projects / scpubgit/Q-Branch.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | history | HEAD
add custom expansions, convert order_by
[scpubgit/Q-Branch.git] / lib / SQL / Abstract.pm
CommitLineData
96449e8e 1package SQL::Abstract; # see doc at end of file
2
96449e8e 3use strict;
4use warnings;
9d9d5bd6 5use Carp ();
312d830b 6use List::Util ();
7use Scalar::Util ();
96449e8e 8
0da0fe34 9use Exporter 'import';
10our @EXPORT_OK = qw(is_plain_value is_literal_value);
11
12BEGIN {
13 if ($] < 5.009_005) {
14 require MRO::Compat;
15 }
16 else {
17 require mro;
18 }
843a94b5 19
20 *SQL::Abstract::_ENV_::DETECT_AUTOGENERATED_STRINGIFICATION = $ENV{SQLA_ISVALUE_IGNORE_AUTOGENERATED_STRINGIFICATION}
21 ? sub () { 0 }
22 : sub () { 1 }
23 ;
0da0fe34 24}
25
96449e8e 26#======================================================================
27# GLOBALS
28#======================================================================
29
dc6afcf8 30our $VERSION = '1.86';
7479e27e 31
22f1a437 32# This would confuse some packagers
c520207b 33$VERSION = eval $VERSION if $VERSION =~ /_/; # numify for warning-free dev releases
96449e8e 34
35our $AUTOLOAD;
36
37# special operators (-in, -between). May be extended/overridden by user.
38# See section WHERE: BUILTIN SPECIAL OPERATORS below for implementation
39my @BUILTIN_SPECIAL_OPS = (
f663e672 40 {regex => qr/^ (?: not \s )? between $/ix, handler => sub { die "NOPE" }},
41 {regex => qr/^ (?: not \s )? in $/ix, handler => sub { die "NOPE" }},
87c8e45b 42 {regex => qr/^ is (?: \s+ not )? $/ix, handler => sub { die "NOPE" }},
96449e8e 43);
44
45#======================================================================
46# DEBUGGING AND ERROR REPORTING
47#======================================================================
48
49sub _debug {
50 return unless $_[0]->{debug}; shift; # a little faster
51 my $func = (caller(1))[3];
52 warn "[$func] ", @_, "\n";
53}
54
55sub belch (@) {
56 my($func) = (caller(1))[3];
9d9d5bd6 57 Carp::carp "[$func] Warning: ", @_;
96449e8e 58}
59
60sub puke (@) {
61 my($func) = (caller(1))[3];
9d9d5bd6 62 Carp::croak "[$func] Fatal: ", @_;
96449e8e 63}
64
0da0fe34 65sub is_literal_value ($) {
66 ref $_[0] eq 'SCALAR' ? [ ${$_[0]} ]
67 : ( ref $_[0] eq 'REF' and ref ${$_[0]} eq 'ARRAY' ) ? [ @${ $_[0] } ]
0da0fe34 68 : undef;
69}
70
71# FIXME XSify - this can be done so much more efficiently
72sub is_plain_value ($) {
73 no strict 'refs';
966200cc 74 ! length ref $_[0] ? \($_[0])
0da0fe34 75 : (
76 ref $_[0] eq 'HASH' and keys %{$_[0]} == 1
77 and
78 exists $_[0]->{-value}
966200cc 79 ) ? \($_[0]->{-value})
0da0fe34 80 : (
a1c9e0ff 81 # reuse @_ for even moar speedz
82 defined ( $_[1] = Scalar::Util::blessed $_[0] )
0da0fe34 83 and
84 # deliberately not using Devel::OverloadInfo - the checks we are
85 # intersted in are much more limited than the fullblown thing, and
86 # this is a very hot piece of code
87 (
e8d729d4 88 # simply using ->can('(""') can leave behind stub methods that
89 # break actually using the overload later (see L<perldiag/Stub
90 # found while resolving method "%s" overloading "%s" in package
91 # "%s"> and the source of overload::mycan())
44e54b41 92 #
0da0fe34 93 # either has stringification which DBI SHOULD prefer out of the box
a1c9e0ff 94 grep { *{ (qq[${_}::(""]) }{CODE} } @{ $_[2] = mro::get_linear_isa( $_[1] ) }
0da0fe34 95 or
20e178a8 96 # has nummification or boolification, AND fallback is *not* disabled
0da0fe34 97 (
843a94b5 98 SQL::Abstract::_ENV_::DETECT_AUTOGENERATED_STRINGIFICATION
99 and
20e178a8 100 (
101 grep { *{"${_}::(0+"}{CODE} } @{$_[2]}
102 or
103 grep { *{"${_}::(bool"}{CODE} } @{$_[2]}
104 )
0da0fe34 105 and
106 (
107 # no fallback specified at all
a1c9e0ff 108 ! ( ($_[3]) = grep { *{"${_}::()"}{CODE} } @{$_[2]} )
0da0fe34 109 or
110 # fallback explicitly undef
a1c9e0ff 111 ! defined ${"$_[3]::()"}
0da0fe34 112 or
113 # explicitly true
a1c9e0ff 114 !! ${"$_[3]::()"}
0da0fe34 115 )
116 )
117 )
966200cc 118 ) ? \($_[0])
0da0fe34 119 : undef;
120}
121
122
96449e8e 123
124#======================================================================
125# NEW
126#======================================================================
127
128sub new {
129 my $self = shift;
130 my $class = ref($self) || $self;
131 my %opt = (ref $_[0] eq 'HASH') ? %{$_[0]} : @_;
132
133 # choose our case by keeping an option around
134 delete $opt{case} if $opt{case} && $opt{case} ne 'lower';
135
136 # default logic for interpreting arrayrefs
ef559da3 137 $opt{logic} = $opt{logic} ? uc $opt{logic} : 'OR';
96449e8e 138
139 # how to return bind vars
96449e8e 140 $opt{bindtype} ||= 'normal';
141
142 # default comparison is "=", but can be overridden
143 $opt{cmp} ||= '=';
144
3af02ccb 145 # try to recognize which are the 'equality' and 'inequality' ops
3cdadcbe 146 # (temporary quickfix (in 2007), should go through a more seasoned API)
147 $opt{equality_op} = qr/^( \Q$opt{cmp}\E | \= )$/ix;
148 $opt{inequality_op} = qr/^( != | <> )$/ix;
149
150 $opt{like_op} = qr/^ (is\s+)? r?like $/xi;
151 $opt{not_like_op} = qr/^ (is\s+)? not \s+ r?like $/xi;
96449e8e 152
153 # SQL booleans
154 $opt{sqltrue} ||= '1=1';
155 $opt{sqlfalse} ||= '0=1';
156
9d48860e 157 # special operators
99a65fa8 158 $opt{user_special_ops} = [ @{$opt{special_ops} ||= []} ];
b6251592 159 # regexes are applied in order, thus push after user-defines
96449e8e 160 push @{$opt{special_ops}}, @BUILTIN_SPECIAL_OPS;
161
9d48860e 162 # unary operators
59f23b3d 163 $opt{unary_ops} ||= [];
59f23b3d 164
3af02ccb 165 # rudimentary sanity-check for user supplied bits treated as functions/operators
b6251592 166 # If a purported function matches this regular expression, an exception is thrown.
167 # Literal SQL is *NOT* subject to this check, only functions (and column names
168 # when quoting is not in effect)
96449e8e 169
b6251592 170 # FIXME
171 # need to guard against ()'s in column names too, but this will break tons of
172 # hacks... ideas anyone?
173 $opt{injection_guard} ||= qr/
174 \;
175 |
176 ^ \s* go \s
177 /xmi;
96449e8e 178
b6251592 179 return bless \%opt, $class;
180}
96449e8e 181
e175845b 182sub sqltrue { +{ -literal => [ $_[0]->{sqltrue} ] } }
183sub sqlfalse { +{ -literal => [ $_[0]->{sqlfalse} ] } }
170e6c33 184
185sub _assert_pass_injection_guard {
186 if ($_[1] =~ $_[0]->{injection_guard}) {
187 my $class = ref $_[0];
188 puke "Possible SQL injection attempt '$_[1]'. If this is indeed a part of the "
189 . "desired SQL use literal SQL ( \'...' or \[ '...' ] ) or supply your own "
190 . "{injection_guard} attribute to ${class}->new()"
191 }
192}
193
194
96449e8e 195#======================================================================
196# INSERT methods
197#======================================================================
198
199sub insert {
02288357 200 my $self = shift;
201 my $table = $self->_table(shift);
202 my $data = shift || return;
203 my $options = shift;
96449e8e 204
205 my $method = $self->_METHOD_FOR_refkind("_insert", $data);
02288357 206 my ($sql, @bind) = $self->$method($data);
96449e8e 207 $sql = join " ", $self->_sqlcase('insert into'), $table, $sql;
02288357 208
e82e648a 209 if ($options->{returning}) {
ca4f826a 210 my ($s, @b) = $self->_insert_returning($options);
e82e648a 211 $sql .= $s;
212 push @bind, @b;
02288357 213 }
214
96449e8e 215 return wantarray ? ($sql, @bind) : $sql;
216}
217
60f3fd3f 218# So that subclasses can override INSERT ... RETURNING separately from
219# UPDATE and DELETE (e.g. DBIx::Class::SQLMaker::Oracle does this)
b17a3ece 220sub _insert_returning { shift->_returning(@_) }
221
95904db5 222sub _returning {
e82e648a 223 my ($self, $options) = @_;
6b1fe79d 224
e82e648a 225 my $f = $options->{returning};
226
227 my $fieldlist = $self->_SWITCH_refkind($f, {
228 ARRAYREF => sub {join ', ', map { $self->_quote($_) } @$f;},
229 SCALAR => sub {$self->_quote($f)},
230 SCALARREF => sub {$$f},
6b1fe79d 231 });
e82e648a 232 return $self->_sqlcase(' returning ') . $fieldlist;
6b1fe79d 233}
234
96449e8e 235sub _insert_HASHREF { # explicit list of fields and then values
236 my ($self, $data) = @_;
237
238 my @fields = sort keys %$data;
239
fe3ae272 240 my ($sql, @bind) = $self->_insert_values($data);
96449e8e 241
242 # assemble SQL
243 $_ = $self->_quote($_) foreach @fields;
244 $sql = "( ".join(", ", @fields).") ".$sql;
245
246 return ($sql, @bind);
247}
248
249sub _insert_ARRAYREF { # just generate values(?,?) part (no list of fields)
250 my ($self, $data) = @_;
251
252 # no names (arrayref) so can't generate bindtype
253 $self->{bindtype} ne 'columns'
254 or belch "can't do 'columns' bindtype when called with arrayref";
255
19b6ccce 256 my (@values, @all_bind);
257 foreach my $value (@$data) {
258 my ($values, @bind) = $self->_insert_value(undef, $value);
259 push @values, $values;
260 push @all_bind, @bind;
261 }
262 my $sql = $self->_sqlcase('values')." ( ".join(", ", @values)." )";
263 return ($sql, @all_bind);
fe3ae272 264}
265
266sub _insert_ARRAYREFREF { # literal SQL with bind
267 my ($self, $data) = @_;
268
269 my ($sql, @bind) = @${$data};
270 $self->_assert_bindval_matches_bindtype(@bind);
271
272 return ($sql, @bind);
273}
274
275
276sub _insert_SCALARREF { # literal SQL without bind
277 my ($self, $data) = @_;
278
279 return ($$data);
280}
281
282sub _insert_values {
283 my ($self, $data) = @_;
284
96449e8e 285 my (@values, @all_bind);
fe3ae272 286 foreach my $column (sort keys %$data) {
19b6ccce 287 my ($values, @bind) = $self->_insert_value($column, $data->{$column});
288 push @values, $values;
289 push @all_bind, @bind;
290 }
291 my $sql = $self->_sqlcase('values')." ( ".join(", ", @values)." )";
292 return ($sql, @all_bind);
293}
96449e8e 294
19b6ccce 295sub _insert_value {
296 my ($self, $column, $v) = @_;
96449e8e 297
19b6ccce 298 my (@values, @all_bind);
299 $self->_SWITCH_refkind($v, {
96449e8e 300
19b6ccce 301 ARRAYREF => sub {
302 if ($self->{array_datatypes}) { # if array datatype are activated
96449e8e 303 push @values, '?';
fe3ae272 304 push @all_bind, $self->_bindtype($column, $v);
19b6ccce 305 }
306 else { # else literal SQL with bind
307 my ($sql, @bind) = @$v;
308 $self->_assert_bindval_matches_bindtype(@bind);
309 push @values, $sql;
310 push @all_bind, @bind;
311 }
312 },
313
314 ARRAYREFREF => sub { # literal SQL with bind
315 my ($sql, @bind) = @${$v};
316 $self->_assert_bindval_matches_bindtype(@bind);
317 push @values, $sql;
318 push @all_bind, @bind;
319 },
320
be21dde3 321 # THINK: anything useful to do with a HASHREF ?
19b6ccce 322 HASHREF => sub { # (nothing, but old SQLA passed it through)
323 #TODO in SQLA >= 2.0 it will die instead
324 belch "HASH ref as bind value in insert is not supported";
325 push @values, '?';
326 push @all_bind, $self->_bindtype($column, $v);
327 },
328
329 SCALARREF => sub { # literal SQL without bind
330 push @values, $$v;
331 },
332
333 SCALAR_or_UNDEF => sub {
334 push @values, '?';
335 push @all_bind, $self->_bindtype($column, $v);
336 },
96449e8e 337
19b6ccce 338 });
96449e8e 339
19b6ccce 340 my $sql = join(", ", @values);
96449e8e 341 return ($sql, @all_bind);
342}
343
344
96449e8e 345
346#======================================================================
347# UPDATE methods
348#======================================================================
349
350
351sub update {
95904db5 352 my $self = shift;
353 my $table = $self->_table(shift);
354 my $data = shift || return;
355 my $where = shift;
356 my $options = shift;
96449e8e 357
358 # first build the 'SET' part of the sql statement
96449e8e 359 puke "Unsupported data type specified to \$sql->update"
360 unless ref $data eq 'HASH';
361
9ade906e 362 my ($sql, @all_bind) = $self->_update_set_values($data);
a9e94508 363 $sql = $self->_sqlcase('update ') . $table . $self->_sqlcase(' set ')
9ade906e 364 . $sql;
365
366 if ($where) {
367 my($where_sql, @where_bind) = $self->where($where);
368 $sql .= $where_sql;
369 push @all_bind, @where_bind;
370 }
371
372 if ($options->{returning}) {
373 my ($returning_sql, @returning_bind) = $self->_update_returning($options);
374 $sql .= $returning_sql;
375 push @all_bind, @returning_bind;
376 }
377
378 return wantarray ? ($sql, @all_bind) : $sql;
379}
380
381sub _update_set_values {
382 my ($self, $data) = @_;
383
384 my (@set, @all_bind);
96449e8e 385 for my $k (sort keys %$data) {
386 my $v = $data->{$k};
387 my $r = ref $v;
388 my $label = $self->_quote($k);
389
390 $self->_SWITCH_refkind($v, {
9d48860e 391 ARRAYREF => sub {
96449e8e 392 if ($self->{array_datatypes}) { # array datatype
393 push @set, "$label = ?";
394 push @all_bind, $self->_bindtype($k, $v);
395 }
396 else { # literal SQL with bind
397 my ($sql, @bind) = @$v;
fe3ae272 398 $self->_assert_bindval_matches_bindtype(@bind);
96449e8e 399 push @set, "$label = $sql";
fe3ae272 400 push @all_bind, @bind;
96449e8e 401 }
402 },
403 ARRAYREFREF => sub { # literal SQL with bind
404 my ($sql, @bind) = @${$v};
fe3ae272 405 $self->_assert_bindval_matches_bindtype(@bind);
96449e8e 406 push @set, "$label = $sql";
fe3ae272 407 push @all_bind, @bind;
96449e8e 408 },
409 SCALARREF => sub { # literal SQL without bind
410 push @set, "$label = $$v";
0ec3aec7 411 },
412 HASHREF => sub {
413 my ($op, $arg, @rest) = %$v;
414
415 puke 'Operator calls in update must be in the form { -op => $arg }'
416 if (@rest or not $op =~ /^\-(.+)/);
417
cbb4eeaf 418 local our $Cur_Col_Meta = $k;
419 my ($sql, @bind) = $self->_render_expr(
420 $self->_expand_expr_hashpair($op, $arg)
421 );
0ec3aec7 422
423 push @set, "$label = $sql";
424 push @all_bind, @bind;
425 },
96449e8e 426 SCALAR_or_UNDEF => sub {
427 push @set, "$label = ?";
428 push @all_bind, $self->_bindtype($k, $v);
429 },
430 });
431 }
432
433 # generate sql
9ade906e 434 my $sql = join ', ', @set;
96449e8e 435
9ade906e 436 return ($sql, @all_bind);
96449e8e 437}
438
60f3fd3f 439# So that subclasses can override UPDATE ... RETURNING separately from
440# INSERT and DELETE
20bb2ad5 441sub _update_returning { shift->_returning(@_) }
96449e8e 442
443
444
445#======================================================================
446# SELECT
447#======================================================================
448
449
450sub select {
451 my $self = shift;
452 my $table = $self->_table(shift);
453 my $fields = shift || '*';
454 my $where = shift;
455 my $order = shift;
456
daa4ccdd 457 my ($fields_sql, @bind) = $self->_select_fields($fields);
96449e8e 458
daa4ccdd 459 my ($where_sql, @where_bind) = $self->where($where, $order);
460 push @bind, @where_bind;
461
462 my $sql = join(' ', $self->_sqlcase('select'), $fields_sql,
96449e8e 463 $self->_sqlcase('from'), $table)
464 . $where_sql;
465
9d48860e 466 return wantarray ? ($sql, @bind) : $sql;
96449e8e 467}
468
daa4ccdd 469sub _select_fields {
470 my ($self, $fields) = @_;
471 return ref $fields eq 'ARRAY' ? join ', ', map { $self->_quote($_) } @$fields
472 : $fields;
473}
474
96449e8e 475#======================================================================
476# DELETE
477#======================================================================
478
479
480sub delete {
85327cd5 481 my $self = shift;
482 my $table = $self->_table(shift);
483 my $where = shift;
484 my $options = shift;
96449e8e 485
486 my($where_sql, @bind) = $self->where($where);
a9e94508 487 my $sql = $self->_sqlcase('delete from ') . $table . $where_sql;
96449e8e 488
85327cd5 489 if ($options->{returning}) {
ca4f826a 490 my ($returning_sql, @returning_bind) = $self->_delete_returning($options);
85327cd5 491 $sql .= $returning_sql;
492 push @bind, @returning_bind;
493 }
494
9d48860e 495 return wantarray ? ($sql, @bind) : $sql;
96449e8e 496}
497
60f3fd3f 498# So that subclasses can override DELETE ... RETURNING separately from
499# INSERT and UPDATE
85327cd5 500sub _delete_returning { shift->_returning(@_) }
501
502
96449e8e 503
504#======================================================================
505# WHERE: entry point
506#======================================================================
507
508
509
510# Finally, a separate routine just to handle WHERE clauses
511sub where {
512 my ($self, $where, $order) = @_;
513
514 # where ?
e175845b 515 my ($sql, @bind) = defined($where)
516 ? $self->_recurse_where($where)
517 : (undef);
417dd15e 518 $sql = (defined $sql and length $sql) ? $self->_sqlcase(' where ') . "( $sql )" : '';
96449e8e 519
520 # order by?
521 if ($order) {
26fe4d30 522 my ($order_sql, @order_bind) = $self->_order_by($order);
523 $sql .= $order_sql;
524 push @bind, @order_bind;
96449e8e 525 }
526
9d48860e 527 return wantarray ? ($sql, @bind) : $sql;
96449e8e 528}
529
a2cd381d 530sub _expand_expr {
2558b622 531 my ($self, $expr, $logic, $default_scalar_to) = @_;
532 local our $Default_Scalar_To = $default_scalar_to if $default_scalar_to;
252518da 533 return undef unless defined($expr);
59588695 534 if (ref($expr) eq 'HASH') {
535 if (keys %$expr > 1) {
536 $logic ||= 'and';
77617257 537 return +{ -op => [
538 $logic,
59588695 539 map $self->_expand_expr_hashpair($_ => $expr->{$_}, $logic),
540 sort keys %$expr
541 ] };
542 }
99a65fa8 543 return unless %$expr;
59588695 544 return $self->_expand_expr_hashpair(%$expr, $logic);
a2cd381d 545 }
08264f40 546 if (ref($expr) eq 'ARRAY') {
99a65fa8 547 my $logic = lc($logic || $self->{logic});
08264f40 548 $logic eq 'and' or $logic eq 'or' or puke "unknown logic: $logic";
549
550 my @expr = @$expr;
551
552 my @res;
553
554 while (my ($el) = splice @expr, 0, 1) {
555 puke "Supplying an empty left hand side argument is not supported in array-pairs"
556 unless defined($el) and length($el);
557 my $elref = ref($el);
558 if (!$elref) {
559 push(@res, $self->_expand_expr({ $el, shift(@expr) }));
560 } elsif ($elref eq 'ARRAY') {
561 push(@res, $self->_expand_expr($el)) if @$el;
ec857800 562 } elsif (my $l = is_literal_value($el)) {
563 push @res, { -literal => $l };
08264f40 564 } elsif ($elref eq 'HASH') {
565 push @res, $self->_expand_expr($el);
566 } else {
da4a0964 567 die "notreached";
08264f40 568 }
569 }
2143604f 570 return { -op => [ $logic, @res ] };
08264f40 571 }
ca3da680 572 if (my $literal = is_literal_value($expr)) {
573 return +{ -literal => $literal };
574 }
99a65fa8 575 if (!ref($expr) or Scalar::Util::blessed($expr)) {
2558b622 576 if (my $d = $Default_Scalar_To) {
577 return +{ $d => $expr };
578 }
99a65fa8 579 if (my $m = our $Cur_Col_Meta) {
580 return +{ -bind => [ $m, $expr ] };
581 }
252518da 582 return +{ -value => $expr };
583 }
252518da 584 die "notreached";
a2cd381d 585}
96449e8e 586
59588695 587sub _expand_expr_hashpair {
588 my ($self, $k, $v, $logic) = @_;
d13725da 589 unless (defined($k) and length($k)) {
2d64004f 590 if (defined($k) and my $literal = is_literal_value($v)) {
d13725da 591 belch 'Hash-pairs consisting of an empty string with a literal are deprecated, and will be removed in 2.0: use -and => [ $literal ] instead';
2d64004f 592 return { -literal => $literal };
d13725da 593 }
594 puke "Supplying an empty left hand side argument is not supported";
595 }
ef071fad 596 if ($k =~ /^-/) {
99a65fa8 597 $self->_assert_pass_injection_guard($k =~ /^-(.*)$/s);
598 if ($k =~ s/ [_\s]? \d+ $//x ) {
599 belch 'Use of [and|or|nest]_N modifiers is deprecated and will be removed in SQLA v2.0. '
600 . "You probably wanted ...-and => [ $k => COND1, $k => COND2 ... ]";
601 }
ef071fad 602 if ($k eq '-nest') {
603 return $self->_expand_expr($v);
604 }
6ab1562a 605 if ($k eq '-bool') {
606 if (ref($v)) {
607 return $self->_expand_expr($v);
608 }
609 puke "-bool => undef not supported" unless defined($v);
610 return { -ident => $v };
611 }
99a65fa8 612 if ($k eq '-not') {
0c7e3af0 613 return { -op => [ 'not', $self->_expand_expr($v) ] };
99a65fa8 614 }
ce3bc4b0 615 if (my ($rest) = $k =~/^-not[_ ](.*)$/) {
0c7e3af0 616 return +{ -op => [
617 'not',
99a65fa8 618 $self->_expand_expr_hashpair("-${rest}", $v, $logic)
0c7e3af0 619 ] };
ce3bc4b0 620 }
99a65fa8 621 if (my ($logic) = $k =~ /^-(and|or)$/i) {
dd2d5bf7 622 if (ref($v) eq 'HASH') {
623 return $self->_expand_expr($v, $logic);
624 }
99a65fa8 625 if (ref($v) eq 'ARRAY') {
626 return $self->_expand_expr($v, $logic);
627 }
dd2d5bf7 628 }
99a65fa8 629 {
630 my $op = $k;
631 $op =~ s/^-// if length($op) > 1;
632
633 # top level special ops are illegal in general
634 puke "Illegal use of top-level '-$op'"
7f1bdbce 635 if List::Util::first { $op =~ $_->{regex} } @{$self->{special_ops}};
99a65fa8 636 }
637 if ($k eq '-value' and my $m = our $Cur_Col_Meta) {
638 return +{ -bind => [ $m, $v ] };
639 }
711892b1 640 if ($k eq '-op' or $k eq '-ident' or $k eq '-value' or $k eq '-bind' or $k eq '-literal' or $k eq '-func') {
99a65fa8 641 return { $k => $v };
d13725da 642 }
4325df6a 643 if (my $custom = $self->{custom_expansions}{($k =~ /^-(.*)$/)[0]}) {
644 return $self->$custom($v);
645 }
711892b1 646 if (
647 ref($v) eq 'HASH'
648 and keys %$v == 1
649 and (keys %$v)[0] =~ /^-/
650 ) {
651 my ($func) = $k =~ /^-(.*)$/;
652 return +{ -func => [ $func, $self->_expand_expr($v) ] };
653 }
654 if (!ref($v) or is_literal_value($v)) {
99a65fa8 655 return +{ -op => [ $k =~ /^-(.*)$/, $self->_expand_expr($v) ] };
59588695 656 }
99a65fa8 657 }
658 if (
659 !defined($v)
660 or (
661 ref($v) eq 'HASH'
662 and exists $v->{-value}
663 and not defined $v->{-value}
664 )
665 ) {
666 return $self->_expand_expr_hashpair($k => { $self->{cmp} => undef });
667 }
668 if (!ref($v) or Scalar::Util::blessed($v)) {
669 return +{
670 -op => [
671 $self->{cmp},
672 { -ident => $k },
673 { -bind => [ $k, $v ] }
674 ]
675 };
676 }
677 if (ref($v) eq 'HASH') {
678 if (keys %$v > 1) {
e175845b 679 return { -op => [
680 'and',
99a65fa8 681 map $self->_expand_expr_hashpair($k => { $_ => $v->{$_} }),
682 sort keys %$v
683 ] };
684 }
685 my ($vk, $vv) = %$v;
686 $vk =~ s/^-//;
687 $vk = lc($vk);
688 $self->_assert_pass_injection_guard($vk);
689 if ($vk =~ s/ [_\s]? \d+ $//x ) {
690 belch 'Use of [and|or|nest]_N modifiers is deprecated and will be removed in SQLA v2.0. '
691 . "You probably wanted ...-and => [ -$vk => COND1, -$vk => COND2 ... ]";
692 }
693 if ($vk =~ /^(?:not[ _])?between$/) {
694 local our $Cur_Col_Meta = $k;
695 my @rhs = map $self->_expand_expr($_),
696 ref($vv) eq 'ARRAY' ? @$vv : $vv;
697 unless (
698 (@rhs == 1 and ref($rhs[0]) eq 'HASH' and $rhs[0]->{-literal})
699 or
700 (@rhs == 2 and defined($rhs[0]) and defined($rhs[1]))
701 ) {
702 puke "Operator '${\uc($vk)}' requires either an arrayref with two defined values or expressions, or a single literal scalarref/arrayref-ref";
b5b18861 703 }
99a65fa8 704 return +{ -op => [
705 join(' ', split '_', $vk),
706 { -ident => $k },
707 @rhs
708 ] }
709 }
710 if ($vk =~ /^(?:not[ _])?in$/) {
711 if (my $literal = is_literal_value($vv)) {
712 my ($sql, @bind) = @$literal;
713 my $opened_sql = $self->_open_outer_paren($sql);
10d07c4e 714 return +{ -op => [
99a65fa8 715 $vk, { -ident => $k },
716 [ { -literal => [ $opened_sql, @bind ] } ]
10d07c4e 717 ] };
718 }
99a65fa8 719 my $undef_err =
720 'SQL::Abstract before v1.75 used to generate incorrect SQL when the '
721 . "-${\uc($vk)} operator was given an undef-containing list: !!!AUDIT YOUR CODE "
722 . 'AND DATA!!! (the upcoming Data::Query-based version of SQL::Abstract '
723 . 'will emit the logically correct SQL instead of raising this exception)'
724 ;
725 puke("Argument passed to the '${\uc($vk)}' operator can not be undefined")
726 if !defined($vv);
727 my @rhs = map $self->_expand_expr($_),
728 map { ref($_) ? $_ : { -bind => [ $k, $_ ] } }
729 map { defined($_) ? $_: puke($undef_err) }
730 (ref($vv) eq 'ARRAY' ? @$vv : $vv);
e175845b 731 return $self->${\($vk =~ /^not/ ? 'sqltrue' : 'sqlfalse')} unless @rhs;
99a65fa8 732
733 return +{ -op => [
734 join(' ', split '_', $vk),
735 { -ident => $k },
736 \@rhs
737 ] };
738 }
739 if ($vk eq 'ident') {
740 if (! defined $vv or ref $vv) {
741 puke "-$vk requires a single plain scalar argument (a quotable identifier)";
f7778474 742 }
99a65fa8 743 return +{ -op => [
744 $self->{cmp},
745 { -ident => $k },
746 { -ident => $vv }
747 ] };
748 }
749 if ($vk eq 'value') {
750 return $self->_expand_expr_hashpair($k, undef) unless defined($vv);
751 return +{ -op => [
752 $self->{cmp},
753 { -ident => $k },
754 { -bind => [ $k, $vv ] }
755 ] };
756 }
757 if ($vk =~ /^is(?:[ _]not)?$/) {
758 puke "$vk can only take undef as argument"
759 if defined($vv)
760 and not (
761 ref($vv) eq 'HASH'
762 and exists($vv->{-value})
763 and !defined($vv->{-value})
764 );
765 $vk =~ s/_/ /g;
766 return +{ -op => [ $vk.' null', { -ident => $k } ] };
767 }
768 if ($vk =~ /^(and|or)$/) {
769 if (ref($vv) eq 'HASH') {
e62fe58a 770 return +{ -op => [
771 $vk,
99a65fa8 772 map $self->_expand_expr_hashpair($k, { $_ => $vv->{$_} }),
773 sort keys %$vv
7d7868d1 774 ] };
775 }
e28d9b13 776 }
99a65fa8 777 if (my $us = List::Util::first { $vk =~ $_->{regex} } @{$self->{user_special_ops}}) {
778 return { -op => [ $vk, { -ident => $k }, $vv ] };
7dbe1183 779 }
99a65fa8 780 if (ref($vv) eq 'ARRAY') {
781 my ($logic, @values) = (
782 (defined($vv->[0]) and $vv->[0] =~ /^-(and|or)$/i)
783 ? @$vv
784 : (-or => @$vv)
785 );
786 if (
787 $vk =~ $self->{inequality_op}
788 or join(' ', split '_', $vk) =~ $self->{not_like_op}
789 ) {
790 if (lc($logic) eq '-or' and @values > 1) {
791 my $op = uc join ' ', split '_', $vk;
792 belch "A multi-element arrayref as an argument to the inequality op '$op' "
793 . 'is technically equivalent to an always-true 1=1 (you probably wanted '
794 . "to say ...{ \$inequality_op => [ -and => \@values ] }... instead)"
795 ;
796 }
ef071fad 797 }
b3cb13e8 798 unless (@values) {
799 # try to DWIM on equality operators
800 my $op = join ' ', split '_', $vk;
801 return
e175845b 802 $op =~ $self->{equality_op} ? $self->sqlfalse
803 : $op =~ $self->{like_op} ? belch("Supplying an empty arrayref to '@{[ uc $op]}' is deprecated") && $self->sqlfalse
804 : $op =~ $self->{inequality_op} ? $self->sqltrue
805 : $op =~ $self->{not_like_op} ? belch("Supplying an empty arrayref to '@{[ uc $op]}' is deprecated") && $self->sqltrue
b3cb13e8 806 : puke "operator '$op' applied on an empty array (field '$k')";
807 }
63c97a0b 808 return +{ -op => [
809 $logic =~ /^-(.*)$/,
99a65fa8 810 map $self->_expand_expr_hashpair($k => { $vk => $_ }),
811 @values
812 ] };
813 }
814 if (
815 !defined($vv)
816 or (
817 ref($vv) eq 'HASH'
818 and exists $vv->{-value}
819 and not defined $vv->{-value}
820 )
821 ) {
822 my $op = join ' ', split '_', $vk;
823 my $is =
824 $op =~ /^not$/i ? 'is not' # legacy
825 : $op =~ $self->{equality_op} ? 'is'
826 : $op =~ $self->{like_op} ? belch("Supplying an undefined argument to '@{[ uc $op]}' is deprecated") && 'is'
827 : $op =~ $self->{inequality_op} ? 'is not'
828 : $op =~ $self->{not_like_op} ? belch("Supplying an undefined argument to '@{[ uc $op]}' is deprecated") && 'is not'
829 : puke "unexpected operator '$op' with undef operand";
830 return +{ -op => [ $is.' null', { -ident => $k } ] };
831 }
832 local our $Cur_Col_Meta = $k;
833 return +{ -op => [
834 $vk,
835 { -ident => $k },
836 $self->_expand_expr($vv)
837 ] };
838 }
839 if (ref($v) eq 'ARRAY') {
e175845b 840 return $self->sqlfalse unless @$v;
99a65fa8 841 $self->_debug("ARRAY($k) means distribute over elements");
842 my $this_logic = (
843 $v->[0] =~ /^-((?:and|or))$/i
844 ? ($v = [ @{$v}[1..$#$v] ], $1)
845 : ($self->{logic} || 'or')
846 );
cba28f66 847 return +{ -op => [
848 $this_logic,
849 map $self->_expand_expr({ $k => $_ }, $this_logic), @$v
850 ] };
99a65fa8 851 }
852 if (my $literal = is_literal_value($v)) {
853 unless (length $k) {
854 belch 'Hash-pairs consisting of an empty string with a literal are deprecated, and will be removed in 2.0: use -and => [ $literal ] instead';
855 return \$literal;
856 }
857 my ($sql, @bind) = @$literal;
858 if ($self->{bindtype} eq 'columns') {
859 for (@bind) {
860 if (!defined $_ || ref($_) ne 'ARRAY' || @$_ != 2) {
861 puke "bindtype 'columns' selected, you need to pass: [column_name => bind_value]"
aa8d7bdb 862 }
863 }
331e2209 864 }
99a65fa8 865 return +{ -literal => [ $self->_quote($k).' '.$sql, @bind ] };
331e2209 866 }
99a65fa8 867 die "notreached";
59588695 868}
869
e175845b 870sub _render_expr {
871 my ($self, $expr) = @_;
872 my ($k, $v, @rest) = %$expr;
873 die "No" if @rest;
181dcebf 874 my %op = map +("-$_" => '_render_'.$_),
e175845b 875 qw(op func value bind ident literal);
876 if (my $meth = $op{$k}) {
181dcebf 877 return $self->$meth($v);
e175845b 878 }
879 die "notreached: $k";
880}
881
96449e8e 882sub _recurse_where {
883 my ($self, $where, $logic) = @_;
884
99a65fa8 885#print STDERR Data::Dumper::Concise::Dumper([ $where, $logic ]);
886
a2cd381d 887 my $where_exp = $self->_expand_expr($where, $logic);
888
99a65fa8 889#print STDERR Data::Dumper::Concise::Dumper([ EXP => $where_exp ]);
890
96449e8e 891 # dispatch on appropriate method according to refkind of $where
e175845b 892# my $method = $self->_METHOD_FOR_refkind("_where", $where_exp);
893
894# my ($sql, @bind) = $self->$method($where_exp, $logic);
311b2151 895
e175845b 896 my ($sql, @bind) = defined($where_exp) ? $self->_render_expr($where_exp) : (undef);
311b2151 897
abe1a491 898 # DBIx::Class used to call _recurse_where in scalar context
899 # something else might too...
900 if (wantarray) {
901 return ($sql, @bind);
902 }
903 else {
904 belch "Calling _recurse_where in scalar context is deprecated and will go away before 2.0";
905 return $sql;
906 }
96449e8e 907}
908
181dcebf 909sub _render_ident {
910 my ($self, $ident) = @_;
cc422895 911
9cf28dfb 912 return $self->_convert($self->_quote($ident));
cc422895 913}
914
181dcebf 915sub _render_value {
916 my ($self, $value) = @_;
cc422895 917
52511ae3 918 return ($self->_convert('?'), $self->_bindtype(undef, $value));
cc422895 919}
920
c452734e 921my %unop_postfix = map +($_ => 1),
922 'is null', 'is not null',
923 'asc', 'desc',
924;
d13725da 925
b5b18861 926my %special = (
927 (map +($_ => do {
928 my $op = $_;
929 sub {
930 my ($self, $args) = @_;
931 my ($left, $low, $high) = @$args;
932 my ($rhsql, @rhbind) = do {
933 if (@$args == 2) {
934 puke "Single arg to between must be a literal"
935 unless $low->{-literal};
936 @{$low->{-literal}}
937 } else {
e56dd780 938 my ($l, $h) = map [ $self->_render_expr($_) ], $low, $high;
b5b18861 939 (join(' ', $l->[0], $self->_sqlcase('and'), $h->[0]),
940 @{$l}[1..$#$l], @{$h}[1..$#$h])
941 }
942 };
e56dd780 943 my ($lhsql, @lhbind) = $self->_render_expr($left);
b5b18861 944 return (
945 join(' ', '(', $lhsql, $self->_sqlcase($op), $rhsql, ')'),
946 @lhbind, @rhbind
947 );
948 }
949 }), 'between', 'not between'),
10d07c4e 950 (map +($_ => do {
951 my $op = $_;
952 sub {
953 my ($self, $args) = @_;
954 my ($lhs, $rhs) = @$args;
955 my @in_bind;
956 my @in_sql = map {
0ce981f8 957 my ($sql, @bind) = $self->_render_expr($_);
10d07c4e 958 push @in_bind, @bind;
959 $sql;
960 } @$rhs;
0ce981f8 961 my ($lhsql, @lbind) = $self->_render_expr($lhs);
10d07c4e 962 return (
963 $lhsql.' '.$self->_sqlcase($op).' ( '
964 .join(', ', @in_sql)
965 .' )',
966 @lbind, @in_bind
967 );
968 }
969 }), 'in', 'not in'),
b5b18861 970);
971
181dcebf 972sub _render_op {
973 my ($self, $v) = @_;
d13725da 974 my ($op, @args) = @$v;
975 $op =~ s/^-// if length($op) > 1;
cba28f66 976 $op = lc($op);
b5b18861 977 if (my $h = $special{$op}) {
978 return $self->$h(\@args);
979 }
99a65fa8 980 if (my $us = List::Util::first { $op =~ $_->{regex} } @{$self->{user_special_ops}}) {
981 puke "Special op '${op}' requires first value to be identifier"
982 unless my ($k) = map $_->{-ident}, grep ref($_) eq 'HASH', $args[0];
983 return $self->${\($us->{handler})}($k, $op, $args[1]);
984 }
985 my $final_op = $op =~ /^(?:is|not)_/ ? join(' ', split '_', $op) : $op;
2143604f 986 if (@args == 1 and $op !~ /^(and|or)$/) {
ec857800 987 my ($expr_sql, @bind) = $self->_render_expr($args[0]);
d13725da 988 my $op_sql = $self->_sqlcase($final_op);
989 my $final_sql = (
990 $unop_postfix{lc($final_op)}
991 ? "${expr_sql} ${op_sql}"
992 : "${op_sql} ${expr_sql}"
993 );
0c7e3af0 994 return (($op eq 'not' ? '('.$final_sql.')' : $final_sql), @bind);
16d9289c 995 } else {
ec857800 996 my @parts = map [ $self->_render_expr($_) ], @args;
77617257 997 my ($final_sql) = map +($op =~ /^(and|or)$/ ? "(${_})" : $_), join(
998 ' '.$self->_sqlcase($final_op).' ',
999 map $_->[0], @parts
1000 );
99a65fa8 1001 return (
77617257 1002 $final_sql,
16d9289c 1003 map @{$_}[1..$#$_], @parts
99a65fa8 1004 );
d13725da 1005 }
1006 die "unhandled";
1007}
1008
181dcebf 1009sub _render_func {
1010 my ($self, $rest) = @_;
711892b1 1011 my ($func, @args) = @$rest;
1012 my @arg_sql;
1013 my @bind = map {
1014 my @x = @$_;
1015 push @arg_sql, shift @x;
1016 @x
0f199fce 1017 } map [ $self->_render_expr($_) ], @args;
711892b1 1018 return ($self->_sqlcase($func).'('.join(', ', @arg_sql).')', @bind);
1019}
1020
181dcebf 1021sub _render_bind {
1022 my ($self, $bind) = @_;
d13725da 1023 return ($self->_convert('?'), $self->_bindtype(@$bind));
1024}
1025
181dcebf 1026sub _render_literal {
1027 my ($self, $literal) = @_;
465d43fd 1028 $self->_assert_bindval_matches_bindtype(@{$literal}[1..$#$literal]);
aa8d7bdb 1029 return @$literal;
1030}
1031
4a1f01a3 1032# Some databases (SQLite) treat col IN (1, 2) different from
1033# col IN ( (1, 2) ). Use this to strip all outer parens while
1034# adding them back in the corresponding method
1035sub _open_outer_paren {
1036 my ($self, $sql) = @_;
a5f91feb 1037
ca4f826a 1038 while (my ($inner) = $sql =~ /^ \s* \( (.*) \) \s* $/xs) {
a5f91feb 1039
1040 # there are closing parens inside, need the heavy duty machinery
1041 # to reevaluate the extraction starting from $sql (full reevaluation)
ca4f826a 1042 if ($inner =~ /\)/) {
a5f91feb 1043 require Text::Balanced;
1044
1045 my (undef, $remainder) = do {
1046 # idiotic design - writes to $@ but *DOES NOT* throw exceptions
1047 local $@;
ca4f826a 1048 Text::Balanced::extract_bracketed($sql, '()', qr/\s*/);
a5f91feb 1049 };
1050
1051 # the entire expression needs to be a balanced bracketed thing
1052 # (after an extract no remainder sans trailing space)
1053 last if defined $remainder and $remainder =~ /\S/;
1054 }
1055
1056 $sql = $inner;
1057 }
1058
1059 $sql;
4a1f01a3 1060}
1061
96449e8e 1062
96449e8e 1063#======================================================================
1064# ORDER BY
1065#======================================================================
1066
1067sub _order_by {
1068 my ($self, $arg) = @_;
1069
4325df6a 1070 return '' unless defined($arg) and not (ref($arg) eq 'ARRAY' and !@$arg);
2b6158af 1071
4325df6a 1072 my $expander = sub {
1073 my ($self, $dir, $expr) = @_;
1074 my @exp = map +(defined($dir) ? { -op => [ $dir => $_ ] } : $_),
1075 map $self->_expand_expr($_, undef, -ident),
1076 ref($expr) eq 'ARRAY' ? @$expr : $expr;
1077 return (@exp > 1 ? { -op => [ ',', @exp ] } : $exp[0]);
1078 };
18c743c8 1079
4325df6a 1080 local $self->{custom_expansions} = {
1081 asc => sub { shift->$expander(asc => @_) },
1082 desc => sub { shift->$expander(desc => @_) },
1083 };
f267b646 1084
4325df6a 1085 my $expanded = $self->$expander(undef, $arg);
1086
1087 my ($sql, @bind) = $self->_render_expr($expanded);
1088
1089 my $final_sql = $self->_sqlcase(' order by ').$sql;
1090
1091 return wantarray ? ($final_sql, @bind) : $final_sql;
f267b646 1092}
1093
1094sub _order_by_chunks {
1095 my ($self, $arg) = @_;
1096
c452734e 1097 if (ref($arg) eq 'ARRAY') {
1098 return map $self->_order_by_chunks($_), @$arg;
1099 }
1100 if (my $l = is_literal_value($arg)) {
1101 return +{ -literal => $l };
1102 }
1103 if (!ref($arg)) {
1104 return +{ -ident => $arg };
1105 }
c452734e 1106 if (ref($arg) eq 'HASH') {
1107 my ($key, $val, @rest) = %$arg;
96449e8e 1108
c452734e 1109 return () unless $key;
96449e8e 1110
c452734e 1111 if (@rest or not $key =~ /^-(desc|asc)/i) {
1112 puke "hash passed to _order_by must have exactly one key (-desc or -asc)";
1113 }
96449e8e 1114
c452734e 1115 my $dir = $1;
96449e8e 1116
c452734e 1117 map +{ -op => [ $dir, $_ ] }, $self->_order_by_chunks($val);
1118 };
96449e8e 1119}
1120
1121
96449e8e 1122#======================================================================
1123# DATASOURCE (FOR NOW, JUST PLAIN TABLE OR LIST OF TABLES)
1124#======================================================================
1125
1126sub _table {
1127 my $self = shift;
1128 my $from = shift;
1129 $self->_SWITCH_refkind($from, {
1130 ARRAYREF => sub {join ', ', map { $self->_quote($_) } @$from;},
1131 SCALAR => sub {$self->_quote($from)},
1132 SCALARREF => sub {$$from},
96449e8e 1133 });
1134}
1135
1136
1137#======================================================================
1138# UTILITY FUNCTIONS
1139#======================================================================
1140
955e77ca 1141# highly optimized, as it's called way too often
96449e8e 1142sub _quote {
955e77ca 1143 # my ($self, $label) = @_;
96449e8e 1144
955e77ca 1145 return '' unless defined $_[1];
955e77ca 1146 return ${$_[1]} if ref($_[1]) eq 'SCALAR';
96449e8e 1147
439834d3 1148 $_[0]->{quote_char} or
1149 ($_[0]->_assert_pass_injection_guard($_[1]), return $_[1]);
96449e8e 1150
07d7c35c 1151 my $qref = ref $_[0]->{quote_char};
439834d3 1152 my ($l, $r) =
1153 !$qref ? ($_[0]->{quote_char}, $_[0]->{quote_char})
1154 : ($qref eq 'ARRAY') ? @{$_[0]->{quote_char}}
1155 : puke "Unsupported quote_char format: $_[0]->{quote_char}";
1156
46be4313 1157 my $esc = $_[0]->{escape_char} || $r;
96449e8e 1158
07d7c35c 1159 # parts containing * are naturally unquoted
ca4f826a 1160 return join($_[0]->{name_sep}||'', map
439834d3 1161 +( $_ eq '*' ? $_ : do { (my $n = $_) =~ s/(\Q$esc\E|\Q$r\E)/$esc$1/g; $l . $n . $r } ),
955e77ca 1162 ( $_[0]->{name_sep} ? split (/\Q$_[0]->{name_sep}\E/, $_[1] ) : $_[1] )
1163 );
96449e8e 1164}
1165
1166
1167# Conversion, if applicable
d7c862e0 1168sub _convert {
07d7c35c 1169 #my ($self, $arg) = @_;
07d7c35c 1170 if ($_[0]->{convert}) {
1171 return $_[0]->_sqlcase($_[0]->{convert}) .'(' . $_[1] . ')';
96449e8e 1172 }
07d7c35c 1173 return $_[1];
96449e8e 1174}
1175
1176# And bindtype
d7c862e0 1177sub _bindtype {
07d7c35c 1178 #my ($self, $col, @vals) = @_;
07d7c35c 1179 # called often - tighten code
1180 return $_[0]->{bindtype} eq 'columns'
1181 ? map {[$_[1], $_]} @_[2 .. $#_]
1182 : @_[2 .. $#_]
1183 ;
96449e8e 1184}
1185
fe3ae272 1186# Dies if any element of @bind is not in [colname => value] format
1187# if bindtype is 'columns'.
1188sub _assert_bindval_matches_bindtype {
c94a6c93 1189# my ($self, @bind) = @_;
1190 my $self = shift;
fe3ae272 1191 if ($self->{bindtype} eq 'columns') {
c94a6c93 1192 for (@_) {
1193 if (!defined $_ || ref($_) ne 'ARRAY' || @$_ != 2) {
3a06278c 1194 puke "bindtype 'columns' selected, you need to pass: [column_name => bind_value]"
fe3ae272 1195 }
1196 }
1197 }
1198}
1199
96449e8e 1200sub _join_sql_clauses {
1201 my ($self, $logic, $clauses_aref, $bind_aref) = @_;
1202
1203 if (@$clauses_aref > 1) {
1204 my $join = " " . $self->_sqlcase($logic) . " ";
1205 my $sql = '( ' . join($join, @$clauses_aref) . ' )';
1206 return ($sql, @$bind_aref);
1207 }
1208 elsif (@$clauses_aref) {
1209 return ($clauses_aref->[0], @$bind_aref); # no parentheses
1210 }
1211 else {
1212 return (); # if no SQL, ignore @$bind_aref
1213 }
1214}
1215
1216
1217# Fix SQL case, if so requested
1218sub _sqlcase {
96449e8e 1219 # LDNOTE: if $self->{case} is true, then it contains 'lower', so we
1220 # don't touch the argument ... crooked logic, but let's not change it!
07d7c35c 1221 return $_[0]->{case} ? $_[1] : uc($_[1]);
96449e8e 1222}
1223
1224
1225#======================================================================
1226# DISPATCHING FROM REFKIND
1227#======================================================================
1228
1229sub _refkind {
1230 my ($self, $data) = @_;
96449e8e 1231
955e77ca 1232 return 'UNDEF' unless defined $data;
1233
1234 # blessed objects are treated like scalars
1235 my $ref = (Scalar::Util::blessed $data) ? '' : ref $data;
1236
1237 return 'SCALAR' unless $ref;
1238
1239 my $n_steps = 1;
1240 while ($ref eq 'REF') {
96449e8e 1241 $data = $$data;
955e77ca 1242 $ref = (Scalar::Util::blessed $data) ? '' : ref $data;
1243 $n_steps++ if $ref;
96449e8e 1244 }
1245
848556bc 1246 return ($ref||'SCALAR') . ('REF' x $n_steps);
96449e8e 1247}
1248
1249sub _try_refkind {
1250 my ($self, $data) = @_;
1251 my @try = ($self->_refkind($data));
1252 push @try, 'SCALAR_or_UNDEF' if $try[0] eq 'SCALAR' || $try[0] eq 'UNDEF';
1253 push @try, 'FALLBACK';
955e77ca 1254 return \@try;
96449e8e 1255}
1256
1257sub _METHOD_FOR_refkind {
1258 my ($self, $meth_prefix, $data) = @_;
f39eaa60 1259
1260 my $method;
955e77ca 1261 for (@{$self->_try_refkind($data)}) {
f39eaa60 1262 $method = $self->can($meth_prefix."_".$_)
1263 and last;
1264 }
1265
1266 return $method || puke "cannot dispatch on '$meth_prefix' for ".$self->_refkind($data);
96449e8e 1267}
1268
1269
1270sub _SWITCH_refkind {
1271 my ($self, $data, $dispatch_table) = @_;
1272
f39eaa60 1273 my $coderef;
955e77ca 1274 for (@{$self->_try_refkind($data)}) {
f39eaa60 1275 $coderef = $dispatch_table->{$_}
1276 and last;
1277 }
1278
1279 puke "no dispatch entry for ".$self->_refkind($data)
1280 unless $coderef;
1281
96449e8e 1282 $coderef->();
1283}
1284
1285
1286
1287
1288#======================================================================
1289# VALUES, GENERATE, AUTOLOAD
1290#======================================================================
1291
1292# LDNOTE: original code from nwiger, didn't touch code in that section
1293# I feel the AUTOLOAD stuff should not be the default, it should
1294# only be activated on explicit demand by user.
1295
1296sub values {
1297 my $self = shift;
1298 my $data = shift || return;
1299 puke "Argument to ", __PACKAGE__, "->values must be a \\%hash"
1300 unless ref $data eq 'HASH';
bab725ce 1301
1302 my @all_bind;
ca4f826a 1303 foreach my $k (sort keys %$data) {
bab725ce 1304 my $v = $data->{$k};
1305 $self->_SWITCH_refkind($v, {
9d48860e 1306 ARRAYREF => sub {
bab725ce 1307 if ($self->{array_datatypes}) { # array datatype
1308 push @all_bind, $self->_bindtype($k, $v);
1309 }
1310 else { # literal SQL with bind
1311 my ($sql, @bind) = @$v;
1312 $self->_assert_bindval_matches_bindtype(@bind);
1313 push @all_bind, @bind;
1314 }
1315 },
1316 ARRAYREFREF => sub { # literal SQL with bind
1317 my ($sql, @bind) = @${$v};
1318 $self->_assert_bindval_matches_bindtype(@bind);
1319 push @all_bind, @bind;
1320 },
1321 SCALARREF => sub { # literal SQL without bind
1322 },
1323 SCALAR_or_UNDEF => sub {
1324 push @all_bind, $self->_bindtype($k, $v);
1325 },
1326 });
1327 }
1328
1329 return @all_bind;
96449e8e 1330}
1331
1332sub generate {
1333 my $self = shift;
1334
1335 my(@sql, @sqlq, @sqlv);
1336
1337 for (@_) {
1338 my $ref = ref $_;
1339 if ($ref eq 'HASH') {
1340 for my $k (sort keys %$_) {
1341 my $v = $_->{$k};
1342 my $r = ref $v;
1343 my $label = $self->_quote($k);
1344 if ($r eq 'ARRAY') {
fe3ae272 1345 # literal SQL with bind
1346 my ($sql, @bind) = @$v;
1347 $self->_assert_bindval_matches_bindtype(@bind);
96449e8e 1348 push @sqlq, "$label = $sql";
fe3ae272 1349 push @sqlv, @bind;
96449e8e 1350 } elsif ($r eq 'SCALAR') {
fe3ae272 1351 # literal SQL without bind
96449e8e 1352 push @sqlq, "$label = $$v";
9d48860e 1353 } else {
96449e8e 1354 push @sqlq, "$label = ?";
1355 push @sqlv, $self->_bindtype($k, $v);
1356 }
1357 }
1358 push @sql, $self->_sqlcase('set'), join ', ', @sqlq;
1359 } elsif ($ref eq 'ARRAY') {
1360 # unlike insert(), assume these are ONLY the column names, i.e. for SQL
1361 for my $v (@$_) {
1362 my $r = ref $v;
fe3ae272 1363 if ($r eq 'ARRAY') { # literal SQL with bind
1364 my ($sql, @bind) = @$v;
1365 $self->_assert_bindval_matches_bindtype(@bind);
1366 push @sqlq, $sql;
1367 push @sqlv, @bind;
1368 } elsif ($r eq 'SCALAR') { # literal SQL without bind
96449e8e 1369 # embedded literal SQL
1370 push @sqlq, $$v;
9d48860e 1371 } else {
96449e8e 1372 push @sqlq, '?';
1373 push @sqlv, $v;
1374 }
1375 }
1376 push @sql, '(' . join(', ', @sqlq) . ')';
1377 } elsif ($ref eq 'SCALAR') {
1378 # literal SQL
1379 push @sql, $$_;
1380 } else {
1381 # strings get case twiddled
1382 push @sql, $self->_sqlcase($_);
1383 }
1384 }
1385
1386 my $sql = join ' ', @sql;
1387
1388 # this is pretty tricky
1389 # if ask for an array, return ($stmt, @bind)
1390 # otherwise, s/?/shift @sqlv/ to put it inline
1391 if (wantarray) {
1392 return ($sql, @sqlv);
1393 } else {
1394 1 while $sql =~ s/\?/my $d = shift(@sqlv);
1395 ref $d ? $d->[1] : $d/e;
1396 return $sql;
1397 }
1398}
1399
1400
1401sub DESTROY { 1 }
1402
1403sub AUTOLOAD {
1404 # This allows us to check for a local, then _form, attr
1405 my $self = shift;
1406 my($name) = $AUTOLOAD =~ /.*::(.+)/;
1407 return $self->generate($name, @_);
1408}
1409
14101;
1411
1412
1413
1414__END__
32eab2da 1415
1416=head1 NAME
1417
1418SQL::Abstract - Generate SQL from Perl data structures
1419
1420=head1 SYNOPSIS
1421
1422 use SQL::Abstract;
1423
1424 my $sql = SQL::Abstract->new;
1425
85783f3c 1426 my($stmt, @bind) = $sql->select($source, \@fields, \%where, $order);
32eab2da 1427
1428 my($stmt, @bind) = $sql->insert($table, \%fieldvals || \@values);
1429
1430 my($stmt, @bind) = $sql->update($table, \%fieldvals, \%where);
1431
1432 my($stmt, @bind) = $sql->delete($table, \%where);
1433
1434 # Then, use these in your DBI statements
1435 my $sth = $dbh->prepare($stmt);
1436 $sth->execute(@bind);
1437
1438 # Just generate the WHERE clause
85783f3c 1439 my($stmt, @bind) = $sql->where(\%where, $order);
32eab2da 1440
1441 # Return values in the same order, for hashed queries
1442 # See PERFORMANCE section for more details
1443 my @bind = $sql->values(\%fieldvals);
1444
1445=head1 DESCRIPTION
1446
1447This module was inspired by the excellent L<DBIx::Abstract>.
1448However, in using that module I found that what I really wanted
1449to do was generate SQL, but still retain complete control over my
1450statement handles and use the DBI interface. So, I set out to
1451create an abstract SQL generation module.
1452
1453While based on the concepts used by L<DBIx::Abstract>, there are
1454several important differences, especially when it comes to WHERE
1455clauses. I have modified the concepts used to make the SQL easier
1456to generate from Perl data structures and, IMO, more intuitive.
1457The underlying idea is for this module to do what you mean, based
1458on the data structures you provide it. The big advantage is that
1459you don't have to modify your code every time your data changes,
1460as this module figures it out.
1461
1462To begin with, an SQL INSERT is as easy as just specifying a hash
1463of C<key=value> pairs:
1464
1465 my %data = (
1466 name => 'Jimbo Bobson',
1467 phone => '123-456-7890',
1468 address => '42 Sister Lane',
1469 city => 'St. Louis',
1470 state => 'Louisiana',
1471 );
1472
1473The SQL can then be generated with this:
1474
1475 my($stmt, @bind) = $sql->insert('people', \%data);
1476
1477Which would give you something like this:
1478
1479 $stmt = "INSERT INTO people
1480 (address, city, name, phone, state)
1481 VALUES (?, ?, ?, ?, ?)";
1482 @bind = ('42 Sister Lane', 'St. Louis', 'Jimbo Bobson',
1483 '123-456-7890', 'Louisiana');
1484
1485These are then used directly in your DBI code:
1486
1487 my $sth = $dbh->prepare($stmt);
1488 $sth->execute(@bind);
1489
96449e8e 1490=head2 Inserting and Updating Arrays
1491
1492If your database has array types (like for example Postgres),
1493activate the special option C<< array_datatypes => 1 >>
9d48860e 1494when creating the C<SQL::Abstract> object.
96449e8e 1495Then you may use an arrayref to insert and update database array types:
1496
1497 my $sql = SQL::Abstract->new(array_datatypes => 1);
1498 my %data = (
1499 planets => [qw/Mercury Venus Earth Mars/]
1500 );
9d48860e 1501
96449e8e 1502 my($stmt, @bind) = $sql->insert('solar_system', \%data);
1503
1504This results in:
1505
1506 $stmt = "INSERT INTO solar_system (planets) VALUES (?)"
1507
1508 @bind = (['Mercury', 'Venus', 'Earth', 'Mars']);
1509
1510
1511=head2 Inserting and Updating SQL
1512
1513In order to apply SQL functions to elements of your C<%data> you may
1514specify a reference to an arrayref for the given hash value. For example,
1515if you need to execute the Oracle C<to_date> function on a value, you can
1516say something like this:
32eab2da 1517
1518 my %data = (
1519 name => 'Bill',
3ae1c5e2 1520 date_entered => \[ "to_date(?,'MM/DD/YYYY')", "03/02/2003" ],
9d48860e 1521 );
32eab2da 1522
1523The first value in the array is the actual SQL. Any other values are
1524optional and would be included in the bind values array. This gives
1525you:
1526
1527 my($stmt, @bind) = $sql->insert('people', \%data);
1528
9d48860e 1529 $stmt = "INSERT INTO people (name, date_entered)
32eab2da 1530 VALUES (?, to_date(?,'MM/DD/YYYY'))";
1531 @bind = ('Bill', '03/02/2003');
1532
1533An UPDATE is just as easy, all you change is the name of the function:
1534
1535 my($stmt, @bind) = $sql->update('people', \%data);
1536
1537Notice that your C<%data> isn't touched; the module will generate
1538the appropriately quirky SQL for you automatically. Usually you'll
1539want to specify a WHERE clause for your UPDATE, though, which is
1540where handling C<%where> hashes comes in handy...
1541
96449e8e 1542=head2 Complex where statements
1543
32eab2da 1544This module can generate pretty complicated WHERE statements
1545easily. For example, simple C<key=value> pairs are taken to mean
1546equality, and if you want to see if a field is within a set
1547of values, you can use an arrayref. Let's say we wanted to
1548SELECT some data based on this criteria:
1549
1550 my %where = (
1551 requestor => 'inna',
1552 worker => ['nwiger', 'rcwe', 'sfz'],
1553 status => { '!=', 'completed' }
1554 );
1555
1556 my($stmt, @bind) = $sql->select('tickets', '*', \%where);
1557
1558The above would give you something like this:
1559
1560 $stmt = "SELECT * FROM tickets WHERE
1561 ( requestor = ? ) AND ( status != ? )
1562 AND ( worker = ? OR worker = ? OR worker = ? )";
1563 @bind = ('inna', 'completed', 'nwiger', 'rcwe', 'sfz');
1564
1565Which you could then use in DBI code like so:
1566
1567 my $sth = $dbh->prepare($stmt);
1568 $sth->execute(@bind);
1569
1570Easy, eh?
1571
0da0fe34 1572=head1 METHODS
32eab2da 1573
13cc86af 1574The methods are simple. There's one for every major SQL operation,
32eab2da 1575and a constructor you use first. The arguments are specified in a
13cc86af 1576similar order for each method (table, then fields, then a where
32eab2da 1577clause) to try and simplify things.
1578
32eab2da 1579=head2 new(option => 'value')
1580
1581The C<new()> function takes a list of options and values, and returns
1582a new B<SQL::Abstract> object which can then be used to generate SQL
1583through the methods below. The options accepted are:
1584
1585=over
1586
1587=item case
1588
1589If set to 'lower', then SQL will be generated in all lowercase. By
1590default SQL is generated in "textbook" case meaning something like:
1591
1592 SELECT a_field FROM a_table WHERE some_field LIKE '%someval%'
1593
96449e8e 1594Any setting other than 'lower' is ignored.
1595
32eab2da 1596=item cmp
1597
1598This determines what the default comparison operator is. By default
1599it is C<=>, meaning that a hash like this:
1600
1601 %where = (name => 'nwiger', email => 'nate@wiger.org');
1602
1603Will generate SQL like this:
1604
1605 WHERE name = 'nwiger' AND email = 'nate@wiger.org'
1606
1607However, you may want loose comparisons by default, so if you set
1608C<cmp> to C<like> you would get SQL such as:
1609
1610 WHERE name like 'nwiger' AND email like 'nate@wiger.org'
1611
3af02ccb 1612You can also override the comparison on an individual basis - see
32eab2da 1613the huge section on L</"WHERE CLAUSES"> at the bottom.
1614
96449e8e 1615=item sqltrue, sqlfalse
1616
1617Expressions for inserting boolean values within SQL statements.
6e0c6552 1618By default these are C<1=1> and C<1=0>. They are used
1619by the special operators C<-in> and C<-not_in> for generating
1620correct SQL even when the argument is an empty array (see below).
96449e8e 1621
32eab2da 1622=item logic
1623
1624This determines the default logical operator for multiple WHERE
7cac25e6 1625statements in arrays or hashes. If absent, the default logic is "or"
1626for arrays, and "and" for hashes. This means that a WHERE
32eab2da 1627array of the form:
1628
1629 @where = (
9d48860e 1630 event_date => {'>=', '2/13/99'},
1631 event_date => {'<=', '4/24/03'},
32eab2da 1632 );
1633
7cac25e6 1634will generate SQL like this:
32eab2da 1635
1636 WHERE event_date >= '2/13/99' OR event_date <= '4/24/03'
1637
1638This is probably not what you want given this query, though (look
1639at the dates). To change the "OR" to an "AND", simply specify:
1640
1641 my $sql = SQL::Abstract->new(logic => 'and');
1642
1643Which will change the above C<WHERE> to:
1644
1645 WHERE event_date >= '2/13/99' AND event_date <= '4/24/03'
1646
96449e8e 1647The logic can also be changed locally by inserting
be21dde3 1648a modifier in front of an arrayref:
96449e8e 1649
9d48860e 1650 @where = (-and => [event_date => {'>=', '2/13/99'},
7cac25e6 1651 event_date => {'<=', '4/24/03'} ]);
96449e8e 1652
1653See the L</"WHERE CLAUSES"> section for explanations.
1654
32eab2da 1655=item convert
1656
1657This will automatically convert comparisons using the specified SQL
1658function for both column and value. This is mostly used with an argument
1659of C<upper> or C<lower>, so that the SQL will have the effect of
1660case-insensitive "searches". For example, this:
1661
1662 $sql = SQL::Abstract->new(convert => 'upper');
1663 %where = (keywords => 'MaKe iT CAse inSeNSItive');
1664
1665Will turn out the following SQL:
1666
1667 WHERE upper(keywords) like upper('MaKe iT CAse inSeNSItive')
1668
1669The conversion can be C<upper()>, C<lower()>, or any other SQL function
1670that can be applied symmetrically to fields (actually B<SQL::Abstract> does
1671not validate this option; it will just pass through what you specify verbatim).
1672
1673=item bindtype
1674
1675This is a kludge because many databases suck. For example, you can't
1676just bind values using DBI's C<execute()> for Oracle C<CLOB> or C<BLOB> fields.
1677Instead, you have to use C<bind_param()>:
1678
1679 $sth->bind_param(1, 'reg data');
1680 $sth->bind_param(2, $lots, {ora_type => ORA_CLOB});
1681
1682The problem is, B<SQL::Abstract> will normally just return a C<@bind> array,
1683which loses track of which field each slot refers to. Fear not.
1684
1685If you specify C<bindtype> in new, you can determine how C<@bind> is returned.
1686Currently, you can specify either C<normal> (default) or C<columns>. If you
1687specify C<columns>, you will get an array that looks like this:
1688
1689 my $sql = SQL::Abstract->new(bindtype => 'columns');
1690 my($stmt, @bind) = $sql->insert(...);
1691
1692 @bind = (
1693 [ 'column1', 'value1' ],
1694 [ 'column2', 'value2' ],
1695 [ 'column3', 'value3' ],
1696 );
1697
1698You can then iterate through this manually, using DBI's C<bind_param()>.
e3f9dff4 1699
32eab2da 1700 $sth->prepare($stmt);
1701 my $i = 1;
1702 for (@bind) {
1703 my($col, $data) = @$_;
1704 if ($col eq 'details' || $col eq 'comments') {
1705 $sth->bind_param($i, $data, {ora_type => ORA_CLOB});
1706 } elsif ($col eq 'image') {
1707 $sth->bind_param($i, $data, {ora_type => ORA_BLOB});
1708 } else {
1709 $sth->bind_param($i, $data);
1710 }
1711 $i++;
1712 }
1713 $sth->execute; # execute without @bind now
1714
1715Now, why would you still use B<SQL::Abstract> if you have to do this crap?
1716Basically, the advantage is still that you don't have to care which fields
1717are or are not included. You could wrap that above C<for> loop in a simple
1718sub called C<bind_fields()> or something and reuse it repeatedly. You still
1719get a layer of abstraction over manual SQL specification.
1720
3ae1c5e2 1721Note that if you set L</bindtype> to C<columns>, the C<\[ $sql, @bind ]>
deb148a2 1722construct (see L</Literal SQL with placeholders and bind values (subqueries)>)
1723will expect the bind values in this format.
1724
32eab2da 1725=item quote_char
1726
1727This is the character that a table or column name will be quoted
9d48860e 1728with. By default this is an empty string, but you could set it to
32eab2da 1729the character C<`>, to generate SQL like this:
1730
1731 SELECT `a_field` FROM `a_table` WHERE `some_field` LIKE '%someval%'
1732
96449e8e 1733Alternatively, you can supply an array ref of two items, the first being the left
1734hand quote character, and the second the right hand quote character. For
1735example, you could supply C<['[',']']> for SQL Server 2000 compliant quotes
1736that generates SQL like this:
1737
1738 SELECT [a_field] FROM [a_table] WHERE [some_field] LIKE '%someval%'
1739
9d48860e 1740Quoting is useful if you have tables or columns names that are reserved
96449e8e 1741words in your database's SQL dialect.
32eab2da 1742
46be4313 1743=item escape_char
1744
1745This is the character that will be used to escape L</quote_char>s appearing
1746in an identifier before it has been quoted.
1747
80790166 1748The parameter default in case of a single L</quote_char> character is the quote
46be4313 1749character itself.
1750
1751When opening-closing-style quoting is used (L</quote_char> is an arrayref)
9de2bd86 1752this parameter defaults to the B<closing (right)> L</quote_char>. Occurrences
46be4313 1753of the B<opening (left)> L</quote_char> within the identifier are currently left
1754untouched. The default for opening-closing-style quotes may change in future
1755versions, thus you are B<strongly encouraged> to specify the escape character
1756explicitly.
1757
32eab2da 1758=item name_sep
1759
1760This is the character that separates a table and column name. It is
1761necessary to specify this when the C<quote_char> option is selected,
1762so that tables and column names can be individually quoted like this:
1763
1764 SELECT `table`.`one_field` FROM `table` WHERE `table`.`other_field` = 1
1765
b6251592 1766=item injection_guard
1767
1768A regular expression C<qr/.../> that is applied to any C<-function> and unquoted
1769column name specified in a query structure. This is a safety mechanism to avoid
1770injection attacks when mishandling user input e.g.:
1771
1772 my %condition_as_column_value_pairs = get_values_from_user();
1773 $sqla->select( ... , \%condition_as_column_value_pairs );
1774
1775If the expression matches an exception is thrown. Note that literal SQL
1776supplied via C<\'...'> or C<\['...']> is B<not> checked in any way.
1777
1778Defaults to checking for C<;> and the C<GO> keyword (TransactSQL)
1779
96449e8e 1780=item array_datatypes
32eab2da 1781
9d48860e 1782When this option is true, arrayrefs in INSERT or UPDATE are
1783interpreted as array datatypes and are passed directly
96449e8e 1784to the DBI layer.
1785When this option is false, arrayrefs are interpreted
1786as literal SQL, just like refs to arrayrefs
1787(but this behavior is for backwards compatibility; when writing
1788new queries, use the "reference to arrayref" syntax
1789for literal SQL).
32eab2da 1790
32eab2da 1791
96449e8e 1792=item special_ops
32eab2da 1793
9d48860e 1794Takes a reference to a list of "special operators"
96449e8e 1795to extend the syntax understood by L<SQL::Abstract>.
1796See section L</"SPECIAL OPERATORS"> for details.
32eab2da 1797
59f23b3d 1798=item unary_ops
1799
9d48860e 1800Takes a reference to a list of "unary operators"
59f23b3d 1801to extend the syntax understood by L<SQL::Abstract>.
1802See section L</"UNARY OPERATORS"> for details.
1803
32eab2da 1804
32eab2da 1805
96449e8e 1806=back
32eab2da 1807
02288357 1808=head2 insert($table, \@values || \%fieldvals, \%options)
32eab2da 1809
1810This is the simplest function. You simply give it a table name
1811and either an arrayref of values or hashref of field/value pairs.
1812It returns an SQL INSERT statement and a list of bind values.
96449e8e 1813See the sections on L</"Inserting and Updating Arrays"> and
1814L</"Inserting and Updating SQL"> for information on how to insert
1815with those data types.
32eab2da 1816
02288357 1817The optional C<\%options> hash reference may contain additional
1818options to generate the insert SQL. Currently supported options
1819are:
1820
1821=over 4
1822
1823=item returning
1824
1825Takes either a scalar of raw SQL fields, or an array reference of
1826field names, and adds on an SQL C<RETURNING> statement at the end.
1827This allows you to return data generated by the insert statement
1828(such as row IDs) without performing another C<SELECT> statement.
1829Note, however, this is not part of the SQL standard and may not
1830be supported by all database engines.
1831
1832=back
1833
95904db5 1834=head2 update($table, \%fieldvals, \%where, \%options)
32eab2da 1835
1836This takes a table, hashref of field/value pairs, and an optional
86298391 1837hashref L<WHERE clause|/WHERE CLAUSES>. It returns an SQL UPDATE function and a list
32eab2da 1838of bind values.
96449e8e 1839See the sections on L</"Inserting and Updating Arrays"> and
1840L</"Inserting and Updating SQL"> for information on how to insert
1841with those data types.
32eab2da 1842
95904db5 1843The optional C<\%options> hash reference may contain additional
1844options to generate the update SQL. Currently supported options
1845are:
1846
1847=over 4
1848
1849=item returning
1850
1851See the C<returning> option to
1852L<insert|/insert($table, \@values || \%fieldvals, \%options)>.
1853
1854=back
1855
96449e8e 1856=head2 select($source, $fields, $where, $order)
32eab2da 1857
9d48860e 1858This returns a SQL SELECT statement and associated list of bind values, as
be21dde3 1859specified by the arguments:
32eab2da 1860
96449e8e 1861=over
32eab2da 1862
96449e8e 1863=item $source
32eab2da 1864
9d48860e 1865Specification of the 'FROM' part of the statement.
96449e8e 1866The argument can be either a plain scalar (interpreted as a table
1867name, will be quoted), or an arrayref (interpreted as a list
1868of table names, joined by commas, quoted), or a scalarref
063097a3 1869(literal SQL, not quoted).
32eab2da 1870
96449e8e 1871=item $fields
32eab2da 1872
9d48860e 1873Specification of the list of fields to retrieve from
96449e8e 1874the source.
1875The argument can be either an arrayref (interpreted as a list
9d48860e 1876of field names, will be joined by commas and quoted), or a
96449e8e 1877plain scalar (literal SQL, not quoted).
521647e7 1878Please observe that this API is not as flexible as that of
1879the first argument C<$source>, for backwards compatibility reasons.
32eab2da 1880
96449e8e 1881=item $where
32eab2da 1882
96449e8e 1883Optional argument to specify the WHERE part of the query.
1884The argument is most often a hashref, but can also be
9d48860e 1885an arrayref or plain scalar --
96449e8e 1886see section L<WHERE clause|/"WHERE CLAUSES"> for details.
32eab2da 1887
96449e8e 1888=item $order
32eab2da 1889
96449e8e 1890Optional argument to specify the ORDER BY part of the query.
9d48860e 1891The argument can be a scalar, a hashref or an arrayref
96449e8e 1892-- see section L<ORDER BY clause|/"ORDER BY CLAUSES">
1893for details.
32eab2da 1894
96449e8e 1895=back
32eab2da 1896
32eab2da 1897
85327cd5 1898=head2 delete($table, \%where, \%options)
32eab2da 1899
86298391 1900This takes a table name and optional hashref L<WHERE clause|/WHERE CLAUSES>.
32eab2da 1901It returns an SQL DELETE statement and list of bind values.
1902
85327cd5 1903The optional C<\%options> hash reference may contain additional
1904options to generate the delete SQL. Currently supported options
1905are:
1906
1907=over 4
1908
1909=item returning
1910
1911See the C<returning> option to
1912L<insert|/insert($table, \@values || \%fieldvals, \%options)>.
1913
1914=back
1915
85783f3c 1916=head2 where(\%where, $order)
32eab2da 1917
1918This is used to generate just the WHERE clause. For example,
1919if you have an arbitrary data structure and know what the
1920rest of your SQL is going to look like, but want an easy way
1921to produce a WHERE clause, use this. It returns an SQL WHERE
1922clause and list of bind values.
1923
32eab2da 1924
1925=head2 values(\%data)
1926
1927This just returns the values from the hash C<%data>, in the same
1928order that would be returned from any of the other above queries.
1929Using this allows you to markedly speed up your queries if you
1930are affecting lots of rows. See below under the L</"PERFORMANCE"> section.
1931
32eab2da 1932=head2 generate($any, 'number', $of, \@data, $struct, \%types)
1933
1934Warning: This is an experimental method and subject to change.
1935
1936This returns arbitrarily generated SQL. It's a really basic shortcut.
1937It will return two different things, depending on return context:
1938
1939 my($stmt, @bind) = $sql->generate('create table', \$table, \@fields);
1940 my $stmt_and_val = $sql->generate('create table', \$table, \@fields);
1941
1942These would return the following:
1943
1944 # First calling form
1945 $stmt = "CREATE TABLE test (?, ?)";
1946 @bind = (field1, field2);
1947
1948 # Second calling form
1949 $stmt_and_val = "CREATE TABLE test (field1, field2)";
1950
1951Depending on what you're trying to do, it's up to you to choose the correct
1952format. In this example, the second form is what you would want.
1953
1954By the same token:
1955
1956 $sql->generate('alter session', { nls_date_format => 'MM/YY' });
1957
1958Might give you:
1959
1960 ALTER SESSION SET nls_date_format = 'MM/YY'
1961
1962You get the idea. Strings get their case twiddled, but everything
1963else remains verbatim.
1964
0da0fe34 1965=head1 EXPORTABLE FUNCTIONS
1966
1967=head2 is_plain_value
1968
1969Determines if the supplied argument is a plain value as understood by this
1970module:
1971
1972=over
1973
1974=item * The value is C<undef>
1975
1976=item * The value is a non-reference
1977
1978=item * The value is an object with stringification overloading
1979
1980=item * The value is of the form C<< { -value => $anything } >>
1981
1982=back
1983
9de2bd86 1984On failure returns C<undef>, on success returns a B<scalar> reference
966200cc 1985to the original supplied argument.
0da0fe34 1986
843a94b5 1987=over
1988
1989=item * Note
1990
1991The stringification overloading detection is rather advanced: it takes
1992into consideration not only the presence of a C<""> overload, but if that
1993fails also checks for enabled
1994L<autogenerated versions of C<"">|overload/Magic Autogeneration>, based
1995on either C<0+> or C<bool>.
1996
1997Unfortunately testing in the field indicates that this
1998detection B<< may tickle a latent bug in perl versions before 5.018 >>,
1999but only when very large numbers of stringifying objects are involved.
2000At the time of writing ( Sep 2014 ) there is no clear explanation of
2001the direct cause, nor is there a manageably small test case that reliably
2002reproduces the problem.
2003
2004If you encounter any of the following exceptions in B<random places within
2005your application stack> - this module may be to blame:
2006
2007 Operation "ne": no method found,
2008 left argument in overloaded package <something>,
2009 right argument in overloaded package <something>
2010
2011or perhaps even
2012
2013 Stub found while resolving method "???" overloading """" in package <something>
2014
2015If you fall victim to the above - please attempt to reduce the problem
2016to something that could be sent to the L<SQL::Abstract developers
1f490ae4 2017|DBIx::Class/GETTING HELP/SUPPORT>
843a94b5 2018(either publicly or privately). As a workaround in the meantime you can
2019set C<$ENV{SQLA_ISVALUE_IGNORE_AUTOGENERATED_STRINGIFICATION}> to a true
2020value, which will most likely eliminate your problem (at the expense of
2021not being able to properly detect exotic forms of stringification).
2022
2023This notice and environment variable will be removed in a future version,
2024as soon as the underlying problem is found and a reliable workaround is
2025devised.
2026
2027=back
2028
0da0fe34 2029=head2 is_literal_value
2030
2031Determines if the supplied argument is a literal value as understood by this
2032module:
2033
2034=over
2035
2036=item * C<\$sql_string>
2037
2038=item * C<\[ $sql_string, @bind_values ]>
2039
0da0fe34 2040=back
2041
9de2bd86 2042On failure returns C<undef>, on success returns an B<array> reference
966200cc 2043containing the unpacked version of the supplied literal SQL and bind values.
0da0fe34 2044
32eab2da 2045=head1 WHERE CLAUSES
2046
96449e8e 2047=head2 Introduction
2048
32eab2da 2049This module uses a variation on the idea from L<DBIx::Abstract>. It
2050is B<NOT>, repeat I<not> 100% compatible. B<The main logic of this
2051module is that things in arrays are OR'ed, and things in hashes
2052are AND'ed.>
2053
2054The easiest way to explain is to show lots of examples. After
2055each C<%where> hash shown, it is assumed you used:
2056
2057 my($stmt, @bind) = $sql->where(\%where);
2058
2059However, note that the C<%where> hash can be used directly in any
2060of the other functions as well, as described above.
2061
96449e8e 2062=head2 Key-value pairs
2063
32eab2da 2064So, let's get started. To begin, a simple hash:
2065
2066 my %where = (
2067 user => 'nwiger',
2068 status => 'completed'
2069 );
2070
2071Is converted to SQL C<key = val> statements:
2072
2073 $stmt = "WHERE user = ? AND status = ?";
2074 @bind = ('nwiger', 'completed');
2075
2076One common thing I end up doing is having a list of values that
2077a field can be in. To do this, simply specify a list inside of
2078an arrayref:
2079
2080 my %where = (
2081 user => 'nwiger',
2082 status => ['assigned', 'in-progress', 'pending'];
2083 );
2084
2085This simple code will create the following:
9d48860e 2086
32eab2da 2087 $stmt = "WHERE user = ? AND ( status = ? OR status = ? OR status = ? )";
2088 @bind = ('nwiger', 'assigned', 'in-progress', 'pending');
2089
9d48860e 2090A field associated to an empty arrayref will be considered a
7cac25e6 2091logical false and will generate 0=1.
8a68b5be 2092
b864ba9b 2093=head2 Tests for NULL values
2094
2095If the value part is C<undef> then this is converted to SQL <IS NULL>
2096
2097 my %where = (
2098 user => 'nwiger',
2099 status => undef,
2100 );
2101
2102becomes:
2103
2104 $stmt = "WHERE user = ? AND status IS NULL";
2105 @bind = ('nwiger');
2106
e9614080 2107To test if a column IS NOT NULL:
2108
2109 my %where = (
2110 user => 'nwiger',
2111 status => { '!=', undef },
2112 );
cc422895 2113
6e0c6552 2114=head2 Specific comparison operators
96449e8e 2115
32eab2da 2116If you want to specify a different type of operator for your comparison,
2117you can use a hashref for a given column:
2118
2119 my %where = (
2120 user => 'nwiger',
2121 status => { '!=', 'completed' }
2122 );
2123
2124Which would generate:
2125
2126 $stmt = "WHERE user = ? AND status != ?";
2127 @bind = ('nwiger', 'completed');
2128
2129To test against multiple values, just enclose the values in an arrayref:
2130
96449e8e 2131 status => { '=', ['assigned', 'in-progress', 'pending'] };
2132
f2d5020d 2133Which would give you:
96449e8e 2134
2135 "WHERE status = ? OR status = ? OR status = ?"
2136
2137
2138The hashref can also contain multiple pairs, in which case it is expanded
32eab2da 2139into an C<AND> of its elements:
2140
2141 my %where = (
2142 user => 'nwiger',
2143 status => { '!=', 'completed', -not_like => 'pending%' }
2144 );
2145
2146 # Or more dynamically, like from a form
2147 $where{user} = 'nwiger';
2148 $where{status}{'!='} = 'completed';
2149 $where{status}{'-not_like'} = 'pending%';
2150
2151 # Both generate this
2152 $stmt = "WHERE user = ? AND status != ? AND status NOT LIKE ?";
2153 @bind = ('nwiger', 'completed', 'pending%');
2154
96449e8e 2155
32eab2da 2156To get an OR instead, you can combine it with the arrayref idea:
2157
2158 my %where => (
2159 user => 'nwiger',
1a6f2a03 2160 priority => [ { '=', 2 }, { '>', 5 } ]
32eab2da 2161 );
2162
2163Which would generate:
2164
1a6f2a03 2165 $stmt = "WHERE ( priority = ? OR priority > ? ) AND user = ?";
2166 @bind = ('2', '5', 'nwiger');
32eab2da 2167
44b9e502 2168If you want to include literal SQL (with or without bind values), just use a
13cc86af 2169scalar reference or reference to an arrayref as the value:
44b9e502 2170
2171 my %where = (
2172 date_entered => { '>' => \["to_date(?, 'MM/DD/YYYY')", "11/26/2008"] },
2173 date_expires => { '<' => \"now()" }
2174 );
2175
2176Which would generate:
2177
13cc86af 2178 $stmt = "WHERE date_entered > to_date(?, 'MM/DD/YYYY') AND date_expires < now()";
44b9e502 2179 @bind = ('11/26/2008');
2180
96449e8e 2181
2182=head2 Logic and nesting operators
2183
2184In the example above,
2185there is a subtle trap if you want to say something like
32eab2da 2186this (notice the C<AND>):
2187
2188 WHERE priority != ? AND priority != ?
2189
2190Because, in Perl you I<can't> do this:
2191
13cc86af 2192 priority => { '!=' => 2, '!=' => 1 }
32eab2da 2193
2194As the second C<!=> key will obliterate the first. The solution
2195is to use the special C<-modifier> form inside an arrayref:
2196
9d48860e 2197 priority => [ -and => {'!=', 2},
96449e8e 2198 {'!=', 1} ]
2199
32eab2da 2200
2201Normally, these would be joined by C<OR>, but the modifier tells it
2202to use C<AND> instead. (Hint: You can use this in conjunction with the
2203C<logic> option to C<new()> in order to change the way your queries
2204work by default.) B<Important:> Note that the C<-modifier> goes
2205B<INSIDE> the arrayref, as an extra first element. This will
2206B<NOT> do what you think it might:
2207
2208 priority => -and => [{'!=', 2}, {'!=', 1}] # WRONG!
2209
2210Here is a quick list of equivalencies, since there is some overlap:
2211
2212 # Same
2213 status => {'!=', 'completed', 'not like', 'pending%' }
2214 status => [ -and => {'!=', 'completed'}, {'not like', 'pending%'}]
2215
2216 # Same
2217 status => {'=', ['assigned', 'in-progress']}
2218 status => [ -or => {'=', 'assigned'}, {'=', 'in-progress'}]
2219 status => [ {'=', 'assigned'}, {'=', 'in-progress'} ]
2220
e3f9dff4 2221
2222
be21dde3 2223=head2 Special operators: IN, BETWEEN, etc.
96449e8e 2224
32eab2da 2225You can also use the hashref format to compare a list of fields using the
2226C<IN> comparison operator, by specifying the list as an arrayref:
2227
2228 my %where = (
2229 status => 'completed',
2230 reportid => { -in => [567, 2335, 2] }
2231 );
2232
2233Which would generate:
2234
2235 $stmt = "WHERE status = ? AND reportid IN (?,?,?)";
2236 @bind = ('completed', '567', '2335', '2');
2237
9d48860e 2238The reverse operator C<-not_in> generates SQL C<NOT IN> and is used in
96449e8e 2239the same way.
2240
6e0c6552 2241If the argument to C<-in> is an empty array, 'sqlfalse' is generated
be21dde3 2242(by default: C<1=0>). Similarly, C<< -not_in => [] >> generates
2243'sqltrue' (by default: C<1=1>).
6e0c6552 2244
e41c3bdd 2245In addition to the array you can supply a chunk of literal sql or
2246literal sql with bind:
6e0c6552 2247
e41c3bdd 2248 my %where = {
2249 customer => { -in => \[
2250 'SELECT cust_id FROM cust WHERE balance > ?',
2251 2000,
2252 ],
2253 status => { -in => \'SELECT status_codes FROM states' },
2254 };
6e0c6552 2255
e41c3bdd 2256would generate:
2257
2258 $stmt = "WHERE (
2259 customer IN ( SELECT cust_id FROM cust WHERE balance > ? )
2260 AND status IN ( SELECT status_codes FROM states )
2261 )";
2262 @bind = ('2000');
2263
0dfd2442 2264Finally, if the argument to C<-in> is not a reference, it will be
2265treated as a single-element array.
e41c3bdd 2266
2267Another pair of operators is C<-between> and C<-not_between>,
96449e8e 2268used with an arrayref of two values:
32eab2da 2269
2270 my %where = (
2271 user => 'nwiger',
2272 completion_date => {
2273 -not_between => ['2002-10-01', '2003-02-06']
2274 }
2275 );
2276
2277Would give you:
2278
2279 WHERE user = ? AND completion_date NOT BETWEEN ( ? AND ? )
2280
e41c3bdd 2281Just like with C<-in> all plausible combinations of literal SQL
2282are possible:
2283
2284 my %where = {
2285 start0 => { -between => [ 1, 2 ] },
2286 start1 => { -between => \["? AND ?", 1, 2] },
2287 start2 => { -between => \"lower(x) AND upper(y)" },
9d48860e 2288 start3 => { -between => [
e41c3bdd 2289 \"lower(x)",
2290 \["upper(?)", 'stuff' ],
2291 ] },
2292 };
2293
2294Would give you:
2295
2296 $stmt = "WHERE (
2297 ( start0 BETWEEN ? AND ? )
2298 AND ( start1 BETWEEN ? AND ? )
2299 AND ( start2 BETWEEN lower(x) AND upper(y) )
2300 AND ( start3 BETWEEN lower(x) AND upper(?) )
2301 )";
2302 @bind = (1, 2, 1, 2, 'stuff');
2303
2304
9d48860e 2305These are the two builtin "special operators"; but the
be21dde3 2306list can be expanded: see section L</"SPECIAL OPERATORS"> below.
96449e8e 2307
59f23b3d 2308=head2 Unary operators: bool
97a920ef 2309
2310If you wish to test against boolean columns or functions within your
2311database you can use the C<-bool> and C<-not_bool> operators. For
2312example to test the column C<is_user> being true and the column
827bb0eb 2313C<is_enabled> being false you would use:-
97a920ef 2314
2315 my %where = (
2316 -bool => 'is_user',
2317 -not_bool => 'is_enabled',
2318 );
2319
2320Would give you:
2321
277b5d3f 2322 WHERE is_user AND NOT is_enabled
97a920ef 2323
0b604e9d 2324If a more complex combination is required, testing more conditions,
2325then you should use the and/or operators:-
2326
2327 my %where = (
2328 -and => [
2329 -bool => 'one',
23401b81 2330 -not_bool => { two=> { -rlike => 'bar' } },
2331 -not_bool => { three => [ { '=', 2 }, { '>', 5 } ] },
0b604e9d 2332 ],
2333 );
2334
2335Would give you:
2336
23401b81 2337 WHERE
2338 one
2339 AND
2340 (NOT two RLIKE ?)
2341 AND
2342 (NOT ( three = ? OR three > ? ))
97a920ef 2343
2344
107b72f1 2345=head2 Nested conditions, -and/-or prefixes
96449e8e 2346
32eab2da 2347So far, we've seen how multiple conditions are joined with a top-level
2348C<AND>. We can change this by putting the different conditions we want in
2349hashes and then putting those hashes in an array. For example:
2350
2351 my @where = (
2352 {
2353 user => 'nwiger',
2354 status => { -like => ['pending%', 'dispatched'] },
2355 },
2356 {
2357 user => 'robot',
2358 status => 'unassigned',
2359 }
2360 );
2361
2362This data structure would create the following:
2363
2364 $stmt = "WHERE ( user = ? AND ( status LIKE ? OR status LIKE ? ) )
2365 OR ( user = ? AND status = ? ) )";
2366 @bind = ('nwiger', 'pending', 'dispatched', 'robot', 'unassigned');
2367
107b72f1 2368
48d9f5f8 2369Clauses in hashrefs or arrayrefs can be prefixed with an C<-and> or C<-or>
be21dde3 2370to change the logic inside:
32eab2da 2371
2372 my @where = (
2373 -and => [
2374 user => 'nwiger',
48d9f5f8 2375 [
2376 -and => [ workhrs => {'>', 20}, geo => 'ASIA' ],
2377 -or => { workhrs => {'<', 50}, geo => 'EURO' },
32eab2da 2378 ],
2379 ],
2380 );
2381
2382That would yield:
2383
13cc86af 2384 $stmt = "WHERE ( user = ?
2385 AND ( ( workhrs > ? AND geo = ? )
2386 OR ( workhrs < ? OR geo = ? ) ) )";
2387 @bind = ('nwiger', '20', 'ASIA', '50', 'EURO');
107b72f1 2388
cc422895 2389=head3 Algebraic inconsistency, for historical reasons
107b72f1 2390
7cac25e6 2391C<Important note>: when connecting several conditions, the C<-and->|C<-or>
2392operator goes C<outside> of the nested structure; whereas when connecting
2393several constraints on one column, the C<-and> operator goes
be21dde3 2394C<inside> the arrayref. Here is an example combining both features:
7cac25e6 2395
2396 my @where = (
2397 -and => [a => 1, b => 2],
2398 -or => [c => 3, d => 4],
2399 e => [-and => {-like => 'foo%'}, {-like => '%bar'} ]
2400 )
2401
2402yielding
2403
9d48860e 2404 WHERE ( ( ( a = ? AND b = ? )
2405 OR ( c = ? OR d = ? )
7cac25e6 2406 OR ( e LIKE ? AND e LIKE ? ) ) )
2407
107b72f1 2408This difference in syntax is unfortunate but must be preserved for
be21dde3 2409historical reasons. So be careful: the two examples below would
107b72f1 2410seem algebraically equivalent, but they are not
2411
a948b1fe 2412 { col => [ -and =>
2413 { -like => 'foo%' },
2414 { -like => '%bar' },
2415 ] }
be21dde3 2416 # yields: WHERE ( ( col LIKE ? AND col LIKE ? ) )
107b72f1 2417
a948b1fe 2418 [ -and =>
2419 { col => { -like => 'foo%' } },
2420 { col => { -like => '%bar' } },
2421 ]
be21dde3 2422 # yields: WHERE ( ( col LIKE ? OR col LIKE ? ) )
107b72f1 2423
7cac25e6 2424
cc422895 2425=head2 Literal SQL and value type operators
96449e8e 2426
cc422895 2427The basic premise of SQL::Abstract is that in WHERE specifications the "left
2428side" is a column name and the "right side" is a value (normally rendered as
2429a placeholder). This holds true for both hashrefs and arrayref pairs as you
2430see in the L</WHERE CLAUSES> examples above. Sometimes it is necessary to
2431alter this behavior. There are several ways of doing so.
e9614080 2432
cc422895 2433=head3 -ident
2434
2435This is a virtual operator that signals the string to its right side is an
2436identifier (a column name) and not a value. For example to compare two
2437columns you would write:
32eab2da 2438
e9614080 2439 my %where = (
2440 priority => { '<', 2 },
cc422895 2441 requestor => { -ident => 'submitter' },
e9614080 2442 );
2443
2444which creates:
2445
2446 $stmt = "WHERE priority < ? AND requestor = submitter";
2447 @bind = ('2');
2448
cc422895 2449If you are maintaining legacy code you may see a different construct as
2450described in L</Deprecated usage of Literal SQL>, please use C<-ident> in new
2451code.
2452
2453=head3 -value
e9614080 2454
cc422895 2455This is a virtual operator that signals that the construct to its right side
2456is a value to be passed to DBI. This is for example necessary when you want
2457to write a where clause against an array (for RDBMS that support such
2458datatypes). For example:
e9614080 2459
32eab2da 2460 my %where = (
cc422895 2461 array => { -value => [1, 2, 3] }
32eab2da 2462 );
2463
cc422895 2464will result in:
32eab2da 2465
cc422895 2466 $stmt = 'WHERE array = ?';
2467 @bind = ([1, 2, 3]);
32eab2da 2468
cc422895 2469Note that if you were to simply say:
32eab2da 2470
2471 my %where = (
cc422895 2472 array => [1, 2, 3]
32eab2da 2473 );
2474
3af02ccb 2475the result would probably not be what you wanted:
cc422895 2476
2477 $stmt = 'WHERE array = ? OR array = ? OR array = ?';
2478 @bind = (1, 2, 3);
2479
2480=head3 Literal SQL
96449e8e 2481
cc422895 2482Finally, sometimes only literal SQL will do. To include a random snippet
2483of SQL verbatim, you specify it as a scalar reference. Consider this only
2484as a last resort. Usually there is a better way. For example:
96449e8e 2485
2486 my %where = (
cc422895 2487 priority => { '<', 2 },
2488 requestor => { -in => \'(SELECT name FROM hitmen)' },
96449e8e 2489 );
2490
cc422895 2491Would create:
96449e8e 2492
cc422895 2493 $stmt = "WHERE priority < ? AND requestor IN (SELECT name FROM hitmen)"
2494 @bind = (2);
2495
2496Note that in this example, you only get one bind parameter back, since
2497the verbatim SQL is passed as part of the statement.
2498
2499=head4 CAVEAT
2500
2501 Never use untrusted input as a literal SQL argument - this is a massive
2502 security risk (there is no way to check literal snippets for SQL
2503 injections and other nastyness). If you need to deal with untrusted input
2504 use literal SQL with placeholders as described next.
96449e8e 2505
cc422895 2506=head3 Literal SQL with placeholders and bind values (subqueries)
96449e8e 2507
2508If the literal SQL to be inserted has placeholders and bind values,
2509use a reference to an arrayref (yes this is a double reference --
2510not so common, but perfectly legal Perl). For example, to find a date
2511in Postgres you can use something like this:
2512
2513 my %where = (
3ae1c5e2 2514 date_column => \[ "= date '2008-09-30' - ?::integer", 10 ]
96449e8e 2515 )
2516
2517This would create:
2518
d2a8fe1a 2519 $stmt = "WHERE ( date_column = date '2008-09-30' - ?::integer )"
96449e8e 2520 @bind = ('10');
2521
deb148a2 2522Note that you must pass the bind values in the same format as they are returned
85783f3c 2523by L<where|/where(\%where, $order)>. This means that if you set L</bindtype>
1f490ae4 2524to C<columns>, you must provide the bind values in the
2525C<< [ column_meta => value ] >> format, where C<column_meta> is an opaque
2526scalar value; most commonly the column name, but you can use any scalar value
2527(including references and blessed references), L<SQL::Abstract> will simply
2528pass it through intact. So if C<bindtype> is set to C<columns> the above
2529example will look like:
deb148a2 2530
2531 my %where = (
3ae1c5e2 2532 date_column => \[ "= date '2008-09-30' - ?::integer", [ {} => 10 ] ]
deb148a2 2533 )
96449e8e 2534
2535Literal SQL is especially useful for nesting parenthesized clauses in the
be21dde3 2536main SQL query. Here is a first example:
96449e8e 2537
2538 my ($sub_stmt, @sub_bind) = ("SELECT c1 FROM t1 WHERE c2 < ? AND c3 LIKE ?",
2539 100, "foo%");
2540 my %where = (
2541 foo => 1234,
2542 bar => \["IN ($sub_stmt)" => @sub_bind],
2543 );
2544
be21dde3 2545This yields:
96449e8e 2546
9d48860e 2547 $stmt = "WHERE (foo = ? AND bar IN (SELECT c1 FROM t1
96449e8e 2548 WHERE c2 < ? AND c3 LIKE ?))";
2549 @bind = (1234, 100, "foo%");
2550
9d48860e 2551Other subquery operators, like for example C<"E<gt> ALL"> or C<"NOT IN">,
96449e8e 2552are expressed in the same way. Of course the C<$sub_stmt> and
9d48860e 2553its associated bind values can be generated through a former call
96449e8e 2554to C<select()> :
2555
2556 my ($sub_stmt, @sub_bind)
9d48860e 2557 = $sql->select("t1", "c1", {c2 => {"<" => 100},
96449e8e 2558 c3 => {-like => "foo%"}});
2559 my %where = (
2560 foo => 1234,
2561 bar => \["> ALL ($sub_stmt)" => @sub_bind],
2562 );
2563
2564In the examples above, the subquery was used as an operator on a column;
9d48860e 2565but the same principle also applies for a clause within the main C<%where>
be21dde3 2566hash, like an EXISTS subquery:
96449e8e 2567
9d48860e 2568 my ($sub_stmt, @sub_bind)
96449e8e 2569 = $sql->select("t1", "*", {c1 => 1, c2 => \"> t0.c0"});
48d9f5f8 2570 my %where = ( -and => [
96449e8e 2571 foo => 1234,
48d9f5f8 2572 \["EXISTS ($sub_stmt)" => @sub_bind],
2573 ]);
96449e8e 2574
2575which yields
2576
9d48860e 2577 $stmt = "WHERE (foo = ? AND EXISTS (SELECT * FROM t1
96449e8e 2578 WHERE c1 = ? AND c2 > t0.c0))";
2579 @bind = (1234, 1);
2580
2581
9d48860e 2582Observe that the condition on C<c2> in the subquery refers to
be21dde3 2583column C<t0.c0> of the main query: this is I<not> a bind
9d48860e 2584value, so we have to express it through a scalar ref.
96449e8e 2585Writing C<< c2 => {">" => "t0.c0"} >> would have generated
2586C<< c2 > ? >> with bind value C<"t0.c0"> ... not exactly
2587what we wanted here.
2588
96449e8e 2589Finally, here is an example where a subquery is used
2590for expressing unary negation:
2591
9d48860e 2592 my ($sub_stmt, @sub_bind)
96449e8e 2593 = $sql->where({age => [{"<" => 10}, {">" => 20}]});
2594 $sub_stmt =~ s/^ where //i; # don't want "WHERE" in the subclause
2595 my %where = (
2596 lname => {like => '%son%'},
48d9f5f8 2597 \["NOT ($sub_stmt)" => @sub_bind],
96449e8e 2598 );
2599
2600This yields
2601
2602 $stmt = "lname LIKE ? AND NOT ( age < ? OR age > ? )"
2603 @bind = ('%son%', 10, 20)
2604
cc422895 2605=head3 Deprecated usage of Literal SQL
2606
2607Below are some examples of archaic use of literal SQL. It is shown only as
2608reference for those who deal with legacy code. Each example has a much
2609better, cleaner and safer alternative that users should opt for in new code.
2610
2611=over
2612
2613=item *
2614
2615 my %where = ( requestor => \'IS NOT NULL' )
2616
2617 $stmt = "WHERE requestor IS NOT NULL"
2618
2619This used to be the way of generating NULL comparisons, before the handling
2620of C<undef> got formalized. For new code please use the superior syntax as
2621described in L</Tests for NULL values>.
96449e8e 2622
cc422895 2623=item *
2624
2625 my %where = ( requestor => \'= submitter' )
2626
2627 $stmt = "WHERE requestor = submitter"
2628
2629This used to be the only way to compare columns. Use the superior L</-ident>
2630method for all new code. For example an identifier declared in such a way
2631will be properly quoted if L</quote_char> is properly set, while the legacy
2632form will remain as supplied.
2633
2634=item *
2635
2636 my %where = ( is_ready => \"", completed => { '>', '2012-12-21' } )
2637
2638 $stmt = "WHERE completed > ? AND is_ready"
2639 @bind = ('2012-12-21')
2640
2641Using an empty string literal used to be the only way to express a boolean.
2642For all new code please use the much more readable
2643L<-bool|/Unary operators: bool> operator.
2644
2645=back
96449e8e 2646
2647=head2 Conclusion
2648
32eab2da 2649These pages could go on for a while, since the nesting of the data
2650structures this module can handle are pretty much unlimited (the
2651module implements the C<WHERE> expansion as a recursive function
2652internally). Your best bet is to "play around" with the module a
2653little to see how the data structures behave, and choose the best
2654format for your data based on that.
2655
2656And of course, all the values above will probably be replaced with
2657variables gotten from forms or the command line. After all, if you
2658knew everything ahead of time, you wouldn't have to worry about
2659dynamically-generating SQL and could just hardwire it into your
2660script.
2661
86298391 2662=head1 ORDER BY CLAUSES
2663
9d48860e 2664Some functions take an order by clause. This can either be a scalar (just a
18710f60 2665column name), a hashref of C<< { -desc => 'col' } >> or C<< { -asc => 'col' }
2666>>, a scalarref, an arrayref-ref, or an arrayref of any of the previous
2667forms. Examples:
1cfa1db3 2668
8c15b421 2669 Given | Will Generate
18710f60 2670 ---------------------------------------------------------------
8c15b421 2671 |
2672 'colA' | ORDER BY colA
2673 |
2674 [qw/colA colB/] | ORDER BY colA, colB
2675 |
2676 {-asc => 'colA'} | ORDER BY colA ASC
2677 |
2678 {-desc => 'colB'} | ORDER BY colB DESC
2679 |
2680 ['colA', {-asc => 'colB'}] | ORDER BY colA, colB ASC
2681 |
2682 { -asc => [qw/colA colB/] } | ORDER BY colA ASC, colB ASC
2683 |
2684 \'colA DESC' | ORDER BY colA DESC
2685 |
2686 \[ 'FUNC(colA, ?)', $x ] | ORDER BY FUNC(colA, ?)
2687 | /* ...with $x bound to ? */
2688 |
bd805d85 2689 [ | ORDER BY
2690 { -asc => 'colA' }, | colA ASC,
2691 { -desc => [qw/colB/] }, | colB DESC,
2692 { -asc => [qw/colC colD/] },| colC ASC, colD ASC,
2693 \'colE DESC', | colE DESC,
2694 \[ 'FUNC(colF, ?)', $x ], | FUNC(colF, ?)
2695 ] | /* ...with $x bound to ? */
18710f60 2696 ===============================================================
86298391 2697
96449e8e 2698
2699
2700=head1 SPECIAL OPERATORS
2701
e3f9dff4 2702 my $sqlmaker = SQL::Abstract->new(special_ops => [
3a2e1a5e 2703 {
2704 regex => qr/.../,
e3f9dff4 2705 handler => sub {
2706 my ($self, $field, $op, $arg) = @_;
2707 ...
3a2e1a5e 2708 },
2709 },
2710 {
2711 regex => qr/.../,
2712 handler => 'method_name',
e3f9dff4 2713 },
2714 ]);
2715
9d48860e 2716A "special operator" is a SQL syntactic clause that can be
e3f9dff4 2717applied to a field, instead of a usual binary operator.
be21dde3 2718For example:
e3f9dff4 2719
2720 WHERE field IN (?, ?, ?)
2721 WHERE field BETWEEN ? AND ?
2722 WHERE MATCH(field) AGAINST (?, ?)
96449e8e 2723
e3f9dff4 2724Special operators IN and BETWEEN are fairly standard and therefore
3a2e1a5e 2725are builtin within C<SQL::Abstract> (as the overridable methods
2726C<_where_field_IN> and C<_where_field_BETWEEN>). For other operators,
2727like the MATCH .. AGAINST example above which is specific to MySQL,
2728you can write your own operator handlers - supply a C<special_ops>
2729argument to the C<new> method. That argument takes an arrayref of
2730operator definitions; each operator definition is a hashref with two
2731entries:
96449e8e 2732
e3f9dff4 2733=over
2734
2735=item regex
2736
2737the regular expression to match the operator
96449e8e 2738
e3f9dff4 2739=item handler
2740
3a2e1a5e 2741Either a coderef or a plain scalar method name. In both cases
2742the expected return is C<< ($sql, @bind) >>.
2743
2744When supplied with a method name, it is simply called on the
13cc86af 2745L<SQL::Abstract> object as:
3a2e1a5e 2746
ca4f826a 2747 $self->$method_name($field, $op, $arg)
3a2e1a5e 2748
2749 Where:
2750
3a2e1a5e 2751 $field is the LHS of the operator
13cc86af 2752 $op is the part that matched the handler regex
3a2e1a5e 2753 $arg is the RHS
2754
2755When supplied with a coderef, it is called as:
2756
2757 $coderef->($self, $field, $op, $arg)
2758
e3f9dff4 2759
2760=back
2761
9d48860e 2762For example, here is an implementation
e3f9dff4 2763of the MATCH .. AGAINST syntax for MySQL
2764
2765 my $sqlmaker = SQL::Abstract->new(special_ops => [
9d48860e 2766
e3f9dff4 2767 # special op for MySql MATCH (field) AGAINST(word1, word2, ...)
9d48860e 2768 {regex => qr/^match$/i,
e3f9dff4 2769 handler => sub {
2770 my ($self, $field, $op, $arg) = @_;
2771 $arg = [$arg] if not ref $arg;
2772 my $label = $self->_quote($field);
2773 my ($placeholder) = $self->_convert('?');
2774 my $placeholders = join ", ", (($placeholder) x @$arg);
2775 my $sql = $self->_sqlcase('match') . " ($label) "
2776 . $self->_sqlcase('against') . " ($placeholders) ";
2777 my @bind = $self->_bindtype($field, @$arg);
2778 return ($sql, @bind);
2779 }
2780 },
9d48860e 2781
e3f9dff4 2782 ]);
96449e8e 2783
2784
59f23b3d 2785=head1 UNARY OPERATORS
2786
112b5232 2787 my $sqlmaker = SQL::Abstract->new(unary_ops => [
59f23b3d 2788 {
2789 regex => qr/.../,
2790 handler => sub {
2791 my ($self, $op, $arg) = @_;
2792 ...
2793 },
2794 },
2795 {
2796 regex => qr/.../,
2797 handler => 'method_name',
2798 },
2799 ]);
2800
9d48860e 2801A "unary operator" is a SQL syntactic clause that can be
59f23b3d 2802applied to a field - the operator goes before the field
2803
2804You can write your own operator handlers - supply a C<unary_ops>
2805argument to the C<new> method. That argument takes an arrayref of
2806operator definitions; each operator definition is a hashref with two
2807entries:
2808
2809=over
2810
2811=item regex
2812
2813the regular expression to match the operator
2814
2815=item handler
2816
2817Either a coderef or a plain scalar method name. In both cases
2818the expected return is C<< $sql >>.
2819
2820When supplied with a method name, it is simply called on the
13cc86af 2821L<SQL::Abstract> object as:
59f23b3d 2822
ca4f826a 2823 $self->$method_name($op, $arg)
59f23b3d 2824
2825 Where:
2826
2827 $op is the part that matched the handler regex
2828 $arg is the RHS or argument of the operator
2829
2830When supplied with a coderef, it is called as:
2831
2832 $coderef->($self, $op, $arg)
2833
2834
2835=back
2836
2837
32eab2da 2838=head1 PERFORMANCE
2839
2840Thanks to some benchmarking by Mark Stosberg, it turns out that
2841this module is many orders of magnitude faster than using C<DBIx::Abstract>.
2842I must admit this wasn't an intentional design issue, but it's a
2843byproduct of the fact that you get to control your C<DBI> handles
2844yourself.
2845
2846To maximize performance, use a code snippet like the following:
2847
2848 # prepare a statement handle using the first row
2849 # and then reuse it for the rest of the rows
2850 my($sth, $stmt);
2851 for my $href (@array_of_hashrefs) {
2852 $stmt ||= $sql->insert('table', $href);
2853 $sth ||= $dbh->prepare($stmt);
2854 $sth->execute($sql->values($href));
2855 }
2856
2857The reason this works is because the keys in your C<$href> are sorted
2858internally by B<SQL::Abstract>. Thus, as long as your data retains
2859the same structure, you only have to generate the SQL the first time
2860around. On subsequent queries, simply use the C<values> function provided
2861by this module to return your values in the correct order.
2862
b864ba9b 2863However this depends on the values having the same type - if, for
2864example, the values of a where clause may either have values
2865(resulting in sql of the form C<column = ?> with a single bind
2866value), or alternatively the values might be C<undef> (resulting in
2867sql of the form C<column IS NULL> with no bind value) then the
2868caching technique suggested will not work.
96449e8e 2869
32eab2da 2870=head1 FORMBUILDER
2871
2872If you use my C<CGI::FormBuilder> module at all, you'll hopefully
2873really like this part (I do, at least). Building up a complex query
2874can be as simple as the following:
2875
2876 #!/usr/bin/perl
2877
46dc2f3e 2878 use warnings;
2879 use strict;
2880
32eab2da 2881 use CGI::FormBuilder;
2882 use SQL::Abstract;
2883
2884 my $form = CGI::FormBuilder->new(...);
2885 my $sql = SQL::Abstract->new;
2886
2887 if ($form->submitted) {
2888 my $field = $form->field;
2889 my $id = delete $field->{id};
2890 my($stmt, @bind) = $sql->update('table', $field, {id => $id});
2891 }
2892
2893Of course, you would still have to connect using C<DBI> to run the
2894query, but the point is that if you make your form look like your
2895table, the actual query script can be extremely simplistic.
2896
2897If you're B<REALLY> lazy (I am), check out C<HTML::QuickTable> for
9d48860e 2898a fast interface to returning and formatting data. I frequently
32eab2da 2899use these three modules together to write complex database query
2900apps in under 50 lines.
2901
af733667 2902=head1 HOW TO CONTRIBUTE
2903
2904Contributions are always welcome, in all usable forms (we especially
2905welcome documentation improvements). The delivery methods include git-
2906or unified-diff formatted patches, GitHub pull requests, or plain bug
2907reports either via RT or the Mailing list. Contributors are generally
2908granted full access to the official repository after their first several
2909patches pass successful review.
2910
2911This project is maintained in a git repository. The code and related tools are
2912accessible at the following locations:
d8cc1792 2913
2914=over
2915
af733667 2916=item * Official repo: L<git://git.shadowcat.co.uk/dbsrgits/SQL-Abstract.git>
2917
2918=item * Official gitweb: L<http://git.shadowcat.co.uk/gitweb/gitweb.cgi?p=dbsrgits/SQL-Abstract.git>
2919
2920=item * GitHub mirror: L<https://github.com/dbsrgits/sql-abstract>
d8cc1792 2921
af733667 2922=item * Authorized committers: L<ssh://dbsrgits@git.shadowcat.co.uk/SQL-Abstract.git>
d8cc1792 2923
2924=back
32eab2da 2925
96449e8e 2926=head1 CHANGES
2927
2928Version 1.50 was a major internal refactoring of C<SQL::Abstract>.
2929Great care has been taken to preserve the I<published> behavior
2930documented in previous versions in the 1.* family; however,
9d48860e 2931some features that were previously undocumented, or behaved
96449e8e 2932differently from the documentation, had to be changed in order
2933to clarify the semantics. Hence, client code that was relying
9d48860e 2934on some dark areas of C<SQL::Abstract> v1.*
96449e8e 2935B<might behave differently> in v1.50.
32eab2da 2936
be21dde3 2937The main changes are:
d2a8fe1a 2938
96449e8e 2939=over
32eab2da 2940
9d48860e 2941=item *
32eab2da 2942
3ae1c5e2 2943support for literal SQL through the C<< \ [ $sql, @bind ] >> syntax.
96449e8e 2944
2945=item *
2946
145fbfc8 2947support for the { operator => \"..." } construct (to embed literal SQL)
2948
2949=item *
2950
9c37b9c0 2951support for the { operator => \["...", @bind] } construct (to embed literal SQL with bind values)
2952
2953=item *
2954
96449e8e 2955optional support for L<array datatypes|/"Inserting and Updating Arrays">
2956
9d48860e 2957=item *
96449e8e 2958
be21dde3 2959defensive programming: check arguments
96449e8e 2960
2961=item *
2962
2963fixed bug with global logic, which was previously implemented
7cac25e6 2964through global variables yielding side-effects. Prior versions would
96449e8e 2965interpret C<< [ {cond1, cond2}, [cond3, cond4] ] >>
2966as C<< "(cond1 AND cond2) OR (cond3 AND cond4)" >>.
2967Now this is interpreted
2968as C<< "(cond1 AND cond2) OR (cond3 OR cond4)" >>.
2969
96449e8e 2970
2971=item *
2972
2973fixed semantics of _bindtype on array args
2974
9d48860e 2975=item *
96449e8e 2976
2977dropped the C<_anoncopy> of the %where tree. No longer necessary,
2978we just avoid shifting arrays within that tree.
2979
2980=item *
2981
2982dropped the C<_modlogic> function
2983
2984=back
32eab2da 2985
32eab2da 2986=head1 ACKNOWLEDGEMENTS
2987
2988There are a number of individuals that have really helped out with
2989this module. Unfortunately, most of them submitted bugs via CPAN
2990so I have no idea who they are! But the people I do know are:
2991
9d48860e 2992 Ash Berlin (order_by hash term support)
b643abe1 2993 Matt Trout (DBIx::Class support)
32eab2da 2994 Mark Stosberg (benchmarking)
2995 Chas Owens (initial "IN" operator support)
2996 Philip Collins (per-field SQL functions)
2997 Eric Kolve (hashref "AND" support)
2998 Mike Fragassi (enhancements to "BETWEEN" and "LIKE")
2999 Dan Kubb (support for "quote_char" and "name_sep")
f5aab26e 3000 Guillermo Roditi (patch to cleanup "IN" and "BETWEEN", fix and tests for _order_by)
48d9f5f8 3001 Laurent Dami (internal refactoring, extensible list of special operators, literal SQL)
dbdf7648 3002 Norbert Buchmuller (support for literal SQL in hashpair, misc. fixes & tests)
e96c510a 3003 Peter Rabbitson (rewrite of SQLA::Test, misc. fixes & tests)
02288357 3004 Oliver Charles (support for "RETURNING" after "INSERT")
32eab2da 3005
3006Thanks!
3007
32eab2da 3008=head1 SEE ALSO
3009
86298391 3010L<DBIx::Class>, L<DBIx::Abstract>, L<CGI::FormBuilder>, L<HTML::QuickTable>.
32eab2da 3011
32eab2da 3012=head1 AUTHOR
3013
b643abe1 3014Copyright (c) 2001-2007 Nathan Wiger <nwiger@cpan.org>. All Rights Reserved.
3015
3016This module is actively maintained by Matt Trout <mst@shadowcatsystems.co.uk>
32eab2da 3017
abe72f94 3018For support, your best bet is to try the C<DBIx::Class> users mailing list.
3019While not an official support venue, C<DBIx::Class> makes heavy use of
3020C<SQL::Abstract>, and as such list members there are very familiar with
3021how to create queries.
3022
0d067ded 3023=head1 LICENSE
3024
d988ab87 3025This module is free software; you may copy this under the same
3026terms as perl itself (either the GNU General Public License or
3027the Artistic License)
32eab2da 3028
3029=cut
Unnamed repository; edit this file 'description' to name the repository.