projects / scpubgit/Q-Branch.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | history | HEAD
Backport undef-with-in tests from DQ, add "roadwork ahead" exceptions
[scpubgit/Q-Branch.git] / lib / SQL / Abstract.pm
CommitLineData
96449e8e 1package SQL::Abstract; # see doc at end of file
2
3# LDNOTE : this code is heavy refactoring from original SQLA.
4# Several design decisions will need discussion during
5# the test / diffusion / acceptance phase; those are marked with flag
6# 'LDNOTE' (note by laurent.dami AT free.fr)
7
96449e8e 8use strict;
9use warnings;
9d9d5bd6 10use Carp ();
312d830b 11use List::Util ();
12use Scalar::Util ();
96449e8e 13
14#======================================================================
15# GLOBALS
16#======================================================================
17
3cb8f017 18our $VERSION = '1.74';
7479e27e 19
22f1a437 20# This would confuse some packagers
c520207b 21$VERSION = eval $VERSION if $VERSION =~ /_/; # numify for warning-free dev releases
96449e8e 22
23our $AUTOLOAD;
24
25# special operators (-in, -between). May be extended/overridden by user.
26# See section WHERE: BUILTIN SPECIAL OPERATORS below for implementation
27my @BUILTIN_SPECIAL_OPS = (
b8db59b8 28 {regex => qr/^ (?: not \s )? between $/ix, handler => '_where_field_BETWEEN'},
29 {regex => qr/^ (?: not \s )? in $/ix, handler => '_where_field_IN'},
cc422895 30 {regex => qr/^ ident $/ix, handler => '_where_op_IDENT'},
31 {regex => qr/^ value $/ix, handler => '_where_op_VALUE'},
96449e8e 32);
33
97a920ef 34# unaryish operators - key maps to handler
59f23b3d 35my @BUILTIN_UNARY_OPS = (
a47b433a 36 # the digits are backcompat stuff
b8db59b8 37 { regex => qr/^ and (?: [_\s]? \d+ )? $/xi, handler => '_where_op_ANDOR' },
38 { regex => qr/^ or (?: [_\s]? \d+ )? $/xi, handler => '_where_op_ANDOR' },
39 { regex => qr/^ nest (?: [_\s]? \d+ )? $/xi, handler => '_where_op_NEST' },
40 { regex => qr/^ (?: not \s )? bool $/xi, handler => '_where_op_BOOL' },
cc422895 41 { regex => qr/^ ident $/xi, handler => '_where_op_IDENT' },
42 { regex => qr/^ value $/ix, handler => '_where_op_VALUE' },
59f23b3d 43);
97a920ef 44
96449e8e 45#======================================================================
46# DEBUGGING AND ERROR REPORTING
47#======================================================================
48
49sub _debug {
50 return unless $_[0]->{debug}; shift; # a little faster
51 my $func = (caller(1))[3];
52 warn "[$func] ", @_, "\n";
53}
54
55sub belch (@) {
56 my($func) = (caller(1))[3];
9d9d5bd6 57 Carp::carp "[$func] Warning: ", @_;
96449e8e 58}
59
60sub puke (@) {
61 my($func) = (caller(1))[3];
9d9d5bd6 62 Carp::croak "[$func] Fatal: ", @_;
96449e8e 63}
64
65
66#======================================================================
67# NEW
68#======================================================================
69
70sub new {
71 my $self = shift;
72 my $class = ref($self) || $self;
73 my %opt = (ref $_[0] eq 'HASH') ? %{$_[0]} : @_;
74
75 # choose our case by keeping an option around
76 delete $opt{case} if $opt{case} && $opt{case} ne 'lower';
77
78 # default logic for interpreting arrayrefs
ef559da3 79 $opt{logic} = $opt{logic} ? uc $opt{logic} : 'OR';
96449e8e 80
81 # how to return bind vars
82 # LDNOTE: changed nwiger code : why this 'delete' ??
83 # $opt{bindtype} ||= delete($opt{bind_type}) || 'normal';
84 $opt{bindtype} ||= 'normal';
85
86 # default comparison is "=", but can be overridden
87 $opt{cmp} ||= '=';
88
3af02ccb 89 # try to recognize which are the 'equality' and 'inequality' ops
96449e8e 90 # (temporary quickfix, should go through a more seasoned API)
2281c758 91 $opt{equality_op} = qr/^(\Q$opt{cmp}\E|is|(is\s+)?like)$/i;
92 $opt{inequality_op} = qr/^(!=|<>|(is\s+)?not(\s+like)?)$/i;
96449e8e 93
94 # SQL booleans
95 $opt{sqltrue} ||= '1=1';
96 $opt{sqlfalse} ||= '0=1';
97
9d48860e 98 # special operators
96449e8e 99 $opt{special_ops} ||= [];
b6251592 100 # regexes are applied in order, thus push after user-defines
96449e8e 101 push @{$opt{special_ops}}, @BUILTIN_SPECIAL_OPS;
102
9d48860e 103 # unary operators
59f23b3d 104 $opt{unary_ops} ||= [];
105 push @{$opt{unary_ops}}, @BUILTIN_UNARY_OPS;
106
3af02ccb 107 # rudimentary sanity-check for user supplied bits treated as functions/operators
b6251592 108 # If a purported function matches this regular expression, an exception is thrown.
109 # Literal SQL is *NOT* subject to this check, only functions (and column names
110 # when quoting is not in effect)
96449e8e 111
b6251592 112 # FIXME
113 # need to guard against ()'s in column names too, but this will break tons of
114 # hacks... ideas anyone?
115 $opt{injection_guard} ||= qr/
116 \;
117 |
118 ^ \s* go \s
119 /xmi;
96449e8e 120
b6251592 121 return bless \%opt, $class;
122}
96449e8e 123
170e6c33 124
125sub _assert_pass_injection_guard {
126 if ($_[1] =~ $_[0]->{injection_guard}) {
127 my $class = ref $_[0];
128 puke "Possible SQL injection attempt '$_[1]'. If this is indeed a part of the "
129 . "desired SQL use literal SQL ( \'...' or \[ '...' ] ) or supply your own "
130 . "{injection_guard} attribute to ${class}->new()"
131 }
132}
133
134
96449e8e 135#======================================================================
136# INSERT methods
137#======================================================================
138
139sub insert {
02288357 140 my $self = shift;
141 my $table = $self->_table(shift);
142 my $data = shift || return;
143 my $options = shift;
96449e8e 144
145 my $method = $self->_METHOD_FOR_refkind("_insert", $data);
02288357 146 my ($sql, @bind) = $self->$method($data);
96449e8e 147 $sql = join " ", $self->_sqlcase('insert into'), $table, $sql;
02288357 148
e82e648a 149 if ($options->{returning}) {
150 my ($s, @b) = $self->_insert_returning ($options);
151 $sql .= $s;
152 push @bind, @b;
02288357 153 }
154
96449e8e 155 return wantarray ? ($sql, @bind) : $sql;
156}
157
6b1fe79d 158sub _insert_returning {
e82e648a 159 my ($self, $options) = @_;
6b1fe79d 160
e82e648a 161 my $f = $options->{returning};
162
163 my $fieldlist = $self->_SWITCH_refkind($f, {
164 ARRAYREF => sub {join ', ', map { $self->_quote($_) } @$f;},
165 SCALAR => sub {$self->_quote($f)},
166 SCALARREF => sub {$$f},
6b1fe79d 167 });
e82e648a 168 return $self->_sqlcase(' returning ') . $fieldlist;
6b1fe79d 169}
170
96449e8e 171sub _insert_HASHREF { # explicit list of fields and then values
172 my ($self, $data) = @_;
173
174 my @fields = sort keys %$data;
175
fe3ae272 176 my ($sql, @bind) = $self->_insert_values($data);
96449e8e 177
178 # assemble SQL
179 $_ = $self->_quote($_) foreach @fields;
180 $sql = "( ".join(", ", @fields).") ".$sql;
181
182 return ($sql, @bind);
183}
184
185sub _insert_ARRAYREF { # just generate values(?,?) part (no list of fields)
186 my ($self, $data) = @_;
187
188 # no names (arrayref) so can't generate bindtype
189 $self->{bindtype} ne 'columns'
190 or belch "can't do 'columns' bindtype when called with arrayref";
191
fe3ae272 192 # fold the list of values into a hash of column name - value pairs
193 # (where the column names are artificially generated, and their
194 # lexicographical ordering keep the ordering of the original list)
195 my $i = "a"; # incremented values will be in lexicographical order
196 my $data_in_hash = { map { ($i++ => $_) } @$data };
197
198 return $self->_insert_values($data_in_hash);
199}
200
201sub _insert_ARRAYREFREF { # literal SQL with bind
202 my ($self, $data) = @_;
203
204 my ($sql, @bind) = @${$data};
205 $self->_assert_bindval_matches_bindtype(@bind);
206
207 return ($sql, @bind);
208}
209
210
211sub _insert_SCALARREF { # literal SQL without bind
212 my ($self, $data) = @_;
213
214 return ($$data);
215}
216
217sub _insert_values {
218 my ($self, $data) = @_;
219
96449e8e 220 my (@values, @all_bind);
fe3ae272 221 foreach my $column (sort keys %$data) {
222 my $v = $data->{$column};
96449e8e 223
224 $self->_SWITCH_refkind($v, {
225
9d48860e 226 ARRAYREF => sub {
96449e8e 227 if ($self->{array_datatypes}) { # if array datatype are activated
228 push @values, '?';
fe3ae272 229 push @all_bind, $self->_bindtype($column, $v);
96449e8e 230 }
231 else { # else literal SQL with bind
232 my ($sql, @bind) = @$v;
fe3ae272 233 $self->_assert_bindval_matches_bindtype(@bind);
96449e8e 234 push @values, $sql;
235 push @all_bind, @bind;
236 }
237 },
238
239 ARRAYREFREF => sub { # literal SQL with bind
240 my ($sql, @bind) = @${$v};
fe3ae272 241 $self->_assert_bindval_matches_bindtype(@bind);
96449e8e 242 push @values, $sql;
243 push @all_bind, @bind;
244 },
245
9d48860e 246 # THINK : anything useful to do with a HASHREF ?
5db47f9f 247 HASHREF => sub { # (nothing, but old SQLA passed it through)
248 #TODO in SQLA >= 2.0 it will die instead
249 belch "HASH ref as bind value in insert is not supported";
250 push @values, '?';
fe3ae272 251 push @all_bind, $self->_bindtype($column, $v);
5db47f9f 252 },
96449e8e 253
254 SCALARREF => sub { # literal SQL without bind
255 push @values, $$v;
256 },
257
258 SCALAR_or_UNDEF => sub {
259 push @values, '?';
fe3ae272 260 push @all_bind, $self->_bindtype($column, $v);
96449e8e 261 },
262
263 });
264
265 }
266
267 my $sql = $self->_sqlcase('values')." ( ".join(", ", @values)." )";
268 return ($sql, @all_bind);
269}
270
271
96449e8e 272
273#======================================================================
274# UPDATE methods
275#======================================================================
276
277
278sub update {
279 my $self = shift;
280 my $table = $self->_table(shift);
281 my $data = shift || return;
282 my $where = shift;
283
284 # first build the 'SET' part of the sql statement
285 my (@set, @all_bind);
286 puke "Unsupported data type specified to \$sql->update"
287 unless ref $data eq 'HASH';
288
289 for my $k (sort keys %$data) {
290 my $v = $data->{$k};
291 my $r = ref $v;
292 my $label = $self->_quote($k);
293
294 $self->_SWITCH_refkind($v, {
9d48860e 295 ARRAYREF => sub {
96449e8e 296 if ($self->{array_datatypes}) { # array datatype
297 push @set, "$label = ?";
298 push @all_bind, $self->_bindtype($k, $v);
299 }
300 else { # literal SQL with bind
301 my ($sql, @bind) = @$v;
fe3ae272 302 $self->_assert_bindval_matches_bindtype(@bind);
96449e8e 303 push @set, "$label = $sql";
fe3ae272 304 push @all_bind, @bind;
96449e8e 305 }
306 },
307 ARRAYREFREF => sub { # literal SQL with bind
308 my ($sql, @bind) = @${$v};
fe3ae272 309 $self->_assert_bindval_matches_bindtype(@bind);
96449e8e 310 push @set, "$label = $sql";
fe3ae272 311 push @all_bind, @bind;
96449e8e 312 },
313 SCALARREF => sub { # literal SQL without bind
314 push @set, "$label = $$v";
0ec3aec7 315 },
316 HASHREF => sub {
317 my ($op, $arg, @rest) = %$v;
318
319 puke 'Operator calls in update must be in the form { -op => $arg }'
320 if (@rest or not $op =~ /^\-(.+)/);
321
322 local $self->{_nested_func_lhs} = $k;
323 my ($sql, @bind) = $self->_where_unary_op ($1, $arg);
324
325 push @set, "$label = $sql";
326 push @all_bind, @bind;
327 },
96449e8e 328 SCALAR_or_UNDEF => sub {
329 push @set, "$label = ?";
330 push @all_bind, $self->_bindtype($k, $v);
331 },
332 });
333 }
334
335 # generate sql
336 my $sql = $self->_sqlcase('update') . " $table " . $self->_sqlcase('set ')
337 . join ', ', @set;
338
339 if ($where) {
340 my($where_sql, @where_bind) = $self->where($where);
341 $sql .= $where_sql;
342 push @all_bind, @where_bind;
343 }
344
345 return wantarray ? ($sql, @all_bind) : $sql;
346}
347
348
349
350
351#======================================================================
352# SELECT
353#======================================================================
354
355
356sub select {
357 my $self = shift;
358 my $table = $self->_table(shift);
359 my $fields = shift || '*';
360 my $where = shift;
361 my $order = shift;
362
363 my($where_sql, @bind) = $self->where($where, $order);
364
365 my $f = (ref $fields eq 'ARRAY') ? join ', ', map { $self->_quote($_) } @$fields
366 : $fields;
9d48860e 367 my $sql = join(' ', $self->_sqlcase('select'), $f,
96449e8e 368 $self->_sqlcase('from'), $table)
369 . $where_sql;
370
9d48860e 371 return wantarray ? ($sql, @bind) : $sql;
96449e8e 372}
373
374#======================================================================
375# DELETE
376#======================================================================
377
378
379sub delete {
380 my $self = shift;
381 my $table = $self->_table(shift);
382 my $where = shift;
383
384
385 my($where_sql, @bind) = $self->where($where);
386 my $sql = $self->_sqlcase('delete from') . " $table" . $where_sql;
387
9d48860e 388 return wantarray ? ($sql, @bind) : $sql;
96449e8e 389}
390
391
392#======================================================================
393# WHERE: entry point
394#======================================================================
395
396
397
398# Finally, a separate routine just to handle WHERE clauses
399sub where {
400 my ($self, $where, $order) = @_;
401
402 # where ?
403 my ($sql, @bind) = $self->_recurse_where($where);
404 $sql = $sql ? $self->_sqlcase(' where ') . "( $sql )" : '';
405
406 # order by?
407 if ($order) {
408 $sql .= $self->_order_by($order);
409 }
410
9d48860e 411 return wantarray ? ($sql, @bind) : $sql;
96449e8e 412}
413
414
415sub _recurse_where {
416 my ($self, $where, $logic) = @_;
417
418 # dispatch on appropriate method according to refkind of $where
419 my $method = $self->_METHOD_FOR_refkind("_where", $where);
311b2151 420
9d48860e 421 my ($sql, @bind) = $self->$method($where, $logic);
311b2151 422
9d48860e 423 # DBIx::Class directly calls _recurse_where in scalar context, so
311b2151 424 # we must implement it, even if not in the official API
9d48860e 425 return wantarray ? ($sql, @bind) : $sql;
96449e8e 426}
427
428
429
430#======================================================================
431# WHERE: top-level ARRAYREF
432#======================================================================
433
434
435sub _where_ARRAYREF {
5e1d09d5 436 my ($self, $where, $logic) = @_;
96449e8e 437
5e1d09d5 438 $logic = uc($logic || $self->{logic});
96449e8e 439 $logic eq 'AND' or $logic eq 'OR' or puke "unknown logic: $logic";
440
441 my @clauses = @$where;
442
96449e8e 443 my (@sql_clauses, @all_bind);
96449e8e 444 # need to use while() so can shift() for pairs
9d48860e 445 while (my $el = shift @clauses) {
96449e8e 446
447 # switch according to kind of $el and get corresponding ($sql, @bind)
448 my ($sql, @bind) = $self->_SWITCH_refkind($el, {
449
450 # skip empty elements, otherwise get invalid trailing AND stuff
451 ARRAYREF => sub {$self->_recurse_where($el) if @$el},
452
c94a6c93 453 ARRAYREFREF => sub {
454 my ($s, @b) = @$$el;
455 $self->_assert_bindval_matches_bindtype(@b);
456 ($s, @b);
457 },
474e3335 458
96449e8e 459 HASHREF => sub {$self->_recurse_where($el, 'and') if %$el},
460 # LDNOTE : previous SQLA code for hashrefs was creating a dirty
461 # side-effect: the first hashref within an array would change
462 # the global logic to 'AND'. So [ {cond1, cond2}, [cond3, cond4] ]
9d48860e 463 # was interpreted as "(cond1 AND cond2) OR (cond3 AND cond4)",
96449e8e 464 # whereas it should be "(cond1 AND cond2) OR (cond3 OR cond4)".
465
466 SCALARREF => sub { ($$el); },
467
468 SCALAR => sub {# top-level arrayref with scalars, recurse in pairs
469 $self->_recurse_where({$el => shift(@clauses)})},
470
471 UNDEF => sub {puke "not supported : UNDEF in arrayref" },
472 });
473
4b7b6026 474 if ($sql) {
475 push @sql_clauses, $sql;
476 push @all_bind, @bind;
477 }
96449e8e 478 }
479
480 return $self->_join_sql_clauses($logic, \@sql_clauses, \@all_bind);
481}
482
474e3335 483#======================================================================
484# WHERE: top-level ARRAYREFREF
485#======================================================================
96449e8e 486
474e3335 487sub _where_ARRAYREFREF {
488 my ($self, $where) = @_;
c94a6c93 489 my ($sql, @bind) = @$$where;
490 $self->_assert_bindval_matches_bindtype(@bind);
474e3335 491 return ($sql, @bind);
492}
96449e8e 493
494#======================================================================
495# WHERE: top-level HASHREF
496#======================================================================
497
498sub _where_HASHREF {
499 my ($self, $where) = @_;
500 my (@sql_clauses, @all_bind);
501
2281c758 502 for my $k (sort keys %$where) {
96449e8e 503 my $v = $where->{$k};
504
2281c758 505 # ($k => $v) is either a special unary op or a regular hashpair
506 my ($sql, @bind) = do {
507 if ($k =~ /^-./) {
508 # put the operator in canonical form
509 my $op = $k;
b8db59b8 510 $op = substr $op, 1; # remove initial dash
2281c758 511 $op =~ s/^\s+|\s+$//g;# remove leading/trailing space
b8db59b8 512 $op =~ s/\s+/ /g; # compress whitespace
513
514 # so that -not_foo works correctly
515 $op =~ s/^not_/NOT /i;
2281c758 516
517 $self->_debug("Unary OP(-$op) within hashref, recursing...");
0ec3aec7 518 my ($s, @b) = $self->_where_unary_op ($op, $v);
519
520 # top level vs nested
521 # we assume that handled unary ops will take care of their ()s
522 $s = "($s)" unless (
523 List::Util::first {$op =~ $_->{regex}} @{$self->{unary_ops}}
524 or
525 defined($self->{_nested_func_lhs}) && ($self->{_nested_func_lhs} eq $k)
526 );
527 ($s, @b);
2281c758 528 }
529 else {
530 my $method = $self->_METHOD_FOR_refkind("_where_hashpair", $v);
531 $self->$method($k, $v);
532 }
533 };
96449e8e 534
535 push @sql_clauses, $sql;
536 push @all_bind, @bind;
537 }
538
539 return $self->_join_sql_clauses('and', \@sql_clauses, \@all_bind);
540}
541
0ec3aec7 542sub _where_unary_op {
2281c758 543 my ($self, $op, $rhs) = @_;
96449e8e 544
0ec3aec7 545 if (my $op_entry = List::Util::first {$op =~ $_->{regex}} @{$self->{unary_ops}}) {
546 my $handler = $op_entry->{handler};
547
548 if (not ref $handler) {
549 if ($op =~ s/ [_\s]? \d+ $//x ) {
550 belch 'Use of [and|or|nest]_N modifiers is deprecated and will be removed in SQLA v2.0. '
551 . "You probably wanted ...-and => [ -$op => COND1, -$op => COND2 ... ]";
552 }
553 return $self->$handler ($op, $rhs);
554 }
555 elsif (ref $handler eq 'CODE') {
556 return $handler->($self, $op, $rhs);
557 }
558 else {
559 puke "Illegal handler for operator $op - expecting a method name or a coderef";
560 }
561 }
562
3d86e3b1 563 $self->_debug("Generic unary OP: $op - recursing as function");
0ec3aec7 564
170e6c33 565 $self->_assert_pass_injection_guard($op);
b6251592 566
2281c758 567 my ($sql, @bind) = $self->_SWITCH_refkind ($rhs, {
568 SCALAR => sub {
a7661cfc 569 puke "Illegal use of top-level '$op'"
570 unless $self->{_nested_func_lhs};
571
572 return (
573 $self->_convert('?'),
574 $self->_bindtype($self->{_nested_func_lhs}, $rhs)
575 );
2281c758 576 },
577 FALLBACK => sub {
578 $self->_recurse_where ($rhs)
579 },
580 });
96449e8e 581
953d164e 582 $sql = sprintf ('%s %s',
2281c758 583 $self->_sqlcase($op),
953d164e 584 $sql,
2281c758 585 );
96449e8e 586
2281c758 587 return ($sql, @bind);
97a920ef 588}
589
590sub _where_op_ANDOR {
2281c758 591 my ($self, $op, $v) = @_;
97a920ef 592
593 $self->_SWITCH_refkind($v, {
594 ARRAYREF => sub {
595 return $self->_where_ARRAYREF($v, $op);
596 },
597
598 HASHREF => sub {
59f23b3d 599 return ( $op =~ /^or/i )
97a920ef 600 ? $self->_where_ARRAYREF( [ map { $_ => $v->{$_} } ( sort keys %$v ) ], $op )
601 : $self->_where_HASHREF($v);
602 },
603
9d48860e 604 SCALARREF => sub {
48d9f5f8 605 puke "-$op => \\\$scalar makes little sense, use " .
a0d6d323 606 ($op =~ /^or/i
48d9f5f8 607 ? '[ \$scalar, \%rest_of_conditions ] instead'
608 : '-and => [ \$scalar, \%rest_of_conditions ] instead'
609 );
97a920ef 610 },
611
612 ARRAYREFREF => sub {
48d9f5f8 613 puke "-$op => \\[...] makes little sense, use " .
a0d6d323 614 ($op =~ /^or/i
48d9f5f8 615 ? '[ \[...], \%rest_of_conditions ] instead'
616 : '-and => [ \[...], \%rest_of_conditions ] instead'
617 );
97a920ef 618 },
619
620 SCALAR => sub { # permissively interpreted as SQL
48d9f5f8 621 puke "-$op => \$value makes little sense, use -bool => \$value instead";
97a920ef 622 },
623
624 UNDEF => sub {
625 puke "-$op => undef not supported";
626 },
627 });
628}
629
630sub _where_op_NEST {
9d48860e 631 my ($self, $op, $v) = @_;
97a920ef 632
96449e8e 633 $self->_SWITCH_refkind($v, {
634
96449e8e 635 SCALAR => sub { # permissively interpreted as SQL
01a01e57 636 belch "literal SQL should be -nest => \\'scalar' "
637 . "instead of -nest => 'scalar' ";
9d48860e 638 return ($v);
96449e8e 639 },
640
641 UNDEF => sub {
642 puke "-$op => undef not supported";
643 },
e9501094 644
645 FALLBACK => sub {
646 $self->_recurse_where ($v);
647 },
648
96449e8e 649 });
650}
651
652
97a920ef 653sub _where_op_BOOL {
9d48860e 654 my ($self, $op, $v) = @_;
97a920ef 655
b8db59b8 656 my ($s, @b) = $self->_SWITCH_refkind($v, {
657 SCALAR => sub { # interpreted as SQL column
658 $self->_convert($self->_quote($v));
659 },
ef03f1bc 660
b8db59b8 661 UNDEF => sub {
662 puke "-$op => undef not supported";
663 },
97a920ef 664
b8db59b8 665 FALLBACK => sub {
666 $self->_recurse_where ($v);
667 },
668 });
ef03f1bc 669
b8db59b8 670 $s = "(NOT $s)" if $op =~ /^not/i;
671 ($s, @b);
97a920ef 672}
673
674
cc422895 675sub _where_op_IDENT {
676 my $self = shift;
677 my ($op, $rhs) = splice @_, -2;
678 if (ref $rhs) {
679 puke "-$op takes a single scalar argument (a quotable identifier)";
680 }
681
682 # in case we are called as a top level special op (no '=')
683 my $lhs = shift;
684
685 $_ = $self->_convert($self->_quote($_)) for ($lhs, $rhs);
686
687 return $lhs
688 ? "$lhs = $rhs"
689 : $rhs
690 ;
691}
692
693sub _where_op_VALUE {
694 my $self = shift;
695 my ($op, $rhs) = splice @_, -2;
696
697 # in case we are called as a top level special op (no '=')
698 my $lhs = shift;
699
700 my @bind =
701 $self->_bindtype (
702 ($lhs || $self->{_nested_func_lhs}),
703 $rhs,
704 )
705 ;
706
707 return $lhs
708 ? (
709 $self->_convert($self->_quote($lhs)) . ' = ' . $self->_convert('?'),
710 @bind
711 )
712 : (
713 $self->_convert('?'),
714 @bind,
715 )
716 ;
717}
718
96449e8e 719sub _where_hashpair_ARRAYREF {
720 my ($self, $k, $v) = @_;
721
722 if( @$v ) {
723 my @v = @$v; # need copy because of shift below
724 $self->_debug("ARRAY($k) means distribute over elements");
725
726 # put apart first element if it is an operator (-and, -or)
e3cecb45 727 my $op = (
728 (defined $v[0] && $v[0] =~ /^ - (?: AND|OR ) $/ix)
729 ? shift @v
730 : ''
04d940de 731 );
96449e8e 732 my @distributed = map { {$k => $_} } @v;
04d940de 733
734 if ($op) {
735 $self->_debug("OP($op) reinjected into the distributed array");
736 unshift @distributed, $op;
737 }
738
f67591bf 739 my $logic = $op ? substr($op, 1) : '';
96449e8e 740
f67591bf 741 return $self->_recurse_where(\@distributed, $logic);
9d48860e 742 }
96449e8e 743 else {
744 # LDNOTE : not sure of this one. What does "distribute over nothing" mean?
745 $self->_debug("empty ARRAY($k) means 0=1");
746 return ($self->{sqlfalse});
747 }
748}
749
750sub _where_hashpair_HASHREF {
eb49170d 751 my ($self, $k, $v, $logic) = @_;
752 $logic ||= 'and';
96449e8e 753
a7661cfc 754 local $self->{_nested_func_lhs} = $self->{_nested_func_lhs};
a7661cfc 755
eb49170d 756 my ($all_sql, @all_bind);
96449e8e 757
a47b433a 758 for my $orig_op (sort keys %$v) {
759 my $val = $v->{$orig_op};
96449e8e 760
761 # put the operator in canonical form
a47b433a 762 my $op = $orig_op;
b8db59b8 763
764 # FIXME - we need to phase out dash-less ops
765 $op =~ s/^-//; # remove possible initial dash
a47b433a 766 $op =~ s/^\s+|\s+$//g;# remove leading/trailing space
b8db59b8 767 $op =~ s/\s+/ /g; # compress whitespace
768
170e6c33 769 $self->_assert_pass_injection_guard($op);
b6251592 770
b8db59b8 771 # so that -not_foo works correctly
772 $op =~ s/^not_/NOT /i;
96449e8e 773
774 my ($sql, @bind);
775
2281c758 776 # CASE: col-value logic modifiers
777 if ( $orig_op =~ /^ \- (and|or) $/xi ) {
778 ($sql, @bind) = $self->_where_hashpair_HASHREF($k, $val, $1);
779 }
96449e8e 780 # CASE: special operators like -in or -between
312d830b 781 elsif ( my $special_op = List::Util::first {$op =~ $_->{regex}} @{$self->{special_ops}} ) {
3a2e1a5e 782 my $handler = $special_op->{handler};
783 if (! $handler) {
a47b433a 784 puke "No handler supplied for special operator $orig_op";
3a2e1a5e 785 }
786 elsif (not ref $handler) {
787 ($sql, @bind) = $self->$handler ($k, $op, $val);
788 }
789 elsif (ref $handler eq 'CODE') {
790 ($sql, @bind) = $handler->($self, $k, $op, $val);
791 }
792 else {
a47b433a 793 puke "Illegal handler for special operator $orig_op - expecting a method name or a coderef";
3a2e1a5e 794 }
96449e8e 795 }
96449e8e 796 else {
cf838930 797 $self->_SWITCH_refkind($val, {
798
799 ARRAYREF => sub { # CASE: col => {op => \@vals}
800 ($sql, @bind) = $self->_where_field_op_ARRAYREF($k, $op, $val);
801 },
802
fe3ae272 803 ARRAYREFREF => sub { # CASE: col => {op => \[$sql, @bind]} (literal SQL with bind)
b3be7bd0 804 my ($sub_sql, @sub_bind) = @$$val;
fe3ae272 805 $self->_assert_bindval_matches_bindtype(@sub_bind);
b3be7bd0 806 $sql = join ' ', $self->_convert($self->_quote($k)),
807 $self->_sqlcase($op),
808 $sub_sql;
fe3ae272 809 @bind = @sub_bind;
b3be7bd0 810 },
811
cf838930 812 UNDEF => sub { # CASE: col => {op => undef} : sql "IS (NOT)? NULL"
813 my $is = ($op =~ $self->{equality_op}) ? 'is' :
814 ($op =~ $self->{inequality_op}) ? 'is not' :
a47b433a 815 puke "unexpected operator '$orig_op' with undef operand";
cf838930 816 $sql = $self->_quote($k) . $self->_sqlcase(" $is null");
817 },
a47b433a 818
2281c758 819 FALLBACK => sub { # CASE: col => {op/func => $stuff}
07936978 820
953d164e 821 # retain for proper column type bind
822 $self->{_nested_func_lhs} ||= $k;
07936978 823
0ec3aec7 824 ($sql, @bind) = $self->_where_unary_op ($op, $val);
953d164e 825
826 $sql = join (' ',
827 $self->_convert($self->_quote($k)),
828 $self->{_nested_func_lhs} eq $k ? $sql : "($sql)", # top level vs nested
829 );
cf838930 830 },
831 });
96449e8e 832 }
833
eb49170d 834 ($all_sql) = (defined $all_sql and $all_sql) ? $self->_join_sql_clauses($logic, [$all_sql, $sql], []) : $sql;
96449e8e 835 push @all_bind, @bind;
836 }
eb49170d 837 return ($all_sql, @all_bind);
96449e8e 838}
839
840
841
842sub _where_field_op_ARRAYREF {
843 my ($self, $k, $op, $vals) = @_;
844
ce261791 845 my @vals = @$vals; #always work on a copy
846
847 if(@vals) {
bd6a65ca 848 $self->_debug(sprintf '%s means multiple elements: [ %s ]',
849 $vals,
850 join (', ', map { defined $_ ? "'$_'" : 'NULL' } @vals ),
851 );
96449e8e 852
4030915f 853 # see if the first element is an -and/-or op
854 my $logic;
bd6a65ca 855 if (defined $vals[0] && $vals[0] =~ /^ - ( AND|OR ) $/ix) {
4030915f 856 $logic = uc $1;
ce261791 857 shift @vals;
4030915f 858 }
859
ce261791 860 # distribute $op over each remaining member of @vals, append logic if exists
861 return $self->_recurse_where([map { {$k => {$op, $_}} } @vals], $logic);
4030915f 862
9d48860e 863 # LDNOTE : had planned to change the distribution logic when
864 # $op =~ $self->{inequality_op}, because of Morgan laws :
96449e8e 865 # with {field => {'!=' => [22, 33]}}, it would be ridiculous to generate
9d48860e 866 # WHERE field != 22 OR field != 33 : the user probably means
96449e8e 867 # WHERE field != 22 AND field != 33.
4030915f 868 # To do this, replace the above to roughly :
f2d5020d 869 # my $logic = ($op =~ $self->{inequality_op}) ? 'AND' : 'OR';
ce261791 870 # return $self->_recurse_where([map { {$k => {$op, $_}} } @vals], $logic);
96449e8e 871
9d48860e 872 }
96449e8e 873 else {
9d48860e 874 # try to DWIM on equality operators
96449e8e 875 # LDNOTE : not 100% sure this is the correct thing to do ...
876 return ($self->{sqlfalse}) if $op =~ $self->{equality_op};
877 return ($self->{sqltrue}) if $op =~ $self->{inequality_op};
878
879 # otherwise
880 puke "operator '$op' applied on an empty array (field '$k')";
881 }
882}
883
884
885sub _where_hashpair_SCALARREF {
886 my ($self, $k, $v) = @_;
887 $self->_debug("SCALAR($k) means literal SQL: $$v");
888 my $sql = $self->_quote($k) . " " . $$v;
889 return ($sql);
890}
891
fe3ae272 892# literal SQL with bind
96449e8e 893sub _where_hashpair_ARRAYREFREF {
894 my ($self, $k, $v) = @_;
895 $self->_debug("REF($k) means literal SQL: @${$v}");
c94a6c93 896 my ($sql, @bind) = @$$v;
fe3ae272 897 $self->_assert_bindval_matches_bindtype(@bind);
96449e8e 898 $sql = $self->_quote($k) . " " . $sql;
96449e8e 899 return ($sql, @bind );
900}
901
fe3ae272 902# literal SQL without bind
96449e8e 903sub _where_hashpair_SCALAR {
904 my ($self, $k, $v) = @_;
905 $self->_debug("NOREF($k) means simple key=val: $k $self->{cmp} $v");
9d48860e 906 my $sql = join ' ', $self->_convert($self->_quote($k)),
907 $self->_sqlcase($self->{cmp}),
96449e8e 908 $self->_convert('?');
909 my @bind = $self->_bindtype($k, $v);
910 return ( $sql, @bind);
911}
912
913
914sub _where_hashpair_UNDEF {
915 my ($self, $k, $v) = @_;
916 $self->_debug("UNDEF($k) means IS NULL");
917 my $sql = $self->_quote($k) . $self->_sqlcase(' is null');
918 return ($sql);
919}
920
921#======================================================================
922# WHERE: TOP-LEVEL OTHERS (SCALARREF, SCALAR, UNDEF)
923#======================================================================
924
925
926sub _where_SCALARREF {
927 my ($self, $where) = @_;
928
929 # literal sql
930 $self->_debug("SCALAR(*top) means literal SQL: $$where");
931 return ($$where);
932}
933
934
935sub _where_SCALAR {
936 my ($self, $where) = @_;
937
938 # literal sql
939 $self->_debug("NOREF(*top) means literal SQL: $where");
940 return ($where);
941}
942
943
944sub _where_UNDEF {
945 my ($self) = @_;
946 return ();
947}
948
949
950#======================================================================
951# WHERE: BUILTIN SPECIAL OPERATORS (-in, -between)
952#======================================================================
953
954
955sub _where_field_BETWEEN {
956 my ($self, $k, $op, $vals) = @_;
957
4d8b3dc4 958 my ($label, $and, $placeholder);
cf02fc47 959 $label = $self->_convert($self->_quote($k));
960 $and = ' ' . $self->_sqlcase('and') . ' ';
961 $placeholder = $self->_convert('?');
96449e8e 962 $op = $self->_sqlcase($op);
963
4d8b3dc4 964 my ($clause, @bind) = $self->_SWITCH_refkind($vals, {
965 ARRAYREFREF => sub {
c94a6c93 966 my ($s, @b) = @$$vals;
967 $self->_assert_bindval_matches_bindtype(@b);
968 ($s, @b);
4d8b3dc4 969 },
970 SCALARREF => sub {
971 return $$vals;
972 },
973 ARRAYREF => sub {
974 puke "special op 'between' accepts an arrayref with exactly two values"
975 if @$vals != 2;
976
977 my (@all_sql, @all_bind);
978 foreach my $val (@$vals) {
979 my ($sql, @bind) = $self->_SWITCH_refkind($val, {
980 SCALAR => sub {
5e5cbf51 981 return ($placeholder, $self->_bindtype($k, $val) );
4d8b3dc4 982 },
983 SCALARREF => sub {
0336eddb 984 return $$val;
4d8b3dc4 985 },
986 ARRAYREFREF => sub {
987 my ($sql, @bind) = @$$val;
c94a6c93 988 $self->_assert_bindval_matches_bindtype(@bind);
0336eddb 989 return ($sql, @bind);
4d8b3dc4 990 },
0336eddb 991 HASHREF => sub {
992 my ($func, $arg, @rest) = %$val;
993 puke ("Only simple { -func => arg } functions accepted as sub-arguments to BETWEEN")
994 if (@rest or $func !~ /^ \- (.+)/x);
995 local $self->{_nested_func_lhs} = $k;
0ec3aec7 996 $self->_where_unary_op ($1 => $arg);
0336eddb 997 }
4d8b3dc4 998 });
999 push @all_sql, $sql;
1000 push @all_bind, @bind;
1001 }
1002
1003 return (
1004 (join $and, @all_sql),
5e5cbf51 1005 @all_bind
4d8b3dc4 1006 );
1007 },
1008 FALLBACK => sub {
1009 puke "special op 'between' accepts an arrayref with two values, or a single literal scalarref/arrayref-ref";
1010 },
1011 });
cf02fc47 1012
cf02fc47 1013 my $sql = "( $label $op $clause )";
96449e8e 1014 return ($sql, @bind)
1015}
1016
1017
1018sub _where_field_IN {
1019 my ($self, $k, $op, $vals) = @_;
1020
1021 # backwards compatibility : if scalar, force into an arrayref
1022 $vals = [$vals] if defined $vals && ! ref $vals;
1023
96449e8e 1024 my ($label) = $self->_convert($self->_quote($k));
1025 my ($placeholder) = $self->_convert('?');
96449e8e 1026 $op = $self->_sqlcase($op);
1027
8a0d798a 1028 my ($sql, @bind) = $self->_SWITCH_refkind($vals, {
1029 ARRAYREF => sub { # list of choices
1030 if (@$vals) { # nonempty list
0336eddb 1031 my (@all_sql, @all_bind);
1032
1033 for my $val (@$vals) {
1034 my ($sql, @bind) = $self->_SWITCH_refkind($val, {
1035 SCALAR => sub {
1036 return ($placeholder, $val);
1037 },
1038 SCALARREF => sub {
1039 return $$val;
1040 },
1041 ARRAYREFREF => sub {
1042 my ($sql, @bind) = @$$val;
1043 $self->_assert_bindval_matches_bindtype(@bind);
1044 return ($sql, @bind);
1045 },
1046 HASHREF => sub {
1047 my ($func, $arg, @rest) = %$val;
1048 puke ("Only simple { -func => arg } functions accepted as sub-arguments to IN")
1049 if (@rest or $func !~ /^ \- (.+)/x);
1050 local $self->{_nested_func_lhs} = $k;
0ec3aec7 1051 $self->_where_unary_op ($1 => $arg);
279eb282 1052 },
1053 UNDEF => sub {
032dfe20 1054 puke(
1055 'SQL::Abstract before v1.75 used to generate incorrect SQL when the '
1056 . "-$op operator was given an undef-containing list: !!!AUDIT YOUR CODE "
1057 . 'AND DATA!!! (the upcoming Data::Query-based version of SQL::Abstract '
1058 . 'will emit the logically correct SQL instead of raising this exception)'
1059 );
279eb282 1060 },
0336eddb 1061 });
1062 push @all_sql, $sql;
1063 push @all_bind, @bind;
1064 }
96449e8e 1065
88a89939 1066 return (
1067 sprintf ('%s %s ( %s )',
1068 $label,
1069 $op,
1070 join (', ', @all_sql)
1071 ),
1072 $self->_bindtype($k, @all_bind),
0336eddb 1073 );
8a0d798a 1074 }
1075 else { # empty list : some databases won't understand "IN ()", so DWIM
1076 my $sql = ($op =~ /\bnot\b/i) ? $self->{sqltrue} : $self->{sqlfalse};
1077 return ($sql);
1078 }
1079 },
1080
4a1f01a3 1081 SCALARREF => sub { # literal SQL
1082 my $sql = $self->_open_outer_paren ($$vals);
1083 return ("$label $op ( $sql )");
1084 },
8a0d798a 1085 ARRAYREFREF => sub { # literal SQL with bind
1086 my ($sql, @bind) = @$$vals;
fe3ae272 1087 $self->_assert_bindval_matches_bindtype(@bind);
4a1f01a3 1088 $sql = $self->_open_outer_paren ($sql);
8a0d798a 1089 return ("$label $op ( $sql )", @bind);
1090 },
1091
1092 FALLBACK => sub {
4a1f01a3 1093 puke "special op 'in' requires an arrayref (or scalarref/arrayref-ref)";
8a0d798a 1094 },
1095 });
1096
1097 return ($sql, @bind);
96449e8e 1098}
1099
4a1f01a3 1100# Some databases (SQLite) treat col IN (1, 2) different from
1101# col IN ( (1, 2) ). Use this to strip all outer parens while
1102# adding them back in the corresponding method
1103sub _open_outer_paren {
1104 my ($self, $sql) = @_;
171a709f 1105 $sql = $1 while $sql =~ /^ \s* \( (.*) \) \s* $/xs;
4a1f01a3 1106 return $sql;
1107}
1108
96449e8e 1109
96449e8e 1110#======================================================================
1111# ORDER BY
1112#======================================================================
1113
1114sub _order_by {
1115 my ($self, $arg) = @_;
1116
f267b646 1117 my (@sql, @bind);
1118 for my $c ($self->_order_by_chunks ($arg) ) {
1119 $self->_SWITCH_refkind ($c, {
1120 SCALAR => sub { push @sql, $c },
1121 ARRAYREF => sub { push @sql, shift @$c; push @bind, @$c },
1122 });
1123 }
1124
1125 my $sql = @sql
1126 ? sprintf ('%s %s',
1127 $self->_sqlcase(' order by'),
1128 join (', ', @sql)
1129 )
1130 : ''
1131 ;
1132
1133 return wantarray ? ($sql, @bind) : $sql;
1134}
1135
1136sub _order_by_chunks {
1137 my ($self, $arg) = @_;
1138
1139 return $self->_SWITCH_refkind($arg, {
96449e8e 1140
1141 ARRAYREF => sub {
f267b646 1142 map { $self->_order_by_chunks ($_ ) } @$arg;
96449e8e 1143 },
1144
c94a6c93 1145 ARRAYREFREF => sub {
1146 my ($s, @b) = @$$arg;
1147 $self->_assert_bindval_matches_bindtype(@b);
1148 [ $s, @b ];
1149 },
f267b646 1150
96449e8e 1151 SCALAR => sub {$self->_quote($arg)},
f267b646 1152
1153 UNDEF => sub {return () },
1154
96449e8e 1155 SCALARREF => sub {$$arg}, # literal SQL, no quoting
96449e8e 1156
f267b646 1157 HASHREF => sub {
5e436130 1158 # get first pair in hash
1159 my ($key, $val, @rest) = %$arg;
1160
1161 return () unless $key;
1162
1163 if ( @rest or not $key =~ /^-(desc|asc)/i ) {
1164 puke "hash passed to _order_by must have exactly one key (-desc or -asc)";
f267b646 1165 }
5e436130 1166
1167 my $direction = $1;
96449e8e 1168
e9bd3547 1169 my @ret;
f267b646 1170 for my $c ($self->_order_by_chunks ($val)) {
e9bd3547 1171 my ($sql, @bind);
96449e8e 1172
f267b646 1173 $self->_SWITCH_refkind ($c, {
1174 SCALAR => sub {
e9bd3547 1175 $sql = $c;
f267b646 1176 },
1177 ARRAYREF => sub {
e9bd3547 1178 ($sql, @bind) = @$c;
f267b646 1179 },
1180 });
96449e8e 1181
5e436130 1182 $sql = $sql . ' ' . $self->_sqlcase($direction);
96449e8e 1183
e9bd3547 1184 push @ret, [ $sql, @bind];
1185 }
96449e8e 1186
e9bd3547 1187 return @ret;
f267b646 1188 },
1189 });
96449e8e 1190}
1191
1192
96449e8e 1193#======================================================================
1194# DATASOURCE (FOR NOW, JUST PLAIN TABLE OR LIST OF TABLES)
1195#======================================================================
1196
1197sub _table {
1198 my $self = shift;
1199 my $from = shift;
1200 $self->_SWITCH_refkind($from, {
1201 ARRAYREF => sub {join ', ', map { $self->_quote($_) } @$from;},
1202 SCALAR => sub {$self->_quote($from)},
1203 SCALARREF => sub {$$from},
96449e8e 1204 });
1205}
1206
1207
1208#======================================================================
1209# UTILITY FUNCTIONS
1210#======================================================================
1211
955e77ca 1212# highly optimized, as it's called way too often
96449e8e 1213sub _quote {
955e77ca 1214 # my ($self, $label) = @_;
96449e8e 1215
955e77ca 1216 return '' unless defined $_[1];
955e77ca 1217 return ${$_[1]} if ref($_[1]) eq 'SCALAR';
96449e8e 1218
b6251592 1219 unless ($_[0]->{quote_char}) {
170e6c33 1220 $_[0]->_assert_pass_injection_guard($_[1]);
b6251592 1221 return $_[1];
1222 }
96449e8e 1223
07d7c35c 1224 my $qref = ref $_[0]->{quote_char};
955e77ca 1225 my ($l, $r);
07d7c35c 1226 if (!$qref) {
1227 ($l, $r) = ( $_[0]->{quote_char}, $_[0]->{quote_char} );
955e77ca 1228 }
07d7c35c 1229 elsif ($qref eq 'ARRAY') {
1230 ($l, $r) = @{$_[0]->{quote_char}};
955e77ca 1231 }
1232 else {
1233 puke "Unsupported quote_char format: $_[0]->{quote_char}";
1234 }
96449e8e 1235
07d7c35c 1236 # parts containing * are naturally unquoted
1237 return join( $_[0]->{name_sep}||'', map
955e77ca 1238 { $_ eq '*' ? $_ : $l . $_ . $r }
1239 ( $_[0]->{name_sep} ? split (/\Q$_[0]->{name_sep}\E/, $_[1] ) : $_[1] )
1240 );
96449e8e 1241}
1242
1243
1244# Conversion, if applicable
1245sub _convert ($) {
07d7c35c 1246 #my ($self, $arg) = @_;
96449e8e 1247
1248# LDNOTE : modified the previous implementation below because
1249# it was not consistent : the first "return" is always an array,
1250# the second "return" is context-dependent. Anyway, _convert
9d48860e 1251# seems always used with just a single argument, so make it a
96449e8e 1252# scalar function.
1253# return @_ unless $self->{convert};
1254# my $conv = $self->_sqlcase($self->{convert});
1255# my @ret = map { $conv.'('.$_.')' } @_;
1256# return wantarray ? @ret : $ret[0];
07d7c35c 1257 if ($_[0]->{convert}) {
1258 return $_[0]->_sqlcase($_[0]->{convert}) .'(' . $_[1] . ')';
96449e8e 1259 }
07d7c35c 1260 return $_[1];
96449e8e 1261}
1262
1263# And bindtype
1264sub _bindtype (@) {
07d7c35c 1265 #my ($self, $col, @vals) = @_;
96449e8e 1266
9d48860e 1267 #LDNOTE : changed original implementation below because it did not make
96449e8e 1268 # sense when bindtype eq 'columns' and @vals > 1.
1269# return $self->{bindtype} eq 'columns' ? [ $col, @vals ] : @vals;
1270
07d7c35c 1271 # called often - tighten code
1272 return $_[0]->{bindtype} eq 'columns'
1273 ? map {[$_[1], $_]} @_[2 .. $#_]
1274 : @_[2 .. $#_]
1275 ;
96449e8e 1276}
1277
fe3ae272 1278# Dies if any element of @bind is not in [colname => value] format
1279# if bindtype is 'columns'.
1280sub _assert_bindval_matches_bindtype {
c94a6c93 1281# my ($self, @bind) = @_;
1282 my $self = shift;
fe3ae272 1283 if ($self->{bindtype} eq 'columns') {
c94a6c93 1284 for (@_) {
1285 if (!defined $_ || ref($_) ne 'ARRAY' || @$_ != 2) {
3a06278c 1286 puke "bindtype 'columns' selected, you need to pass: [column_name => bind_value]"
fe3ae272 1287 }
1288 }
1289 }
1290}
1291
96449e8e 1292sub _join_sql_clauses {
1293 my ($self, $logic, $clauses_aref, $bind_aref) = @_;
1294
1295 if (@$clauses_aref > 1) {
1296 my $join = " " . $self->_sqlcase($logic) . " ";
1297 my $sql = '( ' . join($join, @$clauses_aref) . ' )';
1298 return ($sql, @$bind_aref);
1299 }
1300 elsif (@$clauses_aref) {
1301 return ($clauses_aref->[0], @$bind_aref); # no parentheses
1302 }
1303 else {
1304 return (); # if no SQL, ignore @$bind_aref
1305 }
1306}
1307
1308
1309# Fix SQL case, if so requested
1310sub _sqlcase {
96449e8e 1311 # LDNOTE: if $self->{case} is true, then it contains 'lower', so we
1312 # don't touch the argument ... crooked logic, but let's not change it!
07d7c35c 1313 return $_[0]->{case} ? $_[1] : uc($_[1]);
96449e8e 1314}
1315
1316
1317#======================================================================
1318# DISPATCHING FROM REFKIND
1319#======================================================================
1320
1321sub _refkind {
1322 my ($self, $data) = @_;
96449e8e 1323
955e77ca 1324 return 'UNDEF' unless defined $data;
1325
1326 # blessed objects are treated like scalars
1327 my $ref = (Scalar::Util::blessed $data) ? '' : ref $data;
1328
1329 return 'SCALAR' unless $ref;
1330
1331 my $n_steps = 1;
1332 while ($ref eq 'REF') {
96449e8e 1333 $data = $$data;
955e77ca 1334 $ref = (Scalar::Util::blessed $data) ? '' : ref $data;
1335 $n_steps++ if $ref;
96449e8e 1336 }
1337
848556bc 1338 return ($ref||'SCALAR') . ('REF' x $n_steps);
96449e8e 1339}
1340
1341sub _try_refkind {
1342 my ($self, $data) = @_;
1343 my @try = ($self->_refkind($data));
1344 push @try, 'SCALAR_or_UNDEF' if $try[0] eq 'SCALAR' || $try[0] eq 'UNDEF';
1345 push @try, 'FALLBACK';
955e77ca 1346 return \@try;
96449e8e 1347}
1348
1349sub _METHOD_FOR_refkind {
1350 my ($self, $meth_prefix, $data) = @_;
f39eaa60 1351
1352 my $method;
955e77ca 1353 for (@{$self->_try_refkind($data)}) {
f39eaa60 1354 $method = $self->can($meth_prefix."_".$_)
1355 and last;
1356 }
1357
1358 return $method || puke "cannot dispatch on '$meth_prefix' for ".$self->_refkind($data);
96449e8e 1359}
1360
1361
1362sub _SWITCH_refkind {
1363 my ($self, $data, $dispatch_table) = @_;
1364
f39eaa60 1365 my $coderef;
955e77ca 1366 for (@{$self->_try_refkind($data)}) {
f39eaa60 1367 $coderef = $dispatch_table->{$_}
1368 and last;
1369 }
1370
1371 puke "no dispatch entry for ".$self->_refkind($data)
1372 unless $coderef;
1373
96449e8e 1374 $coderef->();
1375}
1376
1377
1378
1379
1380#======================================================================
1381# VALUES, GENERATE, AUTOLOAD
1382#======================================================================
1383
1384# LDNOTE: original code from nwiger, didn't touch code in that section
1385# I feel the AUTOLOAD stuff should not be the default, it should
1386# only be activated on explicit demand by user.
1387
1388sub values {
1389 my $self = shift;
1390 my $data = shift || return;
1391 puke "Argument to ", __PACKAGE__, "->values must be a \\%hash"
1392 unless ref $data eq 'HASH';
bab725ce 1393
1394 my @all_bind;
1395 foreach my $k ( sort keys %$data ) {
1396 my $v = $data->{$k};
1397 $self->_SWITCH_refkind($v, {
9d48860e 1398 ARRAYREF => sub {
bab725ce 1399 if ($self->{array_datatypes}) { # array datatype
1400 push @all_bind, $self->_bindtype($k, $v);
1401 }
1402 else { # literal SQL with bind
1403 my ($sql, @bind) = @$v;
1404 $self->_assert_bindval_matches_bindtype(@bind);
1405 push @all_bind, @bind;
1406 }
1407 },
1408 ARRAYREFREF => sub { # literal SQL with bind
1409 my ($sql, @bind) = @${$v};
1410 $self->_assert_bindval_matches_bindtype(@bind);
1411 push @all_bind, @bind;
1412 },
1413 SCALARREF => sub { # literal SQL without bind
1414 },
1415 SCALAR_or_UNDEF => sub {
1416 push @all_bind, $self->_bindtype($k, $v);
1417 },
1418 });
1419 }
1420
1421 return @all_bind;
96449e8e 1422}
1423
1424sub generate {
1425 my $self = shift;
1426
1427 my(@sql, @sqlq, @sqlv);
1428
1429 for (@_) {
1430 my $ref = ref $_;
1431 if ($ref eq 'HASH') {
1432 for my $k (sort keys %$_) {
1433 my $v = $_->{$k};
1434 my $r = ref $v;
1435 my $label = $self->_quote($k);
1436 if ($r eq 'ARRAY') {
fe3ae272 1437 # literal SQL with bind
1438 my ($sql, @bind) = @$v;
1439 $self->_assert_bindval_matches_bindtype(@bind);
96449e8e 1440 push @sqlq, "$label = $sql";
fe3ae272 1441 push @sqlv, @bind;
96449e8e 1442 } elsif ($r eq 'SCALAR') {
fe3ae272 1443 # literal SQL without bind
96449e8e 1444 push @sqlq, "$label = $$v";
9d48860e 1445 } else {
96449e8e 1446 push @sqlq, "$label = ?";
1447 push @sqlv, $self->_bindtype($k, $v);
1448 }
1449 }
1450 push @sql, $self->_sqlcase('set'), join ', ', @sqlq;
1451 } elsif ($ref eq 'ARRAY') {
1452 # unlike insert(), assume these are ONLY the column names, i.e. for SQL
1453 for my $v (@$_) {
1454 my $r = ref $v;
fe3ae272 1455 if ($r eq 'ARRAY') { # literal SQL with bind
1456 my ($sql, @bind) = @$v;
1457 $self->_assert_bindval_matches_bindtype(@bind);
1458 push @sqlq, $sql;
1459 push @sqlv, @bind;
1460 } elsif ($r eq 'SCALAR') { # literal SQL without bind
96449e8e 1461 # embedded literal SQL
1462 push @sqlq, $$v;
9d48860e 1463 } else {
96449e8e 1464 push @sqlq, '?';
1465 push @sqlv, $v;
1466 }
1467 }
1468 push @sql, '(' . join(', ', @sqlq) . ')';
1469 } elsif ($ref eq 'SCALAR') {
1470 # literal SQL
1471 push @sql, $$_;
1472 } else {
1473 # strings get case twiddled
1474 push @sql, $self->_sqlcase($_);
1475 }
1476 }
1477
1478 my $sql = join ' ', @sql;
1479
1480 # this is pretty tricky
1481 # if ask for an array, return ($stmt, @bind)
1482 # otherwise, s/?/shift @sqlv/ to put it inline
1483 if (wantarray) {
1484 return ($sql, @sqlv);
1485 } else {
1486 1 while $sql =~ s/\?/my $d = shift(@sqlv);
1487 ref $d ? $d->[1] : $d/e;
1488 return $sql;
1489 }
1490}
1491
1492
1493sub DESTROY { 1 }
1494
1495sub AUTOLOAD {
1496 # This allows us to check for a local, then _form, attr
1497 my $self = shift;
1498 my($name) = $AUTOLOAD =~ /.*::(.+)/;
1499 return $self->generate($name, @_);
1500}
1501
15021;
1503
1504
1505
1506__END__
32eab2da 1507
1508=head1 NAME
1509
1510SQL::Abstract - Generate SQL from Perl data structures
1511
1512=head1 SYNOPSIS
1513
1514 use SQL::Abstract;
1515
1516 my $sql = SQL::Abstract->new;
1517
521647e7 1518 my($stmt, @bind) = $sql->select($source, \@fields, \%where, \@order);
32eab2da 1519
1520 my($stmt, @bind) = $sql->insert($table, \%fieldvals || \@values);
1521
1522 my($stmt, @bind) = $sql->update($table, \%fieldvals, \%where);
1523
1524 my($stmt, @bind) = $sql->delete($table, \%where);
1525
1526 # Then, use these in your DBI statements
1527 my $sth = $dbh->prepare($stmt);
1528 $sth->execute(@bind);
1529
1530 # Just generate the WHERE clause
abe72f94 1531 my($stmt, @bind) = $sql->where(\%where, \@order);
32eab2da 1532
1533 # Return values in the same order, for hashed queries
1534 # See PERFORMANCE section for more details
1535 my @bind = $sql->values(\%fieldvals);
1536
1537=head1 DESCRIPTION
1538
1539This module was inspired by the excellent L<DBIx::Abstract>.
1540However, in using that module I found that what I really wanted
1541to do was generate SQL, but still retain complete control over my
1542statement handles and use the DBI interface. So, I set out to
1543create an abstract SQL generation module.
1544
1545While based on the concepts used by L<DBIx::Abstract>, there are
1546several important differences, especially when it comes to WHERE
1547clauses. I have modified the concepts used to make the SQL easier
1548to generate from Perl data structures and, IMO, more intuitive.
1549The underlying idea is for this module to do what you mean, based
1550on the data structures you provide it. The big advantage is that
1551you don't have to modify your code every time your data changes,
1552as this module figures it out.
1553
1554To begin with, an SQL INSERT is as easy as just specifying a hash
1555of C<key=value> pairs:
1556
1557 my %data = (
1558 name => 'Jimbo Bobson',
1559 phone => '123-456-7890',
1560 address => '42 Sister Lane',
1561 city => 'St. Louis',
1562 state => 'Louisiana',
1563 );
1564
1565The SQL can then be generated with this:
1566
1567 my($stmt, @bind) = $sql->insert('people', \%data);
1568
1569Which would give you something like this:
1570
1571 $stmt = "INSERT INTO people
1572 (address, city, name, phone, state)
1573 VALUES (?, ?, ?, ?, ?)";
1574 @bind = ('42 Sister Lane', 'St. Louis', 'Jimbo Bobson',
1575 '123-456-7890', 'Louisiana');
1576
1577These are then used directly in your DBI code:
1578
1579 my $sth = $dbh->prepare($stmt);
1580 $sth->execute(@bind);
1581
96449e8e 1582=head2 Inserting and Updating Arrays
1583
1584If your database has array types (like for example Postgres),
1585activate the special option C<< array_datatypes => 1 >>
9d48860e 1586when creating the C<SQL::Abstract> object.
96449e8e 1587Then you may use an arrayref to insert and update database array types:
1588
1589 my $sql = SQL::Abstract->new(array_datatypes => 1);
1590 my %data = (
1591 planets => [qw/Mercury Venus Earth Mars/]
1592 );
9d48860e 1593
96449e8e 1594 my($stmt, @bind) = $sql->insert('solar_system', \%data);
1595
1596This results in:
1597
1598 $stmt = "INSERT INTO solar_system (planets) VALUES (?)"
1599
1600 @bind = (['Mercury', 'Venus', 'Earth', 'Mars']);
1601
1602
1603=head2 Inserting and Updating SQL
1604
1605In order to apply SQL functions to elements of your C<%data> you may
1606specify a reference to an arrayref for the given hash value. For example,
1607if you need to execute the Oracle C<to_date> function on a value, you can
1608say something like this:
32eab2da 1609
1610 my %data = (
1611 name => 'Bill',
96449e8e 1612 date_entered => \["to_date(?,'MM/DD/YYYY')", "03/02/2003"],
9d48860e 1613 );
32eab2da 1614
1615The first value in the array is the actual SQL. Any other values are
1616optional and would be included in the bind values array. This gives
1617you:
1618
1619 my($stmt, @bind) = $sql->insert('people', \%data);
1620
9d48860e 1621 $stmt = "INSERT INTO people (name, date_entered)
32eab2da 1622 VALUES (?, to_date(?,'MM/DD/YYYY'))";
1623 @bind = ('Bill', '03/02/2003');
1624
1625An UPDATE is just as easy, all you change is the name of the function:
1626
1627 my($stmt, @bind) = $sql->update('people', \%data);
1628
1629Notice that your C<%data> isn't touched; the module will generate
1630the appropriately quirky SQL for you automatically. Usually you'll
1631want to specify a WHERE clause for your UPDATE, though, which is
1632where handling C<%where> hashes comes in handy...
1633
96449e8e 1634=head2 Complex where statements
1635
32eab2da 1636This module can generate pretty complicated WHERE statements
1637easily. For example, simple C<key=value> pairs are taken to mean
1638equality, and if you want to see if a field is within a set
1639of values, you can use an arrayref. Let's say we wanted to
1640SELECT some data based on this criteria:
1641
1642 my %where = (
1643 requestor => 'inna',
1644 worker => ['nwiger', 'rcwe', 'sfz'],
1645 status => { '!=', 'completed' }
1646 );
1647
1648 my($stmt, @bind) = $sql->select('tickets', '*', \%where);
1649
1650The above would give you something like this:
1651
1652 $stmt = "SELECT * FROM tickets WHERE
1653 ( requestor = ? ) AND ( status != ? )
1654 AND ( worker = ? OR worker = ? OR worker = ? )";
1655 @bind = ('inna', 'completed', 'nwiger', 'rcwe', 'sfz');
1656
1657Which you could then use in DBI code like so:
1658
1659 my $sth = $dbh->prepare($stmt);
1660 $sth->execute(@bind);
1661
1662Easy, eh?
1663
1664=head1 FUNCTIONS
1665
1666The functions are simple. There's one for each major SQL operation,
1667and a constructor you use first. The arguments are specified in a
9d48860e 1668similar order to each function (table, then fields, then a where
32eab2da 1669clause) to try and simplify things.
1670
83cab70b 1671
83cab70b 1672
32eab2da 1673
1674=head2 new(option => 'value')
1675
1676The C<new()> function takes a list of options and values, and returns
1677a new B<SQL::Abstract> object which can then be used to generate SQL
1678through the methods below. The options accepted are:
1679
1680=over
1681
1682=item case
1683
1684If set to 'lower', then SQL will be generated in all lowercase. By
1685default SQL is generated in "textbook" case meaning something like:
1686
1687 SELECT a_field FROM a_table WHERE some_field LIKE '%someval%'
1688
96449e8e 1689Any setting other than 'lower' is ignored.
1690
32eab2da 1691=item cmp
1692
1693This determines what the default comparison operator is. By default
1694it is C<=>, meaning that a hash like this:
1695
1696 %where = (name => 'nwiger', email => 'nate@wiger.org');
1697
1698Will generate SQL like this:
1699
1700 WHERE name = 'nwiger' AND email = 'nate@wiger.org'
1701
1702However, you may want loose comparisons by default, so if you set
1703C<cmp> to C<like> you would get SQL such as:
1704
1705 WHERE name like 'nwiger' AND email like 'nate@wiger.org'
1706
3af02ccb 1707You can also override the comparison on an individual basis - see
32eab2da 1708the huge section on L</"WHERE CLAUSES"> at the bottom.
1709
96449e8e 1710=item sqltrue, sqlfalse
1711
1712Expressions for inserting boolean values within SQL statements.
6e0c6552 1713By default these are C<1=1> and C<1=0>. They are used
1714by the special operators C<-in> and C<-not_in> for generating
1715correct SQL even when the argument is an empty array (see below).
96449e8e 1716
32eab2da 1717=item logic
1718
1719This determines the default logical operator for multiple WHERE
7cac25e6 1720statements in arrays or hashes. If absent, the default logic is "or"
1721for arrays, and "and" for hashes. This means that a WHERE
32eab2da 1722array of the form:
1723
1724 @where = (
9d48860e 1725 event_date => {'>=', '2/13/99'},
1726 event_date => {'<=', '4/24/03'},
32eab2da 1727 );
1728
7cac25e6 1729will generate SQL like this:
32eab2da 1730
1731 WHERE event_date >= '2/13/99' OR event_date <= '4/24/03'
1732
1733This is probably not what you want given this query, though (look
1734at the dates). To change the "OR" to an "AND", simply specify:
1735
1736 my $sql = SQL::Abstract->new(logic => 'and');
1737
1738Which will change the above C<WHERE> to:
1739
1740 WHERE event_date >= '2/13/99' AND event_date <= '4/24/03'
1741
96449e8e 1742The logic can also be changed locally by inserting
7cac25e6 1743a modifier in front of an arrayref :
96449e8e 1744
9d48860e 1745 @where = (-and => [event_date => {'>=', '2/13/99'},
7cac25e6 1746 event_date => {'<=', '4/24/03'} ]);
96449e8e 1747
1748See the L</"WHERE CLAUSES"> section for explanations.
1749
32eab2da 1750=item convert
1751
1752This will automatically convert comparisons using the specified SQL
1753function for both column and value. This is mostly used with an argument
1754of C<upper> or C<lower>, so that the SQL will have the effect of
1755case-insensitive "searches". For example, this:
1756
1757 $sql = SQL::Abstract->new(convert => 'upper');
1758 %where = (keywords => 'MaKe iT CAse inSeNSItive');
1759
1760Will turn out the following SQL:
1761
1762 WHERE upper(keywords) like upper('MaKe iT CAse inSeNSItive')
1763
1764The conversion can be C<upper()>, C<lower()>, or any other SQL function
1765that can be applied symmetrically to fields (actually B<SQL::Abstract> does
1766not validate this option; it will just pass through what you specify verbatim).
1767
1768=item bindtype
1769
1770This is a kludge because many databases suck. For example, you can't
1771just bind values using DBI's C<execute()> for Oracle C<CLOB> or C<BLOB> fields.
1772Instead, you have to use C<bind_param()>:
1773
1774 $sth->bind_param(1, 'reg data');
1775 $sth->bind_param(2, $lots, {ora_type => ORA_CLOB});
1776
1777The problem is, B<SQL::Abstract> will normally just return a C<@bind> array,
1778which loses track of which field each slot refers to. Fear not.
1779
1780If you specify C<bindtype> in new, you can determine how C<@bind> is returned.
1781Currently, you can specify either C<normal> (default) or C<columns>. If you
1782specify C<columns>, you will get an array that looks like this:
1783
1784 my $sql = SQL::Abstract->new(bindtype => 'columns');
1785 my($stmt, @bind) = $sql->insert(...);
1786
1787 @bind = (
1788 [ 'column1', 'value1' ],
1789 [ 'column2', 'value2' ],
1790 [ 'column3', 'value3' ],
1791 );
1792
1793You can then iterate through this manually, using DBI's C<bind_param()>.
e3f9dff4 1794
32eab2da 1795 $sth->prepare($stmt);
1796 my $i = 1;
1797 for (@bind) {
1798 my($col, $data) = @$_;
1799 if ($col eq 'details' || $col eq 'comments') {
1800 $sth->bind_param($i, $data, {ora_type => ORA_CLOB});
1801 } elsif ($col eq 'image') {
1802 $sth->bind_param($i, $data, {ora_type => ORA_BLOB});
1803 } else {
1804 $sth->bind_param($i, $data);
1805 }
1806 $i++;
1807 }
1808 $sth->execute; # execute without @bind now
1809
1810Now, why would you still use B<SQL::Abstract> if you have to do this crap?
1811Basically, the advantage is still that you don't have to care which fields
1812are or are not included. You could wrap that above C<for> loop in a simple
1813sub called C<bind_fields()> or something and reuse it repeatedly. You still
1814get a layer of abstraction over manual SQL specification.
1815
deb148a2 1816Note that if you set L</bindtype> to C<columns>, the C<\[$sql, @bind]>
1817construct (see L</Literal SQL with placeholders and bind values (subqueries)>)
1818will expect the bind values in this format.
1819
32eab2da 1820=item quote_char
1821
1822This is the character that a table or column name will be quoted
9d48860e 1823with. By default this is an empty string, but you could set it to
32eab2da 1824the character C<`>, to generate SQL like this:
1825
1826 SELECT `a_field` FROM `a_table` WHERE `some_field` LIKE '%someval%'
1827
96449e8e 1828Alternatively, you can supply an array ref of two items, the first being the left
1829hand quote character, and the second the right hand quote character. For
1830example, you could supply C<['[',']']> for SQL Server 2000 compliant quotes
1831that generates SQL like this:
1832
1833 SELECT [a_field] FROM [a_table] WHERE [some_field] LIKE '%someval%'
1834
9d48860e 1835Quoting is useful if you have tables or columns names that are reserved
96449e8e 1836words in your database's SQL dialect.
32eab2da 1837
1838=item name_sep
1839
1840This is the character that separates a table and column name. It is
1841necessary to specify this when the C<quote_char> option is selected,
1842so that tables and column names can be individually quoted like this:
1843
1844 SELECT `table`.`one_field` FROM `table` WHERE `table`.`other_field` = 1
1845
b6251592 1846=item injection_guard
1847
1848A regular expression C<qr/.../> that is applied to any C<-function> and unquoted
1849column name specified in a query structure. This is a safety mechanism to avoid
1850injection attacks when mishandling user input e.g.:
1851
1852 my %condition_as_column_value_pairs = get_values_from_user();
1853 $sqla->select( ... , \%condition_as_column_value_pairs );
1854
1855If the expression matches an exception is thrown. Note that literal SQL
1856supplied via C<\'...'> or C<\['...']> is B<not> checked in any way.
1857
1858Defaults to checking for C<;> and the C<GO> keyword (TransactSQL)
1859
96449e8e 1860=item array_datatypes
32eab2da 1861
9d48860e 1862When this option is true, arrayrefs in INSERT or UPDATE are
1863interpreted as array datatypes and are passed directly
96449e8e 1864to the DBI layer.
1865When this option is false, arrayrefs are interpreted
1866as literal SQL, just like refs to arrayrefs
1867(but this behavior is for backwards compatibility; when writing
1868new queries, use the "reference to arrayref" syntax
1869for literal SQL).
32eab2da 1870
32eab2da 1871
96449e8e 1872=item special_ops
32eab2da 1873
9d48860e 1874Takes a reference to a list of "special operators"
96449e8e 1875to extend the syntax understood by L<SQL::Abstract>.
1876See section L</"SPECIAL OPERATORS"> for details.
32eab2da 1877
59f23b3d 1878=item unary_ops
1879
9d48860e 1880Takes a reference to a list of "unary operators"
59f23b3d 1881to extend the syntax understood by L<SQL::Abstract>.
1882See section L</"UNARY OPERATORS"> for details.
1883
32eab2da 1884
32eab2da 1885
96449e8e 1886=back
32eab2da 1887
02288357 1888=head2 insert($table, \@values || \%fieldvals, \%options)
32eab2da 1889
1890This is the simplest function. You simply give it a table name
1891and either an arrayref of values or hashref of field/value pairs.
1892It returns an SQL INSERT statement and a list of bind values.
96449e8e 1893See the sections on L</"Inserting and Updating Arrays"> and
1894L</"Inserting and Updating SQL"> for information on how to insert
1895with those data types.
32eab2da 1896
02288357 1897The optional C<\%options> hash reference may contain additional
1898options to generate the insert SQL. Currently supported options
1899are:
1900
1901=over 4
1902
1903=item returning
1904
1905Takes either a scalar of raw SQL fields, or an array reference of
1906field names, and adds on an SQL C<RETURNING> statement at the end.
1907This allows you to return data generated by the insert statement
1908(such as row IDs) without performing another C<SELECT> statement.
1909Note, however, this is not part of the SQL standard and may not
1910be supported by all database engines.
1911
1912=back
1913
32eab2da 1914=head2 update($table, \%fieldvals, \%where)
1915
1916This takes a table, hashref of field/value pairs, and an optional
86298391 1917hashref L<WHERE clause|/WHERE CLAUSES>. It returns an SQL UPDATE function and a list
32eab2da 1918of bind values.
96449e8e 1919See the sections on L</"Inserting and Updating Arrays"> and
1920L</"Inserting and Updating SQL"> for information on how to insert
1921with those data types.
32eab2da 1922
96449e8e 1923=head2 select($source, $fields, $where, $order)
32eab2da 1924
9d48860e 1925This returns a SQL SELECT statement and associated list of bind values, as
96449e8e 1926specified by the arguments :
32eab2da 1927
96449e8e 1928=over
32eab2da 1929
96449e8e 1930=item $source
32eab2da 1931
9d48860e 1932Specification of the 'FROM' part of the statement.
96449e8e 1933The argument can be either a plain scalar (interpreted as a table
1934name, will be quoted), or an arrayref (interpreted as a list
1935of table names, joined by commas, quoted), or a scalarref
1936(literal table name, not quoted), or a ref to an arrayref
1937(list of literal table names, joined by commas, not quoted).
32eab2da 1938
96449e8e 1939=item $fields
32eab2da 1940
9d48860e 1941Specification of the list of fields to retrieve from
96449e8e 1942the source.
1943The argument can be either an arrayref (interpreted as a list
9d48860e 1944of field names, will be joined by commas and quoted), or a
96449e8e 1945plain scalar (literal SQL, not quoted).
521647e7 1946Please observe that this API is not as flexible as that of
1947the first argument C<$source>, for backwards compatibility reasons.
32eab2da 1948
96449e8e 1949=item $where
32eab2da 1950
96449e8e 1951Optional argument to specify the WHERE part of the query.
1952The argument is most often a hashref, but can also be
9d48860e 1953an arrayref or plain scalar --
96449e8e 1954see section L<WHERE clause|/"WHERE CLAUSES"> for details.
32eab2da 1955
96449e8e 1956=item $order
32eab2da 1957
96449e8e 1958Optional argument to specify the ORDER BY part of the query.
9d48860e 1959The argument can be a scalar, a hashref or an arrayref
96449e8e 1960-- see section L<ORDER BY clause|/"ORDER BY CLAUSES">
1961for details.
32eab2da 1962
96449e8e 1963=back
32eab2da 1964
32eab2da 1965
1966=head2 delete($table, \%where)
1967
86298391 1968This takes a table name and optional hashref L<WHERE clause|/WHERE CLAUSES>.
32eab2da 1969It returns an SQL DELETE statement and list of bind values.
1970
32eab2da 1971=head2 where(\%where, \@order)
1972
1973This is used to generate just the WHERE clause. For example,
1974if you have an arbitrary data structure and know what the
1975rest of your SQL is going to look like, but want an easy way
1976to produce a WHERE clause, use this. It returns an SQL WHERE
1977clause and list of bind values.
1978
32eab2da 1979
1980=head2 values(\%data)
1981
1982This just returns the values from the hash C<%data>, in the same
1983order that would be returned from any of the other above queries.
1984Using this allows you to markedly speed up your queries if you
1985are affecting lots of rows. See below under the L</"PERFORMANCE"> section.
1986
32eab2da 1987=head2 generate($any, 'number', $of, \@data, $struct, \%types)
1988
1989Warning: This is an experimental method and subject to change.
1990
1991This returns arbitrarily generated SQL. It's a really basic shortcut.
1992It will return two different things, depending on return context:
1993
1994 my($stmt, @bind) = $sql->generate('create table', \$table, \@fields);
1995 my $stmt_and_val = $sql->generate('create table', \$table, \@fields);
1996
1997These would return the following:
1998
1999 # First calling form
2000 $stmt = "CREATE TABLE test (?, ?)";
2001 @bind = (field1, field2);
2002
2003 # Second calling form
2004 $stmt_and_val = "CREATE TABLE test (field1, field2)";
2005
2006Depending on what you're trying to do, it's up to you to choose the correct
2007format. In this example, the second form is what you would want.
2008
2009By the same token:
2010
2011 $sql->generate('alter session', { nls_date_format => 'MM/YY' });
2012
2013Might give you:
2014
2015 ALTER SESSION SET nls_date_format = 'MM/YY'
2016
2017You get the idea. Strings get their case twiddled, but everything
2018else remains verbatim.
2019
32eab2da 2020=head1 WHERE CLAUSES
2021
96449e8e 2022=head2 Introduction
2023
32eab2da 2024This module uses a variation on the idea from L<DBIx::Abstract>. It
2025is B<NOT>, repeat I<not> 100% compatible. B<The main logic of this
2026module is that things in arrays are OR'ed, and things in hashes
2027are AND'ed.>
2028
2029The easiest way to explain is to show lots of examples. After
2030each C<%where> hash shown, it is assumed you used:
2031
2032 my($stmt, @bind) = $sql->where(\%where);
2033
2034However, note that the C<%where> hash can be used directly in any
2035of the other functions as well, as described above.
2036
96449e8e 2037=head2 Key-value pairs
2038
32eab2da 2039So, let's get started. To begin, a simple hash:
2040
2041 my %where = (
2042 user => 'nwiger',
2043 status => 'completed'
2044 );
2045
2046Is converted to SQL C<key = val> statements:
2047
2048 $stmt = "WHERE user = ? AND status = ?";
2049 @bind = ('nwiger', 'completed');
2050
2051One common thing I end up doing is having a list of values that
2052a field can be in. To do this, simply specify a list inside of
2053an arrayref:
2054
2055 my %where = (
2056 user => 'nwiger',
2057 status => ['assigned', 'in-progress', 'pending'];
2058 );
2059
2060This simple code will create the following:
9d48860e 2061
32eab2da 2062 $stmt = "WHERE user = ? AND ( status = ? OR status = ? OR status = ? )";
2063 @bind = ('nwiger', 'assigned', 'in-progress', 'pending');
2064
9d48860e 2065A field associated to an empty arrayref will be considered a
7cac25e6 2066logical false and will generate 0=1.
8a68b5be 2067
b864ba9b 2068=head2 Tests for NULL values
2069
2070If the value part is C<undef> then this is converted to SQL <IS NULL>
2071
2072 my %where = (
2073 user => 'nwiger',
2074 status => undef,
2075 );
2076
2077becomes:
2078
2079 $stmt = "WHERE user = ? AND status IS NULL";
2080 @bind = ('nwiger');
2081
e9614080 2082To test if a column IS NOT NULL:
2083
2084 my %where = (
2085 user => 'nwiger',
2086 status => { '!=', undef },
2087 );
cc422895 2088
6e0c6552 2089=head2 Specific comparison operators
96449e8e 2090
32eab2da 2091If you want to specify a different type of operator for your comparison,
2092you can use a hashref for a given column:
2093
2094 my %where = (
2095 user => 'nwiger',
2096 status => { '!=', 'completed' }
2097 );
2098
2099Which would generate:
2100
2101 $stmt = "WHERE user = ? AND status != ?";
2102 @bind = ('nwiger', 'completed');
2103
2104To test against multiple values, just enclose the values in an arrayref:
2105
96449e8e 2106 status => { '=', ['assigned', 'in-progress', 'pending'] };
2107
f2d5020d 2108Which would give you:
96449e8e 2109
2110 "WHERE status = ? OR status = ? OR status = ?"
2111
2112
2113The hashref can also contain multiple pairs, in which case it is expanded
32eab2da 2114into an C<AND> of its elements:
2115
2116 my %where = (
2117 user => 'nwiger',
2118 status => { '!=', 'completed', -not_like => 'pending%' }
2119 );
2120
2121 # Or more dynamically, like from a form
2122 $where{user} = 'nwiger';
2123 $where{status}{'!='} = 'completed';
2124 $where{status}{'-not_like'} = 'pending%';
2125
2126 # Both generate this
2127 $stmt = "WHERE user = ? AND status != ? AND status NOT LIKE ?";
2128 @bind = ('nwiger', 'completed', 'pending%');
2129
96449e8e 2130
32eab2da 2131To get an OR instead, you can combine it with the arrayref idea:
2132
2133 my %where => (
2134 user => 'nwiger',
1a6f2a03 2135 priority => [ { '=', 2 }, { '>', 5 } ]
32eab2da 2136 );
2137
2138Which would generate:
2139
1a6f2a03 2140 $stmt = "WHERE ( priority = ? OR priority > ? ) AND user = ?";
2141 @bind = ('2', '5', 'nwiger');
32eab2da 2142
44b9e502 2143If you want to include literal SQL (with or without bind values), just use a
2144scalar reference or array reference as the value:
2145
2146 my %where = (
2147 date_entered => { '>' => \["to_date(?, 'MM/DD/YYYY')", "11/26/2008"] },
2148 date_expires => { '<' => \"now()" }
2149 );
2150
2151Which would generate:
2152
2153 $stmt = "WHERE date_entered > "to_date(?, 'MM/DD/YYYY') AND date_expires < now()";
2154 @bind = ('11/26/2008');
2155
96449e8e 2156
2157=head2 Logic and nesting operators
2158
2159In the example above,
2160there is a subtle trap if you want to say something like
32eab2da 2161this (notice the C<AND>):
2162
2163 WHERE priority != ? AND priority != ?
2164
2165Because, in Perl you I<can't> do this:
2166
2167 priority => { '!=', 2, '!=', 1 }
2168
2169As the second C<!=> key will obliterate the first. The solution
2170is to use the special C<-modifier> form inside an arrayref:
2171
9d48860e 2172 priority => [ -and => {'!=', 2},
96449e8e 2173 {'!=', 1} ]
2174
32eab2da 2175
2176Normally, these would be joined by C<OR>, but the modifier tells it
2177to use C<AND> instead. (Hint: You can use this in conjunction with the
2178C<logic> option to C<new()> in order to change the way your queries
2179work by default.) B<Important:> Note that the C<-modifier> goes
2180B<INSIDE> the arrayref, as an extra first element. This will
2181B<NOT> do what you think it might:
2182
2183 priority => -and => [{'!=', 2}, {'!=', 1}] # WRONG!
2184
2185Here is a quick list of equivalencies, since there is some overlap:
2186
2187 # Same
2188 status => {'!=', 'completed', 'not like', 'pending%' }
2189 status => [ -and => {'!=', 'completed'}, {'not like', 'pending%'}]
2190
2191 # Same
2192 status => {'=', ['assigned', 'in-progress']}
2193 status => [ -or => {'=', 'assigned'}, {'=', 'in-progress'}]
2194 status => [ {'=', 'assigned'}, {'=', 'in-progress'} ]
2195
e3f9dff4 2196
2197
96449e8e 2198=head2 Special operators : IN, BETWEEN, etc.
2199
32eab2da 2200You can also use the hashref format to compare a list of fields using the
2201C<IN> comparison operator, by specifying the list as an arrayref:
2202
2203 my %where = (
2204 status => 'completed',
2205 reportid => { -in => [567, 2335, 2] }
2206 );
2207
2208Which would generate:
2209
2210 $stmt = "WHERE status = ? AND reportid IN (?,?,?)";
2211 @bind = ('completed', '567', '2335', '2');
2212
9d48860e 2213The reverse operator C<-not_in> generates SQL C<NOT IN> and is used in
96449e8e 2214the same way.
2215
6e0c6552 2216If the argument to C<-in> is an empty array, 'sqlfalse' is generated
2217(by default : C<1=0>). Similarly, C<< -not_in => [] >> generates
2218'sqltrue' (by default : C<1=1>).
2219
e41c3bdd 2220In addition to the array you can supply a chunk of literal sql or
2221literal sql with bind:
6e0c6552 2222
e41c3bdd 2223 my %where = {
2224 customer => { -in => \[
2225 'SELECT cust_id FROM cust WHERE balance > ?',
2226 2000,
2227 ],
2228 status => { -in => \'SELECT status_codes FROM states' },
2229 };
6e0c6552 2230
e41c3bdd 2231would generate:
2232
2233 $stmt = "WHERE (
2234 customer IN ( SELECT cust_id FROM cust WHERE balance > ? )
2235 AND status IN ( SELECT status_codes FROM states )
2236 )";
2237 @bind = ('2000');
2238
0dfd2442 2239Finally, if the argument to C<-in> is not a reference, it will be
2240treated as a single-element array.
e41c3bdd 2241
2242Another pair of operators is C<-between> and C<-not_between>,
96449e8e 2243used with an arrayref of two values:
32eab2da 2244
2245 my %where = (
2246 user => 'nwiger',
2247 completion_date => {
2248 -not_between => ['2002-10-01', '2003-02-06']
2249 }
2250 );
2251
2252Would give you:
2253
2254 WHERE user = ? AND completion_date NOT BETWEEN ( ? AND ? )
2255
e41c3bdd 2256Just like with C<-in> all plausible combinations of literal SQL
2257are possible:
2258
2259 my %where = {
2260 start0 => { -between => [ 1, 2 ] },
2261 start1 => { -between => \["? AND ?", 1, 2] },
2262 start2 => { -between => \"lower(x) AND upper(y)" },
9d48860e 2263 start3 => { -between => [
e41c3bdd 2264 \"lower(x)",
2265 \["upper(?)", 'stuff' ],
2266 ] },
2267 };
2268
2269Would give you:
2270
2271 $stmt = "WHERE (
2272 ( start0 BETWEEN ? AND ? )
2273 AND ( start1 BETWEEN ? AND ? )
2274 AND ( start2 BETWEEN lower(x) AND upper(y) )
2275 AND ( start3 BETWEEN lower(x) AND upper(?) )
2276 )";
2277 @bind = (1, 2, 1, 2, 'stuff');
2278
2279
9d48860e 2280These are the two builtin "special operators"; but the
96449e8e 2281list can be expanded : see section L</"SPECIAL OPERATORS"> below.
2282
59f23b3d 2283=head2 Unary operators: bool
97a920ef 2284
2285If you wish to test against boolean columns or functions within your
2286database you can use the C<-bool> and C<-not_bool> operators. For
2287example to test the column C<is_user> being true and the column
827bb0eb 2288C<is_enabled> being false you would use:-
97a920ef 2289
2290 my %where = (
2291 -bool => 'is_user',
2292 -not_bool => 'is_enabled',
2293 );
2294
2295Would give you:
2296
277b5d3f 2297 WHERE is_user AND NOT is_enabled
97a920ef 2298
0b604e9d 2299If a more complex combination is required, testing more conditions,
2300then you should use the and/or operators:-
2301
2302 my %where = (
2303 -and => [
2304 -bool => 'one',
2305 -bool => 'two',
2306 -bool => 'three',
2307 -not_bool => 'four',
2308 ],
2309 );
2310
2311Would give you:
2312
2313 WHERE one AND two AND three AND NOT four
97a920ef 2314
2315
107b72f1 2316=head2 Nested conditions, -and/-or prefixes
96449e8e 2317
32eab2da 2318So far, we've seen how multiple conditions are joined with a top-level
2319C<AND>. We can change this by putting the different conditions we want in
2320hashes and then putting those hashes in an array. For example:
2321
2322 my @where = (
2323 {
2324 user => 'nwiger',
2325 status => { -like => ['pending%', 'dispatched'] },
2326 },
2327 {
2328 user => 'robot',
2329 status => 'unassigned',
2330 }
2331 );
2332
2333This data structure would create the following:
2334
2335 $stmt = "WHERE ( user = ? AND ( status LIKE ? OR status LIKE ? ) )
2336 OR ( user = ? AND status = ? ) )";
2337 @bind = ('nwiger', 'pending', 'dispatched', 'robot', 'unassigned');
2338
107b72f1 2339
48d9f5f8 2340Clauses in hashrefs or arrayrefs can be prefixed with an C<-and> or C<-or>
2341to change the logic inside :
32eab2da 2342
2343 my @where = (
2344 -and => [
2345 user => 'nwiger',
48d9f5f8 2346 [
2347 -and => [ workhrs => {'>', 20}, geo => 'ASIA' ],
2348 -or => { workhrs => {'<', 50}, geo => 'EURO' },
32eab2da 2349 ],
2350 ],
2351 );
2352
2353That would yield:
2354
48d9f5f8 2355 WHERE ( user = ? AND (
2356 ( workhrs > ? AND geo = ? )
2357 OR ( workhrs < ? OR geo = ? )
2358 ) )
107b72f1 2359
cc422895 2360=head3 Algebraic inconsistency, for historical reasons
107b72f1 2361
7cac25e6 2362C<Important note>: when connecting several conditions, the C<-and->|C<-or>
2363operator goes C<outside> of the nested structure; whereas when connecting
2364several constraints on one column, the C<-and> operator goes
2365C<inside> the arrayref. Here is an example combining both features :
2366
2367 my @where = (
2368 -and => [a => 1, b => 2],
2369 -or => [c => 3, d => 4],
2370 e => [-and => {-like => 'foo%'}, {-like => '%bar'} ]
2371 )
2372
2373yielding
2374
9d48860e 2375 WHERE ( ( ( a = ? AND b = ? )
2376 OR ( c = ? OR d = ? )
7cac25e6 2377 OR ( e LIKE ? AND e LIKE ? ) ) )
2378
107b72f1 2379This difference in syntax is unfortunate but must be preserved for
2380historical reasons. So be careful : the two examples below would
2381seem algebraically equivalent, but they are not
2382
9d48860e 2383 {col => [-and => {-like => 'foo%'}, {-like => '%bar'}]}
107b72f1 2384 # yields : WHERE ( ( col LIKE ? AND col LIKE ? ) )
2385
9d48860e 2386 [-and => {col => {-like => 'foo%'}, {col => {-like => '%bar'}}]]
107b72f1 2387 # yields : WHERE ( ( col LIKE ? OR col LIKE ? ) )
2388
7cac25e6 2389
cc422895 2390=head2 Literal SQL and value type operators
96449e8e 2391
cc422895 2392The basic premise of SQL::Abstract is that in WHERE specifications the "left
2393side" is a column name and the "right side" is a value (normally rendered as
2394a placeholder). This holds true for both hashrefs and arrayref pairs as you
2395see in the L</WHERE CLAUSES> examples above. Sometimes it is necessary to
2396alter this behavior. There are several ways of doing so.
e9614080 2397
cc422895 2398=head3 -ident
2399
2400This is a virtual operator that signals the string to its right side is an
2401identifier (a column name) and not a value. For example to compare two
2402columns you would write:
32eab2da 2403
e9614080 2404 my %where = (
2405 priority => { '<', 2 },
cc422895 2406 requestor => { -ident => 'submitter' },
e9614080 2407 );
2408
2409which creates:
2410
2411 $stmt = "WHERE priority < ? AND requestor = submitter";
2412 @bind = ('2');
2413
cc422895 2414If you are maintaining legacy code you may see a different construct as
2415described in L</Deprecated usage of Literal SQL>, please use C<-ident> in new
2416code.
2417
2418=head3 -value
e9614080 2419
cc422895 2420This is a virtual operator that signals that the construct to its right side
2421is a value to be passed to DBI. This is for example necessary when you want
2422to write a where clause against an array (for RDBMS that support such
2423datatypes). For example:
e9614080 2424
32eab2da 2425 my %where = (
cc422895 2426 array => { -value => [1, 2, 3] }
32eab2da 2427 );
2428
cc422895 2429will result in:
32eab2da 2430
cc422895 2431 $stmt = 'WHERE array = ?';
2432 @bind = ([1, 2, 3]);
32eab2da 2433
cc422895 2434Note that if you were to simply say:
32eab2da 2435
2436 my %where = (
cc422895 2437 array => [1, 2, 3]
32eab2da 2438 );
2439
3af02ccb 2440the result would probably not be what you wanted:
cc422895 2441
2442 $stmt = 'WHERE array = ? OR array = ? OR array = ?';
2443 @bind = (1, 2, 3);
2444
2445=head3 Literal SQL
96449e8e 2446
cc422895 2447Finally, sometimes only literal SQL will do. To include a random snippet
2448of SQL verbatim, you specify it as a scalar reference. Consider this only
2449as a last resort. Usually there is a better way. For example:
96449e8e 2450
2451 my %where = (
cc422895 2452 priority => { '<', 2 },
2453 requestor => { -in => \'(SELECT name FROM hitmen)' },
96449e8e 2454 );
2455
cc422895 2456Would create:
96449e8e 2457
cc422895 2458 $stmt = "WHERE priority < ? AND requestor IN (SELECT name FROM hitmen)"
2459 @bind = (2);
2460
2461Note that in this example, you only get one bind parameter back, since
2462the verbatim SQL is passed as part of the statement.
2463
2464=head4 CAVEAT
2465
2466 Never use untrusted input as a literal SQL argument - this is a massive
2467 security risk (there is no way to check literal snippets for SQL
2468 injections and other nastyness). If you need to deal with untrusted input
2469 use literal SQL with placeholders as described next.
96449e8e 2470
cc422895 2471=head3 Literal SQL with placeholders and bind values (subqueries)
96449e8e 2472
2473If the literal SQL to be inserted has placeholders and bind values,
2474use a reference to an arrayref (yes this is a double reference --
2475not so common, but perfectly legal Perl). For example, to find a date
2476in Postgres you can use something like this:
2477
2478 my %where = (
2479 date_column => \[q/= date '2008-09-30' - ?::integer/, 10/]
2480 )
2481
2482This would create:
2483
d2a8fe1a 2484 $stmt = "WHERE ( date_column = date '2008-09-30' - ?::integer )"
96449e8e 2485 @bind = ('10');
2486
deb148a2 2487Note that you must pass the bind values in the same format as they are returned
62552e7d 2488by L</where>. That means that if you set L</bindtype> to C<columns>, you must
26f2dca5 2489provide the bind values in the C<< [ column_meta => value ] >> format, where
2490C<column_meta> is an opaque scalar value; most commonly the column name, but
62552e7d 2491you can use any scalar value (including references and blessed references),
2492L<SQL::Abstract> will simply pass it through intact. So if C<bindtype> is set
2493to C<columns> the above example will look like:
deb148a2 2494
2495 my %where = (
2496 date_column => \[q/= date '2008-09-30' - ?::integer/, [ dummy => 10 ]/]
2497 )
96449e8e 2498
2499Literal SQL is especially useful for nesting parenthesized clauses in the
2500main SQL query. Here is a first example :
2501
2502 my ($sub_stmt, @sub_bind) = ("SELECT c1 FROM t1 WHERE c2 < ? AND c3 LIKE ?",
2503 100, "foo%");
2504 my %where = (
2505 foo => 1234,
2506 bar => \["IN ($sub_stmt)" => @sub_bind],
2507 );
2508
2509This yields :
2510
9d48860e 2511 $stmt = "WHERE (foo = ? AND bar IN (SELECT c1 FROM t1
96449e8e 2512 WHERE c2 < ? AND c3 LIKE ?))";
2513 @bind = (1234, 100, "foo%");
2514
9d48860e 2515Other subquery operators, like for example C<"E<gt> ALL"> or C<"NOT IN">,
96449e8e 2516are expressed in the same way. Of course the C<$sub_stmt> and
9d48860e 2517its associated bind values can be generated through a former call
96449e8e 2518to C<select()> :
2519
2520 my ($sub_stmt, @sub_bind)
9d48860e 2521 = $sql->select("t1", "c1", {c2 => {"<" => 100},
96449e8e 2522 c3 => {-like => "foo%"}});
2523 my %where = (
2524 foo => 1234,
2525 bar => \["> ALL ($sub_stmt)" => @sub_bind],
2526 );
2527
2528In the examples above, the subquery was used as an operator on a column;
9d48860e 2529but the same principle also applies for a clause within the main C<%where>
96449e8e 2530hash, like an EXISTS subquery :
2531
9d48860e 2532 my ($sub_stmt, @sub_bind)
96449e8e 2533 = $sql->select("t1", "*", {c1 => 1, c2 => \"> t0.c0"});
48d9f5f8 2534 my %where = ( -and => [
96449e8e 2535 foo => 1234,
48d9f5f8 2536 \["EXISTS ($sub_stmt)" => @sub_bind],
2537 ]);
96449e8e 2538
2539which yields
2540
9d48860e 2541 $stmt = "WHERE (foo = ? AND EXISTS (SELECT * FROM t1
96449e8e 2542 WHERE c1 = ? AND c2 > t0.c0))";
2543 @bind = (1234, 1);
2544
2545
9d48860e 2546Observe that the condition on C<c2> in the subquery refers to
2547column C<t0.c0> of the main query : this is I<not> a bind
2548value, so we have to express it through a scalar ref.
96449e8e 2549Writing C<< c2 => {">" => "t0.c0"} >> would have generated
2550C<< c2 > ? >> with bind value C<"t0.c0"> ... not exactly
2551what we wanted here.
2552
96449e8e 2553Finally, here is an example where a subquery is used
2554for expressing unary negation:
2555
9d48860e 2556 my ($sub_stmt, @sub_bind)
96449e8e 2557 = $sql->where({age => [{"<" => 10}, {">" => 20}]});
2558 $sub_stmt =~ s/^ where //i; # don't want "WHERE" in the subclause
2559 my %where = (
2560 lname => {like => '%son%'},
48d9f5f8 2561 \["NOT ($sub_stmt)" => @sub_bind],
96449e8e 2562 );
2563
2564This yields
2565
2566 $stmt = "lname LIKE ? AND NOT ( age < ? OR age > ? )"
2567 @bind = ('%son%', 10, 20)
2568
cc422895 2569=head3 Deprecated usage of Literal SQL
2570
2571Below are some examples of archaic use of literal SQL. It is shown only as
2572reference for those who deal with legacy code. Each example has a much
2573better, cleaner and safer alternative that users should opt for in new code.
2574
2575=over
2576
2577=item *
2578
2579 my %where = ( requestor => \'IS NOT NULL' )
2580
2581 $stmt = "WHERE requestor IS NOT NULL"
2582
2583This used to be the way of generating NULL comparisons, before the handling
2584of C<undef> got formalized. For new code please use the superior syntax as
2585described in L</Tests for NULL values>.
96449e8e 2586
cc422895 2587=item *
2588
2589 my %where = ( requestor => \'= submitter' )
2590
2591 $stmt = "WHERE requestor = submitter"
2592
2593This used to be the only way to compare columns. Use the superior L</-ident>
2594method for all new code. For example an identifier declared in such a way
2595will be properly quoted if L</quote_char> is properly set, while the legacy
2596form will remain as supplied.
2597
2598=item *
2599
2600 my %where = ( is_ready => \"", completed => { '>', '2012-12-21' } )
2601
2602 $stmt = "WHERE completed > ? AND is_ready"
2603 @bind = ('2012-12-21')
2604
2605Using an empty string literal used to be the only way to express a boolean.
2606For all new code please use the much more readable
2607L<-bool|/Unary operators: bool> operator.
2608
2609=back
96449e8e 2610
2611=head2 Conclusion
2612
32eab2da 2613These pages could go on for a while, since the nesting of the data
2614structures this module can handle are pretty much unlimited (the
2615module implements the C<WHERE> expansion as a recursive function
2616internally). Your best bet is to "play around" with the module a
2617little to see how the data structures behave, and choose the best
2618format for your data based on that.
2619
2620And of course, all the values above will probably be replaced with
2621variables gotten from forms or the command line. After all, if you
2622knew everything ahead of time, you wouldn't have to worry about
2623dynamically-generating SQL and could just hardwire it into your
2624script.
2625
86298391 2626=head1 ORDER BY CLAUSES
2627
9d48860e 2628Some functions take an order by clause. This can either be a scalar (just a
86298391 2629column name,) a hash of C<< { -desc => 'col' } >> or C<< { -asc => 'col' } >>,
1cfa1db3 2630or an array of either of the two previous forms. Examples:
2631
952f9e2d 2632 Given | Will Generate
1cfa1db3 2633 ----------------------------------------------------------
952f9e2d 2634 |
2635 \'colA DESC' | ORDER BY colA DESC
2636 |
2637 'colA' | ORDER BY colA
2638 |
2639 [qw/colA colB/] | ORDER BY colA, colB
2640 |
2641 {-asc => 'colA'} | ORDER BY colA ASC
2642 |
2643 {-desc => 'colB'} | ORDER BY colB DESC
2644 |
2645 ['colA', {-asc => 'colB'}] | ORDER BY colA, colB ASC
2646 |
855e6047 2647 { -asc => [qw/colA colB/] } | ORDER BY colA ASC, colB ASC
952f9e2d 2648 |
2649 [ |
2650 { -asc => 'colA' }, | ORDER BY colA ASC, colB DESC,
2651 { -desc => [qw/colB/], | colC ASC, colD ASC
2652 { -asc => [qw/colC colD/],|
2653 ] |
2654 ===========================================================
86298391 2655
96449e8e 2656
2657
2658=head1 SPECIAL OPERATORS
2659
e3f9dff4 2660 my $sqlmaker = SQL::Abstract->new(special_ops => [
3a2e1a5e 2661 {
2662 regex => qr/.../,
e3f9dff4 2663 handler => sub {
2664 my ($self, $field, $op, $arg) = @_;
2665 ...
3a2e1a5e 2666 },
2667 },
2668 {
2669 regex => qr/.../,
2670 handler => 'method_name',
e3f9dff4 2671 },
2672 ]);
2673
9d48860e 2674A "special operator" is a SQL syntactic clause that can be
e3f9dff4 2675applied to a field, instead of a usual binary operator.
9d48860e 2676For example :
e3f9dff4 2677
2678 WHERE field IN (?, ?, ?)
2679 WHERE field BETWEEN ? AND ?
2680 WHERE MATCH(field) AGAINST (?, ?)
96449e8e 2681
e3f9dff4 2682Special operators IN and BETWEEN are fairly standard and therefore
3a2e1a5e 2683are builtin within C<SQL::Abstract> (as the overridable methods
2684C<_where_field_IN> and C<_where_field_BETWEEN>). For other operators,
2685like the MATCH .. AGAINST example above which is specific to MySQL,
2686you can write your own operator handlers - supply a C<special_ops>
2687argument to the C<new> method. That argument takes an arrayref of
2688operator definitions; each operator definition is a hashref with two
2689entries:
96449e8e 2690
e3f9dff4 2691=over
2692
2693=item regex
2694
2695the regular expression to match the operator
96449e8e 2696
e3f9dff4 2697=item handler
2698
3a2e1a5e 2699Either a coderef or a plain scalar method name. In both cases
2700the expected return is C<< ($sql, @bind) >>.
2701
2702When supplied with a method name, it is simply called on the
2703L<SQL::Abstract/> object as:
2704
2705 $self->$method_name ($field, $op, $arg)
2706
2707 Where:
2708
2709 $op is the part that matched the handler regex
2710 $field is the LHS of the operator
2711 $arg is the RHS
2712
2713When supplied with a coderef, it is called as:
2714
2715 $coderef->($self, $field, $op, $arg)
2716
e3f9dff4 2717
2718=back
2719
9d48860e 2720For example, here is an implementation
e3f9dff4 2721of the MATCH .. AGAINST syntax for MySQL
2722
2723 my $sqlmaker = SQL::Abstract->new(special_ops => [
9d48860e 2724
e3f9dff4 2725 # special op for MySql MATCH (field) AGAINST(word1, word2, ...)
9d48860e 2726 {regex => qr/^match$/i,
e3f9dff4 2727 handler => sub {
2728 my ($self, $field, $op, $arg) = @_;
2729 $arg = [$arg] if not ref $arg;
2730 my $label = $self->_quote($field);
2731 my ($placeholder) = $self->_convert('?');
2732 my $placeholders = join ", ", (($placeholder) x @$arg);
2733 my $sql = $self->_sqlcase('match') . " ($label) "
2734 . $self->_sqlcase('against') . " ($placeholders) ";
2735 my @bind = $self->_bindtype($field, @$arg);
2736 return ($sql, @bind);
2737 }
2738 },
9d48860e 2739
e3f9dff4 2740 ]);
96449e8e 2741
2742
59f23b3d 2743=head1 UNARY OPERATORS
2744
112b5232 2745 my $sqlmaker = SQL::Abstract->new(unary_ops => [
59f23b3d 2746 {
2747 regex => qr/.../,
2748 handler => sub {
2749 my ($self, $op, $arg) = @_;
2750 ...
2751 },
2752 },
2753 {
2754 regex => qr/.../,
2755 handler => 'method_name',
2756 },
2757 ]);
2758
9d48860e 2759A "unary operator" is a SQL syntactic clause that can be
59f23b3d 2760applied to a field - the operator goes before the field
2761
2762You can write your own operator handlers - supply a C<unary_ops>
2763argument to the C<new> method. That argument takes an arrayref of
2764operator definitions; each operator definition is a hashref with two
2765entries:
2766
2767=over
2768
2769=item regex
2770
2771the regular expression to match the operator
2772
2773=item handler
2774
2775Either a coderef or a plain scalar method name. In both cases
2776the expected return is C<< $sql >>.
2777
2778When supplied with a method name, it is simply called on the
2779L<SQL::Abstract/> object as:
2780
2781 $self->$method_name ($op, $arg)
2782
2783 Where:
2784
2785 $op is the part that matched the handler regex
2786 $arg is the RHS or argument of the operator
2787
2788When supplied with a coderef, it is called as:
2789
2790 $coderef->($self, $op, $arg)
2791
2792
2793=back
2794
2795
32eab2da 2796=head1 PERFORMANCE
2797
2798Thanks to some benchmarking by Mark Stosberg, it turns out that
2799this module is many orders of magnitude faster than using C<DBIx::Abstract>.
2800I must admit this wasn't an intentional design issue, but it's a
2801byproduct of the fact that you get to control your C<DBI> handles
2802yourself.
2803
2804To maximize performance, use a code snippet like the following:
2805
2806 # prepare a statement handle using the first row
2807 # and then reuse it for the rest of the rows
2808 my($sth, $stmt);
2809 for my $href (@array_of_hashrefs) {
2810 $stmt ||= $sql->insert('table', $href);
2811 $sth ||= $dbh->prepare($stmt);
2812 $sth->execute($sql->values($href));
2813 }
2814
2815The reason this works is because the keys in your C<$href> are sorted
2816internally by B<SQL::Abstract>. Thus, as long as your data retains
2817the same structure, you only have to generate the SQL the first time
2818around. On subsequent queries, simply use the C<values> function provided
2819by this module to return your values in the correct order.
2820
b864ba9b 2821However this depends on the values having the same type - if, for
2822example, the values of a where clause may either have values
2823(resulting in sql of the form C<column = ?> with a single bind
2824value), or alternatively the values might be C<undef> (resulting in
2825sql of the form C<column IS NULL> with no bind value) then the
2826caching technique suggested will not work.
96449e8e 2827
32eab2da 2828=head1 FORMBUILDER
2829
2830If you use my C<CGI::FormBuilder> module at all, you'll hopefully
2831really like this part (I do, at least). Building up a complex query
2832can be as simple as the following:
2833
2834 #!/usr/bin/perl
2835
2836 use CGI::FormBuilder;
2837 use SQL::Abstract;
2838
2839 my $form = CGI::FormBuilder->new(...);
2840 my $sql = SQL::Abstract->new;
2841
2842 if ($form->submitted) {
2843 my $field = $form->field;
2844 my $id = delete $field->{id};
2845 my($stmt, @bind) = $sql->update('table', $field, {id => $id});
2846 }
2847
2848Of course, you would still have to connect using C<DBI> to run the
2849query, but the point is that if you make your form look like your
2850table, the actual query script can be extremely simplistic.
2851
2852If you're B<REALLY> lazy (I am), check out C<HTML::QuickTable> for
9d48860e 2853a fast interface to returning and formatting data. I frequently
32eab2da 2854use these three modules together to write complex database query
2855apps in under 50 lines.
2856
d8cc1792 2857=head1 REPO
2858
2859=over
2860
6d19fbf9 2861=item * gitweb: L<http://git.shadowcat.co.uk/gitweb/gitweb.cgi?p=dbsrgits/SQL-Abstract.git>
d8cc1792 2862
6d19fbf9 2863=item * git: L<git://git.shadowcat.co.uk/dbsrgits/SQL-Abstract.git>
d8cc1792 2864
2865=back
32eab2da 2866
96449e8e 2867=head1 CHANGES
2868
2869Version 1.50 was a major internal refactoring of C<SQL::Abstract>.
2870Great care has been taken to preserve the I<published> behavior
2871documented in previous versions in the 1.* family; however,
9d48860e 2872some features that were previously undocumented, or behaved
96449e8e 2873differently from the documentation, had to be changed in order
2874to clarify the semantics. Hence, client code that was relying
9d48860e 2875on some dark areas of C<SQL::Abstract> v1.*
96449e8e 2876B<might behave differently> in v1.50.
32eab2da 2877
d2a8fe1a 2878The main changes are :
2879
96449e8e 2880=over
32eab2da 2881
9d48860e 2882=item *
32eab2da 2883
96449e8e 2884support for literal SQL through the C<< \ [$sql, bind] >> syntax.
2885
2886=item *
2887
145fbfc8 2888support for the { operator => \"..." } construct (to embed literal SQL)
2889
2890=item *
2891
9c37b9c0 2892support for the { operator => \["...", @bind] } construct (to embed literal SQL with bind values)
2893
2894=item *
2895
96449e8e 2896optional support for L<array datatypes|/"Inserting and Updating Arrays">
2897
9d48860e 2898=item *
96449e8e 2899
2900defensive programming : check arguments
2901
2902=item *
2903
2904fixed bug with global logic, which was previously implemented
7cac25e6 2905through global variables yielding side-effects. Prior versions would
96449e8e 2906interpret C<< [ {cond1, cond2}, [cond3, cond4] ] >>
2907as C<< "(cond1 AND cond2) OR (cond3 AND cond4)" >>.
2908Now this is interpreted
2909as C<< "(cond1 AND cond2) OR (cond3 OR cond4)" >>.
2910
96449e8e 2911
2912=item *
2913
2914fixed semantics of _bindtype on array args
2915
9d48860e 2916=item *
96449e8e 2917
2918dropped the C<_anoncopy> of the %where tree. No longer necessary,
2919we just avoid shifting arrays within that tree.
2920
2921=item *
2922
2923dropped the C<_modlogic> function
2924
2925=back
32eab2da 2926
32eab2da 2927=head1 ACKNOWLEDGEMENTS
2928
2929There are a number of individuals that have really helped out with
2930this module. Unfortunately, most of them submitted bugs via CPAN
2931so I have no idea who they are! But the people I do know are:
2932
9d48860e 2933 Ash Berlin (order_by hash term support)
b643abe1 2934 Matt Trout (DBIx::Class support)
32eab2da 2935 Mark Stosberg (benchmarking)
2936 Chas Owens (initial "IN" operator support)
2937 Philip Collins (per-field SQL functions)
2938 Eric Kolve (hashref "AND" support)
2939 Mike Fragassi (enhancements to "BETWEEN" and "LIKE")
2940 Dan Kubb (support for "quote_char" and "name_sep")
f5aab26e 2941 Guillermo Roditi (patch to cleanup "IN" and "BETWEEN", fix and tests for _order_by)
48d9f5f8 2942 Laurent Dami (internal refactoring, extensible list of special operators, literal SQL)
dbdf7648 2943 Norbert Buchmuller (support for literal SQL in hashpair, misc. fixes & tests)
e96c510a 2944 Peter Rabbitson (rewrite of SQLA::Test, misc. fixes & tests)
02288357 2945 Oliver Charles (support for "RETURNING" after "INSERT")
32eab2da 2946
2947Thanks!
2948
32eab2da 2949=head1 SEE ALSO
2950
86298391 2951L<DBIx::Class>, L<DBIx::Abstract>, L<CGI::FormBuilder>, L<HTML::QuickTable>.
32eab2da 2952
32eab2da 2953=head1 AUTHOR
2954
b643abe1 2955Copyright (c) 2001-2007 Nathan Wiger <nwiger@cpan.org>. All Rights Reserved.
2956
2957This module is actively maintained by Matt Trout <mst@shadowcatsystems.co.uk>
32eab2da 2958
abe72f94 2959For support, your best bet is to try the C<DBIx::Class> users mailing list.
2960While not an official support venue, C<DBIx::Class> makes heavy use of
2961C<SQL::Abstract>, and as such list members there are very familiar with
2962how to create queries.
2963
0d067ded 2964=head1 LICENSE
2965
d988ab87 2966This module is free software; you may copy this under the same
2967terms as perl itself (either the GNU General Public License or
2968the Artistic License)
32eab2da 2969
2970=cut
2971
Unnamed repository; edit this file 'description' to name the repository.