projects / scpubgit/Q-Branch.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | history | HEAD
restore _order_by exception on nonsense asc+desc input
[scpubgit/Q-Branch.git] / lib / SQL / Abstract.pm
CommitLineData
96449e8e 1package SQL::Abstract; # see doc at end of file
2
96449e8e 3use strict;
4use warnings;
9d9d5bd6 5use Carp ();
312d830b 6use List::Util ();
7use Scalar::Util ();
96449e8e 8
0da0fe34 9use Exporter 'import';
10our @EXPORT_OK = qw(is_plain_value is_literal_value);
11
12BEGIN {
13 if ($] < 5.009_005) {
14 require MRO::Compat;
15 }
16 else {
17 require mro;
18 }
843a94b5 19
20 *SQL::Abstract::_ENV_::DETECT_AUTOGENERATED_STRINGIFICATION = $ENV{SQLA_ISVALUE_IGNORE_AUTOGENERATED_STRINGIFICATION}
21 ? sub () { 0 }
22 : sub () { 1 }
23 ;
0da0fe34 24}
25
96449e8e 26#======================================================================
27# GLOBALS
28#======================================================================
29
dc6afcf8 30our $VERSION = '1.86';
7479e27e 31
22f1a437 32# This would confuse some packagers
c520207b 33$VERSION = eval $VERSION if $VERSION =~ /_/; # numify for warning-free dev releases
96449e8e 34
35our $AUTOLOAD;
36
37# special operators (-in, -between). May be extended/overridden by user.
38# See section WHERE: BUILTIN SPECIAL OPERATORS below for implementation
39my @BUILTIN_SPECIAL_OPS = (
f663e672 40 {regex => qr/^ (?: not \s )? between $/ix, handler => sub { die "NOPE" }},
41 {regex => qr/^ (?: not \s )? in $/ix, handler => sub { die "NOPE" }},
87c8e45b 42 {regex => qr/^ is (?: \s+ not )? $/ix, handler => sub { die "NOPE" }},
96449e8e 43);
44
45#======================================================================
46# DEBUGGING AND ERROR REPORTING
47#======================================================================
48
49sub _debug {
50 return unless $_[0]->{debug}; shift; # a little faster
51 my $func = (caller(1))[3];
52 warn "[$func] ", @_, "\n";
53}
54
55sub belch (@) {
56 my($func) = (caller(1))[3];
9d9d5bd6 57 Carp::carp "[$func] Warning: ", @_;
96449e8e 58}
59
60sub puke (@) {
61 my($func) = (caller(1))[3];
9d9d5bd6 62 Carp::croak "[$func] Fatal: ", @_;
96449e8e 63}
64
0da0fe34 65sub is_literal_value ($) {
66 ref $_[0] eq 'SCALAR' ? [ ${$_[0]} ]
67 : ( ref $_[0] eq 'REF' and ref ${$_[0]} eq 'ARRAY' ) ? [ @${ $_[0] } ]
0da0fe34 68 : undef;
69}
70
71# FIXME XSify - this can be done so much more efficiently
72sub is_plain_value ($) {
73 no strict 'refs';
966200cc 74 ! length ref $_[0] ? \($_[0])
0da0fe34 75 : (
76 ref $_[0] eq 'HASH' and keys %{$_[0]} == 1
77 and
78 exists $_[0]->{-value}
966200cc 79 ) ? \($_[0]->{-value})
0da0fe34 80 : (
a1c9e0ff 81 # reuse @_ for even moar speedz
82 defined ( $_[1] = Scalar::Util::blessed $_[0] )
0da0fe34 83 and
84 # deliberately not using Devel::OverloadInfo - the checks we are
85 # intersted in are much more limited than the fullblown thing, and
86 # this is a very hot piece of code
87 (
e8d729d4 88 # simply using ->can('(""') can leave behind stub methods that
89 # break actually using the overload later (see L<perldiag/Stub
90 # found while resolving method "%s" overloading "%s" in package
91 # "%s"> and the source of overload::mycan())
44e54b41 92 #
0da0fe34 93 # either has stringification which DBI SHOULD prefer out of the box
a1c9e0ff 94 grep { *{ (qq[${_}::(""]) }{CODE} } @{ $_[2] = mro::get_linear_isa( $_[1] ) }
0da0fe34 95 or
20e178a8 96 # has nummification or boolification, AND fallback is *not* disabled
0da0fe34 97 (
843a94b5 98 SQL::Abstract::_ENV_::DETECT_AUTOGENERATED_STRINGIFICATION
99 and
20e178a8 100 (
101 grep { *{"${_}::(0+"}{CODE} } @{$_[2]}
102 or
103 grep { *{"${_}::(bool"}{CODE} } @{$_[2]}
104 )
0da0fe34 105 and
106 (
107 # no fallback specified at all
a1c9e0ff 108 ! ( ($_[3]) = grep { *{"${_}::()"}{CODE} } @{$_[2]} )
0da0fe34 109 or
110 # fallback explicitly undef
a1c9e0ff 111 ! defined ${"$_[3]::()"}
0da0fe34 112 or
113 # explicitly true
a1c9e0ff 114 !! ${"$_[3]::()"}
0da0fe34 115 )
116 )
117 )
966200cc 118 ) ? \($_[0])
0da0fe34 119 : undef;
120}
121
122
96449e8e 123
124#======================================================================
125# NEW
126#======================================================================
127
128sub new {
129 my $self = shift;
130 my $class = ref($self) || $self;
131 my %opt = (ref $_[0] eq 'HASH') ? %{$_[0]} : @_;
132
133 # choose our case by keeping an option around
134 delete $opt{case} if $opt{case} && $opt{case} ne 'lower';
135
136 # default logic for interpreting arrayrefs
ef559da3 137 $opt{logic} = $opt{logic} ? uc $opt{logic} : 'OR';
96449e8e 138
139 # how to return bind vars
96449e8e 140 $opt{bindtype} ||= 'normal';
141
142 # default comparison is "=", but can be overridden
143 $opt{cmp} ||= '=';
144
3af02ccb 145 # try to recognize which are the 'equality' and 'inequality' ops
3cdadcbe 146 # (temporary quickfix (in 2007), should go through a more seasoned API)
147 $opt{equality_op} = qr/^( \Q$opt{cmp}\E | \= )$/ix;
148 $opt{inequality_op} = qr/^( != | <> )$/ix;
149
150 $opt{like_op} = qr/^ (is\s+)? r?like $/xi;
151 $opt{not_like_op} = qr/^ (is\s+)? not \s+ r?like $/xi;
96449e8e 152
153 # SQL booleans
154 $opt{sqltrue} ||= '1=1';
155 $opt{sqlfalse} ||= '0=1';
156
9d48860e 157 # special operators
30af97c5 158 $opt{special_ops} ||= [];
159
b6251592 160 # regexes are applied in order, thus push after user-defines
96449e8e 161 push @{$opt{special_ops}}, @BUILTIN_SPECIAL_OPS;
162
9d48860e 163 # unary operators
59f23b3d 164 $opt{unary_ops} ||= [];
59f23b3d 165
3af02ccb 166 # rudimentary sanity-check for user supplied bits treated as functions/operators
b6251592 167 # If a purported function matches this regular expression, an exception is thrown.
168 # Literal SQL is *NOT* subject to this check, only functions (and column names
169 # when quoting is not in effect)
96449e8e 170
b6251592 171 # FIXME
172 # need to guard against ()'s in column names too, but this will break tons of
173 # hacks... ideas anyone?
174 $opt{injection_guard} ||= qr/
175 \;
176 |
177 ^ \s* go \s
178 /xmi;
96449e8e 179
b07681b1 180 $opt{node_types} = +{
181 map +("-$_" => '_render_'.$_),
182 qw(op func value bind ident literal)
183 };
184
ec19b759 185 $opt{expand_unary} = {};
186
b6251592 187 return bless \%opt, $class;
188}
96449e8e 189
e175845b 190sub sqltrue { +{ -literal => [ $_[0]->{sqltrue} ] } }
191sub sqlfalse { +{ -literal => [ $_[0]->{sqlfalse} ] } }
170e6c33 192
193sub _assert_pass_injection_guard {
194 if ($_[1] =~ $_[0]->{injection_guard}) {
195 my $class = ref $_[0];
196 puke "Possible SQL injection attempt '$_[1]'. If this is indeed a part of the "
197 . "desired SQL use literal SQL ( \'...' or \[ '...' ] ) or supply your own "
198 . "{injection_guard} attribute to ${class}->new()"
199 }
200}
201
202
96449e8e 203#======================================================================
204# INSERT methods
205#======================================================================
206
207sub insert {
02288357 208 my $self = shift;
209 my $table = $self->_table(shift);
210 my $data = shift || return;
211 my $options = shift;
96449e8e 212
213 my $method = $self->_METHOD_FOR_refkind("_insert", $data);
02288357 214 my ($sql, @bind) = $self->$method($data);
96449e8e 215 $sql = join " ", $self->_sqlcase('insert into'), $table, $sql;
02288357 216
e82e648a 217 if ($options->{returning}) {
ca4f826a 218 my ($s, @b) = $self->_insert_returning($options);
e82e648a 219 $sql .= $s;
220 push @bind, @b;
02288357 221 }
222
96449e8e 223 return wantarray ? ($sql, @bind) : $sql;
224}
225
60f3fd3f 226# So that subclasses can override INSERT ... RETURNING separately from
227# UPDATE and DELETE (e.g. DBIx::Class::SQLMaker::Oracle does this)
b17a3ece 228sub _insert_returning { shift->_returning(@_) }
229
95904db5 230sub _returning {
e82e648a 231 my ($self, $options) = @_;
6b1fe79d 232
e82e648a 233 my $f = $options->{returning};
234
ff96fdd4 235 my ($sql, @bind) = $self->_render_expr(
236 $self->_expand_maybe_list_expr($f, undef, -ident)
237 );
238 return wantarray
239 ? $self->_sqlcase(' returning ') . $sql
240 : ($self->_sqlcase(' returning ').$sql, @bind);
6b1fe79d 241}
242
96449e8e 243sub _insert_HASHREF { # explicit list of fields and then values
244 my ($self, $data) = @_;
245
246 my @fields = sort keys %$data;
247
fe3ae272 248 my ($sql, @bind) = $self->_insert_values($data);
96449e8e 249
250 # assemble SQL
251 $_ = $self->_quote($_) foreach @fields;
252 $sql = "( ".join(", ", @fields).") ".$sql;
253
254 return ($sql, @bind);
255}
256
257sub _insert_ARRAYREF { # just generate values(?,?) part (no list of fields)
258 my ($self, $data) = @_;
259
260 # no names (arrayref) so can't generate bindtype
261 $self->{bindtype} ne 'columns'
262 or belch "can't do 'columns' bindtype when called with arrayref";
263
19b6ccce 264 my (@values, @all_bind);
265 foreach my $value (@$data) {
266 my ($values, @bind) = $self->_insert_value(undef, $value);
267 push @values, $values;
268 push @all_bind, @bind;
269 }
270 my $sql = $self->_sqlcase('values')." ( ".join(", ", @values)." )";
271 return ($sql, @all_bind);
fe3ae272 272}
273
274sub _insert_ARRAYREFREF { # literal SQL with bind
275 my ($self, $data) = @_;
276
277 my ($sql, @bind) = @${$data};
278 $self->_assert_bindval_matches_bindtype(@bind);
279
280 return ($sql, @bind);
281}
282
283
284sub _insert_SCALARREF { # literal SQL without bind
285 my ($self, $data) = @_;
286
287 return ($$data);
288}
289
290sub _insert_values {
291 my ($self, $data) = @_;
292
96449e8e 293 my (@values, @all_bind);
fe3ae272 294 foreach my $column (sort keys %$data) {
19b6ccce 295 my ($values, @bind) = $self->_insert_value($column, $data->{$column});
296 push @values, $values;
297 push @all_bind, @bind;
298 }
299 my $sql = $self->_sqlcase('values')." ( ".join(", ", @values)." )";
300 return ($sql, @all_bind);
301}
96449e8e 302
19b6ccce 303sub _insert_value {
304 my ($self, $column, $v) = @_;
96449e8e 305
720ca4f7 306 return $self->_render_expr(
307 $self->_expand_insert_value($column, $v)
308 );
309}
96449e8e 310
720ca4f7 311sub _expand_insert_value {
312 my ($self, $column, $v) = @_;
96449e8e 313
720ca4f7 314 if (ref($v) eq 'ARRAY') {
315 if ($self->{array_datatypes}) {
316 return +{ -bind => [ $column, $v ] };
317 }
318 my ($sql, @bind) = @$v;
319 $self->_assert_bindval_matches_bindtype(@bind);
320 return +{ -literal => $v };
321 }
322 if (ref($v) eq 'HASH') {
323 if (grep !/^-/, keys %$v) {
324 belch "HASH ref as bind value in insert is not supported";
325 return +{ -bind => [ $column, $v ] };
326 }
327 }
328 if (!defined($v)) {
329 return +{ -bind => [ $column, undef ] };
330 }
331 local our $Cur_Col_Meta = $column;
332 return $self->_expand_expr($v);
96449e8e 333}
334
335
96449e8e 336
337#======================================================================
338# UPDATE methods
339#======================================================================
340
341
342sub update {
95904db5 343 my $self = shift;
344 my $table = $self->_table(shift);
345 my $data = shift || return;
346 my $where = shift;
347 my $options = shift;
96449e8e 348
349 # first build the 'SET' part of the sql statement
96449e8e 350 puke "Unsupported data type specified to \$sql->update"
351 unless ref $data eq 'HASH';
352
9ade906e 353 my ($sql, @all_bind) = $self->_update_set_values($data);
a9e94508 354 $sql = $self->_sqlcase('update ') . $table . $self->_sqlcase(' set ')
9ade906e 355 . $sql;
356
357 if ($where) {
358 my($where_sql, @where_bind) = $self->where($where);
359 $sql .= $where_sql;
360 push @all_bind, @where_bind;
361 }
362
363 if ($options->{returning}) {
364 my ($returning_sql, @returning_bind) = $self->_update_returning($options);
365 $sql .= $returning_sql;
366 push @all_bind, @returning_bind;
367 }
368
369 return wantarray ? ($sql, @all_bind) : $sql;
370}
371
372sub _update_set_values {
373 my ($self, $data) = @_;
374
89690da2 375 return $self->_render_expr(
376 $self->_expand_update_set_values($data),
377 );
378}
96449e8e 379
89690da2 380sub _expand_update_set_values {
381 my ($self, $data) = @_;
382 $self->_expand_maybe_list_expr( [
383 map {
384 my ($k, $set) = @$_;
385 +{ -op => [ '=', { -ident => $k }, $set ] };
386 }
387 map {
388 my $k = $_;
389 my $v = $data->{$k};
390 (ref($v) eq 'ARRAY'
391 ? ($self->{array_datatypes}
392 ? [ $k, +{ -bind => [ $k, $v ] } ]
393 : [ $k, +{ -literal => $v } ])
394 : do {
395 local our $Cur_Col_Meta = $k;
396 [ $k, $self->_expand_expr($v) ]
397 }
398 );
399 } sort keys %$data
400 ] );
96449e8e 401}
402
60f3fd3f 403# So that subclasses can override UPDATE ... RETURNING separately from
404# INSERT and DELETE
20bb2ad5 405sub _update_returning { shift->_returning(@_) }
96449e8e 406
407
408
409#======================================================================
410# SELECT
411#======================================================================
412
413
414sub select {
415 my $self = shift;
416 my $table = $self->_table(shift);
417 my $fields = shift || '*';
418 my $where = shift;
419 my $order = shift;
420
daa4ccdd 421 my ($fields_sql, @bind) = $self->_select_fields($fields);
96449e8e 422
daa4ccdd 423 my ($where_sql, @where_bind) = $self->where($where, $order);
424 push @bind, @where_bind;
425
426 my $sql = join(' ', $self->_sqlcase('select'), $fields_sql,
96449e8e 427 $self->_sqlcase('from'), $table)
428 . $where_sql;
429
9d48860e 430 return wantarray ? ($sql, @bind) : $sql;
96449e8e 431}
432
daa4ccdd 433sub _select_fields {
434 my ($self, $fields) = @_;
27592e2b 435 return $self->_render_expr(
436 $self->_expand_maybe_list_expr($fields, undef, '-ident')
437 );
daa4ccdd 438}
439
96449e8e 440#======================================================================
441# DELETE
442#======================================================================
443
444
445sub delete {
85327cd5 446 my $self = shift;
447 my $table = $self->_table(shift);
448 my $where = shift;
449 my $options = shift;
96449e8e 450
451 my($where_sql, @bind) = $self->where($where);
a9e94508 452 my $sql = $self->_sqlcase('delete from ') . $table . $where_sql;
96449e8e 453
85327cd5 454 if ($options->{returning}) {
ca4f826a 455 my ($returning_sql, @returning_bind) = $self->_delete_returning($options);
85327cd5 456 $sql .= $returning_sql;
457 push @bind, @returning_bind;
458 }
459
9d48860e 460 return wantarray ? ($sql, @bind) : $sql;
96449e8e 461}
462
60f3fd3f 463# So that subclasses can override DELETE ... RETURNING separately from
464# INSERT and UPDATE
85327cd5 465sub _delete_returning { shift->_returning(@_) }
466
467
96449e8e 468
469#======================================================================
470# WHERE: entry point
471#======================================================================
472
473
474
475# Finally, a separate routine just to handle WHERE clauses
476sub where {
477 my ($self, $where, $order) = @_;
478
7ad12721 479 local $self->{convert_where} = $self->{convert};
480
96449e8e 481 # where ?
e175845b 482 my ($sql, @bind) = defined($where)
483 ? $self->_recurse_where($where)
484 : (undef);
417dd15e 485 $sql = (defined $sql and length $sql) ? $self->_sqlcase(' where ') . "( $sql )" : '';
96449e8e 486
487 # order by?
488 if ($order) {
26fe4d30 489 my ($order_sql, @order_bind) = $self->_order_by($order);
490 $sql .= $order_sql;
491 push @bind, @order_bind;
96449e8e 492 }
493
9d48860e 494 return wantarray ? ($sql, @bind) : $sql;
96449e8e 495}
496
a2cd381d 497sub _expand_expr {
2558b622 498 my ($self, $expr, $logic, $default_scalar_to) = @_;
499 local our $Default_Scalar_To = $default_scalar_to if $default_scalar_to;
252518da 500 return undef unless defined($expr);
59588695 501 if (ref($expr) eq 'HASH') {
502 if (keys %$expr > 1) {
503 $logic ||= 'and';
77617257 504 return +{ -op => [
505 $logic,
59588695 506 map $self->_expand_expr_hashpair($_ => $expr->{$_}, $logic),
507 sort keys %$expr
508 ] };
509 }
99a65fa8 510 return unless %$expr;
59588695 511 return $self->_expand_expr_hashpair(%$expr, $logic);
a2cd381d 512 }
08264f40 513 if (ref($expr) eq 'ARRAY') {
99a65fa8 514 my $logic = lc($logic || $self->{logic});
08264f40 515 $logic eq 'and' or $logic eq 'or' or puke "unknown logic: $logic";
516
517 my @expr = @$expr;
518
519 my @res;
520
521 while (my ($el) = splice @expr, 0, 1) {
522 puke "Supplying an empty left hand side argument is not supported in array-pairs"
523 unless defined($el) and length($el);
524 my $elref = ref($el);
525 if (!$elref) {
526 push(@res, $self->_expand_expr({ $el, shift(@expr) }));
527 } elsif ($elref eq 'ARRAY') {
528 push(@res, $self->_expand_expr($el)) if @$el;
ec857800 529 } elsif (my $l = is_literal_value($el)) {
530 push @res, { -literal => $l };
08264f40 531 } elsif ($elref eq 'HASH') {
532 push @res, $self->_expand_expr($el);
533 } else {
da4a0964 534 die "notreached";
08264f40 535 }
536 }
2143604f 537 return { -op => [ $logic, @res ] };
08264f40 538 }
ca3da680 539 if (my $literal = is_literal_value($expr)) {
540 return +{ -literal => $literal };
541 }
99a65fa8 542 if (!ref($expr) or Scalar::Util::blessed($expr)) {
2558b622 543 if (my $d = $Default_Scalar_To) {
544 return +{ $d => $expr };
545 }
99a65fa8 546 if (my $m = our $Cur_Col_Meta) {
547 return +{ -bind => [ $m, $expr ] };
548 }
252518da 549 return +{ -value => $expr };
550 }
252518da 551 die "notreached";
a2cd381d 552}
96449e8e 553
59588695 554sub _expand_expr_hashpair {
555 my ($self, $k, $v, $logic) = @_;
d13725da 556 unless (defined($k) and length($k)) {
2d64004f 557 if (defined($k) and my $literal = is_literal_value($v)) {
d13725da 558 belch 'Hash-pairs consisting of an empty string with a literal are deprecated, and will be removed in 2.0: use -and => [ $literal ] instead';
2d64004f 559 return { -literal => $literal };
d13725da 560 }
561 puke "Supplying an empty left hand side argument is not supported";
562 }
ef071fad 563 if ($k =~ /^-/) {
99a65fa8 564 $self->_assert_pass_injection_guard($k =~ /^-(.*)$/s);
565 if ($k =~ s/ [_\s]? \d+ $//x ) {
566 belch 'Use of [and|or|nest]_N modifiers is deprecated and will be removed in SQLA v2.0. '
567 . "You probably wanted ...-and => [ $k => COND1, $k => COND2 ... ]";
568 }
ef071fad 569 if ($k eq '-nest') {
570 return $self->_expand_expr($v);
571 }
6ab1562a 572 if ($k eq '-bool') {
573 if (ref($v)) {
574 return $self->_expand_expr($v);
575 }
576 puke "-bool => undef not supported" unless defined($v);
577 return { -ident => $v };
578 }
99a65fa8 579 if ($k eq '-not') {
0c7e3af0 580 return { -op => [ 'not', $self->_expand_expr($v) ] };
99a65fa8 581 }
ce3bc4b0 582 if (my ($rest) = $k =~/^-not[_ ](.*)$/) {
0c7e3af0 583 return +{ -op => [
584 'not',
99a65fa8 585 $self->_expand_expr_hashpair("-${rest}", $v, $logic)
0c7e3af0 586 ] };
ce3bc4b0 587 }
99a65fa8 588 if (my ($logic) = $k =~ /^-(and|or)$/i) {
dd2d5bf7 589 if (ref($v) eq 'HASH') {
590 return $self->_expand_expr($v, $logic);
591 }
99a65fa8 592 if (ref($v) eq 'ARRAY') {
593 return $self->_expand_expr($v, $logic);
594 }
dd2d5bf7 595 }
99a65fa8 596 {
597 my $op = $k;
598 $op =~ s/^-// if length($op) > 1;
599
600 # top level special ops are illegal in general
601 puke "Illegal use of top-level '-$op'"
7f1bdbce 602 if List::Util::first { $op =~ $_->{regex} } @{$self->{special_ops}};
96a8d74a 603 if (my $us = List::Util::first { $op =~ $_->{regex} } @{$self->{unary_ops}}) {
604 return { -op => [ $op, $v ] };
605 }
99a65fa8 606 }
607 if ($k eq '-value' and my $m = our $Cur_Col_Meta) {
608 return +{ -bind => [ $m, $v ] };
609 }
ec19b759 610 if (my $custom = $self->{expand_unary}{$k}) {
611 return $self->$custom($v);
612 }
b07681b1 613 if ($self->{node_types}{$k}) {
99a65fa8 614 return { $k => $v };
d13725da 615 }
711892b1 616 if (
617 ref($v) eq 'HASH'
618 and keys %$v == 1
619 and (keys %$v)[0] =~ /^-/
620 ) {
621 my ($func) = $k =~ /^-(.*)$/;
622 return +{ -func => [ $func, $self->_expand_expr($v) ] };
623 }
624 if (!ref($v) or is_literal_value($v)) {
99a65fa8 625 return +{ -op => [ $k =~ /^-(.*)$/, $self->_expand_expr($v) ] };
59588695 626 }
99a65fa8 627 }
628 if (
629 !defined($v)
630 or (
631 ref($v) eq 'HASH'
632 and exists $v->{-value}
633 and not defined $v->{-value}
634 )
635 ) {
636 return $self->_expand_expr_hashpair($k => { $self->{cmp} => undef });
637 }
638 if (!ref($v) or Scalar::Util::blessed($v)) {
ec19b759 639 my $d = our $Default_Scalar_To;
99a65fa8 640 return +{
641 -op => [
642 $self->{cmp},
643 { -ident => $k },
ec19b759 644 ($d ? { $d => $v } : { -bind => [ $k, $v ] })
99a65fa8 645 ]
646 };
647 }
648 if (ref($v) eq 'HASH') {
649 if (keys %$v > 1) {
e175845b 650 return { -op => [
651 'and',
99a65fa8 652 map $self->_expand_expr_hashpair($k => { $_ => $v->{$_} }),
653 sort keys %$v
654 ] };
655 }
656 my ($vk, $vv) = %$v;
657 $vk =~ s/^-//;
658 $vk = lc($vk);
659 $self->_assert_pass_injection_guard($vk);
660 if ($vk =~ s/ [_\s]? \d+ $//x ) {
661 belch 'Use of [and|or|nest]_N modifiers is deprecated and will be removed in SQLA v2.0. '
662 . "You probably wanted ...-and => [ -$vk => COND1, -$vk => COND2 ... ]";
663 }
664 if ($vk =~ /^(?:not[ _])?between$/) {
665 local our $Cur_Col_Meta = $k;
666 my @rhs = map $self->_expand_expr($_),
667 ref($vv) eq 'ARRAY' ? @$vv : $vv;
668 unless (
669 (@rhs == 1 and ref($rhs[0]) eq 'HASH' and $rhs[0]->{-literal})
670 or
671 (@rhs == 2 and defined($rhs[0]) and defined($rhs[1]))
672 ) {
673 puke "Operator '${\uc($vk)}' requires either an arrayref with two defined values or expressions, or a single literal scalarref/arrayref-ref";
b5b18861 674 }
99a65fa8 675 return +{ -op => [
676 join(' ', split '_', $vk),
677 { -ident => $k },
678 @rhs
679 ] }
680 }
681 if ($vk =~ /^(?:not[ _])?in$/) {
682 if (my $literal = is_literal_value($vv)) {
683 my ($sql, @bind) = @$literal;
684 my $opened_sql = $self->_open_outer_paren($sql);
10d07c4e 685 return +{ -op => [
99a65fa8 686 $vk, { -ident => $k },
687 [ { -literal => [ $opened_sql, @bind ] } ]
10d07c4e 688 ] };
689 }
99a65fa8 690 my $undef_err =
691 'SQL::Abstract before v1.75 used to generate incorrect SQL when the '
692 . "-${\uc($vk)} operator was given an undef-containing list: !!!AUDIT YOUR CODE "
693 . 'AND DATA!!! (the upcoming Data::Query-based version of SQL::Abstract '
694 . 'will emit the logically correct SQL instead of raising this exception)'
695 ;
696 puke("Argument passed to the '${\uc($vk)}' operator can not be undefined")
697 if !defined($vv);
698 my @rhs = map $self->_expand_expr($_),
699 map { ref($_) ? $_ : { -bind => [ $k, $_ ] } }
700 map { defined($_) ? $_: puke($undef_err) }
701 (ref($vv) eq 'ARRAY' ? @$vv : $vv);
e175845b 702 return $self->${\($vk =~ /^not/ ? 'sqltrue' : 'sqlfalse')} unless @rhs;
99a65fa8 703
704 return +{ -op => [
705 join(' ', split '_', $vk),
706 { -ident => $k },
707 \@rhs
708 ] };
709 }
710 if ($vk eq 'ident') {
02b8fe35 711 if (! defined $vv or (ref($vv) and ref($vv) eq 'ARRAY')) {
712 puke "-$vk requires a single plain scalar argument (a quotable identifier) or an arrayref of identifier parts";
f7778474 713 }
99a65fa8 714 return +{ -op => [
715 $self->{cmp},
716 { -ident => $k },
717 { -ident => $vv }
718 ] };
719 }
720 if ($vk eq 'value') {
721 return $self->_expand_expr_hashpair($k, undef) unless defined($vv);
722 return +{ -op => [
723 $self->{cmp},
724 { -ident => $k },
725 { -bind => [ $k, $vv ] }
726 ] };
727 }
728 if ($vk =~ /^is(?:[ _]not)?$/) {
729 puke "$vk can only take undef as argument"
730 if defined($vv)
731 and not (
732 ref($vv) eq 'HASH'
733 and exists($vv->{-value})
734 and !defined($vv->{-value})
735 );
736 $vk =~ s/_/ /g;
737 return +{ -op => [ $vk.' null', { -ident => $k } ] };
738 }
739 if ($vk =~ /^(and|or)$/) {
740 if (ref($vv) eq 'HASH') {
e62fe58a 741 return +{ -op => [
742 $vk,
99a65fa8 743 map $self->_expand_expr_hashpair($k, { $_ => $vv->{$_} }),
744 sort keys %$vv
7d7868d1 745 ] };
746 }
e28d9b13 747 }
30af97c5 748 if (my $us = List::Util::first { $vk =~ $_->{regex} } @{$self->{special_ops}}) {
99a65fa8 749 return { -op => [ $vk, { -ident => $k }, $vv ] };
7dbe1183 750 }
96a8d74a 751 if (my $us = List::Util::first { $vk =~ $_->{regex} } @{$self->{unary_ops}}) {
752 return { -op => [
753 $self->{cmp},
754 { -ident => $k },
755 { -op => [ $vk, $vv ] }
756 ] };
757 }
99a65fa8 758 if (ref($vv) eq 'ARRAY') {
759 my ($logic, @values) = (
760 (defined($vv->[0]) and $vv->[0] =~ /^-(and|or)$/i)
761 ? @$vv
762 : (-or => @$vv)
763 );
764 if (
765 $vk =~ $self->{inequality_op}
766 or join(' ', split '_', $vk) =~ $self->{not_like_op}
767 ) {
768 if (lc($logic) eq '-or' and @values > 1) {
769 my $op = uc join ' ', split '_', $vk;
770 belch "A multi-element arrayref as an argument to the inequality op '$op' "
771 . 'is technically equivalent to an always-true 1=1 (you probably wanted '
772 . "to say ...{ \$inequality_op => [ -and => \@values ] }... instead)"
773 ;
774 }
ef071fad 775 }
b3cb13e8 776 unless (@values) {
777 # try to DWIM on equality operators
778 my $op = join ' ', split '_', $vk;
779 return
e175845b 780 $op =~ $self->{equality_op} ? $self->sqlfalse
781 : $op =~ $self->{like_op} ? belch("Supplying an empty arrayref to '@{[ uc $op]}' is deprecated") && $self->sqlfalse
782 : $op =~ $self->{inequality_op} ? $self->sqltrue
783 : $op =~ $self->{not_like_op} ? belch("Supplying an empty arrayref to '@{[ uc $op]}' is deprecated") && $self->sqltrue
b3cb13e8 784 : puke "operator '$op' applied on an empty array (field '$k')";
785 }
63c97a0b 786 return +{ -op => [
787 $logic =~ /^-(.*)$/,
99a65fa8 788 map $self->_expand_expr_hashpair($k => { $vk => $_ }),
789 @values
790 ] };
791 }
792 if (
793 !defined($vv)
794 or (
795 ref($vv) eq 'HASH'
796 and exists $vv->{-value}
797 and not defined $vv->{-value}
798 )
799 ) {
800 my $op = join ' ', split '_', $vk;
801 my $is =
802 $op =~ /^not$/i ? 'is not' # legacy
803 : $op =~ $self->{equality_op} ? 'is'
804 : $op =~ $self->{like_op} ? belch("Supplying an undefined argument to '@{[ uc $op]}' is deprecated") && 'is'
805 : $op =~ $self->{inequality_op} ? 'is not'
806 : $op =~ $self->{not_like_op} ? belch("Supplying an undefined argument to '@{[ uc $op]}' is deprecated") && 'is not'
807 : puke "unexpected operator '$op' with undef operand";
808 return +{ -op => [ $is.' null', { -ident => $k } ] };
809 }
810 local our $Cur_Col_Meta = $k;
811 return +{ -op => [
812 $vk,
813 { -ident => $k },
814 $self->_expand_expr($vv)
815 ] };
816 }
817 if (ref($v) eq 'ARRAY') {
e175845b 818 return $self->sqlfalse unless @$v;
99a65fa8 819 $self->_debug("ARRAY($k) means distribute over elements");
820 my $this_logic = (
821 $v->[0] =~ /^-((?:and|or))$/i
822 ? ($v = [ @{$v}[1..$#$v] ], $1)
823 : ($self->{logic} || 'or')
824 );
cba28f66 825 return +{ -op => [
826 $this_logic,
827 map $self->_expand_expr({ $k => $_ }, $this_logic), @$v
828 ] };
99a65fa8 829 }
830 if (my $literal = is_literal_value($v)) {
831 unless (length $k) {
832 belch 'Hash-pairs consisting of an empty string with a literal are deprecated, and will be removed in 2.0: use -and => [ $literal ] instead';
833 return \$literal;
834 }
835 my ($sql, @bind) = @$literal;
836 if ($self->{bindtype} eq 'columns') {
837 for (@bind) {
838 if (!defined $_ || ref($_) ne 'ARRAY' || @$_ != 2) {
839 puke "bindtype 'columns' selected, you need to pass: [column_name => bind_value]"
aa8d7bdb 840 }
841 }
331e2209 842 }
99a65fa8 843 return +{ -literal => [ $self->_quote($k).' '.$sql, @bind ] };
331e2209 844 }
99a65fa8 845 die "notreached";
59588695 846}
847
e175845b 848sub _render_expr {
849 my ($self, $expr) = @_;
850 my ($k, $v, @rest) = %$expr;
851 die "No" if @rest;
b07681b1 852 if (my $meth = $self->{node_types}{$k}) {
181dcebf 853 return $self->$meth($v);
e175845b 854 }
855 die "notreached: $k";
856}
857
96449e8e 858sub _recurse_where {
859 my ($self, $where, $logic) = @_;
860
99a65fa8 861#print STDERR Data::Dumper::Concise::Dumper([ $where, $logic ]);
862
a2cd381d 863 my $where_exp = $self->_expand_expr($where, $logic);
864
99a65fa8 865#print STDERR Data::Dumper::Concise::Dumper([ EXP => $where_exp ]);
866
96449e8e 867 # dispatch on appropriate method according to refkind of $where
e175845b 868# my $method = $self->_METHOD_FOR_refkind("_where", $where_exp);
869
870# my ($sql, @bind) = $self->$method($where_exp, $logic);
311b2151 871
e175845b 872 my ($sql, @bind) = defined($where_exp) ? $self->_render_expr($where_exp) : (undef);
311b2151 873
abe1a491 874 # DBIx::Class used to call _recurse_where in scalar context
875 # something else might too...
876 if (wantarray) {
877 return ($sql, @bind);
878 }
879 else {
880 belch "Calling _recurse_where in scalar context is deprecated and will go away before 2.0";
881 return $sql;
882 }
96449e8e 883}
884
181dcebf 885sub _render_ident {
886 my ($self, $ident) = @_;
cc422895 887
9cf28dfb 888 return $self->_convert($self->_quote($ident));
cc422895 889}
890
181dcebf 891sub _render_value {
892 my ($self, $value) = @_;
cc422895 893
52511ae3 894 return ($self->_convert('?'), $self->_bindtype(undef, $value));
cc422895 895}
896
c452734e 897my %unop_postfix = map +($_ => 1),
898 'is null', 'is not null',
899 'asc', 'desc',
900;
d13725da 901
b5b18861 902my %special = (
903 (map +($_ => do {
904 my $op = $_;
905 sub {
906 my ($self, $args) = @_;
907 my ($left, $low, $high) = @$args;
908 my ($rhsql, @rhbind) = do {
909 if (@$args == 2) {
910 puke "Single arg to between must be a literal"
911 unless $low->{-literal};
912 @{$low->{-literal}}
913 } else {
e56dd780 914 my ($l, $h) = map [ $self->_render_expr($_) ], $low, $high;
b5b18861 915 (join(' ', $l->[0], $self->_sqlcase('and'), $h->[0]),
916 @{$l}[1..$#$l], @{$h}[1..$#$h])
917 }
918 };
e56dd780 919 my ($lhsql, @lhbind) = $self->_render_expr($left);
b5b18861 920 return (
921 join(' ', '(', $lhsql, $self->_sqlcase($op), $rhsql, ')'),
922 @lhbind, @rhbind
923 );
924 }
925 }), 'between', 'not between'),
10d07c4e 926 (map +($_ => do {
927 my $op = $_;
928 sub {
929 my ($self, $args) = @_;
930 my ($lhs, $rhs) = @$args;
931 my @in_bind;
932 my @in_sql = map {
0ce981f8 933 my ($sql, @bind) = $self->_render_expr($_);
10d07c4e 934 push @in_bind, @bind;
935 $sql;
936 } @$rhs;
0ce981f8 937 my ($lhsql, @lbind) = $self->_render_expr($lhs);
10d07c4e 938 return (
939 $lhsql.' '.$self->_sqlcase($op).' ( '
940 .join(', ', @in_sql)
941 .' )',
942 @lbind, @in_bind
943 );
944 }
945 }), 'in', 'not in'),
b5b18861 946);
947
181dcebf 948sub _render_op {
949 my ($self, $v) = @_;
d13725da 950 my ($op, @args) = @$v;
951 $op =~ s/^-// if length($op) > 1;
cba28f66 952 $op = lc($op);
b5b18861 953 if (my $h = $special{$op}) {
954 return $self->$h(\@args);
955 }
30af97c5 956 if (my $us = List::Util::first { $op =~ $_->{regex} } @{$self->{special_ops}}) {
99a65fa8 957 puke "Special op '${op}' requires first value to be identifier"
958 unless my ($k) = map $_->{-ident}, grep ref($_) eq 'HASH', $args[0];
959 return $self->${\($us->{handler})}($k, $op, $args[1]);
960 }
96a8d74a 961 if (my $us = List::Util::first { $op =~ $_->{regex} } @{$self->{unary_ops}}) {
962 return $self->${\($us->{handler})}($op, $args[0]);
963 }
99a65fa8 964 my $final_op = $op =~ /^(?:is|not)_/ ? join(' ', split '_', $op) : $op;
2143604f 965 if (@args == 1 and $op !~ /^(and|or)$/) {
ec857800 966 my ($expr_sql, @bind) = $self->_render_expr($args[0]);
d13725da 967 my $op_sql = $self->_sqlcase($final_op);
968 my $final_sql = (
969 $unop_postfix{lc($final_op)}
970 ? "${expr_sql} ${op_sql}"
971 : "${op_sql} ${expr_sql}"
972 );
0c7e3af0 973 return (($op eq 'not' ? '('.$final_sql.')' : $final_sql), @bind);
16d9289c 974 } else {
ec857800 975 my @parts = map [ $self->_render_expr($_) ], @args;
77617257 976 my ($final_sql) = map +($op =~ /^(and|or)$/ ? "(${_})" : $_), join(
2f9c5405 977 ($final_op eq ',' ? '' : ' ').$self->_sqlcase($final_op).' ',
77617257 978 map $_->[0], @parts
979 );
99a65fa8 980 return (
77617257 981 $final_sql,
16d9289c 982 map @{$_}[1..$#$_], @parts
99a65fa8 983 );
d13725da 984 }
985 die "unhandled";
986}
987
181dcebf 988sub _render_func {
989 my ($self, $rest) = @_;
711892b1 990 my ($func, @args) = @$rest;
991 my @arg_sql;
992 my @bind = map {
993 my @x = @$_;
994 push @arg_sql, shift @x;
995 @x
0f199fce 996 } map [ $self->_render_expr($_) ], @args;
711892b1 997 return ($self->_sqlcase($func).'('.join(', ', @arg_sql).')', @bind);
998}
999
181dcebf 1000sub _render_bind {
1001 my ($self, $bind) = @_;
d13725da 1002 return ($self->_convert('?'), $self->_bindtype(@$bind));
1003}
1004
181dcebf 1005sub _render_literal {
1006 my ($self, $literal) = @_;
465d43fd 1007 $self->_assert_bindval_matches_bindtype(@{$literal}[1..$#$literal]);
aa8d7bdb 1008 return @$literal;
1009}
1010
4a1f01a3 1011# Some databases (SQLite) treat col IN (1, 2) different from
1012# col IN ( (1, 2) ). Use this to strip all outer parens while
1013# adding them back in the corresponding method
1014sub _open_outer_paren {
1015 my ($self, $sql) = @_;
a5f91feb 1016
ca4f826a 1017 while (my ($inner) = $sql =~ /^ \s* \( (.*) \) \s* $/xs) {
a5f91feb 1018
1019 # there are closing parens inside, need the heavy duty machinery
1020 # to reevaluate the extraction starting from $sql (full reevaluation)
ca4f826a 1021 if ($inner =~ /\)/) {
a5f91feb 1022 require Text::Balanced;
1023
1024 my (undef, $remainder) = do {
1025 # idiotic design - writes to $@ but *DOES NOT* throw exceptions
1026 local $@;
ca4f826a 1027 Text::Balanced::extract_bracketed($sql, '()', qr/\s*/);
a5f91feb 1028 };
1029
1030 # the entire expression needs to be a balanced bracketed thing
1031 # (after an extract no remainder sans trailing space)
1032 last if defined $remainder and $remainder =~ /\S/;
1033 }
1034
1035 $sql = $inner;
1036 }
1037
1038 $sql;
4a1f01a3 1039}
1040
96449e8e 1041
96449e8e 1042#======================================================================
1043# ORDER BY
1044#======================================================================
1045
1046sub _order_by {
1047 my ($self, $arg) = @_;
1048
4325df6a 1049 return '' unless defined($arg) and not (ref($arg) eq 'ARRAY' and !@$arg);
2b6158af 1050
4325df6a 1051 my $expander = sub {
1052 my ($self, $dir, $expr) = @_;
1053 my @exp = map +(defined($dir) ? { -op => [ $dir => $_ ] } : $_),
1054 map $self->_expand_expr($_, undef, -ident),
1055 ref($expr) eq 'ARRAY' ? @$expr : $expr;
1056 return (@exp > 1 ? { -op => [ ',', @exp ] } : $exp[0]);
1057 };
18c743c8 1058
70c57fc3 1059 if (
1060 ref($arg) eq 'HASH'
1061 and keys %$arg > 1
1062 and grep /^-(asc|desc)$/, keys %$arg
1063 ) {
1064 puke "ordering direction hash passed to order by must have exactly one key (-asc or -desc)";
1065 }
1066
ec19b759 1067 local @{$self->{expand_unary}}{qw(-asc -desc)} = (
1068 sub { shift->$expander(asc => @_) },
1069 sub { shift->$expander(desc => @_) },
1070 );
f267b646 1071
4325df6a 1072 my $expanded = $self->$expander(undef, $arg);
1073
1074 my ($sql, @bind) = $self->_render_expr($expanded);
1075
1076 my $final_sql = $self->_sqlcase(' order by ').$sql;
1077
1078 return wantarray ? ($final_sql, @bind) : $final_sql;
f267b646 1079}
1080
96449e8e 1081#======================================================================
1082# DATASOURCE (FOR NOW, JUST PLAIN TABLE OR LIST OF TABLES)
1083#======================================================================
1084
1085sub _table {
1086 my $self = shift;
1087 my $from = shift;
7ad12721 1088 ($self->_render_expr(
8476c6a3 1089 $self->_expand_maybe_list_expr($from, undef, -ident)
7ad12721 1090 ))[0];
96449e8e 1091}
1092
1093
1094#======================================================================
1095# UTILITY FUNCTIONS
1096#======================================================================
1097
8476c6a3 1098sub _expand_maybe_list_expr {
1099 my ($self, $expr, $logic, $default) = @_;
bba04f52 1100 my $e = do {
1101 if (ref($expr) eq 'ARRAY') {
1102 return { -op => [
8476c6a3 1103 ',', map $self->_expand_expr($_, $logic, $default), @$expr
bba04f52 1104 ] } if @$expr > 1;
1105 $expr->[0]
1106 } else {
1107 $expr
1108 }
1109 };
1110 return $self->_expand_expr($e, $logic, $default);
8476c6a3 1111}
1112
955e77ca 1113# highly optimized, as it's called way too often
96449e8e 1114sub _quote {
955e77ca 1115 # my ($self, $label) = @_;
96449e8e 1116
955e77ca 1117 return '' unless defined $_[1];
955e77ca 1118 return ${$_[1]} if ref($_[1]) eq 'SCALAR';
d3162b5c 1119 puke 'Identifier cannot be hashref' if ref($_[1]) eq 'HASH';
96449e8e 1120
d3162b5c 1121 unless ($_[0]->{quote_char}) {
1122 if (ref($_[1]) eq 'ARRAY') {
1123 return join($_[0]->{name_sep}||'.', @{$_[1]});
1124 } else {
1125 $_[0]->_assert_pass_injection_guard($_[1]);
1126 return $_[1];
1127 }
1128 }
96449e8e 1129
07d7c35c 1130 my $qref = ref $_[0]->{quote_char};
439834d3 1131 my ($l, $r) =
1132 !$qref ? ($_[0]->{quote_char}, $_[0]->{quote_char})
1133 : ($qref eq 'ARRAY') ? @{$_[0]->{quote_char}}
1134 : puke "Unsupported quote_char format: $_[0]->{quote_char}";
1135
46be4313 1136 my $esc = $_[0]->{escape_char} || $r;
96449e8e 1137
07d7c35c 1138 # parts containing * are naturally unquoted
d3162b5c 1139 return join(
1140 $_[0]->{name_sep}||'',
1141 map +(
1142 $_ eq '*'
1143 ? $_
1144 : do { (my $n = $_) =~ s/(\Q$esc\E|\Q$r\E)/$esc$1/g; $l . $n . $r }
1145 ),
1146 (ref($_[1]) eq 'ARRAY'
1147 ? @{$_[1]}
1148 : (
1149 $_[0]->{name_sep}
1150 ? split (/\Q$_[0]->{name_sep}\E/, $_[1] )
1151 : $_[1]
1152 )
1153 )
955e77ca 1154 );
96449e8e 1155}
1156
1157
1158# Conversion, if applicable
d7c862e0 1159sub _convert {
07d7c35c 1160 #my ($self, $arg) = @_;
7ad12721 1161 if ($_[0]->{convert_where}) {
1162 return $_[0]->_sqlcase($_[0]->{convert_where}) .'(' . $_[1] . ')';
96449e8e 1163 }
07d7c35c 1164 return $_[1];
96449e8e 1165}
1166
1167# And bindtype
d7c862e0 1168sub _bindtype {
07d7c35c 1169 #my ($self, $col, @vals) = @_;
07d7c35c 1170 # called often - tighten code
1171 return $_[0]->{bindtype} eq 'columns'
1172 ? map {[$_[1], $_]} @_[2 .. $#_]
1173 : @_[2 .. $#_]
1174 ;
96449e8e 1175}
1176
fe3ae272 1177# Dies if any element of @bind is not in [colname => value] format
1178# if bindtype is 'columns'.
1179sub _assert_bindval_matches_bindtype {
c94a6c93 1180# my ($self, @bind) = @_;
1181 my $self = shift;
fe3ae272 1182 if ($self->{bindtype} eq 'columns') {
c94a6c93 1183 for (@_) {
1184 if (!defined $_ || ref($_) ne 'ARRAY' || @$_ != 2) {
3a06278c 1185 puke "bindtype 'columns' selected, you need to pass: [column_name => bind_value]"
fe3ae272 1186 }
1187 }
1188 }
1189}
1190
96449e8e 1191sub _join_sql_clauses {
1192 my ($self, $logic, $clauses_aref, $bind_aref) = @_;
1193
1194 if (@$clauses_aref > 1) {
1195 my $join = " " . $self->_sqlcase($logic) . " ";
1196 my $sql = '( ' . join($join, @$clauses_aref) . ' )';
1197 return ($sql, @$bind_aref);
1198 }
1199 elsif (@$clauses_aref) {
1200 return ($clauses_aref->[0], @$bind_aref); # no parentheses
1201 }
1202 else {
1203 return (); # if no SQL, ignore @$bind_aref
1204 }
1205}
1206
1207
1208# Fix SQL case, if so requested
1209sub _sqlcase {
96449e8e 1210 # LDNOTE: if $self->{case} is true, then it contains 'lower', so we
1211 # don't touch the argument ... crooked logic, but let's not change it!
07d7c35c 1212 return $_[0]->{case} ? $_[1] : uc($_[1]);
96449e8e 1213}
1214
1215
1216#======================================================================
1217# DISPATCHING FROM REFKIND
1218#======================================================================
1219
1220sub _refkind {
1221 my ($self, $data) = @_;
96449e8e 1222
955e77ca 1223 return 'UNDEF' unless defined $data;
1224
1225 # blessed objects are treated like scalars
1226 my $ref = (Scalar::Util::blessed $data) ? '' : ref $data;
1227
1228 return 'SCALAR' unless $ref;
1229
1230 my $n_steps = 1;
1231 while ($ref eq 'REF') {
96449e8e 1232 $data = $$data;
955e77ca 1233 $ref = (Scalar::Util::blessed $data) ? '' : ref $data;
1234 $n_steps++ if $ref;
96449e8e 1235 }
1236
848556bc 1237 return ($ref||'SCALAR') . ('REF' x $n_steps);
96449e8e 1238}
1239
1240sub _try_refkind {
1241 my ($self, $data) = @_;
1242 my @try = ($self->_refkind($data));
1243 push @try, 'SCALAR_or_UNDEF' if $try[0] eq 'SCALAR' || $try[0] eq 'UNDEF';
1244 push @try, 'FALLBACK';
955e77ca 1245 return \@try;
96449e8e 1246}
1247
1248sub _METHOD_FOR_refkind {
1249 my ($self, $meth_prefix, $data) = @_;
f39eaa60 1250
1251 my $method;
955e77ca 1252 for (@{$self->_try_refkind($data)}) {
f39eaa60 1253 $method = $self->can($meth_prefix."_".$_)
1254 and last;
1255 }
1256
1257 return $method || puke "cannot dispatch on '$meth_prefix' for ".$self->_refkind($data);
96449e8e 1258}
1259
1260
1261sub _SWITCH_refkind {
1262 my ($self, $data, $dispatch_table) = @_;
1263
f39eaa60 1264 my $coderef;
955e77ca 1265 for (@{$self->_try_refkind($data)}) {
f39eaa60 1266 $coderef = $dispatch_table->{$_}
1267 and last;
1268 }
1269
1270 puke "no dispatch entry for ".$self->_refkind($data)
1271 unless $coderef;
1272
96449e8e 1273 $coderef->();
1274}
1275
1276
1277
1278
1279#======================================================================
1280# VALUES, GENERATE, AUTOLOAD
1281#======================================================================
1282
1283# LDNOTE: original code from nwiger, didn't touch code in that section
1284# I feel the AUTOLOAD stuff should not be the default, it should
1285# only be activated on explicit demand by user.
1286
1287sub values {
1288 my $self = shift;
1289 my $data = shift || return;
1290 puke "Argument to ", __PACKAGE__, "->values must be a \\%hash"
1291 unless ref $data eq 'HASH';
bab725ce 1292
1293 my @all_bind;
ca4f826a 1294 foreach my $k (sort keys %$data) {
bab725ce 1295 my $v = $data->{$k};
1296 $self->_SWITCH_refkind($v, {
9d48860e 1297 ARRAYREF => sub {
bab725ce 1298 if ($self->{array_datatypes}) { # array datatype
1299 push @all_bind, $self->_bindtype($k, $v);
1300 }
1301 else { # literal SQL with bind
1302 my ($sql, @bind) = @$v;
1303 $self->_assert_bindval_matches_bindtype(@bind);
1304 push @all_bind, @bind;
1305 }
1306 },
1307 ARRAYREFREF => sub { # literal SQL with bind
1308 my ($sql, @bind) = @${$v};
1309 $self->_assert_bindval_matches_bindtype(@bind);
1310 push @all_bind, @bind;
1311 },
1312 SCALARREF => sub { # literal SQL without bind
1313 },
1314 SCALAR_or_UNDEF => sub {
1315 push @all_bind, $self->_bindtype($k, $v);
1316 },
1317 });
1318 }
1319
1320 return @all_bind;
96449e8e 1321}
1322
1323sub generate {
1324 my $self = shift;
1325
1326 my(@sql, @sqlq, @sqlv);
1327
1328 for (@_) {
1329 my $ref = ref $_;
1330 if ($ref eq 'HASH') {
1331 for my $k (sort keys %$_) {
1332 my $v = $_->{$k};
1333 my $r = ref $v;
1334 my $label = $self->_quote($k);
1335 if ($r eq 'ARRAY') {
fe3ae272 1336 # literal SQL with bind
1337 my ($sql, @bind) = @$v;
1338 $self->_assert_bindval_matches_bindtype(@bind);
96449e8e 1339 push @sqlq, "$label = $sql";
fe3ae272 1340 push @sqlv, @bind;
96449e8e 1341 } elsif ($r eq 'SCALAR') {
fe3ae272 1342 # literal SQL without bind
96449e8e 1343 push @sqlq, "$label = $$v";
9d48860e 1344 } else {
96449e8e 1345 push @sqlq, "$label = ?";
1346 push @sqlv, $self->_bindtype($k, $v);
1347 }
1348 }
1349 push @sql, $self->_sqlcase('set'), join ', ', @sqlq;
1350 } elsif ($ref eq 'ARRAY') {
1351 # unlike insert(), assume these are ONLY the column names, i.e. for SQL
1352 for my $v (@$_) {
1353 my $r = ref $v;
fe3ae272 1354 if ($r eq 'ARRAY') { # literal SQL with bind
1355 my ($sql, @bind) = @$v;
1356 $self->_assert_bindval_matches_bindtype(@bind);
1357 push @sqlq, $sql;
1358 push @sqlv, @bind;
1359 } elsif ($r eq 'SCALAR') { # literal SQL without bind
96449e8e 1360 # embedded literal SQL
1361 push @sqlq, $$v;
9d48860e 1362 } else {
96449e8e 1363 push @sqlq, '?';
1364 push @sqlv, $v;
1365 }
1366 }
1367 push @sql, '(' . join(', ', @sqlq) . ')';
1368 } elsif ($ref eq 'SCALAR') {
1369 # literal SQL
1370 push @sql, $$_;
1371 } else {
1372 # strings get case twiddled
1373 push @sql, $self->_sqlcase($_);
1374 }
1375 }
1376
1377 my $sql = join ' ', @sql;
1378
1379 # this is pretty tricky
1380 # if ask for an array, return ($stmt, @bind)
1381 # otherwise, s/?/shift @sqlv/ to put it inline
1382 if (wantarray) {
1383 return ($sql, @sqlv);
1384 } else {
1385 1 while $sql =~ s/\?/my $d = shift(@sqlv);
1386 ref $d ? $d->[1] : $d/e;
1387 return $sql;
1388 }
1389}
1390
1391
1392sub DESTROY { 1 }
1393
1394sub AUTOLOAD {
1395 # This allows us to check for a local, then _form, attr
1396 my $self = shift;
1397 my($name) = $AUTOLOAD =~ /.*::(.+)/;
1398 return $self->generate($name, @_);
1399}
1400
14011;
1402
1403
1404
1405__END__
32eab2da 1406
1407=head1 NAME
1408
1409SQL::Abstract - Generate SQL from Perl data structures
1410
1411=head1 SYNOPSIS
1412
1413 use SQL::Abstract;
1414
1415 my $sql = SQL::Abstract->new;
1416
85783f3c 1417 my($stmt, @bind) = $sql->select($source, \@fields, \%where, $order);
32eab2da 1418
1419 my($stmt, @bind) = $sql->insert($table, \%fieldvals || \@values);
1420
1421 my($stmt, @bind) = $sql->update($table, \%fieldvals, \%where);
1422
1423 my($stmt, @bind) = $sql->delete($table, \%where);
1424
1425 # Then, use these in your DBI statements
1426 my $sth = $dbh->prepare($stmt);
1427 $sth->execute(@bind);
1428
1429 # Just generate the WHERE clause
85783f3c 1430 my($stmt, @bind) = $sql->where(\%where, $order);
32eab2da 1431
1432 # Return values in the same order, for hashed queries
1433 # See PERFORMANCE section for more details
1434 my @bind = $sql->values(\%fieldvals);
1435
1436=head1 DESCRIPTION
1437
1438This module was inspired by the excellent L<DBIx::Abstract>.
1439However, in using that module I found that what I really wanted
1440to do was generate SQL, but still retain complete control over my
1441statement handles and use the DBI interface. So, I set out to
1442create an abstract SQL generation module.
1443
1444While based on the concepts used by L<DBIx::Abstract>, there are
1445several important differences, especially when it comes to WHERE
1446clauses. I have modified the concepts used to make the SQL easier
1447to generate from Perl data structures and, IMO, more intuitive.
1448The underlying idea is for this module to do what you mean, based
1449on the data structures you provide it. The big advantage is that
1450you don't have to modify your code every time your data changes,
1451as this module figures it out.
1452
1453To begin with, an SQL INSERT is as easy as just specifying a hash
1454of C<key=value> pairs:
1455
1456 my %data = (
1457 name => 'Jimbo Bobson',
1458 phone => '123-456-7890',
1459 address => '42 Sister Lane',
1460 city => 'St. Louis',
1461 state => 'Louisiana',
1462 );
1463
1464The SQL can then be generated with this:
1465
1466 my($stmt, @bind) = $sql->insert('people', \%data);
1467
1468Which would give you something like this:
1469
1470 $stmt = "INSERT INTO people
1471 (address, city, name, phone, state)
1472 VALUES (?, ?, ?, ?, ?)";
1473 @bind = ('42 Sister Lane', 'St. Louis', 'Jimbo Bobson',
1474 '123-456-7890', 'Louisiana');
1475
1476These are then used directly in your DBI code:
1477
1478 my $sth = $dbh->prepare($stmt);
1479 $sth->execute(@bind);
1480
96449e8e 1481=head2 Inserting and Updating Arrays
1482
1483If your database has array types (like for example Postgres),
1484activate the special option C<< array_datatypes => 1 >>
9d48860e 1485when creating the C<SQL::Abstract> object.
96449e8e 1486Then you may use an arrayref to insert and update database array types:
1487
1488 my $sql = SQL::Abstract->new(array_datatypes => 1);
1489 my %data = (
1490 planets => [qw/Mercury Venus Earth Mars/]
1491 );
9d48860e 1492
96449e8e 1493 my($stmt, @bind) = $sql->insert('solar_system', \%data);
1494
1495This results in:
1496
1497 $stmt = "INSERT INTO solar_system (planets) VALUES (?)"
1498
1499 @bind = (['Mercury', 'Venus', 'Earth', 'Mars']);
1500
1501
1502=head2 Inserting and Updating SQL
1503
1504In order to apply SQL functions to elements of your C<%data> you may
1505specify a reference to an arrayref for the given hash value. For example,
1506if you need to execute the Oracle C<to_date> function on a value, you can
1507say something like this:
32eab2da 1508
1509 my %data = (
1510 name => 'Bill',
3ae1c5e2 1511 date_entered => \[ "to_date(?,'MM/DD/YYYY')", "03/02/2003" ],
9d48860e 1512 );
32eab2da 1513
1514The first value in the array is the actual SQL. Any other values are
1515optional and would be included in the bind values array. This gives
1516you:
1517
1518 my($stmt, @bind) = $sql->insert('people', \%data);
1519
9d48860e 1520 $stmt = "INSERT INTO people (name, date_entered)
32eab2da 1521 VALUES (?, to_date(?,'MM/DD/YYYY'))";
1522 @bind = ('Bill', '03/02/2003');
1523
1524An UPDATE is just as easy, all you change is the name of the function:
1525
1526 my($stmt, @bind) = $sql->update('people', \%data);
1527
1528Notice that your C<%data> isn't touched; the module will generate
1529the appropriately quirky SQL for you automatically. Usually you'll
1530want to specify a WHERE clause for your UPDATE, though, which is
1531where handling C<%where> hashes comes in handy...
1532
96449e8e 1533=head2 Complex where statements
1534
32eab2da 1535This module can generate pretty complicated WHERE statements
1536easily. For example, simple C<key=value> pairs are taken to mean
1537equality, and if you want to see if a field is within a set
1538of values, you can use an arrayref. Let's say we wanted to
1539SELECT some data based on this criteria:
1540
1541 my %where = (
1542 requestor => 'inna',
1543 worker => ['nwiger', 'rcwe', 'sfz'],
1544 status => { '!=', 'completed' }
1545 );
1546
1547 my($stmt, @bind) = $sql->select('tickets', '*', \%where);
1548
1549The above would give you something like this:
1550
1551 $stmt = "SELECT * FROM tickets WHERE
1552 ( requestor = ? ) AND ( status != ? )
1553 AND ( worker = ? OR worker = ? OR worker = ? )";
1554 @bind = ('inna', 'completed', 'nwiger', 'rcwe', 'sfz');
1555
1556Which you could then use in DBI code like so:
1557
1558 my $sth = $dbh->prepare($stmt);
1559 $sth->execute(@bind);
1560
1561Easy, eh?
1562
0da0fe34 1563=head1 METHODS
32eab2da 1564
13cc86af 1565The methods are simple. There's one for every major SQL operation,
32eab2da 1566and a constructor you use first. The arguments are specified in a
13cc86af 1567similar order for each method (table, then fields, then a where
32eab2da 1568clause) to try and simplify things.
1569
32eab2da 1570=head2 new(option => 'value')
1571
1572The C<new()> function takes a list of options and values, and returns
1573a new B<SQL::Abstract> object which can then be used to generate SQL
1574through the methods below. The options accepted are:
1575
1576=over
1577
1578=item case
1579
1580If set to 'lower', then SQL will be generated in all lowercase. By
1581default SQL is generated in "textbook" case meaning something like:
1582
1583 SELECT a_field FROM a_table WHERE some_field LIKE '%someval%'
1584
96449e8e 1585Any setting other than 'lower' is ignored.
1586
32eab2da 1587=item cmp
1588
1589This determines what the default comparison operator is. By default
1590it is C<=>, meaning that a hash like this:
1591
1592 %where = (name => 'nwiger', email => 'nate@wiger.org');
1593
1594Will generate SQL like this:
1595
1596 WHERE name = 'nwiger' AND email = 'nate@wiger.org'
1597
1598However, you may want loose comparisons by default, so if you set
1599C<cmp> to C<like> you would get SQL such as:
1600
1601 WHERE name like 'nwiger' AND email like 'nate@wiger.org'
1602
3af02ccb 1603You can also override the comparison on an individual basis - see
32eab2da 1604the huge section on L</"WHERE CLAUSES"> at the bottom.
1605
96449e8e 1606=item sqltrue, sqlfalse
1607
1608Expressions for inserting boolean values within SQL statements.
6e0c6552 1609By default these are C<1=1> and C<1=0>. They are used
1610by the special operators C<-in> and C<-not_in> for generating
1611correct SQL even when the argument is an empty array (see below).
96449e8e 1612
32eab2da 1613=item logic
1614
1615This determines the default logical operator for multiple WHERE
7cac25e6 1616statements in arrays or hashes. If absent, the default logic is "or"
1617for arrays, and "and" for hashes. This means that a WHERE
32eab2da 1618array of the form:
1619
1620 @where = (
9d48860e 1621 event_date => {'>=', '2/13/99'},
1622 event_date => {'<=', '4/24/03'},
32eab2da 1623 );
1624
7cac25e6 1625will generate SQL like this:
32eab2da 1626
1627 WHERE event_date >= '2/13/99' OR event_date <= '4/24/03'
1628
1629This is probably not what you want given this query, though (look
1630at the dates). To change the "OR" to an "AND", simply specify:
1631
1632 my $sql = SQL::Abstract->new(logic => 'and');
1633
1634Which will change the above C<WHERE> to:
1635
1636 WHERE event_date >= '2/13/99' AND event_date <= '4/24/03'
1637
96449e8e 1638The logic can also be changed locally by inserting
be21dde3 1639a modifier in front of an arrayref:
96449e8e 1640
9d48860e 1641 @where = (-and => [event_date => {'>=', '2/13/99'},
7cac25e6 1642 event_date => {'<=', '4/24/03'} ]);
96449e8e 1643
1644See the L</"WHERE CLAUSES"> section for explanations.
1645
32eab2da 1646=item convert
1647
1648This will automatically convert comparisons using the specified SQL
1649function for both column and value. This is mostly used with an argument
1650of C<upper> or C<lower>, so that the SQL will have the effect of
1651case-insensitive "searches". For example, this:
1652
1653 $sql = SQL::Abstract->new(convert => 'upper');
1654 %where = (keywords => 'MaKe iT CAse inSeNSItive');
1655
1656Will turn out the following SQL:
1657
1658 WHERE upper(keywords) like upper('MaKe iT CAse inSeNSItive')
1659
1660The conversion can be C<upper()>, C<lower()>, or any other SQL function
1661that can be applied symmetrically to fields (actually B<SQL::Abstract> does
1662not validate this option; it will just pass through what you specify verbatim).
1663
1664=item bindtype
1665
1666This is a kludge because many databases suck. For example, you can't
1667just bind values using DBI's C<execute()> for Oracle C<CLOB> or C<BLOB> fields.
1668Instead, you have to use C<bind_param()>:
1669
1670 $sth->bind_param(1, 'reg data');
1671 $sth->bind_param(2, $lots, {ora_type => ORA_CLOB});
1672
1673The problem is, B<SQL::Abstract> will normally just return a C<@bind> array,
1674which loses track of which field each slot refers to. Fear not.
1675
1676If you specify C<bindtype> in new, you can determine how C<@bind> is returned.
1677Currently, you can specify either C<normal> (default) or C<columns>. If you
1678specify C<columns>, you will get an array that looks like this:
1679
1680 my $sql = SQL::Abstract->new(bindtype => 'columns');
1681 my($stmt, @bind) = $sql->insert(...);
1682
1683 @bind = (
1684 [ 'column1', 'value1' ],
1685 [ 'column2', 'value2' ],
1686 [ 'column3', 'value3' ],
1687 );
1688
1689You can then iterate through this manually, using DBI's C<bind_param()>.
e3f9dff4 1690
32eab2da 1691 $sth->prepare($stmt);
1692 my $i = 1;
1693 for (@bind) {
1694 my($col, $data) = @$_;
1695 if ($col eq 'details' || $col eq 'comments') {
1696 $sth->bind_param($i, $data, {ora_type => ORA_CLOB});
1697 } elsif ($col eq 'image') {
1698 $sth->bind_param($i, $data, {ora_type => ORA_BLOB});
1699 } else {
1700 $sth->bind_param($i, $data);
1701 }
1702 $i++;
1703 }
1704 $sth->execute; # execute without @bind now
1705
1706Now, why would you still use B<SQL::Abstract> if you have to do this crap?
1707Basically, the advantage is still that you don't have to care which fields
1708are or are not included. You could wrap that above C<for> loop in a simple
1709sub called C<bind_fields()> or something and reuse it repeatedly. You still
1710get a layer of abstraction over manual SQL specification.
1711
3ae1c5e2 1712Note that if you set L</bindtype> to C<columns>, the C<\[ $sql, @bind ]>
deb148a2 1713construct (see L</Literal SQL with placeholders and bind values (subqueries)>)
1714will expect the bind values in this format.
1715
32eab2da 1716=item quote_char
1717
1718This is the character that a table or column name will be quoted
9d48860e 1719with. By default this is an empty string, but you could set it to
32eab2da 1720the character C<`>, to generate SQL like this:
1721
1722 SELECT `a_field` FROM `a_table` WHERE `some_field` LIKE '%someval%'
1723
96449e8e 1724Alternatively, you can supply an array ref of two items, the first being the left
1725hand quote character, and the second the right hand quote character. For
1726example, you could supply C<['[',']']> for SQL Server 2000 compliant quotes
1727that generates SQL like this:
1728
1729 SELECT [a_field] FROM [a_table] WHERE [some_field] LIKE '%someval%'
1730
9d48860e 1731Quoting is useful if you have tables or columns names that are reserved
96449e8e 1732words in your database's SQL dialect.
32eab2da 1733
46be4313 1734=item escape_char
1735
1736This is the character that will be used to escape L</quote_char>s appearing
1737in an identifier before it has been quoted.
1738
80790166 1739The parameter default in case of a single L</quote_char> character is the quote
46be4313 1740character itself.
1741
1742When opening-closing-style quoting is used (L</quote_char> is an arrayref)
9de2bd86 1743this parameter defaults to the B<closing (right)> L</quote_char>. Occurrences
46be4313 1744of the B<opening (left)> L</quote_char> within the identifier are currently left
1745untouched. The default for opening-closing-style quotes may change in future
1746versions, thus you are B<strongly encouraged> to specify the escape character
1747explicitly.
1748
32eab2da 1749=item name_sep
1750
1751This is the character that separates a table and column name. It is
1752necessary to specify this when the C<quote_char> option is selected,
1753so that tables and column names can be individually quoted like this:
1754
1755 SELECT `table`.`one_field` FROM `table` WHERE `table`.`other_field` = 1
1756
b6251592 1757=item injection_guard
1758
1759A regular expression C<qr/.../> that is applied to any C<-function> and unquoted
1760column name specified in a query structure. This is a safety mechanism to avoid
1761injection attacks when mishandling user input e.g.:
1762
1763 my %condition_as_column_value_pairs = get_values_from_user();
1764 $sqla->select( ... , \%condition_as_column_value_pairs );
1765
1766If the expression matches an exception is thrown. Note that literal SQL
1767supplied via C<\'...'> or C<\['...']> is B<not> checked in any way.
1768
1769Defaults to checking for C<;> and the C<GO> keyword (TransactSQL)
1770
96449e8e 1771=item array_datatypes
32eab2da 1772
9d48860e 1773When this option is true, arrayrefs in INSERT or UPDATE are
1774interpreted as array datatypes and are passed directly
96449e8e 1775to the DBI layer.
1776When this option is false, arrayrefs are interpreted
1777as literal SQL, just like refs to arrayrefs
1778(but this behavior is for backwards compatibility; when writing
1779new queries, use the "reference to arrayref" syntax
1780for literal SQL).
32eab2da 1781
32eab2da 1782
96449e8e 1783=item special_ops
32eab2da 1784
9d48860e 1785Takes a reference to a list of "special operators"
96449e8e 1786to extend the syntax understood by L<SQL::Abstract>.
1787See section L</"SPECIAL OPERATORS"> for details.
32eab2da 1788
59f23b3d 1789=item unary_ops
1790
9d48860e 1791Takes a reference to a list of "unary operators"
59f23b3d 1792to extend the syntax understood by L<SQL::Abstract>.
1793See section L</"UNARY OPERATORS"> for details.
1794
32eab2da 1795
32eab2da 1796
96449e8e 1797=back
32eab2da 1798
02288357 1799=head2 insert($table, \@values || \%fieldvals, \%options)
32eab2da 1800
1801This is the simplest function. You simply give it a table name
1802and either an arrayref of values or hashref of field/value pairs.
1803It returns an SQL INSERT statement and a list of bind values.
96449e8e 1804See the sections on L</"Inserting and Updating Arrays"> and
1805L</"Inserting and Updating SQL"> for information on how to insert
1806with those data types.
32eab2da 1807
02288357 1808The optional C<\%options> hash reference may contain additional
1809options to generate the insert SQL. Currently supported options
1810are:
1811
1812=over 4
1813
1814=item returning
1815
1816Takes either a scalar of raw SQL fields, or an array reference of
1817field names, and adds on an SQL C<RETURNING> statement at the end.
1818This allows you to return data generated by the insert statement
1819(such as row IDs) without performing another C<SELECT> statement.
1820Note, however, this is not part of the SQL standard and may not
1821be supported by all database engines.
1822
1823=back
1824
95904db5 1825=head2 update($table, \%fieldvals, \%where, \%options)
32eab2da 1826
1827This takes a table, hashref of field/value pairs, and an optional
86298391 1828hashref L<WHERE clause|/WHERE CLAUSES>. It returns an SQL UPDATE function and a list
32eab2da 1829of bind values.
96449e8e 1830See the sections on L</"Inserting and Updating Arrays"> and
1831L</"Inserting and Updating SQL"> for information on how to insert
1832with those data types.
32eab2da 1833
95904db5 1834The optional C<\%options> hash reference may contain additional
1835options to generate the update SQL. Currently supported options
1836are:
1837
1838=over 4
1839
1840=item returning
1841
1842See the C<returning> option to
1843L<insert|/insert($table, \@values || \%fieldvals, \%options)>.
1844
1845=back
1846
96449e8e 1847=head2 select($source, $fields, $where, $order)
32eab2da 1848
9d48860e 1849This returns a SQL SELECT statement and associated list of bind values, as
be21dde3 1850specified by the arguments:
32eab2da 1851
96449e8e 1852=over
32eab2da 1853
96449e8e 1854=item $source
32eab2da 1855
9d48860e 1856Specification of the 'FROM' part of the statement.
96449e8e 1857The argument can be either a plain scalar (interpreted as a table
1858name, will be quoted), or an arrayref (interpreted as a list
1859of table names, joined by commas, quoted), or a scalarref
063097a3 1860(literal SQL, not quoted).
32eab2da 1861
96449e8e 1862=item $fields
32eab2da 1863
9d48860e 1864Specification of the list of fields to retrieve from
96449e8e 1865the source.
1866The argument can be either an arrayref (interpreted as a list
9d48860e 1867of field names, will be joined by commas and quoted), or a
96449e8e 1868plain scalar (literal SQL, not quoted).
521647e7 1869Please observe that this API is not as flexible as that of
1870the first argument C<$source>, for backwards compatibility reasons.
32eab2da 1871
96449e8e 1872=item $where
32eab2da 1873
96449e8e 1874Optional argument to specify the WHERE part of the query.
1875The argument is most often a hashref, but can also be
9d48860e 1876an arrayref or plain scalar --
96449e8e 1877see section L<WHERE clause|/"WHERE CLAUSES"> for details.
32eab2da 1878
96449e8e 1879=item $order
32eab2da 1880
96449e8e 1881Optional argument to specify the ORDER BY part of the query.
9d48860e 1882The argument can be a scalar, a hashref or an arrayref
96449e8e 1883-- see section L<ORDER BY clause|/"ORDER BY CLAUSES">
1884for details.
32eab2da 1885
96449e8e 1886=back
32eab2da 1887
32eab2da 1888
85327cd5 1889=head2 delete($table, \%where, \%options)
32eab2da 1890
86298391 1891This takes a table name and optional hashref L<WHERE clause|/WHERE CLAUSES>.
32eab2da 1892It returns an SQL DELETE statement and list of bind values.
1893
85327cd5 1894The optional C<\%options> hash reference may contain additional
1895options to generate the delete SQL. Currently supported options
1896are:
1897
1898=over 4
1899
1900=item returning
1901
1902See the C<returning> option to
1903L<insert|/insert($table, \@values || \%fieldvals, \%options)>.
1904
1905=back
1906
85783f3c 1907=head2 where(\%where, $order)
32eab2da 1908
1909This is used to generate just the WHERE clause. For example,
1910if you have an arbitrary data structure and know what the
1911rest of your SQL is going to look like, but want an easy way
1912to produce a WHERE clause, use this. It returns an SQL WHERE
1913clause and list of bind values.
1914
32eab2da 1915
1916=head2 values(\%data)
1917
1918This just returns the values from the hash C<%data>, in the same
1919order that would be returned from any of the other above queries.
1920Using this allows you to markedly speed up your queries if you
1921are affecting lots of rows. See below under the L</"PERFORMANCE"> section.
1922
32eab2da 1923=head2 generate($any, 'number', $of, \@data, $struct, \%types)
1924
1925Warning: This is an experimental method and subject to change.
1926
1927This returns arbitrarily generated SQL. It's a really basic shortcut.
1928It will return two different things, depending on return context:
1929
1930 my($stmt, @bind) = $sql->generate('create table', \$table, \@fields);
1931 my $stmt_and_val = $sql->generate('create table', \$table, \@fields);
1932
1933These would return the following:
1934
1935 # First calling form
1936 $stmt = "CREATE TABLE test (?, ?)";
1937 @bind = (field1, field2);
1938
1939 # Second calling form
1940 $stmt_and_val = "CREATE TABLE test (field1, field2)";
1941
1942Depending on what you're trying to do, it's up to you to choose the correct
1943format. In this example, the second form is what you would want.
1944
1945By the same token:
1946
1947 $sql->generate('alter session', { nls_date_format => 'MM/YY' });
1948
1949Might give you:
1950
1951 ALTER SESSION SET nls_date_format = 'MM/YY'
1952
1953You get the idea. Strings get their case twiddled, but everything
1954else remains verbatim.
1955
0da0fe34 1956=head1 EXPORTABLE FUNCTIONS
1957
1958=head2 is_plain_value
1959
1960Determines if the supplied argument is a plain value as understood by this
1961module:
1962
1963=over
1964
1965=item * The value is C<undef>
1966
1967=item * The value is a non-reference
1968
1969=item * The value is an object with stringification overloading
1970
1971=item * The value is of the form C<< { -value => $anything } >>
1972
1973=back
1974
9de2bd86 1975On failure returns C<undef>, on success returns a B<scalar> reference
966200cc 1976to the original supplied argument.
0da0fe34 1977
843a94b5 1978=over
1979
1980=item * Note
1981
1982The stringification overloading detection is rather advanced: it takes
1983into consideration not only the presence of a C<""> overload, but if that
1984fails also checks for enabled
1985L<autogenerated versions of C<"">|overload/Magic Autogeneration>, based
1986on either C<0+> or C<bool>.
1987
1988Unfortunately testing in the field indicates that this
1989detection B<< may tickle a latent bug in perl versions before 5.018 >>,
1990but only when very large numbers of stringifying objects are involved.
1991At the time of writing ( Sep 2014 ) there is no clear explanation of
1992the direct cause, nor is there a manageably small test case that reliably
1993reproduces the problem.
1994
1995If you encounter any of the following exceptions in B<random places within
1996your application stack> - this module may be to blame:
1997
1998 Operation "ne": no method found,
1999 left argument in overloaded package <something>,
2000 right argument in overloaded package <something>
2001
2002or perhaps even
2003
2004 Stub found while resolving method "???" overloading """" in package <something>
2005
2006If you fall victim to the above - please attempt to reduce the problem
2007to something that could be sent to the L<SQL::Abstract developers
1f490ae4 2008|DBIx::Class/GETTING HELP/SUPPORT>
843a94b5 2009(either publicly or privately). As a workaround in the meantime you can
2010set C<$ENV{SQLA_ISVALUE_IGNORE_AUTOGENERATED_STRINGIFICATION}> to a true
2011value, which will most likely eliminate your problem (at the expense of
2012not being able to properly detect exotic forms of stringification).
2013
2014This notice and environment variable will be removed in a future version,
2015as soon as the underlying problem is found and a reliable workaround is
2016devised.
2017
2018=back
2019
0da0fe34 2020=head2 is_literal_value
2021
2022Determines if the supplied argument is a literal value as understood by this
2023module:
2024
2025=over
2026
2027=item * C<\$sql_string>
2028
2029=item * C<\[ $sql_string, @bind_values ]>
2030
0da0fe34 2031=back
2032
9de2bd86 2033On failure returns C<undef>, on success returns an B<array> reference
966200cc 2034containing the unpacked version of the supplied literal SQL and bind values.
0da0fe34 2035
32eab2da 2036=head1 WHERE CLAUSES
2037
96449e8e 2038=head2 Introduction
2039
32eab2da 2040This module uses a variation on the idea from L<DBIx::Abstract>. It
2041is B<NOT>, repeat I<not> 100% compatible. B<The main logic of this
2042module is that things in arrays are OR'ed, and things in hashes
2043are AND'ed.>
2044
2045The easiest way to explain is to show lots of examples. After
2046each C<%where> hash shown, it is assumed you used:
2047
2048 my($stmt, @bind) = $sql->where(\%where);
2049
2050However, note that the C<%where> hash can be used directly in any
2051of the other functions as well, as described above.
2052
96449e8e 2053=head2 Key-value pairs
2054
32eab2da 2055So, let's get started. To begin, a simple hash:
2056
2057 my %where = (
2058 user => 'nwiger',
2059 status => 'completed'
2060 );
2061
2062Is converted to SQL C<key = val> statements:
2063
2064 $stmt = "WHERE user = ? AND status = ?";
2065 @bind = ('nwiger', 'completed');
2066
2067One common thing I end up doing is having a list of values that
2068a field can be in. To do this, simply specify a list inside of
2069an arrayref:
2070
2071 my %where = (
2072 user => 'nwiger',
2073 status => ['assigned', 'in-progress', 'pending'];
2074 );
2075
2076This simple code will create the following:
9d48860e 2077
32eab2da 2078 $stmt = "WHERE user = ? AND ( status = ? OR status = ? OR status = ? )";
2079 @bind = ('nwiger', 'assigned', 'in-progress', 'pending');
2080
9d48860e 2081A field associated to an empty arrayref will be considered a
7cac25e6 2082logical false and will generate 0=1.
8a68b5be 2083
b864ba9b 2084=head2 Tests for NULL values
2085
2086If the value part is C<undef> then this is converted to SQL <IS NULL>
2087
2088 my %where = (
2089 user => 'nwiger',
2090 status => undef,
2091 );
2092
2093becomes:
2094
2095 $stmt = "WHERE user = ? AND status IS NULL";
2096 @bind = ('nwiger');
2097
e9614080 2098To test if a column IS NOT NULL:
2099
2100 my %where = (
2101 user => 'nwiger',
2102 status => { '!=', undef },
2103 );
cc422895 2104
6e0c6552 2105=head2 Specific comparison operators
96449e8e 2106
32eab2da 2107If you want to specify a different type of operator for your comparison,
2108you can use a hashref for a given column:
2109
2110 my %where = (
2111 user => 'nwiger',
2112 status => { '!=', 'completed' }
2113 );
2114
2115Which would generate:
2116
2117 $stmt = "WHERE user = ? AND status != ?";
2118 @bind = ('nwiger', 'completed');
2119
2120To test against multiple values, just enclose the values in an arrayref:
2121
96449e8e 2122 status => { '=', ['assigned', 'in-progress', 'pending'] };
2123
f2d5020d 2124Which would give you:
96449e8e 2125
2126 "WHERE status = ? OR status = ? OR status = ?"
2127
2128
2129The hashref can also contain multiple pairs, in which case it is expanded
32eab2da 2130into an C<AND> of its elements:
2131
2132 my %where = (
2133 user => 'nwiger',
2134 status => { '!=', 'completed', -not_like => 'pending%' }
2135 );
2136
2137 # Or more dynamically, like from a form
2138 $where{user} = 'nwiger';
2139 $where{status}{'!='} = 'completed';
2140 $where{status}{'-not_like'} = 'pending%';
2141
2142 # Both generate this
2143 $stmt = "WHERE user = ? AND status != ? AND status NOT LIKE ?";
2144 @bind = ('nwiger', 'completed', 'pending%');
2145
96449e8e 2146
32eab2da 2147To get an OR instead, you can combine it with the arrayref idea:
2148
2149 my %where => (
2150 user => 'nwiger',
1a6f2a03 2151 priority => [ { '=', 2 }, { '>', 5 } ]
32eab2da 2152 );
2153
2154Which would generate:
2155
1a6f2a03 2156 $stmt = "WHERE ( priority = ? OR priority > ? ) AND user = ?";
2157 @bind = ('2', '5', 'nwiger');
32eab2da 2158
44b9e502 2159If you want to include literal SQL (with or without bind values), just use a
13cc86af 2160scalar reference or reference to an arrayref as the value:
44b9e502 2161
2162 my %where = (
2163 date_entered => { '>' => \["to_date(?, 'MM/DD/YYYY')", "11/26/2008"] },
2164 date_expires => { '<' => \"now()" }
2165 );
2166
2167Which would generate:
2168
13cc86af 2169 $stmt = "WHERE date_entered > to_date(?, 'MM/DD/YYYY') AND date_expires < now()";
44b9e502 2170 @bind = ('11/26/2008');
2171
96449e8e 2172
2173=head2 Logic and nesting operators
2174
2175In the example above,
2176there is a subtle trap if you want to say something like
32eab2da 2177this (notice the C<AND>):
2178
2179 WHERE priority != ? AND priority != ?
2180
2181Because, in Perl you I<can't> do this:
2182
13cc86af 2183 priority => { '!=' => 2, '!=' => 1 }
32eab2da 2184
2185As the second C<!=> key will obliterate the first. The solution
2186is to use the special C<-modifier> form inside an arrayref:
2187
9d48860e 2188 priority => [ -and => {'!=', 2},
96449e8e 2189 {'!=', 1} ]
2190
32eab2da 2191
2192Normally, these would be joined by C<OR>, but the modifier tells it
2193to use C<AND> instead. (Hint: You can use this in conjunction with the
2194C<logic> option to C<new()> in order to change the way your queries
2195work by default.) B<Important:> Note that the C<-modifier> goes
2196B<INSIDE> the arrayref, as an extra first element. This will
2197B<NOT> do what you think it might:
2198
2199 priority => -and => [{'!=', 2}, {'!=', 1}] # WRONG!
2200
2201Here is a quick list of equivalencies, since there is some overlap:
2202
2203 # Same
2204 status => {'!=', 'completed', 'not like', 'pending%' }
2205 status => [ -and => {'!=', 'completed'}, {'not like', 'pending%'}]
2206
2207 # Same
2208 status => {'=', ['assigned', 'in-progress']}
2209 status => [ -or => {'=', 'assigned'}, {'=', 'in-progress'}]
2210 status => [ {'=', 'assigned'}, {'=', 'in-progress'} ]
2211
e3f9dff4 2212
2213
be21dde3 2214=head2 Special operators: IN, BETWEEN, etc.
96449e8e 2215
32eab2da 2216You can also use the hashref format to compare a list of fields using the
2217C<IN> comparison operator, by specifying the list as an arrayref:
2218
2219 my %where = (
2220 status => 'completed',
2221 reportid => { -in => [567, 2335, 2] }
2222 );
2223
2224Which would generate:
2225
2226 $stmt = "WHERE status = ? AND reportid IN (?,?,?)";
2227 @bind = ('completed', '567', '2335', '2');
2228
9d48860e 2229The reverse operator C<-not_in> generates SQL C<NOT IN> and is used in
96449e8e 2230the same way.
2231
6e0c6552 2232If the argument to C<-in> is an empty array, 'sqlfalse' is generated
be21dde3 2233(by default: C<1=0>). Similarly, C<< -not_in => [] >> generates
2234'sqltrue' (by default: C<1=1>).
6e0c6552 2235
e41c3bdd 2236In addition to the array you can supply a chunk of literal sql or
2237literal sql with bind:
6e0c6552 2238
e41c3bdd 2239 my %where = {
2240 customer => { -in => \[
2241 'SELECT cust_id FROM cust WHERE balance > ?',
2242 2000,
2243 ],
2244 status => { -in => \'SELECT status_codes FROM states' },
2245 };
6e0c6552 2246
e41c3bdd 2247would generate:
2248
2249 $stmt = "WHERE (
2250 customer IN ( SELECT cust_id FROM cust WHERE balance > ? )
2251 AND status IN ( SELECT status_codes FROM states )
2252 )";
2253 @bind = ('2000');
2254
0dfd2442 2255Finally, if the argument to C<-in> is not a reference, it will be
2256treated as a single-element array.
e41c3bdd 2257
2258Another pair of operators is C<-between> and C<-not_between>,
96449e8e 2259used with an arrayref of two values:
32eab2da 2260
2261 my %where = (
2262 user => 'nwiger',
2263 completion_date => {
2264 -not_between => ['2002-10-01', '2003-02-06']
2265 }
2266 );
2267
2268Would give you:
2269
2270 WHERE user = ? AND completion_date NOT BETWEEN ( ? AND ? )
2271
e41c3bdd 2272Just like with C<-in> all plausible combinations of literal SQL
2273are possible:
2274
2275 my %where = {
2276 start0 => { -between => [ 1, 2 ] },
2277 start1 => { -between => \["? AND ?", 1, 2] },
2278 start2 => { -between => \"lower(x) AND upper(y)" },
9d48860e 2279 start3 => { -between => [
e41c3bdd 2280 \"lower(x)",
2281 \["upper(?)", 'stuff' ],
2282 ] },
2283 };
2284
2285Would give you:
2286
2287 $stmt = "WHERE (
2288 ( start0 BETWEEN ? AND ? )
2289 AND ( start1 BETWEEN ? AND ? )
2290 AND ( start2 BETWEEN lower(x) AND upper(y) )
2291 AND ( start3 BETWEEN lower(x) AND upper(?) )
2292 )";
2293 @bind = (1, 2, 1, 2, 'stuff');
2294
2295
9d48860e 2296These are the two builtin "special operators"; but the
be21dde3 2297list can be expanded: see section L</"SPECIAL OPERATORS"> below.
96449e8e 2298
59f23b3d 2299=head2 Unary operators: bool
97a920ef 2300
2301If you wish to test against boolean columns or functions within your
2302database you can use the C<-bool> and C<-not_bool> operators. For
2303example to test the column C<is_user> being true and the column
827bb0eb 2304C<is_enabled> being false you would use:-
97a920ef 2305
2306 my %where = (
2307 -bool => 'is_user',
2308 -not_bool => 'is_enabled',
2309 );
2310
2311Would give you:
2312
277b5d3f 2313 WHERE is_user AND NOT is_enabled
97a920ef 2314
0b604e9d 2315If a more complex combination is required, testing more conditions,
2316then you should use the and/or operators:-
2317
2318 my %where = (
2319 -and => [
2320 -bool => 'one',
23401b81 2321 -not_bool => { two=> { -rlike => 'bar' } },
2322 -not_bool => { three => [ { '=', 2 }, { '>', 5 } ] },
0b604e9d 2323 ],
2324 );
2325
2326Would give you:
2327
23401b81 2328 WHERE
2329 one
2330 AND
2331 (NOT two RLIKE ?)
2332 AND
2333 (NOT ( three = ? OR three > ? ))
97a920ef 2334
2335
107b72f1 2336=head2 Nested conditions, -and/-or prefixes
96449e8e 2337
32eab2da 2338So far, we've seen how multiple conditions are joined with a top-level
2339C<AND>. We can change this by putting the different conditions we want in
2340hashes and then putting those hashes in an array. For example:
2341
2342 my @where = (
2343 {
2344 user => 'nwiger',
2345 status => { -like => ['pending%', 'dispatched'] },
2346 },
2347 {
2348 user => 'robot',
2349 status => 'unassigned',
2350 }
2351 );
2352
2353This data structure would create the following:
2354
2355 $stmt = "WHERE ( user = ? AND ( status LIKE ? OR status LIKE ? ) )
2356 OR ( user = ? AND status = ? ) )";
2357 @bind = ('nwiger', 'pending', 'dispatched', 'robot', 'unassigned');
2358
107b72f1 2359
48d9f5f8 2360Clauses in hashrefs or arrayrefs can be prefixed with an C<-and> or C<-or>
be21dde3 2361to change the logic inside:
32eab2da 2362
2363 my @where = (
2364 -and => [
2365 user => 'nwiger',
48d9f5f8 2366 [
2367 -and => [ workhrs => {'>', 20}, geo => 'ASIA' ],
2368 -or => { workhrs => {'<', 50}, geo => 'EURO' },
32eab2da 2369 ],
2370 ],
2371 );
2372
2373That would yield:
2374
13cc86af 2375 $stmt = "WHERE ( user = ?
2376 AND ( ( workhrs > ? AND geo = ? )
2377 OR ( workhrs < ? OR geo = ? ) ) )";
2378 @bind = ('nwiger', '20', 'ASIA', '50', 'EURO');
107b72f1 2379
cc422895 2380=head3 Algebraic inconsistency, for historical reasons
107b72f1 2381
7cac25e6 2382C<Important note>: when connecting several conditions, the C<-and->|C<-or>
2383operator goes C<outside> of the nested structure; whereas when connecting
2384several constraints on one column, the C<-and> operator goes
be21dde3 2385C<inside> the arrayref. Here is an example combining both features:
7cac25e6 2386
2387 my @where = (
2388 -and => [a => 1, b => 2],
2389 -or => [c => 3, d => 4],
2390 e => [-and => {-like => 'foo%'}, {-like => '%bar'} ]
2391 )
2392
2393yielding
2394
9d48860e 2395 WHERE ( ( ( a = ? AND b = ? )
2396 OR ( c = ? OR d = ? )
7cac25e6 2397 OR ( e LIKE ? AND e LIKE ? ) ) )
2398
107b72f1 2399This difference in syntax is unfortunate but must be preserved for
be21dde3 2400historical reasons. So be careful: the two examples below would
107b72f1 2401seem algebraically equivalent, but they are not
2402
a948b1fe 2403 { col => [ -and =>
2404 { -like => 'foo%' },
2405 { -like => '%bar' },
2406 ] }
be21dde3 2407 # yields: WHERE ( ( col LIKE ? AND col LIKE ? ) )
107b72f1 2408
a948b1fe 2409 [ -and =>
2410 { col => { -like => 'foo%' } },
2411 { col => { -like => '%bar' } },
2412 ]
be21dde3 2413 # yields: WHERE ( ( col LIKE ? OR col LIKE ? ) )
107b72f1 2414
7cac25e6 2415
cc422895 2416=head2 Literal SQL and value type operators
96449e8e 2417
cc422895 2418The basic premise of SQL::Abstract is that in WHERE specifications the "left
2419side" is a column name and the "right side" is a value (normally rendered as
2420a placeholder). This holds true for both hashrefs and arrayref pairs as you
2421see in the L</WHERE CLAUSES> examples above. Sometimes it is necessary to
2422alter this behavior. There are several ways of doing so.
e9614080 2423
cc422895 2424=head3 -ident
2425
2426This is a virtual operator that signals the string to its right side is an
2427identifier (a column name) and not a value. For example to compare two
2428columns you would write:
32eab2da 2429
e9614080 2430 my %where = (
2431 priority => { '<', 2 },
cc422895 2432 requestor => { -ident => 'submitter' },
e9614080 2433 );
2434
2435which creates:
2436
2437 $stmt = "WHERE priority < ? AND requestor = submitter";
2438 @bind = ('2');
2439
cc422895 2440If you are maintaining legacy code you may see a different construct as
2441described in L</Deprecated usage of Literal SQL>, please use C<-ident> in new
2442code.
2443
2444=head3 -value
e9614080 2445
cc422895 2446This is a virtual operator that signals that the construct to its right side
2447is a value to be passed to DBI. This is for example necessary when you want
2448to write a where clause against an array (for RDBMS that support such
2449datatypes). For example:
e9614080 2450
32eab2da 2451 my %where = (
cc422895 2452 array => { -value => [1, 2, 3] }
32eab2da 2453 );
2454
cc422895 2455will result in:
32eab2da 2456
cc422895 2457 $stmt = 'WHERE array = ?';
2458 @bind = ([1, 2, 3]);
32eab2da 2459
cc422895 2460Note that if you were to simply say:
32eab2da 2461
2462 my %where = (
cc422895 2463 array => [1, 2, 3]
32eab2da 2464 );
2465
3af02ccb 2466the result would probably not be what you wanted:
cc422895 2467
2468 $stmt = 'WHERE array = ? OR array = ? OR array = ?';
2469 @bind = (1, 2, 3);
2470
2471=head3 Literal SQL
96449e8e 2472
cc422895 2473Finally, sometimes only literal SQL will do. To include a random snippet
2474of SQL verbatim, you specify it as a scalar reference. Consider this only
2475as a last resort. Usually there is a better way. For example:
96449e8e 2476
2477 my %where = (
cc422895 2478 priority => { '<', 2 },
2479 requestor => { -in => \'(SELECT name FROM hitmen)' },
96449e8e 2480 );
2481
cc422895 2482Would create:
96449e8e 2483
cc422895 2484 $stmt = "WHERE priority < ? AND requestor IN (SELECT name FROM hitmen)"
2485 @bind = (2);
2486
2487Note that in this example, you only get one bind parameter back, since
2488the verbatim SQL is passed as part of the statement.
2489
2490=head4 CAVEAT
2491
2492 Never use untrusted input as a literal SQL argument - this is a massive
2493 security risk (there is no way to check literal snippets for SQL
2494 injections and other nastyness). If you need to deal with untrusted input
2495 use literal SQL with placeholders as described next.
96449e8e 2496
cc422895 2497=head3 Literal SQL with placeholders and bind values (subqueries)
96449e8e 2498
2499If the literal SQL to be inserted has placeholders and bind values,
2500use a reference to an arrayref (yes this is a double reference --
2501not so common, but perfectly legal Perl). For example, to find a date
2502in Postgres you can use something like this:
2503
2504 my %where = (
3ae1c5e2 2505 date_column => \[ "= date '2008-09-30' - ?::integer", 10 ]
96449e8e 2506 )
2507
2508This would create:
2509
d2a8fe1a 2510 $stmt = "WHERE ( date_column = date '2008-09-30' - ?::integer )"
96449e8e 2511 @bind = ('10');
2512
deb148a2 2513Note that you must pass the bind values in the same format as they are returned
85783f3c 2514by L<where|/where(\%where, $order)>. This means that if you set L</bindtype>
1f490ae4 2515to C<columns>, you must provide the bind values in the
2516C<< [ column_meta => value ] >> format, where C<column_meta> is an opaque
2517scalar value; most commonly the column name, but you can use any scalar value
2518(including references and blessed references), L<SQL::Abstract> will simply
2519pass it through intact. So if C<bindtype> is set to C<columns> the above
2520example will look like:
deb148a2 2521
2522 my %where = (
3ae1c5e2 2523 date_column => \[ "= date '2008-09-30' - ?::integer", [ {} => 10 ] ]
deb148a2 2524 )
96449e8e 2525
2526Literal SQL is especially useful for nesting parenthesized clauses in the
be21dde3 2527main SQL query. Here is a first example:
96449e8e 2528
2529 my ($sub_stmt, @sub_bind) = ("SELECT c1 FROM t1 WHERE c2 < ? AND c3 LIKE ?",
2530 100, "foo%");
2531 my %where = (
2532 foo => 1234,
2533 bar => \["IN ($sub_stmt)" => @sub_bind],
2534 );
2535
be21dde3 2536This yields:
96449e8e 2537
9d48860e 2538 $stmt = "WHERE (foo = ? AND bar IN (SELECT c1 FROM t1
96449e8e 2539 WHERE c2 < ? AND c3 LIKE ?))";
2540 @bind = (1234, 100, "foo%");
2541
9d48860e 2542Other subquery operators, like for example C<"E<gt> ALL"> or C<"NOT IN">,
96449e8e 2543are expressed in the same way. Of course the C<$sub_stmt> and
9d48860e 2544its associated bind values can be generated through a former call
96449e8e 2545to C<select()> :
2546
2547 my ($sub_stmt, @sub_bind)
9d48860e 2548 = $sql->select("t1", "c1", {c2 => {"<" => 100},
96449e8e 2549 c3 => {-like => "foo%"}});
2550 my %where = (
2551 foo => 1234,
2552 bar => \["> ALL ($sub_stmt)" => @sub_bind],
2553 );
2554
2555In the examples above, the subquery was used as an operator on a column;
9d48860e 2556but the same principle also applies for a clause within the main C<%where>
be21dde3 2557hash, like an EXISTS subquery:
96449e8e 2558
9d48860e 2559 my ($sub_stmt, @sub_bind)
96449e8e 2560 = $sql->select("t1", "*", {c1 => 1, c2 => \"> t0.c0"});
48d9f5f8 2561 my %where = ( -and => [
96449e8e 2562 foo => 1234,
48d9f5f8 2563 \["EXISTS ($sub_stmt)" => @sub_bind],
2564 ]);
96449e8e 2565
2566which yields
2567
9d48860e 2568 $stmt = "WHERE (foo = ? AND EXISTS (SELECT * FROM t1
96449e8e 2569 WHERE c1 = ? AND c2 > t0.c0))";
2570 @bind = (1234, 1);
2571
2572
9d48860e 2573Observe that the condition on C<c2> in the subquery refers to
be21dde3 2574column C<t0.c0> of the main query: this is I<not> a bind
9d48860e 2575value, so we have to express it through a scalar ref.
96449e8e 2576Writing C<< c2 => {">" => "t0.c0"} >> would have generated
2577C<< c2 > ? >> with bind value C<"t0.c0"> ... not exactly
2578what we wanted here.
2579
96449e8e 2580Finally, here is an example where a subquery is used
2581for expressing unary negation:
2582
9d48860e 2583 my ($sub_stmt, @sub_bind)
96449e8e 2584 = $sql->where({age => [{"<" => 10}, {">" => 20}]});
2585 $sub_stmt =~ s/^ where //i; # don't want "WHERE" in the subclause
2586 my %where = (
2587 lname => {like => '%son%'},
48d9f5f8 2588 \["NOT ($sub_stmt)" => @sub_bind],
96449e8e 2589 );
2590
2591This yields
2592
2593 $stmt = "lname LIKE ? AND NOT ( age < ? OR age > ? )"
2594 @bind = ('%son%', 10, 20)
2595
cc422895 2596=head3 Deprecated usage of Literal SQL
2597
2598Below are some examples of archaic use of literal SQL. It is shown only as
2599reference for those who deal with legacy code. Each example has a much
2600better, cleaner and safer alternative that users should opt for in new code.
2601
2602=over
2603
2604=item *
2605
2606 my %where = ( requestor => \'IS NOT NULL' )
2607
2608 $stmt = "WHERE requestor IS NOT NULL"
2609
2610This used to be the way of generating NULL comparisons, before the handling
2611of C<undef> got formalized. For new code please use the superior syntax as
2612described in L</Tests for NULL values>.
96449e8e 2613
cc422895 2614=item *
2615
2616 my %where = ( requestor => \'= submitter' )
2617
2618 $stmt = "WHERE requestor = submitter"
2619
2620This used to be the only way to compare columns. Use the superior L</-ident>
2621method for all new code. For example an identifier declared in such a way
2622will be properly quoted if L</quote_char> is properly set, while the legacy
2623form will remain as supplied.
2624
2625=item *
2626
2627 my %where = ( is_ready => \"", completed => { '>', '2012-12-21' } )
2628
2629 $stmt = "WHERE completed > ? AND is_ready"
2630 @bind = ('2012-12-21')
2631
2632Using an empty string literal used to be the only way to express a boolean.
2633For all new code please use the much more readable
2634L<-bool|/Unary operators: bool> operator.
2635
2636=back
96449e8e 2637
2638=head2 Conclusion
2639
32eab2da 2640These pages could go on for a while, since the nesting of the data
2641structures this module can handle are pretty much unlimited (the
2642module implements the C<WHERE> expansion as a recursive function
2643internally). Your best bet is to "play around" with the module a
2644little to see how the data structures behave, and choose the best
2645format for your data based on that.
2646
2647And of course, all the values above will probably be replaced with
2648variables gotten from forms or the command line. After all, if you
2649knew everything ahead of time, you wouldn't have to worry about
2650dynamically-generating SQL and could just hardwire it into your
2651script.
2652
86298391 2653=head1 ORDER BY CLAUSES
2654
9d48860e 2655Some functions take an order by clause. This can either be a scalar (just a
18710f60 2656column name), a hashref of C<< { -desc => 'col' } >> or C<< { -asc => 'col' }
2657>>, a scalarref, an arrayref-ref, or an arrayref of any of the previous
2658forms. Examples:
1cfa1db3 2659
8c15b421 2660 Given | Will Generate
18710f60 2661 ---------------------------------------------------------------
8c15b421 2662 |
2663 'colA' | ORDER BY colA
2664 |
2665 [qw/colA colB/] | ORDER BY colA, colB
2666 |
2667 {-asc => 'colA'} | ORDER BY colA ASC
2668 |
2669 {-desc => 'colB'} | ORDER BY colB DESC
2670 |
2671 ['colA', {-asc => 'colB'}] | ORDER BY colA, colB ASC
2672 |
2673 { -asc => [qw/colA colB/] } | ORDER BY colA ASC, colB ASC
2674 |
2675 \'colA DESC' | ORDER BY colA DESC
2676 |
2677 \[ 'FUNC(colA, ?)', $x ] | ORDER BY FUNC(colA, ?)
2678 | /* ...with $x bound to ? */
2679 |
bd805d85 2680 [ | ORDER BY
2681 { -asc => 'colA' }, | colA ASC,
2682 { -desc => [qw/colB/] }, | colB DESC,
2683 { -asc => [qw/colC colD/] },| colC ASC, colD ASC,
2684 \'colE DESC', | colE DESC,
2685 \[ 'FUNC(colF, ?)', $x ], | FUNC(colF, ?)
2686 ] | /* ...with $x bound to ? */
18710f60 2687 ===============================================================
86298391 2688
96449e8e 2689
2690
2691=head1 SPECIAL OPERATORS
2692
e3f9dff4 2693 my $sqlmaker = SQL::Abstract->new(special_ops => [
3a2e1a5e 2694 {
2695 regex => qr/.../,
e3f9dff4 2696 handler => sub {
2697 my ($self, $field, $op, $arg) = @_;
2698 ...
3a2e1a5e 2699 },
2700 },
2701 {
2702 regex => qr/.../,
2703 handler => 'method_name',
e3f9dff4 2704 },
2705 ]);
2706
9d48860e 2707A "special operator" is a SQL syntactic clause that can be
e3f9dff4 2708applied to a field, instead of a usual binary operator.
be21dde3 2709For example:
e3f9dff4 2710
2711 WHERE field IN (?, ?, ?)
2712 WHERE field BETWEEN ? AND ?
2713 WHERE MATCH(field) AGAINST (?, ?)
96449e8e 2714
e3f9dff4 2715Special operators IN and BETWEEN are fairly standard and therefore
3a2e1a5e 2716are builtin within C<SQL::Abstract> (as the overridable methods
2717C<_where_field_IN> and C<_where_field_BETWEEN>). For other operators,
2718like the MATCH .. AGAINST example above which is specific to MySQL,
2719you can write your own operator handlers - supply a C<special_ops>
2720argument to the C<new> method. That argument takes an arrayref of
2721operator definitions; each operator definition is a hashref with two
2722entries:
96449e8e 2723
e3f9dff4 2724=over
2725
2726=item regex
2727
2728the regular expression to match the operator
96449e8e 2729
e3f9dff4 2730=item handler
2731
3a2e1a5e 2732Either a coderef or a plain scalar method name. In both cases
2733the expected return is C<< ($sql, @bind) >>.
2734
2735When supplied with a method name, it is simply called on the
13cc86af 2736L<SQL::Abstract> object as:
3a2e1a5e 2737
ca4f826a 2738 $self->$method_name($field, $op, $arg)
3a2e1a5e 2739
2740 Where:
2741
3a2e1a5e 2742 $field is the LHS of the operator
13cc86af 2743 $op is the part that matched the handler regex
3a2e1a5e 2744 $arg is the RHS
2745
2746When supplied with a coderef, it is called as:
2747
2748 $coderef->($self, $field, $op, $arg)
2749
e3f9dff4 2750
2751=back
2752
9d48860e 2753For example, here is an implementation
e3f9dff4 2754of the MATCH .. AGAINST syntax for MySQL
2755
2756 my $sqlmaker = SQL::Abstract->new(special_ops => [
9d48860e 2757
e3f9dff4 2758 # special op for MySql MATCH (field) AGAINST(word1, word2, ...)
9d48860e 2759 {regex => qr/^match$/i,
e3f9dff4 2760 handler => sub {
2761 my ($self, $field, $op, $arg) = @_;
2762 $arg = [$arg] if not ref $arg;
2763 my $label = $self->_quote($field);
2764 my ($placeholder) = $self->_convert('?');
2765 my $placeholders = join ", ", (($placeholder) x @$arg);
2766 my $sql = $self->_sqlcase('match') . " ($label) "
2767 . $self->_sqlcase('against') . " ($placeholders) ";
2768 my @bind = $self->_bindtype($field, @$arg);
2769 return ($sql, @bind);
2770 }
2771 },
9d48860e 2772
e3f9dff4 2773 ]);
96449e8e 2774
2775
59f23b3d 2776=head1 UNARY OPERATORS
2777
112b5232 2778 my $sqlmaker = SQL::Abstract->new(unary_ops => [
59f23b3d 2779 {
2780 regex => qr/.../,
2781 handler => sub {
2782 my ($self, $op, $arg) = @_;
2783 ...
2784 },
2785 },
2786 {
2787 regex => qr/.../,
2788 handler => 'method_name',
2789 },
2790 ]);
2791
9d48860e 2792A "unary operator" is a SQL syntactic clause that can be
59f23b3d 2793applied to a field - the operator goes before the field
2794
2795You can write your own operator handlers - supply a C<unary_ops>
2796argument to the C<new> method. That argument takes an arrayref of
2797operator definitions; each operator definition is a hashref with two
2798entries:
2799
2800=over
2801
2802=item regex
2803
2804the regular expression to match the operator
2805
2806=item handler
2807
2808Either a coderef or a plain scalar method name. In both cases
2809the expected return is C<< $sql >>.
2810
2811When supplied with a method name, it is simply called on the
13cc86af 2812L<SQL::Abstract> object as:
59f23b3d 2813
ca4f826a 2814 $self->$method_name($op, $arg)
59f23b3d 2815
2816 Where:
2817
2818 $op is the part that matched the handler regex
2819 $arg is the RHS or argument of the operator
2820
2821When supplied with a coderef, it is called as:
2822
2823 $coderef->($self, $op, $arg)
2824
2825
2826=back
2827
2828
32eab2da 2829=head1 PERFORMANCE
2830
2831Thanks to some benchmarking by Mark Stosberg, it turns out that
2832this module is many orders of magnitude faster than using C<DBIx::Abstract>.
2833I must admit this wasn't an intentional design issue, but it's a
2834byproduct of the fact that you get to control your C<DBI> handles
2835yourself.
2836
2837To maximize performance, use a code snippet like the following:
2838
2839 # prepare a statement handle using the first row
2840 # and then reuse it for the rest of the rows
2841 my($sth, $stmt);
2842 for my $href (@array_of_hashrefs) {
2843 $stmt ||= $sql->insert('table', $href);
2844 $sth ||= $dbh->prepare($stmt);
2845 $sth->execute($sql->values($href));
2846 }
2847
2848The reason this works is because the keys in your C<$href> are sorted
2849internally by B<SQL::Abstract>. Thus, as long as your data retains
2850the same structure, you only have to generate the SQL the first time
2851around. On subsequent queries, simply use the C<values> function provided
2852by this module to return your values in the correct order.
2853
b864ba9b 2854However this depends on the values having the same type - if, for
2855example, the values of a where clause may either have values
2856(resulting in sql of the form C<column = ?> with a single bind
2857value), or alternatively the values might be C<undef> (resulting in
2858sql of the form C<column IS NULL> with no bind value) then the
2859caching technique suggested will not work.
96449e8e 2860
32eab2da 2861=head1 FORMBUILDER
2862
2863If you use my C<CGI::FormBuilder> module at all, you'll hopefully
2864really like this part (I do, at least). Building up a complex query
2865can be as simple as the following:
2866
2867 #!/usr/bin/perl
2868
46dc2f3e 2869 use warnings;
2870 use strict;
2871
32eab2da 2872 use CGI::FormBuilder;
2873 use SQL::Abstract;
2874
2875 my $form = CGI::FormBuilder->new(...);
2876 my $sql = SQL::Abstract->new;
2877
2878 if ($form->submitted) {
2879 my $field = $form->field;
2880 my $id = delete $field->{id};
2881 my($stmt, @bind) = $sql->update('table', $field, {id => $id});
2882 }
2883
2884Of course, you would still have to connect using C<DBI> to run the
2885query, but the point is that if you make your form look like your
2886table, the actual query script can be extremely simplistic.
2887
2888If you're B<REALLY> lazy (I am), check out C<HTML::QuickTable> for
9d48860e 2889a fast interface to returning and formatting data. I frequently
32eab2da 2890use these three modules together to write complex database query
2891apps in under 50 lines.
2892
af733667 2893=head1 HOW TO CONTRIBUTE
2894
2895Contributions are always welcome, in all usable forms (we especially
2896welcome documentation improvements). The delivery methods include git-
2897or unified-diff formatted patches, GitHub pull requests, or plain bug
2898reports either via RT or the Mailing list. Contributors are generally
2899granted full access to the official repository after their first several
2900patches pass successful review.
2901
2902This project is maintained in a git repository. The code and related tools are
2903accessible at the following locations:
d8cc1792 2904
2905=over
2906
af733667 2907=item * Official repo: L<git://git.shadowcat.co.uk/dbsrgits/SQL-Abstract.git>
2908
2909=item * Official gitweb: L<http://git.shadowcat.co.uk/gitweb/gitweb.cgi?p=dbsrgits/SQL-Abstract.git>
2910
2911=item * GitHub mirror: L<https://github.com/dbsrgits/sql-abstract>
d8cc1792 2912
af733667 2913=item * Authorized committers: L<ssh://dbsrgits@git.shadowcat.co.uk/SQL-Abstract.git>
d8cc1792 2914
2915=back
32eab2da 2916
96449e8e 2917=head1 CHANGES
2918
2919Version 1.50 was a major internal refactoring of C<SQL::Abstract>.
2920Great care has been taken to preserve the I<published> behavior
2921documented in previous versions in the 1.* family; however,
9d48860e 2922some features that were previously undocumented, or behaved
96449e8e 2923differently from the documentation, had to be changed in order
2924to clarify the semantics. Hence, client code that was relying
9d48860e 2925on some dark areas of C<SQL::Abstract> v1.*
96449e8e 2926B<might behave differently> in v1.50.
32eab2da 2927
be21dde3 2928The main changes are:
d2a8fe1a 2929
96449e8e 2930=over
32eab2da 2931
9d48860e 2932=item *
32eab2da 2933
3ae1c5e2 2934support for literal SQL through the C<< \ [ $sql, @bind ] >> syntax.
96449e8e 2935
2936=item *
2937
145fbfc8 2938support for the { operator => \"..." } construct (to embed literal SQL)
2939
2940=item *
2941
9c37b9c0 2942support for the { operator => \["...", @bind] } construct (to embed literal SQL with bind values)
2943
2944=item *
2945
96449e8e 2946optional support for L<array datatypes|/"Inserting and Updating Arrays">
2947
9d48860e 2948=item *
96449e8e 2949
be21dde3 2950defensive programming: check arguments
96449e8e 2951
2952=item *
2953
2954fixed bug with global logic, which was previously implemented
7cac25e6 2955through global variables yielding side-effects. Prior versions would
96449e8e 2956interpret C<< [ {cond1, cond2}, [cond3, cond4] ] >>
2957as C<< "(cond1 AND cond2) OR (cond3 AND cond4)" >>.
2958Now this is interpreted
2959as C<< "(cond1 AND cond2) OR (cond3 OR cond4)" >>.
2960
96449e8e 2961
2962=item *
2963
2964fixed semantics of _bindtype on array args
2965
9d48860e 2966=item *
96449e8e 2967
2968dropped the C<_anoncopy> of the %where tree. No longer necessary,
2969we just avoid shifting arrays within that tree.
2970
2971=item *
2972
2973dropped the C<_modlogic> function
2974
2975=back
32eab2da 2976
32eab2da 2977=head1 ACKNOWLEDGEMENTS
2978
2979There are a number of individuals that have really helped out with
2980this module. Unfortunately, most of them submitted bugs via CPAN
2981so I have no idea who they are! But the people I do know are:
2982
9d48860e 2983 Ash Berlin (order_by hash term support)
b643abe1 2984 Matt Trout (DBIx::Class support)
32eab2da 2985 Mark Stosberg (benchmarking)
2986 Chas Owens (initial "IN" operator support)
2987 Philip Collins (per-field SQL functions)
2988 Eric Kolve (hashref "AND" support)
2989 Mike Fragassi (enhancements to "BETWEEN" and "LIKE")
2990 Dan Kubb (support for "quote_char" and "name_sep")
f5aab26e 2991 Guillermo Roditi (patch to cleanup "IN" and "BETWEEN", fix and tests for _order_by)
48d9f5f8 2992 Laurent Dami (internal refactoring, extensible list of special operators, literal SQL)
dbdf7648 2993 Norbert Buchmuller (support for literal SQL in hashpair, misc. fixes & tests)
e96c510a 2994 Peter Rabbitson (rewrite of SQLA::Test, misc. fixes & tests)
02288357 2995 Oliver Charles (support for "RETURNING" after "INSERT")
32eab2da 2996
2997Thanks!
2998
32eab2da 2999=head1 SEE ALSO
3000
86298391 3001L<DBIx::Class>, L<DBIx::Abstract>, L<CGI::FormBuilder>, L<HTML::QuickTable>.
32eab2da 3002
32eab2da 3003=head1 AUTHOR
3004
b643abe1 3005Copyright (c) 2001-2007 Nathan Wiger <nwiger@cpan.org>. All Rights Reserved.
3006
3007This module is actively maintained by Matt Trout <mst@shadowcatsystems.co.uk>
32eab2da 3008
abe72f94 3009For support, your best bet is to try the C<DBIx::Class> users mailing list.
3010While not an official support venue, C<DBIx::Class> makes heavy use of
3011C<SQL::Abstract>, and as such list members there are very familiar with
3012how to create queries.
3013
0d067ded 3014=head1 LICENSE
3015
d988ab87 3016This module is free software; you may copy this under the same
3017terms as perl itself (either the GNU General Public License or
3018the Artistic License)
32eab2da 3019
3020=cut
Unnamed repository; edit this file 'description' to name the repository.