projects / scpubgit/Q-Branch.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | history | HEAD
default scalar in expand
[scpubgit/Q-Branch.git] / lib / SQL / Abstract.pm
CommitLineData
96449e8e 1package SQL::Abstract; # see doc at end of file
2
96449e8e 3use strict;
4use warnings;
9d9d5bd6 5use Carp ();
312d830b 6use List::Util ();
7use Scalar::Util ();
96449e8e 8
0da0fe34 9use Exporter 'import';
10our @EXPORT_OK = qw(is_plain_value is_literal_value);
11
12BEGIN {
13 if ($] < 5.009_005) {
14 require MRO::Compat;
15 }
16 else {
17 require mro;
18 }
843a94b5 19
20 *SQL::Abstract::_ENV_::DETECT_AUTOGENERATED_STRINGIFICATION = $ENV{SQLA_ISVALUE_IGNORE_AUTOGENERATED_STRINGIFICATION}
21 ? sub () { 0 }
22 : sub () { 1 }
23 ;
0da0fe34 24}
25
96449e8e 26#======================================================================
27# GLOBALS
28#======================================================================
29
dc6afcf8 30our $VERSION = '1.86';
7479e27e 31
22f1a437 32# This would confuse some packagers
c520207b 33$VERSION = eval $VERSION if $VERSION =~ /_/; # numify for warning-free dev releases
96449e8e 34
35our $AUTOLOAD;
36
37# special operators (-in, -between). May be extended/overridden by user.
38# See section WHERE: BUILTIN SPECIAL OPERATORS below for implementation
39my @BUILTIN_SPECIAL_OPS = (
f663e672 40 {regex => qr/^ (?: not \s )? between $/ix, handler => sub { die "NOPE" }},
41 {regex => qr/^ (?: not \s )? in $/ix, handler => sub { die "NOPE" }},
87c8e45b 42 {regex => qr/^ is (?: \s+ not )? $/ix, handler => sub { die "NOPE" }},
96449e8e 43);
44
45#======================================================================
46# DEBUGGING AND ERROR REPORTING
47#======================================================================
48
49sub _debug {
50 return unless $_[0]->{debug}; shift; # a little faster
51 my $func = (caller(1))[3];
52 warn "[$func] ", @_, "\n";
53}
54
55sub belch (@) {
56 my($func) = (caller(1))[3];
9d9d5bd6 57 Carp::carp "[$func] Warning: ", @_;
96449e8e 58}
59
60sub puke (@) {
61 my($func) = (caller(1))[3];
9d9d5bd6 62 Carp::croak "[$func] Fatal: ", @_;
96449e8e 63}
64
0da0fe34 65sub is_literal_value ($) {
66 ref $_[0] eq 'SCALAR' ? [ ${$_[0]} ]
67 : ( ref $_[0] eq 'REF' and ref ${$_[0]} eq 'ARRAY' ) ? [ @${ $_[0] } ]
0da0fe34 68 : undef;
69}
70
71# FIXME XSify - this can be done so much more efficiently
72sub is_plain_value ($) {
73 no strict 'refs';
966200cc 74 ! length ref $_[0] ? \($_[0])
0da0fe34 75 : (
76 ref $_[0] eq 'HASH' and keys %{$_[0]} == 1
77 and
78 exists $_[0]->{-value}
966200cc 79 ) ? \($_[0]->{-value})
0da0fe34 80 : (
a1c9e0ff 81 # reuse @_ for even moar speedz
82 defined ( $_[1] = Scalar::Util::blessed $_[0] )
0da0fe34 83 and
84 # deliberately not using Devel::OverloadInfo - the checks we are
85 # intersted in are much more limited than the fullblown thing, and
86 # this is a very hot piece of code
87 (
e8d729d4 88 # simply using ->can('(""') can leave behind stub methods that
89 # break actually using the overload later (see L<perldiag/Stub
90 # found while resolving method "%s" overloading "%s" in package
91 # "%s"> and the source of overload::mycan())
44e54b41 92 #
0da0fe34 93 # either has stringification which DBI SHOULD prefer out of the box
a1c9e0ff 94 grep { *{ (qq[${_}::(""]) }{CODE} } @{ $_[2] = mro::get_linear_isa( $_[1] ) }
0da0fe34 95 or
20e178a8 96 # has nummification or boolification, AND fallback is *not* disabled
0da0fe34 97 (
843a94b5 98 SQL::Abstract::_ENV_::DETECT_AUTOGENERATED_STRINGIFICATION
99 and
20e178a8 100 (
101 grep { *{"${_}::(0+"}{CODE} } @{$_[2]}
102 or
103 grep { *{"${_}::(bool"}{CODE} } @{$_[2]}
104 )
0da0fe34 105 and
106 (
107 # no fallback specified at all
a1c9e0ff 108 ! ( ($_[3]) = grep { *{"${_}::()"}{CODE} } @{$_[2]} )
0da0fe34 109 or
110 # fallback explicitly undef
a1c9e0ff 111 ! defined ${"$_[3]::()"}
0da0fe34 112 or
113 # explicitly true
a1c9e0ff 114 !! ${"$_[3]::()"}
0da0fe34 115 )
116 )
117 )
966200cc 118 ) ? \($_[0])
0da0fe34 119 : undef;
120}
121
122
96449e8e 123
124#======================================================================
125# NEW
126#======================================================================
127
128sub new {
129 my $self = shift;
130 my $class = ref($self) || $self;
131 my %opt = (ref $_[0] eq 'HASH') ? %{$_[0]} : @_;
132
133 # choose our case by keeping an option around
134 delete $opt{case} if $opt{case} && $opt{case} ne 'lower';
135
136 # default logic for interpreting arrayrefs
ef559da3 137 $opt{logic} = $opt{logic} ? uc $opt{logic} : 'OR';
96449e8e 138
139 # how to return bind vars
96449e8e 140 $opt{bindtype} ||= 'normal';
141
142 # default comparison is "=", but can be overridden
143 $opt{cmp} ||= '=';
144
3af02ccb 145 # try to recognize which are the 'equality' and 'inequality' ops
3cdadcbe 146 # (temporary quickfix (in 2007), should go through a more seasoned API)
147 $opt{equality_op} = qr/^( \Q$opt{cmp}\E | \= )$/ix;
148 $opt{inequality_op} = qr/^( != | <> )$/ix;
149
150 $opt{like_op} = qr/^ (is\s+)? r?like $/xi;
151 $opt{not_like_op} = qr/^ (is\s+)? not \s+ r?like $/xi;
96449e8e 152
153 # SQL booleans
154 $opt{sqltrue} ||= '1=1';
155 $opt{sqlfalse} ||= '0=1';
156
9d48860e 157 # special operators
30af97c5 158 $opt{special_ops} ||= [];
159
b6251592 160 # regexes are applied in order, thus push after user-defines
96449e8e 161 push @{$opt{special_ops}}, @BUILTIN_SPECIAL_OPS;
162
cf06e9dc 163 if ($class->isa('DBIx::Class::SQLMaker')) {
dd1d0dbf 164 push @{$opt{special_ops}}, our $DBIC_Compat_Op ||= {
165 regex => qr/^(?:ident|value)$/i, handler => sub { die "NOPE" }
166 };
cf06e9dc 167 $opt{is_dbic_sqlmaker} = 1;
dd1d0dbf 168 }
169
9d48860e 170 # unary operators
59f23b3d 171 $opt{unary_ops} ||= [];
59f23b3d 172
3af02ccb 173 # rudimentary sanity-check for user supplied bits treated as functions/operators
b6251592 174 # If a purported function matches this regular expression, an exception is thrown.
175 # Literal SQL is *NOT* subject to this check, only functions (and column names
176 # when quoting is not in effect)
96449e8e 177
b6251592 178 # FIXME
179 # need to guard against ()'s in column names too, but this will break tons of
180 # hacks... ideas anyone?
181 $opt{injection_guard} ||= qr/
182 \;
183 |
184 ^ \s* go \s
185 /xmi;
96449e8e 186
21225d32 187 $opt{render} = {
188 (map +("-$_", "_render_$_"), qw(op func bind ident literal list)),
189 %{$opt{render}||{}}
b07681b1 190 };
191
ec19b759 192 $opt{expand_unary} = {};
193
b6251592 194 return bless \%opt, $class;
195}
96449e8e 196
e175845b 197sub sqltrue { +{ -literal => [ $_[0]->{sqltrue} ] } }
198sub sqlfalse { +{ -literal => [ $_[0]->{sqlfalse} ] } }
170e6c33 199
200sub _assert_pass_injection_guard {
201 if ($_[1] =~ $_[0]->{injection_guard}) {
202 my $class = ref $_[0];
203 puke "Possible SQL injection attempt '$_[1]'. If this is indeed a part of the "
204 . "desired SQL use literal SQL ( \'...' or \[ '...' ] ) or supply your own "
205 . "{injection_guard} attribute to ${class}->new()"
206 }
207}
208
209
96449e8e 210#======================================================================
211# INSERT methods
212#======================================================================
213
214sub insert {
02288357 215 my $self = shift;
216 my $table = $self->_table(shift);
217 my $data = shift || return;
218 my $options = shift;
96449e8e 219
220 my $method = $self->_METHOD_FOR_refkind("_insert", $data);
02288357 221 my ($sql, @bind) = $self->$method($data);
96449e8e 222 $sql = join " ", $self->_sqlcase('insert into'), $table, $sql;
02288357 223
e82e648a 224 if ($options->{returning}) {
ca4f826a 225 my ($s, @b) = $self->_insert_returning($options);
e82e648a 226 $sql .= $s;
227 push @bind, @b;
02288357 228 }
229
96449e8e 230 return wantarray ? ($sql, @bind) : $sql;
231}
232
60f3fd3f 233# So that subclasses can override INSERT ... RETURNING separately from
234# UPDATE and DELETE (e.g. DBIx::Class::SQLMaker::Oracle does this)
b17a3ece 235sub _insert_returning { shift->_returning(@_) }
236
95904db5 237sub _returning {
e82e648a 238 my ($self, $options) = @_;
6b1fe79d 239
e82e648a 240 my $f = $options->{returning};
241
79d310f2 242 my ($sql, @bind) = $self->render_aqt(
ff96fdd4 243 $self->_expand_maybe_list_expr($f, undef, -ident)
244 );
245 return wantarray
246 ? $self->_sqlcase(' returning ') . $sql
247 : ($self->_sqlcase(' returning ').$sql, @bind);
6b1fe79d 248}
249
96449e8e 250sub _insert_HASHREF { # explicit list of fields and then values
251 my ($self, $data) = @_;
252
253 my @fields = sort keys %$data;
254
fe3ae272 255 my ($sql, @bind) = $self->_insert_values($data);
96449e8e 256
257 # assemble SQL
258 $_ = $self->_quote($_) foreach @fields;
259 $sql = "( ".join(", ", @fields).") ".$sql;
260
261 return ($sql, @bind);
262}
263
264sub _insert_ARRAYREF { # just generate values(?,?) part (no list of fields)
265 my ($self, $data) = @_;
266
267 # no names (arrayref) so can't generate bindtype
268 $self->{bindtype} ne 'columns'
269 or belch "can't do 'columns' bindtype when called with arrayref";
270
19b6ccce 271 my (@values, @all_bind);
272 foreach my $value (@$data) {
273 my ($values, @bind) = $self->_insert_value(undef, $value);
274 push @values, $values;
275 push @all_bind, @bind;
276 }
277 my $sql = $self->_sqlcase('values')." ( ".join(", ", @values)." )";
278 return ($sql, @all_bind);
fe3ae272 279}
280
281sub _insert_ARRAYREFREF { # literal SQL with bind
282 my ($self, $data) = @_;
283
284 my ($sql, @bind) = @${$data};
285 $self->_assert_bindval_matches_bindtype(@bind);
286
287 return ($sql, @bind);
288}
289
290
291sub _insert_SCALARREF { # literal SQL without bind
292 my ($self, $data) = @_;
293
294 return ($$data);
295}
296
297sub _insert_values {
298 my ($self, $data) = @_;
299
96449e8e 300 my (@values, @all_bind);
fe3ae272 301 foreach my $column (sort keys %$data) {
19b6ccce 302 my ($values, @bind) = $self->_insert_value($column, $data->{$column});
303 push @values, $values;
304 push @all_bind, @bind;
305 }
306 my $sql = $self->_sqlcase('values')." ( ".join(", ", @values)." )";
307 return ($sql, @all_bind);
308}
96449e8e 309
19b6ccce 310sub _insert_value {
311 my ($self, $column, $v) = @_;
96449e8e 312
79d310f2 313 return $self->render_aqt(
720ca4f7 314 $self->_expand_insert_value($column, $v)
315 );
316}
96449e8e 317
720ca4f7 318sub _expand_insert_value {
319 my ($self, $column, $v) = @_;
96449e8e 320
720ca4f7 321 if (ref($v) eq 'ARRAY') {
322 if ($self->{array_datatypes}) {
323 return +{ -bind => [ $column, $v ] };
324 }
325 my ($sql, @bind) = @$v;
326 $self->_assert_bindval_matches_bindtype(@bind);
327 return +{ -literal => $v };
328 }
329 if (ref($v) eq 'HASH') {
330 if (grep !/^-/, keys %$v) {
331 belch "HASH ref as bind value in insert is not supported";
332 return +{ -bind => [ $column, $v ] };
333 }
334 }
335 if (!defined($v)) {
336 return +{ -bind => [ $column, undef ] };
337 }
338 local our $Cur_Col_Meta = $column;
79d310f2 339 return $self->expand_expr($v);
96449e8e 340}
341
342
96449e8e 343
344#======================================================================
345# UPDATE methods
346#======================================================================
347
348
349sub update {
95904db5 350 my $self = shift;
351 my $table = $self->_table(shift);
352 my $data = shift || return;
353 my $where = shift;
354 my $options = shift;
96449e8e 355
356 # first build the 'SET' part of the sql statement
96449e8e 357 puke "Unsupported data type specified to \$sql->update"
358 unless ref $data eq 'HASH';
359
9ade906e 360 my ($sql, @all_bind) = $self->_update_set_values($data);
a9e94508 361 $sql = $self->_sqlcase('update ') . $table . $self->_sqlcase(' set ')
9ade906e 362 . $sql;
363
364 if ($where) {
365 my($where_sql, @where_bind) = $self->where($where);
366 $sql .= $where_sql;
367 push @all_bind, @where_bind;
368 }
369
370 if ($options->{returning}) {
371 my ($returning_sql, @returning_bind) = $self->_update_returning($options);
372 $sql .= $returning_sql;
373 push @all_bind, @returning_bind;
374 }
375
376 return wantarray ? ($sql, @all_bind) : $sql;
377}
378
379sub _update_set_values {
380 my ($self, $data) = @_;
381
79d310f2 382 return $self->render_aqt(
89690da2 383 $self->_expand_update_set_values($data),
384 );
385}
96449e8e 386
89690da2 387sub _expand_update_set_values {
388 my ($self, $data) = @_;
389 $self->_expand_maybe_list_expr( [
390 map {
391 my ($k, $set) = @$_;
c4ed66f4 392 $set = { -bind => $_ } unless defined $set;
89690da2 393 +{ -op => [ '=', { -ident => $k }, $set ] };
394 }
395 map {
396 my $k = $_;
397 my $v = $data->{$k};
398 (ref($v) eq 'ARRAY'
399 ? ($self->{array_datatypes}
400 ? [ $k, +{ -bind => [ $k, $v ] } ]
401 : [ $k, +{ -literal => $v } ])
402 : do {
403 local our $Cur_Col_Meta = $k;
404 [ $k, $self->_expand_expr($v) ]
405 }
406 );
407 } sort keys %$data
408 ] );
96449e8e 409}
410
60f3fd3f 411# So that subclasses can override UPDATE ... RETURNING separately from
412# INSERT and DELETE
20bb2ad5 413sub _update_returning { shift->_returning(@_) }
96449e8e 414
415
416
417#======================================================================
418# SELECT
419#======================================================================
420
421
422sub select {
423 my $self = shift;
424 my $table = $self->_table(shift);
425 my $fields = shift || '*';
426 my $where = shift;
427 my $order = shift;
428
daa4ccdd 429 my ($fields_sql, @bind) = $self->_select_fields($fields);
96449e8e 430
daa4ccdd 431 my ($where_sql, @where_bind) = $self->where($where, $order);
432 push @bind, @where_bind;
433
434 my $sql = join(' ', $self->_sqlcase('select'), $fields_sql,
96449e8e 435 $self->_sqlcase('from'), $table)
436 . $where_sql;
437
9d48860e 438 return wantarray ? ($sql, @bind) : $sql;
96449e8e 439}
440
daa4ccdd 441sub _select_fields {
442 my ($self, $fields) = @_;
de63ce57 443 return $fields unless ref($fields);
79d310f2 444 return $self->render_aqt(
27592e2b 445 $self->_expand_maybe_list_expr($fields, undef, '-ident')
446 );
daa4ccdd 447}
448
96449e8e 449#======================================================================
450# DELETE
451#======================================================================
452
453
454sub delete {
85327cd5 455 my $self = shift;
456 my $table = $self->_table(shift);
457 my $where = shift;
458 my $options = shift;
96449e8e 459
460 my($where_sql, @bind) = $self->where($where);
a9e94508 461 my $sql = $self->_sqlcase('delete from ') . $table . $where_sql;
96449e8e 462
85327cd5 463 if ($options->{returning}) {
ca4f826a 464 my ($returning_sql, @returning_bind) = $self->_delete_returning($options);
85327cd5 465 $sql .= $returning_sql;
466 push @bind, @returning_bind;
467 }
468
9d48860e 469 return wantarray ? ($sql, @bind) : $sql;
96449e8e 470}
471
60f3fd3f 472# So that subclasses can override DELETE ... RETURNING separately from
473# INSERT and UPDATE
85327cd5 474sub _delete_returning { shift->_returning(@_) }
475
476
96449e8e 477
478#======================================================================
479# WHERE: entry point
480#======================================================================
481
482
483
484# Finally, a separate routine just to handle WHERE clauses
485sub where {
486 my ($self, $where, $order) = @_;
487
7ad12721 488 local $self->{convert_where} = $self->{convert};
489
96449e8e 490 # where ?
e175845b 491 my ($sql, @bind) = defined($where)
492 ? $self->_recurse_where($where)
493 : (undef);
417dd15e 494 $sql = (defined $sql and length $sql) ? $self->_sqlcase(' where ') . "( $sql )" : '';
96449e8e 495
496 # order by?
497 if ($order) {
26fe4d30 498 my ($order_sql, @order_bind) = $self->_order_by($order);
499 $sql .= $order_sql;
500 push @bind, @order_bind;
96449e8e 501 }
502
9d48860e 503 return wantarray ? ($sql, @bind) : $sql;
96449e8e 504}
505
79d310f2 506sub expand_expr {
54d3140f 507 my ($self, $expr, $default_scalar_to) = @_;
508 local our $Default_Scalar_To = $default_scalar_to if $default_scalar_to;
509 $self->_expand_expr($expr, undef);
79d310f2 510}
511
512sub render_aqt {
513 my ($self, $aqt) = @_;
514 my ($k, $v, @rest) = %$aqt;
515 die "No" if @rest;
21225d32 516 if (my $meth = $self->{render}{$k}) {
79d310f2 517 return $self->$meth($v);
518 }
519 die "notreached: $k";
520}
521
a2cd381d 522sub _expand_expr {
2558b622 523 my ($self, $expr, $logic, $default_scalar_to) = @_;
524 local our $Default_Scalar_To = $default_scalar_to if $default_scalar_to;
3ae10d16 525 our $Expand_Depth ||= 0; local $Expand_Depth = $Expand_Depth + 1;
252518da 526 return undef unless defined($expr);
59588695 527 if (ref($expr) eq 'HASH') {
528 if (keys %$expr > 1) {
529 $logic ||= 'and';
77617257 530 return +{ -op => [
531 $logic,
59588695 532 map $self->_expand_expr_hashpair($_ => $expr->{$_}, $logic),
533 sort keys %$expr
534 ] };
535 }
2f88d495 536 return undef unless keys %$expr;
59588695 537 return $self->_expand_expr_hashpair(%$expr, $logic);
a2cd381d 538 }
08264f40 539 if (ref($expr) eq 'ARRAY') {
99a65fa8 540 my $logic = lc($logic || $self->{logic});
08264f40 541 $logic eq 'and' or $logic eq 'or' or puke "unknown logic: $logic";
542
1c0c0f41 543 my @expr = grep {
544 (ref($_) eq 'ARRAY' and @$_)
545 or (ref($_) eq 'HASH' and %$_)
546 or 1
547 } @$expr;
08264f40 548
549 my @res;
550
551 while (my ($el) = splice @expr, 0, 1) {
552 puke "Supplying an empty left hand side argument is not supported in array-pairs"
553 unless defined($el) and length($el);
554 my $elref = ref($el);
555 if (!$elref) {
dd1d0dbf 556 local $Expand_Depth = 0;
f4082f8b 557 push(@res, grep defined, $self->_expand_expr({ $el, shift(@expr) }));
08264f40 558 } elsif ($elref eq 'ARRAY') {
f4082f8b 559 push(@res, grep defined, $self->_expand_expr($el)) if @$el;
ec857800 560 } elsif (my $l = is_literal_value($el)) {
561 push @res, { -literal => $l };
08264f40 562 } elsif ($elref eq 'HASH') {
dd1d0dbf 563 local $Expand_Depth = 0;
f4082f8b 564 push @res, grep defined, $self->_expand_expr($el) if %$el;
08264f40 565 } else {
da4a0964 566 die "notreached";
08264f40 567 }
568 }
2143604f 569 return { -op => [ $logic, @res ] };
08264f40 570 }
ca3da680 571 if (my $literal = is_literal_value($expr)) {
572 return +{ -literal => $literal };
573 }
99a65fa8 574 if (!ref($expr) or Scalar::Util::blessed($expr)) {
2558b622 575 if (my $d = $Default_Scalar_To) {
a332e2cb 576 return $self->_expand_expr({ $d => $expr });
2558b622 577 }
99a65fa8 578 if (my $m = our $Cur_Col_Meta) {
579 return +{ -bind => [ $m, $expr ] };
580 }
a332e2cb 581 return +{ -bind => [ undef, $expr ] };
252518da 582 }
252518da 583 die "notreached";
a2cd381d 584}
96449e8e 585
59588695 586sub _expand_expr_hashpair {
587 my ($self, $k, $v, $logic) = @_;
d13725da 588 unless (defined($k) and length($k)) {
2d64004f 589 if (defined($k) and my $literal = is_literal_value($v)) {
d13725da 590 belch 'Hash-pairs consisting of an empty string with a literal are deprecated, and will be removed in 2.0: use -and => [ $literal ] instead';
2d64004f 591 return { -literal => $literal };
d13725da 592 }
593 puke "Supplying an empty left hand side argument is not supported";
594 }
ef071fad 595 if ($k =~ /^-/) {
99a65fa8 596 $self->_assert_pass_injection_guard($k =~ /^-(.*)$/s);
597 if ($k =~ s/ [_\s]? \d+ $//x ) {
598 belch 'Use of [and|or|nest]_N modifiers is deprecated and will be removed in SQLA v2.0. '
599 . "You probably wanted ...-and => [ $k => COND1, $k => COND2 ... ]";
600 }
ef071fad 601 if ($k eq '-nest') {
0fc68377 602 # DBIx::Class requires a nest warning to be emitted once but the private
603 # method it overrode to do so no longer exists
cf06e9dc 604 if ($self->{is_dbic_sqlmaker}) {
605 unless (our $Nest_Warned) {
0fc68377 606 belch(
607 "-nest in search conditions is deprecated, you most probably wanted:\n"
608 .q|{..., -and => [ \%cond0, \@cond1, \'cond2', \[ 'cond3', [ col => bind ] ], etc. ], ... }|
609 );
610 $Nest_Warned = 1;
611 }
612 }
ef071fad 613 return $self->_expand_expr($v);
614 }
6ab1562a 615 if ($k eq '-bool') {
616 if (ref($v)) {
617 return $self->_expand_expr($v);
618 }
619 puke "-bool => undef not supported" unless defined($v);
620 return { -ident => $v };
621 }
99a65fa8 622 if ($k eq '-not') {
0c7e3af0 623 return { -op => [ 'not', $self->_expand_expr($v) ] };
99a65fa8 624 }
ce3bc4b0 625 if (my ($rest) = $k =~/^-not[_ ](.*)$/) {
0c7e3af0 626 return +{ -op => [
627 'not',
99a65fa8 628 $self->_expand_expr_hashpair("-${rest}", $v, $logic)
0c7e3af0 629 ] };
ce3bc4b0 630 }
99a65fa8 631 if (my ($logic) = $k =~ /^-(and|or)$/i) {
dd2d5bf7 632 if (ref($v) eq 'HASH') {
633 return $self->_expand_expr($v, $logic);
634 }
99a65fa8 635 if (ref($v) eq 'ARRAY') {
636 return $self->_expand_expr($v, $logic);
637 }
dd2d5bf7 638 }
99a65fa8 639 {
640 my $op = $k;
641 $op =~ s/^-// if length($op) > 1;
642
643 # top level special ops are illegal in general
3ae10d16 644 # note that, arguably, if it makes no sense at top level, it also
645 # makes no sense on the other side of an = sign or similar but DBIC
646 # gets disappointingly upset if I disallow it
647 if (
648 (our $Expand_Depth) == 1
649 and List::Util::first { $op =~ $_->{regex} } @{$self->{special_ops}}
650 ) {
651 puke "Illegal use of top-level '-$op'"
652 }
96a8d74a 653 if (my $us = List::Util::first { $op =~ $_->{regex} } @{$self->{unary_ops}}) {
654 return { -op => [ $op, $v ] };
655 }
99a65fa8 656 }
a332e2cb 657 if ($k eq '-value') {
658 return +{ -bind => [ our $Cur_Col_Meta, $v ] };
99a65fa8 659 }
ec19b759 660 if (my $custom = $self->{expand_unary}{$k}) {
661 return $self->$custom($v);
662 }
21225d32 663 if ($self->{render}{$k}) {
99a65fa8 664 return { $k => $v };
d13725da 665 }
711892b1 666 if (
667 ref($v) eq 'HASH'
668 and keys %$v == 1
669 and (keys %$v)[0] =~ /^-/
670 ) {
671 my ($func) = $k =~ /^-(.*)$/;
3ae10d16 672 if (List::Util::first { $func =~ $_->{regex} } @{$self->{special_ops}}) {
673 return +{ -op => [ $func, $self->_expand_expr($v) ] };
674 }
711892b1 675 return +{ -func => [ $func, $self->_expand_expr($v) ] };
676 }
677 if (!ref($v) or is_literal_value($v)) {
99a65fa8 678 return +{ -op => [ $k =~ /^-(.*)$/, $self->_expand_expr($v) ] };
59588695 679 }
99a65fa8 680 }
681 if (
682 !defined($v)
683 or (
684 ref($v) eq 'HASH'
685 and exists $v->{-value}
686 and not defined $v->{-value}
687 )
688 ) {
689 return $self->_expand_expr_hashpair($k => { $self->{cmp} => undef });
690 }
691 if (!ref($v) or Scalar::Util::blessed($v)) {
ec19b759 692 my $d = our $Default_Scalar_To;
99a65fa8 693 return +{
694 -op => [
695 $self->{cmp},
696 { -ident => $k },
ec19b759 697 ($d ? { $d => $v } : { -bind => [ $k, $v ] })
99a65fa8 698 ]
699 };
700 }
701 if (ref($v) eq 'HASH') {
702 if (keys %$v > 1) {
e175845b 703 return { -op => [
704 'and',
99a65fa8 705 map $self->_expand_expr_hashpair($k => { $_ => $v->{$_} }),
706 sort keys %$v
707 ] };
708 }
b18a95e4 709 return undef unless keys %$v;
99a65fa8 710 my ($vk, $vv) = %$v;
711 $vk =~ s/^-//;
712 $vk = lc($vk);
713 $self->_assert_pass_injection_guard($vk);
714 if ($vk =~ s/ [_\s]? \d+ $//x ) {
715 belch 'Use of [and|or|nest]_N modifiers is deprecated and will be removed in SQLA v2.0. '
716 . "You probably wanted ...-and => [ -$vk => COND1, -$vk => COND2 ... ]";
717 }
718 if ($vk =~ /^(?:not[ _])?between$/) {
719 local our $Cur_Col_Meta = $k;
720 my @rhs = map $self->_expand_expr($_),
721 ref($vv) eq 'ARRAY' ? @$vv : $vv;
722 unless (
723 (@rhs == 1 and ref($rhs[0]) eq 'HASH' and $rhs[0]->{-literal})
724 or
725 (@rhs == 2 and defined($rhs[0]) and defined($rhs[1]))
726 ) {
727 puke "Operator '${\uc($vk)}' requires either an arrayref with two defined values or expressions, or a single literal scalarref/arrayref-ref";
b5b18861 728 }
99a65fa8 729 return +{ -op => [
730 join(' ', split '_', $vk),
731 { -ident => $k },
732 @rhs
733 ] }
734 }
735 if ($vk =~ /^(?:not[ _])?in$/) {
736 if (my $literal = is_literal_value($vv)) {
737 my ($sql, @bind) = @$literal;
738 my $opened_sql = $self->_open_outer_paren($sql);
10d07c4e 739 return +{ -op => [
99a65fa8 740 $vk, { -ident => $k },
741 [ { -literal => [ $opened_sql, @bind ] } ]
10d07c4e 742 ] };
743 }
99a65fa8 744 my $undef_err =
745 'SQL::Abstract before v1.75 used to generate incorrect SQL when the '
746 . "-${\uc($vk)} operator was given an undef-containing list: !!!AUDIT YOUR CODE "
747 . 'AND DATA!!! (the upcoming Data::Query-based version of SQL::Abstract '
748 . 'will emit the logically correct SQL instead of raising this exception)'
749 ;
750 puke("Argument passed to the '${\uc($vk)}' operator can not be undefined")
751 if !defined($vv);
752 my @rhs = map $self->_expand_expr($_),
753 map { ref($_) ? $_ : { -bind => [ $k, $_ ] } }
754 map { defined($_) ? $_: puke($undef_err) }
755 (ref($vv) eq 'ARRAY' ? @$vv : $vv);
e175845b 756 return $self->${\($vk =~ /^not/ ? 'sqltrue' : 'sqlfalse')} unless @rhs;
99a65fa8 757
758 return +{ -op => [
759 join(' ', split '_', $vk),
760 { -ident => $k },
761 \@rhs
762 ] };
763 }
764 if ($vk eq 'ident') {
02b8fe35 765 if (! defined $vv or (ref($vv) and ref($vv) eq 'ARRAY')) {
766 puke "-$vk requires a single plain scalar argument (a quotable identifier) or an arrayref of identifier parts";
f7778474 767 }
99a65fa8 768 return +{ -op => [
769 $self->{cmp},
770 { -ident => $k },
771 { -ident => $vv }
772 ] };
773 }
774 if ($vk eq 'value') {
775 return $self->_expand_expr_hashpair($k, undef) unless defined($vv);
776 return +{ -op => [
777 $self->{cmp},
778 { -ident => $k },
779 { -bind => [ $k, $vv ] }
780 ] };
781 }
782 if ($vk =~ /^is(?:[ _]not)?$/) {
783 puke "$vk can only take undef as argument"
784 if defined($vv)
785 and not (
786 ref($vv) eq 'HASH'
787 and exists($vv->{-value})
788 and !defined($vv->{-value})
789 );
790 $vk =~ s/_/ /g;
791 return +{ -op => [ $vk.' null', { -ident => $k } ] };
792 }
793 if ($vk =~ /^(and|or)$/) {
794 if (ref($vv) eq 'HASH') {
e62fe58a 795 return +{ -op => [
796 $vk,
99a65fa8 797 map $self->_expand_expr_hashpair($k, { $_ => $vv->{$_} }),
798 sort keys %$vv
7d7868d1 799 ] };
800 }
e28d9b13 801 }
30af97c5 802 if (my $us = List::Util::first { $vk =~ $_->{regex} } @{$self->{special_ops}}) {
99a65fa8 803 return { -op => [ $vk, { -ident => $k }, $vv ] };
7dbe1183 804 }
96a8d74a 805 if (my $us = List::Util::first { $vk =~ $_->{regex} } @{$self->{unary_ops}}) {
806 return { -op => [
807 $self->{cmp},
808 { -ident => $k },
809 { -op => [ $vk, $vv ] }
810 ] };
811 }
99a65fa8 812 if (ref($vv) eq 'ARRAY') {
813 my ($logic, @values) = (
814 (defined($vv->[0]) and $vv->[0] =~ /^-(and|or)$/i)
815 ? @$vv
816 : (-or => @$vv)
817 );
818 if (
819 $vk =~ $self->{inequality_op}
820 or join(' ', split '_', $vk) =~ $self->{not_like_op}
821 ) {
822 if (lc($logic) eq '-or' and @values > 1) {
823 my $op = uc join ' ', split '_', $vk;
824 belch "A multi-element arrayref as an argument to the inequality op '$op' "
825 . 'is technically equivalent to an always-true 1=1 (you probably wanted '
826 . "to say ...{ \$inequality_op => [ -and => \@values ] }... instead)"
827 ;
828 }
ef071fad 829 }
b3cb13e8 830 unless (@values) {
831 # try to DWIM on equality operators
832 my $op = join ' ', split '_', $vk;
833 return
e175845b 834 $op =~ $self->{equality_op} ? $self->sqlfalse
835 : $op =~ $self->{like_op} ? belch("Supplying an empty arrayref to '@{[ uc $op]}' is deprecated") && $self->sqlfalse
836 : $op =~ $self->{inequality_op} ? $self->sqltrue
837 : $op =~ $self->{not_like_op} ? belch("Supplying an empty arrayref to '@{[ uc $op]}' is deprecated") && $self->sqltrue
b3cb13e8 838 : puke "operator '$op' applied on an empty array (field '$k')";
839 }
63c97a0b 840 return +{ -op => [
841 $logic =~ /^-(.*)$/,
99a65fa8 842 map $self->_expand_expr_hashpair($k => { $vk => $_ }),
843 @values
844 ] };
845 }
846 if (
847 !defined($vv)
848 or (
849 ref($vv) eq 'HASH'
850 and exists $vv->{-value}
851 and not defined $vv->{-value}
852 )
853 ) {
854 my $op = join ' ', split '_', $vk;
855 my $is =
856 $op =~ /^not$/i ? 'is not' # legacy
857 : $op =~ $self->{equality_op} ? 'is'
858 : $op =~ $self->{like_op} ? belch("Supplying an undefined argument to '@{[ uc $op]}' is deprecated") && 'is'
859 : $op =~ $self->{inequality_op} ? 'is not'
860 : $op =~ $self->{not_like_op} ? belch("Supplying an undefined argument to '@{[ uc $op]}' is deprecated") && 'is not'
861 : puke "unexpected operator '$op' with undef operand";
862 return +{ -op => [ $is.' null', { -ident => $k } ] };
863 }
864 local our $Cur_Col_Meta = $k;
865 return +{ -op => [
866 $vk,
867 { -ident => $k },
868 $self->_expand_expr($vv)
869 ] };
870 }
871 if (ref($v) eq 'ARRAY') {
e175845b 872 return $self->sqlfalse unless @$v;
99a65fa8 873 $self->_debug("ARRAY($k) means distribute over elements");
874 my $this_logic = (
875 $v->[0] =~ /^-((?:and|or))$/i
876 ? ($v = [ @{$v}[1..$#$v] ], $1)
877 : ($self->{logic} || 'or')
878 );
cba28f66 879 return +{ -op => [
880 $this_logic,
881 map $self->_expand_expr({ $k => $_ }, $this_logic), @$v
882 ] };
99a65fa8 883 }
884 if (my $literal = is_literal_value($v)) {
885 unless (length $k) {
886 belch 'Hash-pairs consisting of an empty string with a literal are deprecated, and will be removed in 2.0: use -and => [ $literal ] instead';
887 return \$literal;
888 }
889 my ($sql, @bind) = @$literal;
890 if ($self->{bindtype} eq 'columns') {
891 for (@bind) {
6fb2bd90 892 $self->_assert_bindval_matches_bindtype($_);
aa8d7bdb 893 }
331e2209 894 }
99a65fa8 895 return +{ -literal => [ $self->_quote($k).' '.$sql, @bind ] };
331e2209 896 }
99a65fa8 897 die "notreached";
59588695 898}
899
96449e8e 900sub _recurse_where {
901 my ($self, $where, $logic) = @_;
902
5492d4c2 903 # Special case: top level simple string treated as literal
904
905 my $where_exp = (ref($where)
ae56a156 906 ? $self->_expand_expr($where, $logic)
5492d4c2 907 : { -literal => [ $where ] });
e175845b 908
e3e27543 909 # dispatch expanded expression
311b2151 910
79d310f2 911 my ($sql, @bind) = defined($where_exp) ? $self->render_aqt($where_exp) : (undef);
abe1a491 912 # DBIx::Class used to call _recurse_where in scalar context
913 # something else might too...
914 if (wantarray) {
915 return ($sql, @bind);
916 }
917 else {
918 belch "Calling _recurse_where in scalar context is deprecated and will go away before 2.0";
919 return $sql;
920 }
96449e8e 921}
922
181dcebf 923sub _render_ident {
924 my ($self, $ident) = @_;
cc422895 925
9cf28dfb 926 return $self->_convert($self->_quote($ident));
cc422895 927}
928
c452734e 929my %unop_postfix = map +($_ => 1),
930 'is null', 'is not null',
931 'asc', 'desc',
932;
d13725da 933
b5b18861 934my %special = (
935 (map +($_ => do {
936 my $op = $_;
937 sub {
938 my ($self, $args) = @_;
939 my ($left, $low, $high) = @$args;
940 my ($rhsql, @rhbind) = do {
941 if (@$args == 2) {
942 puke "Single arg to between must be a literal"
943 unless $low->{-literal};
944 @{$low->{-literal}}
945 } else {
79d310f2 946 my ($l, $h) = map [ $self->render_aqt($_) ], $low, $high;
b5b18861 947 (join(' ', $l->[0], $self->_sqlcase('and'), $h->[0]),
948 @{$l}[1..$#$l], @{$h}[1..$#$h])
949 }
950 };
79d310f2 951 my ($lhsql, @lhbind) = $self->render_aqt($left);
b5b18861 952 return (
953 join(' ', '(', $lhsql, $self->_sqlcase($op), $rhsql, ')'),
954 @lhbind, @rhbind
955 );
956 }
957 }), 'between', 'not between'),
10d07c4e 958 (map +($_ => do {
959 my $op = $_;
960 sub {
961 my ($self, $args) = @_;
962 my ($lhs, $rhs) = @$args;
963 my @in_bind;
964 my @in_sql = map {
79d310f2 965 my ($sql, @bind) = $self->render_aqt($_);
10d07c4e 966 push @in_bind, @bind;
967 $sql;
968 } @$rhs;
79d310f2 969 my ($lhsql, @lbind) = $self->render_aqt($lhs);
10d07c4e 970 return (
971 $lhsql.' '.$self->_sqlcase($op).' ( '
972 .join(', ', @in_sql)
973 .' )',
974 @lbind, @in_bind
975 );
976 }
977 }), 'in', 'not in'),
b5b18861 978);
979
181dcebf 980sub _render_op {
981 my ($self, $v) = @_;
d13725da 982 my ($op, @args) = @$v;
983 $op =~ s/^-// if length($op) > 1;
cba28f66 984 $op = lc($op);
b5b18861 985 if (my $h = $special{$op}) {
986 return $self->$h(\@args);
987 }
3ae10d16 988 my $us = List::Util::first { $op =~ $_->{regex} } @{$self->{special_ops}};
989 if ($us and @args > 1) {
99a65fa8 990 puke "Special op '${op}' requires first value to be identifier"
991 unless my ($k) = map $_->{-ident}, grep ref($_) eq 'HASH', $args[0];
dd1d0dbf 992 local our $Expand_Depth = 1;
99a65fa8 993 return $self->${\($us->{handler})}($k, $op, $args[1]);
994 }
96a8d74a 995 if (my $us = List::Util::first { $op =~ $_->{regex} } @{$self->{unary_ops}}) {
996 return $self->${\($us->{handler})}($op, $args[0]);
997 }
99a65fa8 998 my $final_op = $op =~ /^(?:is|not)_/ ? join(' ', split '_', $op) : $op;
2143604f 999 if (@args == 1 and $op !~ /^(and|or)$/) {
79d310f2 1000 my ($expr_sql, @bind) = $self->render_aqt($args[0]);
d13725da 1001 my $op_sql = $self->_sqlcase($final_op);
1002 my $final_sql = (
1003 $unop_postfix{lc($final_op)}
1004 ? "${expr_sql} ${op_sql}"
1005 : "${op_sql} ${expr_sql}"
1006 );
3ae10d16 1007 return (($op eq 'not' || $us ? '('.$final_sql.')' : $final_sql), @bind);
16d9289c 1008 } else {
79d310f2 1009 my @parts = grep length($_->[0]), map [ $self->render_aqt($_) ], @args;
1c0c0f41 1010 return '' unless @parts;
230812fc 1011 my $is_andor = !!($op =~ /^(and|or)$/);
1012 return @{$parts[0]} if $is_andor and @parts == 1;
1013 my ($final_sql) = map +($is_andor ? "( ${_} )" : $_), join(
352d74bc 1014 ' '.$self->_sqlcase($final_op).' ',
77617257 1015 map $_->[0], @parts
1016 );
99a65fa8 1017 return (
77617257 1018 $final_sql,
16d9289c 1019 map @{$_}[1..$#$_], @parts
99a65fa8 1020 );
d13725da 1021 }
1022 die "unhandled";
1023}
1024
352d74bc 1025sub _render_list {
1026 my ($self, $list) = @_;
79d310f2 1027 my @parts = grep length($_->[0]), map [ $self->render_aqt($_) ], @$list;
352d74bc 1028 return join(', ', map $_->[0], @parts), map @{$_}[1..$#$_], @parts;
1029}
1030
181dcebf 1031sub _render_func {
1032 my ($self, $rest) = @_;
711892b1 1033 my ($func, @args) = @$rest;
1034 my @arg_sql;
1035 my @bind = map {
1036 my @x = @$_;
1037 push @arg_sql, shift @x;
1038 @x
79d310f2 1039 } map [ $self->render_aqt($_) ], @args;
711892b1 1040 return ($self->_sqlcase($func).'('.join(', ', @arg_sql).')', @bind);
1041}
1042
181dcebf 1043sub _render_bind {
1044 my ($self, $bind) = @_;
d13725da 1045 return ($self->_convert('?'), $self->_bindtype(@$bind));
1046}
1047
181dcebf 1048sub _render_literal {
1049 my ($self, $literal) = @_;
465d43fd 1050 $self->_assert_bindval_matches_bindtype(@{$literal}[1..$#$literal]);
aa8d7bdb 1051 return @$literal;
1052}
1053
4a1f01a3 1054# Some databases (SQLite) treat col IN (1, 2) different from
1055# col IN ( (1, 2) ). Use this to strip all outer parens while
1056# adding them back in the corresponding method
1057sub _open_outer_paren {
1058 my ($self, $sql) = @_;
a5f91feb 1059
ca4f826a 1060 while (my ($inner) = $sql =~ /^ \s* \( (.*) \) \s* $/xs) {
a5f91feb 1061
1062 # there are closing parens inside, need the heavy duty machinery
1063 # to reevaluate the extraction starting from $sql (full reevaluation)
ca4f826a 1064 if ($inner =~ /\)/) {
a5f91feb 1065 require Text::Balanced;
1066
1067 my (undef, $remainder) = do {
1068 # idiotic design - writes to $@ but *DOES NOT* throw exceptions
1069 local $@;
ca4f826a 1070 Text::Balanced::extract_bracketed($sql, '()', qr/\s*/);
a5f91feb 1071 };
1072
1073 # the entire expression needs to be a balanced bracketed thing
1074 # (after an extract no remainder sans trailing space)
1075 last if defined $remainder and $remainder =~ /\S/;
1076 }
1077
1078 $sql = $inner;
1079 }
1080
1081 $sql;
4a1f01a3 1082}
1083
96449e8e 1084
96449e8e 1085#======================================================================
1086# ORDER BY
1087#======================================================================
1088
33177570 1089sub _expand_order_by {
96449e8e 1090 my ($self, $arg) = @_;
1091
33177570 1092 return unless defined($arg) and not (ref($arg) eq 'ARRAY' and !@$arg);
2b6158af 1093
4325df6a 1094 my $expander = sub {
1095 my ($self, $dir, $expr) = @_;
52ca537e 1096 my @to_expand = ref($expr) eq 'ARRAY' ? @$expr : $expr;
1097 foreach my $arg (@to_expand) {
1098 if (
1099 ref($arg) eq 'HASH'
1100 and keys %$arg > 1
1101 and grep /^-(asc|desc)$/, keys %$arg
1102 ) {
1103 puke "ordering direction hash passed to order by must have exactly one key (-asc or -desc)";
1104 }
1105 }
4325df6a 1106 my @exp = map +(defined($dir) ? { -op => [ $dir => $_ ] } : $_),
79d310f2 1107 map $self->expand_expr($_, -ident),
74156ee9 1108 map ref($_) eq 'ARRAY' ? @$_ : $_, @to_expand;
352d74bc 1109 return (@exp > 1 ? { -list => \@exp } : $exp[0]);
4325df6a 1110 };
18c743c8 1111
ec19b759 1112 local @{$self->{expand_unary}}{qw(-asc -desc)} = (
1113 sub { shift->$expander(asc => @_) },
1114 sub { shift->$expander(desc => @_) },
1115 );
f267b646 1116
33177570 1117 return $self->$expander(undef, $arg);
1118}
1119
1120sub _order_by {
1121 my ($self, $arg) = @_;
1122
1123 return '' unless defined(my $expanded = $self->_expand_order_by($arg));
4325df6a 1124
79d310f2 1125 my ($sql, @bind) = $self->render_aqt($expanded);
4325df6a 1126
13cd9220 1127 return '' unless length($sql);
1128
4325df6a 1129 my $final_sql = $self->_sqlcase(' order by ').$sql;
1130
1131 return wantarray ? ($final_sql, @bind) : $final_sql;
f267b646 1132}
1133
2e3cc357 1134# _order_by no longer needs to call this so doesn't but DBIC uses it.
1135
33177570 1136sub _order_by_chunks {
1137 my ($self, $arg) = @_;
1138
1139 return () unless defined(my $expanded = $self->_expand_order_by($arg));
1140
2e3cc357 1141 return $self->_chunkify_order_by($expanded);
1142}
1143
1144sub _chunkify_order_by {
1145 my ($self, $expanded) = @_;
1b630cfe 1146
79d310f2 1147 return grep length, $self->render_aqt($expanded)
1b630cfe 1148 if $expanded->{-ident} or @{$expanded->{-literal}||[]} == 1;
1149
33177570 1150 for ($expanded) {
352d74bc 1151 if (ref() eq 'HASH' and my $l = $_->{-list}) {
1152 return map $self->_chunkify_order_by($_), @$l;
33177570 1153 }
79d310f2 1154 return [ $self->render_aqt($_) ];
33177570 1155 }
1156}
1157
96449e8e 1158#======================================================================
1159# DATASOURCE (FOR NOW, JUST PLAIN TABLE OR LIST OF TABLES)
1160#======================================================================
1161
1162sub _table {
1163 my $self = shift;
1164 my $from = shift;
79d310f2 1165 ($self->render_aqt(
8476c6a3 1166 $self->_expand_maybe_list_expr($from, undef, -ident)
7ad12721 1167 ))[0];
96449e8e 1168}
1169
1170
1171#======================================================================
1172# UTILITY FUNCTIONS
1173#======================================================================
1174
8476c6a3 1175sub _expand_maybe_list_expr {
1176 my ($self, $expr, $logic, $default) = @_;
bba04f52 1177 my $e = do {
1178 if (ref($expr) eq 'ARRAY') {
352d74bc 1179 return { -list => [
1180 map $self->_expand_expr($_, $logic, $default), @$expr
bba04f52 1181 ] } if @$expr > 1;
1182 $expr->[0]
1183 } else {
1184 $expr
1185 }
1186 };
1187 return $self->_expand_expr($e, $logic, $default);
8476c6a3 1188}
1189
955e77ca 1190# highly optimized, as it's called way too often
96449e8e 1191sub _quote {
955e77ca 1192 # my ($self, $label) = @_;
96449e8e 1193
955e77ca 1194 return '' unless defined $_[1];
955e77ca 1195 return ${$_[1]} if ref($_[1]) eq 'SCALAR';
d3162b5c 1196 puke 'Identifier cannot be hashref' if ref($_[1]) eq 'HASH';
96449e8e 1197
d3162b5c 1198 unless ($_[0]->{quote_char}) {
1199 if (ref($_[1]) eq 'ARRAY') {
1200 return join($_[0]->{name_sep}||'.', @{$_[1]});
1201 } else {
1202 $_[0]->_assert_pass_injection_guard($_[1]);
1203 return $_[1];
1204 }
1205 }
96449e8e 1206
07d7c35c 1207 my $qref = ref $_[0]->{quote_char};
439834d3 1208 my ($l, $r) =
1209 !$qref ? ($_[0]->{quote_char}, $_[0]->{quote_char})
1210 : ($qref eq 'ARRAY') ? @{$_[0]->{quote_char}}
1211 : puke "Unsupported quote_char format: $_[0]->{quote_char}";
1212
46be4313 1213 my $esc = $_[0]->{escape_char} || $r;
96449e8e 1214
07d7c35c 1215 # parts containing * are naturally unquoted
d3162b5c 1216 return join(
1217 $_[0]->{name_sep}||'',
1218 map +(
1219 $_ eq '*'
1220 ? $_
1221 : do { (my $n = $_) =~ s/(\Q$esc\E|\Q$r\E)/$esc$1/g; $l . $n . $r }
1222 ),
1223 (ref($_[1]) eq 'ARRAY'
1224 ? @{$_[1]}
1225 : (
1226 $_[0]->{name_sep}
1227 ? split (/\Q$_[0]->{name_sep}\E/, $_[1] )
1228 : $_[1]
1229 )
1230 )
955e77ca 1231 );
96449e8e 1232}
1233
1234
1235# Conversion, if applicable
d7c862e0 1236sub _convert {
07d7c35c 1237 #my ($self, $arg) = @_;
7ad12721 1238 if ($_[0]->{convert_where}) {
1239 return $_[0]->_sqlcase($_[0]->{convert_where}) .'(' . $_[1] . ')';
96449e8e 1240 }
07d7c35c 1241 return $_[1];
96449e8e 1242}
1243
1244# And bindtype
d7c862e0 1245sub _bindtype {
07d7c35c 1246 #my ($self, $col, @vals) = @_;
07d7c35c 1247 # called often - tighten code
1248 return $_[0]->{bindtype} eq 'columns'
1249 ? map {[$_[1], $_]} @_[2 .. $#_]
1250 : @_[2 .. $#_]
1251 ;
96449e8e 1252}
1253
fe3ae272 1254# Dies if any element of @bind is not in [colname => value] format
1255# if bindtype is 'columns'.
1256sub _assert_bindval_matches_bindtype {
c94a6c93 1257# my ($self, @bind) = @_;
1258 my $self = shift;
fe3ae272 1259 if ($self->{bindtype} eq 'columns') {
c94a6c93 1260 for (@_) {
1261 if (!defined $_ || ref($_) ne 'ARRAY' || @$_ != 2) {
3a06278c 1262 puke "bindtype 'columns' selected, you need to pass: [column_name => bind_value]"
fe3ae272 1263 }
1264 }
1265 }
1266}
1267
96449e8e 1268sub _join_sql_clauses {
1269 my ($self, $logic, $clauses_aref, $bind_aref) = @_;
1270
1271 if (@$clauses_aref > 1) {
1272 my $join = " " . $self->_sqlcase($logic) . " ";
1273 my $sql = '( ' . join($join, @$clauses_aref) . ' )';
1274 return ($sql, @$bind_aref);
1275 }
1276 elsif (@$clauses_aref) {
1277 return ($clauses_aref->[0], @$bind_aref); # no parentheses
1278 }
1279 else {
1280 return (); # if no SQL, ignore @$bind_aref
1281 }
1282}
1283
1284
1285# Fix SQL case, if so requested
1286sub _sqlcase {
96449e8e 1287 # LDNOTE: if $self->{case} is true, then it contains 'lower', so we
1288 # don't touch the argument ... crooked logic, but let's not change it!
07d7c35c 1289 return $_[0]->{case} ? $_[1] : uc($_[1]);
96449e8e 1290}
1291
1292
1293#======================================================================
1294# DISPATCHING FROM REFKIND
1295#======================================================================
1296
1297sub _refkind {
1298 my ($self, $data) = @_;
96449e8e 1299
955e77ca 1300 return 'UNDEF' unless defined $data;
1301
1302 # blessed objects are treated like scalars
1303 my $ref = (Scalar::Util::blessed $data) ? '' : ref $data;
1304
1305 return 'SCALAR' unless $ref;
1306
1307 my $n_steps = 1;
1308 while ($ref eq 'REF') {
96449e8e 1309 $data = $$data;
955e77ca 1310 $ref = (Scalar::Util::blessed $data) ? '' : ref $data;
1311 $n_steps++ if $ref;
96449e8e 1312 }
1313
848556bc 1314 return ($ref||'SCALAR') . ('REF' x $n_steps);
96449e8e 1315}
1316
1317sub _try_refkind {
1318 my ($self, $data) = @_;
1319 my @try = ($self->_refkind($data));
1320 push @try, 'SCALAR_or_UNDEF' if $try[0] eq 'SCALAR' || $try[0] eq 'UNDEF';
1321 push @try, 'FALLBACK';
955e77ca 1322 return \@try;
96449e8e 1323}
1324
1325sub _METHOD_FOR_refkind {
1326 my ($self, $meth_prefix, $data) = @_;
f39eaa60 1327
1328 my $method;
955e77ca 1329 for (@{$self->_try_refkind($data)}) {
f39eaa60 1330 $method = $self->can($meth_prefix."_".$_)
1331 and last;
1332 }
1333
1334 return $method || puke "cannot dispatch on '$meth_prefix' for ".$self->_refkind($data);
96449e8e 1335}
1336
1337
1338sub _SWITCH_refkind {
1339 my ($self, $data, $dispatch_table) = @_;
1340
f39eaa60 1341 my $coderef;
955e77ca 1342 for (@{$self->_try_refkind($data)}) {
f39eaa60 1343 $coderef = $dispatch_table->{$_}
1344 and last;
1345 }
1346
1347 puke "no dispatch entry for ".$self->_refkind($data)
1348 unless $coderef;
1349
96449e8e 1350 $coderef->();
1351}
1352
1353
1354
1355
1356#======================================================================
1357# VALUES, GENERATE, AUTOLOAD
1358#======================================================================
1359
1360# LDNOTE: original code from nwiger, didn't touch code in that section
1361# I feel the AUTOLOAD stuff should not be the default, it should
1362# only be activated on explicit demand by user.
1363
1364sub values {
1365 my $self = shift;
1366 my $data = shift || return;
1367 puke "Argument to ", __PACKAGE__, "->values must be a \\%hash"
1368 unless ref $data eq 'HASH';
bab725ce 1369
1370 my @all_bind;
ca4f826a 1371 foreach my $k (sort keys %$data) {
bab725ce 1372 my $v = $data->{$k};
1373 $self->_SWITCH_refkind($v, {
9d48860e 1374 ARRAYREF => sub {
bab725ce 1375 if ($self->{array_datatypes}) { # array datatype
1376 push @all_bind, $self->_bindtype($k, $v);
1377 }
1378 else { # literal SQL with bind
1379 my ($sql, @bind) = @$v;
1380 $self->_assert_bindval_matches_bindtype(@bind);
1381 push @all_bind, @bind;
1382 }
1383 },
1384 ARRAYREFREF => sub { # literal SQL with bind
1385 my ($sql, @bind) = @${$v};
1386 $self->_assert_bindval_matches_bindtype(@bind);
1387 push @all_bind, @bind;
1388 },
1389 SCALARREF => sub { # literal SQL without bind
1390 },
1391 SCALAR_or_UNDEF => sub {
1392 push @all_bind, $self->_bindtype($k, $v);
1393 },
1394 });
1395 }
1396
1397 return @all_bind;
96449e8e 1398}
1399
1400sub generate {
1401 my $self = shift;
1402
1403 my(@sql, @sqlq, @sqlv);
1404
1405 for (@_) {
1406 my $ref = ref $_;
1407 if ($ref eq 'HASH') {
1408 for my $k (sort keys %$_) {
1409 my $v = $_->{$k};
1410 my $r = ref $v;
1411 my $label = $self->_quote($k);
1412 if ($r eq 'ARRAY') {
fe3ae272 1413 # literal SQL with bind
1414 my ($sql, @bind) = @$v;
1415 $self->_assert_bindval_matches_bindtype(@bind);
96449e8e 1416 push @sqlq, "$label = $sql";
fe3ae272 1417 push @sqlv, @bind;
96449e8e 1418 } elsif ($r eq 'SCALAR') {
fe3ae272 1419 # literal SQL without bind
96449e8e 1420 push @sqlq, "$label = $$v";
9d48860e 1421 } else {
96449e8e 1422 push @sqlq, "$label = ?";
1423 push @sqlv, $self->_bindtype($k, $v);
1424 }
1425 }
1426 push @sql, $self->_sqlcase('set'), join ', ', @sqlq;
1427 } elsif ($ref eq 'ARRAY') {
1428 # unlike insert(), assume these are ONLY the column names, i.e. for SQL
1429 for my $v (@$_) {
1430 my $r = ref $v;
fe3ae272 1431 if ($r eq 'ARRAY') { # literal SQL with bind
1432 my ($sql, @bind) = @$v;
1433 $self->_assert_bindval_matches_bindtype(@bind);
1434 push @sqlq, $sql;
1435 push @sqlv, @bind;
1436 } elsif ($r eq 'SCALAR') { # literal SQL without bind
96449e8e 1437 # embedded literal SQL
1438 push @sqlq, $$v;
9d48860e 1439 } else {
96449e8e 1440 push @sqlq, '?';
1441 push @sqlv, $v;
1442 }
1443 }
1444 push @sql, '(' . join(', ', @sqlq) . ')';
1445 } elsif ($ref eq 'SCALAR') {
1446 # literal SQL
1447 push @sql, $$_;
1448 } else {
1449 # strings get case twiddled
1450 push @sql, $self->_sqlcase($_);
1451 }
1452 }
1453
1454 my $sql = join ' ', @sql;
1455
1456 # this is pretty tricky
1457 # if ask for an array, return ($stmt, @bind)
1458 # otherwise, s/?/shift @sqlv/ to put it inline
1459 if (wantarray) {
1460 return ($sql, @sqlv);
1461 } else {
1462 1 while $sql =~ s/\?/my $d = shift(@sqlv);
1463 ref $d ? $d->[1] : $d/e;
1464 return $sql;
1465 }
1466}
1467
1468
1469sub DESTROY { 1 }
1470
1471sub AUTOLOAD {
1472 # This allows us to check for a local, then _form, attr
1473 my $self = shift;
1474 my($name) = $AUTOLOAD =~ /.*::(.+)/;
1475 return $self->generate($name, @_);
1476}
1477
14781;
1479
1480
1481
1482__END__
32eab2da 1483
1484=head1 NAME
1485
1486SQL::Abstract - Generate SQL from Perl data structures
1487
1488=head1 SYNOPSIS
1489
1490 use SQL::Abstract;
1491
1492 my $sql = SQL::Abstract->new;
1493
85783f3c 1494 my($stmt, @bind) = $sql->select($source, \@fields, \%where, $order);
32eab2da 1495
1496 my($stmt, @bind) = $sql->insert($table, \%fieldvals || \@values);
1497
1498 my($stmt, @bind) = $sql->update($table, \%fieldvals, \%where);
1499
1500 my($stmt, @bind) = $sql->delete($table, \%where);
1501
1502 # Then, use these in your DBI statements
1503 my $sth = $dbh->prepare($stmt);
1504 $sth->execute(@bind);
1505
1506 # Just generate the WHERE clause
85783f3c 1507 my($stmt, @bind) = $sql->where(\%where, $order);
32eab2da 1508
1509 # Return values in the same order, for hashed queries
1510 # See PERFORMANCE section for more details
1511 my @bind = $sql->values(\%fieldvals);
1512
1513=head1 DESCRIPTION
1514
1515This module was inspired by the excellent L<DBIx::Abstract>.
1516However, in using that module I found that what I really wanted
1517to do was generate SQL, but still retain complete control over my
1518statement handles and use the DBI interface. So, I set out to
1519create an abstract SQL generation module.
1520
1521While based on the concepts used by L<DBIx::Abstract>, there are
1522several important differences, especially when it comes to WHERE
1523clauses. I have modified the concepts used to make the SQL easier
1524to generate from Perl data structures and, IMO, more intuitive.
1525The underlying idea is for this module to do what you mean, based
1526on the data structures you provide it. The big advantage is that
1527you don't have to modify your code every time your data changes,
1528as this module figures it out.
1529
1530To begin with, an SQL INSERT is as easy as just specifying a hash
1531of C<key=value> pairs:
1532
1533 my %data = (
1534 name => 'Jimbo Bobson',
1535 phone => '123-456-7890',
1536 address => '42 Sister Lane',
1537 city => 'St. Louis',
1538 state => 'Louisiana',
1539 );
1540
1541The SQL can then be generated with this:
1542
1543 my($stmt, @bind) = $sql->insert('people', \%data);
1544
1545Which would give you something like this:
1546
1547 $stmt = "INSERT INTO people
1548 (address, city, name, phone, state)
1549 VALUES (?, ?, ?, ?, ?)";
1550 @bind = ('42 Sister Lane', 'St. Louis', 'Jimbo Bobson',
1551 '123-456-7890', 'Louisiana');
1552
1553These are then used directly in your DBI code:
1554
1555 my $sth = $dbh->prepare($stmt);
1556 $sth->execute(@bind);
1557
96449e8e 1558=head2 Inserting and Updating Arrays
1559
1560If your database has array types (like for example Postgres),
1561activate the special option C<< array_datatypes => 1 >>
9d48860e 1562when creating the C<SQL::Abstract> object.
96449e8e 1563Then you may use an arrayref to insert and update database array types:
1564
1565 my $sql = SQL::Abstract->new(array_datatypes => 1);
1566 my %data = (
1567 planets => [qw/Mercury Venus Earth Mars/]
1568 );
9d48860e 1569
96449e8e 1570 my($stmt, @bind) = $sql->insert('solar_system', \%data);
1571
1572This results in:
1573
1574 $stmt = "INSERT INTO solar_system (planets) VALUES (?)"
1575
1576 @bind = (['Mercury', 'Venus', 'Earth', 'Mars']);
1577
1578
1579=head2 Inserting and Updating SQL
1580
1581In order to apply SQL functions to elements of your C<%data> you may
1582specify a reference to an arrayref for the given hash value. For example,
1583if you need to execute the Oracle C<to_date> function on a value, you can
1584say something like this:
32eab2da 1585
1586 my %data = (
1587 name => 'Bill',
3ae1c5e2 1588 date_entered => \[ "to_date(?,'MM/DD/YYYY')", "03/02/2003" ],
9d48860e 1589 );
32eab2da 1590
1591The first value in the array is the actual SQL. Any other values are
1592optional and would be included in the bind values array. This gives
1593you:
1594
1595 my($stmt, @bind) = $sql->insert('people', \%data);
1596
9d48860e 1597 $stmt = "INSERT INTO people (name, date_entered)
32eab2da 1598 VALUES (?, to_date(?,'MM/DD/YYYY'))";
1599 @bind = ('Bill', '03/02/2003');
1600
1601An UPDATE is just as easy, all you change is the name of the function:
1602
1603 my($stmt, @bind) = $sql->update('people', \%data);
1604
1605Notice that your C<%data> isn't touched; the module will generate
1606the appropriately quirky SQL for you automatically. Usually you'll
1607want to specify a WHERE clause for your UPDATE, though, which is
1608where handling C<%where> hashes comes in handy...
1609
96449e8e 1610=head2 Complex where statements
1611
32eab2da 1612This module can generate pretty complicated WHERE statements
1613easily. For example, simple C<key=value> pairs are taken to mean
1614equality, and if you want to see if a field is within a set
1615of values, you can use an arrayref. Let's say we wanted to
1616SELECT some data based on this criteria:
1617
1618 my %where = (
1619 requestor => 'inna',
1620 worker => ['nwiger', 'rcwe', 'sfz'],
1621 status => { '!=', 'completed' }
1622 );
1623
1624 my($stmt, @bind) = $sql->select('tickets', '*', \%where);
1625
1626The above would give you something like this:
1627
1628 $stmt = "SELECT * FROM tickets WHERE
1629 ( requestor = ? ) AND ( status != ? )
1630 AND ( worker = ? OR worker = ? OR worker = ? )";
1631 @bind = ('inna', 'completed', 'nwiger', 'rcwe', 'sfz');
1632
1633Which you could then use in DBI code like so:
1634
1635 my $sth = $dbh->prepare($stmt);
1636 $sth->execute(@bind);
1637
1638Easy, eh?
1639
0da0fe34 1640=head1 METHODS
32eab2da 1641
13cc86af 1642The methods are simple. There's one for every major SQL operation,
32eab2da 1643and a constructor you use first. The arguments are specified in a
13cc86af 1644similar order for each method (table, then fields, then a where
32eab2da 1645clause) to try and simplify things.
1646
32eab2da 1647=head2 new(option => 'value')
1648
1649The C<new()> function takes a list of options and values, and returns
1650a new B<SQL::Abstract> object which can then be used to generate SQL
1651through the methods below. The options accepted are:
1652
1653=over
1654
1655=item case
1656
1657If set to 'lower', then SQL will be generated in all lowercase. By
1658default SQL is generated in "textbook" case meaning something like:
1659
1660 SELECT a_field FROM a_table WHERE some_field LIKE '%someval%'
1661
96449e8e 1662Any setting other than 'lower' is ignored.
1663
32eab2da 1664=item cmp
1665
1666This determines what the default comparison operator is. By default
1667it is C<=>, meaning that a hash like this:
1668
1669 %where = (name => 'nwiger', email => 'nate@wiger.org');
1670
1671Will generate SQL like this:
1672
1673 WHERE name = 'nwiger' AND email = 'nate@wiger.org'
1674
1675However, you may want loose comparisons by default, so if you set
1676C<cmp> to C<like> you would get SQL such as:
1677
1678 WHERE name like 'nwiger' AND email like 'nate@wiger.org'
1679
3af02ccb 1680You can also override the comparison on an individual basis - see
32eab2da 1681the huge section on L</"WHERE CLAUSES"> at the bottom.
1682
96449e8e 1683=item sqltrue, sqlfalse
1684
1685Expressions for inserting boolean values within SQL statements.
6e0c6552 1686By default these are C<1=1> and C<1=0>. They are used
1687by the special operators C<-in> and C<-not_in> for generating
1688correct SQL even when the argument is an empty array (see below).
96449e8e 1689
32eab2da 1690=item logic
1691
1692This determines the default logical operator for multiple WHERE
7cac25e6 1693statements in arrays or hashes. If absent, the default logic is "or"
1694for arrays, and "and" for hashes. This means that a WHERE
32eab2da 1695array of the form:
1696
1697 @where = (
9d48860e 1698 event_date => {'>=', '2/13/99'},
1699 event_date => {'<=', '4/24/03'},
32eab2da 1700 );
1701
7cac25e6 1702will generate SQL like this:
32eab2da 1703
1704 WHERE event_date >= '2/13/99' OR event_date <= '4/24/03'
1705
1706This is probably not what you want given this query, though (look
1707at the dates). To change the "OR" to an "AND", simply specify:
1708
1709 my $sql = SQL::Abstract->new(logic => 'and');
1710
1711Which will change the above C<WHERE> to:
1712
1713 WHERE event_date >= '2/13/99' AND event_date <= '4/24/03'
1714
96449e8e 1715The logic can also be changed locally by inserting
be21dde3 1716a modifier in front of an arrayref:
96449e8e 1717
9d48860e 1718 @where = (-and => [event_date => {'>=', '2/13/99'},
7cac25e6 1719 event_date => {'<=', '4/24/03'} ]);
96449e8e 1720
1721See the L</"WHERE CLAUSES"> section for explanations.
1722
32eab2da 1723=item convert
1724
1725This will automatically convert comparisons using the specified SQL
1726function for both column and value. This is mostly used with an argument
1727of C<upper> or C<lower>, so that the SQL will have the effect of
1728case-insensitive "searches". For example, this:
1729
1730 $sql = SQL::Abstract->new(convert => 'upper');
1731 %where = (keywords => 'MaKe iT CAse inSeNSItive');
1732
1733Will turn out the following SQL:
1734
1735 WHERE upper(keywords) like upper('MaKe iT CAse inSeNSItive')
1736
1737The conversion can be C<upper()>, C<lower()>, or any other SQL function
1738that can be applied symmetrically to fields (actually B<SQL::Abstract> does
1739not validate this option; it will just pass through what you specify verbatim).
1740
1741=item bindtype
1742
1743This is a kludge because many databases suck. For example, you can't
1744just bind values using DBI's C<execute()> for Oracle C<CLOB> or C<BLOB> fields.
1745Instead, you have to use C<bind_param()>:
1746
1747 $sth->bind_param(1, 'reg data');
1748 $sth->bind_param(2, $lots, {ora_type => ORA_CLOB});
1749
1750The problem is, B<SQL::Abstract> will normally just return a C<@bind> array,
1751which loses track of which field each slot refers to. Fear not.
1752
1753If you specify C<bindtype> in new, you can determine how C<@bind> is returned.
1754Currently, you can specify either C<normal> (default) or C<columns>. If you
1755specify C<columns>, you will get an array that looks like this:
1756
1757 my $sql = SQL::Abstract->new(bindtype => 'columns');
1758 my($stmt, @bind) = $sql->insert(...);
1759
1760 @bind = (
1761 [ 'column1', 'value1' ],
1762 [ 'column2', 'value2' ],
1763 [ 'column3', 'value3' ],
1764 );
1765
1766You can then iterate through this manually, using DBI's C<bind_param()>.
e3f9dff4 1767
32eab2da 1768 $sth->prepare($stmt);
1769 my $i = 1;
1770 for (@bind) {
1771 my($col, $data) = @$_;
1772 if ($col eq 'details' || $col eq 'comments') {
1773 $sth->bind_param($i, $data, {ora_type => ORA_CLOB});
1774 } elsif ($col eq 'image') {
1775 $sth->bind_param($i, $data, {ora_type => ORA_BLOB});
1776 } else {
1777 $sth->bind_param($i, $data);
1778 }
1779 $i++;
1780 }
1781 $sth->execute; # execute without @bind now
1782
1783Now, why would you still use B<SQL::Abstract> if you have to do this crap?
1784Basically, the advantage is still that you don't have to care which fields
1785are or are not included. You could wrap that above C<for> loop in a simple
1786sub called C<bind_fields()> or something and reuse it repeatedly. You still
1787get a layer of abstraction over manual SQL specification.
1788
3ae1c5e2 1789Note that if you set L</bindtype> to C<columns>, the C<\[ $sql, @bind ]>
deb148a2 1790construct (see L</Literal SQL with placeholders and bind values (subqueries)>)
1791will expect the bind values in this format.
1792
32eab2da 1793=item quote_char
1794
1795This is the character that a table or column name will be quoted
9d48860e 1796with. By default this is an empty string, but you could set it to
32eab2da 1797the character C<`>, to generate SQL like this:
1798
1799 SELECT `a_field` FROM `a_table` WHERE `some_field` LIKE '%someval%'
1800
96449e8e 1801Alternatively, you can supply an array ref of two items, the first being the left
1802hand quote character, and the second the right hand quote character. For
1803example, you could supply C<['[',']']> for SQL Server 2000 compliant quotes
1804that generates SQL like this:
1805
1806 SELECT [a_field] FROM [a_table] WHERE [some_field] LIKE '%someval%'
1807
9d48860e 1808Quoting is useful if you have tables or columns names that are reserved
96449e8e 1809words in your database's SQL dialect.
32eab2da 1810
46be4313 1811=item escape_char
1812
1813This is the character that will be used to escape L</quote_char>s appearing
1814in an identifier before it has been quoted.
1815
80790166 1816The parameter default in case of a single L</quote_char> character is the quote
46be4313 1817character itself.
1818
1819When opening-closing-style quoting is used (L</quote_char> is an arrayref)
9de2bd86 1820this parameter defaults to the B<closing (right)> L</quote_char>. Occurrences
46be4313 1821of the B<opening (left)> L</quote_char> within the identifier are currently left
1822untouched. The default for opening-closing-style quotes may change in future
1823versions, thus you are B<strongly encouraged> to specify the escape character
1824explicitly.
1825
32eab2da 1826=item name_sep
1827
1828This is the character that separates a table and column name. It is
1829necessary to specify this when the C<quote_char> option is selected,
1830so that tables and column names can be individually quoted like this:
1831
1832 SELECT `table`.`one_field` FROM `table` WHERE `table`.`other_field` = 1
1833
b6251592 1834=item injection_guard
1835
1836A regular expression C<qr/.../> that is applied to any C<-function> and unquoted
1837column name specified in a query structure. This is a safety mechanism to avoid
1838injection attacks when mishandling user input e.g.:
1839
1840 my %condition_as_column_value_pairs = get_values_from_user();
1841 $sqla->select( ... , \%condition_as_column_value_pairs );
1842
1843If the expression matches an exception is thrown. Note that literal SQL
1844supplied via C<\'...'> or C<\['...']> is B<not> checked in any way.
1845
1846Defaults to checking for C<;> and the C<GO> keyword (TransactSQL)
1847
96449e8e 1848=item array_datatypes
32eab2da 1849
9d48860e 1850When this option is true, arrayrefs in INSERT or UPDATE are
1851interpreted as array datatypes and are passed directly
96449e8e 1852to the DBI layer.
1853When this option is false, arrayrefs are interpreted
1854as literal SQL, just like refs to arrayrefs
1855(but this behavior is for backwards compatibility; when writing
1856new queries, use the "reference to arrayref" syntax
1857for literal SQL).
32eab2da 1858
32eab2da 1859
96449e8e 1860=item special_ops
32eab2da 1861
9d48860e 1862Takes a reference to a list of "special operators"
96449e8e 1863to extend the syntax understood by L<SQL::Abstract>.
1864See section L</"SPECIAL OPERATORS"> for details.
32eab2da 1865
59f23b3d 1866=item unary_ops
1867
9d48860e 1868Takes a reference to a list of "unary operators"
59f23b3d 1869to extend the syntax understood by L<SQL::Abstract>.
1870See section L</"UNARY OPERATORS"> for details.
1871
32eab2da 1872
32eab2da 1873
96449e8e 1874=back
32eab2da 1875
02288357 1876=head2 insert($table, \@values || \%fieldvals, \%options)
32eab2da 1877
1878This is the simplest function. You simply give it a table name
1879and either an arrayref of values or hashref of field/value pairs.
1880It returns an SQL INSERT statement and a list of bind values.
96449e8e 1881See the sections on L</"Inserting and Updating Arrays"> and
1882L</"Inserting and Updating SQL"> for information on how to insert
1883with those data types.
32eab2da 1884
02288357 1885The optional C<\%options> hash reference may contain additional
1886options to generate the insert SQL. Currently supported options
1887are:
1888
1889=over 4
1890
1891=item returning
1892
1893Takes either a scalar of raw SQL fields, or an array reference of
1894field names, and adds on an SQL C<RETURNING> statement at the end.
1895This allows you to return data generated by the insert statement
1896(such as row IDs) without performing another C<SELECT> statement.
1897Note, however, this is not part of the SQL standard and may not
1898be supported by all database engines.
1899
1900=back
1901
95904db5 1902=head2 update($table, \%fieldvals, \%where, \%options)
32eab2da 1903
1904This takes a table, hashref of field/value pairs, and an optional
86298391 1905hashref L<WHERE clause|/WHERE CLAUSES>. It returns an SQL UPDATE function and a list
32eab2da 1906of bind values.
96449e8e 1907See the sections on L</"Inserting and Updating Arrays"> and
1908L</"Inserting and Updating SQL"> for information on how to insert
1909with those data types.
32eab2da 1910
95904db5 1911The optional C<\%options> hash reference may contain additional
1912options to generate the update SQL. Currently supported options
1913are:
1914
1915=over 4
1916
1917=item returning
1918
1919See the C<returning> option to
1920L<insert|/insert($table, \@values || \%fieldvals, \%options)>.
1921
1922=back
1923
96449e8e 1924=head2 select($source, $fields, $where, $order)
32eab2da 1925
9d48860e 1926This returns a SQL SELECT statement and associated list of bind values, as
be21dde3 1927specified by the arguments:
32eab2da 1928
96449e8e 1929=over
32eab2da 1930
96449e8e 1931=item $source
32eab2da 1932
9d48860e 1933Specification of the 'FROM' part of the statement.
96449e8e 1934The argument can be either a plain scalar (interpreted as a table
1935name, will be quoted), or an arrayref (interpreted as a list
1936of table names, joined by commas, quoted), or a scalarref
063097a3 1937(literal SQL, not quoted).
32eab2da 1938
96449e8e 1939=item $fields
32eab2da 1940
9d48860e 1941Specification of the list of fields to retrieve from
96449e8e 1942the source.
1943The argument can be either an arrayref (interpreted as a list
9d48860e 1944of field names, will be joined by commas and quoted), or a
96449e8e 1945plain scalar (literal SQL, not quoted).
521647e7 1946Please observe that this API is not as flexible as that of
1947the first argument C<$source>, for backwards compatibility reasons.
32eab2da 1948
96449e8e 1949=item $where
32eab2da 1950
96449e8e 1951Optional argument to specify the WHERE part of the query.
1952The argument is most often a hashref, but can also be
9d48860e 1953an arrayref or plain scalar --
96449e8e 1954see section L<WHERE clause|/"WHERE CLAUSES"> for details.
32eab2da 1955
96449e8e 1956=item $order
32eab2da 1957
96449e8e 1958Optional argument to specify the ORDER BY part of the query.
9d48860e 1959The argument can be a scalar, a hashref or an arrayref
96449e8e 1960-- see section L<ORDER BY clause|/"ORDER BY CLAUSES">
1961for details.
32eab2da 1962
96449e8e 1963=back
32eab2da 1964
32eab2da 1965
85327cd5 1966=head2 delete($table, \%where, \%options)
32eab2da 1967
86298391 1968This takes a table name and optional hashref L<WHERE clause|/WHERE CLAUSES>.
32eab2da 1969It returns an SQL DELETE statement and list of bind values.
1970
85327cd5 1971The optional C<\%options> hash reference may contain additional
1972options to generate the delete SQL. Currently supported options
1973are:
1974
1975=over 4
1976
1977=item returning
1978
1979See the C<returning> option to
1980L<insert|/insert($table, \@values || \%fieldvals, \%options)>.
1981
1982=back
1983
85783f3c 1984=head2 where(\%where, $order)
32eab2da 1985
1986This is used to generate just the WHERE clause. For example,
1987if you have an arbitrary data structure and know what the
1988rest of your SQL is going to look like, but want an easy way
1989to produce a WHERE clause, use this. It returns an SQL WHERE
1990clause and list of bind values.
1991
32eab2da 1992
1993=head2 values(\%data)
1994
1995This just returns the values from the hash C<%data>, in the same
1996order that would be returned from any of the other above queries.
1997Using this allows you to markedly speed up your queries if you
1998are affecting lots of rows. See below under the L</"PERFORMANCE"> section.
1999
32eab2da 2000=head2 generate($any, 'number', $of, \@data, $struct, \%types)
2001
2002Warning: This is an experimental method and subject to change.
2003
2004This returns arbitrarily generated SQL. It's a really basic shortcut.
2005It will return two different things, depending on return context:
2006
2007 my($stmt, @bind) = $sql->generate('create table', \$table, \@fields);
2008 my $stmt_and_val = $sql->generate('create table', \$table, \@fields);
2009
2010These would return the following:
2011
2012 # First calling form
2013 $stmt = "CREATE TABLE test (?, ?)";
2014 @bind = (field1, field2);
2015
2016 # Second calling form
2017 $stmt_and_val = "CREATE TABLE test (field1, field2)";
2018
2019Depending on what you're trying to do, it's up to you to choose the correct
2020format. In this example, the second form is what you would want.
2021
2022By the same token:
2023
2024 $sql->generate('alter session', { nls_date_format => 'MM/YY' });
2025
2026Might give you:
2027
2028 ALTER SESSION SET nls_date_format = 'MM/YY'
2029
2030You get the idea. Strings get their case twiddled, but everything
2031else remains verbatim.
2032
0da0fe34 2033=head1 EXPORTABLE FUNCTIONS
2034
2035=head2 is_plain_value
2036
2037Determines if the supplied argument is a plain value as understood by this
2038module:
2039
2040=over
2041
2042=item * The value is C<undef>
2043
2044=item * The value is a non-reference
2045
2046=item * The value is an object with stringification overloading
2047
2048=item * The value is of the form C<< { -value => $anything } >>
2049
2050=back
2051
9de2bd86 2052On failure returns C<undef>, on success returns a B<scalar> reference
966200cc 2053to the original supplied argument.
0da0fe34 2054
843a94b5 2055=over
2056
2057=item * Note
2058
2059The stringification overloading detection is rather advanced: it takes
2060into consideration not only the presence of a C<""> overload, but if that
2061fails also checks for enabled
2062L<autogenerated versions of C<"">|overload/Magic Autogeneration>, based
2063on either C<0+> or C<bool>.
2064
2065Unfortunately testing in the field indicates that this
2066detection B<< may tickle a latent bug in perl versions before 5.018 >>,
2067but only when very large numbers of stringifying objects are involved.
2068At the time of writing ( Sep 2014 ) there is no clear explanation of
2069the direct cause, nor is there a manageably small test case that reliably
2070reproduces the problem.
2071
2072If you encounter any of the following exceptions in B<random places within
2073your application stack> - this module may be to blame:
2074
2075 Operation "ne": no method found,
2076 left argument in overloaded package <something>,
2077 right argument in overloaded package <something>
2078
2079or perhaps even
2080
2081 Stub found while resolving method "???" overloading """" in package <something>
2082
2083If you fall victim to the above - please attempt to reduce the problem
2084to something that could be sent to the L<SQL::Abstract developers
1f490ae4 2085|DBIx::Class/GETTING HELP/SUPPORT>
843a94b5 2086(either publicly or privately). As a workaround in the meantime you can
2087set C<$ENV{SQLA_ISVALUE_IGNORE_AUTOGENERATED_STRINGIFICATION}> to a true
2088value, which will most likely eliminate your problem (at the expense of
2089not being able to properly detect exotic forms of stringification).
2090
2091This notice and environment variable will be removed in a future version,
2092as soon as the underlying problem is found and a reliable workaround is
2093devised.
2094
2095=back
2096
0da0fe34 2097=head2 is_literal_value
2098
2099Determines if the supplied argument is a literal value as understood by this
2100module:
2101
2102=over
2103
2104=item * C<\$sql_string>
2105
2106=item * C<\[ $sql_string, @bind_values ]>
2107
0da0fe34 2108=back
2109
9de2bd86 2110On failure returns C<undef>, on success returns an B<array> reference
966200cc 2111containing the unpacked version of the supplied literal SQL and bind values.
0da0fe34 2112
32eab2da 2113=head1 WHERE CLAUSES
2114
96449e8e 2115=head2 Introduction
2116
32eab2da 2117This module uses a variation on the idea from L<DBIx::Abstract>. It
2118is B<NOT>, repeat I<not> 100% compatible. B<The main logic of this
2119module is that things in arrays are OR'ed, and things in hashes
2120are AND'ed.>
2121
2122The easiest way to explain is to show lots of examples. After
2123each C<%where> hash shown, it is assumed you used:
2124
2125 my($stmt, @bind) = $sql->where(\%where);
2126
2127However, note that the C<%where> hash can be used directly in any
2128of the other functions as well, as described above.
2129
96449e8e 2130=head2 Key-value pairs
2131
32eab2da 2132So, let's get started. To begin, a simple hash:
2133
2134 my %where = (
2135 user => 'nwiger',
2136 status => 'completed'
2137 );
2138
2139Is converted to SQL C<key = val> statements:
2140
2141 $stmt = "WHERE user = ? AND status = ?";
2142 @bind = ('nwiger', 'completed');
2143
2144One common thing I end up doing is having a list of values that
2145a field can be in. To do this, simply specify a list inside of
2146an arrayref:
2147
2148 my %where = (
2149 user => 'nwiger',
2150 status => ['assigned', 'in-progress', 'pending'];
2151 );
2152
2153This simple code will create the following:
9d48860e 2154
32eab2da 2155 $stmt = "WHERE user = ? AND ( status = ? OR status = ? OR status = ? )";
2156 @bind = ('nwiger', 'assigned', 'in-progress', 'pending');
2157
9d48860e 2158A field associated to an empty arrayref will be considered a
7cac25e6 2159logical false and will generate 0=1.
8a68b5be 2160
b864ba9b 2161=head2 Tests for NULL values
2162
2163If the value part is C<undef> then this is converted to SQL <IS NULL>
2164
2165 my %where = (
2166 user => 'nwiger',
2167 status => undef,
2168 );
2169
2170becomes:
2171
2172 $stmt = "WHERE user = ? AND status IS NULL";
2173 @bind = ('nwiger');
2174
e9614080 2175To test if a column IS NOT NULL:
2176
2177 my %where = (
2178 user => 'nwiger',
2179 status => { '!=', undef },
2180 );
cc422895 2181
6e0c6552 2182=head2 Specific comparison operators
96449e8e 2183
32eab2da 2184If you want to specify a different type of operator for your comparison,
2185you can use a hashref for a given column:
2186
2187 my %where = (
2188 user => 'nwiger',
2189 status => { '!=', 'completed' }
2190 );
2191
2192Which would generate:
2193
2194 $stmt = "WHERE user = ? AND status != ?";
2195 @bind = ('nwiger', 'completed');
2196
2197To test against multiple values, just enclose the values in an arrayref:
2198
96449e8e 2199 status => { '=', ['assigned', 'in-progress', 'pending'] };
2200
f2d5020d 2201Which would give you:
96449e8e 2202
2203 "WHERE status = ? OR status = ? OR status = ?"
2204
2205
2206The hashref can also contain multiple pairs, in which case it is expanded
32eab2da 2207into an C<AND> of its elements:
2208
2209 my %where = (
2210 user => 'nwiger',
2211 status => { '!=', 'completed', -not_like => 'pending%' }
2212 );
2213
2214 # Or more dynamically, like from a form
2215 $where{user} = 'nwiger';
2216 $where{status}{'!='} = 'completed';
2217 $where{status}{'-not_like'} = 'pending%';
2218
2219 # Both generate this
2220 $stmt = "WHERE user = ? AND status != ? AND status NOT LIKE ?";
2221 @bind = ('nwiger', 'completed', 'pending%');
2222
96449e8e 2223
32eab2da 2224To get an OR instead, you can combine it with the arrayref idea:
2225
2226 my %where => (
2227 user => 'nwiger',
1a6f2a03 2228 priority => [ { '=', 2 }, { '>', 5 } ]
32eab2da 2229 );
2230
2231Which would generate:
2232
1a6f2a03 2233 $stmt = "WHERE ( priority = ? OR priority > ? ) AND user = ?";
2234 @bind = ('2', '5', 'nwiger');
32eab2da 2235
44b9e502 2236If you want to include literal SQL (with or without bind values), just use a
13cc86af 2237scalar reference or reference to an arrayref as the value:
44b9e502 2238
2239 my %where = (
2240 date_entered => { '>' => \["to_date(?, 'MM/DD/YYYY')", "11/26/2008"] },
2241 date_expires => { '<' => \"now()" }
2242 );
2243
2244Which would generate:
2245
13cc86af 2246 $stmt = "WHERE date_entered > to_date(?, 'MM/DD/YYYY') AND date_expires < now()";
44b9e502 2247 @bind = ('11/26/2008');
2248
96449e8e 2249
2250=head2 Logic and nesting operators
2251
2252In the example above,
2253there is a subtle trap if you want to say something like
32eab2da 2254this (notice the C<AND>):
2255
2256 WHERE priority != ? AND priority != ?
2257
2258Because, in Perl you I<can't> do this:
2259
13cc86af 2260 priority => { '!=' => 2, '!=' => 1 }
32eab2da 2261
2262As the second C<!=> key will obliterate the first. The solution
2263is to use the special C<-modifier> form inside an arrayref:
2264
9d48860e 2265 priority => [ -and => {'!=', 2},
96449e8e 2266 {'!=', 1} ]
2267
32eab2da 2268
2269Normally, these would be joined by C<OR>, but the modifier tells it
2270to use C<AND> instead. (Hint: You can use this in conjunction with the
2271C<logic> option to C<new()> in order to change the way your queries
2272work by default.) B<Important:> Note that the C<-modifier> goes
2273B<INSIDE> the arrayref, as an extra first element. This will
2274B<NOT> do what you think it might:
2275
2276 priority => -and => [{'!=', 2}, {'!=', 1}] # WRONG!
2277
2278Here is a quick list of equivalencies, since there is some overlap:
2279
2280 # Same
2281 status => {'!=', 'completed', 'not like', 'pending%' }
2282 status => [ -and => {'!=', 'completed'}, {'not like', 'pending%'}]
2283
2284 # Same
2285 status => {'=', ['assigned', 'in-progress']}
2286 status => [ -or => {'=', 'assigned'}, {'=', 'in-progress'}]
2287 status => [ {'=', 'assigned'}, {'=', 'in-progress'} ]
2288
e3f9dff4 2289
2290
be21dde3 2291=head2 Special operators: IN, BETWEEN, etc.
96449e8e 2292
32eab2da 2293You can also use the hashref format to compare a list of fields using the
2294C<IN> comparison operator, by specifying the list as an arrayref:
2295
2296 my %where = (
2297 status => 'completed',
2298 reportid => { -in => [567, 2335, 2] }
2299 );
2300
2301Which would generate:
2302
2303 $stmt = "WHERE status = ? AND reportid IN (?,?,?)";
2304 @bind = ('completed', '567', '2335', '2');
2305
9d48860e 2306The reverse operator C<-not_in> generates SQL C<NOT IN> and is used in
96449e8e 2307the same way.
2308
6e0c6552 2309If the argument to C<-in> is an empty array, 'sqlfalse' is generated
be21dde3 2310(by default: C<1=0>). Similarly, C<< -not_in => [] >> generates
2311'sqltrue' (by default: C<1=1>).
6e0c6552 2312
e41c3bdd 2313In addition to the array you can supply a chunk of literal sql or
2314literal sql with bind:
6e0c6552 2315
e41c3bdd 2316 my %where = {
2317 customer => { -in => \[
2318 'SELECT cust_id FROM cust WHERE balance > ?',
2319 2000,
2320 ],
2321 status => { -in => \'SELECT status_codes FROM states' },
2322 };
6e0c6552 2323
e41c3bdd 2324would generate:
2325
2326 $stmt = "WHERE (
2327 customer IN ( SELECT cust_id FROM cust WHERE balance > ? )
2328 AND status IN ( SELECT status_codes FROM states )
2329 )";
2330 @bind = ('2000');
2331
0dfd2442 2332Finally, if the argument to C<-in> is not a reference, it will be
2333treated as a single-element array.
e41c3bdd 2334
2335Another pair of operators is C<-between> and C<-not_between>,
96449e8e 2336used with an arrayref of two values:
32eab2da 2337
2338 my %where = (
2339 user => 'nwiger',
2340 completion_date => {
2341 -not_between => ['2002-10-01', '2003-02-06']
2342 }
2343 );
2344
2345Would give you:
2346
2347 WHERE user = ? AND completion_date NOT BETWEEN ( ? AND ? )
2348
e41c3bdd 2349Just like with C<-in> all plausible combinations of literal SQL
2350are possible:
2351
2352 my %where = {
2353 start0 => { -between => [ 1, 2 ] },
2354 start1 => { -between => \["? AND ?", 1, 2] },
2355 start2 => { -between => \"lower(x) AND upper(y)" },
9d48860e 2356 start3 => { -between => [
e41c3bdd 2357 \"lower(x)",
2358 \["upper(?)", 'stuff' ],
2359 ] },
2360 };
2361
2362Would give you:
2363
2364 $stmt = "WHERE (
2365 ( start0 BETWEEN ? AND ? )
2366 AND ( start1 BETWEEN ? AND ? )
2367 AND ( start2 BETWEEN lower(x) AND upper(y) )
2368 AND ( start3 BETWEEN lower(x) AND upper(?) )
2369 )";
2370 @bind = (1, 2, 1, 2, 'stuff');
2371
2372
9d48860e 2373These are the two builtin "special operators"; but the
be21dde3 2374list can be expanded: see section L</"SPECIAL OPERATORS"> below.
96449e8e 2375
59f23b3d 2376=head2 Unary operators: bool
97a920ef 2377
2378If you wish to test against boolean columns or functions within your
2379database you can use the C<-bool> and C<-not_bool> operators. For
2380example to test the column C<is_user> being true and the column
827bb0eb 2381C<is_enabled> being false you would use:-
97a920ef 2382
2383 my %where = (
2384 -bool => 'is_user',
2385 -not_bool => 'is_enabled',
2386 );
2387
2388Would give you:
2389
277b5d3f 2390 WHERE is_user AND NOT is_enabled
97a920ef 2391
0b604e9d 2392If a more complex combination is required, testing more conditions,
2393then you should use the and/or operators:-
2394
2395 my %where = (
2396 -and => [
2397 -bool => 'one',
23401b81 2398 -not_bool => { two=> { -rlike => 'bar' } },
2399 -not_bool => { three => [ { '=', 2 }, { '>', 5 } ] },
0b604e9d 2400 ],
2401 );
2402
2403Would give you:
2404
23401b81 2405 WHERE
2406 one
2407 AND
2408 (NOT two RLIKE ?)
2409 AND
2410 (NOT ( three = ? OR three > ? ))
97a920ef 2411
2412
107b72f1 2413=head2 Nested conditions, -and/-or prefixes
96449e8e 2414
32eab2da 2415So far, we've seen how multiple conditions are joined with a top-level
2416C<AND>. We can change this by putting the different conditions we want in
2417hashes and then putting those hashes in an array. For example:
2418
2419 my @where = (
2420 {
2421 user => 'nwiger',
2422 status => { -like => ['pending%', 'dispatched'] },
2423 },
2424 {
2425 user => 'robot',
2426 status => 'unassigned',
2427 }
2428 );
2429
2430This data structure would create the following:
2431
2432 $stmt = "WHERE ( user = ? AND ( status LIKE ? OR status LIKE ? ) )
2433 OR ( user = ? AND status = ? ) )";
2434 @bind = ('nwiger', 'pending', 'dispatched', 'robot', 'unassigned');
2435
107b72f1 2436
48d9f5f8 2437Clauses in hashrefs or arrayrefs can be prefixed with an C<-and> or C<-or>
be21dde3 2438to change the logic inside:
32eab2da 2439
2440 my @where = (
2441 -and => [
2442 user => 'nwiger',
48d9f5f8 2443 [
2444 -and => [ workhrs => {'>', 20}, geo => 'ASIA' ],
2445 -or => { workhrs => {'<', 50}, geo => 'EURO' },
32eab2da 2446 ],
2447 ],
2448 );
2449
2450That would yield:
2451
13cc86af 2452 $stmt = "WHERE ( user = ?
2453 AND ( ( workhrs > ? AND geo = ? )
2454 OR ( workhrs < ? OR geo = ? ) ) )";
2455 @bind = ('nwiger', '20', 'ASIA', '50', 'EURO');
107b72f1 2456
cc422895 2457=head3 Algebraic inconsistency, for historical reasons
107b72f1 2458
7cac25e6 2459C<Important note>: when connecting several conditions, the C<-and->|C<-or>
2460operator goes C<outside> of the nested structure; whereas when connecting
2461several constraints on one column, the C<-and> operator goes
be21dde3 2462C<inside> the arrayref. Here is an example combining both features:
7cac25e6 2463
2464 my @where = (
2465 -and => [a => 1, b => 2],
2466 -or => [c => 3, d => 4],
2467 e => [-and => {-like => 'foo%'}, {-like => '%bar'} ]
2468 )
2469
2470yielding
2471
9d48860e 2472 WHERE ( ( ( a = ? AND b = ? )
2473 OR ( c = ? OR d = ? )
7cac25e6 2474 OR ( e LIKE ? AND e LIKE ? ) ) )
2475
107b72f1 2476This difference in syntax is unfortunate but must be preserved for
be21dde3 2477historical reasons. So be careful: the two examples below would
107b72f1 2478seem algebraically equivalent, but they are not
2479
a948b1fe 2480 { col => [ -and =>
2481 { -like => 'foo%' },
2482 { -like => '%bar' },
2483 ] }
be21dde3 2484 # yields: WHERE ( ( col LIKE ? AND col LIKE ? ) )
107b72f1 2485
a948b1fe 2486 [ -and =>
2487 { col => { -like => 'foo%' } },
2488 { col => { -like => '%bar' } },
2489 ]
be21dde3 2490 # yields: WHERE ( ( col LIKE ? OR col LIKE ? ) )
107b72f1 2491
7cac25e6 2492
cc422895 2493=head2 Literal SQL and value type operators
96449e8e 2494
cc422895 2495The basic premise of SQL::Abstract is that in WHERE specifications the "left
2496side" is a column name and the "right side" is a value (normally rendered as
2497a placeholder). This holds true for both hashrefs and arrayref pairs as you
2498see in the L</WHERE CLAUSES> examples above. Sometimes it is necessary to
2499alter this behavior. There are several ways of doing so.
e9614080 2500
cc422895 2501=head3 -ident
2502
2503This is a virtual operator that signals the string to its right side is an
2504identifier (a column name) and not a value. For example to compare two
2505columns you would write:
32eab2da 2506
e9614080 2507 my %where = (
2508 priority => { '<', 2 },
cc422895 2509 requestor => { -ident => 'submitter' },
e9614080 2510 );
2511
2512which creates:
2513
2514 $stmt = "WHERE priority < ? AND requestor = submitter";
2515 @bind = ('2');
2516
cc422895 2517If you are maintaining legacy code you may see a different construct as
2518described in L</Deprecated usage of Literal SQL>, please use C<-ident> in new
2519code.
2520
2521=head3 -value
e9614080 2522
cc422895 2523This is a virtual operator that signals that the construct to its right side
2524is a value to be passed to DBI. This is for example necessary when you want
2525to write a where clause against an array (for RDBMS that support such
2526datatypes). For example:
e9614080 2527
32eab2da 2528 my %where = (
cc422895 2529 array => { -value => [1, 2, 3] }
32eab2da 2530 );
2531
cc422895 2532will result in:
32eab2da 2533
cc422895 2534 $stmt = 'WHERE array = ?';
2535 @bind = ([1, 2, 3]);
32eab2da 2536
cc422895 2537Note that if you were to simply say:
32eab2da 2538
2539 my %where = (
cc422895 2540 array => [1, 2, 3]
32eab2da 2541 );
2542
3af02ccb 2543the result would probably not be what you wanted:
cc422895 2544
2545 $stmt = 'WHERE array = ? OR array = ? OR array = ?';
2546 @bind = (1, 2, 3);
2547
2548=head3 Literal SQL
96449e8e 2549
cc422895 2550Finally, sometimes only literal SQL will do. To include a random snippet
2551of SQL verbatim, you specify it as a scalar reference. Consider this only
2552as a last resort. Usually there is a better way. For example:
96449e8e 2553
2554 my %where = (
cc422895 2555 priority => { '<', 2 },
2556 requestor => { -in => \'(SELECT name FROM hitmen)' },
96449e8e 2557 );
2558
cc422895 2559Would create:
96449e8e 2560
cc422895 2561 $stmt = "WHERE priority < ? AND requestor IN (SELECT name FROM hitmen)"
2562 @bind = (2);
2563
2564Note that in this example, you only get one bind parameter back, since
2565the verbatim SQL is passed as part of the statement.
2566
2567=head4 CAVEAT
2568
2569 Never use untrusted input as a literal SQL argument - this is a massive
2570 security risk (there is no way to check literal snippets for SQL
2571 injections and other nastyness). If you need to deal with untrusted input
2572 use literal SQL with placeholders as described next.
96449e8e 2573
cc422895 2574=head3 Literal SQL with placeholders and bind values (subqueries)
96449e8e 2575
2576If the literal SQL to be inserted has placeholders and bind values,
2577use a reference to an arrayref (yes this is a double reference --
2578not so common, but perfectly legal Perl). For example, to find a date
2579in Postgres you can use something like this:
2580
2581 my %where = (
3ae1c5e2 2582 date_column => \[ "= date '2008-09-30' - ?::integer", 10 ]
96449e8e 2583 )
2584
2585This would create:
2586
d2a8fe1a 2587 $stmt = "WHERE ( date_column = date '2008-09-30' - ?::integer )"
96449e8e 2588 @bind = ('10');
2589
deb148a2 2590Note that you must pass the bind values in the same format as they are returned
85783f3c 2591by L<where|/where(\%where, $order)>. This means that if you set L</bindtype>
1f490ae4 2592to C<columns>, you must provide the bind values in the
2593C<< [ column_meta => value ] >> format, where C<column_meta> is an opaque
2594scalar value; most commonly the column name, but you can use any scalar value
2595(including references and blessed references), L<SQL::Abstract> will simply
2596pass it through intact. So if C<bindtype> is set to C<columns> the above
2597example will look like:
deb148a2 2598
2599 my %where = (
3ae1c5e2 2600 date_column => \[ "= date '2008-09-30' - ?::integer", [ {} => 10 ] ]
deb148a2 2601 )
96449e8e 2602
2603Literal SQL is especially useful for nesting parenthesized clauses in the
be21dde3 2604main SQL query. Here is a first example:
96449e8e 2605
2606 my ($sub_stmt, @sub_bind) = ("SELECT c1 FROM t1 WHERE c2 < ? AND c3 LIKE ?",
2607 100, "foo%");
2608 my %where = (
2609 foo => 1234,
2610 bar => \["IN ($sub_stmt)" => @sub_bind],
2611 );
2612
be21dde3 2613This yields:
96449e8e 2614
9d48860e 2615 $stmt = "WHERE (foo = ? AND bar IN (SELECT c1 FROM t1
96449e8e 2616 WHERE c2 < ? AND c3 LIKE ?))";
2617 @bind = (1234, 100, "foo%");
2618
9d48860e 2619Other subquery operators, like for example C<"E<gt> ALL"> or C<"NOT IN">,
96449e8e 2620are expressed in the same way. Of course the C<$sub_stmt> and
9d48860e 2621its associated bind values can be generated through a former call
96449e8e 2622to C<select()> :
2623
2624 my ($sub_stmt, @sub_bind)
9d48860e 2625 = $sql->select("t1", "c1", {c2 => {"<" => 100},
96449e8e 2626 c3 => {-like => "foo%"}});
2627 my %where = (
2628 foo => 1234,
2629 bar => \["> ALL ($sub_stmt)" => @sub_bind],
2630 );
2631
2632In the examples above, the subquery was used as an operator on a column;
9d48860e 2633but the same principle also applies for a clause within the main C<%where>
be21dde3 2634hash, like an EXISTS subquery:
96449e8e 2635
9d48860e 2636 my ($sub_stmt, @sub_bind)
96449e8e 2637 = $sql->select("t1", "*", {c1 => 1, c2 => \"> t0.c0"});
48d9f5f8 2638 my %where = ( -and => [
96449e8e 2639 foo => 1234,
48d9f5f8 2640 \["EXISTS ($sub_stmt)" => @sub_bind],
2641 ]);
96449e8e 2642
2643which yields
2644
9d48860e 2645 $stmt = "WHERE (foo = ? AND EXISTS (SELECT * FROM t1
96449e8e 2646 WHERE c1 = ? AND c2 > t0.c0))";
2647 @bind = (1234, 1);
2648
2649
9d48860e 2650Observe that the condition on C<c2> in the subquery refers to
be21dde3 2651column C<t0.c0> of the main query: this is I<not> a bind
9d48860e 2652value, so we have to express it through a scalar ref.
96449e8e 2653Writing C<< c2 => {">" => "t0.c0"} >> would have generated
2654C<< c2 > ? >> with bind value C<"t0.c0"> ... not exactly
2655what we wanted here.
2656
96449e8e 2657Finally, here is an example where a subquery is used
2658for expressing unary negation:
2659
9d48860e 2660 my ($sub_stmt, @sub_bind)
96449e8e 2661 = $sql->where({age => [{"<" => 10}, {">" => 20}]});
2662 $sub_stmt =~ s/^ where //i; # don't want "WHERE" in the subclause
2663 my %where = (
2664 lname => {like => '%son%'},
48d9f5f8 2665 \["NOT ($sub_stmt)" => @sub_bind],
96449e8e 2666 );
2667
2668This yields
2669
2670 $stmt = "lname LIKE ? AND NOT ( age < ? OR age > ? )"
2671 @bind = ('%son%', 10, 20)
2672
cc422895 2673=head3 Deprecated usage of Literal SQL
2674
2675Below are some examples of archaic use of literal SQL. It is shown only as
2676reference for those who deal with legacy code. Each example has a much
2677better, cleaner and safer alternative that users should opt for in new code.
2678
2679=over
2680
2681=item *
2682
2683 my %where = ( requestor => \'IS NOT NULL' )
2684
2685 $stmt = "WHERE requestor IS NOT NULL"
2686
2687This used to be the way of generating NULL comparisons, before the handling
2688of C<undef> got formalized. For new code please use the superior syntax as
2689described in L</Tests for NULL values>.
96449e8e 2690
cc422895 2691=item *
2692
2693 my %where = ( requestor => \'= submitter' )
2694
2695 $stmt = "WHERE requestor = submitter"
2696
2697This used to be the only way to compare columns. Use the superior L</-ident>
2698method for all new code. For example an identifier declared in such a way
2699will be properly quoted if L</quote_char> is properly set, while the legacy
2700form will remain as supplied.
2701
2702=item *
2703
2704 my %where = ( is_ready => \"", completed => { '>', '2012-12-21' } )
2705
2706 $stmt = "WHERE completed > ? AND is_ready"
2707 @bind = ('2012-12-21')
2708
2709Using an empty string literal used to be the only way to express a boolean.
2710For all new code please use the much more readable
2711L<-bool|/Unary operators: bool> operator.
2712
2713=back
96449e8e 2714
2715=head2 Conclusion
2716
32eab2da 2717These pages could go on for a while, since the nesting of the data
2718structures this module can handle are pretty much unlimited (the
2719module implements the C<WHERE> expansion as a recursive function
2720internally). Your best bet is to "play around" with the module a
2721little to see how the data structures behave, and choose the best
2722format for your data based on that.
2723
2724And of course, all the values above will probably be replaced with
2725variables gotten from forms or the command line. After all, if you
2726knew everything ahead of time, you wouldn't have to worry about
2727dynamically-generating SQL and could just hardwire it into your
2728script.
2729
86298391 2730=head1 ORDER BY CLAUSES
2731
9d48860e 2732Some functions take an order by clause. This can either be a scalar (just a
18710f60 2733column name), a hashref of C<< { -desc => 'col' } >> or C<< { -asc => 'col' }
2734>>, a scalarref, an arrayref-ref, or an arrayref of any of the previous
2735forms. Examples:
1cfa1db3 2736
8c15b421 2737 Given | Will Generate
18710f60 2738 ---------------------------------------------------------------
8c15b421 2739 |
2740 'colA' | ORDER BY colA
2741 |
2742 [qw/colA colB/] | ORDER BY colA, colB
2743 |
2744 {-asc => 'colA'} | ORDER BY colA ASC
2745 |
2746 {-desc => 'colB'} | ORDER BY colB DESC
2747 |
2748 ['colA', {-asc => 'colB'}] | ORDER BY colA, colB ASC
2749 |
2750 { -asc => [qw/colA colB/] } | ORDER BY colA ASC, colB ASC
2751 |
2752 \'colA DESC' | ORDER BY colA DESC
2753 |
2754 \[ 'FUNC(colA, ?)', $x ] | ORDER BY FUNC(colA, ?)
2755 | /* ...with $x bound to ? */
2756 |
bd805d85 2757 [ | ORDER BY
2758 { -asc => 'colA' }, | colA ASC,
2759 { -desc => [qw/colB/] }, | colB DESC,
2760 { -asc => [qw/colC colD/] },| colC ASC, colD ASC,
2761 \'colE DESC', | colE DESC,
2762 \[ 'FUNC(colF, ?)', $x ], | FUNC(colF, ?)
2763 ] | /* ...with $x bound to ? */
18710f60 2764 ===============================================================
86298391 2765
96449e8e 2766
2767
2768=head1 SPECIAL OPERATORS
2769
e3f9dff4 2770 my $sqlmaker = SQL::Abstract->new(special_ops => [
3a2e1a5e 2771 {
2772 regex => qr/.../,
e3f9dff4 2773 handler => sub {
2774 my ($self, $field, $op, $arg) = @_;
2775 ...
3a2e1a5e 2776 },
2777 },
2778 {
2779 regex => qr/.../,
2780 handler => 'method_name',
e3f9dff4 2781 },
2782 ]);
2783
9d48860e 2784A "special operator" is a SQL syntactic clause that can be
e3f9dff4 2785applied to a field, instead of a usual binary operator.
be21dde3 2786For example:
e3f9dff4 2787
2788 WHERE field IN (?, ?, ?)
2789 WHERE field BETWEEN ? AND ?
2790 WHERE MATCH(field) AGAINST (?, ?)
96449e8e 2791
e3f9dff4 2792Special operators IN and BETWEEN are fairly standard and therefore
3a2e1a5e 2793are builtin within C<SQL::Abstract> (as the overridable methods
2794C<_where_field_IN> and C<_where_field_BETWEEN>). For other operators,
2795like the MATCH .. AGAINST example above which is specific to MySQL,
2796you can write your own operator handlers - supply a C<special_ops>
2797argument to the C<new> method. That argument takes an arrayref of
2798operator definitions; each operator definition is a hashref with two
2799entries:
96449e8e 2800
e3f9dff4 2801=over
2802
2803=item regex
2804
2805the regular expression to match the operator
96449e8e 2806
e3f9dff4 2807=item handler
2808
3a2e1a5e 2809Either a coderef or a plain scalar method name. In both cases
2810the expected return is C<< ($sql, @bind) >>.
2811
2812When supplied with a method name, it is simply called on the
13cc86af 2813L<SQL::Abstract> object as:
3a2e1a5e 2814
ca4f826a 2815 $self->$method_name($field, $op, $arg)
3a2e1a5e 2816
2817 Where:
2818
3a2e1a5e 2819 $field is the LHS of the operator
13cc86af 2820 $op is the part that matched the handler regex
3a2e1a5e 2821 $arg is the RHS
2822
2823When supplied with a coderef, it is called as:
2824
2825 $coderef->($self, $field, $op, $arg)
2826
e3f9dff4 2827
2828=back
2829
9d48860e 2830For example, here is an implementation
e3f9dff4 2831of the MATCH .. AGAINST syntax for MySQL
2832
2833 my $sqlmaker = SQL::Abstract->new(special_ops => [
9d48860e 2834
e3f9dff4 2835 # special op for MySql MATCH (field) AGAINST(word1, word2, ...)
9d48860e 2836 {regex => qr/^match$/i,
e3f9dff4 2837 handler => sub {
2838 my ($self, $field, $op, $arg) = @_;
2839 $arg = [$arg] if not ref $arg;
2840 my $label = $self->_quote($field);
2841 my ($placeholder) = $self->_convert('?');
2842 my $placeholders = join ", ", (($placeholder) x @$arg);
2843 my $sql = $self->_sqlcase('match') . " ($label) "
2844 . $self->_sqlcase('against') . " ($placeholders) ";
2845 my @bind = $self->_bindtype($field, @$arg);
2846 return ($sql, @bind);
2847 }
2848 },
9d48860e 2849
e3f9dff4 2850 ]);
96449e8e 2851
2852
59f23b3d 2853=head1 UNARY OPERATORS
2854
112b5232 2855 my $sqlmaker = SQL::Abstract->new(unary_ops => [
59f23b3d 2856 {
2857 regex => qr/.../,
2858 handler => sub {
2859 my ($self, $op, $arg) = @_;
2860 ...
2861 },
2862 },
2863 {
2864 regex => qr/.../,
2865 handler => 'method_name',
2866 },
2867 ]);
2868
9d48860e 2869A "unary operator" is a SQL syntactic clause that can be
59f23b3d 2870applied to a field - the operator goes before the field
2871
2872You can write your own operator handlers - supply a C<unary_ops>
2873argument to the C<new> method. That argument takes an arrayref of
2874operator definitions; each operator definition is a hashref with two
2875entries:
2876
2877=over
2878
2879=item regex
2880
2881the regular expression to match the operator
2882
2883=item handler
2884
2885Either a coderef or a plain scalar method name. In both cases
2886the expected return is C<< $sql >>.
2887
2888When supplied with a method name, it is simply called on the
13cc86af 2889L<SQL::Abstract> object as:
59f23b3d 2890
ca4f826a 2891 $self->$method_name($op, $arg)
59f23b3d 2892
2893 Where:
2894
2895 $op is the part that matched the handler regex
2896 $arg is the RHS or argument of the operator
2897
2898When supplied with a coderef, it is called as:
2899
2900 $coderef->($self, $op, $arg)
2901
2902
2903=back
2904
2905
32eab2da 2906=head1 PERFORMANCE
2907
2908Thanks to some benchmarking by Mark Stosberg, it turns out that
2909this module is many orders of magnitude faster than using C<DBIx::Abstract>.
2910I must admit this wasn't an intentional design issue, but it's a
2911byproduct of the fact that you get to control your C<DBI> handles
2912yourself.
2913
2914To maximize performance, use a code snippet like the following:
2915
2916 # prepare a statement handle using the first row
2917 # and then reuse it for the rest of the rows
2918 my($sth, $stmt);
2919 for my $href (@array_of_hashrefs) {
2920 $stmt ||= $sql->insert('table', $href);
2921 $sth ||= $dbh->prepare($stmt);
2922 $sth->execute($sql->values($href));
2923 }
2924
2925The reason this works is because the keys in your C<$href> are sorted
2926internally by B<SQL::Abstract>. Thus, as long as your data retains
2927the same structure, you only have to generate the SQL the first time
2928around. On subsequent queries, simply use the C<values> function provided
2929by this module to return your values in the correct order.
2930
b864ba9b 2931However this depends on the values having the same type - if, for
2932example, the values of a where clause may either have values
2933(resulting in sql of the form C<column = ?> with a single bind
2934value), or alternatively the values might be C<undef> (resulting in
2935sql of the form C<column IS NULL> with no bind value) then the
2936caching technique suggested will not work.
96449e8e 2937
32eab2da 2938=head1 FORMBUILDER
2939
2940If you use my C<CGI::FormBuilder> module at all, you'll hopefully
2941really like this part (I do, at least). Building up a complex query
2942can be as simple as the following:
2943
2944 #!/usr/bin/perl
2945
46dc2f3e 2946 use warnings;
2947 use strict;
2948
32eab2da 2949 use CGI::FormBuilder;
2950 use SQL::Abstract;
2951
2952 my $form = CGI::FormBuilder->new(...);
2953 my $sql = SQL::Abstract->new;
2954
2955 if ($form->submitted) {
2956 my $field = $form->field;
2957 my $id = delete $field->{id};
2958 my($stmt, @bind) = $sql->update('table', $field, {id => $id});
2959 }
2960
2961Of course, you would still have to connect using C<DBI> to run the
2962query, but the point is that if you make your form look like your
2963table, the actual query script can be extremely simplistic.
2964
2965If you're B<REALLY> lazy (I am), check out C<HTML::QuickTable> for
9d48860e 2966a fast interface to returning and formatting data. I frequently
32eab2da 2967use these three modules together to write complex database query
2968apps in under 50 lines.
2969
af733667 2970=head1 HOW TO CONTRIBUTE
2971
2972Contributions are always welcome, in all usable forms (we especially
2973welcome documentation improvements). The delivery methods include git-
2974or unified-diff formatted patches, GitHub pull requests, or plain bug
2975reports either via RT or the Mailing list. Contributors are generally
2976granted full access to the official repository after their first several
2977patches pass successful review.
2978
2979This project is maintained in a git repository. The code and related tools are
2980accessible at the following locations:
d8cc1792 2981
2982=over
2983
af733667 2984=item * Official repo: L<git://git.shadowcat.co.uk/dbsrgits/SQL-Abstract.git>
2985
2986=item * Official gitweb: L<http://git.shadowcat.co.uk/gitweb/gitweb.cgi?p=dbsrgits/SQL-Abstract.git>
2987
2988=item * GitHub mirror: L<https://github.com/dbsrgits/sql-abstract>
d8cc1792 2989
af733667 2990=item * Authorized committers: L<ssh://dbsrgits@git.shadowcat.co.uk/SQL-Abstract.git>
d8cc1792 2991
2992=back
32eab2da 2993
96449e8e 2994=head1 CHANGES
2995
2996Version 1.50 was a major internal refactoring of C<SQL::Abstract>.
2997Great care has been taken to preserve the I<published> behavior
2998documented in previous versions in the 1.* family; however,
9d48860e 2999some features that were previously undocumented, or behaved
96449e8e 3000differently from the documentation, had to be changed in order
3001to clarify the semantics. Hence, client code that was relying
9d48860e 3002on some dark areas of C<SQL::Abstract> v1.*
96449e8e 3003B<might behave differently> in v1.50.
32eab2da 3004
be21dde3 3005The main changes are:
d2a8fe1a 3006
96449e8e 3007=over
32eab2da 3008
9d48860e 3009=item *
32eab2da 3010
3ae1c5e2 3011support for literal SQL through the C<< \ [ $sql, @bind ] >> syntax.
96449e8e 3012
3013=item *
3014
145fbfc8 3015support for the { operator => \"..." } construct (to embed literal SQL)
3016
3017=item *
3018
9c37b9c0 3019support for the { operator => \["...", @bind] } construct (to embed literal SQL with bind values)
3020
3021=item *
3022
96449e8e 3023optional support for L<array datatypes|/"Inserting and Updating Arrays">
3024
9d48860e 3025=item *
96449e8e 3026
be21dde3 3027defensive programming: check arguments
96449e8e 3028
3029=item *
3030
3031fixed bug with global logic, which was previously implemented
7cac25e6 3032through global variables yielding side-effects. Prior versions would
96449e8e 3033interpret C<< [ {cond1, cond2}, [cond3, cond4] ] >>
3034as C<< "(cond1 AND cond2) OR (cond3 AND cond4)" >>.
3035Now this is interpreted
3036as C<< "(cond1 AND cond2) OR (cond3 OR cond4)" >>.
3037
96449e8e 3038
3039=item *
3040
3041fixed semantics of _bindtype on array args
3042
9d48860e 3043=item *
96449e8e 3044
3045dropped the C<_anoncopy> of the %where tree. No longer necessary,
3046we just avoid shifting arrays within that tree.
3047
3048=item *
3049
3050dropped the C<_modlogic> function
3051
3052=back
32eab2da 3053
32eab2da 3054=head1 ACKNOWLEDGEMENTS
3055
3056There are a number of individuals that have really helped out with
3057this module. Unfortunately, most of them submitted bugs via CPAN
3058so I have no idea who they are! But the people I do know are:
3059
9d48860e 3060 Ash Berlin (order_by hash term support)
b643abe1 3061 Matt Trout (DBIx::Class support)
32eab2da 3062 Mark Stosberg (benchmarking)
3063 Chas Owens (initial "IN" operator support)
3064 Philip Collins (per-field SQL functions)
3065 Eric Kolve (hashref "AND" support)
3066 Mike Fragassi (enhancements to "BETWEEN" and "LIKE")
3067 Dan Kubb (support for "quote_char" and "name_sep")
f5aab26e 3068 Guillermo Roditi (patch to cleanup "IN" and "BETWEEN", fix and tests for _order_by)
48d9f5f8 3069 Laurent Dami (internal refactoring, extensible list of special operators, literal SQL)
dbdf7648 3070 Norbert Buchmuller (support for literal SQL in hashpair, misc. fixes & tests)
e96c510a 3071 Peter Rabbitson (rewrite of SQLA::Test, misc. fixes & tests)
02288357 3072 Oliver Charles (support for "RETURNING" after "INSERT")
32eab2da 3073
3074Thanks!
3075
32eab2da 3076=head1 SEE ALSO
3077
86298391 3078L<DBIx::Class>, L<DBIx::Abstract>, L<CGI::FormBuilder>, L<HTML::QuickTable>.
32eab2da 3079
32eab2da 3080=head1 AUTHOR
3081
b643abe1 3082Copyright (c) 2001-2007 Nathan Wiger <nwiger@cpan.org>. All Rights Reserved.
3083
3084This module is actively maintained by Matt Trout <mst@shadowcatsystems.co.uk>
32eab2da 3085
abe72f94 3086For support, your best bet is to try the C<DBIx::Class> users mailing list.
3087While not an official support venue, C<DBIx::Class> makes heavy use of
3088C<SQL::Abstract>, and as such list members there are very familiar with
3089how to create queries.
3090
0d067ded 3091=head1 LICENSE
3092
d988ab87 3093This module is free software; you may copy this under the same
3094terms as perl itself (either the GNU General Public License or
3095the Artistic License)
32eab2da 3096
3097=cut
Unnamed repository; edit this file 'description' to name the repository.