projects / scpubgit/Q-Branch.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | history | HEAD
much more sane expansion of idents
[scpubgit/Q-Branch.git] / lib / SQL / Abstract.pm
CommitLineData
96449e8e 1package SQL::Abstract; # see doc at end of file
2
96449e8e 3use strict;
4use warnings;
9d9d5bd6 5use Carp ();
312d830b 6use List::Util ();
7use Scalar::Util ();
96449e8e 8
0da0fe34 9use Exporter 'import';
10our @EXPORT_OK = qw(is_plain_value is_literal_value);
11
12BEGIN {
13 if ($] < 5.009_005) {
14 require MRO::Compat;
15 }
16 else {
17 require mro;
18 }
843a94b5 19
20 *SQL::Abstract::_ENV_::DETECT_AUTOGENERATED_STRINGIFICATION = $ENV{SQLA_ISVALUE_IGNORE_AUTOGENERATED_STRINGIFICATION}
21 ? sub () { 0 }
22 : sub () { 1 }
23 ;
0da0fe34 24}
25
96449e8e 26#======================================================================
27# GLOBALS
28#======================================================================
29
dc6afcf8 30our $VERSION = '1.86';
7479e27e 31
22f1a437 32# This would confuse some packagers
c520207b 33$VERSION = eval $VERSION if $VERSION =~ /_/; # numify for warning-free dev releases
96449e8e 34
35our $AUTOLOAD;
36
37# special operators (-in, -between). May be extended/overridden by user.
38# See section WHERE: BUILTIN SPECIAL OPERATORS below for implementation
39my @BUILTIN_SPECIAL_OPS = (
f663e672 40 {regex => qr/^ (?: not \s )? between $/ix, handler => sub { die "NOPE" }},
41 {regex => qr/^ (?: not \s )? in $/ix, handler => sub { die "NOPE" }},
87c8e45b 42 {regex => qr/^ is (?: \s+ not )? $/ix, handler => sub { die "NOPE" }},
96449e8e 43);
44
45#======================================================================
46# DEBUGGING AND ERROR REPORTING
47#======================================================================
48
49sub _debug {
50 return unless $_[0]->{debug}; shift; # a little faster
51 my $func = (caller(1))[3];
52 warn "[$func] ", @_, "\n";
53}
54
55sub belch (@) {
56 my($func) = (caller(1))[3];
9d9d5bd6 57 Carp::carp "[$func] Warning: ", @_;
96449e8e 58}
59
60sub puke (@) {
61 my($func) = (caller(1))[3];
9d9d5bd6 62 Carp::croak "[$func] Fatal: ", @_;
96449e8e 63}
64
0da0fe34 65sub is_literal_value ($) {
66 ref $_[0] eq 'SCALAR' ? [ ${$_[0]} ]
67 : ( ref $_[0] eq 'REF' and ref ${$_[0]} eq 'ARRAY' ) ? [ @${ $_[0] } ]
0da0fe34 68 : undef;
69}
70
71# FIXME XSify - this can be done so much more efficiently
72sub is_plain_value ($) {
73 no strict 'refs';
966200cc 74 ! length ref $_[0] ? \($_[0])
0da0fe34 75 : (
76 ref $_[0] eq 'HASH' and keys %{$_[0]} == 1
77 and
78 exists $_[0]->{-value}
966200cc 79 ) ? \($_[0]->{-value})
0da0fe34 80 : (
a1c9e0ff 81 # reuse @_ for even moar speedz
82 defined ( $_[1] = Scalar::Util::blessed $_[0] )
0da0fe34 83 and
84 # deliberately not using Devel::OverloadInfo - the checks we are
85 # intersted in are much more limited than the fullblown thing, and
86 # this is a very hot piece of code
87 (
e8d729d4 88 # simply using ->can('(""') can leave behind stub methods that
89 # break actually using the overload later (see L<perldiag/Stub
90 # found while resolving method "%s" overloading "%s" in package
91 # "%s"> and the source of overload::mycan())
44e54b41 92 #
0da0fe34 93 # either has stringification which DBI SHOULD prefer out of the box
a1c9e0ff 94 grep { *{ (qq[${_}::(""]) }{CODE} } @{ $_[2] = mro::get_linear_isa( $_[1] ) }
0da0fe34 95 or
20e178a8 96 # has nummification or boolification, AND fallback is *not* disabled
0da0fe34 97 (
843a94b5 98 SQL::Abstract::_ENV_::DETECT_AUTOGENERATED_STRINGIFICATION
99 and
20e178a8 100 (
101 grep { *{"${_}::(0+"}{CODE} } @{$_[2]}
102 or
103 grep { *{"${_}::(bool"}{CODE} } @{$_[2]}
104 )
0da0fe34 105 and
106 (
107 # no fallback specified at all
a1c9e0ff 108 ! ( ($_[3]) = grep { *{"${_}::()"}{CODE} } @{$_[2]} )
0da0fe34 109 or
110 # fallback explicitly undef
a1c9e0ff 111 ! defined ${"$_[3]::()"}
0da0fe34 112 or
113 # explicitly true
a1c9e0ff 114 !! ${"$_[3]::()"}
0da0fe34 115 )
116 )
117 )
966200cc 118 ) ? \($_[0])
0da0fe34 119 : undef;
120}
121
122
96449e8e 123
124#======================================================================
125# NEW
126#======================================================================
127
128sub new {
129 my $self = shift;
130 my $class = ref($self) || $self;
131 my %opt = (ref $_[0] eq 'HASH') ? %{$_[0]} : @_;
132
133 # choose our case by keeping an option around
134 delete $opt{case} if $opt{case} && $opt{case} ne 'lower';
135
136 # default logic for interpreting arrayrefs
ef559da3 137 $opt{logic} = $opt{logic} ? uc $opt{logic} : 'OR';
96449e8e 138
139 # how to return bind vars
96449e8e 140 $opt{bindtype} ||= 'normal';
141
142 # default comparison is "=", but can be overridden
143 $opt{cmp} ||= '=';
144
3af02ccb 145 # try to recognize which are the 'equality' and 'inequality' ops
3cdadcbe 146 # (temporary quickfix (in 2007), should go through a more seasoned API)
147 $opt{equality_op} = qr/^( \Q$opt{cmp}\E | \= )$/ix;
148 $opt{inequality_op} = qr/^( != | <> )$/ix;
149
150 $opt{like_op} = qr/^ (is\s+)? r?like $/xi;
151 $opt{not_like_op} = qr/^ (is\s+)? not \s+ r?like $/xi;
96449e8e 152
153 # SQL booleans
154 $opt{sqltrue} ||= '1=1';
155 $opt{sqlfalse} ||= '0=1';
156
9d48860e 157 # special operators
30af97c5 158 $opt{special_ops} ||= [];
159
b6251592 160 # regexes are applied in order, thus push after user-defines
96449e8e 161 push @{$opt{special_ops}}, @BUILTIN_SPECIAL_OPS;
162
cf06e9dc 163 if ($class->isa('DBIx::Class::SQLMaker')) {
dd1d0dbf 164 push @{$opt{special_ops}}, our $DBIC_Compat_Op ||= {
165 regex => qr/^(?:ident|value)$/i, handler => sub { die "NOPE" }
166 };
cf06e9dc 167 $opt{is_dbic_sqlmaker} = 1;
dd1d0dbf 168 }
169
9d48860e 170 # unary operators
59f23b3d 171 $opt{unary_ops} ||= [];
59f23b3d 172
3af02ccb 173 # rudimentary sanity-check for user supplied bits treated as functions/operators
b6251592 174 # If a purported function matches this regular expression, an exception is thrown.
175 # Literal SQL is *NOT* subject to this check, only functions (and column names
176 # when quoting is not in effect)
96449e8e 177
b6251592 178 # FIXME
179 # need to guard against ()'s in column names too, but this will break tons of
180 # hacks... ideas anyone?
181 $opt{injection_guard} ||= qr/
182 \;
183 |
184 ^ \s* go \s
185 /xmi;
96449e8e 186
21225d32 187 $opt{render} = {
188 (map +("-$_", "_render_$_"), qw(op func bind ident literal list)),
189 %{$opt{render}||{}}
b07681b1 190 };
191
ec19b759 192 $opt{expand_unary} = {};
193
b6251592 194 return bless \%opt, $class;
195}
96449e8e 196
e175845b 197sub sqltrue { +{ -literal => [ $_[0]->{sqltrue} ] } }
198sub sqlfalse { +{ -literal => [ $_[0]->{sqlfalse} ] } }
170e6c33 199
200sub _assert_pass_injection_guard {
201 if ($_[1] =~ $_[0]->{injection_guard}) {
202 my $class = ref $_[0];
203 puke "Possible SQL injection attempt '$_[1]'. If this is indeed a part of the "
204 . "desired SQL use literal SQL ( \'...' or \[ '...' ] ) or supply your own "
205 . "{injection_guard} attribute to ${class}->new()"
206 }
207}
208
209
96449e8e 210#======================================================================
211# INSERT methods
212#======================================================================
213
214sub insert {
02288357 215 my $self = shift;
216 my $table = $self->_table(shift);
217 my $data = shift || return;
218 my $options = shift;
96449e8e 219
220 my $method = $self->_METHOD_FOR_refkind("_insert", $data);
02288357 221 my ($sql, @bind) = $self->$method($data);
96449e8e 222 $sql = join " ", $self->_sqlcase('insert into'), $table, $sql;
02288357 223
e82e648a 224 if ($options->{returning}) {
ca4f826a 225 my ($s, @b) = $self->_insert_returning($options);
e82e648a 226 $sql .= $s;
227 push @bind, @b;
02288357 228 }
229
96449e8e 230 return wantarray ? ($sql, @bind) : $sql;
231}
232
60f3fd3f 233# So that subclasses can override INSERT ... RETURNING separately from
234# UPDATE and DELETE (e.g. DBIx::Class::SQLMaker::Oracle does this)
b17a3ece 235sub _insert_returning { shift->_returning(@_) }
236
95904db5 237sub _returning {
e82e648a 238 my ($self, $options) = @_;
6b1fe79d 239
e82e648a 240 my $f = $options->{returning};
241
79d310f2 242 my ($sql, @bind) = $self->render_aqt(
ff96fdd4 243 $self->_expand_maybe_list_expr($f, undef, -ident)
244 );
245 return wantarray
246 ? $self->_sqlcase(' returning ') . $sql
247 : ($self->_sqlcase(' returning ').$sql, @bind);
6b1fe79d 248}
249
96449e8e 250sub _insert_HASHREF { # explicit list of fields and then values
251 my ($self, $data) = @_;
252
253 my @fields = sort keys %$data;
254
fe3ae272 255 my ($sql, @bind) = $self->_insert_values($data);
96449e8e 256
257 # assemble SQL
258 $_ = $self->_quote($_) foreach @fields;
259 $sql = "( ".join(", ", @fields).") ".$sql;
260
261 return ($sql, @bind);
262}
263
264sub _insert_ARRAYREF { # just generate values(?,?) part (no list of fields)
265 my ($self, $data) = @_;
266
267 # no names (arrayref) so can't generate bindtype
268 $self->{bindtype} ne 'columns'
269 or belch "can't do 'columns' bindtype when called with arrayref";
270
19b6ccce 271 my (@values, @all_bind);
272 foreach my $value (@$data) {
273 my ($values, @bind) = $self->_insert_value(undef, $value);
274 push @values, $values;
275 push @all_bind, @bind;
276 }
277 my $sql = $self->_sqlcase('values')." ( ".join(", ", @values)." )";
278 return ($sql, @all_bind);
fe3ae272 279}
280
281sub _insert_ARRAYREFREF { # literal SQL with bind
282 my ($self, $data) = @_;
283
284 my ($sql, @bind) = @${$data};
285 $self->_assert_bindval_matches_bindtype(@bind);
286
287 return ($sql, @bind);
288}
289
290
291sub _insert_SCALARREF { # literal SQL without bind
292 my ($self, $data) = @_;
293
294 return ($$data);
295}
296
297sub _insert_values {
298 my ($self, $data) = @_;
299
96449e8e 300 my (@values, @all_bind);
fe3ae272 301 foreach my $column (sort keys %$data) {
19b6ccce 302 my ($values, @bind) = $self->_insert_value($column, $data->{$column});
303 push @values, $values;
304 push @all_bind, @bind;
305 }
306 my $sql = $self->_sqlcase('values')." ( ".join(", ", @values)." )";
307 return ($sql, @all_bind);
308}
96449e8e 309
19b6ccce 310sub _insert_value {
311 my ($self, $column, $v) = @_;
96449e8e 312
79d310f2 313 return $self->render_aqt(
720ca4f7 314 $self->_expand_insert_value($column, $v)
315 );
316}
96449e8e 317
720ca4f7 318sub _expand_insert_value {
319 my ($self, $column, $v) = @_;
96449e8e 320
720ca4f7 321 if (ref($v) eq 'ARRAY') {
322 if ($self->{array_datatypes}) {
323 return +{ -bind => [ $column, $v ] };
324 }
325 my ($sql, @bind) = @$v;
326 $self->_assert_bindval_matches_bindtype(@bind);
327 return +{ -literal => $v };
328 }
329 if (ref($v) eq 'HASH') {
330 if (grep !/^-/, keys %$v) {
331 belch "HASH ref as bind value in insert is not supported";
332 return +{ -bind => [ $column, $v ] };
333 }
334 }
335 if (!defined($v)) {
336 return +{ -bind => [ $column, undef ] };
337 }
338 local our $Cur_Col_Meta = $column;
79d310f2 339 return $self->expand_expr($v);
96449e8e 340}
341
342
96449e8e 343
344#======================================================================
345# UPDATE methods
346#======================================================================
347
348
349sub update {
95904db5 350 my $self = shift;
351 my $table = $self->_table(shift);
352 my $data = shift || return;
353 my $where = shift;
354 my $options = shift;
96449e8e 355
356 # first build the 'SET' part of the sql statement
96449e8e 357 puke "Unsupported data type specified to \$sql->update"
358 unless ref $data eq 'HASH';
359
9ade906e 360 my ($sql, @all_bind) = $self->_update_set_values($data);
a9e94508 361 $sql = $self->_sqlcase('update ') . $table . $self->_sqlcase(' set ')
9ade906e 362 . $sql;
363
364 if ($where) {
365 my($where_sql, @where_bind) = $self->where($where);
366 $sql .= $where_sql;
367 push @all_bind, @where_bind;
368 }
369
370 if ($options->{returning}) {
371 my ($returning_sql, @returning_bind) = $self->_update_returning($options);
372 $sql .= $returning_sql;
373 push @all_bind, @returning_bind;
374 }
375
376 return wantarray ? ($sql, @all_bind) : $sql;
377}
378
379sub _update_set_values {
380 my ($self, $data) = @_;
381
79d310f2 382 return $self->render_aqt(
89690da2 383 $self->_expand_update_set_values($data),
384 );
385}
96449e8e 386
89690da2 387sub _expand_update_set_values {
388 my ($self, $data) = @_;
389 $self->_expand_maybe_list_expr( [
390 map {
391 my ($k, $set) = @$_;
c4ed66f4 392 $set = { -bind => $_ } unless defined $set;
9103bd14 393 +{ -op => [ '=', $self->_expand_ident(-ident => $k), $set ] };
89690da2 394 }
395 map {
396 my $k = $_;
397 my $v = $data->{$k};
398 (ref($v) eq 'ARRAY'
399 ? ($self->{array_datatypes}
400 ? [ $k, +{ -bind => [ $k, $v ] } ]
401 : [ $k, +{ -literal => $v } ])
402 : do {
403 local our $Cur_Col_Meta = $k;
404 [ $k, $self->_expand_expr($v) ]
405 }
406 );
407 } sort keys %$data
408 ] );
96449e8e 409}
410
60f3fd3f 411# So that subclasses can override UPDATE ... RETURNING separately from
412# INSERT and DELETE
20bb2ad5 413sub _update_returning { shift->_returning(@_) }
96449e8e 414
415
416
417#======================================================================
418# SELECT
419#======================================================================
420
421
422sub select {
423 my $self = shift;
424 my $table = $self->_table(shift);
425 my $fields = shift || '*';
426 my $where = shift;
427 my $order = shift;
428
daa4ccdd 429 my ($fields_sql, @bind) = $self->_select_fields($fields);
96449e8e 430
daa4ccdd 431 my ($where_sql, @where_bind) = $self->where($where, $order);
432 push @bind, @where_bind;
433
434 my $sql = join(' ', $self->_sqlcase('select'), $fields_sql,
96449e8e 435 $self->_sqlcase('from'), $table)
436 . $where_sql;
437
9d48860e 438 return wantarray ? ($sql, @bind) : $sql;
96449e8e 439}
440
daa4ccdd 441sub _select_fields {
442 my ($self, $fields) = @_;
de63ce57 443 return $fields unless ref($fields);
79d310f2 444 return $self->render_aqt(
27592e2b 445 $self->_expand_maybe_list_expr($fields, undef, '-ident')
446 );
daa4ccdd 447}
448
96449e8e 449#======================================================================
450# DELETE
451#======================================================================
452
453
454sub delete {
85327cd5 455 my $self = shift;
456 my $table = $self->_table(shift);
457 my $where = shift;
458 my $options = shift;
96449e8e 459
460 my($where_sql, @bind) = $self->where($where);
a9e94508 461 my $sql = $self->_sqlcase('delete from ') . $table . $where_sql;
96449e8e 462
85327cd5 463 if ($options->{returning}) {
ca4f826a 464 my ($returning_sql, @returning_bind) = $self->_delete_returning($options);
85327cd5 465 $sql .= $returning_sql;
466 push @bind, @returning_bind;
467 }
468
9d48860e 469 return wantarray ? ($sql, @bind) : $sql;
96449e8e 470}
471
60f3fd3f 472# So that subclasses can override DELETE ... RETURNING separately from
473# INSERT and UPDATE
85327cd5 474sub _delete_returning { shift->_returning(@_) }
475
476
96449e8e 477
478#======================================================================
479# WHERE: entry point
480#======================================================================
481
482
483
484# Finally, a separate routine just to handle WHERE clauses
485sub where {
486 my ($self, $where, $order) = @_;
487
7ad12721 488 local $self->{convert_where} = $self->{convert};
489
96449e8e 490 # where ?
e175845b 491 my ($sql, @bind) = defined($where)
492 ? $self->_recurse_where($where)
493 : (undef);
417dd15e 494 $sql = (defined $sql and length $sql) ? $self->_sqlcase(' where ') . "( $sql )" : '';
96449e8e 495
496 # order by?
497 if ($order) {
26fe4d30 498 my ($order_sql, @order_bind) = $self->_order_by($order);
499 $sql .= $order_sql;
500 push @bind, @order_bind;
96449e8e 501 }
502
9d48860e 503 return wantarray ? ($sql, @bind) : $sql;
96449e8e 504}
505
79d310f2 506sub expand_expr {
54d3140f 507 my ($self, $expr, $default_scalar_to) = @_;
508 local our $Default_Scalar_To = $default_scalar_to if $default_scalar_to;
7d93797d 509 $self->_expand_expr($expr);
79d310f2 510}
511
512sub render_aqt {
513 my ($self, $aqt) = @_;
514 my ($k, $v, @rest) = %$aqt;
515 die "No" if @rest;
21225d32 516 if (my $meth = $self->{render}{$k}) {
79d310f2 517 return $self->$meth($v);
518 }
519 die "notreached: $k";
520}
521
6082a464 522sub render_expr {
523 my ($self, $expr) = @_;
524 $self->render_aqt($self->expand_expr($expr));
525}
526
a2cd381d 527sub _expand_expr {
2558b622 528 my ($self, $expr, $logic, $default_scalar_to) = @_;
529 local our $Default_Scalar_To = $default_scalar_to if $default_scalar_to;
3ae10d16 530 our $Expand_Depth ||= 0; local $Expand_Depth = $Expand_Depth + 1;
252518da 531 return undef unless defined($expr);
59588695 532 if (ref($expr) eq 'HASH') {
533 if (keys %$expr > 1) {
534 $logic ||= 'and';
77617257 535 return +{ -op => [
536 $logic,
59588695 537 map $self->_expand_expr_hashpair($_ => $expr->{$_}, $logic),
538 sort keys %$expr
539 ] };
540 }
2f88d495 541 return undef unless keys %$expr;
59588695 542 return $self->_expand_expr_hashpair(%$expr, $logic);
a2cd381d 543 }
08264f40 544 if (ref($expr) eq 'ARRAY') {
99a65fa8 545 my $logic = lc($logic || $self->{logic});
08264f40 546 $logic eq 'and' or $logic eq 'or' or puke "unknown logic: $logic";
547
1c0c0f41 548 my @expr = grep {
549 (ref($_) eq 'ARRAY' and @$_)
550 or (ref($_) eq 'HASH' and %$_)
551 or 1
552 } @$expr;
08264f40 553
554 my @res;
555
556 while (my ($el) = splice @expr, 0, 1) {
557 puke "Supplying an empty left hand side argument is not supported in array-pairs"
558 unless defined($el) and length($el);
559 my $elref = ref($el);
560 if (!$elref) {
dd1d0dbf 561 local $Expand_Depth = 0;
f4082f8b 562 push(@res, grep defined, $self->_expand_expr({ $el, shift(@expr) }));
08264f40 563 } elsif ($elref eq 'ARRAY') {
f4082f8b 564 push(@res, grep defined, $self->_expand_expr($el)) if @$el;
ec857800 565 } elsif (my $l = is_literal_value($el)) {
566 push @res, { -literal => $l };
08264f40 567 } elsif ($elref eq 'HASH') {
dd1d0dbf 568 local $Expand_Depth = 0;
f4082f8b 569 push @res, grep defined, $self->_expand_expr($el) if %$el;
08264f40 570 } else {
da4a0964 571 die "notreached";
08264f40 572 }
573 }
2143604f 574 return { -op => [ $logic, @res ] };
08264f40 575 }
ca3da680 576 if (my $literal = is_literal_value($expr)) {
577 return +{ -literal => $literal };
578 }
99a65fa8 579 if (!ref($expr) or Scalar::Util::blessed($expr)) {
2558b622 580 if (my $d = $Default_Scalar_To) {
a332e2cb 581 return $self->_expand_expr({ $d => $expr });
2558b622 582 }
99a65fa8 583 if (my $m = our $Cur_Col_Meta) {
584 return +{ -bind => [ $m, $expr ] };
585 }
a332e2cb 586 return +{ -bind => [ undef, $expr ] };
252518da 587 }
252518da 588 die "notreached";
a2cd381d 589}
96449e8e 590
59588695 591sub _expand_expr_hashpair {
592 my ($self, $k, $v, $logic) = @_;
d13725da 593 unless (defined($k) and length($k)) {
2d64004f 594 if (defined($k) and my $literal = is_literal_value($v)) {
d13725da 595 belch 'Hash-pairs consisting of an empty string with a literal are deprecated, and will be removed in 2.0: use -and => [ $literal ] instead';
2d64004f 596 return { -literal => $literal };
d13725da 597 }
598 puke "Supplying an empty left hand side argument is not supported";
599 }
ef071fad 600 if ($k =~ /^-/) {
99a65fa8 601 $self->_assert_pass_injection_guard($k =~ /^-(.*)$/s);
602 if ($k =~ s/ [_\s]? \d+ $//x ) {
603 belch 'Use of [and|or|nest]_N modifiers is deprecated and will be removed in SQLA v2.0. '
604 . "You probably wanted ...-and => [ $k => COND1, $k => COND2 ... ]";
605 }
ef071fad 606 if ($k eq '-nest') {
0fc68377 607 # DBIx::Class requires a nest warning to be emitted once but the private
608 # method it overrode to do so no longer exists
cf06e9dc 609 if ($self->{is_dbic_sqlmaker}) {
610 unless (our $Nest_Warned) {
0fc68377 611 belch(
612 "-nest in search conditions is deprecated, you most probably wanted:\n"
613 .q|{..., -and => [ \%cond0, \@cond1, \'cond2', \[ 'cond3', [ col => bind ] ], etc. ], ... }|
614 );
615 $Nest_Warned = 1;
616 }
617 }
ef071fad 618 return $self->_expand_expr($v);
619 }
6ab1562a 620 if ($k eq '-bool') {
621 if (ref($v)) {
622 return $self->_expand_expr($v);
623 }
624 puke "-bool => undef not supported" unless defined($v);
944f2c7b 625 return $self->_expand_ident(-ident => $v);
6ab1562a 626 }
99a65fa8 627 if ($k eq '-not') {
0c7e3af0 628 return { -op => [ 'not', $self->_expand_expr($v) ] };
99a65fa8 629 }
ce3bc4b0 630 if (my ($rest) = $k =~/^-not[_ ](.*)$/) {
0c7e3af0 631 return +{ -op => [
632 'not',
99a65fa8 633 $self->_expand_expr_hashpair("-${rest}", $v, $logic)
0c7e3af0 634 ] };
ce3bc4b0 635 }
99a65fa8 636 if (my ($logic) = $k =~ /^-(and|or)$/i) {
dd2d5bf7 637 if (ref($v) eq 'HASH') {
638 return $self->_expand_expr($v, $logic);
639 }
99a65fa8 640 if (ref($v) eq 'ARRAY') {
641 return $self->_expand_expr($v, $logic);
642 }
dd2d5bf7 643 }
99a65fa8 644 {
645 my $op = $k;
646 $op =~ s/^-// if length($op) > 1;
647
648 # top level special ops are illegal in general
3ae10d16 649 # note that, arguably, if it makes no sense at top level, it also
650 # makes no sense on the other side of an = sign or similar but DBIC
651 # gets disappointingly upset if I disallow it
652 if (
653 (our $Expand_Depth) == 1
654 and List::Util::first { $op =~ $_->{regex} } @{$self->{special_ops}}
655 ) {
656 puke "Illegal use of top-level '-$op'"
657 }
96a8d74a 658 if (my $us = List::Util::first { $op =~ $_->{regex} } @{$self->{unary_ops}}) {
659 return { -op => [ $op, $v ] };
660 }
99a65fa8 661 }
a332e2cb 662 if ($k eq '-value') {
663 return +{ -bind => [ our $Cur_Col_Meta, $v ] };
99a65fa8 664 }
7d93797d 665 if ($k eq '-ident') {
666 return $self->_expand_ident(-ident => $v);
667 }
ec19b759 668 if (my $custom = $self->{expand_unary}{$k}) {
669 return $self->$custom($v);
670 }
21225d32 671 if ($self->{render}{$k}) {
99a65fa8 672 return { $k => $v };
d13725da 673 }
711892b1 674 if (
675 ref($v) eq 'HASH'
676 and keys %$v == 1
677 and (keys %$v)[0] =~ /^-/
678 ) {
679 my ($func) = $k =~ /^-(.*)$/;
3ae10d16 680 if (List::Util::first { $func =~ $_->{regex} } @{$self->{special_ops}}) {
681 return +{ -op => [ $func, $self->_expand_expr($v) ] };
682 }
711892b1 683 return +{ -func => [ $func, $self->_expand_expr($v) ] };
684 }
685 if (!ref($v) or is_literal_value($v)) {
99a65fa8 686 return +{ -op => [ $k =~ /^-(.*)$/, $self->_expand_expr($v) ] };
59588695 687 }
99a65fa8 688 }
689 if (
690 !defined($v)
691 or (
692 ref($v) eq 'HASH'
693 and exists $v->{-value}
694 and not defined $v->{-value}
695 )
696 ) {
697 return $self->_expand_expr_hashpair($k => { $self->{cmp} => undef });
698 }
699 if (!ref($v) or Scalar::Util::blessed($v)) {
ec19b759 700 my $d = our $Default_Scalar_To;
99a65fa8 701 return +{
702 -op => [
703 $self->{cmp},
944f2c7b 704 $self->_expand_ident(-ident => $k),
7d93797d 705 ($d
706 ? $self->_expand_expr($d => $v)
707 : { -bind => [ $k, $v ] }
708 )
99a65fa8 709 ]
710 };
711 }
712 if (ref($v) eq 'HASH') {
713 if (keys %$v > 1) {
e175845b 714 return { -op => [
715 'and',
99a65fa8 716 map $self->_expand_expr_hashpair($k => { $_ => $v->{$_} }),
717 sort keys %$v
718 ] };
719 }
b18a95e4 720 return undef unless keys %$v;
99a65fa8 721 my ($vk, $vv) = %$v;
722 $vk =~ s/^-//;
723 $vk = lc($vk);
724 $self->_assert_pass_injection_guard($vk);
725 if ($vk =~ s/ [_\s]? \d+ $//x ) {
726 belch 'Use of [and|or|nest]_N modifiers is deprecated and will be removed in SQLA v2.0. '
727 . "You probably wanted ...-and => [ -$vk => COND1, -$vk => COND2 ... ]";
728 }
729 if ($vk =~ /^(?:not[ _])?between$/) {
730 local our $Cur_Col_Meta = $k;
731 my @rhs = map $self->_expand_expr($_),
732 ref($vv) eq 'ARRAY' ? @$vv : $vv;
733 unless (
734 (@rhs == 1 and ref($rhs[0]) eq 'HASH' and $rhs[0]->{-literal})
735 or
736 (@rhs == 2 and defined($rhs[0]) and defined($rhs[1]))
737 ) {
738 puke "Operator '${\uc($vk)}' requires either an arrayref with two defined values or expressions, or a single literal scalarref/arrayref-ref";
b5b18861 739 }
99a65fa8 740 return +{ -op => [
741 join(' ', split '_', $vk),
944f2c7b 742 $self->_expand_ident(-ident => $k),
99a65fa8 743 @rhs
744 ] }
745 }
746 if ($vk =~ /^(?:not[ _])?in$/) {
747 if (my $literal = is_literal_value($vv)) {
748 my ($sql, @bind) = @$literal;
749 my $opened_sql = $self->_open_outer_paren($sql);
10d07c4e 750 return +{ -op => [
944f2c7b 751 $vk, $self->_expand_ident(-ident => $k),
99a65fa8 752 [ { -literal => [ $opened_sql, @bind ] } ]
10d07c4e 753 ] };
754 }
99a65fa8 755 my $undef_err =
756 'SQL::Abstract before v1.75 used to generate incorrect SQL when the '
757 . "-${\uc($vk)} operator was given an undef-containing list: !!!AUDIT YOUR CODE "
758 . 'AND DATA!!! (the upcoming Data::Query-based version of SQL::Abstract '
759 . 'will emit the logically correct SQL instead of raising this exception)'
760 ;
761 puke("Argument passed to the '${\uc($vk)}' operator can not be undefined")
762 if !defined($vv);
763 my @rhs = map $self->_expand_expr($_),
764 map { ref($_) ? $_ : { -bind => [ $k, $_ ] } }
765 map { defined($_) ? $_: puke($undef_err) }
766 (ref($vv) eq 'ARRAY' ? @$vv : $vv);
e175845b 767 return $self->${\($vk =~ /^not/ ? 'sqltrue' : 'sqlfalse')} unless @rhs;
99a65fa8 768
769 return +{ -op => [
770 join(' ', split '_', $vk),
944f2c7b 771 $self->_expand_ident(-ident => $k),
99a65fa8 772 \@rhs
773 ] };
774 }
775 if ($vk eq 'ident') {
02b8fe35 776 if (! defined $vv or (ref($vv) and ref($vv) eq 'ARRAY')) {
777 puke "-$vk requires a single plain scalar argument (a quotable identifier) or an arrayref of identifier parts";
f7778474 778 }
99a65fa8 779 return +{ -op => [
780 $self->{cmp},
de8d04fb 781 $self->_expand_ident(-ident => $k),
782 $self->_expand_ident(-ident => $vv),
99a65fa8 783 ] };
784 }
785 if ($vk eq 'value') {
786 return $self->_expand_expr_hashpair($k, undef) unless defined($vv);
787 return +{ -op => [
788 $self->{cmp},
de8d04fb 789 $self->_expand_ident(-ident => $k),
99a65fa8 790 { -bind => [ $k, $vv ] }
791 ] };
792 }
793 if ($vk =~ /^is(?:[ _]not)?$/) {
794 puke "$vk can only take undef as argument"
795 if defined($vv)
796 and not (
797 ref($vv) eq 'HASH'
798 and exists($vv->{-value})
799 and !defined($vv->{-value})
800 );
801 $vk =~ s/_/ /g;
de8d04fb 802 return +{ -op => [ $vk.' null', $self->_expand_ident(-ident => $k) ] };
99a65fa8 803 }
804 if ($vk =~ /^(and|or)$/) {
805 if (ref($vv) eq 'HASH') {
e62fe58a 806 return +{ -op => [
807 $vk,
99a65fa8 808 map $self->_expand_expr_hashpair($k, { $_ => $vv->{$_} }),
809 sort keys %$vv
7d7868d1 810 ] };
811 }
e28d9b13 812 }
30af97c5 813 if (my $us = List::Util::first { $vk =~ $_->{regex} } @{$self->{special_ops}}) {
7d93797d 814 return { -op => [ $vk, $self->_expand_ident(-ident => $k), $vv ] };
7dbe1183 815 }
96a8d74a 816 if (my $us = List::Util::first { $vk =~ $_->{regex} } @{$self->{unary_ops}}) {
817 return { -op => [
818 $self->{cmp},
de8d04fb 819 $self->_expand_ident(-ident => $k),
96a8d74a 820 { -op => [ $vk, $vv ] }
821 ] };
822 }
99a65fa8 823 if (ref($vv) eq 'ARRAY') {
824 my ($logic, @values) = (
825 (defined($vv->[0]) and $vv->[0] =~ /^-(and|or)$/i)
826 ? @$vv
827 : (-or => @$vv)
828 );
829 if (
830 $vk =~ $self->{inequality_op}
831 or join(' ', split '_', $vk) =~ $self->{not_like_op}
832 ) {
833 if (lc($logic) eq '-or' and @values > 1) {
834 my $op = uc join ' ', split '_', $vk;
835 belch "A multi-element arrayref as an argument to the inequality op '$op' "
836 . 'is technically equivalent to an always-true 1=1 (you probably wanted '
837 . "to say ...{ \$inequality_op => [ -and => \@values ] }... instead)"
838 ;
839 }
ef071fad 840 }
b3cb13e8 841 unless (@values) {
842 # try to DWIM on equality operators
843 my $op = join ' ', split '_', $vk;
844 return
e175845b 845 $op =~ $self->{equality_op} ? $self->sqlfalse
846 : $op =~ $self->{like_op} ? belch("Supplying an empty arrayref to '@{[ uc $op]}' is deprecated") && $self->sqlfalse
847 : $op =~ $self->{inequality_op} ? $self->sqltrue
848 : $op =~ $self->{not_like_op} ? belch("Supplying an empty arrayref to '@{[ uc $op]}' is deprecated") && $self->sqltrue
b3cb13e8 849 : puke "operator '$op' applied on an empty array (field '$k')";
850 }
63c97a0b 851 return +{ -op => [
852 $logic =~ /^-(.*)$/,
99a65fa8 853 map $self->_expand_expr_hashpair($k => { $vk => $_ }),
854 @values
855 ] };
856 }
857 if (
858 !defined($vv)
859 or (
860 ref($vv) eq 'HASH'
861 and exists $vv->{-value}
862 and not defined $vv->{-value}
863 )
864 ) {
865 my $op = join ' ', split '_', $vk;
866 my $is =
867 $op =~ /^not$/i ? 'is not' # legacy
868 : $op =~ $self->{equality_op} ? 'is'
869 : $op =~ $self->{like_op} ? belch("Supplying an undefined argument to '@{[ uc $op]}' is deprecated") && 'is'
870 : $op =~ $self->{inequality_op} ? 'is not'
871 : $op =~ $self->{not_like_op} ? belch("Supplying an undefined argument to '@{[ uc $op]}' is deprecated") && 'is not'
872 : puke "unexpected operator '$op' with undef operand";
de8d04fb 873 return +{ -op => [ $is.' null', $self->_expand_ident(-ident => $k) ] };
99a65fa8 874 }
875 local our $Cur_Col_Meta = $k;
876 return +{ -op => [
877 $vk,
de8d04fb 878 $self->_expand_ident(-ident => $k),
99a65fa8 879 $self->_expand_expr($vv)
880 ] };
881 }
882 if (ref($v) eq 'ARRAY') {
e175845b 883 return $self->sqlfalse unless @$v;
99a65fa8 884 $self->_debug("ARRAY($k) means distribute over elements");
885 my $this_logic = (
886 $v->[0] =~ /^-((?:and|or))$/i
887 ? ($v = [ @{$v}[1..$#$v] ], $1)
888 : ($self->{logic} || 'or')
889 );
cba28f66 890 return +{ -op => [
891 $this_logic,
892 map $self->_expand_expr({ $k => $_ }, $this_logic), @$v
893 ] };
99a65fa8 894 }
895 if (my $literal = is_literal_value($v)) {
896 unless (length $k) {
897 belch 'Hash-pairs consisting of an empty string with a literal are deprecated, and will be removed in 2.0: use -and => [ $literal ] instead';
898 return \$literal;
899 }
900 my ($sql, @bind) = @$literal;
901 if ($self->{bindtype} eq 'columns') {
902 for (@bind) {
6fb2bd90 903 $self->_assert_bindval_matches_bindtype($_);
aa8d7bdb 904 }
331e2209 905 }
99a65fa8 906 return +{ -literal => [ $self->_quote($k).' '.$sql, @bind ] };
331e2209 907 }
99a65fa8 908 die "notreached";
59588695 909}
910
9103bd14 911sub _expand_ident {
912 my ($self, undef, $body) = @_;
913 my @parts = map split(/\Q${\($self->{name_sep}||'.')}\E/, $_),
914 ref($body) ? @$body : $body;
944f2c7b 915 return { -ident => $parts[-1] } if $self->{_dequalify_idents};
916 unless ($self->{quote_char}) {
917 $self->_assert_pass_injection_guard($_) for @parts;
918 }
9103bd14 919 return +{ -ident => \@parts };
920}
921
96449e8e 922sub _recurse_where {
923 my ($self, $where, $logic) = @_;
924
5492d4c2 925 # Special case: top level simple string treated as literal
926
927 my $where_exp = (ref($where)
ae56a156 928 ? $self->_expand_expr($where, $logic)
5492d4c2 929 : { -literal => [ $where ] });
e175845b 930
e3e27543 931 # dispatch expanded expression
311b2151 932
79d310f2 933 my ($sql, @bind) = defined($where_exp) ? $self->render_aqt($where_exp) : (undef);
abe1a491 934 # DBIx::Class used to call _recurse_where in scalar context
935 # something else might too...
936 if (wantarray) {
937 return ($sql, @bind);
938 }
939 else {
940 belch "Calling _recurse_where in scalar context is deprecated and will go away before 2.0";
941 return $sql;
942 }
96449e8e 943}
944
181dcebf 945sub _render_ident {
946 my ($self, $ident) = @_;
cc422895 947
9cf28dfb 948 return $self->_convert($self->_quote($ident));
cc422895 949}
950
c452734e 951my %unop_postfix = map +($_ => 1),
952 'is null', 'is not null',
953 'asc', 'desc',
954;
d13725da 955
b5b18861 956my %special = (
957 (map +($_ => do {
958 my $op = $_;
959 sub {
960 my ($self, $args) = @_;
961 my ($left, $low, $high) = @$args;
962 my ($rhsql, @rhbind) = do {
963 if (@$args == 2) {
964 puke "Single arg to between must be a literal"
965 unless $low->{-literal};
966 @{$low->{-literal}}
967 } else {
79d310f2 968 my ($l, $h) = map [ $self->render_aqt($_) ], $low, $high;
b5b18861 969 (join(' ', $l->[0], $self->_sqlcase('and'), $h->[0]),
970 @{$l}[1..$#$l], @{$h}[1..$#$h])
971 }
972 };
79d310f2 973 my ($lhsql, @lhbind) = $self->render_aqt($left);
b5b18861 974 return (
975 join(' ', '(', $lhsql, $self->_sqlcase($op), $rhsql, ')'),
976 @lhbind, @rhbind
977 );
978 }
979 }), 'between', 'not between'),
10d07c4e 980 (map +($_ => do {
981 my $op = $_;
982 sub {
983 my ($self, $args) = @_;
984 my ($lhs, $rhs) = @$args;
985 my @in_bind;
986 my @in_sql = map {
79d310f2 987 my ($sql, @bind) = $self->render_aqt($_);
10d07c4e 988 push @in_bind, @bind;
989 $sql;
990 } @$rhs;
79d310f2 991 my ($lhsql, @lbind) = $self->render_aqt($lhs);
10d07c4e 992 return (
993 $lhsql.' '.$self->_sqlcase($op).' ( '
994 .join(', ', @in_sql)
995 .' )',
996 @lbind, @in_bind
997 );
998 }
999 }), 'in', 'not in'),
b5b18861 1000);
1001
181dcebf 1002sub _render_op {
1003 my ($self, $v) = @_;
d13725da 1004 my ($op, @args) = @$v;
1005 $op =~ s/^-// if length($op) > 1;
cba28f66 1006 $op = lc($op);
b5b18861 1007 if (my $h = $special{$op}) {
1008 return $self->$h(\@args);
1009 }
3ae10d16 1010 my $us = List::Util::first { $op =~ $_->{regex} } @{$self->{special_ops}};
1011 if ($us and @args > 1) {
99a65fa8 1012 puke "Special op '${op}' requires first value to be identifier"
7d93797d 1013 unless my ($ident) = map $_->{-ident}, grep ref($_) eq 'HASH', $args[0];
1014 my $k = join(($self->{name_sep}||'.'), @$ident);
dd1d0dbf 1015 local our $Expand_Depth = 1;
99a65fa8 1016 return $self->${\($us->{handler})}($k, $op, $args[1]);
1017 }
96a8d74a 1018 if (my $us = List::Util::first { $op =~ $_->{regex} } @{$self->{unary_ops}}) {
1019 return $self->${\($us->{handler})}($op, $args[0]);
1020 }
99a65fa8 1021 my $final_op = $op =~ /^(?:is|not)_/ ? join(' ', split '_', $op) : $op;
2143604f 1022 if (@args == 1 and $op !~ /^(and|or)$/) {
79d310f2 1023 my ($expr_sql, @bind) = $self->render_aqt($args[0]);
d13725da 1024 my $op_sql = $self->_sqlcase($final_op);
1025 my $final_sql = (
1026 $unop_postfix{lc($final_op)}
1027 ? "${expr_sql} ${op_sql}"
1028 : "${op_sql} ${expr_sql}"
1029 );
3ae10d16 1030 return (($op eq 'not' || $us ? '('.$final_sql.')' : $final_sql), @bind);
16d9289c 1031 } else {
79d310f2 1032 my @parts = grep length($_->[0]), map [ $self->render_aqt($_) ], @args;
1c0c0f41 1033 return '' unless @parts;
230812fc 1034 my $is_andor = !!($op =~ /^(and|or)$/);
1035 return @{$parts[0]} if $is_andor and @parts == 1;
1036 my ($final_sql) = map +($is_andor ? "( ${_} )" : $_), join(
352d74bc 1037 ' '.$self->_sqlcase($final_op).' ',
77617257 1038 map $_->[0], @parts
1039 );
99a65fa8 1040 return (
77617257 1041 $final_sql,
16d9289c 1042 map @{$_}[1..$#$_], @parts
99a65fa8 1043 );
d13725da 1044 }
1045 die "unhandled";
1046}
1047
352d74bc 1048sub _render_list {
1049 my ($self, $list) = @_;
79d310f2 1050 my @parts = grep length($_->[0]), map [ $self->render_aqt($_) ], @$list;
352d74bc 1051 return join(', ', map $_->[0], @parts), map @{$_}[1..$#$_], @parts;
1052}
1053
181dcebf 1054sub _render_func {
1055 my ($self, $rest) = @_;
711892b1 1056 my ($func, @args) = @$rest;
1057 my @arg_sql;
1058 my @bind = map {
1059 my @x = @$_;
1060 push @arg_sql, shift @x;
1061 @x
79d310f2 1062 } map [ $self->render_aqt($_) ], @args;
711892b1 1063 return ($self->_sqlcase($func).'('.join(', ', @arg_sql).')', @bind);
1064}
1065
181dcebf 1066sub _render_bind {
1067 my ($self, $bind) = @_;
d13725da 1068 return ($self->_convert('?'), $self->_bindtype(@$bind));
1069}
1070
181dcebf 1071sub _render_literal {
1072 my ($self, $literal) = @_;
465d43fd 1073 $self->_assert_bindval_matches_bindtype(@{$literal}[1..$#$literal]);
aa8d7bdb 1074 return @$literal;
1075}
1076
4a1f01a3 1077# Some databases (SQLite) treat col IN (1, 2) different from
1078# col IN ( (1, 2) ). Use this to strip all outer parens while
1079# adding them back in the corresponding method
1080sub _open_outer_paren {
1081 my ($self, $sql) = @_;
a5f91feb 1082
ca4f826a 1083 while (my ($inner) = $sql =~ /^ \s* \( (.*) \) \s* $/xs) {
a5f91feb 1084
1085 # there are closing parens inside, need the heavy duty machinery
1086 # to reevaluate the extraction starting from $sql (full reevaluation)
ca4f826a 1087 if ($inner =~ /\)/) {
a5f91feb 1088 require Text::Balanced;
1089
1090 my (undef, $remainder) = do {
1091 # idiotic design - writes to $@ but *DOES NOT* throw exceptions
1092 local $@;
ca4f826a 1093 Text::Balanced::extract_bracketed($sql, '()', qr/\s*/);
a5f91feb 1094 };
1095
1096 # the entire expression needs to be a balanced bracketed thing
1097 # (after an extract no remainder sans trailing space)
1098 last if defined $remainder and $remainder =~ /\S/;
1099 }
1100
1101 $sql = $inner;
1102 }
1103
1104 $sql;
4a1f01a3 1105}
1106
96449e8e 1107
96449e8e 1108#======================================================================
1109# ORDER BY
1110#======================================================================
1111
33177570 1112sub _expand_order_by {
96449e8e 1113 my ($self, $arg) = @_;
1114
33177570 1115 return unless defined($arg) and not (ref($arg) eq 'ARRAY' and !@$arg);
2b6158af 1116
4325df6a 1117 my $expander = sub {
1118 my ($self, $dir, $expr) = @_;
52ca537e 1119 my @to_expand = ref($expr) eq 'ARRAY' ? @$expr : $expr;
1120 foreach my $arg (@to_expand) {
1121 if (
1122 ref($arg) eq 'HASH'
1123 and keys %$arg > 1
1124 and grep /^-(asc|desc)$/, keys %$arg
1125 ) {
1126 puke "ordering direction hash passed to order by must have exactly one key (-asc or -desc)";
1127 }
1128 }
4325df6a 1129 my @exp = map +(defined($dir) ? { -op => [ $dir => $_ ] } : $_),
79d310f2 1130 map $self->expand_expr($_, -ident),
74156ee9 1131 map ref($_) eq 'ARRAY' ? @$_ : $_, @to_expand;
352d74bc 1132 return (@exp > 1 ? { -list => \@exp } : $exp[0]);
4325df6a 1133 };
18c743c8 1134
ec19b759 1135 local @{$self->{expand_unary}}{qw(-asc -desc)} = (
1136 sub { shift->$expander(asc => @_) },
1137 sub { shift->$expander(desc => @_) },
1138 );
f267b646 1139
33177570 1140 return $self->$expander(undef, $arg);
1141}
1142
1143sub _order_by {
1144 my ($self, $arg) = @_;
1145
1146 return '' unless defined(my $expanded = $self->_expand_order_by($arg));
4325df6a 1147
79d310f2 1148 my ($sql, @bind) = $self->render_aqt($expanded);
4325df6a 1149
13cd9220 1150 return '' unless length($sql);
1151
4325df6a 1152 my $final_sql = $self->_sqlcase(' order by ').$sql;
1153
1154 return wantarray ? ($final_sql, @bind) : $final_sql;
f267b646 1155}
1156
2e3cc357 1157# _order_by no longer needs to call this so doesn't but DBIC uses it.
1158
33177570 1159sub _order_by_chunks {
1160 my ($self, $arg) = @_;
1161
1162 return () unless defined(my $expanded = $self->_expand_order_by($arg));
1163
2e3cc357 1164 return $self->_chunkify_order_by($expanded);
1165}
1166
1167sub _chunkify_order_by {
1168 my ($self, $expanded) = @_;
1b630cfe 1169
79d310f2 1170 return grep length, $self->render_aqt($expanded)
1b630cfe 1171 if $expanded->{-ident} or @{$expanded->{-literal}||[]} == 1;
1172
33177570 1173 for ($expanded) {
352d74bc 1174 if (ref() eq 'HASH' and my $l = $_->{-list}) {
1175 return map $self->_chunkify_order_by($_), @$l;
33177570 1176 }
79d310f2 1177 return [ $self->render_aqt($_) ];
33177570 1178 }
1179}
1180
96449e8e 1181#======================================================================
1182# DATASOURCE (FOR NOW, JUST PLAIN TABLE OR LIST OF TABLES)
1183#======================================================================
1184
1185sub _table {
1186 my $self = shift;
1187 my $from = shift;
79d310f2 1188 ($self->render_aqt(
8476c6a3 1189 $self->_expand_maybe_list_expr($from, undef, -ident)
7ad12721 1190 ))[0];
96449e8e 1191}
1192
1193
1194#======================================================================
1195# UTILITY FUNCTIONS
1196#======================================================================
1197
8476c6a3 1198sub _expand_maybe_list_expr {
1199 my ($self, $expr, $logic, $default) = @_;
bba04f52 1200 my $e = do {
1201 if (ref($expr) eq 'ARRAY') {
352d74bc 1202 return { -list => [
4ee3313d 1203 map $self->expand_expr($_, $default), @$expr
bba04f52 1204 ] } if @$expr > 1;
1205 $expr->[0]
1206 } else {
1207 $expr
1208 }
1209 };
4ee3313d 1210 return $self->expand_expr($e, $default);
8476c6a3 1211}
1212
955e77ca 1213# highly optimized, as it's called way too often
96449e8e 1214sub _quote {
955e77ca 1215 # my ($self, $label) = @_;
96449e8e 1216
955e77ca 1217 return '' unless defined $_[1];
955e77ca 1218 return ${$_[1]} if ref($_[1]) eq 'SCALAR';
d3162b5c 1219 puke 'Identifier cannot be hashref' if ref($_[1]) eq 'HASH';
96449e8e 1220
d3162b5c 1221 unless ($_[0]->{quote_char}) {
1222 if (ref($_[1]) eq 'ARRAY') {
1223 return join($_[0]->{name_sep}||'.', @{$_[1]});
1224 } else {
1225 $_[0]->_assert_pass_injection_guard($_[1]);
1226 return $_[1];
1227 }
1228 }
96449e8e 1229
07d7c35c 1230 my $qref = ref $_[0]->{quote_char};
439834d3 1231 my ($l, $r) =
1232 !$qref ? ($_[0]->{quote_char}, $_[0]->{quote_char})
1233 : ($qref eq 'ARRAY') ? @{$_[0]->{quote_char}}
1234 : puke "Unsupported quote_char format: $_[0]->{quote_char}";
1235
46be4313 1236 my $esc = $_[0]->{escape_char} || $r;
96449e8e 1237
07d7c35c 1238 # parts containing * are naturally unquoted
d3162b5c 1239 return join(
1240 $_[0]->{name_sep}||'',
1241 map +(
1242 $_ eq '*'
1243 ? $_
1244 : do { (my $n = $_) =~ s/(\Q$esc\E|\Q$r\E)/$esc$1/g; $l . $n . $r }
1245 ),
1246 (ref($_[1]) eq 'ARRAY'
1247 ? @{$_[1]}
1248 : (
1249 $_[0]->{name_sep}
1250 ? split (/\Q$_[0]->{name_sep}\E/, $_[1] )
1251 : $_[1]
1252 )
1253 )
955e77ca 1254 );
96449e8e 1255}
1256
1257
1258# Conversion, if applicable
d7c862e0 1259sub _convert {
07d7c35c 1260 #my ($self, $arg) = @_;
7ad12721 1261 if ($_[0]->{convert_where}) {
1262 return $_[0]->_sqlcase($_[0]->{convert_where}) .'(' . $_[1] . ')';
96449e8e 1263 }
07d7c35c 1264 return $_[1];
96449e8e 1265}
1266
1267# And bindtype
d7c862e0 1268sub _bindtype {
07d7c35c 1269 #my ($self, $col, @vals) = @_;
07d7c35c 1270 # called often - tighten code
1271 return $_[0]->{bindtype} eq 'columns'
1272 ? map {[$_[1], $_]} @_[2 .. $#_]
1273 : @_[2 .. $#_]
1274 ;
96449e8e 1275}
1276
fe3ae272 1277# Dies if any element of @bind is not in [colname => value] format
1278# if bindtype is 'columns'.
1279sub _assert_bindval_matches_bindtype {
c94a6c93 1280# my ($self, @bind) = @_;
1281 my $self = shift;
fe3ae272 1282 if ($self->{bindtype} eq 'columns') {
c94a6c93 1283 for (@_) {
1284 if (!defined $_ || ref($_) ne 'ARRAY' || @$_ != 2) {
3a06278c 1285 puke "bindtype 'columns' selected, you need to pass: [column_name => bind_value]"
fe3ae272 1286 }
1287 }
1288 }
1289}
1290
96449e8e 1291sub _join_sql_clauses {
1292 my ($self, $logic, $clauses_aref, $bind_aref) = @_;
1293
1294 if (@$clauses_aref > 1) {
1295 my $join = " " . $self->_sqlcase($logic) . " ";
1296 my $sql = '( ' . join($join, @$clauses_aref) . ' )';
1297 return ($sql, @$bind_aref);
1298 }
1299 elsif (@$clauses_aref) {
1300 return ($clauses_aref->[0], @$bind_aref); # no parentheses
1301 }
1302 else {
1303 return (); # if no SQL, ignore @$bind_aref
1304 }
1305}
1306
1307
1308# Fix SQL case, if so requested
1309sub _sqlcase {
96449e8e 1310 # LDNOTE: if $self->{case} is true, then it contains 'lower', so we
1311 # don't touch the argument ... crooked logic, but let's not change it!
07d7c35c 1312 return $_[0]->{case} ? $_[1] : uc($_[1]);
96449e8e 1313}
1314
1315
1316#======================================================================
1317# DISPATCHING FROM REFKIND
1318#======================================================================
1319
1320sub _refkind {
1321 my ($self, $data) = @_;
96449e8e 1322
955e77ca 1323 return 'UNDEF' unless defined $data;
1324
1325 # blessed objects are treated like scalars
1326 my $ref = (Scalar::Util::blessed $data) ? '' : ref $data;
1327
1328 return 'SCALAR' unless $ref;
1329
1330 my $n_steps = 1;
1331 while ($ref eq 'REF') {
96449e8e 1332 $data = $$data;
955e77ca 1333 $ref = (Scalar::Util::blessed $data) ? '' : ref $data;
1334 $n_steps++ if $ref;
96449e8e 1335 }
1336
848556bc 1337 return ($ref||'SCALAR') . ('REF' x $n_steps);
96449e8e 1338}
1339
1340sub _try_refkind {
1341 my ($self, $data) = @_;
1342 my @try = ($self->_refkind($data));
1343 push @try, 'SCALAR_or_UNDEF' if $try[0] eq 'SCALAR' || $try[0] eq 'UNDEF';
1344 push @try, 'FALLBACK';
955e77ca 1345 return \@try;
96449e8e 1346}
1347
1348sub _METHOD_FOR_refkind {
1349 my ($self, $meth_prefix, $data) = @_;
f39eaa60 1350
1351 my $method;
955e77ca 1352 for (@{$self->_try_refkind($data)}) {
f39eaa60 1353 $method = $self->can($meth_prefix."_".$_)
1354 and last;
1355 }
1356
1357 return $method || puke "cannot dispatch on '$meth_prefix' for ".$self->_refkind($data);
96449e8e 1358}
1359
1360
1361sub _SWITCH_refkind {
1362 my ($self, $data, $dispatch_table) = @_;
1363
f39eaa60 1364 my $coderef;
955e77ca 1365 for (@{$self->_try_refkind($data)}) {
f39eaa60 1366 $coderef = $dispatch_table->{$_}
1367 and last;
1368 }
1369
1370 puke "no dispatch entry for ".$self->_refkind($data)
1371 unless $coderef;
1372
96449e8e 1373 $coderef->();
1374}
1375
1376
1377
1378
1379#======================================================================
1380# VALUES, GENERATE, AUTOLOAD
1381#======================================================================
1382
1383# LDNOTE: original code from nwiger, didn't touch code in that section
1384# I feel the AUTOLOAD stuff should not be the default, it should
1385# only be activated on explicit demand by user.
1386
1387sub values {
1388 my $self = shift;
1389 my $data = shift || return;
1390 puke "Argument to ", __PACKAGE__, "->values must be a \\%hash"
1391 unless ref $data eq 'HASH';
bab725ce 1392
1393 my @all_bind;
ca4f826a 1394 foreach my $k (sort keys %$data) {
bab725ce 1395 my $v = $data->{$k};
1396 $self->_SWITCH_refkind($v, {
9d48860e 1397 ARRAYREF => sub {
bab725ce 1398 if ($self->{array_datatypes}) { # array datatype
1399 push @all_bind, $self->_bindtype($k, $v);
1400 }
1401 else { # literal SQL with bind
1402 my ($sql, @bind) = @$v;
1403 $self->_assert_bindval_matches_bindtype(@bind);
1404 push @all_bind, @bind;
1405 }
1406 },
1407 ARRAYREFREF => sub { # literal SQL with bind
1408 my ($sql, @bind) = @${$v};
1409 $self->_assert_bindval_matches_bindtype(@bind);
1410 push @all_bind, @bind;
1411 },
1412 SCALARREF => sub { # literal SQL without bind
1413 },
1414 SCALAR_or_UNDEF => sub {
1415 push @all_bind, $self->_bindtype($k, $v);
1416 },
1417 });
1418 }
1419
1420 return @all_bind;
96449e8e 1421}
1422
1423sub generate {
1424 my $self = shift;
1425
1426 my(@sql, @sqlq, @sqlv);
1427
1428 for (@_) {
1429 my $ref = ref $_;
1430 if ($ref eq 'HASH') {
1431 for my $k (sort keys %$_) {
1432 my $v = $_->{$k};
1433 my $r = ref $v;
1434 my $label = $self->_quote($k);
1435 if ($r eq 'ARRAY') {
fe3ae272 1436 # literal SQL with bind
1437 my ($sql, @bind) = @$v;
1438 $self->_assert_bindval_matches_bindtype(@bind);
96449e8e 1439 push @sqlq, "$label = $sql";
fe3ae272 1440 push @sqlv, @bind;
96449e8e 1441 } elsif ($r eq 'SCALAR') {
fe3ae272 1442 # literal SQL without bind
96449e8e 1443 push @sqlq, "$label = $$v";
9d48860e 1444 } else {
96449e8e 1445 push @sqlq, "$label = ?";
1446 push @sqlv, $self->_bindtype($k, $v);
1447 }
1448 }
1449 push @sql, $self->_sqlcase('set'), join ', ', @sqlq;
1450 } elsif ($ref eq 'ARRAY') {
1451 # unlike insert(), assume these are ONLY the column names, i.e. for SQL
1452 for my $v (@$_) {
1453 my $r = ref $v;
fe3ae272 1454 if ($r eq 'ARRAY') { # literal SQL with bind
1455 my ($sql, @bind) = @$v;
1456 $self->_assert_bindval_matches_bindtype(@bind);
1457 push @sqlq, $sql;
1458 push @sqlv, @bind;
1459 } elsif ($r eq 'SCALAR') { # literal SQL without bind
96449e8e 1460 # embedded literal SQL
1461 push @sqlq, $$v;
9d48860e 1462 } else {
96449e8e 1463 push @sqlq, '?';
1464 push @sqlv, $v;
1465 }
1466 }
1467 push @sql, '(' . join(', ', @sqlq) . ')';
1468 } elsif ($ref eq 'SCALAR') {
1469 # literal SQL
1470 push @sql, $$_;
1471 } else {
1472 # strings get case twiddled
1473 push @sql, $self->_sqlcase($_);
1474 }
1475 }
1476
1477 my $sql = join ' ', @sql;
1478
1479 # this is pretty tricky
1480 # if ask for an array, return ($stmt, @bind)
1481 # otherwise, s/?/shift @sqlv/ to put it inline
1482 if (wantarray) {
1483 return ($sql, @sqlv);
1484 } else {
1485 1 while $sql =~ s/\?/my $d = shift(@sqlv);
1486 ref $d ? $d->[1] : $d/e;
1487 return $sql;
1488 }
1489}
1490
1491
1492sub DESTROY { 1 }
1493
1494sub AUTOLOAD {
1495 # This allows us to check for a local, then _form, attr
1496 my $self = shift;
1497 my($name) = $AUTOLOAD =~ /.*::(.+)/;
1498 return $self->generate($name, @_);
1499}
1500
15011;
1502
1503
1504
1505__END__
32eab2da 1506
1507=head1 NAME
1508
1509SQL::Abstract - Generate SQL from Perl data structures
1510
1511=head1 SYNOPSIS
1512
1513 use SQL::Abstract;
1514
1515 my $sql = SQL::Abstract->new;
1516
85783f3c 1517 my($stmt, @bind) = $sql->select($source, \@fields, \%where, $order);
32eab2da 1518
1519 my($stmt, @bind) = $sql->insert($table, \%fieldvals || \@values);
1520
1521 my($stmt, @bind) = $sql->update($table, \%fieldvals, \%where);
1522
1523 my($stmt, @bind) = $sql->delete($table, \%where);
1524
1525 # Then, use these in your DBI statements
1526 my $sth = $dbh->prepare($stmt);
1527 $sth->execute(@bind);
1528
1529 # Just generate the WHERE clause
85783f3c 1530 my($stmt, @bind) = $sql->where(\%where, $order);
32eab2da 1531
1532 # Return values in the same order, for hashed queries
1533 # See PERFORMANCE section for more details
1534 my @bind = $sql->values(\%fieldvals);
1535
1536=head1 DESCRIPTION
1537
1538This module was inspired by the excellent L<DBIx::Abstract>.
1539However, in using that module I found that what I really wanted
1540to do was generate SQL, but still retain complete control over my
1541statement handles and use the DBI interface. So, I set out to
1542create an abstract SQL generation module.
1543
1544While based on the concepts used by L<DBIx::Abstract>, there are
1545several important differences, especially when it comes to WHERE
1546clauses. I have modified the concepts used to make the SQL easier
1547to generate from Perl data structures and, IMO, more intuitive.
1548The underlying idea is for this module to do what you mean, based
1549on the data structures you provide it. The big advantage is that
1550you don't have to modify your code every time your data changes,
1551as this module figures it out.
1552
1553To begin with, an SQL INSERT is as easy as just specifying a hash
1554of C<key=value> pairs:
1555
1556 my %data = (
1557 name => 'Jimbo Bobson',
1558 phone => '123-456-7890',
1559 address => '42 Sister Lane',
1560 city => 'St. Louis',
1561 state => 'Louisiana',
1562 );
1563
1564The SQL can then be generated with this:
1565
1566 my($stmt, @bind) = $sql->insert('people', \%data);
1567
1568Which would give you something like this:
1569
1570 $stmt = "INSERT INTO people
1571 (address, city, name, phone, state)
1572 VALUES (?, ?, ?, ?, ?)";
1573 @bind = ('42 Sister Lane', 'St. Louis', 'Jimbo Bobson',
1574 '123-456-7890', 'Louisiana');
1575
1576These are then used directly in your DBI code:
1577
1578 my $sth = $dbh->prepare($stmt);
1579 $sth->execute(@bind);
1580
96449e8e 1581=head2 Inserting and Updating Arrays
1582
1583If your database has array types (like for example Postgres),
1584activate the special option C<< array_datatypes => 1 >>
9d48860e 1585when creating the C<SQL::Abstract> object.
96449e8e 1586Then you may use an arrayref to insert and update database array types:
1587
1588 my $sql = SQL::Abstract->new(array_datatypes => 1);
1589 my %data = (
1590 planets => [qw/Mercury Venus Earth Mars/]
1591 );
9d48860e 1592
96449e8e 1593 my($stmt, @bind) = $sql->insert('solar_system', \%data);
1594
1595This results in:
1596
1597 $stmt = "INSERT INTO solar_system (planets) VALUES (?)"
1598
1599 @bind = (['Mercury', 'Venus', 'Earth', 'Mars']);
1600
1601
1602=head2 Inserting and Updating SQL
1603
1604In order to apply SQL functions to elements of your C<%data> you may
1605specify a reference to an arrayref for the given hash value. For example,
1606if you need to execute the Oracle C<to_date> function on a value, you can
1607say something like this:
32eab2da 1608
1609 my %data = (
1610 name => 'Bill',
3ae1c5e2 1611 date_entered => \[ "to_date(?,'MM/DD/YYYY')", "03/02/2003" ],
9d48860e 1612 );
32eab2da 1613
1614The first value in the array is the actual SQL. Any other values are
1615optional and would be included in the bind values array. This gives
1616you:
1617
1618 my($stmt, @bind) = $sql->insert('people', \%data);
1619
9d48860e 1620 $stmt = "INSERT INTO people (name, date_entered)
32eab2da 1621 VALUES (?, to_date(?,'MM/DD/YYYY'))";
1622 @bind = ('Bill', '03/02/2003');
1623
1624An UPDATE is just as easy, all you change is the name of the function:
1625
1626 my($stmt, @bind) = $sql->update('people', \%data);
1627
1628Notice that your C<%data> isn't touched; the module will generate
1629the appropriately quirky SQL for you automatically. Usually you'll
1630want to specify a WHERE clause for your UPDATE, though, which is
1631where handling C<%where> hashes comes in handy...
1632
96449e8e 1633=head2 Complex where statements
1634
32eab2da 1635This module can generate pretty complicated WHERE statements
1636easily. For example, simple C<key=value> pairs are taken to mean
1637equality, and if you want to see if a field is within a set
1638of values, you can use an arrayref. Let's say we wanted to
1639SELECT some data based on this criteria:
1640
1641 my %where = (
1642 requestor => 'inna',
1643 worker => ['nwiger', 'rcwe', 'sfz'],
1644 status => { '!=', 'completed' }
1645 );
1646
1647 my($stmt, @bind) = $sql->select('tickets', '*', \%where);
1648
1649The above would give you something like this:
1650
1651 $stmt = "SELECT * FROM tickets WHERE
1652 ( requestor = ? ) AND ( status != ? )
1653 AND ( worker = ? OR worker = ? OR worker = ? )";
1654 @bind = ('inna', 'completed', 'nwiger', 'rcwe', 'sfz');
1655
1656Which you could then use in DBI code like so:
1657
1658 my $sth = $dbh->prepare($stmt);
1659 $sth->execute(@bind);
1660
1661Easy, eh?
1662
0da0fe34 1663=head1 METHODS
32eab2da 1664
13cc86af 1665The methods are simple. There's one for every major SQL operation,
32eab2da 1666and a constructor you use first. The arguments are specified in a
13cc86af 1667similar order for each method (table, then fields, then a where
32eab2da 1668clause) to try and simplify things.
1669
32eab2da 1670=head2 new(option => 'value')
1671
1672The C<new()> function takes a list of options and values, and returns
1673a new B<SQL::Abstract> object which can then be used to generate SQL
1674through the methods below. The options accepted are:
1675
1676=over
1677
1678=item case
1679
1680If set to 'lower', then SQL will be generated in all lowercase. By
1681default SQL is generated in "textbook" case meaning something like:
1682
1683 SELECT a_field FROM a_table WHERE some_field LIKE '%someval%'
1684
96449e8e 1685Any setting other than 'lower' is ignored.
1686
32eab2da 1687=item cmp
1688
1689This determines what the default comparison operator is. By default
1690it is C<=>, meaning that a hash like this:
1691
1692 %where = (name => 'nwiger', email => 'nate@wiger.org');
1693
1694Will generate SQL like this:
1695
1696 WHERE name = 'nwiger' AND email = 'nate@wiger.org'
1697
1698However, you may want loose comparisons by default, so if you set
1699C<cmp> to C<like> you would get SQL such as:
1700
1701 WHERE name like 'nwiger' AND email like 'nate@wiger.org'
1702
3af02ccb 1703You can also override the comparison on an individual basis - see
32eab2da 1704the huge section on L</"WHERE CLAUSES"> at the bottom.
1705
96449e8e 1706=item sqltrue, sqlfalse
1707
1708Expressions for inserting boolean values within SQL statements.
6e0c6552 1709By default these are C<1=1> and C<1=0>. They are used
1710by the special operators C<-in> and C<-not_in> for generating
1711correct SQL even when the argument is an empty array (see below).
96449e8e 1712
32eab2da 1713=item logic
1714
1715This determines the default logical operator for multiple WHERE
7cac25e6 1716statements in arrays or hashes. If absent, the default logic is "or"
1717for arrays, and "and" for hashes. This means that a WHERE
32eab2da 1718array of the form:
1719
1720 @where = (
9d48860e 1721 event_date => {'>=', '2/13/99'},
1722 event_date => {'<=', '4/24/03'},
32eab2da 1723 );
1724
7cac25e6 1725will generate SQL like this:
32eab2da 1726
1727 WHERE event_date >= '2/13/99' OR event_date <= '4/24/03'
1728
1729This is probably not what you want given this query, though (look
1730at the dates). To change the "OR" to an "AND", simply specify:
1731
1732 my $sql = SQL::Abstract->new(logic => 'and');
1733
1734Which will change the above C<WHERE> to:
1735
1736 WHERE event_date >= '2/13/99' AND event_date <= '4/24/03'
1737
96449e8e 1738The logic can also be changed locally by inserting
be21dde3 1739a modifier in front of an arrayref:
96449e8e 1740
9d48860e 1741 @where = (-and => [event_date => {'>=', '2/13/99'},
7cac25e6 1742 event_date => {'<=', '4/24/03'} ]);
96449e8e 1743
1744See the L</"WHERE CLAUSES"> section for explanations.
1745
32eab2da 1746=item convert
1747
1748This will automatically convert comparisons using the specified SQL
1749function for both column and value. This is mostly used with an argument
1750of C<upper> or C<lower>, so that the SQL will have the effect of
1751case-insensitive "searches". For example, this:
1752
1753 $sql = SQL::Abstract->new(convert => 'upper');
1754 %where = (keywords => 'MaKe iT CAse inSeNSItive');
1755
1756Will turn out the following SQL:
1757
1758 WHERE upper(keywords) like upper('MaKe iT CAse inSeNSItive')
1759
1760The conversion can be C<upper()>, C<lower()>, or any other SQL function
1761that can be applied symmetrically to fields (actually B<SQL::Abstract> does
1762not validate this option; it will just pass through what you specify verbatim).
1763
1764=item bindtype
1765
1766This is a kludge because many databases suck. For example, you can't
1767just bind values using DBI's C<execute()> for Oracle C<CLOB> or C<BLOB> fields.
1768Instead, you have to use C<bind_param()>:
1769
1770 $sth->bind_param(1, 'reg data');
1771 $sth->bind_param(2, $lots, {ora_type => ORA_CLOB});
1772
1773The problem is, B<SQL::Abstract> will normally just return a C<@bind> array,
1774which loses track of which field each slot refers to. Fear not.
1775
1776If you specify C<bindtype> in new, you can determine how C<@bind> is returned.
1777Currently, you can specify either C<normal> (default) or C<columns>. If you
1778specify C<columns>, you will get an array that looks like this:
1779
1780 my $sql = SQL::Abstract->new(bindtype => 'columns');
1781 my($stmt, @bind) = $sql->insert(...);
1782
1783 @bind = (
1784 [ 'column1', 'value1' ],
1785 [ 'column2', 'value2' ],
1786 [ 'column3', 'value3' ],
1787 );
1788
1789You can then iterate through this manually, using DBI's C<bind_param()>.
e3f9dff4 1790
32eab2da 1791 $sth->prepare($stmt);
1792 my $i = 1;
1793 for (@bind) {
1794 my($col, $data) = @$_;
1795 if ($col eq 'details' || $col eq 'comments') {
1796 $sth->bind_param($i, $data, {ora_type => ORA_CLOB});
1797 } elsif ($col eq 'image') {
1798 $sth->bind_param($i, $data, {ora_type => ORA_BLOB});
1799 } else {
1800 $sth->bind_param($i, $data);
1801 }
1802 $i++;
1803 }
1804 $sth->execute; # execute without @bind now
1805
1806Now, why would you still use B<SQL::Abstract> if you have to do this crap?
1807Basically, the advantage is still that you don't have to care which fields
1808are or are not included. You could wrap that above C<for> loop in a simple
1809sub called C<bind_fields()> or something and reuse it repeatedly. You still
1810get a layer of abstraction over manual SQL specification.
1811
3ae1c5e2 1812Note that if you set L</bindtype> to C<columns>, the C<\[ $sql, @bind ]>
deb148a2 1813construct (see L</Literal SQL with placeholders and bind values (subqueries)>)
1814will expect the bind values in this format.
1815
32eab2da 1816=item quote_char
1817
1818This is the character that a table or column name will be quoted
9d48860e 1819with. By default this is an empty string, but you could set it to
32eab2da 1820the character C<`>, to generate SQL like this:
1821
1822 SELECT `a_field` FROM `a_table` WHERE `some_field` LIKE '%someval%'
1823
96449e8e 1824Alternatively, you can supply an array ref of two items, the first being the left
1825hand quote character, and the second the right hand quote character. For
1826example, you could supply C<['[',']']> for SQL Server 2000 compliant quotes
1827that generates SQL like this:
1828
1829 SELECT [a_field] FROM [a_table] WHERE [some_field] LIKE '%someval%'
1830
9d48860e 1831Quoting is useful if you have tables or columns names that are reserved
96449e8e 1832words in your database's SQL dialect.
32eab2da 1833
46be4313 1834=item escape_char
1835
1836This is the character that will be used to escape L</quote_char>s appearing
1837in an identifier before it has been quoted.
1838
80790166 1839The parameter default in case of a single L</quote_char> character is the quote
46be4313 1840character itself.
1841
1842When opening-closing-style quoting is used (L</quote_char> is an arrayref)
9de2bd86 1843this parameter defaults to the B<closing (right)> L</quote_char>. Occurrences
46be4313 1844of the B<opening (left)> L</quote_char> within the identifier are currently left
1845untouched. The default for opening-closing-style quotes may change in future
1846versions, thus you are B<strongly encouraged> to specify the escape character
1847explicitly.
1848
32eab2da 1849=item name_sep
1850
1851This is the character that separates a table and column name. It is
1852necessary to specify this when the C<quote_char> option is selected,
1853so that tables and column names can be individually quoted like this:
1854
1855 SELECT `table`.`one_field` FROM `table` WHERE `table`.`other_field` = 1
1856
b6251592 1857=item injection_guard
1858
1859A regular expression C<qr/.../> that is applied to any C<-function> and unquoted
1860column name specified in a query structure. This is a safety mechanism to avoid
1861injection attacks when mishandling user input e.g.:
1862
1863 my %condition_as_column_value_pairs = get_values_from_user();
1864 $sqla->select( ... , \%condition_as_column_value_pairs );
1865
1866If the expression matches an exception is thrown. Note that literal SQL
1867supplied via C<\'...'> or C<\['...']> is B<not> checked in any way.
1868
1869Defaults to checking for C<;> and the C<GO> keyword (TransactSQL)
1870
96449e8e 1871=item array_datatypes
32eab2da 1872
9d48860e 1873When this option is true, arrayrefs in INSERT or UPDATE are
1874interpreted as array datatypes and are passed directly
96449e8e 1875to the DBI layer.
1876When this option is false, arrayrefs are interpreted
1877as literal SQL, just like refs to arrayrefs
1878(but this behavior is for backwards compatibility; when writing
1879new queries, use the "reference to arrayref" syntax
1880for literal SQL).
32eab2da 1881
32eab2da 1882
96449e8e 1883=item special_ops
32eab2da 1884
9d48860e 1885Takes a reference to a list of "special operators"
96449e8e 1886to extend the syntax understood by L<SQL::Abstract>.
1887See section L</"SPECIAL OPERATORS"> for details.
32eab2da 1888
59f23b3d 1889=item unary_ops
1890
9d48860e 1891Takes a reference to a list of "unary operators"
59f23b3d 1892to extend the syntax understood by L<SQL::Abstract>.
1893See section L</"UNARY OPERATORS"> for details.
1894
32eab2da 1895
32eab2da 1896
96449e8e 1897=back
32eab2da 1898
02288357 1899=head2 insert($table, \@values || \%fieldvals, \%options)
32eab2da 1900
1901This is the simplest function. You simply give it a table name
1902and either an arrayref of values or hashref of field/value pairs.
1903It returns an SQL INSERT statement and a list of bind values.
96449e8e 1904See the sections on L</"Inserting and Updating Arrays"> and
1905L</"Inserting and Updating SQL"> for information on how to insert
1906with those data types.
32eab2da 1907
02288357 1908The optional C<\%options> hash reference may contain additional
1909options to generate the insert SQL. Currently supported options
1910are:
1911
1912=over 4
1913
1914=item returning
1915
1916Takes either a scalar of raw SQL fields, or an array reference of
1917field names, and adds on an SQL C<RETURNING> statement at the end.
1918This allows you to return data generated by the insert statement
1919(such as row IDs) without performing another C<SELECT> statement.
1920Note, however, this is not part of the SQL standard and may not
1921be supported by all database engines.
1922
1923=back
1924
95904db5 1925=head2 update($table, \%fieldvals, \%where, \%options)
32eab2da 1926
1927This takes a table, hashref of field/value pairs, and an optional
86298391 1928hashref L<WHERE clause|/WHERE CLAUSES>. It returns an SQL UPDATE function and a list
32eab2da 1929of bind values.
96449e8e 1930See the sections on L</"Inserting and Updating Arrays"> and
1931L</"Inserting and Updating SQL"> for information on how to insert
1932with those data types.
32eab2da 1933
95904db5 1934The optional C<\%options> hash reference may contain additional
1935options to generate the update SQL. Currently supported options
1936are:
1937
1938=over 4
1939
1940=item returning
1941
1942See the C<returning> option to
1943L<insert|/insert($table, \@values || \%fieldvals, \%options)>.
1944
1945=back
1946
96449e8e 1947=head2 select($source, $fields, $where, $order)
32eab2da 1948
9d48860e 1949This returns a SQL SELECT statement and associated list of bind values, as
be21dde3 1950specified by the arguments:
32eab2da 1951
96449e8e 1952=over
32eab2da 1953
96449e8e 1954=item $source
32eab2da 1955
9d48860e 1956Specification of the 'FROM' part of the statement.
96449e8e 1957The argument can be either a plain scalar (interpreted as a table
1958name, will be quoted), or an arrayref (interpreted as a list
1959of table names, joined by commas, quoted), or a scalarref
063097a3 1960(literal SQL, not quoted).
32eab2da 1961
96449e8e 1962=item $fields
32eab2da 1963
9d48860e 1964Specification of the list of fields to retrieve from
96449e8e 1965the source.
1966The argument can be either an arrayref (interpreted as a list
9d48860e 1967of field names, will be joined by commas and quoted), or a
96449e8e 1968plain scalar (literal SQL, not quoted).
521647e7 1969Please observe that this API is not as flexible as that of
1970the first argument C<$source>, for backwards compatibility reasons.
32eab2da 1971
96449e8e 1972=item $where
32eab2da 1973
96449e8e 1974Optional argument to specify the WHERE part of the query.
1975The argument is most often a hashref, but can also be
9d48860e 1976an arrayref or plain scalar --
96449e8e 1977see section L<WHERE clause|/"WHERE CLAUSES"> for details.
32eab2da 1978
96449e8e 1979=item $order
32eab2da 1980
96449e8e 1981Optional argument to specify the ORDER BY part of the query.
9d48860e 1982The argument can be a scalar, a hashref or an arrayref
96449e8e 1983-- see section L<ORDER BY clause|/"ORDER BY CLAUSES">
1984for details.
32eab2da 1985
96449e8e 1986=back
32eab2da 1987
32eab2da 1988
85327cd5 1989=head2 delete($table, \%where, \%options)
32eab2da 1990
86298391 1991This takes a table name and optional hashref L<WHERE clause|/WHERE CLAUSES>.
32eab2da 1992It returns an SQL DELETE statement and list of bind values.
1993
85327cd5 1994The optional C<\%options> hash reference may contain additional
1995options to generate the delete SQL. Currently supported options
1996are:
1997
1998=over 4
1999
2000=item returning
2001
2002See the C<returning> option to
2003L<insert|/insert($table, \@values || \%fieldvals, \%options)>.
2004
2005=back
2006
85783f3c 2007=head2 where(\%where, $order)
32eab2da 2008
2009This is used to generate just the WHERE clause. For example,
2010if you have an arbitrary data structure and know what the
2011rest of your SQL is going to look like, but want an easy way
2012to produce a WHERE clause, use this. It returns an SQL WHERE
2013clause and list of bind values.
2014
32eab2da 2015
2016=head2 values(\%data)
2017
2018This just returns the values from the hash C<%data>, in the same
2019order that would be returned from any of the other above queries.
2020Using this allows you to markedly speed up your queries if you
2021are affecting lots of rows. See below under the L</"PERFORMANCE"> section.
2022
32eab2da 2023=head2 generate($any, 'number', $of, \@data, $struct, \%types)
2024
2025Warning: This is an experimental method and subject to change.
2026
2027This returns arbitrarily generated SQL. It's a really basic shortcut.
2028It will return two different things, depending on return context:
2029
2030 my($stmt, @bind) = $sql->generate('create table', \$table, \@fields);
2031 my $stmt_and_val = $sql->generate('create table', \$table, \@fields);
2032
2033These would return the following:
2034
2035 # First calling form
2036 $stmt = "CREATE TABLE test (?, ?)";
2037 @bind = (field1, field2);
2038
2039 # Second calling form
2040 $stmt_and_val = "CREATE TABLE test (field1, field2)";
2041
2042Depending on what you're trying to do, it's up to you to choose the correct
2043format. In this example, the second form is what you would want.
2044
2045By the same token:
2046
2047 $sql->generate('alter session', { nls_date_format => 'MM/YY' });
2048
2049Might give you:
2050
2051 ALTER SESSION SET nls_date_format = 'MM/YY'
2052
2053You get the idea. Strings get their case twiddled, but everything
2054else remains verbatim.
2055
0da0fe34 2056=head1 EXPORTABLE FUNCTIONS
2057
2058=head2 is_plain_value
2059
2060Determines if the supplied argument is a plain value as understood by this
2061module:
2062
2063=over
2064
2065=item * The value is C<undef>
2066
2067=item * The value is a non-reference
2068
2069=item * The value is an object with stringification overloading
2070
2071=item * The value is of the form C<< { -value => $anything } >>
2072
2073=back
2074
9de2bd86 2075On failure returns C<undef>, on success returns a B<scalar> reference
966200cc 2076to the original supplied argument.
0da0fe34 2077
843a94b5 2078=over
2079
2080=item * Note
2081
2082The stringification overloading detection is rather advanced: it takes
2083into consideration not only the presence of a C<""> overload, but if that
2084fails also checks for enabled
2085L<autogenerated versions of C<"">|overload/Magic Autogeneration>, based
2086on either C<0+> or C<bool>.
2087
2088Unfortunately testing in the field indicates that this
2089detection B<< may tickle a latent bug in perl versions before 5.018 >>,
2090but only when very large numbers of stringifying objects are involved.
2091At the time of writing ( Sep 2014 ) there is no clear explanation of
2092the direct cause, nor is there a manageably small test case that reliably
2093reproduces the problem.
2094
2095If you encounter any of the following exceptions in B<random places within
2096your application stack> - this module may be to blame:
2097
2098 Operation "ne": no method found,
2099 left argument in overloaded package <something>,
2100 right argument in overloaded package <something>
2101
2102or perhaps even
2103
2104 Stub found while resolving method "???" overloading """" in package <something>
2105
2106If you fall victim to the above - please attempt to reduce the problem
2107to something that could be sent to the L<SQL::Abstract developers
1f490ae4 2108|DBIx::Class/GETTING HELP/SUPPORT>
843a94b5 2109(either publicly or privately). As a workaround in the meantime you can
2110set C<$ENV{SQLA_ISVALUE_IGNORE_AUTOGENERATED_STRINGIFICATION}> to a true
2111value, which will most likely eliminate your problem (at the expense of
2112not being able to properly detect exotic forms of stringification).
2113
2114This notice and environment variable will be removed in a future version,
2115as soon as the underlying problem is found and a reliable workaround is
2116devised.
2117
2118=back
2119
0da0fe34 2120=head2 is_literal_value
2121
2122Determines if the supplied argument is a literal value as understood by this
2123module:
2124
2125=over
2126
2127=item * C<\$sql_string>
2128
2129=item * C<\[ $sql_string, @bind_values ]>
2130
0da0fe34 2131=back
2132
9de2bd86 2133On failure returns C<undef>, on success returns an B<array> reference
966200cc 2134containing the unpacked version of the supplied literal SQL and bind values.
0da0fe34 2135
32eab2da 2136=head1 WHERE CLAUSES
2137
96449e8e 2138=head2 Introduction
2139
32eab2da 2140This module uses a variation on the idea from L<DBIx::Abstract>. It
2141is B<NOT>, repeat I<not> 100% compatible. B<The main logic of this
2142module is that things in arrays are OR'ed, and things in hashes
2143are AND'ed.>
2144
2145The easiest way to explain is to show lots of examples. After
2146each C<%where> hash shown, it is assumed you used:
2147
2148 my($stmt, @bind) = $sql->where(\%where);
2149
2150However, note that the C<%where> hash can be used directly in any
2151of the other functions as well, as described above.
2152
96449e8e 2153=head2 Key-value pairs
2154
32eab2da 2155So, let's get started. To begin, a simple hash:
2156
2157 my %where = (
2158 user => 'nwiger',
2159 status => 'completed'
2160 );
2161
2162Is converted to SQL C<key = val> statements:
2163
2164 $stmt = "WHERE user = ? AND status = ?";
2165 @bind = ('nwiger', 'completed');
2166
2167One common thing I end up doing is having a list of values that
2168a field can be in. To do this, simply specify a list inside of
2169an arrayref:
2170
2171 my %where = (
2172 user => 'nwiger',
2173 status => ['assigned', 'in-progress', 'pending'];
2174 );
2175
2176This simple code will create the following:
9d48860e 2177
32eab2da 2178 $stmt = "WHERE user = ? AND ( status = ? OR status = ? OR status = ? )";
2179 @bind = ('nwiger', 'assigned', 'in-progress', 'pending');
2180
9d48860e 2181A field associated to an empty arrayref will be considered a
7cac25e6 2182logical false and will generate 0=1.
8a68b5be 2183
b864ba9b 2184=head2 Tests for NULL values
2185
2186If the value part is C<undef> then this is converted to SQL <IS NULL>
2187
2188 my %where = (
2189 user => 'nwiger',
2190 status => undef,
2191 );
2192
2193becomes:
2194
2195 $stmt = "WHERE user = ? AND status IS NULL";
2196 @bind = ('nwiger');
2197
e9614080 2198To test if a column IS NOT NULL:
2199
2200 my %where = (
2201 user => 'nwiger',
2202 status => { '!=', undef },
2203 );
cc422895 2204
6e0c6552 2205=head2 Specific comparison operators
96449e8e 2206
32eab2da 2207If you want to specify a different type of operator for your comparison,
2208you can use a hashref for a given column:
2209
2210 my %where = (
2211 user => 'nwiger',
2212 status => { '!=', 'completed' }
2213 );
2214
2215Which would generate:
2216
2217 $stmt = "WHERE user = ? AND status != ?";
2218 @bind = ('nwiger', 'completed');
2219
2220To test against multiple values, just enclose the values in an arrayref:
2221
96449e8e 2222 status => { '=', ['assigned', 'in-progress', 'pending'] };
2223
f2d5020d 2224Which would give you:
96449e8e 2225
2226 "WHERE status = ? OR status = ? OR status = ?"
2227
2228
2229The hashref can also contain multiple pairs, in which case it is expanded
32eab2da 2230into an C<AND> of its elements:
2231
2232 my %where = (
2233 user => 'nwiger',
2234 status => { '!=', 'completed', -not_like => 'pending%' }
2235 );
2236
2237 # Or more dynamically, like from a form
2238 $where{user} = 'nwiger';
2239 $where{status}{'!='} = 'completed';
2240 $where{status}{'-not_like'} = 'pending%';
2241
2242 # Both generate this
2243 $stmt = "WHERE user = ? AND status != ? AND status NOT LIKE ?";
2244 @bind = ('nwiger', 'completed', 'pending%');
2245
96449e8e 2246
32eab2da 2247To get an OR instead, you can combine it with the arrayref idea:
2248
2249 my %where => (
2250 user => 'nwiger',
1a6f2a03 2251 priority => [ { '=', 2 }, { '>', 5 } ]
32eab2da 2252 );
2253
2254Which would generate:
2255
1a6f2a03 2256 $stmt = "WHERE ( priority = ? OR priority > ? ) AND user = ?";
2257 @bind = ('2', '5', 'nwiger');
32eab2da 2258
44b9e502 2259If you want to include literal SQL (with or without bind values), just use a
13cc86af 2260scalar reference or reference to an arrayref as the value:
44b9e502 2261
2262 my %where = (
2263 date_entered => { '>' => \["to_date(?, 'MM/DD/YYYY')", "11/26/2008"] },
2264 date_expires => { '<' => \"now()" }
2265 );
2266
2267Which would generate:
2268
13cc86af 2269 $stmt = "WHERE date_entered > to_date(?, 'MM/DD/YYYY') AND date_expires < now()";
44b9e502 2270 @bind = ('11/26/2008');
2271
96449e8e 2272
2273=head2 Logic and nesting operators
2274
2275In the example above,
2276there is a subtle trap if you want to say something like
32eab2da 2277this (notice the C<AND>):
2278
2279 WHERE priority != ? AND priority != ?
2280
2281Because, in Perl you I<can't> do this:
2282
13cc86af 2283 priority => { '!=' => 2, '!=' => 1 }
32eab2da 2284
2285As the second C<!=> key will obliterate the first. The solution
2286is to use the special C<-modifier> form inside an arrayref:
2287
9d48860e 2288 priority => [ -and => {'!=', 2},
96449e8e 2289 {'!=', 1} ]
2290
32eab2da 2291
2292Normally, these would be joined by C<OR>, but the modifier tells it
2293to use C<AND> instead. (Hint: You can use this in conjunction with the
2294C<logic> option to C<new()> in order to change the way your queries
2295work by default.) B<Important:> Note that the C<-modifier> goes
2296B<INSIDE> the arrayref, as an extra first element. This will
2297B<NOT> do what you think it might:
2298
2299 priority => -and => [{'!=', 2}, {'!=', 1}] # WRONG!
2300
2301Here is a quick list of equivalencies, since there is some overlap:
2302
2303 # Same
2304 status => {'!=', 'completed', 'not like', 'pending%' }
2305 status => [ -and => {'!=', 'completed'}, {'not like', 'pending%'}]
2306
2307 # Same
2308 status => {'=', ['assigned', 'in-progress']}
2309 status => [ -or => {'=', 'assigned'}, {'=', 'in-progress'}]
2310 status => [ {'=', 'assigned'}, {'=', 'in-progress'} ]
2311
e3f9dff4 2312
2313
be21dde3 2314=head2 Special operators: IN, BETWEEN, etc.
96449e8e 2315
32eab2da 2316You can also use the hashref format to compare a list of fields using the
2317C<IN> comparison operator, by specifying the list as an arrayref:
2318
2319 my %where = (
2320 status => 'completed',
2321 reportid => { -in => [567, 2335, 2] }
2322 );
2323
2324Which would generate:
2325
2326 $stmt = "WHERE status = ? AND reportid IN (?,?,?)";
2327 @bind = ('completed', '567', '2335', '2');
2328
9d48860e 2329The reverse operator C<-not_in> generates SQL C<NOT IN> and is used in
96449e8e 2330the same way.
2331
6e0c6552 2332If the argument to C<-in> is an empty array, 'sqlfalse' is generated
be21dde3 2333(by default: C<1=0>). Similarly, C<< -not_in => [] >> generates
2334'sqltrue' (by default: C<1=1>).
6e0c6552 2335
e41c3bdd 2336In addition to the array you can supply a chunk of literal sql or
2337literal sql with bind:
6e0c6552 2338
e41c3bdd 2339 my %where = {
2340 customer => { -in => \[
2341 'SELECT cust_id FROM cust WHERE balance > ?',
2342 2000,
2343 ],
2344 status => { -in => \'SELECT status_codes FROM states' },
2345 };
6e0c6552 2346
e41c3bdd 2347would generate:
2348
2349 $stmt = "WHERE (
2350 customer IN ( SELECT cust_id FROM cust WHERE balance > ? )
2351 AND status IN ( SELECT status_codes FROM states )
2352 )";
2353 @bind = ('2000');
2354
0dfd2442 2355Finally, if the argument to C<-in> is not a reference, it will be
2356treated as a single-element array.
e41c3bdd 2357
2358Another pair of operators is C<-between> and C<-not_between>,
96449e8e 2359used with an arrayref of two values:
32eab2da 2360
2361 my %where = (
2362 user => 'nwiger',
2363 completion_date => {
2364 -not_between => ['2002-10-01', '2003-02-06']
2365 }
2366 );
2367
2368Would give you:
2369
2370 WHERE user = ? AND completion_date NOT BETWEEN ( ? AND ? )
2371
e41c3bdd 2372Just like with C<-in> all plausible combinations of literal SQL
2373are possible:
2374
2375 my %where = {
2376 start0 => { -between => [ 1, 2 ] },
2377 start1 => { -between => \["? AND ?", 1, 2] },
2378 start2 => { -between => \"lower(x) AND upper(y)" },
9d48860e 2379 start3 => { -between => [
e41c3bdd 2380 \"lower(x)",
2381 \["upper(?)", 'stuff' ],
2382 ] },
2383 };
2384
2385Would give you:
2386
2387 $stmt = "WHERE (
2388 ( start0 BETWEEN ? AND ? )
2389 AND ( start1 BETWEEN ? AND ? )
2390 AND ( start2 BETWEEN lower(x) AND upper(y) )
2391 AND ( start3 BETWEEN lower(x) AND upper(?) )
2392 )";
2393 @bind = (1, 2, 1, 2, 'stuff');
2394
2395
9d48860e 2396These are the two builtin "special operators"; but the
be21dde3 2397list can be expanded: see section L</"SPECIAL OPERATORS"> below.
96449e8e 2398
59f23b3d 2399=head2 Unary operators: bool
97a920ef 2400
2401If you wish to test against boolean columns or functions within your
2402database you can use the C<-bool> and C<-not_bool> operators. For
2403example to test the column C<is_user> being true and the column
827bb0eb 2404C<is_enabled> being false you would use:-
97a920ef 2405
2406 my %where = (
2407 -bool => 'is_user',
2408 -not_bool => 'is_enabled',
2409 );
2410
2411Would give you:
2412
277b5d3f 2413 WHERE is_user AND NOT is_enabled
97a920ef 2414
0b604e9d 2415If a more complex combination is required, testing more conditions,
2416then you should use the and/or operators:-
2417
2418 my %where = (
2419 -and => [
2420 -bool => 'one',
23401b81 2421 -not_bool => { two=> { -rlike => 'bar' } },
2422 -not_bool => { three => [ { '=', 2 }, { '>', 5 } ] },
0b604e9d 2423 ],
2424 );
2425
2426Would give you:
2427
23401b81 2428 WHERE
2429 one
2430 AND
2431 (NOT two RLIKE ?)
2432 AND
2433 (NOT ( three = ? OR three > ? ))
97a920ef 2434
2435
107b72f1 2436=head2 Nested conditions, -and/-or prefixes
96449e8e 2437
32eab2da 2438So far, we've seen how multiple conditions are joined with a top-level
2439C<AND>. We can change this by putting the different conditions we want in
2440hashes and then putting those hashes in an array. For example:
2441
2442 my @where = (
2443 {
2444 user => 'nwiger',
2445 status => { -like => ['pending%', 'dispatched'] },
2446 },
2447 {
2448 user => 'robot',
2449 status => 'unassigned',
2450 }
2451 );
2452
2453This data structure would create the following:
2454
2455 $stmt = "WHERE ( user = ? AND ( status LIKE ? OR status LIKE ? ) )
2456 OR ( user = ? AND status = ? ) )";
2457 @bind = ('nwiger', 'pending', 'dispatched', 'robot', 'unassigned');
2458
107b72f1 2459
48d9f5f8 2460Clauses in hashrefs or arrayrefs can be prefixed with an C<-and> or C<-or>
be21dde3 2461to change the logic inside:
32eab2da 2462
2463 my @where = (
2464 -and => [
2465 user => 'nwiger',
48d9f5f8 2466 [
2467 -and => [ workhrs => {'>', 20}, geo => 'ASIA' ],
2468 -or => { workhrs => {'<', 50}, geo => 'EURO' },
32eab2da 2469 ],
2470 ],
2471 );
2472
2473That would yield:
2474
13cc86af 2475 $stmt = "WHERE ( user = ?
2476 AND ( ( workhrs > ? AND geo = ? )
2477 OR ( workhrs < ? OR geo = ? ) ) )";
2478 @bind = ('nwiger', '20', 'ASIA', '50', 'EURO');
107b72f1 2479
cc422895 2480=head3 Algebraic inconsistency, for historical reasons
107b72f1 2481
7cac25e6 2482C<Important note>: when connecting several conditions, the C<-and->|C<-or>
2483operator goes C<outside> of the nested structure; whereas when connecting
2484several constraints on one column, the C<-and> operator goes
be21dde3 2485C<inside> the arrayref. Here is an example combining both features:
7cac25e6 2486
2487 my @where = (
2488 -and => [a => 1, b => 2],
2489 -or => [c => 3, d => 4],
2490 e => [-and => {-like => 'foo%'}, {-like => '%bar'} ]
2491 )
2492
2493yielding
2494
9d48860e 2495 WHERE ( ( ( a = ? AND b = ? )
2496 OR ( c = ? OR d = ? )
7cac25e6 2497 OR ( e LIKE ? AND e LIKE ? ) ) )
2498
107b72f1 2499This difference in syntax is unfortunate but must be preserved for
be21dde3 2500historical reasons. So be careful: the two examples below would
107b72f1 2501seem algebraically equivalent, but they are not
2502
a948b1fe 2503 { col => [ -and =>
2504 { -like => 'foo%' },
2505 { -like => '%bar' },
2506 ] }
be21dde3 2507 # yields: WHERE ( ( col LIKE ? AND col LIKE ? ) )
107b72f1 2508
a948b1fe 2509 [ -and =>
2510 { col => { -like => 'foo%' } },
2511 { col => { -like => '%bar' } },
2512 ]
be21dde3 2513 # yields: WHERE ( ( col LIKE ? OR col LIKE ? ) )
107b72f1 2514
7cac25e6 2515
cc422895 2516=head2 Literal SQL and value type operators
96449e8e 2517
cc422895 2518The basic premise of SQL::Abstract is that in WHERE specifications the "left
2519side" is a column name and the "right side" is a value (normally rendered as
2520a placeholder). This holds true for both hashrefs and arrayref pairs as you
2521see in the L</WHERE CLAUSES> examples above. Sometimes it is necessary to
2522alter this behavior. There are several ways of doing so.
e9614080 2523
cc422895 2524=head3 -ident
2525
2526This is a virtual operator that signals the string to its right side is an
2527identifier (a column name) and not a value. For example to compare two
2528columns you would write:
32eab2da 2529
e9614080 2530 my %where = (
2531 priority => { '<', 2 },
cc422895 2532 requestor => { -ident => 'submitter' },
e9614080 2533 );
2534
2535which creates:
2536
2537 $stmt = "WHERE priority < ? AND requestor = submitter";
2538 @bind = ('2');
2539
cc422895 2540If you are maintaining legacy code you may see a different construct as
2541described in L</Deprecated usage of Literal SQL>, please use C<-ident> in new
2542code.
2543
2544=head3 -value
e9614080 2545
cc422895 2546This is a virtual operator that signals that the construct to its right side
2547is a value to be passed to DBI. This is for example necessary when you want
2548to write a where clause against an array (for RDBMS that support such
2549datatypes). For example:
e9614080 2550
32eab2da 2551 my %where = (
cc422895 2552 array => { -value => [1, 2, 3] }
32eab2da 2553 );
2554
cc422895 2555will result in:
32eab2da 2556
cc422895 2557 $stmt = 'WHERE array = ?';
2558 @bind = ([1, 2, 3]);
32eab2da 2559
cc422895 2560Note that if you were to simply say:
32eab2da 2561
2562 my %where = (
cc422895 2563 array => [1, 2, 3]
32eab2da 2564 );
2565
3af02ccb 2566the result would probably not be what you wanted:
cc422895 2567
2568 $stmt = 'WHERE array = ? OR array = ? OR array = ?';
2569 @bind = (1, 2, 3);
2570
2571=head3 Literal SQL
96449e8e 2572
cc422895 2573Finally, sometimes only literal SQL will do. To include a random snippet
2574of SQL verbatim, you specify it as a scalar reference. Consider this only
2575as a last resort. Usually there is a better way. For example:
96449e8e 2576
2577 my %where = (
cc422895 2578 priority => { '<', 2 },
2579 requestor => { -in => \'(SELECT name FROM hitmen)' },
96449e8e 2580 );
2581
cc422895 2582Would create:
96449e8e 2583
cc422895 2584 $stmt = "WHERE priority < ? AND requestor IN (SELECT name FROM hitmen)"
2585 @bind = (2);
2586
2587Note that in this example, you only get one bind parameter back, since
2588the verbatim SQL is passed as part of the statement.
2589
2590=head4 CAVEAT
2591
2592 Never use untrusted input as a literal SQL argument - this is a massive
2593 security risk (there is no way to check literal snippets for SQL
2594 injections and other nastyness). If you need to deal with untrusted input
2595 use literal SQL with placeholders as described next.
96449e8e 2596
cc422895 2597=head3 Literal SQL with placeholders and bind values (subqueries)
96449e8e 2598
2599If the literal SQL to be inserted has placeholders and bind values,
2600use a reference to an arrayref (yes this is a double reference --
2601not so common, but perfectly legal Perl). For example, to find a date
2602in Postgres you can use something like this:
2603
2604 my %where = (
3ae1c5e2 2605 date_column => \[ "= date '2008-09-30' - ?::integer", 10 ]
96449e8e 2606 )
2607
2608This would create:
2609
d2a8fe1a 2610 $stmt = "WHERE ( date_column = date '2008-09-30' - ?::integer )"
96449e8e 2611 @bind = ('10');
2612
deb148a2 2613Note that you must pass the bind values in the same format as they are returned
85783f3c 2614by L<where|/where(\%where, $order)>. This means that if you set L</bindtype>
1f490ae4 2615to C<columns>, you must provide the bind values in the
2616C<< [ column_meta => value ] >> format, where C<column_meta> is an opaque
2617scalar value; most commonly the column name, but you can use any scalar value
2618(including references and blessed references), L<SQL::Abstract> will simply
2619pass it through intact. So if C<bindtype> is set to C<columns> the above
2620example will look like:
deb148a2 2621
2622 my %where = (
3ae1c5e2 2623 date_column => \[ "= date '2008-09-30' - ?::integer", [ {} => 10 ] ]
deb148a2 2624 )
96449e8e 2625
2626Literal SQL is especially useful for nesting parenthesized clauses in the
be21dde3 2627main SQL query. Here is a first example:
96449e8e 2628
2629 my ($sub_stmt, @sub_bind) = ("SELECT c1 FROM t1 WHERE c2 < ? AND c3 LIKE ?",
2630 100, "foo%");
2631 my %where = (
2632 foo => 1234,
2633 bar => \["IN ($sub_stmt)" => @sub_bind],
2634 );
2635
be21dde3 2636This yields:
96449e8e 2637
9d48860e 2638 $stmt = "WHERE (foo = ? AND bar IN (SELECT c1 FROM t1
96449e8e 2639 WHERE c2 < ? AND c3 LIKE ?))";
2640 @bind = (1234, 100, "foo%");
2641
9d48860e 2642Other subquery operators, like for example C<"E<gt> ALL"> or C<"NOT IN">,
96449e8e 2643are expressed in the same way. Of course the C<$sub_stmt> and
9d48860e 2644its associated bind values can be generated through a former call
96449e8e 2645to C<select()> :
2646
2647 my ($sub_stmt, @sub_bind)
9d48860e 2648 = $sql->select("t1", "c1", {c2 => {"<" => 100},
96449e8e 2649 c3 => {-like => "foo%"}});
2650 my %where = (
2651 foo => 1234,
2652 bar => \["> ALL ($sub_stmt)" => @sub_bind],
2653 );
2654
2655In the examples above, the subquery was used as an operator on a column;
9d48860e 2656but the same principle also applies for a clause within the main C<%where>
be21dde3 2657hash, like an EXISTS subquery:
96449e8e 2658
9d48860e 2659 my ($sub_stmt, @sub_bind)
96449e8e 2660 = $sql->select("t1", "*", {c1 => 1, c2 => \"> t0.c0"});
48d9f5f8 2661 my %where = ( -and => [
96449e8e 2662 foo => 1234,
48d9f5f8 2663 \["EXISTS ($sub_stmt)" => @sub_bind],
2664 ]);
96449e8e 2665
2666which yields
2667
9d48860e 2668 $stmt = "WHERE (foo = ? AND EXISTS (SELECT * FROM t1
96449e8e 2669 WHERE c1 = ? AND c2 > t0.c0))";
2670 @bind = (1234, 1);
2671
2672
9d48860e 2673Observe that the condition on C<c2> in the subquery refers to
be21dde3 2674column C<t0.c0> of the main query: this is I<not> a bind
9d48860e 2675value, so we have to express it through a scalar ref.
96449e8e 2676Writing C<< c2 => {">" => "t0.c0"} >> would have generated
2677C<< c2 > ? >> with bind value C<"t0.c0"> ... not exactly
2678what we wanted here.
2679
96449e8e 2680Finally, here is an example where a subquery is used
2681for expressing unary negation:
2682
9d48860e 2683 my ($sub_stmt, @sub_bind)
96449e8e 2684 = $sql->where({age => [{"<" => 10}, {">" => 20}]});
2685 $sub_stmt =~ s/^ where //i; # don't want "WHERE" in the subclause
2686 my %where = (
2687 lname => {like => '%son%'},
48d9f5f8 2688 \["NOT ($sub_stmt)" => @sub_bind],
96449e8e 2689 );
2690
2691This yields
2692
2693 $stmt = "lname LIKE ? AND NOT ( age < ? OR age > ? )"
2694 @bind = ('%son%', 10, 20)
2695
cc422895 2696=head3 Deprecated usage of Literal SQL
2697
2698Below are some examples of archaic use of literal SQL. It is shown only as
2699reference for those who deal with legacy code. Each example has a much
2700better, cleaner and safer alternative that users should opt for in new code.
2701
2702=over
2703
2704=item *
2705
2706 my %where = ( requestor => \'IS NOT NULL' )
2707
2708 $stmt = "WHERE requestor IS NOT NULL"
2709
2710This used to be the way of generating NULL comparisons, before the handling
2711of C<undef> got formalized. For new code please use the superior syntax as
2712described in L</Tests for NULL values>.
96449e8e 2713
cc422895 2714=item *
2715
2716 my %where = ( requestor => \'= submitter' )
2717
2718 $stmt = "WHERE requestor = submitter"
2719
2720This used to be the only way to compare columns. Use the superior L</-ident>
2721method for all new code. For example an identifier declared in such a way
2722will be properly quoted if L</quote_char> is properly set, while the legacy
2723form will remain as supplied.
2724
2725=item *
2726
2727 my %where = ( is_ready => \"", completed => { '>', '2012-12-21' } )
2728
2729 $stmt = "WHERE completed > ? AND is_ready"
2730 @bind = ('2012-12-21')
2731
2732Using an empty string literal used to be the only way to express a boolean.
2733For all new code please use the much more readable
2734L<-bool|/Unary operators: bool> operator.
2735
2736=back
96449e8e 2737
2738=head2 Conclusion
2739
32eab2da 2740These pages could go on for a while, since the nesting of the data
2741structures this module can handle are pretty much unlimited (the
2742module implements the C<WHERE> expansion as a recursive function
2743internally). Your best bet is to "play around" with the module a
2744little to see how the data structures behave, and choose the best
2745format for your data based on that.
2746
2747And of course, all the values above will probably be replaced with
2748variables gotten from forms or the command line. After all, if you
2749knew everything ahead of time, you wouldn't have to worry about
2750dynamically-generating SQL and could just hardwire it into your
2751script.
2752
86298391 2753=head1 ORDER BY CLAUSES
2754
9d48860e 2755Some functions take an order by clause. This can either be a scalar (just a
18710f60 2756column name), a hashref of C<< { -desc => 'col' } >> or C<< { -asc => 'col' }
2757>>, a scalarref, an arrayref-ref, or an arrayref of any of the previous
2758forms. Examples:
1cfa1db3 2759
8c15b421 2760 Given | Will Generate
18710f60 2761 ---------------------------------------------------------------
8c15b421 2762 |
2763 'colA' | ORDER BY colA
2764 |
2765 [qw/colA colB/] | ORDER BY colA, colB
2766 |
2767 {-asc => 'colA'} | ORDER BY colA ASC
2768 |
2769 {-desc => 'colB'} | ORDER BY colB DESC
2770 |
2771 ['colA', {-asc => 'colB'}] | ORDER BY colA, colB ASC
2772 |
2773 { -asc => [qw/colA colB/] } | ORDER BY colA ASC, colB ASC
2774 |
2775 \'colA DESC' | ORDER BY colA DESC
2776 |
2777 \[ 'FUNC(colA, ?)', $x ] | ORDER BY FUNC(colA, ?)
2778 | /* ...with $x bound to ? */
2779 |
bd805d85 2780 [ | ORDER BY
2781 { -asc => 'colA' }, | colA ASC,
2782 { -desc => [qw/colB/] }, | colB DESC,
2783 { -asc => [qw/colC colD/] },| colC ASC, colD ASC,
2784 \'colE DESC', | colE DESC,
2785 \[ 'FUNC(colF, ?)', $x ], | FUNC(colF, ?)
2786 ] | /* ...with $x bound to ? */
18710f60 2787 ===============================================================
86298391 2788
96449e8e 2789
2790
2791=head1 SPECIAL OPERATORS
2792
e3f9dff4 2793 my $sqlmaker = SQL::Abstract->new(special_ops => [
3a2e1a5e 2794 {
2795 regex => qr/.../,
e3f9dff4 2796 handler => sub {
2797 my ($self, $field, $op, $arg) = @_;
2798 ...
3a2e1a5e 2799 },
2800 },
2801 {
2802 regex => qr/.../,
2803 handler => 'method_name',
e3f9dff4 2804 },
2805 ]);
2806
9d48860e 2807A "special operator" is a SQL syntactic clause that can be
e3f9dff4 2808applied to a field, instead of a usual binary operator.
be21dde3 2809For example:
e3f9dff4 2810
2811 WHERE field IN (?, ?, ?)
2812 WHERE field BETWEEN ? AND ?
2813 WHERE MATCH(field) AGAINST (?, ?)
96449e8e 2814
e3f9dff4 2815Special operators IN and BETWEEN are fairly standard and therefore
3a2e1a5e 2816are builtin within C<SQL::Abstract> (as the overridable methods
2817C<_where_field_IN> and C<_where_field_BETWEEN>). For other operators,
2818like the MATCH .. AGAINST example above which is specific to MySQL,
2819you can write your own operator handlers - supply a C<special_ops>
2820argument to the C<new> method. That argument takes an arrayref of
2821operator definitions; each operator definition is a hashref with two
2822entries:
96449e8e 2823
e3f9dff4 2824=over
2825
2826=item regex
2827
2828the regular expression to match the operator
96449e8e 2829
e3f9dff4 2830=item handler
2831
3a2e1a5e 2832Either a coderef or a plain scalar method name. In both cases
2833the expected return is C<< ($sql, @bind) >>.
2834
2835When supplied with a method name, it is simply called on the
13cc86af 2836L<SQL::Abstract> object as:
3a2e1a5e 2837
ca4f826a 2838 $self->$method_name($field, $op, $arg)
3a2e1a5e 2839
2840 Where:
2841
3a2e1a5e 2842 $field is the LHS of the operator
13cc86af 2843 $op is the part that matched the handler regex
3a2e1a5e 2844 $arg is the RHS
2845
2846When supplied with a coderef, it is called as:
2847
2848 $coderef->($self, $field, $op, $arg)
2849
e3f9dff4 2850
2851=back
2852
9d48860e 2853For example, here is an implementation
e3f9dff4 2854of the MATCH .. AGAINST syntax for MySQL
2855
2856 my $sqlmaker = SQL::Abstract->new(special_ops => [
9d48860e 2857
e3f9dff4 2858 # special op for MySql MATCH (field) AGAINST(word1, word2, ...)
9d48860e 2859 {regex => qr/^match$/i,
e3f9dff4 2860 handler => sub {
2861 my ($self, $field, $op, $arg) = @_;
2862 $arg = [$arg] if not ref $arg;
2863 my $label = $self->_quote($field);
2864 my ($placeholder) = $self->_convert('?');
2865 my $placeholders = join ", ", (($placeholder) x @$arg);
2866 my $sql = $self->_sqlcase('match') . " ($label) "
2867 . $self->_sqlcase('against') . " ($placeholders) ";
2868 my @bind = $self->_bindtype($field, @$arg);
2869 return ($sql, @bind);
2870 }
2871 },
9d48860e 2872
e3f9dff4 2873 ]);
96449e8e 2874
2875
59f23b3d 2876=head1 UNARY OPERATORS
2877
112b5232 2878 my $sqlmaker = SQL::Abstract->new(unary_ops => [
59f23b3d 2879 {
2880 regex => qr/.../,
2881 handler => sub {
2882 my ($self, $op, $arg) = @_;
2883 ...
2884 },
2885 },
2886 {
2887 regex => qr/.../,
2888 handler => 'method_name',
2889 },
2890 ]);
2891
9d48860e 2892A "unary operator" is a SQL syntactic clause that can be
59f23b3d 2893applied to a field - the operator goes before the field
2894
2895You can write your own operator handlers - supply a C<unary_ops>
2896argument to the C<new> method. That argument takes an arrayref of
2897operator definitions; each operator definition is a hashref with two
2898entries:
2899
2900=over
2901
2902=item regex
2903
2904the regular expression to match the operator
2905
2906=item handler
2907
2908Either a coderef or a plain scalar method name. In both cases
2909the expected return is C<< $sql >>.
2910
2911When supplied with a method name, it is simply called on the
13cc86af 2912L<SQL::Abstract> object as:
59f23b3d 2913
ca4f826a 2914 $self->$method_name($op, $arg)
59f23b3d 2915
2916 Where:
2917
2918 $op is the part that matched the handler regex
2919 $arg is the RHS or argument of the operator
2920
2921When supplied with a coderef, it is called as:
2922
2923 $coderef->($self, $op, $arg)
2924
2925
2926=back
2927
2928
32eab2da 2929=head1 PERFORMANCE
2930
2931Thanks to some benchmarking by Mark Stosberg, it turns out that
2932this module is many orders of magnitude faster than using C<DBIx::Abstract>.
2933I must admit this wasn't an intentional design issue, but it's a
2934byproduct of the fact that you get to control your C<DBI> handles
2935yourself.
2936
2937To maximize performance, use a code snippet like the following:
2938
2939 # prepare a statement handle using the first row
2940 # and then reuse it for the rest of the rows
2941 my($sth, $stmt);
2942 for my $href (@array_of_hashrefs) {
2943 $stmt ||= $sql->insert('table', $href);
2944 $sth ||= $dbh->prepare($stmt);
2945 $sth->execute($sql->values($href));
2946 }
2947
2948The reason this works is because the keys in your C<$href> are sorted
2949internally by B<SQL::Abstract>. Thus, as long as your data retains
2950the same structure, you only have to generate the SQL the first time
2951around. On subsequent queries, simply use the C<values> function provided
2952by this module to return your values in the correct order.
2953
b864ba9b 2954However this depends on the values having the same type - if, for
2955example, the values of a where clause may either have values
2956(resulting in sql of the form C<column = ?> with a single bind
2957value), or alternatively the values might be C<undef> (resulting in
2958sql of the form C<column IS NULL> with no bind value) then the
2959caching technique suggested will not work.
96449e8e 2960
32eab2da 2961=head1 FORMBUILDER
2962
2963If you use my C<CGI::FormBuilder> module at all, you'll hopefully
2964really like this part (I do, at least). Building up a complex query
2965can be as simple as the following:
2966
2967 #!/usr/bin/perl
2968
46dc2f3e 2969 use warnings;
2970 use strict;
2971
32eab2da 2972 use CGI::FormBuilder;
2973 use SQL::Abstract;
2974
2975 my $form = CGI::FormBuilder->new(...);
2976 my $sql = SQL::Abstract->new;
2977
2978 if ($form->submitted) {
2979 my $field = $form->field;
2980 my $id = delete $field->{id};
2981 my($stmt, @bind) = $sql->update('table', $field, {id => $id});
2982 }
2983
2984Of course, you would still have to connect using C<DBI> to run the
2985query, but the point is that if you make your form look like your
2986table, the actual query script can be extremely simplistic.
2987
2988If you're B<REALLY> lazy (I am), check out C<HTML::QuickTable> for
9d48860e 2989a fast interface to returning and formatting data. I frequently
32eab2da 2990use these three modules together to write complex database query
2991apps in under 50 lines.
2992
af733667 2993=head1 HOW TO CONTRIBUTE
2994
2995Contributions are always welcome, in all usable forms (we especially
2996welcome documentation improvements). The delivery methods include git-
2997or unified-diff formatted patches, GitHub pull requests, or plain bug
2998reports either via RT or the Mailing list. Contributors are generally
2999granted full access to the official repository after their first several
3000patches pass successful review.
3001
3002This project is maintained in a git repository. The code and related tools are
3003accessible at the following locations:
d8cc1792 3004
3005=over
3006
af733667 3007=item * Official repo: L<git://git.shadowcat.co.uk/dbsrgits/SQL-Abstract.git>
3008
3009=item * Official gitweb: L<http://git.shadowcat.co.uk/gitweb/gitweb.cgi?p=dbsrgits/SQL-Abstract.git>
3010
3011=item * GitHub mirror: L<https://github.com/dbsrgits/sql-abstract>
d8cc1792 3012
af733667 3013=item * Authorized committers: L<ssh://dbsrgits@git.shadowcat.co.uk/SQL-Abstract.git>
d8cc1792 3014
3015=back
32eab2da 3016
96449e8e 3017=head1 CHANGES
3018
3019Version 1.50 was a major internal refactoring of C<SQL::Abstract>.
3020Great care has been taken to preserve the I<published> behavior
3021documented in previous versions in the 1.* family; however,
9d48860e 3022some features that were previously undocumented, or behaved
96449e8e 3023differently from the documentation, had to be changed in order
3024to clarify the semantics. Hence, client code that was relying
9d48860e 3025on some dark areas of C<SQL::Abstract> v1.*
96449e8e 3026B<might behave differently> in v1.50.
32eab2da 3027
be21dde3 3028The main changes are:
d2a8fe1a 3029
96449e8e 3030=over
32eab2da 3031
9d48860e 3032=item *
32eab2da 3033
3ae1c5e2 3034support for literal SQL through the C<< \ [ $sql, @bind ] >> syntax.
96449e8e 3035
3036=item *
3037
145fbfc8 3038support for the { operator => \"..." } construct (to embed literal SQL)
3039
3040=item *
3041
9c37b9c0 3042support for the { operator => \["...", @bind] } construct (to embed literal SQL with bind values)
3043
3044=item *
3045
96449e8e 3046optional support for L<array datatypes|/"Inserting and Updating Arrays">
3047
9d48860e 3048=item *
96449e8e 3049
be21dde3 3050defensive programming: check arguments
96449e8e 3051
3052=item *
3053
3054fixed bug with global logic, which was previously implemented
7cac25e6 3055through global variables yielding side-effects. Prior versions would
96449e8e 3056interpret C<< [ {cond1, cond2}, [cond3, cond4] ] >>
3057as C<< "(cond1 AND cond2) OR (cond3 AND cond4)" >>.
3058Now this is interpreted
3059as C<< "(cond1 AND cond2) OR (cond3 OR cond4)" >>.
3060
96449e8e 3061
3062=item *
3063
3064fixed semantics of _bindtype on array args
3065
9d48860e 3066=item *
96449e8e 3067
3068dropped the C<_anoncopy> of the %where tree. No longer necessary,
3069we just avoid shifting arrays within that tree.
3070
3071=item *
3072
3073dropped the C<_modlogic> function
3074
3075=back
32eab2da 3076
32eab2da 3077=head1 ACKNOWLEDGEMENTS
3078
3079There are a number of individuals that have really helped out with
3080this module. Unfortunately, most of them submitted bugs via CPAN
3081so I have no idea who they are! But the people I do know are:
3082
9d48860e 3083 Ash Berlin (order_by hash term support)
b643abe1 3084 Matt Trout (DBIx::Class support)
32eab2da 3085 Mark Stosberg (benchmarking)
3086 Chas Owens (initial "IN" operator support)
3087 Philip Collins (per-field SQL functions)
3088 Eric Kolve (hashref "AND" support)
3089 Mike Fragassi (enhancements to "BETWEEN" and "LIKE")
3090 Dan Kubb (support for "quote_char" and "name_sep")
f5aab26e 3091 Guillermo Roditi (patch to cleanup "IN" and "BETWEEN", fix and tests for _order_by)
48d9f5f8 3092 Laurent Dami (internal refactoring, extensible list of special operators, literal SQL)
dbdf7648 3093 Norbert Buchmuller (support for literal SQL in hashpair, misc. fixes & tests)
e96c510a 3094 Peter Rabbitson (rewrite of SQLA::Test, misc. fixes & tests)
02288357 3095 Oliver Charles (support for "RETURNING" after "INSERT")
32eab2da 3096
3097Thanks!
3098
32eab2da 3099=head1 SEE ALSO
3100
86298391 3101L<DBIx::Class>, L<DBIx::Abstract>, L<CGI::FormBuilder>, L<HTML::QuickTable>.
32eab2da 3102
32eab2da 3103=head1 AUTHOR
3104
b643abe1 3105Copyright (c) 2001-2007 Nathan Wiger <nwiger@cpan.org>. All Rights Reserved.
3106
3107This module is actively maintained by Matt Trout <mst@shadowcatsystems.co.uk>
32eab2da 3108
abe72f94 3109For support, your best bet is to try the C<DBIx::Class> users mailing list.
3110While not an official support venue, C<DBIx::Class> makes heavy use of
3111C<SQL::Abstract>, and as such list members there are very familiar with
3112how to create queries.
3113
0d067ded 3114=head1 LICENSE
3115
d988ab87 3116This module is free software; you may copy this under the same
3117terms as perl itself (either the GNU General Public License or
3118the Artistic License)
32eab2da 3119
3120=cut
Unnamed repository; edit this file 'description' to name the repository.