Commit | Line | Data |
96449e8e |
1 | package SQL::Abstract; # see doc at end of file |
2 | |
9d9d5bd6 |
3 | use Carp (); |
312d830b |
4 | use List::Util (); |
5 | use Scalar::Util (); |
a82e41dc |
6 | use Module::Runtime qw(use_module); |
3a9aca02 |
7 | use Moo; |
8b9b83ae |
8 | use namespace::clean; |
96449e8e |
9 | |
3cb8f017 |
10 | our $VERSION = '1.74'; |
22f1a437 |
11 | # This would confuse some packagers |
c520207b |
12 | $VERSION = eval $VERSION if $VERSION =~ /_/; # numify for warning-free dev releases |
96449e8e |
13 | |
14 | sub belch (@) { |
15 | my($func) = (caller(1))[3]; |
9d9d5bd6 |
16 | Carp::carp "[$func] Warning: ", @_; |
96449e8e |
17 | } |
18 | |
19 | sub puke (@) { |
20 | my($func) = (caller(1))[3]; |
9d9d5bd6 |
21 | Carp::croak "[$func] Fatal: ", @_; |
96449e8e |
22 | } |
23 | |
a82e41dc |
24 | has converter => (is => 'lazy', clearer => 'clear_converter'); |
96449e8e |
25 | |
3a9aca02 |
26 | has case => ( |
27 | is => 'ro', coerce => sub { $_[0] eq 'lower' ? 'lower' : undef } |
28 | ); |
96449e8e |
29 | |
3a9aca02 |
30 | has logic => ( |
31 | is => 'ro', coerce => sub { uc($_[0]) }, default => sub { 'OR' } |
32 | ); |
96449e8e |
33 | |
3a9aca02 |
34 | has bindtype => ( |
35 | is => 'ro', default => sub { 'normal' } |
36 | ); |
96449e8e |
37 | |
3a9aca02 |
38 | has cmp => (is => 'ro', default => sub { '=' }); |
96449e8e |
39 | |
3a9aca02 |
40 | has sqltrue => (is => 'ro', default => sub { '1=1' }); |
41 | has sqlfalse => (is => 'ro', default => sub { '0=1' }); |
42 | |
43 | has special_ops => (is => 'ro', default => sub { [] }); |
44 | has unary_ops => (is => 'ro', default => sub { [] }); |
59f23b3d |
45 | |
a82e41dc |
46 | # FIXME |
47 | # need to guard against ()'s in column names too, but this will break tons of |
48 | # hacks... ideas anyone? |
8f57728a |
49 | |
3a9aca02 |
50 | has injection_guard => ( |
51 | is => 'ro', |
52 | default => sub { |
53 | qr/ |
54 | \; |
55 | | |
56 | ^ \s* go \s |
57 | /xmi; |
58 | } |
59 | ); |
60 | |
29a3e5dc |
61 | has renderer => (is => 'lazy', clearer => 'clear_renderer'); |
3a9aca02 |
62 | |
29a3e5dc |
63 | has name_sep => ( |
64 | is => 'rw', default => sub { '.' }, |
a82e41dc |
65 | trigger => sub { |
66 | $_[0]->clear_renderer; |
67 | $_[0]->clear_converter; |
68 | }, |
29a3e5dc |
69 | ); |
3a9aca02 |
70 | |
29a3e5dc |
71 | has quote_char => ( |
72 | is => 'rw', |
a82e41dc |
73 | trigger => sub { |
74 | $_[0]->clear_renderer; |
75 | $_[0]->clear_converter; |
76 | }, |
29a3e5dc |
77 | ); |
a9bb5c4c |
78 | |
62d17764 |
79 | has collapse_aliases => ( |
80 | is => 'ro', |
81 | default => sub { 0 } |
82 | ); |
83 | |
a82e41dc |
84 | has always_quote => ( |
85 | is => 'rw', default => sub { 1 }, |
86 | trigger => sub { |
87 | $_[0]->clear_renderer; |
88 | $_[0]->clear_converter; |
89 | }, |
90 | ); |
3a9aca02 |
91 | |
92 | has convert => (is => 'ro'); |
93 | |
94 | has array_datatypes => (is => 'ro'); |
95 | |
a82e41dc |
96 | has converter_class => ( |
dfaa9684 |
97 | is => 'rw', lazy => 1, builder => '_build_converter_class', |
98 | trigger => sub { shift->clear_converter }, |
a82e41dc |
99 | ); |
100 | |
dfaa9684 |
101 | sub _build_converter_class { |
102 | use_module('SQL::Abstract::Converter') |
103 | } |
104 | |
a82e41dc |
105 | has renderer_class => ( |
1fa55ded |
106 | is => 'rw', lazy => 1, clearer => 1, builder => 1, |
dfaa9684 |
107 | trigger => sub { shift->clear_renderer }, |
a82e41dc |
108 | ); |
109 | |
1fa55ded |
110 | after clear_renderer_class => sub { shift->clear_renderer }; |
111 | |
dfaa9684 |
112 | sub _build_renderer_class { |
a60d973a |
113 | my ($self) = @_; |
114 | my ($class, @roles) = ( |
115 | $self->_build_base_renderer_class, $self->_build_renderer_roles |
116 | ); |
117 | return $class unless @roles; |
118 | return use_module('Moo::Role')->create_class_with_roles($class, @roles); |
119 | } |
120 | |
121 | sub _build_base_renderer_class { |
dfaa9684 |
122 | use_module('Data::Query::Renderer::SQL::Naive') |
123 | } |
124 | |
a60d973a |
125 | sub _build_renderer_roles { () } |
126 | |
a82e41dc |
127 | sub _converter_args { |
128 | my ($self) = @_; |
129 | Scalar::Util::weaken($self); |
130 | +{ |
131 | lower_case => $self->case, |
132 | default_logic => $self->logic, |
133 | bind_meta => not($self->bindtype eq 'normal'), |
134 | identifier_sep => $self->name_sep, |
135 | (map +($_ => $self->$_), qw( |
136 | cmp sqltrue sqlfalse injection_guard convert array_datatypes |
137 | )), |
138 | special_ops => [ |
139 | map { |
140 | my $sub = $_->{handler}; |
141 | +{ |
142 | %$_, |
143 | handler => sub { $self->$sub(@_) } |
144 | } |
145 | } @{$self->special_ops} |
146 | ], |
147 | renderer_will_quote => ( |
148 | defined($self->quote_char) and $self->always_quote |
149 | ), |
150 | } |
151 | } |
152 | |
153 | sub _build_converter { |
154 | my ($self) = @_; |
dfaa9684 |
155 | $self->converter_class->new($self->_converter_args); |
a82e41dc |
156 | } |
157 | |
158 | sub _renderer_args { |
3a9aca02 |
159 | my ($self) = @_; |
3a9aca02 |
160 | my ($chars); |
161 | for ($self->quote_char) { |
162 | $chars = defined() ? (ref() ? $_ : [$_]) : ['','']; |
163 | } |
a82e41dc |
164 | +{ |
3a9aca02 |
165 | quote_chars => $chars, always_quote => $self->always_quote, |
166 | identifier_sep => $self->name_sep, |
62d17764 |
167 | collapse_aliases => $self->collapse_aliases, |
3a9aca02 |
168 | ($self->case ? (lc_keywords => 1) : ()), # always 'lower' if it exists |
a82e41dc |
169 | }; |
170 | } |
171 | |
172 | sub _build_renderer { |
173 | my ($self) = @_; |
dfaa9684 |
174 | $self->renderer_class->new($self->_renderer_args); |
b6251592 |
175 | } |
96449e8e |
176 | |
8f57728a |
177 | sub _render_dq { |
178 | my ($self, $dq) = @_; |
9057306b |
179 | if (!$dq) { |
180 | return ''; |
181 | } |
3a9aca02 |
182 | my ($sql, @bind) = @{$self->renderer->render($dq)}; |
b4951847 |
183 | wantarray ? |
184 | ($self->{bindtype} eq 'normal' |
185 | ? ($sql, map $_->{value}, @bind) |
a420b11f |
186 | : ($sql, map [ $_->{value_meta}, $_->{value} ], @bind) |
b4951847 |
187 | ) |
188 | : $sql; |
189 | } |
190 | |
a9bb5c4c |
191 | sub _render_sqla { |
192 | my ($self, $type, @args) = @_; |
a82e41dc |
193 | $self->_render_dq($self->converter->${\"_${type}_to_dq"}(@args)); |
170e6c33 |
194 | } |
195 | |
a9bb5c4c |
196 | sub insert { shift->_render_sqla(insert => @_) } |
fe3ae272 |
197 | |
a9bb5c4c |
198 | sub update { shift->_render_sqla(update => @_) } |
9057306b |
199 | |
a9bb5c4c |
200 | sub select { shift->_render_sqla(select => @_) } |
9057306b |
201 | |
a9bb5c4c |
202 | sub delete { shift->_render_sqla(delete => @_) } |
96449e8e |
203 | |
96449e8e |
204 | sub where { |
205 | my ($self, $where, $order) = @_; |
206 | |
1d6b8d4d |
207 | my $sql = ''; |
208 | my @bind; |
209 | |
96449e8e |
210 | # where ? |
1d6b8d4d |
211 | ($sql, @bind) = $self->_recurse_where($where) if defined($where); |
96449e8e |
212 | $sql = $sql ? $self->_sqlcase(' where ') . "( $sql )" : ''; |
213 | |
214 | # order by? |
215 | if ($order) { |
216 | $sql .= $self->_order_by($order); |
217 | } |
218 | |
9d48860e |
219 | return wantarray ? ($sql, @bind) : $sql; |
96449e8e |
220 | } |
221 | |
a9bb5c4c |
222 | sub _recurse_where { shift->_render_sqla(where => @_) } |
d4e889af |
223 | |
96449e8e |
224 | sub _order_by { |
225 | my ($self, $arg) = @_; |
a82e41dc |
226 | if (my $dq = $self->converter->_order_by_to_dq($arg)) { |
b4951847 |
227 | # SQLA generates ' ORDER BY foo'. The hilarity. |
228 | wantarray |
229 | ? do { my @r = $self->_render_dq($dq); $r[0] = ' '.$r[0]; @r } |
230 | : ' '.$self->_render_dq($dq); |
231 | } else { |
232 | ''; |
f267b646 |
233 | } |
f267b646 |
234 | } |
235 | |
955e77ca |
236 | # highly optimized, as it's called way too often |
96449e8e |
237 | sub _quote { |
955e77ca |
238 | # my ($self, $label) = @_; |
96449e8e |
239 | |
955e77ca |
240 | return '' unless defined $_[1]; |
955e77ca |
241 | return ${$_[1]} if ref($_[1]) eq 'SCALAR'; |
96449e8e |
242 | |
b6251592 |
243 | unless ($_[0]->{quote_char}) { |
170e6c33 |
244 | $_[0]->_assert_pass_injection_guard($_[1]); |
b6251592 |
245 | return $_[1]; |
246 | } |
96449e8e |
247 | |
07d7c35c |
248 | my $qref = ref $_[0]->{quote_char}; |
955e77ca |
249 | my ($l, $r); |
07d7c35c |
250 | if (!$qref) { |
251 | ($l, $r) = ( $_[0]->{quote_char}, $_[0]->{quote_char} ); |
955e77ca |
252 | } |
07d7c35c |
253 | elsif ($qref eq 'ARRAY') { |
254 | ($l, $r) = @{$_[0]->{quote_char}}; |
955e77ca |
255 | } |
256 | else { |
257 | puke "Unsupported quote_char format: $_[0]->{quote_char}"; |
258 | } |
96449e8e |
259 | |
07d7c35c |
260 | # parts containing * are naturally unquoted |
261 | return join( $_[0]->{name_sep}||'', map |
955e77ca |
262 | { $_ eq '*' ? $_ : $l . $_ . $r } |
263 | ( $_[0]->{name_sep} ? split (/\Q$_[0]->{name_sep}\E/, $_[1] ) : $_[1] ) |
264 | ); |
96449e8e |
265 | } |
266 | |
a82e41dc |
267 | sub _assert_pass_injection_guard { |
268 | if ($_[1] =~ $_[0]->{injection_guard}) { |
269 | my $class = ref $_[0]; |
270 | die "Possible SQL injection attempt '$_[1]'. If this is indeed a part of the |
271 | " |
272 | . "desired SQL use literal SQL ( \'...' or \[ '...' ] ) or supply your own |
273 | " |
274 | . "{injection_guard} attribute to ${class}->new()" |
275 | } |
276 | } |
96449e8e |
277 | |
278 | # Conversion, if applicable |
279 | sub _convert ($) { |
07d7c35c |
280 | #my ($self, $arg) = @_; |
96449e8e |
281 | |
282 | # LDNOTE : modified the previous implementation below because |
283 | # it was not consistent : the first "return" is always an array, |
284 | # the second "return" is context-dependent. Anyway, _convert |
9d48860e |
285 | # seems always used with just a single argument, so make it a |
96449e8e |
286 | # scalar function. |
287 | # return @_ unless $self->{convert}; |
288 | # my $conv = $self->_sqlcase($self->{convert}); |
289 | # my @ret = map { $conv.'('.$_.')' } @_; |
290 | # return wantarray ? @ret : $ret[0]; |
07d7c35c |
291 | if ($_[0]->{convert}) { |
292 | return $_[0]->_sqlcase($_[0]->{convert}) .'(' . $_[1] . ')'; |
96449e8e |
293 | } |
07d7c35c |
294 | return $_[1]; |
96449e8e |
295 | } |
296 | |
297 | # And bindtype |
298 | sub _bindtype (@) { |
07d7c35c |
299 | #my ($self, $col, @vals) = @_; |
96449e8e |
300 | |
9d48860e |
301 | #LDNOTE : changed original implementation below because it did not make |
96449e8e |
302 | # sense when bindtype eq 'columns' and @vals > 1. |
303 | # return $self->{bindtype} eq 'columns' ? [ $col, @vals ] : @vals; |
304 | |
07d7c35c |
305 | # called often - tighten code |
306 | return $_[0]->{bindtype} eq 'columns' |
307 | ? map {[$_[1], $_]} @_[2 .. $#_] |
308 | : @_[2 .. $#_] |
309 | ; |
96449e8e |
310 | } |
311 | |
fe3ae272 |
312 | # Dies if any element of @bind is not in [colname => value] format |
313 | # if bindtype is 'columns'. |
314 | sub _assert_bindval_matches_bindtype { |
c94a6c93 |
315 | # my ($self, @bind) = @_; |
316 | my $self = shift; |
fe3ae272 |
317 | if ($self->{bindtype} eq 'columns') { |
c94a6c93 |
318 | for (@_) { |
319 | if (!defined $_ || ref($_) ne 'ARRAY' || @$_ != 2) { |
3a06278c |
320 | puke "bindtype 'columns' selected, you need to pass: [column_name => bind_value]" |
fe3ae272 |
321 | } |
322 | } |
323 | } |
324 | } |
325 | |
96449e8e |
326 | # Fix SQL case, if so requested |
327 | sub _sqlcase { |
96449e8e |
328 | # LDNOTE: if $self->{case} is true, then it contains 'lower', so we |
329 | # don't touch the argument ... crooked logic, but let's not change it! |
07d7c35c |
330 | return $_[0]->{case} ? $_[1] : uc($_[1]); |
96449e8e |
331 | } |
332 | |
96449e8e |
333 | sub values { |
334 | my $self = shift; |
335 | my $data = shift || return; |
336 | puke "Argument to ", __PACKAGE__, "->values must be a \\%hash" |
337 | unless ref $data eq 'HASH'; |
bab725ce |
338 | |
339 | my @all_bind; |
340 | foreach my $k ( sort keys %$data ) { |
341 | my $v = $data->{$k}; |
5cf3969e |
342 | local our $Cur_Col_Meta = $k; |
a9bb5c4c |
343 | my ($sql, @bind) = $self->_render_sqla( |
344 | mutation_rhs => $v |
5cf3969e |
345 | ); |
346 | push @all_bind, @bind; |
bab725ce |
347 | } |
348 | |
349 | return @all_bind; |
96449e8e |
350 | } |
351 | |
352 | sub generate { |
353 | my $self = shift; |
354 | |
355 | my(@sql, @sqlq, @sqlv); |
356 | |
357 | for (@_) { |
358 | my $ref = ref $_; |
359 | if ($ref eq 'HASH') { |
360 | for my $k (sort keys %$_) { |
361 | my $v = $_->{$k}; |
362 | my $r = ref $v; |
363 | my $label = $self->_quote($k); |
364 | if ($r eq 'ARRAY') { |
fe3ae272 |
365 | # literal SQL with bind |
366 | my ($sql, @bind) = @$v; |
367 | $self->_assert_bindval_matches_bindtype(@bind); |
96449e8e |
368 | push @sqlq, "$label = $sql"; |
fe3ae272 |
369 | push @sqlv, @bind; |
96449e8e |
370 | } elsif ($r eq 'SCALAR') { |
fe3ae272 |
371 | # literal SQL without bind |
96449e8e |
372 | push @sqlq, "$label = $$v"; |
9d48860e |
373 | } else { |
96449e8e |
374 | push @sqlq, "$label = ?"; |
375 | push @sqlv, $self->_bindtype($k, $v); |
376 | } |
377 | } |
378 | push @sql, $self->_sqlcase('set'), join ', ', @sqlq; |
379 | } elsif ($ref eq 'ARRAY') { |
380 | # unlike insert(), assume these are ONLY the column names, i.e. for SQL |
381 | for my $v (@$_) { |
382 | my $r = ref $v; |
fe3ae272 |
383 | if ($r eq 'ARRAY') { # literal SQL with bind |
384 | my ($sql, @bind) = @$v; |
385 | $self->_assert_bindval_matches_bindtype(@bind); |
386 | push @sqlq, $sql; |
387 | push @sqlv, @bind; |
388 | } elsif ($r eq 'SCALAR') { # literal SQL without bind |
96449e8e |
389 | # embedded literal SQL |
390 | push @sqlq, $$v; |
9d48860e |
391 | } else { |
96449e8e |
392 | push @sqlq, '?'; |
393 | push @sqlv, $v; |
394 | } |
395 | } |
396 | push @sql, '(' . join(', ', @sqlq) . ')'; |
397 | } elsif ($ref eq 'SCALAR') { |
398 | # literal SQL |
399 | push @sql, $$_; |
400 | } else { |
401 | # strings get case twiddled |
402 | push @sql, $self->_sqlcase($_); |
403 | } |
404 | } |
405 | |
406 | my $sql = join ' ', @sql; |
407 | |
408 | # this is pretty tricky |
409 | # if ask for an array, return ($stmt, @bind) |
410 | # otherwise, s/?/shift @sqlv/ to put it inline |
411 | if (wantarray) { |
412 | return ($sql, @sqlv); |
413 | } else { |
414 | 1 while $sql =~ s/\?/my $d = shift(@sqlv); |
415 | ref $d ? $d->[1] : $d/e; |
416 | return $sql; |
417 | } |
418 | } |
419 | |
96449e8e |
420 | 1; |
421 | |
422 | |
96449e8e |
423 | __END__ |
32eab2da |
424 | |
425 | =head1 NAME |
426 | |
427 | SQL::Abstract - Generate SQL from Perl data structures |
428 | |
429 | =head1 SYNOPSIS |
430 | |
431 | use SQL::Abstract; |
432 | |
433 | my $sql = SQL::Abstract->new; |
434 | |
521647e7 |
435 | my($stmt, @bind) = $sql->select($source, \@fields, \%where, \@order); |
32eab2da |
436 | |
437 | my($stmt, @bind) = $sql->insert($table, \%fieldvals || \@values); |
438 | |
439 | my($stmt, @bind) = $sql->update($table, \%fieldvals, \%where); |
440 | |
441 | my($stmt, @bind) = $sql->delete($table, \%where); |
442 | |
443 | # Then, use these in your DBI statements |
444 | my $sth = $dbh->prepare($stmt); |
445 | $sth->execute(@bind); |
446 | |
447 | # Just generate the WHERE clause |
abe72f94 |
448 | my($stmt, @bind) = $sql->where(\%where, \@order); |
32eab2da |
449 | |
450 | # Return values in the same order, for hashed queries |
451 | # See PERFORMANCE section for more details |
452 | my @bind = $sql->values(\%fieldvals); |
453 | |
454 | =head1 DESCRIPTION |
455 | |
456 | This module was inspired by the excellent L<DBIx::Abstract>. |
457 | However, in using that module I found that what I really wanted |
458 | to do was generate SQL, but still retain complete control over my |
459 | statement handles and use the DBI interface. So, I set out to |
460 | create an abstract SQL generation module. |
461 | |
462 | While based on the concepts used by L<DBIx::Abstract>, there are |
463 | several important differences, especially when it comes to WHERE |
464 | clauses. I have modified the concepts used to make the SQL easier |
465 | to generate from Perl data structures and, IMO, more intuitive. |
466 | The underlying idea is for this module to do what you mean, based |
467 | on the data structures you provide it. The big advantage is that |
468 | you don't have to modify your code every time your data changes, |
469 | as this module figures it out. |
470 | |
471 | To begin with, an SQL INSERT is as easy as just specifying a hash |
472 | of C<key=value> pairs: |
473 | |
474 | my %data = ( |
475 | name => 'Jimbo Bobson', |
476 | phone => '123-456-7890', |
477 | address => '42 Sister Lane', |
478 | city => 'St. Louis', |
479 | state => 'Louisiana', |
480 | ); |
481 | |
482 | The SQL can then be generated with this: |
483 | |
484 | my($stmt, @bind) = $sql->insert('people', \%data); |
485 | |
486 | Which would give you something like this: |
487 | |
488 | $stmt = "INSERT INTO people |
489 | (address, city, name, phone, state) |
490 | VALUES (?, ?, ?, ?, ?)"; |
491 | @bind = ('42 Sister Lane', 'St. Louis', 'Jimbo Bobson', |
492 | '123-456-7890', 'Louisiana'); |
493 | |
494 | These are then used directly in your DBI code: |
495 | |
496 | my $sth = $dbh->prepare($stmt); |
497 | $sth->execute(@bind); |
498 | |
96449e8e |
499 | =head2 Inserting and Updating Arrays |
500 | |
501 | If your database has array types (like for example Postgres), |
502 | activate the special option C<< array_datatypes => 1 >> |
9d48860e |
503 | when creating the C<SQL::Abstract> object. |
96449e8e |
504 | Then you may use an arrayref to insert and update database array types: |
505 | |
506 | my $sql = SQL::Abstract->new(array_datatypes => 1); |
507 | my %data = ( |
508 | planets => [qw/Mercury Venus Earth Mars/] |
509 | ); |
9d48860e |
510 | |
96449e8e |
511 | my($stmt, @bind) = $sql->insert('solar_system', \%data); |
512 | |
513 | This results in: |
514 | |
515 | $stmt = "INSERT INTO solar_system (planets) VALUES (?)" |
516 | |
517 | @bind = (['Mercury', 'Venus', 'Earth', 'Mars']); |
518 | |
519 | |
520 | =head2 Inserting and Updating SQL |
521 | |
522 | In order to apply SQL functions to elements of your C<%data> you may |
523 | specify a reference to an arrayref for the given hash value. For example, |
524 | if you need to execute the Oracle C<to_date> function on a value, you can |
525 | say something like this: |
32eab2da |
526 | |
527 | my %data = ( |
528 | name => 'Bill', |
96449e8e |
529 | date_entered => \["to_date(?,'MM/DD/YYYY')", "03/02/2003"], |
9d48860e |
530 | ); |
32eab2da |
531 | |
532 | The first value in the array is the actual SQL. Any other values are |
533 | optional and would be included in the bind values array. This gives |
534 | you: |
535 | |
536 | my($stmt, @bind) = $sql->insert('people', \%data); |
537 | |
9d48860e |
538 | $stmt = "INSERT INTO people (name, date_entered) |
32eab2da |
539 | VALUES (?, to_date(?,'MM/DD/YYYY'))"; |
540 | @bind = ('Bill', '03/02/2003'); |
541 | |
542 | An UPDATE is just as easy, all you change is the name of the function: |
543 | |
544 | my($stmt, @bind) = $sql->update('people', \%data); |
545 | |
546 | Notice that your C<%data> isn't touched; the module will generate |
547 | the appropriately quirky SQL for you automatically. Usually you'll |
548 | want to specify a WHERE clause for your UPDATE, though, which is |
549 | where handling C<%where> hashes comes in handy... |
550 | |
96449e8e |
551 | =head2 Complex where statements |
552 | |
32eab2da |
553 | This module can generate pretty complicated WHERE statements |
554 | easily. For example, simple C<key=value> pairs are taken to mean |
555 | equality, and if you want to see if a field is within a set |
556 | of values, you can use an arrayref. Let's say we wanted to |
557 | SELECT some data based on this criteria: |
558 | |
559 | my %where = ( |
560 | requestor => 'inna', |
561 | worker => ['nwiger', 'rcwe', 'sfz'], |
562 | status => { '!=', 'completed' } |
563 | ); |
564 | |
565 | my($stmt, @bind) = $sql->select('tickets', '*', \%where); |
566 | |
567 | The above would give you something like this: |
568 | |
569 | $stmt = "SELECT * FROM tickets WHERE |
570 | ( requestor = ? ) AND ( status != ? ) |
571 | AND ( worker = ? OR worker = ? OR worker = ? )"; |
572 | @bind = ('inna', 'completed', 'nwiger', 'rcwe', 'sfz'); |
573 | |
574 | Which you could then use in DBI code like so: |
575 | |
576 | my $sth = $dbh->prepare($stmt); |
577 | $sth->execute(@bind); |
578 | |
579 | Easy, eh? |
580 | |
581 | =head1 FUNCTIONS |
582 | |
583 | The functions are simple. There's one for each major SQL operation, |
584 | and a constructor you use first. The arguments are specified in a |
9d48860e |
585 | similar order to each function (table, then fields, then a where |
32eab2da |
586 | clause) to try and simplify things. |
587 | |
83cab70b |
588 | |
83cab70b |
589 | |
32eab2da |
590 | |
591 | =head2 new(option => 'value') |
592 | |
593 | The C<new()> function takes a list of options and values, and returns |
594 | a new B<SQL::Abstract> object which can then be used to generate SQL |
595 | through the methods below. The options accepted are: |
596 | |
597 | =over |
598 | |
599 | =item case |
600 | |
601 | If set to 'lower', then SQL will be generated in all lowercase. By |
602 | default SQL is generated in "textbook" case meaning something like: |
603 | |
604 | SELECT a_field FROM a_table WHERE some_field LIKE '%someval%' |
605 | |
96449e8e |
606 | Any setting other than 'lower' is ignored. |
607 | |
32eab2da |
608 | =item cmp |
609 | |
610 | This determines what the default comparison operator is. By default |
611 | it is C<=>, meaning that a hash like this: |
612 | |
613 | %where = (name => 'nwiger', email => 'nate@wiger.org'); |
614 | |
615 | Will generate SQL like this: |
616 | |
617 | WHERE name = 'nwiger' AND email = 'nate@wiger.org' |
618 | |
619 | However, you may want loose comparisons by default, so if you set |
620 | C<cmp> to C<like> you would get SQL such as: |
621 | |
622 | WHERE name like 'nwiger' AND email like 'nate@wiger.org' |
623 | |
624 | You can also override the comparsion on an individual basis - see |
625 | the huge section on L</"WHERE CLAUSES"> at the bottom. |
626 | |
96449e8e |
627 | =item sqltrue, sqlfalse |
628 | |
629 | Expressions for inserting boolean values within SQL statements. |
6e0c6552 |
630 | By default these are C<1=1> and C<1=0>. They are used |
631 | by the special operators C<-in> and C<-not_in> for generating |
632 | correct SQL even when the argument is an empty array (see below). |
96449e8e |
633 | |
32eab2da |
634 | =item logic |
635 | |
636 | This determines the default logical operator for multiple WHERE |
7cac25e6 |
637 | statements in arrays or hashes. If absent, the default logic is "or" |
638 | for arrays, and "and" for hashes. This means that a WHERE |
32eab2da |
639 | array of the form: |
640 | |
641 | @where = ( |
9d48860e |
642 | event_date => {'>=', '2/13/99'}, |
643 | event_date => {'<=', '4/24/03'}, |
32eab2da |
644 | ); |
645 | |
7cac25e6 |
646 | will generate SQL like this: |
32eab2da |
647 | |
648 | WHERE event_date >= '2/13/99' OR event_date <= '4/24/03' |
649 | |
650 | This is probably not what you want given this query, though (look |
651 | at the dates). To change the "OR" to an "AND", simply specify: |
652 | |
653 | my $sql = SQL::Abstract->new(logic => 'and'); |
654 | |
655 | Which will change the above C<WHERE> to: |
656 | |
657 | WHERE event_date >= '2/13/99' AND event_date <= '4/24/03' |
658 | |
96449e8e |
659 | The logic can also be changed locally by inserting |
7cac25e6 |
660 | a modifier in front of an arrayref : |
96449e8e |
661 | |
9d48860e |
662 | @where = (-and => [event_date => {'>=', '2/13/99'}, |
7cac25e6 |
663 | event_date => {'<=', '4/24/03'} ]); |
96449e8e |
664 | |
665 | See the L</"WHERE CLAUSES"> section for explanations. |
666 | |
32eab2da |
667 | =item convert |
668 | |
669 | This will automatically convert comparisons using the specified SQL |
670 | function for both column and value. This is mostly used with an argument |
671 | of C<upper> or C<lower>, so that the SQL will have the effect of |
672 | case-insensitive "searches". For example, this: |
673 | |
674 | $sql = SQL::Abstract->new(convert => 'upper'); |
675 | %where = (keywords => 'MaKe iT CAse inSeNSItive'); |
676 | |
677 | Will turn out the following SQL: |
678 | |
679 | WHERE upper(keywords) like upper('MaKe iT CAse inSeNSItive') |
680 | |
681 | The conversion can be C<upper()>, C<lower()>, or any other SQL function |
682 | that can be applied symmetrically to fields (actually B<SQL::Abstract> does |
683 | not validate this option; it will just pass through what you specify verbatim). |
684 | |
685 | =item bindtype |
686 | |
687 | This is a kludge because many databases suck. For example, you can't |
688 | just bind values using DBI's C<execute()> for Oracle C<CLOB> or C<BLOB> fields. |
689 | Instead, you have to use C<bind_param()>: |
690 | |
691 | $sth->bind_param(1, 'reg data'); |
692 | $sth->bind_param(2, $lots, {ora_type => ORA_CLOB}); |
693 | |
694 | The problem is, B<SQL::Abstract> will normally just return a C<@bind> array, |
695 | which loses track of which field each slot refers to. Fear not. |
696 | |
697 | If you specify C<bindtype> in new, you can determine how C<@bind> is returned. |
698 | Currently, you can specify either C<normal> (default) or C<columns>. If you |
699 | specify C<columns>, you will get an array that looks like this: |
700 | |
701 | my $sql = SQL::Abstract->new(bindtype => 'columns'); |
702 | my($stmt, @bind) = $sql->insert(...); |
703 | |
704 | @bind = ( |
705 | [ 'column1', 'value1' ], |
706 | [ 'column2', 'value2' ], |
707 | [ 'column3', 'value3' ], |
708 | ); |
709 | |
710 | You can then iterate through this manually, using DBI's C<bind_param()>. |
e3f9dff4 |
711 | |
32eab2da |
712 | $sth->prepare($stmt); |
713 | my $i = 1; |
714 | for (@bind) { |
715 | my($col, $data) = @$_; |
716 | if ($col eq 'details' || $col eq 'comments') { |
717 | $sth->bind_param($i, $data, {ora_type => ORA_CLOB}); |
718 | } elsif ($col eq 'image') { |
719 | $sth->bind_param($i, $data, {ora_type => ORA_BLOB}); |
720 | } else { |
721 | $sth->bind_param($i, $data); |
722 | } |
723 | $i++; |
724 | } |
725 | $sth->execute; # execute without @bind now |
726 | |
727 | Now, why would you still use B<SQL::Abstract> if you have to do this crap? |
728 | Basically, the advantage is still that you don't have to care which fields |
729 | are or are not included. You could wrap that above C<for> loop in a simple |
730 | sub called C<bind_fields()> or something and reuse it repeatedly. You still |
731 | get a layer of abstraction over manual SQL specification. |
732 | |
deb148a2 |
733 | Note that if you set L</bindtype> to C<columns>, the C<\[$sql, @bind]> |
734 | construct (see L</Literal SQL with placeholders and bind values (subqueries)>) |
735 | will expect the bind values in this format. |
736 | |
32eab2da |
737 | =item quote_char |
738 | |
739 | This is the character that a table or column name will be quoted |
9d48860e |
740 | with. By default this is an empty string, but you could set it to |
32eab2da |
741 | the character C<`>, to generate SQL like this: |
742 | |
743 | SELECT `a_field` FROM `a_table` WHERE `some_field` LIKE '%someval%' |
744 | |
96449e8e |
745 | Alternatively, you can supply an array ref of two items, the first being the left |
746 | hand quote character, and the second the right hand quote character. For |
747 | example, you could supply C<['[',']']> for SQL Server 2000 compliant quotes |
748 | that generates SQL like this: |
749 | |
750 | SELECT [a_field] FROM [a_table] WHERE [some_field] LIKE '%someval%' |
751 | |
9d48860e |
752 | Quoting is useful if you have tables or columns names that are reserved |
96449e8e |
753 | words in your database's SQL dialect. |
32eab2da |
754 | |
755 | =item name_sep |
756 | |
757 | This is the character that separates a table and column name. It is |
758 | necessary to specify this when the C<quote_char> option is selected, |
759 | so that tables and column names can be individually quoted like this: |
760 | |
761 | SELECT `table`.`one_field` FROM `table` WHERE `table`.`other_field` = 1 |
762 | |
b6251592 |
763 | =item injection_guard |
764 | |
765 | A regular expression C<qr/.../> that is applied to any C<-function> and unquoted |
766 | column name specified in a query structure. This is a safety mechanism to avoid |
767 | injection attacks when mishandling user input e.g.: |
768 | |
769 | my %condition_as_column_value_pairs = get_values_from_user(); |
770 | $sqla->select( ... , \%condition_as_column_value_pairs ); |
771 | |
772 | If the expression matches an exception is thrown. Note that literal SQL |
773 | supplied via C<\'...'> or C<\['...']> is B<not> checked in any way. |
774 | |
775 | Defaults to checking for C<;> and the C<GO> keyword (TransactSQL) |
776 | |
96449e8e |
777 | =item array_datatypes |
32eab2da |
778 | |
9d48860e |
779 | When this option is true, arrayrefs in INSERT or UPDATE are |
780 | interpreted as array datatypes and are passed directly |
96449e8e |
781 | to the DBI layer. |
782 | When this option is false, arrayrefs are interpreted |
783 | as literal SQL, just like refs to arrayrefs |
784 | (but this behavior is for backwards compatibility; when writing |
785 | new queries, use the "reference to arrayref" syntax |
786 | for literal SQL). |
32eab2da |
787 | |
32eab2da |
788 | |
96449e8e |
789 | =item special_ops |
32eab2da |
790 | |
9d48860e |
791 | Takes a reference to a list of "special operators" |
96449e8e |
792 | to extend the syntax understood by L<SQL::Abstract>. |
793 | See section L</"SPECIAL OPERATORS"> for details. |
32eab2da |
794 | |
59f23b3d |
795 | =item unary_ops |
796 | |
9d48860e |
797 | Takes a reference to a list of "unary operators" |
59f23b3d |
798 | to extend the syntax understood by L<SQL::Abstract>. |
799 | See section L</"UNARY OPERATORS"> for details. |
800 | |
32eab2da |
801 | |
32eab2da |
802 | |
96449e8e |
803 | =back |
32eab2da |
804 | |
02288357 |
805 | =head2 insert($table, \@values || \%fieldvals, \%options) |
32eab2da |
806 | |
807 | This is the simplest function. You simply give it a table name |
808 | and either an arrayref of values or hashref of field/value pairs. |
809 | It returns an SQL INSERT statement and a list of bind values. |
96449e8e |
810 | See the sections on L</"Inserting and Updating Arrays"> and |
811 | L</"Inserting and Updating SQL"> for information on how to insert |
812 | with those data types. |
32eab2da |
813 | |
02288357 |
814 | The optional C<\%options> hash reference may contain additional |
815 | options to generate the insert SQL. Currently supported options |
816 | are: |
817 | |
818 | =over 4 |
819 | |
820 | =item returning |
821 | |
822 | Takes either a scalar of raw SQL fields, or an array reference of |
823 | field names, and adds on an SQL C<RETURNING> statement at the end. |
824 | This allows you to return data generated by the insert statement |
825 | (such as row IDs) without performing another C<SELECT> statement. |
826 | Note, however, this is not part of the SQL standard and may not |
827 | be supported by all database engines. |
828 | |
829 | =back |
830 | |
32eab2da |
831 | =head2 update($table, \%fieldvals, \%where) |
832 | |
833 | This takes a table, hashref of field/value pairs, and an optional |
86298391 |
834 | hashref L<WHERE clause|/WHERE CLAUSES>. It returns an SQL UPDATE function and a list |
32eab2da |
835 | of bind values. |
96449e8e |
836 | See the sections on L</"Inserting and Updating Arrays"> and |
837 | L</"Inserting and Updating SQL"> for information on how to insert |
838 | with those data types. |
32eab2da |
839 | |
96449e8e |
840 | =head2 select($source, $fields, $where, $order) |
32eab2da |
841 | |
9d48860e |
842 | This returns a SQL SELECT statement and associated list of bind values, as |
96449e8e |
843 | specified by the arguments : |
32eab2da |
844 | |
96449e8e |
845 | =over |
32eab2da |
846 | |
96449e8e |
847 | =item $source |
32eab2da |
848 | |
9d48860e |
849 | Specification of the 'FROM' part of the statement. |
96449e8e |
850 | The argument can be either a plain scalar (interpreted as a table |
851 | name, will be quoted), or an arrayref (interpreted as a list |
852 | of table names, joined by commas, quoted), or a scalarref |
853 | (literal table name, not quoted), or a ref to an arrayref |
854 | (list of literal table names, joined by commas, not quoted). |
32eab2da |
855 | |
96449e8e |
856 | =item $fields |
32eab2da |
857 | |
9d48860e |
858 | Specification of the list of fields to retrieve from |
96449e8e |
859 | the source. |
860 | The argument can be either an arrayref (interpreted as a list |
9d48860e |
861 | of field names, will be joined by commas and quoted), or a |
96449e8e |
862 | plain scalar (literal SQL, not quoted). |
521647e7 |
863 | Please observe that this API is not as flexible as that of |
864 | the first argument C<$source>, for backwards compatibility reasons. |
32eab2da |
865 | |
96449e8e |
866 | =item $where |
32eab2da |
867 | |
96449e8e |
868 | Optional argument to specify the WHERE part of the query. |
869 | The argument is most often a hashref, but can also be |
9d48860e |
870 | an arrayref or plain scalar -- |
96449e8e |
871 | see section L<WHERE clause|/"WHERE CLAUSES"> for details. |
32eab2da |
872 | |
96449e8e |
873 | =item $order |
32eab2da |
874 | |
96449e8e |
875 | Optional argument to specify the ORDER BY part of the query. |
9d48860e |
876 | The argument can be a scalar, a hashref or an arrayref |
96449e8e |
877 | -- see section L<ORDER BY clause|/"ORDER BY CLAUSES"> |
878 | for details. |
32eab2da |
879 | |
96449e8e |
880 | =back |
32eab2da |
881 | |
32eab2da |
882 | |
883 | =head2 delete($table, \%where) |
884 | |
86298391 |
885 | This takes a table name and optional hashref L<WHERE clause|/WHERE CLAUSES>. |
32eab2da |
886 | It returns an SQL DELETE statement and list of bind values. |
887 | |
32eab2da |
888 | =head2 where(\%where, \@order) |
889 | |
890 | This is used to generate just the WHERE clause. For example, |
891 | if you have an arbitrary data structure and know what the |
892 | rest of your SQL is going to look like, but want an easy way |
893 | to produce a WHERE clause, use this. It returns an SQL WHERE |
894 | clause and list of bind values. |
895 | |
32eab2da |
896 | |
897 | =head2 values(\%data) |
898 | |
899 | This just returns the values from the hash C<%data>, in the same |
900 | order that would be returned from any of the other above queries. |
901 | Using this allows you to markedly speed up your queries if you |
902 | are affecting lots of rows. See below under the L</"PERFORMANCE"> section. |
903 | |
32eab2da |
904 | =head2 generate($any, 'number', $of, \@data, $struct, \%types) |
905 | |
906 | Warning: This is an experimental method and subject to change. |
907 | |
908 | This returns arbitrarily generated SQL. It's a really basic shortcut. |
909 | It will return two different things, depending on return context: |
910 | |
911 | my($stmt, @bind) = $sql->generate('create table', \$table, \@fields); |
912 | my $stmt_and_val = $sql->generate('create table', \$table, \@fields); |
913 | |
914 | These would return the following: |
915 | |
916 | # First calling form |
917 | $stmt = "CREATE TABLE test (?, ?)"; |
918 | @bind = (field1, field2); |
919 | |
920 | # Second calling form |
921 | $stmt_and_val = "CREATE TABLE test (field1, field2)"; |
922 | |
923 | Depending on what you're trying to do, it's up to you to choose the correct |
924 | format. In this example, the second form is what you would want. |
925 | |
926 | By the same token: |
927 | |
928 | $sql->generate('alter session', { nls_date_format => 'MM/YY' }); |
929 | |
930 | Might give you: |
931 | |
932 | ALTER SESSION SET nls_date_format = 'MM/YY' |
933 | |
934 | You get the idea. Strings get their case twiddled, but everything |
935 | else remains verbatim. |
936 | |
32eab2da |
937 | =head1 WHERE CLAUSES |
938 | |
96449e8e |
939 | =head2 Introduction |
940 | |
32eab2da |
941 | This module uses a variation on the idea from L<DBIx::Abstract>. It |
942 | is B<NOT>, repeat I<not> 100% compatible. B<The main logic of this |
943 | module is that things in arrays are OR'ed, and things in hashes |
944 | are AND'ed.> |
945 | |
946 | The easiest way to explain is to show lots of examples. After |
947 | each C<%where> hash shown, it is assumed you used: |
948 | |
949 | my($stmt, @bind) = $sql->where(\%where); |
950 | |
951 | However, note that the C<%where> hash can be used directly in any |
952 | of the other functions as well, as described above. |
953 | |
96449e8e |
954 | =head2 Key-value pairs |
955 | |
32eab2da |
956 | So, let's get started. To begin, a simple hash: |
957 | |
958 | my %where = ( |
959 | user => 'nwiger', |
960 | status => 'completed' |
961 | ); |
962 | |
963 | Is converted to SQL C<key = val> statements: |
964 | |
965 | $stmt = "WHERE user = ? AND status = ?"; |
966 | @bind = ('nwiger', 'completed'); |
967 | |
968 | One common thing I end up doing is having a list of values that |
969 | a field can be in. To do this, simply specify a list inside of |
970 | an arrayref: |
971 | |
972 | my %where = ( |
973 | user => 'nwiger', |
974 | status => ['assigned', 'in-progress', 'pending']; |
975 | ); |
976 | |
977 | This simple code will create the following: |
9d48860e |
978 | |
32eab2da |
979 | $stmt = "WHERE user = ? AND ( status = ? OR status = ? OR status = ? )"; |
980 | @bind = ('nwiger', 'assigned', 'in-progress', 'pending'); |
981 | |
9d48860e |
982 | A field associated to an empty arrayref will be considered a |
7cac25e6 |
983 | logical false and will generate 0=1. |
8a68b5be |
984 | |
b864ba9b |
985 | =head2 Tests for NULL values |
986 | |
987 | If the value part is C<undef> then this is converted to SQL <IS NULL> |
988 | |
989 | my %where = ( |
990 | user => 'nwiger', |
991 | status => undef, |
992 | ); |
993 | |
994 | becomes: |
995 | |
996 | $stmt = "WHERE user = ? AND status IS NULL"; |
997 | @bind = ('nwiger'); |
998 | |
e9614080 |
999 | To test if a column IS NOT NULL: |
1000 | |
1001 | my %where = ( |
1002 | user => 'nwiger', |
1003 | status => { '!=', undef }, |
1004 | ); |
cc422895 |
1005 | |
6e0c6552 |
1006 | =head2 Specific comparison operators |
96449e8e |
1007 | |
32eab2da |
1008 | If you want to specify a different type of operator for your comparison, |
1009 | you can use a hashref for a given column: |
1010 | |
1011 | my %where = ( |
1012 | user => 'nwiger', |
1013 | status => { '!=', 'completed' } |
1014 | ); |
1015 | |
1016 | Which would generate: |
1017 | |
1018 | $stmt = "WHERE user = ? AND status != ?"; |
1019 | @bind = ('nwiger', 'completed'); |
1020 | |
1021 | To test against multiple values, just enclose the values in an arrayref: |
1022 | |
96449e8e |
1023 | status => { '=', ['assigned', 'in-progress', 'pending'] }; |
1024 | |
f2d5020d |
1025 | Which would give you: |
96449e8e |
1026 | |
1027 | "WHERE status = ? OR status = ? OR status = ?" |
1028 | |
1029 | |
1030 | The hashref can also contain multiple pairs, in which case it is expanded |
32eab2da |
1031 | into an C<AND> of its elements: |
1032 | |
1033 | my %where = ( |
1034 | user => 'nwiger', |
1035 | status => { '!=', 'completed', -not_like => 'pending%' } |
1036 | ); |
1037 | |
1038 | # Or more dynamically, like from a form |
1039 | $where{user} = 'nwiger'; |
1040 | $where{status}{'!='} = 'completed'; |
1041 | $where{status}{'-not_like'} = 'pending%'; |
1042 | |
1043 | # Both generate this |
1044 | $stmt = "WHERE user = ? AND status != ? AND status NOT LIKE ?"; |
1045 | @bind = ('nwiger', 'completed', 'pending%'); |
1046 | |
96449e8e |
1047 | |
32eab2da |
1048 | To get an OR instead, you can combine it with the arrayref idea: |
1049 | |
1050 | my %where => ( |
1051 | user => 'nwiger', |
1a6f2a03 |
1052 | priority => [ { '=', 2 }, { '>', 5 } ] |
32eab2da |
1053 | ); |
1054 | |
1055 | Which would generate: |
1056 | |
1a6f2a03 |
1057 | $stmt = "WHERE ( priority = ? OR priority > ? ) AND user = ?"; |
1058 | @bind = ('2', '5', 'nwiger'); |
32eab2da |
1059 | |
44b9e502 |
1060 | If you want to include literal SQL (with or without bind values), just use a |
1061 | scalar reference or array reference as the value: |
1062 | |
1063 | my %where = ( |
1064 | date_entered => { '>' => \["to_date(?, 'MM/DD/YYYY')", "11/26/2008"] }, |
1065 | date_expires => { '<' => \"now()" } |
1066 | ); |
1067 | |
1068 | Which would generate: |
1069 | |
1070 | $stmt = "WHERE date_entered > "to_date(?, 'MM/DD/YYYY') AND date_expires < now()"; |
1071 | @bind = ('11/26/2008'); |
1072 | |
96449e8e |
1073 | |
1074 | =head2 Logic and nesting operators |
1075 | |
1076 | In the example above, |
1077 | there is a subtle trap if you want to say something like |
32eab2da |
1078 | this (notice the C<AND>): |
1079 | |
1080 | WHERE priority != ? AND priority != ? |
1081 | |
1082 | Because, in Perl you I<can't> do this: |
1083 | |
1084 | priority => { '!=', 2, '!=', 1 } |
1085 | |
1086 | As the second C<!=> key will obliterate the first. The solution |
1087 | is to use the special C<-modifier> form inside an arrayref: |
1088 | |
9d48860e |
1089 | priority => [ -and => {'!=', 2}, |
96449e8e |
1090 | {'!=', 1} ] |
1091 | |
32eab2da |
1092 | |
1093 | Normally, these would be joined by C<OR>, but the modifier tells it |
1094 | to use C<AND> instead. (Hint: You can use this in conjunction with the |
1095 | C<logic> option to C<new()> in order to change the way your queries |
1096 | work by default.) B<Important:> Note that the C<-modifier> goes |
1097 | B<INSIDE> the arrayref, as an extra first element. This will |
1098 | B<NOT> do what you think it might: |
1099 | |
1100 | priority => -and => [{'!=', 2}, {'!=', 1}] # WRONG! |
1101 | |
1102 | Here is a quick list of equivalencies, since there is some overlap: |
1103 | |
1104 | # Same |
1105 | status => {'!=', 'completed', 'not like', 'pending%' } |
1106 | status => [ -and => {'!=', 'completed'}, {'not like', 'pending%'}] |
1107 | |
1108 | # Same |
1109 | status => {'=', ['assigned', 'in-progress']} |
1110 | status => [ -or => {'=', 'assigned'}, {'=', 'in-progress'}] |
1111 | status => [ {'=', 'assigned'}, {'=', 'in-progress'} ] |
1112 | |
e3f9dff4 |
1113 | |
1114 | |
96449e8e |
1115 | =head2 Special operators : IN, BETWEEN, etc. |
1116 | |
32eab2da |
1117 | You can also use the hashref format to compare a list of fields using the |
1118 | C<IN> comparison operator, by specifying the list as an arrayref: |
1119 | |
1120 | my %where = ( |
1121 | status => 'completed', |
1122 | reportid => { -in => [567, 2335, 2] } |
1123 | ); |
1124 | |
1125 | Which would generate: |
1126 | |
1127 | $stmt = "WHERE status = ? AND reportid IN (?,?,?)"; |
1128 | @bind = ('completed', '567', '2335', '2'); |
1129 | |
9d48860e |
1130 | The reverse operator C<-not_in> generates SQL C<NOT IN> and is used in |
96449e8e |
1131 | the same way. |
1132 | |
6e0c6552 |
1133 | If the argument to C<-in> is an empty array, 'sqlfalse' is generated |
1134 | (by default : C<1=0>). Similarly, C<< -not_in => [] >> generates |
1135 | 'sqltrue' (by default : C<1=1>). |
1136 | |
e41c3bdd |
1137 | In addition to the array you can supply a chunk of literal sql or |
1138 | literal sql with bind: |
6e0c6552 |
1139 | |
e41c3bdd |
1140 | my %where = { |
1141 | customer => { -in => \[ |
1142 | 'SELECT cust_id FROM cust WHERE balance > ?', |
1143 | 2000, |
1144 | ], |
1145 | status => { -in => \'SELECT status_codes FROM states' }, |
1146 | }; |
6e0c6552 |
1147 | |
e41c3bdd |
1148 | would generate: |
1149 | |
1150 | $stmt = "WHERE ( |
1151 | customer IN ( SELECT cust_id FROM cust WHERE balance > ? ) |
1152 | AND status IN ( SELECT status_codes FROM states ) |
1153 | )"; |
1154 | @bind = ('2000'); |
1155 | |
1156 | |
1157 | |
1158 | Another pair of operators is C<-between> and C<-not_between>, |
96449e8e |
1159 | used with an arrayref of two values: |
32eab2da |
1160 | |
1161 | my %where = ( |
1162 | user => 'nwiger', |
1163 | completion_date => { |
1164 | -not_between => ['2002-10-01', '2003-02-06'] |
1165 | } |
1166 | ); |
1167 | |
1168 | Would give you: |
1169 | |
1170 | WHERE user = ? AND completion_date NOT BETWEEN ( ? AND ? ) |
1171 | |
e41c3bdd |
1172 | Just like with C<-in> all plausible combinations of literal SQL |
1173 | are possible: |
1174 | |
1175 | my %where = { |
1176 | start0 => { -between => [ 1, 2 ] }, |
1177 | start1 => { -between => \["? AND ?", 1, 2] }, |
1178 | start2 => { -between => \"lower(x) AND upper(y)" }, |
9d48860e |
1179 | start3 => { -between => [ |
e41c3bdd |
1180 | \"lower(x)", |
1181 | \["upper(?)", 'stuff' ], |
1182 | ] }, |
1183 | }; |
1184 | |
1185 | Would give you: |
1186 | |
1187 | $stmt = "WHERE ( |
1188 | ( start0 BETWEEN ? AND ? ) |
1189 | AND ( start1 BETWEEN ? AND ? ) |
1190 | AND ( start2 BETWEEN lower(x) AND upper(y) ) |
1191 | AND ( start3 BETWEEN lower(x) AND upper(?) ) |
1192 | )"; |
1193 | @bind = (1, 2, 1, 2, 'stuff'); |
1194 | |
1195 | |
9d48860e |
1196 | These are the two builtin "special operators"; but the |
96449e8e |
1197 | list can be expanded : see section L</"SPECIAL OPERATORS"> below. |
1198 | |
59f23b3d |
1199 | =head2 Unary operators: bool |
97a920ef |
1200 | |
1201 | If you wish to test against boolean columns or functions within your |
1202 | database you can use the C<-bool> and C<-not_bool> operators. For |
1203 | example to test the column C<is_user> being true and the column |
827bb0eb |
1204 | C<is_enabled> being false you would use:- |
97a920ef |
1205 | |
1206 | my %where = ( |
1207 | -bool => 'is_user', |
1208 | -not_bool => 'is_enabled', |
1209 | ); |
1210 | |
1211 | Would give you: |
1212 | |
277b5d3f |
1213 | WHERE is_user AND NOT is_enabled |
97a920ef |
1214 | |
0b604e9d |
1215 | If a more complex combination is required, testing more conditions, |
1216 | then you should use the and/or operators:- |
1217 | |
1218 | my %where = ( |
1219 | -and => [ |
1220 | -bool => 'one', |
1221 | -bool => 'two', |
1222 | -bool => 'three', |
1223 | -not_bool => 'four', |
1224 | ], |
1225 | ); |
1226 | |
1227 | Would give you: |
1228 | |
1229 | WHERE one AND two AND three AND NOT four |
97a920ef |
1230 | |
1231 | |
107b72f1 |
1232 | =head2 Nested conditions, -and/-or prefixes |
96449e8e |
1233 | |
32eab2da |
1234 | So far, we've seen how multiple conditions are joined with a top-level |
1235 | C<AND>. We can change this by putting the different conditions we want in |
1236 | hashes and then putting those hashes in an array. For example: |
1237 | |
1238 | my @where = ( |
1239 | { |
1240 | user => 'nwiger', |
1241 | status => { -like => ['pending%', 'dispatched'] }, |
1242 | }, |
1243 | { |
1244 | user => 'robot', |
1245 | status => 'unassigned', |
1246 | } |
1247 | ); |
1248 | |
1249 | This data structure would create the following: |
1250 | |
1251 | $stmt = "WHERE ( user = ? AND ( status LIKE ? OR status LIKE ? ) ) |
1252 | OR ( user = ? AND status = ? ) )"; |
1253 | @bind = ('nwiger', 'pending', 'dispatched', 'robot', 'unassigned'); |
1254 | |
107b72f1 |
1255 | |
48d9f5f8 |
1256 | Clauses in hashrefs or arrayrefs can be prefixed with an C<-and> or C<-or> |
1257 | to change the logic inside : |
32eab2da |
1258 | |
1259 | my @where = ( |
1260 | -and => [ |
1261 | user => 'nwiger', |
48d9f5f8 |
1262 | [ |
1263 | -and => [ workhrs => {'>', 20}, geo => 'ASIA' ], |
1264 | -or => { workhrs => {'<', 50}, geo => 'EURO' }, |
32eab2da |
1265 | ], |
1266 | ], |
1267 | ); |
1268 | |
1269 | That would yield: |
1270 | |
48d9f5f8 |
1271 | WHERE ( user = ? AND ( |
1272 | ( workhrs > ? AND geo = ? ) |
1273 | OR ( workhrs < ? OR geo = ? ) |
1274 | ) ) |
107b72f1 |
1275 | |
cc422895 |
1276 | =head3 Algebraic inconsistency, for historical reasons |
107b72f1 |
1277 | |
7cac25e6 |
1278 | C<Important note>: when connecting several conditions, the C<-and->|C<-or> |
1279 | operator goes C<outside> of the nested structure; whereas when connecting |
1280 | several constraints on one column, the C<-and> operator goes |
1281 | C<inside> the arrayref. Here is an example combining both features : |
1282 | |
1283 | my @where = ( |
1284 | -and => [a => 1, b => 2], |
1285 | -or => [c => 3, d => 4], |
1286 | e => [-and => {-like => 'foo%'}, {-like => '%bar'} ] |
1287 | ) |
1288 | |
1289 | yielding |
1290 | |
9d48860e |
1291 | WHERE ( ( ( a = ? AND b = ? ) |
1292 | OR ( c = ? OR d = ? ) |
7cac25e6 |
1293 | OR ( e LIKE ? AND e LIKE ? ) ) ) |
1294 | |
107b72f1 |
1295 | This difference in syntax is unfortunate but must be preserved for |
1296 | historical reasons. So be careful : the two examples below would |
1297 | seem algebraically equivalent, but they are not |
1298 | |
9d48860e |
1299 | {col => [-and => {-like => 'foo%'}, {-like => '%bar'}]} |
107b72f1 |
1300 | # yields : WHERE ( ( col LIKE ? AND col LIKE ? ) ) |
1301 | |
9d48860e |
1302 | [-and => {col => {-like => 'foo%'}, {col => {-like => '%bar'}}]] |
107b72f1 |
1303 | # yields : WHERE ( ( col LIKE ? OR col LIKE ? ) ) |
1304 | |
7cac25e6 |
1305 | |
cc422895 |
1306 | =head2 Literal SQL and value type operators |
96449e8e |
1307 | |
cc422895 |
1308 | The basic premise of SQL::Abstract is that in WHERE specifications the "left |
1309 | side" is a column name and the "right side" is a value (normally rendered as |
1310 | a placeholder). This holds true for both hashrefs and arrayref pairs as you |
1311 | see in the L</WHERE CLAUSES> examples above. Sometimes it is necessary to |
1312 | alter this behavior. There are several ways of doing so. |
e9614080 |
1313 | |
cc422895 |
1314 | =head3 -ident |
1315 | |
1316 | This is a virtual operator that signals the string to its right side is an |
1317 | identifier (a column name) and not a value. For example to compare two |
1318 | columns you would write: |
32eab2da |
1319 | |
e9614080 |
1320 | my %where = ( |
1321 | priority => { '<', 2 }, |
cc422895 |
1322 | requestor => { -ident => 'submitter' }, |
e9614080 |
1323 | ); |
1324 | |
1325 | which creates: |
1326 | |
1327 | $stmt = "WHERE priority < ? AND requestor = submitter"; |
1328 | @bind = ('2'); |
1329 | |
cc422895 |
1330 | If you are maintaining legacy code you may see a different construct as |
1331 | described in L</Deprecated usage of Literal SQL>, please use C<-ident> in new |
1332 | code. |
1333 | |
1334 | =head3 -value |
e9614080 |
1335 | |
cc422895 |
1336 | This is a virtual operator that signals that the construct to its right side |
1337 | is a value to be passed to DBI. This is for example necessary when you want |
1338 | to write a where clause against an array (for RDBMS that support such |
1339 | datatypes). For example: |
e9614080 |
1340 | |
32eab2da |
1341 | my %where = ( |
cc422895 |
1342 | array => { -value => [1, 2, 3] } |
32eab2da |
1343 | ); |
1344 | |
cc422895 |
1345 | will result in: |
32eab2da |
1346 | |
cc422895 |
1347 | $stmt = 'WHERE array = ?'; |
1348 | @bind = ([1, 2, 3]); |
32eab2da |
1349 | |
cc422895 |
1350 | Note that if you were to simply say: |
32eab2da |
1351 | |
1352 | my %where = ( |
cc422895 |
1353 | array => [1, 2, 3] |
32eab2da |
1354 | ); |
1355 | |
cc422895 |
1356 | the result would porbably be not what you wanted: |
1357 | |
1358 | $stmt = 'WHERE array = ? OR array = ? OR array = ?'; |
1359 | @bind = (1, 2, 3); |
1360 | |
1361 | =head3 Literal SQL |
96449e8e |
1362 | |
cc422895 |
1363 | Finally, sometimes only literal SQL will do. To include a random snippet |
1364 | of SQL verbatim, you specify it as a scalar reference. Consider this only |
1365 | as a last resort. Usually there is a better way. For example: |
96449e8e |
1366 | |
1367 | my %where = ( |
cc422895 |
1368 | priority => { '<', 2 }, |
1369 | requestor => { -in => \'(SELECT name FROM hitmen)' }, |
96449e8e |
1370 | ); |
1371 | |
cc422895 |
1372 | Would create: |
96449e8e |
1373 | |
cc422895 |
1374 | $stmt = "WHERE priority < ? AND requestor IN (SELECT name FROM hitmen)" |
1375 | @bind = (2); |
1376 | |
1377 | Note that in this example, you only get one bind parameter back, since |
1378 | the verbatim SQL is passed as part of the statement. |
1379 | |
1380 | =head4 CAVEAT |
1381 | |
1382 | Never use untrusted input as a literal SQL argument - this is a massive |
1383 | security risk (there is no way to check literal snippets for SQL |
1384 | injections and other nastyness). If you need to deal with untrusted input |
1385 | use literal SQL with placeholders as described next. |
96449e8e |
1386 | |
cc422895 |
1387 | =head3 Literal SQL with placeholders and bind values (subqueries) |
96449e8e |
1388 | |
1389 | If the literal SQL to be inserted has placeholders and bind values, |
1390 | use a reference to an arrayref (yes this is a double reference -- |
1391 | not so common, but perfectly legal Perl). For example, to find a date |
1392 | in Postgres you can use something like this: |
1393 | |
1394 | my %where = ( |
1395 | date_column => \[q/= date '2008-09-30' - ?::integer/, 10/] |
1396 | ) |
1397 | |
1398 | This would create: |
1399 | |
d2a8fe1a |
1400 | $stmt = "WHERE ( date_column = date '2008-09-30' - ?::integer )" |
96449e8e |
1401 | @bind = ('10'); |
1402 | |
deb148a2 |
1403 | Note that you must pass the bind values in the same format as they are returned |
62552e7d |
1404 | by L</where>. That means that if you set L</bindtype> to C<columns>, you must |
26f2dca5 |
1405 | provide the bind values in the C<< [ column_meta => value ] >> format, where |
1406 | C<column_meta> is an opaque scalar value; most commonly the column name, but |
62552e7d |
1407 | you can use any scalar value (including references and blessed references), |
1408 | L<SQL::Abstract> will simply pass it through intact. So if C<bindtype> is set |
1409 | to C<columns> the above example will look like: |
deb148a2 |
1410 | |
1411 | my %where = ( |
1412 | date_column => \[q/= date '2008-09-30' - ?::integer/, [ dummy => 10 ]/] |
1413 | ) |
96449e8e |
1414 | |
1415 | Literal SQL is especially useful for nesting parenthesized clauses in the |
1416 | main SQL query. Here is a first example : |
1417 | |
1418 | my ($sub_stmt, @sub_bind) = ("SELECT c1 FROM t1 WHERE c2 < ? AND c3 LIKE ?", |
1419 | 100, "foo%"); |
1420 | my %where = ( |
1421 | foo => 1234, |
1422 | bar => \["IN ($sub_stmt)" => @sub_bind], |
1423 | ); |
1424 | |
1425 | This yields : |
1426 | |
9d48860e |
1427 | $stmt = "WHERE (foo = ? AND bar IN (SELECT c1 FROM t1 |
96449e8e |
1428 | WHERE c2 < ? AND c3 LIKE ?))"; |
1429 | @bind = (1234, 100, "foo%"); |
1430 | |
9d48860e |
1431 | Other subquery operators, like for example C<"E<gt> ALL"> or C<"NOT IN">, |
96449e8e |
1432 | are expressed in the same way. Of course the C<$sub_stmt> and |
9d48860e |
1433 | its associated bind values can be generated through a former call |
96449e8e |
1434 | to C<select()> : |
1435 | |
1436 | my ($sub_stmt, @sub_bind) |
9d48860e |
1437 | = $sql->select("t1", "c1", {c2 => {"<" => 100}, |
96449e8e |
1438 | c3 => {-like => "foo%"}}); |
1439 | my %where = ( |
1440 | foo => 1234, |
1441 | bar => \["> ALL ($sub_stmt)" => @sub_bind], |
1442 | ); |
1443 | |
1444 | In the examples above, the subquery was used as an operator on a column; |
9d48860e |
1445 | but the same principle also applies for a clause within the main C<%where> |
96449e8e |
1446 | hash, like an EXISTS subquery : |
1447 | |
9d48860e |
1448 | my ($sub_stmt, @sub_bind) |
96449e8e |
1449 | = $sql->select("t1", "*", {c1 => 1, c2 => \"> t0.c0"}); |
48d9f5f8 |
1450 | my %where = ( -and => [ |
96449e8e |
1451 | foo => 1234, |
48d9f5f8 |
1452 | \["EXISTS ($sub_stmt)" => @sub_bind], |
1453 | ]); |
96449e8e |
1454 | |
1455 | which yields |
1456 | |
9d48860e |
1457 | $stmt = "WHERE (foo = ? AND EXISTS (SELECT * FROM t1 |
96449e8e |
1458 | WHERE c1 = ? AND c2 > t0.c0))"; |
1459 | @bind = (1234, 1); |
1460 | |
1461 | |
9d48860e |
1462 | Observe that the condition on C<c2> in the subquery refers to |
1463 | column C<t0.c0> of the main query : this is I<not> a bind |
1464 | value, so we have to express it through a scalar ref. |
96449e8e |
1465 | Writing C<< c2 => {">" => "t0.c0"} >> would have generated |
1466 | C<< c2 > ? >> with bind value C<"t0.c0"> ... not exactly |
1467 | what we wanted here. |
1468 | |
96449e8e |
1469 | Finally, here is an example where a subquery is used |
1470 | for expressing unary negation: |
1471 | |
9d48860e |
1472 | my ($sub_stmt, @sub_bind) |
96449e8e |
1473 | = $sql->where({age => [{"<" => 10}, {">" => 20}]}); |
1474 | $sub_stmt =~ s/^ where //i; # don't want "WHERE" in the subclause |
1475 | my %where = ( |
1476 | lname => {like => '%son%'}, |
48d9f5f8 |
1477 | \["NOT ($sub_stmt)" => @sub_bind], |
96449e8e |
1478 | ); |
1479 | |
1480 | This yields |
1481 | |
1482 | $stmt = "lname LIKE ? AND NOT ( age < ? OR age > ? )" |
1483 | @bind = ('%son%', 10, 20) |
1484 | |
cc422895 |
1485 | =head3 Deprecated usage of Literal SQL |
1486 | |
1487 | Below are some examples of archaic use of literal SQL. It is shown only as |
1488 | reference for those who deal with legacy code. Each example has a much |
1489 | better, cleaner and safer alternative that users should opt for in new code. |
1490 | |
1491 | =over |
1492 | |
1493 | =item * |
1494 | |
1495 | my %where = ( requestor => \'IS NOT NULL' ) |
1496 | |
1497 | $stmt = "WHERE requestor IS NOT NULL" |
1498 | |
1499 | This used to be the way of generating NULL comparisons, before the handling |
1500 | of C<undef> got formalized. For new code please use the superior syntax as |
1501 | described in L</Tests for NULL values>. |
96449e8e |
1502 | |
cc422895 |
1503 | =item * |
1504 | |
1505 | my %where = ( requestor => \'= submitter' ) |
1506 | |
1507 | $stmt = "WHERE requestor = submitter" |
1508 | |
1509 | This used to be the only way to compare columns. Use the superior L</-ident> |
1510 | method for all new code. For example an identifier declared in such a way |
1511 | will be properly quoted if L</quote_char> is properly set, while the legacy |
1512 | form will remain as supplied. |
1513 | |
1514 | =item * |
1515 | |
1516 | my %where = ( is_ready => \"", completed => { '>', '2012-12-21' } ) |
1517 | |
1518 | $stmt = "WHERE completed > ? AND is_ready" |
1519 | @bind = ('2012-12-21') |
1520 | |
1521 | Using an empty string literal used to be the only way to express a boolean. |
1522 | For all new code please use the much more readable |
1523 | L<-bool|/Unary operators: bool> operator. |
1524 | |
1525 | =back |
96449e8e |
1526 | |
1527 | =head2 Conclusion |
1528 | |
32eab2da |
1529 | These pages could go on for a while, since the nesting of the data |
1530 | structures this module can handle are pretty much unlimited (the |
1531 | module implements the C<WHERE> expansion as a recursive function |
1532 | internally). Your best bet is to "play around" with the module a |
1533 | little to see how the data structures behave, and choose the best |
1534 | format for your data based on that. |
1535 | |
1536 | And of course, all the values above will probably be replaced with |
1537 | variables gotten from forms or the command line. After all, if you |
1538 | knew everything ahead of time, you wouldn't have to worry about |
1539 | dynamically-generating SQL and could just hardwire it into your |
1540 | script. |
1541 | |
86298391 |
1542 | =head1 ORDER BY CLAUSES |
1543 | |
9d48860e |
1544 | Some functions take an order by clause. This can either be a scalar (just a |
86298391 |
1545 | column name,) a hash of C<< { -desc => 'col' } >> or C<< { -asc => 'col' } >>, |
1cfa1db3 |
1546 | or an array of either of the two previous forms. Examples: |
1547 | |
952f9e2d |
1548 | Given | Will Generate |
1cfa1db3 |
1549 | ---------------------------------------------------------- |
952f9e2d |
1550 | | |
1551 | \'colA DESC' | ORDER BY colA DESC |
1552 | | |
1553 | 'colA' | ORDER BY colA |
1554 | | |
1555 | [qw/colA colB/] | ORDER BY colA, colB |
1556 | | |
1557 | {-asc => 'colA'} | ORDER BY colA ASC |
1558 | | |
1559 | {-desc => 'colB'} | ORDER BY colB DESC |
1560 | | |
1561 | ['colA', {-asc => 'colB'}] | ORDER BY colA, colB ASC |
1562 | | |
855e6047 |
1563 | { -asc => [qw/colA colB/] } | ORDER BY colA ASC, colB ASC |
952f9e2d |
1564 | | |
1565 | [ | |
1566 | { -asc => 'colA' }, | ORDER BY colA ASC, colB DESC, |
1567 | { -desc => [qw/colB/], | colC ASC, colD ASC |
1568 | { -asc => [qw/colC colD/],| |
1569 | ] | |
1570 | =========================================================== |
86298391 |
1571 | |
96449e8e |
1572 | |
1573 | |
1574 | =head1 SPECIAL OPERATORS |
1575 | |
e3f9dff4 |
1576 | my $sqlmaker = SQL::Abstract->new(special_ops => [ |
3a2e1a5e |
1577 | { |
1578 | regex => qr/.../, |
e3f9dff4 |
1579 | handler => sub { |
1580 | my ($self, $field, $op, $arg) = @_; |
1581 | ... |
3a2e1a5e |
1582 | }, |
1583 | }, |
1584 | { |
1585 | regex => qr/.../, |
1586 | handler => 'method_name', |
e3f9dff4 |
1587 | }, |
1588 | ]); |
1589 | |
9d48860e |
1590 | A "special operator" is a SQL syntactic clause that can be |
e3f9dff4 |
1591 | applied to a field, instead of a usual binary operator. |
9d48860e |
1592 | For example : |
e3f9dff4 |
1593 | |
1594 | WHERE field IN (?, ?, ?) |
1595 | WHERE field BETWEEN ? AND ? |
1596 | WHERE MATCH(field) AGAINST (?, ?) |
96449e8e |
1597 | |
e3f9dff4 |
1598 | Special operators IN and BETWEEN are fairly standard and therefore |
3a2e1a5e |
1599 | are builtin within C<SQL::Abstract> (as the overridable methods |
1600 | C<_where_field_IN> and C<_where_field_BETWEEN>). For other operators, |
1601 | like the MATCH .. AGAINST example above which is specific to MySQL, |
1602 | you can write your own operator handlers - supply a C<special_ops> |
1603 | argument to the C<new> method. That argument takes an arrayref of |
1604 | operator definitions; each operator definition is a hashref with two |
1605 | entries: |
96449e8e |
1606 | |
e3f9dff4 |
1607 | =over |
1608 | |
1609 | =item regex |
1610 | |
1611 | the regular expression to match the operator |
96449e8e |
1612 | |
e3f9dff4 |
1613 | =item handler |
1614 | |
3a2e1a5e |
1615 | Either a coderef or a plain scalar method name. In both cases |
1616 | the expected return is C<< ($sql, @bind) >>. |
1617 | |
1618 | When supplied with a method name, it is simply called on the |
1619 | L<SQL::Abstract/> object as: |
1620 | |
1621 | $self->$method_name ($field, $op, $arg) |
1622 | |
1623 | Where: |
1624 | |
1625 | $op is the part that matched the handler regex |
1626 | $field is the LHS of the operator |
1627 | $arg is the RHS |
1628 | |
1629 | When supplied with a coderef, it is called as: |
1630 | |
1631 | $coderef->($self, $field, $op, $arg) |
1632 | |
e3f9dff4 |
1633 | |
1634 | =back |
1635 | |
9d48860e |
1636 | For example, here is an implementation |
e3f9dff4 |
1637 | of the MATCH .. AGAINST syntax for MySQL |
1638 | |
1639 | my $sqlmaker = SQL::Abstract->new(special_ops => [ |
9d48860e |
1640 | |
e3f9dff4 |
1641 | # special op for MySql MATCH (field) AGAINST(word1, word2, ...) |
9d48860e |
1642 | {regex => qr/^match$/i, |
e3f9dff4 |
1643 | handler => sub { |
1644 | my ($self, $field, $op, $arg) = @_; |
1645 | $arg = [$arg] if not ref $arg; |
1646 | my $label = $self->_quote($field); |
1647 | my ($placeholder) = $self->_convert('?'); |
1648 | my $placeholders = join ", ", (($placeholder) x @$arg); |
1649 | my $sql = $self->_sqlcase('match') . " ($label) " |
1650 | . $self->_sqlcase('against') . " ($placeholders) "; |
1651 | my @bind = $self->_bindtype($field, @$arg); |
1652 | return ($sql, @bind); |
1653 | } |
1654 | }, |
9d48860e |
1655 | |
e3f9dff4 |
1656 | ]); |
96449e8e |
1657 | |
1658 | |
59f23b3d |
1659 | =head1 UNARY OPERATORS |
1660 | |
112b5232 |
1661 | my $sqlmaker = SQL::Abstract->new(unary_ops => [ |
59f23b3d |
1662 | { |
1663 | regex => qr/.../, |
1664 | handler => sub { |
1665 | my ($self, $op, $arg) = @_; |
1666 | ... |
1667 | }, |
1668 | }, |
1669 | { |
1670 | regex => qr/.../, |
1671 | handler => 'method_name', |
1672 | }, |
1673 | ]); |
1674 | |
9d48860e |
1675 | A "unary operator" is a SQL syntactic clause that can be |
59f23b3d |
1676 | applied to a field - the operator goes before the field |
1677 | |
1678 | You can write your own operator handlers - supply a C<unary_ops> |
1679 | argument to the C<new> method. That argument takes an arrayref of |
1680 | operator definitions; each operator definition is a hashref with two |
1681 | entries: |
1682 | |
1683 | =over |
1684 | |
1685 | =item regex |
1686 | |
1687 | the regular expression to match the operator |
1688 | |
1689 | =item handler |
1690 | |
1691 | Either a coderef or a plain scalar method name. In both cases |
1692 | the expected return is C<< $sql >>. |
1693 | |
1694 | When supplied with a method name, it is simply called on the |
1695 | L<SQL::Abstract/> object as: |
1696 | |
1697 | $self->$method_name ($op, $arg) |
1698 | |
1699 | Where: |
1700 | |
1701 | $op is the part that matched the handler regex |
1702 | $arg is the RHS or argument of the operator |
1703 | |
1704 | When supplied with a coderef, it is called as: |
1705 | |
1706 | $coderef->($self, $op, $arg) |
1707 | |
1708 | |
1709 | =back |
1710 | |
1711 | |
32eab2da |
1712 | =head1 PERFORMANCE |
1713 | |
1714 | Thanks to some benchmarking by Mark Stosberg, it turns out that |
1715 | this module is many orders of magnitude faster than using C<DBIx::Abstract>. |
1716 | I must admit this wasn't an intentional design issue, but it's a |
1717 | byproduct of the fact that you get to control your C<DBI> handles |
1718 | yourself. |
1719 | |
1720 | To maximize performance, use a code snippet like the following: |
1721 | |
1722 | # prepare a statement handle using the first row |
1723 | # and then reuse it for the rest of the rows |
1724 | my($sth, $stmt); |
1725 | for my $href (@array_of_hashrefs) { |
1726 | $stmt ||= $sql->insert('table', $href); |
1727 | $sth ||= $dbh->prepare($stmt); |
1728 | $sth->execute($sql->values($href)); |
1729 | } |
1730 | |
1731 | The reason this works is because the keys in your C<$href> are sorted |
1732 | internally by B<SQL::Abstract>. Thus, as long as your data retains |
1733 | the same structure, you only have to generate the SQL the first time |
1734 | around. On subsequent queries, simply use the C<values> function provided |
1735 | by this module to return your values in the correct order. |
1736 | |
b864ba9b |
1737 | However this depends on the values having the same type - if, for |
1738 | example, the values of a where clause may either have values |
1739 | (resulting in sql of the form C<column = ?> with a single bind |
1740 | value), or alternatively the values might be C<undef> (resulting in |
1741 | sql of the form C<column IS NULL> with no bind value) then the |
1742 | caching technique suggested will not work. |
96449e8e |
1743 | |
32eab2da |
1744 | =head1 FORMBUILDER |
1745 | |
1746 | If you use my C<CGI::FormBuilder> module at all, you'll hopefully |
1747 | really like this part (I do, at least). Building up a complex query |
1748 | can be as simple as the following: |
1749 | |
1750 | #!/usr/bin/perl |
1751 | |
1752 | use CGI::FormBuilder; |
1753 | use SQL::Abstract; |
1754 | |
1755 | my $form = CGI::FormBuilder->new(...); |
1756 | my $sql = SQL::Abstract->new; |
1757 | |
1758 | if ($form->submitted) { |
1759 | my $field = $form->field; |
1760 | my $id = delete $field->{id}; |
1761 | my($stmt, @bind) = $sql->update('table', $field, {id => $id}); |
1762 | } |
1763 | |
1764 | Of course, you would still have to connect using C<DBI> to run the |
1765 | query, but the point is that if you make your form look like your |
1766 | table, the actual query script can be extremely simplistic. |
1767 | |
1768 | If you're B<REALLY> lazy (I am), check out C<HTML::QuickTable> for |
9d48860e |
1769 | a fast interface to returning and formatting data. I frequently |
32eab2da |
1770 | use these three modules together to write complex database query |
1771 | apps in under 50 lines. |
1772 | |
d8cc1792 |
1773 | =head1 REPO |
1774 | |
1775 | =over |
1776 | |
6d19fbf9 |
1777 | =item * gitweb: L<http://git.shadowcat.co.uk/gitweb/gitweb.cgi?p=dbsrgits/SQL-Abstract.git> |
d8cc1792 |
1778 | |
6d19fbf9 |
1779 | =item * git: L<git://git.shadowcat.co.uk/dbsrgits/SQL-Abstract.git> |
d8cc1792 |
1780 | |
1781 | =back |
32eab2da |
1782 | |
96449e8e |
1783 | =head1 CHANGES |
1784 | |
1785 | Version 1.50 was a major internal refactoring of C<SQL::Abstract>. |
1786 | Great care has been taken to preserve the I<published> behavior |
1787 | documented in previous versions in the 1.* family; however, |
9d48860e |
1788 | some features that were previously undocumented, or behaved |
96449e8e |
1789 | differently from the documentation, had to be changed in order |
1790 | to clarify the semantics. Hence, client code that was relying |
9d48860e |
1791 | on some dark areas of C<SQL::Abstract> v1.* |
96449e8e |
1792 | B<might behave differently> in v1.50. |
32eab2da |
1793 | |
d2a8fe1a |
1794 | The main changes are : |
1795 | |
96449e8e |
1796 | =over |
32eab2da |
1797 | |
9d48860e |
1798 | =item * |
32eab2da |
1799 | |
96449e8e |
1800 | support for literal SQL through the C<< \ [$sql, bind] >> syntax. |
1801 | |
1802 | =item * |
1803 | |
145fbfc8 |
1804 | support for the { operator => \"..." } construct (to embed literal SQL) |
1805 | |
1806 | =item * |
1807 | |
9c37b9c0 |
1808 | support for the { operator => \["...", @bind] } construct (to embed literal SQL with bind values) |
1809 | |
1810 | =item * |
1811 | |
96449e8e |
1812 | optional support for L<array datatypes|/"Inserting and Updating Arrays"> |
1813 | |
9d48860e |
1814 | =item * |
96449e8e |
1815 | |
1816 | defensive programming : check arguments |
1817 | |
1818 | =item * |
1819 | |
1820 | fixed bug with global logic, which was previously implemented |
7cac25e6 |
1821 | through global variables yielding side-effects. Prior versions would |
96449e8e |
1822 | interpret C<< [ {cond1, cond2}, [cond3, cond4] ] >> |
1823 | as C<< "(cond1 AND cond2) OR (cond3 AND cond4)" >>. |
1824 | Now this is interpreted |
1825 | as C<< "(cond1 AND cond2) OR (cond3 OR cond4)" >>. |
1826 | |
96449e8e |
1827 | |
1828 | =item * |
1829 | |
1830 | fixed semantics of _bindtype on array args |
1831 | |
9d48860e |
1832 | =item * |
96449e8e |
1833 | |
1834 | dropped the C<_anoncopy> of the %where tree. No longer necessary, |
1835 | we just avoid shifting arrays within that tree. |
1836 | |
1837 | =item * |
1838 | |
1839 | dropped the C<_modlogic> function |
1840 | |
1841 | =back |
32eab2da |
1842 | |
32eab2da |
1843 | =head1 ACKNOWLEDGEMENTS |
1844 | |
1845 | There are a number of individuals that have really helped out with |
1846 | this module. Unfortunately, most of them submitted bugs via CPAN |
1847 | so I have no idea who they are! But the people I do know are: |
1848 | |
9d48860e |
1849 | Ash Berlin (order_by hash term support) |
b643abe1 |
1850 | Matt Trout (DBIx::Class support) |
32eab2da |
1851 | Mark Stosberg (benchmarking) |
1852 | Chas Owens (initial "IN" operator support) |
1853 | Philip Collins (per-field SQL functions) |
1854 | Eric Kolve (hashref "AND" support) |
1855 | Mike Fragassi (enhancements to "BETWEEN" and "LIKE") |
1856 | Dan Kubb (support for "quote_char" and "name_sep") |
f5aab26e |
1857 | Guillermo Roditi (patch to cleanup "IN" and "BETWEEN", fix and tests for _order_by) |
48d9f5f8 |
1858 | Laurent Dami (internal refactoring, extensible list of special operators, literal SQL) |
dbdf7648 |
1859 | Norbert Buchmuller (support for literal SQL in hashpair, misc. fixes & tests) |
e96c510a |
1860 | Peter Rabbitson (rewrite of SQLA::Test, misc. fixes & tests) |
02288357 |
1861 | Oliver Charles (support for "RETURNING" after "INSERT") |
32eab2da |
1862 | |
1863 | Thanks! |
1864 | |
32eab2da |
1865 | =head1 SEE ALSO |
1866 | |
86298391 |
1867 | L<DBIx::Class>, L<DBIx::Abstract>, L<CGI::FormBuilder>, L<HTML::QuickTable>. |
32eab2da |
1868 | |
32eab2da |
1869 | =head1 AUTHOR |
1870 | |
b643abe1 |
1871 | Copyright (c) 2001-2007 Nathan Wiger <nwiger@cpan.org>. All Rights Reserved. |
1872 | |
1873 | This module is actively maintained by Matt Trout <mst@shadowcatsystems.co.uk> |
32eab2da |
1874 | |
abe72f94 |
1875 | For support, your best bet is to try the C<DBIx::Class> users mailing list. |
1876 | While not an official support venue, C<DBIx::Class> makes heavy use of |
1877 | C<SQL::Abstract>, and as such list members there are very familiar with |
1878 | how to create queries. |
1879 | |
0d067ded |
1880 | =head1 LICENSE |
1881 | |
d988ab87 |
1882 | This module is free software; you may copy this under the same |
1883 | terms as perl itself (either the GNU General Public License or |
1884 | the Artistic License) |
32eab2da |
1885 | |
1886 | =cut |
1887 | |