parts containing * are naturally unquoted
d3162b5c 1212 return join(
1213 $_[0]->{name_sep}||'',
1214 map +(
1215 $_ eq '*'
1216 ? $_
1217 : do { (my $n = $_) =~ s/(\Q$esc\E|\Q$r\E)/$esc$1/g; $l . $n . $r }
1218 ),
1219 (ref($_[1]) eq 'ARRAY'
1220 ? @{$_[1]}
1221 : (
1222 $_[0]->{name_sep}
1223 ? split (/\Q$_[0]->{name_sep}\E/, $_[1] )
1224 : $_[1]
1225 )
1226 )
955e77ca 1227 );
96449e8e 1228}
1229
1230
1231# Conversion, if applicable
d7c862e0 1232sub _convert {
07d7c35c 1233 #my ($self, $arg) = @_;
7ad12721 1234 if ($_[0]->{convert_where}) {
1235 return $_[0]->_sqlcase($_[0]->{convert_where}) .'(' . $_[1] . ')';
96449e8e 1236 }
07d7c35c 1237 return $_[1];
96449e8e 1238}
1239
1240# And bindtype
d7c862e0 1241sub _bindtype {
07d7c35c 1242 #my ($self, $col, @vals) = @_;
07d7c35c 1243 # called often - tighten code
1244 return $_[0]->{bindtype} eq 'columns'
1245 ? map {[$_[1], $_]} @_[2 .. $#_]
1246 : @_[2 .. $#_]
1247 ;
96449e8e 1248}
1249
fe3ae272 1250# Dies if any element of @bind is not in [colname => value] format
1251# if bindtype is 'columns'.
1252sub _assert_bindval_matches_bindtype {
c94a6c93 1253# my ($self, @bind) = @_;
1254 my $self = shift;
fe3ae272 1255 if ($self->{bindtype} eq 'columns') {
c94a6c93 1256 for (@_) {
1257 if (!defined $_ || ref($_) ne 'ARRAY' || @$_ != 2) {
3a06278c 1258 puke "bindtype 'columns' selected, you need to pass: [column_name => bind_value]"
fe3ae272 1259 }
1260 }
1261 }
1262}
1263
96449e8e 1264sub _join_sql_clauses {
1265 my ($self, $logic, $clauses_aref, $bind_aref) = @_;
1266
1267 if (@$clauses_aref > 1) {
1268 my $join = " " . $self->_sqlcase($logic) . " ";
1269 my $sql = '( ' . join($join, @$clauses_aref) . ' )';
1270 return ($sql, @$bind_aref);
1271 }
1272 elsif (@$clauses_aref) {
1273 return ($clauses_aref->[0], @$bind_aref); # no parentheses
1274 }
1275 else {
1276 return (); # if no SQL, ignore @$bind_aref
1277 }
1278}
1279
1280
1281# Fix SQL case, if so requested
1282sub _sqlcase {
96449e8e 1283 # LDNOTE: if $self->{case} is true, then it contains 'lower', so we
1284 # don't touch the argument ... crooked logic, but let's not change it!
07d7c35c 1285 return $_[0]->{case} ? $_[1] : uc($_[1]);
96449e8e 1286}
1287
1288
1289#======================================================================
1290# DISPATCHING FROM REFKIND
1291#======================================================================
1292
1293sub _refkind {
1294 my ($self, $data) = @_;
96449e8e 1295
955e77ca 1296 return 'UNDEF' unless defined $data;
1297
1298 # blessed objects are treated like scalars
1299 my $ref = (Scalar::Util::blessed $data) ? '' : ref $data;
1300
1301 return 'SCALAR' unless $ref;
1302
1303 my $n_steps = 1;
1304 while ($ref eq 'REF') {
96449e8e 1305 $data = $$data;
955e77ca 1306 $ref = (Scalar::Util::blessed $data) ? '' : ref $data;
1307 $n_steps++ if $ref;
96449e8e 1308 }
1309
848556bc 1310 return ($ref||'SCALAR') . ('REF' x $n_steps);
96449e8e 1311}
1312
1313sub _try_refkind {
1314 my ($self, $data) = @_;
1315 my @try = ($self->_refkind($data));
1316 push @try, 'SCALAR_or_UNDEF' if $try[0] eq 'SCALAR' || $try[0] eq 'UNDEF';
1317 push @try, 'FALLBACK';
955e77ca 1318 return \@try;
96449e8e 1319}
1320
1321sub _METHOD_FOR_refkind {
1322 my ($self, $meth_prefix, $data) = @_;
f39eaa60 1323
1324 my $method;
955e77ca 1325 for (@{$self->_try_refkind($data)}) {
f39eaa60 1326 $method = $self->can($meth_prefix."_".$_)
1327 and last;
1328 }
1329
1330 return $method || puke "cannot dispatch on '$meth_prefix' for ".$self->_refkind($data);
96449e8e 1331}
1332
1333
1334sub _SWITCH_refkind {
1335 my ($self, $data, $dispatch_table) = @_;
1336
f39eaa60 1337 my $coderef;
955e77ca 1338 for (@{$self->_try_refkind($data)}) {
f39eaa60 1339 $coderef = $dispatch_table->{$_}
1340 and last;
1341 }
1342
1343 puke "no dispatch entry for ".$self->_refkind($data)
1344 unless $coderef;
1345
96449e8e 1346 $coderef->();
1347}
1348
1349
1350
1351
1352#======================================================================
1353# VALUES, GENERATE, AUTOLOAD
1354#======================================================================
1355
1356# LDNOTE: original code from nwiger, didn't touch code in that section
1357# I feel the AUTOLOAD stuff should not be the default, it should
1358# only be activated on explicit demand by user.
1359
1360sub values {
1361 my $self = shift;
1362 my $data = shift || return;
1363 puke "Argument to ", __PACKAGE__, "->values must be a \\%hash"
1364 unless ref $data eq 'HASH';
bab725ce 1365
1366 my @all_bind;
ca4f826a 1367 foreach my $k (sort keys %$data) {
bab725ce 1368 my $v = $data->{$k};
1369 $self->_SWITCH_refkind($v, {
9d48860e 1370 ARRAYREF => sub {
bab725ce 1371 if ($self->{array_datatypes}) { # array datatype
1372 push @all_bind, $self->_bindtype($k, $v);
1373 }
1374 else { # literal SQL with bind
1375 my ($sql, @bind) = @$v;
1376 $self->_assert_bindval_matches_bindtype(@bind);
1377 push @all_bind, @bind;
1378 }
1379 },
1380 ARRAYREFREF => sub { # literal SQL with bind
1381 my ($sql, @bind) = @${$v};
1382 $self->_assert_bindval_matches_bindtype(@bind);
1383 push @all_bind, @bind;
1384 },
1385 SCALARREF => sub { # literal SQL without bind
1386 },
1387 SCALAR_or_UNDEF => sub {
1388 push @all_bind, $self->_bindtype($k, $v);
1389 },
1390 });
1391 }
1392
1393 return @all_bind;
96449e8e 1394}
1395
1396sub generate {
1397 my $self = shift;
1398
1399 my(@sql, @sqlq, @sqlv);
1400
1401 for (@_) {
1402 my $ref = ref $_;
1403 if ($ref eq 'HASH') {
1404 for my $k (sort keys %$_) {
1405 my $v = $_->{$k};
1406 my $r = ref $v;
1407 my $label = $self->_quote($k);
1408 if ($r eq 'ARRAY') {
fe3ae272 1409 # literal SQL with bind
1410 my ($sql, @bind) = @$v;
1411 $self->_assert_bindval_matches_bindtype(@bind);
96449e8e 1412 push @sqlq, "$label = $sql";
fe3ae272 1413 push @sqlv, @bind;
96449e8e 1414 } elsif ($r eq 'SCALAR') {
fe3ae272 1415 # literal SQL without bind
96449e8e 1416 push @sqlq, "$label = $$v";
9d48860e 1417 } else {
96449e8e 1418 push @sqlq, "$label = ?";
1419 push @sqlv, $self->_bindtype($k, $v);
1420 }
1421 }
1422 push @sql, $self->_sqlcase('set'), join ', ', @sqlq;
1423 } elsif ($ref eq 'ARRAY') {
1424 # unlike insert(), assume these are ONLY the column names, i.e. for SQL
1425 for my $v (@$_) {
1426 my $r = ref $v;
fe3ae272 1427 if ($r eq 'ARRAY') { # literal SQL with bind
1428 my ($sql, @bind) = @$v;
1429 $self->_assert_bindval_matches_bindtype(@bind);
1430 push @sqlq, $sql;
1431 push @sqlv, @bind;
1432 } elsif ($r eq 'SCALAR') { # literal SQL without bind
96449e8e 1433 # embedded literal SQL
1434 push @sqlq, $$v;
9d48860e 1435 } else {
96449e8e 1436 push @sqlq, '?';
1437 push @sqlv, $v;
1438 }
1439 }
1440 push @sql, '(' . join(', ', @sqlq) . ')';
1441 } elsif ($ref eq 'SCALAR') {
1442 # literal SQL
1443 push @sql, $$_;
1444 } else {
1445 # strings get case twiddled
1446 push @sql, $self->_sqlcase($_);
1447 }
1448 }
1449
1450 my $sql = join ' ', @sql;
1451
1452 # this is pretty tricky
1453 # if ask for an array, return ($stmt, @bind)
1454 # otherwise, s/?/shift @sqlv/ to put it inline
1455 if (wantarray) {
1456 return ($sql, @sqlv);
1457 } else {
1458 1 while $sql =~ s/\?/my $d = shift(@sqlv);
1459 ref $d ? $d->[1] : $d/e;
1460 return $sql;
1461 }
1462}
1463
1464
1465sub DESTROY { 1 }
1466
1467sub AUTOLOAD {
1468 # This allows us to check for a local, then _form, attr
1469 my $self = shift;
1470 my($name) = $AUTOLOAD =~ /.*::(.+)/;
1471 return $self->generate($name, @_);
1472}
1473
14741;
1475
1476
1477
1478__END__
32eab2da 1479
1480=head1 NAME
1481
1482SQL::Abstract - Generate SQL from Perl data structures
1483
1484=head1 SYNOPSIS
1485
1486 use SQL::Abstract;
1487
1488 my $sql = SQL::Abstract->new;
1489
85783f3c 1490 my($stmt, @bind) = $sql->select($source, \@fields, \%where, $order);
32eab2da 1491
1492 my($stmt, @bind) = $sql->insert($table, \%fieldvals || \@values);
1493
1494 my($stmt, @bind) = $sql->update($table, \%fieldvals, \%where);
1495
1496 my($stmt, @bind) = $sql->delete($table, \%where);
1497
1498 # Then, use these in your DBI statements
1499 my $sth = $dbh->prepare($stmt);
1500 $sth->execute(@bind);
1501
1502 # Just generate the WHERE clause
85783f3c 1503 my($stmt, @bind) = $sql->where(\%where, $order);
32eab2da 1504
1505 # Return values in the same order, for hashed queries
1506 # See PERFORMANCE section for more details
1507 my @bind = $sql->values(\%fieldvals);
1508
1509=head1 DESCRIPTION
1510
1511This module was inspired by the excellent L<DBIx::Abstract>.
1512However, in using that module I found that what I really wanted
1513to do was generate SQL, but still retain complete control over my
1514statement handles and use the DBI interface. So, I set out to
1515create an abstract SQL generation module.
1516
1517While based on the concepts used by L<DBIx::Abstract>, there are
1518several important differences, especially when it comes to WHERE
1519clauses. I have modified the concepts used to make the SQL easier
1520to generate from Perl data structures and, IMO, more intuitive.
1521The underlying idea is for this module to do what you mean, based
1522on the data structures you provide it. The big advantage is that
1523you don't have to modify your code every time your data changes,
1524as this module figures it out.
1525
1526To begin with, an SQL INSERT is as easy as just specifying a hash
1527of C<key=value> pairs:
1528
1529 my %data = (
1530 name => 'Jimbo Bobson',
1531 phone => '123-456-7890',
1532 address => '42 Sister Lane',
1533 city => 'St. Louis',
1534 state => 'Louisiana',
1535 );
1536
1537The SQL can then be generated with this:
1538
1539 my($stmt, @bind) = $sql->insert('people', \%data);
1540
1541Which would give you something like this:
1542
1543 $stmt = "INSERT INTO people
1544 (address, city, name, phone, state)
1545 VALUES (?, ?, ?, ?, ?)";
1546 @bind = ('42 Sister Lane', 'St. Louis', 'Jimbo Bobson',
1547 '123-456-7890', 'Louisiana');
1548
1549These are then used directly in your DBI code:
1550
1551 my $sth = $dbh->prepare($stmt);
1552 $sth->execute(@bind);
1553
96449e8e 1554=head2 Inserting and Updating Arrays
1555
1556If your database has array types (like for example Postgres),
1557activate the special option C<< array_datatypes => 1 >>
9d48860e 1558when creating the C<SQL::Abstract> object.
96449e8e 1559Then you may use an arrayref to insert and update database array types:
1560
1561 my $sql = SQL::Abstract->new(array_datatypes => 1);
1562 my %data = (
1563 planets => [qw/Mercury Venus Earth Mars/]
1564 );
9d48860e 1565
96449e8e 1566 my($stmt, @bind) = $sql->insert('solar_system', \%data);
1567
1568This results in:
1569
1570 $stmt = "INSERT INTO solar_system (planets) VALUES (?)"
1571
1572 @bind = (['Mercury', 'Venus', 'Earth', 'Mars']);
1573
1574
1575=head2 Inserting and Updating SQL
1576
1577In order to apply SQL functions to elements of your C<%data> you may
1578specify a reference to an arrayref for the given hash value. For example,
1579if you need to execute the Oracle C<to_date> function on a value, you can
1580say something like this:
32eab2da 1581
1582 my %data = (
1583 name => 'Bill',
3ae1c5e2 1584 date_entered => \[ "to_date(?,'MM/DD/YYYY')", "03/02/2003" ],
9d48860e 1585 );
32eab2da 1586
1587The first value in the array is the actual SQL. Any other values are
1588optional and would be included in the bind values array. This gives
1589you:
1590
1591 my($stmt, @bind) = $sql->insert('people', \%data);
1592
9d48860e 1593 $stmt = "INSERT INTO people (name, date_entered)
32eab2da 1594 VALUES (?, to_date(?,'MM/DD/YYYY'))";
1595 @bind = ('Bill', '03/02/2003');
1596
1597An UPDATE is just as easy, all you change is the name of the function:
1598
1599 my($stmt, @bind) = $sql->update('people', \%data);
1600
1601Notice that your C<%data> isn't touched; the module will generate
1602the appropriately quirky SQL for you automatically. Usually you'll
1603want to specify a WHERE clause for your UPDATE, though, which is
1604where handling C<%where> hashes comes in handy...
1605
96449e8e 1606=head2 Complex where statements
1607
32eab2da 1608This module can generate pretty complicated WHERE statements
1609easily. For example, simple C<key=value> pairs are taken to mean
1610equality, and if you want to see if a field is within a set
1611of values, you can use an arrayref. Let's say we wanted to
1612SELECT some data based on this criteria:
1613
1614 my %where = (
1615 requestor => 'inna',
1616 worker => ['nwiger', 'rcwe', 'sfz'],
1617 status => { '!=', 'completed' }
1618 );
1619
1620 my($stmt, @bind) = $sql->select('tickets', '*', \%where);
1621
1622The above would give you something like this:
1623
1624 $stmt = "SELECT * FROM tickets WHERE
1625 ( requestor = ? ) AND ( status != ? )
1626 AND ( worker = ? OR worker = ? OR worker = ? )";
1627 @bind = ('inna', 'completed', 'nwiger', 'rcwe', 'sfz');
1628
1629Which you could then use in DBI code like so:
1630
1631 my $sth = $dbh->prepare($stmt);
1632 $sth->execute(@bind);
1633
1634Easy, eh?
1635
0da0fe34 1636=head1 METHODS
32eab2da 1637
13cc86af 1638The methods are simple. There's one for every major SQL operation,
32eab2da 1639and a constructor you use first. The arguments are specified in a
13cc86af 1640similar order for each method (table, then fields, then a where
32eab2da 1641clause) to try and simplify things.
1642
32eab2da 1643=head2 new(option => 'value')
1644
1645The C<new()> function takes a list of options and values, and returns
1646a new B<SQL::Abstract> object which can then be used to generate SQL
1647through the methods below. The options accepted are:
1648
1649=over
1650
1651=item case
1652
1653If set to 'lower', then SQL will be generated in all lowercase. By
1654default SQL is generated in "textbook" case meaning something like:
1655
1656 SELECT a_field FROM a_table WHERE some_field LIKE '%someval%'
1657
96449e8e 1658Any setting other than 'lower' is ignored.
1659
32eab2da 1660=item cmp
1661
1662This determines what the default comparison operator is. By default
1663it is C<=>, meaning that a hash like this:
1664
1665 %where = (name => 'nwiger', email => 'nate@wiger.org');
1666
1667Will generate SQL like this:
1668
1669 WHERE name = 'nwiger' AND email = 'nate@wiger.org'
1670
1671However, you may want loose comparisons by default, so if you set
1672C<cmp> to C<like> you would get SQL such as:
1673
1674 WHERE name like 'nwiger' AND email like 'nate@wiger.org'
1675
3af02ccb 1676You can also override the comparison on an individual basis - see
32eab2da 1677the huge section on L</"WHERE CLAUSES"> at the bottom.
1678
96449e8e 1679=item sqltrue, sqlfalse
1680
1681Expressions for inserting boolean values within SQL statements.
6e0c6552 1682By default these are C<1=1> and C<1=0>. They are used
1683by the special operators C<-in> and C<-not_in> for generating
1684correct SQL even when the argument is an empty array (see below).
96449e8e 1685
32eab2da 1686=item logic
1687
1688This determines the default logical operator for multiple WHERE
7cac25e6 1689statements in arrays or hashes. If absent, the default logic is "or"
1690for arrays, and "and" for hashes. This means that a WHERE
32eab2da 1691array of the form:
1692
1693 @where = (
9d48860e 1694 event_date => {'>=', '2/13/99'},
1695 event_date => {'<=', '4/24/03'},
32eab2da 1696 );
1697
7cac25e6 1698will generate SQL like this:
32eab2da 1699
1700 WHERE event_date >= '2/13/99' OR event_date <= '4/24/03'
1701
1702This is probably not what you want given this query, though (look
1703at the dates). To change the "OR" to an "AND", simply specify:
1704
1705 my $sql = SQL::Abstract->new(logic => 'and');
1706
1707Which will change the above C<WHERE> to:
1708
1709 WHERE event_date >= '2/13/99' AND event_date <= '4/24/03'
1710
96449e8e 1711The logic can also be changed locally by inserting
be21dde3 1712a modifier in front of an arrayref:
96449e8e 1713
9d48860e 1714 @where = (-and => [event_date => {'>=', '2/13/99'},
7cac25e6 1715 event_date => {'<=', '4/24/03'} ]);
96449e8e 1716
1717See the L</"WHERE CLAUSES"> section for explanations.
1718
32eab2da 1719=item convert
1720
1721This will automatically convert comparisons using the specified SQL
1722function for both column and value. This is mostly used with an argument
1723of C<upper> or C<lower>, so that the SQL will have the effect of
1724case-insensitive "searches". For example, this:
1725
1726 $sql = SQL::Abstract->new(convert => 'upper');
1727 %where = (keywords => 'MaKe iT CAse inSeNSItive');
1728
1729Will turn out the following SQL:
1730
1731 WHERE upper(keywords) like upper('MaKe iT CAse inSeNSItive')
1732
1733The conversion can be C<upper()>, C<lower()>, or any other SQL function
1734that can be applied symmetrically to fields (actually B<SQL::Abstract> does
1735not validate this option; it will just pass through what you specify verbatim).
1736
1737=item bindtype
1738
1739This is a kludge because many databases suck. For example, you can't
1740just bind values using DBI's C<execute()> for Oracle C<CLOB> or C<BLOB> fields.
1741Instead, you have to use C<bind_param()>:
1742
1743 $sth->bind_param(1, 'reg data');
1744 $sth->bind_param(2, $lots, {ora_type => ORA_CLOB});
1745
1746The problem is, B<SQL::Abstract> will normally just return a C<@bind> array,
1747which loses track of which field each slot refers to. Fear not.
1748
1749If you specify C<bindtype> in new, you can determine how C<@bind> is returned.
1750Currently, you can specify either C<normal> (default) or C<columns>. If you
1751specify C<columns>, you will get an array that looks like this:
1752
1753 my $sql = SQL::Abstract->new(bindtype => 'columns');
1754 my($stmt, @bind) = $sql->insert(...);
1755
1756 @bind = (
1757 [ 'column1', 'value1' ],
1758 [ 'column2', 'value2' ],
1759 [ 'column3', 'value3' ],
1760 );
1761
1762You can then iterate through this manually, using DBI's C<bind_param()>.
e3f9dff4 1763
32eab2da 1764 $sth->prepare($stmt);
1765 my $i = 1;
1766 for (@bind) {
1767 my($col, $data) = @$_;
1768 if ($col eq 'details' || $col eq 'comments') {
1769 $sth->bind_param($i, $data, {ora_type => ORA_CLOB});
1770 } elsif ($col eq 'image') {
1771 $sth->bind_param($i, $data, {ora_type => ORA_BLOB});
1772 } else {
1773 $sth->bind_param($i, $data);
1774 }
1775 $i++;
1776 }
1777 $sth->execute; # execute without @bind now
1778
1779Now, why would you still use B<SQL::Abstract> if you have to do this crap?
1780Basically, the advantage is still that you don't have to care which fields
1781are or are not included. You could wrap that above C<for> loop in a simple
1782sub called C<bind_fields()> or something and reuse it repeatedly. You still
1783get a layer of abstraction over manual SQL specification.
1784
3ae1c5e2 1785Note that if you set L</bindtype> to C<columns>, the C<\[ $sql, @bind ]>
deb148a2 1786construct (see L</Literal SQL with placeholders and bind values (subqueries)>)
1787will expect the bind values in this format.
1788
32eab2da 1789=item quote_char
1790
1791This is the character that a table or column name will be quoted
9d48860e 1792with. By default this is an empty string, but you could set it to
32eab2da 1793the character C<`>, to generate SQL like this:
1794
1795 SELECT `a_field` FROM `a_table` WHERE `some_field` LIKE '%someval%'
1796
96449e8e 1797Alternatively, you can supply an array ref of two items, the first being the left
1798hand quote character, and the second the right hand quote character. For
1799example, you could supply C<['[',']']> for SQL Server 2000 compliant quotes
1800that generates SQL like this:
1801
1802 SELECT [a_field] FROM [a_table] WHERE [some_field] LIKE '%someval%'
1803
9d48860e 1804Quoting is useful if you have tables or columns names that are reserved
96449e8e 1805words in your database's SQL dialect.
32eab2da 1806
46be4313 1807=item escape_char
1808
1809This is the character that will be used to escape L</quote_char>s appearing
1810in an identifier before it has been quoted.
1811
80790166 1812The parameter default in case of a single L</quote_char> character is the quote
46be4313 1813character itself.
1814
1815When opening-closing-style quoting is used (L</quote_char> is an arrayref)
9de2bd86 1816this parameter defaults to the B<closing (right)> L</quote_char>. Occurrences
46be4313 1817of the B<opening (left)> L</quote_char> within the identifier are currently left
1818untouched. The default for opening-closing-style quotes may change in future
1819versions, thus you are B<strongly encouraged> to specify the escape character
1820explicitly.
1821
32eab2da 1822=item name_sep
1823
1824This is the character that separates a table and column name. It is
1825necessary to specify this when the C<quote_char> option is selected,
1826so that tables and column names can be individually quoted like this:
1827
1828 SELECT `table`.`one_field` FROM `table` WHERE `table`.`other_field` = 1
1829
b6251592 1830=item injection_guard
1831
1832A regular expression C<qr/.../> that is applied to any C<-function> and unquoted
1833column name specified in a query structure. This is a safety mechanism to avoid
1834injection attacks when mishandling user input e.g.:
1835
1836 my %condition_as_column_value_pairs = get_values_from_user();
1837 $sqla->select( ... , \%condition_as_column_value_pairs );
1838
1839If the expression matches an exception is thrown. Note that literal SQL
1840supplied via C<\'...'> or C<\['...']> is B<not> checked in any way.
1841
1842Defaults to checking for C<;> and the C<GO> keyword (TransactSQL)
1843
96449e8e 1844=item array_datatypes
32eab2da 1845
9d48860e 1846When this option is true, arrayrefs in INSERT or UPDATE are
1847interpreted as array datatypes and are passed directly
96449e8e 1848to the DBI layer.
1849When this option is false, arrayrefs are interpreted
1850as literal SQL, just like refs to arrayrefs
1851(but this behavior is for backwards compatibility; when writing
1852new queries, use the "reference to arrayref" syntax
1853for literal SQL).
32eab2da 1854
32eab2da 1855
96449e8e 1856=item special_ops
32eab2da 1857
9d48860e 1858Takes a reference to a list of "special operators"
96449e8e 1859to extend the syntax understood by L<SQL::Abstract>.
1860See section L</"SPECIAL OPERATORS"> for details.
32eab2da 1861
59f23b3d 1862=item unary_ops
1863
9d48860e 1864Takes a reference to a list of "unary operators"
59f23b3d 1865to extend the syntax understood by L<SQL::Abstract>.
1866See section L</"UNARY OPERATORS"> for details.
1867
32eab2da 1868
32eab2da 1869
96449e8e 1870=back
32eab2da 1871
02288357 1872=head2 insert($table, \@values || \%fieldvals, \%options)
32eab2da 1873
1874This is the simplest function. You simply give it a table name
1875and either an arrayref of values or hashref of field/value pairs.
1876It returns an SQL INSERT statement and a list of bind values.
96449e8e 1877See the sections on L</"Inserting and Updating Arrays"> and
1878L</"Inserting and Updating SQL"> for information on how to insert
1879with those data types.
32eab2da 1880
02288357 1881The optional C<\%options> hash reference may contain additional
1882options to generate the insert SQL. Currently supported options
1883are:
1884
1885=over 4
1886
1887=item returning
1888
1889Takes either a scalar of raw SQL fields, or an array reference of
1890field names, and adds on an SQL C<RETURNING> statement at the end.
1891This allows you to return data generated by the insert statement
1892(such as row IDs) without performing another C<SELECT> statement.
1893Note, however, this is not part of the SQL standard and may not
1894be supported by all database engines.
1895
1896=back
1897
95904db5 1898=head2 update($table, \%fieldvals, \%where, \%options)
32eab2da 1899
1900This takes a table, hashref of field/value pairs, and an optional
86298391 1901hashref L<WHERE clause|/WHERE CLAUSES>. It returns an SQL UPDATE function and a list
32eab2da 1902of bind values.
96449e8e 1903See the sections on L</"Inserting and Updating Arrays"> and
1904L</"Inserting and Updating SQL"> for information on how to insert
1905with those data types.
32eab2da 1906
95904db5 1907The optional C<\%options> hash reference may contain additional
1908options to generate the update SQL. Currently supported options
1909are:
1910
1911=over 4
1912
1913=item returning
1914
1915See the C<returning> option to
1916L<insert|/insert($table, \@values || \%fieldvals, \%options)>.
1917
1918=back
1919
96449e8e 1920=head2 select($source, $fields, $where, $order)
32eab2da 1921
9d48860e 1922This returns a SQL SELECT statement and associated list of bind values, as
be21dde3 1923specified by the arguments:
32eab2da 1924
96449e8e 1925=over
32eab2da 1926
96449e8e 1927=item $source
32eab2da 1928
9d48860e 1929Specification of the 'FROM' part of the statement.
96449e8e 1930The argument can be either a plain scalar (interpreted as a table
1931name, will be quoted), or an arrayref (interpreted as a list
1932of table names, joined by commas, quoted), or a scalarref
063097a3 1933(literal SQL, not quoted).
32eab2da 1934
96449e8e 1935=item $fields
32eab2da 1936
9d48860e 1937Specification of the list of fields to retrieve from
96449e8e 1938the source.
1939The argument can be either an arrayref (interpreted as a list
9d48860e 1940of field names, will be joined by commas and quoted), or a
96449e8e 1941plain scalar (literal SQL, not quoted).
521647e7 1942Please observe that this API is not as flexible as that of
1943the first argument C<$source>, for backwards compatibility reasons.
32eab2da 1944
96449e8e 1945=item $where
32eab2da 1946
96449e8e 1947Optional argument to specify the WHERE part of the query.
1948The argument is most often a hashref, but can also be
9d48860e 1949an arrayref or plain scalar --
96449e8e 1950see section L<WHERE clause|/"WHERE CLAUSES"> for details.
32eab2da 1951
96449e8e 1952=item $order
32eab2da 1953
96449e8e 1954Optional argument to specify the ORDER BY part of the query.
9d48860e 1955The argument can be a scalar, a hashref or an arrayref
96449e8e 1956-- see section L<ORDER BY clause|/"ORDER BY CLAUSES">
1957for details.
32eab2da 1958
96449e8e 1959=back
32eab2da 1960
32eab2da 1961
85327cd5 1962=head2 delete($table, \%where, \%options)
32eab2da 1963
86298391 1964This takes a table name and optional hashref L<WHERE clause|/WHERE CLAUSES>.
32eab2da 1965It returns an SQL DELETE statement and list of bind values.
1966
85327cd5 1967The optional C<\%options> hash reference may contain additional
1968options to generate the delete SQL. Currently supported options
1969are:
1970
1971=over 4
1972
1973=item returning
1974
1975See the C<returning> option to
1976L<insert|/insert($table, \@values || \%fieldvals, \%options)>.
1977
1978=back
1979
85783f3c 1980=head2 where(\%where, $order)
32eab2da 1981
1982This is used to generate just the WHERE clause. For example,
1983if you have an arbitrary data structure and know what the
1984rest of your SQL is going to look like, but want an easy way
1985to produce a WHERE clause, use this. It returns an SQL WHERE
1986clause and list of bind values.
1987
32eab2da 1988
1989=head2 values(\%data)
1990
1991This just returns the values from the hash C<%data>, in the same
1992order that would be returned from any of the other above queries.
1993Using this allows you to markedly speed up your queries if you
1994are affecting lots of rows. See below under the L</"PERFORMANCE"> section.
1995
32eab2da 1996=head2 generate($any, 'number', $of, \@data, $struct, \%types)
1997
1998Warning: This is an experimental method and subject to change.
1999
2000This returns arbitrarily generated SQL. It's a really basic shortcut.
2001It will return two different things, depending on return context:
2002
2003 my($stmt, @bind) = $sql->generate('create table', \$table, \@fields);
2004 my $stmt_and_val = $sql->generate('create table', \$table, \@fields);
2005
2006These would return the following:
2007
2008 # First calling form
2009 $stmt = "CREATE TABLE test (?, ?)";
2010 @bind = (field1, field2);
2011
2012 # Second calling form
2013 $stmt_and_val = "CREATE TABLE test (field1, field2)";
2014
2015Depending on what you're trying to do, it's up to you to choose the correct
2016format. In this example, the second form is what you would want.
2017
2018By the same token:
2019
2020 $sql->generate('alter session', { nls_date_format => 'MM/YY' });
2021
2022Might give you:
2023
2024 ALTER SESSION SET nls_date_format = 'MM/YY'
2025
2026You get the idea. Strings get their case twiddled, but everything
2027else remains verbatim.
2028
0da0fe34 2029=head1 EXPORTABLE FUNCTIONS
2030
2031=head2 is_plain_value
2032
2033Determines if the supplied argument is a plain value as understood by this
2034module:
2035
2036=over
2037
2038=item * The value is C<undef>
2039
2040=item * The value is a non-reference
2041
2042=item * The value is an object with stringification overloading
2043
2044=item * The value is of the form C<< { -value => $anything } >>
2045
2046=back
2047
9de2bd86 2048On failure returns C<undef>, on success returns a B<scalar> reference
966200cc 2049to the original supplied argument.
0da0fe34 2050
843a94b5 2051=over
2052
2053=item * Note
2054
2055The stringification overloading detection is rather advanced: it takes
2056into consideration not only the presence of a C<""> overload, but if that
2057fails also checks for enabled
2058L<autogenerated versions of C<"">|overload/Magic Autogeneration>, based
2059on either C<0+> or C<bool>.
2060
2061Unfortunately testing in the field indicates that this
2062detection B<< may tickle a latent bug in perl versions before 5.018 >>,
2063but only when very large numbers of stringifying objects are involved.
2064At the time of writing ( Sep 2014 ) there is no clear explanation of
2065the direct cause, nor is there a manageably small test case that reliably
2066reproduces the problem.
2067
2068If you encounter any of the following exceptions in B<random places within
2069your application stack> - this module may be to blame:
2070
2071 Operation "ne": no method found,
2072 left argument in overloaded package <something>,
2073 right argument in overloaded package <something>
2074
2075or perhaps even
2076
2077 Stub found while resolving method "???" overloading """" in package <something>
2078
2079If you fall victim to the above - please attempt to reduce the problem
2080to something that could be sent to the L<SQL::Abstract developers
1f490ae4 2081|DBIx::Class/GETTING HELP/SUPPORT>
843a94b5 2082(either publicly or privately). As a workaround in the meantime you can
2083set C<$ENV{SQLA_ISVALUE_IGNORE_AUTOGENERATED_STRINGIFICATION}> to a true
2084value, which will most likely eliminate your problem (at the expense of
2085not being able to properly detect exotic forms of stringification).
2086
2087This notice and environment variable will be removed in a future version,
2088as soon as the underlying problem is found and a reliable workaround is
2089devised.
2090
2091=back
2092
0da0fe34 2093=head2 is_literal_value
2094
2095Determines if the supplied argument is a literal value as understood by this
2096module:
2097
2098=over
2099
2100=item * C<\$sql_string>
2101
2102=item * C<\[ $sql_string, @bind_values ]>
2103
0da0fe34 2104=back
2105
9de2bd86 2106On failure returns C<undef>, on success returns an B<array> reference
966200cc 2107containing the unpacked version of the supplied literal SQL and bind values.
0da0fe34 2108
32eab2da 2109=head1 WHERE CLAUSES
2110
96449e8e 2111=head2 Introduction
2112
32eab2da 2113This module uses a variation on the idea from L<DBIx::Abstract>. It
2114is B<NOT>, repeat I<not> 100% compatible. B<The main logic of this
2115module is that things in arrays are OR'ed, and things in hashes
2116are AND'ed.>
2117
2118The easiest way to explain is to show lots of examples. After
2119each C<%where> hash shown, it is assumed you used:
2120
2121 my($stmt, @bind) = $sql->where(\%where);
2122
2123However, note that the C<%where> hash can be used directly in any
2124of the other functions as well, as described above.
2125
96449e8e 2126=head2 Key-value pairs
2127
32eab2da 2128So, let's get started. To begin, a simple hash:
2129
2130 my %where = (
2131 user => 'nwiger',
2132 status => 'completed'
2133 );
2134
2135Is converted to SQL C<key = val> statements:
2136
2137 $stmt = "WHERE user = ? AND status = ?";
2138 @bind = ('nwiger', 'completed');
2139
2140One common thing I end up doing is having a list of values that
2141a field can be in. To do this, simply specify a list inside of
2142an arrayref:
2143
2144 my %where = (
2145 user => 'nwiger',
2146 status => ['assigned', 'in-progress', 'pending'];
2147 );
2148
2149This simple code will create the following:
9d48860e 2150
32eab2da 2151 $stmt = "WHERE user = ? AND ( status = ? OR status = ? OR status = ? )";
2152 @bind = ('nwiger', 'assigned', 'in-progress', 'pending');
2153
9d48860e 2154A field associated to an empty arrayref will be considered a
7cac25e6 2155logical false and will generate 0=1.
8a68b5be 2156
b864ba9b 2157=head2 Tests for NULL values
2158
2159If the value part is C<undef> then this is converted to SQL <IS NULL>
2160
2161 my %where = (
2162 user => 'nwiger',
2163 status => undef,
2164 );
2165
2166becomes:
2167
2168 $stmt = "WHERE user = ? AND status IS NULL";
2169 @bind = ('nwiger');
2170
e9614080 2171To test if a column IS NOT NULL:
2172
2173 my %where = (
2174 user => 'nwiger',
2175 status => { '!=', undef },
2176 );
cc422895 2177
6e0c6552 2178=head2 Specific comparison operators
96449e8e 2179
32eab2da 2180If you want to specify a different type of operator for your comparison,
2181you can use a hashref for a given column:
2182
2183 my %where = (
2184 user => 'nwiger',
2185 status => { '!=', 'completed' }
2186 );
2187
2188Which would generate:
2189
2190 $stmt = "WHERE user = ? AND status != ?";
2191 @bind = ('nwiger', 'completed');
2192
2193To test against multiple values, just enclose the values in an arrayref:
2194
96449e8e 2195 status => { '=', ['assigned', 'in-progress', 'pending'] };
2196
f2d5020d 2197Which would give you:
96449e8e 2198
2199 "WHERE status = ? OR status = ? OR status = ?"
2200
2201
2202The hashref can also contain multiple pairs, in which case it is expanded
32eab2da 2203into an C<AND> of its elements:
2204
2205 my %where = (
2206 user => 'nwiger',
2207 status => { '!=', 'completed', -not_like => 'pending%' }
2208 );
2209
2210 # Or more dynamically, like from a form
2211 $where{user} = 'nwiger';
2212 $where{status}{'!='} = 'completed';
2213 $where{status}{'-not_like'} = 'pending%';
2214
2215 # Both generate this
2216 $stmt = "WHERE user = ? AND status != ? AND status NOT LIKE ?";
2217 @bind = ('nwiger', 'completed', 'pending%');
2218
96449e8e 2219
32eab2da 2220To get an OR instead, you can combine it with the arrayref idea:
2221
2222 my %where => (
2223 user => 'nwiger',
1a6f2a03 2224 priority => [ { '=', 2 }, { '>', 5 } ]
32eab2da 2225 );
2226
2227Which would generate:
2228
1a6f2a03 2229 $stmt = "WHERE ( priority = ? OR priority > ? ) AND user = ?";
2230 @bind = ('2', '5', 'nwiger');
32eab2da 2231
44b9e502 2232If you want to include literal SQL (with or without bind values), just use a
13cc86af 2233scalar reference or reference to an arrayref as the value:
44b9e502 2234
2235 my %where = (
2236 date_entered => { '>' => \["to_date(?, 'MM/DD/YYYY')", "11/26/2008"] },
2237 date_expires => { '<' => \"now()" }
2238 );
2239
2240Which would generate:
2241
13cc86af 2242 $stmt = "WHERE date_entered > to_date(?, 'MM/DD/YYYY') AND date_expires < now()";
44b9e502 2243 @bind = ('11/26/2008');
2244
96449e8e 2245
2246=head2 Logic and nesting operators
2247
2248In the example above,
2249there is a subtle trap if you want to say something like
32eab2da 2250this (notice the C<AND>):
2251
2252 WHERE priority != ? AND priority != ?
2253
2254Because, in Perl you I<can't> do this:
2255
13cc86af 2256 priority => { '!=' => 2, '!=' => 1 }
32eab2da 2257
2258As the second C<!=> key will obliterate the first. The solution
2259is to use the special C<-modifier> form inside an arrayref:
2260
9d48860e 2261 priority => [ -and => {'!=', 2},
96449e8e 2262 {'!=', 1} ]
2263
32eab2da 2264
2265Normally, these would be joined by C<OR>, but the modifier tells it
2266to use C<AND> instead. (Hint: You can use this in conjunction with the
2267C<logic> option to C<new()> in order to change the way your queries
2268work by default.) B<Important:> Note that the C<-modifier> goes
2269B<INSIDE> the arrayref, as an extra first element. This will
2270B<NOT> do what you think it might:
2271
2272 priority => -and => [{'!=', 2}, {'!=', 1}] # WRONG!
2273
2274Here is a quick list of equivalencies, since there is some overlap:
2275
2276 # Same
2277 status => {'!=', 'completed', 'not like', 'pending%' }
2278 status => [ -and => {'!=', 'completed'}, {'not like', 'pending%'}]
2279
2280 # Same
2281 status => {'=', ['assigned', 'in-progress']}
2282 status => [ -or => {'=', 'assigned'}, {'=', 'in-progress'}]
2283 status => [ {'=', 'assigned'}, {'=', 'in-progress'} ]
2284
e3f9dff4 2285
2286
be21dde3 2287=head2 Special operators: IN, BETWEEN, etc.
96449e8e 2288
32eab2da 2289You can also use the hashref format to compare a list of fields using the
2290C<IN> comparison operator, by specifying the list as an arrayref:
2291
2292 my %where = (
2293 status => 'completed',
2294 reportid => { -in => [567, 2335, 2] }
2295 );
2296
2297Which would generate:
2298
2299 $stmt = "WHERE status = ? AND reportid IN (?,?,?)";
2300 @bind = ('completed', '567', '2335', '2');
2301
9d48860e 2302The reverse operator C<-not_in> generates SQL C<NOT IN> and is used in
96449e8e 2303the same way.
2304
6e0c6552 2305If the argument to C<-in> is an empty array, 'sqlfalse' is generated
be21dde3 2306(by default: C<1=0>). Similarly, C<< -not_in => [] >> generates
2307'sqltrue' (by default: C<1=1>).
6e0c6552 2308
e41c3bdd 2309In addition to the array you can supply a chunk of literal sql or
2310literal sql with bind:
6e0c6552 2311
e41c3bdd 2312 my %where = {
2313 customer => { -in => \[
2314 'SELECT cust_id FROM cust WHERE balance > ?',
2315 2000,
2316 ],
2317 status => { -in => \'SELECT status_codes FROM states' },
2318 };
6e0c6552 2319
e41c3bdd 2320would generate:
2321
2322 $stmt = "WHERE (
2323 customer IN ( SELECT cust_id FROM cust WHERE balance > ? )
2324 AND status IN ( SELECT status_codes FROM states )
2325 )";
2326 @bind = ('2000');
2327
0dfd2442 2328Finally, if the argument to C<-in> is not a reference, it will be
2329treated as a single-element array.
e41c3bdd 2330
2331Another pair of operators is C<-between> and C<-not_between>,
96449e8e 2332used with an arrayref of two values:
32eab2da 2333
2334 my %where = (
2335 user => 'nwiger',
2336 completion_date => {
2337 -not_between => ['2002-10-01', '2003-02-06']
2338 }
2339 );
2340
2341Would give you:
2342
2343 WHERE user = ? AND completion_date NOT BETWEEN ( ? AND ? )
2344
e41c3bdd 2345Just like with C<-in> all plausible combinations of literal SQL
2346are possible:
2347
2348 my %where = {
2349 start0 => { -between => [ 1, 2 ] },
2350 start1 => { -between => \["? AND ?", 1, 2] },
2351 start2 => { -between => \"lower(x) AND upper(y)" },
9d48860e 2352 start3 => { -between => [
e41c3bdd 2353 \"lower(x)",
2354 \["upper(?)", 'stuff' ],
2355 ] },
2356 };
2357
2358Would give you:
2359
2360 $stmt = "WHERE (
2361 ( start0 BETWEEN ? AND ? )
2362 AND ( start1 BETWEEN ? AND ? )
2363 AND ( start2 BETWEEN lower(x) AND upper(y) )
2364 AND ( start3 BETWEEN lower(x) AND upper(?) )
2365 )";
2366 @bind = (1, 2, 1, 2, 'stuff');
2367
2368
9d48860e 2369These are the two builtin "special operators"; but the
be21dde3 2370list can be expanded: see section L</"SPECIAL OPERATORS"> below.
96449e8e 2371
59f23b3d 2372=head2 Unary operators: bool
97a920ef 2373
2374If you wish to test against boolean columns or functions within your
2375database you can use the C<-bool> and C<-not_bool> operators. For
2376example to test the column C<is_user> being true and the column
827bb0eb 2377C<is_enabled> being false you would use:-
97a920ef 2378
2379 my %where = (
2380 -bool => 'is_user',
2381 -not_bool => 'is_enabled',
2382 );
2383
2384Would give you:
2385
277b5d3f 2386 WHERE is_user AND NOT is_enabled
97a920ef 2387
0b604e9d 2388If a more complex combination is required, testing more conditions,
2389then you should use the and/or operators:-
2390
2391 my %where = (
2392 -and => [
2393 -bool => 'one',
23401b81 2394 -not_bool => { two=> { -rlike => 'bar' } },
2395 -not_bool => { three => [ { '=', 2 }, { '>', 5 } ] },
0b604e9d 2396 ],
2397 );
2398
2399Would give you:
2400
23401b81 2401 WHERE
2402 one
2403 AND
2404 (NOT two RLIKE ?)
2405 AND
2406 (NOT ( three = ? OR three > ? ))
97a920ef 2407
2408
107b72f1 2409=head2 Nested conditions, -and/-or prefixes
96449e8e 2410
32eab2da 2411So far, we've seen how multiple conditions are joined with a top-level
2412C<AND>. We can change this by putting the different conditions we want in
2413hashes and then putting those hashes in an array. For example:
2414
2415 my @where = (
2416 {
2417 user => 'nwiger',
2418 status => { -like => ['pending%', 'dispatched'] },
2419 },
2420 {
2421 user => 'robot',
2422 status => 'unassigned',
2423 }
2424 );
2425
2426This data structure would create the following:
2427
2428 $stmt = "WHERE ( user = ? AND ( status LIKE ? OR status LIKE ? ) )
2429 OR ( user = ? AND status = ? ) )";
2430 @bind = ('nwiger', 'pending', 'dispatched', 'robot', 'unassigned');
2431
107b72f1 2432
48d9f5f8 2433Clauses in hashrefs or arrayrefs can be prefixed with an C<-and> or C<-or>
be21dde3 2434to change the logic inside:
32eab2da 2435
2436 my @where = (
2437 -and => [
2438 user => 'nwiger',
48d9f5f8 2439 [
2440 -and => [ workhrs => {'>', 20}, geo => 'ASIA' ],
2441 -or => { workhrs => {'<', 50}, geo => 'EURO' },
32eab2da 2442 ],
2443 ],
2444 );
2445
2446That would yield:
2447
13cc86af 2448 $stmt = "WHERE ( user = ?
2449 AND ( ( workhrs > ? AND geo = ? )
2450 OR ( workhrs < ? OR geo = ? ) ) )";
2451 @bind = ('nwiger', '20', 'ASIA', '50', 'EURO');
107b72f1 2452
cc422895 2453=head3 Algebraic inconsistency, for historical reasons
107b72f1 2454
7cac25e6 2455C<Important note>: when connecting several conditions, the C<-and->|C<-or>
2456operator goes C<outside> of the nested structure; whereas when connecting
2457several constraints on one column, the C<-and> operator goes
be21dde3 2458C<inside> the arrayref. Here is an example combining both features:
7cac25e6 2459
2460 my @where = (
2461 -and => [a => 1, b => 2],
2462 -or => [c => 3, d => 4],
2463 e => [-and => {-like => 'foo%'}, {-like => '%bar'} ]
2464 )
2465
2466yielding
2467
9d48860e 2468 WHERE ( ( ( a = ? AND b = ? )
2469 OR ( c = ? OR d = ? )
7cac25e6 2470 OR ( e LIKE ? AND e LIKE ? ) ) )
2471
107b72f1 2472This difference in syntax is unfortunate but must be preserved for
be21dde3 2473historical reasons. So be careful: the two examples below would
107b72f1 2474seem algebraically equivalent, but they are not
2475
a948b1fe 2476 { col => [ -and =>
2477 { -like => 'foo%' },
2478 { -like => '%bar' },
2479 ] }
be21dde3 2480 # yields: WHERE ( ( col LIKE ? AND col LIKE ? ) )
107b72f1 2481
a948b1fe 2482 [ -and =>
2483 { col => { -like => 'foo%' } },
2484 { col => { -like => '%bar' } },
2485 ]
be21dde3 2486 # yields: WHERE ( ( col LIKE ? OR col LIKE ? ) )
107b72f1 2487
7cac25e6 2488
cc422895 2489=head2 Literal SQL and value type operators
96449e8e 2490
cc422895 2491The basic premise of SQL::Abstract is that in WHERE specifications the "left
2492side" is a column name and the "right side" is a value (normally rendered as
2493a placeholder). This holds true for both hashrefs and arrayref pairs as you
2494see in the L</WHERE CLAUSES> examples above. Sometimes it is necessary to
2495alter this behavior. There are several ways of doing so.
e9614080 2496
cc422895 2497=head3 -ident
2498
2499This is a virtual operator that signals the string to its right side is an
2500identifier (a column name) and not a value. For example to compare two
2501columns you would write:
32eab2da 2502
e9614080 2503 my %where = (
2504 priority => { '<', 2 },
cc422895 2505 requestor => { -ident => 'submitter' },
e9614080 2506 );
2507
2508which creates:
2509
2510 $stmt = "WHERE priority < ? AND requestor = submitter";
2511 @bind = ('2');
2512
cc422895 2513If you are maintaining legacy code you may see a different construct as
2514described in L</Deprecated usage of Literal SQL>, please use C<-ident> in new
2515code.
2516
2517=head3 -value
e9614080 2518
cc422895 2519This is a virtual operator that signals that the construct to its right side
2520is a value to be passed to DBI. This is for example necessary when you want
2521to write a where clause against an array (for RDBMS that support such
2522datatypes). For example:
e9614080 2523
32eab2da 2524 my %where = (
cc422895 2525 array => { -value => [1, 2, 3] }
32eab2da 2526 );
2527
cc422895 2528will result in:
32eab2da 2529
cc422895 2530 $stmt = 'WHERE array = ?';
2531 @bind = ([1, 2, 3]);
32eab2da 2532
cc422895 2533Note that if you were to simply say:
32eab2da 2534
2535 my %where = (
cc422895 2536 array => [1, 2, 3]
32eab2da 2537 );
2538
3af02ccb 2539the result would probably not be what you wanted:
cc422895 2540
2541 $stmt = 'WHERE array = ? OR array = ? OR array = ?';
2542 @bind = (1, 2, 3);
2543
2544=head3 Literal SQL
96449e8e 2545
cc422895 2546Finally, sometimes only literal SQL will do. To include a random snippet
2547of SQL verbatim, you specify it as a scalar reference. Consider this only
2548as a last resort. Usually there is a better way. For example:
96449e8e 2549
2550 my %where = (
cc422895 2551 priority => { '<', 2 },
2552 requestor => { -in => \'(SELECT name FROM hitmen)' },
96449e8e 2553 );
2554
cc422895 2555Would create:
96449e8e 2556
cc422895 2557 $stmt = "WHERE priority < ? AND requestor IN (SELECT name FROM hitmen)"
2558 @bind = (2);
2559
2560Note that in this example, you only get one bind parameter back, since
2561the verbatim SQL is passed as part of the statement.
2562
2563=head4 CAVEAT
2564
2565 Never use untrusted input as a literal SQL argument - this is a massive
2566 security risk (there is no way to check literal snippets for SQL
2567 injections and other nastyness). If you need to deal with untrusted input
2568 use literal SQL with placeholders as described next.
96449e8e 2569
cc422895 2570=head3 Literal SQL with placeholders and bind values (subqueries)
96449e8e 2571
2572If the literal SQL to be inserted has placeholders and bind values,
2573use a reference to an arrayref (yes this is a double reference --
2574not so common, but perfectly legal Perl). For example, to find a date
2575in Postgres you can use something like this:
2576
2577 my %where = (
3ae1c5e2 2578 date_column => \[ "= date '2008-09-30' - ?::integer", 10 ]
96449e8e 2579 )
2580
2581This would create:
2582
d2a8fe1a 2583 $stmt = "WHERE ( date_column = date '2008-09-30' - ?::integer )"
96449e8e 2584 @bind = ('10');
2585
deb148a2 2586Note that you must pass the bind values in the same format as they are returned
85783f3c 2587by L<where|/where(\%where, $order)>. This means that if you set L</bindtype>
1f490ae4 2588to C<columns>, you must provide the bind values in the
2589C<< [ column_meta => value ] >> format, where C<column_meta> is an opaque
2590scalar value; most commonly the column name, but you can use any scalar value
2591(including references and blessed references), L<SQL::Abstract> will simply
2592pass it through intact. So if C<bindtype> is set to C<columns> the above
2593example will look like:
deb148a2 2594
2595 my %where = (
3ae1c5e2 2596 date_column => \[ "= date '2008-09-30' - ?::integer", [ {} => 10 ] ]
deb148a2 2597 )
96449e8e 2598
2599Literal SQL is especially useful for nesting parenthesized clauses in the
be21dde3 2600main SQL query. Here is a first example:
96449e8e 2601
2602 my ($sub_stmt, @sub_bind) = ("SELECT c1 FROM t1 WHERE c2 < ? AND c3 LIKE ?",
2603 100, "foo%");
2604 my %where = (
2605 foo => 1234,
2606 bar => \["IN ($sub_stmt)" => @sub_bind],
2607 );
2608
be21dde3 2609This yields:
96449e8e 2610
9d48860e 2611 $stmt = "WHERE (foo = ? AND bar IN (SELECT c1 FROM t1
96449e8e 2612 WHERE c2 < ? AND c3 LIKE ?))";
2613 @bind = (1234, 100, "foo%");
2614
9d48860e 2615Other subquery operators, like for example C<"E<gt> ALL"> or C<"NOT IN">,
96449e8e 2616are expressed in the same way. Of course the C<$sub_stmt> and
9d48860e 2617its associated bind values can be generated through a former call
96449e8e 2618to C<select()> :
2619
2620 my ($sub_stmt, @sub_bind)
9d48860e 2621 = $sql->select("t1", "c1", {c2 => {"<" => 100},
96449e8e 2622 c3 => {-like => "foo%"}});
2623 my %where = (
2624 foo => 1234,
2625 bar => \["> ALL ($sub_stmt)" => @sub_bind],
2626 );
2627
2628In the examples above, the subquery was used as an operator on a column;
9d48860e 2629but the same principle also applies for a clause within the main C<%where>
be21dde3 2630hash, like an EXISTS subquery:
96449e8e 2631
9d48860e 2632 my ($sub_stmt, @sub_bind)
96449e8e 2633 = $sql->select("t1", "*", {c1 => 1, c2 => \"> t0.c0"});
48d9f5f8 2634 my %where = ( -and => [
96449e8e 2635 foo => 1234,
48d9f5f8 2636 \["EXISTS ($sub_stmt)" => @sub_bind],
2637 ]);
96449e8e 2638
2639which yields
2640
9d48860e 2641 $stmt = "WHERE (foo = ? AND EXISTS (SELECT * FROM t1
96449e8e 2642 WHERE c1 = ? AND c2 > t0.c0))";
2643 @bind = (1234, 1);
2644
2645
9d48860e 2646Observe that the condition on C<c2> in the subquery refers to
be21dde3 2647column C<t0.c0> of the main query: this is I<not> a bind
9d48860e 2648value, so we have to express it through a scalar ref.
96449e8e 2649Writing C<< c2 => {">" => "t0.c0"} >> would have generated
2650C<< c2 > ? >> with bind value C<"t0.c0"> ... not exactly
2651what we wanted here.
2652
96449e8e 2653Finally, here is an example where a subquery is used
2654for expressing unary negation:
2655
9d48860e 2656 my ($sub_stmt, @sub_bind)
96449e8e 2657 = $sql->where({age => [{"<" => 10}, {">" => 20}]});
2658 $sub_stmt =~ s/^ where //i; # don't want "WHERE" in the subclause
2659 my %where = (
2660 lname => {like => '%son%'},
48d9f5f8 2661 \["NOT ($sub_stmt)" => @sub_bind],
96449e8e 2662 );
2663
2664This yields
2665
2666 $stmt = "lname LIKE ? AND NOT ( age < ? OR age > ? )"
2667 @bind = ('%son%', 10, 20)
2668
cc422895 2669=head3 Deprecated usage of Literal SQL
2670
2671Below are some examples of archaic use of literal SQL. It is shown only as
2672reference for those who deal with legacy code. Each example has a much
2673better, cleaner and safer alternative that users should opt for in new code.
2674
2675=over
2676
2677=item *
2678
2679 my %where = ( requestor => \'IS NOT NULL' )
2680
2681 $stmt = "WHERE requestor IS NOT NULL"
2682
2683This used to be the way of generating NULL comparisons, before the handling
2684of C<undef> got formalized. For new code please use the superior syntax as
2685described in L</Tests for NULL values>.
96449e8e 2686
cc422895 2687=item *
2688
2689 my %where = ( requestor => \'= submitter' )
2690
2691 $stmt = "WHERE requestor = submitter"
2692
2693This used to be the only way to compare columns. Use the superior L</-ident>
2694method for all new code. For example an identifier declared in such a way
2695will be properly quoted if L</quote_char> is properly set, while the legacy
2696form will remain as supplied.
2697
2698=item *
2699
2700 my %where = ( is_ready => \"", completed => { '>', '2012-12-21' } )
2701
2702 $stmt = "WHERE completed > ? AND is_ready"
2703 @bind = ('2012-12-21')
2704
2705Using an empty string literal used to be the only way to express a boolean.
2706For all new code please use the much more readable
2707L<-bool|/Unary operators: bool> operator.
2708
2709=back
96449e8e 2710
2711=head2 Conclusion
2712
32eab2da 2713These pages could go on for a while, since the nesting of the data
2714structures this module can handle are pretty much unlimited (the
2715module implements the C<WHERE> expansion as a recursive function
2716internally). Your best bet is to "play around" with the module a
2717little to see how the data structures behave, and choose the best
2718format for your data based on that.
2719
2720And of course, all the values above will probably be replaced with
2721variables gotten from forms or the command line. After all, if you
2722knew everything ahead of time, you wouldn't have to worry about
2723dynamically-generating SQL and could just hardwire it into your
2724script.
2725
86298391 2726=head1 ORDER BY CLAUSES
2727
9d48860e 2728Some functions take an order by clause. This can either be a scalar (just a
18710f60 2729column name), a hashref of C<< { -desc => 'col' } >> or C<< { -asc => 'col' }
2730>>, a scalarref, an arrayref-ref, or an arrayref of any of the previous
2731forms. Examples:
1cfa1db3 2732
8c15b421 2733 Given | Will Generate
18710f60 2734 ---------------------------------------------------------------
8c15b421 2735 |
2736 'colA' | ORDER BY colA
2737 |
2738 [qw/colA colB/] | ORDER BY colA, colB
2739 |
2740 {-asc => 'colA'} | ORDER BY colA ASC
2741 |
2742 {-desc => 'colB'} | ORDER BY colB DESC
2743 |
2744 ['colA', {-asc => 'colB'}] | ORDER BY colA, colB ASC
2745 |
2746 { -asc => [qw/colA colB/] } | ORDER BY colA ASC, colB ASC
2747 |
2748 \'colA DESC' | ORDER BY colA DESC
2749 |
2750 \[ 'FUNC(colA, ?)', $x ] | ORDER BY FUNC(colA, ?)
2751 | /* ...with $x bound to ? */
2752 |
bd805d85 2753 [ | ORDER BY
2754 { -asc => 'colA' }, | colA ASC,
2755 { -desc => [qw/colB/] }, | colB DESC,
2756 { -asc => [qw/colC colD/] },| colC ASC, colD ASC,
2757 \'colE DESC', | colE DESC,
2758 \[ 'FUNC(colF, ?)', $x ], | FUNC(colF, ?)
2759 ] | /* ...with $x bound to ? */
18710f60 2760 ===============================================================
86298391 2761
96449e8e 2762
2763
2764=head1 SPECIAL OPERATORS
2765
e3f9dff4 2766 my $sqlmaker = SQL::Abstract->new(special_ops => [
3a2e1a5e 2767 {
2768 regex => qr/.../,
e3f9dff4 2769 handler => sub {
2770 my ($self, $field, $op, $arg) = @_;
2771 ...
3a2e1a5e 2772 },
2773 },
2774 {
2775 regex => qr/.../,
2776 handler => 'method_name',
e3f9dff4 2777 },
2778 ]);
2779
9d48860e 2780A "special operator" is a SQL syntactic clause that can be
e3f9dff4 2781applied to a field, instead of a usual binary operator.
be21dde3 2782For example:
e3f9dff4 2783
2784 WHERE field IN (?, ?, ?)
2785 WHERE field BETWEEN ? AND ?
2786 WHERE MATCH(field) AGAINST (?, ?)
96449e8e 2787
e3f9dff4 2788Special operators IN and BETWEEN are fairly standard and therefore
3a2e1a5e 2789are builtin within C<SQL::Abstract> (as the overridable methods
2790C<_where_field_IN> and C<_where_field_BETWEEN>). For other operators,
2791like the MATCH .. AGAINST example above which is specific to MySQL,
2792you can write your own operator handlers - supply a C<special_ops>
2793argument to the C<new> method. That argument takes an arrayref of
2794operator definitions; each operator definition is a hashref with two
2795entries:
96449e8e 2796
e3f9dff4 2797=over
2798
2799=item regex
2800
2801the regular expression to match the operator
96449e8e 2802
e3f9dff4 2803=item handler
2804
3a2e1a5e 2805Either a coderef or a plain scalar method name. In both cases
2806the expected return is C<< ($sql, @bind) >>.
2807
2808When supplied with a method name, it is simply called on the
13cc86af 2809L<SQL::Abstract> object as:
3a2e1a5e 2810
ca4f826a 2811 $self->$method_name($field, $op, $arg)
3a2e1a5e 2812
2813 Where:
2814
3a2e1a5e 2815 $field is the LHS of the operator
13cc86af 2816 $op is the part that matched the handler regex
3a2e1a5e 2817 $arg is the RHS
2818
2819When supplied with a coderef, it is called as:
2820
2821 $coderef->($self, $field, $op, $arg)
2822
e3f9dff4 2823
2824=back
2825
9d48860e 2826For example, here is an implementation
e3f9dff4 2827of the MATCH .. AGAINST syntax for MySQL
2828
2829 my $sqlmaker = SQL::Abstract->new(special_ops => [
9d48860e 2830
e3f9dff4 2831 # special op for MySql MATCH (field) AGAINST(word1, word2, ...)
9d48860e 2832 {regex => qr/^match$/i,
e3f9dff4 2833 handler => sub {
2834 my ($self, $field, $op, $arg) = @_;
2835 $arg = [$arg] if not ref $arg;
2836 my $label = $self->_quote($field);
2837 my ($placeholder) = $self->_convert('?');
2838 my $placeholders = join ", ", (($placeholder) x @$arg);
2839 my $sql = $self->_sqlcase('match') . " ($label) "
2840 . $self->_sqlcase('against') . " ($placeholders) ";
2841 my @bind = $self->_bindtype($field, @$arg);
2842 return ($sql, @bind);
2843 }
2844 },
9d48860e 2845
e3f9dff4 2846 ]);
96449e8e 2847
2848
59f23b3d 2849=head1 UNARY OPERATORS
2850
112b5232 2851 my $sqlmaker = SQL::Abstract->new(unary_ops => [
59f23b3d 2852 {
2853 regex => qr/.../,
2854 handler => sub {
2855 my ($self, $op, $arg) = @_;
2856 ...
2857 },
2858 },
2859 {
2860 regex => qr/.../,
2861 handler => 'method_name',
2862 },
2863 ]);
2864
9d48860e 2865A "unary operator" is a SQL syntactic clause that can be
59f23b3d 2866applied to a field - the operator goes before the field
2867
2868You can write your own operator handlers - supply a C<unary_ops>
2869argument to the C<new> method. That argument takes an arrayref of
2870operator definitions; each operator definition is a hashref with two
2871entries:
2872
2873=over
2874
2875=item regex
2876
2877the regular expression to match the operator
2878
2879=item handler
2880
2881Either a coderef or a plain scalar method name. In both cases
2882the expected return is C<< $sql >>.
2883
2884When supplied with a method name, it is simply called on the
13cc86af 2885L<SQL::Abstract> object as:
59f23b3d 2886
ca4f826a 2887 $self->$method_name($op, $arg)
59f23b3d 2888
2889 Where:
2890
2891 $op is the part that matched the handler regex
2892 $arg is the RHS or argument of the operator
2893
2894When supplied with a coderef, it is called as:
2895
2896 $coderef->($self, $op, $arg)
2897
2898
2899=back
2900
2901
32eab2da 2902=head1 PERFORMANCE
2903
2904Thanks to some benchmarking by Mark Stosberg, it turns out that
2905this module is many orders of magnitude faster than using C<DBIx::Abstract>.
2906I must admit this wasn't an intentional design issue, but it's a
2907byproduct of the fact that you get to control your C<DBI> handles
2908yourself.
2909
2910To maximize performance, use a code snippet like the following:
2911
2912 # prepare a statement handle using the first row
2913 # and then reuse it for the rest of the rows
2914 my($sth, $stmt);
2915 for my $href (@array_of_hashrefs) {
2916 $stmt ||= $sql->insert('table', $href);
2917 $sth ||= $dbh->prepare($stmt);
2918 $sth->execute($sql->values($href));
2919 }
2920
2921The reason this works is because the keys in your C<$href> are sorted
2922internally by B<SQL::Abstract>. Thus, as long as your data retains
2923the same structure, you only have to generate the SQL the first time
2924around. On subsequent queries, simply use the C<values> function provided
2925by this module to return your values in the correct order.
2926
b864ba9b 2927However this depends on the values having the same type - if, for
2928example, the values of a where clause may either have values
2929(resulting in sql of the form C<column = ?> with a single bind
2930value), or alternatively the values might be C<undef> (resulting in
2931sql of the form C<column IS NULL> with no bind value) then the
2932caching technique suggested will not work.
96449e8e 2933
32eab2da 2934=head1 FORMBUILDER
2935
2936If you use my C<CGI::FormBuilder> module at all, you'll hopefully
2937really like this part (I do, at least). Building up a complex query
2938can be as simple as the following:
2939
2940 #!/usr/bin/perl
2941
46dc2f3e 2942 use warnings;
2943 use strict;
2944
32eab2da 2945 use CGI::FormBuilder;
2946 use SQL::Abstract;
2947
2948 my $form = CGI::FormBuilder->new(...);
2949 my $sql = SQL::Abstract->new;
2950
2951 if ($form->submitted) {
2952 my $field = $form->field;
2953 my $id = delete $field->{id};
2954 my($stmt, @bind) = $sql->update('table', $field, {id => $id});
2955 }
2956
2957Of course, you would still have to connect using C<DBI> to run the
2958query, but the point is that if you make your form look like your
2959table, the actual query script can be extremely simplistic.
2960
2961If you're B<REALLY> lazy (I am), check out C<HTML::QuickTable> for
9d48860e 2962a fast interface to returning and formatting data. I frequently
32eab2da 2963use these three modules together to write complex database query
2964apps in under 50 lines.
2965
af733667 2966=head1 HOW TO CONTRIBUTE
2967
2968Contributions are always welcome, in all usable forms (we especially
2969welcome documentation improvements). The delivery methods include git-
2970or unified-diff formatted patches, GitHub pull requests, or plain bug
2971reports either via RT or the Mailing list. Contributors are generally
2972granted full access to the official repository after their first several
2973patches pass successful review.
2974
2975This project is maintained in a git repository. The code and related tools are
2976accessible at the following locations:
d8cc1792 2977
2978=over
2979
af733667 2980=item * Official repo: L<git://git.shadowcat.co.uk/dbsrgits/SQL-Abstract.git>
2981
2982=item * Official gitweb: L<http://git.shadowcat.co.uk/gitweb/gitweb.cgi?p=dbsrgits/SQL-Abstract.git>
2983
2984=item * GitHub mirror: L<https://github.com/dbsrgits/sql-abstract>
d8cc1792 2985
af733667 2986=item * Authorized committers: L<ssh://dbsrgits@git.shadowcat.co.uk/SQL-Abstract.git>
d8cc1792 2987
2988=back
32eab2da 2989
96449e8e 2990=head1 CHANGES
2991
2992Version 1.50 was a major internal refactoring of C<SQL::Abstract>.
2993Great care has been taken to preserve the I<published> behavior
2994documented in previous versions in the 1.* family; however,
9d48860e 2995some features that were previously undocumented, or behaved
96449e8e 2996differently from the documentation, had to be changed in order
2997to clarify the semantics. Hence, client code that was relying
9d48860e 2998on some dark areas of C<SQL::Abstract> v1.*
96449e8e 2999B<might behave differently> in v1.50.
32eab2da 3000
be21dde3 3001The main changes are:
d2a8fe1a 3002
96449e8e 3003=over
32eab2da 3004
9d48860e 3005=item *
32eab2da 3006
3ae1c5e2 3007support for literal SQL through the C<< \ [ $sql, @bind ] >> syntax.
96449e8e 3008
3009=item *
3010
145fbfc8 3011support for the { operator => \"..." } construct (to embed literal SQL)
3012
3013=item *
3014
9c37b9c0 3015support for the { operator => \["...", @bind] } construct (to embed literal SQL with bind values)
3016
3017=item *
3018
96449e8e 3019optional support for L<array datatypes|/"Inserting and Updating Arrays">
3020
9d48860e 3021=item *
96449e8e 3022
be21dde3 3023defensive programming: check arguments
96449e8e 3024
3025=item *
3026
3027fixed bug with global logic, which was previously implemented
7cac25e6 3028through global variables yielding side-effects. Prior versions would
96449e8e 3029interpret C<< [ {cond1, cond2}, [cond3, cond4] ] >>
3030as C<< "(cond1 AND cond2) OR (cond3 AND cond4)" >>.
3031Now this is interpreted
3032as C<< "(cond1 AND cond2) OR (cond3 OR cond4)" >>.
3033
96449e8e 3034
3035=item *
3036
3037fixed semantics of _bindtype on array args
3038
9d48860e 3039=item *
96449e8e 3040
3041dropped the C<_anoncopy> of the %where tree. No longer necessary,
3042we just avoid shifting arrays within that tree.
3043
3044=item *
3045
3046dropped the C<_modlogic> function
3047
3048=back
32eab2da 3049
32eab2da 3050=head1 ACKNOWLEDGEMENTS
3051
3052There are a number of individuals that have really helped out with
3053this module. Unfortunately, most of them submitted bugs via CPAN
3054so I have no idea who they are! But the people I do know are:
3055
9d48860e 3056 Ash Berlin (order_by hash term support)
b643abe1 3057 Matt Trout (DBIx::Class support)
32eab2da 3058 Mark Stosberg (benchmarking)
3059 Chas Owens (initial "IN" operator support)
3060 Philip Collins (per-field SQL functions)
3061 Eric Kolve (hashref "AND" support)
3062 Mike Fragassi (enhancements to "BETWEEN" and "LIKE")
3063 Dan Kubb (support for "quote_char" and "name_sep")
f5aab26e 3064 Guillermo Roditi (patch to cleanup "IN" and "BETWEEN", fix and tests for _order_by)
48d9f5f8 3065 Laurent Dami (internal refactoring, extensible list of special operators, literal SQL)
dbdf7648 3066 Norbert Buchmuller (support for literal SQL in hashpair, misc. fixes & tests)
e96c510a 3067 Peter Rabbitson (rewrite of SQLA::Test, misc. fixes & tests)
02288357 3068 Oliver Charles (support for "RETURNING" after "INSERT")
32eab2da 3069
3070Thanks!
3071
32eab2da 3072=head1 SEE ALSO
3073
86298391 3074L<DBIx::Class>, L<DBIx::Abstract>, L<CGI::FormBuilder>, L<HTML::QuickTable>.
32eab2da 3075
32eab2da 3076=head1 AUTHOR
3077
b643abe1 3078Copyright (c) 2001-2007 Nathan Wiger <nwiger@cpan.org>. All Rights Reserved.
3079
3080This module is actively maintained by Matt Trout <mst@shadowcatsystems.co.uk>
32eab2da 3081
abe72f94 3082For support, your best bet is to try the C<DBIx::Class> users mailing list.
3083While not an official support venue, C<DBIx::Class> makes heavy use of
3084C<SQL::Abstract>, and as such list members there are very familiar with
3085how to create queries.
3086
0d067ded 3087=head1 LICENSE
3088
d988ab87 3089This module is free software; you may copy this under the same
3090terms as perl itself (either the GNU General Public License or
3091the Artistic License)
32eab2da 3092
3093=cut
Unnamed repository; edit this file 'description' to name the repository.