projects / scpubgit/Q-Branch.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | history | HEAD
clean vestigial debugging code
[scpubgit/Q-Branch.git] / lib / SQL / Abstract.pm
CommitLineData
96449e8e 1package SQL::Abstract; # see doc at end of file
2
96449e8e 3use strict;
4use warnings;
9d9d5bd6 5use Carp ();
312d830b 6use List::Util ();
7use Scalar::Util ();
96449e8e 8
0da0fe34 9use Exporter 'import';
10our @EXPORT_OK = qw(is_plain_value is_literal_value);
11
12BEGIN {
13 if ($] < 5.009_005) {
14 require MRO::Compat;
15 }
16 else {
17 require mro;
18 }
843a94b5 19
20 *SQL::Abstract::_ENV_::DETECT_AUTOGENERATED_STRINGIFICATION = $ENV{SQLA_ISVALUE_IGNORE_AUTOGENERATED_STRINGIFICATION}
21 ? sub () { 0 }
22 : sub () { 1 }
23 ;
0da0fe34 24}
25
96449e8e 26#======================================================================
27# GLOBALS
28#======================================================================
29
dc6afcf8 30our $VERSION = '1.86';
7479e27e 31
22f1a437 32# This would confuse some packagers
c520207b 33$VERSION = eval $VERSION if $VERSION =~ /_/; # numify for warning-free dev releases
96449e8e 34
35our $AUTOLOAD;
36
37# special operators (-in, -between). May be extended/overridden by user.
38# See section WHERE: BUILTIN SPECIAL OPERATORS below for implementation
39my @BUILTIN_SPECIAL_OPS = (
f663e672 40 {regex => qr/^ (?: not \s )? between $/ix, handler => sub { die "NOPE" }},
41 {regex => qr/^ (?: not \s )? in $/ix, handler => sub { die "NOPE" }},
87c8e45b 42 {regex => qr/^ is (?: \s+ not )? $/ix, handler => sub { die "NOPE" }},
96449e8e 43);
44
45#======================================================================
46# DEBUGGING AND ERROR REPORTING
47#======================================================================
48
49sub _debug {
50 return unless $_[0]->{debug}; shift; # a little faster
51 my $func = (caller(1))[3];
52 warn "[$func] ", @_, "\n";
53}
54
55sub belch (@) {
56 my($func) = (caller(1))[3];
9d9d5bd6 57 Carp::carp "[$func] Warning: ", @_;
96449e8e 58}
59
60sub puke (@) {
61 my($func) = (caller(1))[3];
9d9d5bd6 62 Carp::croak "[$func] Fatal: ", @_;
96449e8e 63}
64
0da0fe34 65sub is_literal_value ($) {
66 ref $_[0] eq 'SCALAR' ? [ ${$_[0]} ]
67 : ( ref $_[0] eq 'REF' and ref ${$_[0]} eq 'ARRAY' ) ? [ @${ $_[0] } ]
0da0fe34 68 : undef;
69}
70
71# FIXME XSify - this can be done so much more efficiently
72sub is_plain_value ($) {
73 no strict 'refs';
966200cc 74 ! length ref $_[0] ? \($_[0])
0da0fe34 75 : (
76 ref $_[0] eq 'HASH' and keys %{$_[0]} == 1
77 and
78 exists $_[0]->{-value}
966200cc 79 ) ? \($_[0]->{-value})
0da0fe34 80 : (
a1c9e0ff 81 # reuse @_ for even moar speedz
82 defined ( $_[1] = Scalar::Util::blessed $_[0] )
0da0fe34 83 and
84 # deliberately not using Devel::OverloadInfo - the checks we are
85 # intersted in are much more limited than the fullblown thing, and
86 # this is a very hot piece of code
87 (
e8d729d4 88 # simply using ->can('(""') can leave behind stub methods that
89 # break actually using the overload later (see L<perldiag/Stub
90 # found while resolving method "%s" overloading "%s" in package
91 # "%s"> and the source of overload::mycan())
44e54b41 92 #
0da0fe34 93 # either has stringification which DBI SHOULD prefer out of the box
a1c9e0ff 94 grep { *{ (qq[${_}::(""]) }{CODE} } @{ $_[2] = mro::get_linear_isa( $_[1] ) }
0da0fe34 95 or
20e178a8 96 # has nummification or boolification, AND fallback is *not* disabled
0da0fe34 97 (
843a94b5 98 SQL::Abstract::_ENV_::DETECT_AUTOGENERATED_STRINGIFICATION
99 and
20e178a8 100 (
101 grep { *{"${_}::(0+"}{CODE} } @{$_[2]}
102 or
103 grep { *{"${_}::(bool"}{CODE} } @{$_[2]}
104 )
0da0fe34 105 and
106 (
107 # no fallback specified at all
a1c9e0ff 108 ! ( ($_[3]) = grep { *{"${_}::()"}{CODE} } @{$_[2]} )
0da0fe34 109 or
110 # fallback explicitly undef
a1c9e0ff 111 ! defined ${"$_[3]::()"}
0da0fe34 112 or
113 # explicitly true
a1c9e0ff 114 !! ${"$_[3]::()"}
0da0fe34 115 )
116 )
117 )
966200cc 118 ) ? \($_[0])
0da0fe34 119 : undef;
120}
121
122
96449e8e 123
124#======================================================================
125# NEW
126#======================================================================
127
128sub new {
129 my $self = shift;
130 my $class = ref($self) || $self;
131 my %opt = (ref $_[0] eq 'HASH') ? %{$_[0]} : @_;
132
133 # choose our case by keeping an option around
134 delete $opt{case} if $opt{case} && $opt{case} ne 'lower';
135
136 # default logic for interpreting arrayrefs
ef559da3 137 $opt{logic} = $opt{logic} ? uc $opt{logic} : 'OR';
96449e8e 138
139 # how to return bind vars
96449e8e 140 $opt{bindtype} ||= 'normal';
141
142 # default comparison is "=", but can be overridden
143 $opt{cmp} ||= '=';
144
3af02ccb 145 # try to recognize which are the 'equality' and 'inequality' ops
3cdadcbe 146 # (temporary quickfix (in 2007), should go through a more seasoned API)
147 $opt{equality_op} = qr/^( \Q$opt{cmp}\E | \= )$/ix;
148 $opt{inequality_op} = qr/^( != | <> )$/ix;
149
150 $opt{like_op} = qr/^ (is\s+)? r?like $/xi;
151 $opt{not_like_op} = qr/^ (is\s+)? not \s+ r?like $/xi;
96449e8e 152
153 # SQL booleans
154 $opt{sqltrue} ||= '1=1';
155 $opt{sqlfalse} ||= '0=1';
156
9d48860e 157 # special operators
30af97c5 158 $opt{special_ops} ||= [];
159
b6251592 160 # regexes are applied in order, thus push after user-defines
96449e8e 161 push @{$opt{special_ops}}, @BUILTIN_SPECIAL_OPS;
162
cf06e9dc 163 if ($class->isa('DBIx::Class::SQLMaker')) {
dd1d0dbf 164 push @{$opt{special_ops}}, our $DBIC_Compat_Op ||= {
165 regex => qr/^(?:ident|value)$/i, handler => sub { die "NOPE" }
166 };
cf06e9dc 167 $opt{is_dbic_sqlmaker} = 1;
dd1d0dbf 168 }
169
9d48860e 170 # unary operators
59f23b3d 171 $opt{unary_ops} ||= [];
59f23b3d 172
3af02ccb 173 # rudimentary sanity-check for user supplied bits treated as functions/operators
b6251592 174 # If a purported function matches this regular expression, an exception is thrown.
175 # Literal SQL is *NOT* subject to this check, only functions (and column names
176 # when quoting is not in effect)
96449e8e 177
b6251592 178 # FIXME
179 # need to guard against ()'s in column names too, but this will break tons of
180 # hacks... ideas anyone?
181 $opt{injection_guard} ||= qr/
182 \;
183 |
184 ^ \s* go \s
185 /xmi;
96449e8e 186
b07681b1 187 $opt{node_types} = +{
188 map +("-$_" => '_render_'.$_),
352d74bc 189 qw(op func value bind ident literal list)
b07681b1 190 };
191
ec19b759 192 $opt{expand_unary} = {};
193
b6251592 194 return bless \%opt, $class;
195}
96449e8e 196
e175845b 197sub sqltrue { +{ -literal => [ $_[0]->{sqltrue} ] } }
198sub sqlfalse { +{ -literal => [ $_[0]->{sqlfalse} ] } }
170e6c33 199
200sub _assert_pass_injection_guard {
201 if ($_[1] =~ $_[0]->{injection_guard}) {
202 my $class = ref $_[0];
203 puke "Possible SQL injection attempt '$_[1]'. If this is indeed a part of the "
204 . "desired SQL use literal SQL ( \'...' or \[ '...' ] ) or supply your own "
205 . "{injection_guard} attribute to ${class}->new()"
206 }
207}
208
209
96449e8e 210#======================================================================
211# INSERT methods
212#======================================================================
213
214sub insert {
02288357 215 my $self = shift;
216 my $table = $self->_table(shift);
217 my $data = shift || return;
218 my $options = shift;
96449e8e 219
220 my $method = $self->_METHOD_FOR_refkind("_insert", $data);
02288357 221 my ($sql, @bind) = $self->$method($data);
96449e8e 222 $sql = join " ", $self->_sqlcase('insert into'), $table, $sql;
02288357 223
e82e648a 224 if ($options->{returning}) {
ca4f826a 225 my ($s, @b) = $self->_insert_returning($options);
e82e648a 226 $sql .= $s;
227 push @bind, @b;
02288357 228 }
229
96449e8e 230 return wantarray ? ($sql, @bind) : $sql;
231}
232
60f3fd3f 233# So that subclasses can override INSERT ... RETURNING separately from
234# UPDATE and DELETE (e.g. DBIx::Class::SQLMaker::Oracle does this)
b17a3ece 235sub _insert_returning { shift->_returning(@_) }
236
95904db5 237sub _returning {
e82e648a 238 my ($self, $options) = @_;
6b1fe79d 239
e82e648a 240 my $f = $options->{returning};
241
ff96fdd4 242 my ($sql, @bind) = $self->_render_expr(
243 $self->_expand_maybe_list_expr($f, undef, -ident)
244 );
245 return wantarray
246 ? $self->_sqlcase(' returning ') . $sql
247 : ($self->_sqlcase(' returning ').$sql, @bind);
6b1fe79d 248}
249
96449e8e 250sub _insert_HASHREF { # explicit list of fields and then values
251 my ($self, $data) = @_;
252
253 my @fields = sort keys %$data;
254
fe3ae272 255 my ($sql, @bind) = $self->_insert_values($data);
96449e8e 256
257 # assemble SQL
258 $_ = $self->_quote($_) foreach @fields;
259 $sql = "( ".join(", ", @fields).") ".$sql;
260
261 return ($sql, @bind);
262}
263
264sub _insert_ARRAYREF { # just generate values(?,?) part (no list of fields)
265 my ($self, $data) = @_;
266
267 # no names (arrayref) so can't generate bindtype
268 $self->{bindtype} ne 'columns'
269 or belch "can't do 'columns' bindtype when called with arrayref";
270
19b6ccce 271 my (@values, @all_bind);
272 foreach my $value (@$data) {
273 my ($values, @bind) = $self->_insert_value(undef, $value);
274 push @values, $values;
275 push @all_bind, @bind;
276 }
277 my $sql = $self->_sqlcase('values')." ( ".join(", ", @values)." )";
278 return ($sql, @all_bind);
fe3ae272 279}
280
281sub _insert_ARRAYREFREF { # literal SQL with bind
282 my ($self, $data) = @_;
283
284 my ($sql, @bind) = @${$data};
285 $self->_assert_bindval_matches_bindtype(@bind);
286
287 return ($sql, @bind);
288}
289
290
291sub _insert_SCALARREF { # literal SQL without bind
292 my ($self, $data) = @_;
293
294 return ($$data);
295}
296
297sub _insert_values {
298 my ($self, $data) = @_;
299
96449e8e 300 my (@values, @all_bind);
fe3ae272 301 foreach my $column (sort keys %$data) {
19b6ccce 302 my ($values, @bind) = $self->_insert_value($column, $data->{$column});
303 push @values, $values;
304 push @all_bind, @bind;
305 }
306 my $sql = $self->_sqlcase('values')." ( ".join(", ", @values)." )";
307 return ($sql, @all_bind);
308}
96449e8e 309
19b6ccce 310sub _insert_value {
311 my ($self, $column, $v) = @_;
96449e8e 312
720ca4f7 313 return $self->_render_expr(
314 $self->_expand_insert_value($column, $v)
315 );
316}
96449e8e 317
720ca4f7 318sub _expand_insert_value {
319 my ($self, $column, $v) = @_;
96449e8e 320
720ca4f7 321 if (ref($v) eq 'ARRAY') {
322 if ($self->{array_datatypes}) {
323 return +{ -bind => [ $column, $v ] };
324 }
325 my ($sql, @bind) = @$v;
326 $self->_assert_bindval_matches_bindtype(@bind);
327 return +{ -literal => $v };
328 }
329 if (ref($v) eq 'HASH') {
330 if (grep !/^-/, keys %$v) {
331 belch "HASH ref as bind value in insert is not supported";
332 return +{ -bind => [ $column, $v ] };
333 }
334 }
335 if (!defined($v)) {
336 return +{ -bind => [ $column, undef ] };
337 }
338 local our $Cur_Col_Meta = $column;
339 return $self->_expand_expr($v);
96449e8e 340}
341
342
96449e8e 343
344#======================================================================
345# UPDATE methods
346#======================================================================
347
348
349sub update {
95904db5 350 my $self = shift;
351 my $table = $self->_table(shift);
352 my $data = shift || return;
353 my $where = shift;
354 my $options = shift;
96449e8e 355
356 # first build the 'SET' part of the sql statement
96449e8e 357 puke "Unsupported data type specified to \$sql->update"
358 unless ref $data eq 'HASH';
359
9ade906e 360 my ($sql, @all_bind) = $self->_update_set_values($data);
a9e94508 361 $sql = $self->_sqlcase('update ') . $table . $self->_sqlcase(' set ')
9ade906e 362 . $sql;
363
364 if ($where) {
365 my($where_sql, @where_bind) = $self->where($where);
366 $sql .= $where_sql;
367 push @all_bind, @where_bind;
368 }
369
370 if ($options->{returning}) {
371 my ($returning_sql, @returning_bind) = $self->_update_returning($options);
372 $sql .= $returning_sql;
373 push @all_bind, @returning_bind;
374 }
375
376 return wantarray ? ($sql, @all_bind) : $sql;
377}
378
379sub _update_set_values {
380 my ($self, $data) = @_;
381
89690da2 382 return $self->_render_expr(
383 $self->_expand_update_set_values($data),
384 );
385}
96449e8e 386
89690da2 387sub _expand_update_set_values {
388 my ($self, $data) = @_;
389 $self->_expand_maybe_list_expr( [
390 map {
391 my ($k, $set) = @$_;
c4ed66f4 392 $set = { -bind => $_ } unless defined $set;
89690da2 393 +{ -op => [ '=', { -ident => $k }, $set ] };
394 }
395 map {
396 my $k = $_;
397 my $v = $data->{$k};
398 (ref($v) eq 'ARRAY'
399 ? ($self->{array_datatypes}
400 ? [ $k, +{ -bind => [ $k, $v ] } ]
401 : [ $k, +{ -literal => $v } ])
402 : do {
403 local our $Cur_Col_Meta = $k;
404 [ $k, $self->_expand_expr($v) ]
405 }
406 );
407 } sort keys %$data
408 ] );
96449e8e 409}
410
60f3fd3f 411# So that subclasses can override UPDATE ... RETURNING separately from
412# INSERT and DELETE
20bb2ad5 413sub _update_returning { shift->_returning(@_) }
96449e8e 414
415
416
417#======================================================================
418# SELECT
419#======================================================================
420
421
422sub select {
423 my $self = shift;
424 my $table = $self->_table(shift);
425 my $fields = shift || '*';
426 my $where = shift;
427 my $order = shift;
428
daa4ccdd 429 my ($fields_sql, @bind) = $self->_select_fields($fields);
96449e8e 430
daa4ccdd 431 my ($where_sql, @where_bind) = $self->where($where, $order);
432 push @bind, @where_bind;
433
434 my $sql = join(' ', $self->_sqlcase('select'), $fields_sql,
96449e8e 435 $self->_sqlcase('from'), $table)
436 . $where_sql;
437
9d48860e 438 return wantarray ? ($sql, @bind) : $sql;
96449e8e 439}
440
daa4ccdd 441sub _select_fields {
442 my ($self, $fields) = @_;
de63ce57 443 return $fields unless ref($fields);
27592e2b 444 return $self->_render_expr(
445 $self->_expand_maybe_list_expr($fields, undef, '-ident')
446 );
daa4ccdd 447}
448
96449e8e 449#======================================================================
450# DELETE
451#======================================================================
452
453
454sub delete {
85327cd5 455 my $self = shift;
456 my $table = $self->_table(shift);
457 my $where = shift;
458 my $options = shift;
96449e8e 459
460 my($where_sql, @bind) = $self->where($where);
a9e94508 461 my $sql = $self->_sqlcase('delete from ') . $table . $where_sql;
96449e8e 462
85327cd5 463 if ($options->{returning}) {
ca4f826a 464 my ($returning_sql, @returning_bind) = $self->_delete_returning($options);
85327cd5 465 $sql .= $returning_sql;
466 push @bind, @returning_bind;
467 }
468
9d48860e 469 return wantarray ? ($sql, @bind) : $sql;
96449e8e 470}
471
60f3fd3f 472# So that subclasses can override DELETE ... RETURNING separately from
473# INSERT and UPDATE
85327cd5 474sub _delete_returning { shift->_returning(@_) }
475
476
96449e8e 477
478#======================================================================
479# WHERE: entry point
480#======================================================================
481
482
483
484# Finally, a separate routine just to handle WHERE clauses
485sub where {
486 my ($self, $where, $order) = @_;
487
7ad12721 488 local $self->{convert_where} = $self->{convert};
489
96449e8e 490 # where ?
e175845b 491 my ($sql, @bind) = defined($where)
492 ? $self->_recurse_where($where)
493 : (undef);
417dd15e 494 $sql = (defined $sql and length $sql) ? $self->_sqlcase(' where ') . "( $sql )" : '';
96449e8e 495
496 # order by?
497 if ($order) {
26fe4d30 498 my ($order_sql, @order_bind) = $self->_order_by($order);
499 $sql .= $order_sql;
500 push @bind, @order_bind;
96449e8e 501 }
502
9d48860e 503 return wantarray ? ($sql, @bind) : $sql;
96449e8e 504}
505
a2cd381d 506sub _expand_expr {
2558b622 507 my ($self, $expr, $logic, $default_scalar_to) = @_;
508 local our $Default_Scalar_To = $default_scalar_to if $default_scalar_to;
3ae10d16 509 our $Expand_Depth ||= 0; local $Expand_Depth = $Expand_Depth + 1;
252518da 510 return undef unless defined($expr);
59588695 511 if (ref($expr) eq 'HASH') {
512 if (keys %$expr > 1) {
513 $logic ||= 'and';
77617257 514 return +{ -op => [
515 $logic,
59588695 516 map $self->_expand_expr_hashpair($_ => $expr->{$_}, $logic),
517 sort keys %$expr
518 ] };
519 }
1c0c0f41 520 return { -literal => [ '' ] } unless keys %$expr;
59588695 521 return $self->_expand_expr_hashpair(%$expr, $logic);
a2cd381d 522 }
08264f40 523 if (ref($expr) eq 'ARRAY') {
99a65fa8 524 my $logic = lc($logic || $self->{logic});
08264f40 525 $logic eq 'and' or $logic eq 'or' or puke "unknown logic: $logic";
526
1c0c0f41 527 #my @expr = @$expr;
528 my @expr = grep {
529 (ref($_) eq 'ARRAY' and @$_)
530 or (ref($_) eq 'HASH' and %$_)
531 or 1
532 } @$expr;
08264f40 533
534 my @res;
535
536 while (my ($el) = splice @expr, 0, 1) {
537 puke "Supplying an empty left hand side argument is not supported in array-pairs"
538 unless defined($el) and length($el);
539 my $elref = ref($el);
540 if (!$elref) {
dd1d0dbf 541 local $Expand_Depth = 0;
08264f40 542 push(@res, $self->_expand_expr({ $el, shift(@expr) }));
543 } elsif ($elref eq 'ARRAY') {
544 push(@res, $self->_expand_expr($el)) if @$el;
ec857800 545 } elsif (my $l = is_literal_value($el)) {
546 push @res, { -literal => $l };
08264f40 547 } elsif ($elref eq 'HASH') {
dd1d0dbf 548 local $Expand_Depth = 0;
1b630cfe 549 push @res, $self->_expand_expr($el) if %$el;
08264f40 550 } else {
da4a0964 551 die "notreached";
08264f40 552 }
553 }
2143604f 554 return { -op => [ $logic, @res ] };
08264f40 555 }
ca3da680 556 if (my $literal = is_literal_value($expr)) {
557 return +{ -literal => $literal };
558 }
99a65fa8 559 if (!ref($expr) or Scalar::Util::blessed($expr)) {
2558b622 560 if (my $d = $Default_Scalar_To) {
561 return +{ $d => $expr };
562 }
99a65fa8 563 if (my $m = our $Cur_Col_Meta) {
564 return +{ -bind => [ $m, $expr ] };
565 }
252518da 566 return +{ -value => $expr };
567 }
252518da 568 die "notreached";
a2cd381d 569}
96449e8e 570
59588695 571sub _expand_expr_hashpair {
572 my ($self, $k, $v, $logic) = @_;
d13725da 573 unless (defined($k) and length($k)) {
2d64004f 574 if (defined($k) and my $literal = is_literal_value($v)) {
d13725da 575 belch 'Hash-pairs consisting of an empty string with a literal are deprecated, and will be removed in 2.0: use -and => [ $literal ] instead';
2d64004f 576 return { -literal => $literal };
d13725da 577 }
578 puke "Supplying an empty left hand side argument is not supported";
579 }
ef071fad 580 if ($k =~ /^-/) {
99a65fa8 581 $self->_assert_pass_injection_guard($k =~ /^-(.*)$/s);
582 if ($k =~ s/ [_\s]? \d+ $//x ) {
583 belch 'Use of [and|or|nest]_N modifiers is deprecated and will be removed in SQLA v2.0. '
584 . "You probably wanted ...-and => [ $k => COND1, $k => COND2 ... ]";
585 }
ef071fad 586 if ($k eq '-nest') {
0fc68377 587 # DBIx::Class requires a nest warning to be emitted once but the private
588 # method it overrode to do so no longer exists
cf06e9dc 589 if ($self->{is_dbic_sqlmaker}) {
590 unless (our $Nest_Warned) {
0fc68377 591 belch(
592 "-nest in search conditions is deprecated, you most probably wanted:\n"
593 .q|{..., -and => [ \%cond0, \@cond1, \'cond2', \[ 'cond3', [ col => bind ] ], etc. ], ... }|
594 );
595 $Nest_Warned = 1;
596 }
597 }
ef071fad 598 return $self->_expand_expr($v);
599 }
6ab1562a 600 if ($k eq '-bool') {
601 if (ref($v)) {
602 return $self->_expand_expr($v);
603 }
604 puke "-bool => undef not supported" unless defined($v);
605 return { -ident => $v };
606 }
99a65fa8 607 if ($k eq '-not') {
0c7e3af0 608 return { -op => [ 'not', $self->_expand_expr($v) ] };
99a65fa8 609 }
ce3bc4b0 610 if (my ($rest) = $k =~/^-not[_ ](.*)$/) {
0c7e3af0 611 return +{ -op => [
612 'not',
99a65fa8 613 $self->_expand_expr_hashpair("-${rest}", $v, $logic)
0c7e3af0 614 ] };
ce3bc4b0 615 }
99a65fa8 616 if (my ($logic) = $k =~ /^-(and|or)$/i) {
dd2d5bf7 617 if (ref($v) eq 'HASH') {
618 return $self->_expand_expr($v, $logic);
619 }
99a65fa8 620 if (ref($v) eq 'ARRAY') {
621 return $self->_expand_expr($v, $logic);
622 }
dd2d5bf7 623 }
99a65fa8 624 {
625 my $op = $k;
626 $op =~ s/^-// if length($op) > 1;
627
628 # top level special ops are illegal in general
3ae10d16 629 # note that, arguably, if it makes no sense at top level, it also
630 # makes no sense on the other side of an = sign or similar but DBIC
631 # gets disappointingly upset if I disallow it
632 if (
633 (our $Expand_Depth) == 1
634 and List::Util::first { $op =~ $_->{regex} } @{$self->{special_ops}}
635 ) {
636 puke "Illegal use of top-level '-$op'"
637 }
96a8d74a 638 if (my $us = List::Util::first { $op =~ $_->{regex} } @{$self->{unary_ops}}) {
639 return { -op => [ $op, $v ] };
640 }
99a65fa8 641 }
642 if ($k eq '-value' and my $m = our $Cur_Col_Meta) {
643 return +{ -bind => [ $m, $v ] };
644 }
ec19b759 645 if (my $custom = $self->{expand_unary}{$k}) {
646 return $self->$custom($v);
647 }
b07681b1 648 if ($self->{node_types}{$k}) {
99a65fa8 649 return { $k => $v };
d13725da 650 }
711892b1 651 if (
652 ref($v) eq 'HASH'
653 and keys %$v == 1
654 and (keys %$v)[0] =~ /^-/
655 ) {
656 my ($func) = $k =~ /^-(.*)$/;
3ae10d16 657 if (List::Util::first { $func =~ $_->{regex} } @{$self->{special_ops}}) {
658 return +{ -op => [ $func, $self->_expand_expr($v) ] };
659 }
711892b1 660 return +{ -func => [ $func, $self->_expand_expr($v) ] };
661 }
662 if (!ref($v) or is_literal_value($v)) {
99a65fa8 663 return +{ -op => [ $k =~ /^-(.*)$/, $self->_expand_expr($v) ] };
59588695 664 }
99a65fa8 665 }
666 if (
667 !defined($v)
668 or (
669 ref($v) eq 'HASH'
670 and exists $v->{-value}
671 and not defined $v->{-value}
672 )
673 ) {
674 return $self->_expand_expr_hashpair($k => { $self->{cmp} => undef });
675 }
676 if (!ref($v) or Scalar::Util::blessed($v)) {
ec19b759 677 my $d = our $Default_Scalar_To;
99a65fa8 678 return +{
679 -op => [
680 $self->{cmp},
681 { -ident => $k },
ec19b759 682 ($d ? { $d => $v } : { -bind => [ $k, $v ] })
99a65fa8 683 ]
684 };
685 }
686 if (ref($v) eq 'HASH') {
687 if (keys %$v > 1) {
e175845b 688 return { -op => [
689 'and',
99a65fa8 690 map $self->_expand_expr_hashpair($k => { $_ => $v->{$_} }),
691 sort keys %$v
692 ] };
693 }
dd1d0dbf 694 return { -literal => [ '' ] } unless keys %$v;
99a65fa8 695 my ($vk, $vv) = %$v;
696 $vk =~ s/^-//;
697 $vk = lc($vk);
698 $self->_assert_pass_injection_guard($vk);
699 if ($vk =~ s/ [_\s]? \d+ $//x ) {
700 belch 'Use of [and|or|nest]_N modifiers is deprecated and will be removed in SQLA v2.0. '
701 . "You probably wanted ...-and => [ -$vk => COND1, -$vk => COND2 ... ]";
702 }
703 if ($vk =~ /^(?:not[ _])?between$/) {
704 local our $Cur_Col_Meta = $k;
705 my @rhs = map $self->_expand_expr($_),
706 ref($vv) eq 'ARRAY' ? @$vv : $vv;
707 unless (
708 (@rhs == 1 and ref($rhs[0]) eq 'HASH' and $rhs[0]->{-literal})
709 or
710 (@rhs == 2 and defined($rhs[0]) and defined($rhs[1]))
711 ) {
712 puke "Operator '${\uc($vk)}' requires either an arrayref with two defined values or expressions, or a single literal scalarref/arrayref-ref";
b5b18861 713 }
99a65fa8 714 return +{ -op => [
715 join(' ', split '_', $vk),
716 { -ident => $k },
717 @rhs
718 ] }
719 }
720 if ($vk =~ /^(?:not[ _])?in$/) {
721 if (my $literal = is_literal_value($vv)) {
722 my ($sql, @bind) = @$literal;
723 my $opened_sql = $self->_open_outer_paren($sql);
10d07c4e 724 return +{ -op => [
99a65fa8 725 $vk, { -ident => $k },
726 [ { -literal => [ $opened_sql, @bind ] } ]
10d07c4e 727 ] };
728 }
99a65fa8 729 my $undef_err =
730 'SQL::Abstract before v1.75 used to generate incorrect SQL when the '
731 . "-${\uc($vk)} operator was given an undef-containing list: !!!AUDIT YOUR CODE "
732 . 'AND DATA!!! (the upcoming Data::Query-based version of SQL::Abstract '
733 . 'will emit the logically correct SQL instead of raising this exception)'
734 ;
735 puke("Argument passed to the '${\uc($vk)}' operator can not be undefined")
736 if !defined($vv);
737 my @rhs = map $self->_expand_expr($_),
738 map { ref($_) ? $_ : { -bind => [ $k, $_ ] } }
739 map { defined($_) ? $_: puke($undef_err) }
740 (ref($vv) eq 'ARRAY' ? @$vv : $vv);
e175845b 741 return $self->${\($vk =~ /^not/ ? 'sqltrue' : 'sqlfalse')} unless @rhs;
99a65fa8 742
743 return +{ -op => [
744 join(' ', split '_', $vk),
745 { -ident => $k },
746 \@rhs
747 ] };
748 }
749 if ($vk eq 'ident') {
02b8fe35 750 if (! defined $vv or (ref($vv) and ref($vv) eq 'ARRAY')) {
751 puke "-$vk requires a single plain scalar argument (a quotable identifier) or an arrayref of identifier parts";
f7778474 752 }
99a65fa8 753 return +{ -op => [
754 $self->{cmp},
755 { -ident => $k },
756 { -ident => $vv }
757 ] };
758 }
759 if ($vk eq 'value') {
760 return $self->_expand_expr_hashpair($k, undef) unless defined($vv);
761 return +{ -op => [
762 $self->{cmp},
763 { -ident => $k },
764 { -bind => [ $k, $vv ] }
765 ] };
766 }
767 if ($vk =~ /^is(?:[ _]not)?$/) {
768 puke "$vk can only take undef as argument"
769 if defined($vv)
770 and not (
771 ref($vv) eq 'HASH'
772 and exists($vv->{-value})
773 and !defined($vv->{-value})
774 );
775 $vk =~ s/_/ /g;
776 return +{ -op => [ $vk.' null', { -ident => $k } ] };
777 }
778 if ($vk =~ /^(and|or)$/) {
779 if (ref($vv) eq 'HASH') {
e62fe58a 780 return +{ -op => [
781 $vk,
99a65fa8 782 map $self->_expand_expr_hashpair($k, { $_ => $vv->{$_} }),
783 sort keys %$vv
7d7868d1 784 ] };
785 }
e28d9b13 786 }
30af97c5 787 if (my $us = List::Util::first { $vk =~ $_->{regex} } @{$self->{special_ops}}) {
99a65fa8 788 return { -op => [ $vk, { -ident => $k }, $vv ] };
7dbe1183 789 }
96a8d74a 790 if (my $us = List::Util::first { $vk =~ $_->{regex} } @{$self->{unary_ops}}) {
791 return { -op => [
792 $self->{cmp},
793 { -ident => $k },
794 { -op => [ $vk, $vv ] }
795 ] };
796 }
99a65fa8 797 if (ref($vv) eq 'ARRAY') {
798 my ($logic, @values) = (
799 (defined($vv->[0]) and $vv->[0] =~ /^-(and|or)$/i)
800 ? @$vv
801 : (-or => @$vv)
802 );
803 if (
804 $vk =~ $self->{inequality_op}
805 or join(' ', split '_', $vk) =~ $self->{not_like_op}
806 ) {
807 if (lc($logic) eq '-or' and @values > 1) {
808 my $op = uc join ' ', split '_', $vk;
809 belch "A multi-element arrayref as an argument to the inequality op '$op' "
810 . 'is technically equivalent to an always-true 1=1 (you probably wanted '
811 . "to say ...{ \$inequality_op => [ -and => \@values ] }... instead)"
812 ;
813 }
ef071fad 814 }
b3cb13e8 815 unless (@values) {
816 # try to DWIM on equality operators
817 my $op = join ' ', split '_', $vk;
818 return
e175845b 819 $op =~ $self->{equality_op} ? $self->sqlfalse
820 : $op =~ $self->{like_op} ? belch("Supplying an empty arrayref to '@{[ uc $op]}' is deprecated") && $self->sqlfalse
821 : $op =~ $self->{inequality_op} ? $self->sqltrue
822 : $op =~ $self->{not_like_op} ? belch("Supplying an empty arrayref to '@{[ uc $op]}' is deprecated") && $self->sqltrue
b3cb13e8 823 : puke "operator '$op' applied on an empty array (field '$k')";
824 }
63c97a0b 825 return +{ -op => [
826 $logic =~ /^-(.*)$/,
99a65fa8 827 map $self->_expand_expr_hashpair($k => { $vk => $_ }),
828 @values
829 ] };
830 }
831 if (
832 !defined($vv)
833 or (
834 ref($vv) eq 'HASH'
835 and exists $vv->{-value}
836 and not defined $vv->{-value}
837 )
838 ) {
839 my $op = join ' ', split '_', $vk;
840 my $is =
841 $op =~ /^not$/i ? 'is not' # legacy
842 : $op =~ $self->{equality_op} ? 'is'
843 : $op =~ $self->{like_op} ? belch("Supplying an undefined argument to '@{[ uc $op]}' is deprecated") && 'is'
844 : $op =~ $self->{inequality_op} ? 'is not'
845 : $op =~ $self->{not_like_op} ? belch("Supplying an undefined argument to '@{[ uc $op]}' is deprecated") && 'is not'
846 : puke "unexpected operator '$op' with undef operand";
847 return +{ -op => [ $is.' null', { -ident => $k } ] };
848 }
849 local our $Cur_Col_Meta = $k;
850 return +{ -op => [
851 $vk,
852 { -ident => $k },
853 $self->_expand_expr($vv)
854 ] };
855 }
856 if (ref($v) eq 'ARRAY') {
e175845b 857 return $self->sqlfalse unless @$v;
99a65fa8 858 $self->_debug("ARRAY($k) means distribute over elements");
859 my $this_logic = (
860 $v->[0] =~ /^-((?:and|or))$/i
861 ? ($v = [ @{$v}[1..$#$v] ], $1)
862 : ($self->{logic} || 'or')
863 );
cba28f66 864 return +{ -op => [
865 $this_logic,
866 map $self->_expand_expr({ $k => $_ }, $this_logic), @$v
867 ] };
99a65fa8 868 }
869 if (my $literal = is_literal_value($v)) {
870 unless (length $k) {
871 belch 'Hash-pairs consisting of an empty string with a literal are deprecated, and will be removed in 2.0: use -and => [ $literal ] instead';
872 return \$literal;
873 }
874 my ($sql, @bind) = @$literal;
875 if ($self->{bindtype} eq 'columns') {
876 for (@bind) {
6fb2bd90 877 $self->_assert_bindval_matches_bindtype($_);
aa8d7bdb 878 }
331e2209 879 }
99a65fa8 880 return +{ -literal => [ $self->_quote($k).' '.$sql, @bind ] };
331e2209 881 }
99a65fa8 882 die "notreached";
59588695 883}
884
e175845b 885sub _render_expr {
886 my ($self, $expr) = @_;
887 my ($k, $v, @rest) = %$expr;
888 die "No" if @rest;
b07681b1 889 if (my $meth = $self->{node_types}{$k}) {
181dcebf 890 return $self->$meth($v);
e175845b 891 }
892 die "notreached: $k";
893}
894
96449e8e 895sub _recurse_where {
896 my ($self, $where, $logic) = @_;
897
5492d4c2 898 # Special case: top level simple string treated as literal
899
900 my $where_exp = (ref($where)
901 ? $self->_expand_expr($where, $logic)
902 : { -literal => [ $where ] });
e175845b 903
e3e27543 904 # dispatch expanded expression
311b2151 905
e175845b 906 my ($sql, @bind) = defined($where_exp) ? $self->_render_expr($where_exp) : (undef);
abe1a491 907 # DBIx::Class used to call _recurse_where in scalar context
908 # something else might too...
909 if (wantarray) {
910 return ($sql, @bind);
911 }
912 else {
913 belch "Calling _recurse_where in scalar context is deprecated and will go away before 2.0";
914 return $sql;
915 }
96449e8e 916}
917
181dcebf 918sub _render_ident {
919 my ($self, $ident) = @_;
cc422895 920
9cf28dfb 921 return $self->_convert($self->_quote($ident));
cc422895 922}
923
181dcebf 924sub _render_value {
925 my ($self, $value) = @_;
cc422895 926
52511ae3 927 return ($self->_convert('?'), $self->_bindtype(undef, $value));
cc422895 928}
929
c452734e 930my %unop_postfix = map +($_ => 1),
931 'is null', 'is not null',
932 'asc', 'desc',
933;
d13725da 934
b5b18861 935my %special = (
936 (map +($_ => do {
937 my $op = $_;
938 sub {
939 my ($self, $args) = @_;
940 my ($left, $low, $high) = @$args;
941 my ($rhsql, @rhbind) = do {
942 if (@$args == 2) {
943 puke "Single arg to between must be a literal"
944 unless $low->{-literal};
945 @{$low->{-literal}}
946 } else {
e56dd780 947 my ($l, $h) = map [ $self->_render_expr($_) ], $low, $high;
b5b18861 948 (join(' ', $l->[0], $self->_sqlcase('and'), $h->[0]),
949 @{$l}[1..$#$l], @{$h}[1..$#$h])
950 }
951 };
e56dd780 952 my ($lhsql, @lhbind) = $self->_render_expr($left);
b5b18861 953 return (
954 join(' ', '(', $lhsql, $self->_sqlcase($op), $rhsql, ')'),
955 @lhbind, @rhbind
956 );
957 }
958 }), 'between', 'not between'),
10d07c4e 959 (map +($_ => do {
960 my $op = $_;
961 sub {
962 my ($self, $args) = @_;
963 my ($lhs, $rhs) = @$args;
964 my @in_bind;
965 my @in_sql = map {
0ce981f8 966 my ($sql, @bind) = $self->_render_expr($_);
10d07c4e 967 push @in_bind, @bind;
968 $sql;
969 } @$rhs;
0ce981f8 970 my ($lhsql, @lbind) = $self->_render_expr($lhs);
10d07c4e 971 return (
972 $lhsql.' '.$self->_sqlcase($op).' ( '
973 .join(', ', @in_sql)
974 .' )',
975 @lbind, @in_bind
976 );
977 }
978 }), 'in', 'not in'),
b5b18861 979);
980
181dcebf 981sub _render_op {
982 my ($self, $v) = @_;
d13725da 983 my ($op, @args) = @$v;
984 $op =~ s/^-// if length($op) > 1;
cba28f66 985 $op = lc($op);
b5b18861 986 if (my $h = $special{$op}) {
987 return $self->$h(\@args);
988 }
3ae10d16 989 my $us = List::Util::first { $op =~ $_->{regex} } @{$self->{special_ops}};
990 if ($us and @args > 1) {
99a65fa8 991 puke "Special op '${op}' requires first value to be identifier"
992 unless my ($k) = map $_->{-ident}, grep ref($_) eq 'HASH', $args[0];
dd1d0dbf 993 local our $Expand_Depth = 1;
99a65fa8 994 return $self->${\($us->{handler})}($k, $op, $args[1]);
995 }
96a8d74a 996 if (my $us = List::Util::first { $op =~ $_->{regex} } @{$self->{unary_ops}}) {
997 return $self->${\($us->{handler})}($op, $args[0]);
998 }
99a65fa8 999 my $final_op = $op =~ /^(?:is|not)_/ ? join(' ', split '_', $op) : $op;
2143604f 1000 if (@args == 1 and $op !~ /^(and|or)$/) {
ec857800 1001 my ($expr_sql, @bind) = $self->_render_expr($args[0]);
d13725da 1002 my $op_sql = $self->_sqlcase($final_op);
1003 my $final_sql = (
1004 $unop_postfix{lc($final_op)}
1005 ? "${expr_sql} ${op_sql}"
1006 : "${op_sql} ${expr_sql}"
1007 );
3ae10d16 1008 return (($op eq 'not' || $us ? '('.$final_sql.')' : $final_sql), @bind);
1c0c0f41 1009 #} elsif (@args == 0) {
1010 # return '';
16d9289c 1011 } else {
1c0c0f41 1012 my @parts = grep length($_->[0]), map [ $self->_render_expr($_) ], @args;
1013 return '' unless @parts;
230812fc 1014 my $is_andor = !!($op =~ /^(and|or)$/);
1015 return @{$parts[0]} if $is_andor and @parts == 1;
1016 my ($final_sql) = map +($is_andor ? "( ${_} )" : $_), join(
352d74bc 1017 ' '.$self->_sqlcase($final_op).' ',
77617257 1018 map $_->[0], @parts
1019 );
99a65fa8 1020 return (
77617257 1021 $final_sql,
16d9289c 1022 map @{$_}[1..$#$_], @parts
99a65fa8 1023 );
d13725da 1024 }
1025 die "unhandled";
1026}
1027
352d74bc 1028sub _render_list {
1029 my ($self, $list) = @_;
1030 my @parts = grep length($_->[0]), map [ $self->_render_expr($_) ], @$list;
1031 return join(', ', map $_->[0], @parts), map @{$_}[1..$#$_], @parts;
1032}
1033
181dcebf 1034sub _render_func {
1035 my ($self, $rest) = @_;
711892b1 1036 my ($func, @args) = @$rest;
1037 my @arg_sql;
1038 my @bind = map {
1039 my @x = @$_;
1040 push @arg_sql, shift @x;
1041 @x
0f199fce 1042 } map [ $self->_render_expr($_) ], @args;
711892b1 1043 return ($self->_sqlcase($func).'('.join(', ', @arg_sql).')', @bind);
1044}
1045
181dcebf 1046sub _render_bind {
1047 my ($self, $bind) = @_;
d13725da 1048 return ($self->_convert('?'), $self->_bindtype(@$bind));
1049}
1050
181dcebf 1051sub _render_literal {
1052 my ($self, $literal) = @_;
465d43fd 1053 $self->_assert_bindval_matches_bindtype(@{$literal}[1..$#$literal]);
aa8d7bdb 1054 return @$literal;
1055}
1056
4a1f01a3 1057# Some databases (SQLite) treat col IN (1, 2) different from
1058# col IN ( (1, 2) ). Use this to strip all outer parens while
1059# adding them back in the corresponding method
1060sub _open_outer_paren {
1061 my ($self, $sql) = @_;
a5f91feb 1062
ca4f826a 1063 while (my ($inner) = $sql =~ /^ \s* \( (.*) \) \s* $/xs) {
a5f91feb 1064
1065 # there are closing parens inside, need the heavy duty machinery
1066 # to reevaluate the extraction starting from $sql (full reevaluation)
ca4f826a 1067 if ($inner =~ /\)/) {
a5f91feb 1068 require Text::Balanced;
1069
1070 my (undef, $remainder) = do {
1071 # idiotic design - writes to $@ but *DOES NOT* throw exceptions
1072 local $@;
ca4f826a 1073 Text::Balanced::extract_bracketed($sql, '()', qr/\s*/);
a5f91feb 1074 };
1075
1076 # the entire expression needs to be a balanced bracketed thing
1077 # (after an extract no remainder sans trailing space)
1078 last if defined $remainder and $remainder =~ /\S/;
1079 }
1080
1081 $sql = $inner;
1082 }
1083
1084 $sql;
4a1f01a3 1085}
1086
96449e8e 1087
96449e8e 1088#======================================================================
1089# ORDER BY
1090#======================================================================
1091
33177570 1092sub _expand_order_by {
96449e8e 1093 my ($self, $arg) = @_;
1094
33177570 1095 return unless defined($arg) and not (ref($arg) eq 'ARRAY' and !@$arg);
2b6158af 1096
4325df6a 1097 my $expander = sub {
1098 my ($self, $dir, $expr) = @_;
52ca537e 1099 my @to_expand = ref($expr) eq 'ARRAY' ? @$expr : $expr;
1100 foreach my $arg (@to_expand) {
1101 if (
1102 ref($arg) eq 'HASH'
1103 and keys %$arg > 1
1104 and grep /^-(asc|desc)$/, keys %$arg
1105 ) {
1106 puke "ordering direction hash passed to order by must have exactly one key (-asc or -desc)";
1107 }
1108 }
4325df6a 1109 my @exp = map +(defined($dir) ? { -op => [ $dir => $_ ] } : $_),
74156ee9 1110 map $self->_expand_expr($_, undef, -ident),
1111 map ref($_) eq 'ARRAY' ? @$_ : $_, @to_expand;
352d74bc 1112 return (@exp > 1 ? { -list => \@exp } : $exp[0]);
4325df6a 1113 };
18c743c8 1114
ec19b759 1115 local @{$self->{expand_unary}}{qw(-asc -desc)} = (
1116 sub { shift->$expander(asc => @_) },
1117 sub { shift->$expander(desc => @_) },
1118 );
f267b646 1119
33177570 1120 return $self->$expander(undef, $arg);
1121}
1122
1123sub _order_by {
1124 my ($self, $arg) = @_;
1125
1126 return '' unless defined(my $expanded = $self->_expand_order_by($arg));
4325df6a 1127
1128 my ($sql, @bind) = $self->_render_expr($expanded);
1129
13cd9220 1130 return '' unless length($sql);
1131
4325df6a 1132 my $final_sql = $self->_sqlcase(' order by ').$sql;
1133
1134 return wantarray ? ($final_sql, @bind) : $final_sql;
f267b646 1135}
1136
2e3cc357 1137# _order_by no longer needs to call this so doesn't but DBIC uses it.
1138
33177570 1139sub _order_by_chunks {
1140 my ($self, $arg) = @_;
1141
1142 return () unless defined(my $expanded = $self->_expand_order_by($arg));
1143
2e3cc357 1144 return $self->_chunkify_order_by($expanded);
1145}
1146
1147sub _chunkify_order_by {
1148 my ($self, $expanded) = @_;
1b630cfe 1149
dd1d0dbf 1150 return grep length, $self->_render_expr($expanded)
1b630cfe 1151 if $expanded->{-ident} or @{$expanded->{-literal}||[]} == 1;
1152
33177570 1153 for ($expanded) {
352d74bc 1154 if (ref() eq 'HASH' and my $l = $_->{-list}) {
1155 return map $self->_chunkify_order_by($_), @$l;
33177570 1156 }
1157 return [ $self->_render_expr($_) ];
1158 }
1159}
1160
96449e8e 1161#======================================================================
1162# DATASOURCE (FOR NOW, JUST PLAIN TABLE OR LIST OF TABLES)
1163#======================================================================
1164
1165sub _table {
1166 my $self = shift;
1167 my $from = shift;
7ad12721 1168 ($self->_render_expr(
8476c6a3 1169 $self->_expand_maybe_list_expr($from, undef, -ident)
7ad12721 1170 ))[0];
96449e8e 1171}
1172
1173
1174#======================================================================
1175# UTILITY FUNCTIONS
1176#======================================================================
1177
8476c6a3 1178sub _expand_maybe_list_expr {
1179 my ($self, $expr, $logic, $default) = @_;
bba04f52 1180 my $e = do {
1181 if (ref($expr) eq 'ARRAY') {
352d74bc 1182 return { -list => [
1183 map $self->_expand_expr($_, $logic, $default), @$expr
bba04f52 1184 ] } if @$expr > 1;
1185 $expr->[0]
1186 } else {
1187 $expr
1188 }
1189 };
1190 return $self->_expand_expr($e, $logic, $default);
8476c6a3 1191}
1192
955e77ca 1193# highly optimized, as it's called way too often
96449e8e 1194sub _quote {
955e77ca 1195 # my ($self, $label) = @_;
96449e8e 1196
955e77ca 1197 return '' unless defined $_[1];
955e77ca 1198 return ${$_[1]} if ref($_[1]) eq 'SCALAR';
d3162b5c 1199 puke 'Identifier cannot be hashref' if ref($_[1]) eq 'HASH';
96449e8e 1200
d3162b5c 1201 unless ($_[0]->{quote_char}) {
1202 if (ref($_[1]) eq 'ARRAY') {
1203 return join($_[0]->{name_sep}||'.', @{$_[1]});
1204 } else {
1205 $_[0]->_assert_pass_injection_guard($_[1]);
1206 return $_[1];
1207 }
1208 }
96449e8e 1209
07d7c35c 1210 my $qref = ref $_[0]->{quote_char};
439834d3 1211 my ($l, $r) =
1212 !$qref ? ($_[0]->{quote_char}, $_[0]->{quote_char})
1213 : ($qref eq 'ARRAY') ? @{$_[0]->{quote_char}}
1214 : puke "Unsupported quote_char format: $_[0]->{quote_char}";
1215
46be4313 1216 my $esc = $_[0]->{escape_char} || $r;
96449e8e 1217
07d7c35c 1218 # parts containing * are naturally unquoted
d3162b5c 1219 return join(
1220 $_[0]->{name_sep}||'',
1221 map +(
1222 $_ eq '*'
1223 ? $_
1224 : do { (my $n = $_) =~ s/(\Q$esc\E|\Q$r\E)/$esc$1/g; $l . $n . $r }
1225 ),
1226 (ref($_[1]) eq 'ARRAY'
1227 ? @{$_[1]}
1228 : (
1229 $_[0]->{name_sep}
1230 ? split (/\Q$_[0]->{name_sep}\E/, $_[1] )
1231 : $_[1]
1232 )
1233 )
955e77ca 1234 );
96449e8e 1235}
1236
1237
1238# Conversion, if applicable
d7c862e0 1239sub _convert {
07d7c35c 1240 #my ($self, $arg) = @_;
7ad12721 1241 if ($_[0]->{convert_where}) {
1242 return $_[0]->_sqlcase($_[0]->{convert_where}) .'(' . $_[1] . ')';
96449e8e 1243 }
07d7c35c 1244 return $_[1];
96449e8e 1245}
1246
1247# And bindtype
d7c862e0 1248sub _bindtype {
07d7c35c 1249 #my ($self, $col, @vals) = @_;
07d7c35c 1250 # called often - tighten code
1251 return $_[0]->{bindtype} eq 'columns'
1252 ? map {[$_[1], $_]} @_[2 .. $#_]
1253 : @_[2 .. $#_]
1254 ;
96449e8e 1255}
1256
fe3ae272 1257# Dies if any element of @bind is not in [colname => value] format
1258# if bindtype is 'columns'.
1259sub _assert_bindval_matches_bindtype {
c94a6c93 1260# my ($self, @bind) = @_;
1261 my $self = shift;
fe3ae272 1262 if ($self->{bindtype} eq 'columns') {
c94a6c93 1263 for (@_) {
1264 if (!defined $_ || ref($_) ne 'ARRAY' || @$_ != 2) {
3a06278c 1265 puke "bindtype 'columns' selected, you need to pass: [column_name => bind_value]"
fe3ae272 1266 }
1267 }
1268 }
1269}
1270
96449e8e 1271sub _join_sql_clauses {
1272 my ($self, $logic, $clauses_aref, $bind_aref) = @_;
1273
1274 if (@$clauses_aref > 1) {
1275 my $join = " " . $self->_sqlcase($logic) . " ";
1276 my $sql = '( ' . join($join, @$clauses_aref) . ' )';
1277 return ($sql, @$bind_aref);
1278 }
1279 elsif (@$clauses_aref) {
1280 return ($clauses_aref->[0], @$bind_aref); # no parentheses
1281 }
1282 else {
1283 return (); # if no SQL, ignore @$bind_aref
1284 }
1285}
1286
1287
1288# Fix SQL case, if so requested
1289sub _sqlcase {
96449e8e 1290 # LDNOTE: if $self->{case} is true, then it contains 'lower', so we
1291 # don't touch the argument ... crooked logic, but let's not change it!
07d7c35c 1292 return $_[0]->{case} ? $_[1] : uc($_[1]);
96449e8e 1293}
1294
1295
1296#======================================================================
1297# DISPATCHING FROM REFKIND
1298#======================================================================
1299
1300sub _refkind {
1301 my ($self, $data) = @_;
96449e8e 1302
955e77ca 1303 return 'UNDEF' unless defined $data;
1304
1305 # blessed objects are treated like scalars
1306 my $ref = (Scalar::Util::blessed $data) ? '' : ref $data;
1307
1308 return 'SCALAR' unless $ref;
1309
1310 my $n_steps = 1;
1311 while ($ref eq 'REF') {
96449e8e 1312 $data = $$data;
955e77ca 1313 $ref = (Scalar::Util::blessed $data) ? '' : ref $data;
1314 $n_steps++ if $ref;
96449e8e 1315 }
1316
848556bc 1317 return ($ref||'SCALAR') . ('REF' x $n_steps);
96449e8e 1318}
1319
1320sub _try_refkind {
1321 my ($self, $data) = @_;
1322 my @try = ($self->_refkind($data));
1323 push @try, 'SCALAR_or_UNDEF' if $try[0] eq 'SCALAR' || $try[0] eq 'UNDEF';
1324 push @try, 'FALLBACK';
955e77ca 1325 return \@try;
96449e8e 1326}
1327
1328sub _METHOD_FOR_refkind {
1329 my ($self, $meth_prefix, $data) = @_;
f39eaa60 1330
1331 my $method;
955e77ca 1332 for (@{$self->_try_refkind($data)}) {
f39eaa60 1333 $method = $self->can($meth_prefix."_".$_)
1334 and last;
1335 }
1336
1337 return $method || puke "cannot dispatch on '$meth_prefix' for ".$self->_refkind($data);
96449e8e 1338}
1339
1340
1341sub _SWITCH_refkind {
1342 my ($self, $data, $dispatch_table) = @_;
1343
f39eaa60 1344 my $coderef;
955e77ca 1345 for (@{$self->_try_refkind($data)}) {
f39eaa60 1346 $coderef = $dispatch_table->{$_}
1347 and last;
1348 }
1349
1350 puke "no dispatch entry for ".$self->_refkind($data)
1351 unless $coderef;
1352
96449e8e 1353 $coderef->();
1354}
1355
1356
1357
1358
1359#======================================================================
1360# VALUES, GENERATE, AUTOLOAD
1361#======================================================================
1362
1363# LDNOTE: original code from nwiger, didn't touch code in that section
1364# I feel the AUTOLOAD stuff should not be the default, it should
1365# only be activated on explicit demand by user.
1366
1367sub values {
1368 my $self = shift;
1369 my $data = shift || return;
1370 puke "Argument to ", __PACKAGE__, "->values must be a \\%hash"
1371 unless ref $data eq 'HASH';
bab725ce 1372
1373 my @all_bind;
ca4f826a 1374 foreach my $k (sort keys %$data) {
bab725ce 1375 my $v = $data->{$k};
1376 $self->_SWITCH_refkind($v, {
9d48860e 1377 ARRAYREF => sub {
bab725ce 1378 if ($self->{array_datatypes}) { # array datatype
1379 push @all_bind, $self->_bindtype($k, $v);
1380 }
1381 else { # literal SQL with bind
1382 my ($sql, @bind) = @$v;
1383 $self->_assert_bindval_matches_bindtype(@bind);
1384 push @all_bind, @bind;
1385 }
1386 },
1387 ARRAYREFREF => sub { # literal SQL with bind
1388 my ($sql, @bind) = @${$v};
1389 $self->_assert_bindval_matches_bindtype(@bind);
1390 push @all_bind, @bind;
1391 },
1392 SCALARREF => sub { # literal SQL without bind
1393 },
1394 SCALAR_or_UNDEF => sub {
1395 push @all_bind, $self->_bindtype($k, $v);
1396 },
1397 });
1398 }
1399
1400 return @all_bind;
96449e8e 1401}
1402
1403sub generate {
1404 my $self = shift;
1405
1406 my(@sql, @sqlq, @sqlv);
1407
1408 for (@_) {
1409 my $ref = ref $_;
1410 if ($ref eq 'HASH') {
1411 for my $k (sort keys %$_) {
1412 my $v = $_->{$k};
1413 my $r = ref $v;
1414 my $label = $self->_quote($k);
1415 if ($r eq 'ARRAY') {
fe3ae272 1416 # literal SQL with bind
1417 my ($sql, @bind) = @$v;
1418 $self->_assert_bindval_matches_bindtype(@bind);
96449e8e 1419 push @sqlq, "$label = $sql";
fe3ae272 1420 push @sqlv, @bind;
96449e8e 1421 } elsif ($r eq 'SCALAR') {
fe3ae272 1422 # literal SQL without bind
96449e8e 1423 push @sqlq, "$label = $$v";
9d48860e 1424 } else {
96449e8e 1425 push @sqlq, "$label = ?";
1426 push @sqlv, $self->_bindtype($k, $v);
1427 }
1428 }
1429 push @sql, $self->_sqlcase('set'), join ', ', @sqlq;
1430 } elsif ($ref eq 'ARRAY') {
1431 # unlike insert(), assume these are ONLY the column names, i.e. for SQL
1432 for my $v (@$_) {
1433 my $r = ref $v;
fe3ae272 1434 if ($r eq 'ARRAY') { # literal SQL with bind
1435 my ($sql, @bind) = @$v;
1436 $self->_assert_bindval_matches_bindtype(@bind);
1437 push @sqlq, $sql;
1438 push @sqlv, @bind;
1439 } elsif ($r eq 'SCALAR') { # literal SQL without bind
96449e8e 1440 # embedded literal SQL
1441 push @sqlq, $$v;
9d48860e 1442 } else {
96449e8e 1443 push @sqlq, '?';
1444 push @sqlv, $v;
1445 }
1446 }
1447 push @sql, '(' . join(', ', @sqlq) . ')';
1448 } elsif ($ref eq 'SCALAR') {
1449 # literal SQL
1450 push @sql, $$_;
1451 } else {
1452 # strings get case twiddled
1453 push @sql, $self->_sqlcase($_);
1454 }
1455 }
1456
1457 my $sql = join ' ', @sql;
1458
1459 # this is pretty tricky
1460 # if ask for an array, return ($stmt, @bind)
1461 # otherwise, s/?/shift @sqlv/ to put it inline
1462 if (wantarray) {
1463 return ($sql, @sqlv);
1464 } else {
1465 1 while $sql =~ s/\?/my $d = shift(@sqlv);
1466 ref $d ? $d->[1] : $d/e;
1467 return $sql;
1468 }
1469}
1470
1471
1472sub DESTROY { 1 }
1473
1474sub AUTOLOAD {
1475 # This allows us to check for a local, then _form, attr
1476 my $self = shift;
1477 my($name) = $AUTOLOAD =~ /.*::(.+)/;
1478 return $self->generate($name, @_);
1479}
1480
14811;
1482
1483
1484
1485__END__
32eab2da 1486
1487=head1 NAME
1488
1489SQL::Abstract - Generate SQL from Perl data structures
1490
1491=head1 SYNOPSIS
1492
1493 use SQL::Abstract;
1494
1495 my $sql = SQL::Abstract->new;
1496
85783f3c 1497 my($stmt, @bind) = $sql->select($source, \@fields, \%where, $order);
32eab2da 1498
1499 my($stmt, @bind) = $sql->insert($table, \%fieldvals || \@values);
1500
1501 my($stmt, @bind) = $sql->update($table, \%fieldvals, \%where);
1502
1503 my($stmt, @bind) = $sql->delete($table, \%where);
1504
1505 # Then, use these in your DBI statements
1506 my $sth = $dbh->prepare($stmt);
1507 $sth->execute(@bind);
1508
1509 # Just generate the WHERE clause
85783f3c 1510 my($stmt, @bind) = $sql->where(\%where, $order);
32eab2da 1511
1512 # Return values in the same order, for hashed queries
1513 # See PERFORMANCE section for more details
1514 my @bind = $sql->values(\%fieldvals);
1515
1516=head1 DESCRIPTION
1517
1518This module was inspired by the excellent L<DBIx::Abstract>.
1519However, in using that module I found that what I really wanted
1520to do was generate SQL, but still retain complete control over my
1521statement handles and use the DBI interface. So, I set out to
1522create an abstract SQL generation module.
1523
1524While based on the concepts used by L<DBIx::Abstract>, there are
1525several important differences, especially when it comes to WHERE
1526clauses. I have modified the concepts used to make the SQL easier
1527to generate from Perl data structures and, IMO, more intuitive.
1528The underlying idea is for this module to do what you mean, based
1529on the data structures you provide it. The big advantage is that
1530you don't have to modify your code every time your data changes,
1531as this module figures it out.
1532
1533To begin with, an SQL INSERT is as easy as just specifying a hash
1534of C<key=value> pairs:
1535
1536 my %data = (
1537 name => 'Jimbo Bobson',
1538 phone => '123-456-7890',
1539 address => '42 Sister Lane',
1540 city => 'St. Louis',
1541 state => 'Louisiana',
1542 );
1543
1544The SQL can then be generated with this:
1545
1546 my($stmt, @bind) = $sql->insert('people', \%data);
1547
1548Which would give you something like this:
1549
1550 $stmt = "INSERT INTO people
1551 (address, city, name, phone, state)
1552 VALUES (?, ?, ?, ?, ?)";
1553 @bind = ('42 Sister Lane', 'St. Louis', 'Jimbo Bobson',
1554 '123-456-7890', 'Louisiana');
1555
1556These are then used directly in your DBI code:
1557
1558 my $sth = $dbh->prepare($stmt);
1559 $sth->execute(@bind);
1560
96449e8e 1561=head2 Inserting and Updating Arrays
1562
1563If your database has array types (like for example Postgres),
1564activate the special option C<< array_datatypes => 1 >>
9d48860e 1565when creating the C<SQL::Abstract> object.
96449e8e 1566Then you may use an arrayref to insert and update database array types:
1567
1568 my $sql = SQL::Abstract->new(array_datatypes => 1);
1569 my %data = (
1570 planets => [qw/Mercury Venus Earth Mars/]
1571 );
9d48860e 1572
96449e8e 1573 my($stmt, @bind) = $sql->insert('solar_system', \%data);
1574
1575This results in:
1576
1577 $stmt = "INSERT INTO solar_system (planets) VALUES (?)"
1578
1579 @bind = (['Mercury', 'Venus', 'Earth', 'Mars']);
1580
1581
1582=head2 Inserting and Updating SQL
1583
1584In order to apply SQL functions to elements of your C<%data> you may
1585specify a reference to an arrayref for the given hash value. For example,
1586if you need to execute the Oracle C<to_date> function on a value, you can
1587say something like this:
32eab2da 1588
1589 my %data = (
1590 name => 'Bill',
3ae1c5e2 1591 date_entered => \[ "to_date(?,'MM/DD/YYYY')", "03/02/2003" ],
9d48860e 1592 );
32eab2da 1593
1594The first value in the array is the actual SQL. Any other values are
1595optional and would be included in the bind values array. This gives
1596you:
1597
1598 my($stmt, @bind) = $sql->insert('people', \%data);
1599
9d48860e 1600 $stmt = "INSERT INTO people (name, date_entered)
32eab2da 1601 VALUES (?, to_date(?,'MM/DD/YYYY'))";
1602 @bind = ('Bill', '03/02/2003');
1603
1604An UPDATE is just as easy, all you change is the name of the function:
1605
1606 my($stmt, @bind) = $sql->update('people', \%data);
1607
1608Notice that your C<%data> isn't touched; the module will generate
1609the appropriately quirky SQL for you automatically. Usually you'll
1610want to specify a WHERE clause for your UPDATE, though, which is
1611where handling C<%where> hashes comes in handy...
1612
96449e8e 1613=head2 Complex where statements
1614
32eab2da 1615This module can generate pretty complicated WHERE statements
1616easily. For example, simple C<key=value> pairs are taken to mean
1617equality, and if you want to see if a field is within a set
1618of values, you can use an arrayref. Let's say we wanted to
1619SELECT some data based on this criteria:
1620
1621 my %where = (
1622 requestor => 'inna',
1623 worker => ['nwiger', 'rcwe', 'sfz'],
1624 status => { '!=', 'completed' }
1625 );
1626
1627 my($stmt, @bind) = $sql->select('tickets', '*', \%where);
1628
1629The above would give you something like this:
1630
1631 $stmt = "SELECT * FROM tickets WHERE
1632 ( requestor = ? ) AND ( status != ? )
1633 AND ( worker = ? OR worker = ? OR worker = ? )";
1634 @bind = ('inna', 'completed', 'nwiger', 'rcwe', 'sfz');
1635
1636Which you could then use in DBI code like so:
1637
1638 my $sth = $dbh->prepare($stmt);
1639 $sth->execute(@bind);
1640
1641Easy, eh?
1642
0da0fe34 1643=head1 METHODS
32eab2da 1644
13cc86af 1645The methods are simple. There's one for every major SQL operation,
32eab2da 1646and a constructor you use first. The arguments are specified in a
13cc86af 1647similar order for each method (table, then fields, then a where
32eab2da 1648clause) to try and simplify things.
1649
32eab2da 1650=head2 new(option => 'value')
1651
1652The C<new()> function takes a list of options and values, and returns
1653a new B<SQL::Abstract> object which can then be used to generate SQL
1654through the methods below. The options accepted are:
1655
1656=over
1657
1658=item case
1659
1660If set to 'lower', then SQL will be generated in all lowercase. By
1661default SQL is generated in "textbook" case meaning something like:
1662
1663 SELECT a_field FROM a_table WHERE some_field LIKE '%someval%'
1664
96449e8e 1665Any setting other than 'lower' is ignored.
1666
32eab2da 1667=item cmp
1668
1669This determines what the default comparison operator is. By default
1670it is C<=>, meaning that a hash like this:
1671
1672 %where = (name => 'nwiger', email => 'nate@wiger.org');
1673
1674Will generate SQL like this:
1675
1676 WHERE name = 'nwiger' AND email = 'nate@wiger.org'
1677
1678However, you may want loose comparisons by default, so if you set
1679C<cmp> to C<like> you would get SQL such as:
1680
1681 WHERE name like 'nwiger' AND email like 'nate@wiger.org'
1682
3af02ccb 1683You can also override the comparison on an individual basis - see
32eab2da 1684the huge section on L</"WHERE CLAUSES"> at the bottom.
1685
96449e8e 1686=item sqltrue, sqlfalse
1687
1688Expressions for inserting boolean values within SQL statements.
6e0c6552 1689By default these are C<1=1> and C<1=0>. They are used
1690by the special operators C<-in> and C<-not_in> for generating
1691correct SQL even when the argument is an empty array (see below).
96449e8e 1692
32eab2da 1693=item logic
1694
1695This determines the default logical operator for multiple WHERE
7cac25e6 1696statements in arrays or hashes. If absent, the default logic is "or"
1697for arrays, and "and" for hashes. This means that a WHERE
32eab2da 1698array of the form:
1699
1700 @where = (
9d48860e 1701 event_date => {'>=', '2/13/99'},
1702 event_date => {'<=', '4/24/03'},
32eab2da 1703 );
1704
7cac25e6 1705will generate SQL like this:
32eab2da 1706
1707 WHERE event_date >= '2/13/99' OR event_date <= '4/24/03'
1708
1709This is probably not what you want given this query, though (look
1710at the dates). To change the "OR" to an "AND", simply specify:
1711
1712 my $sql = SQL::Abstract->new(logic => 'and');
1713
1714Which will change the above C<WHERE> to:
1715
1716 WHERE event_date >= '2/13/99' AND event_date <= '4/24/03'
1717
96449e8e 1718The logic can also be changed locally by inserting
be21dde3 1719a modifier in front of an arrayref:
96449e8e 1720
9d48860e 1721 @where = (-and => [event_date => {'>=', '2/13/99'},
7cac25e6 1722 event_date => {'<=', '4/24/03'} ]);
96449e8e 1723
1724See the L</"WHERE CLAUSES"> section for explanations.
1725
32eab2da 1726=item convert
1727
1728This will automatically convert comparisons using the specified SQL
1729function for both column and value. This is mostly used with an argument
1730of C<upper> or C<lower>, so that the SQL will have the effect of
1731case-insensitive "searches". For example, this:
1732
1733 $sql = SQL::Abstract->new(convert => 'upper');
1734 %where = (keywords => 'MaKe iT CAse inSeNSItive');
1735
1736Will turn out the following SQL:
1737
1738 WHERE upper(keywords) like upper('MaKe iT CAse inSeNSItive')
1739
1740The conversion can be C<upper()>, C<lower()>, or any other SQL function
1741that can be applied symmetrically to fields (actually B<SQL::Abstract> does
1742not validate this option; it will just pass through what you specify verbatim).
1743
1744=item bindtype
1745
1746This is a kludge because many databases suck. For example, you can't
1747just bind values using DBI's C<execute()> for Oracle C<CLOB> or C<BLOB> fields.
1748Instead, you have to use C<bind_param()>:
1749
1750 $sth->bind_param(1, 'reg data');
1751 $sth->bind_param(2, $lots, {ora_type => ORA_CLOB});
1752
1753The problem is, B<SQL::Abstract> will normally just return a C<@bind> array,
1754which loses track of which field each slot refers to. Fear not.
1755
1756If you specify C<bindtype> in new, you can determine how C<@bind> is returned.
1757Currently, you can specify either C<normal> (default) or C<columns>. If you
1758specify C<columns>, you will get an array that looks like this:
1759
1760 my $sql = SQL::Abstract->new(bindtype => 'columns');
1761 my($stmt, @bind) = $sql->insert(...);
1762
1763 @bind = (
1764 [ 'column1', 'value1' ],
1765 [ 'column2', 'value2' ],
1766 [ 'column3', 'value3' ],
1767 );
1768
1769You can then iterate through this manually, using DBI's C<bind_param()>.
e3f9dff4 1770
32eab2da 1771 $sth->prepare($stmt);
1772 my $i = 1;
1773 for (@bind) {
1774 my($col, $data) = @$_;
1775 if ($col eq 'details' || $col eq 'comments') {
1776 $sth->bind_param($i, $data, {ora_type => ORA_CLOB});
1777 } elsif ($col eq 'image') {
1778 $sth->bind_param($i, $data, {ora_type => ORA_BLOB});
1779 } else {
1780 $sth->bind_param($i, $data);
1781 }
1782 $i++;
1783 }
1784 $sth->execute; # execute without @bind now
1785
1786Now, why would you still use B<SQL::Abstract> if you have to do this crap?
1787Basically, the advantage is still that you don't have to care which fields
1788are or are not included. You could wrap that above C<for> loop in a simple
1789sub called C<bind_fields()> or something and reuse it repeatedly. You still
1790get a layer of abstraction over manual SQL specification.
1791
3ae1c5e2 1792Note that if you set L</bindtype> to C<columns>, the C<\[ $sql, @bind ]>
deb148a2 1793construct (see L</Literal SQL with placeholders and bind values (subqueries)>)
1794will expect the bind values in this format.
1795
32eab2da 1796=item quote_char
1797
1798This is the character that a table or column name will be quoted
9d48860e 1799with. By default this is an empty string, but you could set it to
32eab2da 1800the character C<`>, to generate SQL like this:
1801
1802 SELECT `a_field` FROM `a_table` WHERE `some_field` LIKE '%someval%'
1803
96449e8e 1804Alternatively, you can supply an array ref of two items, the first being the left
1805hand quote character, and the second the right hand quote character. For
1806example, you could supply C<['[',']']> for SQL Server 2000 compliant quotes
1807that generates SQL like this:
1808
1809 SELECT [a_field] FROM [a_table] WHERE [some_field] LIKE '%someval%'
1810
9d48860e 1811Quoting is useful if you have tables or columns names that are reserved
96449e8e 1812words in your database's SQL dialect.
32eab2da 1813
46be4313 1814=item escape_char
1815
1816This is the character that will be used to escape L</quote_char>s appearing
1817in an identifier before it has been quoted.
1818
80790166 1819The parameter default in case of a single L</quote_char> character is the quote
46be4313 1820character itself.
1821
1822When opening-closing-style quoting is used (L</quote_char> is an arrayref)
9de2bd86 1823this parameter defaults to the B<closing (right)> L</quote_char>. Occurrences
46be4313 1824of the B<opening (left)> L</quote_char> within the identifier are currently left
1825untouched. The default for opening-closing-style quotes may change in future
1826versions, thus you are B<strongly encouraged> to specify the escape character
1827explicitly.
1828
32eab2da 1829=item name_sep
1830
1831This is the character that separates a table and column name. It is
1832necessary to specify this when the C<quote_char> option is selected,
1833so that tables and column names can be individually quoted like this:
1834
1835 SELECT `table`.`one_field` FROM `table` WHERE `table`.`other_field` = 1
1836
b6251592 1837=item injection_guard
1838
1839A regular expression C<qr/.../> that is applied to any C<-function> and unquoted
1840column name specified in a query structure. This is a safety mechanism to avoid
1841injection attacks when mishandling user input e.g.:
1842
1843 my %condition_as_column_value_pairs = get_values_from_user();
1844 $sqla->select( ... , \%condition_as_column_value_pairs );
1845
1846If the expression matches an exception is thrown. Note that literal SQL
1847supplied via C<\'...'> or C<\['...']> is B<not> checked in any way.
1848
1849Defaults to checking for C<;> and the C<GO> keyword (TransactSQL)
1850
96449e8e 1851=item array_datatypes
32eab2da 1852
9d48860e 1853When this option is true, arrayrefs in INSERT or UPDATE are
1854interpreted as array datatypes and are passed directly
96449e8e 1855to the DBI layer.
1856When this option is false, arrayrefs are interpreted
1857as literal SQL, just like refs to arrayrefs
1858(but this behavior is for backwards compatibility; when writing
1859new queries, use the "reference to arrayref" syntax
1860for literal SQL).
32eab2da 1861
32eab2da 1862
96449e8e 1863=item special_ops
32eab2da 1864
9d48860e 1865Takes a reference to a list of "special operators"
96449e8e 1866to extend the syntax understood by L<SQL::Abstract>.
1867See section L</"SPECIAL OPERATORS"> for details.
32eab2da 1868
59f23b3d 1869=item unary_ops
1870
9d48860e 1871Takes a reference to a list of "unary operators"
59f23b3d 1872to extend the syntax understood by L<SQL::Abstract>.
1873See section L</"UNARY OPERATORS"> for details.
1874
32eab2da 1875
32eab2da 1876
96449e8e 1877=back
32eab2da 1878
02288357 1879=head2 insert($table, \@values || \%fieldvals, \%options)
32eab2da 1880
1881This is the simplest function. You simply give it a table name
1882and either an arrayref of values or hashref of field/value pairs.
1883It returns an SQL INSERT statement and a list of bind values.
96449e8e 1884See the sections on L</"Inserting and Updating Arrays"> and
1885L</"Inserting and Updating SQL"> for information on how to insert
1886with those data types.
32eab2da 1887
02288357 1888The optional C<\%options> hash reference may contain additional
1889options to generate the insert SQL. Currently supported options
1890are:
1891
1892=over 4
1893
1894=item returning
1895
1896Takes either a scalar of raw SQL fields, or an array reference of
1897field names, and adds on an SQL C<RETURNING> statement at the end.
1898This allows you to return data generated by the insert statement
1899(such as row IDs) without performing another C<SELECT> statement.
1900Note, however, this is not part of the SQL standard and may not
1901be supported by all database engines.
1902
1903=back
1904
95904db5 1905=head2 update($table, \%fieldvals, \%where, \%options)
32eab2da 1906
1907This takes a table, hashref of field/value pairs, and an optional
86298391 1908hashref L<WHERE clause|/WHERE CLAUSES>. It returns an SQL UPDATE function and a list
32eab2da 1909of bind values.
96449e8e 1910See the sections on L</"Inserting and Updating Arrays"> and
1911L</"Inserting and Updating SQL"> for information on how to insert
1912with those data types.
32eab2da 1913
95904db5 1914The optional C<\%options> hash reference may contain additional
1915options to generate the update SQL. Currently supported options
1916are:
1917
1918=over 4
1919
1920=item returning
1921
1922See the C<returning> option to
1923L<insert|/insert($table, \@values || \%fieldvals, \%options)>.
1924
1925=back
1926
96449e8e 1927=head2 select($source, $fields, $where, $order)
32eab2da 1928
9d48860e 1929This returns a SQL SELECT statement and associated list of bind values, as
be21dde3 1930specified by the arguments:
32eab2da 1931
96449e8e 1932=over
32eab2da 1933
96449e8e 1934=item $source
32eab2da 1935
9d48860e 1936Specification of the 'FROM' part of the statement.
96449e8e 1937The argument can be either a plain scalar (interpreted as a table
1938name, will be quoted), or an arrayref (interpreted as a list
1939of table names, joined by commas, quoted), or a scalarref
063097a3 1940(literal SQL, not quoted).
32eab2da 1941
96449e8e 1942=item $fields
32eab2da 1943
9d48860e 1944Specification of the list of fields to retrieve from
96449e8e 1945the source.
1946The argument can be either an arrayref (interpreted as a list
9d48860e 1947of field names, will be joined by commas and quoted), or a
96449e8e 1948plain scalar (literal SQL, not quoted).
521647e7 1949Please observe that this API is not as flexible as that of
1950the first argument C<$source>, for backwards compatibility reasons.
32eab2da 1951
96449e8e 1952=item $where
32eab2da 1953
96449e8e 1954Optional argument to specify the WHERE part of the query.
1955The argument is most often a hashref, but can also be
9d48860e 1956an arrayref or plain scalar --
96449e8e 1957see section L<WHERE clause|/"WHERE CLAUSES"> for details.
32eab2da 1958
96449e8e 1959=item $order
32eab2da 1960
96449e8e 1961Optional argument to specify the ORDER BY part of the query.
9d48860e 1962The argument can be a scalar, a hashref or an arrayref
96449e8e 1963-- see section L<ORDER BY clause|/"ORDER BY CLAUSES">
1964for details.
32eab2da 1965
96449e8e 1966=back
32eab2da 1967
32eab2da 1968
85327cd5 1969=head2 delete($table, \%where, \%options)
32eab2da 1970
86298391 1971This takes a table name and optional hashref L<WHERE clause|/WHERE CLAUSES>.
32eab2da 1972It returns an SQL DELETE statement and list of bind values.
1973
85327cd5 1974The optional C<\%options> hash reference may contain additional
1975options to generate the delete SQL. Currently supported options
1976are:
1977
1978=over 4
1979
1980=item returning
1981
1982See the C<returning> option to
1983L<insert|/insert($table, \@values || \%fieldvals, \%options)>.
1984
1985=back
1986
85783f3c 1987=head2 where(\%where, $order)
32eab2da 1988
1989This is used to generate just the WHERE clause. For example,
1990if you have an arbitrary data structure and know what the
1991rest of your SQL is going to look like, but want an easy way
1992to produce a WHERE clause, use this. It returns an SQL WHERE
1993clause and list of bind values.
1994
32eab2da 1995
1996=head2 values(\%data)
1997
1998This just returns the values from the hash C<%data>, in the same
1999order that would be returned from any of the other above queries.
2000Using this allows you to markedly speed up your queries if you
2001are affecting lots of rows. See below under the L</"PERFORMANCE"> section.
2002
32eab2da 2003=head2 generate($any, 'number', $of, \@data, $struct, \%types)
2004
2005Warning: This is an experimental method and subject to change.
2006
2007This returns arbitrarily generated SQL. It's a really basic shortcut.
2008It will return two different things, depending on return context:
2009
2010 my($stmt, @bind) = $sql->generate('create table', \$table, \@fields);
2011 my $stmt_and_val = $sql->generate('create table', \$table, \@fields);
2012
2013These would return the following:
2014
2015 # First calling form
2016 $stmt = "CREATE TABLE test (?, ?)";
2017 @bind = (field1, field2);
2018
2019 # Second calling form
2020 $stmt_and_val = "CREATE TABLE test (field1, field2)";
2021
2022Depending on what you're trying to do, it's up to you to choose the correct
2023format. In this example, the second form is what you would want.
2024
2025By the same token:
2026
2027 $sql->generate('alter session', { nls_date_format => 'MM/YY' });
2028
2029Might give you:
2030
2031 ALTER SESSION SET nls_date_format = 'MM/YY'
2032
2033You get the idea. Strings get their case twiddled, but everything
2034else remains verbatim.
2035
0da0fe34 2036=head1 EXPORTABLE FUNCTIONS
2037
2038=head2 is_plain_value
2039
2040Determines if the supplied argument is a plain value as understood by this
2041module:
2042
2043=over
2044
2045=item * The value is C<undef>
2046
2047=item * The value is a non-reference
2048
2049=item * The value is an object with stringification overloading
2050
2051=item * The value is of the form C<< { -value => $anything } >>
2052
2053=back
2054
9de2bd86 2055On failure returns C<undef>, on success returns a B<scalar> reference
966200cc 2056to the original supplied argument.
0da0fe34 2057
843a94b5 2058=over
2059
2060=item * Note
2061
2062The stringification overloading detection is rather advanced: it takes
2063into consideration not only the presence of a C<""> overload, but if that
2064fails also checks for enabled
2065L<autogenerated versions of C<"">|overload/Magic Autogeneration>, based
2066on either C<0+> or C<bool>.
2067
2068Unfortunately testing in the field indicates that this
2069detection B<< may tickle a latent bug in perl versions before 5.018 >>,
2070but only when very large numbers of stringifying objects are involved.
2071At the time of writing ( Sep 2014 ) there is no clear explanation of
2072the direct cause, nor is there a manageably small test case that reliably
2073reproduces the problem.
2074
2075If you encounter any of the following exceptions in B<random places within
2076your application stack> - this module may be to blame:
2077
2078 Operation "ne": no method found,
2079 left argument in overloaded package <something>,
2080 right argument in overloaded package <something>
2081
2082or perhaps even
2083
2084 Stub found while resolving method "???" overloading """" in package <something>
2085
2086If you fall victim to the above - please attempt to reduce the problem
2087to something that could be sent to the L<SQL::Abstract developers
1f490ae4 2088|DBIx::Class/GETTING HELP/SUPPORT>
843a94b5 2089(either publicly or privately). As a workaround in the meantime you can
2090set C<$ENV{SQLA_ISVALUE_IGNORE_AUTOGENERATED_STRINGIFICATION}> to a true
2091value, which will most likely eliminate your problem (at the expense of
2092not being able to properly detect exotic forms of stringification).
2093
2094This notice and environment variable will be removed in a future version,
2095as soon as the underlying problem is found and a reliable workaround is
2096devised.
2097
2098=back
2099
0da0fe34 2100=head2 is_literal_value
2101
2102Determines if the supplied argument is a literal value as understood by this
2103module:
2104
2105=over
2106
2107=item * C<\$sql_string>
2108
2109=item * C<\[ $sql_string, @bind_values ]>
2110
0da0fe34 2111=back
2112
9de2bd86 2113On failure returns C<undef>, on success returns an B<array> reference
966200cc 2114containing the unpacked version of the supplied literal SQL and bind values.
0da0fe34 2115
32eab2da 2116=head1 WHERE CLAUSES
2117
96449e8e 2118=head2 Introduction
2119
32eab2da 2120This module uses a variation on the idea from L<DBIx::Abstract>. It
2121is B<NOT>, repeat I<not> 100% compatible. B<The main logic of this
2122module is that things in arrays are OR'ed, and things in hashes
2123are AND'ed.>
2124
2125The easiest way to explain is to show lots of examples. After
2126each C<%where> hash shown, it is assumed you used:
2127
2128 my($stmt, @bind) = $sql->where(\%where);
2129
2130However, note that the C<%where> hash can be used directly in any
2131of the other functions as well, as described above.
2132
96449e8e 2133=head2 Key-value pairs
2134
32eab2da 2135So, let's get started. To begin, a simple hash:
2136
2137 my %where = (
2138 user => 'nwiger',
2139 status => 'completed'
2140 );
2141
2142Is converted to SQL C<key = val> statements:
2143
2144 $stmt = "WHERE user = ? AND status = ?";
2145 @bind = ('nwiger', 'completed');
2146
2147One common thing I end up doing is having a list of values that
2148a field can be in. To do this, simply specify a list inside of
2149an arrayref:
2150
2151 my %where = (
2152 user => 'nwiger',
2153 status => ['assigned', 'in-progress', 'pending'];
2154 );
2155
2156This simple code will create the following:
9d48860e 2157
32eab2da 2158 $stmt = "WHERE user = ? AND ( status = ? OR status = ? OR status = ? )";
2159 @bind = ('nwiger', 'assigned', 'in-progress', 'pending');
2160
9d48860e 2161A field associated to an empty arrayref will be considered a
7cac25e6 2162logical false and will generate 0=1.
8a68b5be 2163
b864ba9b 2164=head2 Tests for NULL values
2165
2166If the value part is C<undef> then this is converted to SQL <IS NULL>
2167
2168 my %where = (
2169 user => 'nwiger',
2170 status => undef,
2171 );
2172
2173becomes:
2174
2175 $stmt = "WHERE user = ? AND status IS NULL";
2176 @bind = ('nwiger');
2177
e9614080 2178To test if a column IS NOT NULL:
2179
2180 my %where = (
2181 user => 'nwiger',
2182 status => { '!=', undef },
2183 );
cc422895 2184
6e0c6552 2185=head2 Specific comparison operators
96449e8e 2186
32eab2da 2187If you want to specify a different type of operator for your comparison,
2188you can use a hashref for a given column:
2189
2190 my %where = (
2191 user => 'nwiger',
2192 status => { '!=', 'completed' }
2193 );
2194
2195Which would generate:
2196
2197 $stmt = "WHERE user = ? AND status != ?";
2198 @bind = ('nwiger', 'completed');
2199
2200To test against multiple values, just enclose the values in an arrayref:
2201
96449e8e 2202 status => { '=', ['assigned', 'in-progress', 'pending'] };
2203
f2d5020d 2204Which would give you:
96449e8e 2205
2206 "WHERE status = ? OR status = ? OR status = ?"
2207
2208
2209The hashref can also contain multiple pairs, in which case it is expanded
32eab2da 2210into an C<AND> of its elements:
2211
2212 my %where = (
2213 user => 'nwiger',
2214 status => { '!=', 'completed', -not_like => 'pending%' }
2215 );
2216
2217 # Or more dynamically, like from a form
2218 $where{user} = 'nwiger';
2219 $where{status}{'!='} = 'completed';
2220 $where{status}{'-not_like'} = 'pending%';
2221
2222 # Both generate this
2223 $stmt = "WHERE user = ? AND status != ? AND status NOT LIKE ?";
2224 @bind = ('nwiger', 'completed', 'pending%');
2225
96449e8e 2226
32eab2da 2227To get an OR instead, you can combine it with the arrayref idea:
2228
2229 my %where => (
2230 user => 'nwiger',
1a6f2a03 2231 priority => [ { '=', 2 }, { '>', 5 } ]
32eab2da 2232 );
2233
2234Which would generate:
2235
1a6f2a03 2236 $stmt = "WHERE ( priority = ? OR priority > ? ) AND user = ?";
2237 @bind = ('2', '5', 'nwiger');
32eab2da 2238
44b9e502 2239If you want to include literal SQL (with or without bind values), just use a
13cc86af 2240scalar reference or reference to an arrayref as the value:
44b9e502 2241
2242 my %where = (
2243 date_entered => { '>' => \["to_date(?, 'MM/DD/YYYY')", "11/26/2008"] },
2244 date_expires => { '<' => \"now()" }
2245 );
2246
2247Which would generate:
2248
13cc86af 2249 $stmt = "WHERE date_entered > to_date(?, 'MM/DD/YYYY') AND date_expires < now()";
44b9e502 2250 @bind = ('11/26/2008');
2251
96449e8e 2252
2253=head2 Logic and nesting operators
2254
2255In the example above,
2256there is a subtle trap if you want to say something like
32eab2da 2257this (notice the C<AND>):
2258
2259 WHERE priority != ? AND priority != ?
2260
2261Because, in Perl you I<can't> do this:
2262
13cc86af 2263 priority => { '!=' => 2, '!=' => 1 }
32eab2da 2264
2265As the second C<!=> key will obliterate the first. The solution
2266is to use the special C<-modifier> form inside an arrayref:
2267
9d48860e 2268 priority => [ -and => {'!=', 2},
96449e8e 2269 {'!=', 1} ]
2270
32eab2da 2271
2272Normally, these would be joined by C<OR>, but the modifier tells it
2273to use C<AND> instead. (Hint: You can use this in conjunction with the
2274C<logic> option to C<new()> in order to change the way your queries
2275work by default.) B<Important:> Note that the C<-modifier> goes
2276B<INSIDE> the arrayref, as an extra first element. This will
2277B<NOT> do what you think it might:
2278
2279 priority => -and => [{'!=', 2}, {'!=', 1}] # WRONG!
2280
2281Here is a quick list of equivalencies, since there is some overlap:
2282
2283 # Same
2284 status => {'!=', 'completed', 'not like', 'pending%' }
2285 status => [ -and => {'!=', 'completed'}, {'not like', 'pending%'}]
2286
2287 # Same
2288 status => {'=', ['assigned', 'in-progress']}
2289 status => [ -or => {'=', 'assigned'}, {'=', 'in-progress'}]
2290 status => [ {'=', 'assigned'}, {'=', 'in-progress'} ]
2291
e3f9dff4 2292
2293
be21dde3 2294=head2 Special operators: IN, BETWEEN, etc.
96449e8e 2295
32eab2da 2296You can also use the hashref format to compare a list of fields using the
2297C<IN> comparison operator, by specifying the list as an arrayref:
2298
2299 my %where = (
2300 status => 'completed',
2301 reportid => { -in => [567, 2335, 2] }
2302 );
2303
2304Which would generate:
2305
2306 $stmt = "WHERE status = ? AND reportid IN (?,?,?)";
2307 @bind = ('completed', '567', '2335', '2');
2308
9d48860e 2309The reverse operator C<-not_in> generates SQL C<NOT IN> and is used in
96449e8e 2310the same way.
2311
6e0c6552 2312If the argument to C<-in> is an empty array, 'sqlfalse' is generated
be21dde3 2313(by default: C<1=0>). Similarly, C<< -not_in => [] >> generates
2314'sqltrue' (by default: C<1=1>).
6e0c6552 2315
e41c3bdd 2316In addition to the array you can supply a chunk of literal sql or
2317literal sql with bind:
6e0c6552 2318
e41c3bdd 2319 my %where = {
2320 customer => { -in => \[
2321 'SELECT cust_id FROM cust WHERE balance > ?',
2322 2000,
2323 ],
2324 status => { -in => \'SELECT status_codes FROM states' },
2325 };
6e0c6552 2326
e41c3bdd 2327would generate:
2328
2329 $stmt = "WHERE (
2330 customer IN ( SELECT cust_id FROM cust WHERE balance > ? )
2331 AND status IN ( SELECT status_codes FROM states )
2332 )";
2333 @bind = ('2000');
2334
0dfd2442 2335Finally, if the argument to C<-in> is not a reference, it will be
2336treated as a single-element array.
e41c3bdd 2337
2338Another pair of operators is C<-between> and C<-not_between>,
96449e8e 2339used with an arrayref of two values:
32eab2da 2340
2341 my %where = (
2342 user => 'nwiger',
2343 completion_date => {
2344 -not_between => ['2002-10-01', '2003-02-06']
2345 }
2346 );
2347
2348Would give you:
2349
2350 WHERE user = ? AND completion_date NOT BETWEEN ( ? AND ? )
2351
e41c3bdd 2352Just like with C<-in> all plausible combinations of literal SQL
2353are possible:
2354
2355 my %where = {
2356 start0 => { -between => [ 1, 2 ] },
2357 start1 => { -between => \["? AND ?", 1, 2] },
2358 start2 => { -between => \"lower(x) AND upper(y)" },
9d48860e 2359 start3 => { -between => [
e41c3bdd 2360 \"lower(x)",
2361 \["upper(?)", 'stuff' ],
2362 ] },
2363 };
2364
2365Would give you:
2366
2367 $stmt = "WHERE (
2368 ( start0 BETWEEN ? AND ? )
2369 AND ( start1 BETWEEN ? AND ? )
2370 AND ( start2 BETWEEN lower(x) AND upper(y) )
2371 AND ( start3 BETWEEN lower(x) AND upper(?) )
2372 )";
2373 @bind = (1, 2, 1, 2, 'stuff');
2374
2375
9d48860e 2376These are the two builtin "special operators"; but the
be21dde3 2377list can be expanded: see section L</"SPECIAL OPERATORS"> below.
96449e8e 2378
59f23b3d 2379=head2 Unary operators: bool
97a920ef 2380
2381If you wish to test against boolean columns or functions within your
2382database you can use the C<-bool> and C<-not_bool> operators. For
2383example to test the column C<is_user> being true and the column
827bb0eb 2384C<is_enabled> being false you would use:-
97a920ef 2385
2386 my %where = (
2387 -bool => 'is_user',
2388 -not_bool => 'is_enabled',
2389 );
2390
2391Would give you:
2392
277b5d3f 2393 WHERE is_user AND NOT is_enabled
97a920ef 2394
0b604e9d 2395If a more complex combination is required, testing more conditions,
2396then you should use the and/or operators:-
2397
2398 my %where = (
2399 -and => [
2400 -bool => 'one',
23401b81 2401 -not_bool => { two=> { -rlike => 'bar' } },
2402 -not_bool => { three => [ { '=', 2 }, { '>', 5 } ] },
0b604e9d 2403 ],
2404 );
2405
2406Would give you:
2407
23401b81 2408 WHERE
2409 one
2410 AND
2411 (NOT two RLIKE ?)
2412 AND
2413 (NOT ( three = ? OR three > ? ))
97a920ef 2414
2415
107b72f1 2416=head2 Nested conditions, -and/-or prefixes
96449e8e 2417
32eab2da 2418So far, we've seen how multiple conditions are joined with a top-level
2419C<AND>. We can change this by putting the different conditions we want in
2420hashes and then putting those hashes in an array. For example:
2421
2422 my @where = (
2423 {
2424 user => 'nwiger',
2425 status => { -like => ['pending%', 'dispatched'] },
2426 },
2427 {
2428 user => 'robot',
2429 status => 'unassigned',
2430 }
2431 );
2432
2433This data structure would create the following:
2434
2435 $stmt = "WHERE ( user = ? AND ( status LIKE ? OR status LIKE ? ) )
2436 OR ( user = ? AND status = ? ) )";
2437 @bind = ('nwiger', 'pending', 'dispatched', 'robot', 'unassigned');
2438
107b72f1 2439
48d9f5f8 2440Clauses in hashrefs or arrayrefs can be prefixed with an C<-and> or C<-or>
be21dde3 2441to change the logic inside:
32eab2da 2442
2443 my @where = (
2444 -and => [
2445 user => 'nwiger',
48d9f5f8 2446 [
2447 -and => [ workhrs => {'>', 20}, geo => 'ASIA' ],
2448 -or => { workhrs => {'<', 50}, geo => 'EURO' },
32eab2da 2449 ],
2450 ],
2451 );
2452
2453That would yield:
2454
13cc86af 2455 $stmt = "WHERE ( user = ?
2456 AND ( ( workhrs > ? AND geo = ? )
2457 OR ( workhrs < ? OR geo = ? ) ) )";
2458 @bind = ('nwiger', '20', 'ASIA', '50', 'EURO');
107b72f1 2459
cc422895 2460=head3 Algebraic inconsistency, for historical reasons
107b72f1 2461
7cac25e6 2462C<Important note>: when connecting several conditions, the C<-and->|C<-or>
2463operator goes C<outside> of the nested structure; whereas when connecting
2464several constraints on one column, the C<-and> operator goes
be21dde3 2465C<inside> the arrayref. Here is an example combining both features:
7cac25e6 2466
2467 my @where = (
2468 -and => [a => 1, b => 2],
2469 -or => [c => 3, d => 4],
2470 e => [-and => {-like => 'foo%'}, {-like => '%bar'} ]
2471 )
2472
2473yielding
2474
9d48860e 2475 WHERE ( ( ( a = ? AND b = ? )
2476 OR ( c = ? OR d = ? )
7cac25e6 2477 OR ( e LIKE ? AND e LIKE ? ) ) )
2478
107b72f1 2479This difference in syntax is unfortunate but must be preserved for
be21dde3 2480historical reasons. So be careful: the two examples below would
107b72f1 2481seem algebraically equivalent, but they are not
2482
a948b1fe 2483 { col => [ -and =>
2484 { -like => 'foo%' },
2485 { -like => '%bar' },
2486 ] }
be21dde3 2487 # yields: WHERE ( ( col LIKE ? AND col LIKE ? ) )
107b72f1 2488
a948b1fe 2489 [ -and =>
2490 { col => { -like => 'foo%' } },
2491 { col => { -like => '%bar' } },
2492 ]
be21dde3 2493 # yields: WHERE ( ( col LIKE ? OR col LIKE ? ) )
107b72f1 2494
7cac25e6 2495
cc422895 2496=head2 Literal SQL and value type operators
96449e8e 2497
cc422895 2498The basic premise of SQL::Abstract is that in WHERE specifications the "left
2499side" is a column name and the "right side" is a value (normally rendered as
2500a placeholder). This holds true for both hashrefs and arrayref pairs as you
2501see in the L</WHERE CLAUSES> examples above. Sometimes it is necessary to
2502alter this behavior. There are several ways of doing so.
e9614080 2503
cc422895 2504=head3 -ident
2505
2506This is a virtual operator that signals the string to its right side is an
2507identifier (a column name) and not a value. For example to compare two
2508columns you would write:
32eab2da 2509
e9614080 2510 my %where = (
2511 priority => { '<', 2 },
cc422895 2512 requestor => { -ident => 'submitter' },
e9614080 2513 );
2514
2515which creates:
2516
2517 $stmt = "WHERE priority < ? AND requestor = submitter";
2518 @bind = ('2');
2519
cc422895 2520If you are maintaining legacy code you may see a different construct as
2521described in L</Deprecated usage of Literal SQL>, please use C<-ident> in new
2522code.
2523
2524=head3 -value
e9614080 2525
cc422895 2526This is a virtual operator that signals that the construct to its right side
2527is a value to be passed to DBI. This is for example necessary when you want
2528to write a where clause against an array (for RDBMS that support such
2529datatypes). For example:
e9614080 2530
32eab2da 2531 my %where = (
cc422895 2532 array => { -value => [1, 2, 3] }
32eab2da 2533 );
2534
cc422895 2535will result in:
32eab2da 2536
cc422895 2537 $stmt = 'WHERE array = ?';
2538 @bind = ([1, 2, 3]);
32eab2da 2539
cc422895 2540Note that if you were to simply say:
32eab2da 2541
2542 my %where = (
cc422895 2543 array => [1, 2, 3]
32eab2da 2544 );
2545
3af02ccb 2546the result would probably not be what you wanted:
cc422895 2547
2548 $stmt = 'WHERE array = ? OR array = ? OR array = ?';
2549 @bind = (1, 2, 3);
2550
2551=head3 Literal SQL
96449e8e 2552
cc422895 2553Finally, sometimes only literal SQL will do. To include a random snippet
2554of SQL verbatim, you specify it as a scalar reference. Consider this only
2555as a last resort. Usually there is a better way. For example:
96449e8e 2556
2557 my %where = (
cc422895 2558 priority => { '<', 2 },
2559 requestor => { -in => \'(SELECT name FROM hitmen)' },
96449e8e 2560 );
2561
cc422895 2562Would create:
96449e8e 2563
cc422895 2564 $stmt = "WHERE priority < ? AND requestor IN (SELECT name FROM hitmen)"
2565 @bind = (2);
2566
2567Note that in this example, you only get one bind parameter back, since
2568the verbatim SQL is passed as part of the statement.
2569
2570=head4 CAVEAT
2571
2572 Never use untrusted input as a literal SQL argument - this is a massive
2573 security risk (there is no way to check literal snippets for SQL
2574 injections and other nastyness). If you need to deal with untrusted input
2575 use literal SQL with placeholders as described next.
96449e8e 2576
cc422895 2577=head3 Literal SQL with placeholders and bind values (subqueries)
96449e8e 2578
2579If the literal SQL to be inserted has placeholders and bind values,
2580use a reference to an arrayref (yes this is a double reference --
2581not so common, but perfectly legal Perl). For example, to find a date
2582in Postgres you can use something like this:
2583
2584 my %where = (
3ae1c5e2 2585 date_column => \[ "= date '2008-09-30' - ?::integer", 10 ]
96449e8e 2586 )
2587
2588This would create:
2589
d2a8fe1a 2590 $stmt = "WHERE ( date_column = date '2008-09-30' - ?::integer )"
96449e8e 2591 @bind = ('10');
2592
deb148a2 2593Note that you must pass the bind values in the same format as they are returned
85783f3c 2594by L<where|/where(\%where, $order)>. This means that if you set L</bindtype>
1f490ae4 2595to C<columns>, you must provide the bind values in the
2596C<< [ column_meta => value ] >> format, where C<column_meta> is an opaque
2597scalar value; most commonly the column name, but you can use any scalar value
2598(including references and blessed references), L<SQL::Abstract> will simply
2599pass it through intact. So if C<bindtype> is set to C<columns> the above
2600example will look like:
deb148a2 2601
2602 my %where = (
3ae1c5e2 2603 date_column => \[ "= date '2008-09-30' - ?::integer", [ {} => 10 ] ]
deb148a2 2604 )
96449e8e 2605
2606Literal SQL is especially useful for nesting parenthesized clauses in the
be21dde3 2607main SQL query. Here is a first example:
96449e8e 2608
2609 my ($sub_stmt, @sub_bind) = ("SELECT c1 FROM t1 WHERE c2 < ? AND c3 LIKE ?",
2610 100, "foo%");
2611 my %where = (
2612 foo => 1234,
2613 bar => \["IN ($sub_stmt)" => @sub_bind],
2614 );
2615
be21dde3 2616This yields:
96449e8e 2617
9d48860e 2618 $stmt = "WHERE (foo = ? AND bar IN (SELECT c1 FROM t1
96449e8e 2619 WHERE c2 < ? AND c3 LIKE ?))";
2620 @bind = (1234, 100, "foo%");
2621
9d48860e 2622Other subquery operators, like for example C<"E<gt> ALL"> or C<"NOT IN">,
96449e8e 2623are expressed in the same way. Of course the C<$sub_stmt> and
9d48860e 2624its associated bind values can be generated through a former call
96449e8e 2625to C<select()> :
2626
2627 my ($sub_stmt, @sub_bind)
9d48860e 2628 = $sql->select("t1", "c1", {c2 => {"<" => 100},
96449e8e 2629 c3 => {-like => "foo%"}});
2630 my %where = (
2631 foo => 1234,
2632 bar => \["> ALL ($sub_stmt)" => @sub_bind],
2633 );
2634
2635In the examples above, the subquery was used as an operator on a column;
9d48860e 2636but the same principle also applies for a clause within the main C<%where>
be21dde3 2637hash, like an EXISTS subquery:
96449e8e 2638
9d48860e 2639 my ($sub_stmt, @sub_bind)
96449e8e 2640 = $sql->select("t1", "*", {c1 => 1, c2 => \"> t0.c0"});
48d9f5f8 2641 my %where = ( -and => [
96449e8e 2642 foo => 1234,
48d9f5f8 2643 \["EXISTS ($sub_stmt)" => @sub_bind],
2644 ]);
96449e8e 2645
2646which yields
2647
9d48860e 2648 $stmt = "WHERE (foo = ? AND EXISTS (SELECT * FROM t1
96449e8e 2649 WHERE c1 = ? AND c2 > t0.c0))";
2650 @bind = (1234, 1);
2651
2652
9d48860e 2653Observe that the condition on C<c2> in the subquery refers to
be21dde3 2654column C<t0.c0> of the main query: this is I<not> a bind
9d48860e 2655value, so we have to express it through a scalar ref.
96449e8e 2656Writing C<< c2 => {">" => "t0.c0"} >> would have generated
2657C<< c2 > ? >> with bind value C<"t0.c0"> ... not exactly
2658what we wanted here.
2659
96449e8e 2660Finally, here is an example where a subquery is used
2661for expressing unary negation:
2662
9d48860e 2663 my ($sub_stmt, @sub_bind)
96449e8e 2664 = $sql->where({age => [{"<" => 10}, {">" => 20}]});
2665 $sub_stmt =~ s/^ where //i; # don't want "WHERE" in the subclause
2666 my %where = (
2667 lname => {like => '%son%'},
48d9f5f8 2668 \["NOT ($sub_stmt)" => @sub_bind],
96449e8e 2669 );
2670
2671This yields
2672
2673 $stmt = "lname LIKE ? AND NOT ( age < ? OR age > ? )"
2674 @bind = ('%son%', 10, 20)
2675
cc422895 2676=head3 Deprecated usage of Literal SQL
2677
2678Below are some examples of archaic use of literal SQL. It is shown only as
2679reference for those who deal with legacy code. Each example has a much
2680better, cleaner and safer alternative that users should opt for in new code.
2681
2682=over
2683
2684=item *
2685
2686 my %where = ( requestor => \'IS NOT NULL' )
2687
2688 $stmt = "WHERE requestor IS NOT NULL"
2689
2690This used to be the way of generating NULL comparisons, before the handling
2691of C<undef> got formalized. For new code please use the superior syntax as
2692described in L</Tests for NULL values>.
96449e8e 2693
cc422895 2694=item *
2695
2696 my %where = ( requestor => \'= submitter' )
2697
2698 $stmt = "WHERE requestor = submitter"
2699
2700This used to be the only way to compare columns. Use the superior L</-ident>
2701method for all new code. For example an identifier declared in such a way
2702will be properly quoted if L</quote_char> is properly set, while the legacy
2703form will remain as supplied.
2704
2705=item *
2706
2707 my %where = ( is_ready => \"", completed => { '>', '2012-12-21' } )
2708
2709 $stmt = "WHERE completed > ? AND is_ready"
2710 @bind = ('2012-12-21')
2711
2712Using an empty string literal used to be the only way to express a boolean.
2713For all new code please use the much more readable
2714L<-bool|/Unary operators: bool> operator.
2715
2716=back
96449e8e 2717
2718=head2 Conclusion
2719
32eab2da 2720These pages could go on for a while, since the nesting of the data
2721structures this module can handle are pretty much unlimited (the
2722module implements the C<WHERE> expansion as a recursive function
2723internally). Your best bet is to "play around" with the module a
2724little to see how the data structures behave, and choose the best
2725format for your data based on that.
2726
2727And of course, all the values above will probably be replaced with
2728variables gotten from forms or the command line. After all, if you
2729knew everything ahead of time, you wouldn't have to worry about
2730dynamically-generating SQL and could just hardwire it into your
2731script.
2732
86298391 2733=head1 ORDER BY CLAUSES
2734
9d48860e 2735Some functions take an order by clause. This can either be a scalar (just a
18710f60 2736column name), a hashref of C<< { -desc => 'col' } >> or C<< { -asc => 'col' }
2737>>, a scalarref, an arrayref-ref, or an arrayref of any of the previous
2738forms. Examples:
1cfa1db3 2739
8c15b421 2740 Given | Will Generate
18710f60 2741 ---------------------------------------------------------------
8c15b421 2742 |
2743 'colA' | ORDER BY colA
2744 |
2745 [qw/colA colB/] | ORDER BY colA, colB
2746 |
2747 {-asc => 'colA'} | ORDER BY colA ASC
2748 |
2749 {-desc => 'colB'} | ORDER BY colB DESC
2750 |
2751 ['colA', {-asc => 'colB'}] | ORDER BY colA, colB ASC
2752 |
2753 { -asc => [qw/colA colB/] } | ORDER BY colA ASC, colB ASC
2754 |
2755 \'colA DESC' | ORDER BY colA DESC
2756 |
2757 \[ 'FUNC(colA, ?)', $x ] | ORDER BY FUNC(colA, ?)
2758 | /* ...with $x bound to ? */
2759 |
bd805d85 2760 [ | ORDER BY
2761 { -asc => 'colA' }, | colA ASC,
2762 { -desc => [qw/colB/] }, | colB DESC,
2763 { -asc => [qw/colC colD/] },| colC ASC, colD ASC,
2764 \'colE DESC', | colE DESC,
2765 \[ 'FUNC(colF, ?)', $x ], | FUNC(colF, ?)
2766 ] | /* ...with $x bound to ? */
18710f60 2767 ===============================================================
86298391 2768
96449e8e 2769
2770
2771=head1 SPECIAL OPERATORS
2772
e3f9dff4 2773 my $sqlmaker = SQL::Abstract->new(special_ops => [
3a2e1a5e 2774 {
2775 regex => qr/.../,
e3f9dff4 2776 handler => sub {
2777 my ($self, $field, $op, $arg) = @_;
2778 ...
3a2e1a5e 2779 },
2780 },
2781 {
2782 regex => qr/.../,
2783 handler => 'method_name',
e3f9dff4 2784 },
2785 ]);
2786
9d48860e 2787A "special operator" is a SQL syntactic clause that can be
e3f9dff4 2788applied to a field, instead of a usual binary operator.
be21dde3 2789For example:
e3f9dff4 2790
2791 WHERE field IN (?, ?, ?)
2792 WHERE field BETWEEN ? AND ?
2793 WHERE MATCH(field) AGAINST (?, ?)
96449e8e 2794
e3f9dff4 2795Special operators IN and BETWEEN are fairly standard and therefore
3a2e1a5e 2796are builtin within C<SQL::Abstract> (as the overridable methods
2797C<_where_field_IN> and C<_where_field_BETWEEN>). For other operators,
2798like the MATCH .. AGAINST example above which is specific to MySQL,
2799you can write your own operator handlers - supply a C<special_ops>
2800argument to the C<new> method. That argument takes an arrayref of
2801operator definitions; each operator definition is a hashref with two
2802entries:
96449e8e 2803
e3f9dff4 2804=over
2805
2806=item regex
2807
2808the regular expression to match the operator
96449e8e 2809
e3f9dff4 2810=item handler
2811
3a2e1a5e 2812Either a coderef or a plain scalar method name. In both cases
2813the expected return is C<< ($sql, @bind) >>.
2814
2815When supplied with a method name, it is simply called on the
13cc86af 2816L<SQL::Abstract> object as:
3a2e1a5e 2817
ca4f826a 2818 $self->$method_name($field, $op, $arg)
3a2e1a5e 2819
2820 Where:
2821
3a2e1a5e 2822 $field is the LHS of the operator
13cc86af 2823 $op is the part that matched the handler regex
3a2e1a5e 2824 $arg is the RHS
2825
2826When supplied with a coderef, it is called as:
2827
2828 $coderef->($self, $field, $op, $arg)
2829
e3f9dff4 2830
2831=back
2832
9d48860e 2833For example, here is an implementation
e3f9dff4 2834of the MATCH .. AGAINST syntax for MySQL
2835
2836 my $sqlmaker = SQL::Abstract->new(special_ops => [
9d48860e 2837
e3f9dff4 2838 # special op for MySql MATCH (field) AGAINST(word1, word2, ...)
9d48860e 2839 {regex => qr/^match$/i,
e3f9dff4 2840 handler => sub {
2841 my ($self, $field, $op, $arg) = @_;
2842 $arg = [$arg] if not ref $arg;
2843 my $label = $self->_quote($field);
2844 my ($placeholder) = $self->_convert('?');
2845 my $placeholders = join ", ", (($placeholder) x @$arg);
2846 my $sql = $self->_sqlcase('match') . " ($label) "
2847 . $self->_sqlcase('against') . " ($placeholders) ";
2848 my @bind = $self->_bindtype($field, @$arg);
2849 return ($sql, @bind);
2850 }
2851 },
9d48860e 2852
e3f9dff4 2853 ]);
96449e8e 2854
2855
59f23b3d 2856=head1 UNARY OPERATORS
2857
112b5232 2858 my $sqlmaker = SQL::Abstract->new(unary_ops => [
59f23b3d 2859 {
2860 regex => qr/.../,
2861 handler => sub {
2862 my ($self, $op, $arg) = @_;
2863 ...
2864 },
2865 },
2866 {
2867 regex => qr/.../,
2868 handler => 'method_name',
2869 },
2870 ]);
2871
9d48860e 2872A "unary operator" is a SQL syntactic clause that can be
59f23b3d 2873applied to a field - the operator goes before the field
2874
2875You can write your own operator handlers - supply a C<unary_ops>
2876argument to the C<new> method. That argument takes an arrayref of
2877operator definitions; each operator definition is a hashref with two
2878entries:
2879
2880=over
2881
2882=item regex
2883
2884the regular expression to match the operator
2885
2886=item handler
2887
2888Either a coderef or a plain scalar method name. In both cases
2889the expected return is C<< $sql >>.
2890
2891When supplied with a method name, it is simply called on the
13cc86af 2892L<SQL::Abstract> object as:
59f23b3d 2893
ca4f826a 2894 $self->$method_name($op, $arg)
59f23b3d 2895
2896 Where:
2897
2898 $op is the part that matched the handler regex
2899 $arg is the RHS or argument of the operator
2900
2901When supplied with a coderef, it is called as:
2902
2903 $coderef->($self, $op, $arg)
2904
2905
2906=back
2907
2908
32eab2da 2909=head1 PERFORMANCE
2910
2911Thanks to some benchmarking by Mark Stosberg, it turns out that
2912this module is many orders of magnitude faster than using C<DBIx::Abstract>.
2913I must admit this wasn't an intentional design issue, but it's a
2914byproduct of the fact that you get to control your C<DBI> handles
2915yourself.
2916
2917To maximize performance, use a code snippet like the following:
2918
2919 # prepare a statement handle using the first row
2920 # and then reuse it for the rest of the rows
2921 my($sth, $stmt);
2922 for my $href (@array_of_hashrefs) {
2923 $stmt ||= $sql->insert('table', $href);
2924 $sth ||= $dbh->prepare($stmt);
2925 $sth->execute($sql->values($href));
2926 }
2927
2928The reason this works is because the keys in your C<$href> are sorted
2929internally by B<SQL::Abstract>. Thus, as long as your data retains
2930the same structure, you only have to generate the SQL the first time
2931around. On subsequent queries, simply use the C<values> function provided
2932by this module to return your values in the correct order.
2933
b864ba9b 2934However this depends on the values having the same type - if, for
2935example, the values of a where clause may either have values
2936(resulting in sql of the form C<column = ?> with a single bind
2937value), or alternatively the values might be C<undef> (resulting in
2938sql of the form C<column IS NULL> with no bind value) then the
2939caching technique suggested will not work.
96449e8e 2940
32eab2da 2941=head1 FORMBUILDER
2942
2943If you use my C<CGI::FormBuilder> module at all, you'll hopefully
2944really like this part (I do, at least). Building up a complex query
2945can be as simple as the following:
2946
2947 #!/usr/bin/perl
2948
46dc2f3e 2949 use warnings;
2950 use strict;
2951
32eab2da 2952 use CGI::FormBuilder;
2953 use SQL::Abstract;
2954
2955 my $form = CGI::FormBuilder->new(...);
2956 my $sql = SQL::Abstract->new;
2957
2958 if ($form->submitted) {
2959 my $field = $form->field;
2960 my $id = delete $field->{id};
2961 my($stmt, @bind) = $sql->update('table', $field, {id => $id});
2962 }
2963
2964Of course, you would still have to connect using C<DBI> to run the
2965query, but the point is that if you make your form look like your
2966table, the actual query script can be extremely simplistic.
2967
2968If you're B<REALLY> lazy (I am), check out C<HTML::QuickTable> for
9d48860e 2969a fast interface to returning and formatting data. I frequently
32eab2da 2970use these three modules together to write complex database query
2971apps in under 50 lines.
2972
af733667 2973=head1 HOW TO CONTRIBUTE
2974
2975Contributions are always welcome, in all usable forms (we especially
2976welcome documentation improvements). The delivery methods include git-
2977or unified-diff formatted patches, GitHub pull requests, or plain bug
2978reports either via RT or the Mailing list. Contributors are generally
2979granted full access to the official repository after their first several
2980patches pass successful review.
2981
2982This project is maintained in a git repository. The code and related tools are
2983accessible at the following locations:
d8cc1792 2984
2985=over
2986
af733667 2987=item * Official repo: L<git://git.shadowcat.co.uk/dbsrgits/SQL-Abstract.git>
2988
2989=item * Official gitweb: L<http://git.shadowcat.co.uk/gitweb/gitweb.cgi?p=dbsrgits/SQL-Abstract.git>
2990
2991=item * GitHub mirror: L<https://github.com/dbsrgits/sql-abstract>
d8cc1792 2992
af733667 2993=item * Authorized committers: L<ssh://dbsrgits@git.shadowcat.co.uk/SQL-Abstract.git>
d8cc1792 2994
2995=back
32eab2da 2996
96449e8e 2997=head1 CHANGES
2998
2999Version 1.50 was a major internal refactoring of C<SQL::Abstract>.
3000Great care has been taken to preserve the I<published> behavior
3001documented in previous versions in the 1.* family; however,
9d48860e 3002some features that were previously undocumented, or behaved
96449e8e 3003differently from the documentation, had to be changed in order
3004to clarify the semantics. Hence, client code that was relying
9d48860e 3005on some dark areas of C<SQL::Abstract> v1.*
96449e8e 3006B<might behave differently> in v1.50.
32eab2da 3007
be21dde3 3008The main changes are:
d2a8fe1a 3009
96449e8e 3010=over
32eab2da 3011
9d48860e 3012=item *
32eab2da 3013
3ae1c5e2 3014support for literal SQL through the C<< \ [ $sql, @bind ] >> syntax.
96449e8e 3015
3016=item *
3017
145fbfc8 3018support for the { operator => \"..." } construct (to embed literal SQL)
3019
3020=item *
3021
9c37b9c0 3022support for the { operator => \["...", @bind] } construct (to embed literal SQL with bind values)
3023
3024=item *
3025
96449e8e 3026optional support for L<array datatypes|/"Inserting and Updating Arrays">
3027
9d48860e 3028=item *
96449e8e 3029
be21dde3 3030defensive programming: check arguments
96449e8e 3031
3032=item *
3033
3034fixed bug with global logic, which was previously implemented
7cac25e6 3035through global variables yielding side-effects. Prior versions would
96449e8e 3036interpret C<< [ {cond1, cond2}, [cond3, cond4] ] >>
3037as C<< "(cond1 AND cond2) OR (cond3 AND cond4)" >>.
3038Now this is interpreted
3039as C<< "(cond1 AND cond2) OR (cond3 OR cond4)" >>.
3040
96449e8e 3041
3042=item *
3043
3044fixed semantics of _bindtype on array args
3045
9d48860e 3046=item *
96449e8e 3047
3048dropped the C<_anoncopy> of the %where tree. No longer necessary,
3049we just avoid shifting arrays within that tree.
3050
3051=item *
3052
3053dropped the C<_modlogic> function
3054
3055=back
32eab2da 3056
32eab2da 3057=head1 ACKNOWLEDGEMENTS
3058
3059There are a number of individuals that have really helped out with
3060this module. Unfortunately, most of them submitted bugs via CPAN
3061so I have no idea who they are! But the people I do know are:
3062
9d48860e 3063 Ash Berlin (order_by hash term support)
b643abe1 3064 Matt Trout (DBIx::Class support)
32eab2da 3065 Mark Stosberg (benchmarking)
3066 Chas Owens (initial "IN" operator support)
3067 Philip Collins (per-field SQL functions)
3068 Eric Kolve (hashref "AND" support)
3069 Mike Fragassi (enhancements to "BETWEEN" and "LIKE")
3070 Dan Kubb (support for "quote_char" and "name_sep")
f5aab26e 3071 Guillermo Roditi (patch to cleanup "IN" and "BETWEEN", fix and tests for _order_by)
48d9f5f8 3072 Laurent Dami (internal refactoring, extensible list of special operators, literal SQL)
dbdf7648 3073 Norbert Buchmuller (support for literal SQL in hashpair, misc. fixes & tests)
e96c510a 3074 Peter Rabbitson (rewrite of SQLA::Test, misc. fixes & tests)
02288357 3075 Oliver Charles (support for "RETURNING" after "INSERT")
32eab2da 3076
3077Thanks!
3078
32eab2da 3079=head1 SEE ALSO
3080
86298391 3081L<DBIx::Class>, L<DBIx::Abstract>, L<CGI::FormBuilder>, L<HTML::QuickTable>.
32eab2da 3082
32eab2da 3083=head1 AUTHOR
3084
b643abe1 3085Copyright (c) 2001-2007 Nathan Wiger <nwiger@cpan.org>. All Rights Reserved.
3086
3087This module is actively maintained by Matt Trout <mst@shadowcatsystems.co.uk>
32eab2da 3088
abe72f94 3089For support, your best bet is to try the C<DBIx::Class> users mailing list.
3090While not an official support venue, C<DBIx::Class> makes heavy use of
3091C<SQL::Abstract>, and as such list members there are very familiar with
3092how to create queries.
3093
0d067ded 3094=head1 LICENSE
3095
d988ab87 3096This module is free software; you may copy this under the same
3097terms as perl itself (either the GNU General Public License or
3098the Artistic License)
32eab2da 3099
3100=cut
Unnamed repository; edit this file 'description' to name the repository.