projects / scpubgit/Q-Branch.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | history | HEAD
switch over to expr-render based generation
[scpubgit/Q-Branch.git] / lib / SQL / Abstract.pm
CommitLineData
96449e8e 1package SQL::Abstract; # see doc at end of file
2
96449e8e 3use strict;
4use warnings;
9d9d5bd6 5use Carp ();
312d830b 6use List::Util ();
7use Scalar::Util ();
96449e8e 8
0da0fe34 9use Exporter 'import';
10our @EXPORT_OK = qw(is_plain_value is_literal_value);
11
12BEGIN {
13 if ($] < 5.009_005) {
14 require MRO::Compat;
15 }
16 else {
17 require mro;
18 }
843a94b5 19
20 *SQL::Abstract::_ENV_::DETECT_AUTOGENERATED_STRINGIFICATION = $ENV{SQLA_ISVALUE_IGNORE_AUTOGENERATED_STRINGIFICATION}
21 ? sub () { 0 }
22 : sub () { 1 }
23 ;
0da0fe34 24}
25
96449e8e 26#======================================================================
27# GLOBALS
28#======================================================================
29
dc6afcf8 30our $VERSION = '1.86';
7479e27e 31
22f1a437 32# This would confuse some packagers
c520207b 33$VERSION = eval $VERSION if $VERSION =~ /_/; # numify for warning-free dev releases
96449e8e 34
35our $AUTOLOAD;
36
37# special operators (-in, -between). May be extended/overridden by user.
38# See section WHERE: BUILTIN SPECIAL OPERATORS below for implementation
39my @BUILTIN_SPECIAL_OPS = (
f663e672 40 {regex => qr/^ (?: not \s )? between $/ix, handler => sub { die "NOPE" }},
41 {regex => qr/^ (?: not \s )? in $/ix, handler => sub { die "NOPE" }},
87c8e45b 42 {regex => qr/^ is (?: \s+ not )? $/ix, handler => sub { die "NOPE" }},
96449e8e 43);
44
45#======================================================================
46# DEBUGGING AND ERROR REPORTING
47#======================================================================
48
49sub _debug {
50 return unless $_[0]->{debug}; shift; # a little faster
51 my $func = (caller(1))[3];
52 warn "[$func] ", @_, "\n";
53}
54
55sub belch (@) {
56 my($func) = (caller(1))[3];
9d9d5bd6 57 Carp::carp "[$func] Warning: ", @_;
96449e8e 58}
59
60sub puke (@) {
61 my($func) = (caller(1))[3];
9d9d5bd6 62 Carp::croak "[$func] Fatal: ", @_;
96449e8e 63}
64
0da0fe34 65sub is_literal_value ($) {
66 ref $_[0] eq 'SCALAR' ? [ ${$_[0]} ]
67 : ( ref $_[0] eq 'REF' and ref ${$_[0]} eq 'ARRAY' ) ? [ @${ $_[0] } ]
0da0fe34 68 : undef;
69}
70
71# FIXME XSify - this can be done so much more efficiently
72sub is_plain_value ($) {
73 no strict 'refs';
966200cc 74 ! length ref $_[0] ? \($_[0])
0da0fe34 75 : (
76 ref $_[0] eq 'HASH' and keys %{$_[0]} == 1
77 and
78 exists $_[0]->{-value}
966200cc 79 ) ? \($_[0]->{-value})
0da0fe34 80 : (
a1c9e0ff 81 # reuse @_ for even moar speedz
82 defined ( $_[1] = Scalar::Util::blessed $_[0] )
0da0fe34 83 and
84 # deliberately not using Devel::OverloadInfo - the checks we are
85 # intersted in are much more limited than the fullblown thing, and
86 # this is a very hot piece of code
87 (
e8d729d4 88 # simply using ->can('(""') can leave behind stub methods that
89 # break actually using the overload later (see L<perldiag/Stub
90 # found while resolving method "%s" overloading "%s" in package
91 # "%s"> and the source of overload::mycan())
44e54b41 92 #
0da0fe34 93 # either has stringification which DBI SHOULD prefer out of the box
a1c9e0ff 94 grep { *{ (qq[${_}::(""]) }{CODE} } @{ $_[2] = mro::get_linear_isa( $_[1] ) }
0da0fe34 95 or
20e178a8 96 # has nummification or boolification, AND fallback is *not* disabled
0da0fe34 97 (
843a94b5 98 SQL::Abstract::_ENV_::DETECT_AUTOGENERATED_STRINGIFICATION
99 and
20e178a8 100 (
101 grep { *{"${_}::(0+"}{CODE} } @{$_[2]}
102 or
103 grep { *{"${_}::(bool"}{CODE} } @{$_[2]}
104 )
0da0fe34 105 and
106 (
107 # no fallback specified at all
a1c9e0ff 108 ! ( ($_[3]) = grep { *{"${_}::()"}{CODE} } @{$_[2]} )
0da0fe34 109 or
110 # fallback explicitly undef
a1c9e0ff 111 ! defined ${"$_[3]::()"}
0da0fe34 112 or
113 # explicitly true
a1c9e0ff 114 !! ${"$_[3]::()"}
0da0fe34 115 )
116 )
117 )
966200cc 118 ) ? \($_[0])
0da0fe34 119 : undef;
120}
121
122
96449e8e 123
124#======================================================================
125# NEW
126#======================================================================
127
128sub new {
129 my $self = shift;
130 my $class = ref($self) || $self;
131 my %opt = (ref $_[0] eq 'HASH') ? %{$_[0]} : @_;
132
133 # choose our case by keeping an option around
134 delete $opt{case} if $opt{case} && $opt{case} ne 'lower';
135
136 # default logic for interpreting arrayrefs
ef559da3 137 $opt{logic} = $opt{logic} ? uc $opt{logic} : 'OR';
96449e8e 138
139 # how to return bind vars
96449e8e 140 $opt{bindtype} ||= 'normal';
141
142 # default comparison is "=", but can be overridden
143 $opt{cmp} ||= '=';
144
3af02ccb 145 # try to recognize which are the 'equality' and 'inequality' ops
3cdadcbe 146 # (temporary quickfix (in 2007), should go through a more seasoned API)
147 $opt{equality_op} = qr/^( \Q$opt{cmp}\E | \= )$/ix;
148 $opt{inequality_op} = qr/^( != | <> )$/ix;
149
150 $opt{like_op} = qr/^ (is\s+)? r?like $/xi;
151 $opt{not_like_op} = qr/^ (is\s+)? not \s+ r?like $/xi;
96449e8e 152
153 # SQL booleans
154 $opt{sqltrue} ||= '1=1';
155 $opt{sqlfalse} ||= '0=1';
156
9d48860e 157 # special operators
99a65fa8 158 $opt{user_special_ops} = [ @{$opt{special_ops} ||= []} ];
b6251592 159 # regexes are applied in order, thus push after user-defines
96449e8e 160 push @{$opt{special_ops}}, @BUILTIN_SPECIAL_OPS;
161
9d48860e 162 # unary operators
59f23b3d 163 $opt{unary_ops} ||= [];
59f23b3d 164
3af02ccb 165 # rudimentary sanity-check for user supplied bits treated as functions/operators
b6251592 166 # If a purported function matches this regular expression, an exception is thrown.
167 # Literal SQL is *NOT* subject to this check, only functions (and column names
168 # when quoting is not in effect)
96449e8e 169
b6251592 170 # FIXME
171 # need to guard against ()'s in column names too, but this will break tons of
172 # hacks... ideas anyone?
173 $opt{injection_guard} ||= qr/
174 \;
175 |
176 ^ \s* go \s
177 /xmi;
96449e8e 178
b6251592 179 return bless \%opt, $class;
180}
96449e8e 181
e175845b 182sub sqltrue { +{ -literal => [ $_[0]->{sqltrue} ] } }
183sub sqlfalse { +{ -literal => [ $_[0]->{sqlfalse} ] } }
170e6c33 184
185sub _assert_pass_injection_guard {
186 if ($_[1] =~ $_[0]->{injection_guard}) {
187 my $class = ref $_[0];
188 puke "Possible SQL injection attempt '$_[1]'. If this is indeed a part of the "
189 . "desired SQL use literal SQL ( \'...' or \[ '...' ] ) or supply your own "
190 . "{injection_guard} attribute to ${class}->new()"
191 }
192}
193
194
96449e8e 195#======================================================================
196# INSERT methods
197#======================================================================
198
199sub insert {
02288357 200 my $self = shift;
201 my $table = $self->_table(shift);
202 my $data = shift || return;
203 my $options = shift;
96449e8e 204
205 my $method = $self->_METHOD_FOR_refkind("_insert", $data);
02288357 206 my ($sql, @bind) = $self->$method($data);
96449e8e 207 $sql = join " ", $self->_sqlcase('insert into'), $table, $sql;
02288357 208
e82e648a 209 if ($options->{returning}) {
ca4f826a 210 my ($s, @b) = $self->_insert_returning($options);
e82e648a 211 $sql .= $s;
212 push @bind, @b;
02288357 213 }
214
96449e8e 215 return wantarray ? ($sql, @bind) : $sql;
216}
217
60f3fd3f 218# So that subclasses can override INSERT ... RETURNING separately from
219# UPDATE and DELETE (e.g. DBIx::Class::SQLMaker::Oracle does this)
b17a3ece 220sub _insert_returning { shift->_returning(@_) }
221
95904db5 222sub _returning {
e82e648a 223 my ($self, $options) = @_;
6b1fe79d 224
e82e648a 225 my $f = $options->{returning};
226
227 my $fieldlist = $self->_SWITCH_refkind($f, {
228 ARRAYREF => sub {join ', ', map { $self->_quote($_) } @$f;},
229 SCALAR => sub {$self->_quote($f)},
230 SCALARREF => sub {$$f},
6b1fe79d 231 });
e82e648a 232 return $self->_sqlcase(' returning ') . $fieldlist;
6b1fe79d 233}
234
96449e8e 235sub _insert_HASHREF { # explicit list of fields and then values
236 my ($self, $data) = @_;
237
238 my @fields = sort keys %$data;
239
fe3ae272 240 my ($sql, @bind) = $self->_insert_values($data);
96449e8e 241
242 # assemble SQL
243 $_ = $self->_quote($_) foreach @fields;
244 $sql = "( ".join(", ", @fields).") ".$sql;
245
246 return ($sql, @bind);
247}
248
249sub _insert_ARRAYREF { # just generate values(?,?) part (no list of fields)
250 my ($self, $data) = @_;
251
252 # no names (arrayref) so can't generate bindtype
253 $self->{bindtype} ne 'columns'
254 or belch "can't do 'columns' bindtype when called with arrayref";
255
19b6ccce 256 my (@values, @all_bind);
257 foreach my $value (@$data) {
258 my ($values, @bind) = $self->_insert_value(undef, $value);
259 push @values, $values;
260 push @all_bind, @bind;
261 }
262 my $sql = $self->_sqlcase('values')." ( ".join(", ", @values)." )";
263 return ($sql, @all_bind);
fe3ae272 264}
265
266sub _insert_ARRAYREFREF { # literal SQL with bind
267 my ($self, $data) = @_;
268
269 my ($sql, @bind) = @${$data};
270 $self->_assert_bindval_matches_bindtype(@bind);
271
272 return ($sql, @bind);
273}
274
275
276sub _insert_SCALARREF { # literal SQL without bind
277 my ($self, $data) = @_;
278
279 return ($$data);
280}
281
282sub _insert_values {
283 my ($self, $data) = @_;
284
96449e8e 285 my (@values, @all_bind);
fe3ae272 286 foreach my $column (sort keys %$data) {
19b6ccce 287 my ($values, @bind) = $self->_insert_value($column, $data->{$column});
288 push @values, $values;
289 push @all_bind, @bind;
290 }
291 my $sql = $self->_sqlcase('values')." ( ".join(", ", @values)." )";
292 return ($sql, @all_bind);
293}
96449e8e 294
19b6ccce 295sub _insert_value {
296 my ($self, $column, $v) = @_;
96449e8e 297
19b6ccce 298 my (@values, @all_bind);
299 $self->_SWITCH_refkind($v, {
96449e8e 300
19b6ccce 301 ARRAYREF => sub {
302 if ($self->{array_datatypes}) { # if array datatype are activated
96449e8e 303 push @values, '?';
fe3ae272 304 push @all_bind, $self->_bindtype($column, $v);
19b6ccce 305 }
306 else { # else literal SQL with bind
307 my ($sql, @bind) = @$v;
308 $self->_assert_bindval_matches_bindtype(@bind);
309 push @values, $sql;
310 push @all_bind, @bind;
311 }
312 },
313
314 ARRAYREFREF => sub { # literal SQL with bind
315 my ($sql, @bind) = @${$v};
316 $self->_assert_bindval_matches_bindtype(@bind);
317 push @values, $sql;
318 push @all_bind, @bind;
319 },
320
be21dde3 321 # THINK: anything useful to do with a HASHREF ?
19b6ccce 322 HASHREF => sub { # (nothing, but old SQLA passed it through)
323 #TODO in SQLA >= 2.0 it will die instead
324 belch "HASH ref as bind value in insert is not supported";
325 push @values, '?';
326 push @all_bind, $self->_bindtype($column, $v);
327 },
328
329 SCALARREF => sub { # literal SQL without bind
330 push @values, $$v;
331 },
332
333 SCALAR_or_UNDEF => sub {
334 push @values, '?';
335 push @all_bind, $self->_bindtype($column, $v);
336 },
96449e8e 337
19b6ccce 338 });
96449e8e 339
19b6ccce 340 my $sql = join(", ", @values);
96449e8e 341 return ($sql, @all_bind);
342}
343
344
96449e8e 345
346#======================================================================
347# UPDATE methods
348#======================================================================
349
350
351sub update {
95904db5 352 my $self = shift;
353 my $table = $self->_table(shift);
354 my $data = shift || return;
355 my $where = shift;
356 my $options = shift;
96449e8e 357
358 # first build the 'SET' part of the sql statement
96449e8e 359 puke "Unsupported data type specified to \$sql->update"
360 unless ref $data eq 'HASH';
361
9ade906e 362 my ($sql, @all_bind) = $self->_update_set_values($data);
a9e94508 363 $sql = $self->_sqlcase('update ') . $table . $self->_sqlcase(' set ')
9ade906e 364 . $sql;
365
366 if ($where) {
367 my($where_sql, @where_bind) = $self->where($where);
368 $sql .= $where_sql;
369 push @all_bind, @where_bind;
370 }
371
372 if ($options->{returning}) {
373 my ($returning_sql, @returning_bind) = $self->_update_returning($options);
374 $sql .= $returning_sql;
375 push @all_bind, @returning_bind;
376 }
377
378 return wantarray ? ($sql, @all_bind) : $sql;
379}
380
381sub _update_set_values {
382 my ($self, $data) = @_;
383
384 my (@set, @all_bind);
96449e8e 385 for my $k (sort keys %$data) {
386 my $v = $data->{$k};
387 my $r = ref $v;
388 my $label = $self->_quote($k);
389
390 $self->_SWITCH_refkind($v, {
9d48860e 391 ARRAYREF => sub {
96449e8e 392 if ($self->{array_datatypes}) { # array datatype
393 push @set, "$label = ?";
394 push @all_bind, $self->_bindtype($k, $v);
395 }
396 else { # literal SQL with bind
397 my ($sql, @bind) = @$v;
fe3ae272 398 $self->_assert_bindval_matches_bindtype(@bind);
96449e8e 399 push @set, "$label = $sql";
fe3ae272 400 push @all_bind, @bind;
96449e8e 401 }
402 },
403 ARRAYREFREF => sub { # literal SQL with bind
404 my ($sql, @bind) = @${$v};
fe3ae272 405 $self->_assert_bindval_matches_bindtype(@bind);
96449e8e 406 push @set, "$label = $sql";
fe3ae272 407 push @all_bind, @bind;
96449e8e 408 },
409 SCALARREF => sub { # literal SQL without bind
410 push @set, "$label = $$v";
0ec3aec7 411 },
412 HASHREF => sub {
413 my ($op, $arg, @rest) = %$v;
414
415 puke 'Operator calls in update must be in the form { -op => $arg }'
416 if (@rest or not $op =~ /^\-(.+)/);
417
cbb4eeaf 418 local our $Cur_Col_Meta = $k;
419 my ($sql, @bind) = $self->_render_expr(
420 $self->_expand_expr_hashpair($op, $arg)
421 );
0ec3aec7 422
423 push @set, "$label = $sql";
424 push @all_bind, @bind;
425 },
96449e8e 426 SCALAR_or_UNDEF => sub {
427 push @set, "$label = ?";
428 push @all_bind, $self->_bindtype($k, $v);
429 },
430 });
431 }
432
433 # generate sql
9ade906e 434 my $sql = join ', ', @set;
96449e8e 435
9ade906e 436 return ($sql, @all_bind);
96449e8e 437}
438
60f3fd3f 439# So that subclasses can override UPDATE ... RETURNING separately from
440# INSERT and DELETE
20bb2ad5 441sub _update_returning { shift->_returning(@_) }
96449e8e 442
443
444
445#======================================================================
446# SELECT
447#======================================================================
448
449
450sub select {
451 my $self = shift;
452 my $table = $self->_table(shift);
453 my $fields = shift || '*';
454 my $where = shift;
455 my $order = shift;
456
daa4ccdd 457 my ($fields_sql, @bind) = $self->_select_fields($fields);
96449e8e 458
daa4ccdd 459 my ($where_sql, @where_bind) = $self->where($where, $order);
460 push @bind, @where_bind;
461
462 my $sql = join(' ', $self->_sqlcase('select'), $fields_sql,
96449e8e 463 $self->_sqlcase('from'), $table)
464 . $where_sql;
465
9d48860e 466 return wantarray ? ($sql, @bind) : $sql;
96449e8e 467}
468
daa4ccdd 469sub _select_fields {
470 my ($self, $fields) = @_;
471 return ref $fields eq 'ARRAY' ? join ', ', map { $self->_quote($_) } @$fields
472 : $fields;
473}
474
96449e8e 475#======================================================================
476# DELETE
477#======================================================================
478
479
480sub delete {
85327cd5 481 my $self = shift;
482 my $table = $self->_table(shift);
483 my $where = shift;
484 my $options = shift;
96449e8e 485
486 my($where_sql, @bind) = $self->where($where);
a9e94508 487 my $sql = $self->_sqlcase('delete from ') . $table . $where_sql;
96449e8e 488
85327cd5 489 if ($options->{returning}) {
ca4f826a 490 my ($returning_sql, @returning_bind) = $self->_delete_returning($options);
85327cd5 491 $sql .= $returning_sql;
492 push @bind, @returning_bind;
493 }
494
9d48860e 495 return wantarray ? ($sql, @bind) : $sql;
96449e8e 496}
497
60f3fd3f 498# So that subclasses can override DELETE ... RETURNING separately from
499# INSERT and UPDATE
85327cd5 500sub _delete_returning { shift->_returning(@_) }
501
502
96449e8e 503
504#======================================================================
505# WHERE: entry point
506#======================================================================
507
508
509
510# Finally, a separate routine just to handle WHERE clauses
511sub where {
512 my ($self, $where, $order) = @_;
513
514 # where ?
e175845b 515 my ($sql, @bind) = defined($where)
516 ? $self->_recurse_where($where)
517 : (undef);
417dd15e 518 $sql = (defined $sql and length $sql) ? $self->_sqlcase(' where ') . "( $sql )" : '';
96449e8e 519
520 # order by?
521 if ($order) {
26fe4d30 522 my ($order_sql, @order_bind) = $self->_order_by($order);
523 $sql .= $order_sql;
524 push @bind, @order_bind;
96449e8e 525 }
526
9d48860e 527 return wantarray ? ($sql, @bind) : $sql;
96449e8e 528}
529
a2cd381d 530sub _expand_expr {
531 my ($self, $expr, $logic) = @_;
252518da 532 return undef unless defined($expr);
59588695 533 if (ref($expr) eq 'HASH') {
534 if (keys %$expr > 1) {
535 $logic ||= 'and';
77617257 536 return +{ -op => [
537 $logic,
59588695 538 map $self->_expand_expr_hashpair($_ => $expr->{$_}, $logic),
539 sort keys %$expr
540 ] };
541 }
99a65fa8 542 return unless %$expr;
59588695 543 return $self->_expand_expr_hashpair(%$expr, $logic);
a2cd381d 544 }
08264f40 545 if (ref($expr) eq 'ARRAY') {
99a65fa8 546 my $logic = lc($logic || $self->{logic});
08264f40 547 $logic eq 'and' or $logic eq 'or' or puke "unknown logic: $logic";
548
549 my @expr = @$expr;
550
551 my @res;
552
553 while (my ($el) = splice @expr, 0, 1) {
554 puke "Supplying an empty left hand side argument is not supported in array-pairs"
555 unless defined($el) and length($el);
556 my $elref = ref($el);
557 if (!$elref) {
558 push(@res, $self->_expand_expr({ $el, shift(@expr) }));
559 } elsif ($elref eq 'ARRAY') {
560 push(@res, $self->_expand_expr($el)) if @$el;
ec857800 561 } elsif (my $l = is_literal_value($el)) {
562 push @res, { -literal => $l };
08264f40 563 } elsif ($elref eq 'HASH') {
564 push @res, $self->_expand_expr($el);
565 } else {
da4a0964 566 die "notreached";
08264f40 567 }
568 }
2143604f 569 return { -op => [ $logic, @res ] };
08264f40 570 }
ca3da680 571 if (my $literal = is_literal_value($expr)) {
572 return +{ -literal => $literal };
573 }
99a65fa8 574 if (!ref($expr) or Scalar::Util::blessed($expr)) {
575 if (my $m = our $Cur_Col_Meta) {
576 return +{ -bind => [ $m, $expr ] };
577 }
252518da 578 return +{ -value => $expr };
579 }
252518da 580 die "notreached";
a2cd381d 581}
96449e8e 582
59588695 583sub _expand_expr_hashpair {
584 my ($self, $k, $v, $logic) = @_;
d13725da 585 unless (defined($k) and length($k)) {
2d64004f 586 if (defined($k) and my $literal = is_literal_value($v)) {
d13725da 587 belch 'Hash-pairs consisting of an empty string with a literal are deprecated, and will be removed in 2.0: use -and => [ $literal ] instead';
2d64004f 588 return { -literal => $literal };
d13725da 589 }
590 puke "Supplying an empty left hand side argument is not supported";
591 }
ef071fad 592 if ($k =~ /^-/) {
99a65fa8 593 $self->_assert_pass_injection_guard($k =~ /^-(.*)$/s);
594 if ($k =~ s/ [_\s]? \d+ $//x ) {
595 belch 'Use of [and|or|nest]_N modifiers is deprecated and will be removed in SQLA v2.0. '
596 . "You probably wanted ...-and => [ $k => COND1, $k => COND2 ... ]";
597 }
ef071fad 598 if ($k eq '-nest') {
599 return $self->_expand_expr($v);
600 }
6ab1562a 601 if ($k eq '-bool') {
602 if (ref($v)) {
603 return $self->_expand_expr($v);
604 }
605 puke "-bool => undef not supported" unless defined($v);
606 return { -ident => $v };
607 }
99a65fa8 608 if ($k eq '-not') {
0c7e3af0 609 return { -op => [ 'not', $self->_expand_expr($v) ] };
99a65fa8 610 }
ce3bc4b0 611 if (my ($rest) = $k =~/^-not[_ ](.*)$/) {
0c7e3af0 612 return +{ -op => [
613 'not',
99a65fa8 614 $self->_expand_expr_hashpair("-${rest}", $v, $logic)
0c7e3af0 615 ] };
ce3bc4b0 616 }
99a65fa8 617 if (my ($logic) = $k =~ /^-(and|or)$/i) {
dd2d5bf7 618 if (ref($v) eq 'HASH') {
619 return $self->_expand_expr($v, $logic);
620 }
99a65fa8 621 if (ref($v) eq 'ARRAY') {
622 return $self->_expand_expr($v, $logic);
623 }
dd2d5bf7 624 }
99a65fa8 625 {
626 my $op = $k;
627 $op =~ s/^-// if length($op) > 1;
628
629 # top level special ops are illegal in general
630 puke "Illegal use of top-level '-$op'"
631 if !(defined $self->{_nested_func_lhs})
9e653a83 632 and List::Util::first { $op =~ $_->{regex} } @{$self->{special_ops}};
99a65fa8 633 }
634 if ($k eq '-value' and my $m = our $Cur_Col_Meta) {
635 return +{ -bind => [ $m, $v ] };
636 }
711892b1 637 if ($k eq '-op' or $k eq '-ident' or $k eq '-value' or $k eq '-bind' or $k eq '-literal' or $k eq '-func') {
99a65fa8 638 return { $k => $v };
d13725da 639 }
711892b1 640 if (
641 ref($v) eq 'HASH'
642 and keys %$v == 1
643 and (keys %$v)[0] =~ /^-/
644 ) {
645 my ($func) = $k =~ /^-(.*)$/;
646 return +{ -func => [ $func, $self->_expand_expr($v) ] };
647 }
648 if (!ref($v) or is_literal_value($v)) {
99a65fa8 649 return +{ -op => [ $k =~ /^-(.*)$/, $self->_expand_expr($v) ] };
59588695 650 }
99a65fa8 651 }
652 if (
653 !defined($v)
654 or (
655 ref($v) eq 'HASH'
656 and exists $v->{-value}
657 and not defined $v->{-value}
658 )
659 ) {
660 return $self->_expand_expr_hashpair($k => { $self->{cmp} => undef });
661 }
662 if (!ref($v) or Scalar::Util::blessed($v)) {
663 return +{
664 -op => [
665 $self->{cmp},
666 { -ident => $k },
667 { -bind => [ $k, $v ] }
668 ]
669 };
670 }
671 if (ref($v) eq 'HASH') {
672 if (keys %$v > 1) {
e175845b 673 return { -op => [
674 'and',
99a65fa8 675 map $self->_expand_expr_hashpair($k => { $_ => $v->{$_} }),
676 sort keys %$v
677 ] };
678 }
679 my ($vk, $vv) = %$v;
680 $vk =~ s/^-//;
681 $vk = lc($vk);
682 $self->_assert_pass_injection_guard($vk);
683 if ($vk =~ s/ [_\s]? \d+ $//x ) {
684 belch 'Use of [and|or|nest]_N modifiers is deprecated and will be removed in SQLA v2.0. '
685 . "You probably wanted ...-and => [ -$vk => COND1, -$vk => COND2 ... ]";
686 }
687 if ($vk =~ /^(?:not[ _])?between$/) {
688 local our $Cur_Col_Meta = $k;
689 my @rhs = map $self->_expand_expr($_),
690 ref($vv) eq 'ARRAY' ? @$vv : $vv;
691 unless (
692 (@rhs == 1 and ref($rhs[0]) eq 'HASH' and $rhs[0]->{-literal})
693 or
694 (@rhs == 2 and defined($rhs[0]) and defined($rhs[1]))
695 ) {
696 puke "Operator '${\uc($vk)}' requires either an arrayref with two defined values or expressions, or a single literal scalarref/arrayref-ref";
b5b18861 697 }
99a65fa8 698 return +{ -op => [
699 join(' ', split '_', $vk),
700 { -ident => $k },
701 @rhs
702 ] }
703 }
704 if ($vk =~ /^(?:not[ _])?in$/) {
705 if (my $literal = is_literal_value($vv)) {
706 my ($sql, @bind) = @$literal;
707 my $opened_sql = $self->_open_outer_paren($sql);
10d07c4e 708 return +{ -op => [
99a65fa8 709 $vk, { -ident => $k },
710 [ { -literal => [ $opened_sql, @bind ] } ]
10d07c4e 711 ] };
712 }
99a65fa8 713 my $undef_err =
714 'SQL::Abstract before v1.75 used to generate incorrect SQL when the '
715 . "-${\uc($vk)} operator was given an undef-containing list: !!!AUDIT YOUR CODE "
716 . 'AND DATA!!! (the upcoming Data::Query-based version of SQL::Abstract '
717 . 'will emit the logically correct SQL instead of raising this exception)'
718 ;
719 puke("Argument passed to the '${\uc($vk)}' operator can not be undefined")
720 if !defined($vv);
721 my @rhs = map $self->_expand_expr($_),
722 map { ref($_) ? $_ : { -bind => [ $k, $_ ] } }
723 map { defined($_) ? $_: puke($undef_err) }
724 (ref($vv) eq 'ARRAY' ? @$vv : $vv);
e175845b 725 return $self->${\($vk =~ /^not/ ? 'sqltrue' : 'sqlfalse')} unless @rhs;
99a65fa8 726
727 return +{ -op => [
728 join(' ', split '_', $vk),
729 { -ident => $k },
730 \@rhs
731 ] };
732 }
733 if ($vk eq 'ident') {
734 if (! defined $vv or ref $vv) {
735 puke "-$vk requires a single plain scalar argument (a quotable identifier)";
f7778474 736 }
99a65fa8 737 return +{ -op => [
738 $self->{cmp},
739 { -ident => $k },
740 { -ident => $vv }
741 ] };
742 }
743 if ($vk eq 'value') {
744 return $self->_expand_expr_hashpair($k, undef) unless defined($vv);
745 return +{ -op => [
746 $self->{cmp},
747 { -ident => $k },
748 { -bind => [ $k, $vv ] }
749 ] };
750 }
751 if ($vk =~ /^is(?:[ _]not)?$/) {
752 puke "$vk can only take undef as argument"
753 if defined($vv)
754 and not (
755 ref($vv) eq 'HASH'
756 and exists($vv->{-value})
757 and !defined($vv->{-value})
758 );
759 $vk =~ s/_/ /g;
760 return +{ -op => [ $vk.' null', { -ident => $k } ] };
761 }
762 if ($vk =~ /^(and|or)$/) {
763 if (ref($vv) eq 'HASH') {
e62fe58a 764 return +{ -op => [
765 $vk,
99a65fa8 766 map $self->_expand_expr_hashpair($k, { $_ => $vv->{$_} }),
767 sort keys %$vv
7d7868d1 768 ] };
769 }
e28d9b13 770 }
99a65fa8 771 if (my $us = List::Util::first { $vk =~ $_->{regex} } @{$self->{user_special_ops}}) {
772 return { -op => [ $vk, { -ident => $k }, $vv ] };
7dbe1183 773 }
99a65fa8 774 if (ref($vv) eq 'ARRAY') {
775 my ($logic, @values) = (
776 (defined($vv->[0]) and $vv->[0] =~ /^-(and|or)$/i)
777 ? @$vv
778 : (-or => @$vv)
779 );
780 if (
781 $vk =~ $self->{inequality_op}
782 or join(' ', split '_', $vk) =~ $self->{not_like_op}
783 ) {
784 if (lc($logic) eq '-or' and @values > 1) {
785 my $op = uc join ' ', split '_', $vk;
786 belch "A multi-element arrayref as an argument to the inequality op '$op' "
787 . 'is technically equivalent to an always-true 1=1 (you probably wanted '
788 . "to say ...{ \$inequality_op => [ -and => \@values ] }... instead)"
789 ;
790 }
ef071fad 791 }
b3cb13e8 792 unless (@values) {
793 # try to DWIM on equality operators
794 my $op = join ' ', split '_', $vk;
795 return
e175845b 796 $op =~ $self->{equality_op} ? $self->sqlfalse
797 : $op =~ $self->{like_op} ? belch("Supplying an empty arrayref to '@{[ uc $op]}' is deprecated") && $self->sqlfalse
798 : $op =~ $self->{inequality_op} ? $self->sqltrue
799 : $op =~ $self->{not_like_op} ? belch("Supplying an empty arrayref to '@{[ uc $op]}' is deprecated") && $self->sqltrue
b3cb13e8 800 : puke "operator '$op' applied on an empty array (field '$k')";
801 }
63c97a0b 802 return +{ -op => [
803 $logic =~ /^-(.*)$/,
99a65fa8 804 map $self->_expand_expr_hashpair($k => { $vk => $_ }),
805 @values
806 ] };
807 }
808 if (
809 !defined($vv)
810 or (
811 ref($vv) eq 'HASH'
812 and exists $vv->{-value}
813 and not defined $vv->{-value}
814 )
815 ) {
816 my $op = join ' ', split '_', $vk;
817 my $is =
818 $op =~ /^not$/i ? 'is not' # legacy
819 : $op =~ $self->{equality_op} ? 'is'
820 : $op =~ $self->{like_op} ? belch("Supplying an undefined argument to '@{[ uc $op]}' is deprecated") && 'is'
821 : $op =~ $self->{inequality_op} ? 'is not'
822 : $op =~ $self->{not_like_op} ? belch("Supplying an undefined argument to '@{[ uc $op]}' is deprecated") && 'is not'
823 : puke "unexpected operator '$op' with undef operand";
824 return +{ -op => [ $is.' null', { -ident => $k } ] };
825 }
826 local our $Cur_Col_Meta = $k;
827 return +{ -op => [
828 $vk,
829 { -ident => $k },
830 $self->_expand_expr($vv)
831 ] };
832 }
833 if (ref($v) eq 'ARRAY') {
e175845b 834 return $self->sqlfalse unless @$v;
99a65fa8 835 $self->_debug("ARRAY($k) means distribute over elements");
836 my $this_logic = (
837 $v->[0] =~ /^-((?:and|or))$/i
838 ? ($v = [ @{$v}[1..$#$v] ], $1)
839 : ($self->{logic} || 'or')
840 );
cba28f66 841 return +{ -op => [
842 $this_logic,
843 map $self->_expand_expr({ $k => $_ }, $this_logic), @$v
844 ] };
99a65fa8 845 }
846 if (my $literal = is_literal_value($v)) {
847 unless (length $k) {
848 belch 'Hash-pairs consisting of an empty string with a literal are deprecated, and will be removed in 2.0: use -and => [ $literal ] instead';
849 return \$literal;
850 }
851 my ($sql, @bind) = @$literal;
852 if ($self->{bindtype} eq 'columns') {
853 for (@bind) {
854 if (!defined $_ || ref($_) ne 'ARRAY' || @$_ != 2) {
855 puke "bindtype 'columns' selected, you need to pass: [column_name => bind_value]"
aa8d7bdb 856 }
857 }
331e2209 858 }
99a65fa8 859 return +{ -literal => [ $self->_quote($k).' '.$sql, @bind ] };
331e2209 860 }
99a65fa8 861 die "notreached";
59588695 862}
863
e175845b 864sub _render_expr {
865 my ($self, $expr) = @_;
866 my ($k, $v, @rest) = %$expr;
867 die "No" if @rest;
181dcebf 868 my %op = map +("-$_" => '_render_'.$_),
e175845b 869 qw(op func value bind ident literal);
870 if (my $meth = $op{$k}) {
181dcebf 871 return $self->$meth($v);
e175845b 872 }
873 die "notreached: $k";
874}
875
96449e8e 876sub _recurse_where {
877 my ($self, $where, $logic) = @_;
878
99a65fa8 879#print STDERR Data::Dumper::Concise::Dumper([ $where, $logic ]);
880
a2cd381d 881 my $where_exp = $self->_expand_expr($where, $logic);
882
99a65fa8 883#print STDERR Data::Dumper::Concise::Dumper([ EXP => $where_exp ]);
884
96449e8e 885 # dispatch on appropriate method according to refkind of $where
e175845b 886# my $method = $self->_METHOD_FOR_refkind("_where", $where_exp);
887
888# my ($sql, @bind) = $self->$method($where_exp, $logic);
311b2151 889
e175845b 890 my ($sql, @bind) = defined($where_exp) ? $self->_render_expr($where_exp) : (undef);
311b2151 891
abe1a491 892 # DBIx::Class used to call _recurse_where in scalar context
893 # something else might too...
894 if (wantarray) {
895 return ($sql, @bind);
896 }
897 else {
898 belch "Calling _recurse_where in scalar context is deprecated and will go away before 2.0";
899 return $sql;
900 }
96449e8e 901}
902
181dcebf 903sub _render_ident {
904 my ($self, $ident) = @_;
cc422895 905
9cf28dfb 906 return $self->_convert($self->_quote($ident));
cc422895 907}
908
181dcebf 909sub _render_value {
910 my ($self, $value) = @_;
cc422895 911
52511ae3 912 return ($self->_convert('?'), $self->_bindtype(undef, $value));
cc422895 913}
914
d13725da 915my %unop_postfix = map +($_ => 1), 'is null', 'is not null';
916
b5b18861 917my %special = (
918 (map +($_ => do {
919 my $op = $_;
920 sub {
921 my ($self, $args) = @_;
922 my ($left, $low, $high) = @$args;
923 my ($rhsql, @rhbind) = do {
924 if (@$args == 2) {
925 puke "Single arg to between must be a literal"
926 unless $low->{-literal};
927 @{$low->{-literal}}
928 } else {
e56dd780 929 my ($l, $h) = map [ $self->_render_expr($_) ], $low, $high;
b5b18861 930 (join(' ', $l->[0], $self->_sqlcase('and'), $h->[0]),
931 @{$l}[1..$#$l], @{$h}[1..$#$h])
932 }
933 };
e56dd780 934 my ($lhsql, @lhbind) = $self->_render_expr($left);
b5b18861 935 return (
936 join(' ', '(', $lhsql, $self->_sqlcase($op), $rhsql, ')'),
937 @lhbind, @rhbind
938 );
939 }
940 }), 'between', 'not between'),
10d07c4e 941 (map +($_ => do {
942 my $op = $_;
943 sub {
944 my ($self, $args) = @_;
945 my ($lhs, $rhs) = @$args;
946 my @in_bind;
947 my @in_sql = map {
0ce981f8 948 my ($sql, @bind) = $self->_render_expr($_);
10d07c4e 949 push @in_bind, @bind;
950 $sql;
951 } @$rhs;
0ce981f8 952 my ($lhsql, @lbind) = $self->_render_expr($lhs);
10d07c4e 953 return (
954 $lhsql.' '.$self->_sqlcase($op).' ( '
955 .join(', ', @in_sql)
956 .' )',
957 @lbind, @in_bind
958 );
959 }
960 }), 'in', 'not in'),
b5b18861 961);
962
181dcebf 963sub _render_op {
964 my ($self, $v) = @_;
d13725da 965 my ($op, @args) = @$v;
966 $op =~ s/^-// if length($op) > 1;
cba28f66 967 $op = lc($op);
d13725da 968 local $self->{_nested_func_lhs};
b5b18861 969 if (my $h = $special{$op}) {
970 return $self->$h(\@args);
971 }
99a65fa8 972 if (my $us = List::Util::first { $op =~ $_->{regex} } @{$self->{user_special_ops}}) {
973 puke "Special op '${op}' requires first value to be identifier"
974 unless my ($k) = map $_->{-ident}, grep ref($_) eq 'HASH', $args[0];
975 return $self->${\($us->{handler})}($k, $op, $args[1]);
976 }
977 my $final_op = $op =~ /^(?:is|not)_/ ? join(' ', split '_', $op) : $op;
2143604f 978 if (@args == 1 and $op !~ /^(and|or)$/) {
ec857800 979 my ($expr_sql, @bind) = $self->_render_expr($args[0]);
d13725da 980 my $op_sql = $self->_sqlcase($final_op);
981 my $final_sql = (
982 $unop_postfix{lc($final_op)}
983 ? "${expr_sql} ${op_sql}"
984 : "${op_sql} ${expr_sql}"
985 );
0c7e3af0 986 return (($op eq 'not' ? '('.$final_sql.')' : $final_sql), @bind);
16d9289c 987 } else {
ec857800 988 my @parts = map [ $self->_render_expr($_) ], @args;
77617257 989 my ($final_sql) = map +($op =~ /^(and|or)$/ ? "(${_})" : $_), join(
990 ' '.$self->_sqlcase($final_op).' ',
991 map $_->[0], @parts
992 );
99a65fa8 993 return (
77617257 994 $final_sql,
16d9289c 995 map @{$_}[1..$#$_], @parts
99a65fa8 996 );
d13725da 997 }
998 die "unhandled";
999}
1000
181dcebf 1001sub _render_func {
1002 my ($self, $rest) = @_;
711892b1 1003 my ($func, @args) = @$rest;
1004 my @arg_sql;
1005 my @bind = map {
1006 my @x = @$_;
1007 push @arg_sql, shift @x;
1008 @x
0f199fce 1009 } map [ $self->_render_expr($_) ], @args;
711892b1 1010 return ($self->_sqlcase($func).'('.join(', ', @arg_sql).')', @bind);
1011}
1012
181dcebf 1013sub _render_bind {
1014 my ($self, $bind) = @_;
d13725da 1015 return ($self->_convert('?'), $self->_bindtype(@$bind));
1016}
1017
181dcebf 1018sub _render_literal {
1019 my ($self, $literal) = @_;
465d43fd 1020 $self->_assert_bindval_matches_bindtype(@{$literal}[1..$#$literal]);
aa8d7bdb 1021 return @$literal;
1022}
1023
4a1f01a3 1024# Some databases (SQLite) treat col IN (1, 2) different from
1025# col IN ( (1, 2) ). Use this to strip all outer parens while
1026# adding them back in the corresponding method
1027sub _open_outer_paren {
1028 my ($self, $sql) = @_;
a5f91feb 1029
ca4f826a 1030 while (my ($inner) = $sql =~ /^ \s* \( (.*) \) \s* $/xs) {
a5f91feb 1031
1032 # there are closing parens inside, need the heavy duty machinery
1033 # to reevaluate the extraction starting from $sql (full reevaluation)
ca4f826a 1034 if ($inner =~ /\)/) {
a5f91feb 1035 require Text::Balanced;
1036
1037 my (undef, $remainder) = do {
1038 # idiotic design - writes to $@ but *DOES NOT* throw exceptions
1039 local $@;
ca4f826a 1040 Text::Balanced::extract_bracketed($sql, '()', qr/\s*/);
a5f91feb 1041 };
1042
1043 # the entire expression needs to be a balanced bracketed thing
1044 # (after an extract no remainder sans trailing space)
1045 last if defined $remainder and $remainder =~ /\S/;
1046 }
1047
1048 $sql = $inner;
1049 }
1050
1051 $sql;
4a1f01a3 1052}
1053
96449e8e 1054
96449e8e 1055#======================================================================
1056# ORDER BY
1057#======================================================================
1058
1059sub _order_by {
1060 my ($self, $arg) = @_;
1061
f267b646 1062 my (@sql, @bind);
ca4f826a 1063 for my $c ($self->_order_by_chunks($arg) ) {
1064 $self->_SWITCH_refkind($c, {
f267b646 1065 SCALAR => sub { push @sql, $c },
1066 ARRAYREF => sub { push @sql, shift @$c; push @bind, @$c },
1067 });
1068 }
1069
1070 my $sql = @sql
ca4f826a 1071 ? sprintf('%s %s',
f267b646 1072 $self->_sqlcase(' order by'),
ca4f826a 1073 join(', ', @sql)
f267b646 1074 )
1075 : ''
1076 ;
1077
1078 return wantarray ? ($sql, @bind) : $sql;
1079}
1080
1081sub _order_by_chunks {
1082 my ($self, $arg) = @_;
1083
1084 return $self->_SWITCH_refkind($arg, {
96449e8e 1085
1086 ARRAYREF => sub {
ca4f826a 1087 map { $self->_order_by_chunks($_ ) } @$arg;
96449e8e 1088 },
1089
c94a6c93 1090 ARRAYREFREF => sub {
1091 my ($s, @b) = @$$arg;
1092 $self->_assert_bindval_matches_bindtype(@b);
1093 [ $s, @b ];
1094 },
f267b646 1095
96449e8e 1096 SCALAR => sub {$self->_quote($arg)},
f267b646 1097
1098 UNDEF => sub {return () },
1099
96449e8e 1100 SCALARREF => sub {$$arg}, # literal SQL, no quoting
96449e8e 1101
f267b646 1102 HASHREF => sub {
5e436130 1103 # get first pair in hash
1104 my ($key, $val, @rest) = %$arg;
1105
1106 return () unless $key;
1107
ca4f826a 1108 if (@rest or not $key =~ /^-(desc|asc)/i) {
5e436130 1109 puke "hash passed to _order_by must have exactly one key (-desc or -asc)";
f267b646 1110 }
5e436130 1111
1112 my $direction = $1;
96449e8e 1113
e9bd3547 1114 my @ret;
ca4f826a 1115 for my $c ($self->_order_by_chunks($val)) {
e9bd3547 1116 my ($sql, @bind);
96449e8e 1117
ca4f826a 1118 $self->_SWITCH_refkind($c, {
f267b646 1119 SCALAR => sub {
e9bd3547 1120 $sql = $c;
f267b646 1121 },
1122 ARRAYREF => sub {
e9bd3547 1123 ($sql, @bind) = @$c;
f267b646 1124 },
1125 });
96449e8e 1126
5e436130 1127 $sql = $sql . ' ' . $self->_sqlcase($direction);
96449e8e 1128
e9bd3547 1129 push @ret, [ $sql, @bind];
1130 }
96449e8e 1131
e9bd3547 1132 return @ret;
f267b646 1133 },
1134 });
96449e8e 1135}
1136
1137
96449e8e 1138#======================================================================
1139# DATASOURCE (FOR NOW, JUST PLAIN TABLE OR LIST OF TABLES)
1140#======================================================================
1141
1142sub _table {
1143 my $self = shift;
1144 my $from = shift;
1145 $self->_SWITCH_refkind($from, {
1146 ARRAYREF => sub {join ', ', map { $self->_quote($_) } @$from;},
1147 SCALAR => sub {$self->_quote($from)},
1148 SCALARREF => sub {$$from},
96449e8e 1149 });
1150}
1151
1152
1153#======================================================================
1154# UTILITY FUNCTIONS
1155#======================================================================
1156
955e77ca 1157# highly optimized, as it's called way too often
96449e8e 1158sub _quote {
955e77ca 1159 # my ($self, $label) = @_;
96449e8e 1160
955e77ca 1161 return '' unless defined $_[1];
955e77ca 1162 return ${$_[1]} if ref($_[1]) eq 'SCALAR';
96449e8e 1163
439834d3 1164 $_[0]->{quote_char} or
1165 ($_[0]->_assert_pass_injection_guard($_[1]), return $_[1]);
96449e8e 1166
07d7c35c 1167 my $qref = ref $_[0]->{quote_char};
439834d3 1168 my ($l, $r) =
1169 !$qref ? ($_[0]->{quote_char}, $_[0]->{quote_char})
1170 : ($qref eq 'ARRAY') ? @{$_[0]->{quote_char}}
1171 : puke "Unsupported quote_char format: $_[0]->{quote_char}";
1172
46be4313 1173 my $esc = $_[0]->{escape_char} || $r;
96449e8e 1174
07d7c35c 1175 # parts containing * are naturally unquoted
ca4f826a 1176 return join($_[0]->{name_sep}||'', map
439834d3 1177 +( $_ eq '*' ? $_ : do { (my $n = $_) =~ s/(\Q$esc\E|\Q$r\E)/$esc$1/g; $l . $n . $r } ),
955e77ca 1178 ( $_[0]->{name_sep} ? split (/\Q$_[0]->{name_sep}\E/, $_[1] ) : $_[1] )
1179 );
96449e8e 1180}
1181
1182
1183# Conversion, if applicable
d7c862e0 1184sub _convert {
07d7c35c 1185 #my ($self, $arg) = @_;
07d7c35c 1186 if ($_[0]->{convert}) {
1187 return $_[0]->_sqlcase($_[0]->{convert}) .'(' . $_[1] . ')';
96449e8e 1188 }
07d7c35c 1189 return $_[1];
96449e8e 1190}
1191
1192# And bindtype
d7c862e0 1193sub _bindtype {
07d7c35c 1194 #my ($self, $col, @vals) = @_;
07d7c35c 1195 # called often - tighten code
1196 return $_[0]->{bindtype} eq 'columns'
1197 ? map {[$_[1], $_]} @_[2 .. $#_]
1198 : @_[2 .. $#_]
1199 ;
96449e8e 1200}
1201
fe3ae272 1202# Dies if any element of @bind is not in [colname => value] format
1203# if bindtype is 'columns'.
1204sub _assert_bindval_matches_bindtype {
c94a6c93 1205# my ($self, @bind) = @_;
1206 my $self = shift;
fe3ae272 1207 if ($self->{bindtype} eq 'columns') {
c94a6c93 1208 for (@_) {
1209 if (!defined $_ || ref($_) ne 'ARRAY' || @$_ != 2) {
3a06278c 1210 puke "bindtype 'columns' selected, you need to pass: [column_name => bind_value]"
fe3ae272 1211 }
1212 }
1213 }
1214}
1215
96449e8e 1216sub _join_sql_clauses {
1217 my ($self, $logic, $clauses_aref, $bind_aref) = @_;
1218
1219 if (@$clauses_aref > 1) {
1220 my $join = " " . $self->_sqlcase($logic) . " ";
1221 my $sql = '( ' . join($join, @$clauses_aref) . ' )';
1222 return ($sql, @$bind_aref);
1223 }
1224 elsif (@$clauses_aref) {
1225 return ($clauses_aref->[0], @$bind_aref); # no parentheses
1226 }
1227 else {
1228 return (); # if no SQL, ignore @$bind_aref
1229 }
1230}
1231
1232
1233# Fix SQL case, if so requested
1234sub _sqlcase {
96449e8e 1235 # LDNOTE: if $self->{case} is true, then it contains 'lower', so we
1236 # don't touch the argument ... crooked logic, but let's not change it!
07d7c35c 1237 return $_[0]->{case} ? $_[1] : uc($_[1]);
96449e8e 1238}
1239
1240
1241#======================================================================
1242# DISPATCHING FROM REFKIND
1243#======================================================================
1244
1245sub _refkind {
1246 my ($self, $data) = @_;
96449e8e 1247
955e77ca 1248 return 'UNDEF' unless defined $data;
1249
1250 # blessed objects are treated like scalars
1251 my $ref = (Scalar::Util::blessed $data) ? '' : ref $data;
1252
1253 return 'SCALAR' unless $ref;
1254
1255 my $n_steps = 1;
1256 while ($ref eq 'REF') {
96449e8e 1257 $data = $$data;
955e77ca 1258 $ref = (Scalar::Util::blessed $data) ? '' : ref $data;
1259 $n_steps++ if $ref;
96449e8e 1260 }
1261
848556bc 1262 return ($ref||'SCALAR') . ('REF' x $n_steps);
96449e8e 1263}
1264
1265sub _try_refkind {
1266 my ($self, $data) = @_;
1267 my @try = ($self->_refkind($data));
1268 push @try, 'SCALAR_or_UNDEF' if $try[0] eq 'SCALAR' || $try[0] eq 'UNDEF';
1269 push @try, 'FALLBACK';
955e77ca 1270 return \@try;
96449e8e 1271}
1272
1273sub _METHOD_FOR_refkind {
1274 my ($self, $meth_prefix, $data) = @_;
f39eaa60 1275
1276 my $method;
955e77ca 1277 for (@{$self->_try_refkind($data)}) {
f39eaa60 1278 $method = $self->can($meth_prefix."_".$_)
1279 and last;
1280 }
1281
1282 return $method || puke "cannot dispatch on '$meth_prefix' for ".$self->_refkind($data);
96449e8e 1283}
1284
1285
1286sub _SWITCH_refkind {
1287 my ($self, $data, $dispatch_table) = @_;
1288
f39eaa60 1289 my $coderef;
955e77ca 1290 for (@{$self->_try_refkind($data)}) {
f39eaa60 1291 $coderef = $dispatch_table->{$_}
1292 and last;
1293 }
1294
1295 puke "no dispatch entry for ".$self->_refkind($data)
1296 unless $coderef;
1297
96449e8e 1298 $coderef->();
1299}
1300
1301
1302
1303
1304#======================================================================
1305# VALUES, GENERATE, AUTOLOAD
1306#======================================================================
1307
1308# LDNOTE: original code from nwiger, didn't touch code in that section
1309# I feel the AUTOLOAD stuff should not be the default, it should
1310# only be activated on explicit demand by user.
1311
1312sub values {
1313 my $self = shift;
1314 my $data = shift || return;
1315 puke "Argument to ", __PACKAGE__, "->values must be a \\%hash"
1316 unless ref $data eq 'HASH';
bab725ce 1317
1318 my @all_bind;
ca4f826a 1319 foreach my $k (sort keys %$data) {
bab725ce 1320 my $v = $data->{$k};
1321 $self->_SWITCH_refkind($v, {
9d48860e 1322 ARRAYREF => sub {
bab725ce 1323 if ($self->{array_datatypes}) { # array datatype
1324 push @all_bind, $self->_bindtype($k, $v);
1325 }
1326 else { # literal SQL with bind
1327 my ($sql, @bind) = @$v;
1328 $self->_assert_bindval_matches_bindtype(@bind);
1329 push @all_bind, @bind;
1330 }
1331 },
1332 ARRAYREFREF => sub { # literal SQL with bind
1333 my ($sql, @bind) = @${$v};
1334 $self->_assert_bindval_matches_bindtype(@bind);
1335 push @all_bind, @bind;
1336 },
1337 SCALARREF => sub { # literal SQL without bind
1338 },
1339 SCALAR_or_UNDEF => sub {
1340 push @all_bind, $self->_bindtype($k, $v);
1341 },
1342 });
1343 }
1344
1345 return @all_bind;
96449e8e 1346}
1347
1348sub generate {
1349 my $self = shift;
1350
1351 my(@sql, @sqlq, @sqlv);
1352
1353 for (@_) {
1354 my $ref = ref $_;
1355 if ($ref eq 'HASH') {
1356 for my $k (sort keys %$_) {
1357 my $v = $_->{$k};
1358 my $r = ref $v;
1359 my $label = $self->_quote($k);
1360 if ($r eq 'ARRAY') {
fe3ae272 1361 # literal SQL with bind
1362 my ($sql, @bind) = @$v;
1363 $self->_assert_bindval_matches_bindtype(@bind);
96449e8e 1364 push @sqlq, "$label = $sql";
fe3ae272 1365 push @sqlv, @bind;
96449e8e 1366 } elsif ($r eq 'SCALAR') {
fe3ae272 1367 # literal SQL without bind
96449e8e 1368 push @sqlq, "$label = $$v";
9d48860e 1369 } else {
96449e8e 1370 push @sqlq, "$label = ?";
1371 push @sqlv, $self->_bindtype($k, $v);
1372 }
1373 }
1374 push @sql, $self->_sqlcase('set'), join ', ', @sqlq;
1375 } elsif ($ref eq 'ARRAY') {
1376 # unlike insert(), assume these are ONLY the column names, i.e. for SQL
1377 for my $v (@$_) {
1378 my $r = ref $v;
fe3ae272 1379 if ($r eq 'ARRAY') { # literal SQL with bind
1380 my ($sql, @bind) = @$v;
1381 $self->_assert_bindval_matches_bindtype(@bind);
1382 push @sqlq, $sql;
1383 push @sqlv, @bind;
1384 } elsif ($r eq 'SCALAR') { # literal SQL without bind
96449e8e 1385 # embedded literal SQL
1386 push @sqlq, $$v;
9d48860e 1387 } else {
96449e8e 1388 push @sqlq, '?';
1389 push @sqlv, $v;
1390 }
1391 }
1392 push @sql, '(' . join(', ', @sqlq) . ')';
1393 } elsif ($ref eq 'SCALAR') {
1394 # literal SQL
1395 push @sql, $$_;
1396 } else {
1397 # strings get case twiddled
1398 push @sql, $self->_sqlcase($_);
1399 }
1400 }
1401
1402 my $sql = join ' ', @sql;
1403
1404 # this is pretty tricky
1405 # if ask for an array, return ($stmt, @bind)
1406 # otherwise, s/?/shift @sqlv/ to put it inline
1407 if (wantarray) {
1408 return ($sql, @sqlv);
1409 } else {
1410 1 while $sql =~ s/\?/my $d = shift(@sqlv);
1411 ref $d ? $d->[1] : $d/e;
1412 return $sql;
1413 }
1414}
1415
1416
1417sub DESTROY { 1 }
1418
1419sub AUTOLOAD {
1420 # This allows us to check for a local, then _form, attr
1421 my $self = shift;
1422 my($name) = $AUTOLOAD =~ /.*::(.+)/;
1423 return $self->generate($name, @_);
1424}
1425
14261;
1427
1428
1429
1430__END__
32eab2da 1431
1432=head1 NAME
1433
1434SQL::Abstract - Generate SQL from Perl data structures
1435
1436=head1 SYNOPSIS
1437
1438 use SQL::Abstract;
1439
1440 my $sql = SQL::Abstract->new;
1441
85783f3c 1442 my($stmt, @bind) = $sql->select($source, \@fields, \%where, $order);
32eab2da 1443
1444 my($stmt, @bind) = $sql->insert($table, \%fieldvals || \@values);
1445
1446 my($stmt, @bind) = $sql->update($table, \%fieldvals, \%where);
1447
1448 my($stmt, @bind) = $sql->delete($table, \%where);
1449
1450 # Then, use these in your DBI statements
1451 my $sth = $dbh->prepare($stmt);
1452 $sth->execute(@bind);
1453
1454 # Just generate the WHERE clause
85783f3c 1455 my($stmt, @bind) = $sql->where(\%where, $order);
32eab2da 1456
1457 # Return values in the same order, for hashed queries
1458 # See PERFORMANCE section for more details
1459 my @bind = $sql->values(\%fieldvals);
1460
1461=head1 DESCRIPTION
1462
1463This module was inspired by the excellent L<DBIx::Abstract>.
1464However, in using that module I found that what I really wanted
1465to do was generate SQL, but still retain complete control over my
1466statement handles and use the DBI interface. So, I set out to
1467create an abstract SQL generation module.
1468
1469While based on the concepts used by L<DBIx::Abstract>, there are
1470several important differences, especially when it comes to WHERE
1471clauses. I have modified the concepts used to make the SQL easier
1472to generate from Perl data structures and, IMO, more intuitive.
1473The underlying idea is for this module to do what you mean, based
1474on the data structures you provide it. The big advantage is that
1475you don't have to modify your code every time your data changes,
1476as this module figures it out.
1477
1478To begin with, an SQL INSERT is as easy as just specifying a hash
1479of C<key=value> pairs:
1480
1481 my %data = (
1482 name => 'Jimbo Bobson',
1483 phone => '123-456-7890',
1484 address => '42 Sister Lane',
1485 city => 'St. Louis',
1486 state => 'Louisiana',
1487 );
1488
1489The SQL can then be generated with this:
1490
1491 my($stmt, @bind) = $sql->insert('people', \%data);
1492
1493Which would give you something like this:
1494
1495 $stmt = "INSERT INTO people
1496 (address, city, name, phone, state)
1497 VALUES (?, ?, ?, ?, ?)";
1498 @bind = ('42 Sister Lane', 'St. Louis', 'Jimbo Bobson',
1499 '123-456-7890', 'Louisiana');
1500
1501These are then used directly in your DBI code:
1502
1503 my $sth = $dbh->prepare($stmt);
1504 $sth->execute(@bind);
1505
96449e8e 1506=head2 Inserting and Updating Arrays
1507
1508If your database has array types (like for example Postgres),
1509activate the special option C<< array_datatypes => 1 >>
9d48860e 1510when creating the C<SQL::Abstract> object.
96449e8e 1511Then you may use an arrayref to insert and update database array types:
1512
1513 my $sql = SQL::Abstract->new(array_datatypes => 1);
1514 my %data = (
1515 planets => [qw/Mercury Venus Earth Mars/]
1516 );
9d48860e 1517
96449e8e 1518 my($stmt, @bind) = $sql->insert('solar_system', \%data);
1519
1520This results in:
1521
1522 $stmt = "INSERT INTO solar_system (planets) VALUES (?)"
1523
1524 @bind = (['Mercury', 'Venus', 'Earth', 'Mars']);
1525
1526
1527=head2 Inserting and Updating SQL
1528
1529In order to apply SQL functions to elements of your C<%data> you may
1530specify a reference to an arrayref for the given hash value. For example,
1531if you need to execute the Oracle C<to_date> function on a value, you can
1532say something like this:
32eab2da 1533
1534 my %data = (
1535 name => 'Bill',
3ae1c5e2 1536 date_entered => \[ "to_date(?,'MM/DD/YYYY')", "03/02/2003" ],
9d48860e 1537 );
32eab2da 1538
1539The first value in the array is the actual SQL. Any other values are
1540optional and would be included in the bind values array. This gives
1541you:
1542
1543 my($stmt, @bind) = $sql->insert('people', \%data);
1544
9d48860e 1545 $stmt = "INSERT INTO people (name, date_entered)
32eab2da 1546 VALUES (?, to_date(?,'MM/DD/YYYY'))";
1547 @bind = ('Bill', '03/02/2003');
1548
1549An UPDATE is just as easy, all you change is the name of the function:
1550
1551 my($stmt, @bind) = $sql->update('people', \%data);
1552
1553Notice that your C<%data> isn't touched; the module will generate
1554the appropriately quirky SQL for you automatically. Usually you'll
1555want to specify a WHERE clause for your UPDATE, though, which is
1556where handling C<%where> hashes comes in handy...
1557
96449e8e 1558=head2 Complex where statements
1559
32eab2da 1560This module can generate pretty complicated WHERE statements
1561easily. For example, simple C<key=value> pairs are taken to mean
1562equality, and if you want to see if a field is within a set
1563of values, you can use an arrayref. Let's say we wanted to
1564SELECT some data based on this criteria:
1565
1566 my %where = (
1567 requestor => 'inna',
1568 worker => ['nwiger', 'rcwe', 'sfz'],
1569 status => { '!=', 'completed' }
1570 );
1571
1572 my($stmt, @bind) = $sql->select('tickets', '*', \%where);
1573
1574The above would give you something like this:
1575
1576 $stmt = "SELECT * FROM tickets WHERE
1577 ( requestor = ? ) AND ( status != ? )
1578 AND ( worker = ? OR worker = ? OR worker = ? )";
1579 @bind = ('inna', 'completed', 'nwiger', 'rcwe', 'sfz');
1580
1581Which you could then use in DBI code like so:
1582
1583 my $sth = $dbh->prepare($stmt);
1584 $sth->execute(@bind);
1585
1586Easy, eh?
1587
0da0fe34 1588=head1 METHODS
32eab2da 1589
13cc86af 1590The methods are simple. There's one for every major SQL operation,
32eab2da 1591and a constructor you use first. The arguments are specified in a
13cc86af 1592similar order for each method (table, then fields, then a where
32eab2da 1593clause) to try and simplify things.
1594
32eab2da 1595=head2 new(option => 'value')
1596
1597The C<new()> function takes a list of options and values, and returns
1598a new B<SQL::Abstract> object which can then be used to generate SQL
1599through the methods below. The options accepted are:
1600
1601=over
1602
1603=item case
1604
1605If set to 'lower', then SQL will be generated in all lowercase. By
1606default SQL is generated in "textbook" case meaning something like:
1607
1608 SELECT a_field FROM a_table WHERE some_field LIKE '%someval%'
1609
96449e8e 1610Any setting other than 'lower' is ignored.
1611
32eab2da 1612=item cmp
1613
1614This determines what the default comparison operator is. By default
1615it is C<=>, meaning that a hash like this:
1616
1617 %where = (name => 'nwiger', email => 'nate@wiger.org');
1618
1619Will generate SQL like this:
1620
1621 WHERE name = 'nwiger' AND email = 'nate@wiger.org'
1622
1623However, you may want loose comparisons by default, so if you set
1624C<cmp> to C<like> you would get SQL such as:
1625
1626 WHERE name like 'nwiger' AND email like 'nate@wiger.org'
1627
3af02ccb 1628You can also override the comparison on an individual basis - see
32eab2da 1629the huge section on L</"WHERE CLAUSES"> at the bottom.
1630
96449e8e 1631=item sqltrue, sqlfalse
1632
1633Expressions for inserting boolean values within SQL statements.
6e0c6552 1634By default these are C<1=1> and C<1=0>. They are used
1635by the special operators C<-in> and C<-not_in> for generating
1636correct SQL even when the argument is an empty array (see below).
96449e8e 1637
32eab2da 1638=item logic
1639
1640This determines the default logical operator for multiple WHERE
7cac25e6 1641statements in arrays or hashes. If absent, the default logic is "or"
1642for arrays, and "and" for hashes. This means that a WHERE
32eab2da 1643array of the form:
1644
1645 @where = (
9d48860e 1646 event_date => {'>=', '2/13/99'},
1647 event_date => {'<=', '4/24/03'},
32eab2da 1648 );
1649
7cac25e6 1650will generate SQL like this:
32eab2da 1651
1652 WHERE event_date >= '2/13/99' OR event_date <= '4/24/03'
1653
1654This is probably not what you want given this query, though (look
1655at the dates). To change the "OR" to an "AND", simply specify:
1656
1657 my $sql = SQL::Abstract->new(logic => 'and');
1658
1659Which will change the above C<WHERE> to:
1660
1661 WHERE event_date >= '2/13/99' AND event_date <= '4/24/03'
1662
96449e8e 1663The logic can also be changed locally by inserting
be21dde3 1664a modifier in front of an arrayref:
96449e8e 1665
9d48860e 1666 @where = (-and => [event_date => {'>=', '2/13/99'},
7cac25e6 1667 event_date => {'<=', '4/24/03'} ]);
96449e8e 1668
1669See the L</"WHERE CLAUSES"> section for explanations.
1670
32eab2da 1671=item convert
1672
1673This will automatically convert comparisons using the specified SQL
1674function for both column and value. This is mostly used with an argument
1675of C<upper> or C<lower>, so that the SQL will have the effect of
1676case-insensitive "searches". For example, this:
1677
1678 $sql = SQL::Abstract->new(convert => 'upper');
1679 %where = (keywords => 'MaKe iT CAse inSeNSItive');
1680
1681Will turn out the following SQL:
1682
1683 WHERE upper(keywords) like upper('MaKe iT CAse inSeNSItive')
1684
1685The conversion can be C<upper()>, C<lower()>, or any other SQL function
1686that can be applied symmetrically to fields (actually B<SQL::Abstract> does
1687not validate this option; it will just pass through what you specify verbatim).
1688
1689=item bindtype
1690
1691This is a kludge because many databases suck. For example, you can't
1692just bind values using DBI's C<execute()> for Oracle C<CLOB> or C<BLOB> fields.
1693Instead, you have to use C<bind_param()>:
1694
1695 $sth->bind_param(1, 'reg data');
1696 $sth->bind_param(2, $lots, {ora_type => ORA_CLOB});
1697
1698The problem is, B<SQL::Abstract> will normally just return a C<@bind> array,
1699which loses track of which field each slot refers to. Fear not.
1700
1701If you specify C<bindtype> in new, you can determine how C<@bind> is returned.
1702Currently, you can specify either C<normal> (default) or C<columns>. If you
1703specify C<columns>, you will get an array that looks like this:
1704
1705 my $sql = SQL::Abstract->new(bindtype => 'columns');
1706 my($stmt, @bind) = $sql->insert(...);
1707
1708 @bind = (
1709 [ 'column1', 'value1' ],
1710 [ 'column2', 'value2' ],
1711 [ 'column3', 'value3' ],
1712 );
1713
1714You can then iterate through this manually, using DBI's C<bind_param()>.
e3f9dff4 1715
32eab2da 1716 $sth->prepare($stmt);
1717 my $i = 1;
1718 for (@bind) {
1719 my($col, $data) = @$_;
1720 if ($col eq 'details' || $col eq 'comments') {
1721 $sth->bind_param($i, $data, {ora_type => ORA_CLOB});
1722 } elsif ($col eq 'image') {
1723 $sth->bind_param($i, $data, {ora_type => ORA_BLOB});
1724 } else {
1725 $sth->bind_param($i, $data);
1726 }
1727 $i++;
1728 }
1729 $sth->execute; # execute without @bind now
1730
1731Now, why would you still use B<SQL::Abstract> if you have to do this crap?
1732Basically, the advantage is still that you don't have to care which fields
1733are or are not included. You could wrap that above C<for> loop in a simple
1734sub called C<bind_fields()> or something and reuse it repeatedly. You still
1735get a layer of abstraction over manual SQL specification.
1736
3ae1c5e2 1737Note that if you set L</bindtype> to C<columns>, the C<\[ $sql, @bind ]>
deb148a2 1738construct (see L</Literal SQL with placeholders and bind values (subqueries)>)
1739will expect the bind values in this format.
1740
32eab2da 1741=item quote_char
1742
1743This is the character that a table or column name will be quoted
9d48860e 1744with. By default this is an empty string, but you could set it to
32eab2da 1745the character C<`>, to generate SQL like this:
1746
1747 SELECT `a_field` FROM `a_table` WHERE `some_field` LIKE '%someval%'
1748
96449e8e 1749Alternatively, you can supply an array ref of two items, the first being the left
1750hand quote character, and the second the right hand quote character. For
1751example, you could supply C<['[',']']> for SQL Server 2000 compliant quotes
1752that generates SQL like this:
1753
1754 SELECT [a_field] FROM [a_table] WHERE [some_field] LIKE '%someval%'
1755
9d48860e 1756Quoting is useful if you have tables or columns names that are reserved
96449e8e 1757words in your database's SQL dialect.
32eab2da 1758
46be4313 1759=item escape_char
1760
1761This is the character that will be used to escape L</quote_char>s appearing
1762in an identifier before it has been quoted.
1763
80790166 1764The parameter default in case of a single L</quote_char> character is the quote
46be4313 1765character itself.
1766
1767When opening-closing-style quoting is used (L</quote_char> is an arrayref)
9de2bd86 1768this parameter defaults to the B<closing (right)> L</quote_char>. Occurrences
46be4313 1769of the B<opening (left)> L</quote_char> within the identifier are currently left
1770untouched. The default for opening-closing-style quotes may change in future
1771versions, thus you are B<strongly encouraged> to specify the escape character
1772explicitly.
1773
32eab2da 1774=item name_sep
1775
1776This is the character that separates a table and column name. It is
1777necessary to specify this when the C<quote_char> option is selected,
1778so that tables and column names can be individually quoted like this:
1779
1780 SELECT `table`.`one_field` FROM `table` WHERE `table`.`other_field` = 1
1781
b6251592 1782=item injection_guard
1783
1784A regular expression C<qr/.../> that is applied to any C<-function> and unquoted
1785column name specified in a query structure. This is a safety mechanism to avoid
1786injection attacks when mishandling user input e.g.:
1787
1788 my %condition_as_column_value_pairs = get_values_from_user();
1789 $sqla->select( ... , \%condition_as_column_value_pairs );
1790
1791If the expression matches an exception is thrown. Note that literal SQL
1792supplied via C<\'...'> or C<\['...']> is B<not> checked in any way.
1793
1794Defaults to checking for C<;> and the C<GO> keyword (TransactSQL)
1795
96449e8e 1796=item array_datatypes
32eab2da 1797
9d48860e 1798When this option is true, arrayrefs in INSERT or UPDATE are
1799interpreted as array datatypes and are passed directly
96449e8e 1800to the DBI layer.
1801When this option is false, arrayrefs are interpreted
1802as literal SQL, just like refs to arrayrefs
1803(but this behavior is for backwards compatibility; when writing
1804new queries, use the "reference to arrayref" syntax
1805for literal SQL).
32eab2da 1806
32eab2da 1807
96449e8e 1808=item special_ops
32eab2da 1809
9d48860e 1810Takes a reference to a list of "special operators"
96449e8e 1811to extend the syntax understood by L<SQL::Abstract>.
1812See section L</"SPECIAL OPERATORS"> for details.
32eab2da 1813
59f23b3d 1814=item unary_ops
1815
9d48860e 1816Takes a reference to a list of "unary operators"
59f23b3d 1817to extend the syntax understood by L<SQL::Abstract>.
1818See section L</"UNARY OPERATORS"> for details.
1819
32eab2da 1820
32eab2da 1821
96449e8e 1822=back
32eab2da 1823
02288357 1824=head2 insert($table, \@values || \%fieldvals, \%options)
32eab2da 1825
1826This is the simplest function. You simply give it a table name
1827and either an arrayref of values or hashref of field/value pairs.
1828It returns an SQL INSERT statement and a list of bind values.
96449e8e 1829See the sections on L</"Inserting and Updating Arrays"> and
1830L</"Inserting and Updating SQL"> for information on how to insert
1831with those data types.
32eab2da 1832
02288357 1833The optional C<\%options> hash reference may contain additional
1834options to generate the insert SQL. Currently supported options
1835are:
1836
1837=over 4
1838
1839=item returning
1840
1841Takes either a scalar of raw SQL fields, or an array reference of
1842field names, and adds on an SQL C<RETURNING> statement at the end.
1843This allows you to return data generated by the insert statement
1844(such as row IDs) without performing another C<SELECT> statement.
1845Note, however, this is not part of the SQL standard and may not
1846be supported by all database engines.
1847
1848=back
1849
95904db5 1850=head2 update($table, \%fieldvals, \%where, \%options)
32eab2da 1851
1852This takes a table, hashref of field/value pairs, and an optional
86298391 1853hashref L<WHERE clause|/WHERE CLAUSES>. It returns an SQL UPDATE function and a list
32eab2da 1854of bind values.
96449e8e 1855See the sections on L</"Inserting and Updating Arrays"> and
1856L</"Inserting and Updating SQL"> for information on how to insert
1857with those data types.
32eab2da 1858
95904db5 1859The optional C<\%options> hash reference may contain additional
1860options to generate the update SQL. Currently supported options
1861are:
1862
1863=over 4
1864
1865=item returning
1866
1867See the C<returning> option to
1868L<insert|/insert($table, \@values || \%fieldvals, \%options)>.
1869
1870=back
1871
96449e8e 1872=head2 select($source, $fields, $where, $order)
32eab2da 1873
9d48860e 1874This returns a SQL SELECT statement and associated list of bind values, as
be21dde3 1875specified by the arguments:
32eab2da 1876
96449e8e 1877=over
32eab2da 1878
96449e8e 1879=item $source
32eab2da 1880
9d48860e 1881Specification of the 'FROM' part of the statement.
96449e8e 1882The argument can be either a plain scalar (interpreted as a table
1883name, will be quoted), or an arrayref (interpreted as a list
1884of table names, joined by commas, quoted), or a scalarref
063097a3 1885(literal SQL, not quoted).
32eab2da 1886
96449e8e 1887=item $fields
32eab2da 1888
9d48860e 1889Specification of the list of fields to retrieve from
96449e8e 1890the source.
1891The argument can be either an arrayref (interpreted as a list
9d48860e 1892of field names, will be joined by commas and quoted), or a
96449e8e 1893plain scalar (literal SQL, not quoted).
521647e7 1894Please observe that this API is not as flexible as that of
1895the first argument C<$source>, for backwards compatibility reasons.
32eab2da 1896
96449e8e 1897=item $where
32eab2da 1898
96449e8e 1899Optional argument to specify the WHERE part of the query.
1900The argument is most often a hashref, but can also be
9d48860e 1901an arrayref or plain scalar --
96449e8e 1902see section L<WHERE clause|/"WHERE CLAUSES"> for details.
32eab2da 1903
96449e8e 1904=item $order
32eab2da 1905
96449e8e 1906Optional argument to specify the ORDER BY part of the query.
9d48860e 1907The argument can be a scalar, a hashref or an arrayref
96449e8e 1908-- see section L<ORDER BY clause|/"ORDER BY CLAUSES">
1909for details.
32eab2da 1910
96449e8e 1911=back
32eab2da 1912
32eab2da 1913
85327cd5 1914=head2 delete($table, \%where, \%options)
32eab2da 1915
86298391 1916This takes a table name and optional hashref L<WHERE clause|/WHERE CLAUSES>.
32eab2da 1917It returns an SQL DELETE statement and list of bind values.
1918
85327cd5 1919The optional C<\%options> hash reference may contain additional
1920options to generate the delete SQL. Currently supported options
1921are:
1922
1923=over 4
1924
1925=item returning
1926
1927See the C<returning> option to
1928L<insert|/insert($table, \@values || \%fieldvals, \%options)>.
1929
1930=back
1931
85783f3c 1932=head2 where(\%where, $order)
32eab2da 1933
1934This is used to generate just the WHERE clause. For example,
1935if you have an arbitrary data structure and know what the
1936rest of your SQL is going to look like, but want an easy way
1937to produce a WHERE clause, use this. It returns an SQL WHERE
1938clause and list of bind values.
1939
32eab2da 1940
1941=head2 values(\%data)
1942
1943This just returns the values from the hash C<%data>, in the same
1944order that would be returned from any of the other above queries.
1945Using this allows you to markedly speed up your queries if you
1946are affecting lots of rows. See below under the L</"PERFORMANCE"> section.
1947
32eab2da 1948=head2 generate($any, 'number', $of, \@data, $struct, \%types)
1949
1950Warning: This is an experimental method and subject to change.
1951
1952This returns arbitrarily generated SQL. It's a really basic shortcut.
1953It will return two different things, depending on return context:
1954
1955 my($stmt, @bind) = $sql->generate('create table', \$table, \@fields);
1956 my $stmt_and_val = $sql->generate('create table', \$table, \@fields);
1957
1958These would return the following:
1959
1960 # First calling form
1961 $stmt = "CREATE TABLE test (?, ?)";
1962 @bind = (field1, field2);
1963
1964 # Second calling form
1965 $stmt_and_val = "CREATE TABLE test (field1, field2)";
1966
1967Depending on what you're trying to do, it's up to you to choose the correct
1968format. In this example, the second form is what you would want.
1969
1970By the same token:
1971
1972 $sql->generate('alter session', { nls_date_format => 'MM/YY' });
1973
1974Might give you:
1975
1976 ALTER SESSION SET nls_date_format = 'MM/YY'
1977
1978You get the idea. Strings get their case twiddled, but everything
1979else remains verbatim.
1980
0da0fe34 1981=head1 EXPORTABLE FUNCTIONS
1982
1983=head2 is_plain_value
1984
1985Determines if the supplied argument is a plain value as understood by this
1986module:
1987
1988=over
1989
1990=item * The value is C<undef>
1991
1992=item * The value is a non-reference
1993
1994=item * The value is an object with stringification overloading
1995
1996=item * The value is of the form C<< { -value => $anything } >>
1997
1998=back
1999
9de2bd86 2000On failure returns C<undef>, on success returns a B<scalar> reference
966200cc 2001to the original supplied argument.
0da0fe34 2002
843a94b5 2003=over
2004
2005=item * Note
2006
2007The stringification overloading detection is rather advanced: it takes
2008into consideration not only the presence of a C<""> overload, but if that
2009fails also checks for enabled
2010L<autogenerated versions of C<"">|overload/Magic Autogeneration>, based
2011on either C<0+> or C<bool>.
2012
2013Unfortunately testing in the field indicates that this
2014detection B<< may tickle a latent bug in perl versions before 5.018 >>,
2015but only when very large numbers of stringifying objects are involved.
2016At the time of writing ( Sep 2014 ) there is no clear explanation of
2017the direct cause, nor is there a manageably small test case that reliably
2018reproduces the problem.
2019
2020If you encounter any of the following exceptions in B<random places within
2021your application stack> - this module may be to blame:
2022
2023 Operation "ne": no method found,
2024 left argument in overloaded package <something>,
2025 right argument in overloaded package <something>
2026
2027or perhaps even
2028
2029 Stub found while resolving method "???" overloading """" in package <something>
2030
2031If you fall victim to the above - please attempt to reduce the problem
2032to something that could be sent to the L<SQL::Abstract developers
1f490ae4 2033|DBIx::Class/GETTING HELP/SUPPORT>
843a94b5 2034(either publicly or privately). As a workaround in the meantime you can
2035set C<$ENV{SQLA_ISVALUE_IGNORE_AUTOGENERATED_STRINGIFICATION}> to a true
2036value, which will most likely eliminate your problem (at the expense of
2037not being able to properly detect exotic forms of stringification).
2038
2039This notice and environment variable will be removed in a future version,
2040as soon as the underlying problem is found and a reliable workaround is
2041devised.
2042
2043=back
2044
0da0fe34 2045=head2 is_literal_value
2046
2047Determines if the supplied argument is a literal value as understood by this
2048module:
2049
2050=over
2051
2052=item * C<\$sql_string>
2053
2054=item * C<\[ $sql_string, @bind_values ]>
2055
0da0fe34 2056=back
2057
9de2bd86 2058On failure returns C<undef>, on success returns an B<array> reference
966200cc 2059containing the unpacked version of the supplied literal SQL and bind values.
0da0fe34 2060
32eab2da 2061=head1 WHERE CLAUSES
2062
96449e8e 2063=head2 Introduction
2064
32eab2da 2065This module uses a variation on the idea from L<DBIx::Abstract>. It
2066is B<NOT>, repeat I<not> 100% compatible. B<The main logic of this
2067module is that things in arrays are OR'ed, and things in hashes
2068are AND'ed.>
2069
2070The easiest way to explain is to show lots of examples. After
2071each C<%where> hash shown, it is assumed you used:
2072
2073 my($stmt, @bind) = $sql->where(\%where);
2074
2075However, note that the C<%where> hash can be used directly in any
2076of the other functions as well, as described above.
2077
96449e8e 2078=head2 Key-value pairs
2079
32eab2da 2080So, let's get started. To begin, a simple hash:
2081
2082 my %where = (
2083 user => 'nwiger',
2084 status => 'completed'
2085 );
2086
2087Is converted to SQL C<key = val> statements:
2088
2089 $stmt = "WHERE user = ? AND status = ?";
2090 @bind = ('nwiger', 'completed');
2091
2092One common thing I end up doing is having a list of values that
2093a field can be in. To do this, simply specify a list inside of
2094an arrayref:
2095
2096 my %where = (
2097 user => 'nwiger',
2098 status => ['assigned', 'in-progress', 'pending'];
2099 );
2100
2101This simple code will create the following:
9d48860e 2102
32eab2da 2103 $stmt = "WHERE user = ? AND ( status = ? OR status = ? OR status = ? )";
2104 @bind = ('nwiger', 'assigned', 'in-progress', 'pending');
2105
9d48860e 2106A field associated to an empty arrayref will be considered a
7cac25e6 2107logical false and will generate 0=1.
8a68b5be 2108
b864ba9b 2109=head2 Tests for NULL values
2110
2111If the value part is C<undef> then this is converted to SQL <IS NULL>
2112
2113 my %where = (
2114 user => 'nwiger',
2115 status => undef,
2116 );
2117
2118becomes:
2119
2120 $stmt = "WHERE user = ? AND status IS NULL";
2121 @bind = ('nwiger');
2122
e9614080 2123To test if a column IS NOT NULL:
2124
2125 my %where = (
2126 user => 'nwiger',
2127 status => { '!=', undef },
2128 );
cc422895 2129
6e0c6552 2130=head2 Specific comparison operators
96449e8e 2131
32eab2da 2132If you want to specify a different type of operator for your comparison,
2133you can use a hashref for a given column:
2134
2135 my %where = (
2136 user => 'nwiger',
2137 status => { '!=', 'completed' }
2138 );
2139
2140Which would generate:
2141
2142 $stmt = "WHERE user = ? AND status != ?";
2143 @bind = ('nwiger', 'completed');
2144
2145To test against multiple values, just enclose the values in an arrayref:
2146
96449e8e 2147 status => { '=', ['assigned', 'in-progress', 'pending'] };
2148
f2d5020d 2149Which would give you:
96449e8e 2150
2151 "WHERE status = ? OR status = ? OR status = ?"
2152
2153
2154The hashref can also contain multiple pairs, in which case it is expanded
32eab2da 2155into an C<AND> of its elements:
2156
2157 my %where = (
2158 user => 'nwiger',
2159 status => { '!=', 'completed', -not_like => 'pending%' }
2160 );
2161
2162 # Or more dynamically, like from a form
2163 $where{user} = 'nwiger';
2164 $where{status}{'!='} = 'completed';
2165 $where{status}{'-not_like'} = 'pending%';
2166
2167 # Both generate this
2168 $stmt = "WHERE user = ? AND status != ? AND status NOT LIKE ?";
2169 @bind = ('nwiger', 'completed', 'pending%');
2170
96449e8e 2171
32eab2da 2172To get an OR instead, you can combine it with the arrayref idea:
2173
2174 my %where => (
2175 user => 'nwiger',
1a6f2a03 2176 priority => [ { '=', 2 }, { '>', 5 } ]
32eab2da 2177 );
2178
2179Which would generate:
2180
1a6f2a03 2181 $stmt = "WHERE ( priority = ? OR priority > ? ) AND user = ?";
2182 @bind = ('2', '5', 'nwiger');
32eab2da 2183
44b9e502 2184If you want to include literal SQL (with or without bind values), just use a
13cc86af 2185scalar reference or reference to an arrayref as the value:
44b9e502 2186
2187 my %where = (
2188 date_entered => { '>' => \["to_date(?, 'MM/DD/YYYY')", "11/26/2008"] },
2189 date_expires => { '<' => \"now()" }
2190 );
2191
2192Which would generate:
2193
13cc86af 2194 $stmt = "WHERE date_entered > to_date(?, 'MM/DD/YYYY') AND date_expires < now()";
44b9e502 2195 @bind = ('11/26/2008');
2196
96449e8e 2197
2198=head2 Logic and nesting operators
2199
2200In the example above,
2201there is a subtle trap if you want to say something like
32eab2da 2202this (notice the C<AND>):
2203
2204 WHERE priority != ? AND priority != ?
2205
2206Because, in Perl you I<can't> do this:
2207
13cc86af 2208 priority => { '!=' => 2, '!=' => 1 }
32eab2da 2209
2210As the second C<!=> key will obliterate the first. The solution
2211is to use the special C<-modifier> form inside an arrayref:
2212
9d48860e 2213 priority => [ -and => {'!=', 2},
96449e8e 2214 {'!=', 1} ]
2215
32eab2da 2216
2217Normally, these would be joined by C<OR>, but the modifier tells it
2218to use C<AND> instead. (Hint: You can use this in conjunction with the
2219C<logic> option to C<new()> in order to change the way your queries
2220work by default.) B<Important:> Note that the C<-modifier> goes
2221B<INSIDE> the arrayref, as an extra first element. This will
2222B<NOT> do what you think it might:
2223
2224 priority => -and => [{'!=', 2}, {'!=', 1}] # WRONG!
2225
2226Here is a quick list of equivalencies, since there is some overlap:
2227
2228 # Same
2229 status => {'!=', 'completed', 'not like', 'pending%' }
2230 status => [ -and => {'!=', 'completed'}, {'not like', 'pending%'}]
2231
2232 # Same
2233 status => {'=', ['assigned', 'in-progress']}
2234 status => [ -or => {'=', 'assigned'}, {'=', 'in-progress'}]
2235 status => [ {'=', 'assigned'}, {'=', 'in-progress'} ]
2236
e3f9dff4 2237
2238
be21dde3 2239=head2 Special operators: IN, BETWEEN, etc.
96449e8e 2240
32eab2da 2241You can also use the hashref format to compare a list of fields using the
2242C<IN> comparison operator, by specifying the list as an arrayref:
2243
2244 my %where = (
2245 status => 'completed',
2246 reportid => { -in => [567, 2335, 2] }
2247 );
2248
2249Which would generate:
2250
2251 $stmt = "WHERE status = ? AND reportid IN (?,?,?)";
2252 @bind = ('completed', '567', '2335', '2');
2253
9d48860e 2254The reverse operator C<-not_in> generates SQL C<NOT IN> and is used in
96449e8e 2255the same way.
2256
6e0c6552 2257If the argument to C<-in> is an empty array, 'sqlfalse' is generated
be21dde3 2258(by default: C<1=0>). Similarly, C<< -not_in => [] >> generates
2259'sqltrue' (by default: C<1=1>).
6e0c6552 2260
e41c3bdd 2261In addition to the array you can supply a chunk of literal sql or
2262literal sql with bind:
6e0c6552 2263
e41c3bdd 2264 my %where = {
2265 customer => { -in => \[
2266 'SELECT cust_id FROM cust WHERE balance > ?',
2267 2000,
2268 ],
2269 status => { -in => \'SELECT status_codes FROM states' },
2270 };
6e0c6552 2271
e41c3bdd 2272would generate:
2273
2274 $stmt = "WHERE (
2275 customer IN ( SELECT cust_id FROM cust WHERE balance > ? )
2276 AND status IN ( SELECT status_codes FROM states )
2277 )";
2278 @bind = ('2000');
2279
0dfd2442 2280Finally, if the argument to C<-in> is not a reference, it will be
2281treated as a single-element array.
e41c3bdd 2282
2283Another pair of operators is C<-between> and C<-not_between>,
96449e8e 2284used with an arrayref of two values:
32eab2da 2285
2286 my %where = (
2287 user => 'nwiger',
2288 completion_date => {
2289 -not_between => ['2002-10-01', '2003-02-06']
2290 }
2291 );
2292
2293Would give you:
2294
2295 WHERE user = ? AND completion_date NOT BETWEEN ( ? AND ? )
2296
e41c3bdd 2297Just like with C<-in> all plausible combinations of literal SQL
2298are possible:
2299
2300 my %where = {
2301 start0 => { -between => [ 1, 2 ] },
2302 start1 => { -between => \["? AND ?", 1, 2] },
2303 start2 => { -between => \"lower(x) AND upper(y)" },
9d48860e 2304 start3 => { -between => [
e41c3bdd 2305 \"lower(x)",
2306 \["upper(?)", 'stuff' ],
2307 ] },
2308 };
2309
2310Would give you:
2311
2312 $stmt = "WHERE (
2313 ( start0 BETWEEN ? AND ? )
2314 AND ( start1 BETWEEN ? AND ? )
2315 AND ( start2 BETWEEN lower(x) AND upper(y) )
2316 AND ( start3 BETWEEN lower(x) AND upper(?) )
2317 )";
2318 @bind = (1, 2, 1, 2, 'stuff');
2319
2320
9d48860e 2321These are the two builtin "special operators"; but the
be21dde3 2322list can be expanded: see section L</"SPECIAL OPERATORS"> below.
96449e8e 2323
59f23b3d 2324=head2 Unary operators: bool
97a920ef 2325
2326If you wish to test against boolean columns or functions within your
2327database you can use the C<-bool> and C<-not_bool> operators. For
2328example to test the column C<is_user> being true and the column
827bb0eb 2329C<is_enabled> being false you would use:-
97a920ef 2330
2331 my %where = (
2332 -bool => 'is_user',
2333 -not_bool => 'is_enabled',
2334 );
2335
2336Would give you:
2337
277b5d3f 2338 WHERE is_user AND NOT is_enabled
97a920ef 2339
0b604e9d 2340If a more complex combination is required, testing more conditions,
2341then you should use the and/or operators:-
2342
2343 my %where = (
2344 -and => [
2345 -bool => 'one',
23401b81 2346 -not_bool => { two=> { -rlike => 'bar' } },
2347 -not_bool => { three => [ { '=', 2 }, { '>', 5 } ] },
0b604e9d 2348 ],
2349 );
2350
2351Would give you:
2352
23401b81 2353 WHERE
2354 one
2355 AND
2356 (NOT two RLIKE ?)
2357 AND
2358 (NOT ( three = ? OR three > ? ))
97a920ef 2359
2360
107b72f1 2361=head2 Nested conditions, -and/-or prefixes
96449e8e 2362
32eab2da 2363So far, we've seen how multiple conditions are joined with a top-level
2364C<AND>. We can change this by putting the different conditions we want in
2365hashes and then putting those hashes in an array. For example:
2366
2367 my @where = (
2368 {
2369 user => 'nwiger',
2370 status => { -like => ['pending%', 'dispatched'] },
2371 },
2372 {
2373 user => 'robot',
2374 status => 'unassigned',
2375 }
2376 );
2377
2378This data structure would create the following:
2379
2380 $stmt = "WHERE ( user = ? AND ( status LIKE ? OR status LIKE ? ) )
2381 OR ( user = ? AND status = ? ) )";
2382 @bind = ('nwiger', 'pending', 'dispatched', 'robot', 'unassigned');
2383
107b72f1 2384
48d9f5f8 2385Clauses in hashrefs or arrayrefs can be prefixed with an C<-and> or C<-or>
be21dde3 2386to change the logic inside:
32eab2da 2387
2388 my @where = (
2389 -and => [
2390 user => 'nwiger',
48d9f5f8 2391 [
2392 -and => [ workhrs => {'>', 20}, geo => 'ASIA' ],
2393 -or => { workhrs => {'<', 50}, geo => 'EURO' },
32eab2da 2394 ],
2395 ],
2396 );
2397
2398That would yield:
2399
13cc86af 2400 $stmt = "WHERE ( user = ?
2401 AND ( ( workhrs > ? AND geo = ? )
2402 OR ( workhrs < ? OR geo = ? ) ) )";
2403 @bind = ('nwiger', '20', 'ASIA', '50', 'EURO');
107b72f1 2404
cc422895 2405=head3 Algebraic inconsistency, for historical reasons
107b72f1 2406
7cac25e6 2407C<Important note>: when connecting several conditions, the C<-and->|C<-or>
2408operator goes C<outside> of the nested structure; whereas when connecting
2409several constraints on one column, the C<-and> operator goes
be21dde3 2410C<inside> the arrayref. Here is an example combining both features:
7cac25e6 2411
2412 my @where = (
2413 -and => [a => 1, b => 2],
2414 -or => [c => 3, d => 4],
2415 e => [-and => {-like => 'foo%'}, {-like => '%bar'} ]
2416 )
2417
2418yielding
2419
9d48860e 2420 WHERE ( ( ( a = ? AND b = ? )
2421 OR ( c = ? OR d = ? )
7cac25e6 2422 OR ( e LIKE ? AND e LIKE ? ) ) )
2423
107b72f1 2424This difference in syntax is unfortunate but must be preserved for
be21dde3 2425historical reasons. So be careful: the two examples below would
107b72f1 2426seem algebraically equivalent, but they are not
2427
a948b1fe 2428 { col => [ -and =>
2429 { -like => 'foo%' },
2430 { -like => '%bar' },
2431 ] }
be21dde3 2432 # yields: WHERE ( ( col LIKE ? AND col LIKE ? ) )
107b72f1 2433
a948b1fe 2434 [ -and =>
2435 { col => { -like => 'foo%' } },
2436 { col => { -like => '%bar' } },
2437 ]
be21dde3 2438 # yields: WHERE ( ( col LIKE ? OR col LIKE ? ) )
107b72f1 2439
7cac25e6 2440
cc422895 2441=head2 Literal SQL and value type operators
96449e8e 2442
cc422895 2443The basic premise of SQL::Abstract is that in WHERE specifications the "left
2444side" is a column name and the "right side" is a value (normally rendered as
2445a placeholder). This holds true for both hashrefs and arrayref pairs as you
2446see in the L</WHERE CLAUSES> examples above. Sometimes it is necessary to
2447alter this behavior. There are several ways of doing so.
e9614080 2448
cc422895 2449=head3 -ident
2450
2451This is a virtual operator that signals the string to its right side is an
2452identifier (a column name) and not a value. For example to compare two
2453columns you would write:
32eab2da 2454
e9614080 2455 my %where = (
2456 priority => { '<', 2 },
cc422895 2457 requestor => { -ident => 'submitter' },
e9614080 2458 );
2459
2460which creates:
2461
2462 $stmt = "WHERE priority < ? AND requestor = submitter";
2463 @bind = ('2');
2464
cc422895 2465If you are maintaining legacy code you may see a different construct as
2466described in L</Deprecated usage of Literal SQL>, please use C<-ident> in new
2467code.
2468
2469=head3 -value
e9614080 2470
cc422895 2471This is a virtual operator that signals that the construct to its right side
2472is a value to be passed to DBI. This is for example necessary when you want
2473to write a where clause against an array (for RDBMS that support such
2474datatypes). For example:
e9614080 2475
32eab2da 2476 my %where = (
cc422895 2477 array => { -value => [1, 2, 3] }
32eab2da 2478 );
2479
cc422895 2480will result in:
32eab2da 2481
cc422895 2482 $stmt = 'WHERE array = ?';
2483 @bind = ([1, 2, 3]);
32eab2da 2484
cc422895 2485Note that if you were to simply say:
32eab2da 2486
2487 my %where = (
cc422895 2488 array => [1, 2, 3]
32eab2da 2489 );
2490
3af02ccb 2491the result would probably not be what you wanted:
cc422895 2492
2493 $stmt = 'WHERE array = ? OR array = ? OR array = ?';
2494 @bind = (1, 2, 3);
2495
2496=head3 Literal SQL
96449e8e 2497
cc422895 2498Finally, sometimes only literal SQL will do. To include a random snippet
2499of SQL verbatim, you specify it as a scalar reference. Consider this only
2500as a last resort. Usually there is a better way. For example:
96449e8e 2501
2502 my %where = (
cc422895 2503 priority => { '<', 2 },
2504 requestor => { -in => \'(SELECT name FROM hitmen)' },
96449e8e 2505 );
2506
cc422895 2507Would create:
96449e8e 2508
cc422895 2509 $stmt = "WHERE priority < ? AND requestor IN (SELECT name FROM hitmen)"
2510 @bind = (2);
2511
2512Note that in this example, you only get one bind parameter back, since
2513the verbatim SQL is passed as part of the statement.
2514
2515=head4 CAVEAT
2516
2517 Never use untrusted input as a literal SQL argument - this is a massive
2518 security risk (there is no way to check literal snippets for SQL
2519 injections and other nastyness). If you need to deal with untrusted input
2520 use literal SQL with placeholders as described next.
96449e8e 2521
cc422895 2522=head3 Literal SQL with placeholders and bind values (subqueries)
96449e8e 2523
2524If the literal SQL to be inserted has placeholders and bind values,
2525use a reference to an arrayref (yes this is a double reference --
2526not so common, but perfectly legal Perl). For example, to find a date
2527in Postgres you can use something like this:
2528
2529 my %where = (
3ae1c5e2 2530 date_column => \[ "= date '2008-09-30' - ?::integer", 10 ]
96449e8e 2531 )
2532
2533This would create:
2534
d2a8fe1a 2535 $stmt = "WHERE ( date_column = date '2008-09-30' - ?::integer )"
96449e8e 2536 @bind = ('10');
2537
deb148a2 2538Note that you must pass the bind values in the same format as they are returned
85783f3c 2539by L<where|/where(\%where, $order)>. This means that if you set L</bindtype>
1f490ae4 2540to C<columns>, you must provide the bind values in the
2541C<< [ column_meta => value ] >> format, where C<column_meta> is an opaque
2542scalar value; most commonly the column name, but you can use any scalar value
2543(including references and blessed references), L<SQL::Abstract> will simply
2544pass it through intact. So if C<bindtype> is set to C<columns> the above
2545example will look like:
deb148a2 2546
2547 my %where = (
3ae1c5e2 2548 date_column => \[ "= date '2008-09-30' - ?::integer", [ {} => 10 ] ]
deb148a2 2549 )
96449e8e 2550
2551Literal SQL is especially useful for nesting parenthesized clauses in the
be21dde3 2552main SQL query. Here is a first example:
96449e8e 2553
2554 my ($sub_stmt, @sub_bind) = ("SELECT c1 FROM t1 WHERE c2 < ? AND c3 LIKE ?",
2555 100, "foo%");
2556 my %where = (
2557 foo => 1234,
2558 bar => \["IN ($sub_stmt)" => @sub_bind],
2559 );
2560
be21dde3 2561This yields:
96449e8e 2562
9d48860e 2563 $stmt = "WHERE (foo = ? AND bar IN (SELECT c1 FROM t1
96449e8e 2564 WHERE c2 < ? AND c3 LIKE ?))";
2565 @bind = (1234, 100, "foo%");
2566
9d48860e 2567Other subquery operators, like for example C<"E<gt> ALL"> or C<"NOT IN">,
96449e8e 2568are expressed in the same way. Of course the C<$sub_stmt> and
9d48860e 2569its associated bind values can be generated through a former call
96449e8e 2570to C<select()> :
2571
2572 my ($sub_stmt, @sub_bind)
9d48860e 2573 = $sql->select("t1", "c1", {c2 => {"<" => 100},
96449e8e 2574 c3 => {-like => "foo%"}});
2575 my %where = (
2576 foo => 1234,
2577 bar => \["> ALL ($sub_stmt)" => @sub_bind],
2578 );
2579
2580In the examples above, the subquery was used as an operator on a column;
9d48860e 2581but the same principle also applies for a clause within the main C<%where>
be21dde3 2582hash, like an EXISTS subquery:
96449e8e 2583
9d48860e 2584 my ($sub_stmt, @sub_bind)
96449e8e 2585 = $sql->select("t1", "*", {c1 => 1, c2 => \"> t0.c0"});
48d9f5f8 2586 my %where = ( -and => [
96449e8e 2587 foo => 1234,
48d9f5f8 2588 \["EXISTS ($sub_stmt)" => @sub_bind],
2589 ]);
96449e8e 2590
2591which yields
2592
9d48860e 2593 $stmt = "WHERE (foo = ? AND EXISTS (SELECT * FROM t1
96449e8e 2594 WHERE c1 = ? AND c2 > t0.c0))";
2595 @bind = (1234, 1);
2596
2597
9d48860e 2598Observe that the condition on C<c2> in the subquery refers to
be21dde3 2599column C<t0.c0> of the main query: this is I<not> a bind
9d48860e 2600value, so we have to express it through a scalar ref.
96449e8e 2601Writing C<< c2 => {">" => "t0.c0"} >> would have generated
2602C<< c2 > ? >> with bind value C<"t0.c0"> ... not exactly
2603what we wanted here.
2604
96449e8e 2605Finally, here is an example where a subquery is used
2606for expressing unary negation:
2607
9d48860e 2608 my ($sub_stmt, @sub_bind)
96449e8e 2609 = $sql->where({age => [{"<" => 10}, {">" => 20}]});
2610 $sub_stmt =~ s/^ where //i; # don't want "WHERE" in the subclause
2611 my %where = (
2612 lname => {like => '%son%'},
48d9f5f8 2613 \["NOT ($sub_stmt)" => @sub_bind],
96449e8e 2614 );
2615
2616This yields
2617
2618 $stmt = "lname LIKE ? AND NOT ( age < ? OR age > ? )"
2619 @bind = ('%son%', 10, 20)
2620
cc422895 2621=head3 Deprecated usage of Literal SQL
2622
2623Below are some examples of archaic use of literal SQL. It is shown only as
2624reference for those who deal with legacy code. Each example has a much
2625better, cleaner and safer alternative that users should opt for in new code.
2626
2627=over
2628
2629=item *
2630
2631 my %where = ( requestor => \'IS NOT NULL' )
2632
2633 $stmt = "WHERE requestor IS NOT NULL"
2634
2635This used to be the way of generating NULL comparisons, before the handling
2636of C<undef> got formalized. For new code please use the superior syntax as
2637described in L</Tests for NULL values>.
96449e8e 2638
cc422895 2639=item *
2640
2641 my %where = ( requestor => \'= submitter' )
2642
2643 $stmt = "WHERE requestor = submitter"
2644
2645This used to be the only way to compare columns. Use the superior L</-ident>
2646method for all new code. For example an identifier declared in such a way
2647will be properly quoted if L</quote_char> is properly set, while the legacy
2648form will remain as supplied.
2649
2650=item *
2651
2652 my %where = ( is_ready => \"", completed => { '>', '2012-12-21' } )
2653
2654 $stmt = "WHERE completed > ? AND is_ready"
2655 @bind = ('2012-12-21')
2656
2657Using an empty string literal used to be the only way to express a boolean.
2658For all new code please use the much more readable
2659L<-bool|/Unary operators: bool> operator.
2660
2661=back
96449e8e 2662
2663=head2 Conclusion
2664
32eab2da 2665These pages could go on for a while, since the nesting of the data
2666structures this module can handle are pretty much unlimited (the
2667module implements the C<WHERE> expansion as a recursive function
2668internally). Your best bet is to "play around" with the module a
2669little to see how the data structures behave, and choose the best
2670format for your data based on that.
2671
2672And of course, all the values above will probably be replaced with
2673variables gotten from forms or the command line. After all, if you
2674knew everything ahead of time, you wouldn't have to worry about
2675dynamically-generating SQL and could just hardwire it into your
2676script.
2677
86298391 2678=head1 ORDER BY CLAUSES
2679
9d48860e 2680Some functions take an order by clause. This can either be a scalar (just a
18710f60 2681column name), a hashref of C<< { -desc => 'col' } >> or C<< { -asc => 'col' }
2682>>, a scalarref, an arrayref-ref, or an arrayref of any of the previous
2683forms. Examples:
1cfa1db3 2684
8c15b421 2685 Given | Will Generate
18710f60 2686 ---------------------------------------------------------------
8c15b421 2687 |
2688 'colA' | ORDER BY colA
2689 |
2690 [qw/colA colB/] | ORDER BY colA, colB
2691 |
2692 {-asc => 'colA'} | ORDER BY colA ASC
2693 |
2694 {-desc => 'colB'} | ORDER BY colB DESC
2695 |
2696 ['colA', {-asc => 'colB'}] | ORDER BY colA, colB ASC
2697 |
2698 { -asc => [qw/colA colB/] } | ORDER BY colA ASC, colB ASC
2699 |
2700 \'colA DESC' | ORDER BY colA DESC
2701 |
2702 \[ 'FUNC(colA, ?)', $x ] | ORDER BY FUNC(colA, ?)
2703 | /* ...with $x bound to ? */
2704 |
bd805d85 2705 [ | ORDER BY
2706 { -asc => 'colA' }, | colA ASC,
2707 { -desc => [qw/colB/] }, | colB DESC,
2708 { -asc => [qw/colC colD/] },| colC ASC, colD ASC,
2709 \'colE DESC', | colE DESC,
2710 \[ 'FUNC(colF, ?)', $x ], | FUNC(colF, ?)
2711 ] | /* ...with $x bound to ? */
18710f60 2712 ===============================================================
86298391 2713
96449e8e 2714
2715
2716=head1 SPECIAL OPERATORS
2717
e3f9dff4 2718 my $sqlmaker = SQL::Abstract->new(special_ops => [
3a2e1a5e 2719 {
2720 regex => qr/.../,
e3f9dff4 2721 handler => sub {
2722 my ($self, $field, $op, $arg) = @_;
2723 ...
3a2e1a5e 2724 },
2725 },
2726 {
2727 regex => qr/.../,
2728 handler => 'method_name',
e3f9dff4 2729 },
2730 ]);
2731
9d48860e 2732A "special operator" is a SQL syntactic clause that can be
e3f9dff4 2733applied to a field, instead of a usual binary operator.
be21dde3 2734For example:
e3f9dff4 2735
2736 WHERE field IN (?, ?, ?)
2737 WHERE field BETWEEN ? AND ?
2738 WHERE MATCH(field) AGAINST (?, ?)
96449e8e 2739
e3f9dff4 2740Special operators IN and BETWEEN are fairly standard and therefore
3a2e1a5e 2741are builtin within C<SQL::Abstract> (as the overridable methods
2742C<_where_field_IN> and C<_where_field_BETWEEN>). For other operators,
2743like the MATCH .. AGAINST example above which is specific to MySQL,
2744you can write your own operator handlers - supply a C<special_ops>
2745argument to the C<new> method. That argument takes an arrayref of
2746operator definitions; each operator definition is a hashref with two
2747entries:
96449e8e 2748
e3f9dff4 2749=over
2750
2751=item regex
2752
2753the regular expression to match the operator
96449e8e 2754
e3f9dff4 2755=item handler
2756
3a2e1a5e 2757Either a coderef or a plain scalar method name. In both cases
2758the expected return is C<< ($sql, @bind) >>.
2759
2760When supplied with a method name, it is simply called on the
13cc86af 2761L<SQL::Abstract> object as:
3a2e1a5e 2762
ca4f826a 2763 $self->$method_name($field, $op, $arg)
3a2e1a5e 2764
2765 Where:
2766
3a2e1a5e 2767 $field is the LHS of the operator
13cc86af 2768 $op is the part that matched the handler regex
3a2e1a5e 2769 $arg is the RHS
2770
2771When supplied with a coderef, it is called as:
2772
2773 $coderef->($self, $field, $op, $arg)
2774
e3f9dff4 2775
2776=back
2777
9d48860e 2778For example, here is an implementation
e3f9dff4 2779of the MATCH .. AGAINST syntax for MySQL
2780
2781 my $sqlmaker = SQL::Abstract->new(special_ops => [
9d48860e 2782
e3f9dff4 2783 # special op for MySql MATCH (field) AGAINST(word1, word2, ...)
9d48860e 2784 {regex => qr/^match$/i,
e3f9dff4 2785 handler => sub {
2786 my ($self, $field, $op, $arg) = @_;
2787 $arg = [$arg] if not ref $arg;
2788 my $label = $self->_quote($field);
2789 my ($placeholder) = $self->_convert('?');
2790 my $placeholders = join ", ", (($placeholder) x @$arg);
2791 my $sql = $self->_sqlcase('match') . " ($label) "
2792 . $self->_sqlcase('against') . " ($placeholders) ";
2793 my @bind = $self->_bindtype($field, @$arg);
2794 return ($sql, @bind);
2795 }
2796 },
9d48860e 2797
e3f9dff4 2798 ]);
96449e8e 2799
2800
59f23b3d 2801=head1 UNARY OPERATORS
2802
112b5232 2803 my $sqlmaker = SQL::Abstract->new(unary_ops => [
59f23b3d 2804 {
2805 regex => qr/.../,
2806 handler => sub {
2807 my ($self, $op, $arg) = @_;
2808 ...
2809 },
2810 },
2811 {
2812 regex => qr/.../,
2813 handler => 'method_name',
2814 },
2815 ]);
2816
9d48860e 2817A "unary operator" is a SQL syntactic clause that can be
59f23b3d 2818applied to a field - the operator goes before the field
2819
2820You can write your own operator handlers - supply a C<unary_ops>
2821argument to the C<new> method. That argument takes an arrayref of
2822operator definitions; each operator definition is a hashref with two
2823entries:
2824
2825=over
2826
2827=item regex
2828
2829the regular expression to match the operator
2830
2831=item handler
2832
2833Either a coderef or a plain scalar method name. In both cases
2834the expected return is C<< $sql >>.
2835
2836When supplied with a method name, it is simply called on the
13cc86af 2837L<SQL::Abstract> object as:
59f23b3d 2838
ca4f826a 2839 $self->$method_name($op, $arg)
59f23b3d 2840
2841 Where:
2842
2843 $op is the part that matched the handler regex
2844 $arg is the RHS or argument of the operator
2845
2846When supplied with a coderef, it is called as:
2847
2848 $coderef->($self, $op, $arg)
2849
2850
2851=back
2852
2853
32eab2da 2854=head1 PERFORMANCE
2855
2856Thanks to some benchmarking by Mark Stosberg, it turns out that
2857this module is many orders of magnitude faster than using C<DBIx::Abstract>.
2858I must admit this wasn't an intentional design issue, but it's a
2859byproduct of the fact that you get to control your C<DBI> handles
2860yourself.
2861
2862To maximize performance, use a code snippet like the following:
2863
2864 # prepare a statement handle using the first row
2865 # and then reuse it for the rest of the rows
2866 my($sth, $stmt);
2867 for my $href (@array_of_hashrefs) {
2868 $stmt ||= $sql->insert('table', $href);
2869 $sth ||= $dbh->prepare($stmt);
2870 $sth->execute($sql->values($href));
2871 }
2872
2873The reason this works is because the keys in your C<$href> are sorted
2874internally by B<SQL::Abstract>. Thus, as long as your data retains
2875the same structure, you only have to generate the SQL the first time
2876around. On subsequent queries, simply use the C<values> function provided
2877by this module to return your values in the correct order.
2878
b864ba9b 2879However this depends on the values having the same type - if, for
2880example, the values of a where clause may either have values
2881(resulting in sql of the form C<column = ?> with a single bind
2882value), or alternatively the values might be C<undef> (resulting in
2883sql of the form C<column IS NULL> with no bind value) then the
2884caching technique suggested will not work.
96449e8e 2885
32eab2da 2886=head1 FORMBUILDER
2887
2888If you use my C<CGI::FormBuilder> module at all, you'll hopefully
2889really like this part (I do, at least). Building up a complex query
2890can be as simple as the following:
2891
2892 #!/usr/bin/perl
2893
46dc2f3e 2894 use warnings;
2895 use strict;
2896
32eab2da 2897 use CGI::FormBuilder;
2898 use SQL::Abstract;
2899
2900 my $form = CGI::FormBuilder->new(...);
2901 my $sql = SQL::Abstract->new;
2902
2903 if ($form->submitted) {
2904 my $field = $form->field;
2905 my $id = delete $field->{id};
2906 my($stmt, @bind) = $sql->update('table', $field, {id => $id});
2907 }
2908
2909Of course, you would still have to connect using C<DBI> to run the
2910query, but the point is that if you make your form look like your
2911table, the actual query script can be extremely simplistic.
2912
2913If you're B<REALLY> lazy (I am), check out C<HTML::QuickTable> for
9d48860e 2914a fast interface to returning and formatting data. I frequently
32eab2da 2915use these three modules together to write complex database query
2916apps in under 50 lines.
2917
af733667 2918=head1 HOW TO CONTRIBUTE
2919
2920Contributions are always welcome, in all usable forms (we especially
2921welcome documentation improvements). The delivery methods include git-
2922or unified-diff formatted patches, GitHub pull requests, or plain bug
2923reports either via RT or the Mailing list. Contributors are generally
2924granted full access to the official repository after their first several
2925patches pass successful review.
2926
2927This project is maintained in a git repository. The code and related tools are
2928accessible at the following locations:
d8cc1792 2929
2930=over
2931
af733667 2932=item * Official repo: L<git://git.shadowcat.co.uk/dbsrgits/SQL-Abstract.git>
2933
2934=item * Official gitweb: L<http://git.shadowcat.co.uk/gitweb/gitweb.cgi?p=dbsrgits/SQL-Abstract.git>
2935
2936=item * GitHub mirror: L<https://github.com/dbsrgits/sql-abstract>
d8cc1792 2937
af733667 2938=item * Authorized committers: L<ssh://dbsrgits@git.shadowcat.co.uk/SQL-Abstract.git>
d8cc1792 2939
2940=back
32eab2da 2941
96449e8e 2942=head1 CHANGES
2943
2944Version 1.50 was a major internal refactoring of C<SQL::Abstract>.
2945Great care has been taken to preserve the I<published> behavior
2946documented in previous versions in the 1.* family; however,
9d48860e 2947some features that were previously undocumented, or behaved
96449e8e 2948differently from the documentation, had to be changed in order
2949to clarify the semantics. Hence, client code that was relying
9d48860e 2950on some dark areas of C<SQL::Abstract> v1.*
96449e8e 2951B<might behave differently> in v1.50.
32eab2da 2952
be21dde3 2953The main changes are:
d2a8fe1a 2954
96449e8e 2955=over
32eab2da 2956
9d48860e 2957=item *
32eab2da 2958
3ae1c5e2 2959support for literal SQL through the C<< \ [ $sql, @bind ] >> syntax.
96449e8e 2960
2961=item *
2962
145fbfc8 2963support for the { operator => \"..." } construct (to embed literal SQL)
2964
2965=item *
2966
9c37b9c0 2967support for the { operator => \["...", @bind] } construct (to embed literal SQL with bind values)
2968
2969=item *
2970
96449e8e 2971optional support for L<array datatypes|/"Inserting and Updating Arrays">
2972
9d48860e 2973=item *
96449e8e 2974
be21dde3 2975defensive programming: check arguments
96449e8e 2976
2977=item *
2978
2979fixed bug with global logic, which was previously implemented
7cac25e6 2980through global variables yielding side-effects. Prior versions would
96449e8e 2981interpret C<< [ {cond1, cond2}, [cond3, cond4] ] >>
2982as C<< "(cond1 AND cond2) OR (cond3 AND cond4)" >>.
2983Now this is interpreted
2984as C<< "(cond1 AND cond2) OR (cond3 OR cond4)" >>.
2985
96449e8e 2986
2987=item *
2988
2989fixed semantics of _bindtype on array args
2990
9d48860e 2991=item *
96449e8e 2992
2993dropped the C<_anoncopy> of the %where tree. No longer necessary,
2994we just avoid shifting arrays within that tree.
2995
2996=item *
2997
2998dropped the C<_modlogic> function
2999
3000=back
32eab2da 3001
32eab2da 3002=head1 ACKNOWLEDGEMENTS
3003
3004There are a number of individuals that have really helped out with
3005this module. Unfortunately, most of them submitted bugs via CPAN
3006so I have no idea who they are! But the people I do know are:
3007
9d48860e 3008 Ash Berlin (order_by hash term support)
b643abe1 3009 Matt Trout (DBIx::Class support)
32eab2da 3010 Mark Stosberg (benchmarking)
3011 Chas Owens (initial "IN" operator support)
3012 Philip Collins (per-field SQL functions)
3013 Eric Kolve (hashref "AND" support)
3014 Mike Fragassi (enhancements to "BETWEEN" and "LIKE")
3015 Dan Kubb (support for "quote_char" and "name_sep")
f5aab26e 3016 Guillermo Roditi (patch to cleanup "IN" and "BETWEEN", fix and tests for _order_by)
48d9f5f8 3017 Laurent Dami (internal refactoring, extensible list of special operators, literal SQL)
dbdf7648 3018 Norbert Buchmuller (support for literal SQL in hashpair, misc. fixes & tests)
e96c510a 3019 Peter Rabbitson (rewrite of SQLA::Test, misc. fixes & tests)
02288357 3020 Oliver Charles (support for "RETURNING" after "INSERT")
32eab2da 3021
3022Thanks!
3023
32eab2da 3024=head1 SEE ALSO
3025
86298391 3026L<DBIx::Class>, L<DBIx::Abstract>, L<CGI::FormBuilder>, L<HTML::QuickTable>.
32eab2da 3027
32eab2da 3028=head1 AUTHOR
3029
b643abe1 3030Copyright (c) 2001-2007 Nathan Wiger <nwiger@cpan.org>. All Rights Reserved.
3031
3032This module is actively maintained by Matt Trout <mst@shadowcatsystems.co.uk>
32eab2da 3033
abe72f94 3034For support, your best bet is to try the C<DBIx::Class> users mailing list.
3035While not an official support venue, C<DBIx::Class> makes heavy use of
3036C<SQL::Abstract>, and as such list members there are very familiar with
3037how to create queries.
3038
0d067ded 3039=head1 LICENSE
3040
d988ab87 3041This module is free software; you may copy this under the same
3042terms as perl itself (either the GNU General Public License or
3043the Artistic License)
32eab2da 3044
3045=cut
Unnamed repository; edit this file 'description' to name the repository.