projects / scpubgit/Q-Branch.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | history | HEAD
burn unneccessary _where_ methods
[scpubgit/Q-Branch.git] / lib / SQL / Abstract.pm
CommitLineData
96449e8e 1package SQL::Abstract; # see doc at end of file
2
96449e8e 3use strict;
4use warnings;
9d9d5bd6 5use Carp ();
312d830b 6use List::Util ();
7use Scalar::Util ();
96449e8e 8
0da0fe34 9use Exporter 'import';
10our @EXPORT_OK = qw(is_plain_value is_literal_value);
11
12BEGIN {
13 if ($] < 5.009_005) {
14 require MRO::Compat;
15 }
16 else {
17 require mro;
18 }
843a94b5 19
20 *SQL::Abstract::_ENV_::DETECT_AUTOGENERATED_STRINGIFICATION = $ENV{SQLA_ISVALUE_IGNORE_AUTOGENERATED_STRINGIFICATION}
21 ? sub () { 0 }
22 : sub () { 1 }
23 ;
0da0fe34 24}
25
96449e8e 26#======================================================================
27# GLOBALS
28#======================================================================
29
dc6afcf8 30our $VERSION = '1.86';
7479e27e 31
22f1a437 32# This would confuse some packagers
c520207b 33$VERSION = eval $VERSION if $VERSION =~ /_/; # numify for warning-free dev releases
96449e8e 34
35our $AUTOLOAD;
36
37# special operators (-in, -between). May be extended/overridden by user.
38# See section WHERE: BUILTIN SPECIAL OPERATORS below for implementation
39my @BUILTIN_SPECIAL_OPS = (
f663e672 40 {regex => qr/^ (?: not \s )? between $/ix, handler => sub { die "NOPE" }},
41 {regex => qr/^ (?: not \s )? in $/ix, handler => sub { die "NOPE" }},
f7778474 42 {regex => qr/^ ident $/ix, handler => sub { die "NOPE" }},
7d7868d1 43 {regex => qr/^ value $/ix, handler => sub { die "NOPE" }},
87c8e45b 44 {regex => qr/^ is (?: \s+ not )? $/ix, handler => sub { die "NOPE" }},
96449e8e 45);
46
97a920ef 47# unaryish operators - key maps to handler
59f23b3d 48my @BUILTIN_UNARY_OPS = (
a47b433a 49 # the digits are backcompat stuff
b8db59b8 50 { regex => qr/^ and (?: [_\s]? \d+ )? $/xi, handler => '_where_op_ANDOR' },
51 { regex => qr/^ or (?: [_\s]? \d+ )? $/xi, handler => '_where_op_ANDOR' },
52 { regex => qr/^ nest (?: [_\s]? \d+ )? $/xi, handler => '_where_op_NEST' },
53 { regex => qr/^ (?: not \s )? bool $/xi, handler => '_where_op_BOOL' },
cc422895 54 { regex => qr/^ ident $/xi, handler => '_where_op_IDENT' },
b9b5a0b1 55 { regex => qr/^ value $/xi, handler => '_where_op_VALUE' },
d13725da 56 { regex => qr/^ op $/xi, handler => '_where_op_OP' },
57 { regex => qr/^ bind $/xi, handler => '_where_op_BIND' },
aa8d7bdb 58 { regex => qr/^ literal $/xi, handler => '_where_op_LITERAL' },
711892b1 59 { regex => qr/^ func $/xi, handler => '_where_op_FUNC' },
59f23b3d 60);
97a920ef 61
96449e8e 62#======================================================================
63# DEBUGGING AND ERROR REPORTING
64#======================================================================
65
66sub _debug {
67 return unless $_[0]->{debug}; shift; # a little faster
68 my $func = (caller(1))[3];
69 warn "[$func] ", @_, "\n";
70}
71
72sub belch (@) {
73 my($func) = (caller(1))[3];
9d9d5bd6 74 Carp::carp "[$func] Warning: ", @_;
96449e8e 75}
76
77sub puke (@) {
78 my($func) = (caller(1))[3];
9d9d5bd6 79 Carp::croak "[$func] Fatal: ", @_;
96449e8e 80}
81
0da0fe34 82sub is_literal_value ($) {
83 ref $_[0] eq 'SCALAR' ? [ ${$_[0]} ]
84 : ( ref $_[0] eq 'REF' and ref ${$_[0]} eq 'ARRAY' ) ? [ @${ $_[0] } ]
0da0fe34 85 : undef;
86}
87
88# FIXME XSify - this can be done so much more efficiently
89sub is_plain_value ($) {
90 no strict 'refs';
966200cc 91 ! length ref $_[0] ? \($_[0])
0da0fe34 92 : (
93 ref $_[0] eq 'HASH' and keys %{$_[0]} == 1
94 and
95 exists $_[0]->{-value}
966200cc 96 ) ? \($_[0]->{-value})
0da0fe34 97 : (
a1c9e0ff 98 # reuse @_ for even moar speedz
99 defined ( $_[1] = Scalar::Util::blessed $_[0] )
0da0fe34 100 and
101 # deliberately not using Devel::OverloadInfo - the checks we are
102 # intersted in are much more limited than the fullblown thing, and
103 # this is a very hot piece of code
104 (
e8d729d4 105 # simply using ->can('(""') can leave behind stub methods that
106 # break actually using the overload later (see L<perldiag/Stub
107 # found while resolving method "%s" overloading "%s" in package
108 # "%s"> and the source of overload::mycan())
44e54b41 109 #
0da0fe34 110 # either has stringification which DBI SHOULD prefer out of the box
a1c9e0ff 111 grep { *{ (qq[${_}::(""]) }{CODE} } @{ $_[2] = mro::get_linear_isa( $_[1] ) }
0da0fe34 112 or
20e178a8 113 # has nummification or boolification, AND fallback is *not* disabled
0da0fe34 114 (
843a94b5 115 SQL::Abstract::_ENV_::DETECT_AUTOGENERATED_STRINGIFICATION
116 and
20e178a8 117 (
118 grep { *{"${_}::(0+"}{CODE} } @{$_[2]}
119 or
120 grep { *{"${_}::(bool"}{CODE} } @{$_[2]}
121 )
0da0fe34 122 and
123 (
124 # no fallback specified at all
a1c9e0ff 125 ! ( ($_[3]) = grep { *{"${_}::()"}{CODE} } @{$_[2]} )
0da0fe34 126 or
127 # fallback explicitly undef
a1c9e0ff 128 ! defined ${"$_[3]::()"}
0da0fe34 129 or
130 # explicitly true
a1c9e0ff 131 !! ${"$_[3]::()"}
0da0fe34 132 )
133 )
134 )
966200cc 135 ) ? \($_[0])
0da0fe34 136 : undef;
137}
138
139
96449e8e 140
141#======================================================================
142# NEW
143#======================================================================
144
145sub new {
146 my $self = shift;
147 my $class = ref($self) || $self;
148 my %opt = (ref $_[0] eq 'HASH') ? %{$_[0]} : @_;
149
150 # choose our case by keeping an option around
151 delete $opt{case} if $opt{case} && $opt{case} ne 'lower';
152
153 # default logic for interpreting arrayrefs
ef559da3 154 $opt{logic} = $opt{logic} ? uc $opt{logic} : 'OR';
96449e8e 155
156 # how to return bind vars
96449e8e 157 $opt{bindtype} ||= 'normal';
158
159 # default comparison is "=", but can be overridden
160 $opt{cmp} ||= '=';
161
3af02ccb 162 # try to recognize which are the 'equality' and 'inequality' ops
3cdadcbe 163 # (temporary quickfix (in 2007), should go through a more seasoned API)
164 $opt{equality_op} = qr/^( \Q$opt{cmp}\E | \= )$/ix;
165 $opt{inequality_op} = qr/^( != | <> )$/ix;
166
167 $opt{like_op} = qr/^ (is\s+)? r?like $/xi;
168 $opt{not_like_op} = qr/^ (is\s+)? not \s+ r?like $/xi;
96449e8e 169
170 # SQL booleans
171 $opt{sqltrue} ||= '1=1';
172 $opt{sqlfalse} ||= '0=1';
173
9d48860e 174 # special operators
99a65fa8 175 $opt{user_special_ops} = [ @{$opt{special_ops} ||= []} ];
b6251592 176 # regexes are applied in order, thus push after user-defines
96449e8e 177 push @{$opt{special_ops}}, @BUILTIN_SPECIAL_OPS;
178
9d48860e 179 # unary operators
59f23b3d 180 $opt{unary_ops} ||= [];
181 push @{$opt{unary_ops}}, @BUILTIN_UNARY_OPS;
182
3af02ccb 183 # rudimentary sanity-check for user supplied bits treated as functions/operators
b6251592 184 # If a purported function matches this regular expression, an exception is thrown.
185 # Literal SQL is *NOT* subject to this check, only functions (and column names
186 # when quoting is not in effect)
96449e8e 187
b6251592 188 # FIXME
189 # need to guard against ()'s in column names too, but this will break tons of
190 # hacks... ideas anyone?
191 $opt{injection_guard} ||= qr/
192 \;
193 |
194 ^ \s* go \s
195 /xmi;
96449e8e 196
b6251592 197 return bless \%opt, $class;
198}
96449e8e 199
e175845b 200sub sqltrue { +{ -literal => [ $_[0]->{sqltrue} ] } }
201sub sqlfalse { +{ -literal => [ $_[0]->{sqlfalse} ] } }
170e6c33 202
203sub _assert_pass_injection_guard {
204 if ($_[1] =~ $_[0]->{injection_guard}) {
205 my $class = ref $_[0];
206 puke "Possible SQL injection attempt '$_[1]'. If this is indeed a part of the "
207 . "desired SQL use literal SQL ( \'...' or \[ '...' ] ) or supply your own "
208 . "{injection_guard} attribute to ${class}->new()"
209 }
210}
211
212
96449e8e 213#======================================================================
214# INSERT methods
215#======================================================================
216
217sub insert {
02288357 218 my $self = shift;
219 my $table = $self->_table(shift);
220 my $data = shift || return;
221 my $options = shift;
96449e8e 222
223 my $method = $self->_METHOD_FOR_refkind("_insert", $data);
02288357 224 my ($sql, @bind) = $self->$method($data);
96449e8e 225 $sql = join " ", $self->_sqlcase('insert into'), $table, $sql;
02288357 226
e82e648a 227 if ($options->{returning}) {
ca4f826a 228 my ($s, @b) = $self->_insert_returning($options);
e82e648a 229 $sql .= $s;
230 push @bind, @b;
02288357 231 }
232
96449e8e 233 return wantarray ? ($sql, @bind) : $sql;
234}
235
60f3fd3f 236# So that subclasses can override INSERT ... RETURNING separately from
237# UPDATE and DELETE (e.g. DBIx::Class::SQLMaker::Oracle does this)
b17a3ece 238sub _insert_returning { shift->_returning(@_) }
239
95904db5 240sub _returning {
e82e648a 241 my ($self, $options) = @_;
6b1fe79d 242
e82e648a 243 my $f = $options->{returning};
244
245 my $fieldlist = $self->_SWITCH_refkind($f, {
246 ARRAYREF => sub {join ', ', map { $self->_quote($_) } @$f;},
247 SCALAR => sub {$self->_quote($f)},
248 SCALARREF => sub {$$f},
6b1fe79d 249 });
e82e648a 250 return $self->_sqlcase(' returning ') . $fieldlist;
6b1fe79d 251}
252
96449e8e 253sub _insert_HASHREF { # explicit list of fields and then values
254 my ($self, $data) = @_;
255
256 my @fields = sort keys %$data;
257
fe3ae272 258 my ($sql, @bind) = $self->_insert_values($data);
96449e8e 259
260 # assemble SQL
261 $_ = $self->_quote($_) foreach @fields;
262 $sql = "( ".join(", ", @fields).") ".$sql;
263
264 return ($sql, @bind);
265}
266
267sub _insert_ARRAYREF { # just generate values(?,?) part (no list of fields)
268 my ($self, $data) = @_;
269
270 # no names (arrayref) so can't generate bindtype
271 $self->{bindtype} ne 'columns'
272 or belch "can't do 'columns' bindtype when called with arrayref";
273
19b6ccce 274 my (@values, @all_bind);
275 foreach my $value (@$data) {
276 my ($values, @bind) = $self->_insert_value(undef, $value);
277 push @values, $values;
278 push @all_bind, @bind;
279 }
280 my $sql = $self->_sqlcase('values')." ( ".join(", ", @values)." )";
281 return ($sql, @all_bind);
fe3ae272 282}
283
284sub _insert_ARRAYREFREF { # literal SQL with bind
285 my ($self, $data) = @_;
286
287 my ($sql, @bind) = @${$data};
288 $self->_assert_bindval_matches_bindtype(@bind);
289
290 return ($sql, @bind);
291}
292
293
294sub _insert_SCALARREF { # literal SQL without bind
295 my ($self, $data) = @_;
296
297 return ($$data);
298}
299
300sub _insert_values {
301 my ($self, $data) = @_;
302
96449e8e 303 my (@values, @all_bind);
fe3ae272 304 foreach my $column (sort keys %$data) {
19b6ccce 305 my ($values, @bind) = $self->_insert_value($column, $data->{$column});
306 push @values, $values;
307 push @all_bind, @bind;
308 }
309 my $sql = $self->_sqlcase('values')." ( ".join(", ", @values)." )";
310 return ($sql, @all_bind);
311}
96449e8e 312
19b6ccce 313sub _insert_value {
314 my ($self, $column, $v) = @_;
96449e8e 315
19b6ccce 316 my (@values, @all_bind);
317 $self->_SWITCH_refkind($v, {
96449e8e 318
19b6ccce 319 ARRAYREF => sub {
320 if ($self->{array_datatypes}) { # if array datatype are activated
96449e8e 321 push @values, '?';
fe3ae272 322 push @all_bind, $self->_bindtype($column, $v);
19b6ccce 323 }
324 else { # else literal SQL with bind
325 my ($sql, @bind) = @$v;
326 $self->_assert_bindval_matches_bindtype(@bind);
327 push @values, $sql;
328 push @all_bind, @bind;
329 }
330 },
331
332 ARRAYREFREF => sub { # literal SQL with bind
333 my ($sql, @bind) = @${$v};
334 $self->_assert_bindval_matches_bindtype(@bind);
335 push @values, $sql;
336 push @all_bind, @bind;
337 },
338
be21dde3 339 # THINK: anything useful to do with a HASHREF ?
19b6ccce 340 HASHREF => sub { # (nothing, but old SQLA passed it through)
341 #TODO in SQLA >= 2.0 it will die instead
342 belch "HASH ref as bind value in insert is not supported";
343 push @values, '?';
344 push @all_bind, $self->_bindtype($column, $v);
345 },
346
347 SCALARREF => sub { # literal SQL without bind
348 push @values, $$v;
349 },
350
351 SCALAR_or_UNDEF => sub {
352 push @values, '?';
353 push @all_bind, $self->_bindtype($column, $v);
354 },
96449e8e 355
19b6ccce 356 });
96449e8e 357
19b6ccce 358 my $sql = join(", ", @values);
96449e8e 359 return ($sql, @all_bind);
360}
361
362
96449e8e 363
364#======================================================================
365# UPDATE methods
366#======================================================================
367
368
369sub update {
95904db5 370 my $self = shift;
371 my $table = $self->_table(shift);
372 my $data = shift || return;
373 my $where = shift;
374 my $options = shift;
96449e8e 375
376 # first build the 'SET' part of the sql statement
96449e8e 377 puke "Unsupported data type specified to \$sql->update"
378 unless ref $data eq 'HASH';
379
9ade906e 380 my ($sql, @all_bind) = $self->_update_set_values($data);
a9e94508 381 $sql = $self->_sqlcase('update ') . $table . $self->_sqlcase(' set ')
9ade906e 382 . $sql;
383
384 if ($where) {
385 my($where_sql, @where_bind) = $self->where($where);
386 $sql .= $where_sql;
387 push @all_bind, @where_bind;
388 }
389
390 if ($options->{returning}) {
391 my ($returning_sql, @returning_bind) = $self->_update_returning($options);
392 $sql .= $returning_sql;
393 push @all_bind, @returning_bind;
394 }
395
396 return wantarray ? ($sql, @all_bind) : $sql;
397}
398
399sub _update_set_values {
400 my ($self, $data) = @_;
401
402 my (@set, @all_bind);
96449e8e 403 for my $k (sort keys %$data) {
404 my $v = $data->{$k};
405 my $r = ref $v;
406 my $label = $self->_quote($k);
407
408 $self->_SWITCH_refkind($v, {
9d48860e 409 ARRAYREF => sub {
96449e8e 410 if ($self->{array_datatypes}) { # array datatype
411 push @set, "$label = ?";
412 push @all_bind, $self->_bindtype($k, $v);
413 }
414 else { # literal SQL with bind
415 my ($sql, @bind) = @$v;
fe3ae272 416 $self->_assert_bindval_matches_bindtype(@bind);
96449e8e 417 push @set, "$label = $sql";
fe3ae272 418 push @all_bind, @bind;
96449e8e 419 }
420 },
421 ARRAYREFREF => sub { # literal SQL with bind
422 my ($sql, @bind) = @${$v};
fe3ae272 423 $self->_assert_bindval_matches_bindtype(@bind);
96449e8e 424 push @set, "$label = $sql";
fe3ae272 425 push @all_bind, @bind;
96449e8e 426 },
427 SCALARREF => sub { # literal SQL without bind
428 push @set, "$label = $$v";
0ec3aec7 429 },
430 HASHREF => sub {
431 my ($op, $arg, @rest) = %$v;
432
433 puke 'Operator calls in update must be in the form { -op => $arg }'
434 if (@rest or not $op =~ /^\-(.+)/);
435
cbb4eeaf 436 local our $Cur_Col_Meta = $k;
437 my ($sql, @bind) = $self->_render_expr(
438 $self->_expand_expr_hashpair($op, $arg)
439 );
0ec3aec7 440
441 push @set, "$label = $sql";
442 push @all_bind, @bind;
443 },
96449e8e 444 SCALAR_or_UNDEF => sub {
445 push @set, "$label = ?";
446 push @all_bind, $self->_bindtype($k, $v);
447 },
448 });
449 }
450
451 # generate sql
9ade906e 452 my $sql = join ', ', @set;
96449e8e 453
9ade906e 454 return ($sql, @all_bind);
96449e8e 455}
456
60f3fd3f 457# So that subclasses can override UPDATE ... RETURNING separately from
458# INSERT and DELETE
20bb2ad5 459sub _update_returning { shift->_returning(@_) }
96449e8e 460
461
462
463#======================================================================
464# SELECT
465#======================================================================
466
467
468sub select {
469 my $self = shift;
470 my $table = $self->_table(shift);
471 my $fields = shift || '*';
472 my $where = shift;
473 my $order = shift;
474
daa4ccdd 475 my ($fields_sql, @bind) = $self->_select_fields($fields);
96449e8e 476
daa4ccdd 477 my ($where_sql, @where_bind) = $self->where($where, $order);
478 push @bind, @where_bind;
479
480 my $sql = join(' ', $self->_sqlcase('select'), $fields_sql,
96449e8e 481 $self->_sqlcase('from'), $table)
482 . $where_sql;
483
9d48860e 484 return wantarray ? ($sql, @bind) : $sql;
96449e8e 485}
486
daa4ccdd 487sub _select_fields {
488 my ($self, $fields) = @_;
489 return ref $fields eq 'ARRAY' ? join ', ', map { $self->_quote($_) } @$fields
490 : $fields;
491}
492
96449e8e 493#======================================================================
494# DELETE
495#======================================================================
496
497
498sub delete {
85327cd5 499 my $self = shift;
500 my $table = $self->_table(shift);
501 my $where = shift;
502 my $options = shift;
96449e8e 503
504 my($where_sql, @bind) = $self->where($where);
a9e94508 505 my $sql = $self->_sqlcase('delete from ') . $table . $where_sql;
96449e8e 506
85327cd5 507 if ($options->{returning}) {
ca4f826a 508 my ($returning_sql, @returning_bind) = $self->_delete_returning($options);
85327cd5 509 $sql .= $returning_sql;
510 push @bind, @returning_bind;
511 }
512
9d48860e 513 return wantarray ? ($sql, @bind) : $sql;
96449e8e 514}
515
60f3fd3f 516# So that subclasses can override DELETE ... RETURNING separately from
517# INSERT and UPDATE
85327cd5 518sub _delete_returning { shift->_returning(@_) }
519
520
96449e8e 521
522#======================================================================
523# WHERE: entry point
524#======================================================================
525
526
527
528# Finally, a separate routine just to handle WHERE clauses
529sub where {
530 my ($self, $where, $order) = @_;
531
532 # where ?
e175845b 533 my ($sql, @bind) = defined($where)
534 ? $self->_recurse_where($where)
535 : (undef);
417dd15e 536 $sql = (defined $sql and length $sql) ? $self->_sqlcase(' where ') . "( $sql )" : '';
96449e8e 537
538 # order by?
539 if ($order) {
26fe4d30 540 my ($order_sql, @order_bind) = $self->_order_by($order);
541 $sql .= $order_sql;
542 push @bind, @order_bind;
96449e8e 543 }
544
9d48860e 545 return wantarray ? ($sql, @bind) : $sql;
96449e8e 546}
547
a2cd381d 548sub _expand_expr {
549 my ($self, $expr, $logic) = @_;
252518da 550 return undef unless defined($expr);
59588695 551 if (ref($expr) eq 'HASH') {
552 if (keys %$expr > 1) {
553 $logic ||= 'and';
77617257 554 return +{ -op => [
555 $logic,
59588695 556 map $self->_expand_expr_hashpair($_ => $expr->{$_}, $logic),
557 sort keys %$expr
558 ] };
559 }
99a65fa8 560 return unless %$expr;
59588695 561 return $self->_expand_expr_hashpair(%$expr, $logic);
a2cd381d 562 }
08264f40 563 if (ref($expr) eq 'ARRAY') {
99a65fa8 564 my $logic = lc($logic || $self->{logic});
08264f40 565 $logic eq 'and' or $logic eq 'or' or puke "unknown logic: $logic";
566
567 my @expr = @$expr;
568
569 my @res;
570
571 while (my ($el) = splice @expr, 0, 1) {
572 puke "Supplying an empty left hand side argument is not supported in array-pairs"
573 unless defined($el) and length($el);
574 my $elref = ref($el);
575 if (!$elref) {
576 push(@res, $self->_expand_expr({ $el, shift(@expr) }));
577 } elsif ($elref eq 'ARRAY') {
578 push(@res, $self->_expand_expr($el)) if @$el;
ec857800 579 } elsif (my $l = is_literal_value($el)) {
580 push @res, { -literal => $l };
08264f40 581 } elsif ($elref eq 'HASH') {
582 push @res, $self->_expand_expr($el);
583 } else {
da4a0964 584 die "notreached";
08264f40 585 }
586 }
2143604f 587 return { -op => [ $logic, @res ] };
08264f40 588 }
ca3da680 589 if (my $literal = is_literal_value($expr)) {
590 return +{ -literal => $literal };
591 }
99a65fa8 592 if (!ref($expr) or Scalar::Util::blessed($expr)) {
593 if (my $m = our $Cur_Col_Meta) {
594 return +{ -bind => [ $m, $expr ] };
595 }
252518da 596 return +{ -value => $expr };
597 }
252518da 598 die "notreached";
a2cd381d 599}
96449e8e 600
59588695 601sub _expand_expr_hashpair {
602 my ($self, $k, $v, $logic) = @_;
d13725da 603 unless (defined($k) and length($k)) {
2d64004f 604 if (defined($k) and my $literal = is_literal_value($v)) {
d13725da 605 belch 'Hash-pairs consisting of an empty string with a literal are deprecated, and will be removed in 2.0: use -and => [ $literal ] instead';
2d64004f 606 return { -literal => $literal };
d13725da 607 }
608 puke "Supplying an empty left hand side argument is not supported";
609 }
ef071fad 610 if ($k =~ /^-/) {
99a65fa8 611 $self->_assert_pass_injection_guard($k =~ /^-(.*)$/s);
612 if ($k =~ s/ [_\s]? \d+ $//x ) {
613 belch 'Use of [and|or|nest]_N modifiers is deprecated and will be removed in SQLA v2.0. '
614 . "You probably wanted ...-and => [ $k => COND1, $k => COND2 ... ]";
615 }
ef071fad 616 if ($k eq '-nest') {
617 return $self->_expand_expr($v);
618 }
6ab1562a 619 if ($k eq '-bool') {
620 if (ref($v)) {
621 return $self->_expand_expr($v);
622 }
623 puke "-bool => undef not supported" unless defined($v);
624 return { -ident => $v };
625 }
99a65fa8 626 if ($k eq '-not') {
0c7e3af0 627 return { -op => [ 'not', $self->_expand_expr($v) ] };
99a65fa8 628 }
ce3bc4b0 629 if (my ($rest) = $k =~/^-not[_ ](.*)$/) {
0c7e3af0 630 return +{ -op => [
631 'not',
99a65fa8 632 $self->_expand_expr_hashpair("-${rest}", $v, $logic)
0c7e3af0 633 ] };
ce3bc4b0 634 }
99a65fa8 635 if (my ($logic) = $k =~ /^-(and|or)$/i) {
dd2d5bf7 636 if (ref($v) eq 'HASH') {
637 return $self->_expand_expr($v, $logic);
638 }
99a65fa8 639 if (ref($v) eq 'ARRAY') {
640 return $self->_expand_expr($v, $logic);
641 }
dd2d5bf7 642 }
99a65fa8 643 {
644 my $op = $k;
645 $op =~ s/^-// if length($op) > 1;
646
647 # top level special ops are illegal in general
648 puke "Illegal use of top-level '-$op'"
649 if !(defined $self->{_nested_func_lhs})
650 and List::Util::first { $op =~ $_->{regex} } @{$self->{special_ops}}
651 and not List::Util::first { $op =~ $_->{regex} } @{$self->{unary_ops}};
652 }
653 if ($k eq '-value' and my $m = our $Cur_Col_Meta) {
654 return +{ -bind => [ $m, $v ] };
655 }
711892b1 656 if ($k eq '-op' or $k eq '-ident' or $k eq '-value' or $k eq '-bind' or $k eq '-literal' or $k eq '-func') {
99a65fa8 657 return { $k => $v };
d13725da 658 }
711892b1 659 if (
660 ref($v) eq 'HASH'
661 and keys %$v == 1
662 and (keys %$v)[0] =~ /^-/
663 ) {
664 my ($func) = $k =~ /^-(.*)$/;
665 return +{ -func => [ $func, $self->_expand_expr($v) ] };
666 }
667 if (!ref($v) or is_literal_value($v)) {
99a65fa8 668 return +{ -op => [ $k =~ /^-(.*)$/, $self->_expand_expr($v) ] };
59588695 669 }
99a65fa8 670 }
671 if (
672 !defined($v)
673 or (
674 ref($v) eq 'HASH'
675 and exists $v->{-value}
676 and not defined $v->{-value}
677 )
678 ) {
679 return $self->_expand_expr_hashpair($k => { $self->{cmp} => undef });
680 }
681 if (!ref($v) or Scalar::Util::blessed($v)) {
682 return +{
683 -op => [
684 $self->{cmp},
685 { -ident => $k },
686 { -bind => [ $k, $v ] }
687 ]
688 };
689 }
690 if (ref($v) eq 'HASH') {
691 if (keys %$v > 1) {
e175845b 692 return { -op => [
693 'and',
99a65fa8 694 map $self->_expand_expr_hashpair($k => { $_ => $v->{$_} }),
695 sort keys %$v
696 ] };
697 }
698 my ($vk, $vv) = %$v;
699 $vk =~ s/^-//;
700 $vk = lc($vk);
701 $self->_assert_pass_injection_guard($vk);
702 if ($vk =~ s/ [_\s]? \d+ $//x ) {
703 belch 'Use of [and|or|nest]_N modifiers is deprecated and will be removed in SQLA v2.0. '
704 . "You probably wanted ...-and => [ -$vk => COND1, -$vk => COND2 ... ]";
705 }
706 if ($vk =~ /^(?:not[ _])?between$/) {
707 local our $Cur_Col_Meta = $k;
708 my @rhs = map $self->_expand_expr($_),
709 ref($vv) eq 'ARRAY' ? @$vv : $vv;
710 unless (
711 (@rhs == 1 and ref($rhs[0]) eq 'HASH' and $rhs[0]->{-literal})
712 or
713 (@rhs == 2 and defined($rhs[0]) and defined($rhs[1]))
714 ) {
715 puke "Operator '${\uc($vk)}' requires either an arrayref with two defined values or expressions, or a single literal scalarref/arrayref-ref";
b5b18861 716 }
99a65fa8 717 return +{ -op => [
718 join(' ', split '_', $vk),
719 { -ident => $k },
720 @rhs
721 ] }
722 }
723 if ($vk =~ /^(?:not[ _])?in$/) {
724 if (my $literal = is_literal_value($vv)) {
725 my ($sql, @bind) = @$literal;
726 my $opened_sql = $self->_open_outer_paren($sql);
10d07c4e 727 return +{ -op => [
99a65fa8 728 $vk, { -ident => $k },
729 [ { -literal => [ $opened_sql, @bind ] } ]
10d07c4e 730 ] };
731 }
99a65fa8 732 my $undef_err =
733 'SQL::Abstract before v1.75 used to generate incorrect SQL when the '
734 . "-${\uc($vk)} operator was given an undef-containing list: !!!AUDIT YOUR CODE "
735 . 'AND DATA!!! (the upcoming Data::Query-based version of SQL::Abstract '
736 . 'will emit the logically correct SQL instead of raising this exception)'
737 ;
738 puke("Argument passed to the '${\uc($vk)}' operator can not be undefined")
739 if !defined($vv);
740 my @rhs = map $self->_expand_expr($_),
741 map { ref($_) ? $_ : { -bind => [ $k, $_ ] } }
742 map { defined($_) ? $_: puke($undef_err) }
743 (ref($vv) eq 'ARRAY' ? @$vv : $vv);
e175845b 744 return $self->${\($vk =~ /^not/ ? 'sqltrue' : 'sqlfalse')} unless @rhs;
99a65fa8 745
746 return +{ -op => [
747 join(' ', split '_', $vk),
748 { -ident => $k },
749 \@rhs
750 ] };
751 }
752 if ($vk eq 'ident') {
753 if (! defined $vv or ref $vv) {
754 puke "-$vk requires a single plain scalar argument (a quotable identifier)";
f7778474 755 }
99a65fa8 756 return +{ -op => [
757 $self->{cmp},
758 { -ident => $k },
759 { -ident => $vv }
760 ] };
761 }
762 if ($vk eq 'value') {
763 return $self->_expand_expr_hashpair($k, undef) unless defined($vv);
764 return +{ -op => [
765 $self->{cmp},
766 { -ident => $k },
767 { -bind => [ $k, $vv ] }
768 ] };
769 }
770 if ($vk =~ /^is(?:[ _]not)?$/) {
771 puke "$vk can only take undef as argument"
772 if defined($vv)
773 and not (
774 ref($vv) eq 'HASH'
775 and exists($vv->{-value})
776 and !defined($vv->{-value})
777 );
778 $vk =~ s/_/ /g;
779 return +{ -op => [ $vk.' null', { -ident => $k } ] };
780 }
781 if ($vk =~ /^(and|or)$/) {
782 if (ref($vv) eq 'HASH') {
e62fe58a 783 return +{ -op => [
784 $vk,
99a65fa8 785 map $self->_expand_expr_hashpair($k, { $_ => $vv->{$_} }),
786 sort keys %$vv
7d7868d1 787 ] };
788 }
e28d9b13 789 }
99a65fa8 790 if (my $us = List::Util::first { $vk =~ $_->{regex} } @{$self->{user_special_ops}}) {
791 return { -op => [ $vk, { -ident => $k }, $vv ] };
7dbe1183 792 }
99a65fa8 793 if (ref($vv) eq 'ARRAY') {
794 my ($logic, @values) = (
795 (defined($vv->[0]) and $vv->[0] =~ /^-(and|or)$/i)
796 ? @$vv
797 : (-or => @$vv)
798 );
799 if (
800 $vk =~ $self->{inequality_op}
801 or join(' ', split '_', $vk) =~ $self->{not_like_op}
802 ) {
803 if (lc($logic) eq '-or' and @values > 1) {
804 my $op = uc join ' ', split '_', $vk;
805 belch "A multi-element arrayref as an argument to the inequality op '$op' "
806 . 'is technically equivalent to an always-true 1=1 (you probably wanted '
807 . "to say ...{ \$inequality_op => [ -and => \@values ] }... instead)"
808 ;
809 }
ef071fad 810 }
b3cb13e8 811 unless (@values) {
812 # try to DWIM on equality operators
813 my $op = join ' ', split '_', $vk;
814 return
e175845b 815 $op =~ $self->{equality_op} ? $self->sqlfalse
816 : $op =~ $self->{like_op} ? belch("Supplying an empty arrayref to '@{[ uc $op]}' is deprecated") && $self->sqlfalse
817 : $op =~ $self->{inequality_op} ? $self->sqltrue
818 : $op =~ $self->{not_like_op} ? belch("Supplying an empty arrayref to '@{[ uc $op]}' is deprecated") && $self->sqltrue
b3cb13e8 819 : puke "operator '$op' applied on an empty array (field '$k')";
820 }
63c97a0b 821 return +{ -op => [
822 $logic =~ /^-(.*)$/,
99a65fa8 823 map $self->_expand_expr_hashpair($k => { $vk => $_ }),
824 @values
825 ] };
826 }
827 if (
828 !defined($vv)
829 or (
830 ref($vv) eq 'HASH'
831 and exists $vv->{-value}
832 and not defined $vv->{-value}
833 )
834 ) {
835 my $op = join ' ', split '_', $vk;
836 my $is =
837 $op =~ /^not$/i ? 'is not' # legacy
838 : $op =~ $self->{equality_op} ? 'is'
839 : $op =~ $self->{like_op} ? belch("Supplying an undefined argument to '@{[ uc $op]}' is deprecated") && 'is'
840 : $op =~ $self->{inequality_op} ? 'is not'
841 : $op =~ $self->{not_like_op} ? belch("Supplying an undefined argument to '@{[ uc $op]}' is deprecated") && 'is not'
842 : puke "unexpected operator '$op' with undef operand";
843 return +{ -op => [ $is.' null', { -ident => $k } ] };
844 }
845 local our $Cur_Col_Meta = $k;
846 return +{ -op => [
847 $vk,
848 { -ident => $k },
849 $self->_expand_expr($vv)
850 ] };
851 }
852 if (ref($v) eq 'ARRAY') {
e175845b 853 return $self->sqlfalse unless @$v;
99a65fa8 854 $self->_debug("ARRAY($k) means distribute over elements");
855 my $this_logic = (
856 $v->[0] =~ /^-((?:and|or))$/i
857 ? ($v = [ @{$v}[1..$#$v] ], $1)
858 : ($self->{logic} || 'or')
859 );
cba28f66 860 return +{ -op => [
861 $this_logic,
862 map $self->_expand_expr({ $k => $_ }, $this_logic), @$v
863 ] };
99a65fa8 864 }
865 if (my $literal = is_literal_value($v)) {
866 unless (length $k) {
867 belch 'Hash-pairs consisting of an empty string with a literal are deprecated, and will be removed in 2.0: use -and => [ $literal ] instead';
868 return \$literal;
869 }
870 my ($sql, @bind) = @$literal;
871 if ($self->{bindtype} eq 'columns') {
872 for (@bind) {
873 if (!defined $_ || ref($_) ne 'ARRAY' || @$_ != 2) {
874 puke "bindtype 'columns' selected, you need to pass: [column_name => bind_value]"
aa8d7bdb 875 }
876 }
331e2209 877 }
99a65fa8 878 return +{ -literal => [ $self->_quote($k).' '.$sql, @bind ] };
331e2209 879 }
99a65fa8 880 die "notreached";
59588695 881}
882
e175845b 883sub _render_expr {
884 my ($self, $expr) = @_;
885 my ($k, $v, @rest) = %$expr;
886 die "No" if @rest;
887 my %op = map +("-$_" => '_where_op_'.uc($_)),
888 qw(op func value bind ident literal);
889 if (my $meth = $op{$k}) {
890 return $self->$meth(undef, $v);
891 }
892 die "notreached: $k";
893}
894
96449e8e 895sub _recurse_where {
896 my ($self, $where, $logic) = @_;
897
99a65fa8 898#print STDERR Data::Dumper::Concise::Dumper([ $where, $logic ]);
899
a2cd381d 900 my $where_exp = $self->_expand_expr($where, $logic);
901
99a65fa8 902#print STDERR Data::Dumper::Concise::Dumper([ EXP => $where_exp ]);
903
96449e8e 904 # dispatch on appropriate method according to refkind of $where
e175845b 905# my $method = $self->_METHOD_FOR_refkind("_where", $where_exp);
906
907# my ($sql, @bind) = $self->$method($where_exp, $logic);
311b2151 908
e175845b 909 my ($sql, @bind) = defined($where_exp) ? $self->_render_expr($where_exp) : (undef);
311b2151 910
abe1a491 911 # DBIx::Class used to call _recurse_where in scalar context
912 # something else might too...
913 if (wantarray) {
914 return ($sql, @bind);
915 }
916 else {
917 belch "Calling _recurse_where in scalar context is deprecated and will go away before 2.0";
918 return $sql;
919 }
96449e8e 920}
921
cc422895 922sub _where_op_IDENT {
923 my $self = shift;
924 my ($op, $rhs) = splice @_, -2;
8aa76984 925 if (! defined $rhs or length ref $rhs) {
926 puke "-$op requires a single plain scalar argument (a quotable identifier)";
cc422895 927 }
928
929 # in case we are called as a top level special op (no '=')
d13725da 930 my $has_lhs = my $lhs = shift;
cc422895 931
932 $_ = $self->_convert($self->_quote($_)) for ($lhs, $rhs);
933
d13725da 934 return $has_lhs
cc422895 935 ? "$lhs = $rhs"
936 : $rhs
937 ;
938}
939
940sub _where_op_VALUE {
941 my $self = shift;
942 my ($op, $rhs) = splice @_, -2;
943
944 # in case we are called as a top level special op (no '=')
945 my $lhs = shift;
946
422ed2de 947 # special-case NULL
948 if (! defined $rhs) {
923ce642 949 return defined $lhs
b4fd1bf5 950 ? $self->_where_hashpair_HASHREF($lhs, { -is => undef })
422ed2de 951 : undef
952 ;
953 }
954
cc422895 955 my @bind =
ca4f826a 956 $self->_bindtype(
957 (defined $lhs ? $lhs : $self->{_nested_func_lhs}),
cc422895 958 $rhs,
959 )
960 ;
961
962 return $lhs
963 ? (
964 $self->_convert($self->_quote($lhs)) . ' = ' . $self->_convert('?'),
965 @bind
966 )
967 : (
968 $self->_convert('?'),
969 @bind,
970 )
971 ;
972}
973
d13725da 974
975my %unop_postfix = map +($_ => 1), 'is null', 'is not null';
976
b5b18861 977my %special = (
978 (map +($_ => do {
979 my $op = $_;
980 sub {
981 my ($self, $args) = @_;
982 my ($left, $low, $high) = @$args;
983 my ($rhsql, @rhbind) = do {
984 if (@$args == 2) {
985 puke "Single arg to between must be a literal"
986 unless $low->{-literal};
987 @{$low->{-literal}}
988 } else {
e56dd780 989 my ($l, $h) = map [ $self->_render_expr($_) ], $low, $high;
b5b18861 990 (join(' ', $l->[0], $self->_sqlcase('and'), $h->[0]),
991 @{$l}[1..$#$l], @{$h}[1..$#$h])
992 }
993 };
e56dd780 994 my ($lhsql, @lhbind) = $self->_render_expr($left);
b5b18861 995 return (
996 join(' ', '(', $lhsql, $self->_sqlcase($op), $rhsql, ')'),
997 @lhbind, @rhbind
998 );
999 }
1000 }), 'between', 'not between'),
10d07c4e 1001 (map +($_ => do {
1002 my $op = $_;
1003 sub {
1004 my ($self, $args) = @_;
1005 my ($lhs, $rhs) = @$args;
1006 my @in_bind;
1007 my @in_sql = map {
0ce981f8 1008 my ($sql, @bind) = $self->_render_expr($_);
10d07c4e 1009 push @in_bind, @bind;
1010 $sql;
1011 } @$rhs;
0ce981f8 1012 my ($lhsql, @lbind) = $self->_render_expr($lhs);
10d07c4e 1013 return (
1014 $lhsql.' '.$self->_sqlcase($op).' ( '
1015 .join(', ', @in_sql)
1016 .' )',
1017 @lbind, @in_bind
1018 );
1019 }
1020 }), 'in', 'not in'),
b5b18861 1021);
1022
d13725da 1023sub _where_op_OP {
1024 my ($self, undef, $v) = @_;
1025 my ($op, @args) = @$v;
1026 $op =~ s/^-// if length($op) > 1;
cba28f66 1027 $op = lc($op);
d13725da 1028 local $self->{_nested_func_lhs};
b5b18861 1029 if (my $h = $special{$op}) {
1030 return $self->$h(\@args);
1031 }
99a65fa8 1032 if (my $us = List::Util::first { $op =~ $_->{regex} } @{$self->{user_special_ops}}) {
1033 puke "Special op '${op}' requires first value to be identifier"
1034 unless my ($k) = map $_->{-ident}, grep ref($_) eq 'HASH', $args[0];
1035 return $self->${\($us->{handler})}($k, $op, $args[1]);
1036 }
1037 my $final_op = $op =~ /^(?:is|not)_/ ? join(' ', split '_', $op) : $op;
2143604f 1038 if (@args == 1 and $op !~ /^(and|or)$/) {
ec857800 1039 my ($expr_sql, @bind) = $self->_render_expr($args[0]);
d13725da 1040 my $op_sql = $self->_sqlcase($final_op);
1041 my $final_sql = (
1042 $unop_postfix{lc($final_op)}
1043 ? "${expr_sql} ${op_sql}"
1044 : "${op_sql} ${expr_sql}"
1045 );
0c7e3af0 1046 return (($op eq 'not' ? '('.$final_sql.')' : $final_sql), @bind);
16d9289c 1047 } else {
ec857800 1048 my @parts = map [ $self->_render_expr($_) ], @args;
77617257 1049 my ($final_sql) = map +($op =~ /^(and|or)$/ ? "(${_})" : $_), join(
1050 ' '.$self->_sqlcase($final_op).' ',
1051 map $_->[0], @parts
1052 );
99a65fa8 1053 return (
77617257 1054 $final_sql,
16d9289c 1055 map @{$_}[1..$#$_], @parts
99a65fa8 1056 );
d13725da 1057 }
1058 die "unhandled";
1059}
1060
711892b1 1061sub _where_op_FUNC {
1062 my ($self, undef, $rest) = @_;
1063 my ($func, @args) = @$rest;
1064 my @arg_sql;
1065 my @bind = map {
1066 my @x = @$_;
1067 push @arg_sql, shift @x;
1068 @x
0f199fce 1069 } map [ $self->_render_expr($_) ], @args;
711892b1 1070 return ($self->_sqlcase($func).'('.join(', ', @arg_sql).')', @bind);
1071}
1072
d13725da 1073sub _where_op_BIND {
1074 my ($self, undef, $bind) = @_;
1075 return ($self->_convert('?'), $self->_bindtype(@$bind));
1076}
1077
aa8d7bdb 1078sub _where_op_LITERAL {
1079 my ($self, undef, $literal) = @_;
465d43fd 1080 $self->_assert_bindval_matches_bindtype(@{$literal}[1..$#$literal]);
aa8d7bdb 1081 return @$literal;
1082}
1083
4a1f01a3 1084# Some databases (SQLite) treat col IN (1, 2) different from
1085# col IN ( (1, 2) ). Use this to strip all outer parens while
1086# adding them back in the corresponding method
1087sub _open_outer_paren {
1088 my ($self, $sql) = @_;
a5f91feb 1089
ca4f826a 1090 while (my ($inner) = $sql =~ /^ \s* \( (.*) \) \s* $/xs) {
a5f91feb 1091
1092 # there are closing parens inside, need the heavy duty machinery
1093 # to reevaluate the extraction starting from $sql (full reevaluation)
ca4f826a 1094 if ($inner =~ /\)/) {
a5f91feb 1095 require Text::Balanced;
1096
1097 my (undef, $remainder) = do {
1098 # idiotic design - writes to $@ but *DOES NOT* throw exceptions
1099 local $@;
ca4f826a 1100 Text::Balanced::extract_bracketed($sql, '()', qr/\s*/);
a5f91feb 1101 };
1102
1103 # the entire expression needs to be a balanced bracketed thing
1104 # (after an extract no remainder sans trailing space)
1105 last if defined $remainder and $remainder =~ /\S/;
1106 }
1107
1108 $sql = $inner;
1109 }
1110
1111 $sql;
4a1f01a3 1112}
1113
96449e8e 1114
96449e8e 1115#======================================================================
1116# ORDER BY
1117#======================================================================
1118
1119sub _order_by {
1120 my ($self, $arg) = @_;
1121
f267b646 1122 my (@sql, @bind);
ca4f826a 1123 for my $c ($self->_order_by_chunks($arg) ) {
1124 $self->_SWITCH_refkind($c, {
f267b646 1125 SCALAR => sub { push @sql, $c },
1126 ARRAYREF => sub { push @sql, shift @$c; push @bind, @$c },
1127 });
1128 }
1129
1130 my $sql = @sql
ca4f826a 1131 ? sprintf('%s %s',
f267b646 1132 $self->_sqlcase(' order by'),
ca4f826a 1133 join(', ', @sql)
f267b646 1134 )
1135 : ''
1136 ;
1137
1138 return wantarray ? ($sql, @bind) : $sql;
1139}
1140
1141sub _order_by_chunks {
1142 my ($self, $arg) = @_;
1143
1144 return $self->_SWITCH_refkind($arg, {
96449e8e 1145
1146 ARRAYREF => sub {
ca4f826a 1147 map { $self->_order_by_chunks($_ ) } @$arg;
96449e8e 1148 },
1149
c94a6c93 1150 ARRAYREFREF => sub {
1151 my ($s, @b) = @$$arg;
1152 $self->_assert_bindval_matches_bindtype(@b);
1153 [ $s, @b ];
1154 },
f267b646 1155
96449e8e 1156 SCALAR => sub {$self->_quote($arg)},
f267b646 1157
1158 UNDEF => sub {return () },
1159
96449e8e 1160 SCALARREF => sub {$$arg}, # literal SQL, no quoting
96449e8e 1161
f267b646 1162 HASHREF => sub {
5e436130 1163 # get first pair in hash
1164 my ($key, $val, @rest) = %$arg;
1165
1166 return () unless $key;
1167
ca4f826a 1168 if (@rest or not $key =~ /^-(desc|asc)/i) {
5e436130 1169 puke "hash passed to _order_by must have exactly one key (-desc or -asc)";
f267b646 1170 }
5e436130 1171
1172 my $direction = $1;
96449e8e 1173
e9bd3547 1174 my @ret;
ca4f826a 1175 for my $c ($self->_order_by_chunks($val)) {
e9bd3547 1176 my ($sql, @bind);
96449e8e 1177
ca4f826a 1178 $self->_SWITCH_refkind($c, {
f267b646 1179 SCALAR => sub {
e9bd3547 1180 $sql = $c;
f267b646 1181 },
1182 ARRAYREF => sub {
e9bd3547 1183 ($sql, @bind) = @$c;
f267b646 1184 },
1185 });
96449e8e 1186
5e436130 1187 $sql = $sql . ' ' . $self->_sqlcase($direction);
96449e8e 1188
e9bd3547 1189 push @ret, [ $sql, @bind];
1190 }
96449e8e 1191
e9bd3547 1192 return @ret;
f267b646 1193 },
1194 });
96449e8e 1195}
1196
1197
96449e8e 1198#======================================================================
1199# DATASOURCE (FOR NOW, JUST PLAIN TABLE OR LIST OF TABLES)
1200#======================================================================
1201
1202sub _table {
1203 my $self = shift;
1204 my $from = shift;
1205 $self->_SWITCH_refkind($from, {
1206 ARRAYREF => sub {join ', ', map { $self->_quote($_) } @$from;},
1207 SCALAR => sub {$self->_quote($from)},
1208 SCALARREF => sub {$$from},
96449e8e 1209 });
1210}
1211
1212
1213#======================================================================
1214# UTILITY FUNCTIONS
1215#======================================================================
1216
955e77ca 1217# highly optimized, as it's called way too often
96449e8e 1218sub _quote {
955e77ca 1219 # my ($self, $label) = @_;
96449e8e 1220
955e77ca 1221 return '' unless defined $_[1];
955e77ca 1222 return ${$_[1]} if ref($_[1]) eq 'SCALAR';
96449e8e 1223
439834d3 1224 $_[0]->{quote_char} or
1225 ($_[0]->_assert_pass_injection_guard($_[1]), return $_[1]);
96449e8e 1226
07d7c35c 1227 my $qref = ref $_[0]->{quote_char};
439834d3 1228 my ($l, $r) =
1229 !$qref ? ($_[0]->{quote_char}, $_[0]->{quote_char})
1230 : ($qref eq 'ARRAY') ? @{$_[0]->{quote_char}}
1231 : puke "Unsupported quote_char format: $_[0]->{quote_char}";
1232
46be4313 1233 my $esc = $_[0]->{escape_char} || $r;
96449e8e 1234
07d7c35c 1235 # parts containing * are naturally unquoted
ca4f826a 1236 return join($_[0]->{name_sep}||'', map
439834d3 1237 +( $_ eq '*' ? $_ : do { (my $n = $_) =~ s/(\Q$esc\E|\Q$r\E)/$esc$1/g; $l . $n . $r } ),
955e77ca 1238 ( $_[0]->{name_sep} ? split (/\Q$_[0]->{name_sep}\E/, $_[1] ) : $_[1] )
1239 );
96449e8e 1240}
1241
1242
1243# Conversion, if applicable
d7c862e0 1244sub _convert {
07d7c35c 1245 #my ($self, $arg) = @_;
07d7c35c 1246 if ($_[0]->{convert}) {
1247 return $_[0]->_sqlcase($_[0]->{convert}) .'(' . $_[1] . ')';
96449e8e 1248 }
07d7c35c 1249 return $_[1];
96449e8e 1250}
1251
1252# And bindtype
d7c862e0 1253sub _bindtype {
07d7c35c 1254 #my ($self, $col, @vals) = @_;
07d7c35c 1255 # called often - tighten code
1256 return $_[0]->{bindtype} eq 'columns'
1257 ? map {[$_[1], $_]} @_[2 .. $#_]
1258 : @_[2 .. $#_]
1259 ;
96449e8e 1260}
1261
fe3ae272 1262# Dies if any element of @bind is not in [colname => value] format
1263# if bindtype is 'columns'.
1264sub _assert_bindval_matches_bindtype {
c94a6c93 1265# my ($self, @bind) = @_;
1266 my $self = shift;
fe3ae272 1267 if ($self->{bindtype} eq 'columns') {
c94a6c93 1268 for (@_) {
1269 if (!defined $_ || ref($_) ne 'ARRAY' || @$_ != 2) {
3a06278c 1270 puke "bindtype 'columns' selected, you need to pass: [column_name => bind_value]"
fe3ae272 1271 }
1272 }
1273 }
1274}
1275
96449e8e 1276sub _join_sql_clauses {
1277 my ($self, $logic, $clauses_aref, $bind_aref) = @_;
1278
1279 if (@$clauses_aref > 1) {
1280 my $join = " " . $self->_sqlcase($logic) . " ";
1281 my $sql = '( ' . join($join, @$clauses_aref) . ' )';
1282 return ($sql, @$bind_aref);
1283 }
1284 elsif (@$clauses_aref) {
1285 return ($clauses_aref->[0], @$bind_aref); # no parentheses
1286 }
1287 else {
1288 return (); # if no SQL, ignore @$bind_aref
1289 }
1290}
1291
1292
1293# Fix SQL case, if so requested
1294sub _sqlcase {
96449e8e 1295 # LDNOTE: if $self->{case} is true, then it contains 'lower', so we
1296 # don't touch the argument ... crooked logic, but let's not change it!
07d7c35c 1297 return $_[0]->{case} ? $_[1] : uc($_[1]);
96449e8e 1298}
1299
1300
1301#======================================================================
1302# DISPATCHING FROM REFKIND
1303#======================================================================
1304
1305sub _refkind {
1306 my ($self, $data) = @_;
96449e8e 1307
955e77ca 1308 return 'UNDEF' unless defined $data;
1309
1310 # blessed objects are treated like scalars
1311 my $ref = (Scalar::Util::blessed $data) ? '' : ref $data;
1312
1313 return 'SCALAR' unless $ref;
1314
1315 my $n_steps = 1;
1316 while ($ref eq 'REF') {
96449e8e 1317 $data = $$data;
955e77ca 1318 $ref = (Scalar::Util::blessed $data) ? '' : ref $data;
1319 $n_steps++ if $ref;
96449e8e 1320 }
1321
848556bc 1322 return ($ref||'SCALAR') . ('REF' x $n_steps);
96449e8e 1323}
1324
1325sub _try_refkind {
1326 my ($self, $data) = @_;
1327 my @try = ($self->_refkind($data));
1328 push @try, 'SCALAR_or_UNDEF' if $try[0] eq 'SCALAR' || $try[0] eq 'UNDEF';
1329 push @try, 'FALLBACK';
955e77ca 1330 return \@try;
96449e8e 1331}
1332
1333sub _METHOD_FOR_refkind {
1334 my ($self, $meth_prefix, $data) = @_;
f39eaa60 1335
1336 my $method;
955e77ca 1337 for (@{$self->_try_refkind($data)}) {
f39eaa60 1338 $method = $self->can($meth_prefix."_".$_)
1339 and last;
1340 }
1341
1342 return $method || puke "cannot dispatch on '$meth_prefix' for ".$self->_refkind($data);
96449e8e 1343}
1344
1345
1346sub _SWITCH_refkind {
1347 my ($self, $data, $dispatch_table) = @_;
1348
f39eaa60 1349 my $coderef;
955e77ca 1350 for (@{$self->_try_refkind($data)}) {
f39eaa60 1351 $coderef = $dispatch_table->{$_}
1352 and last;
1353 }
1354
1355 puke "no dispatch entry for ".$self->_refkind($data)
1356 unless $coderef;
1357
96449e8e 1358 $coderef->();
1359}
1360
1361
1362
1363
1364#======================================================================
1365# VALUES, GENERATE, AUTOLOAD
1366#======================================================================
1367
1368# LDNOTE: original code from nwiger, didn't touch code in that section
1369# I feel the AUTOLOAD stuff should not be the default, it should
1370# only be activated on explicit demand by user.
1371
1372sub values {
1373 my $self = shift;
1374 my $data = shift || return;
1375 puke "Argument to ", __PACKAGE__, "->values must be a \\%hash"
1376 unless ref $data eq 'HASH';
bab725ce 1377
1378 my @all_bind;
ca4f826a 1379 foreach my $k (sort keys %$data) {
bab725ce 1380 my $v = $data->{$k};
1381 $self->_SWITCH_refkind($v, {
9d48860e 1382 ARRAYREF => sub {
bab725ce 1383 if ($self->{array_datatypes}) { # array datatype
1384 push @all_bind, $self->_bindtype($k, $v);
1385 }
1386 else { # literal SQL with bind
1387 my ($sql, @bind) = @$v;
1388 $self->_assert_bindval_matches_bindtype(@bind);
1389 push @all_bind, @bind;
1390 }
1391 },
1392 ARRAYREFREF => sub { # literal SQL with bind
1393 my ($sql, @bind) = @${$v};
1394 $self->_assert_bindval_matches_bindtype(@bind);
1395 push @all_bind, @bind;
1396 },
1397 SCALARREF => sub { # literal SQL without bind
1398 },
1399 SCALAR_or_UNDEF => sub {
1400 push @all_bind, $self->_bindtype($k, $v);
1401 },
1402 });
1403 }
1404
1405 return @all_bind;
96449e8e 1406}
1407
1408sub generate {
1409 my $self = shift;
1410
1411 my(@sql, @sqlq, @sqlv);
1412
1413 for (@_) {
1414 my $ref = ref $_;
1415 if ($ref eq 'HASH') {
1416 for my $k (sort keys %$_) {
1417 my $v = $_->{$k};
1418 my $r = ref $v;
1419 my $label = $self->_quote($k);
1420 if ($r eq 'ARRAY') {
fe3ae272 1421 # literal SQL with bind
1422 my ($sql, @bind) = @$v;
1423 $self->_assert_bindval_matches_bindtype(@bind);
96449e8e 1424 push @sqlq, "$label = $sql";
fe3ae272 1425 push @sqlv, @bind;
96449e8e 1426 } elsif ($r eq 'SCALAR') {
fe3ae272 1427 # literal SQL without bind
96449e8e 1428 push @sqlq, "$label = $$v";
9d48860e 1429 } else {
96449e8e 1430 push @sqlq, "$label = ?";
1431 push @sqlv, $self->_bindtype($k, $v);
1432 }
1433 }
1434 push @sql, $self->_sqlcase('set'), join ', ', @sqlq;
1435 } elsif ($ref eq 'ARRAY') {
1436 # unlike insert(), assume these are ONLY the column names, i.e. for SQL
1437 for my $v (@$_) {
1438 my $r = ref $v;
fe3ae272 1439 if ($r eq 'ARRAY') { # literal SQL with bind
1440 my ($sql, @bind) = @$v;
1441 $self->_assert_bindval_matches_bindtype(@bind);
1442 push @sqlq, $sql;
1443 push @sqlv, @bind;
1444 } elsif ($r eq 'SCALAR') { # literal SQL without bind
96449e8e 1445 # embedded literal SQL
1446 push @sqlq, $$v;
9d48860e 1447 } else {
96449e8e 1448 push @sqlq, '?';
1449 push @sqlv, $v;
1450 }
1451 }
1452 push @sql, '(' . join(', ', @sqlq) . ')';
1453 } elsif ($ref eq 'SCALAR') {
1454 # literal SQL
1455 push @sql, $$_;
1456 } else {
1457 # strings get case twiddled
1458 push @sql, $self->_sqlcase($_);
1459 }
1460 }
1461
1462 my $sql = join ' ', @sql;
1463
1464 # this is pretty tricky
1465 # if ask for an array, return ($stmt, @bind)
1466 # otherwise, s/?/shift @sqlv/ to put it inline
1467 if (wantarray) {
1468 return ($sql, @sqlv);
1469 } else {
1470 1 while $sql =~ s/\?/my $d = shift(@sqlv);
1471 ref $d ? $d->[1] : $d/e;
1472 return $sql;
1473 }
1474}
1475
1476
1477sub DESTROY { 1 }
1478
1479sub AUTOLOAD {
1480 # This allows us to check for a local, then _form, attr
1481 my $self = shift;
1482 my($name) = $AUTOLOAD =~ /.*::(.+)/;
1483 return $self->generate($name, @_);
1484}
1485
14861;
1487
1488
1489
1490__END__
32eab2da 1491
1492=head1 NAME
1493
1494SQL::Abstract - Generate SQL from Perl data structures
1495
1496=head1 SYNOPSIS
1497
1498 use SQL::Abstract;
1499
1500 my $sql = SQL::Abstract->new;
1501
85783f3c 1502 my($stmt, @bind) = $sql->select($source, \@fields, \%where, $order);
32eab2da 1503
1504 my($stmt, @bind) = $sql->insert($table, \%fieldvals || \@values);
1505
1506 my($stmt, @bind) = $sql->update($table, \%fieldvals, \%where);
1507
1508 my($stmt, @bind) = $sql->delete($table, \%where);
1509
1510 # Then, use these in your DBI statements
1511 my $sth = $dbh->prepare($stmt);
1512 $sth->execute(@bind);
1513
1514 # Just generate the WHERE clause
85783f3c 1515 my($stmt, @bind) = $sql->where(\%where, $order);
32eab2da 1516
1517 # Return values in the same order, for hashed queries
1518 # See PERFORMANCE section for more details
1519 my @bind = $sql->values(\%fieldvals);
1520
1521=head1 DESCRIPTION
1522
1523This module was inspired by the excellent L<DBIx::Abstract>.
1524However, in using that module I found that what I really wanted
1525to do was generate SQL, but still retain complete control over my
1526statement handles and use the DBI interface. So, I set out to
1527create an abstract SQL generation module.
1528
1529While based on the concepts used by L<DBIx::Abstract>, there are
1530several important differences, especially when it comes to WHERE
1531clauses. I have modified the concepts used to make the SQL easier
1532to generate from Perl data structures and, IMO, more intuitive.
1533The underlying idea is for this module to do what you mean, based
1534on the data structures you provide it. The big advantage is that
1535you don't have to modify your code every time your data changes,
1536as this module figures it out.
1537
1538To begin with, an SQL INSERT is as easy as just specifying a hash
1539of C<key=value> pairs:
1540
1541 my %data = (
1542 name => 'Jimbo Bobson',
1543 phone => '123-456-7890',
1544 address => '42 Sister Lane',
1545 city => 'St. Louis',
1546 state => 'Louisiana',
1547 );
1548
1549The SQL can then be generated with this:
1550
1551 my($stmt, @bind) = $sql->insert('people', \%data);
1552
1553Which would give you something like this:
1554
1555 $stmt = "INSERT INTO people
1556 (address, city, name, phone, state)
1557 VALUES (?, ?, ?, ?, ?)";
1558 @bind = ('42 Sister Lane', 'St. Louis', 'Jimbo Bobson',
1559 '123-456-7890', 'Louisiana');
1560
1561These are then used directly in your DBI code:
1562
1563 my $sth = $dbh->prepare($stmt);
1564 $sth->execute(@bind);
1565
96449e8e 1566=head2 Inserting and Updating Arrays
1567
1568If your database has array types (like for example Postgres),
1569activate the special option C<< array_datatypes => 1 >>
9d48860e 1570when creating the C<SQL::Abstract> object.
96449e8e 1571Then you may use an arrayref to insert and update database array types:
1572
1573 my $sql = SQL::Abstract->new(array_datatypes => 1);
1574 my %data = (
1575 planets => [qw/Mercury Venus Earth Mars/]
1576 );
9d48860e 1577
96449e8e 1578 my($stmt, @bind) = $sql->insert('solar_system', \%data);
1579
1580This results in:
1581
1582 $stmt = "INSERT INTO solar_system (planets) VALUES (?)"
1583
1584 @bind = (['Mercury', 'Venus', 'Earth', 'Mars']);
1585
1586
1587=head2 Inserting and Updating SQL
1588
1589In order to apply SQL functions to elements of your C<%data> you may
1590specify a reference to an arrayref for the given hash value. For example,
1591if you need to execute the Oracle C<to_date> function on a value, you can
1592say something like this:
32eab2da 1593
1594 my %data = (
1595 name => 'Bill',
3ae1c5e2 1596 date_entered => \[ "to_date(?,'MM/DD/YYYY')", "03/02/2003" ],
9d48860e 1597 );
32eab2da 1598
1599The first value in the array is the actual SQL. Any other values are
1600optional and would be included in the bind values array. This gives
1601you:
1602
1603 my($stmt, @bind) = $sql->insert('people', \%data);
1604
9d48860e 1605 $stmt = "INSERT INTO people (name, date_entered)
32eab2da 1606 VALUES (?, to_date(?,'MM/DD/YYYY'))";
1607 @bind = ('Bill', '03/02/2003');
1608
1609An UPDATE is just as easy, all you change is the name of the function:
1610
1611 my($stmt, @bind) = $sql->update('people', \%data);
1612
1613Notice that your C<%data> isn't touched; the module will generate
1614the appropriately quirky SQL for you automatically. Usually you'll
1615want to specify a WHERE clause for your UPDATE, though, which is
1616where handling C<%where> hashes comes in handy...
1617
96449e8e 1618=head2 Complex where statements
1619
32eab2da 1620This module can generate pretty complicated WHERE statements
1621easily. For example, simple C<key=value> pairs are taken to mean
1622equality, and if you want to see if a field is within a set
1623of values, you can use an arrayref. Let's say we wanted to
1624SELECT some data based on this criteria:
1625
1626 my %where = (
1627 requestor => 'inna',
1628 worker => ['nwiger', 'rcwe', 'sfz'],
1629 status => { '!=', 'completed' }
1630 );
1631
1632 my($stmt, @bind) = $sql->select('tickets', '*', \%where);
1633
1634The above would give you something like this:
1635
1636 $stmt = "SELECT * FROM tickets WHERE
1637 ( requestor = ? ) AND ( status != ? )
1638 AND ( worker = ? OR worker = ? OR worker = ? )";
1639 @bind = ('inna', 'completed', 'nwiger', 'rcwe', 'sfz');
1640
1641Which you could then use in DBI code like so:
1642
1643 my $sth = $dbh->prepare($stmt);
1644 $sth->execute(@bind);
1645
1646Easy, eh?
1647
0da0fe34 1648=head1 METHODS
32eab2da 1649
13cc86af 1650The methods are simple. There's one for every major SQL operation,
32eab2da 1651and a constructor you use first. The arguments are specified in a
13cc86af 1652similar order for each method (table, then fields, then a where
32eab2da 1653clause) to try and simplify things.
1654
32eab2da 1655=head2 new(option => 'value')
1656
1657The C<new()> function takes a list of options and values, and returns
1658a new B<SQL::Abstract> object which can then be used to generate SQL
1659through the methods below. The options accepted are:
1660
1661=over
1662
1663=item case
1664
1665If set to 'lower', then SQL will be generated in all lowercase. By
1666default SQL is generated in "textbook" case meaning something like:
1667
1668 SELECT a_field FROM a_table WHERE some_field LIKE '%someval%'
1669
96449e8e 1670Any setting other than 'lower' is ignored.
1671
32eab2da 1672=item cmp
1673
1674This determines what the default comparison operator is. By default
1675it is C<=>, meaning that a hash like this:
1676
1677 %where = (name => 'nwiger', email => 'nate@wiger.org');
1678
1679Will generate SQL like this:
1680
1681 WHERE name = 'nwiger' AND email = 'nate@wiger.org'
1682
1683However, you may want loose comparisons by default, so if you set
1684C<cmp> to C<like> you would get SQL such as:
1685
1686 WHERE name like 'nwiger' AND email like 'nate@wiger.org'
1687
3af02ccb 1688You can also override the comparison on an individual basis - see
32eab2da 1689the huge section on L</"WHERE CLAUSES"> at the bottom.
1690
96449e8e 1691=item sqltrue, sqlfalse
1692
1693Expressions for inserting boolean values within SQL statements.
6e0c6552 1694By default these are C<1=1> and C<1=0>. They are used
1695by the special operators C<-in> and C<-not_in> for generating
1696correct SQL even when the argument is an empty array (see below).
96449e8e 1697
32eab2da 1698=item logic
1699
1700This determines the default logical operator for multiple WHERE
7cac25e6 1701statements in arrays or hashes. If absent, the default logic is "or"
1702for arrays, and "and" for hashes. This means that a WHERE
32eab2da 1703array of the form:
1704
1705 @where = (
9d48860e 1706 event_date => {'>=', '2/13/99'},
1707 event_date => {'<=', '4/24/03'},
32eab2da 1708 );
1709
7cac25e6 1710will generate SQL like this:
32eab2da 1711
1712 WHERE event_date >= '2/13/99' OR event_date <= '4/24/03'
1713
1714This is probably not what you want given this query, though (look
1715at the dates). To change the "OR" to an "AND", simply specify:
1716
1717 my $sql = SQL::Abstract->new(logic => 'and');
1718
1719Which will change the above C<WHERE> to:
1720
1721 WHERE event_date >= '2/13/99' AND event_date <= '4/24/03'
1722
96449e8e 1723The logic can also be changed locally by inserting
be21dde3 1724a modifier in front of an arrayref:
96449e8e 1725
9d48860e 1726 @where = (-and => [event_date => {'>=', '2/13/99'},
7cac25e6 1727 event_date => {'<=', '4/24/03'} ]);
96449e8e 1728
1729See the L</"WHERE CLAUSES"> section for explanations.
1730
32eab2da 1731=item convert
1732
1733This will automatically convert comparisons using the specified SQL
1734function for both column and value. This is mostly used with an argument
1735of C<upper> or C<lower>, so that the SQL will have the effect of
1736case-insensitive "searches". For example, this:
1737
1738 $sql = SQL::Abstract->new(convert => 'upper');
1739 %where = (keywords => 'MaKe iT CAse inSeNSItive');
1740
1741Will turn out the following SQL:
1742
1743 WHERE upper(keywords) like upper('MaKe iT CAse inSeNSItive')
1744
1745The conversion can be C<upper()>, C<lower()>, or any other SQL function
1746that can be applied symmetrically to fields (actually B<SQL::Abstract> does
1747not validate this option; it will just pass through what you specify verbatim).
1748
1749=item bindtype
1750
1751This is a kludge because many databases suck. For example, you can't
1752just bind values using DBI's C<execute()> for Oracle C<CLOB> or C<BLOB> fields.
1753Instead, you have to use C<bind_param()>:
1754
1755 $sth->bind_param(1, 'reg data');
1756 $sth->bind_param(2, $lots, {ora_type => ORA_CLOB});
1757
1758The problem is, B<SQL::Abstract> will normally just return a C<@bind> array,
1759which loses track of which field each slot refers to. Fear not.
1760
1761If you specify C<bindtype> in new, you can determine how C<@bind> is returned.
1762Currently, you can specify either C<normal> (default) or C<columns>. If you
1763specify C<columns>, you will get an array that looks like this:
1764
1765 my $sql = SQL::Abstract->new(bindtype => 'columns');
1766 my($stmt, @bind) = $sql->insert(...);
1767
1768 @bind = (
1769 [ 'column1', 'value1' ],
1770 [ 'column2', 'value2' ],
1771 [ 'column3', 'value3' ],
1772 );
1773
1774You can then iterate through this manually, using DBI's C<bind_param()>.
e3f9dff4 1775
32eab2da 1776 $sth->prepare($stmt);
1777 my $i = 1;
1778 for (@bind) {
1779 my($col, $data) = @$_;
1780 if ($col eq 'details' || $col eq 'comments') {
1781 $sth->bind_param($i, $data, {ora_type => ORA_CLOB});
1782 } elsif ($col eq 'image') {
1783 $sth->bind_param($i, $data, {ora_type => ORA_BLOB});
1784 } else {
1785 $sth->bind_param($i, $data);
1786 }
1787 $i++;
1788 }
1789 $sth->execute; # execute without @bind now
1790
1791Now, why would you still use B<SQL::Abstract> if you have to do this crap?
1792Basically, the advantage is still that you don't have to care which fields
1793are or are not included. You could wrap that above C<for> loop in a simple
1794sub called C<bind_fields()> or something and reuse it repeatedly. You still
1795get a layer of abstraction over manual SQL specification.
1796
3ae1c5e2 1797Note that if you set L</bindtype> to C<columns>, the C<\[ $sql, @bind ]>
deb148a2 1798construct (see L</Literal SQL with placeholders and bind values (subqueries)>)
1799will expect the bind values in this format.
1800
32eab2da 1801=item quote_char
1802
1803This is the character that a table or column name will be quoted
9d48860e 1804with. By default this is an empty string, but you could set it to
32eab2da 1805the character C<`>, to generate SQL like this:
1806
1807 SELECT `a_field` FROM `a_table` WHERE `some_field` LIKE '%someval%'
1808
96449e8e 1809Alternatively, you can supply an array ref of two items, the first being the left
1810hand quote character, and the second the right hand quote character. For
1811example, you could supply C<['[',']']> for SQL Server 2000 compliant quotes
1812that generates SQL like this:
1813
1814 SELECT [a_field] FROM [a_table] WHERE [some_field] LIKE '%someval%'
1815
9d48860e 1816Quoting is useful if you have tables or columns names that are reserved
96449e8e 1817words in your database's SQL dialect.
32eab2da 1818
46be4313 1819=item escape_char
1820
1821This is the character that will be used to escape L</quote_char>s appearing
1822in an identifier before it has been quoted.
1823
80790166 1824The parameter default in case of a single L</quote_char> character is the quote
46be4313 1825character itself.
1826
1827When opening-closing-style quoting is used (L</quote_char> is an arrayref)
9de2bd86 1828this parameter defaults to the B<closing (right)> L</quote_char>. Occurrences
46be4313 1829of the B<opening (left)> L</quote_char> within the identifier are currently left
1830untouched. The default for opening-closing-style quotes may change in future
1831versions, thus you are B<strongly encouraged> to specify the escape character
1832explicitly.
1833
32eab2da 1834=item name_sep
1835
1836This is the character that separates a table and column name. It is
1837necessary to specify this when the C<quote_char> option is selected,
1838so that tables and column names can be individually quoted like this:
1839
1840 SELECT `table`.`one_field` FROM `table` WHERE `table`.`other_field` = 1
1841
b6251592 1842=item injection_guard
1843
1844A regular expression C<qr/.../> that is applied to any C<-function> and unquoted
1845column name specified in a query structure. This is a safety mechanism to avoid
1846injection attacks when mishandling user input e.g.:
1847
1848 my %condition_as_column_value_pairs = get_values_from_user();
1849 $sqla->select( ... , \%condition_as_column_value_pairs );
1850
1851If the expression matches an exception is thrown. Note that literal SQL
1852supplied via C<\'...'> or C<\['...']> is B<not> checked in any way.
1853
1854Defaults to checking for C<;> and the C<GO> keyword (TransactSQL)
1855
96449e8e 1856=item array_datatypes
32eab2da 1857
9d48860e 1858When this option is true, arrayrefs in INSERT or UPDATE are
1859interpreted as array datatypes and are passed directly
96449e8e 1860to the DBI layer.
1861When this option is false, arrayrefs are interpreted
1862as literal SQL, just like refs to arrayrefs
1863(but this behavior is for backwards compatibility; when writing
1864new queries, use the "reference to arrayref" syntax
1865for literal SQL).
32eab2da 1866
32eab2da 1867
96449e8e 1868=item special_ops
32eab2da 1869
9d48860e 1870Takes a reference to a list of "special operators"
96449e8e 1871to extend the syntax understood by L<SQL::Abstract>.
1872See section L</"SPECIAL OPERATORS"> for details.
32eab2da 1873
59f23b3d 1874=item unary_ops
1875
9d48860e 1876Takes a reference to a list of "unary operators"
59f23b3d 1877to extend the syntax understood by L<SQL::Abstract>.
1878See section L</"UNARY OPERATORS"> for details.
1879
32eab2da 1880
32eab2da 1881
96449e8e 1882=back
32eab2da 1883
02288357 1884=head2 insert($table, \@values || \%fieldvals, \%options)
32eab2da 1885
1886This is the simplest function. You simply give it a table name
1887and either an arrayref of values or hashref of field/value pairs.
1888It returns an SQL INSERT statement and a list of bind values.
96449e8e 1889See the sections on L</"Inserting and Updating Arrays"> and
1890L</"Inserting and Updating SQL"> for information on how to insert
1891with those data types.
32eab2da 1892
02288357 1893The optional C<\%options> hash reference may contain additional
1894options to generate the insert SQL. Currently supported options
1895are:
1896
1897=over 4
1898
1899=item returning
1900
1901Takes either a scalar of raw SQL fields, or an array reference of
1902field names, and adds on an SQL C<RETURNING> statement at the end.
1903This allows you to return data generated by the insert statement
1904(such as row IDs) without performing another C<SELECT> statement.
1905Note, however, this is not part of the SQL standard and may not
1906be supported by all database engines.
1907
1908=back
1909
95904db5 1910=head2 update($table, \%fieldvals, \%where, \%options)
32eab2da 1911
1912This takes a table, hashref of field/value pairs, and an optional
86298391 1913hashref L<WHERE clause|/WHERE CLAUSES>. It returns an SQL UPDATE function and a list
32eab2da 1914of bind values.
96449e8e 1915See the sections on L</"Inserting and Updating Arrays"> and
1916L</"Inserting and Updating SQL"> for information on how to insert
1917with those data types.
32eab2da 1918
95904db5 1919The optional C<\%options> hash reference may contain additional
1920options to generate the update SQL. Currently supported options
1921are:
1922
1923=over 4
1924
1925=item returning
1926
1927See the C<returning> option to
1928L<insert|/insert($table, \@values || \%fieldvals, \%options)>.
1929
1930=back
1931
96449e8e 1932=head2 select($source, $fields, $where, $order)
32eab2da 1933
9d48860e 1934This returns a SQL SELECT statement and associated list of bind values, as
be21dde3 1935specified by the arguments:
32eab2da 1936
96449e8e 1937=over
32eab2da 1938
96449e8e 1939=item $source
32eab2da 1940
9d48860e 1941Specification of the 'FROM' part of the statement.
96449e8e 1942The argument can be either a plain scalar (interpreted as a table
1943name, will be quoted), or an arrayref (interpreted as a list
1944of table names, joined by commas, quoted), or a scalarref
063097a3 1945(literal SQL, not quoted).
32eab2da 1946
96449e8e 1947=item $fields
32eab2da 1948
9d48860e 1949Specification of the list of fields to retrieve from
96449e8e 1950the source.
1951The argument can be either an arrayref (interpreted as a list
9d48860e 1952of field names, will be joined by commas and quoted), or a
96449e8e 1953plain scalar (literal SQL, not quoted).
521647e7 1954Please observe that this API is not as flexible as that of
1955the first argument C<$source>, for backwards compatibility reasons.
32eab2da 1956
96449e8e 1957=item $where
32eab2da 1958
96449e8e 1959Optional argument to specify the WHERE part of the query.
1960The argument is most often a hashref, but can also be
9d48860e 1961an arrayref or plain scalar --
96449e8e 1962see section L<WHERE clause|/"WHERE CLAUSES"> for details.
32eab2da 1963
96449e8e 1964=item $order
32eab2da 1965
96449e8e 1966Optional argument to specify the ORDER BY part of the query.
9d48860e 1967The argument can be a scalar, a hashref or an arrayref
96449e8e 1968-- see section L<ORDER BY clause|/"ORDER BY CLAUSES">
1969for details.
32eab2da 1970
96449e8e 1971=back
32eab2da 1972
32eab2da 1973
85327cd5 1974=head2 delete($table, \%where, \%options)
32eab2da 1975
86298391 1976This takes a table name and optional hashref L<WHERE clause|/WHERE CLAUSES>.
32eab2da 1977It returns an SQL DELETE statement and list of bind values.
1978
85327cd5 1979The optional C<\%options> hash reference may contain additional
1980options to generate the delete SQL. Currently supported options
1981are:
1982
1983=over 4
1984
1985=item returning
1986
1987See the C<returning> option to
1988L<insert|/insert($table, \@values || \%fieldvals, \%options)>.
1989
1990=back
1991
85783f3c 1992=head2 where(\%where, $order)
32eab2da 1993
1994This is used to generate just the WHERE clause. For example,
1995if you have an arbitrary data structure and know what the
1996rest of your SQL is going to look like, but want an easy way
1997to produce a WHERE clause, use this. It returns an SQL WHERE
1998clause and list of bind values.
1999
32eab2da 2000
2001=head2 values(\%data)
2002
2003This just returns the values from the hash C<%data>, in the same
2004order that would be returned from any of the other above queries.
2005Using this allows you to markedly speed up your queries if you
2006are affecting lots of rows. See below under the L</"PERFORMANCE"> section.
2007
32eab2da 2008=head2 generate($any, 'number', $of, \@data, $struct, \%types)
2009
2010Warning: This is an experimental method and subject to change.
2011
2012This returns arbitrarily generated SQL. It's a really basic shortcut.
2013It will return two different things, depending on return context:
2014
2015 my($stmt, @bind) = $sql->generate('create table', \$table, \@fields);
2016 my $stmt_and_val = $sql->generate('create table', \$table, \@fields);
2017
2018These would return the following:
2019
2020 # First calling form
2021 $stmt = "CREATE TABLE test (?, ?)";
2022 @bind = (field1, field2);
2023
2024 # Second calling form
2025 $stmt_and_val = "CREATE TABLE test (field1, field2)";
2026
2027Depending on what you're trying to do, it's up to you to choose the correct
2028format. In this example, the second form is what you would want.
2029
2030By the same token:
2031
2032 $sql->generate('alter session', { nls_date_format => 'MM/YY' });
2033
2034Might give you:
2035
2036 ALTER SESSION SET nls_date_format = 'MM/YY'
2037
2038You get the idea. Strings get their case twiddled, but everything
2039else remains verbatim.
2040
0da0fe34 2041=head1 EXPORTABLE FUNCTIONS
2042
2043=head2 is_plain_value
2044
2045Determines if the supplied argument is a plain value as understood by this
2046module:
2047
2048=over
2049
2050=item * The value is C<undef>
2051
2052=item * The value is a non-reference
2053
2054=item * The value is an object with stringification overloading
2055
2056=item * The value is of the form C<< { -value => $anything } >>
2057
2058=back
2059
9de2bd86 2060On failure returns C<undef>, on success returns a B<scalar> reference
966200cc 2061to the original supplied argument.
0da0fe34 2062
843a94b5 2063=over
2064
2065=item * Note
2066
2067The stringification overloading detection is rather advanced: it takes
2068into consideration not only the presence of a C<""> overload, but if that
2069fails also checks for enabled
2070L<autogenerated versions of C<"">|overload/Magic Autogeneration>, based
2071on either C<0+> or C<bool>.
2072
2073Unfortunately testing in the field indicates that this
2074detection B<< may tickle a latent bug in perl versions before 5.018 >>,
2075but only when very large numbers of stringifying objects are involved.
2076At the time of writing ( Sep 2014 ) there is no clear explanation of
2077the direct cause, nor is there a manageably small test case that reliably
2078reproduces the problem.
2079
2080If you encounter any of the following exceptions in B<random places within
2081your application stack> - this module may be to blame:
2082
2083 Operation "ne": no method found,
2084 left argument in overloaded package <something>,
2085 right argument in overloaded package <something>
2086
2087or perhaps even
2088
2089 Stub found while resolving method "???" overloading """" in package <something>
2090
2091If you fall victim to the above - please attempt to reduce the problem
2092to something that could be sent to the L<SQL::Abstract developers
1f490ae4 2093|DBIx::Class/GETTING HELP/SUPPORT>
843a94b5 2094(either publicly or privately). As a workaround in the meantime you can
2095set C<$ENV{SQLA_ISVALUE_IGNORE_AUTOGENERATED_STRINGIFICATION}> to a true
2096value, which will most likely eliminate your problem (at the expense of
2097not being able to properly detect exotic forms of stringification).
2098
2099This notice and environment variable will be removed in a future version,
2100as soon as the underlying problem is found and a reliable workaround is
2101devised.
2102
2103=back
2104
0da0fe34 2105=head2 is_literal_value
2106
2107Determines if the supplied argument is a literal value as understood by this
2108module:
2109
2110=over
2111
2112=item * C<\$sql_string>
2113
2114=item * C<\[ $sql_string, @bind_values ]>
2115
0da0fe34 2116=back
2117
9de2bd86 2118On failure returns C<undef>, on success returns an B<array> reference
966200cc 2119containing the unpacked version of the supplied literal SQL and bind values.
0da0fe34 2120
32eab2da 2121=head1 WHERE CLAUSES
2122
96449e8e 2123=head2 Introduction
2124
32eab2da 2125This module uses a variation on the idea from L<DBIx::Abstract>. It
2126is B<NOT>, repeat I<not> 100% compatible. B<The main logic of this
2127module is that things in arrays are OR'ed, and things in hashes
2128are AND'ed.>
2129
2130The easiest way to explain is to show lots of examples. After
2131each C<%where> hash shown, it is assumed you used:
2132
2133 my($stmt, @bind) = $sql->where(\%where);
2134
2135However, note that the C<%where> hash can be used directly in any
2136of the other functions as well, as described above.
2137
96449e8e 2138=head2 Key-value pairs
2139
32eab2da 2140So, let's get started. To begin, a simple hash:
2141
2142 my %where = (
2143 user => 'nwiger',
2144 status => 'completed'
2145 );
2146
2147Is converted to SQL C<key = val> statements:
2148
2149 $stmt = "WHERE user = ? AND status = ?";
2150 @bind = ('nwiger', 'completed');
2151
2152One common thing I end up doing is having a list of values that
2153a field can be in. To do this, simply specify a list inside of
2154an arrayref:
2155
2156 my %where = (
2157 user => 'nwiger',
2158 status => ['assigned', 'in-progress', 'pending'];
2159 );
2160
2161This simple code will create the following:
9d48860e 2162
32eab2da 2163 $stmt = "WHERE user = ? AND ( status = ? OR status = ? OR status = ? )";
2164 @bind = ('nwiger', 'assigned', 'in-progress', 'pending');
2165
9d48860e 2166A field associated to an empty arrayref will be considered a
7cac25e6 2167logical false and will generate 0=1.
8a68b5be 2168
b864ba9b 2169=head2 Tests for NULL values
2170
2171If the value part is C<undef> then this is converted to SQL <IS NULL>
2172
2173 my %where = (
2174 user => 'nwiger',
2175 status => undef,
2176 );
2177
2178becomes:
2179
2180 $stmt = "WHERE user = ? AND status IS NULL";
2181 @bind = ('nwiger');
2182
e9614080 2183To test if a column IS NOT NULL:
2184
2185 my %where = (
2186 user => 'nwiger',
2187 status => { '!=', undef },
2188 );
cc422895 2189
6e0c6552 2190=head2 Specific comparison operators
96449e8e 2191
32eab2da 2192If you want to specify a different type of operator for your comparison,
2193you can use a hashref for a given column:
2194
2195 my %where = (
2196 user => 'nwiger',
2197 status => { '!=', 'completed' }
2198 );
2199
2200Which would generate:
2201
2202 $stmt = "WHERE user = ? AND status != ?";
2203 @bind = ('nwiger', 'completed');
2204
2205To test against multiple values, just enclose the values in an arrayref:
2206
96449e8e 2207 status => { '=', ['assigned', 'in-progress', 'pending'] };
2208
f2d5020d 2209Which would give you:
96449e8e 2210
2211 "WHERE status = ? OR status = ? OR status = ?"
2212
2213
2214The hashref can also contain multiple pairs, in which case it is expanded
32eab2da 2215into an C<AND> of its elements:
2216
2217 my %where = (
2218 user => 'nwiger',
2219 status => { '!=', 'completed', -not_like => 'pending%' }
2220 );
2221
2222 # Or more dynamically, like from a form
2223 $where{user} = 'nwiger';
2224 $where{status}{'!='} = 'completed';
2225 $where{status}{'-not_like'} = 'pending%';
2226
2227 # Both generate this
2228 $stmt = "WHERE user = ? AND status != ? AND status NOT LIKE ?";
2229 @bind = ('nwiger', 'completed', 'pending%');
2230
96449e8e 2231
32eab2da 2232To get an OR instead, you can combine it with the arrayref idea:
2233
2234 my %where => (
2235 user => 'nwiger',
1a6f2a03 2236 priority => [ { '=', 2 }, { '>', 5 } ]
32eab2da 2237 );
2238
2239Which would generate:
2240
1a6f2a03 2241 $stmt = "WHERE ( priority = ? OR priority > ? ) AND user = ?";
2242 @bind = ('2', '5', 'nwiger');
32eab2da 2243
44b9e502 2244If you want to include literal SQL (with or without bind values), just use a
13cc86af 2245scalar reference or reference to an arrayref as the value:
44b9e502 2246
2247 my %where = (
2248 date_entered => { '>' => \["to_date(?, 'MM/DD/YYYY')", "11/26/2008"] },
2249 date_expires => { '<' => \"now()" }
2250 );
2251
2252Which would generate:
2253
13cc86af 2254 $stmt = "WHERE date_entered > to_date(?, 'MM/DD/YYYY') AND date_expires < now()";
44b9e502 2255 @bind = ('11/26/2008');
2256
96449e8e 2257
2258=head2 Logic and nesting operators
2259
2260In the example above,
2261there is a subtle trap if you want to say something like
32eab2da 2262this (notice the C<AND>):
2263
2264 WHERE priority != ? AND priority != ?
2265
2266Because, in Perl you I<can't> do this:
2267
13cc86af 2268 priority => { '!=' => 2, '!=' => 1 }
32eab2da 2269
2270As the second C<!=> key will obliterate the first. The solution
2271is to use the special C<-modifier> form inside an arrayref:
2272
9d48860e 2273 priority => [ -and => {'!=', 2},
96449e8e 2274 {'!=', 1} ]
2275
32eab2da 2276
2277Normally, these would be joined by C<OR>, but the modifier tells it
2278to use C<AND> instead. (Hint: You can use this in conjunction with the
2279C<logic> option to C<new()> in order to change the way your queries
2280work by default.) B<Important:> Note that the C<-modifier> goes
2281B<INSIDE> the arrayref, as an extra first element. This will
2282B<NOT> do what you think it might:
2283
2284 priority => -and => [{'!=', 2}, {'!=', 1}] # WRONG!
2285
2286Here is a quick list of equivalencies, since there is some overlap:
2287
2288 # Same
2289 status => {'!=', 'completed', 'not like', 'pending%' }
2290 status => [ -and => {'!=', 'completed'}, {'not like', 'pending%'}]
2291
2292 # Same
2293 status => {'=', ['assigned', 'in-progress']}
2294 status => [ -or => {'=', 'assigned'}, {'=', 'in-progress'}]
2295 status => [ {'=', 'assigned'}, {'=', 'in-progress'} ]
2296
e3f9dff4 2297
2298
be21dde3 2299=head2 Special operators: IN, BETWEEN, etc.
96449e8e 2300
32eab2da 2301You can also use the hashref format to compare a list of fields using the
2302C<IN> comparison operator, by specifying the list as an arrayref:
2303
2304 my %where = (
2305 status => 'completed',
2306 reportid => { -in => [567, 2335, 2] }
2307 );
2308
2309Which would generate:
2310
2311 $stmt = "WHERE status = ? AND reportid IN (?,?,?)";
2312 @bind = ('completed', '567', '2335', '2');
2313
9d48860e 2314The reverse operator C<-not_in> generates SQL C<NOT IN> and is used in
96449e8e 2315the same way.
2316
6e0c6552 2317If the argument to C<-in> is an empty array, 'sqlfalse' is generated
be21dde3 2318(by default: C<1=0>). Similarly, C<< -not_in => [] >> generates
2319'sqltrue' (by default: C<1=1>).
6e0c6552 2320
e41c3bdd 2321In addition to the array you can supply a chunk of literal sql or
2322literal sql with bind:
6e0c6552 2323
e41c3bdd 2324 my %where = {
2325 customer => { -in => \[
2326 'SELECT cust_id FROM cust WHERE balance > ?',
2327 2000,
2328 ],
2329 status => { -in => \'SELECT status_codes FROM states' },
2330 };
6e0c6552 2331
e41c3bdd 2332would generate:
2333
2334 $stmt = "WHERE (
2335 customer IN ( SELECT cust_id FROM cust WHERE balance > ? )
2336 AND status IN ( SELECT status_codes FROM states )
2337 )";
2338 @bind = ('2000');
2339
0dfd2442 2340Finally, if the argument to C<-in> is not a reference, it will be
2341treated as a single-element array.
e41c3bdd 2342
2343Another pair of operators is C<-between> and C<-not_between>,
96449e8e 2344used with an arrayref of two values:
32eab2da 2345
2346 my %where = (
2347 user => 'nwiger',
2348 completion_date => {
2349 -not_between => ['2002-10-01', '2003-02-06']
2350 }
2351 );
2352
2353Would give you:
2354
2355 WHERE user = ? AND completion_date NOT BETWEEN ( ? AND ? )
2356
e41c3bdd 2357Just like with C<-in> all plausible combinations of literal SQL
2358are possible:
2359
2360 my %where = {
2361 start0 => { -between => [ 1, 2 ] },
2362 start1 => { -between => \["? AND ?", 1, 2] },
2363 start2 => { -between => \"lower(x) AND upper(y)" },
9d48860e 2364 start3 => { -between => [
e41c3bdd 2365 \"lower(x)",
2366 \["upper(?)", 'stuff' ],
2367 ] },
2368 };
2369
2370Would give you:
2371
2372 $stmt = "WHERE (
2373 ( start0 BETWEEN ? AND ? )
2374 AND ( start1 BETWEEN ? AND ? )
2375 AND ( start2 BETWEEN lower(x) AND upper(y) )
2376 AND ( start3 BETWEEN lower(x) AND upper(?) )
2377 )";
2378 @bind = (1, 2, 1, 2, 'stuff');
2379
2380
9d48860e 2381These are the two builtin "special operators"; but the
be21dde3 2382list can be expanded: see section L</"SPECIAL OPERATORS"> below.
96449e8e 2383
59f23b3d 2384=head2 Unary operators: bool
97a920ef 2385
2386If you wish to test against boolean columns or functions within your
2387database you can use the C<-bool> and C<-not_bool> operators. For
2388example to test the column C<is_user> being true and the column
827bb0eb 2389C<is_enabled> being false you would use:-
97a920ef 2390
2391 my %where = (
2392 -bool => 'is_user',
2393 -not_bool => 'is_enabled',
2394 );
2395
2396Would give you:
2397
277b5d3f 2398 WHERE is_user AND NOT is_enabled
97a920ef 2399
0b604e9d 2400If a more complex combination is required, testing more conditions,
2401then you should use the and/or operators:-
2402
2403 my %where = (
2404 -and => [
2405 -bool => 'one',
23401b81 2406 -not_bool => { two=> { -rlike => 'bar' } },
2407 -not_bool => { three => [ { '=', 2 }, { '>', 5 } ] },
0b604e9d 2408 ],
2409 );
2410
2411Would give you:
2412
23401b81 2413 WHERE
2414 one
2415 AND
2416 (NOT two RLIKE ?)
2417 AND
2418 (NOT ( three = ? OR three > ? ))
97a920ef 2419
2420
107b72f1 2421=head2 Nested conditions, -and/-or prefixes
96449e8e 2422
32eab2da 2423So far, we've seen how multiple conditions are joined with a top-level
2424C<AND>. We can change this by putting the different conditions we want in
2425hashes and then putting those hashes in an array. For example:
2426
2427 my @where = (
2428 {
2429 user => 'nwiger',
2430 status => { -like => ['pending%', 'dispatched'] },
2431 },
2432 {
2433 user => 'robot',
2434 status => 'unassigned',
2435 }
2436 );
2437
2438This data structure would create the following:
2439
2440 $stmt = "WHERE ( user = ? AND ( status LIKE ? OR status LIKE ? ) )
2441 OR ( user = ? AND status = ? ) )";
2442 @bind = ('nwiger', 'pending', 'dispatched', 'robot', 'unassigned');
2443
107b72f1 2444
48d9f5f8 2445Clauses in hashrefs or arrayrefs can be prefixed with an C<-and> or C<-or>
be21dde3 2446to change the logic inside:
32eab2da 2447
2448 my @where = (
2449 -and => [
2450 user => 'nwiger',
48d9f5f8 2451 [
2452 -and => [ workhrs => {'>', 20}, geo => 'ASIA' ],
2453 -or => { workhrs => {'<', 50}, geo => 'EURO' },
32eab2da 2454 ],
2455 ],
2456 );
2457
2458That would yield:
2459
13cc86af 2460 $stmt = "WHERE ( user = ?
2461 AND ( ( workhrs > ? AND geo = ? )
2462 OR ( workhrs < ? OR geo = ? ) ) )";
2463 @bind = ('nwiger', '20', 'ASIA', '50', 'EURO');
107b72f1 2464
cc422895 2465=head3 Algebraic inconsistency, for historical reasons
107b72f1 2466
7cac25e6 2467C<Important note>: when connecting several conditions, the C<-and->|C<-or>
2468operator goes C<outside> of the nested structure; whereas when connecting
2469several constraints on one column, the C<-and> operator goes
be21dde3 2470C<inside> the arrayref. Here is an example combining both features:
7cac25e6 2471
2472 my @where = (
2473 -and => [a => 1, b => 2],
2474 -or => [c => 3, d => 4],
2475 e => [-and => {-like => 'foo%'}, {-like => '%bar'} ]
2476 )
2477
2478yielding
2479
9d48860e 2480 WHERE ( ( ( a = ? AND b = ? )
2481 OR ( c = ? OR d = ? )
7cac25e6 2482 OR ( e LIKE ? AND e LIKE ? ) ) )
2483
107b72f1 2484This difference in syntax is unfortunate but must be preserved for
be21dde3 2485historical reasons. So be careful: the two examples below would
107b72f1 2486seem algebraically equivalent, but they are not
2487
a948b1fe 2488 { col => [ -and =>
2489 { -like => 'foo%' },
2490 { -like => '%bar' },
2491 ] }
be21dde3 2492 # yields: WHERE ( ( col LIKE ? AND col LIKE ? ) )
107b72f1 2493
a948b1fe 2494 [ -and =>
2495 { col => { -like => 'foo%' } },
2496 { col => { -like => '%bar' } },
2497 ]
be21dde3 2498 # yields: WHERE ( ( col LIKE ? OR col LIKE ? ) )
107b72f1 2499
7cac25e6 2500
cc422895 2501=head2 Literal SQL and value type operators
96449e8e 2502
cc422895 2503The basic premise of SQL::Abstract is that in WHERE specifications the "left
2504side" is a column name and the "right side" is a value (normally rendered as
2505a placeholder). This holds true for both hashrefs and arrayref pairs as you
2506see in the L</WHERE CLAUSES> examples above. Sometimes it is necessary to
2507alter this behavior. There are several ways of doing so.
e9614080 2508
cc422895 2509=head3 -ident
2510
2511This is a virtual operator that signals the string to its right side is an
2512identifier (a column name) and not a value. For example to compare two
2513columns you would write:
32eab2da 2514
e9614080 2515 my %where = (
2516 priority => { '<', 2 },
cc422895 2517 requestor => { -ident => 'submitter' },
e9614080 2518 );
2519
2520which creates:
2521
2522 $stmt = "WHERE priority < ? AND requestor = submitter";
2523 @bind = ('2');
2524
cc422895 2525If you are maintaining legacy code you may see a different construct as
2526described in L</Deprecated usage of Literal SQL>, please use C<-ident> in new
2527code.
2528
2529=head3 -value
e9614080 2530
cc422895 2531This is a virtual operator that signals that the construct to its right side
2532is a value to be passed to DBI. This is for example necessary when you want
2533to write a where clause against an array (for RDBMS that support such
2534datatypes). For example:
e9614080 2535
32eab2da 2536 my %where = (
cc422895 2537 array => { -value => [1, 2, 3] }
32eab2da 2538 );
2539
cc422895 2540will result in:
32eab2da 2541
cc422895 2542 $stmt = 'WHERE array = ?';
2543 @bind = ([1, 2, 3]);
32eab2da 2544
cc422895 2545Note that if you were to simply say:
32eab2da 2546
2547 my %where = (
cc422895 2548 array => [1, 2, 3]
32eab2da 2549 );
2550
3af02ccb 2551the result would probably not be what you wanted:
cc422895 2552
2553 $stmt = 'WHERE array = ? OR array = ? OR array = ?';
2554 @bind = (1, 2, 3);
2555
2556=head3 Literal SQL
96449e8e 2557
cc422895 2558Finally, sometimes only literal SQL will do. To include a random snippet
2559of SQL verbatim, you specify it as a scalar reference. Consider this only
2560as a last resort. Usually there is a better way. For example:
96449e8e 2561
2562 my %where = (
cc422895 2563 priority => { '<', 2 },
2564 requestor => { -in => \'(SELECT name FROM hitmen)' },
96449e8e 2565 );
2566
cc422895 2567Would create:
96449e8e 2568
cc422895 2569 $stmt = "WHERE priority < ? AND requestor IN (SELECT name FROM hitmen)"
2570 @bind = (2);
2571
2572Note that in this example, you only get one bind parameter back, since
2573the verbatim SQL is passed as part of the statement.
2574
2575=head4 CAVEAT
2576
2577 Never use untrusted input as a literal SQL argument - this is a massive
2578 security risk (there is no way to check literal snippets for SQL
2579 injections and other nastyness). If you need to deal with untrusted input
2580 use literal SQL with placeholders as described next.
96449e8e 2581
cc422895 2582=head3 Literal SQL with placeholders and bind values (subqueries)
96449e8e 2583
2584If the literal SQL to be inserted has placeholders and bind values,
2585use a reference to an arrayref (yes this is a double reference --
2586not so common, but perfectly legal Perl). For example, to find a date
2587in Postgres you can use something like this:
2588
2589 my %where = (
3ae1c5e2 2590 date_column => \[ "= date '2008-09-30' - ?::integer", 10 ]
96449e8e 2591 )
2592
2593This would create:
2594
d2a8fe1a 2595 $stmt = "WHERE ( date_column = date '2008-09-30' - ?::integer )"
96449e8e 2596 @bind = ('10');
2597
deb148a2 2598Note that you must pass the bind values in the same format as they are returned
85783f3c 2599by L<where|/where(\%where, $order)>. This means that if you set L</bindtype>
1f490ae4 2600to C<columns>, you must provide the bind values in the
2601C<< [ column_meta => value ] >> format, where C<column_meta> is an opaque
2602scalar value; most commonly the column name, but you can use any scalar value
2603(including references and blessed references), L<SQL::Abstract> will simply
2604pass it through intact. So if C<bindtype> is set to C<columns> the above
2605example will look like:
deb148a2 2606
2607 my %where = (
3ae1c5e2 2608 date_column => \[ "= date '2008-09-30' - ?::integer", [ {} => 10 ] ]
deb148a2 2609 )
96449e8e 2610
2611Literal SQL is especially useful for nesting parenthesized clauses in the
be21dde3 2612main SQL query. Here is a first example:
96449e8e 2613
2614 my ($sub_stmt, @sub_bind) = ("SELECT c1 FROM t1 WHERE c2 < ? AND c3 LIKE ?",
2615 100, "foo%");
2616 my %where = (
2617 foo => 1234,
2618 bar => \["IN ($sub_stmt)" => @sub_bind],
2619 );
2620
be21dde3 2621This yields:
96449e8e 2622
9d48860e 2623 $stmt = "WHERE (foo = ? AND bar IN (SELECT c1 FROM t1
96449e8e 2624 WHERE c2 < ? AND c3 LIKE ?))";
2625 @bind = (1234, 100, "foo%");
2626
9d48860e 2627Other subquery operators, like for example C<"E<gt> ALL"> or C<"NOT IN">,
96449e8e 2628are expressed in the same way. Of course the C<$sub_stmt> and
9d48860e 2629its associated bind values can be generated through a former call
96449e8e 2630to C<select()> :
2631
2632 my ($sub_stmt, @sub_bind)
9d48860e 2633 = $sql->select("t1", "c1", {c2 => {"<" => 100},
96449e8e 2634 c3 => {-like => "foo%"}});
2635 my %where = (
2636 foo => 1234,
2637 bar => \["> ALL ($sub_stmt)" => @sub_bind],
2638 );
2639
2640In the examples above, the subquery was used as an operator on a column;
9d48860e 2641but the same principle also applies for a clause within the main C<%where>
be21dde3 2642hash, like an EXISTS subquery:
96449e8e 2643
9d48860e 2644 my ($sub_stmt, @sub_bind)
96449e8e 2645 = $sql->select("t1", "*", {c1 => 1, c2 => \"> t0.c0"});
48d9f5f8 2646 my %where = ( -and => [
96449e8e 2647 foo => 1234,
48d9f5f8 2648 \["EXISTS ($sub_stmt)" => @sub_bind],
2649 ]);
96449e8e 2650
2651which yields
2652
9d48860e 2653 $stmt = "WHERE (foo = ? AND EXISTS (SELECT * FROM t1
96449e8e 2654 WHERE c1 = ? AND c2 > t0.c0))";
2655 @bind = (1234, 1);
2656
2657
9d48860e 2658Observe that the condition on C<c2> in the subquery refers to
be21dde3 2659column C<t0.c0> of the main query: this is I<not> a bind
9d48860e 2660value, so we have to express it through a scalar ref.
96449e8e 2661Writing C<< c2 => {">" => "t0.c0"} >> would have generated
2662C<< c2 > ? >> with bind value C<"t0.c0"> ... not exactly
2663what we wanted here.
2664
96449e8e 2665Finally, here is an example where a subquery is used
2666for expressing unary negation:
2667
9d48860e 2668 my ($sub_stmt, @sub_bind)
96449e8e 2669 = $sql->where({age => [{"<" => 10}, {">" => 20}]});
2670 $sub_stmt =~ s/^ where //i; # don't want "WHERE" in the subclause
2671 my %where = (
2672 lname => {like => '%son%'},
48d9f5f8 2673 \["NOT ($sub_stmt)" => @sub_bind],
96449e8e 2674 );
2675
2676This yields
2677
2678 $stmt = "lname LIKE ? AND NOT ( age < ? OR age > ? )"
2679 @bind = ('%son%', 10, 20)
2680
cc422895 2681=head3 Deprecated usage of Literal SQL
2682
2683Below are some examples of archaic use of literal SQL. It is shown only as
2684reference for those who deal with legacy code. Each example has a much
2685better, cleaner and safer alternative that users should opt for in new code.
2686
2687=over
2688
2689=item *
2690
2691 my %where = ( requestor => \'IS NOT NULL' )
2692
2693 $stmt = "WHERE requestor IS NOT NULL"
2694
2695This used to be the way of generating NULL comparisons, before the handling
2696of C<undef> got formalized. For new code please use the superior syntax as
2697described in L</Tests for NULL values>.
96449e8e 2698
cc422895 2699=item *
2700
2701 my %where = ( requestor => \'= submitter' )
2702
2703 $stmt = "WHERE requestor = submitter"
2704
2705This used to be the only way to compare columns. Use the superior L</-ident>
2706method for all new code. For example an identifier declared in such a way
2707will be properly quoted if L</quote_char> is properly set, while the legacy
2708form will remain as supplied.
2709
2710=item *
2711
2712 my %where = ( is_ready => \"", completed => { '>', '2012-12-21' } )
2713
2714 $stmt = "WHERE completed > ? AND is_ready"
2715 @bind = ('2012-12-21')
2716
2717Using an empty string literal used to be the only way to express a boolean.
2718For all new code please use the much more readable
2719L<-bool|/Unary operators: bool> operator.
2720
2721=back
96449e8e 2722
2723=head2 Conclusion
2724
32eab2da 2725These pages could go on for a while, since the nesting of the data
2726structures this module can handle are pretty much unlimited (the
2727module implements the C<WHERE> expansion as a recursive function
2728internally). Your best bet is to "play around" with the module a
2729little to see how the data structures behave, and choose the best
2730format for your data based on that.
2731
2732And of course, all the values above will probably be replaced with
2733variables gotten from forms or the command line. After all, if you
2734knew everything ahead of time, you wouldn't have to worry about
2735dynamically-generating SQL and could just hardwire it into your
2736script.
2737
86298391 2738=head1 ORDER BY CLAUSES
2739
9d48860e 2740Some functions take an order by clause. This can either be a scalar (just a
18710f60 2741column name), a hashref of C<< { -desc => 'col' } >> or C<< { -asc => 'col' }
2742>>, a scalarref, an arrayref-ref, or an arrayref of any of the previous
2743forms. Examples:
1cfa1db3 2744
8c15b421 2745 Given | Will Generate
18710f60 2746 ---------------------------------------------------------------
8c15b421 2747 |
2748 'colA' | ORDER BY colA
2749 |
2750 [qw/colA colB/] | ORDER BY colA, colB
2751 |
2752 {-asc => 'colA'} | ORDER BY colA ASC
2753 |
2754 {-desc => 'colB'} | ORDER BY colB DESC
2755 |
2756 ['colA', {-asc => 'colB'}] | ORDER BY colA, colB ASC
2757 |
2758 { -asc => [qw/colA colB/] } | ORDER BY colA ASC, colB ASC
2759 |
2760 \'colA DESC' | ORDER BY colA DESC
2761 |
2762 \[ 'FUNC(colA, ?)', $x ] | ORDER BY FUNC(colA, ?)
2763 | /* ...with $x bound to ? */
2764 |
bd805d85 2765 [ | ORDER BY
2766 { -asc => 'colA' }, | colA ASC,
2767 { -desc => [qw/colB/] }, | colB DESC,
2768 { -asc => [qw/colC colD/] },| colC ASC, colD ASC,
2769 \'colE DESC', | colE DESC,
2770 \[ 'FUNC(colF, ?)', $x ], | FUNC(colF, ?)
2771 ] | /* ...with $x bound to ? */
18710f60 2772 ===============================================================
86298391 2773
96449e8e 2774
2775
2776=head1 SPECIAL OPERATORS
2777
e3f9dff4 2778 my $sqlmaker = SQL::Abstract->new(special_ops => [
3a2e1a5e 2779 {
2780 regex => qr/.../,
e3f9dff4 2781 handler => sub {
2782 my ($self, $field, $op, $arg) = @_;
2783 ...
3a2e1a5e 2784 },
2785 },
2786 {
2787 regex => qr/.../,
2788 handler => 'method_name',
e3f9dff4 2789 },
2790 ]);
2791
9d48860e 2792A "special operator" is a SQL syntactic clause that can be
e3f9dff4 2793applied to a field, instead of a usual binary operator.
be21dde3 2794For example:
e3f9dff4 2795
2796 WHERE field IN (?, ?, ?)
2797 WHERE field BETWEEN ? AND ?
2798 WHERE MATCH(field) AGAINST (?, ?)
96449e8e 2799
e3f9dff4 2800Special operators IN and BETWEEN are fairly standard and therefore
3a2e1a5e 2801are builtin within C<SQL::Abstract> (as the overridable methods
2802C<_where_field_IN> and C<_where_field_BETWEEN>). For other operators,
2803like the MATCH .. AGAINST example above which is specific to MySQL,
2804you can write your own operator handlers - supply a C<special_ops>
2805argument to the C<new> method. That argument takes an arrayref of
2806operator definitions; each operator definition is a hashref with two
2807entries:
96449e8e 2808
e3f9dff4 2809=over
2810
2811=item regex
2812
2813the regular expression to match the operator
96449e8e 2814
e3f9dff4 2815=item handler
2816
3a2e1a5e 2817Either a coderef or a plain scalar method name. In both cases
2818the expected return is C<< ($sql, @bind) >>.
2819
2820When supplied with a method name, it is simply called on the
13cc86af 2821L<SQL::Abstract> object as:
3a2e1a5e 2822
ca4f826a 2823 $self->$method_name($field, $op, $arg)
3a2e1a5e 2824
2825 Where:
2826
3a2e1a5e 2827 $field is the LHS of the operator
13cc86af 2828 $op is the part that matched the handler regex
3a2e1a5e 2829 $arg is the RHS
2830
2831When supplied with a coderef, it is called as:
2832
2833 $coderef->($self, $field, $op, $arg)
2834
e3f9dff4 2835
2836=back
2837
9d48860e 2838For example, here is an implementation
e3f9dff4 2839of the MATCH .. AGAINST syntax for MySQL
2840
2841 my $sqlmaker = SQL::Abstract->new(special_ops => [
9d48860e 2842
e3f9dff4 2843 # special op for MySql MATCH (field) AGAINST(word1, word2, ...)
9d48860e 2844 {regex => qr/^match$/i,
e3f9dff4 2845 handler => sub {
2846 my ($self, $field, $op, $arg) = @_;
2847 $arg = [$arg] if not ref $arg;
2848 my $label = $self->_quote($field);
2849 my ($placeholder) = $self->_convert('?');
2850 my $placeholders = join ", ", (($placeholder) x @$arg);
2851 my $sql = $self->_sqlcase('match') . " ($label) "
2852 . $self->_sqlcase('against') . " ($placeholders) ";
2853 my @bind = $self->_bindtype($field, @$arg);
2854 return ($sql, @bind);
2855 }
2856 },
9d48860e 2857
e3f9dff4 2858 ]);
96449e8e 2859
2860
59f23b3d 2861=head1 UNARY OPERATORS
2862
112b5232 2863 my $sqlmaker = SQL::Abstract->new(unary_ops => [
59f23b3d 2864 {
2865 regex => qr/.../,
2866 handler => sub {
2867 my ($self, $op, $arg) = @_;
2868 ...
2869 },
2870 },
2871 {
2872 regex => qr/.../,
2873 handler => 'method_name',
2874 },
2875 ]);
2876
9d48860e 2877A "unary operator" is a SQL syntactic clause that can be
59f23b3d 2878applied to a field - the operator goes before the field
2879
2880You can write your own operator handlers - supply a C<unary_ops>
2881argument to the C<new> method. That argument takes an arrayref of
2882operator definitions; each operator definition is a hashref with two
2883entries:
2884
2885=over
2886
2887=item regex
2888
2889the regular expression to match the operator
2890
2891=item handler
2892
2893Either a coderef or a plain scalar method name. In both cases
2894the expected return is C<< $sql >>.
2895
2896When supplied with a method name, it is simply called on the
13cc86af 2897L<SQL::Abstract> object as:
59f23b3d 2898
ca4f826a 2899 $self->$method_name($op, $arg)
59f23b3d 2900
2901 Where:
2902
2903 $op is the part that matched the handler regex
2904 $arg is the RHS or argument of the operator
2905
2906When supplied with a coderef, it is called as:
2907
2908 $coderef->($self, $op, $arg)
2909
2910
2911=back
2912
2913
32eab2da 2914=head1 PERFORMANCE
2915
2916Thanks to some benchmarking by Mark Stosberg, it turns out that
2917this module is many orders of magnitude faster than using C<DBIx::Abstract>.
2918I must admit this wasn't an intentional design issue, but it's a
2919byproduct of the fact that you get to control your C<DBI> handles
2920yourself.
2921
2922To maximize performance, use a code snippet like the following:
2923
2924 # prepare a statement handle using the first row
2925 # and then reuse it for the rest of the rows
2926 my($sth, $stmt);
2927 for my $href (@array_of_hashrefs) {
2928 $stmt ||= $sql->insert('table', $href);
2929 $sth ||= $dbh->prepare($stmt);
2930 $sth->execute($sql->values($href));
2931 }
2932
2933The reason this works is because the keys in your C<$href> are sorted
2934internally by B<SQL::Abstract>. Thus, as long as your data retains
2935the same structure, you only have to generate the SQL the first time
2936around. On subsequent queries, simply use the C<values> function provided
2937by this module to return your values in the correct order.
2938
b864ba9b 2939However this depends on the values having the same type - if, for
2940example, the values of a where clause may either have values
2941(resulting in sql of the form C<column = ?> with a single bind
2942value), or alternatively the values might be C<undef> (resulting in
2943sql of the form C<column IS NULL> with no bind value) then the
2944caching technique suggested will not work.
96449e8e 2945
32eab2da 2946=head1 FORMBUILDER
2947
2948If you use my C<CGI::FormBuilder> module at all, you'll hopefully
2949really like this part (I do, at least). Building up a complex query
2950can be as simple as the following:
2951
2952 #!/usr/bin/perl
2953
46dc2f3e 2954 use warnings;
2955 use strict;
2956
32eab2da 2957 use CGI::FormBuilder;
2958 use SQL::Abstract;
2959
2960 my $form = CGI::FormBuilder->new(...);
2961 my $sql = SQL::Abstract->new;
2962
2963 if ($form->submitted) {
2964 my $field = $form->field;
2965 my $id = delete $field->{id};
2966 my($stmt, @bind) = $sql->update('table', $field, {id => $id});
2967 }
2968
2969Of course, you would still have to connect using C<DBI> to run the
2970query, but the point is that if you make your form look like your
2971table, the actual query script can be extremely simplistic.
2972
2973If you're B<REALLY> lazy (I am), check out C<HTML::QuickTable> for
9d48860e 2974a fast interface to returning and formatting data. I frequently
32eab2da 2975use these three modules together to write complex database query
2976apps in under 50 lines.
2977
af733667 2978=head1 HOW TO CONTRIBUTE
2979
2980Contributions are always welcome, in all usable forms (we especially
2981welcome documentation improvements). The delivery methods include git-
2982or unified-diff formatted patches, GitHub pull requests, or plain bug
2983reports either via RT or the Mailing list. Contributors are generally
2984granted full access to the official repository after their first several
2985patches pass successful review.
2986
2987This project is maintained in a git repository. The code and related tools are
2988accessible at the following locations:
d8cc1792 2989
2990=over
2991
af733667 2992=item * Official repo: L<git://git.shadowcat.co.uk/dbsrgits/SQL-Abstract.git>
2993
2994=item * Official gitweb: L<http://git.shadowcat.co.uk/gitweb/gitweb.cgi?p=dbsrgits/SQL-Abstract.git>
2995
2996=item * GitHub mirror: L<https://github.com/dbsrgits/sql-abstract>
d8cc1792 2997
af733667 2998=item * Authorized committers: L<ssh://dbsrgits@git.shadowcat.co.uk/SQL-Abstract.git>
d8cc1792 2999
3000=back
32eab2da 3001
96449e8e 3002=head1 CHANGES
3003
3004Version 1.50 was a major internal refactoring of C<SQL::Abstract>.
3005Great care has been taken to preserve the I<published> behavior
3006documented in previous versions in the 1.* family; however,
9d48860e 3007some features that were previously undocumented, or behaved
96449e8e 3008differently from the documentation, had to be changed in order
3009to clarify the semantics. Hence, client code that was relying
9d48860e 3010on some dark areas of C<SQL::Abstract> v1.*
96449e8e 3011B<might behave differently> in v1.50.
32eab2da 3012
be21dde3 3013The main changes are:
d2a8fe1a 3014
96449e8e 3015=over
32eab2da 3016
9d48860e 3017=item *
32eab2da 3018
3ae1c5e2 3019support for literal SQL through the C<< \ [ $sql, @bind ] >> syntax.
96449e8e 3020
3021=item *
3022
145fbfc8 3023support for the { operator => \"..." } construct (to embed literal SQL)
3024
3025=item *
3026
9c37b9c0 3027support for the { operator => \["...", @bind] } construct (to embed literal SQL with bind values)
3028
3029=item *
3030
96449e8e 3031optional support for L<array datatypes|/"Inserting and Updating Arrays">
3032
9d48860e 3033=item *
96449e8e 3034
be21dde3 3035defensive programming: check arguments
96449e8e 3036
3037=item *
3038
3039fixed bug with global logic, which was previously implemented
7cac25e6 3040through global variables yielding side-effects. Prior versions would
96449e8e 3041interpret C<< [ {cond1, cond2}, [cond3, cond4] ] >>
3042as C<< "(cond1 AND cond2) OR (cond3 AND cond4)" >>.
3043Now this is interpreted
3044as C<< "(cond1 AND cond2) OR (cond3 OR cond4)" >>.
3045
96449e8e 3046
3047=item *
3048
3049fixed semantics of _bindtype on array args
3050
9d48860e 3051=item *
96449e8e 3052
3053dropped the C<_anoncopy> of the %where tree. No longer necessary,
3054we just avoid shifting arrays within that tree.
3055
3056=item *
3057
3058dropped the C<_modlogic> function
3059
3060=back
32eab2da 3061
32eab2da 3062=head1 ACKNOWLEDGEMENTS
3063
3064There are a number of individuals that have really helped out with
3065this module. Unfortunately, most of them submitted bugs via CPAN
3066so I have no idea who they are! But the people I do know are:
3067
9d48860e 3068 Ash Berlin (order_by hash term support)
b643abe1 3069 Matt Trout (DBIx::Class support)
32eab2da 3070 Mark Stosberg (benchmarking)
3071 Chas Owens (initial "IN" operator support)
3072 Philip Collins (per-field SQL functions)
3073 Eric Kolve (hashref "AND" support)
3074 Mike Fragassi (enhancements to "BETWEEN" and "LIKE")
3075 Dan Kubb (support for "quote_char" and "name_sep")
f5aab26e 3076 Guillermo Roditi (patch to cleanup "IN" and "BETWEEN", fix and tests for _order_by)
48d9f5f8 3077 Laurent Dami (internal refactoring, extensible list of special operators, literal SQL)
dbdf7648 3078 Norbert Buchmuller (support for literal SQL in hashpair, misc. fixes & tests)
e96c510a 3079 Peter Rabbitson (rewrite of SQLA::Test, misc. fixes & tests)
02288357 3080 Oliver Charles (support for "RETURNING" after "INSERT")
32eab2da 3081
3082Thanks!
3083
32eab2da 3084=head1 SEE ALSO
3085
86298391 3086L<DBIx::Class>, L<DBIx::Abstract>, L<CGI::FormBuilder>, L<HTML::QuickTable>.
32eab2da 3087
32eab2da 3088=head1 AUTHOR
3089
b643abe1 3090Copyright (c) 2001-2007 Nathan Wiger <nwiger@cpan.org>. All Rights Reserved.
3091
3092This module is actively maintained by Matt Trout <mst@shadowcatsystems.co.uk>
32eab2da 3093
abe72f94 3094For support, your best bet is to try the C<DBIx::Class> users mailing list.
3095While not an official support venue, C<DBIx::Class> makes heavy use of
3096C<SQL::Abstract>, and as such list members there are very familiar with
3097how to create queries.
3098
0d067ded 3099=head1 LICENSE
3100
d988ab87 3101This module is free software; you may copy this under the same
3102terms as perl itself (either the GNU General Public License or
3103the Artistic License)
32eab2da 3104
3105=cut
Unnamed repository; edit this file 'description' to name the repository.