projects / scpubgit/Q-Branch.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | history | HEAD
temporarily kill unary_ops feature
[scpubgit/Q-Branch.git] / lib / SQL / Abstract.pm
CommitLineData
96449e8e 1package SQL::Abstract; # see doc at end of file
2
96449e8e 3use strict;
4use warnings;
9d9d5bd6 5use Carp ();
312d830b 6use List::Util ();
7use Scalar::Util ();
96449e8e 8
0da0fe34 9use Exporter 'import';
10our @EXPORT_OK = qw(is_plain_value is_literal_value);
11
12BEGIN {
13 if ($] < 5.009_005) {
14 require MRO::Compat;
15 }
16 else {
17 require mro;
18 }
843a94b5 19
20 *SQL::Abstract::_ENV_::DETECT_AUTOGENERATED_STRINGIFICATION = $ENV{SQLA_ISVALUE_IGNORE_AUTOGENERATED_STRINGIFICATION}
21 ? sub () { 0 }
22 : sub () { 1 }
23 ;
0da0fe34 24}
25
96449e8e 26#======================================================================
27# GLOBALS
28#======================================================================
29
dc6afcf8 30our $VERSION = '1.86';
7479e27e 31
22f1a437 32# This would confuse some packagers
c520207b 33$VERSION = eval $VERSION if $VERSION =~ /_/; # numify for warning-free dev releases
96449e8e 34
35our $AUTOLOAD;
36
37# special operators (-in, -between). May be extended/overridden by user.
38# See section WHERE: BUILTIN SPECIAL OPERATORS below for implementation
39my @BUILTIN_SPECIAL_OPS = (
f663e672 40 {regex => qr/^ (?: not \s )? between $/ix, handler => sub { die "NOPE" }},
41 {regex => qr/^ (?: not \s )? in $/ix, handler => sub { die "NOPE" }},
87c8e45b 42 {regex => qr/^ is (?: \s+ not )? $/ix, handler => sub { die "NOPE" }},
96449e8e 43);
44
45#======================================================================
46# DEBUGGING AND ERROR REPORTING
47#======================================================================
48
49sub _debug {
50 return unless $_[0]->{debug}; shift; # a little faster
51 my $func = (caller(1))[3];
52 warn "[$func] ", @_, "\n";
53}
54
55sub belch (@) {
56 my($func) = (caller(1))[3];
9d9d5bd6 57 Carp::carp "[$func] Warning: ", @_;
96449e8e 58}
59
60sub puke (@) {
61 my($func) = (caller(1))[3];
9d9d5bd6 62 Carp::croak "[$func] Fatal: ", @_;
96449e8e 63}
64
0da0fe34 65sub is_literal_value ($) {
66 ref $_[0] eq 'SCALAR' ? [ ${$_[0]} ]
67 : ( ref $_[0] eq 'REF' and ref ${$_[0]} eq 'ARRAY' ) ? [ @${ $_[0] } ]
0da0fe34 68 : undef;
69}
70
71# FIXME XSify - this can be done so much more efficiently
72sub is_plain_value ($) {
73 no strict 'refs';
966200cc 74 ! length ref $_[0] ? \($_[0])
0da0fe34 75 : (
76 ref $_[0] eq 'HASH' and keys %{$_[0]} == 1
77 and
78 exists $_[0]->{-value}
966200cc 79 ) ? \($_[0]->{-value})
0da0fe34 80 : (
a1c9e0ff 81 # reuse @_ for even moar speedz
82 defined ( $_[1] = Scalar::Util::blessed $_[0] )
0da0fe34 83 and
84 # deliberately not using Devel::OverloadInfo - the checks we are
85 # intersted in are much more limited than the fullblown thing, and
86 # this is a very hot piece of code
87 (
e8d729d4 88 # simply using ->can('(""') can leave behind stub methods that
89 # break actually using the overload later (see L<perldiag/Stub
90 # found while resolving method "%s" overloading "%s" in package
91 # "%s"> and the source of overload::mycan())
44e54b41 92 #
0da0fe34 93 # either has stringification which DBI SHOULD prefer out of the box
a1c9e0ff 94 grep { *{ (qq[${_}::(""]) }{CODE} } @{ $_[2] = mro::get_linear_isa( $_[1] ) }
0da0fe34 95 or
20e178a8 96 # has nummification or boolification, AND fallback is *not* disabled
0da0fe34 97 (
843a94b5 98 SQL::Abstract::_ENV_::DETECT_AUTOGENERATED_STRINGIFICATION
99 and
20e178a8 100 (
101 grep { *{"${_}::(0+"}{CODE} } @{$_[2]}
102 or
103 grep { *{"${_}::(bool"}{CODE} } @{$_[2]}
104 )
0da0fe34 105 and
106 (
107 # no fallback specified at all
a1c9e0ff 108 ! ( ($_[3]) = grep { *{"${_}::()"}{CODE} } @{$_[2]} )
0da0fe34 109 or
110 # fallback explicitly undef
a1c9e0ff 111 ! defined ${"$_[3]::()"}
0da0fe34 112 or
113 # explicitly true
a1c9e0ff 114 !! ${"$_[3]::()"}
0da0fe34 115 )
116 )
117 )
966200cc 118 ) ? \($_[0])
0da0fe34 119 : undef;
120}
121
122
96449e8e 123
124#======================================================================
125# NEW
126#======================================================================
127
128sub new {
129 my $self = shift;
130 my $class = ref($self) || $self;
131 my %opt = (ref $_[0] eq 'HASH') ? %{$_[0]} : @_;
132
133 # choose our case by keeping an option around
134 delete $opt{case} if $opt{case} && $opt{case} ne 'lower';
135
136 # default logic for interpreting arrayrefs
ef559da3 137 $opt{logic} = $opt{logic} ? uc $opt{logic} : 'OR';
96449e8e 138
139 # how to return bind vars
96449e8e 140 $opt{bindtype} ||= 'normal';
141
142 # default comparison is "=", but can be overridden
143 $opt{cmp} ||= '=';
144
3af02ccb 145 # try to recognize which are the 'equality' and 'inequality' ops
3cdadcbe 146 # (temporary quickfix (in 2007), should go through a more seasoned API)
147 $opt{equality_op} = qr/^( \Q$opt{cmp}\E | \= )$/ix;
148 $opt{inequality_op} = qr/^( != | <> )$/ix;
149
150 $opt{like_op} = qr/^ (is\s+)? r?like $/xi;
151 $opt{not_like_op} = qr/^ (is\s+)? not \s+ r?like $/xi;
96449e8e 152
153 # SQL booleans
154 $opt{sqltrue} ||= '1=1';
155 $opt{sqlfalse} ||= '0=1';
156
9d48860e 157 # special operators
99a65fa8 158 $opt{user_special_ops} = [ @{$opt{special_ops} ||= []} ];
b6251592 159 # regexes are applied in order, thus push after user-defines
96449e8e 160 push @{$opt{special_ops}}, @BUILTIN_SPECIAL_OPS;
161
9d48860e 162 # unary operators
59f23b3d 163 $opt{unary_ops} ||= [];
59f23b3d 164
3af02ccb 165 # rudimentary sanity-check for user supplied bits treated as functions/operators
b6251592 166 # If a purported function matches this regular expression, an exception is thrown.
167 # Literal SQL is *NOT* subject to this check, only functions (and column names
168 # when quoting is not in effect)
96449e8e 169
b6251592 170 # FIXME
171 # need to guard against ()'s in column names too, but this will break tons of
172 # hacks... ideas anyone?
173 $opt{injection_guard} ||= qr/
174 \;
175 |
176 ^ \s* go \s
177 /xmi;
96449e8e 178
b6251592 179 return bless \%opt, $class;
180}
96449e8e 181
e175845b 182sub sqltrue { +{ -literal => [ $_[0]->{sqltrue} ] } }
183sub sqlfalse { +{ -literal => [ $_[0]->{sqlfalse} ] } }
170e6c33 184
185sub _assert_pass_injection_guard {
186 if ($_[1] =~ $_[0]->{injection_guard}) {
187 my $class = ref $_[0];
188 puke "Possible SQL injection attempt '$_[1]'. If this is indeed a part of the "
189 . "desired SQL use literal SQL ( \'...' or \[ '...' ] ) or supply your own "
190 . "{injection_guard} attribute to ${class}->new()"
191 }
192}
193
194
96449e8e 195#======================================================================
196# INSERT methods
197#======================================================================
198
199sub insert {
02288357 200 my $self = shift;
201 my $table = $self->_table(shift);
202 my $data = shift || return;
203 my $options = shift;
96449e8e 204
205 my $method = $self->_METHOD_FOR_refkind("_insert", $data);
02288357 206 my ($sql, @bind) = $self->$method($data);
96449e8e 207 $sql = join " ", $self->_sqlcase('insert into'), $table, $sql;
02288357 208
e82e648a 209 if ($options->{returning}) {
ca4f826a 210 my ($s, @b) = $self->_insert_returning($options);
e82e648a 211 $sql .= $s;
212 push @bind, @b;
02288357 213 }
214
96449e8e 215 return wantarray ? ($sql, @bind) : $sql;
216}
217
60f3fd3f 218# So that subclasses can override INSERT ... RETURNING separately from
219# UPDATE and DELETE (e.g. DBIx::Class::SQLMaker::Oracle does this)
b17a3ece 220sub _insert_returning { shift->_returning(@_) }
221
95904db5 222sub _returning {
e82e648a 223 my ($self, $options) = @_;
6b1fe79d 224
e82e648a 225 my $f = $options->{returning};
226
227 my $fieldlist = $self->_SWITCH_refkind($f, {
228 ARRAYREF => sub {join ', ', map { $self->_quote($_) } @$f;},
229 SCALAR => sub {$self->_quote($f)},
230 SCALARREF => sub {$$f},
6b1fe79d 231 });
e82e648a 232 return $self->_sqlcase(' returning ') . $fieldlist;
6b1fe79d 233}
234
96449e8e 235sub _insert_HASHREF { # explicit list of fields and then values
236 my ($self, $data) = @_;
237
238 my @fields = sort keys %$data;
239
fe3ae272 240 my ($sql, @bind) = $self->_insert_values($data);
96449e8e 241
242 # assemble SQL
243 $_ = $self->_quote($_) foreach @fields;
244 $sql = "( ".join(", ", @fields).") ".$sql;
245
246 return ($sql, @bind);
247}
248
249sub _insert_ARRAYREF { # just generate values(?,?) part (no list of fields)
250 my ($self, $data) = @_;
251
252 # no names (arrayref) so can't generate bindtype
253 $self->{bindtype} ne 'columns'
254 or belch "can't do 'columns' bindtype when called with arrayref";
255
19b6ccce 256 my (@values, @all_bind);
257 foreach my $value (@$data) {
258 my ($values, @bind) = $self->_insert_value(undef, $value);
259 push @values, $values;
260 push @all_bind, @bind;
261 }
262 my $sql = $self->_sqlcase('values')." ( ".join(", ", @values)." )";
263 return ($sql, @all_bind);
fe3ae272 264}
265
266sub _insert_ARRAYREFREF { # literal SQL with bind
267 my ($self, $data) = @_;
268
269 my ($sql, @bind) = @${$data};
270 $self->_assert_bindval_matches_bindtype(@bind);
271
272 return ($sql, @bind);
273}
274
275
276sub _insert_SCALARREF { # literal SQL without bind
277 my ($self, $data) = @_;
278
279 return ($$data);
280}
281
282sub _insert_values {
283 my ($self, $data) = @_;
284
96449e8e 285 my (@values, @all_bind);
fe3ae272 286 foreach my $column (sort keys %$data) {
19b6ccce 287 my ($values, @bind) = $self->_insert_value($column, $data->{$column});
288 push @values, $values;
289 push @all_bind, @bind;
290 }
291 my $sql = $self->_sqlcase('values')." ( ".join(", ", @values)." )";
292 return ($sql, @all_bind);
293}
96449e8e 294
19b6ccce 295sub _insert_value {
296 my ($self, $column, $v) = @_;
96449e8e 297
19b6ccce 298 my (@values, @all_bind);
299 $self->_SWITCH_refkind($v, {
96449e8e 300
19b6ccce 301 ARRAYREF => sub {
302 if ($self->{array_datatypes}) { # if array datatype are activated
96449e8e 303 push @values, '?';
fe3ae272 304 push @all_bind, $self->_bindtype($column, $v);
19b6ccce 305 }
306 else { # else literal SQL with bind
307 my ($sql, @bind) = @$v;
308 $self->_assert_bindval_matches_bindtype(@bind);
309 push @values, $sql;
310 push @all_bind, @bind;
311 }
312 },
313
314 ARRAYREFREF => sub { # literal SQL with bind
315 my ($sql, @bind) = @${$v};
316 $self->_assert_bindval_matches_bindtype(@bind);
317 push @values, $sql;
318 push @all_bind, @bind;
319 },
320
be21dde3 321 # THINK: anything useful to do with a HASHREF ?
19b6ccce 322 HASHREF => sub { # (nothing, but old SQLA passed it through)
323 #TODO in SQLA >= 2.0 it will die instead
324 belch "HASH ref as bind value in insert is not supported";
325 push @values, '?';
326 push @all_bind, $self->_bindtype($column, $v);
327 },
328
329 SCALARREF => sub { # literal SQL without bind
330 push @values, $$v;
331 },
332
333 SCALAR_or_UNDEF => sub {
334 push @values, '?';
335 push @all_bind, $self->_bindtype($column, $v);
336 },
96449e8e 337
19b6ccce 338 });
96449e8e 339
19b6ccce 340 my $sql = join(", ", @values);
96449e8e 341 return ($sql, @all_bind);
342}
343
344
96449e8e 345
346#======================================================================
347# UPDATE methods
348#======================================================================
349
350
351sub update {
95904db5 352 my $self = shift;
353 my $table = $self->_table(shift);
354 my $data = shift || return;
355 my $where = shift;
356 my $options = shift;
96449e8e 357
358 # first build the 'SET' part of the sql statement
96449e8e 359 puke "Unsupported data type specified to \$sql->update"
360 unless ref $data eq 'HASH';
361
9ade906e 362 my ($sql, @all_bind) = $self->_update_set_values($data);
a9e94508 363 $sql = $self->_sqlcase('update ') . $table . $self->_sqlcase(' set ')
9ade906e 364 . $sql;
365
366 if ($where) {
367 my($where_sql, @where_bind) = $self->where($where);
368 $sql .= $where_sql;
369 push @all_bind, @where_bind;
370 }
371
372 if ($options->{returning}) {
373 my ($returning_sql, @returning_bind) = $self->_update_returning($options);
374 $sql .= $returning_sql;
375 push @all_bind, @returning_bind;
376 }
377
378 return wantarray ? ($sql, @all_bind) : $sql;
379}
380
381sub _update_set_values {
382 my ($self, $data) = @_;
383
384 my (@set, @all_bind);
96449e8e 385 for my $k (sort keys %$data) {
386 my $v = $data->{$k};
387 my $r = ref $v;
388 my $label = $self->_quote($k);
389
390 $self->_SWITCH_refkind($v, {
9d48860e 391 ARRAYREF => sub {
96449e8e 392 if ($self->{array_datatypes}) { # array datatype
393 push @set, "$label = ?";
394 push @all_bind, $self->_bindtype($k, $v);
395 }
396 else { # literal SQL with bind
397 my ($sql, @bind) = @$v;
fe3ae272 398 $self->_assert_bindval_matches_bindtype(@bind);
96449e8e 399 push @set, "$label = $sql";
fe3ae272 400 push @all_bind, @bind;
96449e8e 401 }
402 },
403 ARRAYREFREF => sub { # literal SQL with bind
404 my ($sql, @bind) = @${$v};
fe3ae272 405 $self->_assert_bindval_matches_bindtype(@bind);
96449e8e 406 push @set, "$label = $sql";
fe3ae272 407 push @all_bind, @bind;
96449e8e 408 },
409 SCALARREF => sub { # literal SQL without bind
410 push @set, "$label = $$v";
0ec3aec7 411 },
412 HASHREF => sub {
413 my ($op, $arg, @rest) = %$v;
414
415 puke 'Operator calls in update must be in the form { -op => $arg }'
416 if (@rest or not $op =~ /^\-(.+)/);
417
cbb4eeaf 418 local our $Cur_Col_Meta = $k;
419 my ($sql, @bind) = $self->_render_expr(
420 $self->_expand_expr_hashpair($op, $arg)
421 );
0ec3aec7 422
423 push @set, "$label = $sql";
424 push @all_bind, @bind;
425 },
96449e8e 426 SCALAR_or_UNDEF => sub {
427 push @set, "$label = ?";
428 push @all_bind, $self->_bindtype($k, $v);
429 },
430 });
431 }
432
433 # generate sql
9ade906e 434 my $sql = join ', ', @set;
96449e8e 435
9ade906e 436 return ($sql, @all_bind);
96449e8e 437}
438
60f3fd3f 439# So that subclasses can override UPDATE ... RETURNING separately from
440# INSERT and DELETE
20bb2ad5 441sub _update_returning { shift->_returning(@_) }
96449e8e 442
443
444
445#======================================================================
446# SELECT
447#======================================================================
448
449
450sub select {
451 my $self = shift;
452 my $table = $self->_table(shift);
453 my $fields = shift || '*';
454 my $where = shift;
455 my $order = shift;
456
daa4ccdd 457 my ($fields_sql, @bind) = $self->_select_fields($fields);
96449e8e 458
daa4ccdd 459 my ($where_sql, @where_bind) = $self->where($where, $order);
460 push @bind, @where_bind;
461
462 my $sql = join(' ', $self->_sqlcase('select'), $fields_sql,
96449e8e 463 $self->_sqlcase('from'), $table)
464 . $where_sql;
465
9d48860e 466 return wantarray ? ($sql, @bind) : $sql;
96449e8e 467}
468
daa4ccdd 469sub _select_fields {
470 my ($self, $fields) = @_;
471 return ref $fields eq 'ARRAY' ? join ', ', map { $self->_quote($_) } @$fields
472 : $fields;
473}
474
96449e8e 475#======================================================================
476# DELETE
477#======================================================================
478
479
480sub delete {
85327cd5 481 my $self = shift;
482 my $table = $self->_table(shift);
483 my $where = shift;
484 my $options = shift;
96449e8e 485
486 my($where_sql, @bind) = $self->where($where);
a9e94508 487 my $sql = $self->_sqlcase('delete from ') . $table . $where_sql;
96449e8e 488
85327cd5 489 if ($options->{returning}) {
ca4f826a 490 my ($returning_sql, @returning_bind) = $self->_delete_returning($options);
85327cd5 491 $sql .= $returning_sql;
492 push @bind, @returning_bind;
493 }
494
9d48860e 495 return wantarray ? ($sql, @bind) : $sql;
96449e8e 496}
497
60f3fd3f 498# So that subclasses can override DELETE ... RETURNING separately from
499# INSERT and UPDATE
85327cd5 500sub _delete_returning { shift->_returning(@_) }
501
502
96449e8e 503
504#======================================================================
505# WHERE: entry point
506#======================================================================
507
508
509
510# Finally, a separate routine just to handle WHERE clauses
511sub where {
512 my ($self, $where, $order) = @_;
513
514 # where ?
e175845b 515 my ($sql, @bind) = defined($where)
516 ? $self->_recurse_where($where)
517 : (undef);
417dd15e 518 $sql = (defined $sql and length $sql) ? $self->_sqlcase(' where ') . "( $sql )" : '';
96449e8e 519
520 # order by?
521 if ($order) {
26fe4d30 522 my ($order_sql, @order_bind) = $self->_order_by($order);
523 $sql .= $order_sql;
524 push @bind, @order_bind;
96449e8e 525 }
526
9d48860e 527 return wantarray ? ($sql, @bind) : $sql;
96449e8e 528}
529
a2cd381d 530sub _expand_expr {
531 my ($self, $expr, $logic) = @_;
252518da 532 return undef unless defined($expr);
59588695 533 if (ref($expr) eq 'HASH') {
534 if (keys %$expr > 1) {
535 $logic ||= 'and';
77617257 536 return +{ -op => [
537 $logic,
59588695 538 map $self->_expand_expr_hashpair($_ => $expr->{$_}, $logic),
539 sort keys %$expr
540 ] };
541 }
99a65fa8 542 return unless %$expr;
59588695 543 return $self->_expand_expr_hashpair(%$expr, $logic);
a2cd381d 544 }
08264f40 545 if (ref($expr) eq 'ARRAY') {
99a65fa8 546 my $logic = lc($logic || $self->{logic});
08264f40 547 $logic eq 'and' or $logic eq 'or' or puke "unknown logic: $logic";
548
549 my @expr = @$expr;
550
551 my @res;
552
553 while (my ($el) = splice @expr, 0, 1) {
554 puke "Supplying an empty left hand side argument is not supported in array-pairs"
555 unless defined($el) and length($el);
556 my $elref = ref($el);
557 if (!$elref) {
558 push(@res, $self->_expand_expr({ $el, shift(@expr) }));
559 } elsif ($elref eq 'ARRAY') {
560 push(@res, $self->_expand_expr($el)) if @$el;
ec857800 561 } elsif (my $l = is_literal_value($el)) {
562 push @res, { -literal => $l };
08264f40 563 } elsif ($elref eq 'HASH') {
564 push @res, $self->_expand_expr($el);
565 } else {
da4a0964 566 die "notreached";
08264f40 567 }
568 }
2143604f 569 return { -op => [ $logic, @res ] };
08264f40 570 }
ca3da680 571 if (my $literal = is_literal_value($expr)) {
572 return +{ -literal => $literal };
573 }
99a65fa8 574 if (!ref($expr) or Scalar::Util::blessed($expr)) {
575 if (my $m = our $Cur_Col_Meta) {
576 return +{ -bind => [ $m, $expr ] };
577 }
252518da 578 return +{ -value => $expr };
579 }
252518da 580 die "notreached";
a2cd381d 581}
96449e8e 582
59588695 583sub _expand_expr_hashpair {
584 my ($self, $k, $v, $logic) = @_;
d13725da 585 unless (defined($k) and length($k)) {
2d64004f 586 if (defined($k) and my $literal = is_literal_value($v)) {
d13725da 587 belch 'Hash-pairs consisting of an empty string with a literal are deprecated, and will be removed in 2.0: use -and => [ $literal ] instead';
2d64004f 588 return { -literal => $literal };
d13725da 589 }
590 puke "Supplying an empty left hand side argument is not supported";
591 }
ef071fad 592 if ($k =~ /^-/) {
99a65fa8 593 $self->_assert_pass_injection_guard($k =~ /^-(.*)$/s);
594 if ($k =~ s/ [_\s]? \d+ $//x ) {
595 belch 'Use of [and|or|nest]_N modifiers is deprecated and will be removed in SQLA v2.0. '
596 . "You probably wanted ...-and => [ $k => COND1, $k => COND2 ... ]";
597 }
ef071fad 598 if ($k eq '-nest') {
599 return $self->_expand_expr($v);
600 }
6ab1562a 601 if ($k eq '-bool') {
602 if (ref($v)) {
603 return $self->_expand_expr($v);
604 }
605 puke "-bool => undef not supported" unless defined($v);
606 return { -ident => $v };
607 }
99a65fa8 608 if ($k eq '-not') {
0c7e3af0 609 return { -op => [ 'not', $self->_expand_expr($v) ] };
99a65fa8 610 }
ce3bc4b0 611 if (my ($rest) = $k =~/^-not[_ ](.*)$/) {
0c7e3af0 612 return +{ -op => [
613 'not',
99a65fa8 614 $self->_expand_expr_hashpair("-${rest}", $v, $logic)
0c7e3af0 615 ] };
ce3bc4b0 616 }
99a65fa8 617 if (my ($logic) = $k =~ /^-(and|or)$/i) {
dd2d5bf7 618 if (ref($v) eq 'HASH') {
619 return $self->_expand_expr($v, $logic);
620 }
99a65fa8 621 if (ref($v) eq 'ARRAY') {
622 return $self->_expand_expr($v, $logic);
623 }
dd2d5bf7 624 }
99a65fa8 625 {
626 my $op = $k;
627 $op =~ s/^-// if length($op) > 1;
628
629 # top level special ops are illegal in general
630 puke "Illegal use of top-level '-$op'"
631 if !(defined $self->{_nested_func_lhs})
9e653a83 632 and List::Util::first { $op =~ $_->{regex} } @{$self->{special_ops}};
99a65fa8 633 }
634 if ($k eq '-value' and my $m = our $Cur_Col_Meta) {
635 return +{ -bind => [ $m, $v ] };
636 }
711892b1 637 if ($k eq '-op' or $k eq '-ident' or $k eq '-value' or $k eq '-bind' or $k eq '-literal' or $k eq '-func') {
99a65fa8 638 return { $k => $v };
d13725da 639 }
711892b1 640 if (
641 ref($v) eq 'HASH'
642 and keys %$v == 1
643 and (keys %$v)[0] =~ /^-/
644 ) {
645 my ($func) = $k =~ /^-(.*)$/;
646 return +{ -func => [ $func, $self->_expand_expr($v) ] };
647 }
648 if (!ref($v) or is_literal_value($v)) {
99a65fa8 649 return +{ -op => [ $k =~ /^-(.*)$/, $self->_expand_expr($v) ] };
59588695 650 }
99a65fa8 651 }
652 if (
653 !defined($v)
654 or (
655 ref($v) eq 'HASH'
656 and exists $v->{-value}
657 and not defined $v->{-value}
658 )
659 ) {
660 return $self->_expand_expr_hashpair($k => { $self->{cmp} => undef });
661 }
662 if (!ref($v) or Scalar::Util::blessed($v)) {
663 return +{
664 -op => [
665 $self->{cmp},
666 { -ident => $k },
667 { -bind => [ $k, $v ] }
668 ]
669 };
670 }
671 if (ref($v) eq 'HASH') {
672 if (keys %$v > 1) {
e175845b 673 return { -op => [
674 'and',
99a65fa8 675 map $self->_expand_expr_hashpair($k => { $_ => $v->{$_} }),
676 sort keys %$v
677 ] };
678 }
679 my ($vk, $vv) = %$v;
680 $vk =~ s/^-//;
681 $vk = lc($vk);
682 $self->_assert_pass_injection_guard($vk);
683 if ($vk =~ s/ [_\s]? \d+ $//x ) {
684 belch 'Use of [and|or|nest]_N modifiers is deprecated and will be removed in SQLA v2.0. '
685 . "You probably wanted ...-and => [ -$vk => COND1, -$vk => COND2 ... ]";
686 }
687 if ($vk =~ /^(?:not[ _])?between$/) {
688 local our $Cur_Col_Meta = $k;
689 my @rhs = map $self->_expand_expr($_),
690 ref($vv) eq 'ARRAY' ? @$vv : $vv;
691 unless (
692 (@rhs == 1 and ref($rhs[0]) eq 'HASH' and $rhs[0]->{-literal})
693 or
694 (@rhs == 2 and defined($rhs[0]) and defined($rhs[1]))
695 ) {
696 puke "Operator '${\uc($vk)}' requires either an arrayref with two defined values or expressions, or a single literal scalarref/arrayref-ref";
b5b18861 697 }
99a65fa8 698 return +{ -op => [
699 join(' ', split '_', $vk),
700 { -ident => $k },
701 @rhs
702 ] }
703 }
704 if ($vk =~ /^(?:not[ _])?in$/) {
705 if (my $literal = is_literal_value($vv)) {
706 my ($sql, @bind) = @$literal;
707 my $opened_sql = $self->_open_outer_paren($sql);
10d07c4e 708 return +{ -op => [
99a65fa8 709 $vk, { -ident => $k },
710 [ { -literal => [ $opened_sql, @bind ] } ]
10d07c4e 711 ] };
712 }
99a65fa8 713 my $undef_err =
714 'SQL::Abstract before v1.75 used to generate incorrect SQL when the '
715 . "-${\uc($vk)} operator was given an undef-containing list: !!!AUDIT YOUR CODE "
716 . 'AND DATA!!! (the upcoming Data::Query-based version of SQL::Abstract '
717 . 'will emit the logically correct SQL instead of raising this exception)'
718 ;
719 puke("Argument passed to the '${\uc($vk)}' operator can not be undefined")
720 if !defined($vv);
721 my @rhs = map $self->_expand_expr($_),
722 map { ref($_) ? $_ : { -bind => [ $k, $_ ] } }
723 map { defined($_) ? $_: puke($undef_err) }
724 (ref($vv) eq 'ARRAY' ? @$vv : $vv);
e175845b 725 return $self->${\($vk =~ /^not/ ? 'sqltrue' : 'sqlfalse')} unless @rhs;
99a65fa8 726
727 return +{ -op => [
728 join(' ', split '_', $vk),
729 { -ident => $k },
730 \@rhs
731 ] };
732 }
733 if ($vk eq 'ident') {
734 if (! defined $vv or ref $vv) {
735 puke "-$vk requires a single plain scalar argument (a quotable identifier)";
f7778474 736 }
99a65fa8 737 return +{ -op => [
738 $self->{cmp},
739 { -ident => $k },
740 { -ident => $vv }
741 ] };
742 }
743 if ($vk eq 'value') {
744 return $self->_expand_expr_hashpair($k, undef) unless defined($vv);
745 return +{ -op => [
746 $self->{cmp},
747 { -ident => $k },
748 { -bind => [ $k, $vv ] }
749 ] };
750 }
751 if ($vk =~ /^is(?:[ _]not)?$/) {
752 puke "$vk can only take undef as argument"
753 if defined($vv)
754 and not (
755 ref($vv) eq 'HASH'
756 and exists($vv->{-value})
757 and !defined($vv->{-value})
758 );
759 $vk =~ s/_/ /g;
760 return +{ -op => [ $vk.' null', { -ident => $k } ] };
761 }
762 if ($vk =~ /^(and|or)$/) {
763 if (ref($vv) eq 'HASH') {
e62fe58a 764 return +{ -op => [
765 $vk,
99a65fa8 766 map $self->_expand_expr_hashpair($k, { $_ => $vv->{$_} }),
767 sort keys %$vv
7d7868d1 768 ] };
769 }
e28d9b13 770 }
99a65fa8 771 if (my $us = List::Util::first { $vk =~ $_->{regex} } @{$self->{user_special_ops}}) {
772 return { -op => [ $vk, { -ident => $k }, $vv ] };
7dbe1183 773 }
99a65fa8 774 if (ref($vv) eq 'ARRAY') {
775 my ($logic, @values) = (
776 (defined($vv->[0]) and $vv->[0] =~ /^-(and|or)$/i)
777 ? @$vv
778 : (-or => @$vv)
779 );
780 if (
781 $vk =~ $self->{inequality_op}
782 or join(' ', split '_', $vk) =~ $self->{not_like_op}
783 ) {
784 if (lc($logic) eq '-or' and @values > 1) {
785 my $op = uc join ' ', split '_', $vk;
786 belch "A multi-element arrayref as an argument to the inequality op '$op' "
787 . 'is technically equivalent to an always-true 1=1 (you probably wanted '
788 . "to say ...{ \$inequality_op => [ -and => \@values ] }... instead)"
789 ;
790 }
ef071fad 791 }
b3cb13e8 792 unless (@values) {
793 # try to DWIM on equality operators
794 my $op = join ' ', split '_', $vk;
795 return
e175845b 796 $op =~ $self->{equality_op} ? $self->sqlfalse
797 : $op =~ $self->{like_op} ? belch("Supplying an empty arrayref to '@{[ uc $op]}' is deprecated") && $self->sqlfalse
798 : $op =~ $self->{inequality_op} ? $self->sqltrue
799 : $op =~ $self->{not_like_op} ? belch("Supplying an empty arrayref to '@{[ uc $op]}' is deprecated") && $self->sqltrue
b3cb13e8 800 : puke "operator '$op' applied on an empty array (field '$k')";
801 }
63c97a0b 802 return +{ -op => [
803 $logic =~ /^-(.*)$/,
99a65fa8 804 map $self->_expand_expr_hashpair($k => { $vk => $_ }),
805 @values
806 ] };
807 }
808 if (
809 !defined($vv)
810 or (
811 ref($vv) eq 'HASH'
812 and exists $vv->{-value}
813 and not defined $vv->{-value}
814 )
815 ) {
816 my $op = join ' ', split '_', $vk;
817 my $is =
818 $op =~ /^not$/i ? 'is not' # legacy
819 : $op =~ $self->{equality_op} ? 'is'
820 : $op =~ $self->{like_op} ? belch("Supplying an undefined argument to '@{[ uc $op]}' is deprecated") && 'is'
821 : $op =~ $self->{inequality_op} ? 'is not'
822 : $op =~ $self->{not_like_op} ? belch("Supplying an undefined argument to '@{[ uc $op]}' is deprecated") && 'is not'
823 : puke "unexpected operator '$op' with undef operand";
824 return +{ -op => [ $is.' null', { -ident => $k } ] };
825 }
826 local our $Cur_Col_Meta = $k;
827 return +{ -op => [
828 $vk,
829 { -ident => $k },
830 $self->_expand_expr($vv)
831 ] };
832 }
833 if (ref($v) eq 'ARRAY') {
e175845b 834 return $self->sqlfalse unless @$v;
99a65fa8 835 $self->_debug("ARRAY($k) means distribute over elements");
836 my $this_logic = (
837 $v->[0] =~ /^-((?:and|or))$/i
838 ? ($v = [ @{$v}[1..$#$v] ], $1)
839 : ($self->{logic} || 'or')
840 );
cba28f66 841 return +{ -op => [
842 $this_logic,
843 map $self->_expand_expr({ $k => $_ }, $this_logic), @$v
844 ] };
99a65fa8 845 }
846 if (my $literal = is_literal_value($v)) {
847 unless (length $k) {
848 belch 'Hash-pairs consisting of an empty string with a literal are deprecated, and will be removed in 2.0: use -and => [ $literal ] instead';
849 return \$literal;
850 }
851 my ($sql, @bind) = @$literal;
852 if ($self->{bindtype} eq 'columns') {
853 for (@bind) {
854 if (!defined $_ || ref($_) ne 'ARRAY' || @$_ != 2) {
855 puke "bindtype 'columns' selected, you need to pass: [column_name => bind_value]"
aa8d7bdb 856 }
857 }
331e2209 858 }
99a65fa8 859 return +{ -literal => [ $self->_quote($k).' '.$sql, @bind ] };
331e2209 860 }
99a65fa8 861 die "notreached";
59588695 862}
863
e175845b 864sub _render_expr {
865 my ($self, $expr) = @_;
866 my ($k, $v, @rest) = %$expr;
867 die "No" if @rest;
868 my %op = map +("-$_" => '_where_op_'.uc($_)),
869 qw(op func value bind ident literal);
870 if (my $meth = $op{$k}) {
871 return $self->$meth(undef, $v);
872 }
873 die "notreached: $k";
874}
875
96449e8e 876sub _recurse_where {
877 my ($self, $where, $logic) = @_;
878
99a65fa8 879#print STDERR Data::Dumper::Concise::Dumper([ $where, $logic ]);
880
a2cd381d 881 my $where_exp = $self->_expand_expr($where, $logic);
882
99a65fa8 883#print STDERR Data::Dumper::Concise::Dumper([ EXP => $where_exp ]);
884
96449e8e 885 # dispatch on appropriate method according to refkind of $where
e175845b 886# my $method = $self->_METHOD_FOR_refkind("_where", $where_exp);
887
888# my ($sql, @bind) = $self->$method($where_exp, $logic);
311b2151 889
e175845b 890 my ($sql, @bind) = defined($where_exp) ? $self->_render_expr($where_exp) : (undef);
311b2151 891
abe1a491 892 # DBIx::Class used to call _recurse_where in scalar context
893 # something else might too...
894 if (wantarray) {
895 return ($sql, @bind);
896 }
897 else {
898 belch "Calling _recurse_where in scalar context is deprecated and will go away before 2.0";
899 return $sql;
900 }
96449e8e 901}
902
cc422895 903sub _where_op_IDENT {
904 my $self = shift;
905 my ($op, $rhs) = splice @_, -2;
8aa76984 906 if (! defined $rhs or length ref $rhs) {
907 puke "-$op requires a single plain scalar argument (a quotable identifier)";
cc422895 908 }
909
910 # in case we are called as a top level special op (no '=')
d13725da 911 my $has_lhs = my $lhs = shift;
cc422895 912
913 $_ = $self->_convert($self->_quote($_)) for ($lhs, $rhs);
914
d13725da 915 return $has_lhs
cc422895 916 ? "$lhs = $rhs"
917 : $rhs
918 ;
919}
920
921sub _where_op_VALUE {
922 my $self = shift;
923 my ($op, $rhs) = splice @_, -2;
924
925 # in case we are called as a top level special op (no '=')
926 my $lhs = shift;
927
422ed2de 928 # special-case NULL
929 if (! defined $rhs) {
923ce642 930 return defined $lhs
b4fd1bf5 931 ? $self->_where_hashpair_HASHREF($lhs, { -is => undef })
422ed2de 932 : undef
933 ;
934 }
935
cc422895 936 my @bind =
ca4f826a 937 $self->_bindtype(
938 (defined $lhs ? $lhs : $self->{_nested_func_lhs}),
cc422895 939 $rhs,
940 )
941 ;
942
943 return $lhs
944 ? (
945 $self->_convert($self->_quote($lhs)) . ' = ' . $self->_convert('?'),
946 @bind
947 )
948 : (
949 $self->_convert('?'),
950 @bind,
951 )
952 ;
953}
954
d13725da 955
956my %unop_postfix = map +($_ => 1), 'is null', 'is not null';
957
b5b18861 958my %special = (
959 (map +($_ => do {
960 my $op = $_;
961 sub {
962 my ($self, $args) = @_;
963 my ($left, $low, $high) = @$args;
964 my ($rhsql, @rhbind) = do {
965 if (@$args == 2) {
966 puke "Single arg to between must be a literal"
967 unless $low->{-literal};
968 @{$low->{-literal}}
969 } else {
e56dd780 970 my ($l, $h) = map [ $self->_render_expr($_) ], $low, $high;
b5b18861 971 (join(' ', $l->[0], $self->_sqlcase('and'), $h->[0]),
972 @{$l}[1..$#$l], @{$h}[1..$#$h])
973 }
974 };
e56dd780 975 my ($lhsql, @lhbind) = $self->_render_expr($left);
b5b18861 976 return (
977 join(' ', '(', $lhsql, $self->_sqlcase($op), $rhsql, ')'),
978 @lhbind, @rhbind
979 );
980 }
981 }), 'between', 'not between'),
10d07c4e 982 (map +($_ => do {
983 my $op = $_;
984 sub {
985 my ($self, $args) = @_;
986 my ($lhs, $rhs) = @$args;
987 my @in_bind;
988 my @in_sql = map {
0ce981f8 989 my ($sql, @bind) = $self->_render_expr($_);
10d07c4e 990 push @in_bind, @bind;
991 $sql;
992 } @$rhs;
0ce981f8 993 my ($lhsql, @lbind) = $self->_render_expr($lhs);
10d07c4e 994 return (
995 $lhsql.' '.$self->_sqlcase($op).' ( '
996 .join(', ', @in_sql)
997 .' )',
998 @lbind, @in_bind
999 );
1000 }
1001 }), 'in', 'not in'),
b5b18861 1002);
1003
d13725da 1004sub _where_op_OP {
1005 my ($self, undef, $v) = @_;
1006 my ($op, @args) = @$v;
1007 $op =~ s/^-// if length($op) > 1;
cba28f66 1008 $op = lc($op);
d13725da 1009 local $self->{_nested_func_lhs};
b5b18861 1010 if (my $h = $special{$op}) {
1011 return $self->$h(\@args);
1012 }
99a65fa8 1013 if (my $us = List::Util::first { $op =~ $_->{regex} } @{$self->{user_special_ops}}) {
1014 puke "Special op '${op}' requires first value to be identifier"
1015 unless my ($k) = map $_->{-ident}, grep ref($_) eq 'HASH', $args[0];
1016 return $self->${\($us->{handler})}($k, $op, $args[1]);
1017 }
1018 my $final_op = $op =~ /^(?:is|not)_/ ? join(' ', split '_', $op) : $op;
2143604f 1019 if (@args == 1 and $op !~ /^(and|or)$/) {
ec857800 1020 my ($expr_sql, @bind) = $self->_render_expr($args[0]);
d13725da 1021 my $op_sql = $self->_sqlcase($final_op);
1022 my $final_sql = (
1023 $unop_postfix{lc($final_op)}
1024 ? "${expr_sql} ${op_sql}"
1025 : "${op_sql} ${expr_sql}"
1026 );
0c7e3af0 1027 return (($op eq 'not' ? '('.$final_sql.')' : $final_sql), @bind);
16d9289c 1028 } else {
ec857800 1029 my @parts = map [ $self->_render_expr($_) ], @args;
77617257 1030 my ($final_sql) = map +($op =~ /^(and|or)$/ ? "(${_})" : $_), join(
1031 ' '.$self->_sqlcase($final_op).' ',
1032 map $_->[0], @parts
1033 );
99a65fa8 1034 return (
77617257 1035 $final_sql,
16d9289c 1036 map @{$_}[1..$#$_], @parts
99a65fa8 1037 );
d13725da 1038 }
1039 die "unhandled";
1040}
1041
711892b1 1042sub _where_op_FUNC {
1043 my ($self, undef, $rest) = @_;
1044 my ($func, @args) = @$rest;
1045 my @arg_sql;
1046 my @bind = map {
1047 my @x = @$_;
1048 push @arg_sql, shift @x;
1049 @x
0f199fce 1050 } map [ $self->_render_expr($_) ], @args;
711892b1 1051 return ($self->_sqlcase($func).'('.join(', ', @arg_sql).')', @bind);
1052}
1053
d13725da 1054sub _where_op_BIND {
1055 my ($self, undef, $bind) = @_;
1056 return ($self->_convert('?'), $self->_bindtype(@$bind));
1057}
1058
aa8d7bdb 1059sub _where_op_LITERAL {
1060 my ($self, undef, $literal) = @_;
465d43fd 1061 $self->_assert_bindval_matches_bindtype(@{$literal}[1..$#$literal]);
aa8d7bdb 1062 return @$literal;
1063}
1064
4a1f01a3 1065# Some databases (SQLite) treat col IN (1, 2) different from
1066# col IN ( (1, 2) ). Use this to strip all outer parens while
1067# adding them back in the corresponding method
1068sub _open_outer_paren {
1069 my ($self, $sql) = @_;
a5f91feb 1070
ca4f826a 1071 while (my ($inner) = $sql =~ /^ \s* \( (.*) \) \s* $/xs) {
a5f91feb 1072
1073 # there are closing parens inside, need the heavy duty machinery
1074 # to reevaluate the extraction starting from $sql (full reevaluation)
ca4f826a 1075 if ($inner =~ /\)/) {
a5f91feb 1076 require Text::Balanced;
1077
1078 my (undef, $remainder) = do {
1079 # idiotic design - writes to $@ but *DOES NOT* throw exceptions
1080 local $@;
ca4f826a 1081 Text::Balanced::extract_bracketed($sql, '()', qr/\s*/);
a5f91feb 1082 };
1083
1084 # the entire expression needs to be a balanced bracketed thing
1085 # (after an extract no remainder sans trailing space)
1086 last if defined $remainder and $remainder =~ /\S/;
1087 }
1088
1089 $sql = $inner;
1090 }
1091
1092 $sql;
4a1f01a3 1093}
1094
96449e8e 1095
96449e8e 1096#======================================================================
1097# ORDER BY
1098#======================================================================
1099
1100sub _order_by {
1101 my ($self, $arg) = @_;
1102
f267b646 1103 my (@sql, @bind);
ca4f826a 1104 for my $c ($self->_order_by_chunks($arg) ) {
1105 $self->_SWITCH_refkind($c, {
f267b646 1106 SCALAR => sub { push @sql, $c },
1107 ARRAYREF => sub { push @sql, shift @$c; push @bind, @$c },
1108 });
1109 }
1110
1111 my $sql = @sql
ca4f826a 1112 ? sprintf('%s %s',
f267b646 1113 $self->_sqlcase(' order by'),
ca4f826a 1114 join(', ', @sql)
f267b646 1115 )
1116 : ''
1117 ;
1118
1119 return wantarray ? ($sql, @bind) : $sql;
1120}
1121
1122sub _order_by_chunks {
1123 my ($self, $arg) = @_;
1124
1125 return $self->_SWITCH_refkind($arg, {
96449e8e 1126
1127 ARRAYREF => sub {
ca4f826a 1128 map { $self->_order_by_chunks($_ ) } @$arg;
96449e8e 1129 },
1130
c94a6c93 1131 ARRAYREFREF => sub {
1132 my ($s, @b) = @$$arg;
1133 $self->_assert_bindval_matches_bindtype(@b);
1134 [ $s, @b ];
1135 },
f267b646 1136
96449e8e 1137 SCALAR => sub {$self->_quote($arg)},
f267b646 1138
1139 UNDEF => sub {return () },
1140
96449e8e 1141 SCALARREF => sub {$$arg}, # literal SQL, no quoting
96449e8e 1142
f267b646 1143 HASHREF => sub {
5e436130 1144 # get first pair in hash
1145 my ($key, $val, @rest) = %$arg;
1146
1147 return () unless $key;
1148
ca4f826a 1149 if (@rest or not $key =~ /^-(desc|asc)/i) {
5e436130 1150 puke "hash passed to _order_by must have exactly one key (-desc or -asc)";
f267b646 1151 }
5e436130 1152
1153 my $direction = $1;
96449e8e 1154
e9bd3547 1155 my @ret;
ca4f826a 1156 for my $c ($self->_order_by_chunks($val)) {
e9bd3547 1157 my ($sql, @bind);
96449e8e 1158
ca4f826a 1159 $self->_SWITCH_refkind($c, {
f267b646 1160 SCALAR => sub {
e9bd3547 1161 $sql = $c;
f267b646 1162 },
1163 ARRAYREF => sub {
e9bd3547 1164 ($sql, @bind) = @$c;
f267b646 1165 },
1166 });
96449e8e 1167
5e436130 1168 $sql = $sql . ' ' . $self->_sqlcase($direction);
96449e8e 1169
e9bd3547 1170 push @ret, [ $sql, @bind];
1171 }
96449e8e 1172
e9bd3547 1173 return @ret;
f267b646 1174 },
1175 });
96449e8e 1176}
1177
1178
96449e8e 1179#======================================================================
1180# DATASOURCE (FOR NOW, JUST PLAIN TABLE OR LIST OF TABLES)
1181#======================================================================
1182
1183sub _table {
1184 my $self = shift;
1185 my $from = shift;
1186 $self->_SWITCH_refkind($from, {
1187 ARRAYREF => sub {join ', ', map { $self->_quote($_) } @$from;},
1188 SCALAR => sub {$self->_quote($from)},
1189 SCALARREF => sub {$$from},
96449e8e 1190 });
1191}
1192
1193
1194#======================================================================
1195# UTILITY FUNCTIONS
1196#======================================================================
1197
955e77ca 1198# highly optimized, as it's called way too often
96449e8e 1199sub _quote {
955e77ca 1200 # my ($self, $label) = @_;
96449e8e 1201
955e77ca 1202 return '' unless defined $_[1];
955e77ca 1203 return ${$_[1]} if ref($_[1]) eq 'SCALAR';
96449e8e 1204
439834d3 1205 $_[0]->{quote_char} or
1206 ($_[0]->_assert_pass_injection_guard($_[1]), return $_[1]);
96449e8e 1207
07d7c35c 1208 my $qref = ref $_[0]->{quote_char};
439834d3 1209 my ($l, $r) =
1210 !$qref ? ($_[0]->{quote_char}, $_[0]->{quote_char})
1211 : ($qref eq 'ARRAY') ? @{$_[0]->{quote_char}}
1212 : puke "Unsupported quote_char format: $_[0]->{quote_char}";
1213
46be4313 1214 my $esc = $_[0]->{escape_char} || $r;
96449e8e 1215
07d7c35c 1216 # parts containing * are naturally unquoted
ca4f826a 1217 return join($_[0]->{name_sep}||'', map
439834d3 1218 +( $_ eq '*' ? $_ : do { (my $n = $_) =~ s/(\Q$esc\E|\Q$r\E)/$esc$1/g; $l . $n . $r } ),
955e77ca 1219 ( $_[0]->{name_sep} ? split (/\Q$_[0]->{name_sep}\E/, $_[1] ) : $_[1] )
1220 );
96449e8e 1221}
1222
1223
1224# Conversion, if applicable
d7c862e0 1225sub _convert {
07d7c35c 1226 #my ($self, $arg) = @_;
07d7c35c 1227 if ($_[0]->{convert}) {
1228 return $_[0]->_sqlcase($_[0]->{convert}) .'(' . $_[1] . ')';
96449e8e 1229 }
07d7c35c 1230 return $_[1];
96449e8e 1231}
1232
1233# And bindtype
d7c862e0 1234sub _bindtype {
07d7c35c 1235 #my ($self, $col, @vals) = @_;
07d7c35c 1236 # called often - tighten code
1237 return $_[0]->{bindtype} eq 'columns'
1238 ? map {[$_[1], $_]} @_[2 .. $#_]
1239 : @_[2 .. $#_]
1240 ;
96449e8e 1241}
1242
fe3ae272 1243# Dies if any element of @bind is not in [colname => value] format
1244# if bindtype is 'columns'.
1245sub _assert_bindval_matches_bindtype {
c94a6c93 1246# my ($self, @bind) = @_;
1247 my $self = shift;
fe3ae272 1248 if ($self->{bindtype} eq 'columns') {
c94a6c93 1249 for (@_) {
1250 if (!defined $_ || ref($_) ne 'ARRAY' || @$_ != 2) {
3a06278c 1251 puke "bindtype 'columns' selected, you need to pass: [column_name => bind_value]"
fe3ae272 1252 }
1253 }
1254 }
1255}
1256
96449e8e 1257sub _join_sql_clauses {
1258 my ($self, $logic, $clauses_aref, $bind_aref) = @_;
1259
1260 if (@$clauses_aref > 1) {
1261 my $join = " " . $self->_sqlcase($logic) . " ";
1262 my $sql = '( ' . join($join, @$clauses_aref) . ' )';
1263 return ($sql, @$bind_aref);
1264 }
1265 elsif (@$clauses_aref) {
1266 return ($clauses_aref->[0], @$bind_aref); # no parentheses
1267 }
1268 else {
1269 return (); # if no SQL, ignore @$bind_aref
1270 }
1271}
1272
1273
1274# Fix SQL case, if so requested
1275sub _sqlcase {
96449e8e 1276 # LDNOTE: if $self->{case} is true, then it contains 'lower', so we
1277 # don't touch the argument ... crooked logic, but let's not change it!
07d7c35c 1278 return $_[0]->{case} ? $_[1] : uc($_[1]);
96449e8e 1279}
1280
1281
1282#======================================================================
1283# DISPATCHING FROM REFKIND
1284#======================================================================
1285
1286sub _refkind {
1287 my ($self, $data) = @_;
96449e8e 1288
955e77ca 1289 return 'UNDEF' unless defined $data;
1290
1291 # blessed objects are treated like scalars
1292 my $ref = (Scalar::Util::blessed $data) ? '' : ref $data;
1293
1294 return 'SCALAR' unless $ref;
1295
1296 my $n_steps = 1;
1297 while ($ref eq 'REF') {
96449e8e 1298 $data = $$data;
955e77ca 1299 $ref = (Scalar::Util::blessed $data) ? '' : ref $data;
1300 $n_steps++ if $ref;
96449e8e 1301 }
1302
848556bc 1303 return ($ref||'SCALAR') . ('REF' x $n_steps);
96449e8e 1304}
1305
1306sub _try_refkind {
1307 my ($self, $data) = @_;
1308 my @try = ($self->_refkind($data));
1309 push @try, 'SCALAR_or_UNDEF' if $try[0] eq 'SCALAR' || $try[0] eq 'UNDEF';
1310 push @try, 'FALLBACK';
955e77ca 1311 return \@try;
96449e8e 1312}
1313
1314sub _METHOD_FOR_refkind {
1315 my ($self, $meth_prefix, $data) = @_;
f39eaa60 1316
1317 my $method;
955e77ca 1318 for (@{$self->_try_refkind($data)}) {
f39eaa60 1319 $method = $self->can($meth_prefix."_".$_)
1320 and last;
1321 }
1322
1323 return $method || puke "cannot dispatch on '$meth_prefix' for ".$self->_refkind($data);
96449e8e 1324}
1325
1326
1327sub _SWITCH_refkind {
1328 my ($self, $data, $dispatch_table) = @_;
1329
f39eaa60 1330 my $coderef;
955e77ca 1331 for (@{$self->_try_refkind($data)}) {
f39eaa60 1332 $coderef = $dispatch_table->{$_}
1333 and last;
1334 }
1335
1336 puke "no dispatch entry for ".$self->_refkind($data)
1337 unless $coderef;
1338
96449e8e 1339 $coderef->();
1340}
1341
1342
1343
1344
1345#======================================================================
1346# VALUES, GENERATE, AUTOLOAD
1347#======================================================================
1348
1349# LDNOTE: original code from nwiger, didn't touch code in that section
1350# I feel the AUTOLOAD stuff should not be the default, it should
1351# only be activated on explicit demand by user.
1352
1353sub values {
1354 my $self = shift;
1355 my $data = shift || return;
1356 puke "Argument to ", __PACKAGE__, "->values must be a \\%hash"
1357 unless ref $data eq 'HASH';
bab725ce 1358
1359 my @all_bind;
ca4f826a 1360 foreach my $k (sort keys %$data) {
bab725ce 1361 my $v = $data->{$k};
1362 $self->_SWITCH_refkind($v, {
9d48860e 1363 ARRAYREF => sub {
bab725ce 1364 if ($self->{array_datatypes}) { # array datatype
1365 push @all_bind, $self->_bindtype($k, $v);
1366 }
1367 else { # literal SQL with bind
1368 my ($sql, @bind) = @$v;
1369 $self->_assert_bindval_matches_bindtype(@bind);
1370 push @all_bind, @bind;
1371 }
1372 },
1373 ARRAYREFREF => sub { # literal SQL with bind
1374 my ($sql, @bind) = @${$v};
1375 $self->_assert_bindval_matches_bindtype(@bind);
1376 push @all_bind, @bind;
1377 },
1378 SCALARREF => sub { # literal SQL without bind
1379 },
1380 SCALAR_or_UNDEF => sub {
1381 push @all_bind, $self->_bindtype($k, $v);
1382 },
1383 });
1384 }
1385
1386 return @all_bind;
96449e8e 1387}
1388
1389sub generate {
1390 my $self = shift;
1391
1392 my(@sql, @sqlq, @sqlv);
1393
1394 for (@_) {
1395 my $ref = ref $_;
1396 if ($ref eq 'HASH') {
1397 for my $k (sort keys %$_) {
1398 my $v = $_->{$k};
1399 my $r = ref $v;
1400 my $label = $self->_quote($k);
1401 if ($r eq 'ARRAY') {
fe3ae272 1402 # literal SQL with bind
1403 my ($sql, @bind) = @$v;
1404 $self->_assert_bindval_matches_bindtype(@bind);
96449e8e 1405 push @sqlq, "$label = $sql";
fe3ae272 1406 push @sqlv, @bind;
96449e8e 1407 } elsif ($r eq 'SCALAR') {
fe3ae272 1408 # literal SQL without bind
96449e8e 1409 push @sqlq, "$label = $$v";
9d48860e 1410 } else {
96449e8e 1411 push @sqlq, "$label = ?";
1412 push @sqlv, $self->_bindtype($k, $v);
1413 }
1414 }
1415 push @sql, $self->_sqlcase('set'), join ', ', @sqlq;
1416 } elsif ($ref eq 'ARRAY') {
1417 # unlike insert(), assume these are ONLY the column names, i.e. for SQL
1418 for my $v (@$_) {
1419 my $r = ref $v;
fe3ae272 1420 if ($r eq 'ARRAY') { # literal SQL with bind
1421 my ($sql, @bind) = @$v;
1422 $self->_assert_bindval_matches_bindtype(@bind);
1423 push @sqlq, $sql;
1424 push @sqlv, @bind;
1425 } elsif ($r eq 'SCALAR') { # literal SQL without bind
96449e8e 1426 # embedded literal SQL
1427 push @sqlq, $$v;
9d48860e 1428 } else {
96449e8e 1429 push @sqlq, '?';
1430 push @sqlv, $v;
1431 }
1432 }
1433 push @sql, '(' . join(', ', @sqlq) . ')';
1434 } elsif ($ref eq 'SCALAR') {
1435 # literal SQL
1436 push @sql, $$_;
1437 } else {
1438 # strings get case twiddled
1439 push @sql, $self->_sqlcase($_);
1440 }
1441 }
1442
1443 my $sql = join ' ', @sql;
1444
1445 # this is pretty tricky
1446 # if ask for an array, return ($stmt, @bind)
1447 # otherwise, s/?/shift @sqlv/ to put it inline
1448 if (wantarray) {
1449 return ($sql, @sqlv);
1450 } else {
1451 1 while $sql =~ s/\?/my $d = shift(@sqlv);
1452 ref $d ? $d->[1] : $d/e;
1453 return $sql;
1454 }
1455}
1456
1457
1458sub DESTROY { 1 }
1459
1460sub AUTOLOAD {
1461 # This allows us to check for a local, then _form, attr
1462 my $self = shift;
1463 my($name) = $AUTOLOAD =~ /.*::(.+)/;
1464 return $self->generate($name, @_);
1465}
1466
14671;
1468
1469
1470
1471__END__
32eab2da 1472
1473=head1 NAME
1474
1475SQL::Abstract - Generate SQL from Perl data structures
1476
1477=head1 SYNOPSIS
1478
1479 use SQL::Abstract;
1480
1481 my $sql = SQL::Abstract->new;
1482
85783f3c 1483 my($stmt, @bind) = $sql->select($source, \@fields, \%where, $order);
32eab2da 1484
1485 my($stmt, @bind) = $sql->insert($table, \%fieldvals || \@values);
1486
1487 my($stmt, @bind) = $sql->update($table, \%fieldvals, \%where);
1488
1489 my($stmt, @bind) = $sql->delete($table, \%where);
1490
1491 # Then, use these in your DBI statements
1492 my $sth = $dbh->prepare($stmt);
1493 $sth->execute(@bind);
1494
1495 # Just generate the WHERE clause
85783f3c 1496 my($stmt, @bind) = $sql->where(\%where, $order);
32eab2da 1497
1498 # Return values in the same order, for hashed queries
1499 # See PERFORMANCE section for more details
1500 my @bind = $sql->values(\%fieldvals);
1501
1502=head1 DESCRIPTION
1503
1504This module was inspired by the excellent L<DBIx::Abstract>.
1505However, in using that module I found that what I really wanted
1506to do was generate SQL, but still retain complete control over my
1507statement handles and use the DBI interface. So, I set out to
1508create an abstract SQL generation module.
1509
1510While based on the concepts used by L<DBIx::Abstract>, there are
1511several important differences, especially when it comes to WHERE
1512clauses. I have modified the concepts used to make the SQL easier
1513to generate from Perl data structures and, IMO, more intuitive.
1514The underlying idea is for this module to do what you mean, based
1515on the data structures you provide it. The big advantage is that
1516you don't have to modify your code every time your data changes,
1517as this module figures it out.
1518
1519To begin with, an SQL INSERT is as easy as just specifying a hash
1520of C<key=value> pairs:
1521
1522 my %data = (
1523 name => 'Jimbo Bobson',
1524 phone => '123-456-7890',
1525 address => '42 Sister Lane',
1526 city => 'St. Louis',
1527 state => 'Louisiana',
1528 );
1529
1530The SQL can then be generated with this:
1531
1532 my($stmt, @bind) = $sql->insert('people', \%data);
1533
1534Which would give you something like this:
1535
1536 $stmt = "INSERT INTO people
1537 (address, city, name, phone, state)
1538 VALUES (?, ?, ?, ?, ?)";
1539 @bind = ('42 Sister Lane', 'St. Louis', 'Jimbo Bobson',
1540 '123-456-7890', 'Louisiana');
1541
1542These are then used directly in your DBI code:
1543
1544 my $sth = $dbh->prepare($stmt);
1545 $sth->execute(@bind);
1546
96449e8e 1547=head2 Inserting and Updating Arrays
1548
1549If your database has array types (like for example Postgres),
1550activate the special option C<< array_datatypes => 1 >>
9d48860e 1551when creating the C<SQL::Abstract> object.
96449e8e 1552Then you may use an arrayref to insert and update database array types:
1553
1554 my $sql = SQL::Abstract->new(array_datatypes => 1);
1555 my %data = (
1556 planets => [qw/Mercury Venus Earth Mars/]
1557 );
9d48860e 1558
96449e8e 1559 my($stmt, @bind) = $sql->insert('solar_system', \%data);
1560
1561This results in:
1562
1563 $stmt = "INSERT INTO solar_system (planets) VALUES (?)"
1564
1565 @bind = (['Mercury', 'Venus', 'Earth', 'Mars']);
1566
1567
1568=head2 Inserting and Updating SQL
1569
1570In order to apply SQL functions to elements of your C<%data> you may
1571specify a reference to an arrayref for the given hash value. For example,
1572if you need to execute the Oracle C<to_date> function on a value, you can
1573say something like this:
32eab2da 1574
1575 my %data = (
1576 name => 'Bill',
3ae1c5e2 1577 date_entered => \[ "to_date(?,'MM/DD/YYYY')", "03/02/2003" ],
9d48860e 1578 );
32eab2da 1579
1580The first value in the array is the actual SQL. Any other values are
1581optional and would be included in the bind values array. This gives
1582you:
1583
1584 my($stmt, @bind) = $sql->insert('people', \%data);
1585
9d48860e 1586 $stmt = "INSERT INTO people (name, date_entered)
32eab2da 1587 VALUES (?, to_date(?,'MM/DD/YYYY'))";
1588 @bind = ('Bill', '03/02/2003');
1589
1590An UPDATE is just as easy, all you change is the name of the function:
1591
1592 my($stmt, @bind) = $sql->update('people', \%data);
1593
1594Notice that your C<%data> isn't touched; the module will generate
1595the appropriately quirky SQL for you automatically. Usually you'll
1596want to specify a WHERE clause for your UPDATE, though, which is
1597where handling C<%where> hashes comes in handy...
1598
96449e8e 1599=head2 Complex where statements
1600
32eab2da 1601This module can generate pretty complicated WHERE statements
1602easily. For example, simple C<key=value> pairs are taken to mean
1603equality, and if you want to see if a field is within a set
1604of values, you can use an arrayref. Let's say we wanted to
1605SELECT some data based on this criteria:
1606
1607 my %where = (
1608 requestor => 'inna',
1609 worker => ['nwiger', 'rcwe', 'sfz'],
1610 status => { '!=', 'completed' }
1611 );
1612
1613 my($stmt, @bind) = $sql->select('tickets', '*', \%where);
1614
1615The above would give you something like this:
1616
1617 $stmt = "SELECT * FROM tickets WHERE
1618 ( requestor = ? ) AND ( status != ? )
1619 AND ( worker = ? OR worker = ? OR worker = ? )";
1620 @bind = ('inna', 'completed', 'nwiger', 'rcwe', 'sfz');
1621
1622Which you could then use in DBI code like so:
1623
1624 my $sth = $dbh->prepare($stmt);
1625 $sth->execute(@bind);
1626
1627Easy, eh?
1628
0da0fe34 1629=head1 METHODS
32eab2da 1630
13cc86af 1631The methods are simple. There's one for every major SQL operation,
32eab2da 1632and a constructor you use first. The arguments are specified in a
13cc86af 1633similar order for each method (table, then fields, then a where
32eab2da 1634clause) to try and simplify things.
1635
32eab2da 1636=head2 new(option => 'value')
1637
1638The C<new()> function takes a list of options and values, and returns
1639a new B<SQL::Abstract> object which can then be used to generate SQL
1640through the methods below. The options accepted are:
1641
1642=over
1643
1644=item case
1645
1646If set to 'lower', then SQL will be generated in all lowercase. By
1647default SQL is generated in "textbook" case meaning something like:
1648
1649 SELECT a_field FROM a_table WHERE some_field LIKE '%someval%'
1650
96449e8e 1651Any setting other than 'lower' is ignored.
1652
32eab2da 1653=item cmp
1654
1655This determines what the default comparison operator is. By default
1656it is C<=>, meaning that a hash like this:
1657
1658 %where = (name => 'nwiger', email => 'nate@wiger.org');
1659
1660Will generate SQL like this:
1661
1662 WHERE name = 'nwiger' AND email = 'nate@wiger.org'
1663
1664However, you may want loose comparisons by default, so if you set
1665C<cmp> to C<like> you would get SQL such as:
1666
1667 WHERE name like 'nwiger' AND email like 'nate@wiger.org'
1668
3af02ccb 1669You can also override the comparison on an individual basis - see
32eab2da 1670the huge section on L</"WHERE CLAUSES"> at the bottom.
1671
96449e8e 1672=item sqltrue, sqlfalse
1673
1674Expressions for inserting boolean values within SQL statements.
6e0c6552 1675By default these are C<1=1> and C<1=0>. They are used
1676by the special operators C<-in> and C<-not_in> for generating
1677correct SQL even when the argument is an empty array (see below).
96449e8e 1678
32eab2da 1679=item logic
1680
1681This determines the default logical operator for multiple WHERE
7cac25e6 1682statements in arrays or hashes. If absent, the default logic is "or"
1683for arrays, and "and" for hashes. This means that a WHERE
32eab2da 1684array of the form:
1685
1686 @where = (
9d48860e 1687 event_date => {'>=', '2/13/99'},
1688 event_date => {'<=', '4/24/03'},
32eab2da 1689 );
1690
7cac25e6 1691will generate SQL like this:
32eab2da 1692
1693 WHERE event_date >= '2/13/99' OR event_date <= '4/24/03'
1694
1695This is probably not what you want given this query, though (look
1696at the dates). To change the "OR" to an "AND", simply specify:
1697
1698 my $sql = SQL::Abstract->new(logic => 'and');
1699
1700Which will change the above C<WHERE> to:
1701
1702 WHERE event_date >= '2/13/99' AND event_date <= '4/24/03'
1703
96449e8e 1704The logic can also be changed locally by inserting
be21dde3 1705a modifier in front of an arrayref:
96449e8e 1706
9d48860e 1707 @where = (-and => [event_date => {'>=', '2/13/99'},
7cac25e6 1708 event_date => {'<=', '4/24/03'} ]);
96449e8e 1709
1710See the L</"WHERE CLAUSES"> section for explanations.
1711
32eab2da 1712=item convert
1713
1714This will automatically convert comparisons using the specified SQL
1715function for both column and value. This is mostly used with an argument
1716of C<upper> or C<lower>, so that the SQL will have the effect of
1717case-insensitive "searches". For example, this:
1718
1719 $sql = SQL::Abstract->new(convert => 'upper');
1720 %where = (keywords => 'MaKe iT CAse inSeNSItive');
1721
1722Will turn out the following SQL:
1723
1724 WHERE upper(keywords) like upper('MaKe iT CAse inSeNSItive')
1725
1726The conversion can be C<upper()>, C<lower()>, or any other SQL function
1727that can be applied symmetrically to fields (actually B<SQL::Abstract> does
1728not validate this option; it will just pass through what you specify verbatim).
1729
1730=item bindtype
1731
1732This is a kludge because many databases suck. For example, you can't
1733just bind values using DBI's C<execute()> for Oracle C<CLOB> or C<BLOB> fields.
1734Instead, you have to use C<bind_param()>:
1735
1736 $sth->bind_param(1, 'reg data');
1737 $sth->bind_param(2, $lots, {ora_type => ORA_CLOB});
1738
1739The problem is, B<SQL::Abstract> will normally just return a C<@bind> array,
1740which loses track of which field each slot refers to. Fear not.
1741
1742If you specify C<bindtype> in new, you can determine how C<@bind> is returned.
1743Currently, you can specify either C<normal> (default) or C<columns>. If you
1744specify C<columns>, you will get an array that looks like this:
1745
1746 my $sql = SQL::Abstract->new(bindtype => 'columns');
1747 my($stmt, @bind) = $sql->insert(...);
1748
1749 @bind = (
1750 [ 'column1', 'value1' ],
1751 [ 'column2', 'value2' ],
1752 [ 'column3', 'value3' ],
1753 );
1754
1755You can then iterate through this manually, using DBI's C<bind_param()>.
e3f9dff4 1756
32eab2da 1757 $sth->prepare($stmt);
1758 my $i = 1;
1759 for (@bind) {
1760 my($col, $data) = @$_;
1761 if ($col eq 'details' || $col eq 'comments') {
1762 $sth->bind_param($i, $data, {ora_type => ORA_CLOB});
1763 } elsif ($col eq 'image') {
1764 $sth->bind_param($i, $data, {ora_type => ORA_BLOB});
1765 } else {
1766 $sth->bind_param($i, $data);
1767 }
1768 $i++;
1769 }
1770 $sth->execute; # execute without @bind now
1771
1772Now, why would you still use B<SQL::Abstract> if you have to do this crap?
1773Basically, the advantage is still that you don't have to care which fields
1774are or are not included. You could wrap that above C<for> loop in a simple
1775sub called C<bind_fields()> or something and reuse it repeatedly. You still
1776get a layer of abstraction over manual SQL specification.
1777
3ae1c5e2 1778Note that if you set L</bindtype> to C<columns>, the C<\[ $sql, @bind ]>
deb148a2 1779construct (see L</Literal SQL with placeholders and bind values (subqueries)>)
1780will expect the bind values in this format.
1781
32eab2da 1782=item quote_char
1783
1784This is the character that a table or column name will be quoted
9d48860e 1785with. By default this is an empty string, but you could set it to
32eab2da 1786the character C<`>, to generate SQL like this:
1787
1788 SELECT `a_field` FROM `a_table` WHERE `some_field` LIKE '%someval%'
1789
96449e8e 1790Alternatively, you can supply an array ref of two items, the first being the left
1791hand quote character, and the second the right hand quote character. For
1792example, you could supply C<['[',']']> for SQL Server 2000 compliant quotes
1793that generates SQL like this:
1794
1795 SELECT [a_field] FROM [a_table] WHERE [some_field] LIKE '%someval%'
1796
9d48860e 1797Quoting is useful if you have tables or columns names that are reserved
96449e8e 1798words in your database's SQL dialect.
32eab2da 1799
46be4313 1800=item escape_char
1801
1802This is the character that will be used to escape L</quote_char>s appearing
1803in an identifier before it has been quoted.
1804
80790166 1805The parameter default in case of a single L</quote_char> character is the quote
46be4313 1806character itself.
1807
1808When opening-closing-style quoting is used (L</quote_char> is an arrayref)
9de2bd86 1809this parameter defaults to the B<closing (right)> L</quote_char>. Occurrences
46be4313 1810of the B<opening (left)> L</quote_char> within the identifier are currently left
1811untouched. The default for opening-closing-style quotes may change in future
1812versions, thus you are B<strongly encouraged> to specify the escape character
1813explicitly.
1814
32eab2da 1815=item name_sep
1816
1817This is the character that separates a table and column name. It is
1818necessary to specify this when the C<quote_char> option is selected,
1819so that tables and column names can be individually quoted like this:
1820
1821 SELECT `table`.`one_field` FROM `table` WHERE `table`.`other_field` = 1
1822
b6251592 1823=item injection_guard
1824
1825A regular expression C<qr/.../> that is applied to any C<-function> and unquoted
1826column name specified in a query structure. This is a safety mechanism to avoid
1827injection attacks when mishandling user input e.g.:
1828
1829 my %condition_as_column_value_pairs = get_values_from_user();
1830 $sqla->select( ... , \%condition_as_column_value_pairs );
1831
1832If the expression matches an exception is thrown. Note that literal SQL
1833supplied via C<\'...'> or C<\['...']> is B<not> checked in any way.
1834
1835Defaults to checking for C<;> and the C<GO> keyword (TransactSQL)
1836
96449e8e 1837=item array_datatypes
32eab2da 1838
9d48860e 1839When this option is true, arrayrefs in INSERT or UPDATE are
1840interpreted as array datatypes and are passed directly
96449e8e 1841to the DBI layer.
1842When this option is false, arrayrefs are interpreted
1843as literal SQL, just like refs to arrayrefs
1844(but this behavior is for backwards compatibility; when writing
1845new queries, use the "reference to arrayref" syntax
1846for literal SQL).
32eab2da 1847
32eab2da 1848
96449e8e 1849=item special_ops
32eab2da 1850
9d48860e 1851Takes a reference to a list of "special operators"
96449e8e 1852to extend the syntax understood by L<SQL::Abstract>.
1853See section L</"SPECIAL OPERATORS"> for details.
32eab2da 1854
59f23b3d 1855=item unary_ops
1856
9d48860e 1857Takes a reference to a list of "unary operators"
59f23b3d 1858to extend the syntax understood by L<SQL::Abstract>.
1859See section L</"UNARY OPERATORS"> for details.
1860
32eab2da 1861
32eab2da 1862
96449e8e 1863=back
32eab2da 1864
02288357 1865=head2 insert($table, \@values || \%fieldvals, \%options)
32eab2da 1866
1867This is the simplest function. You simply give it a table name
1868and either an arrayref of values or hashref of field/value pairs.
1869It returns an SQL INSERT statement and a list of bind values.
96449e8e 1870See the sections on L</"Inserting and Updating Arrays"> and
1871L</"Inserting and Updating SQL"> for information on how to insert
1872with those data types.
32eab2da 1873
02288357 1874The optional C<\%options> hash reference may contain additional
1875options to generate the insert SQL. Currently supported options
1876are:
1877
1878=over 4
1879
1880=item returning
1881
1882Takes either a scalar of raw SQL fields, or an array reference of
1883field names, and adds on an SQL C<RETURNING> statement at the end.
1884This allows you to return data generated by the insert statement
1885(such as row IDs) without performing another C<SELECT> statement.
1886Note, however, this is not part of the SQL standard and may not
1887be supported by all database engines.
1888
1889=back
1890
95904db5 1891=head2 update($table, \%fieldvals, \%where, \%options)
32eab2da 1892
1893This takes a table, hashref of field/value pairs, and an optional
86298391 1894hashref L<WHERE clause|/WHERE CLAUSES>. It returns an SQL UPDATE function and a list
32eab2da 1895of bind values.
96449e8e 1896See the sections on L</"Inserting and Updating Arrays"> and
1897L</"Inserting and Updating SQL"> for information on how to insert
1898with those data types.
32eab2da 1899
95904db5 1900The optional C<\%options> hash reference may contain additional
1901options to generate the update SQL. Currently supported options
1902are:
1903
1904=over 4
1905
1906=item returning
1907
1908See the C<returning> option to
1909L<insert|/insert($table, \@values || \%fieldvals, \%options)>.
1910
1911=back
1912
96449e8e 1913=head2 select($source, $fields, $where, $order)
32eab2da 1914
9d48860e 1915This returns a SQL SELECT statement and associated list of bind values, as
be21dde3 1916specified by the arguments:
32eab2da 1917
96449e8e 1918=over
32eab2da 1919
96449e8e 1920=item $source
32eab2da 1921
9d48860e 1922Specification of the 'FROM' part of the statement.
96449e8e 1923The argument can be either a plain scalar (interpreted as a table
1924name, will be quoted), or an arrayref (interpreted as a list
1925of table names, joined by commas, quoted), or a scalarref
063097a3 1926(literal SQL, not quoted).
32eab2da 1927
96449e8e 1928=item $fields
32eab2da 1929
9d48860e 1930Specification of the list of fields to retrieve from
96449e8e 1931the source.
1932The argument can be either an arrayref (interpreted as a list
9d48860e 1933of field names, will be joined by commas and quoted), or a
96449e8e 1934plain scalar (literal SQL, not quoted).
521647e7 1935Please observe that this API is not as flexible as that of
1936the first argument C<$source>, for backwards compatibility reasons.
32eab2da 1937
96449e8e 1938=item $where
32eab2da 1939
96449e8e 1940Optional argument to specify the WHERE part of the query.
1941The argument is most often a hashref, but can also be
9d48860e 1942an arrayref or plain scalar --
96449e8e 1943see section L<WHERE clause|/"WHERE CLAUSES"> for details.
32eab2da 1944
96449e8e 1945=item $order
32eab2da 1946
96449e8e 1947Optional argument to specify the ORDER BY part of the query.
9d48860e 1948The argument can be a scalar, a hashref or an arrayref
96449e8e 1949-- see section L<ORDER BY clause|/"ORDER BY CLAUSES">
1950for details.
32eab2da 1951
96449e8e 1952=back
32eab2da 1953
32eab2da 1954
85327cd5 1955=head2 delete($table, \%where, \%options)
32eab2da 1956
86298391 1957This takes a table name and optional hashref L<WHERE clause|/WHERE CLAUSES>.
32eab2da 1958It returns an SQL DELETE statement and list of bind values.
1959
85327cd5 1960The optional C<\%options> hash reference may contain additional
1961options to generate the delete SQL. Currently supported options
1962are:
1963
1964=over 4
1965
1966=item returning
1967
1968See the C<returning> option to
1969L<insert|/insert($table, \@values || \%fieldvals, \%options)>.
1970
1971=back
1972
85783f3c 1973=head2 where(\%where, $order)
32eab2da 1974
1975This is used to generate just the WHERE clause. For example,
1976if you have an arbitrary data structure and know what the
1977rest of your SQL is going to look like, but want an easy way
1978to produce a WHERE clause, use this. It returns an SQL WHERE
1979clause and list of bind values.
1980
32eab2da 1981
1982=head2 values(\%data)
1983
1984This just returns the values from the hash C<%data>, in the same
1985order that would be returned from any of the other above queries.
1986Using this allows you to markedly speed up your queries if you
1987are affecting lots of rows. See below under the L</"PERFORMANCE"> section.
1988
32eab2da 1989=head2 generate($any, 'number', $of, \@data, $struct, \%types)
1990
1991Warning: This is an experimental method and subject to change.
1992
1993This returns arbitrarily generated SQL. It's a really basic shortcut.
1994It will return two different things, depending on return context:
1995
1996 my($stmt, @bind) = $sql->generate('create table', \$table, \@fields);
1997 my $stmt_and_val = $sql->generate('create table', \$table, \@fields);
1998
1999These would return the following:
2000
2001 # First calling form
2002 $stmt = "CREATE TABLE test (?, ?)";
2003 @bind = (field1, field2);
2004
2005 # Second calling form
2006 $stmt_and_val = "CREATE TABLE test (field1, field2)";
2007
2008Depending on what you're trying to do, it's up to you to choose the correct
2009format. In this example, the second form is what you would want.
2010
2011By the same token:
2012
2013 $sql->generate('alter session', { nls_date_format => 'MM/YY' });
2014
2015Might give you:
2016
2017 ALTER SESSION SET nls_date_format = 'MM/YY'
2018
2019You get the idea. Strings get their case twiddled, but everything
2020else remains verbatim.
2021
0da0fe34 2022=head1 EXPORTABLE FUNCTIONS
2023
2024=head2 is_plain_value
2025
2026Determines if the supplied argument is a plain value as understood by this
2027module:
2028
2029=over
2030
2031=item * The value is C<undef>
2032
2033=item * The value is a non-reference
2034
2035=item * The value is an object with stringification overloading
2036
2037=item * The value is of the form C<< { -value => $anything } >>
2038
2039=back
2040
9de2bd86 2041On failure returns C<undef>, on success returns a B<scalar> reference
966200cc 2042to the original supplied argument.
0da0fe34 2043
843a94b5 2044=over
2045
2046=item * Note
2047
2048The stringification overloading detection is rather advanced: it takes
2049into consideration not only the presence of a C<""> overload, but if that
2050fails also checks for enabled
2051L<autogenerated versions of C<"">|overload/Magic Autogeneration>, based
2052on either C<0+> or C<bool>.
2053
2054Unfortunately testing in the field indicates that this
2055detection B<< may tickle a latent bug in perl versions before 5.018 >>,
2056but only when very large numbers of stringifying objects are involved.
2057At the time of writing ( Sep 2014 ) there is no clear explanation of
2058the direct cause, nor is there a manageably small test case that reliably
2059reproduces the problem.
2060
2061If you encounter any of the following exceptions in B<random places within
2062your application stack> - this module may be to blame:
2063
2064 Operation "ne": no method found,
2065 left argument in overloaded package <something>,
2066 right argument in overloaded package <something>
2067
2068or perhaps even
2069
2070 Stub found while resolving method "???" overloading """" in package <something>
2071
2072If you fall victim to the above - please attempt to reduce the problem
2073to something that could be sent to the L<SQL::Abstract developers
1f490ae4 2074|DBIx::Class/GETTING HELP/SUPPORT>
843a94b5 2075(either publicly or privately). As a workaround in the meantime you can
2076set C<$ENV{SQLA_ISVALUE_IGNORE_AUTOGENERATED_STRINGIFICATION}> to a true
2077value, which will most likely eliminate your problem (at the expense of
2078not being able to properly detect exotic forms of stringification).
2079
2080This notice and environment variable will be removed in a future version,
2081as soon as the underlying problem is found and a reliable workaround is
2082devised.
2083
2084=back
2085
0da0fe34 2086=head2 is_literal_value
2087
2088Determines if the supplied argument is a literal value as understood by this
2089module:
2090
2091=over
2092
2093=item * C<\$sql_string>
2094
2095=item * C<\[ $sql_string, @bind_values ]>
2096
0da0fe34 2097=back
2098
9de2bd86 2099On failure returns C<undef>, on success returns an B<array> reference
966200cc 2100containing the unpacked version of the supplied literal SQL and bind values.
0da0fe34 2101
32eab2da 2102=head1 WHERE CLAUSES
2103
96449e8e 2104=head2 Introduction
2105
32eab2da 2106This module uses a variation on the idea from L<DBIx::Abstract>. It
2107is B<NOT>, repeat I<not> 100% compatible. B<The main logic of this
2108module is that things in arrays are OR'ed, and things in hashes
2109are AND'ed.>
2110
2111The easiest way to explain is to show lots of examples. After
2112each C<%where> hash shown, it is assumed you used:
2113
2114 my($stmt, @bind) = $sql->where(\%where);
2115
2116However, note that the C<%where> hash can be used directly in any
2117of the other functions as well, as described above.
2118
96449e8e 2119=head2 Key-value pairs
2120
32eab2da 2121So, let's get started. To begin, a simple hash:
2122
2123 my %where = (
2124 user => 'nwiger',
2125 status => 'completed'
2126 );
2127
2128Is converted to SQL C<key = val> statements:
2129
2130 $stmt = "WHERE user = ? AND status = ?";
2131 @bind = ('nwiger', 'completed');
2132
2133One common thing I end up doing is having a list of values that
2134a field can be in. To do this, simply specify a list inside of
2135an arrayref:
2136
2137 my %where = (
2138 user => 'nwiger',
2139 status => ['assigned', 'in-progress', 'pending'];
2140 );
2141
2142This simple code will create the following:
9d48860e 2143
32eab2da 2144 $stmt = "WHERE user = ? AND ( status = ? OR status = ? OR status = ? )";
2145 @bind = ('nwiger', 'assigned', 'in-progress', 'pending');
2146
9d48860e 2147A field associated to an empty arrayref will be considered a
7cac25e6 2148logical false and will generate 0=1.
8a68b5be 2149
b864ba9b 2150=head2 Tests for NULL values
2151
2152If the value part is C<undef> then this is converted to SQL <IS NULL>
2153
2154 my %where = (
2155 user => 'nwiger',
2156 status => undef,
2157 );
2158
2159becomes:
2160
2161 $stmt = "WHERE user = ? AND status IS NULL";
2162 @bind = ('nwiger');
2163
e9614080 2164To test if a column IS NOT NULL:
2165
2166 my %where = (
2167 user => 'nwiger',
2168 status => { '!=', undef },
2169 );
cc422895 2170
6e0c6552 2171=head2 Specific comparison operators
96449e8e 2172
32eab2da 2173If you want to specify a different type of operator for your comparison,
2174you can use a hashref for a given column:
2175
2176 my %where = (
2177 user => 'nwiger',
2178 status => { '!=', 'completed' }
2179 );
2180
2181Which would generate:
2182
2183 $stmt = "WHERE user = ? AND status != ?";
2184 @bind = ('nwiger', 'completed');
2185
2186To test against multiple values, just enclose the values in an arrayref:
2187
96449e8e 2188 status => { '=', ['assigned', 'in-progress', 'pending'] };
2189
f2d5020d 2190Which would give you:
96449e8e 2191
2192 "WHERE status = ? OR status = ? OR status = ?"
2193
2194
2195The hashref can also contain multiple pairs, in which case it is expanded
32eab2da 2196into an C<AND> of its elements:
2197
2198 my %where = (
2199 user => 'nwiger',
2200 status => { '!=', 'completed', -not_like => 'pending%' }
2201 );
2202
2203 # Or more dynamically, like from a form
2204 $where{user} = 'nwiger';
2205 $where{status}{'!='} = 'completed';
2206 $where{status}{'-not_like'} = 'pending%';
2207
2208 # Both generate this
2209 $stmt = "WHERE user = ? AND status != ? AND status NOT LIKE ?";
2210 @bind = ('nwiger', 'completed', 'pending%');
2211
96449e8e 2212
32eab2da 2213To get an OR instead, you can combine it with the arrayref idea:
2214
2215 my %where => (
2216 user => 'nwiger',
1a6f2a03 2217 priority => [ { '=', 2 }, { '>', 5 } ]
32eab2da 2218 );
2219
2220Which would generate:
2221
1a6f2a03 2222 $stmt = "WHERE ( priority = ? OR priority > ? ) AND user = ?";
2223 @bind = ('2', '5', 'nwiger');
32eab2da 2224
44b9e502 2225If you want to include literal SQL (with or without bind values), just use a
13cc86af 2226scalar reference or reference to an arrayref as the value:
44b9e502 2227
2228 my %where = (
2229 date_entered => { '>' => \["to_date(?, 'MM/DD/YYYY')", "11/26/2008"] },
2230 date_expires => { '<' => \"now()" }
2231 );
2232
2233Which would generate:
2234
13cc86af 2235 $stmt = "WHERE date_entered > to_date(?, 'MM/DD/YYYY') AND date_expires < now()";
44b9e502 2236 @bind = ('11/26/2008');
2237
96449e8e 2238
2239=head2 Logic and nesting operators
2240
2241In the example above,
2242there is a subtle trap if you want to say something like
32eab2da 2243this (notice the C<AND>):
2244
2245 WHERE priority != ? AND priority != ?
2246
2247Because, in Perl you I<can't> do this:
2248
13cc86af 2249 priority => { '!=' => 2, '!=' => 1 }
32eab2da 2250
2251As the second C<!=> key will obliterate the first. The solution
2252is to use the special C<-modifier> form inside an arrayref:
2253
9d48860e 2254 priority => [ -and => {'!=', 2},
96449e8e 2255 {'!=', 1} ]
2256
32eab2da 2257
2258Normally, these would be joined by C<OR>, but the modifier tells it
2259to use C<AND> instead. (Hint: You can use this in conjunction with the
2260C<logic> option to C<new()> in order to change the way your queries
2261work by default.) B<Important:> Note that the C<-modifier> goes
2262B<INSIDE> the arrayref, as an extra first element. This will
2263B<NOT> do what you think it might:
2264
2265 priority => -and => [{'!=', 2}, {'!=', 1}] # WRONG!
2266
2267Here is a quick list of equivalencies, since there is some overlap:
2268
2269 # Same
2270 status => {'!=', 'completed', 'not like', 'pending%' }
2271 status => [ -and => {'!=', 'completed'}, {'not like', 'pending%'}]
2272
2273 # Same
2274 status => {'=', ['assigned', 'in-progress']}
2275 status => [ -or => {'=', 'assigned'}, {'=', 'in-progress'}]
2276 status => [ {'=', 'assigned'}, {'=', 'in-progress'} ]
2277
e3f9dff4 2278
2279
be21dde3 2280=head2 Special operators: IN, BETWEEN, etc.
96449e8e 2281
32eab2da 2282You can also use the hashref format to compare a list of fields using the
2283C<IN> comparison operator, by specifying the list as an arrayref:
2284
2285 my %where = (
2286 status => 'completed',
2287 reportid => { -in => [567, 2335, 2] }
2288 );
2289
2290Which would generate:
2291
2292 $stmt = "WHERE status = ? AND reportid IN (?,?,?)";
2293 @bind = ('completed', '567', '2335', '2');
2294
9d48860e 2295The reverse operator C<-not_in> generates SQL C<NOT IN> and is used in
96449e8e 2296the same way.
2297
6e0c6552 2298If the argument to C<-in> is an empty array, 'sqlfalse' is generated
be21dde3 2299(by default: C<1=0>). Similarly, C<< -not_in => [] >> generates
2300'sqltrue' (by default: C<1=1>).
6e0c6552 2301
e41c3bdd 2302In addition to the array you can supply a chunk of literal sql or
2303literal sql with bind:
6e0c6552 2304
e41c3bdd 2305 my %where = {
2306 customer => { -in => \[
2307 'SELECT cust_id FROM cust WHERE balance > ?',
2308 2000,
2309 ],
2310 status => { -in => \'SELECT status_codes FROM states' },
2311 };
6e0c6552 2312
e41c3bdd 2313would generate:
2314
2315 $stmt = "WHERE (
2316 customer IN ( SELECT cust_id FROM cust WHERE balance > ? )
2317 AND status IN ( SELECT status_codes FROM states )
2318 )";
2319 @bind = ('2000');
2320
0dfd2442 2321Finally, if the argument to C<-in> is not a reference, it will be
2322treated as a single-element array.
e41c3bdd 2323
2324Another pair of operators is C<-between> and C<-not_between>,
96449e8e 2325used with an arrayref of two values:
32eab2da 2326
2327 my %where = (
2328 user => 'nwiger',
2329 completion_date => {
2330 -not_between => ['2002-10-01', '2003-02-06']
2331 }
2332 );
2333
2334Would give you:
2335
2336 WHERE user = ? AND completion_date NOT BETWEEN ( ? AND ? )
2337
e41c3bdd 2338Just like with C<-in> all plausible combinations of literal SQL
2339are possible:
2340
2341 my %where = {
2342 start0 => { -between => [ 1, 2 ] },
2343 start1 => { -between => \["? AND ?", 1, 2] },
2344 start2 => { -between => \"lower(x) AND upper(y)" },
9d48860e 2345 start3 => { -between => [
e41c3bdd 2346 \"lower(x)",
2347 \["upper(?)", 'stuff' ],
2348 ] },
2349 };
2350
2351Would give you:
2352
2353 $stmt = "WHERE (
2354 ( start0 BETWEEN ? AND ? )
2355 AND ( start1 BETWEEN ? AND ? )
2356 AND ( start2 BETWEEN lower(x) AND upper(y) )
2357 AND ( start3 BETWEEN lower(x) AND upper(?) )
2358 )";
2359 @bind = (1, 2, 1, 2, 'stuff');
2360
2361
9d48860e 2362These are the two builtin "special operators"; but the
be21dde3 2363list can be expanded: see section L</"SPECIAL OPERATORS"> below.
96449e8e 2364
59f23b3d 2365=head2 Unary operators: bool
97a920ef 2366
2367If you wish to test against boolean columns or functions within your
2368database you can use the C<-bool> and C<-not_bool> operators. For
2369example to test the column C<is_user> being true and the column
827bb0eb 2370C<is_enabled> being false you would use:-
97a920ef 2371
2372 my %where = (
2373 -bool => 'is_user',
2374 -not_bool => 'is_enabled',
2375 );
2376
2377Would give you:
2378
277b5d3f 2379 WHERE is_user AND NOT is_enabled
97a920ef 2380
0b604e9d 2381If a more complex combination is required, testing more conditions,
2382then you should use the and/or operators:-
2383
2384 my %where = (
2385 -and => [
2386 -bool => 'one',
23401b81 2387 -not_bool => { two=> { -rlike => 'bar' } },
2388 -not_bool => { three => [ { '=', 2 }, { '>', 5 } ] },
0b604e9d 2389 ],
2390 );
2391
2392Would give you:
2393
23401b81 2394 WHERE
2395 one
2396 AND
2397 (NOT two RLIKE ?)
2398 AND
2399 (NOT ( three = ? OR three > ? ))
97a920ef 2400
2401
107b72f1 2402=head2 Nested conditions, -and/-or prefixes
96449e8e 2403
32eab2da 2404So far, we've seen how multiple conditions are joined with a top-level
2405C<AND>. We can change this by putting the different conditions we want in
2406hashes and then putting those hashes in an array. For example:
2407
2408 my @where = (
2409 {
2410 user => 'nwiger',
2411 status => { -like => ['pending%', 'dispatched'] },
2412 },
2413 {
2414 user => 'robot',
2415 status => 'unassigned',
2416 }
2417 );
2418
2419This data structure would create the following:
2420
2421 $stmt = "WHERE ( user = ? AND ( status LIKE ? OR status LIKE ? ) )
2422 OR ( user = ? AND status = ? ) )";
2423 @bind = ('nwiger', 'pending', 'dispatched', 'robot', 'unassigned');
2424
107b72f1 2425
48d9f5f8 2426Clauses in hashrefs or arrayrefs can be prefixed with an C<-and> or C<-or>
be21dde3 2427to change the logic inside:
32eab2da 2428
2429 my @where = (
2430 -and => [
2431 user => 'nwiger',
48d9f5f8 2432 [
2433 -and => [ workhrs => {'>', 20}, geo => 'ASIA' ],
2434 -or => { workhrs => {'<', 50}, geo => 'EURO' },
32eab2da 2435 ],
2436 ],
2437 );
2438
2439That would yield:
2440
13cc86af 2441 $stmt = "WHERE ( user = ?
2442 AND ( ( workhrs > ? AND geo = ? )
2443 OR ( workhrs < ? OR geo = ? ) ) )";
2444 @bind = ('nwiger', '20', 'ASIA', '50', 'EURO');
107b72f1 2445
cc422895 2446=head3 Algebraic inconsistency, for historical reasons
107b72f1 2447
7cac25e6 2448C<Important note>: when connecting several conditions, the C<-and->|C<-or>
2449operator goes C<outside> of the nested structure; whereas when connecting
2450several constraints on one column, the C<-and> operator goes
be21dde3 2451C<inside> the arrayref. Here is an example combining both features:
7cac25e6 2452
2453 my @where = (
2454 -and => [a => 1, b => 2],
2455 -or => [c => 3, d => 4],
2456 e => [-and => {-like => 'foo%'}, {-like => '%bar'} ]
2457 )
2458
2459yielding
2460
9d48860e 2461 WHERE ( ( ( a = ? AND b = ? )
2462 OR ( c = ? OR d = ? )
7cac25e6 2463 OR ( e LIKE ? AND e LIKE ? ) ) )
2464
107b72f1 2465This difference in syntax is unfortunate but must be preserved for
be21dde3 2466historical reasons. So be careful: the two examples below would
107b72f1 2467seem algebraically equivalent, but they are not
2468
a948b1fe 2469 { col => [ -and =>
2470 { -like => 'foo%' },
2471 { -like => '%bar' },
2472 ] }
be21dde3 2473 # yields: WHERE ( ( col LIKE ? AND col LIKE ? ) )
107b72f1 2474
a948b1fe 2475 [ -and =>
2476 { col => { -like => 'foo%' } },
2477 { col => { -like => '%bar' } },
2478 ]
be21dde3 2479 # yields: WHERE ( ( col LIKE ? OR col LIKE ? ) )
107b72f1 2480
7cac25e6 2481
cc422895 2482=head2 Literal SQL and value type operators
96449e8e 2483
cc422895 2484The basic premise of SQL::Abstract is that in WHERE specifications the "left
2485side" is a column name and the "right side" is a value (normally rendered as
2486a placeholder). This holds true for both hashrefs and arrayref pairs as you
2487see in the L</WHERE CLAUSES> examples above. Sometimes it is necessary to
2488alter this behavior. There are several ways of doing so.
e9614080 2489
cc422895 2490=head3 -ident
2491
2492This is a virtual operator that signals the string to its right side is an
2493identifier (a column name) and not a value. For example to compare two
2494columns you would write:
32eab2da 2495
e9614080 2496 my %where = (
2497 priority => { '<', 2 },
cc422895 2498 requestor => { -ident => 'submitter' },
e9614080 2499 );
2500
2501which creates:
2502
2503 $stmt = "WHERE priority < ? AND requestor = submitter";
2504 @bind = ('2');
2505
cc422895 2506If you are maintaining legacy code you may see a different construct as
2507described in L</Deprecated usage of Literal SQL>, please use C<-ident> in new
2508code.
2509
2510=head3 -value
e9614080 2511
cc422895 2512This is a virtual operator that signals that the construct to its right side
2513is a value to be passed to DBI. This is for example necessary when you want
2514to write a where clause against an array (for RDBMS that support such
2515datatypes). For example:
e9614080 2516
32eab2da 2517 my %where = (
cc422895 2518 array => { -value => [1, 2, 3] }
32eab2da 2519 );
2520
cc422895 2521will result in:
32eab2da 2522
cc422895 2523 $stmt = 'WHERE array = ?';
2524 @bind = ([1, 2, 3]);
32eab2da 2525
cc422895 2526Note that if you were to simply say:
32eab2da 2527
2528 my %where = (
cc422895 2529 array => [1, 2, 3]
32eab2da 2530 );
2531
3af02ccb 2532the result would probably not be what you wanted:
cc422895 2533
2534 $stmt = 'WHERE array = ? OR array = ? OR array = ?';
2535 @bind = (1, 2, 3);
2536
2537=head3 Literal SQL
96449e8e 2538
cc422895 2539Finally, sometimes only literal SQL will do. To include a random snippet
2540of SQL verbatim, you specify it as a scalar reference. Consider this only
2541as a last resort. Usually there is a better way. For example:
96449e8e 2542
2543 my %where = (
cc422895 2544 priority => { '<', 2 },
2545 requestor => { -in => \'(SELECT name FROM hitmen)' },
96449e8e 2546 );
2547
cc422895 2548Would create:
96449e8e 2549
cc422895 2550 $stmt = "WHERE priority < ? AND requestor IN (SELECT name FROM hitmen)"
2551 @bind = (2);
2552
2553Note that in this example, you only get one bind parameter back, since
2554the verbatim SQL is passed as part of the statement.
2555
2556=head4 CAVEAT
2557
2558 Never use untrusted input as a literal SQL argument - this is a massive
2559 security risk (there is no way to check literal snippets for SQL
2560 injections and other nastyness). If you need to deal with untrusted input
2561 use literal SQL with placeholders as described next.
96449e8e 2562
cc422895 2563=head3 Literal SQL with placeholders and bind values (subqueries)
96449e8e 2564
2565If the literal SQL to be inserted has placeholders and bind values,
2566use a reference to an arrayref (yes this is a double reference --
2567not so common, but perfectly legal Perl). For example, to find a date
2568in Postgres you can use something like this:
2569
2570 my %where = (
3ae1c5e2 2571 date_column => \[ "= date '2008-09-30' - ?::integer", 10 ]
96449e8e 2572 )
2573
2574This would create:
2575
d2a8fe1a 2576 $stmt = "WHERE ( date_column = date '2008-09-30' - ?::integer )"
96449e8e 2577 @bind = ('10');
2578
deb148a2 2579Note that you must pass the bind values in the same format as they are returned
85783f3c 2580by L<where|/where(\%where, $order)>. This means that if you set L</bindtype>
1f490ae4 2581to C<columns>, you must provide the bind values in the
2582C<< [ column_meta => value ] >> format, where C<column_meta> is an opaque
2583scalar value; most commonly the column name, but you can use any scalar value
2584(including references and blessed references), L<SQL::Abstract> will simply
2585pass it through intact. So if C<bindtype> is set to C<columns> the above
2586example will look like:
deb148a2 2587
2588 my %where = (
3ae1c5e2 2589 date_column => \[ "= date '2008-09-30' - ?::integer", [ {} => 10 ] ]
deb148a2 2590 )
96449e8e 2591
2592Literal SQL is especially useful for nesting parenthesized clauses in the
be21dde3 2593main SQL query. Here is a first example:
96449e8e 2594
2595 my ($sub_stmt, @sub_bind) = ("SELECT c1 FROM t1 WHERE c2 < ? AND c3 LIKE ?",
2596 100, "foo%");
2597 my %where = (
2598 foo => 1234,
2599 bar => \["IN ($sub_stmt)" => @sub_bind],
2600 );
2601
be21dde3 2602This yields:
96449e8e 2603
9d48860e 2604 $stmt = "WHERE (foo = ? AND bar IN (SELECT c1 FROM t1
96449e8e 2605 WHERE c2 < ? AND c3 LIKE ?))";
2606 @bind = (1234, 100, "foo%");
2607
9d48860e 2608Other subquery operators, like for example C<"E<gt> ALL"> or C<"NOT IN">,
96449e8e 2609are expressed in the same way. Of course the C<$sub_stmt> and
9d48860e 2610its associated bind values can be generated through a former call
96449e8e 2611to C<select()> :
2612
2613 my ($sub_stmt, @sub_bind)
9d48860e 2614 = $sql->select("t1", "c1", {c2 => {"<" => 100},
96449e8e 2615 c3 => {-like => "foo%"}});
2616 my %where = (
2617 foo => 1234,
2618 bar => \["> ALL ($sub_stmt)" => @sub_bind],
2619 );
2620
2621In the examples above, the subquery was used as an operator on a column;
9d48860e 2622but the same principle also applies for a clause within the main C<%where>
be21dde3 2623hash, like an EXISTS subquery:
96449e8e 2624
9d48860e 2625 my ($sub_stmt, @sub_bind)
96449e8e 2626 = $sql->select("t1", "*", {c1 => 1, c2 => \"> t0.c0"});
48d9f5f8 2627 my %where = ( -and => [
96449e8e 2628 foo => 1234,
48d9f5f8 2629 \["EXISTS ($sub_stmt)" => @sub_bind],
2630 ]);
96449e8e 2631
2632which yields
2633
9d48860e 2634 $stmt = "WHERE (foo = ? AND EXISTS (SELECT * FROM t1
96449e8e 2635 WHERE c1 = ? AND c2 > t0.c0))";
2636 @bind = (1234, 1);
2637
2638
9d48860e 2639Observe that the condition on C<c2> in the subquery refers to
be21dde3 2640column C<t0.c0> of the main query: this is I<not> a bind
9d48860e 2641value, so we have to express it through a scalar ref.
96449e8e 2642Writing C<< c2 => {">" => "t0.c0"} >> would have generated
2643C<< c2 > ? >> with bind value C<"t0.c0"> ... not exactly
2644what we wanted here.
2645
96449e8e 2646Finally, here is an example where a subquery is used
2647for expressing unary negation:
2648
9d48860e 2649 my ($sub_stmt, @sub_bind)
96449e8e 2650 = $sql->where({age => [{"<" => 10}, {">" => 20}]});
2651 $sub_stmt =~ s/^ where //i; # don't want "WHERE" in the subclause
2652 my %where = (
2653 lname => {like => '%son%'},
48d9f5f8 2654 \["NOT ($sub_stmt)" => @sub_bind],
96449e8e 2655 );
2656
2657This yields
2658
2659 $stmt = "lname LIKE ? AND NOT ( age < ? OR age > ? )"
2660 @bind = ('%son%', 10, 20)
2661
cc422895 2662=head3 Deprecated usage of Literal SQL
2663
2664Below are some examples of archaic use of literal SQL. It is shown only as
2665reference for those who deal with legacy code. Each example has a much
2666better, cleaner and safer alternative that users should opt for in new code.
2667
2668=over
2669
2670=item *
2671
2672 my %where = ( requestor => \'IS NOT NULL' )
2673
2674 $stmt = "WHERE requestor IS NOT NULL"
2675
2676This used to be the way of generating NULL comparisons, before the handling
2677of C<undef> got formalized. For new code please use the superior syntax as
2678described in L</Tests for NULL values>.
96449e8e 2679
cc422895 2680=item *
2681
2682 my %where = ( requestor => \'= submitter' )
2683
2684 $stmt = "WHERE requestor = submitter"
2685
2686This used to be the only way to compare columns. Use the superior L</-ident>
2687method for all new code. For example an identifier declared in such a way
2688will be properly quoted if L</quote_char> is properly set, while the legacy
2689form will remain as supplied.
2690
2691=item *
2692
2693 my %where = ( is_ready => \"", completed => { '>', '2012-12-21' } )
2694
2695 $stmt = "WHERE completed > ? AND is_ready"
2696 @bind = ('2012-12-21')
2697
2698Using an empty string literal used to be the only way to express a boolean.
2699For all new code please use the much more readable
2700L<-bool|/Unary operators: bool> operator.
2701
2702=back
96449e8e 2703
2704=head2 Conclusion
2705
32eab2da 2706These pages could go on for a while, since the nesting of the data
2707structures this module can handle are pretty much unlimited (the
2708module implements the C<WHERE> expansion as a recursive function
2709internally). Your best bet is to "play around" with the module a
2710little to see how the data structures behave, and choose the best
2711format for your data based on that.
2712
2713And of course, all the values above will probably be replaced with
2714variables gotten from forms or the command line. After all, if you
2715knew everything ahead of time, you wouldn't have to worry about
2716dynamically-generating SQL and could just hardwire it into your
2717script.
2718
86298391 2719=head1 ORDER BY CLAUSES
2720
9d48860e 2721Some functions take an order by clause. This can either be a scalar (just a
18710f60 2722column name), a hashref of C<< { -desc => 'col' } >> or C<< { -asc => 'col' }
2723>>, a scalarref, an arrayref-ref, or an arrayref of any of the previous
2724forms. Examples:
1cfa1db3 2725
8c15b421 2726 Given | Will Generate
18710f60 2727 ---------------------------------------------------------------
8c15b421 2728 |
2729 'colA' | ORDER BY colA
2730 |
2731 [qw/colA colB/] | ORDER BY colA, colB
2732 |
2733 {-asc => 'colA'} | ORDER BY colA ASC
2734 |
2735 {-desc => 'colB'} | ORDER BY colB DESC
2736 |
2737 ['colA', {-asc => 'colB'}] | ORDER BY colA, colB ASC
2738 |
2739 { -asc => [qw/colA colB/] } | ORDER BY colA ASC, colB ASC
2740 |
2741 \'colA DESC' | ORDER BY colA DESC
2742 |
2743 \[ 'FUNC(colA, ?)', $x ] | ORDER BY FUNC(colA, ?)
2744 | /* ...with $x bound to ? */
2745 |
bd805d85 2746 [ | ORDER BY
2747 { -asc => 'colA' }, | colA ASC,
2748 { -desc => [qw/colB/] }, | colB DESC,
2749 { -asc => [qw/colC colD/] },| colC ASC, colD ASC,
2750 \'colE DESC', | colE DESC,
2751 \[ 'FUNC(colF, ?)', $x ], | FUNC(colF, ?)
2752 ] | /* ...with $x bound to ? */
18710f60 2753 ===============================================================
86298391 2754
96449e8e 2755
2756
2757=head1 SPECIAL OPERATORS
2758
e3f9dff4 2759 my $sqlmaker = SQL::Abstract->new(special_ops => [
3a2e1a5e 2760 {
2761 regex => qr/.../,
e3f9dff4 2762 handler => sub {
2763 my ($self, $field, $op, $arg) = @_;
2764 ...
3a2e1a5e 2765 },
2766 },
2767 {
2768 regex => qr/.../,
2769 handler => 'method_name',
e3f9dff4 2770 },
2771 ]);
2772
9d48860e 2773A "special operator" is a SQL syntactic clause that can be
e3f9dff4 2774applied to a field, instead of a usual binary operator.
be21dde3 2775For example:
e3f9dff4 2776
2777 WHERE field IN (?, ?, ?)
2778 WHERE field BETWEEN ? AND ?
2779 WHERE MATCH(field) AGAINST (?, ?)
96449e8e 2780
e3f9dff4 2781Special operators IN and BETWEEN are fairly standard and therefore
3a2e1a5e 2782are builtin within C<SQL::Abstract> (as the overridable methods
2783C<_where_field_IN> and C<_where_field_BETWEEN>). For other operators,
2784like the MATCH .. AGAINST example above which is specific to MySQL,
2785you can write your own operator handlers - supply a C<special_ops>
2786argument to the C<new> method. That argument takes an arrayref of
2787operator definitions; each operator definition is a hashref with two
2788entries:
96449e8e 2789
e3f9dff4 2790=over
2791
2792=item regex
2793
2794the regular expression to match the operator
96449e8e 2795
e3f9dff4 2796=item handler
2797
3a2e1a5e 2798Either a coderef or a plain scalar method name. In both cases
2799the expected return is C<< ($sql, @bind) >>.
2800
2801When supplied with a method name, it is simply called on the
13cc86af 2802L<SQL::Abstract> object as:
3a2e1a5e 2803
ca4f826a 2804 $self->$method_name($field, $op, $arg)
3a2e1a5e 2805
2806 Where:
2807
3a2e1a5e 2808 $field is the LHS of the operator
13cc86af 2809 $op is the part that matched the handler regex
3a2e1a5e 2810 $arg is the RHS
2811
2812When supplied with a coderef, it is called as:
2813
2814 $coderef->($self, $field, $op, $arg)
2815
e3f9dff4 2816
2817=back
2818
9d48860e 2819For example, here is an implementation
e3f9dff4 2820of the MATCH .. AGAINST syntax for MySQL
2821
2822 my $sqlmaker = SQL::Abstract->new(special_ops => [
9d48860e 2823
e3f9dff4 2824 # special op for MySql MATCH (field) AGAINST(word1, word2, ...)
9d48860e 2825 {regex => qr/^match$/i,
e3f9dff4 2826 handler => sub {
2827 my ($self, $field, $op, $arg) = @_;
2828 $arg = [$arg] if not ref $arg;
2829 my $label = $self->_quote($field);
2830 my ($placeholder) = $self->_convert('?');
2831 my $placeholders = join ", ", (($placeholder) x @$arg);
2832 my $sql = $self->_sqlcase('match') . " ($label) "
2833 . $self->_sqlcase('against') . " ($placeholders) ";
2834 my @bind = $self->_bindtype($field, @$arg);
2835 return ($sql, @bind);
2836 }
2837 },
9d48860e 2838
e3f9dff4 2839 ]);
96449e8e 2840
2841
59f23b3d 2842=head1 UNARY OPERATORS
2843
112b5232 2844 my $sqlmaker = SQL::Abstract->new(unary_ops => [
59f23b3d 2845 {
2846 regex => qr/.../,
2847 handler => sub {
2848 my ($self, $op, $arg) = @_;
2849 ...
2850 },
2851 },
2852 {
2853 regex => qr/.../,
2854 handler => 'method_name',
2855 },
2856 ]);
2857
9d48860e 2858A "unary operator" is a SQL syntactic clause that can be
59f23b3d 2859applied to a field - the operator goes before the field
2860
2861You can write your own operator handlers - supply a C<unary_ops>
2862argument to the C<new> method. That argument takes an arrayref of
2863operator definitions; each operator definition is a hashref with two
2864entries:
2865
2866=over
2867
2868=item regex
2869
2870the regular expression to match the operator
2871
2872=item handler
2873
2874Either a coderef or a plain scalar method name. In both cases
2875the expected return is C<< $sql >>.
2876
2877When supplied with a method name, it is simply called on the
13cc86af 2878L<SQL::Abstract> object as:
59f23b3d 2879
ca4f826a 2880 $self->$method_name($op, $arg)
59f23b3d 2881
2882 Where:
2883
2884 $op is the part that matched the handler regex
2885 $arg is the RHS or argument of the operator
2886
2887When supplied with a coderef, it is called as:
2888
2889 $coderef->($self, $op, $arg)
2890
2891
2892=back
2893
2894
32eab2da 2895=head1 PERFORMANCE
2896
2897Thanks to some benchmarking by Mark Stosberg, it turns out that
2898this module is many orders of magnitude faster than using C<DBIx::Abstract>.
2899I must admit this wasn't an intentional design issue, but it's a
2900byproduct of the fact that you get to control your C<DBI> handles
2901yourself.
2902
2903To maximize performance, use a code snippet like the following:
2904
2905 # prepare a statement handle using the first row
2906 # and then reuse it for the rest of the rows
2907 my($sth, $stmt);
2908 for my $href (@array_of_hashrefs) {
2909 $stmt ||= $sql->insert('table', $href);
2910 $sth ||= $dbh->prepare($stmt);
2911 $sth->execute($sql->values($href));
2912 }
2913
2914The reason this works is because the keys in your C<$href> are sorted
2915internally by B<SQL::Abstract>. Thus, as long as your data retains
2916the same structure, you only have to generate the SQL the first time
2917around. On subsequent queries, simply use the C<values> function provided
2918by this module to return your values in the correct order.
2919
b864ba9b 2920However this depends on the values having the same type - if, for
2921example, the values of a where clause may either have values
2922(resulting in sql of the form C<column = ?> with a single bind
2923value), or alternatively the values might be C<undef> (resulting in
2924sql of the form C<column IS NULL> with no bind value) then the
2925caching technique suggested will not work.
96449e8e 2926
32eab2da 2927=head1 FORMBUILDER
2928
2929If you use my C<CGI::FormBuilder> module at all, you'll hopefully
2930really like this part (I do, at least). Building up a complex query
2931can be as simple as the following:
2932
2933 #!/usr/bin/perl
2934
46dc2f3e 2935 use warnings;
2936 use strict;
2937
32eab2da 2938 use CGI::FormBuilder;
2939 use SQL::Abstract;
2940
2941 my $form = CGI::FormBuilder->new(...);
2942 my $sql = SQL::Abstract->new;
2943
2944 if ($form->submitted) {
2945 my $field = $form->field;
2946 my $id = delete $field->{id};
2947 my($stmt, @bind) = $sql->update('table', $field, {id => $id});
2948 }
2949
2950Of course, you would still have to connect using C<DBI> to run the
2951query, but the point is that if you make your form look like your
2952table, the actual query script can be extremely simplistic.
2953
2954If you're B<REALLY> lazy (I am), check out C<HTML::QuickTable> for
9d48860e 2955a fast interface to returning and formatting data. I frequently
32eab2da 2956use these three modules together to write complex database query
2957apps in under 50 lines.
2958
af733667 2959=head1 HOW TO CONTRIBUTE
2960
2961Contributions are always welcome, in all usable forms (we especially
2962welcome documentation improvements). The delivery methods include git-
2963or unified-diff formatted patches, GitHub pull requests, or plain bug
2964reports either via RT or the Mailing list. Contributors are generally
2965granted full access to the official repository after their first several
2966patches pass successful review.
2967
2968This project is maintained in a git repository. The code and related tools are
2969accessible at the following locations:
d8cc1792 2970
2971=over
2972
af733667 2973=item * Official repo: L<git://git.shadowcat.co.uk/dbsrgits/SQL-Abstract.git>
2974
2975=item * Official gitweb: L<http://git.shadowcat.co.uk/gitweb/gitweb.cgi?p=dbsrgits/SQL-Abstract.git>
2976
2977=item * GitHub mirror: L<https://github.com/dbsrgits/sql-abstract>
d8cc1792 2978
af733667 2979=item * Authorized committers: L<ssh://dbsrgits@git.shadowcat.co.uk/SQL-Abstract.git>
d8cc1792 2980
2981=back
32eab2da 2982
96449e8e 2983=head1 CHANGES
2984
2985Version 1.50 was a major internal refactoring of C<SQL::Abstract>.
2986Great care has been taken to preserve the I<published> behavior
2987documented in previous versions in the 1.* family; however,
9d48860e 2988some features that were previously undocumented, or behaved
96449e8e 2989differently from the documentation, had to be changed in order
2990to clarify the semantics. Hence, client code that was relying
9d48860e 2991on some dark areas of C<SQL::Abstract> v1.*
96449e8e 2992B<might behave differently> in v1.50.
32eab2da 2993
be21dde3 2994The main changes are:
d2a8fe1a 2995
96449e8e 2996=over
32eab2da 2997
9d48860e 2998=item *
32eab2da 2999
3ae1c5e2 3000support for literal SQL through the C<< \ [ $sql, @bind ] >> syntax.
96449e8e 3001
3002=item *
3003
145fbfc8 3004support for the { operator => \"..." } construct (to embed literal SQL)
3005
3006=item *
3007
9c37b9c0 3008support for the { operator => \["...", @bind] } construct (to embed literal SQL with bind values)
3009
3010=item *
3011
96449e8e 3012optional support for L<array datatypes|/"Inserting and Updating Arrays">
3013
9d48860e 3014=item *
96449e8e 3015
be21dde3 3016defensive programming: check arguments
96449e8e 3017
3018=item *
3019
3020fixed bug with global logic, which was previously implemented
7cac25e6 3021through global variables yielding side-effects. Prior versions would
96449e8e 3022interpret C<< [ {cond1, cond2}, [cond3, cond4] ] >>
3023as C<< "(cond1 AND cond2) OR (cond3 AND cond4)" >>.
3024Now this is interpreted
3025as C<< "(cond1 AND cond2) OR (cond3 OR cond4)" >>.
3026
96449e8e 3027
3028=item *
3029
3030fixed semantics of _bindtype on array args
3031
9d48860e 3032=item *
96449e8e 3033
3034dropped the C<_anoncopy> of the %where tree. No longer necessary,
3035we just avoid shifting arrays within that tree.
3036
3037=item *
3038
3039dropped the C<_modlogic> function
3040
3041=back
32eab2da 3042
32eab2da 3043=head1 ACKNOWLEDGEMENTS
3044
3045There are a number of individuals that have really helped out with
3046this module. Unfortunately, most of them submitted bugs via CPAN
3047so I have no idea who they are! But the people I do know are:
3048
9d48860e 3049 Ash Berlin (order_by hash term support)
b643abe1 3050 Matt Trout (DBIx::Class support)
32eab2da 3051 Mark Stosberg (benchmarking)
3052 Chas Owens (initial "IN" operator support)
3053 Philip Collins (per-field SQL functions)
3054 Eric Kolve (hashref "AND" support)
3055 Mike Fragassi (enhancements to "BETWEEN" and "LIKE")
3056 Dan Kubb (support for "quote_char" and "name_sep")
f5aab26e 3057 Guillermo Roditi (patch to cleanup "IN" and "BETWEEN", fix and tests for _order_by)
48d9f5f8 3058 Laurent Dami (internal refactoring, extensible list of special operators, literal SQL)
dbdf7648 3059 Norbert Buchmuller (support for literal SQL in hashpair, misc. fixes & tests)
e96c510a 3060 Peter Rabbitson (rewrite of SQLA::Test, misc. fixes & tests)
02288357 3061 Oliver Charles (support for "RETURNING" after "INSERT")
32eab2da 3062
3063Thanks!
3064
32eab2da 3065=head1 SEE ALSO
3066
86298391 3067L<DBIx::Class>, L<DBIx::Abstract>, L<CGI::FormBuilder>, L<HTML::QuickTable>.
32eab2da 3068
32eab2da 3069=head1 AUTHOR
3070
b643abe1 3071Copyright (c) 2001-2007 Nathan Wiger <nwiger@cpan.org>. All Rights Reserved.
3072
3073This module is actively maintained by Matt Trout <mst@shadowcatsystems.co.uk>
32eab2da 3074
abe72f94 3075For support, your best bet is to try the C<DBIx::Class> users mailing list.
3076While not an official support venue, C<DBIx::Class> makes heavy use of
3077C<SQL::Abstract>, and as such list members there are very familiar with
3078how to create queries.
3079
0d067ded 3080=head1 LICENSE
3081
d988ab87 3082This module is free software; you may copy this under the same
3083terms as perl itself (either the GNU General Public License or
3084the Artistic License)
32eab2da 3085
3086=cut
Unnamed repository; edit this file 'description' to name the repository.