projects / scpubgit/Q-Branch.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | history | HEAD
expand value node type to bind, remove value render code
[scpubgit/Q-Branch.git] / lib / SQL / Abstract.pm
CommitLineData
96449e8e 1package SQL::Abstract; # see doc at end of file
2
96449e8e 3use strict;
4use warnings;
9d9d5bd6 5use Carp ();
312d830b 6use List::Util ();
7use Scalar::Util ();
96449e8e 8
0da0fe34 9use Exporter 'import';
10our @EXPORT_OK = qw(is_plain_value is_literal_value);
11
12BEGIN {
13 if ($] < 5.009_005) {
14 require MRO::Compat;
15 }
16 else {
17 require mro;
18 }
843a94b5 19
20 *SQL::Abstract::_ENV_::DETECT_AUTOGENERATED_STRINGIFICATION = $ENV{SQLA_ISVALUE_IGNORE_AUTOGENERATED_STRINGIFICATION}
21 ? sub () { 0 }
22 : sub () { 1 }
23 ;
0da0fe34 24}
25
96449e8e 26#======================================================================
27# GLOBALS
28#======================================================================
29
dc6afcf8 30our $VERSION = '1.86';
7479e27e 31
22f1a437 32# This would confuse some packagers
c520207b 33$VERSION = eval $VERSION if $VERSION =~ /_/; # numify for warning-free dev releases
96449e8e 34
35our $AUTOLOAD;
36
37# special operators (-in, -between). May be extended/overridden by user.
38# See section WHERE: BUILTIN SPECIAL OPERATORS below for implementation
39my @BUILTIN_SPECIAL_OPS = (
f663e672 40 {regex => qr/^ (?: not \s )? between $/ix, handler => sub { die "NOPE" }},
41 {regex => qr/^ (?: not \s )? in $/ix, handler => sub { die "NOPE" }},
87c8e45b 42 {regex => qr/^ is (?: \s+ not )? $/ix, handler => sub { die "NOPE" }},
96449e8e 43);
44
45#======================================================================
46# DEBUGGING AND ERROR REPORTING
47#======================================================================
48
49sub _debug {
50 return unless $_[0]->{debug}; shift; # a little faster
51 my $func = (caller(1))[3];
52 warn "[$func] ", @_, "\n";
53}
54
55sub belch (@) {
56 my($func) = (caller(1))[3];
9d9d5bd6 57 Carp::carp "[$func] Warning: ", @_;
96449e8e 58}
59
60sub puke (@) {
61 my($func) = (caller(1))[3];
9d9d5bd6 62 Carp::croak "[$func] Fatal: ", @_;
96449e8e 63}
64
0da0fe34 65sub is_literal_value ($) {
66 ref $_[0] eq 'SCALAR' ? [ ${$_[0]} ]
67 : ( ref $_[0] eq 'REF' and ref ${$_[0]} eq 'ARRAY' ) ? [ @${ $_[0] } ]
0da0fe34 68 : undef;
69}
70
71# FIXME XSify - this can be done so much more efficiently
72sub is_plain_value ($) {
73 no strict 'refs';
966200cc 74 ! length ref $_[0] ? \($_[0])
0da0fe34 75 : (
76 ref $_[0] eq 'HASH' and keys %{$_[0]} == 1
77 and
78 exists $_[0]->{-value}
966200cc 79 ) ? \($_[0]->{-value})
0da0fe34 80 : (
a1c9e0ff 81 # reuse @_ for even moar speedz
82 defined ( $_[1] = Scalar::Util::blessed $_[0] )
0da0fe34 83 and
84 # deliberately not using Devel::OverloadInfo - the checks we are
85 # intersted in are much more limited than the fullblown thing, and
86 # this is a very hot piece of code
87 (
e8d729d4 88 # simply using ->can('(""') can leave behind stub methods that
89 # break actually using the overload later (see L<perldiag/Stub
90 # found while resolving method "%s" overloading "%s" in package
91 # "%s"> and the source of overload::mycan())
44e54b41 92 #
0da0fe34 93 # either has stringification which DBI SHOULD prefer out of the box
a1c9e0ff 94 grep { *{ (qq[${_}::(""]) }{CODE} } @{ $_[2] = mro::get_linear_isa( $_[1] ) }
0da0fe34 95 or
20e178a8 96 # has nummification or boolification, AND fallback is *not* disabled
0da0fe34 97 (
843a94b5 98 SQL::Abstract::_ENV_::DETECT_AUTOGENERATED_STRINGIFICATION
99 and
20e178a8 100 (
101 grep { *{"${_}::(0+"}{CODE} } @{$_[2]}
102 or
103 grep { *{"${_}::(bool"}{CODE} } @{$_[2]}
104 )
0da0fe34 105 and
106 (
107 # no fallback specified at all
a1c9e0ff 108 ! ( ($_[3]) = grep { *{"${_}::()"}{CODE} } @{$_[2]} )
0da0fe34 109 or
110 # fallback explicitly undef
a1c9e0ff 111 ! defined ${"$_[3]::()"}
0da0fe34 112 or
113 # explicitly true
a1c9e0ff 114 !! ${"$_[3]::()"}
0da0fe34 115 )
116 )
117 )
966200cc 118 ) ? \($_[0])
0da0fe34 119 : undef;
120}
121
122
96449e8e 123
124#======================================================================
125# NEW
126#======================================================================
127
128sub new {
129 my $self = shift;
130 my $class = ref($self) || $self;
131 my %opt = (ref $_[0] eq 'HASH') ? %{$_[0]} : @_;
132
133 # choose our case by keeping an option around
134 delete $opt{case} if $opt{case} && $opt{case} ne 'lower';
135
136 # default logic for interpreting arrayrefs
ef559da3 137 $opt{logic} = $opt{logic} ? uc $opt{logic} : 'OR';
96449e8e 138
139 # how to return bind vars
96449e8e 140 $opt{bindtype} ||= 'normal';
141
142 # default comparison is "=", but can be overridden
143 $opt{cmp} ||= '=';
144
3af02ccb 145 # try to recognize which are the 'equality' and 'inequality' ops
3cdadcbe 146 # (temporary quickfix (in 2007), should go through a more seasoned API)
147 $opt{equality_op} = qr/^( \Q$opt{cmp}\E | \= )$/ix;
148 $opt{inequality_op} = qr/^( != | <> )$/ix;
149
150 $opt{like_op} = qr/^ (is\s+)? r?like $/xi;
151 $opt{not_like_op} = qr/^ (is\s+)? not \s+ r?like $/xi;
96449e8e 152
153 # SQL booleans
154 $opt{sqltrue} ||= '1=1';
155 $opt{sqlfalse} ||= '0=1';
156
9d48860e 157 # special operators
30af97c5 158 $opt{special_ops} ||= [];
159
b6251592 160 # regexes are applied in order, thus push after user-defines
96449e8e 161 push @{$opt{special_ops}}, @BUILTIN_SPECIAL_OPS;
162
cf06e9dc 163 if ($class->isa('DBIx::Class::SQLMaker')) {
dd1d0dbf 164 push @{$opt{special_ops}}, our $DBIC_Compat_Op ||= {
165 regex => qr/^(?:ident|value)$/i, handler => sub { die "NOPE" }
166 };
cf06e9dc 167 $opt{is_dbic_sqlmaker} = 1;
dd1d0dbf 168 }
169
9d48860e 170 # unary operators
59f23b3d 171 $opt{unary_ops} ||= [];
59f23b3d 172
3af02ccb 173 # rudimentary sanity-check for user supplied bits treated as functions/operators
b6251592 174 # If a purported function matches this regular expression, an exception is thrown.
175 # Literal SQL is *NOT* subject to this check, only functions (and column names
176 # when quoting is not in effect)
96449e8e 177
b6251592 178 # FIXME
179 # need to guard against ()'s in column names too, but this will break tons of
180 # hacks... ideas anyone?
181 $opt{injection_guard} ||= qr/
182 \;
183 |
184 ^ \s* go \s
185 /xmi;
96449e8e 186
b07681b1 187 $opt{node_types} = +{
188 map +("-$_" => '_render_'.$_),
a332e2cb 189 qw(op func bind ident literal list)
b07681b1 190 };
191
ec19b759 192 $opt{expand_unary} = {};
193
b6251592 194 return bless \%opt, $class;
195}
96449e8e 196
e175845b 197sub sqltrue { +{ -literal => [ $_[0]->{sqltrue} ] } }
198sub sqlfalse { +{ -literal => [ $_[0]->{sqlfalse} ] } }
170e6c33 199
200sub _assert_pass_injection_guard {
201 if ($_[1] =~ $_[0]->{injection_guard}) {
202 my $class = ref $_[0];
203 puke "Possible SQL injection attempt '$_[1]'. If this is indeed a part of the "
204 . "desired SQL use literal SQL ( \'...' or \[ '...' ] ) or supply your own "
205 . "{injection_guard} attribute to ${class}->new()"
206 }
207}
208
209
96449e8e 210#======================================================================
211# INSERT methods
212#======================================================================
213
214sub insert {
02288357 215 my $self = shift;
216 my $table = $self->_table(shift);
217 my $data = shift || return;
218 my $options = shift;
96449e8e 219
220 my $method = $self->_METHOD_FOR_refkind("_insert", $data);
02288357 221 my ($sql, @bind) = $self->$method($data);
96449e8e 222 $sql = join " ", $self->_sqlcase('insert into'), $table, $sql;
02288357 223
e82e648a 224 if ($options->{returning}) {
ca4f826a 225 my ($s, @b) = $self->_insert_returning($options);
e82e648a 226 $sql .= $s;
227 push @bind, @b;
02288357 228 }
229
96449e8e 230 return wantarray ? ($sql, @bind) : $sql;
231}
232
60f3fd3f 233# So that subclasses can override INSERT ... RETURNING separately from
234# UPDATE and DELETE (e.g. DBIx::Class::SQLMaker::Oracle does this)
b17a3ece 235sub _insert_returning { shift->_returning(@_) }
236
95904db5 237sub _returning {
e82e648a 238 my ($self, $options) = @_;
6b1fe79d 239
e82e648a 240 my $f = $options->{returning};
241
ff96fdd4 242 my ($sql, @bind) = $self->_render_expr(
243 $self->_expand_maybe_list_expr($f, undef, -ident)
244 );
245 return wantarray
246 ? $self->_sqlcase(' returning ') . $sql
247 : ($self->_sqlcase(' returning ').$sql, @bind);
6b1fe79d 248}
249
96449e8e 250sub _insert_HASHREF { # explicit list of fields and then values
251 my ($self, $data) = @_;
252
253 my @fields = sort keys %$data;
254
fe3ae272 255 my ($sql, @bind) = $self->_insert_values($data);
96449e8e 256
257 # assemble SQL
258 $_ = $self->_quote($_) foreach @fields;
259 $sql = "( ".join(", ", @fields).") ".$sql;
260
261 return ($sql, @bind);
262}
263
264sub _insert_ARRAYREF { # just generate values(?,?) part (no list of fields)
265 my ($self, $data) = @_;
266
267 # no names (arrayref) so can't generate bindtype
268 $self->{bindtype} ne 'columns'
269 or belch "can't do 'columns' bindtype when called with arrayref";
270
19b6ccce 271 my (@values, @all_bind);
272 foreach my $value (@$data) {
273 my ($values, @bind) = $self->_insert_value(undef, $value);
274 push @values, $values;
275 push @all_bind, @bind;
276 }
277 my $sql = $self->_sqlcase('values')." ( ".join(", ", @values)." )";
278 return ($sql, @all_bind);
fe3ae272 279}
280
281sub _insert_ARRAYREFREF { # literal SQL with bind
282 my ($self, $data) = @_;
283
284 my ($sql, @bind) = @${$data};
285 $self->_assert_bindval_matches_bindtype(@bind);
286
287 return ($sql, @bind);
288}
289
290
291sub _insert_SCALARREF { # literal SQL without bind
292 my ($self, $data) = @_;
293
294 return ($$data);
295}
296
297sub _insert_values {
298 my ($self, $data) = @_;
299
96449e8e 300 my (@values, @all_bind);
fe3ae272 301 foreach my $column (sort keys %$data) {
19b6ccce 302 my ($values, @bind) = $self->_insert_value($column, $data->{$column});
303 push @values, $values;
304 push @all_bind, @bind;
305 }
306 my $sql = $self->_sqlcase('values')." ( ".join(", ", @values)." )";
307 return ($sql, @all_bind);
308}
96449e8e 309
19b6ccce 310sub _insert_value {
311 my ($self, $column, $v) = @_;
96449e8e 312
720ca4f7 313 return $self->_render_expr(
314 $self->_expand_insert_value($column, $v)
315 );
316}
96449e8e 317
720ca4f7 318sub _expand_insert_value {
319 my ($self, $column, $v) = @_;
96449e8e 320
720ca4f7 321 if (ref($v) eq 'ARRAY') {
322 if ($self->{array_datatypes}) {
323 return +{ -bind => [ $column, $v ] };
324 }
325 my ($sql, @bind) = @$v;
326 $self->_assert_bindval_matches_bindtype(@bind);
327 return +{ -literal => $v };
328 }
329 if (ref($v) eq 'HASH') {
330 if (grep !/^-/, keys %$v) {
331 belch "HASH ref as bind value in insert is not supported";
332 return +{ -bind => [ $column, $v ] };
333 }
334 }
335 if (!defined($v)) {
336 return +{ -bind => [ $column, undef ] };
337 }
338 local our $Cur_Col_Meta = $column;
339 return $self->_expand_expr($v);
96449e8e 340}
341
342
96449e8e 343
344#======================================================================
345# UPDATE methods
346#======================================================================
347
348
349sub update {
95904db5 350 my $self = shift;
351 my $table = $self->_table(shift);
352 my $data = shift || return;
353 my $where = shift;
354 my $options = shift;
96449e8e 355
356 # first build the 'SET' part of the sql statement
96449e8e 357 puke "Unsupported data type specified to \$sql->update"
358 unless ref $data eq 'HASH';
359
9ade906e 360 my ($sql, @all_bind) = $self->_update_set_values($data);
a9e94508 361 $sql = $self->_sqlcase('update ') . $table . $self->_sqlcase(' set ')
9ade906e 362 . $sql;
363
364 if ($where) {
365 my($where_sql, @where_bind) = $self->where($where);
366 $sql .= $where_sql;
367 push @all_bind, @where_bind;
368 }
369
370 if ($options->{returning}) {
371 my ($returning_sql, @returning_bind) = $self->_update_returning($options);
372 $sql .= $returning_sql;
373 push @all_bind, @returning_bind;
374 }
375
376 return wantarray ? ($sql, @all_bind) : $sql;
377}
378
379sub _update_set_values {
380 my ($self, $data) = @_;
381
89690da2 382 return $self->_render_expr(
383 $self->_expand_update_set_values($data),
384 );
385}
96449e8e 386
89690da2 387sub _expand_update_set_values {
388 my ($self, $data) = @_;
389 $self->_expand_maybe_list_expr( [
390 map {
391 my ($k, $set) = @$_;
c4ed66f4 392 $set = { -bind => $_ } unless defined $set;
89690da2 393 +{ -op => [ '=', { -ident => $k }, $set ] };
394 }
395 map {
396 my $k = $_;
397 my $v = $data->{$k};
398 (ref($v) eq 'ARRAY'
399 ? ($self->{array_datatypes}
400 ? [ $k, +{ -bind => [ $k, $v ] } ]
401 : [ $k, +{ -literal => $v } ])
402 : do {
403 local our $Cur_Col_Meta = $k;
404 [ $k, $self->_expand_expr($v) ]
405 }
406 );
407 } sort keys %$data
408 ] );
96449e8e 409}
410
60f3fd3f 411# So that subclasses can override UPDATE ... RETURNING separately from
412# INSERT and DELETE
20bb2ad5 413sub _update_returning { shift->_returning(@_) }
96449e8e 414
415
416
417#======================================================================
418# SELECT
419#======================================================================
420
421
422sub select {
423 my $self = shift;
424 my $table = $self->_table(shift);
425 my $fields = shift || '*';
426 my $where = shift;
427 my $order = shift;
428
daa4ccdd 429 my ($fields_sql, @bind) = $self->_select_fields($fields);
96449e8e 430
daa4ccdd 431 my ($where_sql, @where_bind) = $self->where($where, $order);
432 push @bind, @where_bind;
433
434 my $sql = join(' ', $self->_sqlcase('select'), $fields_sql,
96449e8e 435 $self->_sqlcase('from'), $table)
436 . $where_sql;
437
9d48860e 438 return wantarray ? ($sql, @bind) : $sql;
96449e8e 439}
440
daa4ccdd 441sub _select_fields {
442 my ($self, $fields) = @_;
de63ce57 443 return $fields unless ref($fields);
27592e2b 444 return $self->_render_expr(
445 $self->_expand_maybe_list_expr($fields, undef, '-ident')
446 );
daa4ccdd 447}
448
96449e8e 449#======================================================================
450# DELETE
451#======================================================================
452
453
454sub delete {
85327cd5 455 my $self = shift;
456 my $table = $self->_table(shift);
457 my $where = shift;
458 my $options = shift;
96449e8e 459
460 my($where_sql, @bind) = $self->where($where);
a9e94508 461 my $sql = $self->_sqlcase('delete from ') . $table . $where_sql;
96449e8e 462
85327cd5 463 if ($options->{returning}) {
ca4f826a 464 my ($returning_sql, @returning_bind) = $self->_delete_returning($options);
85327cd5 465 $sql .= $returning_sql;
466 push @bind, @returning_bind;
467 }
468
9d48860e 469 return wantarray ? ($sql, @bind) : $sql;
96449e8e 470}
471
60f3fd3f 472# So that subclasses can override DELETE ... RETURNING separately from
473# INSERT and UPDATE
85327cd5 474sub _delete_returning { shift->_returning(@_) }
475
476
96449e8e 477
478#======================================================================
479# WHERE: entry point
480#======================================================================
481
482
483
484# Finally, a separate routine just to handle WHERE clauses
485sub where {
486 my ($self, $where, $order) = @_;
487
7ad12721 488 local $self->{convert_where} = $self->{convert};
489
96449e8e 490 # where ?
e175845b 491 my ($sql, @bind) = defined($where)
492 ? $self->_recurse_where($where)
493 : (undef);
417dd15e 494 $sql = (defined $sql and length $sql) ? $self->_sqlcase(' where ') . "( $sql )" : '';
96449e8e 495
496 # order by?
497 if ($order) {
26fe4d30 498 my ($order_sql, @order_bind) = $self->_order_by($order);
499 $sql .= $order_sql;
500 push @bind, @order_bind;
96449e8e 501 }
502
9d48860e 503 return wantarray ? ($sql, @bind) : $sql;
96449e8e 504}
505
a2cd381d 506sub _expand_expr {
2558b622 507 my ($self, $expr, $logic, $default_scalar_to) = @_;
508 local our $Default_Scalar_To = $default_scalar_to if $default_scalar_to;
3ae10d16 509 our $Expand_Depth ||= 0; local $Expand_Depth = $Expand_Depth + 1;
252518da 510 return undef unless defined($expr);
59588695 511 if (ref($expr) eq 'HASH') {
512 if (keys %$expr > 1) {
513 $logic ||= 'and';
77617257 514 return +{ -op => [
515 $logic,
59588695 516 map $self->_expand_expr_hashpair($_ => $expr->{$_}, $logic),
517 sort keys %$expr
518 ] };
519 }
1c0c0f41 520 return { -literal => [ '' ] } unless keys %$expr;
59588695 521 return $self->_expand_expr_hashpair(%$expr, $logic);
a2cd381d 522 }
08264f40 523 if (ref($expr) eq 'ARRAY') {
99a65fa8 524 my $logic = lc($logic || $self->{logic});
08264f40 525 $logic eq 'and' or $logic eq 'or' or puke "unknown logic: $logic";
526
1c0c0f41 527 #my @expr = @$expr;
528 my @expr = grep {
529 (ref($_) eq 'ARRAY' and @$_)
530 or (ref($_) eq 'HASH' and %$_)
531 or 1
532 } @$expr;
08264f40 533
534 my @res;
535
536 while (my ($el) = splice @expr, 0, 1) {
537 puke "Supplying an empty left hand side argument is not supported in array-pairs"
538 unless defined($el) and length($el);
539 my $elref = ref($el);
540 if (!$elref) {
dd1d0dbf 541 local $Expand_Depth = 0;
08264f40 542 push(@res, $self->_expand_expr({ $el, shift(@expr) }));
543 } elsif ($elref eq 'ARRAY') {
544 push(@res, $self->_expand_expr($el)) if @$el;
ec857800 545 } elsif (my $l = is_literal_value($el)) {
546 push @res, { -literal => $l };
08264f40 547 } elsif ($elref eq 'HASH') {
dd1d0dbf 548 local $Expand_Depth = 0;
1b630cfe 549 push @res, $self->_expand_expr($el) if %$el;
08264f40 550 } else {
da4a0964 551 die "notreached";
08264f40 552 }
553 }
2143604f 554 return { -op => [ $logic, @res ] };
08264f40 555 }
ca3da680 556 if (my $literal = is_literal_value($expr)) {
557 return +{ -literal => $literal };
558 }
99a65fa8 559 if (!ref($expr) or Scalar::Util::blessed($expr)) {
2558b622 560 if (my $d = $Default_Scalar_To) {
a332e2cb 561 return $self->_expand_expr({ $d => $expr });
2558b622 562 }
99a65fa8 563 if (my $m = our $Cur_Col_Meta) {
564 return +{ -bind => [ $m, $expr ] };
565 }
a332e2cb 566 return +{ -bind => [ undef, $expr ] };
252518da 567 }
252518da 568 die "notreached";
a2cd381d 569}
96449e8e 570
59588695 571sub _expand_expr_hashpair {
572 my ($self, $k, $v, $logic) = @_;
d13725da 573 unless (defined($k) and length($k)) {
2d64004f 574 if (defined($k) and my $literal = is_literal_value($v)) {
d13725da 575 belch 'Hash-pairs consisting of an empty string with a literal are deprecated, and will be removed in 2.0: use -and => [ $literal ] instead';
2d64004f 576 return { -literal => $literal };
d13725da 577 }
578 puke "Supplying an empty left hand side argument is not supported";
579 }
ef071fad 580 if ($k =~ /^-/) {
99a65fa8 581 $self->_assert_pass_injection_guard($k =~ /^-(.*)$/s);
582 if ($k =~ s/ [_\s]? \d+ $//x ) {
583 belch 'Use of [and|or|nest]_N modifiers is deprecated and will be removed in SQLA v2.0. '
584 . "You probably wanted ...-and => [ $k => COND1, $k => COND2 ... ]";
585 }
ef071fad 586 if ($k eq '-nest') {
0fc68377 587 # DBIx::Class requires a nest warning to be emitted once but the private
588 # method it overrode to do so no longer exists
cf06e9dc 589 if ($self->{is_dbic_sqlmaker}) {
590 unless (our $Nest_Warned) {
0fc68377 591 belch(
592 "-nest in search conditions is deprecated, you most probably wanted:\n"
593 .q|{..., -and => [ \%cond0, \@cond1, \'cond2', \[ 'cond3', [ col => bind ] ], etc. ], ... }|
594 );
595 $Nest_Warned = 1;
596 }
597 }
ef071fad 598 return $self->_expand_expr($v);
599 }
6ab1562a 600 if ($k eq '-bool') {
601 if (ref($v)) {
602 return $self->_expand_expr($v);
603 }
604 puke "-bool => undef not supported" unless defined($v);
605 return { -ident => $v };
606 }
99a65fa8 607 if ($k eq '-not') {
0c7e3af0 608 return { -op => [ 'not', $self->_expand_expr($v) ] };
99a65fa8 609 }
ce3bc4b0 610 if (my ($rest) = $k =~/^-not[_ ](.*)$/) {
0c7e3af0 611 return +{ -op => [
612 'not',
99a65fa8 613 $self->_expand_expr_hashpair("-${rest}", $v, $logic)
0c7e3af0 614 ] };
ce3bc4b0 615 }
99a65fa8 616 if (my ($logic) = $k =~ /^-(and|or)$/i) {
dd2d5bf7 617 if (ref($v) eq 'HASH') {
618 return $self->_expand_expr($v, $logic);
619 }
99a65fa8 620 if (ref($v) eq 'ARRAY') {
621 return $self->_expand_expr($v, $logic);
622 }
dd2d5bf7 623 }
99a65fa8 624 {
625 my $op = $k;
626 $op =~ s/^-// if length($op) > 1;
627
628 # top level special ops are illegal in general
3ae10d16 629 # note that, arguably, if it makes no sense at top level, it also
630 # makes no sense on the other side of an = sign or similar but DBIC
631 # gets disappointingly upset if I disallow it
632 if (
633 (our $Expand_Depth) == 1
634 and List::Util::first { $op =~ $_->{regex} } @{$self->{special_ops}}
635 ) {
636 puke "Illegal use of top-level '-$op'"
637 }
96a8d74a 638 if (my $us = List::Util::first { $op =~ $_->{regex} } @{$self->{unary_ops}}) {
639 return { -op => [ $op, $v ] };
640 }
99a65fa8 641 }
a332e2cb 642 if ($k eq '-value') {
643 return +{ -bind => [ our $Cur_Col_Meta, $v ] };
99a65fa8 644 }
ec19b759 645 if (my $custom = $self->{expand_unary}{$k}) {
646 return $self->$custom($v);
647 }
b07681b1 648 if ($self->{node_types}{$k}) {
99a65fa8 649 return { $k => $v };
d13725da 650 }
711892b1 651 if (
652 ref($v) eq 'HASH'
653 and keys %$v == 1
654 and (keys %$v)[0] =~ /^-/
655 ) {
656 my ($func) = $k =~ /^-(.*)$/;
3ae10d16 657 if (List::Util::first { $func =~ $_->{regex} } @{$self->{special_ops}}) {
658 return +{ -op => [ $func, $self->_expand_expr($v) ] };
659 }
711892b1 660 return +{ -func => [ $func, $self->_expand_expr($v) ] };
661 }
662 if (!ref($v) or is_literal_value($v)) {
99a65fa8 663 return +{ -op => [ $k =~ /^-(.*)$/, $self->_expand_expr($v) ] };
59588695 664 }
99a65fa8 665 }
666 if (
667 !defined($v)
668 or (
669 ref($v) eq 'HASH'
670 and exists $v->{-value}
671 and not defined $v->{-value}
672 )
673 ) {
674 return $self->_expand_expr_hashpair($k => { $self->{cmp} => undef });
675 }
676 if (!ref($v) or Scalar::Util::blessed($v)) {
ec19b759 677 my $d = our $Default_Scalar_To;
99a65fa8 678 return +{
679 -op => [
680 $self->{cmp},
681 { -ident => $k },
ec19b759 682 ($d ? { $d => $v } : { -bind => [ $k, $v ] })
99a65fa8 683 ]
684 };
685 }
686 if (ref($v) eq 'HASH') {
687 if (keys %$v > 1) {
e175845b 688 return { -op => [
689 'and',
99a65fa8 690 map $self->_expand_expr_hashpair($k => { $_ => $v->{$_} }),
691 sort keys %$v
692 ] };
693 }
dd1d0dbf 694 return { -literal => [ '' ] } unless keys %$v;
99a65fa8 695 my ($vk, $vv) = %$v;
696 $vk =~ s/^-//;
697 $vk = lc($vk);
698 $self->_assert_pass_injection_guard($vk);
699 if ($vk =~ s/ [_\s]? \d+ $//x ) {
700 belch 'Use of [and|or|nest]_N modifiers is deprecated and will be removed in SQLA v2.0. '
701 . "You probably wanted ...-and => [ -$vk => COND1, -$vk => COND2 ... ]";
702 }
703 if ($vk =~ /^(?:not[ _])?between$/) {
704 local our $Cur_Col_Meta = $k;
705 my @rhs = map $self->_expand_expr($_),
706 ref($vv) eq 'ARRAY' ? @$vv : $vv;
707 unless (
708 (@rhs == 1 and ref($rhs[0]) eq 'HASH' and $rhs[0]->{-literal})
709 or
710 (@rhs == 2 and defined($rhs[0]) and defined($rhs[1]))
711 ) {
712 puke "Operator '${\uc($vk)}' requires either an arrayref with two defined values or expressions, or a single literal scalarref/arrayref-ref";
b5b18861 713 }
99a65fa8 714 return +{ -op => [
715 join(' ', split '_', $vk),
716 { -ident => $k },
717 @rhs
718 ] }
719 }
720 if ($vk =~ /^(?:not[ _])?in$/) {
721 if (my $literal = is_literal_value($vv)) {
722 my ($sql, @bind) = @$literal;
723 my $opened_sql = $self->_open_outer_paren($sql);
10d07c4e 724 return +{ -op => [
99a65fa8 725 $vk, { -ident => $k },
726 [ { -literal => [ $opened_sql, @bind ] } ]
10d07c4e 727 ] };
728 }
99a65fa8 729 my $undef_err =
730 'SQL::Abstract before v1.75 used to generate incorrect SQL when the '
731 . "-${\uc($vk)} operator was given an undef-containing list: !!!AUDIT YOUR CODE "
732 . 'AND DATA!!! (the upcoming Data::Query-based version of SQL::Abstract '
733 . 'will emit the logically correct SQL instead of raising this exception)'
734 ;
735 puke("Argument passed to the '${\uc($vk)}' operator can not be undefined")
736 if !defined($vv);
737 my @rhs = map $self->_expand_expr($_),
738 map { ref($_) ? $_ : { -bind => [ $k, $_ ] } }
739 map { defined($_) ? $_: puke($undef_err) }
740 (ref($vv) eq 'ARRAY' ? @$vv : $vv);
e175845b 741 return $self->${\($vk =~ /^not/ ? 'sqltrue' : 'sqlfalse')} unless @rhs;
99a65fa8 742
743 return +{ -op => [
744 join(' ', split '_', $vk),
745 { -ident => $k },
746 \@rhs
747 ] };
748 }
749 if ($vk eq 'ident') {
02b8fe35 750 if (! defined $vv or (ref($vv) and ref($vv) eq 'ARRAY')) {
751 puke "-$vk requires a single plain scalar argument (a quotable identifier) or an arrayref of identifier parts";
f7778474 752 }
99a65fa8 753 return +{ -op => [
754 $self->{cmp},
755 { -ident => $k },
756 { -ident => $vv }
757 ] };
758 }
759 if ($vk eq 'value') {
760 return $self->_expand_expr_hashpair($k, undef) unless defined($vv);
761 return +{ -op => [
762 $self->{cmp},
763 { -ident => $k },
764 { -bind => [ $k, $vv ] }
765 ] };
766 }
767 if ($vk =~ /^is(?:[ _]not)?$/) {
768 puke "$vk can only take undef as argument"
769 if defined($vv)
770 and not (
771 ref($vv) eq 'HASH'
772 and exists($vv->{-value})
773 and !defined($vv->{-value})
774 );
775 $vk =~ s/_/ /g;
776 return +{ -op => [ $vk.' null', { -ident => $k } ] };
777 }
778 if ($vk =~ /^(and|or)$/) {
779 if (ref($vv) eq 'HASH') {
e62fe58a 780 return +{ -op => [
781 $vk,
99a65fa8 782 map $self->_expand_expr_hashpair($k, { $_ => $vv->{$_} }),
783 sort keys %$vv
7d7868d1 784 ] };
785 }
e28d9b13 786 }
30af97c5 787 if (my $us = List::Util::first { $vk =~ $_->{regex} } @{$self->{special_ops}}) {
99a65fa8 788 return { -op => [ $vk, { -ident => $k }, $vv ] };
7dbe1183 789 }
96a8d74a 790 if (my $us = List::Util::first { $vk =~ $_->{regex} } @{$self->{unary_ops}}) {
791 return { -op => [
792 $self->{cmp},
793 { -ident => $k },
794 { -op => [ $vk, $vv ] }
795 ] };
796 }
99a65fa8 797 if (ref($vv) eq 'ARRAY') {
798 my ($logic, @values) = (
799 (defined($vv->[0]) and $vv->[0] =~ /^-(and|or)$/i)
800 ? @$vv
801 : (-or => @$vv)
802 );
803 if (
804 $vk =~ $self->{inequality_op}
805 or join(' ', split '_', $vk) =~ $self->{not_like_op}
806 ) {
807 if (lc($logic) eq '-or' and @values > 1) {
808 my $op = uc join ' ', split '_', $vk;
809 belch "A multi-element arrayref as an argument to the inequality op '$op' "
810 . 'is technically equivalent to an always-true 1=1 (you probably wanted '
811 . "to say ...{ \$inequality_op => [ -and => \@values ] }... instead)"
812 ;
813 }
ef071fad 814 }
b3cb13e8 815 unless (@values) {
816 # try to DWIM on equality operators
817 my $op = join ' ', split '_', $vk;
818 return
e175845b 819 $op =~ $self->{equality_op} ? $self->sqlfalse
820 : $op =~ $self->{like_op} ? belch("Supplying an empty arrayref to '@{[ uc $op]}' is deprecated") && $self->sqlfalse
821 : $op =~ $self->{inequality_op} ? $self->sqltrue
822 : $op =~ $self->{not_like_op} ? belch("Supplying an empty arrayref to '@{[ uc $op]}' is deprecated") && $self->sqltrue
b3cb13e8 823 : puke "operator '$op' applied on an empty array (field '$k')";
824 }
63c97a0b 825 return +{ -op => [
826 $logic =~ /^-(.*)$/,
99a65fa8 827 map $self->_expand_expr_hashpair($k => { $vk => $_ }),
828 @values
829 ] };
830 }
831 if (
832 !defined($vv)
833 or (
834 ref($vv) eq 'HASH'
835 and exists $vv->{-value}
836 and not defined $vv->{-value}
837 )
838 ) {
839 my $op = join ' ', split '_', $vk;
840 my $is =
841 $op =~ /^not$/i ? 'is not' # legacy
842 : $op =~ $self->{equality_op} ? 'is'
843 : $op =~ $self->{like_op} ? belch("Supplying an undefined argument to '@{[ uc $op]}' is deprecated") && 'is'
844 : $op =~ $self->{inequality_op} ? 'is not'
845 : $op =~ $self->{not_like_op} ? belch("Supplying an undefined argument to '@{[ uc $op]}' is deprecated") && 'is not'
846 : puke "unexpected operator '$op' with undef operand";
847 return +{ -op => [ $is.' null', { -ident => $k } ] };
848 }
849 local our $Cur_Col_Meta = $k;
850 return +{ -op => [
851 $vk,
852 { -ident => $k },
853 $self->_expand_expr($vv)
854 ] };
855 }
856 if (ref($v) eq 'ARRAY') {
e175845b 857 return $self->sqlfalse unless @$v;
99a65fa8 858 $self->_debug("ARRAY($k) means distribute over elements");
859 my $this_logic = (
860 $v->[0] =~ /^-((?:and|or))$/i
861 ? ($v = [ @{$v}[1..$#$v] ], $1)
862 : ($self->{logic} || 'or')
863 );
cba28f66 864 return +{ -op => [
865 $this_logic,
866 map $self->_expand_expr({ $k => $_ }, $this_logic), @$v
867 ] };
99a65fa8 868 }
869 if (my $literal = is_literal_value($v)) {
870 unless (length $k) {
871 belch 'Hash-pairs consisting of an empty string with a literal are deprecated, and will be removed in 2.0: use -and => [ $literal ] instead';
872 return \$literal;
873 }
874 my ($sql, @bind) = @$literal;
875 if ($self->{bindtype} eq 'columns') {
876 for (@bind) {
6fb2bd90 877 $self->_assert_bindval_matches_bindtype($_);
aa8d7bdb 878 }
331e2209 879 }
99a65fa8 880 return +{ -literal => [ $self->_quote($k).' '.$sql, @bind ] };
331e2209 881 }
99a65fa8 882 die "notreached";
59588695 883}
884
e175845b 885sub _render_expr {
886 my ($self, $expr) = @_;
887 my ($k, $v, @rest) = %$expr;
888 die "No" if @rest;
b07681b1 889 if (my $meth = $self->{node_types}{$k}) {
181dcebf 890 return $self->$meth($v);
e175845b 891 }
892 die "notreached: $k";
893}
894
96449e8e 895sub _recurse_where {
896 my ($self, $where, $logic) = @_;
897
5492d4c2 898 # Special case: top level simple string treated as literal
899
900 my $where_exp = (ref($where)
901 ? $self->_expand_expr($where, $logic)
902 : { -literal => [ $where ] });
e175845b 903
e3e27543 904 # dispatch expanded expression
311b2151 905
e175845b 906 my ($sql, @bind) = defined($where_exp) ? $self->_render_expr($where_exp) : (undef);
abe1a491 907 # DBIx::Class used to call _recurse_where in scalar context
908 # something else might too...
909 if (wantarray) {
910 return ($sql, @bind);
911 }
912 else {
913 belch "Calling _recurse_where in scalar context is deprecated and will go away before 2.0";
914 return $sql;
915 }
96449e8e 916}
917
181dcebf 918sub _render_ident {
919 my ($self, $ident) = @_;
cc422895 920
9cf28dfb 921 return $self->_convert($self->_quote($ident));
cc422895 922}
923
c452734e 924my %unop_postfix = map +($_ => 1),
925 'is null', 'is not null',
926 'asc', 'desc',
927;
d13725da 928
b5b18861 929my %special = (
930 (map +($_ => do {
931 my $op = $_;
932 sub {
933 my ($self, $args) = @_;
934 my ($left, $low, $high) = @$args;
935 my ($rhsql, @rhbind) = do {
936 if (@$args == 2) {
937 puke "Single arg to between must be a literal"
938 unless $low->{-literal};
939 @{$low->{-literal}}
940 } else {
e56dd780 941 my ($l, $h) = map [ $self->_render_expr($_) ], $low, $high;
b5b18861 942 (join(' ', $l->[0], $self->_sqlcase('and'), $h->[0]),
943 @{$l}[1..$#$l], @{$h}[1..$#$h])
944 }
945 };
e56dd780 946 my ($lhsql, @lhbind) = $self->_render_expr($left);
b5b18861 947 return (
948 join(' ', '(', $lhsql, $self->_sqlcase($op), $rhsql, ')'),
949 @lhbind, @rhbind
950 );
951 }
952 }), 'between', 'not between'),
10d07c4e 953 (map +($_ => do {
954 my $op = $_;
955 sub {
956 my ($self, $args) = @_;
957 my ($lhs, $rhs) = @$args;
958 my @in_bind;
959 my @in_sql = map {
0ce981f8 960 my ($sql, @bind) = $self->_render_expr($_);
10d07c4e 961 push @in_bind, @bind;
962 $sql;
963 } @$rhs;
0ce981f8 964 my ($lhsql, @lbind) = $self->_render_expr($lhs);
10d07c4e 965 return (
966 $lhsql.' '.$self->_sqlcase($op).' ( '
967 .join(', ', @in_sql)
968 .' )',
969 @lbind, @in_bind
970 );
971 }
972 }), 'in', 'not in'),
b5b18861 973);
974
181dcebf 975sub _render_op {
976 my ($self, $v) = @_;
d13725da 977 my ($op, @args) = @$v;
978 $op =~ s/^-// if length($op) > 1;
cba28f66 979 $op = lc($op);
b5b18861 980 if (my $h = $special{$op}) {
981 return $self->$h(\@args);
982 }
3ae10d16 983 my $us = List::Util::first { $op =~ $_->{regex} } @{$self->{special_ops}};
984 if ($us and @args > 1) {
99a65fa8 985 puke "Special op '${op}' requires first value to be identifier"
986 unless my ($k) = map $_->{-ident}, grep ref($_) eq 'HASH', $args[0];
dd1d0dbf 987 local our $Expand_Depth = 1;
99a65fa8 988 return $self->${\($us->{handler})}($k, $op, $args[1]);
989 }
96a8d74a 990 if (my $us = List::Util::first { $op =~ $_->{regex} } @{$self->{unary_ops}}) {
991 return $self->${\($us->{handler})}($op, $args[0]);
992 }
99a65fa8 993 my $final_op = $op =~ /^(?:is|not)_/ ? join(' ', split '_', $op) : $op;
2143604f 994 if (@args == 1 and $op !~ /^(and|or)$/) {
ec857800 995 my ($expr_sql, @bind) = $self->_render_expr($args[0]);
d13725da 996 my $op_sql = $self->_sqlcase($final_op);
997 my $final_sql = (
998 $unop_postfix{lc($final_op)}
999 ? "${expr_sql} ${op_sql}"
1000 : "${op_sql} ${expr_sql}"
1001 );
3ae10d16 1002 return (($op eq 'not' || $us ? '('.$final_sql.')' : $final_sql), @bind);
1c0c0f41 1003 #} elsif (@args == 0) {
1004 # return '';
16d9289c 1005 } else {
1c0c0f41 1006 my @parts = grep length($_->[0]), map [ $self->_render_expr($_) ], @args;
1007 return '' unless @parts;
230812fc 1008 my $is_andor = !!($op =~ /^(and|or)$/);
1009 return @{$parts[0]} if $is_andor and @parts == 1;
1010 my ($final_sql) = map +($is_andor ? "( ${_} )" : $_), join(
352d74bc 1011 ' '.$self->_sqlcase($final_op).' ',
77617257 1012 map $_->[0], @parts
1013 );
99a65fa8 1014 return (
77617257 1015 $final_sql,
16d9289c 1016 map @{$_}[1..$#$_], @parts
99a65fa8 1017 );
d13725da 1018 }
1019 die "unhandled";
1020}
1021
352d74bc 1022sub _render_list {
1023 my ($self, $list) = @_;
1024 my @parts = grep length($_->[0]), map [ $self->_render_expr($_) ], @$list;
1025 return join(', ', map $_->[0], @parts), map @{$_}[1..$#$_], @parts;
1026}
1027
181dcebf 1028sub _render_func {
1029 my ($self, $rest) = @_;
711892b1 1030 my ($func, @args) = @$rest;
1031 my @arg_sql;
1032 my @bind = map {
1033 my @x = @$_;
1034 push @arg_sql, shift @x;
1035 @x
0f199fce 1036 } map [ $self->_render_expr($_) ], @args;
711892b1 1037 return ($self->_sqlcase($func).'('.join(', ', @arg_sql).')', @bind);
1038}
1039
181dcebf 1040sub _render_bind {
1041 my ($self, $bind) = @_;
d13725da 1042 return ($self->_convert('?'), $self->_bindtype(@$bind));
1043}
1044
181dcebf 1045sub _render_literal {
1046 my ($self, $literal) = @_;
465d43fd 1047 $self->_assert_bindval_matches_bindtype(@{$literal}[1..$#$literal]);
aa8d7bdb 1048 return @$literal;
1049}
1050
4a1f01a3 1051# Some databases (SQLite) treat col IN (1, 2) different from
1052# col IN ( (1, 2) ). Use this to strip all outer parens while
1053# adding them back in the corresponding method
1054sub _open_outer_paren {
1055 my ($self, $sql) = @_;
a5f91feb 1056
ca4f826a 1057 while (my ($inner) = $sql =~ /^ \s* \( (.*) \) \s* $/xs) {
a5f91feb 1058
1059 # there are closing parens inside, need the heavy duty machinery
1060 # to reevaluate the extraction starting from $sql (full reevaluation)
ca4f826a 1061 if ($inner =~ /\)/) {
a5f91feb 1062 require Text::Balanced;
1063
1064 my (undef, $remainder) = do {
1065 # idiotic design - writes to $@ but *DOES NOT* throw exceptions
1066 local $@;
ca4f826a 1067 Text::Balanced::extract_bracketed($sql, '()', qr/\s*/);
a5f91feb 1068 };
1069
1070 # the entire expression needs to be a balanced bracketed thing
1071 # (after an extract no remainder sans trailing space)
1072 last if defined $remainder and $remainder =~ /\S/;
1073 }
1074
1075 $sql = $inner;
1076 }
1077
1078 $sql;
4a1f01a3 1079}
1080
96449e8e 1081
96449e8e 1082#======================================================================
1083# ORDER BY
1084#======================================================================
1085
33177570 1086sub _expand_order_by {
96449e8e 1087 my ($self, $arg) = @_;
1088
33177570 1089 return unless defined($arg) and not (ref($arg) eq 'ARRAY' and !@$arg);
2b6158af 1090
4325df6a 1091 my $expander = sub {
1092 my ($self, $dir, $expr) = @_;
52ca537e 1093 my @to_expand = ref($expr) eq 'ARRAY' ? @$expr : $expr;
1094 foreach my $arg (@to_expand) {
1095 if (
1096 ref($arg) eq 'HASH'
1097 and keys %$arg > 1
1098 and grep /^-(asc|desc)$/, keys %$arg
1099 ) {
1100 puke "ordering direction hash passed to order by must have exactly one key (-asc or -desc)";
1101 }
1102 }
4325df6a 1103 my @exp = map +(defined($dir) ? { -op => [ $dir => $_ ] } : $_),
74156ee9 1104 map $self->_expand_expr($_, undef, -ident),
1105 map ref($_) eq 'ARRAY' ? @$_ : $_, @to_expand;
352d74bc 1106 return (@exp > 1 ? { -list => \@exp } : $exp[0]);
4325df6a 1107 };
18c743c8 1108
ec19b759 1109 local @{$self->{expand_unary}}{qw(-asc -desc)} = (
1110 sub { shift->$expander(asc => @_) },
1111 sub { shift->$expander(desc => @_) },
1112 );
f267b646 1113
33177570 1114 return $self->$expander(undef, $arg);
1115}
1116
1117sub _order_by {
1118 my ($self, $arg) = @_;
1119
1120 return '' unless defined(my $expanded = $self->_expand_order_by($arg));
4325df6a 1121
1122 my ($sql, @bind) = $self->_render_expr($expanded);
1123
13cd9220 1124 return '' unless length($sql);
1125
4325df6a 1126 my $final_sql = $self->_sqlcase(' order by ').$sql;
1127
1128 return wantarray ? ($final_sql, @bind) : $final_sql;
f267b646 1129}
1130
2e3cc357 1131# _order_by no longer needs to call this so doesn't but DBIC uses it.
1132
33177570 1133sub _order_by_chunks {
1134 my ($self, $arg) = @_;
1135
1136 return () unless defined(my $expanded = $self->_expand_order_by($arg));
1137
2e3cc357 1138 return $self->_chunkify_order_by($expanded);
1139}
1140
1141sub _chunkify_order_by {
1142 my ($self, $expanded) = @_;
1b630cfe 1143
dd1d0dbf 1144 return grep length, $self->_render_expr($expanded)
1b630cfe 1145 if $expanded->{-ident} or @{$expanded->{-literal}||[]} == 1;
1146
33177570 1147 for ($expanded) {
352d74bc 1148 if (ref() eq 'HASH' and my $l = $_->{-list}) {
1149 return map $self->_chunkify_order_by($_), @$l;
33177570 1150 }
1151 return [ $self->_render_expr($_) ];
1152 }
1153}
1154
96449e8e 1155#======================================================================
1156# DATASOURCE (FOR NOW, JUST PLAIN TABLE OR LIST OF TABLES)
1157#======================================================================
1158
1159sub _table {
1160 my $self = shift;
1161 my $from = shift;
7ad12721 1162 ($self->_render_expr(
8476c6a3 1163 $self->_expand_maybe_list_expr($from, undef, -ident)
7ad12721 1164 ))[0];
96449e8e 1165}
1166
1167
1168#======================================================================
1169# UTILITY FUNCTIONS
1170#======================================================================
1171
8476c6a3 1172sub _expand_maybe_list_expr {
1173 my ($self, $expr, $logic, $default) = @_;
bba04f52 1174 my $e = do {
1175 if (ref($expr) eq 'ARRAY') {
352d74bc 1176 return { -list => [
1177 map $self->_expand_expr($_, $logic, $default), @$expr
bba04f52 1178 ] } if @$expr > 1;
1179 $expr->[0]
1180 } else {
1181 $expr
1182 }
1183 };
1184 return $self->_expand_expr($e, $logic, $default);
8476c6a3 1185}
1186
955e77ca 1187# highly optimized, as it's called way too often
96449e8e 1188sub _quote {
955e77ca 1189 # my ($self, $label) = @_;
96449e8e 1190
955e77ca 1191 return '' unless defined $_[1];
955e77ca 1192 return ${$_[1]} if ref($_[1]) eq 'SCALAR';
d3162b5c 1193 puke 'Identifier cannot be hashref' if ref($_[1]) eq 'HASH';
96449e8e 1194
d3162b5c 1195 unless ($_[0]->{quote_char}) {
1196 if (ref($_[1]) eq 'ARRAY') {
1197 return join($_[0]->{name_sep}||'.', @{$_[1]});
1198 } else {
1199 $_[0]->_assert_pass_injection_guard($_[1]);
1200 return $_[1];
1201 }
1202 }
96449e8e 1203
07d7c35c 1204 my $qref = ref $_[0]->{quote_char};
439834d3 1205 my ($l, $r) =
1206 !$qref ? ($_[0]->{quote_char}, $_[0]->{quote_char})
1207 : ($qref eq 'ARRAY') ? @{$_[0]->{quote_char}}
1208 : puke "Unsupported quote_char format: $_[0]->{quote_char}";
1209
46be4313 1210 my $esc = $_[0]->{escape_char} || $r;
96449e8e 1211
07d7c35c 1212 # parts containing * are naturally unquoted
d3162b5c 1213 return join(
1214 $_[0]->{name_sep}||'',
1215 map +(
1216 $_ eq '*'
1217 ? $_
1218 : do { (my $n = $_) =~ s/(\Q$esc\E|\Q$r\E)/$esc$1/g; $l . $n . $r }
1219 ),
1220 (ref($_[1]) eq 'ARRAY'
1221 ? @{$_[1]}
1222 : (
1223 $_[0]->{name_sep}
1224 ? split (/\Q$_[0]->{name_sep}\E/, $_[1] )
1225 : $_[1]
1226 )
1227 )
955e77ca 1228 );
96449e8e 1229}
1230
1231
1232# Conversion, if applicable
d7c862e0 1233sub _convert {
07d7c35c 1234 #my ($self, $arg) = @_;
7ad12721 1235 if ($_[0]->{convert_where}) {
1236 return $_[0]->_sqlcase($_[0]->{convert_where}) .'(' . $_[1] . ')';
96449e8e 1237 }
07d7c35c 1238 return $_[1];
96449e8e 1239}
1240
1241# And bindtype
d7c862e0 1242sub _bindtype {
07d7c35c 1243 #my ($self, $col, @vals) = @_;
07d7c35c 1244 # called often - tighten code
1245 return $_[0]->{bindtype} eq 'columns'
1246 ? map {[$_[1], $_]} @_[2 .. $#_]
1247 : @_[2 .. $#_]
1248 ;
96449e8e 1249}
1250
fe3ae272 1251# Dies if any element of @bind is not in [colname => value] format
1252# if bindtype is 'columns'.
1253sub _assert_bindval_matches_bindtype {
c94a6c93 1254# my ($self, @bind) = @_;
1255 my $self = shift;
fe3ae272 1256 if ($self->{bindtype} eq 'columns') {
c94a6c93 1257 for (@_) {
1258 if (!defined $_ || ref($_) ne 'ARRAY' || @$_ != 2) {
3a06278c 1259 puke "bindtype 'columns' selected, you need to pass: [column_name => bind_value]"
fe3ae272 1260 }
1261 }
1262 }
1263}
1264
96449e8e 1265sub _join_sql_clauses {
1266 my ($self, $logic, $clauses_aref, $bind_aref) = @_;
1267
1268 if (@$clauses_aref > 1) {
1269 my $join = " " . $self->_sqlcase($logic) . " ";
1270 my $sql = '( ' . join($join, @$clauses_aref) . ' )';
1271 return ($sql, @$bind_aref);
1272 }
1273 elsif (@$clauses_aref) {
1274 return ($clauses_aref->[0], @$bind_aref); # no parentheses
1275 }
1276 else {
1277 return (); # if no SQL, ignore @$bind_aref
1278 }
1279}
1280
1281
1282# Fix SQL case, if so requested
1283sub _sqlcase {
96449e8e 1284 # LDNOTE: if $self->{case} is true, then it contains 'lower', so we
1285 # don't touch the argument ... crooked logic, but let's not change it!
07d7c35c 1286 return $_[0]->{case} ? $_[1] : uc($_[1]);
96449e8e 1287}
1288
1289
1290#======================================================================
1291# DISPATCHING FROM REFKIND
1292#======================================================================
1293
1294sub _refkind {
1295 my ($self, $data) = @_;
96449e8e 1296
955e77ca 1297 return 'UNDEF' unless defined $data;
1298
1299 # blessed objects are treated like scalars
1300 my $ref = (Scalar::Util::blessed $data) ? '' : ref $data;
1301
1302 return 'SCALAR' unless $ref;
1303
1304 my $n_steps = 1;
1305 while ($ref eq 'REF') {
96449e8e 1306 $data = $$data;
955e77ca 1307 $ref = (Scalar::Util::blessed $data) ? '' : ref $data;
1308 $n_steps++ if $ref;
96449e8e 1309 }
1310
848556bc 1311 return ($ref||'SCALAR') . ('REF' x $n_steps);
96449e8e 1312}
1313
1314sub _try_refkind {
1315 my ($self, $data) = @_;
1316 my @try = ($self->_refkind($data));
1317 push @try, 'SCALAR_or_UNDEF' if $try[0] eq 'SCALAR' || $try[0] eq 'UNDEF';
1318 push @try, 'FALLBACK';
955e77ca 1319 return \@try;
96449e8e 1320}
1321
1322sub _METHOD_FOR_refkind {
1323 my ($self, $meth_prefix, $data) = @_;
f39eaa60 1324
1325 my $method;
955e77ca 1326 for (@{$self->_try_refkind($data)}) {
f39eaa60 1327 $method = $self->can($meth_prefix."_".$_)
1328 and last;
1329 }
1330
1331 return $method || puke "cannot dispatch on '$meth_prefix' for ".$self->_refkind($data);
96449e8e 1332}
1333
1334
1335sub _SWITCH_refkind {
1336 my ($self, $data, $dispatch_table) = @_;
1337
f39eaa60 1338 my $coderef;
955e77ca 1339 for (@{$self->_try_refkind($data)}) {
f39eaa60 1340 $coderef = $dispatch_table->{$_}
1341 and last;
1342 }
1343
1344 puke "no dispatch entry for ".$self->_refkind($data)
1345 unless $coderef;
1346
96449e8e 1347 $coderef->();
1348}
1349
1350
1351
1352
1353#======================================================================
1354# VALUES, GENERATE, AUTOLOAD
1355#======================================================================
1356
1357# LDNOTE: original code from nwiger, didn't touch code in that section
1358# I feel the AUTOLOAD stuff should not be the default, it should
1359# only be activated on explicit demand by user.
1360
1361sub values {
1362 my $self = shift;
1363 my $data = shift || return;
1364 puke "Argument to ", __PACKAGE__, "->values must be a \\%hash"
1365 unless ref $data eq 'HASH';
bab725ce 1366
1367 my @all_bind;
ca4f826a 1368 foreach my $k (sort keys %$data) {
bab725ce 1369 my $v = $data->{$k};
1370 $self->_SWITCH_refkind($v, {
9d48860e 1371 ARRAYREF => sub {
bab725ce 1372 if ($self->{array_datatypes}) { # array datatype
1373 push @all_bind, $self->_bindtype($k, $v);
1374 }
1375 else { # literal SQL with bind
1376 my ($sql, @bind) = @$v;
1377 $self->_assert_bindval_matches_bindtype(@bind);
1378 push @all_bind, @bind;
1379 }
1380 },
1381 ARRAYREFREF => sub { # literal SQL with bind
1382 my ($sql, @bind) = @${$v};
1383 $self->_assert_bindval_matches_bindtype(@bind);
1384 push @all_bind, @bind;
1385 },
1386 SCALARREF => sub { # literal SQL without bind
1387 },
1388 SCALAR_or_UNDEF => sub {
1389 push @all_bind, $self->_bindtype($k, $v);
1390 },
1391 });
1392 }
1393
1394 return @all_bind;
96449e8e 1395}
1396
1397sub generate {
1398 my $self = shift;
1399
1400 my(@sql, @sqlq, @sqlv);
1401
1402 for (@_) {
1403 my $ref = ref $_;
1404 if ($ref eq 'HASH') {
1405 for my $k (sort keys %$_) {
1406 my $v = $_->{$k};
1407 my $r = ref $v;
1408 my $label = $self->_quote($k);
1409 if ($r eq 'ARRAY') {
fe3ae272 1410 # literal SQL with bind
1411 my ($sql, @bind) = @$v;
1412 $self->_assert_bindval_matches_bindtype(@bind);
96449e8e 1413 push @sqlq, "$label = $sql";
fe3ae272 1414 push @sqlv, @bind;
96449e8e 1415 } elsif ($r eq 'SCALAR') {
fe3ae272 1416 # literal SQL without bind
96449e8e 1417 push @sqlq, "$label = $$v";
9d48860e 1418 } else {
96449e8e 1419 push @sqlq, "$label = ?";
1420 push @sqlv, $self->_bindtype($k, $v);
1421 }
1422 }
1423 push @sql, $self->_sqlcase('set'), join ', ', @sqlq;
1424 } elsif ($ref eq 'ARRAY') {
1425 # unlike insert(), assume these are ONLY the column names, i.e. for SQL
1426 for my $v (@$_) {
1427 my $r = ref $v;
fe3ae272 1428 if ($r eq 'ARRAY') { # literal SQL with bind
1429 my ($sql, @bind) = @$v;
1430 $self->_assert_bindval_matches_bindtype(@bind);
1431 push @sqlq, $sql;
1432 push @sqlv, @bind;
1433 } elsif ($r eq 'SCALAR') { # literal SQL without bind
96449e8e 1434 # embedded literal SQL
1435 push @sqlq, $$v;
9d48860e 1436 } else {
96449e8e 1437 push @sqlq, '?';
1438 push @sqlv, $v;
1439 }
1440 }
1441 push @sql, '(' . join(', ', @sqlq) . ')';
1442 } elsif ($ref eq 'SCALAR') {
1443 # literal SQL
1444 push @sql, $$_;
1445 } else {
1446 # strings get case twiddled
1447 push @sql, $self->_sqlcase($_);
1448 }
1449 }
1450
1451 my $sql = join ' ', @sql;
1452
1453 # this is pretty tricky
1454 # if ask for an array, return ($stmt, @bind)
1455 # otherwise, s/?/shift @sqlv/ to put it inline
1456 if (wantarray) {
1457 return ($sql, @sqlv);
1458 } else {
1459 1 while $sql =~ s/\?/my $d = shift(@sqlv);
1460 ref $d ? $d->[1] : $d/e;
1461 return $sql;
1462 }
1463}
1464
1465
1466sub DESTROY { 1 }
1467
1468sub AUTOLOAD {
1469 # This allows us to check for a local, then _form, attr
1470 my $self = shift;
1471 my($name) = $AUTOLOAD =~ /.*::(.+)/;
1472 return $self->generate($name, @_);
1473}
1474
14751;
1476
1477
1478
1479__END__
32eab2da 1480
1481=head1 NAME
1482
1483SQL::Abstract - Generate SQL from Perl data structures
1484
1485=head1 SYNOPSIS
1486
1487 use SQL::Abstract;
1488
1489 my $sql = SQL::Abstract->new;
1490
85783f3c 1491 my($stmt, @bind) = $sql->select($source, \@fields, \%where, $order);
32eab2da 1492
1493 my($stmt, @bind) = $sql->insert($table, \%fieldvals || \@values);
1494
1495 my($stmt, @bind) = $sql->update($table, \%fieldvals, \%where);
1496
1497 my($stmt, @bind) = $sql->delete($table, \%where);
1498
1499 # Then, use these in your DBI statements
1500 my $sth = $dbh->prepare($stmt);
1501 $sth->execute(@bind);
1502
1503 # Just generate the WHERE clause
85783f3c 1504 my($stmt, @bind) = $sql->where(\%where, $order);
32eab2da 1505
1506 # Return values in the same order, for hashed queries
1507 # See PERFORMANCE section for more details
1508 my @bind = $sql->values(\%fieldvals);
1509
1510=head1 DESCRIPTION
1511
1512This module was inspired by the excellent L<DBIx::Abstract>.
1513However, in using that module I found that what I really wanted
1514to do was generate SQL, but still retain complete control over my
1515statement handles and use the DBI interface. So, I set out to
1516create an abstract SQL generation module.
1517
1518While based on the concepts used by L<DBIx::Abstract>, there are
1519several important differences, especially when it comes to WHERE
1520clauses. I have modified the concepts used to make the SQL easier
1521to generate from Perl data structures and, IMO, more intuitive.
1522The underlying idea is for this module to do what you mean, based
1523on the data structures you provide it. The big advantage is that
1524you don't have to modify your code every time your data changes,
1525as this module figures it out.
1526
1527To begin with, an SQL INSERT is as easy as just specifying a hash
1528of C<key=value> pairs:
1529
1530 my %data = (
1531 name => 'Jimbo Bobson',
1532 phone => '123-456-7890',
1533 address => '42 Sister Lane',
1534 city => 'St. Louis',
1535 state => 'Louisiana',
1536 );
1537
1538The SQL can then be generated with this:
1539
1540 my($stmt, @bind) = $sql->insert('people', \%data);
1541
1542Which would give you something like this:
1543
1544 $stmt = "INSERT INTO people
1545 (address, city, name, phone, state)
1546 VALUES (?, ?, ?, ?, ?)";
1547 @bind = ('42 Sister Lane', 'St. Louis', 'Jimbo Bobson',
1548 '123-456-7890', 'Louisiana');
1549
1550These are then used directly in your DBI code:
1551
1552 my $sth = $dbh->prepare($stmt);
1553 $sth->execute(@bind);
1554
96449e8e 1555=head2 Inserting and Updating Arrays
1556
1557If your database has array types (like for example Postgres),
1558activate the special option C<< array_datatypes => 1 >>
9d48860e 1559when creating the C<SQL::Abstract> object.
96449e8e 1560Then you may use an arrayref to insert and update database array types:
1561
1562 my $sql = SQL::Abstract->new(array_datatypes => 1);
1563 my %data = (
1564 planets => [qw/Mercury Venus Earth Mars/]
1565 );
9d48860e 1566
96449e8e 1567 my($stmt, @bind) = $sql->insert('solar_system', \%data);
1568
1569This results in:
1570
1571 $stmt = "INSERT INTO solar_system (planets) VALUES (?)"
1572
1573 @bind = (['Mercury', 'Venus', 'Earth', 'Mars']);
1574
1575
1576=head2 Inserting and Updating SQL
1577
1578In order to apply SQL functions to elements of your C<%data> you may
1579specify a reference to an arrayref for the given hash value. For example,
1580if you need to execute the Oracle C<to_date> function on a value, you can
1581say something like this:
32eab2da 1582
1583 my %data = (
1584 name => 'Bill',
3ae1c5e2 1585 date_entered => \[ "to_date(?,'MM/DD/YYYY')", "03/02/2003" ],
9d48860e 1586 );
32eab2da 1587
1588The first value in the array is the actual SQL. Any other values are
1589optional and would be included in the bind values array. This gives
1590you:
1591
1592 my($stmt, @bind) = $sql->insert('people', \%data);
1593
9d48860e 1594 $stmt = "INSERT INTO people (name, date_entered)
32eab2da 1595 VALUES (?, to_date(?,'MM/DD/YYYY'))";
1596 @bind = ('Bill', '03/02/2003');
1597
1598An UPDATE is just as easy, all you change is the name of the function:
1599
1600 my($stmt, @bind) = $sql->update('people', \%data);
1601
1602Notice that your C<%data> isn't touched; the module will generate
1603the appropriately quirky SQL for you automatically. Usually you'll
1604want to specify a WHERE clause for your UPDATE, though, which is
1605where handling C<%where> hashes comes in handy...
1606
96449e8e 1607=head2 Complex where statements
1608
32eab2da 1609This module can generate pretty complicated WHERE statements
1610easily. For example, simple C<key=value> pairs are taken to mean
1611equality, and if you want to see if a field is within a set
1612of values, you can use an arrayref. Let's say we wanted to
1613SELECT some data based on this criteria:
1614
1615 my %where = (
1616 requestor => 'inna',
1617 worker => ['nwiger', 'rcwe', 'sfz'],
1618 status => { '!=', 'completed' }
1619 );
1620
1621 my($stmt, @bind) = $sql->select('tickets', '*', \%where);
1622
1623The above would give you something like this:
1624
1625 $stmt = "SELECT * FROM tickets WHERE
1626 ( requestor = ? ) AND ( status != ? )
1627 AND ( worker = ? OR worker = ? OR worker = ? )";
1628 @bind = ('inna', 'completed', 'nwiger', 'rcwe', 'sfz');
1629
1630Which you could then use in DBI code like so:
1631
1632 my $sth = $dbh->prepare($stmt);
1633 $sth->execute(@bind);
1634
1635Easy, eh?
1636
0da0fe34 1637=head1 METHODS
32eab2da 1638
13cc86af 1639The methods are simple. There's one for every major SQL operation,
32eab2da 1640and a constructor you use first. The arguments are specified in a
13cc86af 1641similar order for each method (table, then fields, then a where
32eab2da 1642clause) to try and simplify things.
1643
32eab2da 1644=head2 new(option => 'value')
1645
1646The C<new()> function takes a list of options and values, and returns
1647a new B<SQL::Abstract> object which can then be used to generate SQL
1648through the methods below. The options accepted are:
1649
1650=over
1651
1652=item case
1653
1654If set to 'lower', then SQL will be generated in all lowercase. By
1655default SQL is generated in "textbook" case meaning something like:
1656
1657 SELECT a_field FROM a_table WHERE some_field LIKE '%someval%'
1658
96449e8e 1659Any setting other than 'lower' is ignored.
1660
32eab2da 1661=item cmp
1662
1663This determines what the default comparison operator is. By default
1664it is C<=>, meaning that a hash like this:
1665
1666 %where = (name => 'nwiger', email => 'nate@wiger.org');
1667
1668Will generate SQL like this:
1669
1670 WHERE name = 'nwiger' AND email = 'nate@wiger.org'
1671
1672However, you may want loose comparisons by default, so if you set
1673C<cmp> to C<like> you would get SQL such as:
1674
1675 WHERE name like 'nwiger' AND email like 'nate@wiger.org'
1676
3af02ccb 1677You can also override the comparison on an individual basis - see
32eab2da 1678the huge section on L</"WHERE CLAUSES"> at the bottom.
1679
96449e8e 1680=item sqltrue, sqlfalse
1681
1682Expressions for inserting boolean values within SQL statements.
6e0c6552 1683By default these are C<1=1> and C<1=0>. They are used
1684by the special operators C<-in> and C<-not_in> for generating
1685correct SQL even when the argument is an empty array (see below).
96449e8e 1686
32eab2da 1687=item logic
1688
1689This determines the default logical operator for multiple WHERE
7cac25e6 1690statements in arrays or hashes. If absent, the default logic is "or"
1691for arrays, and "and" for hashes. This means that a WHERE
32eab2da 1692array of the form:
1693
1694 @where = (
9d48860e 1695 event_date => {'>=', '2/13/99'},
1696 event_date => {'<=', '4/24/03'},
32eab2da 1697 );
1698
7cac25e6 1699will generate SQL like this:
32eab2da 1700
1701 WHERE event_date >= '2/13/99' OR event_date <= '4/24/03'
1702
1703This is probably not what you want given this query, though (look
1704at the dates). To change the "OR" to an "AND", simply specify:
1705
1706 my $sql = SQL::Abstract->new(logic => 'and');
1707
1708Which will change the above C<WHERE> to:
1709
1710 WHERE event_date >= '2/13/99' AND event_date <= '4/24/03'
1711
96449e8e 1712The logic can also be changed locally by inserting
be21dde3 1713a modifier in front of an arrayref:
96449e8e 1714
9d48860e 1715 @where = (-and => [event_date => {'>=', '2/13/99'},
7cac25e6 1716 event_date => {'<=', '4/24/03'} ]);
96449e8e 1717
1718See the L</"WHERE CLAUSES"> section for explanations.
1719
32eab2da 1720=item convert
1721
1722This will automatically convert comparisons using the specified SQL
1723function for both column and value. This is mostly used with an argument
1724of C<upper> or C<lower>, so that the SQL will have the effect of
1725case-insensitive "searches". For example, this:
1726
1727 $sql = SQL::Abstract->new(convert => 'upper');
1728 %where = (keywords => 'MaKe iT CAse inSeNSItive');
1729
1730Will turn out the following SQL:
1731
1732 WHERE upper(keywords) like upper('MaKe iT CAse inSeNSItive')
1733
1734The conversion can be C<upper()>, C<lower()>, or any other SQL function
1735that can be applied symmetrically to fields (actually B<SQL::Abstract> does
1736not validate this option; it will just pass through what you specify verbatim).
1737
1738=item bindtype
1739
1740This is a kludge because many databases suck. For example, you can't
1741just bind values using DBI's C<execute()> for Oracle C<CLOB> or C<BLOB> fields.
1742Instead, you have to use C<bind_param()>:
1743
1744 $sth->bind_param(1, 'reg data');
1745 $sth->bind_param(2, $lots, {ora_type => ORA_CLOB});
1746
1747The problem is, B<SQL::Abstract> will normally just return a C<@bind> array,
1748which loses track of which field each slot refers to. Fear not.
1749
1750If you specify C<bindtype> in new, you can determine how C<@bind> is returned.
1751Currently, you can specify either C<normal> (default) or C<columns>. If you
1752specify C<columns>, you will get an array that looks like this:
1753
1754 my $sql = SQL::Abstract->new(bindtype => 'columns');
1755 my($stmt, @bind) = $sql->insert(...);
1756
1757 @bind = (
1758 [ 'column1', 'value1' ],
1759 [ 'column2', 'value2' ],
1760 [ 'column3', 'value3' ],
1761 );
1762
1763You can then iterate through this manually, using DBI's C<bind_param()>.
e3f9dff4 1764
32eab2da 1765 $sth->prepare($stmt);
1766 my $i = 1;
1767 for (@bind) {
1768 my($col, $data) = @$_;
1769 if ($col eq 'details' || $col eq 'comments') {
1770 $sth->bind_param($i, $data, {ora_type => ORA_CLOB});
1771 } elsif ($col eq 'image') {
1772 $sth->bind_param($i, $data, {ora_type => ORA_BLOB});
1773 } else {
1774 $sth->bind_param($i, $data);
1775 }
1776 $i++;
1777 }
1778 $sth->execute; # execute without @bind now
1779
1780Now, why would you still use B<SQL::Abstract> if you have to do this crap?
1781Basically, the advantage is still that you don't have to care which fields
1782are or are not included. You could wrap that above C<for> loop in a simple
1783sub called C<bind_fields()> or something and reuse it repeatedly. You still
1784get a layer of abstraction over manual SQL specification.
1785
3ae1c5e2 1786Note that if you set L</bindtype> to C<columns>, the C<\[ $sql, @bind ]>
deb148a2 1787construct (see L</Literal SQL with placeholders and bind values (subqueries)>)
1788will expect the bind values in this format.
1789
32eab2da 1790=item quote_char
1791
1792This is the character that a table or column name will be quoted
9d48860e 1793with. By default this is an empty string, but you could set it to
32eab2da 1794the character C<`>, to generate SQL like this:
1795
1796 SELECT `a_field` FROM `a_table` WHERE `some_field` LIKE '%someval%'
1797
96449e8e 1798Alternatively, you can supply an array ref of two items, the first being the left
1799hand quote character, and the second the right hand quote character. For
1800example, you could supply C<['[',']']> for SQL Server 2000 compliant quotes
1801that generates SQL like this:
1802
1803 SELECT [a_field] FROM [a_table] WHERE [some_field] LIKE '%someval%'
1804
9d48860e 1805Quoting is useful if you have tables or columns names that are reserved
96449e8e 1806words in your database's SQL dialect.
32eab2da 1807
46be4313 1808=item escape_char
1809
1810This is the character that will be used to escape L</quote_char>s appearing
1811in an identifier before it has been quoted.
1812
80790166 1813The parameter default in case of a single L</quote_char> character is the quote
46be4313 1814character itself.
1815
1816When opening-closing-style quoting is used (L</quote_char> is an arrayref)
9de2bd86 1817this parameter defaults to the B<closing (right)> L</quote_char>. Occurrences
46be4313 1818of the B<opening (left)> L</quote_char> within the identifier are currently left
1819untouched. The default for opening-closing-style quotes may change in future
1820versions, thus you are B<strongly encouraged> to specify the escape character
1821explicitly.
1822
32eab2da 1823=item name_sep
1824
1825This is the character that separates a table and column name. It is
1826necessary to specify this when the C<quote_char> option is selected,
1827so that tables and column names can be individually quoted like this:
1828
1829 SELECT `table`.`one_field` FROM `table` WHERE `table`.`other_field` = 1
1830
b6251592 1831=item injection_guard
1832
1833A regular expression C<qr/.../> that is applied to any C<-function> and unquoted
1834column name specified in a query structure. This is a safety mechanism to avoid
1835injection attacks when mishandling user input e.g.:
1836
1837 my %condition_as_column_value_pairs = get_values_from_user();
1838 $sqla->select( ... , \%condition_as_column_value_pairs );
1839
1840If the expression matches an exception is thrown. Note that literal SQL
1841supplied via C<\'...'> or C<\['...']> is B<not> checked in any way.
1842
1843Defaults to checking for C<;> and the C<GO> keyword (TransactSQL)
1844
96449e8e 1845=item array_datatypes
32eab2da 1846
9d48860e 1847When this option is true, arrayrefs in INSERT or UPDATE are
1848interpreted as array datatypes and are passed directly
96449e8e 1849to the DBI layer.
1850When this option is false, arrayrefs are interpreted
1851as literal SQL, just like refs to arrayrefs
1852(but this behavior is for backwards compatibility; when writing
1853new queries, use the "reference to arrayref" syntax
1854for literal SQL).
32eab2da 1855
32eab2da 1856
96449e8e 1857=item special_ops
32eab2da 1858
9d48860e 1859Takes a reference to a list of "special operators"
96449e8e 1860to extend the syntax understood by L<SQL::Abstract>.
1861See section L</"SPECIAL OPERATORS"> for details.
32eab2da 1862
59f23b3d 1863=item unary_ops
1864
9d48860e 1865Takes a reference to a list of "unary operators"
59f23b3d 1866to extend the syntax understood by L<SQL::Abstract>.
1867See section L</"UNARY OPERATORS"> for details.
1868
32eab2da 1869
32eab2da 1870
96449e8e 1871=back
32eab2da 1872
02288357 1873=head2 insert($table, \@values || \%fieldvals, \%options)
32eab2da 1874
1875This is the simplest function. You simply give it a table name
1876and either an arrayref of values or hashref of field/value pairs.
1877It returns an SQL INSERT statement and a list of bind values.
96449e8e 1878See the sections on L</"Inserting and Updating Arrays"> and
1879L</"Inserting and Updating SQL"> for information on how to insert
1880with those data types.
32eab2da 1881
02288357 1882The optional C<\%options> hash reference may contain additional
1883options to generate the insert SQL. Currently supported options
1884are:
1885
1886=over 4
1887
1888=item returning
1889
1890Takes either a scalar of raw SQL fields, or an array reference of
1891field names, and adds on an SQL C<RETURNING> statement at the end.
1892This allows you to return data generated by the insert statement
1893(such as row IDs) without performing another C<SELECT> statement.
1894Note, however, this is not part of the SQL standard and may not
1895be supported by all database engines.
1896
1897=back
1898
95904db5 1899=head2 update($table, \%fieldvals, \%where, \%options)
32eab2da 1900
1901This takes a table, hashref of field/value pairs, and an optional
86298391 1902hashref L<WHERE clause|/WHERE CLAUSES>. It returns an SQL UPDATE function and a list
32eab2da 1903of bind values.
96449e8e 1904See the sections on L</"Inserting and Updating Arrays"> and
1905L</"Inserting and Updating SQL"> for information on how to insert
1906with those data types.
32eab2da 1907
95904db5 1908The optional C<\%options> hash reference may contain additional
1909options to generate the update SQL. Currently supported options
1910are:
1911
1912=over 4
1913
1914=item returning
1915
1916See the C<returning> option to
1917L<insert|/insert($table, \@values || \%fieldvals, \%options)>.
1918
1919=back
1920
96449e8e 1921=head2 select($source, $fields, $where, $order)
32eab2da 1922
9d48860e 1923This returns a SQL SELECT statement and associated list of bind values, as
be21dde3 1924specified by the arguments:
32eab2da 1925
96449e8e 1926=over
32eab2da 1927
96449e8e 1928=item $source
32eab2da 1929
9d48860e 1930Specification of the 'FROM' part of the statement.
96449e8e 1931The argument can be either a plain scalar (interpreted as a table
1932name, will be quoted), or an arrayref (interpreted as a list
1933of table names, joined by commas, quoted), or a scalarref
063097a3 1934(literal SQL, not quoted).
32eab2da 1935
96449e8e 1936=item $fields
32eab2da 1937
9d48860e 1938Specification of the list of fields to retrieve from
96449e8e 1939the source.
1940The argument can be either an arrayref (interpreted as a list
9d48860e 1941of field names, will be joined by commas and quoted), or a
96449e8e 1942plain scalar (literal SQL, not quoted).
521647e7 1943Please observe that this API is not as flexible as that of
1944the first argument C<$source>, for backwards compatibility reasons.
32eab2da 1945
96449e8e 1946=item $where
32eab2da 1947
96449e8e 1948Optional argument to specify the WHERE part of the query.
1949The argument is most often a hashref, but can also be
9d48860e 1950an arrayref or plain scalar --
96449e8e 1951see section L<WHERE clause|/"WHERE CLAUSES"> for details.
32eab2da 1952
96449e8e 1953=item $order
32eab2da 1954
96449e8e 1955Optional argument to specify the ORDER BY part of the query.
9d48860e 1956The argument can be a scalar, a hashref or an arrayref
96449e8e 1957-- see section L<ORDER BY clause|/"ORDER BY CLAUSES">
1958for details.
32eab2da 1959
96449e8e 1960=back
32eab2da 1961
32eab2da 1962
85327cd5 1963=head2 delete($table, \%where, \%options)
32eab2da 1964
86298391 1965This takes a table name and optional hashref L<WHERE clause|/WHERE CLAUSES>.
32eab2da 1966It returns an SQL DELETE statement and list of bind values.
1967
85327cd5 1968The optional C<\%options> hash reference may contain additional
1969options to generate the delete SQL. Currently supported options
1970are:
1971
1972=over 4
1973
1974=item returning
1975
1976See the C<returning> option to
1977L<insert|/insert($table, \@values || \%fieldvals, \%options)>.
1978
1979=back
1980
85783f3c 1981=head2 where(\%where, $order)
32eab2da 1982
1983This is used to generate just the WHERE clause. For example,
1984if you have an arbitrary data structure and know what the
1985rest of your SQL is going to look like, but want an easy way
1986to produce a WHERE clause, use this. It returns an SQL WHERE
1987clause and list of bind values.
1988
32eab2da 1989
1990=head2 values(\%data)
1991
1992This just returns the values from the hash C<%data>, in the same
1993order that would be returned from any of the other above queries.
1994Using this allows you to markedly speed up your queries if you
1995are affecting lots of rows. See below under the L</"PERFORMANCE"> section.
1996
32eab2da 1997=head2 generate($any, 'number', $of, \@data, $struct, \%types)
1998
1999Warning: This is an experimental method and subject to change.
2000
2001This returns arbitrarily generated SQL. It's a really basic shortcut.
2002It will return two different things, depending on return context:
2003
2004 my($stmt, @bind) = $sql->generate('create table', \$table, \@fields);
2005 my $stmt_and_val = $sql->generate('create table', \$table, \@fields);
2006
2007These would return the following:
2008
2009 # First calling form
2010 $stmt = "CREATE TABLE test (?, ?)";
2011 @bind = (field1, field2);
2012
2013 # Second calling form
2014 $stmt_and_val = "CREATE TABLE test (field1, field2)";
2015
2016Depending on what you're trying to do, it's up to you to choose the correct
2017format. In this example, the second form is what you would want.
2018
2019By the same token:
2020
2021 $sql->generate('alter session', { nls_date_format => 'MM/YY' });
2022
2023Might give you:
2024
2025 ALTER SESSION SET nls_date_format = 'MM/YY'
2026
2027You get the idea. Strings get their case twiddled, but everything
2028else remains verbatim.
2029
0da0fe34 2030=head1 EXPORTABLE FUNCTIONS
2031
2032=head2 is_plain_value
2033
2034Determines if the supplied argument is a plain value as understood by this
2035module:
2036
2037=over
2038
2039=item * The value is C<undef>
2040
2041=item * The value is a non-reference
2042
2043=item * The value is an object with stringification overloading
2044
2045=item * The value is of the form C<< { -value => $anything } >>
2046
2047=back
2048
9de2bd86 2049On failure returns C<undef>, on success returns a B<scalar> reference
966200cc 2050to the original supplied argument.
0da0fe34 2051
843a94b5 2052=over
2053
2054=item * Note
2055
2056The stringification overloading detection is rather advanced: it takes
2057into consideration not only the presence of a C<""> overload, but if that
2058fails also checks for enabled
2059L<autogenerated versions of C<"">|overload/Magic Autogeneration>, based
2060on either C<0+> or C<bool>.
2061
2062Unfortunately testing in the field indicates that this
2063detection B<< may tickle a latent bug in perl versions before 5.018 >>,
2064but only when very large numbers of stringifying objects are involved.
2065At the time of writing ( Sep 2014 ) there is no clear explanation of
2066the direct cause, nor is there a manageably small test case that reliably
2067reproduces the problem.
2068
2069If you encounter any of the following exceptions in B<random places within
2070your application stack> - this module may be to blame:
2071
2072 Operation "ne": no method found,
2073 left argument in overloaded package <something>,
2074 right argument in overloaded package <something>
2075
2076or perhaps even
2077
2078 Stub found while resolving method "???" overloading """" in package <something>
2079
2080If you fall victim to the above - please attempt to reduce the problem
2081to something that could be sent to the L<SQL::Abstract developers
1f490ae4 2082|DBIx::Class/GETTING HELP/SUPPORT>
843a94b5 2083(either publicly or privately). As a workaround in the meantime you can
2084set C<$ENV{SQLA_ISVALUE_IGNORE_AUTOGENERATED_STRINGIFICATION}> to a true
2085value, which will most likely eliminate your problem (at the expense of
2086not being able to properly detect exotic forms of stringification).
2087
2088This notice and environment variable will be removed in a future version,
2089as soon as the underlying problem is found and a reliable workaround is
2090devised.
2091
2092=back
2093
0da0fe34 2094=head2 is_literal_value
2095
2096Determines if the supplied argument is a literal value as understood by this
2097module:
2098
2099=over
2100
2101=item * C<\$sql_string>
2102
2103=item * C<\[ $sql_string, @bind_values ]>
2104
0da0fe34 2105=back
2106
9de2bd86 2107On failure returns C<undef>, on success returns an B<array> reference
966200cc 2108containing the unpacked version of the supplied literal SQL and bind values.
0da0fe34 2109
32eab2da 2110=head1 WHERE CLAUSES
2111
96449e8e 2112=head2 Introduction
2113
32eab2da 2114This module uses a variation on the idea from L<DBIx::Abstract>. It
2115is B<NOT>, repeat I<not> 100% compatible. B<The main logic of this
2116module is that things in arrays are OR'ed, and things in hashes
2117are AND'ed.>
2118
2119The easiest way to explain is to show lots of examples. After
2120each C<%where> hash shown, it is assumed you used:
2121
2122 my($stmt, @bind) = $sql->where(\%where);
2123
2124However, note that the C<%where> hash can be used directly in any
2125of the other functions as well, as described above.
2126
96449e8e 2127=head2 Key-value pairs
2128
32eab2da 2129So, let's get started. To begin, a simple hash:
2130
2131 my %where = (
2132 user => 'nwiger',
2133 status => 'completed'
2134 );
2135
2136Is converted to SQL C<key = val> statements:
2137
2138 $stmt = "WHERE user = ? AND status = ?";
2139 @bind = ('nwiger', 'completed');
2140
2141One common thing I end up doing is having a list of values that
2142a field can be in. To do this, simply specify a list inside of
2143an arrayref:
2144
2145 my %where = (
2146 user => 'nwiger',
2147 status => ['assigned', 'in-progress', 'pending'];
2148 );
2149
2150This simple code will create the following:
9d48860e 2151
32eab2da 2152 $stmt = "WHERE user = ? AND ( status = ? OR status = ? OR status = ? )";
2153 @bind = ('nwiger', 'assigned', 'in-progress', 'pending');
2154
9d48860e 2155A field associated to an empty arrayref will be considered a
7cac25e6 2156logical false and will generate 0=1.
8a68b5be 2157
b864ba9b 2158=head2 Tests for NULL values
2159
2160If the value part is C<undef> then this is converted to SQL <IS NULL>
2161
2162 my %where = (
2163 user => 'nwiger',
2164 status => undef,
2165 );
2166
2167becomes:
2168
2169 $stmt = "WHERE user = ? AND status IS NULL";
2170 @bind = ('nwiger');
2171
e9614080 2172To test if a column IS NOT NULL:
2173
2174 my %where = (
2175 user => 'nwiger',
2176 status => { '!=', undef },
2177 );
cc422895 2178
6e0c6552 2179=head2 Specific comparison operators
96449e8e 2180
32eab2da 2181If you want to specify a different type of operator for your comparison,
2182you can use a hashref for a given column:
2183
2184 my %where = (
2185 user => 'nwiger',
2186 status => { '!=', 'completed' }
2187 );
2188
2189Which would generate:
2190
2191 $stmt = "WHERE user = ? AND status != ?";
2192 @bind = ('nwiger', 'completed');
2193
2194To test against multiple values, just enclose the values in an arrayref:
2195
96449e8e 2196 status => { '=', ['assigned', 'in-progress', 'pending'] };
2197
f2d5020d 2198Which would give you:
96449e8e 2199
2200 "WHERE status = ? OR status = ? OR status = ?"
2201
2202
2203The hashref can also contain multiple pairs, in which case it is expanded
32eab2da 2204into an C<AND> of its elements:
2205
2206 my %where = (
2207 user => 'nwiger',
2208 status => { '!=', 'completed', -not_like => 'pending%' }
2209 );
2210
2211 # Or more dynamically, like from a form
2212 $where{user} = 'nwiger';
2213 $where{status}{'!='} = 'completed';
2214 $where{status}{'-not_like'} = 'pending%';
2215
2216 # Both generate this
2217 $stmt = "WHERE user = ? AND status != ? AND status NOT LIKE ?";
2218 @bind = ('nwiger', 'completed', 'pending%');
2219
96449e8e 2220
32eab2da 2221To get an OR instead, you can combine it with the arrayref idea:
2222
2223 my %where => (
2224 user => 'nwiger',
1a6f2a03 2225 priority => [ { '=', 2 }, { '>', 5 } ]
32eab2da 2226 );
2227
2228Which would generate:
2229
1a6f2a03 2230 $stmt = "WHERE ( priority = ? OR priority > ? ) AND user = ?";
2231 @bind = ('2', '5', 'nwiger');
32eab2da 2232
44b9e502 2233If you want to include literal SQL (with or without bind values), just use a
13cc86af 2234scalar reference or reference to an arrayref as the value:
44b9e502 2235
2236 my %where = (
2237 date_entered => { '>' => \["to_date(?, 'MM/DD/YYYY')", "11/26/2008"] },
2238 date_expires => { '<' => \"now()" }
2239 );
2240
2241Which would generate:
2242
13cc86af 2243 $stmt = "WHERE date_entered > to_date(?, 'MM/DD/YYYY') AND date_expires < now()";
44b9e502 2244 @bind = ('11/26/2008');
2245
96449e8e 2246
2247=head2 Logic and nesting operators
2248
2249In the example above,
2250there is a subtle trap if you want to say something like
32eab2da 2251this (notice the C<AND>):
2252
2253 WHERE priority != ? AND priority != ?
2254
2255Because, in Perl you I<can't> do this:
2256
13cc86af 2257 priority => { '!=' => 2, '!=' => 1 }
32eab2da 2258
2259As the second C<!=> key will obliterate the first. The solution
2260is to use the special C<-modifier> form inside an arrayref:
2261
9d48860e 2262 priority => [ -and => {'!=', 2},
96449e8e 2263 {'!=', 1} ]
2264
32eab2da 2265
2266Normally, these would be joined by C<OR>, but the modifier tells it
2267to use C<AND> instead. (Hint: You can use this in conjunction with the
2268C<logic> option to C<new()> in order to change the way your queries
2269work by default.) B<Important:> Note that the C<-modifier> goes
2270B<INSIDE> the arrayref, as an extra first element. This will
2271B<NOT> do what you think it might:
2272
2273 priority => -and => [{'!=', 2}, {'!=', 1}] # WRONG!
2274
2275Here is a quick list of equivalencies, since there is some overlap:
2276
2277 # Same
2278 status => {'!=', 'completed', 'not like', 'pending%' }
2279 status => [ -and => {'!=', 'completed'}, {'not like', 'pending%'}]
2280
2281 # Same
2282 status => {'=', ['assigned', 'in-progress']}
2283 status => [ -or => {'=', 'assigned'}, {'=', 'in-progress'}]
2284 status => [ {'=', 'assigned'}, {'=', 'in-progress'} ]
2285
e3f9dff4 2286
2287
be21dde3 2288=head2 Special operators: IN, BETWEEN, etc.
96449e8e 2289
32eab2da 2290You can also use the hashref format to compare a list of fields using the
2291C<IN> comparison operator, by specifying the list as an arrayref:
2292
2293 my %where = (
2294 status => 'completed',
2295 reportid => { -in => [567, 2335, 2] }
2296 );
2297
2298Which would generate:
2299
2300 $stmt = "WHERE status = ? AND reportid IN (?,?,?)";
2301 @bind = ('completed', '567', '2335', '2');
2302
9d48860e 2303The reverse operator C<-not_in> generates SQL C<NOT IN> and is used in
96449e8e 2304the same way.
2305
6e0c6552 2306If the argument to C<-in> is an empty array, 'sqlfalse' is generated
be21dde3 2307(by default: C<1=0>). Similarly, C<< -not_in => [] >> generates
2308'sqltrue' (by default: C<1=1>).
6e0c6552 2309
e41c3bdd 2310In addition to the array you can supply a chunk of literal sql or
2311literal sql with bind:
6e0c6552 2312
e41c3bdd 2313 my %where = {
2314 customer => { -in => \[
2315 'SELECT cust_id FROM cust WHERE balance > ?',
2316 2000,
2317 ],
2318 status => { -in => \'SELECT status_codes FROM states' },
2319 };
6e0c6552 2320
e41c3bdd 2321would generate:
2322
2323 $stmt = "WHERE (
2324 customer IN ( SELECT cust_id FROM cust WHERE balance > ? )
2325 AND status IN ( SELECT status_codes FROM states )
2326 )";
2327 @bind = ('2000');
2328
0dfd2442 2329Finally, if the argument to C<-in> is not a reference, it will be
2330treated as a single-element array.
e41c3bdd 2331
2332Another pair of operators is C<-between> and C<-not_between>,
96449e8e 2333used with an arrayref of two values:
32eab2da 2334
2335 my %where = (
2336 user => 'nwiger',
2337 completion_date => {
2338 -not_between => ['2002-10-01', '2003-02-06']
2339 }
2340 );
2341
2342Would give you:
2343
2344 WHERE user = ? AND completion_date NOT BETWEEN ( ? AND ? )
2345
e41c3bdd 2346Just like with C<-in> all plausible combinations of literal SQL
2347are possible:
2348
2349 my %where = {
2350 start0 => { -between => [ 1, 2 ] },
2351 start1 => { -between => \["? AND ?", 1, 2] },
2352 start2 => { -between => \"lower(x) AND upper(y)" },
9d48860e 2353 start3 => { -between => [
e41c3bdd 2354 \"lower(x)",
2355 \["upper(?)", 'stuff' ],
2356 ] },
2357 };
2358
2359Would give you:
2360
2361 $stmt = "WHERE (
2362 ( start0 BETWEEN ? AND ? )
2363 AND ( start1 BETWEEN ? AND ? )
2364 AND ( start2 BETWEEN lower(x) AND upper(y) )
2365 AND ( start3 BETWEEN lower(x) AND upper(?) )
2366 )";
2367 @bind = (1, 2, 1, 2, 'stuff');
2368
2369
9d48860e 2370These are the two builtin "special operators"; but the
be21dde3 2371list can be expanded: see section L</"SPECIAL OPERATORS"> below.
96449e8e 2372
59f23b3d 2373=head2 Unary operators: bool
97a920ef 2374
2375If you wish to test against boolean columns or functions within your
2376database you can use the C<-bool> and C<-not_bool> operators. For
2377example to test the column C<is_user> being true and the column
827bb0eb 2378C<is_enabled> being false you would use:-
97a920ef 2379
2380 my %where = (
2381 -bool => 'is_user',
2382 -not_bool => 'is_enabled',
2383 );
2384
2385Would give you:
2386
277b5d3f 2387 WHERE is_user AND NOT is_enabled
97a920ef 2388
0b604e9d 2389If a more complex combination is required, testing more conditions,
2390then you should use the and/or operators:-
2391
2392 my %where = (
2393 -and => [
2394 -bool => 'one',
23401b81 2395 -not_bool => { two=> { -rlike => 'bar' } },
2396 -not_bool => { three => [ { '=', 2 }, { '>', 5 } ] },
0b604e9d 2397 ],
2398 );
2399
2400Would give you:
2401
23401b81 2402 WHERE
2403 one
2404 AND
2405 (NOT two RLIKE ?)
2406 AND
2407 (NOT ( three = ? OR three > ? ))
97a920ef 2408
2409
107b72f1 2410=head2 Nested conditions, -and/-or prefixes
96449e8e 2411
32eab2da 2412So far, we've seen how multiple conditions are joined with a top-level
2413C<AND>. We can change this by putting the different conditions we want in
2414hashes and then putting those hashes in an array. For example:
2415
2416 my @where = (
2417 {
2418 user => 'nwiger',
2419 status => { -like => ['pending%', 'dispatched'] },
2420 },
2421 {
2422 user => 'robot',
2423 status => 'unassigned',
2424 }
2425 );
2426
2427This data structure would create the following:
2428
2429 $stmt = "WHERE ( user = ? AND ( status LIKE ? OR status LIKE ? ) )
2430 OR ( user = ? AND status = ? ) )";
2431 @bind = ('nwiger', 'pending', 'dispatched', 'robot', 'unassigned');
2432
107b72f1 2433
48d9f5f8 2434Clauses in hashrefs or arrayrefs can be prefixed with an C<-and> or C<-or>
be21dde3 2435to change the logic inside:
32eab2da 2436
2437 my @where = (
2438 -and => [
2439 user => 'nwiger',
48d9f5f8 2440 [
2441 -and => [ workhrs => {'>', 20}, geo => 'ASIA' ],
2442 -or => { workhrs => {'<', 50}, geo => 'EURO' },
32eab2da 2443 ],
2444 ],
2445 );
2446
2447That would yield:
2448
13cc86af 2449 $stmt = "WHERE ( user = ?
2450 AND ( ( workhrs > ? AND geo = ? )
2451 OR ( workhrs < ? OR geo = ? ) ) )";
2452 @bind = ('nwiger', '20', 'ASIA', '50', 'EURO');
107b72f1 2453
cc422895 2454=head3 Algebraic inconsistency, for historical reasons
107b72f1 2455
7cac25e6 2456C<Important note>: when connecting several conditions, the C<-and->|C<-or>
2457operator goes C<outside> of the nested structure; whereas when connecting
2458several constraints on one column, the C<-and> operator goes
be21dde3 2459C<inside> the arrayref. Here is an example combining both features:
7cac25e6 2460
2461 my @where = (
2462 -and => [a => 1, b => 2],
2463 -or => [c => 3, d => 4],
2464 e => [-and => {-like => 'foo%'}, {-like => '%bar'} ]
2465 )
2466
2467yielding
2468
9d48860e 2469 WHERE ( ( ( a = ? AND b = ? )
2470 OR ( c = ? OR d = ? )
7cac25e6 2471 OR ( e LIKE ? AND e LIKE ? ) ) )
2472
107b72f1 2473This difference in syntax is unfortunate but must be preserved for
be21dde3 2474historical reasons. So be careful: the two examples below would
107b72f1 2475seem algebraically equivalent, but they are not
2476
a948b1fe 2477 { col => [ -and =>
2478 { -like => 'foo%' },
2479 { -like => '%bar' },
2480 ] }
be21dde3 2481 # yields: WHERE ( ( col LIKE ? AND col LIKE ? ) )
107b72f1 2482
a948b1fe 2483 [ -and =>
2484 { col => { -like => 'foo%' } },
2485 { col => { -like => '%bar' } },
2486 ]
be21dde3 2487 # yields: WHERE ( ( col LIKE ? OR col LIKE ? ) )
107b72f1 2488
7cac25e6 2489
cc422895 2490=head2 Literal SQL and value type operators
96449e8e 2491
cc422895 2492The basic premise of SQL::Abstract is that in WHERE specifications the "left
2493side" is a column name and the "right side" is a value (normally rendered as
2494a placeholder). This holds true for both hashrefs and arrayref pairs as you
2495see in the L</WHERE CLAUSES> examples above. Sometimes it is necessary to
2496alter this behavior. There are several ways of doing so.
e9614080 2497
cc422895 2498=head3 -ident
2499
2500This is a virtual operator that signals the string to its right side is an
2501identifier (a column name) and not a value. For example to compare two
2502columns you would write:
32eab2da 2503
e9614080 2504 my %where = (
2505 priority => { '<', 2 },
cc422895 2506 requestor => { -ident => 'submitter' },
e9614080 2507 );
2508
2509which creates:
2510
2511 $stmt = "WHERE priority < ? AND requestor = submitter";
2512 @bind = ('2');
2513
cc422895 2514If you are maintaining legacy code you may see a different construct as
2515described in L</Deprecated usage of Literal SQL>, please use C<-ident> in new
2516code.
2517
2518=head3 -value
e9614080 2519
cc422895 2520This is a virtual operator that signals that the construct to its right side
2521is a value to be passed to DBI. This is for example necessary when you want
2522to write a where clause against an array (for RDBMS that support such
2523datatypes). For example:
e9614080 2524
32eab2da 2525 my %where = (
cc422895 2526 array => { -value => [1, 2, 3] }
32eab2da 2527 );
2528
cc422895 2529will result in:
32eab2da 2530
cc422895 2531 $stmt = 'WHERE array = ?';
2532 @bind = ([1, 2, 3]);
32eab2da 2533
cc422895 2534Note that if you were to simply say:
32eab2da 2535
2536 my %where = (
cc422895 2537 array => [1, 2, 3]
32eab2da 2538 );
2539
3af02ccb 2540the result would probably not be what you wanted:
cc422895 2541
2542 $stmt = 'WHERE array = ? OR array = ? OR array = ?';
2543 @bind = (1, 2, 3);
2544
2545=head3 Literal SQL
96449e8e 2546
cc422895 2547Finally, sometimes only literal SQL will do. To include a random snippet
2548of SQL verbatim, you specify it as a scalar reference. Consider this only
2549as a last resort. Usually there is a better way. For example:
96449e8e 2550
2551 my %where = (
cc422895 2552 priority => { '<', 2 },
2553 requestor => { -in => \'(SELECT name FROM hitmen)' },
96449e8e 2554 );
2555
cc422895 2556Would create:
96449e8e 2557
cc422895 2558 $stmt = "WHERE priority < ? AND requestor IN (SELECT name FROM hitmen)"
2559 @bind = (2);
2560
2561Note that in this example, you only get one bind parameter back, since
2562the verbatim SQL is passed as part of the statement.
2563
2564=head4 CAVEAT
2565
2566 Never use untrusted input as a literal SQL argument - this is a massive
2567 security risk (there is no way to check literal snippets for SQL
2568 injections and other nastyness). If you need to deal with untrusted input
2569 use literal SQL with placeholders as described next.
96449e8e 2570
cc422895 2571=head3 Literal SQL with placeholders and bind values (subqueries)
96449e8e 2572
2573If the literal SQL to be inserted has placeholders and bind values,
2574use a reference to an arrayref (yes this is a double reference --
2575not so common, but perfectly legal Perl). For example, to find a date
2576in Postgres you can use something like this:
2577
2578 my %where = (
3ae1c5e2 2579 date_column => \[ "= date '2008-09-30' - ?::integer", 10 ]
96449e8e 2580 )
2581
2582This would create:
2583
d2a8fe1a 2584 $stmt = "WHERE ( date_column = date '2008-09-30' - ?::integer )"
96449e8e 2585 @bind = ('10');
2586
deb148a2 2587Note that you must pass the bind values in the same format as they are returned
85783f3c 2588by L<where|/where(\%where, $order)>. This means that if you set L</bindtype>
1f490ae4 2589to C<columns>, you must provide the bind values in the
2590C<< [ column_meta => value ] >> format, where C<column_meta> is an opaque
2591scalar value; most commonly the column name, but you can use any scalar value
2592(including references and blessed references), L<SQL::Abstract> will simply
2593pass it through intact. So if C<bindtype> is set to C<columns> the above
2594example will look like:
deb148a2 2595
2596 my %where = (
3ae1c5e2 2597 date_column => \[ "= date '2008-09-30' - ?::integer", [ {} => 10 ] ]
deb148a2 2598 )
96449e8e 2599
2600Literal SQL is especially useful for nesting parenthesized clauses in the
be21dde3 2601main SQL query. Here is a first example:
96449e8e 2602
2603 my ($sub_stmt, @sub_bind) = ("SELECT c1 FROM t1 WHERE c2 < ? AND c3 LIKE ?",
2604 100, "foo%");
2605 my %where = (
2606 foo => 1234,
2607 bar => \["IN ($sub_stmt)" => @sub_bind],
2608 );
2609
be21dde3 2610This yields:
96449e8e 2611
9d48860e 2612 $stmt = "WHERE (foo = ? AND bar IN (SELECT c1 FROM t1
96449e8e 2613 WHERE c2 < ? AND c3 LIKE ?))";
2614 @bind = (1234, 100, "foo%");
2615
9d48860e 2616Other subquery operators, like for example C<"E<gt> ALL"> or C<"NOT IN">,
96449e8e 2617are expressed in the same way. Of course the C<$sub_stmt> and
9d48860e 2618its associated bind values can be generated through a former call
96449e8e 2619to C<select()> :
2620
2621 my ($sub_stmt, @sub_bind)
9d48860e 2622 = $sql->select("t1", "c1", {c2 => {"<" => 100},
96449e8e 2623 c3 => {-like => "foo%"}});
2624 my %where = (
2625 foo => 1234,
2626 bar => \["> ALL ($sub_stmt)" => @sub_bind],
2627 );
2628
2629In the examples above, the subquery was used as an operator on a column;
9d48860e 2630but the same principle also applies for a clause within the main C<%where>
be21dde3 2631hash, like an EXISTS subquery:
96449e8e 2632
9d48860e 2633 my ($sub_stmt, @sub_bind)
96449e8e 2634 = $sql->select("t1", "*", {c1 => 1, c2 => \"> t0.c0"});
48d9f5f8 2635 my %where = ( -and => [
96449e8e 2636 foo => 1234,
48d9f5f8 2637 \["EXISTS ($sub_stmt)" => @sub_bind],
2638 ]);
96449e8e 2639
2640which yields
2641
9d48860e 2642 $stmt = "WHERE (foo = ? AND EXISTS (SELECT * FROM t1
96449e8e 2643 WHERE c1 = ? AND c2 > t0.c0))";
2644 @bind = (1234, 1);
2645
2646
9d48860e 2647Observe that the condition on C<c2> in the subquery refers to
be21dde3 2648column C<t0.c0> of the main query: this is I<not> a bind
9d48860e 2649value, so we have to express it through a scalar ref.
96449e8e 2650Writing C<< c2 => {">" => "t0.c0"} >> would have generated
2651C<< c2 > ? >> with bind value C<"t0.c0"> ... not exactly
2652what we wanted here.
2653
96449e8e 2654Finally, here is an example where a subquery is used
2655for expressing unary negation:
2656
9d48860e 2657 my ($sub_stmt, @sub_bind)
96449e8e 2658 = $sql->where({age => [{"<" => 10}, {">" => 20}]});
2659 $sub_stmt =~ s/^ where //i; # don't want "WHERE" in the subclause
2660 my %where = (
2661 lname => {like => '%son%'},
48d9f5f8 2662 \["NOT ($sub_stmt)" => @sub_bind],
96449e8e 2663 );
2664
2665This yields
2666
2667 $stmt = "lname LIKE ? AND NOT ( age < ? OR age > ? )"
2668 @bind = ('%son%', 10, 20)
2669
cc422895 2670=head3 Deprecated usage of Literal SQL
2671
2672Below are some examples of archaic use of literal SQL. It is shown only as
2673reference for those who deal with legacy code. Each example has a much
2674better, cleaner and safer alternative that users should opt for in new code.
2675
2676=over
2677
2678=item *
2679
2680 my %where = ( requestor => \'IS NOT NULL' )
2681
2682 $stmt = "WHERE requestor IS NOT NULL"
2683
2684This used to be the way of generating NULL comparisons, before the handling
2685of C<undef> got formalized. For new code please use the superior syntax as
2686described in L</Tests for NULL values>.
96449e8e 2687
cc422895 2688=item *
2689
2690 my %where = ( requestor => \'= submitter' )
2691
2692 $stmt = "WHERE requestor = submitter"
2693
2694This used to be the only way to compare columns. Use the superior L</-ident>
2695method for all new code. For example an identifier declared in such a way
2696will be properly quoted if L</quote_char> is properly set, while the legacy
2697form will remain as supplied.
2698
2699=item *
2700
2701 my %where = ( is_ready => \"", completed => { '>', '2012-12-21' } )
2702
2703 $stmt = "WHERE completed > ? AND is_ready"
2704 @bind = ('2012-12-21')
2705
2706Using an empty string literal used to be the only way to express a boolean.
2707For all new code please use the much more readable
2708L<-bool|/Unary operators: bool> operator.
2709
2710=back
96449e8e 2711
2712=head2 Conclusion
2713
32eab2da 2714These pages could go on for a while, since the nesting of the data
2715structures this module can handle are pretty much unlimited (the
2716module implements the C<WHERE> expansion as a recursive function
2717internally). Your best bet is to "play around" with the module a
2718little to see how the data structures behave, and choose the best
2719format for your data based on that.
2720
2721And of course, all the values above will probably be replaced with
2722variables gotten from forms or the command line. After all, if you
2723knew everything ahead of time, you wouldn't have to worry about
2724dynamically-generating SQL and could just hardwire it into your
2725script.
2726
86298391 2727=head1 ORDER BY CLAUSES
2728
9d48860e 2729Some functions take an order by clause. This can either be a scalar (just a
18710f60 2730column name), a hashref of C<< { -desc => 'col' } >> or C<< { -asc => 'col' }
2731>>, a scalarref, an arrayref-ref, or an arrayref of any of the previous
2732forms. Examples:
1cfa1db3 2733
8c15b421 2734 Given | Will Generate
18710f60 2735 ---------------------------------------------------------------
8c15b421 2736 |
2737 'colA' | ORDER BY colA
2738 |
2739 [qw/colA colB/] | ORDER BY colA, colB
2740 |
2741 {-asc => 'colA'} | ORDER BY colA ASC
2742 |
2743 {-desc => 'colB'} | ORDER BY colB DESC
2744 |
2745 ['colA', {-asc => 'colB'}] | ORDER BY colA, colB ASC
2746 |
2747 { -asc => [qw/colA colB/] } | ORDER BY colA ASC, colB ASC
2748 |
2749 \'colA DESC' | ORDER BY colA DESC
2750 |
2751 \[ 'FUNC(colA, ?)', $x ] | ORDER BY FUNC(colA, ?)
2752 | /* ...with $x bound to ? */
2753 |
bd805d85 2754 [ | ORDER BY
2755 { -asc => 'colA' }, | colA ASC,
2756 { -desc => [qw/colB/] }, | colB DESC,
2757 { -asc => [qw/colC colD/] },| colC ASC, colD ASC,
2758 \'colE DESC', | colE DESC,
2759 \[ 'FUNC(colF, ?)', $x ], | FUNC(colF, ?)
2760 ] | /* ...with $x bound to ? */
18710f60 2761 ===============================================================
86298391 2762
96449e8e 2763
2764
2765=head1 SPECIAL OPERATORS
2766
e3f9dff4 2767 my $sqlmaker = SQL::Abstract->new(special_ops => [
3a2e1a5e 2768 {
2769 regex => qr/.../,
e3f9dff4 2770 handler => sub {
2771 my ($self, $field, $op, $arg) = @_;
2772 ...
3a2e1a5e 2773 },
2774 },
2775 {
2776 regex => qr/.../,
2777 handler => 'method_name',
e3f9dff4 2778 },
2779 ]);
2780
9d48860e 2781A "special operator" is a SQL syntactic clause that can be
e3f9dff4 2782applied to a field, instead of a usual binary operator.
be21dde3 2783For example:
e3f9dff4 2784
2785 WHERE field IN (?, ?, ?)
2786 WHERE field BETWEEN ? AND ?
2787 WHERE MATCH(field) AGAINST (?, ?)
96449e8e 2788
e3f9dff4 2789Special operators IN and BETWEEN are fairly standard and therefore
3a2e1a5e 2790are builtin within C<SQL::Abstract> (as the overridable methods
2791C<_where_field_IN> and C<_where_field_BETWEEN>). For other operators,
2792like the MATCH .. AGAINST example above which is specific to MySQL,
2793you can write your own operator handlers - supply a C<special_ops>
2794argument to the C<new> method. That argument takes an arrayref of
2795operator definitions; each operator definition is a hashref with two
2796entries:
96449e8e 2797
e3f9dff4 2798=over
2799
2800=item regex
2801
2802the regular expression to match the operator
96449e8e 2803
e3f9dff4 2804=item handler
2805
3a2e1a5e 2806Either a coderef or a plain scalar method name. In both cases
2807the expected return is C<< ($sql, @bind) >>.
2808
2809When supplied with a method name, it is simply called on the
13cc86af 2810L<SQL::Abstract> object as:
3a2e1a5e 2811
ca4f826a 2812 $self->$method_name($field, $op, $arg)
3a2e1a5e 2813
2814 Where:
2815
3a2e1a5e 2816 $field is the LHS of the operator
13cc86af 2817 $op is the part that matched the handler regex
3a2e1a5e 2818 $arg is the RHS
2819
2820When supplied with a coderef, it is called as:
2821
2822 $coderef->($self, $field, $op, $arg)
2823
e3f9dff4 2824
2825=back
2826
9d48860e 2827For example, here is an implementation
e3f9dff4 2828of the MATCH .. AGAINST syntax for MySQL
2829
2830 my $sqlmaker = SQL::Abstract->new(special_ops => [
9d48860e 2831
e3f9dff4 2832 # special op for MySql MATCH (field) AGAINST(word1, word2, ...)
9d48860e 2833 {regex => qr/^match$/i,
e3f9dff4 2834 handler => sub {
2835 my ($self, $field, $op, $arg) = @_;
2836 $arg = [$arg] if not ref $arg;
2837 my $label = $self->_quote($field);
2838 my ($placeholder) = $self->_convert('?');
2839 my $placeholders = join ", ", (($placeholder) x @$arg);
2840 my $sql = $self->_sqlcase('match') . " ($label) "
2841 . $self->_sqlcase('against') . " ($placeholders) ";
2842 my @bind = $self->_bindtype($field, @$arg);
2843 return ($sql, @bind);
2844 }
2845 },
9d48860e 2846
e3f9dff4 2847 ]);
96449e8e 2848
2849
59f23b3d 2850=head1 UNARY OPERATORS
2851
112b5232 2852 my $sqlmaker = SQL::Abstract->new(unary_ops => [
59f23b3d 2853 {
2854 regex => qr/.../,
2855 handler => sub {
2856 my ($self, $op, $arg) = @_;
2857 ...
2858 },
2859 },
2860 {
2861 regex => qr/.../,
2862 handler => 'method_name',
2863 },
2864 ]);
2865
9d48860e 2866A "unary operator" is a SQL syntactic clause that can be
59f23b3d 2867applied to a field - the operator goes before the field
2868
2869You can write your own operator handlers - supply a C<unary_ops>
2870argument to the C<new> method. That argument takes an arrayref of
2871operator definitions; each operator definition is a hashref with two
2872entries:
2873
2874=over
2875
2876=item regex
2877
2878the regular expression to match the operator
2879
2880=item handler
2881
2882Either a coderef or a plain scalar method name. In both cases
2883the expected return is C<< $sql >>.
2884
2885When supplied with a method name, it is simply called on the
13cc86af 2886L<SQL::Abstract> object as:
59f23b3d 2887
ca4f826a 2888 $self->$method_name($op, $arg)
59f23b3d 2889
2890 Where:
2891
2892 $op is the part that matched the handler regex
2893 $arg is the RHS or argument of the operator
2894
2895When supplied with a coderef, it is called as:
2896
2897 $coderef->($self, $op, $arg)
2898
2899
2900=back
2901
2902
32eab2da 2903=head1 PERFORMANCE
2904
2905Thanks to some benchmarking by Mark Stosberg, it turns out that
2906this module is many orders of magnitude faster than using C<DBIx::Abstract>.
2907I must admit this wasn't an intentional design issue, but it's a
2908byproduct of the fact that you get to control your C<DBI> handles
2909yourself.
2910
2911To maximize performance, use a code snippet like the following:
2912
2913 # prepare a statement handle using the first row
2914 # and then reuse it for the rest of the rows
2915 my($sth, $stmt);
2916 for my $href (@array_of_hashrefs) {
2917 $stmt ||= $sql->insert('table', $href);
2918 $sth ||= $dbh->prepare($stmt);
2919 $sth->execute($sql->values($href));
2920 }
2921
2922The reason this works is because the keys in your C<$href> are sorted
2923internally by B<SQL::Abstract>. Thus, as long as your data retains
2924the same structure, you only have to generate the SQL the first time
2925around. On subsequent queries, simply use the C<values> function provided
2926by this module to return your values in the correct order.
2927
b864ba9b 2928However this depends on the values having the same type - if, for
2929example, the values of a where clause may either have values
2930(resulting in sql of the form C<column = ?> with a single bind
2931value), or alternatively the values might be C<undef> (resulting in
2932sql of the form C<column IS NULL> with no bind value) then the
2933caching technique suggested will not work.
96449e8e 2934
32eab2da 2935=head1 FORMBUILDER
2936
2937If you use my C<CGI::FormBuilder> module at all, you'll hopefully
2938really like this part (I do, at least). Building up a complex query
2939can be as simple as the following:
2940
2941 #!/usr/bin/perl
2942
46dc2f3e 2943 use warnings;
2944 use strict;
2945
32eab2da 2946 use CGI::FormBuilder;
2947 use SQL::Abstract;
2948
2949 my $form = CGI::FormBuilder->new(...);
2950 my $sql = SQL::Abstract->new;
2951
2952 if ($form->submitted) {
2953 my $field = $form->field;
2954 my $id = delete $field->{id};
2955 my($stmt, @bind) = $sql->update('table', $field, {id => $id});
2956 }
2957
2958Of course, you would still have to connect using C<DBI> to run the
2959query, but the point is that if you make your form look like your
2960table, the actual query script can be extremely simplistic.
2961
2962If you're B<REALLY> lazy (I am), check out C<HTML::QuickTable> for
9d48860e 2963a fast interface to returning and formatting data. I frequently
32eab2da 2964use these three modules together to write complex database query
2965apps in under 50 lines.
2966
af733667 2967=head1 HOW TO CONTRIBUTE
2968
2969Contributions are always welcome, in all usable forms (we especially
2970welcome documentation improvements). The delivery methods include git-
2971or unified-diff formatted patches, GitHub pull requests, or plain bug
2972reports either via RT or the Mailing list. Contributors are generally
2973granted full access to the official repository after their first several
2974patches pass successful review.
2975
2976This project is maintained in a git repository. The code and related tools are
2977accessible at the following locations:
d8cc1792 2978
2979=over
2980
af733667 2981=item * Official repo: L<git://git.shadowcat.co.uk/dbsrgits/SQL-Abstract.git>
2982
2983=item * Official gitweb: L<http://git.shadowcat.co.uk/gitweb/gitweb.cgi?p=dbsrgits/SQL-Abstract.git>
2984
2985=item * GitHub mirror: L<https://github.com/dbsrgits/sql-abstract>
d8cc1792 2986
af733667 2987=item * Authorized committers: L<ssh://dbsrgits@git.shadowcat.co.uk/SQL-Abstract.git>
d8cc1792 2988
2989=back
32eab2da 2990
96449e8e 2991=head1 CHANGES
2992
2993Version 1.50 was a major internal refactoring of C<SQL::Abstract>.
2994Great care has been taken to preserve the I<published> behavior
2995documented in previous versions in the 1.* family; however,
9d48860e 2996some features that were previously undocumented, or behaved
96449e8e 2997differently from the documentation, had to be changed in order
2998to clarify the semantics. Hence, client code that was relying
9d48860e 2999on some dark areas of C<SQL::Abstract> v1.*
96449e8e 3000B<might behave differently> in v1.50.
32eab2da 3001
be21dde3 3002The main changes are:
d2a8fe1a 3003
96449e8e 3004=over
32eab2da 3005
9d48860e 3006=item *
32eab2da 3007
3ae1c5e2 3008support for literal SQL through the C<< \ [ $sql, @bind ] >> syntax.
96449e8e 3009
3010=item *
3011
145fbfc8 3012support for the { operator => \"..." } construct (to embed literal SQL)
3013
3014=item *
3015
9c37b9c0 3016support for the { operator => \["...", @bind] } construct (to embed literal SQL with bind values)
3017
3018=item *
3019
96449e8e 3020optional support for L<array datatypes|/"Inserting and Updating Arrays">
3021
9d48860e 3022=item *
96449e8e 3023
be21dde3 3024defensive programming: check arguments
96449e8e 3025
3026=item *
3027
3028fixed bug with global logic, which was previously implemented
7cac25e6 3029through global variables yielding side-effects. Prior versions would
96449e8e 3030interpret C<< [ {cond1, cond2}, [cond3, cond4] ] >>
3031as C<< "(cond1 AND cond2) OR (cond3 AND cond4)" >>.
3032Now this is interpreted
3033as C<< "(cond1 AND cond2) OR (cond3 OR cond4)" >>.
3034
96449e8e 3035
3036=item *
3037
3038fixed semantics of _bindtype on array args
3039
9d48860e 3040=item *
96449e8e 3041
3042dropped the C<_anoncopy> of the %where tree. No longer necessary,
3043we just avoid shifting arrays within that tree.
3044
3045=item *
3046
3047dropped the C<_modlogic> function
3048
3049=back
32eab2da 3050
32eab2da 3051=head1 ACKNOWLEDGEMENTS
3052
3053There are a number of individuals that have really helped out with
3054this module. Unfortunately, most of them submitted bugs via CPAN
3055so I have no idea who they are! But the people I do know are:
3056
9d48860e 3057 Ash Berlin (order_by hash term support)
b643abe1 3058 Matt Trout (DBIx::Class support)
32eab2da 3059 Mark Stosberg (benchmarking)
3060 Chas Owens (initial "IN" operator support)
3061 Philip Collins (per-field SQL functions)
3062 Eric Kolve (hashref "AND" support)
3063 Mike Fragassi (enhancements to "BETWEEN" and "LIKE")
3064 Dan Kubb (support for "quote_char" and "name_sep")
f5aab26e 3065 Guillermo Roditi (patch to cleanup "IN" and "BETWEEN", fix and tests for _order_by)
48d9f5f8 3066 Laurent Dami (internal refactoring, extensible list of special operators, literal SQL)
dbdf7648 3067 Norbert Buchmuller (support for literal SQL in hashpair, misc. fixes & tests)
e96c510a 3068 Peter Rabbitson (rewrite of SQLA::Test, misc. fixes & tests)
02288357 3069 Oliver Charles (support for "RETURNING" after "INSERT")
32eab2da 3070
3071Thanks!
3072
32eab2da 3073=head1 SEE ALSO
3074
86298391 3075L<DBIx::Class>, L<DBIx::Abstract>, L<CGI::FormBuilder>, L<HTML::QuickTable>.
32eab2da 3076
32eab2da 3077=head1 AUTHOR
3078
b643abe1 3079Copyright (c) 2001-2007 Nathan Wiger <nwiger@cpan.org>. All Rights Reserved.
3080
3081This module is actively maintained by Matt Trout <mst@shadowcatsystems.co.uk>
32eab2da 3082
abe72f94 3083For support, your best bet is to try the C<DBIx::Class> users mailing list.
3084While not an official support venue, C<DBIx::Class> makes heavy use of
3085C<SQL::Abstract>, and as such list members there are very familiar with
3086how to create queries.
3087
0d067ded 3088=head1 LICENSE
3089
d988ab87 3090This module is free software; you may copy this under the same
3091terms as perl itself (either the GNU General Public License or
3092the Artistic License)
32eab2da 3093
3094=cut
Unnamed repository; edit this file 'description' to name the repository.