projects / scpubgit/Q-Branch.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | history | HEAD
quote code supports multi-part idents
[scpubgit/Q-Branch.git] / lib / SQL / Abstract.pm
CommitLineData
96449e8e 1package SQL::Abstract; # see doc at end of file
2
96449e8e 3use strict;
4use warnings;
9d9d5bd6 5use Carp ();
312d830b 6use List::Util ();
7use Scalar::Util ();
96449e8e 8
0da0fe34 9use Exporter 'import';
10our @EXPORT_OK = qw(is_plain_value is_literal_value);
11
12BEGIN {
13 if ($] < 5.009_005) {
14 require MRO::Compat;
15 }
16 else {
17 require mro;
18 }
843a94b5 19
20 *SQL::Abstract::_ENV_::DETECT_AUTOGENERATED_STRINGIFICATION = $ENV{SQLA_ISVALUE_IGNORE_AUTOGENERATED_STRINGIFICATION}
21 ? sub () { 0 }
22 : sub () { 1 }
23 ;
0da0fe34 24}
25
96449e8e 26#======================================================================
27# GLOBALS
28#======================================================================
29
dc6afcf8 30our $VERSION = '1.86';
7479e27e 31
22f1a437 32# This would confuse some packagers
c520207b 33$VERSION = eval $VERSION if $VERSION =~ /_/; # numify for warning-free dev releases
96449e8e 34
35our $AUTOLOAD;
36
37# special operators (-in, -between). May be extended/overridden by user.
38# See section WHERE: BUILTIN SPECIAL OPERATORS below for implementation
39my @BUILTIN_SPECIAL_OPS = (
f663e672 40 {regex => qr/^ (?: not \s )? between $/ix, handler => sub { die "NOPE" }},
41 {regex => qr/^ (?: not \s )? in $/ix, handler => sub { die "NOPE" }},
87c8e45b 42 {regex => qr/^ is (?: \s+ not )? $/ix, handler => sub { die "NOPE" }},
96449e8e 43);
44
45#======================================================================
46# DEBUGGING AND ERROR REPORTING
47#======================================================================
48
49sub _debug {
50 return unless $_[0]->{debug}; shift; # a little faster
51 my $func = (caller(1))[3];
52 warn "[$func] ", @_, "\n";
53}
54
55sub belch (@) {
56 my($func) = (caller(1))[3];
9d9d5bd6 57 Carp::carp "[$func] Warning: ", @_;
96449e8e 58}
59
60sub puke (@) {
61 my($func) = (caller(1))[3];
9d9d5bd6 62 Carp::croak "[$func] Fatal: ", @_;
96449e8e 63}
64
0da0fe34 65sub is_literal_value ($) {
66 ref $_[0] eq 'SCALAR' ? [ ${$_[0]} ]
67 : ( ref $_[0] eq 'REF' and ref ${$_[0]} eq 'ARRAY' ) ? [ @${ $_[0] } ]
0da0fe34 68 : undef;
69}
70
71# FIXME XSify - this can be done so much more efficiently
72sub is_plain_value ($) {
73 no strict 'refs';
966200cc 74 ! length ref $_[0] ? \($_[0])
0da0fe34 75 : (
76 ref $_[0] eq 'HASH' and keys %{$_[0]} == 1
77 and
78 exists $_[0]->{-value}
966200cc 79 ) ? \($_[0]->{-value})
0da0fe34 80 : (
a1c9e0ff 81 # reuse @_ for even moar speedz
82 defined ( $_[1] = Scalar::Util::blessed $_[0] )
0da0fe34 83 and
84 # deliberately not using Devel::OverloadInfo - the checks we are
85 # intersted in are much more limited than the fullblown thing, and
86 # this is a very hot piece of code
87 (
e8d729d4 88 # simply using ->can('(""') can leave behind stub methods that
89 # break actually using the overload later (see L<perldiag/Stub
90 # found while resolving method "%s" overloading "%s" in package
91 # "%s"> and the source of overload::mycan())
44e54b41 92 #
0da0fe34 93 # either has stringification which DBI SHOULD prefer out of the box
a1c9e0ff 94 grep { *{ (qq[${_}::(""]) }{CODE} } @{ $_[2] = mro::get_linear_isa( $_[1] ) }
0da0fe34 95 or
20e178a8 96 # has nummification or boolification, AND fallback is *not* disabled
0da0fe34 97 (
843a94b5 98 SQL::Abstract::_ENV_::DETECT_AUTOGENERATED_STRINGIFICATION
99 and
20e178a8 100 (
101 grep { *{"${_}::(0+"}{CODE} } @{$_[2]}
102 or
103 grep { *{"${_}::(bool"}{CODE} } @{$_[2]}
104 )
0da0fe34 105 and
106 (
107 # no fallback specified at all
a1c9e0ff 108 ! ( ($_[3]) = grep { *{"${_}::()"}{CODE} } @{$_[2]} )
0da0fe34 109 or
110 # fallback explicitly undef
a1c9e0ff 111 ! defined ${"$_[3]::()"}
0da0fe34 112 or
113 # explicitly true
a1c9e0ff 114 !! ${"$_[3]::()"}
0da0fe34 115 )
116 )
117 )
966200cc 118 ) ? \($_[0])
0da0fe34 119 : undef;
120}
121
122
96449e8e 123
124#======================================================================
125# NEW
126#======================================================================
127
128sub new {
129 my $self = shift;
130 my $class = ref($self) || $self;
131 my %opt = (ref $_[0] eq 'HASH') ? %{$_[0]} : @_;
132
133 # choose our case by keeping an option around
134 delete $opt{case} if $opt{case} && $opt{case} ne 'lower';
135
136 # default logic for interpreting arrayrefs
ef559da3 137 $opt{logic} = $opt{logic} ? uc $opt{logic} : 'OR';
96449e8e 138
139 # how to return bind vars
96449e8e 140 $opt{bindtype} ||= 'normal';
141
142 # default comparison is "=", but can be overridden
143 $opt{cmp} ||= '=';
144
3af02ccb 145 # try to recognize which are the 'equality' and 'inequality' ops
3cdadcbe 146 # (temporary quickfix (in 2007), should go through a more seasoned API)
147 $opt{equality_op} = qr/^( \Q$opt{cmp}\E | \= )$/ix;
148 $opt{inequality_op} = qr/^( != | <> )$/ix;
149
150 $opt{like_op} = qr/^ (is\s+)? r?like $/xi;
151 $opt{not_like_op} = qr/^ (is\s+)? not \s+ r?like $/xi;
96449e8e 152
153 # SQL booleans
154 $opt{sqltrue} ||= '1=1';
155 $opt{sqlfalse} ||= '0=1';
156
9d48860e 157 # special operators
99a65fa8 158 $opt{user_special_ops} = [ @{$opt{special_ops} ||= []} ];
b6251592 159 # regexes are applied in order, thus push after user-defines
96449e8e 160 push @{$opt{special_ops}}, @BUILTIN_SPECIAL_OPS;
161
9d48860e 162 # unary operators
59f23b3d 163 $opt{unary_ops} ||= [];
59f23b3d 164
3af02ccb 165 # rudimentary sanity-check for user supplied bits treated as functions/operators
b6251592 166 # If a purported function matches this regular expression, an exception is thrown.
167 # Literal SQL is *NOT* subject to this check, only functions (and column names
168 # when quoting is not in effect)
96449e8e 169
b6251592 170 # FIXME
171 # need to guard against ()'s in column names too, but this will break tons of
172 # hacks... ideas anyone?
173 $opt{injection_guard} ||= qr/
174 \;
175 |
176 ^ \s* go \s
177 /xmi;
96449e8e 178
b6251592 179 return bless \%opt, $class;
180}
96449e8e 181
e175845b 182sub sqltrue { +{ -literal => [ $_[0]->{sqltrue} ] } }
183sub sqlfalse { +{ -literal => [ $_[0]->{sqlfalse} ] } }
170e6c33 184
185sub _assert_pass_injection_guard {
186 if ($_[1] =~ $_[0]->{injection_guard}) {
187 my $class = ref $_[0];
188 puke "Possible SQL injection attempt '$_[1]'. If this is indeed a part of the "
189 . "desired SQL use literal SQL ( \'...' or \[ '...' ] ) or supply your own "
190 . "{injection_guard} attribute to ${class}->new()"
191 }
192}
193
194
96449e8e 195#======================================================================
196# INSERT methods
197#======================================================================
198
199sub insert {
02288357 200 my $self = shift;
201 my $table = $self->_table(shift);
202 my $data = shift || return;
203 my $options = shift;
96449e8e 204
205 my $method = $self->_METHOD_FOR_refkind("_insert", $data);
02288357 206 my ($sql, @bind) = $self->$method($data);
96449e8e 207 $sql = join " ", $self->_sqlcase('insert into'), $table, $sql;
02288357 208
e82e648a 209 if ($options->{returning}) {
ca4f826a 210 my ($s, @b) = $self->_insert_returning($options);
e82e648a 211 $sql .= $s;
212 push @bind, @b;
02288357 213 }
214
96449e8e 215 return wantarray ? ($sql, @bind) : $sql;
216}
217
60f3fd3f 218# So that subclasses can override INSERT ... RETURNING separately from
219# UPDATE and DELETE (e.g. DBIx::Class::SQLMaker::Oracle does this)
b17a3ece 220sub _insert_returning { shift->_returning(@_) }
221
95904db5 222sub _returning {
e82e648a 223 my ($self, $options) = @_;
6b1fe79d 224
e82e648a 225 my $f = $options->{returning};
226
ff96fdd4 227 my ($sql, @bind) = $self->_render_expr(
228 $self->_expand_maybe_list_expr($f, undef, -ident)
229 );
230 return wantarray
231 ? $self->_sqlcase(' returning ') . $sql
232 : ($self->_sqlcase(' returning ').$sql, @bind);
6b1fe79d 233}
234
96449e8e 235sub _insert_HASHREF { # explicit list of fields and then values
236 my ($self, $data) = @_;
237
238 my @fields = sort keys %$data;
239
fe3ae272 240 my ($sql, @bind) = $self->_insert_values($data);
96449e8e 241
242 # assemble SQL
243 $_ = $self->_quote($_) foreach @fields;
244 $sql = "( ".join(", ", @fields).") ".$sql;
245
246 return ($sql, @bind);
247}
248
249sub _insert_ARRAYREF { # just generate values(?,?) part (no list of fields)
250 my ($self, $data) = @_;
251
252 # no names (arrayref) so can't generate bindtype
253 $self->{bindtype} ne 'columns'
254 or belch "can't do 'columns' bindtype when called with arrayref";
255
19b6ccce 256 my (@values, @all_bind);
257 foreach my $value (@$data) {
258 my ($values, @bind) = $self->_insert_value(undef, $value);
259 push @values, $values;
260 push @all_bind, @bind;
261 }
262 my $sql = $self->_sqlcase('values')." ( ".join(", ", @values)." )";
263 return ($sql, @all_bind);
fe3ae272 264}
265
266sub _insert_ARRAYREFREF { # literal SQL with bind
267 my ($self, $data) = @_;
268
269 my ($sql, @bind) = @${$data};
270 $self->_assert_bindval_matches_bindtype(@bind);
271
272 return ($sql, @bind);
273}
274
275
276sub _insert_SCALARREF { # literal SQL without bind
277 my ($self, $data) = @_;
278
279 return ($$data);
280}
281
282sub _insert_values {
283 my ($self, $data) = @_;
284
96449e8e 285 my (@values, @all_bind);
fe3ae272 286 foreach my $column (sort keys %$data) {
19b6ccce 287 my ($values, @bind) = $self->_insert_value($column, $data->{$column});
288 push @values, $values;
289 push @all_bind, @bind;
290 }
291 my $sql = $self->_sqlcase('values')." ( ".join(", ", @values)." )";
292 return ($sql, @all_bind);
293}
96449e8e 294
19b6ccce 295sub _insert_value {
296 my ($self, $column, $v) = @_;
96449e8e 297
720ca4f7 298 return $self->_render_expr(
299 $self->_expand_insert_value($column, $v)
300 );
301}
96449e8e 302
720ca4f7 303sub _expand_insert_value {
304 my ($self, $column, $v) = @_;
96449e8e 305
720ca4f7 306 if (ref($v) eq 'ARRAY') {
307 if ($self->{array_datatypes}) {
308 return +{ -bind => [ $column, $v ] };
309 }
310 my ($sql, @bind) = @$v;
311 $self->_assert_bindval_matches_bindtype(@bind);
312 return +{ -literal => $v };
313 }
314 if (ref($v) eq 'HASH') {
315 if (grep !/^-/, keys %$v) {
316 belch "HASH ref as bind value in insert is not supported";
317 return +{ -bind => [ $column, $v ] };
318 }
319 }
320 if (!defined($v)) {
321 return +{ -bind => [ $column, undef ] };
322 }
323 local our $Cur_Col_Meta = $column;
324 return $self->_expand_expr($v);
96449e8e 325}
326
327
96449e8e 328
329#======================================================================
330# UPDATE methods
331#======================================================================
332
333
334sub update {
95904db5 335 my $self = shift;
336 my $table = $self->_table(shift);
337 my $data = shift || return;
338 my $where = shift;
339 my $options = shift;
96449e8e 340
341 # first build the 'SET' part of the sql statement
96449e8e 342 puke "Unsupported data type specified to \$sql->update"
343 unless ref $data eq 'HASH';
344
9ade906e 345 my ($sql, @all_bind) = $self->_update_set_values($data);
a9e94508 346 $sql = $self->_sqlcase('update ') . $table . $self->_sqlcase(' set ')
9ade906e 347 . $sql;
348
349 if ($where) {
350 my($where_sql, @where_bind) = $self->where($where);
351 $sql .= $where_sql;
352 push @all_bind, @where_bind;
353 }
354
355 if ($options->{returning}) {
356 my ($returning_sql, @returning_bind) = $self->_update_returning($options);
357 $sql .= $returning_sql;
358 push @all_bind, @returning_bind;
359 }
360
361 return wantarray ? ($sql, @all_bind) : $sql;
362}
363
364sub _update_set_values {
365 my ($self, $data) = @_;
366
89690da2 367 return $self->_render_expr(
368 $self->_expand_update_set_values($data),
369 );
370}
96449e8e 371
89690da2 372sub _expand_update_set_values {
373 my ($self, $data) = @_;
374 $self->_expand_maybe_list_expr( [
375 map {
376 my ($k, $set) = @$_;
377 +{ -op => [ '=', { -ident => $k }, $set ] };
378 }
379 map {
380 my $k = $_;
381 my $v = $data->{$k};
382 (ref($v) eq 'ARRAY'
383 ? ($self->{array_datatypes}
384 ? [ $k, +{ -bind => [ $k, $v ] } ]
385 : [ $k, +{ -literal => $v } ])
386 : do {
387 local our $Cur_Col_Meta = $k;
388 [ $k, $self->_expand_expr($v) ]
389 }
390 );
391 } sort keys %$data
392 ] );
96449e8e 393}
394
60f3fd3f 395# So that subclasses can override UPDATE ... RETURNING separately from
396# INSERT and DELETE
20bb2ad5 397sub _update_returning { shift->_returning(@_) }
96449e8e 398
399
400
401#======================================================================
402# SELECT
403#======================================================================
404
405
406sub select {
407 my $self = shift;
408 my $table = $self->_table(shift);
409 my $fields = shift || '*';
410 my $where = shift;
411 my $order = shift;
412
daa4ccdd 413 my ($fields_sql, @bind) = $self->_select_fields($fields);
96449e8e 414
daa4ccdd 415 my ($where_sql, @where_bind) = $self->where($where, $order);
416 push @bind, @where_bind;
417
418 my $sql = join(' ', $self->_sqlcase('select'), $fields_sql,
96449e8e 419 $self->_sqlcase('from'), $table)
420 . $where_sql;
421
9d48860e 422 return wantarray ? ($sql, @bind) : $sql;
96449e8e 423}
424
daa4ccdd 425sub _select_fields {
426 my ($self, $fields) = @_;
27592e2b 427 return $self->_render_expr(
428 $self->_expand_maybe_list_expr($fields, undef, '-ident')
429 );
daa4ccdd 430}
431
96449e8e 432#======================================================================
433# DELETE
434#======================================================================
435
436
437sub delete {
85327cd5 438 my $self = shift;
439 my $table = $self->_table(shift);
440 my $where = shift;
441 my $options = shift;
96449e8e 442
443 my($where_sql, @bind) = $self->where($where);
a9e94508 444 my $sql = $self->_sqlcase('delete from ') . $table . $where_sql;
96449e8e 445
85327cd5 446 if ($options->{returning}) {
ca4f826a 447 my ($returning_sql, @returning_bind) = $self->_delete_returning($options);
85327cd5 448 $sql .= $returning_sql;
449 push @bind, @returning_bind;
450 }
451
9d48860e 452 return wantarray ? ($sql, @bind) : $sql;
96449e8e 453}
454
60f3fd3f 455# So that subclasses can override DELETE ... RETURNING separately from
456# INSERT and UPDATE
85327cd5 457sub _delete_returning { shift->_returning(@_) }
458
459
96449e8e 460
461#======================================================================
462# WHERE: entry point
463#======================================================================
464
465
466
467# Finally, a separate routine just to handle WHERE clauses
468sub where {
469 my ($self, $where, $order) = @_;
470
7ad12721 471 local $self->{convert_where} = $self->{convert};
472
96449e8e 473 # where ?
e175845b 474 my ($sql, @bind) = defined($where)
475 ? $self->_recurse_where($where)
476 : (undef);
417dd15e 477 $sql = (defined $sql and length $sql) ? $self->_sqlcase(' where ') . "( $sql )" : '';
96449e8e 478
479 # order by?
480 if ($order) {
26fe4d30 481 my ($order_sql, @order_bind) = $self->_order_by($order);
482 $sql .= $order_sql;
483 push @bind, @order_bind;
96449e8e 484 }
485
9d48860e 486 return wantarray ? ($sql, @bind) : $sql;
96449e8e 487}
488
a2cd381d 489sub _expand_expr {
2558b622 490 my ($self, $expr, $logic, $default_scalar_to) = @_;
491 local our $Default_Scalar_To = $default_scalar_to if $default_scalar_to;
252518da 492 return undef unless defined($expr);
59588695 493 if (ref($expr) eq 'HASH') {
494 if (keys %$expr > 1) {
495 $logic ||= 'and';
77617257 496 return +{ -op => [
497 $logic,
59588695 498 map $self->_expand_expr_hashpair($_ => $expr->{$_}, $logic),
499 sort keys %$expr
500 ] };
501 }
99a65fa8 502 return unless %$expr;
59588695 503 return $self->_expand_expr_hashpair(%$expr, $logic);
a2cd381d 504 }
08264f40 505 if (ref($expr) eq 'ARRAY') {
99a65fa8 506 my $logic = lc($logic || $self->{logic});
08264f40 507 $logic eq 'and' or $logic eq 'or' or puke "unknown logic: $logic";
508
509 my @expr = @$expr;
510
511 my @res;
512
513 while (my ($el) = splice @expr, 0, 1) {
514 puke "Supplying an empty left hand side argument is not supported in array-pairs"
515 unless defined($el) and length($el);
516 my $elref = ref($el);
517 if (!$elref) {
518 push(@res, $self->_expand_expr({ $el, shift(@expr) }));
519 } elsif ($elref eq 'ARRAY') {
520 push(@res, $self->_expand_expr($el)) if @$el;
ec857800 521 } elsif (my $l = is_literal_value($el)) {
522 push @res, { -literal => $l };
08264f40 523 } elsif ($elref eq 'HASH') {
524 push @res, $self->_expand_expr($el);
525 } else {
da4a0964 526 die "notreached";
08264f40 527 }
528 }
2143604f 529 return { -op => [ $logic, @res ] };
08264f40 530 }
ca3da680 531 if (my $literal = is_literal_value($expr)) {
532 return +{ -literal => $literal };
533 }
99a65fa8 534 if (!ref($expr) or Scalar::Util::blessed($expr)) {
2558b622 535 if (my $d = $Default_Scalar_To) {
536 return +{ $d => $expr };
537 }
99a65fa8 538 if (my $m = our $Cur_Col_Meta) {
539 return +{ -bind => [ $m, $expr ] };
540 }
252518da 541 return +{ -value => $expr };
542 }
252518da 543 die "notreached";
a2cd381d 544}
96449e8e 545
59588695 546sub _expand_expr_hashpair {
547 my ($self, $k, $v, $logic) = @_;
d13725da 548 unless (defined($k) and length($k)) {
2d64004f 549 if (defined($k) and my $literal = is_literal_value($v)) {
d13725da 550 belch 'Hash-pairs consisting of an empty string with a literal are deprecated, and will be removed in 2.0: use -and => [ $literal ] instead';
2d64004f 551 return { -literal => $literal };
d13725da 552 }
553 puke "Supplying an empty left hand side argument is not supported";
554 }
ef071fad 555 if ($k =~ /^-/) {
99a65fa8 556 $self->_assert_pass_injection_guard($k =~ /^-(.*)$/s);
557 if ($k =~ s/ [_\s]? \d+ $//x ) {
558 belch 'Use of [and|or|nest]_N modifiers is deprecated and will be removed in SQLA v2.0. '
559 . "You probably wanted ...-and => [ $k => COND1, $k => COND2 ... ]";
560 }
ef071fad 561 if ($k eq '-nest') {
562 return $self->_expand_expr($v);
563 }
6ab1562a 564 if ($k eq '-bool') {
565 if (ref($v)) {
566 return $self->_expand_expr($v);
567 }
568 puke "-bool => undef not supported" unless defined($v);
569 return { -ident => $v };
570 }
99a65fa8 571 if ($k eq '-not') {
0c7e3af0 572 return { -op => [ 'not', $self->_expand_expr($v) ] };
99a65fa8 573 }
ce3bc4b0 574 if (my ($rest) = $k =~/^-not[_ ](.*)$/) {
0c7e3af0 575 return +{ -op => [
576 'not',
99a65fa8 577 $self->_expand_expr_hashpair("-${rest}", $v, $logic)
0c7e3af0 578 ] };
ce3bc4b0 579 }
99a65fa8 580 if (my ($logic) = $k =~ /^-(and|or)$/i) {
dd2d5bf7 581 if (ref($v) eq 'HASH') {
582 return $self->_expand_expr($v, $logic);
583 }
99a65fa8 584 if (ref($v) eq 'ARRAY') {
585 return $self->_expand_expr($v, $logic);
586 }
dd2d5bf7 587 }
99a65fa8 588 {
589 my $op = $k;
590 $op =~ s/^-// if length($op) > 1;
591
592 # top level special ops are illegal in general
593 puke "Illegal use of top-level '-$op'"
7f1bdbce 594 if List::Util::first { $op =~ $_->{regex} } @{$self->{special_ops}};
99a65fa8 595 }
596 if ($k eq '-value' and my $m = our $Cur_Col_Meta) {
597 return +{ -bind => [ $m, $v ] };
598 }
711892b1 599 if ($k eq '-op' or $k eq '-ident' or $k eq '-value' or $k eq '-bind' or $k eq '-literal' or $k eq '-func') {
99a65fa8 600 return { $k => $v };
d13725da 601 }
4325df6a 602 if (my $custom = $self->{custom_expansions}{($k =~ /^-(.*)$/)[0]}) {
603 return $self->$custom($v);
604 }
711892b1 605 if (
606 ref($v) eq 'HASH'
607 and keys %$v == 1
608 and (keys %$v)[0] =~ /^-/
609 ) {
610 my ($func) = $k =~ /^-(.*)$/;
611 return +{ -func => [ $func, $self->_expand_expr($v) ] };
612 }
613 if (!ref($v) or is_literal_value($v)) {
99a65fa8 614 return +{ -op => [ $k =~ /^-(.*)$/, $self->_expand_expr($v) ] };
59588695 615 }
99a65fa8 616 }
617 if (
618 !defined($v)
619 or (
620 ref($v) eq 'HASH'
621 and exists $v->{-value}
622 and not defined $v->{-value}
623 )
624 ) {
625 return $self->_expand_expr_hashpair($k => { $self->{cmp} => undef });
626 }
627 if (!ref($v) or Scalar::Util::blessed($v)) {
628 return +{
629 -op => [
630 $self->{cmp},
631 { -ident => $k },
632 { -bind => [ $k, $v ] }
633 ]
634 };
635 }
636 if (ref($v) eq 'HASH') {
637 if (keys %$v > 1) {
e175845b 638 return { -op => [
639 'and',
99a65fa8 640 map $self->_expand_expr_hashpair($k => { $_ => $v->{$_} }),
641 sort keys %$v
642 ] };
643 }
644 my ($vk, $vv) = %$v;
645 $vk =~ s/^-//;
646 $vk = lc($vk);
647 $self->_assert_pass_injection_guard($vk);
648 if ($vk =~ s/ [_\s]? \d+ $//x ) {
649 belch 'Use of [and|or|nest]_N modifiers is deprecated and will be removed in SQLA v2.0. '
650 . "You probably wanted ...-and => [ -$vk => COND1, -$vk => COND2 ... ]";
651 }
652 if ($vk =~ /^(?:not[ _])?between$/) {
653 local our $Cur_Col_Meta = $k;
654 my @rhs = map $self->_expand_expr($_),
655 ref($vv) eq 'ARRAY' ? @$vv : $vv;
656 unless (
657 (@rhs == 1 and ref($rhs[0]) eq 'HASH' and $rhs[0]->{-literal})
658 or
659 (@rhs == 2 and defined($rhs[0]) and defined($rhs[1]))
660 ) {
661 puke "Operator '${\uc($vk)}' requires either an arrayref with two defined values or expressions, or a single literal scalarref/arrayref-ref";
b5b18861 662 }
99a65fa8 663 return +{ -op => [
664 join(' ', split '_', $vk),
665 { -ident => $k },
666 @rhs
667 ] }
668 }
669 if ($vk =~ /^(?:not[ _])?in$/) {
670 if (my $literal = is_literal_value($vv)) {
671 my ($sql, @bind) = @$literal;
672 my $opened_sql = $self->_open_outer_paren($sql);
10d07c4e 673 return +{ -op => [
99a65fa8 674 $vk, { -ident => $k },
675 [ { -literal => [ $opened_sql, @bind ] } ]
10d07c4e 676 ] };
677 }
99a65fa8 678 my $undef_err =
679 'SQL::Abstract before v1.75 used to generate incorrect SQL when the '
680 . "-${\uc($vk)} operator was given an undef-containing list: !!!AUDIT YOUR CODE "
681 . 'AND DATA!!! (the upcoming Data::Query-based version of SQL::Abstract '
682 . 'will emit the logically correct SQL instead of raising this exception)'
683 ;
684 puke("Argument passed to the '${\uc($vk)}' operator can not be undefined")
685 if !defined($vv);
686 my @rhs = map $self->_expand_expr($_),
687 map { ref($_) ? $_ : { -bind => [ $k, $_ ] } }
688 map { defined($_) ? $_: puke($undef_err) }
689 (ref($vv) eq 'ARRAY' ? @$vv : $vv);
e175845b 690 return $self->${\($vk =~ /^not/ ? 'sqltrue' : 'sqlfalse')} unless @rhs;
99a65fa8 691
692 return +{ -op => [
693 join(' ', split '_', $vk),
694 { -ident => $k },
695 \@rhs
696 ] };
697 }
698 if ($vk eq 'ident') {
699 if (! defined $vv or ref $vv) {
700 puke "-$vk requires a single plain scalar argument (a quotable identifier)";
f7778474 701 }
99a65fa8 702 return +{ -op => [
703 $self->{cmp},
704 { -ident => $k },
705 { -ident => $vv }
706 ] };
707 }
708 if ($vk eq 'value') {
709 return $self->_expand_expr_hashpair($k, undef) unless defined($vv);
710 return +{ -op => [
711 $self->{cmp},
712 { -ident => $k },
713 { -bind => [ $k, $vv ] }
714 ] };
715 }
716 if ($vk =~ /^is(?:[ _]not)?$/) {
717 puke "$vk can only take undef as argument"
718 if defined($vv)
719 and not (
720 ref($vv) eq 'HASH'
721 and exists($vv->{-value})
722 and !defined($vv->{-value})
723 );
724 $vk =~ s/_/ /g;
725 return +{ -op => [ $vk.' null', { -ident => $k } ] };
726 }
727 if ($vk =~ /^(and|or)$/) {
728 if (ref($vv) eq 'HASH') {
e62fe58a 729 return +{ -op => [
730 $vk,
99a65fa8 731 map $self->_expand_expr_hashpair($k, { $_ => $vv->{$_} }),
732 sort keys %$vv
7d7868d1 733 ] };
734 }
e28d9b13 735 }
99a65fa8 736 if (my $us = List::Util::first { $vk =~ $_->{regex} } @{$self->{user_special_ops}}) {
737 return { -op => [ $vk, { -ident => $k }, $vv ] };
7dbe1183 738 }
99a65fa8 739 if (ref($vv) eq 'ARRAY') {
740 my ($logic, @values) = (
741 (defined($vv->[0]) and $vv->[0] =~ /^-(and|or)$/i)
742 ? @$vv
743 : (-or => @$vv)
744 );
745 if (
746 $vk =~ $self->{inequality_op}
747 or join(' ', split '_', $vk) =~ $self->{not_like_op}
748 ) {
749 if (lc($logic) eq '-or' and @values > 1) {
750 my $op = uc join ' ', split '_', $vk;
751 belch "A multi-element arrayref as an argument to the inequality op '$op' "
752 . 'is technically equivalent to an always-true 1=1 (you probably wanted '
753 . "to say ...{ \$inequality_op => [ -and => \@values ] }... instead)"
754 ;
755 }
ef071fad 756 }
b3cb13e8 757 unless (@values) {
758 # try to DWIM on equality operators
759 my $op = join ' ', split '_', $vk;
760 return
e175845b 761 $op =~ $self->{equality_op} ? $self->sqlfalse
762 : $op =~ $self->{like_op} ? belch("Supplying an empty arrayref to '@{[ uc $op]}' is deprecated") && $self->sqlfalse
763 : $op =~ $self->{inequality_op} ? $self->sqltrue
764 : $op =~ $self->{not_like_op} ? belch("Supplying an empty arrayref to '@{[ uc $op]}' is deprecated") && $self->sqltrue
b3cb13e8 765 : puke "operator '$op' applied on an empty array (field '$k')";
766 }
63c97a0b 767 return +{ -op => [
768 $logic =~ /^-(.*)$/,
99a65fa8 769 map $self->_expand_expr_hashpair($k => { $vk => $_ }),
770 @values
771 ] };
772 }
773 if (
774 !defined($vv)
775 or (
776 ref($vv) eq 'HASH'
777 and exists $vv->{-value}
778 and not defined $vv->{-value}
779 )
780 ) {
781 my $op = join ' ', split '_', $vk;
782 my $is =
783 $op =~ /^not$/i ? 'is not' # legacy
784 : $op =~ $self->{equality_op} ? 'is'
785 : $op =~ $self->{like_op} ? belch("Supplying an undefined argument to '@{[ uc $op]}' is deprecated") && 'is'
786 : $op =~ $self->{inequality_op} ? 'is not'
787 : $op =~ $self->{not_like_op} ? belch("Supplying an undefined argument to '@{[ uc $op]}' is deprecated") && 'is not'
788 : puke "unexpected operator '$op' with undef operand";
789 return +{ -op => [ $is.' null', { -ident => $k } ] };
790 }
791 local our $Cur_Col_Meta = $k;
792 return +{ -op => [
793 $vk,
794 { -ident => $k },
795 $self->_expand_expr($vv)
796 ] };
797 }
798 if (ref($v) eq 'ARRAY') {
e175845b 799 return $self->sqlfalse unless @$v;
99a65fa8 800 $self->_debug("ARRAY($k) means distribute over elements");
801 my $this_logic = (
802 $v->[0] =~ /^-((?:and|or))$/i
803 ? ($v = [ @{$v}[1..$#$v] ], $1)
804 : ($self->{logic} || 'or')
805 );
cba28f66 806 return +{ -op => [
807 $this_logic,
808 map $self->_expand_expr({ $k => $_ }, $this_logic), @$v
809 ] };
99a65fa8 810 }
811 if (my $literal = is_literal_value($v)) {
812 unless (length $k) {
813 belch 'Hash-pairs consisting of an empty string with a literal are deprecated, and will be removed in 2.0: use -and => [ $literal ] instead';
814 return \$literal;
815 }
816 my ($sql, @bind) = @$literal;
817 if ($self->{bindtype} eq 'columns') {
818 for (@bind) {
819 if (!defined $_ || ref($_) ne 'ARRAY' || @$_ != 2) {
820 puke "bindtype 'columns' selected, you need to pass: [column_name => bind_value]"
aa8d7bdb 821 }
822 }
331e2209 823 }
99a65fa8 824 return +{ -literal => [ $self->_quote($k).' '.$sql, @bind ] };
331e2209 825 }
99a65fa8 826 die "notreached";
59588695 827}
828
e175845b 829sub _render_expr {
830 my ($self, $expr) = @_;
831 my ($k, $v, @rest) = %$expr;
832 die "No" if @rest;
181dcebf 833 my %op = map +("-$_" => '_render_'.$_),
e175845b 834 qw(op func value bind ident literal);
835 if (my $meth = $op{$k}) {
181dcebf 836 return $self->$meth($v);
e175845b 837 }
838 die "notreached: $k";
839}
840
96449e8e 841sub _recurse_where {
842 my ($self, $where, $logic) = @_;
843
99a65fa8 844#print STDERR Data::Dumper::Concise::Dumper([ $where, $logic ]);
845
a2cd381d 846 my $where_exp = $self->_expand_expr($where, $logic);
847
99a65fa8 848#print STDERR Data::Dumper::Concise::Dumper([ EXP => $where_exp ]);
849
96449e8e 850 # dispatch on appropriate method according to refkind of $where
e175845b 851# my $method = $self->_METHOD_FOR_refkind("_where", $where_exp);
852
853# my ($sql, @bind) = $self->$method($where_exp, $logic);
311b2151 854
e175845b 855 my ($sql, @bind) = defined($where_exp) ? $self->_render_expr($where_exp) : (undef);
311b2151 856
abe1a491 857 # DBIx::Class used to call _recurse_where in scalar context
858 # something else might too...
859 if (wantarray) {
860 return ($sql, @bind);
861 }
862 else {
863 belch "Calling _recurse_where in scalar context is deprecated and will go away before 2.0";
864 return $sql;
865 }
96449e8e 866}
867
181dcebf 868sub _render_ident {
869 my ($self, $ident) = @_;
cc422895 870
9cf28dfb 871 return $self->_convert($self->_quote($ident));
cc422895 872}
873
181dcebf 874sub _render_value {
875 my ($self, $value) = @_;
cc422895 876
52511ae3 877 return ($self->_convert('?'), $self->_bindtype(undef, $value));
cc422895 878}
879
c452734e 880my %unop_postfix = map +($_ => 1),
881 'is null', 'is not null',
882 'asc', 'desc',
883;
d13725da 884
b5b18861 885my %special = (
886 (map +($_ => do {
887 my $op = $_;
888 sub {
889 my ($self, $args) = @_;
890 my ($left, $low, $high) = @$args;
891 my ($rhsql, @rhbind) = do {
892 if (@$args == 2) {
893 puke "Single arg to between must be a literal"
894 unless $low->{-literal};
895 @{$low->{-literal}}
896 } else {
e56dd780 897 my ($l, $h) = map [ $self->_render_expr($_) ], $low, $high;
b5b18861 898 (join(' ', $l->[0], $self->_sqlcase('and'), $h->[0]),
899 @{$l}[1..$#$l], @{$h}[1..$#$h])
900 }
901 };
e56dd780 902 my ($lhsql, @lhbind) = $self->_render_expr($left);
b5b18861 903 return (
904 join(' ', '(', $lhsql, $self->_sqlcase($op), $rhsql, ')'),
905 @lhbind, @rhbind
906 );
907 }
908 }), 'between', 'not between'),
10d07c4e 909 (map +($_ => do {
910 my $op = $_;
911 sub {
912 my ($self, $args) = @_;
913 my ($lhs, $rhs) = @$args;
914 my @in_bind;
915 my @in_sql = map {
0ce981f8 916 my ($sql, @bind) = $self->_render_expr($_);
10d07c4e 917 push @in_bind, @bind;
918 $sql;
919 } @$rhs;
0ce981f8 920 my ($lhsql, @lbind) = $self->_render_expr($lhs);
10d07c4e 921 return (
922 $lhsql.' '.$self->_sqlcase($op).' ( '
923 .join(', ', @in_sql)
924 .' )',
925 @lbind, @in_bind
926 );
927 }
928 }), 'in', 'not in'),
b5b18861 929);
930
181dcebf 931sub _render_op {
932 my ($self, $v) = @_;
d13725da 933 my ($op, @args) = @$v;
934 $op =~ s/^-// if length($op) > 1;
cba28f66 935 $op = lc($op);
b5b18861 936 if (my $h = $special{$op}) {
937 return $self->$h(\@args);
938 }
99a65fa8 939 if (my $us = List::Util::first { $op =~ $_->{regex} } @{$self->{user_special_ops}}) {
940 puke "Special op '${op}' requires first value to be identifier"
941 unless my ($k) = map $_->{-ident}, grep ref($_) eq 'HASH', $args[0];
942 return $self->${\($us->{handler})}($k, $op, $args[1]);
943 }
944 my $final_op = $op =~ /^(?:is|not)_/ ? join(' ', split '_', $op) : $op;
2143604f 945 if (@args == 1 and $op !~ /^(and|or)$/) {
ec857800 946 my ($expr_sql, @bind) = $self->_render_expr($args[0]);
d13725da 947 my $op_sql = $self->_sqlcase($final_op);
948 my $final_sql = (
949 $unop_postfix{lc($final_op)}
950 ? "${expr_sql} ${op_sql}"
951 : "${op_sql} ${expr_sql}"
952 );
0c7e3af0 953 return (($op eq 'not' ? '('.$final_sql.')' : $final_sql), @bind);
16d9289c 954 } else {
ec857800 955 my @parts = map [ $self->_render_expr($_) ], @args;
77617257 956 my ($final_sql) = map +($op =~ /^(and|or)$/ ? "(${_})" : $_), join(
2f9c5405 957 ($final_op eq ',' ? '' : ' ').$self->_sqlcase($final_op).' ',
77617257 958 map $_->[0], @parts
959 );
99a65fa8 960 return (
77617257 961 $final_sql,
16d9289c 962 map @{$_}[1..$#$_], @parts
99a65fa8 963 );
d13725da 964 }
965 die "unhandled";
966}
967
181dcebf 968sub _render_func {
969 my ($self, $rest) = @_;
711892b1 970 my ($func, @args) = @$rest;
971 my @arg_sql;
972 my @bind = map {
973 my @x = @$_;
974 push @arg_sql, shift @x;
975 @x
0f199fce 976 } map [ $self->_render_expr($_) ], @args;
711892b1 977 return ($self->_sqlcase($func).'('.join(', ', @arg_sql).')', @bind);
978}
979
181dcebf 980sub _render_bind {
981 my ($self, $bind) = @_;
d13725da 982 return ($self->_convert('?'), $self->_bindtype(@$bind));
983}
984
181dcebf 985sub _render_literal {
986 my ($self, $literal) = @_;
465d43fd 987 $self->_assert_bindval_matches_bindtype(@{$literal}[1..$#$literal]);
aa8d7bdb 988 return @$literal;
989}
990
4a1f01a3 991# Some databases (SQLite) treat col IN (1, 2) different from
992# col IN ( (1, 2) ). Use this to strip all outer parens while
993# adding them back in the corresponding method
994sub _open_outer_paren {
995 my ($self, $sql) = @_;
a5f91feb 996
ca4f826a 997 while (my ($inner) = $sql =~ /^ \s* \( (.*) \) \s* $/xs) {
a5f91feb 998
999 # there are closing parens inside, need the heavy duty machinery
1000 # to reevaluate the extraction starting from $sql (full reevaluation)
ca4f826a 1001 if ($inner =~ /\)/) {
a5f91feb 1002 require Text::Balanced;
1003
1004 my (undef, $remainder) = do {
1005 # idiotic design - writes to $@ but *DOES NOT* throw exceptions
1006 local $@;
ca4f826a 1007 Text::Balanced::extract_bracketed($sql, '()', qr/\s*/);
a5f91feb 1008 };
1009
1010 # the entire expression needs to be a balanced bracketed thing
1011 # (after an extract no remainder sans trailing space)
1012 last if defined $remainder and $remainder =~ /\S/;
1013 }
1014
1015 $sql = $inner;
1016 }
1017
1018 $sql;
4a1f01a3 1019}
1020
96449e8e 1021
96449e8e 1022#======================================================================
1023# ORDER BY
1024#======================================================================
1025
1026sub _order_by {
1027 my ($self, $arg) = @_;
1028
4325df6a 1029 return '' unless defined($arg) and not (ref($arg) eq 'ARRAY' and !@$arg);
2b6158af 1030
4325df6a 1031 my $expander = sub {
1032 my ($self, $dir, $expr) = @_;
1033 my @exp = map +(defined($dir) ? { -op => [ $dir => $_ ] } : $_),
1034 map $self->_expand_expr($_, undef, -ident),
1035 ref($expr) eq 'ARRAY' ? @$expr : $expr;
1036 return (@exp > 1 ? { -op => [ ',', @exp ] } : $exp[0]);
1037 };
18c743c8 1038
4325df6a 1039 local $self->{custom_expansions} = {
1040 asc => sub { shift->$expander(asc => @_) },
1041 desc => sub { shift->$expander(desc => @_) },
1042 };
f267b646 1043
4325df6a 1044 my $expanded = $self->$expander(undef, $arg);
1045
1046 my ($sql, @bind) = $self->_render_expr($expanded);
1047
1048 my $final_sql = $self->_sqlcase(' order by ').$sql;
1049
1050 return wantarray ? ($final_sql, @bind) : $final_sql;
f267b646 1051}
1052
96449e8e 1053#======================================================================
1054# DATASOURCE (FOR NOW, JUST PLAIN TABLE OR LIST OF TABLES)
1055#======================================================================
1056
1057sub _table {
1058 my $self = shift;
1059 my $from = shift;
7ad12721 1060 ($self->_render_expr(
8476c6a3 1061 $self->_expand_maybe_list_expr($from, undef, -ident)
7ad12721 1062 ))[0];
96449e8e 1063}
1064
1065
1066#======================================================================
1067# UTILITY FUNCTIONS
1068#======================================================================
1069
8476c6a3 1070sub _expand_maybe_list_expr {
1071 my ($self, $expr, $logic, $default) = @_;
bba04f52 1072 my $e = do {
1073 if (ref($expr) eq 'ARRAY') {
1074 return { -op => [
8476c6a3 1075 ',', map $self->_expand_expr($_, $logic, $default), @$expr
bba04f52 1076 ] } if @$expr > 1;
1077 $expr->[0]
1078 } else {
1079 $expr
1080 }
1081 };
1082 return $self->_expand_expr($e, $logic, $default);
8476c6a3 1083}
1084
955e77ca 1085# highly optimized, as it's called way too often
96449e8e 1086sub _quote {
955e77ca 1087 # my ($self, $label) = @_;
96449e8e 1088
955e77ca 1089 return '' unless defined $_[1];
955e77ca 1090 return ${$_[1]} if ref($_[1]) eq 'SCALAR';
d3162b5c 1091 puke 'Identifier cannot be hashref' if ref($_[1]) eq 'HASH';
96449e8e 1092
d3162b5c 1093 unless ($_[0]->{quote_char}) {
1094 if (ref($_[1]) eq 'ARRAY') {
1095 return join($_[0]->{name_sep}||'.', @{$_[1]});
1096 } else {
1097 $_[0]->_assert_pass_injection_guard($_[1]);
1098 return $_[1];
1099 }
1100 }
96449e8e 1101
07d7c35c 1102 my $qref = ref $_[0]->{quote_char};
439834d3 1103 my ($l, $r) =
1104 !$qref ? ($_[0]->{quote_char}, $_[0]->{quote_char})
1105 : ($qref eq 'ARRAY') ? @{$_[0]->{quote_char}}
1106 : puke "Unsupported quote_char format: $_[0]->{quote_char}";
1107
46be4313 1108 my $esc = $_[0]->{escape_char} || $r;
96449e8e 1109
07d7c35c 1110 # parts containing * are naturally unquoted
d3162b5c 1111 return join(
1112 $_[0]->{name_sep}||'',
1113 map +(
1114 $_ eq '*'
1115 ? $_
1116 : do { (my $n = $_) =~ s/(\Q$esc\E|\Q$r\E)/$esc$1/g; $l . $n . $r }
1117 ),
1118 (ref($_[1]) eq 'ARRAY'
1119 ? @{$_[1]}
1120 : (
1121 $_[0]->{name_sep}
1122 ? split (/\Q$_[0]->{name_sep}\E/, $_[1] )
1123 : $_[1]
1124 )
1125 )
955e77ca 1126 );
96449e8e 1127}
1128
1129
1130# Conversion, if applicable
d7c862e0 1131sub _convert {
07d7c35c 1132 #my ($self, $arg) = @_;
7ad12721 1133 if ($_[0]->{convert_where}) {
1134 return $_[0]->_sqlcase($_[0]->{convert_where}) .'(' . $_[1] . ')';
96449e8e 1135 }
07d7c35c 1136 return $_[1];
96449e8e 1137}
1138
1139# And bindtype
d7c862e0 1140sub _bindtype {
07d7c35c 1141 #my ($self, $col, @vals) = @_;
07d7c35c 1142 # called often - tighten code
1143 return $_[0]->{bindtype} eq 'columns'
1144 ? map {[$_[1], $_]} @_[2 .. $#_]
1145 : @_[2 .. $#_]
1146 ;
96449e8e 1147}
1148
fe3ae272 1149# Dies if any element of @bind is not in [colname => value] format
1150# if bindtype is 'columns'.
1151sub _assert_bindval_matches_bindtype {
c94a6c93 1152# my ($self, @bind) = @_;
1153 my $self = shift;
fe3ae272 1154 if ($self->{bindtype} eq 'columns') {
c94a6c93 1155 for (@_) {
1156 if (!defined $_ || ref($_) ne 'ARRAY' || @$_ != 2) {
3a06278c 1157 puke "bindtype 'columns' selected, you need to pass: [column_name => bind_value]"
fe3ae272 1158 }
1159 }
1160 }
1161}
1162
96449e8e 1163sub _join_sql_clauses {
1164 my ($self, $logic, $clauses_aref, $bind_aref) = @_;
1165
1166 if (@$clauses_aref > 1) {
1167 my $join = " " . $self->_sqlcase($logic) . " ";
1168 my $sql = '( ' . join($join, @$clauses_aref) . ' )';
1169 return ($sql, @$bind_aref);
1170 }
1171 elsif (@$clauses_aref) {
1172 return ($clauses_aref->[0], @$bind_aref); # no parentheses
1173 }
1174 else {
1175 return (); # if no SQL, ignore @$bind_aref
1176 }
1177}
1178
1179
1180# Fix SQL case, if so requested
1181sub _sqlcase {
96449e8e 1182 # LDNOTE: if $self->{case} is true, then it contains 'lower', so we
1183 # don't touch the argument ... crooked logic, but let's not change it!
07d7c35c 1184 return $_[0]->{case} ? $_[1] : uc($_[1]);
96449e8e 1185}
1186
1187
1188#======================================================================
1189# DISPATCHING FROM REFKIND
1190#======================================================================
1191
1192sub _refkind {
1193 my ($self, $data) = @_;
96449e8e 1194
955e77ca 1195 return 'UNDEF' unless defined $data;
1196
1197 # blessed objects are treated like scalars
1198 my $ref = (Scalar::Util::blessed $data) ? '' : ref $data;
1199
1200 return 'SCALAR' unless $ref;
1201
1202 my $n_steps = 1;
1203 while ($ref eq 'REF') {
96449e8e 1204 $data = $$data;
955e77ca 1205 $ref = (Scalar::Util::blessed $data) ? '' : ref $data;
1206 $n_steps++ if $ref;
96449e8e 1207 }
1208
848556bc 1209 return ($ref||'SCALAR') . ('REF' x $n_steps);
96449e8e 1210}
1211
1212sub _try_refkind {
1213 my ($self, $data) = @_;
1214 my @try = ($self->_refkind($data));
1215 push @try, 'SCALAR_or_UNDEF' if $try[0] eq 'SCALAR' || $try[0] eq 'UNDEF';
1216 push @try, 'FALLBACK';
955e77ca 1217 return \@try;
96449e8e 1218}
1219
1220sub _METHOD_FOR_refkind {
1221 my ($self, $meth_prefix, $data) = @_;
f39eaa60 1222
1223 my $method;
955e77ca 1224 for (@{$self->_try_refkind($data)}) {
f39eaa60 1225 $method = $self->can($meth_prefix."_".$_)
1226 and last;
1227 }
1228
1229 return $method || puke "cannot dispatch on '$meth_prefix' for ".$self->_refkind($data);
96449e8e 1230}
1231
1232
1233sub _SWITCH_refkind {
1234 my ($self, $data, $dispatch_table) = @_;
1235
f39eaa60 1236 my $coderef;
955e77ca 1237 for (@{$self->_try_refkind($data)}) {
f39eaa60 1238 $coderef = $dispatch_table->{$_}
1239 and last;
1240 }
1241
1242 puke "no dispatch entry for ".$self->_refkind($data)
1243 unless $coderef;
1244
96449e8e 1245 $coderef->();
1246}
1247
1248
1249
1250
1251#======================================================================
1252# VALUES, GENERATE, AUTOLOAD
1253#======================================================================
1254
1255# LDNOTE: original code from nwiger, didn't touch code in that section
1256# I feel the AUTOLOAD stuff should not be the default, it should
1257# only be activated on explicit demand by user.
1258
1259sub values {
1260 my $self = shift;
1261 my $data = shift || return;
1262 puke "Argument to ", __PACKAGE__, "->values must be a \\%hash"
1263 unless ref $data eq 'HASH';
bab725ce 1264
1265 my @all_bind;
ca4f826a 1266 foreach my $k (sort keys %$data) {
bab725ce 1267 my $v = $data->{$k};
1268 $self->_SWITCH_refkind($v, {
9d48860e 1269 ARRAYREF => sub {
bab725ce 1270 if ($self->{array_datatypes}) { # array datatype
1271 push @all_bind, $self->_bindtype($k, $v);
1272 }
1273 else { # literal SQL with bind
1274 my ($sql, @bind) = @$v;
1275 $self->_assert_bindval_matches_bindtype(@bind);
1276 push @all_bind, @bind;
1277 }
1278 },
1279 ARRAYREFREF => sub { # literal SQL with bind
1280 my ($sql, @bind) = @${$v};
1281 $self->_assert_bindval_matches_bindtype(@bind);
1282 push @all_bind, @bind;
1283 },
1284 SCALARREF => sub { # literal SQL without bind
1285 },
1286 SCALAR_or_UNDEF => sub {
1287 push @all_bind, $self->_bindtype($k, $v);
1288 },
1289 });
1290 }
1291
1292 return @all_bind;
96449e8e 1293}
1294
1295sub generate {
1296 my $self = shift;
1297
1298 my(@sql, @sqlq, @sqlv);
1299
1300 for (@_) {
1301 my $ref = ref $_;
1302 if ($ref eq 'HASH') {
1303 for my $k (sort keys %$_) {
1304 my $v = $_->{$k};
1305 my $r = ref $v;
1306 my $label = $self->_quote($k);
1307 if ($r eq 'ARRAY') {
fe3ae272 1308 # literal SQL with bind
1309 my ($sql, @bind) = @$v;
1310 $self->_assert_bindval_matches_bindtype(@bind);
96449e8e 1311 push @sqlq, "$label = $sql";
fe3ae272 1312 push @sqlv, @bind;
96449e8e 1313 } elsif ($r eq 'SCALAR') {
fe3ae272 1314 # literal SQL without bind
96449e8e 1315 push @sqlq, "$label = $$v";
9d48860e 1316 } else {
96449e8e 1317 push @sqlq, "$label = ?";
1318 push @sqlv, $self->_bindtype($k, $v);
1319 }
1320 }
1321 push @sql, $self->_sqlcase('set'), join ', ', @sqlq;
1322 } elsif ($ref eq 'ARRAY') {
1323 # unlike insert(), assume these are ONLY the column names, i.e. for SQL
1324 for my $v (@$_) {
1325 my $r = ref $v;
fe3ae272 1326 if ($r eq 'ARRAY') { # literal SQL with bind
1327 my ($sql, @bind) = @$v;
1328 $self->_assert_bindval_matches_bindtype(@bind);
1329 push @sqlq, $sql;
1330 push @sqlv, @bind;
1331 } elsif ($r eq 'SCALAR') { # literal SQL without bind
96449e8e 1332 # embedded literal SQL
1333 push @sqlq, $$v;
9d48860e 1334 } else {
96449e8e 1335 push @sqlq, '?';
1336 push @sqlv, $v;
1337 }
1338 }
1339 push @sql, '(' . join(', ', @sqlq) . ')';
1340 } elsif ($ref eq 'SCALAR') {
1341 # literal SQL
1342 push @sql, $$_;
1343 } else {
1344 # strings get case twiddled
1345 push @sql, $self->_sqlcase($_);
1346 }
1347 }
1348
1349 my $sql = join ' ', @sql;
1350
1351 # this is pretty tricky
1352 # if ask for an array, return ($stmt, @bind)
1353 # otherwise, s/?/shift @sqlv/ to put it inline
1354 if (wantarray) {
1355 return ($sql, @sqlv);
1356 } else {
1357 1 while $sql =~ s/\?/my $d = shift(@sqlv);
1358 ref $d ? $d->[1] : $d/e;
1359 return $sql;
1360 }
1361}
1362
1363
1364sub DESTROY { 1 }
1365
1366sub AUTOLOAD {
1367 # This allows us to check for a local, then _form, attr
1368 my $self = shift;
1369 my($name) = $AUTOLOAD =~ /.*::(.+)/;
1370 return $self->generate($name, @_);
1371}
1372
13731;
1374
1375
1376
1377__END__
32eab2da 1378
1379=head1 NAME
1380
1381SQL::Abstract - Generate SQL from Perl data structures
1382
1383=head1 SYNOPSIS
1384
1385 use SQL::Abstract;
1386
1387 my $sql = SQL::Abstract->new;
1388
85783f3c 1389 my($stmt, @bind) = $sql->select($source, \@fields, \%where, $order);
32eab2da 1390
1391 my($stmt, @bind) = $sql->insert($table, \%fieldvals || \@values);
1392
1393 my($stmt, @bind) = $sql->update($table, \%fieldvals, \%where);
1394
1395 my($stmt, @bind) = $sql->delete($table, \%where);
1396
1397 # Then, use these in your DBI statements
1398 my $sth = $dbh->prepare($stmt);
1399 $sth->execute(@bind);
1400
1401 # Just generate the WHERE clause
85783f3c 1402 my($stmt, @bind) = $sql->where(\%where, $order);
32eab2da 1403
1404 # Return values in the same order, for hashed queries
1405 # See PERFORMANCE section for more details
1406 my @bind = $sql->values(\%fieldvals);
1407
1408=head1 DESCRIPTION
1409
1410This module was inspired by the excellent L<DBIx::Abstract>.
1411However, in using that module I found that what I really wanted
1412to do was generate SQL, but still retain complete control over my
1413statement handles and use the DBI interface. So, I set out to
1414create an abstract SQL generation module.
1415
1416While based on the concepts used by L<DBIx::Abstract>, there are
1417several important differences, especially when it comes to WHERE
1418clauses. I have modified the concepts used to make the SQL easier
1419to generate from Perl data structures and, IMO, more intuitive.
1420The underlying idea is for this module to do what you mean, based
1421on the data structures you provide it. The big advantage is that
1422you don't have to modify your code every time your data changes,
1423as this module figures it out.
1424
1425To begin with, an SQL INSERT is as easy as just specifying a hash
1426of C<key=value> pairs:
1427
1428 my %data = (
1429 name => 'Jimbo Bobson',
1430 phone => '123-456-7890',
1431 address => '42 Sister Lane',
1432 city => 'St. Louis',
1433 state => 'Louisiana',
1434 );
1435
1436The SQL can then be generated with this:
1437
1438 my($stmt, @bind) = $sql->insert('people', \%data);
1439
1440Which would give you something like this:
1441
1442 $stmt = "INSERT INTO people
1443 (address, city, name, phone, state)
1444 VALUES (?, ?, ?, ?, ?)";
1445 @bind = ('42 Sister Lane', 'St. Louis', 'Jimbo Bobson',
1446 '123-456-7890', 'Louisiana');
1447
1448These are then used directly in your DBI code:
1449
1450 my $sth = $dbh->prepare($stmt);
1451 $sth->execute(@bind);
1452
96449e8e 1453=head2 Inserting and Updating Arrays
1454
1455If your database has array types (like for example Postgres),
1456activate the special option C<< array_datatypes => 1 >>
9d48860e 1457when creating the C<SQL::Abstract> object.
96449e8e 1458Then you may use an arrayref to insert and update database array types:
1459
1460 my $sql = SQL::Abstract->new(array_datatypes => 1);
1461 my %data = (
1462 planets => [qw/Mercury Venus Earth Mars/]
1463 );
9d48860e 1464
96449e8e 1465 my($stmt, @bind) = $sql->insert('solar_system', \%data);
1466
1467This results in:
1468
1469 $stmt = "INSERT INTO solar_system (planets) VALUES (?)"
1470
1471 @bind = (['Mercury', 'Venus', 'Earth', 'Mars']);
1472
1473
1474=head2 Inserting and Updating SQL
1475
1476In order to apply SQL functions to elements of your C<%data> you may
1477specify a reference to an arrayref for the given hash value. For example,
1478if you need to execute the Oracle C<to_date> function on a value, you can
1479say something like this:
32eab2da 1480
1481 my %data = (
1482 name => 'Bill',
3ae1c5e2 1483 date_entered => \[ "to_date(?,'MM/DD/YYYY')", "03/02/2003" ],
9d48860e 1484 );
32eab2da 1485
1486The first value in the array is the actual SQL. Any other values are
1487optional and would be included in the bind values array. This gives
1488you:
1489
1490 my($stmt, @bind) = $sql->insert('people', \%data);
1491
9d48860e 1492 $stmt = "INSERT INTO people (name, date_entered)
32eab2da 1493 VALUES (?, to_date(?,'MM/DD/YYYY'))";
1494 @bind = ('Bill', '03/02/2003');
1495
1496An UPDATE is just as easy, all you change is the name of the function:
1497
1498 my($stmt, @bind) = $sql->update('people', \%data);
1499
1500Notice that your C<%data> isn't touched; the module will generate
1501the appropriately quirky SQL for you automatically. Usually you'll
1502want to specify a WHERE clause for your UPDATE, though, which is
1503where handling C<%where> hashes comes in handy...
1504
96449e8e 1505=head2 Complex where statements
1506
32eab2da 1507This module can generate pretty complicated WHERE statements
1508easily. For example, simple C<key=value> pairs are taken to mean
1509equality, and if you want to see if a field is within a set
1510of values, you can use an arrayref. Let's say we wanted to
1511SELECT some data based on this criteria:
1512
1513 my %where = (
1514 requestor => 'inna',
1515 worker => ['nwiger', 'rcwe', 'sfz'],
1516 status => { '!=', 'completed' }
1517 );
1518
1519 my($stmt, @bind) = $sql->select('tickets', '*', \%where);
1520
1521The above would give you something like this:
1522
1523 $stmt = "SELECT * FROM tickets WHERE
1524 ( requestor = ? ) AND ( status != ? )
1525 AND ( worker = ? OR worker = ? OR worker = ? )";
1526 @bind = ('inna', 'completed', 'nwiger', 'rcwe', 'sfz');
1527
1528Which you could then use in DBI code like so:
1529
1530 my $sth = $dbh->prepare($stmt);
1531 $sth->execute(@bind);
1532
1533Easy, eh?
1534
0da0fe34 1535=head1 METHODS
32eab2da 1536
13cc86af 1537The methods are simple. There's one for every major SQL operation,
32eab2da 1538and a constructor you use first. The arguments are specified in a
13cc86af 1539similar order for each method (table, then fields, then a where
32eab2da 1540clause) to try and simplify things.
1541
32eab2da 1542=head2 new(option => 'value')
1543
1544The C<new()> function takes a list of options and values, and returns
1545a new B<SQL::Abstract> object which can then be used to generate SQL
1546through the methods below. The options accepted are:
1547
1548=over
1549
1550=item case
1551
1552If set to 'lower', then SQL will be generated in all lowercase. By
1553default SQL is generated in "textbook" case meaning something like:
1554
1555 SELECT a_field FROM a_table WHERE some_field LIKE '%someval%'
1556
96449e8e 1557Any setting other than 'lower' is ignored.
1558
32eab2da 1559=item cmp
1560
1561This determines what the default comparison operator is. By default
1562it is C<=>, meaning that a hash like this:
1563
1564 %where = (name => 'nwiger', email => 'nate@wiger.org');
1565
1566Will generate SQL like this:
1567
1568 WHERE name = 'nwiger' AND email = 'nate@wiger.org'
1569
1570However, you may want loose comparisons by default, so if you set
1571C<cmp> to C<like> you would get SQL such as:
1572
1573 WHERE name like 'nwiger' AND email like 'nate@wiger.org'
1574
3af02ccb 1575You can also override the comparison on an individual basis - see
32eab2da 1576the huge section on L</"WHERE CLAUSES"> at the bottom.
1577
96449e8e 1578=item sqltrue, sqlfalse
1579
1580Expressions for inserting boolean values within SQL statements.
6e0c6552 1581By default these are C<1=1> and C<1=0>. They are used
1582by the special operators C<-in> and C<-not_in> for generating
1583correct SQL even when the argument is an empty array (see below).
96449e8e 1584
32eab2da 1585=item logic
1586
1587This determines the default logical operator for multiple WHERE
7cac25e6 1588statements in arrays or hashes. If absent, the default logic is "or"
1589for arrays, and "and" for hashes. This means that a WHERE
32eab2da 1590array of the form:
1591
1592 @where = (
9d48860e 1593 event_date => {'>=', '2/13/99'},
1594 event_date => {'<=', '4/24/03'},
32eab2da 1595 );
1596
7cac25e6 1597will generate SQL like this:
32eab2da 1598
1599 WHERE event_date >= '2/13/99' OR event_date <= '4/24/03'
1600
1601This is probably not what you want given this query, though (look
1602at the dates). To change the "OR" to an "AND", simply specify:
1603
1604 my $sql = SQL::Abstract->new(logic => 'and');
1605
1606Which will change the above C<WHERE> to:
1607
1608 WHERE event_date >= '2/13/99' AND event_date <= '4/24/03'
1609
96449e8e 1610The logic can also be changed locally by inserting
be21dde3 1611a modifier in front of an arrayref:
96449e8e 1612
9d48860e 1613 @where = (-and => [event_date => {'>=', '2/13/99'},
7cac25e6 1614 event_date => {'<=', '4/24/03'} ]);
96449e8e 1615
1616See the L</"WHERE CLAUSES"> section for explanations.
1617
32eab2da 1618=item convert
1619
1620This will automatically convert comparisons using the specified SQL
1621function for both column and value. This is mostly used with an argument
1622of C<upper> or C<lower>, so that the SQL will have the effect of
1623case-insensitive "searches". For example, this:
1624
1625 $sql = SQL::Abstract->new(convert => 'upper');
1626 %where = (keywords => 'MaKe iT CAse inSeNSItive');
1627
1628Will turn out the following SQL:
1629
1630 WHERE upper(keywords) like upper('MaKe iT CAse inSeNSItive')
1631
1632The conversion can be C<upper()>, C<lower()>, or any other SQL function
1633that can be applied symmetrically to fields (actually B<SQL::Abstract> does
1634not validate this option; it will just pass through what you specify verbatim).
1635
1636=item bindtype
1637
1638This is a kludge because many databases suck. For example, you can't
1639just bind values using DBI's C<execute()> for Oracle C<CLOB> or C<BLOB> fields.
1640Instead, you have to use C<bind_param()>:
1641
1642 $sth->bind_param(1, 'reg data');
1643 $sth->bind_param(2, $lots, {ora_type => ORA_CLOB});
1644
1645The problem is, B<SQL::Abstract> will normally just return a C<@bind> array,
1646which loses track of which field each slot refers to. Fear not.
1647
1648If you specify C<bindtype> in new, you can determine how C<@bind> is returned.
1649Currently, you can specify either C<normal> (default) or C<columns>. If you
1650specify C<columns>, you will get an array that looks like this:
1651
1652 my $sql = SQL::Abstract->new(bindtype => 'columns');
1653 my($stmt, @bind) = $sql->insert(...);
1654
1655 @bind = (
1656 [ 'column1', 'value1' ],
1657 [ 'column2', 'value2' ],
1658 [ 'column3', 'value3' ],
1659 );
1660
1661You can then iterate through this manually, using DBI's C<bind_param()>.
e3f9dff4 1662
32eab2da 1663 $sth->prepare($stmt);
1664 my $i = 1;
1665 for (@bind) {
1666 my($col, $data) = @$_;
1667 if ($col eq 'details' || $col eq 'comments') {
1668 $sth->bind_param($i, $data, {ora_type => ORA_CLOB});
1669 } elsif ($col eq 'image') {
1670 $sth->bind_param($i, $data, {ora_type => ORA_BLOB});
1671 } else {
1672 $sth->bind_param($i, $data);
1673 }
1674 $i++;
1675 }
1676 $sth->execute; # execute without @bind now
1677
1678Now, why would you still use B<SQL::Abstract> if you have to do this crap?
1679Basically, the advantage is still that you don't have to care which fields
1680are or are not included. You could wrap that above C<for> loop in a simple
1681sub called C<bind_fields()> or something and reuse it repeatedly. You still
1682get a layer of abstraction over manual SQL specification.
1683
3ae1c5e2 1684Note that if you set L</bindtype> to C<columns>, the C<\[ $sql, @bind ]>
deb148a2 1685construct (see L</Literal SQL with placeholders and bind values (subqueries)>)
1686will expect the bind values in this format.
1687
32eab2da 1688=item quote_char
1689
1690This is the character that a table or column name will be quoted
9d48860e 1691with. By default this is an empty string, but you could set it to
32eab2da 1692the character C<`>, to generate SQL like this:
1693
1694 SELECT `a_field` FROM `a_table` WHERE `some_field` LIKE '%someval%'
1695
96449e8e 1696Alternatively, you can supply an array ref of two items, the first being the left
1697hand quote character, and the second the right hand quote character. For
1698example, you could supply C<['[',']']> for SQL Server 2000 compliant quotes
1699that generates SQL like this:
1700
1701 SELECT [a_field] FROM [a_table] WHERE [some_field] LIKE '%someval%'
1702
9d48860e 1703Quoting is useful if you have tables or columns names that are reserved
96449e8e 1704words in your database's SQL dialect.
32eab2da 1705
46be4313 1706=item escape_char
1707
1708This is the character that will be used to escape L</quote_char>s appearing
1709in an identifier before it has been quoted.
1710
80790166 1711The parameter default in case of a single L</quote_char> character is the quote
46be4313 1712character itself.
1713
1714When opening-closing-style quoting is used (L</quote_char> is an arrayref)
9de2bd86 1715this parameter defaults to the B<closing (right)> L</quote_char>. Occurrences
46be4313 1716of the B<opening (left)> L</quote_char> within the identifier are currently left
1717untouched. The default for opening-closing-style quotes may change in future
1718versions, thus you are B<strongly encouraged> to specify the escape character
1719explicitly.
1720
32eab2da 1721=item name_sep
1722
1723This is the character that separates a table and column name. It is
1724necessary to specify this when the C<quote_char> option is selected,
1725so that tables and column names can be individually quoted like this:
1726
1727 SELECT `table`.`one_field` FROM `table` WHERE `table`.`other_field` = 1
1728
b6251592 1729=item injection_guard
1730
1731A regular expression C<qr/.../> that is applied to any C<-function> and unquoted
1732column name specified in a query structure. This is a safety mechanism to avoid
1733injection attacks when mishandling user input e.g.:
1734
1735 my %condition_as_column_value_pairs = get_values_from_user();
1736 $sqla->select( ... , \%condition_as_column_value_pairs );
1737
1738If the expression matches an exception is thrown. Note that literal SQL
1739supplied via C<\'...'> or C<\['...']> is B<not> checked in any way.
1740
1741Defaults to checking for C<;> and the C<GO> keyword (TransactSQL)
1742
96449e8e 1743=item array_datatypes
32eab2da 1744
9d48860e 1745When this option is true, arrayrefs in INSERT or UPDATE are
1746interpreted as array datatypes and are passed directly
96449e8e 1747to the DBI layer.
1748When this option is false, arrayrefs are interpreted
1749as literal SQL, just like refs to arrayrefs
1750(but this behavior is for backwards compatibility; when writing
1751new queries, use the "reference to arrayref" syntax
1752for literal SQL).
32eab2da 1753
32eab2da 1754
96449e8e 1755=item special_ops
32eab2da 1756
9d48860e 1757Takes a reference to a list of "special operators"
96449e8e 1758to extend the syntax understood by L<SQL::Abstract>.
1759See section L</"SPECIAL OPERATORS"> for details.
32eab2da 1760
59f23b3d 1761=item unary_ops
1762
9d48860e 1763Takes a reference to a list of "unary operators"
59f23b3d 1764to extend the syntax understood by L<SQL::Abstract>.
1765See section L</"UNARY OPERATORS"> for details.
1766
32eab2da 1767
32eab2da 1768
96449e8e 1769=back
32eab2da 1770
02288357 1771=head2 insert($table, \@values || \%fieldvals, \%options)
32eab2da 1772
1773This is the simplest function. You simply give it a table name
1774and either an arrayref of values or hashref of field/value pairs.
1775It returns an SQL INSERT statement and a list of bind values.
96449e8e 1776See the sections on L</"Inserting and Updating Arrays"> and
1777L</"Inserting and Updating SQL"> for information on how to insert
1778with those data types.
32eab2da 1779
02288357 1780The optional C<\%options> hash reference may contain additional
1781options to generate the insert SQL. Currently supported options
1782are:
1783
1784=over 4
1785
1786=item returning
1787
1788Takes either a scalar of raw SQL fields, or an array reference of
1789field names, and adds on an SQL C<RETURNING> statement at the end.
1790This allows you to return data generated by the insert statement
1791(such as row IDs) without performing another C<SELECT> statement.
1792Note, however, this is not part of the SQL standard and may not
1793be supported by all database engines.
1794
1795=back
1796
95904db5 1797=head2 update($table, \%fieldvals, \%where, \%options)
32eab2da 1798
1799This takes a table, hashref of field/value pairs, and an optional
86298391 1800hashref L<WHERE clause|/WHERE CLAUSES>. It returns an SQL UPDATE function and a list
32eab2da 1801of bind values.
96449e8e 1802See the sections on L</"Inserting and Updating Arrays"> and
1803L</"Inserting and Updating SQL"> for information on how to insert
1804with those data types.
32eab2da 1805
95904db5 1806The optional C<\%options> hash reference may contain additional
1807options to generate the update SQL. Currently supported options
1808are:
1809
1810=over 4
1811
1812=item returning
1813
1814See the C<returning> option to
1815L<insert|/insert($table, \@values || \%fieldvals, \%options)>.
1816
1817=back
1818
96449e8e 1819=head2 select($source, $fields, $where, $order)
32eab2da 1820
9d48860e 1821This returns a SQL SELECT statement and associated list of bind values, as
be21dde3 1822specified by the arguments:
32eab2da 1823
96449e8e 1824=over
32eab2da 1825
96449e8e 1826=item $source
32eab2da 1827
9d48860e 1828Specification of the 'FROM' part of the statement.
96449e8e 1829The argument can be either a plain scalar (interpreted as a table
1830name, will be quoted), or an arrayref (interpreted as a list
1831of table names, joined by commas, quoted), or a scalarref
063097a3 1832(literal SQL, not quoted).
32eab2da 1833
96449e8e 1834=item $fields
32eab2da 1835
9d48860e 1836Specification of the list of fields to retrieve from
96449e8e 1837the source.
1838The argument can be either an arrayref (interpreted as a list
9d48860e 1839of field names, will be joined by commas and quoted), or a
96449e8e 1840plain scalar (literal SQL, not quoted).
521647e7 1841Please observe that this API is not as flexible as that of
1842the first argument C<$source>, for backwards compatibility reasons.
32eab2da 1843
96449e8e 1844=item $where
32eab2da 1845
96449e8e 1846Optional argument to specify the WHERE part of the query.
1847The argument is most often a hashref, but can also be
9d48860e 1848an arrayref or plain scalar --
96449e8e 1849see section L<WHERE clause|/"WHERE CLAUSES"> for details.
32eab2da 1850
96449e8e 1851=item $order
32eab2da 1852
96449e8e 1853Optional argument to specify the ORDER BY part of the query.
9d48860e 1854The argument can be a scalar, a hashref or an arrayref
96449e8e 1855-- see section L<ORDER BY clause|/"ORDER BY CLAUSES">
1856for details.
32eab2da 1857
96449e8e 1858=back
32eab2da 1859
32eab2da 1860
85327cd5 1861=head2 delete($table, \%where, \%options)
32eab2da 1862
86298391 1863This takes a table name and optional hashref L<WHERE clause|/WHERE CLAUSES>.
32eab2da 1864It returns an SQL DELETE statement and list of bind values.
1865
85327cd5 1866The optional C<\%options> hash reference may contain additional
1867options to generate the delete SQL. Currently supported options
1868are:
1869
1870=over 4
1871
1872=item returning
1873
1874See the C<returning> option to
1875L<insert|/insert($table, \@values || \%fieldvals, \%options)>.
1876
1877=back
1878
85783f3c 1879=head2 where(\%where, $order)
32eab2da 1880
1881This is used to generate just the WHERE clause. For example,
1882if you have an arbitrary data structure and know what the
1883rest of your SQL is going to look like, but want an easy way
1884to produce a WHERE clause, use this. It returns an SQL WHERE
1885clause and list of bind values.
1886
32eab2da 1887
1888=head2 values(\%data)
1889
1890This just returns the values from the hash C<%data>, in the same
1891order that would be returned from any of the other above queries.
1892Using this allows you to markedly speed up your queries if you
1893are affecting lots of rows. See below under the L</"PERFORMANCE"> section.
1894
32eab2da 1895=head2 generate($any, 'number', $of, \@data, $struct, \%types)
1896
1897Warning: This is an experimental method and subject to change.
1898
1899This returns arbitrarily generated SQL. It's a really basic shortcut.
1900It will return two different things, depending on return context:
1901
1902 my($stmt, @bind) = $sql->generate('create table', \$table, \@fields);
1903 my $stmt_and_val = $sql->generate('create table', \$table, \@fields);
1904
1905These would return the following:
1906
1907 # First calling form
1908 $stmt = "CREATE TABLE test (?, ?)";
1909 @bind = (field1, field2);
1910
1911 # Second calling form
1912 $stmt_and_val = "CREATE TABLE test (field1, field2)";
1913
1914Depending on what you're trying to do, it's up to you to choose the correct
1915format. In this example, the second form is what you would want.
1916
1917By the same token:
1918
1919 $sql->generate('alter session', { nls_date_format => 'MM/YY' });
1920
1921Might give you:
1922
1923 ALTER SESSION SET nls_date_format = 'MM/YY'
1924
1925You get the idea. Strings get their case twiddled, but everything
1926else remains verbatim.
1927
0da0fe34 1928=head1 EXPORTABLE FUNCTIONS
1929
1930=head2 is_plain_value
1931
1932Determines if the supplied argument is a plain value as understood by this
1933module:
1934
1935=over
1936
1937=item * The value is C<undef>
1938
1939=item * The value is a non-reference
1940
1941=item * The value is an object with stringification overloading
1942
1943=item * The value is of the form C<< { -value => $anything } >>
1944
1945=back
1946
9de2bd86 1947On failure returns C<undef>, on success returns a B<scalar> reference
966200cc 1948to the original supplied argument.
0da0fe34 1949
843a94b5 1950=over
1951
1952=item * Note
1953
1954The stringification overloading detection is rather advanced: it takes
1955into consideration not only the presence of a C<""> overload, but if that
1956fails also checks for enabled
1957L<autogenerated versions of C<"">|overload/Magic Autogeneration>, based
1958on either C<0+> or C<bool>.
1959
1960Unfortunately testing in the field indicates that this
1961detection B<< may tickle a latent bug in perl versions before 5.018 >>,
1962but only when very large numbers of stringifying objects are involved.
1963At the time of writing ( Sep 2014 ) there is no clear explanation of
1964the direct cause, nor is there a manageably small test case that reliably
1965reproduces the problem.
1966
1967If you encounter any of the following exceptions in B<random places within
1968your application stack> - this module may be to blame:
1969
1970 Operation "ne": no method found,
1971 left argument in overloaded package <something>,
1972 right argument in overloaded package <something>
1973
1974or perhaps even
1975
1976 Stub found while resolving method "???" overloading """" in package <something>
1977
1978If you fall victim to the above - please attempt to reduce the problem
1979to something that could be sent to the L<SQL::Abstract developers
1f490ae4 1980|DBIx::Class/GETTING HELP/SUPPORT>
843a94b5 1981(either publicly or privately). As a workaround in the meantime you can
1982set C<$ENV{SQLA_ISVALUE_IGNORE_AUTOGENERATED_STRINGIFICATION}> to a true
1983value, which will most likely eliminate your problem (at the expense of
1984not being able to properly detect exotic forms of stringification).
1985
1986This notice and environment variable will be removed in a future version,
1987as soon as the underlying problem is found and a reliable workaround is
1988devised.
1989
1990=back
1991
0da0fe34 1992=head2 is_literal_value
1993
1994Determines if the supplied argument is a literal value as understood by this
1995module:
1996
1997=over
1998
1999=item * C<\$sql_string>
2000
2001=item * C<\[ $sql_string, @bind_values ]>
2002
0da0fe34 2003=back
2004
9de2bd86 2005On failure returns C<undef>, on success returns an B<array> reference
966200cc 2006containing the unpacked version of the supplied literal SQL and bind values.
0da0fe34 2007
32eab2da 2008=head1 WHERE CLAUSES
2009
96449e8e 2010=head2 Introduction
2011
32eab2da 2012This module uses a variation on the idea from L<DBIx::Abstract>. It
2013is B<NOT>, repeat I<not> 100% compatible. B<The main logic of this
2014module is that things in arrays are OR'ed, and things in hashes
2015are AND'ed.>
2016
2017The easiest way to explain is to show lots of examples. After
2018each C<%where> hash shown, it is assumed you used:
2019
2020 my($stmt, @bind) = $sql->where(\%where);
2021
2022However, note that the C<%where> hash can be used directly in any
2023of the other functions as well, as described above.
2024
96449e8e 2025=head2 Key-value pairs
2026
32eab2da 2027So, let's get started. To begin, a simple hash:
2028
2029 my %where = (
2030 user => 'nwiger',
2031 status => 'completed'
2032 );
2033
2034Is converted to SQL C<key = val> statements:
2035
2036 $stmt = "WHERE user = ? AND status = ?";
2037 @bind = ('nwiger', 'completed');
2038
2039One common thing I end up doing is having a list of values that
2040a field can be in. To do this, simply specify a list inside of
2041an arrayref:
2042
2043 my %where = (
2044 user => 'nwiger',
2045 status => ['assigned', 'in-progress', 'pending'];
2046 );
2047
2048This simple code will create the following:
9d48860e 2049
32eab2da 2050 $stmt = "WHERE user = ? AND ( status = ? OR status = ? OR status = ? )";
2051 @bind = ('nwiger', 'assigned', 'in-progress', 'pending');
2052
9d48860e 2053A field associated to an empty arrayref will be considered a
7cac25e6 2054logical false and will generate 0=1.
8a68b5be 2055
b864ba9b 2056=head2 Tests for NULL values
2057
2058If the value part is C<undef> then this is converted to SQL <IS NULL>
2059
2060 my %where = (
2061 user => 'nwiger',
2062 status => undef,
2063 );
2064
2065becomes:
2066
2067 $stmt = "WHERE user = ? AND status IS NULL";
2068 @bind = ('nwiger');
2069
e9614080 2070To test if a column IS NOT NULL:
2071
2072 my %where = (
2073 user => 'nwiger',
2074 status => { '!=', undef },
2075 );
cc422895 2076
6e0c6552 2077=head2 Specific comparison operators
96449e8e 2078
32eab2da 2079If you want to specify a different type of operator for your comparison,
2080you can use a hashref for a given column:
2081
2082 my %where = (
2083 user => 'nwiger',
2084 status => { '!=', 'completed' }
2085 );
2086
2087Which would generate:
2088
2089 $stmt = "WHERE user = ? AND status != ?";
2090 @bind = ('nwiger', 'completed');
2091
2092To test against multiple values, just enclose the values in an arrayref:
2093
96449e8e 2094 status => { '=', ['assigned', 'in-progress', 'pending'] };
2095
f2d5020d 2096Which would give you:
96449e8e 2097
2098 "WHERE status = ? OR status = ? OR status = ?"
2099
2100
2101The hashref can also contain multiple pairs, in which case it is expanded
32eab2da 2102into an C<AND> of its elements:
2103
2104 my %where = (
2105 user => 'nwiger',
2106 status => { '!=', 'completed', -not_like => 'pending%' }
2107 );
2108
2109 # Or more dynamically, like from a form
2110 $where{user} = 'nwiger';
2111 $where{status}{'!='} = 'completed';
2112 $where{status}{'-not_like'} = 'pending%';
2113
2114 # Both generate this
2115 $stmt = "WHERE user = ? AND status != ? AND status NOT LIKE ?";
2116 @bind = ('nwiger', 'completed', 'pending%');
2117
96449e8e 2118
32eab2da 2119To get an OR instead, you can combine it with the arrayref idea:
2120
2121 my %where => (
2122 user => 'nwiger',
1a6f2a03 2123 priority => [ { '=', 2 }, { '>', 5 } ]
32eab2da 2124 );
2125
2126Which would generate:
2127
1a6f2a03 2128 $stmt = "WHERE ( priority = ? OR priority > ? ) AND user = ?";
2129 @bind = ('2', '5', 'nwiger');
32eab2da 2130
44b9e502 2131If you want to include literal SQL (with or without bind values), just use a
13cc86af 2132scalar reference or reference to an arrayref as the value:
44b9e502 2133
2134 my %where = (
2135 date_entered => { '>' => \["to_date(?, 'MM/DD/YYYY')", "11/26/2008"] },
2136 date_expires => { '<' => \"now()" }
2137 );
2138
2139Which would generate:
2140
13cc86af 2141 $stmt = "WHERE date_entered > to_date(?, 'MM/DD/YYYY') AND date_expires < now()";
44b9e502 2142 @bind = ('11/26/2008');
2143
96449e8e 2144
2145=head2 Logic and nesting operators
2146
2147In the example above,
2148there is a subtle trap if you want to say something like
32eab2da 2149this (notice the C<AND>):
2150
2151 WHERE priority != ? AND priority != ?
2152
2153Because, in Perl you I<can't> do this:
2154
13cc86af 2155 priority => { '!=' => 2, '!=' => 1 }
32eab2da 2156
2157As the second C<!=> key will obliterate the first. The solution
2158is to use the special C<-modifier> form inside an arrayref:
2159
9d48860e 2160 priority => [ -and => {'!=', 2},
96449e8e 2161 {'!=', 1} ]
2162
32eab2da 2163
2164Normally, these would be joined by C<OR>, but the modifier tells it
2165to use C<AND> instead. (Hint: You can use this in conjunction with the
2166C<logic> option to C<new()> in order to change the way your queries
2167work by default.) B<Important:> Note that the C<-modifier> goes
2168B<INSIDE> the arrayref, as an extra first element. This will
2169B<NOT> do what you think it might:
2170
2171 priority => -and => [{'!=', 2}, {'!=', 1}] # WRONG!
2172
2173Here is a quick list of equivalencies, since there is some overlap:
2174
2175 # Same
2176 status => {'!=', 'completed', 'not like', 'pending%' }
2177 status => [ -and => {'!=', 'completed'}, {'not like', 'pending%'}]
2178
2179 # Same
2180 status => {'=', ['assigned', 'in-progress']}
2181 status => [ -or => {'=', 'assigned'}, {'=', 'in-progress'}]
2182 status => [ {'=', 'assigned'}, {'=', 'in-progress'} ]
2183
e3f9dff4 2184
2185
be21dde3 2186=head2 Special operators: IN, BETWEEN, etc.
96449e8e 2187
32eab2da 2188You can also use the hashref format to compare a list of fields using the
2189C<IN> comparison operator, by specifying the list as an arrayref:
2190
2191 my %where = (
2192 status => 'completed',
2193 reportid => { -in => [567, 2335, 2] }
2194 );
2195
2196Which would generate:
2197
2198 $stmt = "WHERE status = ? AND reportid IN (?,?,?)";
2199 @bind = ('completed', '567', '2335', '2');
2200
9d48860e 2201The reverse operator C<-not_in> generates SQL C<NOT IN> and is used in
96449e8e 2202the same way.
2203
6e0c6552 2204If the argument to C<-in> is an empty array, 'sqlfalse' is generated
be21dde3 2205(by default: C<1=0>). Similarly, C<< -not_in => [] >> generates
2206'sqltrue' (by default: C<1=1>).
6e0c6552 2207
e41c3bdd 2208In addition to the array you can supply a chunk of literal sql or
2209literal sql with bind:
6e0c6552 2210
e41c3bdd 2211 my %where = {
2212 customer => { -in => \[
2213 'SELECT cust_id FROM cust WHERE balance > ?',
2214 2000,
2215 ],
2216 status => { -in => \'SELECT status_codes FROM states' },
2217 };
6e0c6552 2218
e41c3bdd 2219would generate:
2220
2221 $stmt = "WHERE (
2222 customer IN ( SELECT cust_id FROM cust WHERE balance > ? )
2223 AND status IN ( SELECT status_codes FROM states )
2224 )";
2225 @bind = ('2000');
2226
0dfd2442 2227Finally, if the argument to C<-in> is not a reference, it will be
2228treated as a single-element array.
e41c3bdd 2229
2230Another pair of operators is C<-between> and C<-not_between>,
96449e8e 2231used with an arrayref of two values:
32eab2da 2232
2233 my %where = (
2234 user => 'nwiger',
2235 completion_date => {
2236 -not_between => ['2002-10-01', '2003-02-06']
2237 }
2238 );
2239
2240Would give you:
2241
2242 WHERE user = ? AND completion_date NOT BETWEEN ( ? AND ? )
2243
e41c3bdd 2244Just like with C<-in> all plausible combinations of literal SQL
2245are possible:
2246
2247 my %where = {
2248 start0 => { -between => [ 1, 2 ] },
2249 start1 => { -between => \["? AND ?", 1, 2] },
2250 start2 => { -between => \"lower(x) AND upper(y)" },
9d48860e 2251 start3 => { -between => [
e41c3bdd 2252 \"lower(x)",
2253 \["upper(?)", 'stuff' ],
2254 ] },
2255 };
2256
2257Would give you:
2258
2259 $stmt = "WHERE (
2260 ( start0 BETWEEN ? AND ? )
2261 AND ( start1 BETWEEN ? AND ? )
2262 AND ( start2 BETWEEN lower(x) AND upper(y) )
2263 AND ( start3 BETWEEN lower(x) AND upper(?) )
2264 )";
2265 @bind = (1, 2, 1, 2, 'stuff');
2266
2267
9d48860e 2268These are the two builtin "special operators"; but the
be21dde3 2269list can be expanded: see section L</"SPECIAL OPERATORS"> below.
96449e8e 2270
59f23b3d 2271=head2 Unary operators: bool
97a920ef 2272
2273If you wish to test against boolean columns or functions within your
2274database you can use the C<-bool> and C<-not_bool> operators. For
2275example to test the column C<is_user> being true and the column
827bb0eb 2276C<is_enabled> being false you would use:-
97a920ef 2277
2278 my %where = (
2279 -bool => 'is_user',
2280 -not_bool => 'is_enabled',
2281 );
2282
2283Would give you:
2284
277b5d3f 2285 WHERE is_user AND NOT is_enabled
97a920ef 2286
0b604e9d 2287If a more complex combination is required, testing more conditions,
2288then you should use the and/or operators:-
2289
2290 my %where = (
2291 -and => [
2292 -bool => 'one',
23401b81 2293 -not_bool => { two=> { -rlike => 'bar' } },
2294 -not_bool => { three => [ { '=', 2 }, { '>', 5 } ] },
0b604e9d 2295 ],
2296 );
2297
2298Would give you:
2299
23401b81 2300 WHERE
2301 one
2302 AND
2303 (NOT two RLIKE ?)
2304 AND
2305 (NOT ( three = ? OR three > ? ))
97a920ef 2306
2307
107b72f1 2308=head2 Nested conditions, -and/-or prefixes
96449e8e 2309
32eab2da 2310So far, we've seen how multiple conditions are joined with a top-level
2311C<AND>. We can change this by putting the different conditions we want in
2312hashes and then putting those hashes in an array. For example:
2313
2314 my @where = (
2315 {
2316 user => 'nwiger',
2317 status => { -like => ['pending%', 'dispatched'] },
2318 },
2319 {
2320 user => 'robot',
2321 status => 'unassigned',
2322 }
2323 );
2324
2325This data structure would create the following:
2326
2327 $stmt = "WHERE ( user = ? AND ( status LIKE ? OR status LIKE ? ) )
2328 OR ( user = ? AND status = ? ) )";
2329 @bind = ('nwiger', 'pending', 'dispatched', 'robot', 'unassigned');
2330
107b72f1 2331
48d9f5f8 2332Clauses in hashrefs or arrayrefs can be prefixed with an C<-and> or C<-or>
be21dde3 2333to change the logic inside:
32eab2da 2334
2335 my @where = (
2336 -and => [
2337 user => 'nwiger',
48d9f5f8 2338 [
2339 -and => [ workhrs => {'>', 20}, geo => 'ASIA' ],
2340 -or => { workhrs => {'<', 50}, geo => 'EURO' },
32eab2da 2341 ],
2342 ],
2343 );
2344
2345That would yield:
2346
13cc86af 2347 $stmt = "WHERE ( user = ?
2348 AND ( ( workhrs > ? AND geo = ? )
2349 OR ( workhrs < ? OR geo = ? ) ) )";
2350 @bind = ('nwiger', '20', 'ASIA', '50', 'EURO');
107b72f1 2351
cc422895 2352=head3 Algebraic inconsistency, for historical reasons
107b72f1 2353
7cac25e6 2354C<Important note>: when connecting several conditions, the C<-and->|C<-or>
2355operator goes C<outside> of the nested structure; whereas when connecting
2356several constraints on one column, the C<-and> operator goes
be21dde3 2357C<inside> the arrayref. Here is an example combining both features:
7cac25e6 2358
2359 my @where = (
2360 -and => [a => 1, b => 2],
2361 -or => [c => 3, d => 4],
2362 e => [-and => {-like => 'foo%'}, {-like => '%bar'} ]
2363 )
2364
2365yielding
2366
9d48860e 2367 WHERE ( ( ( a = ? AND b = ? )
2368 OR ( c = ? OR d = ? )
7cac25e6 2369 OR ( e LIKE ? AND e LIKE ? ) ) )
2370
107b72f1 2371This difference in syntax is unfortunate but must be preserved for
be21dde3 2372historical reasons. So be careful: the two examples below would
107b72f1 2373seem algebraically equivalent, but they are not
2374
a948b1fe 2375 { col => [ -and =>
2376 { -like => 'foo%' },
2377 { -like => '%bar' },
2378 ] }
be21dde3 2379 # yields: WHERE ( ( col LIKE ? AND col LIKE ? ) )
107b72f1 2380
a948b1fe 2381 [ -and =>
2382 { col => { -like => 'foo%' } },
2383 { col => { -like => '%bar' } },
2384 ]
be21dde3 2385 # yields: WHERE ( ( col LIKE ? OR col LIKE ? ) )
107b72f1 2386
7cac25e6 2387
cc422895 2388=head2 Literal SQL and value type operators
96449e8e 2389
cc422895 2390The basic premise of SQL::Abstract is that in WHERE specifications the "left
2391side" is a column name and the "right side" is a value (normally rendered as
2392a placeholder). This holds true for both hashrefs and arrayref pairs as you
2393see in the L</WHERE CLAUSES> examples above. Sometimes it is necessary to
2394alter this behavior. There are several ways of doing so.
e9614080 2395
cc422895 2396=head3 -ident
2397
2398This is a virtual operator that signals the string to its right side is an
2399identifier (a column name) and not a value. For example to compare two
2400columns you would write:
32eab2da 2401
e9614080 2402 my %where = (
2403 priority => { '<', 2 },
cc422895 2404 requestor => { -ident => 'submitter' },
e9614080 2405 );
2406
2407which creates:
2408
2409 $stmt = "WHERE priority < ? AND requestor = submitter";
2410 @bind = ('2');
2411
cc422895 2412If you are maintaining legacy code you may see a different construct as
2413described in L</Deprecated usage of Literal SQL>, please use C<-ident> in new
2414code.
2415
2416=head3 -value
e9614080 2417
cc422895 2418This is a virtual operator that signals that the construct to its right side
2419is a value to be passed to DBI. This is for example necessary when you want
2420to write a where clause against an array (for RDBMS that support such
2421datatypes). For example:
e9614080 2422
32eab2da 2423 my %where = (
cc422895 2424 array => { -value => [1, 2, 3] }
32eab2da 2425 );
2426
cc422895 2427will result in:
32eab2da 2428
cc422895 2429 $stmt = 'WHERE array = ?';
2430 @bind = ([1, 2, 3]);
32eab2da 2431
cc422895 2432Note that if you were to simply say:
32eab2da 2433
2434 my %where = (
cc422895 2435 array => [1, 2, 3]
32eab2da 2436 );
2437
3af02ccb 2438the result would probably not be what you wanted:
cc422895 2439
2440 $stmt = 'WHERE array = ? OR array = ? OR array = ?';
2441 @bind = (1, 2, 3);
2442
2443=head3 Literal SQL
96449e8e 2444
cc422895 2445Finally, sometimes only literal SQL will do. To include a random snippet
2446of SQL verbatim, you specify it as a scalar reference. Consider this only
2447as a last resort. Usually there is a better way. For example:
96449e8e 2448
2449 my %where = (
cc422895 2450 priority => { '<', 2 },
2451 requestor => { -in => \'(SELECT name FROM hitmen)' },
96449e8e 2452 );
2453
cc422895 2454Would create:
96449e8e 2455
cc422895 2456 $stmt = "WHERE priority < ? AND requestor IN (SELECT name FROM hitmen)"
2457 @bind = (2);
2458
2459Note that in this example, you only get one bind parameter back, since
2460the verbatim SQL is passed as part of the statement.
2461
2462=head4 CAVEAT
2463
2464 Never use untrusted input as a literal SQL argument - this is a massive
2465 security risk (there is no way to check literal snippets for SQL
2466 injections and other nastyness). If you need to deal with untrusted input
2467 use literal SQL with placeholders as described next.
96449e8e 2468
cc422895 2469=head3 Literal SQL with placeholders and bind values (subqueries)
96449e8e 2470
2471If the literal SQL to be inserted has placeholders and bind values,
2472use a reference to an arrayref (yes this is a double reference --
2473not so common, but perfectly legal Perl). For example, to find a date
2474in Postgres you can use something like this:
2475
2476 my %where = (
3ae1c5e2 2477 date_column => \[ "= date '2008-09-30' - ?::integer", 10 ]
96449e8e 2478 )
2479
2480This would create:
2481
d2a8fe1a 2482 $stmt = "WHERE ( date_column = date '2008-09-30' - ?::integer )"
96449e8e 2483 @bind = ('10');
2484
deb148a2 2485Note that you must pass the bind values in the same format as they are returned
85783f3c 2486by L<where|/where(\%where, $order)>. This means that if you set L</bindtype>
1f490ae4 2487to C<columns>, you must provide the bind values in the
2488C<< [ column_meta => value ] >> format, where C<column_meta> is an opaque
2489scalar value; most commonly the column name, but you can use any scalar value
2490(including references and blessed references), L<SQL::Abstract> will simply
2491pass it through intact. So if C<bindtype> is set to C<columns> the above
2492example will look like:
deb148a2 2493
2494 my %where = (
3ae1c5e2 2495 date_column => \[ "= date '2008-09-30' - ?::integer", [ {} => 10 ] ]
deb148a2 2496 )
96449e8e 2497
2498Literal SQL is especially useful for nesting parenthesized clauses in the
be21dde3 2499main SQL query. Here is a first example:
96449e8e 2500
2501 my ($sub_stmt, @sub_bind) = ("SELECT c1 FROM t1 WHERE c2 < ? AND c3 LIKE ?",
2502 100, "foo%");
2503 my %where = (
2504 foo => 1234,
2505 bar => \["IN ($sub_stmt)" => @sub_bind],
2506 );
2507
be21dde3 2508This yields:
96449e8e 2509
9d48860e 2510 $stmt = "WHERE (foo = ? AND bar IN (SELECT c1 FROM t1
96449e8e 2511 WHERE c2 < ? AND c3 LIKE ?))";
2512 @bind = (1234, 100, "foo%");
2513
9d48860e 2514Other subquery operators, like for example C<"E<gt> ALL"> or C<"NOT IN">,
96449e8e 2515are expressed in the same way. Of course the C<$sub_stmt> and
9d48860e 2516its associated bind values can be generated through a former call
96449e8e 2517to C<select()> :
2518
2519 my ($sub_stmt, @sub_bind)
9d48860e 2520 = $sql->select("t1", "c1", {c2 => {"<" => 100},
96449e8e 2521 c3 => {-like => "foo%"}});
2522 my %where = (
2523 foo => 1234,
2524 bar => \["> ALL ($sub_stmt)" => @sub_bind],
2525 );
2526
2527In the examples above, the subquery was used as an operator on a column;
9d48860e 2528but the same principle also applies for a clause within the main C<%where>
be21dde3 2529hash, like an EXISTS subquery:
96449e8e 2530
9d48860e 2531 my ($sub_stmt, @sub_bind)
96449e8e 2532 = $sql->select("t1", "*", {c1 => 1, c2 => \"> t0.c0"});
48d9f5f8 2533 my %where = ( -and => [
96449e8e 2534 foo => 1234,
48d9f5f8 2535 \["EXISTS ($sub_stmt)" => @sub_bind],
2536 ]);
96449e8e 2537
2538which yields
2539
9d48860e 2540 $stmt = "WHERE (foo = ? AND EXISTS (SELECT * FROM t1
96449e8e 2541 WHERE c1 = ? AND c2 > t0.c0))";
2542 @bind = (1234, 1);
2543
2544
9d48860e 2545Observe that the condition on C<c2> in the subquery refers to
be21dde3 2546column C<t0.c0> of the main query: this is I<not> a bind
9d48860e 2547value, so we have to express it through a scalar ref.
96449e8e 2548Writing C<< c2 => {">" => "t0.c0"} >> would have generated
2549C<< c2 > ? >> with bind value C<"t0.c0"> ... not exactly
2550what we wanted here.
2551
96449e8e 2552Finally, here is an example where a subquery is used
2553for expressing unary negation:
2554
9d48860e 2555 my ($sub_stmt, @sub_bind)
96449e8e 2556 = $sql->where({age => [{"<" => 10}, {">" => 20}]});
2557 $sub_stmt =~ s/^ where //i; # don't want "WHERE" in the subclause
2558 my %where = (
2559 lname => {like => '%son%'},
48d9f5f8 2560 \["NOT ($sub_stmt)" => @sub_bind],
96449e8e 2561 );
2562
2563This yields
2564
2565 $stmt = "lname LIKE ? AND NOT ( age < ? OR age > ? )"
2566 @bind = ('%son%', 10, 20)
2567
cc422895 2568=head3 Deprecated usage of Literal SQL
2569
2570Below are some examples of archaic use of literal SQL. It is shown only as
2571reference for those who deal with legacy code. Each example has a much
2572better, cleaner and safer alternative that users should opt for in new code.
2573
2574=over
2575
2576=item *
2577
2578 my %where = ( requestor => \'IS NOT NULL' )
2579
2580 $stmt = "WHERE requestor IS NOT NULL"
2581
2582This used to be the way of generating NULL comparisons, before the handling
2583of C<undef> got formalized. For new code please use the superior syntax as
2584described in L</Tests for NULL values>.
96449e8e 2585
cc422895 2586=item *
2587
2588 my %where = ( requestor => \'= submitter' )
2589
2590 $stmt = "WHERE requestor = submitter"
2591
2592This used to be the only way to compare columns. Use the superior L</-ident>
2593method for all new code. For example an identifier declared in such a way
2594will be properly quoted if L</quote_char> is properly set, while the legacy
2595form will remain as supplied.
2596
2597=item *
2598
2599 my %where = ( is_ready => \"", completed => { '>', '2012-12-21' } )
2600
2601 $stmt = "WHERE completed > ? AND is_ready"
2602 @bind = ('2012-12-21')
2603
2604Using an empty string literal used to be the only way to express a boolean.
2605For all new code please use the much more readable
2606L<-bool|/Unary operators: bool> operator.
2607
2608=back
96449e8e 2609
2610=head2 Conclusion
2611
32eab2da 2612These pages could go on for a while, since the nesting of the data
2613structures this module can handle are pretty much unlimited (the
2614module implements the C<WHERE> expansion as a recursive function
2615internally). Your best bet is to "play around" with the module a
2616little to see how the data structures behave, and choose the best
2617format for your data based on that.
2618
2619And of course, all the values above will probably be replaced with
2620variables gotten from forms or the command line. After all, if you
2621knew everything ahead of time, you wouldn't have to worry about
2622dynamically-generating SQL and could just hardwire it into your
2623script.
2624
86298391 2625=head1 ORDER BY CLAUSES
2626
9d48860e 2627Some functions take an order by clause. This can either be a scalar (just a
18710f60 2628column name), a hashref of C<< { -desc => 'col' } >> or C<< { -asc => 'col' }
2629>>, a scalarref, an arrayref-ref, or an arrayref of any of the previous
2630forms. Examples:
1cfa1db3 2631
8c15b421 2632 Given | Will Generate
18710f60 2633 ---------------------------------------------------------------
8c15b421 2634 |
2635 'colA' | ORDER BY colA
2636 |
2637 [qw/colA colB/] | ORDER BY colA, colB
2638 |
2639 {-asc => 'colA'} | ORDER BY colA ASC
2640 |
2641 {-desc => 'colB'} | ORDER BY colB DESC
2642 |
2643 ['colA', {-asc => 'colB'}] | ORDER BY colA, colB ASC
2644 |
2645 { -asc => [qw/colA colB/] } | ORDER BY colA ASC, colB ASC
2646 |
2647 \'colA DESC' | ORDER BY colA DESC
2648 |
2649 \[ 'FUNC(colA, ?)', $x ] | ORDER BY FUNC(colA, ?)
2650 | /* ...with $x bound to ? */
2651 |
bd805d85 2652 [ | ORDER BY
2653 { -asc => 'colA' }, | colA ASC,
2654 { -desc => [qw/colB/] }, | colB DESC,
2655 { -asc => [qw/colC colD/] },| colC ASC, colD ASC,
2656 \'colE DESC', | colE DESC,
2657 \[ 'FUNC(colF, ?)', $x ], | FUNC(colF, ?)
2658 ] | /* ...with $x bound to ? */
18710f60 2659 ===============================================================
86298391 2660
96449e8e 2661
2662
2663=head1 SPECIAL OPERATORS
2664
e3f9dff4 2665 my $sqlmaker = SQL::Abstract->new(special_ops => [
3a2e1a5e 2666 {
2667 regex => qr/.../,
e3f9dff4 2668 handler => sub {
2669 my ($self, $field, $op, $arg) = @_;
2670 ...
3a2e1a5e 2671 },
2672 },
2673 {
2674 regex => qr/.../,
2675 handler => 'method_name',
e3f9dff4 2676 },
2677 ]);
2678
9d48860e 2679A "special operator" is a SQL syntactic clause that can be
e3f9dff4 2680applied to a field, instead of a usual binary operator.
be21dde3 2681For example:
e3f9dff4 2682
2683 WHERE field IN (?, ?, ?)
2684 WHERE field BETWEEN ? AND ?
2685 WHERE MATCH(field) AGAINST (?, ?)
96449e8e 2686
e3f9dff4 2687Special operators IN and BETWEEN are fairly standard and therefore
3a2e1a5e 2688are builtin within C<SQL::Abstract> (as the overridable methods
2689C<_where_field_IN> and C<_where_field_BETWEEN>). For other operators,
2690like the MATCH .. AGAINST example above which is specific to MySQL,
2691you can write your own operator handlers - supply a C<special_ops>
2692argument to the C<new> method. That argument takes an arrayref of
2693operator definitions; each operator definition is a hashref with two
2694entries:
96449e8e 2695
e3f9dff4 2696=over
2697
2698=item regex
2699
2700the regular expression to match the operator
96449e8e 2701
e3f9dff4 2702=item handler
2703
3a2e1a5e 2704Either a coderef or a plain scalar method name. In both cases
2705the expected return is C<< ($sql, @bind) >>.
2706
2707When supplied with a method name, it is simply called on the
13cc86af 2708L<SQL::Abstract> object as:
3a2e1a5e 2709
ca4f826a 2710 $self->$method_name($field, $op, $arg)
3a2e1a5e 2711
2712 Where:
2713
3a2e1a5e 2714 $field is the LHS of the operator
13cc86af 2715 $op is the part that matched the handler regex
3a2e1a5e 2716 $arg is the RHS
2717
2718When supplied with a coderef, it is called as:
2719
2720 $coderef->($self, $field, $op, $arg)
2721
e3f9dff4 2722
2723=back
2724
9d48860e 2725For example, here is an implementation
e3f9dff4 2726of the MATCH .. AGAINST syntax for MySQL
2727
2728 my $sqlmaker = SQL::Abstract->new(special_ops => [
9d48860e 2729
e3f9dff4 2730 # special op for MySql MATCH (field) AGAINST(word1, word2, ...)
9d48860e 2731 {regex => qr/^match$/i,
e3f9dff4 2732 handler => sub {
2733 my ($self, $field, $op, $arg) = @_;
2734 $arg = [$arg] if not ref $arg;
2735 my $label = $self->_quote($field);
2736 my ($placeholder) = $self->_convert('?');
2737 my $placeholders = join ", ", (($placeholder) x @$arg);
2738 my $sql = $self->_sqlcase('match') . " ($label) "
2739 . $self->_sqlcase('against') . " ($placeholders) ";
2740 my @bind = $self->_bindtype($field, @$arg);
2741 return ($sql, @bind);
2742 }
2743 },
9d48860e 2744
e3f9dff4 2745 ]);
96449e8e 2746
2747
59f23b3d 2748=head1 UNARY OPERATORS
2749
112b5232 2750 my $sqlmaker = SQL::Abstract->new(unary_ops => [
59f23b3d 2751 {
2752 regex => qr/.../,
2753 handler => sub {
2754 my ($self, $op, $arg) = @_;
2755 ...
2756 },
2757 },
2758 {
2759 regex => qr/.../,
2760 handler => 'method_name',
2761 },
2762 ]);
2763
9d48860e 2764A "unary operator" is a SQL syntactic clause that can be
59f23b3d 2765applied to a field - the operator goes before the field
2766
2767You can write your own operator handlers - supply a C<unary_ops>
2768argument to the C<new> method. That argument takes an arrayref of
2769operator definitions; each operator definition is a hashref with two
2770entries:
2771
2772=over
2773
2774=item regex
2775
2776the regular expression to match the operator
2777
2778=item handler
2779
2780Either a coderef or a plain scalar method name. In both cases
2781the expected return is C<< $sql >>.
2782
2783When supplied with a method name, it is simply called on the
13cc86af 2784L<SQL::Abstract> object as:
59f23b3d 2785
ca4f826a 2786 $self->$method_name($op, $arg)
59f23b3d 2787
2788 Where:
2789
2790 $op is the part that matched the handler regex
2791 $arg is the RHS or argument of the operator
2792
2793When supplied with a coderef, it is called as:
2794
2795 $coderef->($self, $op, $arg)
2796
2797
2798=back
2799
2800
32eab2da 2801=head1 PERFORMANCE
2802
2803Thanks to some benchmarking by Mark Stosberg, it turns out that
2804this module is many orders of magnitude faster than using C<DBIx::Abstract>.
2805I must admit this wasn't an intentional design issue, but it's a
2806byproduct of the fact that you get to control your C<DBI> handles
2807yourself.
2808
2809To maximize performance, use a code snippet like the following:
2810
2811 # prepare a statement handle using the first row
2812 # and then reuse it for the rest of the rows
2813 my($sth, $stmt);
2814 for my $href (@array_of_hashrefs) {
2815 $stmt ||= $sql->insert('table', $href);
2816 $sth ||= $dbh->prepare($stmt);
2817 $sth->execute($sql->values($href));
2818 }
2819
2820The reason this works is because the keys in your C<$href> are sorted
2821internally by B<SQL::Abstract>. Thus, as long as your data retains
2822the same structure, you only have to generate the SQL the first time
2823around. On subsequent queries, simply use the C<values> function provided
2824by this module to return your values in the correct order.
2825
b864ba9b 2826However this depends on the values having the same type - if, for
2827example, the values of a where clause may either have values
2828(resulting in sql of the form C<column = ?> with a single bind
2829value), or alternatively the values might be C<undef> (resulting in
2830sql of the form C<column IS NULL> with no bind value) then the
2831caching technique suggested will not work.
96449e8e 2832
32eab2da 2833=head1 FORMBUILDER
2834
2835If you use my C<CGI::FormBuilder> module at all, you'll hopefully
2836really like this part (I do, at least). Building up a complex query
2837can be as simple as the following:
2838
2839 #!/usr/bin/perl
2840
46dc2f3e 2841 use warnings;
2842 use strict;
2843
32eab2da 2844 use CGI::FormBuilder;
2845 use SQL::Abstract;
2846
2847 my $form = CGI::FormBuilder->new(...);
2848 my $sql = SQL::Abstract->new;
2849
2850 if ($form->submitted) {
2851 my $field = $form->field;
2852 my $id = delete $field->{id};
2853 my($stmt, @bind) = $sql->update('table', $field, {id => $id});
2854 }
2855
2856Of course, you would still have to connect using C<DBI> to run the
2857query, but the point is that if you make your form look like your
2858table, the actual query script can be extremely simplistic.
2859
2860If you're B<REALLY> lazy (I am), check out C<HTML::QuickTable> for
9d48860e 2861a fast interface to returning and formatting data. I frequently
32eab2da 2862use these three modules together to write complex database query
2863apps in under 50 lines.
2864
af733667 2865=head1 HOW TO CONTRIBUTE
2866
2867Contributions are always welcome, in all usable forms (we especially
2868welcome documentation improvements). The delivery methods include git-
2869or unified-diff formatted patches, GitHub pull requests, or plain bug
2870reports either via RT or the Mailing list. Contributors are generally
2871granted full access to the official repository after their first several
2872patches pass successful review.
2873
2874This project is maintained in a git repository. The code and related tools are
2875accessible at the following locations:
d8cc1792 2876
2877=over
2878
af733667 2879=item * Official repo: L<git://git.shadowcat.co.uk/dbsrgits/SQL-Abstract.git>
2880
2881=item * Official gitweb: L<http://git.shadowcat.co.uk/gitweb/gitweb.cgi?p=dbsrgits/SQL-Abstract.git>
2882
2883=item * GitHub mirror: L<https://github.com/dbsrgits/sql-abstract>
d8cc1792 2884
af733667 2885=item * Authorized committers: L<ssh://dbsrgits@git.shadowcat.co.uk/SQL-Abstract.git>
d8cc1792 2886
2887=back
32eab2da 2888
96449e8e 2889=head1 CHANGES
2890
2891Version 1.50 was a major internal refactoring of C<SQL::Abstract>.
2892Great care has been taken to preserve the I<published> behavior
2893documented in previous versions in the 1.* family; however,
9d48860e 2894some features that were previously undocumented, or behaved
96449e8e 2895differently from the documentation, had to be changed in order
2896to clarify the semantics. Hence, client code that was relying
9d48860e 2897on some dark areas of C<SQL::Abstract> v1.*
96449e8e 2898B<might behave differently> in v1.50.
32eab2da 2899
be21dde3 2900The main changes are:
d2a8fe1a 2901
96449e8e 2902=over
32eab2da 2903
9d48860e 2904=item *
32eab2da 2905
3ae1c5e2 2906support for literal SQL through the C<< \ [ $sql, @bind ] >> syntax.
96449e8e 2907
2908=item *
2909
145fbfc8 2910support for the { operator => \"..." } construct (to embed literal SQL)
2911
2912=item *
2913
9c37b9c0 2914support for the { operator => \["...", @bind] } construct (to embed literal SQL with bind values)
2915
2916=item *
2917
96449e8e 2918optional support for L<array datatypes|/"Inserting and Updating Arrays">
2919
9d48860e 2920=item *
96449e8e 2921
be21dde3 2922defensive programming: check arguments
96449e8e 2923
2924=item *
2925
2926fixed bug with global logic, which was previously implemented
7cac25e6 2927through global variables yielding side-effects. Prior versions would
96449e8e 2928interpret C<< [ {cond1, cond2}, [cond3, cond4] ] >>
2929as C<< "(cond1 AND cond2) OR (cond3 AND cond4)" >>.
2930Now this is interpreted
2931as C<< "(cond1 AND cond2) OR (cond3 OR cond4)" >>.
2932
96449e8e 2933
2934=item *
2935
2936fixed semantics of _bindtype on array args
2937
9d48860e 2938=item *
96449e8e 2939
2940dropped the C<_anoncopy> of the %where tree. No longer necessary,
2941we just avoid shifting arrays within that tree.
2942
2943=item *
2944
2945dropped the C<_modlogic> function
2946
2947=back
32eab2da 2948
32eab2da 2949=head1 ACKNOWLEDGEMENTS
2950
2951There are a number of individuals that have really helped out with
2952this module. Unfortunately, most of them submitted bugs via CPAN
2953so I have no idea who they are! But the people I do know are:
2954
9d48860e 2955 Ash Berlin (order_by hash term support)
b643abe1 2956 Matt Trout (DBIx::Class support)
32eab2da 2957 Mark Stosberg (benchmarking)
2958 Chas Owens (initial "IN" operator support)
2959 Philip Collins (per-field SQL functions)
2960 Eric Kolve (hashref "AND" support)
2961 Mike Fragassi (enhancements to "BETWEEN" and "LIKE")
2962 Dan Kubb (support for "quote_char" and "name_sep")
f5aab26e 2963 Guillermo Roditi (patch to cleanup "IN" and "BETWEEN", fix and tests for _order_by)
48d9f5f8 2964 Laurent Dami (internal refactoring, extensible list of special operators, literal SQL)
dbdf7648 2965 Norbert Buchmuller (support for literal SQL in hashpair, misc. fixes & tests)
e96c510a 2966 Peter Rabbitson (rewrite of SQLA::Test, misc. fixes & tests)
02288357 2967 Oliver Charles (support for "RETURNING" after "INSERT")
32eab2da 2968
2969Thanks!
2970
32eab2da 2971=head1 SEE ALSO
2972
86298391 2973L<DBIx::Class>, L<DBIx::Abstract>, L<CGI::FormBuilder>, L<HTML::QuickTable>.
32eab2da 2974
32eab2da 2975=head1 AUTHOR
2976
b643abe1 2977Copyright (c) 2001-2007 Nathan Wiger <nwiger@cpan.org>. All Rights Reserved.
2978
2979This module is actively maintained by Matt Trout <mst@shadowcatsystems.co.uk>
32eab2da 2980
abe72f94 2981For support, your best bet is to try the C<DBIx::Class> users mailing list.
2982While not an official support venue, C<DBIx::Class> makes heavy use of
2983C<SQL::Abstract>, and as such list members there are very familiar with
2984how to create queries.
2985
0d067ded 2986=head1 LICENSE
2987
d988ab87 2988This module is free software; you may copy this under the same
2989terms as perl itself (either the GNU General Public License or
2990the Artistic License)
32eab2da 2991
2992=cut
Unnamed repository; edit this file 'description' to name the repository.