projects / scpubgit/Q-Branch.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | history | HEAD
select fields now handled by expand/render code
[scpubgit/Q-Branch.git] / lib / SQL / Abstract.pm
CommitLineData
96449e8e 1package SQL::Abstract; # see doc at end of file
2
96449e8e 3use strict;
4use warnings;
9d9d5bd6 5use Carp ();
312d830b 6use List::Util ();
7use Scalar::Util ();
96449e8e 8
0da0fe34 9use Exporter 'import';
10our @EXPORT_OK = qw(is_plain_value is_literal_value);
11
12BEGIN {
13 if ($] < 5.009_005) {
14 require MRO::Compat;
15 }
16 else {
17 require mro;
18 }
843a94b5 19
20 *SQL::Abstract::_ENV_::DETECT_AUTOGENERATED_STRINGIFICATION = $ENV{SQLA_ISVALUE_IGNORE_AUTOGENERATED_STRINGIFICATION}
21 ? sub () { 0 }
22 : sub () { 1 }
23 ;
0da0fe34 24}
25
96449e8e 26#======================================================================
27# GLOBALS
28#======================================================================
29
dc6afcf8 30our $VERSION = '1.86';
7479e27e 31
22f1a437 32# This would confuse some packagers
c520207b 33$VERSION = eval $VERSION if $VERSION =~ /_/; # numify for warning-free dev releases
96449e8e 34
35our $AUTOLOAD;
36
37# special operators (-in, -between). May be extended/overridden by user.
38# See section WHERE: BUILTIN SPECIAL OPERATORS below for implementation
39my @BUILTIN_SPECIAL_OPS = (
f663e672 40 {regex => qr/^ (?: not \s )? between $/ix, handler => sub { die "NOPE" }},
41 {regex => qr/^ (?: not \s )? in $/ix, handler => sub { die "NOPE" }},
87c8e45b 42 {regex => qr/^ is (?: \s+ not )? $/ix, handler => sub { die "NOPE" }},
96449e8e 43);
44
45#======================================================================
46# DEBUGGING AND ERROR REPORTING
47#======================================================================
48
49sub _debug {
50 return unless $_[0]->{debug}; shift; # a little faster
51 my $func = (caller(1))[3];
52 warn "[$func] ", @_, "\n";
53}
54
55sub belch (@) {
56 my($func) = (caller(1))[3];
9d9d5bd6 57 Carp::carp "[$func] Warning: ", @_;
96449e8e 58}
59
60sub puke (@) {
61 my($func) = (caller(1))[3];
9d9d5bd6 62 Carp::croak "[$func] Fatal: ", @_;
96449e8e 63}
64
0da0fe34 65sub is_literal_value ($) {
66 ref $_[0] eq 'SCALAR' ? [ ${$_[0]} ]
67 : ( ref $_[0] eq 'REF' and ref ${$_[0]} eq 'ARRAY' ) ? [ @${ $_[0] } ]
0da0fe34 68 : undef;
69}
70
71# FIXME XSify - this can be done so much more efficiently
72sub is_plain_value ($) {
73 no strict 'refs';
966200cc 74 ! length ref $_[0] ? \($_[0])
0da0fe34 75 : (
76 ref $_[0] eq 'HASH' and keys %{$_[0]} == 1
77 and
78 exists $_[0]->{-value}
966200cc 79 ) ? \($_[0]->{-value})
0da0fe34 80 : (
a1c9e0ff 81 # reuse @_ for even moar speedz
82 defined ( $_[1] = Scalar::Util::blessed $_[0] )
0da0fe34 83 and
84 # deliberately not using Devel::OverloadInfo - the checks we are
85 # intersted in are much more limited than the fullblown thing, and
86 # this is a very hot piece of code
87 (
e8d729d4 88 # simply using ->can('(""') can leave behind stub methods that
89 # break actually using the overload later (see L<perldiag/Stub
90 # found while resolving method "%s" overloading "%s" in package
91 # "%s"> and the source of overload::mycan())
44e54b41 92 #
0da0fe34 93 # either has stringification which DBI SHOULD prefer out of the box
a1c9e0ff 94 grep { *{ (qq[${_}::(""]) }{CODE} } @{ $_[2] = mro::get_linear_isa( $_[1] ) }
0da0fe34 95 or
20e178a8 96 # has nummification or boolification, AND fallback is *not* disabled
0da0fe34 97 (
843a94b5 98 SQL::Abstract::_ENV_::DETECT_AUTOGENERATED_STRINGIFICATION
99 and
20e178a8 100 (
101 grep { *{"${_}::(0+"}{CODE} } @{$_[2]}
102 or
103 grep { *{"${_}::(bool"}{CODE} } @{$_[2]}
104 )
0da0fe34 105 and
106 (
107 # no fallback specified at all
a1c9e0ff 108 ! ( ($_[3]) = grep { *{"${_}::()"}{CODE} } @{$_[2]} )
0da0fe34 109 or
110 # fallback explicitly undef
a1c9e0ff 111 ! defined ${"$_[3]::()"}
0da0fe34 112 or
113 # explicitly true
a1c9e0ff 114 !! ${"$_[3]::()"}
0da0fe34 115 )
116 )
117 )
966200cc 118 ) ? \($_[0])
0da0fe34 119 : undef;
120}
121
122
96449e8e 123
124#======================================================================
125# NEW
126#======================================================================
127
128sub new {
129 my $self = shift;
130 my $class = ref($self) || $self;
131 my %opt = (ref $_[0] eq 'HASH') ? %{$_[0]} : @_;
132
133 # choose our case by keeping an option around
134 delete $opt{case} if $opt{case} && $opt{case} ne 'lower';
135
136 # default logic for interpreting arrayrefs
ef559da3 137 $opt{logic} = $opt{logic} ? uc $opt{logic} : 'OR';
96449e8e 138
139 # how to return bind vars
96449e8e 140 $opt{bindtype} ||= 'normal';
141
142 # default comparison is "=", but can be overridden
143 $opt{cmp} ||= '=';
144
3af02ccb 145 # try to recognize which are the 'equality' and 'inequality' ops
3cdadcbe 146 # (temporary quickfix (in 2007), should go through a more seasoned API)
147 $opt{equality_op} = qr/^( \Q$opt{cmp}\E | \= )$/ix;
148 $opt{inequality_op} = qr/^( != | <> )$/ix;
149
150 $opt{like_op} = qr/^ (is\s+)? r?like $/xi;
151 $opt{not_like_op} = qr/^ (is\s+)? not \s+ r?like $/xi;
96449e8e 152
153 # SQL booleans
154 $opt{sqltrue} ||= '1=1';
155 $opt{sqlfalse} ||= '0=1';
156
9d48860e 157 # special operators
99a65fa8 158 $opt{user_special_ops} = [ @{$opt{special_ops} ||= []} ];
b6251592 159 # regexes are applied in order, thus push after user-defines
96449e8e 160 push @{$opt{special_ops}}, @BUILTIN_SPECIAL_OPS;
161
9d48860e 162 # unary operators
59f23b3d 163 $opt{unary_ops} ||= [];
59f23b3d 164
3af02ccb 165 # rudimentary sanity-check for user supplied bits treated as functions/operators
b6251592 166 # If a purported function matches this regular expression, an exception is thrown.
167 # Literal SQL is *NOT* subject to this check, only functions (and column names
168 # when quoting is not in effect)
96449e8e 169
b6251592 170 # FIXME
171 # need to guard against ()'s in column names too, but this will break tons of
172 # hacks... ideas anyone?
173 $opt{injection_guard} ||= qr/
174 \;
175 |
176 ^ \s* go \s
177 /xmi;
96449e8e 178
b6251592 179 return bless \%opt, $class;
180}
96449e8e 181
e175845b 182sub sqltrue { +{ -literal => [ $_[0]->{sqltrue} ] } }
183sub sqlfalse { +{ -literal => [ $_[0]->{sqlfalse} ] } }
170e6c33 184
185sub _assert_pass_injection_guard {
186 if ($_[1] =~ $_[0]->{injection_guard}) {
187 my $class = ref $_[0];
188 puke "Possible SQL injection attempt '$_[1]'. If this is indeed a part of the "
189 . "desired SQL use literal SQL ( \'...' or \[ '...' ] ) or supply your own "
190 . "{injection_guard} attribute to ${class}->new()"
191 }
192}
193
194
96449e8e 195#======================================================================
196# INSERT methods
197#======================================================================
198
199sub insert {
02288357 200 my $self = shift;
201 my $table = $self->_table(shift);
202 my $data = shift || return;
203 my $options = shift;
96449e8e 204
205 my $method = $self->_METHOD_FOR_refkind("_insert", $data);
02288357 206 my ($sql, @bind) = $self->$method($data);
96449e8e 207 $sql = join " ", $self->_sqlcase('insert into'), $table, $sql;
02288357 208
e82e648a 209 if ($options->{returning}) {
ca4f826a 210 my ($s, @b) = $self->_insert_returning($options);
e82e648a 211 $sql .= $s;
212 push @bind, @b;
02288357 213 }
214
96449e8e 215 return wantarray ? ($sql, @bind) : $sql;
216}
217
60f3fd3f 218# So that subclasses can override INSERT ... RETURNING separately from
219# UPDATE and DELETE (e.g. DBIx::Class::SQLMaker::Oracle does this)
b17a3ece 220sub _insert_returning { shift->_returning(@_) }
221
95904db5 222sub _returning {
e82e648a 223 my ($self, $options) = @_;
6b1fe79d 224
e82e648a 225 my $f = $options->{returning};
226
227 my $fieldlist = $self->_SWITCH_refkind($f, {
228 ARRAYREF => sub {join ', ', map { $self->_quote($_) } @$f;},
229 SCALAR => sub {$self->_quote($f)},
230 SCALARREF => sub {$$f},
6b1fe79d 231 });
e82e648a 232 return $self->_sqlcase(' returning ') . $fieldlist;
6b1fe79d 233}
234
96449e8e 235sub _insert_HASHREF { # explicit list of fields and then values
236 my ($self, $data) = @_;
237
238 my @fields = sort keys %$data;
239
fe3ae272 240 my ($sql, @bind) = $self->_insert_values($data);
96449e8e 241
242 # assemble SQL
243 $_ = $self->_quote($_) foreach @fields;
244 $sql = "( ".join(", ", @fields).") ".$sql;
245
246 return ($sql, @bind);
247}
248
249sub _insert_ARRAYREF { # just generate values(?,?) part (no list of fields)
250 my ($self, $data) = @_;
251
252 # no names (arrayref) so can't generate bindtype
253 $self->{bindtype} ne 'columns'
254 or belch "can't do 'columns' bindtype when called with arrayref";
255
19b6ccce 256 my (@values, @all_bind);
257 foreach my $value (@$data) {
258 my ($values, @bind) = $self->_insert_value(undef, $value);
259 push @values, $values;
260 push @all_bind, @bind;
261 }
262 my $sql = $self->_sqlcase('values')." ( ".join(", ", @values)." )";
263 return ($sql, @all_bind);
fe3ae272 264}
265
266sub _insert_ARRAYREFREF { # literal SQL with bind
267 my ($self, $data) = @_;
268
269 my ($sql, @bind) = @${$data};
270 $self->_assert_bindval_matches_bindtype(@bind);
271
272 return ($sql, @bind);
273}
274
275
276sub _insert_SCALARREF { # literal SQL without bind
277 my ($self, $data) = @_;
278
279 return ($$data);
280}
281
282sub _insert_values {
283 my ($self, $data) = @_;
284
96449e8e 285 my (@values, @all_bind);
fe3ae272 286 foreach my $column (sort keys %$data) {
19b6ccce 287 my ($values, @bind) = $self->_insert_value($column, $data->{$column});
288 push @values, $values;
289 push @all_bind, @bind;
290 }
291 my $sql = $self->_sqlcase('values')." ( ".join(", ", @values)." )";
292 return ($sql, @all_bind);
293}
96449e8e 294
19b6ccce 295sub _insert_value {
296 my ($self, $column, $v) = @_;
96449e8e 297
19b6ccce 298 my (@values, @all_bind);
299 $self->_SWITCH_refkind($v, {
96449e8e 300
19b6ccce 301 ARRAYREF => sub {
302 if ($self->{array_datatypes}) { # if array datatype are activated
96449e8e 303 push @values, '?';
fe3ae272 304 push @all_bind, $self->_bindtype($column, $v);
19b6ccce 305 }
306 else { # else literal SQL with bind
307 my ($sql, @bind) = @$v;
308 $self->_assert_bindval_matches_bindtype(@bind);
309 push @values, $sql;
310 push @all_bind, @bind;
311 }
312 },
313
314 ARRAYREFREF => sub { # literal SQL with bind
315 my ($sql, @bind) = @${$v};
316 $self->_assert_bindval_matches_bindtype(@bind);
317 push @values, $sql;
318 push @all_bind, @bind;
319 },
320
be21dde3 321 # THINK: anything useful to do with a HASHREF ?
19b6ccce 322 HASHREF => sub { # (nothing, but old SQLA passed it through)
323 #TODO in SQLA >= 2.0 it will die instead
324 belch "HASH ref as bind value in insert is not supported";
325 push @values, '?';
326 push @all_bind, $self->_bindtype($column, $v);
327 },
328
329 SCALARREF => sub { # literal SQL without bind
330 push @values, $$v;
331 },
332
333 SCALAR_or_UNDEF => sub {
334 push @values, '?';
335 push @all_bind, $self->_bindtype($column, $v);
336 },
96449e8e 337
19b6ccce 338 });
96449e8e 339
19b6ccce 340 my $sql = join(", ", @values);
96449e8e 341 return ($sql, @all_bind);
342}
343
344
96449e8e 345
346#======================================================================
347# UPDATE methods
348#======================================================================
349
350
351sub update {
95904db5 352 my $self = shift;
353 my $table = $self->_table(shift);
354 my $data = shift || return;
355 my $where = shift;
356 my $options = shift;
96449e8e 357
358 # first build the 'SET' part of the sql statement
96449e8e 359 puke "Unsupported data type specified to \$sql->update"
360 unless ref $data eq 'HASH';
361
9ade906e 362 my ($sql, @all_bind) = $self->_update_set_values($data);
a9e94508 363 $sql = $self->_sqlcase('update ') . $table . $self->_sqlcase(' set ')
9ade906e 364 . $sql;
365
366 if ($where) {
367 my($where_sql, @where_bind) = $self->where($where);
368 $sql .= $where_sql;
369 push @all_bind, @where_bind;
370 }
371
372 if ($options->{returning}) {
373 my ($returning_sql, @returning_bind) = $self->_update_returning($options);
374 $sql .= $returning_sql;
375 push @all_bind, @returning_bind;
376 }
377
378 return wantarray ? ($sql, @all_bind) : $sql;
379}
380
381sub _update_set_values {
382 my ($self, $data) = @_;
383
384 my (@set, @all_bind);
96449e8e 385 for my $k (sort keys %$data) {
386 my $v = $data->{$k};
387 my $r = ref $v;
388 my $label = $self->_quote($k);
389
390 $self->_SWITCH_refkind($v, {
9d48860e 391 ARRAYREF => sub {
96449e8e 392 if ($self->{array_datatypes}) { # array datatype
393 push @set, "$label = ?";
394 push @all_bind, $self->_bindtype($k, $v);
395 }
396 else { # literal SQL with bind
397 my ($sql, @bind) = @$v;
fe3ae272 398 $self->_assert_bindval_matches_bindtype(@bind);
96449e8e 399 push @set, "$label = $sql";
fe3ae272 400 push @all_bind, @bind;
96449e8e 401 }
402 },
403 ARRAYREFREF => sub { # literal SQL with bind
404 my ($sql, @bind) = @${$v};
fe3ae272 405 $self->_assert_bindval_matches_bindtype(@bind);
96449e8e 406 push @set, "$label = $sql";
fe3ae272 407 push @all_bind, @bind;
96449e8e 408 },
409 SCALARREF => sub { # literal SQL without bind
410 push @set, "$label = $$v";
0ec3aec7 411 },
412 HASHREF => sub {
413 my ($op, $arg, @rest) = %$v;
414
415 puke 'Operator calls in update must be in the form { -op => $arg }'
416 if (@rest or not $op =~ /^\-(.+)/);
417
cbb4eeaf 418 local our $Cur_Col_Meta = $k;
419 my ($sql, @bind) = $self->_render_expr(
420 $self->_expand_expr_hashpair($op, $arg)
421 );
0ec3aec7 422
423 push @set, "$label = $sql";
424 push @all_bind, @bind;
425 },
96449e8e 426 SCALAR_or_UNDEF => sub {
427 push @set, "$label = ?";
428 push @all_bind, $self->_bindtype($k, $v);
429 },
430 });
431 }
432
433 # generate sql
9ade906e 434 my $sql = join ', ', @set;
96449e8e 435
9ade906e 436 return ($sql, @all_bind);
96449e8e 437}
438
60f3fd3f 439# So that subclasses can override UPDATE ... RETURNING separately from
440# INSERT and DELETE
20bb2ad5 441sub _update_returning { shift->_returning(@_) }
96449e8e 442
443
444
445#======================================================================
446# SELECT
447#======================================================================
448
449
450sub select {
451 my $self = shift;
452 my $table = $self->_table(shift);
453 my $fields = shift || '*';
454 my $where = shift;
455 my $order = shift;
456
daa4ccdd 457 my ($fields_sql, @bind) = $self->_select_fields($fields);
96449e8e 458
daa4ccdd 459 my ($where_sql, @where_bind) = $self->where($where, $order);
460 push @bind, @where_bind;
461
462 my $sql = join(' ', $self->_sqlcase('select'), $fields_sql,
96449e8e 463 $self->_sqlcase('from'), $table)
464 . $where_sql;
465
9d48860e 466 return wantarray ? ($sql, @bind) : $sql;
96449e8e 467}
468
daa4ccdd 469sub _select_fields {
470 my ($self, $fields) = @_;
27592e2b 471 return $self->_render_expr(
472 $self->_expand_maybe_list_expr($fields, undef, '-ident')
473 );
daa4ccdd 474}
475
96449e8e 476#======================================================================
477# DELETE
478#======================================================================
479
480
481sub delete {
85327cd5 482 my $self = shift;
483 my $table = $self->_table(shift);
484 my $where = shift;
485 my $options = shift;
96449e8e 486
487 my($where_sql, @bind) = $self->where($where);
a9e94508 488 my $sql = $self->_sqlcase('delete from ') . $table . $where_sql;
96449e8e 489
85327cd5 490 if ($options->{returning}) {
ca4f826a 491 my ($returning_sql, @returning_bind) = $self->_delete_returning($options);
85327cd5 492 $sql .= $returning_sql;
493 push @bind, @returning_bind;
494 }
495
9d48860e 496 return wantarray ? ($sql, @bind) : $sql;
96449e8e 497}
498
60f3fd3f 499# So that subclasses can override DELETE ... RETURNING separately from
500# INSERT and UPDATE
85327cd5 501sub _delete_returning { shift->_returning(@_) }
502
503
96449e8e 504
505#======================================================================
506# WHERE: entry point
507#======================================================================
508
509
510
511# Finally, a separate routine just to handle WHERE clauses
512sub where {
513 my ($self, $where, $order) = @_;
514
7ad12721 515 local $self->{convert_where} = $self->{convert};
516
96449e8e 517 # where ?
e175845b 518 my ($sql, @bind) = defined($where)
519 ? $self->_recurse_where($where)
520 : (undef);
417dd15e 521 $sql = (defined $sql and length $sql) ? $self->_sqlcase(' where ') . "( $sql )" : '';
96449e8e 522
523 # order by?
524 if ($order) {
26fe4d30 525 my ($order_sql, @order_bind) = $self->_order_by($order);
526 $sql .= $order_sql;
527 push @bind, @order_bind;
96449e8e 528 }
529
9d48860e 530 return wantarray ? ($sql, @bind) : $sql;
96449e8e 531}
532
a2cd381d 533sub _expand_expr {
2558b622 534 my ($self, $expr, $logic, $default_scalar_to) = @_;
535 local our $Default_Scalar_To = $default_scalar_to if $default_scalar_to;
252518da 536 return undef unless defined($expr);
59588695 537 if (ref($expr) eq 'HASH') {
538 if (keys %$expr > 1) {
539 $logic ||= 'and';
77617257 540 return +{ -op => [
541 $logic,
59588695 542 map $self->_expand_expr_hashpair($_ => $expr->{$_}, $logic),
543 sort keys %$expr
544 ] };
545 }
99a65fa8 546 return unless %$expr;
59588695 547 return $self->_expand_expr_hashpair(%$expr, $logic);
a2cd381d 548 }
08264f40 549 if (ref($expr) eq 'ARRAY') {
99a65fa8 550 my $logic = lc($logic || $self->{logic});
08264f40 551 $logic eq 'and' or $logic eq 'or' or puke "unknown logic: $logic";
552
553 my @expr = @$expr;
554
555 my @res;
556
557 while (my ($el) = splice @expr, 0, 1) {
558 puke "Supplying an empty left hand side argument is not supported in array-pairs"
559 unless defined($el) and length($el);
560 my $elref = ref($el);
561 if (!$elref) {
562 push(@res, $self->_expand_expr({ $el, shift(@expr) }));
563 } elsif ($elref eq 'ARRAY') {
564 push(@res, $self->_expand_expr($el)) if @$el;
ec857800 565 } elsif (my $l = is_literal_value($el)) {
566 push @res, { -literal => $l };
08264f40 567 } elsif ($elref eq 'HASH') {
568 push @res, $self->_expand_expr($el);
569 } else {
da4a0964 570 die "notreached";
08264f40 571 }
572 }
2143604f 573 return { -op => [ $logic, @res ] };
08264f40 574 }
ca3da680 575 if (my $literal = is_literal_value($expr)) {
576 return +{ -literal => $literal };
577 }
99a65fa8 578 if (!ref($expr) or Scalar::Util::blessed($expr)) {
2558b622 579 if (my $d = $Default_Scalar_To) {
580 return +{ $d => $expr };
581 }
99a65fa8 582 if (my $m = our $Cur_Col_Meta) {
583 return +{ -bind => [ $m, $expr ] };
584 }
252518da 585 return +{ -value => $expr };
586 }
252518da 587 die "notreached";
a2cd381d 588}
96449e8e 589
59588695 590sub _expand_expr_hashpair {
591 my ($self, $k, $v, $logic) = @_;
d13725da 592 unless (defined($k) and length($k)) {
2d64004f 593 if (defined($k) and my $literal = is_literal_value($v)) {
d13725da 594 belch 'Hash-pairs consisting of an empty string with a literal are deprecated, and will be removed in 2.0: use -and => [ $literal ] instead';
2d64004f 595 return { -literal => $literal };
d13725da 596 }
597 puke "Supplying an empty left hand side argument is not supported";
598 }
ef071fad 599 if ($k =~ /^-/) {
99a65fa8 600 $self->_assert_pass_injection_guard($k =~ /^-(.*)$/s);
601 if ($k =~ s/ [_\s]? \d+ $//x ) {
602 belch 'Use of [and|or|nest]_N modifiers is deprecated and will be removed in SQLA v2.0. '
603 . "You probably wanted ...-and => [ $k => COND1, $k => COND2 ... ]";
604 }
ef071fad 605 if ($k eq '-nest') {
606 return $self->_expand_expr($v);
607 }
6ab1562a 608 if ($k eq '-bool') {
609 if (ref($v)) {
610 return $self->_expand_expr($v);
611 }
612 puke "-bool => undef not supported" unless defined($v);
613 return { -ident => $v };
614 }
99a65fa8 615 if ($k eq '-not') {
0c7e3af0 616 return { -op => [ 'not', $self->_expand_expr($v) ] };
99a65fa8 617 }
ce3bc4b0 618 if (my ($rest) = $k =~/^-not[_ ](.*)$/) {
0c7e3af0 619 return +{ -op => [
620 'not',
99a65fa8 621 $self->_expand_expr_hashpair("-${rest}", $v, $logic)
0c7e3af0 622 ] };
ce3bc4b0 623 }
99a65fa8 624 if (my ($logic) = $k =~ /^-(and|or)$/i) {
dd2d5bf7 625 if (ref($v) eq 'HASH') {
626 return $self->_expand_expr($v, $logic);
627 }
99a65fa8 628 if (ref($v) eq 'ARRAY') {
629 return $self->_expand_expr($v, $logic);
630 }
dd2d5bf7 631 }
99a65fa8 632 {
633 my $op = $k;
634 $op =~ s/^-// if length($op) > 1;
635
636 # top level special ops are illegal in general
637 puke "Illegal use of top-level '-$op'"
7f1bdbce 638 if List::Util::first { $op =~ $_->{regex} } @{$self->{special_ops}};
99a65fa8 639 }
640 if ($k eq '-value' and my $m = our $Cur_Col_Meta) {
641 return +{ -bind => [ $m, $v ] };
642 }
711892b1 643 if ($k eq '-op' or $k eq '-ident' or $k eq '-value' or $k eq '-bind' or $k eq '-literal' or $k eq '-func') {
99a65fa8 644 return { $k => $v };
d13725da 645 }
4325df6a 646 if (my $custom = $self->{custom_expansions}{($k =~ /^-(.*)$/)[0]}) {
647 return $self->$custom($v);
648 }
711892b1 649 if (
650 ref($v) eq 'HASH'
651 and keys %$v == 1
652 and (keys %$v)[0] =~ /^-/
653 ) {
654 my ($func) = $k =~ /^-(.*)$/;
655 return +{ -func => [ $func, $self->_expand_expr($v) ] };
656 }
657 if (!ref($v) or is_literal_value($v)) {
99a65fa8 658 return +{ -op => [ $k =~ /^-(.*)$/, $self->_expand_expr($v) ] };
59588695 659 }
99a65fa8 660 }
661 if (
662 !defined($v)
663 or (
664 ref($v) eq 'HASH'
665 and exists $v->{-value}
666 and not defined $v->{-value}
667 )
668 ) {
669 return $self->_expand_expr_hashpair($k => { $self->{cmp} => undef });
670 }
671 if (!ref($v) or Scalar::Util::blessed($v)) {
672 return +{
673 -op => [
674 $self->{cmp},
675 { -ident => $k },
676 { -bind => [ $k, $v ] }
677 ]
678 };
679 }
680 if (ref($v) eq 'HASH') {
681 if (keys %$v > 1) {
e175845b 682 return { -op => [
683 'and',
99a65fa8 684 map $self->_expand_expr_hashpair($k => { $_ => $v->{$_} }),
685 sort keys %$v
686 ] };
687 }
688 my ($vk, $vv) = %$v;
689 $vk =~ s/^-//;
690 $vk = lc($vk);
691 $self->_assert_pass_injection_guard($vk);
692 if ($vk =~ s/ [_\s]? \d+ $//x ) {
693 belch 'Use of [and|or|nest]_N modifiers is deprecated and will be removed in SQLA v2.0. '
694 . "You probably wanted ...-and => [ -$vk => COND1, -$vk => COND2 ... ]";
695 }
696 if ($vk =~ /^(?:not[ _])?between$/) {
697 local our $Cur_Col_Meta = $k;
698 my @rhs = map $self->_expand_expr($_),
699 ref($vv) eq 'ARRAY' ? @$vv : $vv;
700 unless (
701 (@rhs == 1 and ref($rhs[0]) eq 'HASH' and $rhs[0]->{-literal})
702 or
703 (@rhs == 2 and defined($rhs[0]) and defined($rhs[1]))
704 ) {
705 puke "Operator '${\uc($vk)}' requires either an arrayref with two defined values or expressions, or a single literal scalarref/arrayref-ref";
b5b18861 706 }
99a65fa8 707 return +{ -op => [
708 join(' ', split '_', $vk),
709 { -ident => $k },
710 @rhs
711 ] }
712 }
713 if ($vk =~ /^(?:not[ _])?in$/) {
714 if (my $literal = is_literal_value($vv)) {
715 my ($sql, @bind) = @$literal;
716 my $opened_sql = $self->_open_outer_paren($sql);
10d07c4e 717 return +{ -op => [
99a65fa8 718 $vk, { -ident => $k },
719 [ { -literal => [ $opened_sql, @bind ] } ]
10d07c4e 720 ] };
721 }
99a65fa8 722 my $undef_err =
723 'SQL::Abstract before v1.75 used to generate incorrect SQL when the '
724 . "-${\uc($vk)} operator was given an undef-containing list: !!!AUDIT YOUR CODE "
725 . 'AND DATA!!! (the upcoming Data::Query-based version of SQL::Abstract '
726 . 'will emit the logically correct SQL instead of raising this exception)'
727 ;
728 puke("Argument passed to the '${\uc($vk)}' operator can not be undefined")
729 if !defined($vv);
730 my @rhs = map $self->_expand_expr($_),
731 map { ref($_) ? $_ : { -bind => [ $k, $_ ] } }
732 map { defined($_) ? $_: puke($undef_err) }
733 (ref($vv) eq 'ARRAY' ? @$vv : $vv);
e175845b 734 return $self->${\($vk =~ /^not/ ? 'sqltrue' : 'sqlfalse')} unless @rhs;
99a65fa8 735
736 return +{ -op => [
737 join(' ', split '_', $vk),
738 { -ident => $k },
739 \@rhs
740 ] };
741 }
742 if ($vk eq 'ident') {
743 if (! defined $vv or ref $vv) {
744 puke "-$vk requires a single plain scalar argument (a quotable identifier)";
f7778474 745 }
99a65fa8 746 return +{ -op => [
747 $self->{cmp},
748 { -ident => $k },
749 { -ident => $vv }
750 ] };
751 }
752 if ($vk eq 'value') {
753 return $self->_expand_expr_hashpair($k, undef) unless defined($vv);
754 return +{ -op => [
755 $self->{cmp},
756 { -ident => $k },
757 { -bind => [ $k, $vv ] }
758 ] };
759 }
760 if ($vk =~ /^is(?:[ _]not)?$/) {
761 puke "$vk can only take undef as argument"
762 if defined($vv)
763 and not (
764 ref($vv) eq 'HASH'
765 and exists($vv->{-value})
766 and !defined($vv->{-value})
767 );
768 $vk =~ s/_/ /g;
769 return +{ -op => [ $vk.' null', { -ident => $k } ] };
770 }
771 if ($vk =~ /^(and|or)$/) {
772 if (ref($vv) eq 'HASH') {
e62fe58a 773 return +{ -op => [
774 $vk,
99a65fa8 775 map $self->_expand_expr_hashpair($k, { $_ => $vv->{$_} }),
776 sort keys %$vv
7d7868d1 777 ] };
778 }
e28d9b13 779 }
99a65fa8 780 if (my $us = List::Util::first { $vk =~ $_->{regex} } @{$self->{user_special_ops}}) {
781 return { -op => [ $vk, { -ident => $k }, $vv ] };
7dbe1183 782 }
99a65fa8 783 if (ref($vv) eq 'ARRAY') {
784 my ($logic, @values) = (
785 (defined($vv->[0]) and $vv->[0] =~ /^-(and|or)$/i)
786 ? @$vv
787 : (-or => @$vv)
788 );
789 if (
790 $vk =~ $self->{inequality_op}
791 or join(' ', split '_', $vk) =~ $self->{not_like_op}
792 ) {
793 if (lc($logic) eq '-or' and @values > 1) {
794 my $op = uc join ' ', split '_', $vk;
795 belch "A multi-element arrayref as an argument to the inequality op '$op' "
796 . 'is technically equivalent to an always-true 1=1 (you probably wanted '
797 . "to say ...{ \$inequality_op => [ -and => \@values ] }... instead)"
798 ;
799 }
ef071fad 800 }
b3cb13e8 801 unless (@values) {
802 # try to DWIM on equality operators
803 my $op = join ' ', split '_', $vk;
804 return
e175845b 805 $op =~ $self->{equality_op} ? $self->sqlfalse
806 : $op =~ $self->{like_op} ? belch("Supplying an empty arrayref to '@{[ uc $op]}' is deprecated") && $self->sqlfalse
807 : $op =~ $self->{inequality_op} ? $self->sqltrue
808 : $op =~ $self->{not_like_op} ? belch("Supplying an empty arrayref to '@{[ uc $op]}' is deprecated") && $self->sqltrue
b3cb13e8 809 : puke "operator '$op' applied on an empty array (field '$k')";
810 }
63c97a0b 811 return +{ -op => [
812 $logic =~ /^-(.*)$/,
99a65fa8 813 map $self->_expand_expr_hashpair($k => { $vk => $_ }),
814 @values
815 ] };
816 }
817 if (
818 !defined($vv)
819 or (
820 ref($vv) eq 'HASH'
821 and exists $vv->{-value}
822 and not defined $vv->{-value}
823 )
824 ) {
825 my $op = join ' ', split '_', $vk;
826 my $is =
827 $op =~ /^not$/i ? 'is not' # legacy
828 : $op =~ $self->{equality_op} ? 'is'
829 : $op =~ $self->{like_op} ? belch("Supplying an undefined argument to '@{[ uc $op]}' is deprecated") && 'is'
830 : $op =~ $self->{inequality_op} ? 'is not'
831 : $op =~ $self->{not_like_op} ? belch("Supplying an undefined argument to '@{[ uc $op]}' is deprecated") && 'is not'
832 : puke "unexpected operator '$op' with undef operand";
833 return +{ -op => [ $is.' null', { -ident => $k } ] };
834 }
835 local our $Cur_Col_Meta = $k;
836 return +{ -op => [
837 $vk,
838 { -ident => $k },
839 $self->_expand_expr($vv)
840 ] };
841 }
842 if (ref($v) eq 'ARRAY') {
e175845b 843 return $self->sqlfalse unless @$v;
99a65fa8 844 $self->_debug("ARRAY($k) means distribute over elements");
845 my $this_logic = (
846 $v->[0] =~ /^-((?:and|or))$/i
847 ? ($v = [ @{$v}[1..$#$v] ], $1)
848 : ($self->{logic} || 'or')
849 );
cba28f66 850 return +{ -op => [
851 $this_logic,
852 map $self->_expand_expr({ $k => $_ }, $this_logic), @$v
853 ] };
99a65fa8 854 }
855 if (my $literal = is_literal_value($v)) {
856 unless (length $k) {
857 belch 'Hash-pairs consisting of an empty string with a literal are deprecated, and will be removed in 2.0: use -and => [ $literal ] instead';
858 return \$literal;
859 }
860 my ($sql, @bind) = @$literal;
861 if ($self->{bindtype} eq 'columns') {
862 for (@bind) {
863 if (!defined $_ || ref($_) ne 'ARRAY' || @$_ != 2) {
864 puke "bindtype 'columns' selected, you need to pass: [column_name => bind_value]"
aa8d7bdb 865 }
866 }
331e2209 867 }
99a65fa8 868 return +{ -literal => [ $self->_quote($k).' '.$sql, @bind ] };
331e2209 869 }
99a65fa8 870 die "notreached";
59588695 871}
872
e175845b 873sub _render_expr {
874 my ($self, $expr) = @_;
875 my ($k, $v, @rest) = %$expr;
876 die "No" if @rest;
181dcebf 877 my %op = map +("-$_" => '_render_'.$_),
e175845b 878 qw(op func value bind ident literal);
879 if (my $meth = $op{$k}) {
181dcebf 880 return $self->$meth($v);
e175845b 881 }
882 die "notreached: $k";
883}
884
96449e8e 885sub _recurse_where {
886 my ($self, $where, $logic) = @_;
887
99a65fa8 888#print STDERR Data::Dumper::Concise::Dumper([ $where, $logic ]);
889
a2cd381d 890 my $where_exp = $self->_expand_expr($where, $logic);
891
99a65fa8 892#print STDERR Data::Dumper::Concise::Dumper([ EXP => $where_exp ]);
893
96449e8e 894 # dispatch on appropriate method according to refkind of $where
e175845b 895# my $method = $self->_METHOD_FOR_refkind("_where", $where_exp);
896
897# my ($sql, @bind) = $self->$method($where_exp, $logic);
311b2151 898
e175845b 899 my ($sql, @bind) = defined($where_exp) ? $self->_render_expr($where_exp) : (undef);
311b2151 900
abe1a491 901 # DBIx::Class used to call _recurse_where in scalar context
902 # something else might too...
903 if (wantarray) {
904 return ($sql, @bind);
905 }
906 else {
907 belch "Calling _recurse_where in scalar context is deprecated and will go away before 2.0";
908 return $sql;
909 }
96449e8e 910}
911
181dcebf 912sub _render_ident {
913 my ($self, $ident) = @_;
cc422895 914
9cf28dfb 915 return $self->_convert($self->_quote($ident));
cc422895 916}
917
181dcebf 918sub _render_value {
919 my ($self, $value) = @_;
cc422895 920
52511ae3 921 return ($self->_convert('?'), $self->_bindtype(undef, $value));
cc422895 922}
923
c452734e 924my %unop_postfix = map +($_ => 1),
925 'is null', 'is not null',
926 'asc', 'desc',
927;
d13725da 928
b5b18861 929my %special = (
930 (map +($_ => do {
931 my $op = $_;
932 sub {
933 my ($self, $args) = @_;
934 my ($left, $low, $high) = @$args;
935 my ($rhsql, @rhbind) = do {
936 if (@$args == 2) {
937 puke "Single arg to between must be a literal"
938 unless $low->{-literal};
939 @{$low->{-literal}}
940 } else {
e56dd780 941 my ($l, $h) = map [ $self->_render_expr($_) ], $low, $high;
b5b18861 942 (join(' ', $l->[0], $self->_sqlcase('and'), $h->[0]),
943 @{$l}[1..$#$l], @{$h}[1..$#$h])
944 }
945 };
e56dd780 946 my ($lhsql, @lhbind) = $self->_render_expr($left);
b5b18861 947 return (
948 join(' ', '(', $lhsql, $self->_sqlcase($op), $rhsql, ')'),
949 @lhbind, @rhbind
950 );
951 }
952 }), 'between', 'not between'),
10d07c4e 953 (map +($_ => do {
954 my $op = $_;
955 sub {
956 my ($self, $args) = @_;
957 my ($lhs, $rhs) = @$args;
958 my @in_bind;
959 my @in_sql = map {
0ce981f8 960 my ($sql, @bind) = $self->_render_expr($_);
10d07c4e 961 push @in_bind, @bind;
962 $sql;
963 } @$rhs;
0ce981f8 964 my ($lhsql, @lbind) = $self->_render_expr($lhs);
10d07c4e 965 return (
966 $lhsql.' '.$self->_sqlcase($op).' ( '
967 .join(', ', @in_sql)
968 .' )',
969 @lbind, @in_bind
970 );
971 }
972 }), 'in', 'not in'),
b5b18861 973);
974
181dcebf 975sub _render_op {
976 my ($self, $v) = @_;
d13725da 977 my ($op, @args) = @$v;
978 $op =~ s/^-// if length($op) > 1;
cba28f66 979 $op = lc($op);
b5b18861 980 if (my $h = $special{$op}) {
981 return $self->$h(\@args);
982 }
99a65fa8 983 if (my $us = List::Util::first { $op =~ $_->{regex} } @{$self->{user_special_ops}}) {
984 puke "Special op '${op}' requires first value to be identifier"
985 unless my ($k) = map $_->{-ident}, grep ref($_) eq 'HASH', $args[0];
986 return $self->${\($us->{handler})}($k, $op, $args[1]);
987 }
988 my $final_op = $op =~ /^(?:is|not)_/ ? join(' ', split '_', $op) : $op;
2143604f 989 if (@args == 1 and $op !~ /^(and|or)$/) {
ec857800 990 my ($expr_sql, @bind) = $self->_render_expr($args[0]);
d13725da 991 my $op_sql = $self->_sqlcase($final_op);
992 my $final_sql = (
993 $unop_postfix{lc($final_op)}
994 ? "${expr_sql} ${op_sql}"
995 : "${op_sql} ${expr_sql}"
996 );
0c7e3af0 997 return (($op eq 'not' ? '('.$final_sql.')' : $final_sql), @bind);
16d9289c 998 } else {
ec857800 999 my @parts = map [ $self->_render_expr($_) ], @args;
77617257 1000 my ($final_sql) = map +($op =~ /^(and|or)$/ ? "(${_})" : $_), join(
2f9c5405 1001 ($final_op eq ',' ? '' : ' ').$self->_sqlcase($final_op).' ',
77617257 1002 map $_->[0], @parts
1003 );
99a65fa8 1004 return (
77617257 1005 $final_sql,
16d9289c 1006 map @{$_}[1..$#$_], @parts
99a65fa8 1007 );
d13725da 1008 }
1009 die "unhandled";
1010}
1011
181dcebf 1012sub _render_func {
1013 my ($self, $rest) = @_;
711892b1 1014 my ($func, @args) = @$rest;
1015 my @arg_sql;
1016 my @bind = map {
1017 my @x = @$_;
1018 push @arg_sql, shift @x;
1019 @x
0f199fce 1020 } map [ $self->_render_expr($_) ], @args;
711892b1 1021 return ($self->_sqlcase($func).'('.join(', ', @arg_sql).')', @bind);
1022}
1023
181dcebf 1024sub _render_bind {
1025 my ($self, $bind) = @_;
d13725da 1026 return ($self->_convert('?'), $self->_bindtype(@$bind));
1027}
1028
181dcebf 1029sub _render_literal {
1030 my ($self, $literal) = @_;
465d43fd 1031 $self->_assert_bindval_matches_bindtype(@{$literal}[1..$#$literal]);
aa8d7bdb 1032 return @$literal;
1033}
1034
4a1f01a3 1035# Some databases (SQLite) treat col IN (1, 2) different from
1036# col IN ( (1, 2) ). Use this to strip all outer parens while
1037# adding them back in the corresponding method
1038sub _open_outer_paren {
1039 my ($self, $sql) = @_;
a5f91feb 1040
ca4f826a 1041 while (my ($inner) = $sql =~ /^ \s* \( (.*) \) \s* $/xs) {
a5f91feb 1042
1043 # there are closing parens inside, need the heavy duty machinery
1044 # to reevaluate the extraction starting from $sql (full reevaluation)
ca4f826a 1045 if ($inner =~ /\)/) {
a5f91feb 1046 require Text::Balanced;
1047
1048 my (undef, $remainder) = do {
1049 # idiotic design - writes to $@ but *DOES NOT* throw exceptions
1050 local $@;
ca4f826a 1051 Text::Balanced::extract_bracketed($sql, '()', qr/\s*/);
a5f91feb 1052 };
1053
1054 # the entire expression needs to be a balanced bracketed thing
1055 # (after an extract no remainder sans trailing space)
1056 last if defined $remainder and $remainder =~ /\S/;
1057 }
1058
1059 $sql = $inner;
1060 }
1061
1062 $sql;
4a1f01a3 1063}
1064
96449e8e 1065
96449e8e 1066#======================================================================
1067# ORDER BY
1068#======================================================================
1069
1070sub _order_by {
1071 my ($self, $arg) = @_;
1072
4325df6a 1073 return '' unless defined($arg) and not (ref($arg) eq 'ARRAY' and !@$arg);
2b6158af 1074
4325df6a 1075 my $expander = sub {
1076 my ($self, $dir, $expr) = @_;
1077 my @exp = map +(defined($dir) ? { -op => [ $dir => $_ ] } : $_),
1078 map $self->_expand_expr($_, undef, -ident),
1079 ref($expr) eq 'ARRAY' ? @$expr : $expr;
1080 return (@exp > 1 ? { -op => [ ',', @exp ] } : $exp[0]);
1081 };
18c743c8 1082
4325df6a 1083 local $self->{custom_expansions} = {
1084 asc => sub { shift->$expander(asc => @_) },
1085 desc => sub { shift->$expander(desc => @_) },
1086 };
f267b646 1087
4325df6a 1088 my $expanded = $self->$expander(undef, $arg);
1089
1090 my ($sql, @bind) = $self->_render_expr($expanded);
1091
1092 my $final_sql = $self->_sqlcase(' order by ').$sql;
1093
1094 return wantarray ? ($final_sql, @bind) : $final_sql;
f267b646 1095}
1096
96449e8e 1097#======================================================================
1098# DATASOURCE (FOR NOW, JUST PLAIN TABLE OR LIST OF TABLES)
1099#======================================================================
1100
1101sub _table {
1102 my $self = shift;
1103 my $from = shift;
7ad12721 1104 ($self->_render_expr(
8476c6a3 1105 $self->_expand_maybe_list_expr($from, undef, -ident)
7ad12721 1106 ))[0];
96449e8e 1107}
1108
1109
1110#======================================================================
1111# UTILITY FUNCTIONS
1112#======================================================================
1113
8476c6a3 1114sub _expand_maybe_list_expr {
1115 my ($self, $expr, $logic, $default) = @_;
bba04f52 1116 my $e = do {
1117 if (ref($expr) eq 'ARRAY') {
1118 return { -op => [
8476c6a3 1119 ',', map $self->_expand_expr($_, $logic, $default), @$expr
bba04f52 1120 ] } if @$expr > 1;
1121 $expr->[0]
1122 } else {
1123 $expr
1124 }
1125 };
1126 return $self->_expand_expr($e, $logic, $default);
8476c6a3 1127}
1128
955e77ca 1129# highly optimized, as it's called way too often
96449e8e 1130sub _quote {
955e77ca 1131 # my ($self, $label) = @_;
96449e8e 1132
955e77ca 1133 return '' unless defined $_[1];
955e77ca 1134 return ${$_[1]} if ref($_[1]) eq 'SCALAR';
96449e8e 1135
439834d3 1136 $_[0]->{quote_char} or
1137 ($_[0]->_assert_pass_injection_guard($_[1]), return $_[1]);
96449e8e 1138
07d7c35c 1139 my $qref = ref $_[0]->{quote_char};
439834d3 1140 my ($l, $r) =
1141 !$qref ? ($_[0]->{quote_char}, $_[0]->{quote_char})
1142 : ($qref eq 'ARRAY') ? @{$_[0]->{quote_char}}
1143 : puke "Unsupported quote_char format: $_[0]->{quote_char}";
1144
46be4313 1145 my $esc = $_[0]->{escape_char} || $r;
96449e8e 1146
07d7c35c 1147 # parts containing * are naturally unquoted
ca4f826a 1148 return join($_[0]->{name_sep}||'', map
439834d3 1149 +( $_ eq '*' ? $_ : do { (my $n = $_) =~ s/(\Q$esc\E|\Q$r\E)/$esc$1/g; $l . $n . $r } ),
955e77ca 1150 ( $_[0]->{name_sep} ? split (/\Q$_[0]->{name_sep}\E/, $_[1] ) : $_[1] )
1151 );
96449e8e 1152}
1153
1154
1155# Conversion, if applicable
d7c862e0 1156sub _convert {
07d7c35c 1157 #my ($self, $arg) = @_;
7ad12721 1158 if ($_[0]->{convert_where}) {
1159 return $_[0]->_sqlcase($_[0]->{convert_where}) .'(' . $_[1] . ')';
96449e8e 1160 }
07d7c35c 1161 return $_[1];
96449e8e 1162}
1163
1164# And bindtype
d7c862e0 1165sub _bindtype {
07d7c35c 1166 #my ($self, $col, @vals) = @_;
07d7c35c 1167 # called often - tighten code
1168 return $_[0]->{bindtype} eq 'columns'
1169 ? map {[$_[1], $_]} @_[2 .. $#_]
1170 : @_[2 .. $#_]
1171 ;
96449e8e 1172}
1173
fe3ae272 1174# Dies if any element of @bind is not in [colname => value] format
1175# if bindtype is 'columns'.
1176sub _assert_bindval_matches_bindtype {
c94a6c93 1177# my ($self, @bind) = @_;
1178 my $self = shift;
fe3ae272 1179 if ($self->{bindtype} eq 'columns') {
c94a6c93 1180 for (@_) {
1181 if (!defined $_ || ref($_) ne 'ARRAY' || @$_ != 2) {
3a06278c 1182 puke "bindtype 'columns' selected, you need to pass: [column_name => bind_value]"
fe3ae272 1183 }
1184 }
1185 }
1186}
1187
96449e8e 1188sub _join_sql_clauses {
1189 my ($self, $logic, $clauses_aref, $bind_aref) = @_;
1190
1191 if (@$clauses_aref > 1) {
1192 my $join = " " . $self->_sqlcase($logic) . " ";
1193 my $sql = '( ' . join($join, @$clauses_aref) . ' )';
1194 return ($sql, @$bind_aref);
1195 }
1196 elsif (@$clauses_aref) {
1197 return ($clauses_aref->[0], @$bind_aref); # no parentheses
1198 }
1199 else {
1200 return (); # if no SQL, ignore @$bind_aref
1201 }
1202}
1203
1204
1205# Fix SQL case, if so requested
1206sub _sqlcase {
96449e8e 1207 # LDNOTE: if $self->{case} is true, then it contains 'lower', so we
1208 # don't touch the argument ... crooked logic, but let's not change it!
07d7c35c 1209 return $_[0]->{case} ? $_[1] : uc($_[1]);
96449e8e 1210}
1211
1212
1213#======================================================================
1214# DISPATCHING FROM REFKIND
1215#======================================================================
1216
1217sub _refkind {
1218 my ($self, $data) = @_;
96449e8e 1219
955e77ca 1220 return 'UNDEF' unless defined $data;
1221
1222 # blessed objects are treated like scalars
1223 my $ref = (Scalar::Util::blessed $data) ? '' : ref $data;
1224
1225 return 'SCALAR' unless $ref;
1226
1227 my $n_steps = 1;
1228 while ($ref eq 'REF') {
96449e8e 1229 $data = $$data;
955e77ca 1230 $ref = (Scalar::Util::blessed $data) ? '' : ref $data;
1231 $n_steps++ if $ref;
96449e8e 1232 }
1233
848556bc 1234 return ($ref||'SCALAR') . ('REF' x $n_steps);
96449e8e 1235}
1236
1237sub _try_refkind {
1238 my ($self, $data) = @_;
1239 my @try = ($self->_refkind($data));
1240 push @try, 'SCALAR_or_UNDEF' if $try[0] eq 'SCALAR' || $try[0] eq 'UNDEF';
1241 push @try, 'FALLBACK';
955e77ca 1242 return \@try;
96449e8e 1243}
1244
1245sub _METHOD_FOR_refkind {
1246 my ($self, $meth_prefix, $data) = @_;
f39eaa60 1247
1248 my $method;
955e77ca 1249 for (@{$self->_try_refkind($data)}) {
f39eaa60 1250 $method = $self->can($meth_prefix."_".$_)
1251 and last;
1252 }
1253
1254 return $method || puke "cannot dispatch on '$meth_prefix' for ".$self->_refkind($data);
96449e8e 1255}
1256
1257
1258sub _SWITCH_refkind {
1259 my ($self, $data, $dispatch_table) = @_;
1260
f39eaa60 1261 my $coderef;
955e77ca 1262 for (@{$self->_try_refkind($data)}) {
f39eaa60 1263 $coderef = $dispatch_table->{$_}
1264 and last;
1265 }
1266
1267 puke "no dispatch entry for ".$self->_refkind($data)
1268 unless $coderef;
1269
96449e8e 1270 $coderef->();
1271}
1272
1273
1274
1275
1276#======================================================================
1277# VALUES, GENERATE, AUTOLOAD
1278#======================================================================
1279
1280# LDNOTE: original code from nwiger, didn't touch code in that section
1281# I feel the AUTOLOAD stuff should not be the default, it should
1282# only be activated on explicit demand by user.
1283
1284sub values {
1285 my $self = shift;
1286 my $data = shift || return;
1287 puke "Argument to ", __PACKAGE__, "->values must be a \\%hash"
1288 unless ref $data eq 'HASH';
bab725ce 1289
1290 my @all_bind;
ca4f826a 1291 foreach my $k (sort keys %$data) {
bab725ce 1292 my $v = $data->{$k};
1293 $self->_SWITCH_refkind($v, {
9d48860e 1294 ARRAYREF => sub {
bab725ce 1295 if ($self->{array_datatypes}) { # array datatype
1296 push @all_bind, $self->_bindtype($k, $v);
1297 }
1298 else { # literal SQL with bind
1299 my ($sql, @bind) = @$v;
1300 $self->_assert_bindval_matches_bindtype(@bind);
1301 push @all_bind, @bind;
1302 }
1303 },
1304 ARRAYREFREF => sub { # literal SQL with bind
1305 my ($sql, @bind) = @${$v};
1306 $self->_assert_bindval_matches_bindtype(@bind);
1307 push @all_bind, @bind;
1308 },
1309 SCALARREF => sub { # literal SQL without bind
1310 },
1311 SCALAR_or_UNDEF => sub {
1312 push @all_bind, $self->_bindtype($k, $v);
1313 },
1314 });
1315 }
1316
1317 return @all_bind;
96449e8e 1318}
1319
1320sub generate {
1321 my $self = shift;
1322
1323 my(@sql, @sqlq, @sqlv);
1324
1325 for (@_) {
1326 my $ref = ref $_;
1327 if ($ref eq 'HASH') {
1328 for my $k (sort keys %$_) {
1329 my $v = $_->{$k};
1330 my $r = ref $v;
1331 my $label = $self->_quote($k);
1332 if ($r eq 'ARRAY') {
fe3ae272 1333 # literal SQL with bind
1334 my ($sql, @bind) = @$v;
1335 $self->_assert_bindval_matches_bindtype(@bind);
96449e8e 1336 push @sqlq, "$label = $sql";
fe3ae272 1337 push @sqlv, @bind;
96449e8e 1338 } elsif ($r eq 'SCALAR') {
fe3ae272 1339 # literal SQL without bind
96449e8e 1340 push @sqlq, "$label = $$v";
9d48860e 1341 } else {
96449e8e 1342 push @sqlq, "$label = ?";
1343 push @sqlv, $self->_bindtype($k, $v);
1344 }
1345 }
1346 push @sql, $self->_sqlcase('set'), join ', ', @sqlq;
1347 } elsif ($ref eq 'ARRAY') {
1348 # unlike insert(), assume these are ONLY the column names, i.e. for SQL
1349 for my $v (@$_) {
1350 my $r = ref $v;
fe3ae272 1351 if ($r eq 'ARRAY') { # literal SQL with bind
1352 my ($sql, @bind) = @$v;
1353 $self->_assert_bindval_matches_bindtype(@bind);
1354 push @sqlq, $sql;
1355 push @sqlv, @bind;
1356 } elsif ($r eq 'SCALAR') { # literal SQL without bind
96449e8e 1357 # embedded literal SQL
1358 push @sqlq, $$v;
9d48860e 1359 } else {
96449e8e 1360 push @sqlq, '?';
1361 push @sqlv, $v;
1362 }
1363 }
1364 push @sql, '(' . join(', ', @sqlq) . ')';
1365 } elsif ($ref eq 'SCALAR') {
1366 # literal SQL
1367 push @sql, $$_;
1368 } else {
1369 # strings get case twiddled
1370 push @sql, $self->_sqlcase($_);
1371 }
1372 }
1373
1374 my $sql = join ' ', @sql;
1375
1376 # this is pretty tricky
1377 # if ask for an array, return ($stmt, @bind)
1378 # otherwise, s/?/shift @sqlv/ to put it inline
1379 if (wantarray) {
1380 return ($sql, @sqlv);
1381 } else {
1382 1 while $sql =~ s/\?/my $d = shift(@sqlv);
1383 ref $d ? $d->[1] : $d/e;
1384 return $sql;
1385 }
1386}
1387
1388
1389sub DESTROY { 1 }
1390
1391sub AUTOLOAD {
1392 # This allows us to check for a local, then _form, attr
1393 my $self = shift;
1394 my($name) = $AUTOLOAD =~ /.*::(.+)/;
1395 return $self->generate($name, @_);
1396}
1397
13981;
1399
1400
1401
1402__END__
32eab2da 1403
1404=head1 NAME
1405
1406SQL::Abstract - Generate SQL from Perl data structures
1407
1408=head1 SYNOPSIS
1409
1410 use SQL::Abstract;
1411
1412 my $sql = SQL::Abstract->new;
1413
85783f3c 1414 my($stmt, @bind) = $sql->select($source, \@fields, \%where, $order);
32eab2da 1415
1416 my($stmt, @bind) = $sql->insert($table, \%fieldvals || \@values);
1417
1418 my($stmt, @bind) = $sql->update($table, \%fieldvals, \%where);
1419
1420 my($stmt, @bind) = $sql->delete($table, \%where);
1421
1422 # Then, use these in your DBI statements
1423 my $sth = $dbh->prepare($stmt);
1424 $sth->execute(@bind);
1425
1426 # Just generate the WHERE clause
85783f3c 1427 my($stmt, @bind) = $sql->where(\%where, $order);
32eab2da 1428
1429 # Return values in the same order, for hashed queries
1430 # See PERFORMANCE section for more details
1431 my @bind = $sql->values(\%fieldvals);
1432
1433=head1 DESCRIPTION
1434
1435This module was inspired by the excellent L<DBIx::Abstract>.
1436However, in using that module I found that what I really wanted
1437to do was generate SQL, but still retain complete control over my
1438statement handles and use the DBI interface. So, I set out to
1439create an abstract SQL generation module.
1440
1441While based on the concepts used by L<DBIx::Abstract>, there are
1442several important differences, especially when it comes to WHERE
1443clauses. I have modified the concepts used to make the SQL easier
1444to generate from Perl data structures and, IMO, more intuitive.
1445The underlying idea is for this module to do what you mean, based
1446on the data structures you provide it. The big advantage is that
1447you don't have to modify your code every time your data changes,
1448as this module figures it out.
1449
1450To begin with, an SQL INSERT is as easy as just specifying a hash
1451of C<key=value> pairs:
1452
1453 my %data = (
1454 name => 'Jimbo Bobson',
1455 phone => '123-456-7890',
1456 address => '42 Sister Lane',
1457 city => 'St. Louis',
1458 state => 'Louisiana',
1459 );
1460
1461The SQL can then be generated with this:
1462
1463 my($stmt, @bind) = $sql->insert('people', \%data);
1464
1465Which would give you something like this:
1466
1467 $stmt = "INSERT INTO people
1468 (address, city, name, phone, state)
1469 VALUES (?, ?, ?, ?, ?)";
1470 @bind = ('42 Sister Lane', 'St. Louis', 'Jimbo Bobson',
1471 '123-456-7890', 'Louisiana');
1472
1473These are then used directly in your DBI code:
1474
1475 my $sth = $dbh->prepare($stmt);
1476 $sth->execute(@bind);
1477
96449e8e 1478=head2 Inserting and Updating Arrays
1479
1480If your database has array types (like for example Postgres),
1481activate the special option C<< array_datatypes => 1 >>
9d48860e 1482when creating the C<SQL::Abstract> object.
96449e8e 1483Then you may use an arrayref to insert and update database array types:
1484
1485 my $sql = SQL::Abstract->new(array_datatypes => 1);
1486 my %data = (
1487 planets => [qw/Mercury Venus Earth Mars/]
1488 );
9d48860e 1489
96449e8e 1490 my($stmt, @bind) = $sql->insert('solar_system', \%data);
1491
1492This results in:
1493
1494 $stmt = "INSERT INTO solar_system (planets) VALUES (?)"
1495
1496 @bind = (['Mercury', 'Venus', 'Earth', 'Mars']);
1497
1498
1499=head2 Inserting and Updating SQL
1500
1501In order to apply SQL functions to elements of your C<%data> you may
1502specify a reference to an arrayref for the given hash value. For example,
1503if you need to execute the Oracle C<to_date> function on a value, you can
1504say something like this:
32eab2da 1505
1506 my %data = (
1507 name => 'Bill',
3ae1c5e2 1508 date_entered => \[ "to_date(?,'MM/DD/YYYY')", "03/02/2003" ],
9d48860e 1509 );
32eab2da 1510
1511The first value in the array is the actual SQL. Any other values are
1512optional and would be included in the bind values array. This gives
1513you:
1514
1515 my($stmt, @bind) = $sql->insert('people', \%data);
1516
9d48860e 1517 $stmt = "INSERT INTO people (name, date_entered)
32eab2da 1518 VALUES (?, to_date(?,'MM/DD/YYYY'))";
1519 @bind = ('Bill', '03/02/2003');
1520
1521An UPDATE is just as easy, all you change is the name of the function:
1522
1523 my($stmt, @bind) = $sql->update('people', \%data);
1524
1525Notice that your C<%data> isn't touched; the module will generate
1526the appropriately quirky SQL for you automatically. Usually you'll
1527want to specify a WHERE clause for your UPDATE, though, which is
1528where handling C<%where> hashes comes in handy...
1529
96449e8e 1530=head2 Complex where statements
1531
32eab2da 1532This module can generate pretty complicated WHERE statements
1533easily. For example, simple C<key=value> pairs are taken to mean
1534equality, and if you want to see if a field is within a set
1535of values, you can use an arrayref. Let's say we wanted to
1536SELECT some data based on this criteria:
1537
1538 my %where = (
1539 requestor => 'inna',
1540 worker => ['nwiger', 'rcwe', 'sfz'],
1541 status => { '!=', 'completed' }
1542 );
1543
1544 my($stmt, @bind) = $sql->select('tickets', '*', \%where);
1545
1546The above would give you something like this:
1547
1548 $stmt = "SELECT * FROM tickets WHERE
1549 ( requestor = ? ) AND ( status != ? )
1550 AND ( worker = ? OR worker = ? OR worker = ? )";
1551 @bind = ('inna', 'completed', 'nwiger', 'rcwe', 'sfz');
1552
1553Which you could then use in DBI code like so:
1554
1555 my $sth = $dbh->prepare($stmt);
1556 $sth->execute(@bind);
1557
1558Easy, eh?
1559
0da0fe34 1560=head1 METHODS
32eab2da 1561
13cc86af 1562The methods are simple. There's one for every major SQL operation,
32eab2da 1563and a constructor you use first. The arguments are specified in a
13cc86af 1564similar order for each method (table, then fields, then a where
32eab2da 1565clause) to try and simplify things.
1566
32eab2da 1567=head2 new(option => 'value')
1568
1569The C<new()> function takes a list of options and values, and returns
1570a new B<SQL::Abstract> object which can then be used to generate SQL
1571through the methods below. The options accepted are:
1572
1573=over
1574
1575=item case
1576
1577If set to 'lower', then SQL will be generated in all lowercase. By
1578default SQL is generated in "textbook" case meaning something like:
1579
1580 SELECT a_field FROM a_table WHERE some_field LIKE '%someval%'
1581
96449e8e 1582Any setting other than 'lower' is ignored.
1583
32eab2da 1584=item cmp
1585
1586This determines what the default comparison operator is. By default
1587it is C<=>, meaning that a hash like this:
1588
1589 %where = (name => 'nwiger', email => 'nate@wiger.org');
1590
1591Will generate SQL like this:
1592
1593 WHERE name = 'nwiger' AND email = 'nate@wiger.org'
1594
1595However, you may want loose comparisons by default, so if you set
1596C<cmp> to C<like> you would get SQL such as:
1597
1598 WHERE name like 'nwiger' AND email like 'nate@wiger.org'
1599
3af02ccb 1600You can also override the comparison on an individual basis - see
32eab2da 1601the huge section on L</"WHERE CLAUSES"> at the bottom.
1602
96449e8e 1603=item sqltrue, sqlfalse
1604
1605Expressions for inserting boolean values within SQL statements.
6e0c6552 1606By default these are C<1=1> and C<1=0>. They are used
1607by the special operators C<-in> and C<-not_in> for generating
1608correct SQL even when the argument is an empty array (see below).
96449e8e 1609
32eab2da 1610=item logic
1611
1612This determines the default logical operator for multiple WHERE
7cac25e6 1613statements in arrays or hashes. If absent, the default logic is "or"
1614for arrays, and "and" for hashes. This means that a WHERE
32eab2da 1615array of the form:
1616
1617 @where = (
9d48860e 1618 event_date => {'>=', '2/13/99'},
1619 event_date => {'<=', '4/24/03'},
32eab2da 1620 );
1621
7cac25e6 1622will generate SQL like this:
32eab2da 1623
1624 WHERE event_date >= '2/13/99' OR event_date <= '4/24/03'
1625
1626This is probably not what you want given this query, though (look
1627at the dates). To change the "OR" to an "AND", simply specify:
1628
1629 my $sql = SQL::Abstract->new(logic => 'and');
1630
1631Which will change the above C<WHERE> to:
1632
1633 WHERE event_date >= '2/13/99' AND event_date <= '4/24/03'
1634
96449e8e 1635The logic can also be changed locally by inserting
be21dde3 1636a modifier in front of an arrayref:
96449e8e 1637
9d48860e 1638 @where = (-and => [event_date => {'>=', '2/13/99'},
7cac25e6 1639 event_date => {'<=', '4/24/03'} ]);
96449e8e 1640
1641See the L</"WHERE CLAUSES"> section for explanations.
1642
32eab2da 1643=item convert
1644
1645This will automatically convert comparisons using the specified SQL
1646function for both column and value. This is mostly used with an argument
1647of C<upper> or C<lower>, so that the SQL will have the effect of
1648case-insensitive "searches". For example, this:
1649
1650 $sql = SQL::Abstract->new(convert => 'upper');
1651 %where = (keywords => 'MaKe iT CAse inSeNSItive');
1652
1653Will turn out the following SQL:
1654
1655 WHERE upper(keywords) like upper('MaKe iT CAse inSeNSItive')
1656
1657The conversion can be C<upper()>, C<lower()>, or any other SQL function
1658that can be applied symmetrically to fields (actually B<SQL::Abstract> does
1659not validate this option; it will just pass through what you specify verbatim).
1660
1661=item bindtype
1662
1663This is a kludge because many databases suck. For example, you can't
1664just bind values using DBI's C<execute()> for Oracle C<CLOB> or C<BLOB> fields.
1665Instead, you have to use C<bind_param()>:
1666
1667 $sth->bind_param(1, 'reg data');
1668 $sth->bind_param(2, $lots, {ora_type => ORA_CLOB});
1669
1670The problem is, B<SQL::Abstract> will normally just return a C<@bind> array,
1671which loses track of which field each slot refers to. Fear not.
1672
1673If you specify C<bindtype> in new, you can determine how C<@bind> is returned.
1674Currently, you can specify either C<normal> (default) or C<columns>. If you
1675specify C<columns>, you will get an array that looks like this:
1676
1677 my $sql = SQL::Abstract->new(bindtype => 'columns');
1678 my($stmt, @bind) = $sql->insert(...);
1679
1680 @bind = (
1681 [ 'column1', 'value1' ],
1682 [ 'column2', 'value2' ],
1683 [ 'column3', 'value3' ],
1684 );
1685
1686You can then iterate through this manually, using DBI's C<bind_param()>.
e3f9dff4 1687
32eab2da 1688 $sth->prepare($stmt);
1689 my $i = 1;
1690 for (@bind) {
1691 my($col, $data) = @$_;
1692 if ($col eq 'details' || $col eq 'comments') {
1693 $sth->bind_param($i, $data, {ora_type => ORA_CLOB});
1694 } elsif ($col eq 'image') {
1695 $sth->bind_param($i, $data, {ora_type => ORA_BLOB});
1696 } else {
1697 $sth->bind_param($i, $data);
1698 }
1699 $i++;
1700 }
1701 $sth->execute; # execute without @bind now
1702
1703Now, why would you still use B<SQL::Abstract> if you have to do this crap?
1704Basically, the advantage is still that you don't have to care which fields
1705are or are not included. You could wrap that above C<for> loop in a simple
1706sub called C<bind_fields()> or something and reuse it repeatedly. You still
1707get a layer of abstraction over manual SQL specification.
1708
3ae1c5e2 1709Note that if you set L</bindtype> to C<columns>, the C<\[ $sql, @bind ]>
deb148a2 1710construct (see L</Literal SQL with placeholders and bind values (subqueries)>)
1711will expect the bind values in this format.
1712
32eab2da 1713=item quote_char
1714
1715This is the character that a table or column name will be quoted
9d48860e 1716with. By default this is an empty string, but you could set it to
32eab2da 1717the character C<`>, to generate SQL like this:
1718
1719 SELECT `a_field` FROM `a_table` WHERE `some_field` LIKE '%someval%'
1720
96449e8e 1721Alternatively, you can supply an array ref of two items, the first being the left
1722hand quote character, and the second the right hand quote character. For
1723example, you could supply C<['[',']']> for SQL Server 2000 compliant quotes
1724that generates SQL like this:
1725
1726 SELECT [a_field] FROM [a_table] WHERE [some_field] LIKE '%someval%'
1727
9d48860e 1728Quoting is useful if you have tables or columns names that are reserved
96449e8e 1729words in your database's SQL dialect.
32eab2da 1730
46be4313 1731=item escape_char
1732
1733This is the character that will be used to escape L</quote_char>s appearing
1734in an identifier before it has been quoted.
1735
80790166 1736The parameter default in case of a single L</quote_char> character is the quote
46be4313 1737character itself.
1738
1739When opening-closing-style quoting is used (L</quote_char> is an arrayref)
9de2bd86 1740this parameter defaults to the B<closing (right)> L</quote_char>. Occurrences
46be4313 1741of the B<opening (left)> L</quote_char> within the identifier are currently left
1742untouched. The default for opening-closing-style quotes may change in future
1743versions, thus you are B<strongly encouraged> to specify the escape character
1744explicitly.
1745
32eab2da 1746=item name_sep
1747
1748This is the character that separates a table and column name. It is
1749necessary to specify this when the C<quote_char> option is selected,
1750so that tables and column names can be individually quoted like this:
1751
1752 SELECT `table`.`one_field` FROM `table` WHERE `table`.`other_field` = 1
1753
b6251592 1754=item injection_guard
1755
1756A regular expression C<qr/.../> that is applied to any C<-function> and unquoted
1757column name specified in a query structure. This is a safety mechanism to avoid
1758injection attacks when mishandling user input e.g.:
1759
1760 my %condition_as_column_value_pairs = get_values_from_user();
1761 $sqla->select( ... , \%condition_as_column_value_pairs );
1762
1763If the expression matches an exception is thrown. Note that literal SQL
1764supplied via C<\'...'> or C<\['...']> is B<not> checked in any way.
1765
1766Defaults to checking for C<;> and the C<GO> keyword (TransactSQL)
1767
96449e8e 1768=item array_datatypes
32eab2da 1769
9d48860e 1770When this option is true, arrayrefs in INSERT or UPDATE are
1771interpreted as array datatypes and are passed directly
96449e8e 1772to the DBI layer.
1773When this option is false, arrayrefs are interpreted
1774as literal SQL, just like refs to arrayrefs
1775(but this behavior is for backwards compatibility; when writing
1776new queries, use the "reference to arrayref" syntax
1777for literal SQL).
32eab2da 1778
32eab2da 1779
96449e8e 1780=item special_ops
32eab2da 1781
9d48860e 1782Takes a reference to a list of "special operators"
96449e8e 1783to extend the syntax understood by L<SQL::Abstract>.
1784See section L</"SPECIAL OPERATORS"> for details.
32eab2da 1785
59f23b3d 1786=item unary_ops
1787
9d48860e 1788Takes a reference to a list of "unary operators"
59f23b3d 1789to extend the syntax understood by L<SQL::Abstract>.
1790See section L</"UNARY OPERATORS"> for details.
1791
32eab2da 1792
32eab2da 1793
96449e8e 1794=back
32eab2da 1795
02288357 1796=head2 insert($table, \@values || \%fieldvals, \%options)
32eab2da 1797
1798This is the simplest function. You simply give it a table name
1799and either an arrayref of values or hashref of field/value pairs.
1800It returns an SQL INSERT statement and a list of bind values.
96449e8e 1801See the sections on L</"Inserting and Updating Arrays"> and
1802L</"Inserting and Updating SQL"> for information on how to insert
1803with those data types.
32eab2da 1804
02288357 1805The optional C<\%options> hash reference may contain additional
1806options to generate the insert SQL. Currently supported options
1807are:
1808
1809=over 4
1810
1811=item returning
1812
1813Takes either a scalar of raw SQL fields, or an array reference of
1814field names, and adds on an SQL C<RETURNING> statement at the end.
1815This allows you to return data generated by the insert statement
1816(such as row IDs) without performing another C<SELECT> statement.
1817Note, however, this is not part of the SQL standard and may not
1818be supported by all database engines.
1819
1820=back
1821
95904db5 1822=head2 update($table, \%fieldvals, \%where, \%options)
32eab2da 1823
1824This takes a table, hashref of field/value pairs, and an optional
86298391 1825hashref L<WHERE clause|/WHERE CLAUSES>. It returns an SQL UPDATE function and a list
32eab2da 1826of bind values.
96449e8e 1827See the sections on L</"Inserting and Updating Arrays"> and
1828L</"Inserting and Updating SQL"> for information on how to insert
1829with those data types.
32eab2da 1830
95904db5 1831The optional C<\%options> hash reference may contain additional
1832options to generate the update SQL. Currently supported options
1833are:
1834
1835=over 4
1836
1837=item returning
1838
1839See the C<returning> option to
1840L<insert|/insert($table, \@values || \%fieldvals, \%options)>.
1841
1842=back
1843
96449e8e 1844=head2 select($source, $fields, $where, $order)
32eab2da 1845
9d48860e 1846This returns a SQL SELECT statement and associated list of bind values, as
be21dde3 1847specified by the arguments:
32eab2da 1848
96449e8e 1849=over
32eab2da 1850
96449e8e 1851=item $source
32eab2da 1852
9d48860e 1853Specification of the 'FROM' part of the statement.
96449e8e 1854The argument can be either a plain scalar (interpreted as a table
1855name, will be quoted), or an arrayref (interpreted as a list
1856of table names, joined by commas, quoted), or a scalarref
063097a3 1857(literal SQL, not quoted).
32eab2da 1858
96449e8e 1859=item $fields
32eab2da 1860
9d48860e 1861Specification of the list of fields to retrieve from
96449e8e 1862the source.
1863The argument can be either an arrayref (interpreted as a list
9d48860e 1864of field names, will be joined by commas and quoted), or a
96449e8e 1865plain scalar (literal SQL, not quoted).
521647e7 1866Please observe that this API is not as flexible as that of
1867the first argument C<$source>, for backwards compatibility reasons.
32eab2da 1868
96449e8e 1869=item $where
32eab2da 1870
96449e8e 1871Optional argument to specify the WHERE part of the query.
1872The argument is most often a hashref, but can also be
9d48860e 1873an arrayref or plain scalar --
96449e8e 1874see section L<WHERE clause|/"WHERE CLAUSES"> for details.
32eab2da 1875
96449e8e 1876=item $order
32eab2da 1877
96449e8e 1878Optional argument to specify the ORDER BY part of the query.
9d48860e 1879The argument can be a scalar, a hashref or an arrayref
96449e8e 1880-- see section L<ORDER BY clause|/"ORDER BY CLAUSES">
1881for details.
32eab2da 1882
96449e8e 1883=back
32eab2da 1884
32eab2da 1885
85327cd5 1886=head2 delete($table, \%where, \%options)
32eab2da 1887
86298391 1888This takes a table name and optional hashref L<WHERE clause|/WHERE CLAUSES>.
32eab2da 1889It returns an SQL DELETE statement and list of bind values.
1890
85327cd5 1891The optional C<\%options> hash reference may contain additional
1892options to generate the delete SQL. Currently supported options
1893are:
1894
1895=over 4
1896
1897=item returning
1898
1899See the C<returning> option to
1900L<insert|/insert($table, \@values || \%fieldvals, \%options)>.
1901
1902=back
1903
85783f3c 1904=head2 where(\%where, $order)
32eab2da 1905
1906This is used to generate just the WHERE clause. For example,
1907if you have an arbitrary data structure and know what the
1908rest of your SQL is going to look like, but want an easy way
1909to produce a WHERE clause, use this. It returns an SQL WHERE
1910clause and list of bind values.
1911
32eab2da 1912
1913=head2 values(\%data)
1914
1915This just returns the values from the hash C<%data>, in the same
1916order that would be returned from any of the other above queries.
1917Using this allows you to markedly speed up your queries if you
1918are affecting lots of rows. See below under the L</"PERFORMANCE"> section.
1919
32eab2da 1920=head2 generate($any, 'number', $of, \@data, $struct, \%types)
1921
1922Warning: This is an experimental method and subject to change.
1923
1924This returns arbitrarily generated SQL. It's a really basic shortcut.
1925It will return two different things, depending on return context:
1926
1927 my($stmt, @bind) = $sql->generate('create table', \$table, \@fields);
1928 my $stmt_and_val = $sql->generate('create table', \$table, \@fields);
1929
1930These would return the following:
1931
1932 # First calling form
1933 $stmt = "CREATE TABLE test (?, ?)";
1934 @bind = (field1, field2);
1935
1936 # Second calling form
1937 $stmt_and_val = "CREATE TABLE test (field1, field2)";
1938
1939Depending on what you're trying to do, it's up to you to choose the correct
1940format. In this example, the second form is what you would want.
1941
1942By the same token:
1943
1944 $sql->generate('alter session', { nls_date_format => 'MM/YY' });
1945
1946Might give you:
1947
1948 ALTER SESSION SET nls_date_format = 'MM/YY'
1949
1950You get the idea. Strings get their case twiddled, but everything
1951else remains verbatim.
1952
0da0fe34 1953=head1 EXPORTABLE FUNCTIONS
1954
1955=head2 is_plain_value
1956
1957Determines if the supplied argument is a plain value as understood by this
1958module:
1959
1960=over
1961
1962=item * The value is C<undef>
1963
1964=item * The value is a non-reference
1965
1966=item * The value is an object with stringification overloading
1967
1968=item * The value is of the form C<< { -value => $anything } >>
1969
1970=back
1971
9de2bd86 1972On failure returns C<undef>, on success returns a B<scalar> reference
966200cc 1973to the original supplied argument.
0da0fe34 1974
843a94b5 1975=over
1976
1977=item * Note
1978
1979The stringification overloading detection is rather advanced: it takes
1980into consideration not only the presence of a C<""> overload, but if that
1981fails also checks for enabled
1982L<autogenerated versions of C<"">|overload/Magic Autogeneration>, based
1983on either C<0+> or C<bool>.
1984
1985Unfortunately testing in the field indicates that this
1986detection B<< may tickle a latent bug in perl versions before 5.018 >>,
1987but only when very large numbers of stringifying objects are involved.
1988At the time of writing ( Sep 2014 ) there is no clear explanation of
1989the direct cause, nor is there a manageably small test case that reliably
1990reproduces the problem.
1991
1992If you encounter any of the following exceptions in B<random places within
1993your application stack> - this module may be to blame:
1994
1995 Operation "ne": no method found,
1996 left argument in overloaded package <something>,
1997 right argument in overloaded package <something>
1998
1999or perhaps even
2000
2001 Stub found while resolving method "???" overloading """" in package <something>
2002
2003If you fall victim to the above - please attempt to reduce the problem
2004to something that could be sent to the L<SQL::Abstract developers
1f490ae4 2005|DBIx::Class/GETTING HELP/SUPPORT>
843a94b5 2006(either publicly or privately). As a workaround in the meantime you can
2007set C<$ENV{SQLA_ISVALUE_IGNORE_AUTOGENERATED_STRINGIFICATION}> to a true
2008value, which will most likely eliminate your problem (at the expense of
2009not being able to properly detect exotic forms of stringification).
2010
2011This notice and environment variable will be removed in a future version,
2012as soon as the underlying problem is found and a reliable workaround is
2013devised.
2014
2015=back
2016
0da0fe34 2017=head2 is_literal_value
2018
2019Determines if the supplied argument is a literal value as understood by this
2020module:
2021
2022=over
2023
2024=item * C<\$sql_string>
2025
2026=item * C<\[ $sql_string, @bind_values ]>
2027
0da0fe34 2028=back
2029
9de2bd86 2030On failure returns C<undef>, on success returns an B<array> reference
966200cc 2031containing the unpacked version of the supplied literal SQL and bind values.
0da0fe34 2032
32eab2da 2033=head1 WHERE CLAUSES
2034
96449e8e 2035=head2 Introduction
2036
32eab2da 2037This module uses a variation on the idea from L<DBIx::Abstract>. It
2038is B<NOT>, repeat I<not> 100% compatible. B<The main logic of this
2039module is that things in arrays are OR'ed, and things in hashes
2040are AND'ed.>
2041
2042The easiest way to explain is to show lots of examples. After
2043each C<%where> hash shown, it is assumed you used:
2044
2045 my($stmt, @bind) = $sql->where(\%where);
2046
2047However, note that the C<%where> hash can be used directly in any
2048of the other functions as well, as described above.
2049
96449e8e 2050=head2 Key-value pairs
2051
32eab2da 2052So, let's get started. To begin, a simple hash:
2053
2054 my %where = (
2055 user => 'nwiger',
2056 status => 'completed'
2057 );
2058
2059Is converted to SQL C<key = val> statements:
2060
2061 $stmt = "WHERE user = ? AND status = ?";
2062 @bind = ('nwiger', 'completed');
2063
2064One common thing I end up doing is having a list of values that
2065a field can be in. To do this, simply specify a list inside of
2066an arrayref:
2067
2068 my %where = (
2069 user => 'nwiger',
2070 status => ['assigned', 'in-progress', 'pending'];
2071 );
2072
2073This simple code will create the following:
9d48860e 2074
32eab2da 2075 $stmt = "WHERE user = ? AND ( status = ? OR status = ? OR status = ? )";
2076 @bind = ('nwiger', 'assigned', 'in-progress', 'pending');
2077
9d48860e 2078A field associated to an empty arrayref will be considered a
7cac25e6 2079logical false and will generate 0=1.
8a68b5be 2080
b864ba9b 2081=head2 Tests for NULL values
2082
2083If the value part is C<undef> then this is converted to SQL <IS NULL>
2084
2085 my %where = (
2086 user => 'nwiger',
2087 status => undef,
2088 );
2089
2090becomes:
2091
2092 $stmt = "WHERE user = ? AND status IS NULL";
2093 @bind = ('nwiger');
2094
e9614080 2095To test if a column IS NOT NULL:
2096
2097 my %where = (
2098 user => 'nwiger',
2099 status => { '!=', undef },
2100 );
cc422895 2101
6e0c6552 2102=head2 Specific comparison operators
96449e8e 2103
32eab2da 2104If you want to specify a different type of operator for your comparison,
2105you can use a hashref for a given column:
2106
2107 my %where = (
2108 user => 'nwiger',
2109 status => { '!=', 'completed' }
2110 );
2111
2112Which would generate:
2113
2114 $stmt = "WHERE user = ? AND status != ?";
2115 @bind = ('nwiger', 'completed');
2116
2117To test against multiple values, just enclose the values in an arrayref:
2118
96449e8e 2119 status => { '=', ['assigned', 'in-progress', 'pending'] };
2120
f2d5020d 2121Which would give you:
96449e8e 2122
2123 "WHERE status = ? OR status = ? OR status = ?"
2124
2125
2126The hashref can also contain multiple pairs, in which case it is expanded
32eab2da 2127into an C<AND> of its elements:
2128
2129 my %where = (
2130 user => 'nwiger',
2131 status => { '!=', 'completed', -not_like => 'pending%' }
2132 );
2133
2134 # Or more dynamically, like from a form
2135 $where{user} = 'nwiger';
2136 $where{status}{'!='} = 'completed';
2137 $where{status}{'-not_like'} = 'pending%';
2138
2139 # Both generate this
2140 $stmt = "WHERE user = ? AND status != ? AND status NOT LIKE ?";
2141 @bind = ('nwiger', 'completed', 'pending%');
2142
96449e8e 2143
32eab2da 2144To get an OR instead, you can combine it with the arrayref idea:
2145
2146 my %where => (
2147 user => 'nwiger',
1a6f2a03 2148 priority => [ { '=', 2 }, { '>', 5 } ]
32eab2da 2149 );
2150
2151Which would generate:
2152
1a6f2a03 2153 $stmt = "WHERE ( priority = ? OR priority > ? ) AND user = ?";
2154 @bind = ('2', '5', 'nwiger');
32eab2da 2155
44b9e502 2156If you want to include literal SQL (with or without bind values), just use a
13cc86af 2157scalar reference or reference to an arrayref as the value:
44b9e502 2158
2159 my %where = (
2160 date_entered => { '>' => \["to_date(?, 'MM/DD/YYYY')", "11/26/2008"] },
2161 date_expires => { '<' => \"now()" }
2162 );
2163
2164Which would generate:
2165
13cc86af 2166 $stmt = "WHERE date_entered > to_date(?, 'MM/DD/YYYY') AND date_expires < now()";
44b9e502 2167 @bind = ('11/26/2008');
2168
96449e8e 2169
2170=head2 Logic and nesting operators
2171
2172In the example above,
2173there is a subtle trap if you want to say something like
32eab2da 2174this (notice the C<AND>):
2175
2176 WHERE priority != ? AND priority != ?
2177
2178Because, in Perl you I<can't> do this:
2179
13cc86af 2180 priority => { '!=' => 2, '!=' => 1 }
32eab2da 2181
2182As the second C<!=> key will obliterate the first. The solution
2183is to use the special C<-modifier> form inside an arrayref:
2184
9d48860e 2185 priority => [ -and => {'!=', 2},
96449e8e 2186 {'!=', 1} ]
2187
32eab2da 2188
2189Normally, these would be joined by C<OR>, but the modifier tells it
2190to use C<AND> instead. (Hint: You can use this in conjunction with the
2191C<logic> option to C<new()> in order to change the way your queries
2192work by default.) B<Important:> Note that the C<-modifier> goes
2193B<INSIDE> the arrayref, as an extra first element. This will
2194B<NOT> do what you think it might:
2195
2196 priority => -and => [{'!=', 2}, {'!=', 1}] # WRONG!
2197
2198Here is a quick list of equivalencies, since there is some overlap:
2199
2200 # Same
2201 status => {'!=', 'completed', 'not like', 'pending%' }
2202 status => [ -and => {'!=', 'completed'}, {'not like', 'pending%'}]
2203
2204 # Same
2205 status => {'=', ['assigned', 'in-progress']}
2206 status => [ -or => {'=', 'assigned'}, {'=', 'in-progress'}]
2207 status => [ {'=', 'assigned'}, {'=', 'in-progress'} ]
2208
e3f9dff4 2209
2210
be21dde3 2211=head2 Special operators: IN, BETWEEN, etc.
96449e8e 2212
32eab2da 2213You can also use the hashref format to compare a list of fields using the
2214C<IN> comparison operator, by specifying the list as an arrayref:
2215
2216 my %where = (
2217 status => 'completed',
2218 reportid => { -in => [567, 2335, 2] }
2219 );
2220
2221Which would generate:
2222
2223 $stmt = "WHERE status = ? AND reportid IN (?,?,?)";
2224 @bind = ('completed', '567', '2335', '2');
2225
9d48860e 2226The reverse operator C<-not_in> generates SQL C<NOT IN> and is used in
96449e8e 2227the same way.
2228
6e0c6552 2229If the argument to C<-in> is an empty array, 'sqlfalse' is generated
be21dde3 2230(by default: C<1=0>). Similarly, C<< -not_in => [] >> generates
2231'sqltrue' (by default: C<1=1>).
6e0c6552 2232
e41c3bdd 2233In addition to the array you can supply a chunk of literal sql or
2234literal sql with bind:
6e0c6552 2235
e41c3bdd 2236 my %where = {
2237 customer => { -in => \[
2238 'SELECT cust_id FROM cust WHERE balance > ?',
2239 2000,
2240 ],
2241 status => { -in => \'SELECT status_codes FROM states' },
2242 };
6e0c6552 2243
e41c3bdd 2244would generate:
2245
2246 $stmt = "WHERE (
2247 customer IN ( SELECT cust_id FROM cust WHERE balance > ? )
2248 AND status IN ( SELECT status_codes FROM states )
2249 )";
2250 @bind = ('2000');
2251
0dfd2442 2252Finally, if the argument to C<-in> is not a reference, it will be
2253treated as a single-element array.
e41c3bdd 2254
2255Another pair of operators is C<-between> and C<-not_between>,
96449e8e 2256used with an arrayref of two values:
32eab2da 2257
2258 my %where = (
2259 user => 'nwiger',
2260 completion_date => {
2261 -not_between => ['2002-10-01', '2003-02-06']
2262 }
2263 );
2264
2265Would give you:
2266
2267 WHERE user = ? AND completion_date NOT BETWEEN ( ? AND ? )
2268
e41c3bdd 2269Just like with C<-in> all plausible combinations of literal SQL
2270are possible:
2271
2272 my %where = {
2273 start0 => { -between => [ 1, 2 ] },
2274 start1 => { -between => \["? AND ?", 1, 2] },
2275 start2 => { -between => \"lower(x) AND upper(y)" },
9d48860e 2276 start3 => { -between => [
e41c3bdd 2277 \"lower(x)",
2278 \["upper(?)", 'stuff' ],
2279 ] },
2280 };
2281
2282Would give you:
2283
2284 $stmt = "WHERE (
2285 ( start0 BETWEEN ? AND ? )
2286 AND ( start1 BETWEEN ? AND ? )
2287 AND ( start2 BETWEEN lower(x) AND upper(y) )
2288 AND ( start3 BETWEEN lower(x) AND upper(?) )
2289 )";
2290 @bind = (1, 2, 1, 2, 'stuff');
2291
2292
9d48860e 2293These are the two builtin "special operators"; but the
be21dde3 2294list can be expanded: see section L</"SPECIAL OPERATORS"> below.
96449e8e 2295
59f23b3d 2296=head2 Unary operators: bool
97a920ef 2297
2298If you wish to test against boolean columns or functions within your
2299database you can use the C<-bool> and C<-not_bool> operators. For
2300example to test the column C<is_user> being true and the column
827bb0eb 2301C<is_enabled> being false you would use:-
97a920ef 2302
2303 my %where = (
2304 -bool => 'is_user',
2305 -not_bool => 'is_enabled',
2306 );
2307
2308Would give you:
2309
277b5d3f 2310 WHERE is_user AND NOT is_enabled
97a920ef 2311
0b604e9d 2312If a more complex combination is required, testing more conditions,
2313then you should use the and/or operators:-
2314
2315 my %where = (
2316 -and => [
2317 -bool => 'one',
23401b81 2318 -not_bool => { two=> { -rlike => 'bar' } },
2319 -not_bool => { three => [ { '=', 2 }, { '>', 5 } ] },
0b604e9d 2320 ],
2321 );
2322
2323Would give you:
2324
23401b81 2325 WHERE
2326 one
2327 AND
2328 (NOT two RLIKE ?)
2329 AND
2330 (NOT ( three = ? OR three > ? ))
97a920ef 2331
2332
107b72f1 2333=head2 Nested conditions, -and/-or prefixes
96449e8e 2334
32eab2da 2335So far, we've seen how multiple conditions are joined with a top-level
2336C<AND>. We can change this by putting the different conditions we want in
2337hashes and then putting those hashes in an array. For example:
2338
2339 my @where = (
2340 {
2341 user => 'nwiger',
2342 status => { -like => ['pending%', 'dispatched'] },
2343 },
2344 {
2345 user => 'robot',
2346 status => 'unassigned',
2347 }
2348 );
2349
2350This data structure would create the following:
2351
2352 $stmt = "WHERE ( user = ? AND ( status LIKE ? OR status LIKE ? ) )
2353 OR ( user = ? AND status = ? ) )";
2354 @bind = ('nwiger', 'pending', 'dispatched', 'robot', 'unassigned');
2355
107b72f1 2356
48d9f5f8 2357Clauses in hashrefs or arrayrefs can be prefixed with an C<-and> or C<-or>
be21dde3 2358to change the logic inside:
32eab2da 2359
2360 my @where = (
2361 -and => [
2362 user => 'nwiger',
48d9f5f8 2363 [
2364 -and => [ workhrs => {'>', 20}, geo => 'ASIA' ],
2365 -or => { workhrs => {'<', 50}, geo => 'EURO' },
32eab2da 2366 ],
2367 ],
2368 );
2369
2370That would yield:
2371
13cc86af 2372 $stmt = "WHERE ( user = ?
2373 AND ( ( workhrs > ? AND geo = ? )
2374 OR ( workhrs < ? OR geo = ? ) ) )";
2375 @bind = ('nwiger', '20', 'ASIA', '50', 'EURO');
107b72f1 2376
cc422895 2377=head3 Algebraic inconsistency, for historical reasons
107b72f1 2378
7cac25e6 2379C<Important note>: when connecting several conditions, the C<-and->|C<-or>
2380operator goes C<outside> of the nested structure; whereas when connecting
2381several constraints on one column, the C<-and> operator goes
be21dde3 2382C<inside> the arrayref. Here is an example combining both features:
7cac25e6 2383
2384 my @where = (
2385 -and => [a => 1, b => 2],
2386 -or => [c => 3, d => 4],
2387 e => [-and => {-like => 'foo%'}, {-like => '%bar'} ]
2388 )
2389
2390yielding
2391
9d48860e 2392 WHERE ( ( ( a = ? AND b = ? )
2393 OR ( c = ? OR d = ? )
7cac25e6 2394 OR ( e LIKE ? AND e LIKE ? ) ) )
2395
107b72f1 2396This difference in syntax is unfortunate but must be preserved for
be21dde3 2397historical reasons. So be careful: the two examples below would
107b72f1 2398seem algebraically equivalent, but they are not
2399
a948b1fe 2400 { col => [ -and =>
2401 { -like => 'foo%' },
2402 { -like => '%bar' },
2403 ] }
be21dde3 2404 # yields: WHERE ( ( col LIKE ? AND col LIKE ? ) )
107b72f1 2405
a948b1fe 2406 [ -and =>
2407 { col => { -like => 'foo%' } },
2408 { col => { -like => '%bar' } },
2409 ]
be21dde3 2410 # yields: WHERE ( ( col LIKE ? OR col LIKE ? ) )
107b72f1 2411
7cac25e6 2412
cc422895 2413=head2 Literal SQL and value type operators
96449e8e 2414
cc422895 2415The basic premise of SQL::Abstract is that in WHERE specifications the "left
2416side" is a column name and the "right side" is a value (normally rendered as
2417a placeholder). This holds true for both hashrefs and arrayref pairs as you
2418see in the L</WHERE CLAUSES> examples above. Sometimes it is necessary to
2419alter this behavior. There are several ways of doing so.
e9614080 2420
cc422895 2421=head3 -ident
2422
2423This is a virtual operator that signals the string to its right side is an
2424identifier (a column name) and not a value. For example to compare two
2425columns you would write:
32eab2da 2426
e9614080 2427 my %where = (
2428 priority => { '<', 2 },
cc422895 2429 requestor => { -ident => 'submitter' },
e9614080 2430 );
2431
2432which creates:
2433
2434 $stmt = "WHERE priority < ? AND requestor = submitter";
2435 @bind = ('2');
2436
cc422895 2437If you are maintaining legacy code you may see a different construct as
2438described in L</Deprecated usage of Literal SQL>, please use C<-ident> in new
2439code.
2440
2441=head3 -value
e9614080 2442
cc422895 2443This is a virtual operator that signals that the construct to its right side
2444is a value to be passed to DBI. This is for example necessary when you want
2445to write a where clause against an array (for RDBMS that support such
2446datatypes). For example:
e9614080 2447
32eab2da 2448 my %where = (
cc422895 2449 array => { -value => [1, 2, 3] }
32eab2da 2450 );
2451
cc422895 2452will result in:
32eab2da 2453
cc422895 2454 $stmt = 'WHERE array = ?';
2455 @bind = ([1, 2, 3]);
32eab2da 2456
cc422895 2457Note that if you were to simply say:
32eab2da 2458
2459 my %where = (
cc422895 2460 array => [1, 2, 3]
32eab2da 2461 );
2462
3af02ccb 2463the result would probably not be what you wanted:
cc422895 2464
2465 $stmt = 'WHERE array = ? OR array = ? OR array = ?';
2466 @bind = (1, 2, 3);
2467
2468=head3 Literal SQL
96449e8e 2469
cc422895 2470Finally, sometimes only literal SQL will do. To include a random snippet
2471of SQL verbatim, you specify it as a scalar reference. Consider this only
2472as a last resort. Usually there is a better way. For example:
96449e8e 2473
2474 my %where = (
cc422895 2475 priority => { '<', 2 },
2476 requestor => { -in => \'(SELECT name FROM hitmen)' },
96449e8e 2477 );
2478
cc422895 2479Would create:
96449e8e 2480
cc422895 2481 $stmt = "WHERE priority < ? AND requestor IN (SELECT name FROM hitmen)"
2482 @bind = (2);
2483
2484Note that in this example, you only get one bind parameter back, since
2485the verbatim SQL is passed as part of the statement.
2486
2487=head4 CAVEAT
2488
2489 Never use untrusted input as a literal SQL argument - this is a massive
2490 security risk (there is no way to check literal snippets for SQL
2491 injections and other nastyness). If you need to deal with untrusted input
2492 use literal SQL with placeholders as described next.
96449e8e 2493
cc422895 2494=head3 Literal SQL with placeholders and bind values (subqueries)
96449e8e 2495
2496If the literal SQL to be inserted has placeholders and bind values,
2497use a reference to an arrayref (yes this is a double reference --
2498not so common, but perfectly legal Perl). For example, to find a date
2499in Postgres you can use something like this:
2500
2501 my %where = (
3ae1c5e2 2502 date_column => \[ "= date '2008-09-30' - ?::integer", 10 ]
96449e8e 2503 )
2504
2505This would create:
2506
d2a8fe1a 2507 $stmt = "WHERE ( date_column = date '2008-09-30' - ?::integer )"
96449e8e 2508 @bind = ('10');
2509
deb148a2 2510Note that you must pass the bind values in the same format as they are returned
85783f3c 2511by L<where|/where(\%where, $order)>. This means that if you set L</bindtype>
1f490ae4 2512to C<columns>, you must provide the bind values in the
2513C<< [ column_meta => value ] >> format, where C<column_meta> is an opaque
2514scalar value; most commonly the column name, but you can use any scalar value
2515(including references and blessed references), L<SQL::Abstract> will simply
2516pass it through intact. So if C<bindtype> is set to C<columns> the above
2517example will look like:
deb148a2 2518
2519 my %where = (
3ae1c5e2 2520 date_column => \[ "= date '2008-09-30' - ?::integer", [ {} => 10 ] ]
deb148a2 2521 )
96449e8e 2522
2523Literal SQL is especially useful for nesting parenthesized clauses in the
be21dde3 2524main SQL query. Here is a first example:
96449e8e 2525
2526 my ($sub_stmt, @sub_bind) = ("SELECT c1 FROM t1 WHERE c2 < ? AND c3 LIKE ?",
2527 100, "foo%");
2528 my %where = (
2529 foo => 1234,
2530 bar => \["IN ($sub_stmt)" => @sub_bind],
2531 );
2532
be21dde3 2533This yields:
96449e8e 2534
9d48860e 2535 $stmt = "WHERE (foo = ? AND bar IN (SELECT c1 FROM t1
96449e8e 2536 WHERE c2 < ? AND c3 LIKE ?))";
2537 @bind = (1234, 100, "foo%");
2538
9d48860e 2539Other subquery operators, like for example C<"E<gt> ALL"> or C<"NOT IN">,
96449e8e 2540are expressed in the same way. Of course the C<$sub_stmt> and
9d48860e 2541its associated bind values can be generated through a former call
96449e8e 2542to C<select()> :
2543
2544 my ($sub_stmt, @sub_bind)
9d48860e 2545 = $sql->select("t1", "c1", {c2 => {"<" => 100},
96449e8e 2546 c3 => {-like => "foo%"}});
2547 my %where = (
2548 foo => 1234,
2549 bar => \["> ALL ($sub_stmt)" => @sub_bind],
2550 );
2551
2552In the examples above, the subquery was used as an operator on a column;
9d48860e 2553but the same principle also applies for a clause within the main C<%where>
be21dde3 2554hash, like an EXISTS subquery:
96449e8e 2555
9d48860e 2556 my ($sub_stmt, @sub_bind)
96449e8e 2557 = $sql->select("t1", "*", {c1 => 1, c2 => \"> t0.c0"});
48d9f5f8 2558 my %where = ( -and => [
96449e8e 2559 foo => 1234,
48d9f5f8 2560 \["EXISTS ($sub_stmt)" => @sub_bind],
2561 ]);
96449e8e 2562
2563which yields
2564
9d48860e 2565 $stmt = "WHERE (foo = ? AND EXISTS (SELECT * FROM t1
96449e8e 2566 WHERE c1 = ? AND c2 > t0.c0))";
2567 @bind = (1234, 1);
2568
2569
9d48860e 2570Observe that the condition on C<c2> in the subquery refers to
be21dde3 2571column C<t0.c0> of the main query: this is I<not> a bind
9d48860e 2572value, so we have to express it through a scalar ref.
96449e8e 2573Writing C<< c2 => {">" => "t0.c0"} >> would have generated
2574C<< c2 > ? >> with bind value C<"t0.c0"> ... not exactly
2575what we wanted here.
2576
96449e8e 2577Finally, here is an example where a subquery is used
2578for expressing unary negation:
2579
9d48860e 2580 my ($sub_stmt, @sub_bind)
96449e8e 2581 = $sql->where({age => [{"<" => 10}, {">" => 20}]});
2582 $sub_stmt =~ s/^ where //i; # don't want "WHERE" in the subclause
2583 my %where = (
2584 lname => {like => '%son%'},
48d9f5f8 2585 \["NOT ($sub_stmt)" => @sub_bind],
96449e8e 2586 );
2587
2588This yields
2589
2590 $stmt = "lname LIKE ? AND NOT ( age < ? OR age > ? )"
2591 @bind = ('%son%', 10, 20)
2592
cc422895 2593=head3 Deprecated usage of Literal SQL
2594
2595Below are some examples of archaic use of literal SQL. It is shown only as
2596reference for those who deal with legacy code. Each example has a much
2597better, cleaner and safer alternative that users should opt for in new code.
2598
2599=over
2600
2601=item *
2602
2603 my %where = ( requestor => \'IS NOT NULL' )
2604
2605 $stmt = "WHERE requestor IS NOT NULL"
2606
2607This used to be the way of generating NULL comparisons, before the handling
2608of C<undef> got formalized. For new code please use the superior syntax as
2609described in L</Tests for NULL values>.
96449e8e 2610
cc422895 2611=item *
2612
2613 my %where = ( requestor => \'= submitter' )
2614
2615 $stmt = "WHERE requestor = submitter"
2616
2617This used to be the only way to compare columns. Use the superior L</-ident>
2618method for all new code. For example an identifier declared in such a way
2619will be properly quoted if L</quote_char> is properly set, while the legacy
2620form will remain as supplied.
2621
2622=item *
2623
2624 my %where = ( is_ready => \"", completed => { '>', '2012-12-21' } )
2625
2626 $stmt = "WHERE completed > ? AND is_ready"
2627 @bind = ('2012-12-21')
2628
2629Using an empty string literal used to be the only way to express a boolean.
2630For all new code please use the much more readable
2631L<-bool|/Unary operators: bool> operator.
2632
2633=back
96449e8e 2634
2635=head2 Conclusion
2636
32eab2da 2637These pages could go on for a while, since the nesting of the data
2638structures this module can handle are pretty much unlimited (the
2639module implements the C<WHERE> expansion as a recursive function
2640internally). Your best bet is to "play around" with the module a
2641little to see how the data structures behave, and choose the best
2642format for your data based on that.
2643
2644And of course, all the values above will probably be replaced with
2645variables gotten from forms or the command line. After all, if you
2646knew everything ahead of time, you wouldn't have to worry about
2647dynamically-generating SQL and could just hardwire it into your
2648script.
2649
86298391 2650=head1 ORDER BY CLAUSES
2651
9d48860e 2652Some functions take an order by clause. This can either be a scalar (just a
18710f60 2653column name), a hashref of C<< { -desc => 'col' } >> or C<< { -asc => 'col' }
2654>>, a scalarref, an arrayref-ref, or an arrayref of any of the previous
2655forms. Examples:
1cfa1db3 2656
8c15b421 2657 Given | Will Generate
18710f60 2658 ---------------------------------------------------------------
8c15b421 2659 |
2660 'colA' | ORDER BY colA
2661 |
2662 [qw/colA colB/] | ORDER BY colA, colB
2663 |
2664 {-asc => 'colA'} | ORDER BY colA ASC
2665 |
2666 {-desc => 'colB'} | ORDER BY colB DESC
2667 |
2668 ['colA', {-asc => 'colB'}] | ORDER BY colA, colB ASC
2669 |
2670 { -asc => [qw/colA colB/] } | ORDER BY colA ASC, colB ASC
2671 |
2672 \'colA DESC' | ORDER BY colA DESC
2673 |
2674 \[ 'FUNC(colA, ?)', $x ] | ORDER BY FUNC(colA, ?)
2675 | /* ...with $x bound to ? */
2676 |
bd805d85 2677 [ | ORDER BY
2678 { -asc => 'colA' }, | colA ASC,
2679 { -desc => [qw/colB/] }, | colB DESC,
2680 { -asc => [qw/colC colD/] },| colC ASC, colD ASC,
2681 \'colE DESC', | colE DESC,
2682 \[ 'FUNC(colF, ?)', $x ], | FUNC(colF, ?)
2683 ] | /* ...with $x bound to ? */
18710f60 2684 ===============================================================
86298391 2685
96449e8e 2686
2687
2688=head1 SPECIAL OPERATORS
2689
e3f9dff4 2690 my $sqlmaker = SQL::Abstract->new(special_ops => [
3a2e1a5e 2691 {
2692 regex => qr/.../,
e3f9dff4 2693 handler => sub {
2694 my ($self, $field, $op, $arg) = @_;
2695 ...
3a2e1a5e 2696 },
2697 },
2698 {
2699 regex => qr/.../,
2700 handler => 'method_name',
e3f9dff4 2701 },
2702 ]);
2703
9d48860e 2704A "special operator" is a SQL syntactic clause that can be
e3f9dff4 2705applied to a field, instead of a usual binary operator.
be21dde3 2706For example:
e3f9dff4 2707
2708 WHERE field IN (?, ?, ?)
2709 WHERE field BETWEEN ? AND ?
2710 WHERE MATCH(field) AGAINST (?, ?)
96449e8e 2711
e3f9dff4 2712Special operators IN and BETWEEN are fairly standard and therefore
3a2e1a5e 2713are builtin within C<SQL::Abstract> (as the overridable methods
2714C<_where_field_IN> and C<_where_field_BETWEEN>). For other operators,
2715like the MATCH .. AGAINST example above which is specific to MySQL,
2716you can write your own operator handlers - supply a C<special_ops>
2717argument to the C<new> method. That argument takes an arrayref of
2718operator definitions; each operator definition is a hashref with two
2719entries:
96449e8e 2720
e3f9dff4 2721=over
2722
2723=item regex
2724
2725the regular expression to match the operator
96449e8e 2726
e3f9dff4 2727=item handler
2728
3a2e1a5e 2729Either a coderef or a plain scalar method name. In both cases
2730the expected return is C<< ($sql, @bind) >>.
2731
2732When supplied with a method name, it is simply called on the
13cc86af 2733L<SQL::Abstract> object as:
3a2e1a5e 2734
ca4f826a 2735 $self->$method_name($field, $op, $arg)
3a2e1a5e 2736
2737 Where:
2738
3a2e1a5e 2739 $field is the LHS of the operator
13cc86af 2740 $op is the part that matched the handler regex
3a2e1a5e 2741 $arg is the RHS
2742
2743When supplied with a coderef, it is called as:
2744
2745 $coderef->($self, $field, $op, $arg)
2746
e3f9dff4 2747
2748=back
2749
9d48860e 2750For example, here is an implementation
e3f9dff4 2751of the MATCH .. AGAINST syntax for MySQL
2752
2753 my $sqlmaker = SQL::Abstract->new(special_ops => [
9d48860e 2754
e3f9dff4 2755 # special op for MySql MATCH (field) AGAINST(word1, word2, ...)
9d48860e 2756 {regex => qr/^match$/i,
e3f9dff4 2757 handler => sub {
2758 my ($self, $field, $op, $arg) = @_;
2759 $arg = [$arg] if not ref $arg;
2760 my $label = $self->_quote($field);
2761 my ($placeholder) = $self->_convert('?');
2762 my $placeholders = join ", ", (($placeholder) x @$arg);
2763 my $sql = $self->_sqlcase('match') . " ($label) "
2764 . $self->_sqlcase('against') . " ($placeholders) ";
2765 my @bind = $self->_bindtype($field, @$arg);
2766 return ($sql, @bind);
2767 }
2768 },
9d48860e 2769
e3f9dff4 2770 ]);
96449e8e 2771
2772
59f23b3d 2773=head1 UNARY OPERATORS
2774
112b5232 2775 my $sqlmaker = SQL::Abstract->new(unary_ops => [
59f23b3d 2776 {
2777 regex => qr/.../,
2778 handler => sub {
2779 my ($self, $op, $arg) = @_;
2780 ...
2781 },
2782 },
2783 {
2784 regex => qr/.../,
2785 handler => 'method_name',
2786 },
2787 ]);
2788
9d48860e 2789A "unary operator" is a SQL syntactic clause that can be
59f23b3d 2790applied to a field - the operator goes before the field
2791
2792You can write your own operator handlers - supply a C<unary_ops>
2793argument to the C<new> method. That argument takes an arrayref of
2794operator definitions; each operator definition is a hashref with two
2795entries:
2796
2797=over
2798
2799=item regex
2800
2801the regular expression to match the operator
2802
2803=item handler
2804
2805Either a coderef or a plain scalar method name. In both cases
2806the expected return is C<< $sql >>.
2807
2808When supplied with a method name, it is simply called on the
13cc86af 2809L<SQL::Abstract> object as:
59f23b3d 2810
ca4f826a 2811 $self->$method_name($op, $arg)
59f23b3d 2812
2813 Where:
2814
2815 $op is the part that matched the handler regex
2816 $arg is the RHS or argument of the operator
2817
2818When supplied with a coderef, it is called as:
2819
2820 $coderef->($self, $op, $arg)
2821
2822
2823=back
2824
2825
32eab2da 2826=head1 PERFORMANCE
2827
2828Thanks to some benchmarking by Mark Stosberg, it turns out that
2829this module is many orders of magnitude faster than using C<DBIx::Abstract>.
2830I must admit this wasn't an intentional design issue, but it's a
2831byproduct of the fact that you get to control your C<DBI> handles
2832yourself.
2833
2834To maximize performance, use a code snippet like the following:
2835
2836 # prepare a statement handle using the first row
2837 # and then reuse it for the rest of the rows
2838 my($sth, $stmt);
2839 for my $href (@array_of_hashrefs) {
2840 $stmt ||= $sql->insert('table', $href);
2841 $sth ||= $dbh->prepare($stmt);
2842 $sth->execute($sql->values($href));
2843 }
2844
2845The reason this works is because the keys in your C<$href> are sorted
2846internally by B<SQL::Abstract>. Thus, as long as your data retains
2847the same structure, you only have to generate the SQL the first time
2848around. On subsequent queries, simply use the C<values> function provided
2849by this module to return your values in the correct order.
2850
b864ba9b 2851However this depends on the values having the same type - if, for
2852example, the values of a where clause may either have values
2853(resulting in sql of the form C<column = ?> with a single bind
2854value), or alternatively the values might be C<undef> (resulting in
2855sql of the form C<column IS NULL> with no bind value) then the
2856caching technique suggested will not work.
96449e8e 2857
32eab2da 2858=head1 FORMBUILDER
2859
2860If you use my C<CGI::FormBuilder> module at all, you'll hopefully
2861really like this part (I do, at least). Building up a complex query
2862can be as simple as the following:
2863
2864 #!/usr/bin/perl
2865
46dc2f3e 2866 use warnings;
2867 use strict;
2868
32eab2da 2869 use CGI::FormBuilder;
2870 use SQL::Abstract;
2871
2872 my $form = CGI::FormBuilder->new(...);
2873 my $sql = SQL::Abstract->new;
2874
2875 if ($form->submitted) {
2876 my $field = $form->field;
2877 my $id = delete $field->{id};
2878 my($stmt, @bind) = $sql->update('table', $field, {id => $id});
2879 }
2880
2881Of course, you would still have to connect using C<DBI> to run the
2882query, but the point is that if you make your form look like your
2883table, the actual query script can be extremely simplistic.
2884
2885If you're B<REALLY> lazy (I am), check out C<HTML::QuickTable> for
9d48860e 2886a fast interface to returning and formatting data. I frequently
32eab2da 2887use these three modules together to write complex database query
2888apps in under 50 lines.
2889
af733667 2890=head1 HOW TO CONTRIBUTE
2891
2892Contributions are always welcome, in all usable forms (we especially
2893welcome documentation improvements). The delivery methods include git-
2894or unified-diff formatted patches, GitHub pull requests, or plain bug
2895reports either via RT or the Mailing list. Contributors are generally
2896granted full access to the official repository after their first several
2897patches pass successful review.
2898
2899This project is maintained in a git repository. The code and related tools are
2900accessible at the following locations:
d8cc1792 2901
2902=over
2903
af733667 2904=item * Official repo: L<git://git.shadowcat.co.uk/dbsrgits/SQL-Abstract.git>
2905
2906=item * Official gitweb: L<http://git.shadowcat.co.uk/gitweb/gitweb.cgi?p=dbsrgits/SQL-Abstract.git>
2907
2908=item * GitHub mirror: L<https://github.com/dbsrgits/sql-abstract>
d8cc1792 2909
af733667 2910=item * Authorized committers: L<ssh://dbsrgits@git.shadowcat.co.uk/SQL-Abstract.git>
d8cc1792 2911
2912=back
32eab2da 2913
96449e8e 2914=head1 CHANGES
2915
2916Version 1.50 was a major internal refactoring of C<SQL::Abstract>.
2917Great care has been taken to preserve the I<published> behavior
2918documented in previous versions in the 1.* family; however,
9d48860e 2919some features that were previously undocumented, or behaved
96449e8e 2920differently from the documentation, had to be changed in order
2921to clarify the semantics. Hence, client code that was relying
9d48860e 2922on some dark areas of C<SQL::Abstract> v1.*
96449e8e 2923B<might behave differently> in v1.50.
32eab2da 2924
be21dde3 2925The main changes are:
d2a8fe1a 2926
96449e8e 2927=over
32eab2da 2928
9d48860e 2929=item *
32eab2da 2930
3ae1c5e2 2931support for literal SQL through the C<< \ [ $sql, @bind ] >> syntax.
96449e8e 2932
2933=item *
2934
145fbfc8 2935support for the { operator => \"..." } construct (to embed literal SQL)
2936
2937=item *
2938
9c37b9c0 2939support for the { operator => \["...", @bind] } construct (to embed literal SQL with bind values)
2940
2941=item *
2942
96449e8e 2943optional support for L<array datatypes|/"Inserting and Updating Arrays">
2944
9d48860e 2945=item *
96449e8e 2946
be21dde3 2947defensive programming: check arguments
96449e8e 2948
2949=item *
2950
2951fixed bug with global logic, which was previously implemented
7cac25e6 2952through global variables yielding side-effects. Prior versions would
96449e8e 2953interpret C<< [ {cond1, cond2}, [cond3, cond4] ] >>
2954as C<< "(cond1 AND cond2) OR (cond3 AND cond4)" >>.
2955Now this is interpreted
2956as C<< "(cond1 AND cond2) OR (cond3 OR cond4)" >>.
2957
96449e8e 2958
2959=item *
2960
2961fixed semantics of _bindtype on array args
2962
9d48860e 2963=item *
96449e8e 2964
2965dropped the C<_anoncopy> of the %where tree. No longer necessary,
2966we just avoid shifting arrays within that tree.
2967
2968=item *
2969
2970dropped the C<_modlogic> function
2971
2972=back
32eab2da 2973
32eab2da 2974=head1 ACKNOWLEDGEMENTS
2975
2976There are a number of individuals that have really helped out with
2977this module. Unfortunately, most of them submitted bugs via CPAN
2978so I have no idea who they are! But the people I do know are:
2979
9d48860e 2980 Ash Berlin (order_by hash term support)
b643abe1 2981 Matt Trout (DBIx::Class support)
32eab2da 2982 Mark Stosberg (benchmarking)
2983 Chas Owens (initial "IN" operator support)
2984 Philip Collins (per-field SQL functions)
2985 Eric Kolve (hashref "AND" support)
2986 Mike Fragassi (enhancements to "BETWEEN" and "LIKE")
2987 Dan Kubb (support for "quote_char" and "name_sep")
f5aab26e 2988 Guillermo Roditi (patch to cleanup "IN" and "BETWEEN", fix and tests for _order_by)
48d9f5f8 2989 Laurent Dami (internal refactoring, extensible list of special operators, literal SQL)
dbdf7648 2990 Norbert Buchmuller (support for literal SQL in hashpair, misc. fixes & tests)
e96c510a 2991 Peter Rabbitson (rewrite of SQLA::Test, misc. fixes & tests)
02288357 2992 Oliver Charles (support for "RETURNING" after "INSERT")
32eab2da 2993
2994Thanks!
2995
32eab2da 2996=head1 SEE ALSO
2997
86298391 2998L<DBIx::Class>, L<DBIx::Abstract>, L<CGI::FormBuilder>, L<HTML::QuickTable>.
32eab2da 2999
32eab2da 3000=head1 AUTHOR
3001
b643abe1 3002Copyright (c) 2001-2007 Nathan Wiger <nwiger@cpan.org>. All Rights Reserved.
3003
3004This module is actively maintained by Matt Trout <mst@shadowcatsystems.co.uk>
32eab2da 3005
abe72f94 3006For support, your best bet is to try the C<DBIx::Class> users mailing list.
3007While not an official support venue, C<DBIx::Class> makes heavy use of
3008C<SQL::Abstract>, and as such list members there are very familiar with
3009how to create queries.
3010
0d067ded 3011=head1 LICENSE
3012
d988ab87 3013This module is free software; you may copy this under the same
3014terms as perl itself (either the GNU General Public License or
3015the Artistic License)
32eab2da 3016
3017=cut
Unnamed repository; edit this file 'description' to name the repository.