projects / scpubgit/Q-Branch.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | history | HEAD
catch another weird edge case in _order_by
[scpubgit/Q-Branch.git] / lib / SQL / Abstract.pm
CommitLineData
96449e8e 1package SQL::Abstract; # see doc at end of file
2
96449e8e 3use strict;
4use warnings;
9d9d5bd6 5use Carp ();
312d830b 6use List::Util ();
7use Scalar::Util ();
96449e8e 8
0da0fe34 9use Exporter 'import';
10our @EXPORT_OK = qw(is_plain_value is_literal_value);
11
12BEGIN {
13 if ($] < 5.009_005) {
14 require MRO::Compat;
15 }
16 else {
17 require mro;
18 }
843a94b5 19
20 *SQL::Abstract::_ENV_::DETECT_AUTOGENERATED_STRINGIFICATION = $ENV{SQLA_ISVALUE_IGNORE_AUTOGENERATED_STRINGIFICATION}
21 ? sub () { 0 }
22 : sub () { 1 }
23 ;
0da0fe34 24}
25
96449e8e 26#======================================================================
27# GLOBALS
28#======================================================================
29
dc6afcf8 30our $VERSION = '1.86';
7479e27e 31
22f1a437 32# This would confuse some packagers
c520207b 33$VERSION = eval $VERSION if $VERSION =~ /_/; # numify for warning-free dev releases
96449e8e 34
35our $AUTOLOAD;
36
37# special operators (-in, -between). May be extended/overridden by user.
38# See section WHERE: BUILTIN SPECIAL OPERATORS below for implementation
39my @BUILTIN_SPECIAL_OPS = (
f663e672 40 {regex => qr/^ (?: not \s )? between $/ix, handler => sub { die "NOPE" }},
41 {regex => qr/^ (?: not \s )? in $/ix, handler => sub { die "NOPE" }},
87c8e45b 42 {regex => qr/^ is (?: \s+ not )? $/ix, handler => sub { die "NOPE" }},
96449e8e 43);
44
45#======================================================================
46# DEBUGGING AND ERROR REPORTING
47#======================================================================
48
49sub _debug {
50 return unless $_[0]->{debug}; shift; # a little faster
51 my $func = (caller(1))[3];
52 warn "[$func] ", @_, "\n";
53}
54
55sub belch (@) {
56 my($func) = (caller(1))[3];
9d9d5bd6 57 Carp::carp "[$func] Warning: ", @_;
96449e8e 58}
59
60sub puke (@) {
61 my($func) = (caller(1))[3];
9d9d5bd6 62 Carp::croak "[$func] Fatal: ", @_;
96449e8e 63}
64
0da0fe34 65sub is_literal_value ($) {
66 ref $_[0] eq 'SCALAR' ? [ ${$_[0]} ]
67 : ( ref $_[0] eq 'REF' and ref ${$_[0]} eq 'ARRAY' ) ? [ @${ $_[0] } ]
0da0fe34 68 : undef;
69}
70
71# FIXME XSify - this can be done so much more efficiently
72sub is_plain_value ($) {
73 no strict 'refs';
966200cc 74 ! length ref $_[0] ? \($_[0])
0da0fe34 75 : (
76 ref $_[0] eq 'HASH' and keys %{$_[0]} == 1
77 and
78 exists $_[0]->{-value}
966200cc 79 ) ? \($_[0]->{-value})
0da0fe34 80 : (
a1c9e0ff 81 # reuse @_ for even moar speedz
82 defined ( $_[1] = Scalar::Util::blessed $_[0] )
0da0fe34 83 and
84 # deliberately not using Devel::OverloadInfo - the checks we are
85 # intersted in are much more limited than the fullblown thing, and
86 # this is a very hot piece of code
87 (
e8d729d4 88 # simply using ->can('(""') can leave behind stub methods that
89 # break actually using the overload later (see L<perldiag/Stub
90 # found while resolving method "%s" overloading "%s" in package
91 # "%s"> and the source of overload::mycan())
44e54b41 92 #
0da0fe34 93 # either has stringification which DBI SHOULD prefer out of the box
a1c9e0ff 94 grep { *{ (qq[${_}::(""]) }{CODE} } @{ $_[2] = mro::get_linear_isa( $_[1] ) }
0da0fe34 95 or
20e178a8 96 # has nummification or boolification, AND fallback is *not* disabled
0da0fe34 97 (
843a94b5 98 SQL::Abstract::_ENV_::DETECT_AUTOGENERATED_STRINGIFICATION
99 and
20e178a8 100 (
101 grep { *{"${_}::(0+"}{CODE} } @{$_[2]}
102 or
103 grep { *{"${_}::(bool"}{CODE} } @{$_[2]}
104 )
0da0fe34 105 and
106 (
107 # no fallback specified at all
a1c9e0ff 108 ! ( ($_[3]) = grep { *{"${_}::()"}{CODE} } @{$_[2]} )
0da0fe34 109 or
110 # fallback explicitly undef
a1c9e0ff 111 ! defined ${"$_[3]::()"}
0da0fe34 112 or
113 # explicitly true
a1c9e0ff 114 !! ${"$_[3]::()"}
0da0fe34 115 )
116 )
117 )
966200cc 118 ) ? \($_[0])
0da0fe34 119 : undef;
120}
121
122
96449e8e 123
124#======================================================================
125# NEW
126#======================================================================
127
128sub new {
129 my $self = shift;
130 my $class = ref($self) || $self;
131 my %opt = (ref $_[0] eq 'HASH') ? %{$_[0]} : @_;
132
133 # choose our case by keeping an option around
134 delete $opt{case} if $opt{case} && $opt{case} ne 'lower';
135
136 # default logic for interpreting arrayrefs
ef559da3 137 $opt{logic} = $opt{logic} ? uc $opt{logic} : 'OR';
96449e8e 138
139 # how to return bind vars
96449e8e 140 $opt{bindtype} ||= 'normal';
141
142 # default comparison is "=", but can be overridden
143 $opt{cmp} ||= '=';
144
3af02ccb 145 # try to recognize which are the 'equality' and 'inequality' ops
3cdadcbe 146 # (temporary quickfix (in 2007), should go through a more seasoned API)
147 $opt{equality_op} = qr/^( \Q$opt{cmp}\E | \= )$/ix;
148 $opt{inequality_op} = qr/^( != | <> )$/ix;
149
150 $opt{like_op} = qr/^ (is\s+)? r?like $/xi;
151 $opt{not_like_op} = qr/^ (is\s+)? not \s+ r?like $/xi;
96449e8e 152
153 # SQL booleans
154 $opt{sqltrue} ||= '1=1';
155 $opt{sqlfalse} ||= '0=1';
156
9d48860e 157 # special operators
30af97c5 158 $opt{special_ops} ||= [];
159
b6251592 160 # regexes are applied in order, thus push after user-defines
96449e8e 161 push @{$opt{special_ops}}, @BUILTIN_SPECIAL_OPS;
162
dd1d0dbf 163 if ($class =~ /^DBIx::Class::SQLMaker/) {
164 push @{$opt{special_ops}}, our $DBIC_Compat_Op ||= {
165 regex => qr/^(?:ident|value)$/i, handler => sub { die "NOPE" }
166 };
167 }
168
9d48860e 169 # unary operators
59f23b3d 170 $opt{unary_ops} ||= [];
59f23b3d 171
3af02ccb 172 # rudimentary sanity-check for user supplied bits treated as functions/operators
b6251592 173 # If a purported function matches this regular expression, an exception is thrown.
174 # Literal SQL is *NOT* subject to this check, only functions (and column names
175 # when quoting is not in effect)
96449e8e 176
b6251592 177 # FIXME
178 # need to guard against ()'s in column names too, but this will break tons of
179 # hacks... ideas anyone?
180 $opt{injection_guard} ||= qr/
181 \;
182 |
183 ^ \s* go \s
184 /xmi;
96449e8e 185
b07681b1 186 $opt{node_types} = +{
187 map +("-$_" => '_render_'.$_),
188 qw(op func value bind ident literal)
189 };
190
ec19b759 191 $opt{expand_unary} = {};
192
b6251592 193 return bless \%opt, $class;
194}
96449e8e 195
e175845b 196sub sqltrue { +{ -literal => [ $_[0]->{sqltrue} ] } }
197sub sqlfalse { +{ -literal => [ $_[0]->{sqlfalse} ] } }
170e6c33 198
199sub _assert_pass_injection_guard {
200 if ($_[1] =~ $_[0]->{injection_guard}) {
201 my $class = ref $_[0];
202 puke "Possible SQL injection attempt '$_[1]'. If this is indeed a part of the "
203 . "desired SQL use literal SQL ( \'...' or \[ '...' ] ) or supply your own "
204 . "{injection_guard} attribute to ${class}->new()"
205 }
206}
207
208
96449e8e 209#======================================================================
210# INSERT methods
211#======================================================================
212
213sub insert {
02288357 214 my $self = shift;
215 my $table = $self->_table(shift);
216 my $data = shift || return;
217 my $options = shift;
96449e8e 218
219 my $method = $self->_METHOD_FOR_refkind("_insert", $data);
02288357 220 my ($sql, @bind) = $self->$method($data);
96449e8e 221 $sql = join " ", $self->_sqlcase('insert into'), $table, $sql;
02288357 222
e82e648a 223 if ($options->{returning}) {
ca4f826a 224 my ($s, @b) = $self->_insert_returning($options);
e82e648a 225 $sql .= $s;
226 push @bind, @b;
02288357 227 }
228
96449e8e 229 return wantarray ? ($sql, @bind) : $sql;
230}
231
60f3fd3f 232# So that subclasses can override INSERT ... RETURNING separately from
233# UPDATE and DELETE (e.g. DBIx::Class::SQLMaker::Oracle does this)
b17a3ece 234sub _insert_returning { shift->_returning(@_) }
235
95904db5 236sub _returning {
e82e648a 237 my ($self, $options) = @_;
6b1fe79d 238
e82e648a 239 my $f = $options->{returning};
240
ff96fdd4 241 my ($sql, @bind) = $self->_render_expr(
242 $self->_expand_maybe_list_expr($f, undef, -ident)
243 );
244 return wantarray
245 ? $self->_sqlcase(' returning ') . $sql
246 : ($self->_sqlcase(' returning ').$sql, @bind);
6b1fe79d 247}
248
96449e8e 249sub _insert_HASHREF { # explicit list of fields and then values
250 my ($self, $data) = @_;
251
252 my @fields = sort keys %$data;
253
fe3ae272 254 my ($sql, @bind) = $self->_insert_values($data);
96449e8e 255
256 # assemble SQL
257 $_ = $self->_quote($_) foreach @fields;
258 $sql = "( ".join(", ", @fields).") ".$sql;
259
260 return ($sql, @bind);
261}
262
263sub _insert_ARRAYREF { # just generate values(?,?) part (no list of fields)
264 my ($self, $data) = @_;
265
266 # no names (arrayref) so can't generate bindtype
267 $self->{bindtype} ne 'columns'
268 or belch "can't do 'columns' bindtype when called with arrayref";
269
19b6ccce 270 my (@values, @all_bind);
271 foreach my $value (@$data) {
272 my ($values, @bind) = $self->_insert_value(undef, $value);
273 push @values, $values;
274 push @all_bind, @bind;
275 }
276 my $sql = $self->_sqlcase('values')." ( ".join(", ", @values)." )";
277 return ($sql, @all_bind);
fe3ae272 278}
279
280sub _insert_ARRAYREFREF { # literal SQL with bind
281 my ($self, $data) = @_;
282
283 my ($sql, @bind) = @${$data};
284 $self->_assert_bindval_matches_bindtype(@bind);
285
286 return ($sql, @bind);
287}
288
289
290sub _insert_SCALARREF { # literal SQL without bind
291 my ($self, $data) = @_;
292
293 return ($$data);
294}
295
296sub _insert_values {
297 my ($self, $data) = @_;
298
96449e8e 299 my (@values, @all_bind);
fe3ae272 300 foreach my $column (sort keys %$data) {
19b6ccce 301 my ($values, @bind) = $self->_insert_value($column, $data->{$column});
302 push @values, $values;
303 push @all_bind, @bind;
304 }
305 my $sql = $self->_sqlcase('values')." ( ".join(", ", @values)." )";
306 return ($sql, @all_bind);
307}
96449e8e 308
19b6ccce 309sub _insert_value {
310 my ($self, $column, $v) = @_;
96449e8e 311
720ca4f7 312 return $self->_render_expr(
313 $self->_expand_insert_value($column, $v)
314 );
315}
96449e8e 316
720ca4f7 317sub _expand_insert_value {
318 my ($self, $column, $v) = @_;
96449e8e 319
720ca4f7 320 if (ref($v) eq 'ARRAY') {
321 if ($self->{array_datatypes}) {
322 return +{ -bind => [ $column, $v ] };
323 }
324 my ($sql, @bind) = @$v;
325 $self->_assert_bindval_matches_bindtype(@bind);
326 return +{ -literal => $v };
327 }
328 if (ref($v) eq 'HASH') {
329 if (grep !/^-/, keys %$v) {
330 belch "HASH ref as bind value in insert is not supported";
331 return +{ -bind => [ $column, $v ] };
332 }
333 }
334 if (!defined($v)) {
335 return +{ -bind => [ $column, undef ] };
336 }
337 local our $Cur_Col_Meta = $column;
338 return $self->_expand_expr($v);
96449e8e 339}
340
341
96449e8e 342
343#======================================================================
344# UPDATE methods
345#======================================================================
346
347
348sub update {
95904db5 349 my $self = shift;
350 my $table = $self->_table(shift);
351 my $data = shift || return;
352 my $where = shift;
353 my $options = shift;
96449e8e 354
355 # first build the 'SET' part of the sql statement
96449e8e 356 puke "Unsupported data type specified to \$sql->update"
357 unless ref $data eq 'HASH';
358
9ade906e 359 my ($sql, @all_bind) = $self->_update_set_values($data);
a9e94508 360 $sql = $self->_sqlcase('update ') . $table . $self->_sqlcase(' set ')
9ade906e 361 . $sql;
362
363 if ($where) {
364 my($where_sql, @where_bind) = $self->where($where);
365 $sql .= $where_sql;
366 push @all_bind, @where_bind;
367 }
368
369 if ($options->{returning}) {
370 my ($returning_sql, @returning_bind) = $self->_update_returning($options);
371 $sql .= $returning_sql;
372 push @all_bind, @returning_bind;
373 }
374
375 return wantarray ? ($sql, @all_bind) : $sql;
376}
377
378sub _update_set_values {
379 my ($self, $data) = @_;
380
89690da2 381 return $self->_render_expr(
382 $self->_expand_update_set_values($data),
383 );
384}
96449e8e 385
89690da2 386sub _expand_update_set_values {
387 my ($self, $data) = @_;
388 $self->_expand_maybe_list_expr( [
389 map {
390 my ($k, $set) = @$_;
c4ed66f4 391 $set = { -bind => $_ } unless defined $set;
89690da2 392 +{ -op => [ '=', { -ident => $k }, $set ] };
393 }
394 map {
395 my $k = $_;
396 my $v = $data->{$k};
397 (ref($v) eq 'ARRAY'
398 ? ($self->{array_datatypes}
399 ? [ $k, +{ -bind => [ $k, $v ] } ]
400 : [ $k, +{ -literal => $v } ])
401 : do {
402 local our $Cur_Col_Meta = $k;
403 [ $k, $self->_expand_expr($v) ]
404 }
405 );
406 } sort keys %$data
407 ] );
96449e8e 408}
409
60f3fd3f 410# So that subclasses can override UPDATE ... RETURNING separately from
411# INSERT and DELETE
20bb2ad5 412sub _update_returning { shift->_returning(@_) }
96449e8e 413
414
415
416#======================================================================
417# SELECT
418#======================================================================
419
420
421sub select {
422 my $self = shift;
423 my $table = $self->_table(shift);
424 my $fields = shift || '*';
425 my $where = shift;
426 my $order = shift;
427
daa4ccdd 428 my ($fields_sql, @bind) = $self->_select_fields($fields);
96449e8e 429
daa4ccdd 430 my ($where_sql, @where_bind) = $self->where($where, $order);
431 push @bind, @where_bind;
432
433 my $sql = join(' ', $self->_sqlcase('select'), $fields_sql,
96449e8e 434 $self->_sqlcase('from'), $table)
435 . $where_sql;
436
9d48860e 437 return wantarray ? ($sql, @bind) : $sql;
96449e8e 438}
439
daa4ccdd 440sub _select_fields {
441 my ($self, $fields) = @_;
de63ce57 442 return $fields unless ref($fields);
27592e2b 443 return $self->_render_expr(
444 $self->_expand_maybe_list_expr($fields, undef, '-ident')
445 );
daa4ccdd 446}
447
96449e8e 448#======================================================================
449# DELETE
450#======================================================================
451
452
453sub delete {
85327cd5 454 my $self = shift;
455 my $table = $self->_table(shift);
456 my $where = shift;
457 my $options = shift;
96449e8e 458
459 my($where_sql, @bind) = $self->where($where);
a9e94508 460 my $sql = $self->_sqlcase('delete from ') . $table . $where_sql;
96449e8e 461
85327cd5 462 if ($options->{returning}) {
ca4f826a 463 my ($returning_sql, @returning_bind) = $self->_delete_returning($options);
85327cd5 464 $sql .= $returning_sql;
465 push @bind, @returning_bind;
466 }
467
9d48860e 468 return wantarray ? ($sql, @bind) : $sql;
96449e8e 469}
470
60f3fd3f 471# So that subclasses can override DELETE ... RETURNING separately from
472# INSERT and UPDATE
85327cd5 473sub _delete_returning { shift->_returning(@_) }
474
475
96449e8e 476
477#======================================================================
478# WHERE: entry point
479#======================================================================
480
481
482
483# Finally, a separate routine just to handle WHERE clauses
484sub where {
485 my ($self, $where, $order) = @_;
486
7ad12721 487 local $self->{convert_where} = $self->{convert};
488
96449e8e 489 # where ?
e175845b 490 my ($sql, @bind) = defined($where)
491 ? $self->_recurse_where($where)
492 : (undef);
417dd15e 493 $sql = (defined $sql and length $sql) ? $self->_sqlcase(' where ') . "( $sql )" : '';
96449e8e 494
495 # order by?
496 if ($order) {
26fe4d30 497 my ($order_sql, @order_bind) = $self->_order_by($order);
498 $sql .= $order_sql;
499 push @bind, @order_bind;
96449e8e 500 }
501
9d48860e 502 return wantarray ? ($sql, @bind) : $sql;
96449e8e 503}
504
a2cd381d 505sub _expand_expr {
2558b622 506 my ($self, $expr, $logic, $default_scalar_to) = @_;
507 local our $Default_Scalar_To = $default_scalar_to if $default_scalar_to;
3ae10d16 508 our $Expand_Depth ||= 0; local $Expand_Depth = $Expand_Depth + 1;
252518da 509 return undef unless defined($expr);
59588695 510 if (ref($expr) eq 'HASH') {
511 if (keys %$expr > 1) {
512 $logic ||= 'and';
77617257 513 return +{ -op => [
514 $logic,
59588695 515 map $self->_expand_expr_hashpair($_ => $expr->{$_}, $logic),
516 sort keys %$expr
517 ] };
518 }
1c0c0f41 519 return { -literal => [ '' ] } unless keys %$expr;
59588695 520 return $self->_expand_expr_hashpair(%$expr, $logic);
a2cd381d 521 }
08264f40 522 if (ref($expr) eq 'ARRAY') {
99a65fa8 523 my $logic = lc($logic || $self->{logic});
08264f40 524 $logic eq 'and' or $logic eq 'or' or puke "unknown logic: $logic";
525
1c0c0f41 526 #my @expr = @$expr;
527 my @expr = grep {
528 (ref($_) eq 'ARRAY' and @$_)
529 or (ref($_) eq 'HASH' and %$_)
530 or 1
531 } @$expr;
08264f40 532
533 my @res;
534
535 while (my ($el) = splice @expr, 0, 1) {
536 puke "Supplying an empty left hand side argument is not supported in array-pairs"
537 unless defined($el) and length($el);
538 my $elref = ref($el);
539 if (!$elref) {
dd1d0dbf 540 local $Expand_Depth = 0;
08264f40 541 push(@res, $self->_expand_expr({ $el, shift(@expr) }));
542 } elsif ($elref eq 'ARRAY') {
543 push(@res, $self->_expand_expr($el)) if @$el;
ec857800 544 } elsif (my $l = is_literal_value($el)) {
545 push @res, { -literal => $l };
08264f40 546 } elsif ($elref eq 'HASH') {
dd1d0dbf 547 local $Expand_Depth = 0;
1b630cfe 548 push @res, $self->_expand_expr($el) if %$el;
08264f40 549 } else {
da4a0964 550 die "notreached";
08264f40 551 }
552 }
2143604f 553 return { -op => [ $logic, @res ] };
08264f40 554 }
ca3da680 555 if (my $literal = is_literal_value($expr)) {
556 return +{ -literal => $literal };
557 }
99a65fa8 558 if (!ref($expr) or Scalar::Util::blessed($expr)) {
2558b622 559 if (my $d = $Default_Scalar_To) {
560 return +{ $d => $expr };
561 }
99a65fa8 562 if (my $m = our $Cur_Col_Meta) {
563 return +{ -bind => [ $m, $expr ] };
564 }
252518da 565 return +{ -value => $expr };
566 }
252518da 567 die "notreached";
a2cd381d 568}
96449e8e 569
0fc68377 570my $Nest_Warned = 0;
74156ee9 571
59588695 572sub _expand_expr_hashpair {
573 my ($self, $k, $v, $logic) = @_;
d13725da 574 unless (defined($k) and length($k)) {
2d64004f 575 if (defined($k) and my $literal = is_literal_value($v)) {
d13725da 576 belch 'Hash-pairs consisting of an empty string with a literal are deprecated, and will be removed in 2.0: use -and => [ $literal ] instead';
2d64004f 577 return { -literal => $literal };
d13725da 578 }
579 puke "Supplying an empty left hand side argument is not supported";
580 }
ef071fad 581 if ($k =~ /^-/) {
99a65fa8 582 $self->_assert_pass_injection_guard($k =~ /^-(.*)$/s);
583 if ($k =~ s/ [_\s]? \d+ $//x ) {
584 belch 'Use of [and|or|nest]_N modifiers is deprecated and will be removed in SQLA v2.0. '
585 . "You probably wanted ...-and => [ $k => COND1, $k => COND2 ... ]";
586 }
ef071fad 587 if ($k eq '-nest') {
0fc68377 588 # DBIx::Class requires a nest warning to be emitted once but the private
589 # method it overrode to do so no longer exists
590 if (ref($self) =~ /^DBIx::Class::SQLMaker/) {
591 unless ($Nest_Warned) {
592 belch(
593 "-nest in search conditions is deprecated, you most probably wanted:\n"
594 .q|{..., -and => [ \%cond0, \@cond1, \'cond2', \[ 'cond3', [ col => bind ] ], etc. ], ... }|
595 );
596 $Nest_Warned = 1;
597 }
598 }
ef071fad 599 return $self->_expand_expr($v);
600 }
6ab1562a 601 if ($k eq '-bool') {
602 if (ref($v)) {
603 return $self->_expand_expr($v);
604 }
605 puke "-bool => undef not supported" unless defined($v);
606 return { -ident => $v };
607 }
99a65fa8 608 if ($k eq '-not') {
0c7e3af0 609 return { -op => [ 'not', $self->_expand_expr($v) ] };
99a65fa8 610 }
ce3bc4b0 611 if (my ($rest) = $k =~/^-not[_ ](.*)$/) {
0c7e3af0 612 return +{ -op => [
613 'not',
99a65fa8 614 $self->_expand_expr_hashpair("-${rest}", $v, $logic)
0c7e3af0 615 ] };
ce3bc4b0 616 }
99a65fa8 617 if (my ($logic) = $k =~ /^-(and|or)$/i) {
dd2d5bf7 618 if (ref($v) eq 'HASH') {
619 return $self->_expand_expr($v, $logic);
620 }
99a65fa8 621 if (ref($v) eq 'ARRAY') {
622 return $self->_expand_expr($v, $logic);
623 }
dd2d5bf7 624 }
99a65fa8 625 {
626 my $op = $k;
627 $op =~ s/^-// if length($op) > 1;
628
629 # top level special ops are illegal in general
3ae10d16 630 # note that, arguably, if it makes no sense at top level, it also
631 # makes no sense on the other side of an = sign or similar but DBIC
632 # gets disappointingly upset if I disallow it
633 if (
634 (our $Expand_Depth) == 1
635 and List::Util::first { $op =~ $_->{regex} } @{$self->{special_ops}}
636 ) {
637 puke "Illegal use of top-level '-$op'"
638 }
96a8d74a 639 if (my $us = List::Util::first { $op =~ $_->{regex} } @{$self->{unary_ops}}) {
640 return { -op => [ $op, $v ] };
641 }
99a65fa8 642 }
643 if ($k eq '-value' and my $m = our $Cur_Col_Meta) {
644 return +{ -bind => [ $m, $v ] };
645 }
ec19b759 646 if (my $custom = $self->{expand_unary}{$k}) {
647 return $self->$custom($v);
648 }
b07681b1 649 if ($self->{node_types}{$k}) {
99a65fa8 650 return { $k => $v };
d13725da 651 }
711892b1 652 if (
653 ref($v) eq 'HASH'
654 and keys %$v == 1
655 and (keys %$v)[0] =~ /^-/
656 ) {
657 my ($func) = $k =~ /^-(.*)$/;
3ae10d16 658 if (List::Util::first { $func =~ $_->{regex} } @{$self->{special_ops}}) {
659 return +{ -op => [ $func, $self->_expand_expr($v) ] };
660 }
711892b1 661 return +{ -func => [ $func, $self->_expand_expr($v) ] };
662 }
663 if (!ref($v) or is_literal_value($v)) {
99a65fa8 664 return +{ -op => [ $k =~ /^-(.*)$/, $self->_expand_expr($v) ] };
59588695 665 }
99a65fa8 666 }
667 if (
668 !defined($v)
669 or (
670 ref($v) eq 'HASH'
671 and exists $v->{-value}
672 and not defined $v->{-value}
673 )
674 ) {
675 return $self->_expand_expr_hashpair($k => { $self->{cmp} => undef });
676 }
677 if (!ref($v) or Scalar::Util::blessed($v)) {
ec19b759 678 my $d = our $Default_Scalar_To;
99a65fa8 679 return +{
680 -op => [
681 $self->{cmp},
682 { -ident => $k },
ec19b759 683 ($d ? { $d => $v } : { -bind => [ $k, $v ] })
99a65fa8 684 ]
685 };
686 }
687 if (ref($v) eq 'HASH') {
688 if (keys %$v > 1) {
e175845b 689 return { -op => [
690 'and',
99a65fa8 691 map $self->_expand_expr_hashpair($k => { $_ => $v->{$_} }),
692 sort keys %$v
693 ] };
694 }
dd1d0dbf 695 return { -literal => [ '' ] } unless keys %$v;
99a65fa8 696 my ($vk, $vv) = %$v;
697 $vk =~ s/^-//;
698 $vk = lc($vk);
699 $self->_assert_pass_injection_guard($vk);
700 if ($vk =~ s/ [_\s]? \d+ $//x ) {
701 belch 'Use of [and|or|nest]_N modifiers is deprecated and will be removed in SQLA v2.0. '
702 . "You probably wanted ...-and => [ -$vk => COND1, -$vk => COND2 ... ]";
703 }
704 if ($vk =~ /^(?:not[ _])?between$/) {
705 local our $Cur_Col_Meta = $k;
706 my @rhs = map $self->_expand_expr($_),
707 ref($vv) eq 'ARRAY' ? @$vv : $vv;
708 unless (
709 (@rhs == 1 and ref($rhs[0]) eq 'HASH' and $rhs[0]->{-literal})
710 or
711 (@rhs == 2 and defined($rhs[0]) and defined($rhs[1]))
712 ) {
713 puke "Operator '${\uc($vk)}' requires either an arrayref with two defined values or expressions, or a single literal scalarref/arrayref-ref";
b5b18861 714 }
99a65fa8 715 return +{ -op => [
716 join(' ', split '_', $vk),
717 { -ident => $k },
718 @rhs
719 ] }
720 }
721 if ($vk =~ /^(?:not[ _])?in$/) {
722 if (my $literal = is_literal_value($vv)) {
723 my ($sql, @bind) = @$literal;
724 my $opened_sql = $self->_open_outer_paren($sql);
10d07c4e 725 return +{ -op => [
99a65fa8 726 $vk, { -ident => $k },
727 [ { -literal => [ $opened_sql, @bind ] } ]
10d07c4e 728 ] };
729 }
99a65fa8 730 my $undef_err =
731 'SQL::Abstract before v1.75 used to generate incorrect SQL when the '
732 . "-${\uc($vk)} operator was given an undef-containing list: !!!AUDIT YOUR CODE "
733 . 'AND DATA!!! (the upcoming Data::Query-based version of SQL::Abstract '
734 . 'will emit the logically correct SQL instead of raising this exception)'
735 ;
736 puke("Argument passed to the '${\uc($vk)}' operator can not be undefined")
737 if !defined($vv);
738 my @rhs = map $self->_expand_expr($_),
739 map { ref($_) ? $_ : { -bind => [ $k, $_ ] } }
740 map { defined($_) ? $_: puke($undef_err) }
741 (ref($vv) eq 'ARRAY' ? @$vv : $vv);
e175845b 742 return $self->${\($vk =~ /^not/ ? 'sqltrue' : 'sqlfalse')} unless @rhs;
99a65fa8 743
744 return +{ -op => [
745 join(' ', split '_', $vk),
746 { -ident => $k },
747 \@rhs
748 ] };
749 }
750 if ($vk eq 'ident') {
02b8fe35 751 if (! defined $vv or (ref($vv) and ref($vv) eq 'ARRAY')) {
752 puke "-$vk requires a single plain scalar argument (a quotable identifier) or an arrayref of identifier parts";
f7778474 753 }
99a65fa8 754 return +{ -op => [
755 $self->{cmp},
756 { -ident => $k },
757 { -ident => $vv }
758 ] };
759 }
760 if ($vk eq 'value') {
761 return $self->_expand_expr_hashpair($k, undef) unless defined($vv);
762 return +{ -op => [
763 $self->{cmp},
764 { -ident => $k },
765 { -bind => [ $k, $vv ] }
766 ] };
767 }
768 if ($vk =~ /^is(?:[ _]not)?$/) {
769 puke "$vk can only take undef as argument"
770 if defined($vv)
771 and not (
772 ref($vv) eq 'HASH'
773 and exists($vv->{-value})
774 and !defined($vv->{-value})
775 );
776 $vk =~ s/_/ /g;
777 return +{ -op => [ $vk.' null', { -ident => $k } ] };
778 }
779 if ($vk =~ /^(and|or)$/) {
780 if (ref($vv) eq 'HASH') {
e62fe58a 781 return +{ -op => [
782 $vk,
99a65fa8 783 map $self->_expand_expr_hashpair($k, { $_ => $vv->{$_} }),
784 sort keys %$vv
7d7868d1 785 ] };
786 }
e28d9b13 787 }
30af97c5 788 if (my $us = List::Util::first { $vk =~ $_->{regex} } @{$self->{special_ops}}) {
99a65fa8 789 return { -op => [ $vk, { -ident => $k }, $vv ] };
7dbe1183 790 }
96a8d74a 791 if (my $us = List::Util::first { $vk =~ $_->{regex} } @{$self->{unary_ops}}) {
792 return { -op => [
793 $self->{cmp},
794 { -ident => $k },
795 { -op => [ $vk, $vv ] }
796 ] };
797 }
99a65fa8 798 if (ref($vv) eq 'ARRAY') {
799 my ($logic, @values) = (
800 (defined($vv->[0]) and $vv->[0] =~ /^-(and|or)$/i)
801 ? @$vv
802 : (-or => @$vv)
803 );
804 if (
805 $vk =~ $self->{inequality_op}
806 or join(' ', split '_', $vk) =~ $self->{not_like_op}
807 ) {
808 if (lc($logic) eq '-or' and @values > 1) {
809 my $op = uc join ' ', split '_', $vk;
810 belch "A multi-element arrayref as an argument to the inequality op '$op' "
811 . 'is technically equivalent to an always-true 1=1 (you probably wanted '
812 . "to say ...{ \$inequality_op => [ -and => \@values ] }... instead)"
813 ;
814 }
ef071fad 815 }
b3cb13e8 816 unless (@values) {
817 # try to DWIM on equality operators
818 my $op = join ' ', split '_', $vk;
819 return
e175845b 820 $op =~ $self->{equality_op} ? $self->sqlfalse
821 : $op =~ $self->{like_op} ? belch("Supplying an empty arrayref to '@{[ uc $op]}' is deprecated") && $self->sqlfalse
822 : $op =~ $self->{inequality_op} ? $self->sqltrue
823 : $op =~ $self->{not_like_op} ? belch("Supplying an empty arrayref to '@{[ uc $op]}' is deprecated") && $self->sqltrue
b3cb13e8 824 : puke "operator '$op' applied on an empty array (field '$k')";
825 }
63c97a0b 826 return +{ -op => [
827 $logic =~ /^-(.*)$/,
99a65fa8 828 map $self->_expand_expr_hashpair($k => { $vk => $_ }),
829 @values
830 ] };
831 }
832 if (
833 !defined($vv)
834 or (
835 ref($vv) eq 'HASH'
836 and exists $vv->{-value}
837 and not defined $vv->{-value}
838 )
839 ) {
840 my $op = join ' ', split '_', $vk;
841 my $is =
842 $op =~ /^not$/i ? 'is not' # legacy
843 : $op =~ $self->{equality_op} ? 'is'
844 : $op =~ $self->{like_op} ? belch("Supplying an undefined argument to '@{[ uc $op]}' is deprecated") && 'is'
845 : $op =~ $self->{inequality_op} ? 'is not'
846 : $op =~ $self->{not_like_op} ? belch("Supplying an undefined argument to '@{[ uc $op]}' is deprecated") && 'is not'
847 : puke "unexpected operator '$op' with undef operand";
848 return +{ -op => [ $is.' null', { -ident => $k } ] };
849 }
850 local our $Cur_Col_Meta = $k;
851 return +{ -op => [
852 $vk,
853 { -ident => $k },
854 $self->_expand_expr($vv)
855 ] };
856 }
857 if (ref($v) eq 'ARRAY') {
e175845b 858 return $self->sqlfalse unless @$v;
99a65fa8 859 $self->_debug("ARRAY($k) means distribute over elements");
860 my $this_logic = (
861 $v->[0] =~ /^-((?:and|or))$/i
862 ? ($v = [ @{$v}[1..$#$v] ], $1)
863 : ($self->{logic} || 'or')
864 );
cba28f66 865 return +{ -op => [
866 $this_logic,
867 map $self->_expand_expr({ $k => $_ }, $this_logic), @$v
868 ] };
99a65fa8 869 }
870 if (my $literal = is_literal_value($v)) {
871 unless (length $k) {
872 belch 'Hash-pairs consisting of an empty string with a literal are deprecated, and will be removed in 2.0: use -and => [ $literal ] instead';
873 return \$literal;
874 }
875 my ($sql, @bind) = @$literal;
876 if ($self->{bindtype} eq 'columns') {
877 for (@bind) {
6fb2bd90 878 $self->_assert_bindval_matches_bindtype($_);
aa8d7bdb 879 }
331e2209 880 }
99a65fa8 881 return +{ -literal => [ $self->_quote($k).' '.$sql, @bind ] };
331e2209 882 }
99a65fa8 883 die "notreached";
59588695 884}
885
e175845b 886sub _render_expr {
887 my ($self, $expr) = @_;
888 my ($k, $v, @rest) = %$expr;
889 die "No" if @rest;
b07681b1 890 if (my $meth = $self->{node_types}{$k}) {
181dcebf 891 return $self->$meth($v);
e175845b 892 }
893 die "notreached: $k";
894}
895
96449e8e 896sub _recurse_where {
897 my ($self, $where, $logic) = @_;
898
99a65fa8 899#print STDERR Data::Dumper::Concise::Dumper([ $where, $logic ]);
900
5492d4c2 901 # Special case: top level simple string treated as literal
902
903 my $where_exp = (ref($where)
904 ? $self->_expand_expr($where, $logic)
905 : { -literal => [ $where ] });
1c0c0f41 906#::Dwarn([ EXPANDED => $where_exp ]);
a2cd381d 907
99a65fa8 908#print STDERR Data::Dumper::Concise::Dumper([ EXP => $where_exp ]);
909
96449e8e 910 # dispatch on appropriate method according to refkind of $where
e175845b 911# my $method = $self->_METHOD_FOR_refkind("_where", $where_exp);
912
913# my ($sql, @bind) = $self->$method($where_exp, $logic);
311b2151 914
e175845b 915 my ($sql, @bind) = defined($where_exp) ? $self->_render_expr($where_exp) : (undef);
abe1a491 916 # DBIx::Class used to call _recurse_where in scalar context
917 # something else might too...
918 if (wantarray) {
919 return ($sql, @bind);
920 }
921 else {
922 belch "Calling _recurse_where in scalar context is deprecated and will go away before 2.0";
923 return $sql;
924 }
96449e8e 925}
926
181dcebf 927sub _render_ident {
928 my ($self, $ident) = @_;
cc422895 929
9cf28dfb 930 return $self->_convert($self->_quote($ident));
cc422895 931}
932
181dcebf 933sub _render_value {
934 my ($self, $value) = @_;
cc422895 935
52511ae3 936 return ($self->_convert('?'), $self->_bindtype(undef, $value));
cc422895 937}
938
c452734e 939my %unop_postfix = map +($_ => 1),
940 'is null', 'is not null',
941 'asc', 'desc',
942;
d13725da 943
b5b18861 944my %special = (
945 (map +($_ => do {
946 my $op = $_;
947 sub {
948 my ($self, $args) = @_;
949 my ($left, $low, $high) = @$args;
950 my ($rhsql, @rhbind) = do {
951 if (@$args == 2) {
952 puke "Single arg to between must be a literal"
953 unless $low->{-literal};
954 @{$low->{-literal}}
955 } else {
e56dd780 956 my ($l, $h) = map [ $self->_render_expr($_) ], $low, $high;
b5b18861 957 (join(' ', $l->[0], $self->_sqlcase('and'), $h->[0]),
958 @{$l}[1..$#$l], @{$h}[1..$#$h])
959 }
960 };
e56dd780 961 my ($lhsql, @lhbind) = $self->_render_expr($left);
b5b18861 962 return (
963 join(' ', '(', $lhsql, $self->_sqlcase($op), $rhsql, ')'),
964 @lhbind, @rhbind
965 );
966 }
967 }), 'between', 'not between'),
10d07c4e 968 (map +($_ => do {
969 my $op = $_;
970 sub {
971 my ($self, $args) = @_;
972 my ($lhs, $rhs) = @$args;
973 my @in_bind;
974 my @in_sql = map {
0ce981f8 975 my ($sql, @bind) = $self->_render_expr($_);
10d07c4e 976 push @in_bind, @bind;
977 $sql;
978 } @$rhs;
0ce981f8 979 my ($lhsql, @lbind) = $self->_render_expr($lhs);
10d07c4e 980 return (
981 $lhsql.' '.$self->_sqlcase($op).' ( '
982 .join(', ', @in_sql)
983 .' )',
984 @lbind, @in_bind
985 );
986 }
987 }), 'in', 'not in'),
b5b18861 988);
989
181dcebf 990sub _render_op {
991 my ($self, $v) = @_;
d13725da 992 my ($op, @args) = @$v;
993 $op =~ s/^-// if length($op) > 1;
cba28f66 994 $op = lc($op);
b5b18861 995 if (my $h = $special{$op}) {
996 return $self->$h(\@args);
997 }
3ae10d16 998 my $us = List::Util::first { $op =~ $_->{regex} } @{$self->{special_ops}};
999 if ($us and @args > 1) {
99a65fa8 1000 puke "Special op '${op}' requires first value to be identifier"
1001 unless my ($k) = map $_->{-ident}, grep ref($_) eq 'HASH', $args[0];
dd1d0dbf 1002 local our $Expand_Depth = 1;
99a65fa8 1003 return $self->${\($us->{handler})}($k, $op, $args[1]);
1004 }
96a8d74a 1005 if (my $us = List::Util::first { $op =~ $_->{regex} } @{$self->{unary_ops}}) {
1006 return $self->${\($us->{handler})}($op, $args[0]);
1007 }
99a65fa8 1008 my $final_op = $op =~ /^(?:is|not)_/ ? join(' ', split '_', $op) : $op;
2143604f 1009 if (@args == 1 and $op !~ /^(and|or)$/) {
ec857800 1010 my ($expr_sql, @bind) = $self->_render_expr($args[0]);
d13725da 1011 my $op_sql = $self->_sqlcase($final_op);
1012 my $final_sql = (
1013 $unop_postfix{lc($final_op)}
1014 ? "${expr_sql} ${op_sql}"
1015 : "${op_sql} ${expr_sql}"
1016 );
3ae10d16 1017 return (($op eq 'not' || $us ? '('.$final_sql.')' : $final_sql), @bind);
1c0c0f41 1018 #} elsif (@args == 0) {
1019 # return '';
16d9289c 1020 } else {
1c0c0f41 1021 my @parts = grep length($_->[0]), map [ $self->_render_expr($_) ], @args;
1022 return '' unless @parts;
230812fc 1023 my $is_andor = !!($op =~ /^(and|or)$/);
1024 return @{$parts[0]} if $is_andor and @parts == 1;
1025 my ($final_sql) = map +($is_andor ? "( ${_} )" : $_), join(
2f9c5405 1026 ($final_op eq ',' ? '' : ' ').$self->_sqlcase($final_op).' ',
77617257 1027 map $_->[0], @parts
1028 );
99a65fa8 1029 return (
77617257 1030 $final_sql,
16d9289c 1031 map @{$_}[1..$#$_], @parts
99a65fa8 1032 );
d13725da 1033 }
1034 die "unhandled";
1035}
1036
181dcebf 1037sub _render_func {
1038 my ($self, $rest) = @_;
711892b1 1039 my ($func, @args) = @$rest;
1040 my @arg_sql;
1041 my @bind = map {
1042 my @x = @$_;
1043 push @arg_sql, shift @x;
1044 @x
0f199fce 1045 } map [ $self->_render_expr($_) ], @args;
711892b1 1046 return ($self->_sqlcase($func).'('.join(', ', @arg_sql).')', @bind);
1047}
1048
181dcebf 1049sub _render_bind {
1050 my ($self, $bind) = @_;
d13725da 1051 return ($self->_convert('?'), $self->_bindtype(@$bind));
1052}
1053
181dcebf 1054sub _render_literal {
1055 my ($self, $literal) = @_;
465d43fd 1056 $self->_assert_bindval_matches_bindtype(@{$literal}[1..$#$literal]);
aa8d7bdb 1057 return @$literal;
1058}
1059
4a1f01a3 1060# Some databases (SQLite) treat col IN (1, 2) different from
1061# col IN ( (1, 2) ). Use this to strip all outer parens while
1062# adding them back in the corresponding method
1063sub _open_outer_paren {
1064 my ($self, $sql) = @_;
a5f91feb 1065
ca4f826a 1066 while (my ($inner) = $sql =~ /^ \s* \( (.*) \) \s* $/xs) {
a5f91feb 1067
1068 # there are closing parens inside, need the heavy duty machinery
1069 # to reevaluate the extraction starting from $sql (full reevaluation)
ca4f826a 1070 if ($inner =~ /\)/) {
a5f91feb 1071 require Text::Balanced;
1072
1073 my (undef, $remainder) = do {
1074 # idiotic design - writes to $@ but *DOES NOT* throw exceptions
1075 local $@;
ca4f826a 1076 Text::Balanced::extract_bracketed($sql, '()', qr/\s*/);
a5f91feb 1077 };
1078
1079 # the entire expression needs to be a balanced bracketed thing
1080 # (after an extract no remainder sans trailing space)
1081 last if defined $remainder and $remainder =~ /\S/;
1082 }
1083
1084 $sql = $inner;
1085 }
1086
1087 $sql;
4a1f01a3 1088}
1089
96449e8e 1090
96449e8e 1091#======================================================================
1092# ORDER BY
1093#======================================================================
1094
33177570 1095sub _expand_order_by {
96449e8e 1096 my ($self, $arg) = @_;
1097
33177570 1098 return unless defined($arg) and not (ref($arg) eq 'ARRAY' and !@$arg);
2b6158af 1099
4325df6a 1100 my $expander = sub {
1101 my ($self, $dir, $expr) = @_;
52ca537e 1102 my @to_expand = ref($expr) eq 'ARRAY' ? @$expr : $expr;
1103 foreach my $arg (@to_expand) {
1104 if (
1105 ref($arg) eq 'HASH'
1106 and keys %$arg > 1
1107 and grep /^-(asc|desc)$/, keys %$arg
1108 ) {
1109 puke "ordering direction hash passed to order by must have exactly one key (-asc or -desc)";
1110 }
1111 }
4325df6a 1112 my @exp = map +(defined($dir) ? { -op => [ $dir => $_ ] } : $_),
74156ee9 1113 map $self->_expand_expr($_, undef, -ident),
1114 map ref($_) eq 'ARRAY' ? @$_ : $_, @to_expand;
4325df6a 1115 return (@exp > 1 ? { -op => [ ',', @exp ] } : $exp[0]);
1116 };
18c743c8 1117
ec19b759 1118 local @{$self->{expand_unary}}{qw(-asc -desc)} = (
1119 sub { shift->$expander(asc => @_) },
1120 sub { shift->$expander(desc => @_) },
1121 );
f267b646 1122
33177570 1123 return $self->$expander(undef, $arg);
1124}
1125
1126sub _order_by {
1127 my ($self, $arg) = @_;
1128
1129 return '' unless defined(my $expanded = $self->_expand_order_by($arg));
4325df6a 1130
1131 my ($sql, @bind) = $self->_render_expr($expanded);
1132
13cd9220 1133 return '' unless length($sql);
1134
4325df6a 1135 my $final_sql = $self->_sqlcase(' order by ').$sql;
1136
1137 return wantarray ? ($final_sql, @bind) : $final_sql;
f267b646 1138}
1139
2e3cc357 1140# _order_by no longer needs to call this so doesn't but DBIC uses it.
1141
33177570 1142sub _order_by_chunks {
1143 my ($self, $arg) = @_;
1144
1145 return () unless defined(my $expanded = $self->_expand_order_by($arg));
1146
2e3cc357 1147 return $self->_chunkify_order_by($expanded);
1148}
1149
1150sub _chunkify_order_by {
1151 my ($self, $expanded) = @_;
1b630cfe 1152
dd1d0dbf 1153 return grep length, $self->_render_expr($expanded)
1b630cfe 1154 if $expanded->{-ident} or @{$expanded->{-literal}||[]} == 1;
1155
33177570 1156 for ($expanded) {
1157 if (ref() eq 'HASH' and my $op = $_->{-op}) {
1158 if ($op->[0] eq ',') {
2e3cc357 1159 return map $self->_chunkify_order_by($_), @{$op}[1..$#$op];
33177570 1160 }
1161 }
1162 return [ $self->_render_expr($_) ];
1163 }
1164}
1165
96449e8e 1166#======================================================================
1167# DATASOURCE (FOR NOW, JUST PLAIN TABLE OR LIST OF TABLES)
1168#======================================================================
1169
1170sub _table {
1171 my $self = shift;
1172 my $from = shift;
7ad12721 1173 ($self->_render_expr(
8476c6a3 1174 $self->_expand_maybe_list_expr($from, undef, -ident)
7ad12721 1175 ))[0];
96449e8e 1176}
1177
1178
1179#======================================================================
1180# UTILITY FUNCTIONS
1181#======================================================================
1182
8476c6a3 1183sub _expand_maybe_list_expr {
1184 my ($self, $expr, $logic, $default) = @_;
bba04f52 1185 my $e = do {
1186 if (ref($expr) eq 'ARRAY') {
1187 return { -op => [
8476c6a3 1188 ',', map $self->_expand_expr($_, $logic, $default), @$expr
bba04f52 1189 ] } if @$expr > 1;
1190 $expr->[0]
1191 } else {
1192 $expr
1193 }
1194 };
1195 return $self->_expand_expr($e, $logic, $default);
8476c6a3 1196}
1197
955e77ca 1198# highly optimized, as it's called way too often
96449e8e 1199sub _quote {
955e77ca 1200 # my ($self, $label) = @_;
96449e8e 1201
955e77ca 1202 return '' unless defined $_[1];
955e77ca 1203 return ${$_[1]} if ref($_[1]) eq 'SCALAR';
d3162b5c 1204 puke 'Identifier cannot be hashref' if ref($_[1]) eq 'HASH';
96449e8e 1205
d3162b5c 1206 unless ($_[0]->{quote_char}) {
1207 if (ref($_[1]) eq 'ARRAY') {
1208 return join($_[0]->{name_sep}||'.', @{$_[1]});
1209 } else {
1210 $_[0]->_assert_pass_injection_guard($_[1]);
1211 return $_[1];
1212 }
1213 }
96449e8e 1214
07d7c35c 1215 my $qref = ref $_[0]->{quote_char};
439834d3 1216 my ($l, $r) =
1217 !$qref ? ($_[0]->{quote_char}, $_[0]->{quote_char})
1218 : ($qref eq 'ARRAY') ? @{$_[0]->{quote_char}}
1219 : puke "Unsupported quote_char format: $_[0]->{quote_char}";
1220
46be4313 1221 my $esc = $_[0]->{escape_char} || $r;
96449e8e 1222
07d7c35c 1223 # parts containing * are naturally unquoted
d3162b5c 1224 return join(
1225 $_[0]->{name_sep}||'',
1226 map +(
1227 $_ eq '*'
1228 ? $_
1229 : do { (my $n = $_) =~ s/(\Q$esc\E|\Q$r\E)/$esc$1/g; $l . $n . $r }
1230 ),
1231 (ref($_[1]) eq 'ARRAY'
1232 ? @{$_[1]}
1233 : (
1234 $_[0]->{name_sep}
1235 ? split (/\Q$_[0]->{name_sep}\E/, $_[1] )
1236 : $_[1]
1237 )
1238 )
955e77ca 1239 );
96449e8e 1240}
1241
1242
1243# Conversion, if applicable
d7c862e0 1244sub _convert {
07d7c35c 1245 #my ($self, $arg) = @_;
7ad12721 1246 if ($_[0]->{convert_where}) {
1247 return $_[0]->_sqlcase($_[0]->{convert_where}) .'(' . $_[1] . ')';
96449e8e 1248 }
07d7c35c 1249 return $_[1];
96449e8e 1250}
1251
1252# And bindtype
d7c862e0 1253sub _bindtype {
07d7c35c 1254 #my ($self, $col, @vals) = @_;
07d7c35c 1255 # called often - tighten code
1256 return $_[0]->{bindtype} eq 'columns'
1257 ? map {[$_[1], $_]} @_[2 .. $#_]
1258 : @_[2 .. $#_]
1259 ;
96449e8e 1260}
1261
fe3ae272 1262# Dies if any element of @bind is not in [colname => value] format
1263# if bindtype is 'columns'.
1264sub _assert_bindval_matches_bindtype {
c94a6c93 1265# my ($self, @bind) = @_;
1266 my $self = shift;
fe3ae272 1267 if ($self->{bindtype} eq 'columns') {
c94a6c93 1268 for (@_) {
1269 if (!defined $_ || ref($_) ne 'ARRAY' || @$_ != 2) {
3a06278c 1270 puke "bindtype 'columns' selected, you need to pass: [column_name => bind_value]"
fe3ae272 1271 }
1272 }
1273 }
1274}
1275
96449e8e 1276sub _join_sql_clauses {
1277 my ($self, $logic, $clauses_aref, $bind_aref) = @_;
1278
1279 if (@$clauses_aref > 1) {
1280 my $join = " " . $self->_sqlcase($logic) . " ";
1281 my $sql = '( ' . join($join, @$clauses_aref) . ' )';
1282 return ($sql, @$bind_aref);
1283 }
1284 elsif (@$clauses_aref) {
1285 return ($clauses_aref->[0], @$bind_aref); # no parentheses
1286 }
1287 else {
1288 return (); # if no SQL, ignore @$bind_aref
1289 }
1290}
1291
1292
1293# Fix SQL case, if so requested
1294sub _sqlcase {
96449e8e 1295 # LDNOTE: if $self->{case} is true, then it contains 'lower', so we
1296 # don't touch the argument ... crooked logic, but let's not change it!
07d7c35c 1297 return $_[0]->{case} ? $_[1] : uc($_[1]);
96449e8e 1298}
1299
1300
1301#======================================================================
1302# DISPATCHING FROM REFKIND
1303#======================================================================
1304
1305sub _refkind {
1306 my ($self, $data) = @_;
96449e8e 1307
955e77ca 1308 return 'UNDEF' unless defined $data;
1309
1310 # blessed objects are treated like scalars
1311 my $ref = (Scalar::Util::blessed $data) ? '' : ref $data;
1312
1313 return 'SCALAR' unless $ref;
1314
1315 my $n_steps = 1;
1316 while ($ref eq 'REF') {
96449e8e 1317 $data = $$data;
955e77ca 1318 $ref = (Scalar::Util::blessed $data) ? '' : ref $data;
1319 $n_steps++ if $ref;
96449e8e 1320 }
1321
848556bc 1322 return ($ref||'SCALAR') . ('REF' x $n_steps);
96449e8e 1323}
1324
1325sub _try_refkind {
1326 my ($self, $data) = @_;
1327 my @try = ($self->_refkind($data));
1328 push @try, 'SCALAR_or_UNDEF' if $try[0] eq 'SCALAR' || $try[0] eq 'UNDEF';
1329 push @try, 'FALLBACK';
955e77ca 1330 return \@try;
96449e8e 1331}
1332
1333sub _METHOD_FOR_refkind {
1334 my ($self, $meth_prefix, $data) = @_;
f39eaa60 1335
1336 my $method;
955e77ca 1337 for (@{$self->_try_refkind($data)}) {
f39eaa60 1338 $method = $self->can($meth_prefix."_".$_)
1339 and last;
1340 }
1341
1342 return $method || puke "cannot dispatch on '$meth_prefix' for ".$self->_refkind($data);
96449e8e 1343}
1344
1345
1346sub _SWITCH_refkind {
1347 my ($self, $data, $dispatch_table) = @_;
1348
f39eaa60 1349 my $coderef;
955e77ca 1350 for (@{$self->_try_refkind($data)}) {
f39eaa60 1351 $coderef = $dispatch_table->{$_}
1352 and last;
1353 }
1354
1355 puke "no dispatch entry for ".$self->_refkind($data)
1356 unless $coderef;
1357
96449e8e 1358 $coderef->();
1359}
1360
1361
1362
1363
1364#======================================================================
1365# VALUES, GENERATE, AUTOLOAD
1366#======================================================================
1367
1368# LDNOTE: original code from nwiger, didn't touch code in that section
1369# I feel the AUTOLOAD stuff should not be the default, it should
1370# only be activated on explicit demand by user.
1371
1372sub values {
1373 my $self = shift;
1374 my $data = shift || return;
1375 puke "Argument to ", __PACKAGE__, "->values must be a \\%hash"
1376 unless ref $data eq 'HASH';
bab725ce 1377
1378 my @all_bind;
ca4f826a 1379 foreach my $k (sort keys %$data) {
bab725ce 1380 my $v = $data->{$k};
1381 $self->_SWITCH_refkind($v, {
9d48860e 1382 ARRAYREF => sub {
bab725ce 1383 if ($self->{array_datatypes}) { # array datatype
1384 push @all_bind, $self->_bindtype($k, $v);
1385 }
1386 else { # literal SQL with bind
1387 my ($sql, @bind) = @$v;
1388 $self->_assert_bindval_matches_bindtype(@bind);
1389 push @all_bind, @bind;
1390 }
1391 },
1392 ARRAYREFREF => sub { # literal SQL with bind
1393 my ($sql, @bind) = @${$v};
1394 $self->_assert_bindval_matches_bindtype(@bind);
1395 push @all_bind, @bind;
1396 },
1397 SCALARREF => sub { # literal SQL without bind
1398 },
1399 SCALAR_or_UNDEF => sub {
1400 push @all_bind, $self->_bindtype($k, $v);
1401 },
1402 });
1403 }
1404
1405 return @all_bind;
96449e8e 1406}
1407
1408sub generate {
1409 my $self = shift;
1410
1411 my(@sql, @sqlq, @sqlv);
1412
1413 for (@_) {
1414 my $ref = ref $_;
1415 if ($ref eq 'HASH') {
1416 for my $k (sort keys %$_) {
1417 my $v = $_->{$k};
1418 my $r = ref $v;
1419 my $label = $self->_quote($k);
1420 if ($r eq 'ARRAY') {
fe3ae272 1421 # literal SQL with bind
1422 my ($sql, @bind) = @$v;
1423 $self->_assert_bindval_matches_bindtype(@bind);
96449e8e 1424 push @sqlq, "$label = $sql";
fe3ae272 1425 push @sqlv, @bind;
96449e8e 1426 } elsif ($r eq 'SCALAR') {
fe3ae272 1427 # literal SQL without bind
96449e8e 1428 push @sqlq, "$label = $$v";
9d48860e 1429 } else {
96449e8e 1430 push @sqlq, "$label = ?";
1431 push @sqlv, $self->_bindtype($k, $v);
1432 }
1433 }
1434 push @sql, $self->_sqlcase('set'), join ', ', @sqlq;
1435 } elsif ($ref eq 'ARRAY') {
1436 # unlike insert(), assume these are ONLY the column names, i.e. for SQL
1437 for my $v (@$_) {
1438 my $r = ref $v;
fe3ae272 1439 if ($r eq 'ARRAY') { # literal SQL with bind
1440 my ($sql, @bind) = @$v;
1441 $self->_assert_bindval_matches_bindtype(@bind);
1442 push @sqlq, $sql;
1443 push @sqlv, @bind;
1444 } elsif ($r eq 'SCALAR') { # literal SQL without bind
96449e8e 1445 # embedded literal SQL
1446 push @sqlq, $$v;
9d48860e 1447 } else {
96449e8e 1448 push @sqlq, '?';
1449 push @sqlv, $v;
1450 }
1451 }
1452 push @sql, '(' . join(', ', @sqlq) . ')';
1453 } elsif ($ref eq 'SCALAR') {
1454 # literal SQL
1455 push @sql, $$_;
1456 } else {
1457 # strings get case twiddled
1458 push @sql, $self->_sqlcase($_);
1459 }
1460 }
1461
1462 my $sql = join ' ', @sql;
1463
1464 # this is pretty tricky
1465 # if ask for an array, return ($stmt, @bind)
1466 # otherwise, s/?/shift @sqlv/ to put it inline
1467 if (wantarray) {
1468 return ($sql, @sqlv);
1469 } else {
1470 1 while $sql =~ s/\?/my $d = shift(@sqlv);
1471 ref $d ? $d->[1] : $d/e;
1472 return $sql;
1473 }
1474}
1475
1476
1477sub DESTROY { 1 }
1478
1479sub AUTOLOAD {
1480 # This allows us to check for a local, then _form, attr
1481 my $self = shift;
1482 my($name) = $AUTOLOAD =~ /.*::(.+)/;
1483 return $self->generate($name, @_);
1484}
1485
14861;
1487
1488
1489
1490__END__
32eab2da 1491
1492=head1 NAME
1493
1494SQL::Abstract - Generate SQL from Perl data structures
1495
1496=head1 SYNOPSIS
1497
1498 use SQL::Abstract;
1499
1500 my $sql = SQL::Abstract->new;
1501
85783f3c 1502 my($stmt, @bind) = $sql->select($source, \@fields, \%where, $order);
32eab2da 1503
1504 my($stmt, @bind) = $sql->insert($table, \%fieldvals || \@values);
1505
1506 my($stmt, @bind) = $sql->update($table, \%fieldvals, \%where);
1507
1508 my($stmt, @bind) = $sql->delete($table, \%where);
1509
1510 # Then, use these in your DBI statements
1511 my $sth = $dbh->prepare($stmt);
1512 $sth->execute(@bind);
1513
1514 # Just generate the WHERE clause
85783f3c 1515 my($stmt, @bind) = $sql->where(\%where, $order);
32eab2da 1516
1517 # Return values in the same order, for hashed queries
1518 # See PERFORMANCE section for more details
1519 my @bind = $sql->values(\%fieldvals);
1520
1521=head1 DESCRIPTION
1522
1523This module was inspired by the excellent L<DBIx::Abstract>.
1524However, in using that module I found that what I really wanted
1525to do was generate SQL, but still retain complete control over my
1526statement handles and use the DBI interface. So, I set out to
1527create an abstract SQL generation module.
1528
1529While based on the concepts used by L<DBIx::Abstract>, there are
1530several important differences, especially when it comes to WHERE
1531clauses. I have modified the concepts used to make the SQL easier
1532to generate from Perl data structures and, IMO, more intuitive.
1533The underlying idea is for this module to do what you mean, based
1534on the data structures you provide it. The big advantage is that
1535you don't have to modify your code every time your data changes,
1536as this module figures it out.
1537
1538To begin with, an SQL INSERT is as easy as just specifying a hash
1539of C<key=value> pairs:
1540
1541 my %data = (
1542 name => 'Jimbo Bobson',
1543 phone => '123-456-7890',
1544 address => '42 Sister Lane',
1545 city => 'St. Louis',
1546 state => 'Louisiana',
1547 );
1548
1549The SQL can then be generated with this:
1550
1551 my($stmt, @bind) = $sql->insert('people', \%data);
1552
1553Which would give you something like this:
1554
1555 $stmt = "INSERT INTO people
1556 (address, city, name, phone, state)
1557 VALUES (?, ?, ?, ?, ?)";
1558 @bind = ('42 Sister Lane', 'St. Louis', 'Jimbo Bobson',
1559 '123-456-7890', 'Louisiana');
1560
1561These are then used directly in your DBI code:
1562
1563 my $sth = $dbh->prepare($stmt);
1564 $sth->execute(@bind);
1565
96449e8e 1566=head2 Inserting and Updating Arrays
1567
1568If your database has array types (like for example Postgres),
1569activate the special option C<< array_datatypes => 1 >>
9d48860e 1570when creating the C<SQL::Abstract> object.
96449e8e 1571Then you may use an arrayref to insert and update database array types:
1572
1573 my $sql = SQL::Abstract->new(array_datatypes => 1);
1574 my %data = (
1575 planets => [qw/Mercury Venus Earth Mars/]
1576 );
9d48860e 1577
96449e8e 1578 my($stmt, @bind) = $sql->insert('solar_system', \%data);
1579
1580This results in:
1581
1582 $stmt = "INSERT INTO solar_system (planets) VALUES (?)"
1583
1584 @bind = (['Mercury', 'Venus', 'Earth', 'Mars']);
1585
1586
1587=head2 Inserting and Updating SQL
1588
1589In order to apply SQL functions to elements of your C<%data> you may
1590specify a reference to an arrayref for the given hash value. For example,
1591if you need to execute the Oracle C<to_date> function on a value, you can
1592say something like this:
32eab2da 1593
1594 my %data = (
1595 name => 'Bill',
3ae1c5e2 1596 date_entered => \[ "to_date(?,'MM/DD/YYYY')", "03/02/2003" ],
9d48860e 1597 );
32eab2da 1598
1599The first value in the array is the actual SQL. Any other values are
1600optional and would be included in the bind values array. This gives
1601you:
1602
1603 my($stmt, @bind) = $sql->insert('people', \%data);
1604
9d48860e 1605 $stmt = "INSERT INTO people (name, date_entered)
32eab2da 1606 VALUES (?, to_date(?,'MM/DD/YYYY'))";
1607 @bind = ('Bill', '03/02/2003');
1608
1609An UPDATE is just as easy, all you change is the name of the function:
1610
1611 my($stmt, @bind) = $sql->update('people', \%data);
1612
1613Notice that your C<%data> isn't touched; the module will generate
1614the appropriately quirky SQL for you automatically. Usually you'll
1615want to specify a WHERE clause for your UPDATE, though, which is
1616where handling C<%where> hashes comes in handy...
1617
96449e8e 1618=head2 Complex where statements
1619
32eab2da 1620This module can generate pretty complicated WHERE statements
1621easily. For example, simple C<key=value> pairs are taken to mean
1622equality, and if you want to see if a field is within a set
1623of values, you can use an arrayref. Let's say we wanted to
1624SELECT some data based on this criteria:
1625
1626 my %where = (
1627 requestor => 'inna',
1628 worker => ['nwiger', 'rcwe', 'sfz'],
1629 status => { '!=', 'completed' }
1630 );
1631
1632 my($stmt, @bind) = $sql->select('tickets', '*', \%where);
1633
1634The above would give you something like this:
1635
1636 $stmt = "SELECT * FROM tickets WHERE
1637 ( requestor = ? ) AND ( status != ? )
1638 AND ( worker = ? OR worker = ? OR worker = ? )";
1639 @bind = ('inna', 'completed', 'nwiger', 'rcwe', 'sfz');
1640
1641Which you could then use in DBI code like so:
1642
1643 my $sth = $dbh->prepare($stmt);
1644 $sth->execute(@bind);
1645
1646Easy, eh?
1647
0da0fe34 1648=head1 METHODS
32eab2da 1649
13cc86af 1650The methods are simple. There's one for every major SQL operation,
32eab2da 1651and a constructor you use first. The arguments are specified in a
13cc86af 1652similar order for each method (table, then fields, then a where
32eab2da 1653clause) to try and simplify things.
1654
32eab2da 1655=head2 new(option => 'value')
1656
1657The C<new()> function takes a list of options and values, and returns
1658a new B<SQL::Abstract> object which can then be used to generate SQL
1659through the methods below. The options accepted are:
1660
1661=over
1662
1663=item case
1664
1665If set to 'lower', then SQL will be generated in all lowercase. By
1666default SQL is generated in "textbook" case meaning something like:
1667
1668 SELECT a_field FROM a_table WHERE some_field LIKE '%someval%'
1669
96449e8e 1670Any setting other than 'lower' is ignored.
1671
32eab2da 1672=item cmp
1673
1674This determines what the default comparison operator is. By default
1675it is C<=>, meaning that a hash like this:
1676
1677 %where = (name => 'nwiger', email => 'nate@wiger.org');
1678
1679Will generate SQL like this:
1680
1681 WHERE name = 'nwiger' AND email = 'nate@wiger.org'
1682
1683However, you may want loose comparisons by default, so if you set
1684C<cmp> to C<like> you would get SQL such as:
1685
1686 WHERE name like 'nwiger' AND email like 'nate@wiger.org'
1687
3af02ccb 1688You can also override the comparison on an individual basis - see
32eab2da 1689the huge section on L</"WHERE CLAUSES"> at the bottom.
1690
96449e8e 1691=item sqltrue, sqlfalse
1692
1693Expressions for inserting boolean values within SQL statements.
6e0c6552 1694By default these are C<1=1> and C<1=0>. They are used
1695by the special operators C<-in> and C<-not_in> for generating
1696correct SQL even when the argument is an empty array (see below).
96449e8e 1697
32eab2da 1698=item logic
1699
1700This determines the default logical operator for multiple WHERE
7cac25e6 1701statements in arrays or hashes. If absent, the default logic is "or"
1702for arrays, and "and" for hashes. This means that a WHERE
32eab2da 1703array of the form:
1704
1705 @where = (
9d48860e 1706 event_date => {'>=', '2/13/99'},
1707 event_date => {'<=', '4/24/03'},
32eab2da 1708 );
1709
7cac25e6 1710will generate SQL like this:
32eab2da 1711
1712 WHERE event_date >= '2/13/99' OR event_date <= '4/24/03'
1713
1714This is probably not what you want given this query, though (look
1715at the dates). To change the "OR" to an "AND", simply specify:
1716
1717 my $sql = SQL::Abstract->new(logic => 'and');
1718
1719Which will change the above C<WHERE> to:
1720
1721 WHERE event_date >= '2/13/99' AND event_date <= '4/24/03'
1722
96449e8e 1723The logic can also be changed locally by inserting
be21dde3 1724a modifier in front of an arrayref:
96449e8e 1725
9d48860e 1726 @where = (-and => [event_date => {'>=', '2/13/99'},
7cac25e6 1727 event_date => {'<=', '4/24/03'} ]);
96449e8e 1728
1729See the L</"WHERE CLAUSES"> section for explanations.
1730
32eab2da 1731=item convert
1732
1733This will automatically convert comparisons using the specified SQL
1734function for both column and value. This is mostly used with an argument
1735of C<upper> or C<lower>, so that the SQL will have the effect of
1736case-insensitive "searches". For example, this:
1737
1738 $sql = SQL::Abstract->new(convert => 'upper');
1739 %where = (keywords => 'MaKe iT CAse inSeNSItive');
1740
1741Will turn out the following SQL:
1742
1743 WHERE upper(keywords) like upper('MaKe iT CAse inSeNSItive')
1744
1745The conversion can be C<upper()>, C<lower()>, or any other SQL function
1746that can be applied symmetrically to fields (actually B<SQL::Abstract> does
1747not validate this option; it will just pass through what you specify verbatim).
1748
1749=item bindtype
1750
1751This is a kludge because many databases suck. For example, you can't
1752just bind values using DBI's C<execute()> for Oracle C<CLOB> or C<BLOB> fields.
1753Instead, you have to use C<bind_param()>:
1754
1755 $sth->bind_param(1, 'reg data');
1756 $sth->bind_param(2, $lots, {ora_type => ORA_CLOB});
1757
1758The problem is, B<SQL::Abstract> will normally just return a C<@bind> array,
1759which loses track of which field each slot refers to. Fear not.
1760
1761If you specify C<bindtype> in new, you can determine how C<@bind> is returned.
1762Currently, you can specify either C<normal> (default) or C<columns>. If you
1763specify C<columns>, you will get an array that looks like this:
1764
1765 my $sql = SQL::Abstract->new(bindtype => 'columns');
1766 my($stmt, @bind) = $sql->insert(...);
1767
1768 @bind = (
1769 [ 'column1', 'value1' ],
1770 [ 'column2', 'value2' ],
1771 [ 'column3', 'value3' ],
1772 );
1773
1774You can then iterate through this manually, using DBI's C<bind_param()>.
e3f9dff4 1775
32eab2da 1776 $sth->prepare($stmt);
1777 my $i = 1;
1778 for (@bind) {
1779 my($col, $data) = @$_;
1780 if ($col eq 'details' || $col eq 'comments') {
1781 $sth->bind_param($i, $data, {ora_type => ORA_CLOB});
1782 } elsif ($col eq 'image') {
1783 $sth->bind_param($i, $data, {ora_type => ORA_BLOB});
1784 } else {
1785 $sth->bind_param($i, $data);
1786 }
1787 $i++;
1788 }
1789 $sth->execute; # execute without @bind now
1790
1791Now, why would you still use B<SQL::Abstract> if you have to do this crap?
1792Basically, the advantage is still that you don't have to care which fields
1793are or are not included. You could wrap that above C<for> loop in a simple
1794sub called C<bind_fields()> or something and reuse it repeatedly. You still
1795get a layer of abstraction over manual SQL specification.
1796
3ae1c5e2 1797Note that if you set L</bindtype> to C<columns>, the C<\[ $sql, @bind ]>
deb148a2 1798construct (see L</Literal SQL with placeholders and bind values (subqueries)>)
1799will expect the bind values in this format.
1800
32eab2da 1801=item quote_char
1802
1803This is the character that a table or column name will be quoted
9d48860e 1804with. By default this is an empty string, but you could set it to
32eab2da 1805the character C<`>, to generate SQL like this:
1806
1807 SELECT `a_field` FROM `a_table` WHERE `some_field` LIKE '%someval%'
1808
96449e8e 1809Alternatively, you can supply an array ref of two items, the first being the left
1810hand quote character, and the second the right hand quote character. For
1811example, you could supply C<['[',']']> for SQL Server 2000 compliant quotes
1812that generates SQL like this:
1813
1814 SELECT [a_field] FROM [a_table] WHERE [some_field] LIKE '%someval%'
1815
9d48860e 1816Quoting is useful if you have tables or columns names that are reserved
96449e8e 1817words in your database's SQL dialect.
32eab2da 1818
46be4313 1819=item escape_char
1820
1821This is the character that will be used to escape L</quote_char>s appearing
1822in an identifier before it has been quoted.
1823
80790166 1824The parameter default in case of a single L</quote_char> character is the quote
46be4313 1825character itself.
1826
1827When opening-closing-style quoting is used (L</quote_char> is an arrayref)
9de2bd86 1828this parameter defaults to the B<closing (right)> L</quote_char>. Occurrences
46be4313 1829of the B<opening (left)> L</quote_char> within the identifier are currently left
1830untouched. The default for opening-closing-style quotes may change in future
1831versions, thus you are B<strongly encouraged> to specify the escape character
1832explicitly.
1833
32eab2da 1834=item name_sep
1835
1836This is the character that separates a table and column name. It is
1837necessary to specify this when the C<quote_char> option is selected,
1838so that tables and column names can be individually quoted like this:
1839
1840 SELECT `table`.`one_field` FROM `table` WHERE `table`.`other_field` = 1
1841
b6251592 1842=item injection_guard
1843
1844A regular expression C<qr/.../> that is applied to any C<-function> and unquoted
1845column name specified in a query structure. This is a safety mechanism to avoid
1846injection attacks when mishandling user input e.g.:
1847
1848 my %condition_as_column_value_pairs = get_values_from_user();
1849 $sqla->select( ... , \%condition_as_column_value_pairs );
1850
1851If the expression matches an exception is thrown. Note that literal SQL
1852supplied via C<\'...'> or C<\['...']> is B<not> checked in any way.
1853
1854Defaults to checking for C<;> and the C<GO> keyword (TransactSQL)
1855
96449e8e 1856=item array_datatypes
32eab2da 1857
9d48860e 1858When this option is true, arrayrefs in INSERT or UPDATE are
1859interpreted as array datatypes and are passed directly
96449e8e 1860to the DBI layer.
1861When this option is false, arrayrefs are interpreted
1862as literal SQL, just like refs to arrayrefs
1863(but this behavior is for backwards compatibility; when writing
1864new queries, use the "reference to arrayref" syntax
1865for literal SQL).
32eab2da 1866
32eab2da 1867
96449e8e 1868=item special_ops
32eab2da 1869
9d48860e 1870Takes a reference to a list of "special operators"
96449e8e 1871to extend the syntax understood by L<SQL::Abstract>.
1872See section L</"SPECIAL OPERATORS"> for details.
32eab2da 1873
59f23b3d 1874=item unary_ops
1875
9d48860e 1876Takes a reference to a list of "unary operators"
59f23b3d 1877to extend the syntax understood by L<SQL::Abstract>.
1878See section L</"UNARY OPERATORS"> for details.
1879
32eab2da 1880
32eab2da 1881
96449e8e 1882=back
32eab2da 1883
02288357 1884=head2 insert($table, \@values || \%fieldvals, \%options)
32eab2da 1885
1886This is the simplest function. You simply give it a table name
1887and either an arrayref of values or hashref of field/value pairs.
1888It returns an SQL INSERT statement and a list of bind values.
96449e8e 1889See the sections on L</"Inserting and Updating Arrays"> and
1890L</"Inserting and Updating SQL"> for information on how to insert
1891with those data types.
32eab2da 1892
02288357 1893The optional C<\%options> hash reference may contain additional
1894options to generate the insert SQL. Currently supported options
1895are:
1896
1897=over 4
1898
1899=item returning
1900
1901Takes either a scalar of raw SQL fields, or an array reference of
1902field names, and adds on an SQL C<RETURNING> statement at the end.
1903This allows you to return data generated by the insert statement
1904(such as row IDs) without performing another C<SELECT> statement.
1905Note, however, this is not part of the SQL standard and may not
1906be supported by all database engines.
1907
1908=back
1909
95904db5 1910=head2 update($table, \%fieldvals, \%where, \%options)
32eab2da 1911
1912This takes a table, hashref of field/value pairs, and an optional
86298391 1913hashref L<WHERE clause|/WHERE CLAUSES>. It returns an SQL UPDATE function and a list
32eab2da 1914of bind values.
96449e8e 1915See the sections on L</"Inserting and Updating Arrays"> and
1916L</"Inserting and Updating SQL"> for information on how to insert
1917with those data types.
32eab2da 1918
95904db5 1919The optional C<\%options> hash reference may contain additional
1920options to generate the update SQL. Currently supported options
1921are:
1922
1923=over 4
1924
1925=item returning
1926
1927See the C<returning> option to
1928L<insert|/insert($table, \@values || \%fieldvals, \%options)>.
1929
1930=back
1931
96449e8e 1932=head2 select($source, $fields, $where, $order)
32eab2da 1933
9d48860e 1934This returns a SQL SELECT statement and associated list of bind values, as
be21dde3 1935specified by the arguments:
32eab2da 1936
96449e8e 1937=over
32eab2da 1938
96449e8e 1939=item $source
32eab2da 1940
9d48860e 1941Specification of the 'FROM' part of the statement.
96449e8e 1942The argument can be either a plain scalar (interpreted as a table
1943name, will be quoted), or an arrayref (interpreted as a list
1944of table names, joined by commas, quoted), or a scalarref
063097a3 1945(literal SQL, not quoted).
32eab2da 1946
96449e8e 1947=item $fields
32eab2da 1948
9d48860e 1949Specification of the list of fields to retrieve from
96449e8e 1950the source.
1951The argument can be either an arrayref (interpreted as a list
9d48860e 1952of field names, will be joined by commas and quoted), or a
96449e8e 1953plain scalar (literal SQL, not quoted).
521647e7 1954Please observe that this API is not as flexible as that of
1955the first argument C<$source>, for backwards compatibility reasons.
32eab2da 1956
96449e8e 1957=item $where
32eab2da 1958
96449e8e 1959Optional argument to specify the WHERE part of the query.
1960The argument is most often a hashref, but can also be
9d48860e 1961an arrayref or plain scalar --
96449e8e 1962see section L<WHERE clause|/"WHERE CLAUSES"> for details.
32eab2da 1963
96449e8e 1964=item $order
32eab2da 1965
96449e8e 1966Optional argument to specify the ORDER BY part of the query.
9d48860e 1967The argument can be a scalar, a hashref or an arrayref
96449e8e 1968-- see section L<ORDER BY clause|/"ORDER BY CLAUSES">
1969for details.
32eab2da 1970
96449e8e 1971=back
32eab2da 1972
32eab2da 1973
85327cd5 1974=head2 delete($table, \%where, \%options)
32eab2da 1975
86298391 1976This takes a table name and optional hashref L<WHERE clause|/WHERE CLAUSES>.
32eab2da 1977It returns an SQL DELETE statement and list of bind values.
1978
85327cd5 1979The optional C<\%options> hash reference may contain additional
1980options to generate the delete SQL. Currently supported options
1981are:
1982
1983=over 4
1984
1985=item returning
1986
1987See the C<returning> option to
1988L<insert|/insert($table, \@values || \%fieldvals, \%options)>.
1989
1990=back
1991
85783f3c 1992=head2 where(\%where, $order)
32eab2da 1993
1994This is used to generate just the WHERE clause. For example,
1995if you have an arbitrary data structure and know what the
1996rest of your SQL is going to look like, but want an easy way
1997to produce a WHERE clause, use this. It returns an SQL WHERE
1998clause and list of bind values.
1999
32eab2da 2000
2001=head2 values(\%data)
2002
2003This just returns the values from the hash C<%data>, in the same
2004order that would be returned from any of the other above queries.
2005Using this allows you to markedly speed up your queries if you
2006are affecting lots of rows. See below under the L</"PERFORMANCE"> section.
2007
32eab2da 2008=head2 generate($any, 'number', $of, \@data, $struct, \%types)
2009
2010Warning: This is an experimental method and subject to change.
2011
2012This returns arbitrarily generated SQL. It's a really basic shortcut.
2013It will return two different things, depending on return context:
2014
2015 my($stmt, @bind) = $sql->generate('create table', \$table, \@fields);
2016 my $stmt_and_val = $sql->generate('create table', \$table, \@fields);
2017
2018These would return the following:
2019
2020 # First calling form
2021 $stmt = "CREATE TABLE test (?, ?)";
2022 @bind = (field1, field2);
2023
2024 # Second calling form
2025 $stmt_and_val = "CREATE TABLE test (field1, field2)";
2026
2027Depending on what you're trying to do, it's up to you to choose the correct
2028format. In this example, the second form is what you would want.
2029
2030By the same token:
2031
2032 $sql->generate('alter session', { nls_date_format => 'MM/YY' });
2033
2034Might give you:
2035
2036 ALTER SESSION SET nls_date_format = 'MM/YY'
2037
2038You get the idea. Strings get their case twiddled, but everything
2039else remains verbatim.
2040
0da0fe34 2041=head1 EXPORTABLE FUNCTIONS
2042
2043=head2 is_plain_value
2044
2045Determines if the supplied argument is a plain value as understood by this
2046module:
2047
2048=over
2049
2050=item * The value is C<undef>
2051
2052=item * The value is a non-reference
2053
2054=item * The value is an object with stringification overloading
2055
2056=item * The value is of the form C<< { -value => $anything } >>
2057
2058=back
2059
9de2bd86 2060On failure returns C<undef>, on success returns a B<scalar> reference
966200cc 2061to the original supplied argument.
0da0fe34 2062
843a94b5 2063=over
2064
2065=item * Note
2066
2067The stringification overloading detection is rather advanced: it takes
2068into consideration not only the presence of a C<""> overload, but if that
2069fails also checks for enabled
2070L<autogenerated versions of C<"">|overload/Magic Autogeneration>, based
2071on either C<0+> or C<bool>.
2072
2073Unfortunately testing in the field indicates that this
2074detection B<< may tickle a latent bug in perl versions before 5.018 >>,
2075but only when very large numbers of stringifying objects are involved.
2076At the time of writing ( Sep 2014 ) there is no clear explanation of
2077the direct cause, nor is there a manageably small test case that reliably
2078reproduces the problem.
2079
2080If you encounter any of the following exceptions in B<random places within
2081your application stack> - this module may be to blame:
2082
2083 Operation "ne": no method found,
2084 left argument in overloaded package <something>,
2085 right argument in overloaded package <something>
2086
2087or perhaps even
2088
2089 Stub found while resolving method "???" overloading """" in package <something>
2090
2091If you fall victim to the above - please attempt to reduce the problem
2092to something that could be sent to the L<SQL::Abstract developers
1f490ae4 2093|DBIx::Class/GETTING HELP/SUPPORT>
843a94b5 2094(either publicly or privately). As a workaround in the meantime you can
2095set C<$ENV{SQLA_ISVALUE_IGNORE_AUTOGENERATED_STRINGIFICATION}> to a true
2096value, which will most likely eliminate your problem (at the expense of
2097not being able to properly detect exotic forms of stringification).
2098
2099This notice and environment variable will be removed in a future version,
2100as soon as the underlying problem is found and a reliable workaround is
2101devised.
2102
2103=back
2104
0da0fe34 2105=head2 is_literal_value
2106
2107Determines if the supplied argument is a literal value as understood by this
2108module:
2109
2110=over
2111
2112=item * C<\$sql_string>
2113
2114=item * C<\[ $sql_string, @bind_values ]>
2115
0da0fe34 2116=back
2117
9de2bd86 2118On failure returns C<undef>, on success returns an B<array> reference
966200cc 2119containing the unpacked version of the supplied literal SQL and bind values.
0da0fe34 2120
32eab2da 2121=head1 WHERE CLAUSES
2122
96449e8e 2123=head2 Introduction
2124
32eab2da 2125This module uses a variation on the idea from L<DBIx::Abstract>. It
2126is B<NOT>, repeat I<not> 100% compatible. B<The main logic of this
2127module is that things in arrays are OR'ed, and things in hashes
2128are AND'ed.>
2129
2130The easiest way to explain is to show lots of examples. After
2131each C<%where> hash shown, it is assumed you used:
2132
2133 my($stmt, @bind) = $sql->where(\%where);
2134
2135However, note that the C<%where> hash can be used directly in any
2136of the other functions as well, as described above.
2137
96449e8e 2138=head2 Key-value pairs
2139
32eab2da 2140So, let's get started. To begin, a simple hash:
2141
2142 my %where = (
2143 user => 'nwiger',
2144 status => 'completed'
2145 );
2146
2147Is converted to SQL C<key = val> statements:
2148
2149 $stmt = "WHERE user = ? AND status = ?";
2150 @bind = ('nwiger', 'completed');
2151
2152One common thing I end up doing is having a list of values that
2153a field can be in. To do this, simply specify a list inside of
2154an arrayref:
2155
2156 my %where = (
2157 user => 'nwiger',
2158 status => ['assigned', 'in-progress', 'pending'];
2159 );
2160
2161This simple code will create the following:
9d48860e 2162
32eab2da 2163 $stmt = "WHERE user = ? AND ( status = ? OR status = ? OR status = ? )";
2164 @bind = ('nwiger', 'assigned', 'in-progress', 'pending');
2165
9d48860e 2166A field associated to an empty arrayref will be considered a
7cac25e6 2167logical false and will generate 0=1.
8a68b5be 2168
b864ba9b 2169=head2 Tests for NULL values
2170
2171If the value part is C<undef> then this is converted to SQL <IS NULL>
2172
2173 my %where = (
2174 user => 'nwiger',
2175 status => undef,
2176 );
2177
2178becomes:
2179
2180 $stmt = "WHERE user = ? AND status IS NULL";
2181 @bind = ('nwiger');
2182
e9614080 2183To test if a column IS NOT NULL:
2184
2185 my %where = (
2186 user => 'nwiger',
2187 status => { '!=', undef },
2188 );
cc422895 2189
6e0c6552 2190=head2 Specific comparison operators
96449e8e 2191
32eab2da 2192If you want to specify a different type of operator for your comparison,
2193you can use a hashref for a given column:
2194
2195 my %where = (
2196 user => 'nwiger',
2197 status => { '!=', 'completed' }
2198 );
2199
2200Which would generate:
2201
2202 $stmt = "WHERE user = ? AND status != ?";
2203 @bind = ('nwiger', 'completed');
2204
2205To test against multiple values, just enclose the values in an arrayref:
2206
96449e8e 2207 status => { '=', ['assigned', 'in-progress', 'pending'] };
2208
f2d5020d 2209Which would give you:
96449e8e 2210
2211 "WHERE status = ? OR status = ? OR status = ?"
2212
2213
2214The hashref can also contain multiple pairs, in which case it is expanded
32eab2da 2215into an C<AND> of its elements:
2216
2217 my %where = (
2218 user => 'nwiger',
2219 status => { '!=', 'completed', -not_like => 'pending%' }
2220 );
2221
2222 # Or more dynamically, like from a form
2223 $where{user} = 'nwiger';
2224 $where{status}{'!='} = 'completed';
2225 $where{status}{'-not_like'} = 'pending%';
2226
2227 # Both generate this
2228 $stmt = "WHERE user = ? AND status != ? AND status NOT LIKE ?";
2229 @bind = ('nwiger', 'completed', 'pending%');
2230
96449e8e 2231
32eab2da 2232To get an OR instead, you can combine it with the arrayref idea:
2233
2234 my %where => (
2235 user => 'nwiger',
1a6f2a03 2236 priority => [ { '=', 2 }, { '>', 5 } ]
32eab2da 2237 );
2238
2239Which would generate:
2240
1a6f2a03 2241 $stmt = "WHERE ( priority = ? OR priority > ? ) AND user = ?";
2242 @bind = ('2', '5', 'nwiger');
32eab2da 2243
44b9e502 2244If you want to include literal SQL (with or without bind values), just use a
13cc86af 2245scalar reference or reference to an arrayref as the value:
44b9e502 2246
2247 my %where = (
2248 date_entered => { '>' => \["to_date(?, 'MM/DD/YYYY')", "11/26/2008"] },
2249 date_expires => { '<' => \"now()" }
2250 );
2251
2252Which would generate:
2253
13cc86af 2254 $stmt = "WHERE date_entered > to_date(?, 'MM/DD/YYYY') AND date_expires < now()";
44b9e502 2255 @bind = ('11/26/2008');
2256
96449e8e 2257
2258=head2 Logic and nesting operators
2259
2260In the example above,
2261there is a subtle trap if you want to say something like
32eab2da 2262this (notice the C<AND>):
2263
2264 WHERE priority != ? AND priority != ?
2265
2266Because, in Perl you I<can't> do this:
2267
13cc86af 2268 priority => { '!=' => 2, '!=' => 1 }
32eab2da 2269
2270As the second C<!=> key will obliterate the first. The solution
2271is to use the special C<-modifier> form inside an arrayref:
2272
9d48860e 2273 priority => [ -and => {'!=', 2},
96449e8e 2274 {'!=', 1} ]
2275
32eab2da 2276
2277Normally, these would be joined by C<OR>, but the modifier tells it
2278to use C<AND> instead. (Hint: You can use this in conjunction with the
2279C<logic> option to C<new()> in order to change the way your queries
2280work by default.) B<Important:> Note that the C<-modifier> goes
2281B<INSIDE> the arrayref, as an extra first element. This will
2282B<NOT> do what you think it might:
2283
2284 priority => -and => [{'!=', 2}, {'!=', 1}] # WRONG!
2285
2286Here is a quick list of equivalencies, since there is some overlap:
2287
2288 # Same
2289 status => {'!=', 'completed', 'not like', 'pending%' }
2290 status => [ -and => {'!=', 'completed'}, {'not like', 'pending%'}]
2291
2292 # Same
2293 status => {'=', ['assigned', 'in-progress']}
2294 status => [ -or => {'=', 'assigned'}, {'=', 'in-progress'}]
2295 status => [ {'=', 'assigned'}, {'=', 'in-progress'} ]
2296
e3f9dff4 2297
2298
be21dde3 2299=head2 Special operators: IN, BETWEEN, etc.
96449e8e 2300
32eab2da 2301You can also use the hashref format to compare a list of fields using the
2302C<IN> comparison operator, by specifying the list as an arrayref:
2303
2304 my %where = (
2305 status => 'completed',
2306 reportid => { -in => [567, 2335, 2] }
2307 );
2308
2309Which would generate:
2310
2311 $stmt = "WHERE status = ? AND reportid IN (?,?,?)";
2312 @bind = ('completed', '567', '2335', '2');
2313
9d48860e 2314The reverse operator C<-not_in> generates SQL C<NOT IN> and is used in
96449e8e 2315the same way.
2316
6e0c6552 2317If the argument to C<-in> is an empty array, 'sqlfalse' is generated
be21dde3 2318(by default: C<1=0>). Similarly, C<< -not_in => [] >> generates
2319'sqltrue' (by default: C<1=1>).
6e0c6552 2320
e41c3bdd 2321In addition to the array you can supply a chunk of literal sql or
2322literal sql with bind:
6e0c6552 2323
e41c3bdd 2324 my %where = {
2325 customer => { -in => \[
2326 'SELECT cust_id FROM cust WHERE balance > ?',
2327 2000,
2328 ],
2329 status => { -in => \'SELECT status_codes FROM states' },
2330 };
6e0c6552 2331
e41c3bdd 2332would generate:
2333
2334 $stmt = "WHERE (
2335 customer IN ( SELECT cust_id FROM cust WHERE balance > ? )
2336 AND status IN ( SELECT status_codes FROM states )
2337 )";
2338 @bind = ('2000');
2339
0dfd2442 2340Finally, if the argument to C<-in> is not a reference, it will be
2341treated as a single-element array.
e41c3bdd 2342
2343Another pair of operators is C<-between> and C<-not_between>,
96449e8e 2344used with an arrayref of two values:
32eab2da 2345
2346 my %where = (
2347 user => 'nwiger',
2348 completion_date => {
2349 -not_between => ['2002-10-01', '2003-02-06']
2350 }
2351 );
2352
2353Would give you:
2354
2355 WHERE user = ? AND completion_date NOT BETWEEN ( ? AND ? )
2356
e41c3bdd 2357Just like with C<-in> all plausible combinations of literal SQL
2358are possible:
2359
2360 my %where = {
2361 start0 => { -between => [ 1, 2 ] },
2362 start1 => { -between => \["? AND ?", 1, 2] },
2363 start2 => { -between => \"lower(x) AND upper(y)" },
9d48860e 2364 start3 => { -between => [
e41c3bdd 2365 \"lower(x)",
2366 \["upper(?)", 'stuff' ],
2367 ] },
2368 };
2369
2370Would give you:
2371
2372 $stmt = "WHERE (
2373 ( start0 BETWEEN ? AND ? )
2374 AND ( start1 BETWEEN ? AND ? )
2375 AND ( start2 BETWEEN lower(x) AND upper(y) )
2376 AND ( start3 BETWEEN lower(x) AND upper(?) )
2377 )";
2378 @bind = (1, 2, 1, 2, 'stuff');
2379
2380
9d48860e 2381These are the two builtin "special operators"; but the
be21dde3 2382list can be expanded: see section L</"SPECIAL OPERATORS"> below.
96449e8e 2383
59f23b3d 2384=head2 Unary operators: bool
97a920ef 2385
2386If you wish to test against boolean columns or functions within your
2387database you can use the C<-bool> and C<-not_bool> operators. For
2388example to test the column C<is_user> being true and the column
827bb0eb 2389C<is_enabled> being false you would use:-
97a920ef 2390
2391 my %where = (
2392 -bool => 'is_user',
2393 -not_bool => 'is_enabled',
2394 );
2395
2396Would give you:
2397
277b5d3f 2398 WHERE is_user AND NOT is_enabled
97a920ef 2399
0b604e9d 2400If a more complex combination is required, testing more conditions,
2401then you should use the and/or operators:-
2402
2403 my %where = (
2404 -and => [
2405 -bool => 'one',
23401b81 2406 -not_bool => { two=> { -rlike => 'bar' } },
2407 -not_bool => { three => [ { '=', 2 }, { '>', 5 } ] },
0b604e9d 2408 ],
2409 );
2410
2411Would give you:
2412
23401b81 2413 WHERE
2414 one
2415 AND
2416 (NOT two RLIKE ?)
2417 AND
2418 (NOT ( three = ? OR three > ? ))
97a920ef 2419
2420
107b72f1 2421=head2 Nested conditions, -and/-or prefixes
96449e8e 2422
32eab2da 2423So far, we've seen how multiple conditions are joined with a top-level
2424C<AND>. We can change this by putting the different conditions we want in
2425hashes and then putting those hashes in an array. For example:
2426
2427 my @where = (
2428 {
2429 user => 'nwiger',
2430 status => { -like => ['pending%', 'dispatched'] },
2431 },
2432 {
2433 user => 'robot',
2434 status => 'unassigned',
2435 }
2436 );
2437
2438This data structure would create the following:
2439
2440 $stmt = "WHERE ( user = ? AND ( status LIKE ? OR status LIKE ? ) )
2441 OR ( user = ? AND status = ? ) )";
2442 @bind = ('nwiger', 'pending', 'dispatched', 'robot', 'unassigned');
2443
107b72f1 2444
48d9f5f8 2445Clauses in hashrefs or arrayrefs can be prefixed with an C<-and> or C<-or>
be21dde3 2446to change the logic inside:
32eab2da 2447
2448 my @where = (
2449 -and => [
2450 user => 'nwiger',
48d9f5f8 2451 [
2452 -and => [ workhrs => {'>', 20}, geo => 'ASIA' ],
2453 -or => { workhrs => {'<', 50}, geo => 'EURO' },
32eab2da 2454 ],
2455 ],
2456 );
2457
2458That would yield:
2459
13cc86af 2460 $stmt = "WHERE ( user = ?
2461 AND ( ( workhrs > ? AND geo = ? )
2462 OR ( workhrs < ? OR geo = ? ) ) )";
2463 @bind = ('nwiger', '20', 'ASIA', '50', 'EURO');
107b72f1 2464
cc422895 2465=head3 Algebraic inconsistency, for historical reasons
107b72f1 2466
7cac25e6 2467C<Important note>: when connecting several conditions, the C<-and->|C<-or>
2468operator goes C<outside> of the nested structure; whereas when connecting
2469several constraints on one column, the C<-and> operator goes
be21dde3 2470C<inside> the arrayref. Here is an example combining both features:
7cac25e6 2471
2472 my @where = (
2473 -and => [a => 1, b => 2],
2474 -or => [c => 3, d => 4],
2475 e => [-and => {-like => 'foo%'}, {-like => '%bar'} ]
2476 )
2477
2478yielding
2479
9d48860e 2480 WHERE ( ( ( a = ? AND b = ? )
2481 OR ( c = ? OR d = ? )
7cac25e6 2482 OR ( e LIKE ? AND e LIKE ? ) ) )
2483
107b72f1 2484This difference in syntax is unfortunate but must be preserved for
be21dde3 2485historical reasons. So be careful: the two examples below would
107b72f1 2486seem algebraically equivalent, but they are not
2487
a948b1fe 2488 { col => [ -and =>
2489 { -like => 'foo%' },
2490 { -like => '%bar' },
2491 ] }
be21dde3 2492 # yields: WHERE ( ( col LIKE ? AND col LIKE ? ) )
107b72f1 2493
a948b1fe 2494 [ -and =>
2495 { col => { -like => 'foo%' } },
2496 { col => { -like => '%bar' } },
2497 ]
be21dde3 2498 # yields: WHERE ( ( col LIKE ? OR col LIKE ? ) )
107b72f1 2499
7cac25e6 2500
cc422895 2501=head2 Literal SQL and value type operators
96449e8e 2502
cc422895 2503The basic premise of SQL::Abstract is that in WHERE specifications the "left
2504side" is a column name and the "right side" is a value (normally rendered as
2505a placeholder). This holds true for both hashrefs and arrayref pairs as you
2506see in the L</WHERE CLAUSES> examples above. Sometimes it is necessary to
2507alter this behavior. There are several ways of doing so.
e9614080 2508
cc422895 2509=head3 -ident
2510
2511This is a virtual operator that signals the string to its right side is an
2512identifier (a column name) and not a value. For example to compare two
2513columns you would write:
32eab2da 2514
e9614080 2515 my %where = (
2516 priority => { '<', 2 },
cc422895 2517 requestor => { -ident => 'submitter' },
e9614080 2518 );
2519
2520which creates:
2521
2522 $stmt = "WHERE priority < ? AND requestor = submitter";
2523 @bind = ('2');
2524
cc422895 2525If you are maintaining legacy code you may see a different construct as
2526described in L</Deprecated usage of Literal SQL>, please use C<-ident> in new
2527code.
2528
2529=head3 -value
e9614080 2530
cc422895 2531This is a virtual operator that signals that the construct to its right side
2532is a value to be passed to DBI. This is for example necessary when you want
2533to write a where clause against an array (for RDBMS that support such
2534datatypes). For example:
e9614080 2535
32eab2da 2536 my %where = (
cc422895 2537 array => { -value => [1, 2, 3] }
32eab2da 2538 );
2539
cc422895 2540will result in:
32eab2da 2541
cc422895 2542 $stmt = 'WHERE array = ?';
2543 @bind = ([1, 2, 3]);
32eab2da 2544
cc422895 2545Note that if you were to simply say:
32eab2da 2546
2547 my %where = (
cc422895 2548 array => [1, 2, 3]
32eab2da 2549 );
2550
3af02ccb 2551the result would probably not be what you wanted:
cc422895 2552
2553 $stmt = 'WHERE array = ? OR array = ? OR array = ?';
2554 @bind = (1, 2, 3);
2555
2556=head3 Literal SQL
96449e8e 2557
cc422895 2558Finally, sometimes only literal SQL will do. To include a random snippet
2559of SQL verbatim, you specify it as a scalar reference. Consider this only
2560as a last resort. Usually there is a better way. For example:
96449e8e 2561
2562 my %where = (
cc422895 2563 priority => { '<', 2 },
2564 requestor => { -in => \'(SELECT name FROM hitmen)' },
96449e8e 2565 );
2566
cc422895 2567Would create:
96449e8e 2568
cc422895 2569 $stmt = "WHERE priority < ? AND requestor IN (SELECT name FROM hitmen)"
2570 @bind = (2);
2571
2572Note that in this example, you only get one bind parameter back, since
2573the verbatim SQL is passed as part of the statement.
2574
2575=head4 CAVEAT
2576
2577 Never use untrusted input as a literal SQL argument - this is a massive
2578 security risk (there is no way to check literal snippets for SQL
2579 injections and other nastyness). If you need to deal with untrusted input
2580 use literal SQL with placeholders as described next.
96449e8e 2581
cc422895 2582=head3 Literal SQL with placeholders and bind values (subqueries)
96449e8e 2583
2584If the literal SQL to be inserted has placeholders and bind values,
2585use a reference to an arrayref (yes this is a double reference --
2586not so common, but perfectly legal Perl). For example, to find a date
2587in Postgres you can use something like this:
2588
2589 my %where = (
3ae1c5e2 2590 date_column => \[ "= date '2008-09-30' - ?::integer", 10 ]
96449e8e 2591 )
2592
2593This would create:
2594
d2a8fe1a 2595 $stmt = "WHERE ( date_column = date '2008-09-30' - ?::integer )"
96449e8e 2596 @bind = ('10');
2597
deb148a2 2598Note that you must pass the bind values in the same format as they are returned
85783f3c 2599by L<where|/where(\%where, $order)>. This means that if you set L</bindtype>
1f490ae4 2600to C<columns>, you must provide the bind values in the
2601C<< [ column_meta => value ] >> format, where C<column_meta> is an opaque
2602scalar value; most commonly the column name, but you can use any scalar value
2603(including references and blessed references), L<SQL::Abstract> will simply
2604pass it through intact. So if C<bindtype> is set to C<columns> the above
2605example will look like:
deb148a2 2606
2607 my %where = (
3ae1c5e2 2608 date_column => \[ "= date '2008-09-30' - ?::integer", [ {} => 10 ] ]
deb148a2 2609 )
96449e8e 2610
2611Literal SQL is especially useful for nesting parenthesized clauses in the
be21dde3 2612main SQL query. Here is a first example:
96449e8e 2613
2614 my ($sub_stmt, @sub_bind) = ("SELECT c1 FROM t1 WHERE c2 < ? AND c3 LIKE ?",
2615 100, "foo%");
2616 my %where = (
2617 foo => 1234,
2618 bar => \["IN ($sub_stmt)" => @sub_bind],
2619 );
2620
be21dde3 2621This yields:
96449e8e 2622
9d48860e 2623 $stmt = "WHERE (foo = ? AND bar IN (SELECT c1 FROM t1
96449e8e 2624 WHERE c2 < ? AND c3 LIKE ?))";
2625 @bind = (1234, 100, "foo%");
2626
9d48860e 2627Other subquery operators, like for example C<"E<gt> ALL"> or C<"NOT IN">,
96449e8e 2628are expressed in the same way. Of course the C<$sub_stmt> and
9d48860e 2629its associated bind values can be generated through a former call
96449e8e 2630to C<select()> :
2631
2632 my ($sub_stmt, @sub_bind)
9d48860e 2633 = $sql->select("t1", "c1", {c2 => {"<" => 100},
96449e8e 2634 c3 => {-like => "foo%"}});
2635 my %where = (
2636 foo => 1234,
2637 bar => \["> ALL ($sub_stmt)" => @sub_bind],
2638 );
2639
2640In the examples above, the subquery was used as an operator on a column;
9d48860e 2641but the same principle also applies for a clause within the main C<%where>
be21dde3 2642hash, like an EXISTS subquery:
96449e8e 2643
9d48860e 2644 my ($sub_stmt, @sub_bind)
96449e8e 2645 = $sql->select("t1", "*", {c1 => 1, c2 => \"> t0.c0"});
48d9f5f8 2646 my %where = ( -and => [
96449e8e 2647 foo => 1234,
48d9f5f8 2648 \["EXISTS ($sub_stmt)" => @sub_bind],
2649 ]);
96449e8e 2650
2651which yields
2652
9d48860e 2653 $stmt = "WHERE (foo = ? AND EXISTS (SELECT * FROM t1
96449e8e 2654 WHERE c1 = ? AND c2 > t0.c0))";
2655 @bind = (1234, 1);
2656
2657
9d48860e 2658Observe that the condition on C<c2> in the subquery refers to
be21dde3 2659column C<t0.c0> of the main query: this is I<not> a bind
9d48860e 2660value, so we have to express it through a scalar ref.
96449e8e 2661Writing C<< c2 => {">" => "t0.c0"} >> would have generated
2662C<< c2 > ? >> with bind value C<"t0.c0"> ... not exactly
2663what we wanted here.
2664
96449e8e 2665Finally, here is an example where a subquery is used
2666for expressing unary negation:
2667
9d48860e 2668 my ($sub_stmt, @sub_bind)
96449e8e 2669 = $sql->where({age => [{"<" => 10}, {">" => 20}]});
2670 $sub_stmt =~ s/^ where //i; # don't want "WHERE" in the subclause
2671 my %where = (
2672 lname => {like => '%son%'},
48d9f5f8 2673 \["NOT ($sub_stmt)" => @sub_bind],
96449e8e 2674 );
2675
2676This yields
2677
2678 $stmt = "lname LIKE ? AND NOT ( age < ? OR age > ? )"
2679 @bind = ('%son%', 10, 20)
2680
cc422895 2681=head3 Deprecated usage of Literal SQL
2682
2683Below are some examples of archaic use of literal SQL. It is shown only as
2684reference for those who deal with legacy code. Each example has a much
2685better, cleaner and safer alternative that users should opt for in new code.
2686
2687=over
2688
2689=item *
2690
2691 my %where = ( requestor => \'IS NOT NULL' )
2692
2693 $stmt = "WHERE requestor IS NOT NULL"
2694
2695This used to be the way of generating NULL comparisons, before the handling
2696of C<undef> got formalized. For new code please use the superior syntax as
2697described in L</Tests for NULL values>.
96449e8e 2698
cc422895 2699=item *
2700
2701 my %where = ( requestor => \'= submitter' )
2702
2703 $stmt = "WHERE requestor = submitter"
2704
2705This used to be the only way to compare columns. Use the superior L</-ident>
2706method for all new code. For example an identifier declared in such a way
2707will be properly quoted if L</quote_char> is properly set, while the legacy
2708form will remain as supplied.
2709
2710=item *
2711
2712 my %where = ( is_ready => \"", completed => { '>', '2012-12-21' } )
2713
2714 $stmt = "WHERE completed > ? AND is_ready"
2715 @bind = ('2012-12-21')
2716
2717Using an empty string literal used to be the only way to express a boolean.
2718For all new code please use the much more readable
2719L<-bool|/Unary operators: bool> operator.
2720
2721=back
96449e8e 2722
2723=head2 Conclusion
2724
32eab2da 2725These pages could go on for a while, since the nesting of the data
2726structures this module can handle are pretty much unlimited (the
2727module implements the C<WHERE> expansion as a recursive function
2728internally). Your best bet is to "play around" with the module a
2729little to see how the data structures behave, and choose the best
2730format for your data based on that.
2731
2732And of course, all the values above will probably be replaced with
2733variables gotten from forms or the command line. After all, if you
2734knew everything ahead of time, you wouldn't have to worry about
2735dynamically-generating SQL and could just hardwire it into your
2736script.
2737
86298391 2738=head1 ORDER BY CLAUSES
2739
9d48860e 2740Some functions take an order by clause. This can either be a scalar (just a
18710f60 2741column name), a hashref of C<< { -desc => 'col' } >> or C<< { -asc => 'col' }
2742>>, a scalarref, an arrayref-ref, or an arrayref of any of the previous
2743forms. Examples:
1cfa1db3 2744
8c15b421 2745 Given | Will Generate
18710f60 2746 ---------------------------------------------------------------
8c15b421 2747 |
2748 'colA' | ORDER BY colA
2749 |
2750 [qw/colA colB/] | ORDER BY colA, colB
2751 |
2752 {-asc => 'colA'} | ORDER BY colA ASC
2753 |
2754 {-desc => 'colB'} | ORDER BY colB DESC
2755 |
2756 ['colA', {-asc => 'colB'}] | ORDER BY colA, colB ASC
2757 |
2758 { -asc => [qw/colA colB/] } | ORDER BY colA ASC, colB ASC
2759 |
2760 \'colA DESC' | ORDER BY colA DESC
2761 |
2762 \[ 'FUNC(colA, ?)', $x ] | ORDER BY FUNC(colA, ?)
2763 | /* ...with $x bound to ? */
2764 |
bd805d85 2765 [ | ORDER BY
2766 { -asc => 'colA' }, | colA ASC,
2767 { -desc => [qw/colB/] }, | colB DESC,
2768 { -asc => [qw/colC colD/] },| colC ASC, colD ASC,
2769 \'colE DESC', | colE DESC,
2770 \[ 'FUNC(colF, ?)', $x ], | FUNC(colF, ?)
2771 ] | /* ...with $x bound to ? */
18710f60 2772 ===============================================================
86298391 2773
96449e8e 2774
2775
2776=head1 SPECIAL OPERATORS
2777
e3f9dff4 2778 my $sqlmaker = SQL::Abstract->new(special_ops => [
3a2e1a5e 2779 {
2780 regex => qr/.../,
e3f9dff4 2781 handler => sub {
2782 my ($self, $field, $op, $arg) = @_;
2783 ...
3a2e1a5e 2784 },
2785 },
2786 {
2787 regex => qr/.../,
2788 handler => 'method_name',
e3f9dff4 2789 },
2790 ]);
2791
9d48860e 2792A "special operator" is a SQL syntactic clause that can be
e3f9dff4 2793applied to a field, instead of a usual binary operator.
be21dde3 2794For example:
e3f9dff4 2795
2796 WHERE field IN (?, ?, ?)
2797 WHERE field BETWEEN ? AND ?
2798 WHERE MATCH(field) AGAINST (?, ?)
96449e8e 2799
e3f9dff4 2800Special operators IN and BETWEEN are fairly standard and therefore
3a2e1a5e 2801are builtin within C<SQL::Abstract> (as the overridable methods
2802C<_where_field_IN> and C<_where_field_BETWEEN>). For other operators,
2803like the MATCH .. AGAINST example above which is specific to MySQL,
2804you can write your own operator handlers - supply a C<special_ops>
2805argument to the C<new> method. That argument takes an arrayref of
2806operator definitions; each operator definition is a hashref with two
2807entries:
96449e8e 2808
e3f9dff4 2809=over
2810
2811=item regex
2812
2813the regular expression to match the operator
96449e8e 2814
e3f9dff4 2815=item handler
2816
3a2e1a5e 2817Either a coderef or a plain scalar method name. In both cases
2818the expected return is C<< ($sql, @bind) >>.
2819
2820When supplied with a method name, it is simply called on the
13cc86af 2821L<SQL::Abstract> object as:
3a2e1a5e 2822
ca4f826a 2823 $self->$method_name($field, $op, $arg)
3a2e1a5e 2824
2825 Where:
2826
3a2e1a5e 2827 $field is the LHS of the operator
13cc86af 2828 $op is the part that matched the handler regex
3a2e1a5e 2829 $arg is the RHS
2830
2831When supplied with a coderef, it is called as:
2832
2833 $coderef->($self, $field, $op, $arg)
2834
e3f9dff4 2835
2836=back
2837
9d48860e 2838For example, here is an implementation
e3f9dff4 2839of the MATCH .. AGAINST syntax for MySQL
2840
2841 my $sqlmaker = SQL::Abstract->new(special_ops => [
9d48860e 2842
e3f9dff4 2843 # special op for MySql MATCH (field) AGAINST(word1, word2, ...)
9d48860e 2844 {regex => qr/^match$/i,
e3f9dff4 2845 handler => sub {
2846 my ($self, $field, $op, $arg) = @_;
2847 $arg = [$arg] if not ref $arg;
2848 my $label = $self->_quote($field);
2849 my ($placeholder) = $self->_convert('?');
2850 my $placeholders = join ", ", (($placeholder) x @$arg);
2851 my $sql = $self->_sqlcase('match') . " ($label) "
2852 . $self->_sqlcase('against') . " ($placeholders) ";
2853 my @bind = $self->_bindtype($field, @$arg);
2854 return ($sql, @bind);
2855 }
2856 },
9d48860e 2857
e3f9dff4 2858 ]);
96449e8e 2859
2860
59f23b3d 2861=head1 UNARY OPERATORS
2862
112b5232 2863 my $sqlmaker = SQL::Abstract->new(unary_ops => [
59f23b3d 2864 {
2865 regex => qr/.../,
2866 handler => sub {
2867 my ($self, $op, $arg) = @_;
2868 ...
2869 },
2870 },
2871 {
2872 regex => qr/.../,
2873 handler => 'method_name',
2874 },
2875 ]);
2876
9d48860e 2877A "unary operator" is a SQL syntactic clause that can be
59f23b3d 2878applied to a field - the operator goes before the field
2879
2880You can write your own operator handlers - supply a C<unary_ops>
2881argument to the C<new> method. That argument takes an arrayref of
2882operator definitions; each operator definition is a hashref with two
2883entries:
2884
2885=over
2886
2887=item regex
2888
2889the regular expression to match the operator
2890
2891=item handler
2892
2893Either a coderef or a plain scalar method name. In both cases
2894the expected return is C<< $sql >>.
2895
2896When supplied with a method name, it is simply called on the
13cc86af 2897L<SQL::Abstract> object as:
59f23b3d 2898
ca4f826a 2899 $self->$method_name($op, $arg)
59f23b3d 2900
2901 Where:
2902
2903 $op is the part that matched the handler regex
2904 $arg is the RHS or argument of the operator
2905
2906When supplied with a coderef, it is called as:
2907
2908 $coderef->($self, $op, $arg)
2909
2910
2911=back
2912
2913
32eab2da 2914=head1 PERFORMANCE
2915
2916Thanks to some benchmarking by Mark Stosberg, it turns out that
2917this module is many orders of magnitude faster than using C<DBIx::Abstract>.
2918I must admit this wasn't an intentional design issue, but it's a
2919byproduct of the fact that you get to control your C<DBI> handles
2920yourself.
2921
2922To maximize performance, use a code snippet like the following:
2923
2924 # prepare a statement handle using the first row
2925 # and then reuse it for the rest of the rows
2926 my($sth, $stmt);
2927 for my $href (@array_of_hashrefs) {
2928 $stmt ||= $sql->insert('table', $href);
2929 $sth ||= $dbh->prepare($stmt);
2930 $sth->execute($sql->values($href));
2931 }
2932
2933The reason this works is because the keys in your C<$href> are sorted
2934internally by B<SQL::Abstract>. Thus, as long as your data retains
2935the same structure, you only have to generate the SQL the first time
2936around. On subsequent queries, simply use the C<values> function provided
2937by this module to return your values in the correct order.
2938
b864ba9b 2939However this depends on the values having the same type - if, for
2940example, the values of a where clause may either have values
2941(resulting in sql of the form C<column = ?> with a single bind
2942value), or alternatively the values might be C<undef> (resulting in
2943sql of the form C<column IS NULL> with no bind value) then the
2944caching technique suggested will not work.
96449e8e 2945
32eab2da 2946=head1 FORMBUILDER
2947
2948If you use my C<CGI::FormBuilder> module at all, you'll hopefully
2949really like this part (I do, at least). Building up a complex query
2950can be as simple as the following:
2951
2952 #!/usr/bin/perl
2953
46dc2f3e 2954 use warnings;
2955 use strict;
2956
32eab2da 2957 use CGI::FormBuilder;
2958 use SQL::Abstract;
2959
2960 my $form = CGI::FormBuilder->new(...);
2961 my $sql = SQL::Abstract->new;
2962
2963 if ($form->submitted) {
2964 my $field = $form->field;
2965 my $id = delete $field->{id};
2966 my($stmt, @bind) = $sql->update('table', $field, {id => $id});
2967 }
2968
2969Of course, you would still have to connect using C<DBI> to run the
2970query, but the point is that if you make your form look like your
2971table, the actual query script can be extremely simplistic.
2972
2973If you're B<REALLY> lazy (I am), check out C<HTML::QuickTable> for
9d48860e 2974a fast interface to returning and formatting data. I frequently
32eab2da 2975use these three modules together to write complex database query
2976apps in under 50 lines.
2977
af733667 2978=head1 HOW TO CONTRIBUTE
2979
2980Contributions are always welcome, in all usable forms (we especially
2981welcome documentation improvements). The delivery methods include git-
2982or unified-diff formatted patches, GitHub pull requests, or plain bug
2983reports either via RT or the Mailing list. Contributors are generally
2984granted full access to the official repository after their first several
2985patches pass successful review.
2986
2987This project is maintained in a git repository. The code and related tools are
2988accessible at the following locations:
d8cc1792 2989
2990=over
2991
af733667 2992=item * Official repo: L<git://git.shadowcat.co.uk/dbsrgits/SQL-Abstract.git>
2993
2994=item * Official gitweb: L<http://git.shadowcat.co.uk/gitweb/gitweb.cgi?p=dbsrgits/SQL-Abstract.git>
2995
2996=item * GitHub mirror: L<https://github.com/dbsrgits/sql-abstract>
d8cc1792 2997
af733667 2998=item * Authorized committers: L<ssh://dbsrgits@git.shadowcat.co.uk/SQL-Abstract.git>
d8cc1792 2999
3000=back
32eab2da 3001
96449e8e 3002=head1 CHANGES
3003
3004Version 1.50 was a major internal refactoring of C<SQL::Abstract>.
3005Great care has been taken to preserve the I<published> behavior
3006documented in previous versions in the 1.* family; however,
9d48860e 3007some features that were previously undocumented, or behaved
96449e8e 3008differently from the documentation, had to be changed in order
3009to clarify the semantics. Hence, client code that was relying
9d48860e 3010on some dark areas of C<SQL::Abstract> v1.*
96449e8e 3011B<might behave differently> in v1.50.
32eab2da 3012
be21dde3 3013The main changes are:
d2a8fe1a 3014
96449e8e 3015=over
32eab2da 3016
9d48860e 3017=item *
32eab2da 3018
3ae1c5e2 3019support for literal SQL through the C<< \ [ $sql, @bind ] >> syntax.
96449e8e 3020
3021=item *
3022
145fbfc8 3023support for the { operator => \"..." } construct (to embed literal SQL)
3024
3025=item *
3026
9c37b9c0 3027support for the { operator => \["...", @bind] } construct (to embed literal SQL with bind values)
3028
3029=item *
3030
96449e8e 3031optional support for L<array datatypes|/"Inserting and Updating Arrays">
3032
9d48860e 3033=item *
96449e8e 3034
be21dde3 3035defensive programming: check arguments
96449e8e 3036
3037=item *
3038
3039fixed bug with global logic, which was previously implemented
7cac25e6 3040through global variables yielding side-effects. Prior versions would
96449e8e 3041interpret C<< [ {cond1, cond2}, [cond3, cond4] ] >>
3042as C<< "(cond1 AND cond2) OR (cond3 AND cond4)" >>.
3043Now this is interpreted
3044as C<< "(cond1 AND cond2) OR (cond3 OR cond4)" >>.
3045
96449e8e 3046
3047=item *
3048
3049fixed semantics of _bindtype on array args
3050
9d48860e 3051=item *
96449e8e 3052
3053dropped the C<_anoncopy> of the %where tree. No longer necessary,
3054we just avoid shifting arrays within that tree.
3055
3056=item *
3057
3058dropped the C<_modlogic> function
3059
3060=back
32eab2da 3061
32eab2da 3062=head1 ACKNOWLEDGEMENTS
3063
3064There are a number of individuals that have really helped out with
3065this module. Unfortunately, most of them submitted bugs via CPAN
3066so I have no idea who they are! But the people I do know are:
3067
9d48860e 3068 Ash Berlin (order_by hash term support)
b643abe1 3069 Matt Trout (DBIx::Class support)
32eab2da 3070 Mark Stosberg (benchmarking)
3071 Chas Owens (initial "IN" operator support)
3072 Philip Collins (per-field SQL functions)
3073 Eric Kolve (hashref "AND" support)
3074 Mike Fragassi (enhancements to "BETWEEN" and "LIKE")
3075 Dan Kubb (support for "quote_char" and "name_sep")
f5aab26e 3076 Guillermo Roditi (patch to cleanup "IN" and "BETWEEN", fix and tests for _order_by)
48d9f5f8 3077 Laurent Dami (internal refactoring, extensible list of special operators, literal SQL)
dbdf7648 3078 Norbert Buchmuller (support for literal SQL in hashpair, misc. fixes & tests)
e96c510a 3079 Peter Rabbitson (rewrite of SQLA::Test, misc. fixes & tests)
02288357 3080 Oliver Charles (support for "RETURNING" after "INSERT")
32eab2da 3081
3082Thanks!
3083
32eab2da 3084=head1 SEE ALSO
3085
86298391 3086L<DBIx::Class>, L<DBIx::Abstract>, L<CGI::FormBuilder>, L<HTML::QuickTable>.
32eab2da 3087
32eab2da 3088=head1 AUTHOR
3089
b643abe1 3090Copyright (c) 2001-2007 Nathan Wiger <nwiger@cpan.org>. All Rights Reserved.
3091
3092This module is actively maintained by Matt Trout <mst@shadowcatsystems.co.uk>
32eab2da 3093
abe72f94 3094For support, your best bet is to try the C<DBIx::Class> users mailing list.
3095While not an official support venue, C<DBIx::Class> makes heavy use of
3096C<SQL::Abstract>, and as such list members there are very familiar with
3097how to create queries.
3098
0d067ded 3099=head1 LICENSE
3100
d988ab87 3101This module is free software; you may copy this under the same
3102terms as perl itself (either the GNU General Public License or
3103the Artistic License)
32eab2da 3104
3105=cut
Unnamed repository; edit this file 'description' to name the repository.