projects / scpubgit/Q-Branch.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | history | HEAD
Even though MRO::C is a dep of Moo, specify it explicitly
[scpubgit/Q-Branch.git] / lib / SQL / Abstract.pm
CommitLineData
96449e8e 1package SQL::Abstract; # see doc at end of file
2
96449e8e 3use strict;
4use warnings;
9d9d5bd6 5use Carp ();
312d830b 6use List::Util ();
7use Scalar::Util ();
96449e8e 8
0da0fe34 9use Exporter 'import';
10our @EXPORT_OK = qw(is_plain_value is_literal_value);
11
12BEGIN {
13 if ($] < 5.009_005) {
14 require MRO::Compat;
15 }
16 else {
17 require mro;
18 }
843a94b5 19
20 *SQL::Abstract::_ENV_::DETECT_AUTOGENERATED_STRINGIFICATION = $ENV{SQLA_ISVALUE_IGNORE_AUTOGENERATED_STRINGIFICATION}
21 ? sub () { 0 }
22 : sub () { 1 }
23 ;
0da0fe34 24}
25
96449e8e 26#======================================================================
27# GLOBALS
28#======================================================================
29
b54fd911 30our $VERSION = '1.78';
7479e27e 31
22f1a437 32# This would confuse some packagers
c520207b 33$VERSION = eval $VERSION if $VERSION =~ /_/; # numify for warning-free dev releases
96449e8e 34
35our $AUTOLOAD;
36
37# special operators (-in, -between). May be extended/overridden by user.
38# See section WHERE: BUILTIN SPECIAL OPERATORS below for implementation
39my @BUILTIN_SPECIAL_OPS = (
b8db59b8 40 {regex => qr/^ (?: not \s )? between $/ix, handler => '_where_field_BETWEEN'},
41 {regex => qr/^ (?: not \s )? in $/ix, handler => '_where_field_IN'},
cc422895 42 {regex => qr/^ ident $/ix, handler => '_where_op_IDENT'},
43 {regex => qr/^ value $/ix, handler => '_where_op_VALUE'},
b9b5a0b1 44 {regex => qr/^ is (?: \s+ not )? $/ix, handler => '_where_field_IS'},
96449e8e 45);
46
97a920ef 47# unaryish operators - key maps to handler
59f23b3d 48my @BUILTIN_UNARY_OPS = (
a47b433a 49 # the digits are backcompat stuff
b8db59b8 50 { regex => qr/^ and (?: [_\s]? \d+ )? $/xi, handler => '_where_op_ANDOR' },
51 { regex => qr/^ or (?: [_\s]? \d+ )? $/xi, handler => '_where_op_ANDOR' },
52 { regex => qr/^ nest (?: [_\s]? \d+ )? $/xi, handler => '_where_op_NEST' },
53 { regex => qr/^ (?: not \s )? bool $/xi, handler => '_where_op_BOOL' },
cc422895 54 { regex => qr/^ ident $/xi, handler => '_where_op_IDENT' },
b9b5a0b1 55 { regex => qr/^ value $/xi, handler => '_where_op_VALUE' },
59f23b3d 56);
97a920ef 57
96449e8e 58#======================================================================
59# DEBUGGING AND ERROR REPORTING
60#======================================================================
61
62sub _debug {
63 return unless $_[0]->{debug}; shift; # a little faster
64 my $func = (caller(1))[3];
65 warn "[$func] ", @_, "\n";
66}
67
68sub belch (@) {
69 my($func) = (caller(1))[3];
9d9d5bd6 70 Carp::carp "[$func] Warning: ", @_;
96449e8e 71}
72
73sub puke (@) {
74 my($func) = (caller(1))[3];
9d9d5bd6 75 Carp::croak "[$func] Fatal: ", @_;
96449e8e 76}
77
0da0fe34 78sub is_literal_value ($) {
79 ref $_[0] eq 'SCALAR' ? [ ${$_[0]} ]
80 : ( ref $_[0] eq 'REF' and ref ${$_[0]} eq 'ARRAY' ) ? [ @${ $_[0] } ]
81 : (
82 ref $_[0] eq 'HASH' and keys %{$_[0]} == 1
83 and
84 defined $_[0]->{-ident} and ! length ref $_[0]->{-ident}
85 ) ? [ $_[0]->{-ident} ]
86 : undef;
87}
88
89# FIXME XSify - this can be done so much more efficiently
90sub is_plain_value ($) {
91 no strict 'refs';
966200cc 92 ! length ref $_[0] ? \($_[0])
0da0fe34 93 : (
94 ref $_[0] eq 'HASH' and keys %{$_[0]} == 1
95 and
96 exists $_[0]->{-value}
966200cc 97 ) ? \($_[0]->{-value})
0da0fe34 98 : (
a1c9e0ff 99 # reuse @_ for even moar speedz
100 defined ( $_[1] = Scalar::Util::blessed $_[0] )
0da0fe34 101 and
102 # deliberately not using Devel::OverloadInfo - the checks we are
103 # intersted in are much more limited than the fullblown thing, and
104 # this is a very hot piece of code
105 (
e8d729d4 106 # simply using ->can('(""') can leave behind stub methods that
107 # break actually using the overload later (see L<perldiag/Stub
108 # found while resolving method "%s" overloading "%s" in package
109 # "%s"> and the source of overload::mycan())
44e54b41 110 #
0da0fe34 111 # either has stringification which DBI SHOULD prefer out of the box
a1c9e0ff 112 grep { *{ (qq[${_}::(""]) }{CODE} } @{ $_[2] = mro::get_linear_isa( $_[1] ) }
0da0fe34 113 or
20e178a8 114 # has nummification or boolification, AND fallback is *not* disabled
0da0fe34 115 (
843a94b5 116 SQL::Abstract::_ENV_::DETECT_AUTOGENERATED_STRINGIFICATION
117 and
20e178a8 118 (
119 grep { *{"${_}::(0+"}{CODE} } @{$_[2]}
120 or
121 grep { *{"${_}::(bool"}{CODE} } @{$_[2]}
122 )
0da0fe34 123 and
124 (
125 # no fallback specified at all
a1c9e0ff 126 ! ( ($_[3]) = grep { *{"${_}::()"}{CODE} } @{$_[2]} )
0da0fe34 127 or
128 # fallback explicitly undef
a1c9e0ff 129 ! defined ${"$_[3]::()"}
0da0fe34 130 or
131 # explicitly true
a1c9e0ff 132 !! ${"$_[3]::()"}
0da0fe34 133 )
134 )
135 )
966200cc 136 ) ? \($_[0])
0da0fe34 137 : undef;
138}
139
140
96449e8e 141
142#======================================================================
143# NEW
144#======================================================================
145
146sub new {
147 my $self = shift;
148 my $class = ref($self) || $self;
149 my %opt = (ref $_[0] eq 'HASH') ? %{$_[0]} : @_;
150
151 # choose our case by keeping an option around
152 delete $opt{case} if $opt{case} && $opt{case} ne 'lower';
153
154 # default logic for interpreting arrayrefs
ef559da3 155 $opt{logic} = $opt{logic} ? uc $opt{logic} : 'OR';
96449e8e 156
157 # how to return bind vars
96449e8e 158 $opt{bindtype} ||= 'normal';
159
160 # default comparison is "=", but can be overridden
161 $opt{cmp} ||= '=';
162
3af02ccb 163 # try to recognize which are the 'equality' and 'inequality' ops
3cdadcbe 164 # (temporary quickfix (in 2007), should go through a more seasoned API)
165 $opt{equality_op} = qr/^( \Q$opt{cmp}\E | \= )$/ix;
166 $opt{inequality_op} = qr/^( != | <> )$/ix;
167
168 $opt{like_op} = qr/^ (is\s+)? r?like $/xi;
169 $opt{not_like_op} = qr/^ (is\s+)? not \s+ r?like $/xi;
96449e8e 170
171 # SQL booleans
172 $opt{sqltrue} ||= '1=1';
173 $opt{sqlfalse} ||= '0=1';
174
9d48860e 175 # special operators
96449e8e 176 $opt{special_ops} ||= [];
b6251592 177 # regexes are applied in order, thus push after user-defines
96449e8e 178 push @{$opt{special_ops}}, @BUILTIN_SPECIAL_OPS;
179
9d48860e 180 # unary operators
59f23b3d 181 $opt{unary_ops} ||= [];
182 push @{$opt{unary_ops}}, @BUILTIN_UNARY_OPS;
183
3af02ccb 184 # rudimentary sanity-check for user supplied bits treated as functions/operators
b6251592 185 # If a purported function matches this regular expression, an exception is thrown.
186 # Literal SQL is *NOT* subject to this check, only functions (and column names
187 # when quoting is not in effect)
96449e8e 188
b6251592 189 # FIXME
190 # need to guard against ()'s in column names too, but this will break tons of
191 # hacks... ideas anyone?
192 $opt{injection_guard} ||= qr/
193 \;
194 |
195 ^ \s* go \s
196 /xmi;
96449e8e 197
b6251592 198 return bless \%opt, $class;
199}
96449e8e 200
170e6c33 201
202sub _assert_pass_injection_guard {
203 if ($_[1] =~ $_[0]->{injection_guard}) {
204 my $class = ref $_[0];
205 puke "Possible SQL injection attempt '$_[1]'. If this is indeed a part of the "
206 . "desired SQL use literal SQL ( \'...' or \[ '...' ] ) or supply your own "
207 . "{injection_guard} attribute to ${class}->new()"
208 }
209}
210
211
96449e8e 212#======================================================================
213# INSERT methods
214#======================================================================
215
216sub insert {
02288357 217 my $self = shift;
218 my $table = $self->_table(shift);
219 my $data = shift || return;
220 my $options = shift;
96449e8e 221
222 my $method = $self->_METHOD_FOR_refkind("_insert", $data);
02288357 223 my ($sql, @bind) = $self->$method($data);
96449e8e 224 $sql = join " ", $self->_sqlcase('insert into'), $table, $sql;
02288357 225
e82e648a 226 if ($options->{returning}) {
227 my ($s, @b) = $self->_insert_returning ($options);
228 $sql .= $s;
229 push @bind, @b;
02288357 230 }
231
96449e8e 232 return wantarray ? ($sql, @bind) : $sql;
233}
234
6b1fe79d 235sub _insert_returning {
e82e648a 236 my ($self, $options) = @_;
6b1fe79d 237
e82e648a 238 my $f = $options->{returning};
239
240 my $fieldlist = $self->_SWITCH_refkind($f, {
241 ARRAYREF => sub {join ', ', map { $self->_quote($_) } @$f;},
242 SCALAR => sub {$self->_quote($f)},
243 SCALARREF => sub {$$f},
6b1fe79d 244 });
e82e648a 245 return $self->_sqlcase(' returning ') . $fieldlist;
6b1fe79d 246}
247
96449e8e 248sub _insert_HASHREF { # explicit list of fields and then values
249 my ($self, $data) = @_;
250
251 my @fields = sort keys %$data;
252
fe3ae272 253 my ($sql, @bind) = $self->_insert_values($data);
96449e8e 254
255 # assemble SQL
256 $_ = $self->_quote($_) foreach @fields;
257 $sql = "( ".join(", ", @fields).") ".$sql;
258
259 return ($sql, @bind);
260}
261
262sub _insert_ARRAYREF { # just generate values(?,?) part (no list of fields)
263 my ($self, $data) = @_;
264
265 # no names (arrayref) so can't generate bindtype
266 $self->{bindtype} ne 'columns'
267 or belch "can't do 'columns' bindtype when called with arrayref";
268
fe3ae272 269 # fold the list of values into a hash of column name - value pairs
270 # (where the column names are artificially generated, and their
271 # lexicographical ordering keep the ordering of the original list)
272 my $i = "a"; # incremented values will be in lexicographical order
273 my $data_in_hash = { map { ($i++ => $_) } @$data };
274
275 return $self->_insert_values($data_in_hash);
276}
277
278sub _insert_ARRAYREFREF { # literal SQL with bind
279 my ($self, $data) = @_;
280
281 my ($sql, @bind) = @${$data};
282 $self->_assert_bindval_matches_bindtype(@bind);
283
284 return ($sql, @bind);
285}
286
287
288sub _insert_SCALARREF { # literal SQL without bind
289 my ($self, $data) = @_;
290
291 return ($$data);
292}
293
294sub _insert_values {
295 my ($self, $data) = @_;
296
96449e8e 297 my (@values, @all_bind);
fe3ae272 298 foreach my $column (sort keys %$data) {
299 my $v = $data->{$column};
96449e8e 300
301 $self->_SWITCH_refkind($v, {
302
9d48860e 303 ARRAYREF => sub {
96449e8e 304 if ($self->{array_datatypes}) { # if array datatype are activated
305 push @values, '?';
fe3ae272 306 push @all_bind, $self->_bindtype($column, $v);
96449e8e 307 }
308 else { # else literal SQL with bind
309 my ($sql, @bind) = @$v;
fe3ae272 310 $self->_assert_bindval_matches_bindtype(@bind);
96449e8e 311 push @values, $sql;
312 push @all_bind, @bind;
313 }
314 },
315
316 ARRAYREFREF => sub { # literal SQL with bind
317 my ($sql, @bind) = @${$v};
fe3ae272 318 $self->_assert_bindval_matches_bindtype(@bind);
96449e8e 319 push @values, $sql;
320 push @all_bind, @bind;
321 },
322
9d48860e 323 # THINK : anything useful to do with a HASHREF ?
5db47f9f 324 HASHREF => sub { # (nothing, but old SQLA passed it through)
325 #TODO in SQLA >= 2.0 it will die instead
326 belch "HASH ref as bind value in insert is not supported";
327 push @values, '?';
fe3ae272 328 push @all_bind, $self->_bindtype($column, $v);
5db47f9f 329 },
96449e8e 330
331 SCALARREF => sub { # literal SQL without bind
332 push @values, $$v;
333 },
334
335 SCALAR_or_UNDEF => sub {
336 push @values, '?';
fe3ae272 337 push @all_bind, $self->_bindtype($column, $v);
96449e8e 338 },
339
340 });
341
342 }
343
344 my $sql = $self->_sqlcase('values')." ( ".join(", ", @values)." )";
345 return ($sql, @all_bind);
346}
347
348
96449e8e 349
350#======================================================================
351# UPDATE methods
352#======================================================================
353
354
355sub update {
356 my $self = shift;
357 my $table = $self->_table(shift);
358 my $data = shift || return;
359 my $where = shift;
360
361 # first build the 'SET' part of the sql statement
362 my (@set, @all_bind);
363 puke "Unsupported data type specified to \$sql->update"
364 unless ref $data eq 'HASH';
365
366 for my $k (sort keys %$data) {
367 my $v = $data->{$k};
368 my $r = ref $v;
369 my $label = $self->_quote($k);
370
371 $self->_SWITCH_refkind($v, {
9d48860e 372 ARRAYREF => sub {
96449e8e 373 if ($self->{array_datatypes}) { # array datatype
374 push @set, "$label = ?";
375 push @all_bind, $self->_bindtype($k, $v);
376 }
377 else { # literal SQL with bind
378 my ($sql, @bind) = @$v;
fe3ae272 379 $self->_assert_bindval_matches_bindtype(@bind);
96449e8e 380 push @set, "$label = $sql";
fe3ae272 381 push @all_bind, @bind;
96449e8e 382 }
383 },
384 ARRAYREFREF => sub { # literal SQL with bind
385 my ($sql, @bind) = @${$v};
fe3ae272 386 $self->_assert_bindval_matches_bindtype(@bind);
96449e8e 387 push @set, "$label = $sql";
fe3ae272 388 push @all_bind, @bind;
96449e8e 389 },
390 SCALARREF => sub { # literal SQL without bind
391 push @set, "$label = $$v";
0ec3aec7 392 },
393 HASHREF => sub {
394 my ($op, $arg, @rest) = %$v;
395
396 puke 'Operator calls in update must be in the form { -op => $arg }'
397 if (@rest or not $op =~ /^\-(.+)/);
398
399 local $self->{_nested_func_lhs} = $k;
400 my ($sql, @bind) = $self->_where_unary_op ($1, $arg);
401
402 push @set, "$label = $sql";
403 push @all_bind, @bind;
404 },
96449e8e 405 SCALAR_or_UNDEF => sub {
406 push @set, "$label = ?";
407 push @all_bind, $self->_bindtype($k, $v);
408 },
409 });
410 }
411
412 # generate sql
413 my $sql = $self->_sqlcase('update') . " $table " . $self->_sqlcase('set ')
414 . join ', ', @set;
415
416 if ($where) {
417 my($where_sql, @where_bind) = $self->where($where);
418 $sql .= $where_sql;
419 push @all_bind, @where_bind;
420 }
421
422 return wantarray ? ($sql, @all_bind) : $sql;
423}
424
425
426
427
428#======================================================================
429# SELECT
430#======================================================================
431
432
433sub select {
434 my $self = shift;
435 my $table = $self->_table(shift);
436 my $fields = shift || '*';
437 my $where = shift;
438 my $order = shift;
439
440 my($where_sql, @bind) = $self->where($where, $order);
441
442 my $f = (ref $fields eq 'ARRAY') ? join ', ', map { $self->_quote($_) } @$fields
443 : $fields;
9d48860e 444 my $sql = join(' ', $self->_sqlcase('select'), $f,
96449e8e 445 $self->_sqlcase('from'), $table)
446 . $where_sql;
447
9d48860e 448 return wantarray ? ($sql, @bind) : $sql;
96449e8e 449}
450
451#======================================================================
452# DELETE
453#======================================================================
454
455
456sub delete {
457 my $self = shift;
458 my $table = $self->_table(shift);
459 my $where = shift;
460
461
462 my($where_sql, @bind) = $self->where($where);
463 my $sql = $self->_sqlcase('delete from') . " $table" . $where_sql;
464
9d48860e 465 return wantarray ? ($sql, @bind) : $sql;
96449e8e 466}
467
468
469#======================================================================
470# WHERE: entry point
471#======================================================================
472
473
474
475# Finally, a separate routine just to handle WHERE clauses
476sub where {
477 my ($self, $where, $order) = @_;
478
479 # where ?
480 my ($sql, @bind) = $self->_recurse_where($where);
481 $sql = $sql ? $self->_sqlcase(' where ') . "( $sql )" : '';
482
483 # order by?
484 if ($order) {
485 $sql .= $self->_order_by($order);
486 }
487
9d48860e 488 return wantarray ? ($sql, @bind) : $sql;
96449e8e 489}
490
491
492sub _recurse_where {
493 my ($self, $where, $logic) = @_;
494
495 # dispatch on appropriate method according to refkind of $where
496 my $method = $self->_METHOD_FOR_refkind("_where", $where);
311b2151 497
9d48860e 498 my ($sql, @bind) = $self->$method($where, $logic);
311b2151 499
abe1a491 500 # DBIx::Class used to call _recurse_where in scalar context
501 # something else might too...
502 if (wantarray) {
503 return ($sql, @bind);
504 }
505 else {
506 belch "Calling _recurse_where in scalar context is deprecated and will go away before 2.0";
507 return $sql;
508 }
96449e8e 509}
510
511
512
513#======================================================================
514# WHERE: top-level ARRAYREF
515#======================================================================
516
517
518sub _where_ARRAYREF {
5e1d09d5 519 my ($self, $where, $logic) = @_;
96449e8e 520
5e1d09d5 521 $logic = uc($logic || $self->{logic});
96449e8e 522 $logic eq 'AND' or $logic eq 'OR' or puke "unknown logic: $logic";
523
524 my @clauses = @$where;
525
96449e8e 526 my (@sql_clauses, @all_bind);
96449e8e 527 # need to use while() so can shift() for pairs
b5a576d2 528 while (@clauses) {
529 my $el = shift @clauses;
530
531 $el = undef if (defined $el and ! length $el);
96449e8e 532
533 # switch according to kind of $el and get corresponding ($sql, @bind)
534 my ($sql, @bind) = $self->_SWITCH_refkind($el, {
535
536 # skip empty elements, otherwise get invalid trailing AND stuff
537 ARRAYREF => sub {$self->_recurse_where($el) if @$el},
538
c94a6c93 539 ARRAYREFREF => sub {
540 my ($s, @b) = @$$el;
541 $self->_assert_bindval_matches_bindtype(@b);
542 ($s, @b);
543 },
474e3335 544
96449e8e 545 HASHREF => sub {$self->_recurse_where($el, 'and') if %$el},
96449e8e 546
547 SCALARREF => sub { ($$el); },
548
b5a576d2 549 SCALAR => sub {
550 # top-level arrayref with scalars, recurse in pairs
551 $self->_recurse_where({$el => shift(@clauses)})
552 },
96449e8e 553
b5a576d2 554 UNDEF => sub {puke "Supplying an empty left hand side argument is not supported in array-pairs" },
96449e8e 555 });
556
4b7b6026 557 if ($sql) {
558 push @sql_clauses, $sql;
559 push @all_bind, @bind;
560 }
96449e8e 561 }
562
563 return $self->_join_sql_clauses($logic, \@sql_clauses, \@all_bind);
564}
565
474e3335 566#======================================================================
567# WHERE: top-level ARRAYREFREF
568#======================================================================
96449e8e 569
474e3335 570sub _where_ARRAYREFREF {
571 my ($self, $where) = @_;
c94a6c93 572 my ($sql, @bind) = @$$where;
573 $self->_assert_bindval_matches_bindtype(@bind);
474e3335 574 return ($sql, @bind);
575}
96449e8e 576
577#======================================================================
578# WHERE: top-level HASHREF
579#======================================================================
580
581sub _where_HASHREF {
582 my ($self, $where) = @_;
583 my (@sql_clauses, @all_bind);
584
2281c758 585 for my $k (sort keys %$where) {
96449e8e 586 my $v = $where->{$k};
587
2281c758 588 # ($k => $v) is either a special unary op or a regular hashpair
589 my ($sql, @bind) = do {
590 if ($k =~ /^-./) {
591 # put the operator in canonical form
592 my $op = $k;
b8db59b8 593 $op = substr $op, 1; # remove initial dash
2281c758 594 $op =~ s/^\s+|\s+$//g;# remove leading/trailing space
b8db59b8 595 $op =~ s/\s+/ /g; # compress whitespace
596
597 # so that -not_foo works correctly
598 $op =~ s/^not_/NOT /i;
2281c758 599
600 $self->_debug("Unary OP(-$op) within hashref, recursing...");
0ec3aec7 601 my ($s, @b) = $self->_where_unary_op ($op, $v);
602
603 # top level vs nested
604 # we assume that handled unary ops will take care of their ()s
605 $s = "($s)" unless (
606 List::Util::first {$op =~ $_->{regex}} @{$self->{unary_ops}}
607 or
608 defined($self->{_nested_func_lhs}) && ($self->{_nested_func_lhs} eq $k)
609 );
610 ($s, @b);
2281c758 611 }
612 else {
b5a576d2 613 if (! length $k) {
614 if (is_literal_value ($v) ) {
615 belch 'Hash-pairs consisting of an empty string with a literal are deprecated, and will be removed in 2.0: use -and => [ $literal ] instead';
616 }
617 else {
618 puke "Supplying an empty left hand side argument is not supported in hash-pairs";
619 }
620 }
621
2281c758 622 my $method = $self->_METHOD_FOR_refkind("_where_hashpair", $v);
623 $self->$method($k, $v);
624 }
625 };
96449e8e 626
627 push @sql_clauses, $sql;
628 push @all_bind, @bind;
629 }
630
631 return $self->_join_sql_clauses('and', \@sql_clauses, \@all_bind);
632}
633
0ec3aec7 634sub _where_unary_op {
2281c758 635 my ($self, $op, $rhs) = @_;
96449e8e 636
0ec3aec7 637 if (my $op_entry = List::Util::first {$op =~ $_->{regex}} @{$self->{unary_ops}}) {
638 my $handler = $op_entry->{handler};
639
640 if (not ref $handler) {
641 if ($op =~ s/ [_\s]? \d+ $//x ) {
642 belch 'Use of [and|or|nest]_N modifiers is deprecated and will be removed in SQLA v2.0. '
643 . "You probably wanted ...-and => [ -$op => COND1, -$op => COND2 ... ]";
644 }
645 return $self->$handler ($op, $rhs);
646 }
647 elsif (ref $handler eq 'CODE') {
648 return $handler->($self, $op, $rhs);
649 }
650 else {
651 puke "Illegal handler for operator $op - expecting a method name or a coderef";
652 }
653 }
654
3d86e3b1 655 $self->_debug("Generic unary OP: $op - recursing as function");
0ec3aec7 656
170e6c33 657 $self->_assert_pass_injection_guard($op);
b6251592 658
2281c758 659 my ($sql, @bind) = $self->_SWITCH_refkind ($rhs, {
660 SCALAR => sub {
a7661cfc 661 puke "Illegal use of top-level '$op'"
662 unless $self->{_nested_func_lhs};
663
664 return (
665 $self->_convert('?'),
666 $self->_bindtype($self->{_nested_func_lhs}, $rhs)
667 );
2281c758 668 },
669 FALLBACK => sub {
670 $self->_recurse_where ($rhs)
671 },
672 });
96449e8e 673
953d164e 674 $sql = sprintf ('%s %s',
2281c758 675 $self->_sqlcase($op),
953d164e 676 $sql,
2281c758 677 );
96449e8e 678
2281c758 679 return ($sql, @bind);
97a920ef 680}
681
682sub _where_op_ANDOR {
2281c758 683 my ($self, $op, $v) = @_;
97a920ef 684
685 $self->_SWITCH_refkind($v, {
686 ARRAYREF => sub {
687 return $self->_where_ARRAYREF($v, $op);
688 },
689
690 HASHREF => sub {
59f23b3d 691 return ( $op =~ /^or/i )
97a920ef 692 ? $self->_where_ARRAYREF( [ map { $_ => $v->{$_} } ( sort keys %$v ) ], $op )
693 : $self->_where_HASHREF($v);
694 },
695
9d48860e 696 SCALARREF => sub {
48d9f5f8 697 puke "-$op => \\\$scalar makes little sense, use " .
a0d6d323 698 ($op =~ /^or/i
48d9f5f8 699 ? '[ \$scalar, \%rest_of_conditions ] instead'
700 : '-and => [ \$scalar, \%rest_of_conditions ] instead'
701 );
97a920ef 702 },
703
704 ARRAYREFREF => sub {
48d9f5f8 705 puke "-$op => \\[...] makes little sense, use " .
a0d6d323 706 ($op =~ /^or/i
48d9f5f8 707 ? '[ \[...], \%rest_of_conditions ] instead'
708 : '-and => [ \[...], \%rest_of_conditions ] instead'
709 );
97a920ef 710 },
711
712 SCALAR => sub { # permissively interpreted as SQL
48d9f5f8 713 puke "-$op => \$value makes little sense, use -bool => \$value instead";
97a920ef 714 },
715
716 UNDEF => sub {
717 puke "-$op => undef not supported";
718 },
719 });
720}
721
722sub _where_op_NEST {
9d48860e 723 my ($self, $op, $v) = @_;
97a920ef 724
96449e8e 725 $self->_SWITCH_refkind($v, {
726
96449e8e 727 SCALAR => sub { # permissively interpreted as SQL
01a01e57 728 belch "literal SQL should be -nest => \\'scalar' "
729 . "instead of -nest => 'scalar' ";
9d48860e 730 return ($v);
96449e8e 731 },
732
733 UNDEF => sub {
734 puke "-$op => undef not supported";
735 },
e9501094 736
737 FALLBACK => sub {
738 $self->_recurse_where ($v);
739 },
740
96449e8e 741 });
742}
743
744
97a920ef 745sub _where_op_BOOL {
9d48860e 746 my ($self, $op, $v) = @_;
97a920ef 747
b8db59b8 748 my ($s, @b) = $self->_SWITCH_refkind($v, {
749 SCALAR => sub { # interpreted as SQL column
750 $self->_convert($self->_quote($v));
751 },
ef03f1bc 752
b8db59b8 753 UNDEF => sub {
754 puke "-$op => undef not supported";
755 },
97a920ef 756
b8db59b8 757 FALLBACK => sub {
758 $self->_recurse_where ($v);
759 },
760 });
ef03f1bc 761
b8db59b8 762 $s = "(NOT $s)" if $op =~ /^not/i;
763 ($s, @b);
97a920ef 764}
765
766
cc422895 767sub _where_op_IDENT {
768 my $self = shift;
769 my ($op, $rhs) = splice @_, -2;
8aa76984 770 if (! defined $rhs or length ref $rhs) {
771 puke "-$op requires a single plain scalar argument (a quotable identifier)";
cc422895 772 }
773
774 # in case we are called as a top level special op (no '=')
775 my $lhs = shift;
776
777 $_ = $self->_convert($self->_quote($_)) for ($lhs, $rhs);
778
779 return $lhs
780 ? "$lhs = $rhs"
781 : $rhs
782 ;
783}
784
785sub _where_op_VALUE {
786 my $self = shift;
787 my ($op, $rhs) = splice @_, -2;
788
789 # in case we are called as a top level special op (no '=')
790 my $lhs = shift;
791
422ed2de 792 # special-case NULL
793 if (! defined $rhs) {
794 return $lhs
795 ? $self->_convert($self->_quote($lhs)) . ' IS NULL'
796 : undef
797 ;
798 }
799
cc422895 800 my @bind =
801 $self->_bindtype (
802 ($lhs || $self->{_nested_func_lhs}),
803 $rhs,
804 )
805 ;
806
807 return $lhs
808 ? (
809 $self->_convert($self->_quote($lhs)) . ' = ' . $self->_convert('?'),
810 @bind
811 )
812 : (
813 $self->_convert('?'),
814 @bind,
815 )
816 ;
817}
818
96449e8e 819sub _where_hashpair_ARRAYREF {
820 my ($self, $k, $v) = @_;
821
822 if( @$v ) {
823 my @v = @$v; # need copy because of shift below
824 $self->_debug("ARRAY($k) means distribute over elements");
825
826 # put apart first element if it is an operator (-and, -or)
e3cecb45 827 my $op = (
828 (defined $v[0] && $v[0] =~ /^ - (?: AND|OR ) $/ix)
829 ? shift @v
830 : ''
04d940de 831 );
96449e8e 832 my @distributed = map { {$k => $_} } @v;
04d940de 833
834 if ($op) {
835 $self->_debug("OP($op) reinjected into the distributed array");
836 unshift @distributed, $op;
837 }
838
f67591bf 839 my $logic = $op ? substr($op, 1) : '';
96449e8e 840
f67591bf 841 return $self->_recurse_where(\@distributed, $logic);
9d48860e 842 }
96449e8e 843 else {
96449e8e 844 $self->_debug("empty ARRAY($k) means 0=1");
845 return ($self->{sqlfalse});
846 }
847}
848
849sub _where_hashpair_HASHREF {
eb49170d 850 my ($self, $k, $v, $logic) = @_;
851 $logic ||= 'and';
96449e8e 852
a7661cfc 853 local $self->{_nested_func_lhs} = $self->{_nested_func_lhs};
a7661cfc 854
eb49170d 855 my ($all_sql, @all_bind);
96449e8e 856
a47b433a 857 for my $orig_op (sort keys %$v) {
858 my $val = $v->{$orig_op};
96449e8e 859
860 # put the operator in canonical form
a47b433a 861 my $op = $orig_op;
b8db59b8 862
863 # FIXME - we need to phase out dash-less ops
864 $op =~ s/^-//; # remove possible initial dash
a47b433a 865 $op =~ s/^\s+|\s+$//g;# remove leading/trailing space
b8db59b8 866 $op =~ s/\s+/ /g; # compress whitespace
867
170e6c33 868 $self->_assert_pass_injection_guard($op);
b6251592 869
b9b5a0b1 870 # fixup is_not
871 $op =~ s/^is_not/IS NOT/i;
872
b8db59b8 873 # so that -not_foo works correctly
874 $op =~ s/^not_/NOT /i;
96449e8e 875
422ed2de 876 # another retarded special case: foo => { $op => { -value => undef } }
877 if (ref $val eq 'HASH' and keys %$val == 1 and exists $val->{-value} and ! defined $val->{-value} ) {
878 $val = undef;
879 }
880
96449e8e 881 my ($sql, @bind);
882
2281c758 883 # CASE: col-value logic modifiers
884 if ( $orig_op =~ /^ \- (and|or) $/xi ) {
885 ($sql, @bind) = $self->_where_hashpair_HASHREF($k, $val, $1);
886 }
96449e8e 887 # CASE: special operators like -in or -between
312d830b 888 elsif ( my $special_op = List::Util::first {$op =~ $_->{regex}} @{$self->{special_ops}} ) {
3a2e1a5e 889 my $handler = $special_op->{handler};
890 if (! $handler) {
a47b433a 891 puke "No handler supplied for special operator $orig_op";
3a2e1a5e 892 }
893 elsif (not ref $handler) {
894 ($sql, @bind) = $self->$handler ($k, $op, $val);
895 }
896 elsif (ref $handler eq 'CODE') {
897 ($sql, @bind) = $handler->($self, $k, $op, $val);
898 }
899 else {
a47b433a 900 puke "Illegal handler for special operator $orig_op - expecting a method name or a coderef";
3a2e1a5e 901 }
96449e8e 902 }
96449e8e 903 else {
cf838930 904 $self->_SWITCH_refkind($val, {
905
906 ARRAYREF => sub { # CASE: col => {op => \@vals}
907 ($sql, @bind) = $self->_where_field_op_ARRAYREF($k, $op, $val);
908 },
909
fe3ae272 910 ARRAYREFREF => sub { # CASE: col => {op => \[$sql, @bind]} (literal SQL with bind)
b3be7bd0 911 my ($sub_sql, @sub_bind) = @$$val;
fe3ae272 912 $self->_assert_bindval_matches_bindtype(@sub_bind);
b3be7bd0 913 $sql = join ' ', $self->_convert($self->_quote($k)),
914 $self->_sqlcase($op),
915 $sub_sql;
fe3ae272 916 @bind = @sub_bind;
b3be7bd0 917 },
918
cf838930 919 UNDEF => sub { # CASE: col => {op => undef} : sql "IS (NOT)? NULL"
3cdadcbe 920 my $is =
40f2f231 921 $op =~ /^not$/i ? 'is not' # legacy
922 : $op =~ $self->{equality_op} ? 'is'
3cdadcbe 923 : $op =~ $self->{like_op} ? belch("Supplying an undefined argument to '@{[ uc $op]}' is deprecated") && 'is'
924 : $op =~ $self->{inequality_op} ? 'is not'
925 : $op =~ $self->{not_like_op} ? belch("Supplying an undefined argument to '@{[ uc $op]}' is deprecated") && 'is not'
926 : puke "unexpected operator '$orig_op' with undef operand";
927
cf838930 928 $sql = $self->_quote($k) . $self->_sqlcase(" $is null");
929 },
a47b433a 930
2281c758 931 FALLBACK => sub { # CASE: col => {op/func => $stuff}
07936978 932
953d164e 933 # retain for proper column type bind
934 $self->{_nested_func_lhs} ||= $k;
07936978 935
0ec3aec7 936 ($sql, @bind) = $self->_where_unary_op ($op, $val);
953d164e 937
938 $sql = join (' ',
939 $self->_convert($self->_quote($k)),
940 $self->{_nested_func_lhs} eq $k ? $sql : "($sql)", # top level vs nested
941 );
cf838930 942 },
943 });
96449e8e 944 }
945
eb49170d 946 ($all_sql) = (defined $all_sql and $all_sql) ? $self->_join_sql_clauses($logic, [$all_sql, $sql], []) : $sql;
96449e8e 947 push @all_bind, @bind;
948 }
eb49170d 949 return ($all_sql, @all_bind);
96449e8e 950}
951
b9b5a0b1 952sub _where_field_IS {
953 my ($self, $k, $op, $v) = @_;
954
955 my ($s) = $self->_SWITCH_refkind($v, {
956 UNDEF => sub {
957 join ' ',
958 $self->_convert($self->_quote($k)),
959 map { $self->_sqlcase($_)} ($op, 'null')
960 },
961 FALLBACK => sub {
962 puke "$op can only take undef as argument";
963 },
964 });
96449e8e 965
b9b5a0b1 966 $s;
967}
96449e8e 968
969sub _where_field_op_ARRAYREF {
970 my ($self, $k, $op, $vals) = @_;
971
ce261791 972 my @vals = @$vals; #always work on a copy
973
974 if(@vals) {
bd6a65ca 975 $self->_debug(sprintf '%s means multiple elements: [ %s ]',
976 $vals,
977 join (', ', map { defined $_ ? "'$_'" : 'NULL' } @vals ),
978 );
96449e8e 979
4030915f 980 # see if the first element is an -and/-or op
981 my $logic;
bd6a65ca 982 if (defined $vals[0] && $vals[0] =~ /^ - ( AND|OR ) $/ix) {
4030915f 983 $logic = uc $1;
ce261791 984 shift @vals;
4030915f 985 }
986
3cdadcbe 987 # a long standing API wart - an attempt to change this behavior during
988 # the 1.50 series failed *spectacularly*. Warn instead and leave the
989 # behavior as is
990 if (
991 @vals > 1
992 and
993 (!$logic or $logic eq 'OR')
994 and
995 ( $op =~ $self->{inequality_op} or $op =~ $self->{not_like_op} )
996 ) {
997 my $o = uc($op);
998 belch "A multi-element arrayref as an argument to the inequality op '$o' "
999 . 'is technically equivalent to an always-true 1=1 (you probably wanted '
1000 . "to say ...{ \$inequality_op => [ -and => \@values ] }... instead)"
1001 ;
1002 }
1003
ce261791 1004 # distribute $op over each remaining member of @vals, append logic if exists
1005 return $self->_recurse_where([map { {$k => {$op, $_}} } @vals], $logic);
4030915f 1006
9d48860e 1007 }
96449e8e 1008 else {
9d48860e 1009 # try to DWIM on equality operators
3cdadcbe 1010 return
1011 $op =~ $self->{equality_op} ? $self->{sqlfalse}
1012 : $op =~ $self->{like_op} ? belch("Supplying an empty arrayref to '@{[ uc $op]}' is deprecated") && $self->{sqlfalse}
1013 : $op =~ $self->{inequality_op} ? $self->{sqltrue}
1014 : $op =~ $self->{not_like_op} ? belch("Supplying an empty arrayref to '@{[ uc $op]}' is deprecated") && $self->{sqltrue}
1015 : puke "operator '$op' applied on an empty array (field '$k')";
96449e8e 1016 }
1017}
1018
1019
1020sub _where_hashpair_SCALARREF {
1021 my ($self, $k, $v) = @_;
1022 $self->_debug("SCALAR($k) means literal SQL: $$v");
1023 my $sql = $self->_quote($k) . " " . $$v;
1024 return ($sql);
1025}
1026
fe3ae272 1027# literal SQL with bind
96449e8e 1028sub _where_hashpair_ARRAYREFREF {
1029 my ($self, $k, $v) = @_;
1030 $self->_debug("REF($k) means literal SQL: @${$v}");
c94a6c93 1031 my ($sql, @bind) = @$$v;
fe3ae272 1032 $self->_assert_bindval_matches_bindtype(@bind);
96449e8e 1033 $sql = $self->_quote($k) . " " . $sql;
96449e8e 1034 return ($sql, @bind );
1035}
1036
fe3ae272 1037# literal SQL without bind
96449e8e 1038sub _where_hashpair_SCALAR {
1039 my ($self, $k, $v) = @_;
1040 $self->_debug("NOREF($k) means simple key=val: $k $self->{cmp} $v");
9d48860e 1041 my $sql = join ' ', $self->_convert($self->_quote($k)),
1042 $self->_sqlcase($self->{cmp}),
96449e8e 1043 $self->_convert('?');
1044 my @bind = $self->_bindtype($k, $v);
1045 return ( $sql, @bind);
1046}
1047
1048
1049sub _where_hashpair_UNDEF {
1050 my ($self, $k, $v) = @_;
1051 $self->_debug("UNDEF($k) means IS NULL");
1052 my $sql = $self->_quote($k) . $self->_sqlcase(' is null');
1053 return ($sql);
1054}
1055
1056#======================================================================
1057# WHERE: TOP-LEVEL OTHERS (SCALARREF, SCALAR, UNDEF)
1058#======================================================================
1059
1060
1061sub _where_SCALARREF {
1062 my ($self, $where) = @_;
1063
1064 # literal sql
1065 $self->_debug("SCALAR(*top) means literal SQL: $$where");
1066 return ($$where);
1067}
1068
1069
1070sub _where_SCALAR {
1071 my ($self, $where) = @_;
1072
1073 # literal sql
1074 $self->_debug("NOREF(*top) means literal SQL: $where");
1075 return ($where);
1076}
1077
1078
1079sub _where_UNDEF {
1080 my ($self) = @_;
1081 return ();
1082}
1083
1084
1085#======================================================================
1086# WHERE: BUILTIN SPECIAL OPERATORS (-in, -between)
1087#======================================================================
1088
1089
1090sub _where_field_BETWEEN {
1091 my ($self, $k, $op, $vals) = @_;
1092
4d8b3dc4 1093 my ($label, $and, $placeholder);
cf02fc47 1094 $label = $self->_convert($self->_quote($k));
1095 $and = ' ' . $self->_sqlcase('and') . ' ';
1096 $placeholder = $self->_convert('?');
96449e8e 1097 $op = $self->_sqlcase($op);
1098
7f54040f 1099 my $invalid_args = "Operator '$op' requires either an arrayref with two defined values or expressions, or a single literal scalarref/arrayref-ref";
1100
4d8b3dc4 1101 my ($clause, @bind) = $self->_SWITCH_refkind($vals, {
1102 ARRAYREFREF => sub {
c94a6c93 1103 my ($s, @b) = @$$vals;
1104 $self->_assert_bindval_matches_bindtype(@b);
1105 ($s, @b);
4d8b3dc4 1106 },
1107 SCALARREF => sub {
1108 return $$vals;
1109 },
1110 ARRAYREF => sub {
7f54040f 1111 puke $invalid_args if @$vals != 2;
4d8b3dc4 1112
1113 my (@all_sql, @all_bind);
1114 foreach my $val (@$vals) {
1115 my ($sql, @bind) = $self->_SWITCH_refkind($val, {
1116 SCALAR => sub {
5e5cbf51 1117 return ($placeholder, $self->_bindtype($k, $val) );
4d8b3dc4 1118 },
1119 SCALARREF => sub {
0336eddb 1120 return $$val;
4d8b3dc4 1121 },
1122 ARRAYREFREF => sub {
1123 my ($sql, @bind) = @$$val;
c94a6c93 1124 $self->_assert_bindval_matches_bindtype(@bind);
0336eddb 1125 return ($sql, @bind);
4d8b3dc4 1126 },
0336eddb 1127 HASHREF => sub {
1128 my ($func, $arg, @rest) = %$val;
1129 puke ("Only simple { -func => arg } functions accepted as sub-arguments to BETWEEN")
1130 if (@rest or $func !~ /^ \- (.+)/x);
1131 local $self->{_nested_func_lhs} = $k;
0ec3aec7 1132 $self->_where_unary_op ($1 => $arg);
7f54040f 1133 },
1134 FALLBACK => sub {
1135 puke $invalid_args,
1136 },
4d8b3dc4 1137 });
1138 push @all_sql, $sql;
1139 push @all_bind, @bind;
1140 }
1141
1142 return (
1143 (join $and, @all_sql),
5e5cbf51 1144 @all_bind
4d8b3dc4 1145 );
1146 },
1147 FALLBACK => sub {
7f54040f 1148 puke $invalid_args,
4d8b3dc4 1149 },
1150 });
cf02fc47 1151
cf02fc47 1152 my $sql = "( $label $op $clause )";
96449e8e 1153 return ($sql, @bind)
1154}
1155
1156
1157sub _where_field_IN {
1158 my ($self, $k, $op, $vals) = @_;
1159
1160 # backwards compatibility : if scalar, force into an arrayref
1161 $vals = [$vals] if defined $vals && ! ref $vals;
1162
96449e8e 1163 my ($label) = $self->_convert($self->_quote($k));
1164 my ($placeholder) = $self->_convert('?');
96449e8e 1165 $op = $self->_sqlcase($op);
1166
8a0d798a 1167 my ($sql, @bind) = $self->_SWITCH_refkind($vals, {
1168 ARRAYREF => sub { # list of choices
1169 if (@$vals) { # nonempty list
0336eddb 1170 my (@all_sql, @all_bind);
1171
1172 for my $val (@$vals) {
1173 my ($sql, @bind) = $self->_SWITCH_refkind($val, {
1174 SCALAR => sub {
1175 return ($placeholder, $val);
1176 },
1177 SCALARREF => sub {
1178 return $$val;
1179 },
1180 ARRAYREFREF => sub {
1181 my ($sql, @bind) = @$$val;
1182 $self->_assert_bindval_matches_bindtype(@bind);
1183 return ($sql, @bind);
1184 },
1185 HASHREF => sub {
1186 my ($func, $arg, @rest) = %$val;
1187 puke ("Only simple { -func => arg } functions accepted as sub-arguments to IN")
1188 if (@rest or $func !~ /^ \- (.+)/x);
1189 local $self->{_nested_func_lhs} = $k;
0ec3aec7 1190 $self->_where_unary_op ($1 => $arg);
279eb282 1191 },
1192 UNDEF => sub {
032dfe20 1193 puke(
1194 'SQL::Abstract before v1.75 used to generate incorrect SQL when the '
1195 . "-$op operator was given an undef-containing list: !!!AUDIT YOUR CODE "
1196 . 'AND DATA!!! (the upcoming Data::Query-based version of SQL::Abstract '
1197 . 'will emit the logically correct SQL instead of raising this exception)'
1198 );
279eb282 1199 },
0336eddb 1200 });
1201 push @all_sql, $sql;
1202 push @all_bind, @bind;
1203 }
96449e8e 1204
88a89939 1205 return (
1206 sprintf ('%s %s ( %s )',
1207 $label,
1208 $op,
1209 join (', ', @all_sql)
1210 ),
1211 $self->_bindtype($k, @all_bind),
0336eddb 1212 );
8a0d798a 1213 }
1214 else { # empty list : some databases won't understand "IN ()", so DWIM
1215 my $sql = ($op =~ /\bnot\b/i) ? $self->{sqltrue} : $self->{sqlfalse};
1216 return ($sql);
1217 }
1218 },
1219
4a1f01a3 1220 SCALARREF => sub { # literal SQL
1221 my $sql = $self->_open_outer_paren ($$vals);
1222 return ("$label $op ( $sql )");
1223 },
8a0d798a 1224 ARRAYREFREF => sub { # literal SQL with bind
1225 my ($sql, @bind) = @$$vals;
fe3ae272 1226 $self->_assert_bindval_matches_bindtype(@bind);
4a1f01a3 1227 $sql = $self->_open_outer_paren ($sql);
8a0d798a 1228 return ("$label $op ( $sql )", @bind);
1229 },
1230
ff8ca6b4 1231 UNDEF => sub {
1232 puke "Argument passed to the '$op' operator can not be undefined";
1233 },
1234
8a0d798a 1235 FALLBACK => sub {
ff8ca6b4 1236 puke "special op $op requires an arrayref (or scalarref/arrayref-ref)";
8a0d798a 1237 },
1238 });
1239
1240 return ($sql, @bind);
96449e8e 1241}
1242
4a1f01a3 1243# Some databases (SQLite) treat col IN (1, 2) different from
1244# col IN ( (1, 2) ). Use this to strip all outer parens while
1245# adding them back in the corresponding method
1246sub _open_outer_paren {
1247 my ($self, $sql) = @_;
171a709f 1248 $sql = $1 while $sql =~ /^ \s* \( (.*) \) \s* $/xs;
4a1f01a3 1249 return $sql;
1250}
1251
96449e8e 1252
96449e8e 1253#======================================================================
1254# ORDER BY
1255#======================================================================
1256
1257sub _order_by {
1258 my ($self, $arg) = @_;
1259
f267b646 1260 my (@sql, @bind);
1261 for my $c ($self->_order_by_chunks ($arg) ) {
1262 $self->_SWITCH_refkind ($c, {
1263 SCALAR => sub { push @sql, $c },
1264 ARRAYREF => sub { push @sql, shift @$c; push @bind, @$c },
1265 });
1266 }
1267
1268 my $sql = @sql
1269 ? sprintf ('%s %s',
1270 $self->_sqlcase(' order by'),
1271 join (', ', @sql)
1272 )
1273 : ''
1274 ;
1275
1276 return wantarray ? ($sql, @bind) : $sql;
1277}
1278
1279sub _order_by_chunks {
1280 my ($self, $arg) = @_;
1281
1282 return $self->_SWITCH_refkind($arg, {
96449e8e 1283
1284 ARRAYREF => sub {
f267b646 1285 map { $self->_order_by_chunks ($_ ) } @$arg;
96449e8e 1286 },
1287
c94a6c93 1288 ARRAYREFREF => sub {
1289 my ($s, @b) = @$$arg;
1290 $self->_assert_bindval_matches_bindtype(@b);
1291 [ $s, @b ];
1292 },
f267b646 1293
96449e8e 1294 SCALAR => sub {$self->_quote($arg)},
f267b646 1295
1296 UNDEF => sub {return () },
1297
96449e8e 1298 SCALARREF => sub {$$arg}, # literal SQL, no quoting
96449e8e 1299
f267b646 1300 HASHREF => sub {
5e436130 1301 # get first pair in hash
1302 my ($key, $val, @rest) = %$arg;
1303
1304 return () unless $key;
1305
1306 if ( @rest or not $key =~ /^-(desc|asc)/i ) {
1307 puke "hash passed to _order_by must have exactly one key (-desc or -asc)";
f267b646 1308 }
5e436130 1309
1310 my $direction = $1;
96449e8e 1311
e9bd3547 1312 my @ret;
f267b646 1313 for my $c ($self->_order_by_chunks ($val)) {
e9bd3547 1314 my ($sql, @bind);
96449e8e 1315
f267b646 1316 $self->_SWITCH_refkind ($c, {
1317 SCALAR => sub {
e9bd3547 1318 $sql = $c;
f267b646 1319 },
1320 ARRAYREF => sub {
e9bd3547 1321 ($sql, @bind) = @$c;
f267b646 1322 },
1323 });
96449e8e 1324
5e436130 1325 $sql = $sql . ' ' . $self->_sqlcase($direction);
96449e8e 1326
e9bd3547 1327 push @ret, [ $sql, @bind];
1328 }
96449e8e 1329
e9bd3547 1330 return @ret;
f267b646 1331 },
1332 });
96449e8e 1333}
1334
1335
96449e8e 1336#======================================================================
1337# DATASOURCE (FOR NOW, JUST PLAIN TABLE OR LIST OF TABLES)
1338#======================================================================
1339
1340sub _table {
1341 my $self = shift;
1342 my $from = shift;
1343 $self->_SWITCH_refkind($from, {
1344 ARRAYREF => sub {join ', ', map { $self->_quote($_) } @$from;},
1345 SCALAR => sub {$self->_quote($from)},
1346 SCALARREF => sub {$$from},
96449e8e 1347 });
1348}
1349
1350
1351#======================================================================
1352# UTILITY FUNCTIONS
1353#======================================================================
1354
955e77ca 1355# highly optimized, as it's called way too often
96449e8e 1356sub _quote {
955e77ca 1357 # my ($self, $label) = @_;
96449e8e 1358
955e77ca 1359 return '' unless defined $_[1];
955e77ca 1360 return ${$_[1]} if ref($_[1]) eq 'SCALAR';
96449e8e 1361
b6251592 1362 unless ($_[0]->{quote_char}) {
170e6c33 1363 $_[0]->_assert_pass_injection_guard($_[1]);
b6251592 1364 return $_[1];
1365 }
96449e8e 1366
07d7c35c 1367 my $qref = ref $_[0]->{quote_char};
955e77ca 1368 my ($l, $r);
07d7c35c 1369 if (!$qref) {
1370 ($l, $r) = ( $_[0]->{quote_char}, $_[0]->{quote_char} );
955e77ca 1371 }
07d7c35c 1372 elsif ($qref eq 'ARRAY') {
1373 ($l, $r) = @{$_[0]->{quote_char}};
955e77ca 1374 }
1375 else {
1376 puke "Unsupported quote_char format: $_[0]->{quote_char}";
1377 }
46be4313 1378 my $esc = $_[0]->{escape_char} || $r;
96449e8e 1379
07d7c35c 1380 # parts containing * are naturally unquoted
1381 return join( $_[0]->{name_sep}||'', map
46be4313 1382 { $_ eq '*' ? $_ : do { (my $n = $_) =~ s/(\Q$esc\E|\Q$r\E)/$esc$1/g; $l . $n . $r } }
955e77ca 1383 ( $_[0]->{name_sep} ? split (/\Q$_[0]->{name_sep}\E/, $_[1] ) : $_[1] )
1384 );
96449e8e 1385}
1386
1387
1388# Conversion, if applicable
1389sub _convert ($) {
07d7c35c 1390 #my ($self, $arg) = @_;
07d7c35c 1391 if ($_[0]->{convert}) {
1392 return $_[0]->_sqlcase($_[0]->{convert}) .'(' . $_[1] . ')';
96449e8e 1393 }
07d7c35c 1394 return $_[1];
96449e8e 1395}
1396
1397# And bindtype
1398sub _bindtype (@) {
07d7c35c 1399 #my ($self, $col, @vals) = @_;
07d7c35c 1400 # called often - tighten code
1401 return $_[0]->{bindtype} eq 'columns'
1402 ? map {[$_[1], $_]} @_[2 .. $#_]
1403 : @_[2 .. $#_]
1404 ;
96449e8e 1405}
1406
fe3ae272 1407# Dies if any element of @bind is not in [colname => value] format
1408# if bindtype is 'columns'.
1409sub _assert_bindval_matches_bindtype {
c94a6c93 1410# my ($self, @bind) = @_;
1411 my $self = shift;
fe3ae272 1412 if ($self->{bindtype} eq 'columns') {
c94a6c93 1413 for (@_) {
1414 if (!defined $_ || ref($_) ne 'ARRAY' || @$_ != 2) {
3a06278c 1415 puke "bindtype 'columns' selected, you need to pass: [column_name => bind_value]"
fe3ae272 1416 }
1417 }
1418 }
1419}
1420
96449e8e 1421sub _join_sql_clauses {
1422 my ($self, $logic, $clauses_aref, $bind_aref) = @_;
1423
1424 if (@$clauses_aref > 1) {
1425 my $join = " " . $self->_sqlcase($logic) . " ";
1426 my $sql = '( ' . join($join, @$clauses_aref) . ' )';
1427 return ($sql, @$bind_aref);
1428 }
1429 elsif (@$clauses_aref) {
1430 return ($clauses_aref->[0], @$bind_aref); # no parentheses
1431 }
1432 else {
1433 return (); # if no SQL, ignore @$bind_aref
1434 }
1435}
1436
1437
1438# Fix SQL case, if so requested
1439sub _sqlcase {
96449e8e 1440 # LDNOTE: if $self->{case} is true, then it contains 'lower', so we
1441 # don't touch the argument ... crooked logic, but let's not change it!
07d7c35c 1442 return $_[0]->{case} ? $_[1] : uc($_[1]);
96449e8e 1443}
1444
1445
1446#======================================================================
1447# DISPATCHING FROM REFKIND
1448#======================================================================
1449
1450sub _refkind {
1451 my ($self, $data) = @_;
96449e8e 1452
955e77ca 1453 return 'UNDEF' unless defined $data;
1454
1455 # blessed objects are treated like scalars
1456 my $ref = (Scalar::Util::blessed $data) ? '' : ref $data;
1457
1458 return 'SCALAR' unless $ref;
1459
1460 my $n_steps = 1;
1461 while ($ref eq 'REF') {
96449e8e 1462 $data = $$data;
955e77ca 1463 $ref = (Scalar::Util::blessed $data) ? '' : ref $data;
1464 $n_steps++ if $ref;
96449e8e 1465 }
1466
848556bc 1467 return ($ref||'SCALAR') . ('REF' x $n_steps);
96449e8e 1468}
1469
1470sub _try_refkind {
1471 my ($self, $data) = @_;
1472 my @try = ($self->_refkind($data));
1473 push @try, 'SCALAR_or_UNDEF' if $try[0] eq 'SCALAR' || $try[0] eq 'UNDEF';
1474 push @try, 'FALLBACK';
955e77ca 1475 return \@try;
96449e8e 1476}
1477
1478sub _METHOD_FOR_refkind {
1479 my ($self, $meth_prefix, $data) = @_;
f39eaa60 1480
1481 my $method;
955e77ca 1482 for (@{$self->_try_refkind($data)}) {
f39eaa60 1483 $method = $self->can($meth_prefix."_".$_)
1484 and last;
1485 }
1486
1487 return $method || puke "cannot dispatch on '$meth_prefix' for ".$self->_refkind($data);
96449e8e 1488}
1489
1490
1491sub _SWITCH_refkind {
1492 my ($self, $data, $dispatch_table) = @_;
1493
f39eaa60 1494 my $coderef;
955e77ca 1495 for (@{$self->_try_refkind($data)}) {
f39eaa60 1496 $coderef = $dispatch_table->{$_}
1497 and last;
1498 }
1499
1500 puke "no dispatch entry for ".$self->_refkind($data)
1501 unless $coderef;
1502
96449e8e 1503 $coderef->();
1504}
1505
1506
1507
1508
1509#======================================================================
1510# VALUES, GENERATE, AUTOLOAD
1511#======================================================================
1512
1513# LDNOTE: original code from nwiger, didn't touch code in that section
1514# I feel the AUTOLOAD stuff should not be the default, it should
1515# only be activated on explicit demand by user.
1516
1517sub values {
1518 my $self = shift;
1519 my $data = shift || return;
1520 puke "Argument to ", __PACKAGE__, "->values must be a \\%hash"
1521 unless ref $data eq 'HASH';
bab725ce 1522
1523 my @all_bind;
1524 foreach my $k ( sort keys %$data ) {
1525 my $v = $data->{$k};
1526 $self->_SWITCH_refkind($v, {
9d48860e 1527 ARRAYREF => sub {
bab725ce 1528 if ($self->{array_datatypes}) { # array datatype
1529 push @all_bind, $self->_bindtype($k, $v);
1530 }
1531 else { # literal SQL with bind
1532 my ($sql, @bind) = @$v;
1533 $self->_assert_bindval_matches_bindtype(@bind);
1534 push @all_bind, @bind;
1535 }
1536 },
1537 ARRAYREFREF => sub { # literal SQL with bind
1538 my ($sql, @bind) = @${$v};
1539 $self->_assert_bindval_matches_bindtype(@bind);
1540 push @all_bind, @bind;
1541 },
1542 SCALARREF => sub { # literal SQL without bind
1543 },
1544 SCALAR_or_UNDEF => sub {
1545 push @all_bind, $self->_bindtype($k, $v);
1546 },
1547 });
1548 }
1549
1550 return @all_bind;
96449e8e 1551}
1552
1553sub generate {
1554 my $self = shift;
1555
1556 my(@sql, @sqlq, @sqlv);
1557
1558 for (@_) {
1559 my $ref = ref $_;
1560 if ($ref eq 'HASH') {
1561 for my $k (sort keys %$_) {
1562 my $v = $_->{$k};
1563 my $r = ref $v;
1564 my $label = $self->_quote($k);
1565 if ($r eq 'ARRAY') {
fe3ae272 1566 # literal SQL with bind
1567 my ($sql, @bind) = @$v;
1568 $self->_assert_bindval_matches_bindtype(@bind);
96449e8e 1569 push @sqlq, "$label = $sql";
fe3ae272 1570 push @sqlv, @bind;
96449e8e 1571 } elsif ($r eq 'SCALAR') {
fe3ae272 1572 # literal SQL without bind
96449e8e 1573 push @sqlq, "$label = $$v";
9d48860e 1574 } else {
96449e8e 1575 push @sqlq, "$label = ?";
1576 push @sqlv, $self->_bindtype($k, $v);
1577 }
1578 }
1579 push @sql, $self->_sqlcase('set'), join ', ', @sqlq;
1580 } elsif ($ref eq 'ARRAY') {
1581 # unlike insert(), assume these are ONLY the column names, i.e. for SQL
1582 for my $v (@$_) {
1583 my $r = ref $v;
fe3ae272 1584 if ($r eq 'ARRAY') { # literal SQL with bind
1585 my ($sql, @bind) = @$v;
1586 $self->_assert_bindval_matches_bindtype(@bind);
1587 push @sqlq, $sql;
1588 push @sqlv, @bind;
1589 } elsif ($r eq 'SCALAR') { # literal SQL without bind
96449e8e 1590 # embedded literal SQL
1591 push @sqlq, $$v;
9d48860e 1592 } else {
96449e8e 1593 push @sqlq, '?';
1594 push @sqlv, $v;
1595 }
1596 }
1597 push @sql, '(' . join(', ', @sqlq) . ')';
1598 } elsif ($ref eq 'SCALAR') {
1599 # literal SQL
1600 push @sql, $$_;
1601 } else {
1602 # strings get case twiddled
1603 push @sql, $self->_sqlcase($_);
1604 }
1605 }
1606
1607 my $sql = join ' ', @sql;
1608
1609 # this is pretty tricky
1610 # if ask for an array, return ($stmt, @bind)
1611 # otherwise, s/?/shift @sqlv/ to put it inline
1612 if (wantarray) {
1613 return ($sql, @sqlv);
1614 } else {
1615 1 while $sql =~ s/\?/my $d = shift(@sqlv);
1616 ref $d ? $d->[1] : $d/e;
1617 return $sql;
1618 }
1619}
1620
1621
1622sub DESTROY { 1 }
1623
1624sub AUTOLOAD {
1625 # This allows us to check for a local, then _form, attr
1626 my $self = shift;
1627 my($name) = $AUTOLOAD =~ /.*::(.+)/;
1628 return $self->generate($name, @_);
1629}
1630
16311;
1632
1633
1634
1635__END__
32eab2da 1636
1637=head1 NAME
1638
1639SQL::Abstract - Generate SQL from Perl data structures
1640
1641=head1 SYNOPSIS
1642
1643 use SQL::Abstract;
1644
1645 my $sql = SQL::Abstract->new;
1646
521647e7 1647 my($stmt, @bind) = $sql->select($source, \@fields, \%where, \@order);
32eab2da 1648
1649 my($stmt, @bind) = $sql->insert($table, \%fieldvals || \@values);
1650
1651 my($stmt, @bind) = $sql->update($table, \%fieldvals, \%where);
1652
1653 my($stmt, @bind) = $sql->delete($table, \%where);
1654
1655 # Then, use these in your DBI statements
1656 my $sth = $dbh->prepare($stmt);
1657 $sth->execute(@bind);
1658
1659 # Just generate the WHERE clause
abe72f94 1660 my($stmt, @bind) = $sql->where(\%where, \@order);
32eab2da 1661
1662 # Return values in the same order, for hashed queries
1663 # See PERFORMANCE section for more details
1664 my @bind = $sql->values(\%fieldvals);
1665
1666=head1 DESCRIPTION
1667
1668This module was inspired by the excellent L<DBIx::Abstract>.
1669However, in using that module I found that what I really wanted
1670to do was generate SQL, but still retain complete control over my
1671statement handles and use the DBI interface. So, I set out to
1672create an abstract SQL generation module.
1673
1674While based on the concepts used by L<DBIx::Abstract>, there are
1675several important differences, especially when it comes to WHERE
1676clauses. I have modified the concepts used to make the SQL easier
1677to generate from Perl data structures and, IMO, more intuitive.
1678The underlying idea is for this module to do what you mean, based
1679on the data structures you provide it. The big advantage is that
1680you don't have to modify your code every time your data changes,
1681as this module figures it out.
1682
1683To begin with, an SQL INSERT is as easy as just specifying a hash
1684of C<key=value> pairs:
1685
1686 my %data = (
1687 name => 'Jimbo Bobson',
1688 phone => '123-456-7890',
1689 address => '42 Sister Lane',
1690 city => 'St. Louis',
1691 state => 'Louisiana',
1692 );
1693
1694The SQL can then be generated with this:
1695
1696 my($stmt, @bind) = $sql->insert('people', \%data);
1697
1698Which would give you something like this:
1699
1700 $stmt = "INSERT INTO people
1701 (address, city, name, phone, state)
1702 VALUES (?, ?, ?, ?, ?)";
1703 @bind = ('42 Sister Lane', 'St. Louis', 'Jimbo Bobson',
1704 '123-456-7890', 'Louisiana');
1705
1706These are then used directly in your DBI code:
1707
1708 my $sth = $dbh->prepare($stmt);
1709 $sth->execute(@bind);
1710
96449e8e 1711=head2 Inserting and Updating Arrays
1712
1713If your database has array types (like for example Postgres),
1714activate the special option C<< array_datatypes => 1 >>
9d48860e 1715when creating the C<SQL::Abstract> object.
96449e8e 1716Then you may use an arrayref to insert and update database array types:
1717
1718 my $sql = SQL::Abstract->new(array_datatypes => 1);
1719 my %data = (
1720 planets => [qw/Mercury Venus Earth Mars/]
1721 );
9d48860e 1722
96449e8e 1723 my($stmt, @bind) = $sql->insert('solar_system', \%data);
1724
1725This results in:
1726
1727 $stmt = "INSERT INTO solar_system (planets) VALUES (?)"
1728
1729 @bind = (['Mercury', 'Venus', 'Earth', 'Mars']);
1730
1731
1732=head2 Inserting and Updating SQL
1733
1734In order to apply SQL functions to elements of your C<%data> you may
1735specify a reference to an arrayref for the given hash value. For example,
1736if you need to execute the Oracle C<to_date> function on a value, you can
1737say something like this:
32eab2da 1738
1739 my %data = (
1740 name => 'Bill',
3ae1c5e2 1741 date_entered => \[ "to_date(?,'MM/DD/YYYY')", "03/02/2003" ],
9d48860e 1742 );
32eab2da 1743
1744The first value in the array is the actual SQL. Any other values are
1745optional and would be included in the bind values array. This gives
1746you:
1747
1748 my($stmt, @bind) = $sql->insert('people', \%data);
1749
9d48860e 1750 $stmt = "INSERT INTO people (name, date_entered)
32eab2da 1751 VALUES (?, to_date(?,'MM/DD/YYYY'))";
1752 @bind = ('Bill', '03/02/2003');
1753
1754An UPDATE is just as easy, all you change is the name of the function:
1755
1756 my($stmt, @bind) = $sql->update('people', \%data);
1757
1758Notice that your C<%data> isn't touched; the module will generate
1759the appropriately quirky SQL for you automatically. Usually you'll
1760want to specify a WHERE clause for your UPDATE, though, which is
1761where handling C<%where> hashes comes in handy...
1762
96449e8e 1763=head2 Complex where statements
1764
32eab2da 1765This module can generate pretty complicated WHERE statements
1766easily. For example, simple C<key=value> pairs are taken to mean
1767equality, and if you want to see if a field is within a set
1768of values, you can use an arrayref. Let's say we wanted to
1769SELECT some data based on this criteria:
1770
1771 my %where = (
1772 requestor => 'inna',
1773 worker => ['nwiger', 'rcwe', 'sfz'],
1774 status => { '!=', 'completed' }
1775 );
1776
1777 my($stmt, @bind) = $sql->select('tickets', '*', \%where);
1778
1779The above would give you something like this:
1780
1781 $stmt = "SELECT * FROM tickets WHERE
1782 ( requestor = ? ) AND ( status != ? )
1783 AND ( worker = ? OR worker = ? OR worker = ? )";
1784 @bind = ('inna', 'completed', 'nwiger', 'rcwe', 'sfz');
1785
1786Which you could then use in DBI code like so:
1787
1788 my $sth = $dbh->prepare($stmt);
1789 $sth->execute(@bind);
1790
1791Easy, eh?
1792
0da0fe34 1793=head1 METHODS
32eab2da 1794
13cc86af 1795The methods are simple. There's one for every major SQL operation,
32eab2da 1796and a constructor you use first. The arguments are specified in a
13cc86af 1797similar order for each method (table, then fields, then a where
32eab2da 1798clause) to try and simplify things.
1799
32eab2da 1800=head2 new(option => 'value')
1801
1802The C<new()> function takes a list of options and values, and returns
1803a new B<SQL::Abstract> object which can then be used to generate SQL
1804through the methods below. The options accepted are:
1805
1806=over
1807
1808=item case
1809
1810If set to 'lower', then SQL will be generated in all lowercase. By
1811default SQL is generated in "textbook" case meaning something like:
1812
1813 SELECT a_field FROM a_table WHERE some_field LIKE '%someval%'
1814
96449e8e 1815Any setting other than 'lower' is ignored.
1816
32eab2da 1817=item cmp
1818
1819This determines what the default comparison operator is. By default
1820it is C<=>, meaning that a hash like this:
1821
1822 %where = (name => 'nwiger', email => 'nate@wiger.org');
1823
1824Will generate SQL like this:
1825
1826 WHERE name = 'nwiger' AND email = 'nate@wiger.org'
1827
1828However, you may want loose comparisons by default, so if you set
1829C<cmp> to C<like> you would get SQL such as:
1830
1831 WHERE name like 'nwiger' AND email like 'nate@wiger.org'
1832
3af02ccb 1833You can also override the comparison on an individual basis - see
32eab2da 1834the huge section on L</"WHERE CLAUSES"> at the bottom.
1835
96449e8e 1836=item sqltrue, sqlfalse
1837
1838Expressions for inserting boolean values within SQL statements.
6e0c6552 1839By default these are C<1=1> and C<1=0>. They are used
1840by the special operators C<-in> and C<-not_in> for generating
1841correct SQL even when the argument is an empty array (see below).
96449e8e 1842
32eab2da 1843=item logic
1844
1845This determines the default logical operator for multiple WHERE
7cac25e6 1846statements in arrays or hashes. If absent, the default logic is "or"
1847for arrays, and "and" for hashes. This means that a WHERE
32eab2da 1848array of the form:
1849
1850 @where = (
9d48860e 1851 event_date => {'>=', '2/13/99'},
1852 event_date => {'<=', '4/24/03'},
32eab2da 1853 );
1854
7cac25e6 1855will generate SQL like this:
32eab2da 1856
1857 WHERE event_date >= '2/13/99' OR event_date <= '4/24/03'
1858
1859This is probably not what you want given this query, though (look
1860at the dates). To change the "OR" to an "AND", simply specify:
1861
1862 my $sql = SQL::Abstract->new(logic => 'and');
1863
1864Which will change the above C<WHERE> to:
1865
1866 WHERE event_date >= '2/13/99' AND event_date <= '4/24/03'
1867
96449e8e 1868The logic can also be changed locally by inserting
7cac25e6 1869a modifier in front of an arrayref :
96449e8e 1870
9d48860e 1871 @where = (-and => [event_date => {'>=', '2/13/99'},
7cac25e6 1872 event_date => {'<=', '4/24/03'} ]);
96449e8e 1873
1874See the L</"WHERE CLAUSES"> section for explanations.
1875
32eab2da 1876=item convert
1877
1878This will automatically convert comparisons using the specified SQL
1879function for both column and value. This is mostly used with an argument
1880of C<upper> or C<lower>, so that the SQL will have the effect of
1881case-insensitive "searches". For example, this:
1882
1883 $sql = SQL::Abstract->new(convert => 'upper');
1884 %where = (keywords => 'MaKe iT CAse inSeNSItive');
1885
1886Will turn out the following SQL:
1887
1888 WHERE upper(keywords) like upper('MaKe iT CAse inSeNSItive')
1889
1890The conversion can be C<upper()>, C<lower()>, or any other SQL function
1891that can be applied symmetrically to fields (actually B<SQL::Abstract> does
1892not validate this option; it will just pass through what you specify verbatim).
1893
1894=item bindtype
1895
1896This is a kludge because many databases suck. For example, you can't
1897just bind values using DBI's C<execute()> for Oracle C<CLOB> or C<BLOB> fields.
1898Instead, you have to use C<bind_param()>:
1899
1900 $sth->bind_param(1, 'reg data');
1901 $sth->bind_param(2, $lots, {ora_type => ORA_CLOB});
1902
1903The problem is, B<SQL::Abstract> will normally just return a C<@bind> array,
1904which loses track of which field each slot refers to. Fear not.
1905
1906If you specify C<bindtype> in new, you can determine how C<@bind> is returned.
1907Currently, you can specify either C<normal> (default) or C<columns>. If you
1908specify C<columns>, you will get an array that looks like this:
1909
1910 my $sql = SQL::Abstract->new(bindtype => 'columns');
1911 my($stmt, @bind) = $sql->insert(...);
1912
1913 @bind = (
1914 [ 'column1', 'value1' ],
1915 [ 'column2', 'value2' ],
1916 [ 'column3', 'value3' ],
1917 );
1918
1919You can then iterate through this manually, using DBI's C<bind_param()>.
e3f9dff4 1920
32eab2da 1921 $sth->prepare($stmt);
1922 my $i = 1;
1923 for (@bind) {
1924 my($col, $data) = @$_;
1925 if ($col eq 'details' || $col eq 'comments') {
1926 $sth->bind_param($i, $data, {ora_type => ORA_CLOB});
1927 } elsif ($col eq 'image') {
1928 $sth->bind_param($i, $data, {ora_type => ORA_BLOB});
1929 } else {
1930 $sth->bind_param($i, $data);
1931 }
1932 $i++;
1933 }
1934 $sth->execute; # execute without @bind now
1935
1936Now, why would you still use B<SQL::Abstract> if you have to do this crap?
1937Basically, the advantage is still that you don't have to care which fields
1938are or are not included. You could wrap that above C<for> loop in a simple
1939sub called C<bind_fields()> or something and reuse it repeatedly. You still
1940get a layer of abstraction over manual SQL specification.
1941
3ae1c5e2 1942Note that if you set L</bindtype> to C<columns>, the C<\[ $sql, @bind ]>
deb148a2 1943construct (see L</Literal SQL with placeholders and bind values (subqueries)>)
1944will expect the bind values in this format.
1945
32eab2da 1946=item quote_char
1947
1948This is the character that a table or column name will be quoted
9d48860e 1949with. By default this is an empty string, but you could set it to
32eab2da 1950the character C<`>, to generate SQL like this:
1951
1952 SELECT `a_field` FROM `a_table` WHERE `some_field` LIKE '%someval%'
1953
96449e8e 1954Alternatively, you can supply an array ref of two items, the first being the left
1955hand quote character, and the second the right hand quote character. For
1956example, you could supply C<['[',']']> for SQL Server 2000 compliant quotes
1957that generates SQL like this:
1958
1959 SELECT [a_field] FROM [a_table] WHERE [some_field] LIKE '%someval%'
1960
9d48860e 1961Quoting is useful if you have tables or columns names that are reserved
96449e8e 1962words in your database's SQL dialect.
32eab2da 1963
46be4313 1964=item escape_char
1965
1966This is the character that will be used to escape L</quote_char>s appearing
1967in an identifier before it has been quoted.
1968
1969The paramter default in case of a single L</quote_char> character is the quote
1970character itself.
1971
1972When opening-closing-style quoting is used (L</quote_char> is an arrayref)
1973this parameter defaults to the B<closing (right)> L</quote_char>. Occurences
1974of the B<opening (left)> L</quote_char> within the identifier are currently left
1975untouched. The default for opening-closing-style quotes may change in future
1976versions, thus you are B<strongly encouraged> to specify the escape character
1977explicitly.
1978
32eab2da 1979=item name_sep
1980
1981This is the character that separates a table and column name. It is
1982necessary to specify this when the C<quote_char> option is selected,
1983so that tables and column names can be individually quoted like this:
1984
1985 SELECT `table`.`one_field` FROM `table` WHERE `table`.`other_field` = 1
1986
b6251592 1987=item injection_guard
1988
1989A regular expression C<qr/.../> that is applied to any C<-function> and unquoted
1990column name specified in a query structure. This is a safety mechanism to avoid
1991injection attacks when mishandling user input e.g.:
1992
1993 my %condition_as_column_value_pairs = get_values_from_user();
1994 $sqla->select( ... , \%condition_as_column_value_pairs );
1995
1996If the expression matches an exception is thrown. Note that literal SQL
1997supplied via C<\'...'> or C<\['...']> is B<not> checked in any way.
1998
1999Defaults to checking for C<;> and the C<GO> keyword (TransactSQL)
2000
96449e8e 2001=item array_datatypes
32eab2da 2002
9d48860e 2003When this option is true, arrayrefs in INSERT or UPDATE are
2004interpreted as array datatypes and are passed directly
96449e8e 2005to the DBI layer.
2006When this option is false, arrayrefs are interpreted
2007as literal SQL, just like refs to arrayrefs
2008(but this behavior is for backwards compatibility; when writing
2009new queries, use the "reference to arrayref" syntax
2010for literal SQL).
32eab2da 2011
32eab2da 2012
96449e8e 2013=item special_ops
32eab2da 2014
9d48860e 2015Takes a reference to a list of "special operators"
96449e8e 2016to extend the syntax understood by L<SQL::Abstract>.
2017See section L</"SPECIAL OPERATORS"> for details.
32eab2da 2018
59f23b3d 2019=item unary_ops
2020
9d48860e 2021Takes a reference to a list of "unary operators"
59f23b3d 2022to extend the syntax understood by L<SQL::Abstract>.
2023See section L</"UNARY OPERATORS"> for details.
2024
32eab2da 2025
32eab2da 2026
96449e8e 2027=back
32eab2da 2028
02288357 2029=head2 insert($table, \@values || \%fieldvals, \%options)
32eab2da 2030
2031This is the simplest function. You simply give it a table name
2032and either an arrayref of values or hashref of field/value pairs.
2033It returns an SQL INSERT statement and a list of bind values.
96449e8e 2034See the sections on L</"Inserting and Updating Arrays"> and
2035L</"Inserting and Updating SQL"> for information on how to insert
2036with those data types.
32eab2da 2037
02288357 2038The optional C<\%options> hash reference may contain additional
2039options to generate the insert SQL. Currently supported options
2040are:
2041
2042=over 4
2043
2044=item returning
2045
2046Takes either a scalar of raw SQL fields, or an array reference of
2047field names, and adds on an SQL C<RETURNING> statement at the end.
2048This allows you to return data generated by the insert statement
2049(such as row IDs) without performing another C<SELECT> statement.
2050Note, however, this is not part of the SQL standard and may not
2051be supported by all database engines.
2052
2053=back
2054
32eab2da 2055=head2 update($table, \%fieldvals, \%where)
2056
2057This takes a table, hashref of field/value pairs, and an optional
86298391 2058hashref L<WHERE clause|/WHERE CLAUSES>. It returns an SQL UPDATE function and a list
32eab2da 2059of bind values.
96449e8e 2060See the sections on L</"Inserting and Updating Arrays"> and
2061L</"Inserting and Updating SQL"> for information on how to insert
2062with those data types.
32eab2da 2063
96449e8e 2064=head2 select($source, $fields, $where, $order)
32eab2da 2065
9d48860e 2066This returns a SQL SELECT statement and associated list of bind values, as
96449e8e 2067specified by the arguments :
32eab2da 2068
96449e8e 2069=over
32eab2da 2070
96449e8e 2071=item $source
32eab2da 2072
9d48860e 2073Specification of the 'FROM' part of the statement.
96449e8e 2074The argument can be either a plain scalar (interpreted as a table
2075name, will be quoted), or an arrayref (interpreted as a list
2076of table names, joined by commas, quoted), or a scalarref
2077(literal table name, not quoted), or a ref to an arrayref
2078(list of literal table names, joined by commas, not quoted).
32eab2da 2079
96449e8e 2080=item $fields
32eab2da 2081
9d48860e 2082Specification of the list of fields to retrieve from
96449e8e 2083the source.
2084The argument can be either an arrayref (interpreted as a list
9d48860e 2085of field names, will be joined by commas and quoted), or a
96449e8e 2086plain scalar (literal SQL, not quoted).
521647e7 2087Please observe that this API is not as flexible as that of
2088the first argument C<$source>, for backwards compatibility reasons.
32eab2da 2089
96449e8e 2090=item $where
32eab2da 2091
96449e8e 2092Optional argument to specify the WHERE part of the query.
2093The argument is most often a hashref, but can also be
9d48860e 2094an arrayref or plain scalar --
96449e8e 2095see section L<WHERE clause|/"WHERE CLAUSES"> for details.
32eab2da 2096
96449e8e 2097=item $order
32eab2da 2098
96449e8e 2099Optional argument to specify the ORDER BY part of the query.
9d48860e 2100The argument can be a scalar, a hashref or an arrayref
96449e8e 2101-- see section L<ORDER BY clause|/"ORDER BY CLAUSES">
2102for details.
32eab2da 2103
96449e8e 2104=back
32eab2da 2105
32eab2da 2106
2107=head2 delete($table, \%where)
2108
86298391 2109This takes a table name and optional hashref L<WHERE clause|/WHERE CLAUSES>.
32eab2da 2110It returns an SQL DELETE statement and list of bind values.
2111
32eab2da 2112=head2 where(\%where, \@order)
2113
2114This is used to generate just the WHERE clause. For example,
2115if you have an arbitrary data structure and know what the
2116rest of your SQL is going to look like, but want an easy way
2117to produce a WHERE clause, use this. It returns an SQL WHERE
2118clause and list of bind values.
2119
32eab2da 2120
2121=head2 values(\%data)
2122
2123This just returns the values from the hash C<%data>, in the same
2124order that would be returned from any of the other above queries.
2125Using this allows you to markedly speed up your queries if you
2126are affecting lots of rows. See below under the L</"PERFORMANCE"> section.
2127
32eab2da 2128=head2 generate($any, 'number', $of, \@data, $struct, \%types)
2129
2130Warning: This is an experimental method and subject to change.
2131
2132This returns arbitrarily generated SQL. It's a really basic shortcut.
2133It will return two different things, depending on return context:
2134
2135 my($stmt, @bind) = $sql->generate('create table', \$table, \@fields);
2136 my $stmt_and_val = $sql->generate('create table', \$table, \@fields);
2137
2138These would return the following:
2139
2140 # First calling form
2141 $stmt = "CREATE TABLE test (?, ?)";
2142 @bind = (field1, field2);
2143
2144 # Second calling form
2145 $stmt_and_val = "CREATE TABLE test (field1, field2)";
2146
2147Depending on what you're trying to do, it's up to you to choose the correct
2148format. In this example, the second form is what you would want.
2149
2150By the same token:
2151
2152 $sql->generate('alter session', { nls_date_format => 'MM/YY' });
2153
2154Might give you:
2155
2156 ALTER SESSION SET nls_date_format = 'MM/YY'
2157
2158You get the idea. Strings get their case twiddled, but everything
2159else remains verbatim.
2160
0da0fe34 2161=head1 EXPORTABLE FUNCTIONS
2162
2163=head2 is_plain_value
2164
2165Determines if the supplied argument is a plain value as understood by this
2166module:
2167
2168=over
2169
2170=item * The value is C<undef>
2171
2172=item * The value is a non-reference
2173
2174=item * The value is an object with stringification overloading
2175
2176=item * The value is of the form C<< { -value => $anything } >>
2177
2178=back
2179
966200cc 2180On failure returns C<undef>, on sucess returns a B<scalar> reference
2181to the original supplied argument.
0da0fe34 2182
843a94b5 2183=over
2184
2185=item * Note
2186
2187The stringification overloading detection is rather advanced: it takes
2188into consideration not only the presence of a C<""> overload, but if that
2189fails also checks for enabled
2190L<autogenerated versions of C<"">|overload/Magic Autogeneration>, based
2191on either C<0+> or C<bool>.
2192
2193Unfortunately testing in the field indicates that this
2194detection B<< may tickle a latent bug in perl versions before 5.018 >>,
2195but only when very large numbers of stringifying objects are involved.
2196At the time of writing ( Sep 2014 ) there is no clear explanation of
2197the direct cause, nor is there a manageably small test case that reliably
2198reproduces the problem.
2199
2200If you encounter any of the following exceptions in B<random places within
2201your application stack> - this module may be to blame:
2202
2203 Operation "ne": no method found,
2204 left argument in overloaded package <something>,
2205 right argument in overloaded package <something>
2206
2207or perhaps even
2208
2209 Stub found while resolving method "???" overloading """" in package <something>
2210
2211If you fall victim to the above - please attempt to reduce the problem
2212to something that could be sent to the L<SQL::Abstract developers
1f490ae4 2213|DBIx::Class/GETTING HELP/SUPPORT>
843a94b5 2214(either publicly or privately). As a workaround in the meantime you can
2215set C<$ENV{SQLA_ISVALUE_IGNORE_AUTOGENERATED_STRINGIFICATION}> to a true
2216value, which will most likely eliminate your problem (at the expense of
2217not being able to properly detect exotic forms of stringification).
2218
2219This notice and environment variable will be removed in a future version,
2220as soon as the underlying problem is found and a reliable workaround is
2221devised.
2222
2223=back
2224
0da0fe34 2225=head2 is_literal_value
2226
2227Determines if the supplied argument is a literal value as understood by this
2228module:
2229
2230=over
2231
2232=item * C<\$sql_string>
2233
2234=item * C<\[ $sql_string, @bind_values ]>
2235
2236=item * C<< { -ident => $plain_defined_string } >>
2237
2238=back
2239
966200cc 2240On failure returns C<undef>, on sucess returns an B<array> reference
2241containing the unpacked version of the supplied literal SQL and bind values.
0da0fe34 2242
32eab2da 2243=head1 WHERE CLAUSES
2244
96449e8e 2245=head2 Introduction
2246
32eab2da 2247This module uses a variation on the idea from L<DBIx::Abstract>. It
2248is B<NOT>, repeat I<not> 100% compatible. B<The main logic of this
2249module is that things in arrays are OR'ed, and things in hashes
2250are AND'ed.>
2251
2252The easiest way to explain is to show lots of examples. After
2253each C<%where> hash shown, it is assumed you used:
2254
2255 my($stmt, @bind) = $sql->where(\%where);
2256
2257However, note that the C<%where> hash can be used directly in any
2258of the other functions as well, as described above.
2259
96449e8e 2260=head2 Key-value pairs
2261
32eab2da 2262So, let's get started. To begin, a simple hash:
2263
2264 my %where = (
2265 user => 'nwiger',
2266 status => 'completed'
2267 );
2268
2269Is converted to SQL C<key = val> statements:
2270
2271 $stmt = "WHERE user = ? AND status = ?";
2272 @bind = ('nwiger', 'completed');
2273
2274One common thing I end up doing is having a list of values that
2275a field can be in. To do this, simply specify a list inside of
2276an arrayref:
2277
2278 my %where = (
2279 user => 'nwiger',
2280 status => ['assigned', 'in-progress', 'pending'];
2281 );
2282
2283This simple code will create the following:
9d48860e 2284
32eab2da 2285 $stmt = "WHERE user = ? AND ( status = ? OR status = ? OR status = ? )";
2286 @bind = ('nwiger', 'assigned', 'in-progress', 'pending');
2287
9d48860e 2288A field associated to an empty arrayref will be considered a
7cac25e6 2289logical false and will generate 0=1.
8a68b5be 2290
b864ba9b 2291=head2 Tests for NULL values
2292
2293If the value part is C<undef> then this is converted to SQL <IS NULL>
2294
2295 my %where = (
2296 user => 'nwiger',
2297 status => undef,
2298 );
2299
2300becomes:
2301
2302 $stmt = "WHERE user = ? AND status IS NULL";
2303 @bind = ('nwiger');
2304
e9614080 2305To test if a column IS NOT NULL:
2306
2307 my %where = (
2308 user => 'nwiger',
2309 status => { '!=', undef },
2310 );
cc422895 2311
6e0c6552 2312=head2 Specific comparison operators
96449e8e 2313
32eab2da 2314If you want to specify a different type of operator for your comparison,
2315you can use a hashref for a given column:
2316
2317 my %where = (
2318 user => 'nwiger',
2319 status => { '!=', 'completed' }
2320 );
2321
2322Which would generate:
2323
2324 $stmt = "WHERE user = ? AND status != ?";
2325 @bind = ('nwiger', 'completed');
2326
2327To test against multiple values, just enclose the values in an arrayref:
2328
96449e8e 2329 status => { '=', ['assigned', 'in-progress', 'pending'] };
2330
f2d5020d 2331Which would give you:
96449e8e 2332
2333 "WHERE status = ? OR status = ? OR status = ?"
2334
2335
2336The hashref can also contain multiple pairs, in which case it is expanded
32eab2da 2337into an C<AND> of its elements:
2338
2339 my %where = (
2340 user => 'nwiger',
2341 status => { '!=', 'completed', -not_like => 'pending%' }
2342 );
2343
2344 # Or more dynamically, like from a form
2345 $where{user} = 'nwiger';
2346 $where{status}{'!='} = 'completed';
2347 $where{status}{'-not_like'} = 'pending%';
2348
2349 # Both generate this
2350 $stmt = "WHERE user = ? AND status != ? AND status NOT LIKE ?";
2351 @bind = ('nwiger', 'completed', 'pending%');
2352
96449e8e 2353
32eab2da 2354To get an OR instead, you can combine it with the arrayref idea:
2355
2356 my %where => (
2357 user => 'nwiger',
1a6f2a03 2358 priority => [ { '=', 2 }, { '>', 5 } ]
32eab2da 2359 );
2360
2361Which would generate:
2362
1a6f2a03 2363 $stmt = "WHERE ( priority = ? OR priority > ? ) AND user = ?";
2364 @bind = ('2', '5', 'nwiger');
32eab2da 2365
44b9e502 2366If you want to include literal SQL (with or without bind values), just use a
13cc86af 2367scalar reference or reference to an arrayref as the value:
44b9e502 2368
2369 my %where = (
2370 date_entered => { '>' => \["to_date(?, 'MM/DD/YYYY')", "11/26/2008"] },
2371 date_expires => { '<' => \"now()" }
2372 );
2373
2374Which would generate:
2375
13cc86af 2376 $stmt = "WHERE date_entered > to_date(?, 'MM/DD/YYYY') AND date_expires < now()";
44b9e502 2377 @bind = ('11/26/2008');
2378
96449e8e 2379
2380=head2 Logic and nesting operators
2381
2382In the example above,
2383there is a subtle trap if you want to say something like
32eab2da 2384this (notice the C<AND>):
2385
2386 WHERE priority != ? AND priority != ?
2387
2388Because, in Perl you I<can't> do this:
2389
13cc86af 2390 priority => { '!=' => 2, '!=' => 1 }
32eab2da 2391
2392As the second C<!=> key will obliterate the first. The solution
2393is to use the special C<-modifier> form inside an arrayref:
2394
9d48860e 2395 priority => [ -and => {'!=', 2},
96449e8e 2396 {'!=', 1} ]
2397
32eab2da 2398
2399Normally, these would be joined by C<OR>, but the modifier tells it
2400to use C<AND> instead. (Hint: You can use this in conjunction with the
2401C<logic> option to C<new()> in order to change the way your queries
2402work by default.) B<Important:> Note that the C<-modifier> goes
2403B<INSIDE> the arrayref, as an extra first element. This will
2404B<NOT> do what you think it might:
2405
2406 priority => -and => [{'!=', 2}, {'!=', 1}] # WRONG!
2407
2408Here is a quick list of equivalencies, since there is some overlap:
2409
2410 # Same
2411 status => {'!=', 'completed', 'not like', 'pending%' }
2412 status => [ -and => {'!=', 'completed'}, {'not like', 'pending%'}]
2413
2414 # Same
2415 status => {'=', ['assigned', 'in-progress']}
2416 status => [ -or => {'=', 'assigned'}, {'=', 'in-progress'}]
2417 status => [ {'=', 'assigned'}, {'=', 'in-progress'} ]
2418
e3f9dff4 2419
2420
96449e8e 2421=head2 Special operators : IN, BETWEEN, etc.
2422
32eab2da 2423You can also use the hashref format to compare a list of fields using the
2424C<IN> comparison operator, by specifying the list as an arrayref:
2425
2426 my %where = (
2427 status => 'completed',
2428 reportid => { -in => [567, 2335, 2] }
2429 );
2430
2431Which would generate:
2432
2433 $stmt = "WHERE status = ? AND reportid IN (?,?,?)";
2434 @bind = ('completed', '567', '2335', '2');
2435
9d48860e 2436The reverse operator C<-not_in> generates SQL C<NOT IN> and is used in
96449e8e 2437the same way.
2438
6e0c6552 2439If the argument to C<-in> is an empty array, 'sqlfalse' is generated
2440(by default : C<1=0>). Similarly, C<< -not_in => [] >> generates
2441'sqltrue' (by default : C<1=1>).
2442
e41c3bdd 2443In addition to the array you can supply a chunk of literal sql or
2444literal sql with bind:
6e0c6552 2445
e41c3bdd 2446 my %where = {
2447 customer => { -in => \[
2448 'SELECT cust_id FROM cust WHERE balance > ?',
2449 2000,
2450 ],
2451 status => { -in => \'SELECT status_codes FROM states' },
2452 };
6e0c6552 2453
e41c3bdd 2454would generate:
2455
2456 $stmt = "WHERE (
2457 customer IN ( SELECT cust_id FROM cust WHERE balance > ? )
2458 AND status IN ( SELECT status_codes FROM states )
2459 )";
2460 @bind = ('2000');
2461
0dfd2442 2462Finally, if the argument to C<-in> is not a reference, it will be
2463treated as a single-element array.
e41c3bdd 2464
2465Another pair of operators is C<-between> and C<-not_between>,
96449e8e 2466used with an arrayref of two values:
32eab2da 2467
2468 my %where = (
2469 user => 'nwiger',
2470 completion_date => {
2471 -not_between => ['2002-10-01', '2003-02-06']
2472 }
2473 );
2474
2475Would give you:
2476
2477 WHERE user = ? AND completion_date NOT BETWEEN ( ? AND ? )
2478
e41c3bdd 2479Just like with C<-in> all plausible combinations of literal SQL
2480are possible:
2481
2482 my %where = {
2483 start0 => { -between => [ 1, 2 ] },
2484 start1 => { -between => \["? AND ?", 1, 2] },
2485 start2 => { -between => \"lower(x) AND upper(y)" },
9d48860e 2486 start3 => { -between => [
e41c3bdd 2487 \"lower(x)",
2488 \["upper(?)", 'stuff' ],
2489 ] },
2490 };
2491
2492Would give you:
2493
2494 $stmt = "WHERE (
2495 ( start0 BETWEEN ? AND ? )
2496 AND ( start1 BETWEEN ? AND ? )
2497 AND ( start2 BETWEEN lower(x) AND upper(y) )
2498 AND ( start3 BETWEEN lower(x) AND upper(?) )
2499 )";
2500 @bind = (1, 2, 1, 2, 'stuff');
2501
2502
9d48860e 2503These are the two builtin "special operators"; but the
96449e8e 2504list can be expanded : see section L</"SPECIAL OPERATORS"> below.
2505
59f23b3d 2506=head2 Unary operators: bool
97a920ef 2507
2508If you wish to test against boolean columns or functions within your
2509database you can use the C<-bool> and C<-not_bool> operators. For
2510example to test the column C<is_user> being true and the column
827bb0eb 2511C<is_enabled> being false you would use:-
97a920ef 2512
2513 my %where = (
2514 -bool => 'is_user',
2515 -not_bool => 'is_enabled',
2516 );
2517
2518Would give you:
2519
277b5d3f 2520 WHERE is_user AND NOT is_enabled
97a920ef 2521
0b604e9d 2522If a more complex combination is required, testing more conditions,
2523then you should use the and/or operators:-
2524
2525 my %where = (
2526 -and => [
2527 -bool => 'one',
23401b81 2528 -not_bool => { two=> { -rlike => 'bar' } },
2529 -not_bool => { three => [ { '=', 2 }, { '>', 5 } ] },
0b604e9d 2530 ],
2531 );
2532
2533Would give you:
2534
23401b81 2535 WHERE
2536 one
2537 AND
2538 (NOT two RLIKE ?)
2539 AND
2540 (NOT ( three = ? OR three > ? ))
97a920ef 2541
2542
107b72f1 2543=head2 Nested conditions, -and/-or prefixes
96449e8e 2544
32eab2da 2545So far, we've seen how multiple conditions are joined with a top-level
2546C<AND>. We can change this by putting the different conditions we want in
2547hashes and then putting those hashes in an array. For example:
2548
2549 my @where = (
2550 {
2551 user => 'nwiger',
2552 status => { -like => ['pending%', 'dispatched'] },
2553 },
2554 {
2555 user => 'robot',
2556 status => 'unassigned',
2557 }
2558 );
2559
2560This data structure would create the following:
2561
2562 $stmt = "WHERE ( user = ? AND ( status LIKE ? OR status LIKE ? ) )
2563 OR ( user = ? AND status = ? ) )";
2564 @bind = ('nwiger', 'pending', 'dispatched', 'robot', 'unassigned');
2565
107b72f1 2566
48d9f5f8 2567Clauses in hashrefs or arrayrefs can be prefixed with an C<-and> or C<-or>
2568to change the logic inside :
32eab2da 2569
2570 my @where = (
2571 -and => [
2572 user => 'nwiger',
48d9f5f8 2573 [
2574 -and => [ workhrs => {'>', 20}, geo => 'ASIA' ],
2575 -or => { workhrs => {'<', 50}, geo => 'EURO' },
32eab2da 2576 ],
2577 ],
2578 );
2579
2580That would yield:
2581
13cc86af 2582 $stmt = "WHERE ( user = ?
2583 AND ( ( workhrs > ? AND geo = ? )
2584 OR ( workhrs < ? OR geo = ? ) ) )";
2585 @bind = ('nwiger', '20', 'ASIA', '50', 'EURO');
107b72f1 2586
cc422895 2587=head3 Algebraic inconsistency, for historical reasons
107b72f1 2588
7cac25e6 2589C<Important note>: when connecting several conditions, the C<-and->|C<-or>
2590operator goes C<outside> of the nested structure; whereas when connecting
2591several constraints on one column, the C<-and> operator goes
2592C<inside> the arrayref. Here is an example combining both features :
2593
2594 my @where = (
2595 -and => [a => 1, b => 2],
2596 -or => [c => 3, d => 4],
2597 e => [-and => {-like => 'foo%'}, {-like => '%bar'} ]
2598 )
2599
2600yielding
2601
9d48860e 2602 WHERE ( ( ( a = ? AND b = ? )
2603 OR ( c = ? OR d = ? )
7cac25e6 2604 OR ( e LIKE ? AND e LIKE ? ) ) )
2605
107b72f1 2606This difference in syntax is unfortunate but must be preserved for
2607historical reasons. So be careful : the two examples below would
2608seem algebraically equivalent, but they are not
2609
9d48860e 2610 {col => [-and => {-like => 'foo%'}, {-like => '%bar'}]}
107b72f1 2611 # yields : WHERE ( ( col LIKE ? AND col LIKE ? ) )
2612
9d48860e 2613 [-and => {col => {-like => 'foo%'}, {col => {-like => '%bar'}}]]
107b72f1 2614 # yields : WHERE ( ( col LIKE ? OR col LIKE ? ) )
2615
7cac25e6 2616
cc422895 2617=head2 Literal SQL and value type operators
96449e8e 2618
cc422895 2619The basic premise of SQL::Abstract is that in WHERE specifications the "left
2620side" is a column name and the "right side" is a value (normally rendered as
2621a placeholder). This holds true for both hashrefs and arrayref pairs as you
2622see in the L</WHERE CLAUSES> examples above. Sometimes it is necessary to
2623alter this behavior. There are several ways of doing so.
e9614080 2624
cc422895 2625=head3 -ident
2626
2627This is a virtual operator that signals the string to its right side is an
2628identifier (a column name) and not a value. For example to compare two
2629columns you would write:
32eab2da 2630
e9614080 2631 my %where = (
2632 priority => { '<', 2 },
cc422895 2633 requestor => { -ident => 'submitter' },
e9614080 2634 );
2635
2636which creates:
2637
2638 $stmt = "WHERE priority < ? AND requestor = submitter";
2639 @bind = ('2');
2640
cc422895 2641If you are maintaining legacy code you may see a different construct as
2642described in L</Deprecated usage of Literal SQL>, please use C<-ident> in new
2643code.
2644
2645=head3 -value
e9614080 2646
cc422895 2647This is a virtual operator that signals that the construct to its right side
2648is a value to be passed to DBI. This is for example necessary when you want
2649to write a where clause against an array (for RDBMS that support such
2650datatypes). For example:
e9614080 2651
32eab2da 2652 my %where = (
cc422895 2653 array => { -value => [1, 2, 3] }
32eab2da 2654 );
2655
cc422895 2656will result in:
32eab2da 2657
cc422895 2658 $stmt = 'WHERE array = ?';
2659 @bind = ([1, 2, 3]);
32eab2da 2660
cc422895 2661Note that if you were to simply say:
32eab2da 2662
2663 my %where = (
cc422895 2664 array => [1, 2, 3]
32eab2da 2665 );
2666
3af02ccb 2667the result would probably not be what you wanted:
cc422895 2668
2669 $stmt = 'WHERE array = ? OR array = ? OR array = ?';
2670 @bind = (1, 2, 3);
2671
2672=head3 Literal SQL
96449e8e 2673
cc422895 2674Finally, sometimes only literal SQL will do. To include a random snippet
2675of SQL verbatim, you specify it as a scalar reference. Consider this only
2676as a last resort. Usually there is a better way. For example:
96449e8e 2677
2678 my %where = (
cc422895 2679 priority => { '<', 2 },
2680 requestor => { -in => \'(SELECT name FROM hitmen)' },
96449e8e 2681 );
2682
cc422895 2683Would create:
96449e8e 2684
cc422895 2685 $stmt = "WHERE priority < ? AND requestor IN (SELECT name FROM hitmen)"
2686 @bind = (2);
2687
2688Note that in this example, you only get one bind parameter back, since
2689the verbatim SQL is passed as part of the statement.
2690
2691=head4 CAVEAT
2692
2693 Never use untrusted input as a literal SQL argument - this is a massive
2694 security risk (there is no way to check literal snippets for SQL
2695 injections and other nastyness). If you need to deal with untrusted input
2696 use literal SQL with placeholders as described next.
96449e8e 2697
cc422895 2698=head3 Literal SQL with placeholders and bind values (subqueries)
96449e8e 2699
2700If the literal SQL to be inserted has placeholders and bind values,
2701use a reference to an arrayref (yes this is a double reference --
2702not so common, but perfectly legal Perl). For example, to find a date
2703in Postgres you can use something like this:
2704
2705 my %where = (
3ae1c5e2 2706 date_column => \[ "= date '2008-09-30' - ?::integer", 10 ]
96449e8e 2707 )
2708
2709This would create:
2710
d2a8fe1a 2711 $stmt = "WHERE ( date_column = date '2008-09-30' - ?::integer )"
96449e8e 2712 @bind = ('10');
2713
deb148a2 2714Note that you must pass the bind values in the same format as they are returned
1f490ae4 2715by L<where|/where(\%where, \@order)>. This means that if you set L</bindtype>
2716to C<columns>, you must provide the bind values in the
2717C<< [ column_meta => value ] >> format, where C<column_meta> is an opaque
2718scalar value; most commonly the column name, but you can use any scalar value
2719(including references and blessed references), L<SQL::Abstract> will simply
2720pass it through intact. So if C<bindtype> is set to C<columns> the above
2721example will look like:
deb148a2 2722
2723 my %where = (
3ae1c5e2 2724 date_column => \[ "= date '2008-09-30' - ?::integer", [ {} => 10 ] ]
deb148a2 2725 )
96449e8e 2726
2727Literal SQL is especially useful for nesting parenthesized clauses in the
2728main SQL query. Here is a first example :
2729
2730 my ($sub_stmt, @sub_bind) = ("SELECT c1 FROM t1 WHERE c2 < ? AND c3 LIKE ?",
2731 100, "foo%");
2732 my %where = (
2733 foo => 1234,
2734 bar => \["IN ($sub_stmt)" => @sub_bind],
2735 );
2736
2737This yields :
2738
9d48860e 2739 $stmt = "WHERE (foo = ? AND bar IN (SELECT c1 FROM t1
96449e8e 2740 WHERE c2 < ? AND c3 LIKE ?))";
2741 @bind = (1234, 100, "foo%");
2742
9d48860e 2743Other subquery operators, like for example C<"E<gt> ALL"> or C<"NOT IN">,
96449e8e 2744are expressed in the same way. Of course the C<$sub_stmt> and
9d48860e 2745its associated bind values can be generated through a former call
96449e8e 2746to C<select()> :
2747
2748 my ($sub_stmt, @sub_bind)
9d48860e 2749 = $sql->select("t1", "c1", {c2 => {"<" => 100},
96449e8e 2750 c3 => {-like => "foo%"}});
2751 my %where = (
2752 foo => 1234,
2753 bar => \["> ALL ($sub_stmt)" => @sub_bind],
2754 );
2755
2756In the examples above, the subquery was used as an operator on a column;
9d48860e 2757but the same principle also applies for a clause within the main C<%where>
96449e8e 2758hash, like an EXISTS subquery :
2759
9d48860e 2760 my ($sub_stmt, @sub_bind)
96449e8e 2761 = $sql->select("t1", "*", {c1 => 1, c2 => \"> t0.c0"});
48d9f5f8 2762 my %where = ( -and => [
96449e8e 2763 foo => 1234,
48d9f5f8 2764 \["EXISTS ($sub_stmt)" => @sub_bind],
2765 ]);
96449e8e 2766
2767which yields
2768
9d48860e 2769 $stmt = "WHERE (foo = ? AND EXISTS (SELECT * FROM t1
96449e8e 2770 WHERE c1 = ? AND c2 > t0.c0))";
2771 @bind = (1234, 1);
2772
2773
9d48860e 2774Observe that the condition on C<c2> in the subquery refers to
2775column C<t0.c0> of the main query : this is I<not> a bind
2776value, so we have to express it through a scalar ref.
96449e8e 2777Writing C<< c2 => {">" => "t0.c0"} >> would have generated
2778C<< c2 > ? >> with bind value C<"t0.c0"> ... not exactly
2779what we wanted here.
2780
96449e8e 2781Finally, here is an example where a subquery is used
2782for expressing unary negation:
2783
9d48860e 2784 my ($sub_stmt, @sub_bind)
96449e8e 2785 = $sql->where({age => [{"<" => 10}, {">" => 20}]});
2786 $sub_stmt =~ s/^ where //i; # don't want "WHERE" in the subclause
2787 my %where = (
2788 lname => {like => '%son%'},
48d9f5f8 2789 \["NOT ($sub_stmt)" => @sub_bind],
96449e8e 2790 );
2791
2792This yields
2793
2794 $stmt = "lname LIKE ? AND NOT ( age < ? OR age > ? )"
2795 @bind = ('%son%', 10, 20)
2796
cc422895 2797=head3 Deprecated usage of Literal SQL
2798
2799Below are some examples of archaic use of literal SQL. It is shown only as
2800reference for those who deal with legacy code. Each example has a much
2801better, cleaner and safer alternative that users should opt for in new code.
2802
2803=over
2804
2805=item *
2806
2807 my %where = ( requestor => \'IS NOT NULL' )
2808
2809 $stmt = "WHERE requestor IS NOT NULL"
2810
2811This used to be the way of generating NULL comparisons, before the handling
2812of C<undef> got formalized. For new code please use the superior syntax as
2813described in L</Tests for NULL values>.
96449e8e 2814
cc422895 2815=item *
2816
2817 my %where = ( requestor => \'= submitter' )
2818
2819 $stmt = "WHERE requestor = submitter"
2820
2821This used to be the only way to compare columns. Use the superior L</-ident>
2822method for all new code. For example an identifier declared in such a way
2823will be properly quoted if L</quote_char> is properly set, while the legacy
2824form will remain as supplied.
2825
2826=item *
2827
2828 my %where = ( is_ready => \"", completed => { '>', '2012-12-21' } )
2829
2830 $stmt = "WHERE completed > ? AND is_ready"
2831 @bind = ('2012-12-21')
2832
2833Using an empty string literal used to be the only way to express a boolean.
2834For all new code please use the much more readable
2835L<-bool|/Unary operators: bool> operator.
2836
2837=back
96449e8e 2838
2839=head2 Conclusion
2840
32eab2da 2841These pages could go on for a while, since the nesting of the data
2842structures this module can handle are pretty much unlimited (the
2843module implements the C<WHERE> expansion as a recursive function
2844internally). Your best bet is to "play around" with the module a
2845little to see how the data structures behave, and choose the best
2846format for your data based on that.
2847
2848And of course, all the values above will probably be replaced with
2849variables gotten from forms or the command line. After all, if you
2850knew everything ahead of time, you wouldn't have to worry about
2851dynamically-generating SQL and could just hardwire it into your
2852script.
2853
86298391 2854=head1 ORDER BY CLAUSES
2855
9d48860e 2856Some functions take an order by clause. This can either be a scalar (just a
86298391 2857column name,) a hash of C<< { -desc => 'col' } >> or C<< { -asc => 'col' } >>,
1cfa1db3 2858or an array of either of the two previous forms. Examples:
2859
952f9e2d 2860 Given | Will Generate
1cfa1db3 2861 ----------------------------------------------------------
952f9e2d 2862 |
2863 \'colA DESC' | ORDER BY colA DESC
2864 |
2865 'colA' | ORDER BY colA
2866 |
2867 [qw/colA colB/] | ORDER BY colA, colB
2868 |
2869 {-asc => 'colA'} | ORDER BY colA ASC
2870 |
2871 {-desc => 'colB'} | ORDER BY colB DESC
2872 |
2873 ['colA', {-asc => 'colB'}] | ORDER BY colA, colB ASC
2874 |
855e6047 2875 { -asc => [qw/colA colB/] } | ORDER BY colA ASC, colB ASC
952f9e2d 2876 |
2877 [ |
2878 { -asc => 'colA' }, | ORDER BY colA ASC, colB DESC,
2879 { -desc => [qw/colB/], | colC ASC, colD ASC
2880 { -asc => [qw/colC colD/],|
2881 ] |
2882 ===========================================================
86298391 2883
96449e8e 2884
2885
2886=head1 SPECIAL OPERATORS
2887
e3f9dff4 2888 my $sqlmaker = SQL::Abstract->new(special_ops => [
3a2e1a5e 2889 {
2890 regex => qr/.../,
e3f9dff4 2891 handler => sub {
2892 my ($self, $field, $op, $arg) = @_;
2893 ...
3a2e1a5e 2894 },
2895 },
2896 {
2897 regex => qr/.../,
2898 handler => 'method_name',
e3f9dff4 2899 },
2900 ]);
2901
9d48860e 2902A "special operator" is a SQL syntactic clause that can be
e3f9dff4 2903applied to a field, instead of a usual binary operator.
9d48860e 2904For example :
e3f9dff4 2905
2906 WHERE field IN (?, ?, ?)
2907 WHERE field BETWEEN ? AND ?
2908 WHERE MATCH(field) AGAINST (?, ?)
96449e8e 2909
e3f9dff4 2910Special operators IN and BETWEEN are fairly standard and therefore
3a2e1a5e 2911are builtin within C<SQL::Abstract> (as the overridable methods
2912C<_where_field_IN> and C<_where_field_BETWEEN>). For other operators,
2913like the MATCH .. AGAINST example above which is specific to MySQL,
2914you can write your own operator handlers - supply a C<special_ops>
2915argument to the C<new> method. That argument takes an arrayref of
2916operator definitions; each operator definition is a hashref with two
2917entries:
96449e8e 2918
e3f9dff4 2919=over
2920
2921=item regex
2922
2923the regular expression to match the operator
96449e8e 2924
e3f9dff4 2925=item handler
2926
3a2e1a5e 2927Either a coderef or a plain scalar method name. In both cases
2928the expected return is C<< ($sql, @bind) >>.
2929
2930When supplied with a method name, it is simply called on the
13cc86af 2931L<SQL::Abstract> object as:
3a2e1a5e 2932
2933 $self->$method_name ($field, $op, $arg)
2934
2935 Where:
2936
3a2e1a5e 2937 $field is the LHS of the operator
13cc86af 2938 $op is the part that matched the handler regex
3a2e1a5e 2939 $arg is the RHS
2940
2941When supplied with a coderef, it is called as:
2942
2943 $coderef->($self, $field, $op, $arg)
2944
e3f9dff4 2945
2946=back
2947
9d48860e 2948For example, here is an implementation
e3f9dff4 2949of the MATCH .. AGAINST syntax for MySQL
2950
2951 my $sqlmaker = SQL::Abstract->new(special_ops => [
9d48860e 2952
e3f9dff4 2953 # special op for MySql MATCH (field) AGAINST(word1, word2, ...)
9d48860e 2954 {regex => qr/^match$/i,
e3f9dff4 2955 handler => sub {
2956 my ($self, $field, $op, $arg) = @_;
2957 $arg = [$arg] if not ref $arg;
2958 my $label = $self->_quote($field);
2959 my ($placeholder) = $self->_convert('?');
2960 my $placeholders = join ", ", (($placeholder) x @$arg);
2961 my $sql = $self->_sqlcase('match') . " ($label) "
2962 . $self->_sqlcase('against') . " ($placeholders) ";
2963 my @bind = $self->_bindtype($field, @$arg);
2964 return ($sql, @bind);
2965 }
2966 },
9d48860e 2967
e3f9dff4 2968 ]);
96449e8e 2969
2970
59f23b3d 2971=head1 UNARY OPERATORS
2972
112b5232 2973 my $sqlmaker = SQL::Abstract->new(unary_ops => [
59f23b3d 2974 {
2975 regex => qr/.../,
2976 handler => sub {
2977 my ($self, $op, $arg) = @_;
2978 ...
2979 },
2980 },
2981 {
2982 regex => qr/.../,
2983 handler => 'method_name',
2984 },
2985 ]);
2986
9d48860e 2987A "unary operator" is a SQL syntactic clause that can be
59f23b3d 2988applied to a field - the operator goes before the field
2989
2990You can write your own operator handlers - supply a C<unary_ops>
2991argument to the C<new> method. That argument takes an arrayref of
2992operator definitions; each operator definition is a hashref with two
2993entries:
2994
2995=over
2996
2997=item regex
2998
2999the regular expression to match the operator
3000
3001=item handler
3002
3003Either a coderef or a plain scalar method name. In both cases
3004the expected return is C<< $sql >>.
3005
3006When supplied with a method name, it is simply called on the
13cc86af 3007L<SQL::Abstract> object as:
59f23b3d 3008
3009 $self->$method_name ($op, $arg)
3010
3011 Where:
3012
3013 $op is the part that matched the handler regex
3014 $arg is the RHS or argument of the operator
3015
3016When supplied with a coderef, it is called as:
3017
3018 $coderef->($self, $op, $arg)
3019
3020
3021=back
3022
3023
32eab2da 3024=head1 PERFORMANCE
3025
3026Thanks to some benchmarking by Mark Stosberg, it turns out that
3027this module is many orders of magnitude faster than using C<DBIx::Abstract>.
3028I must admit this wasn't an intentional design issue, but it's a
3029byproduct of the fact that you get to control your C<DBI> handles
3030yourself.
3031
3032To maximize performance, use a code snippet like the following:
3033
3034 # prepare a statement handle using the first row
3035 # and then reuse it for the rest of the rows
3036 my($sth, $stmt);
3037 for my $href (@array_of_hashrefs) {
3038 $stmt ||= $sql->insert('table', $href);
3039 $sth ||= $dbh->prepare($stmt);
3040 $sth->execute($sql->values($href));
3041 }
3042
3043The reason this works is because the keys in your C<$href> are sorted
3044internally by B<SQL::Abstract>. Thus, as long as your data retains
3045the same structure, you only have to generate the SQL the first time
3046around. On subsequent queries, simply use the C<values> function provided
3047by this module to return your values in the correct order.
3048
b864ba9b 3049However this depends on the values having the same type - if, for
3050example, the values of a where clause may either have values
3051(resulting in sql of the form C<column = ?> with a single bind
3052value), or alternatively the values might be C<undef> (resulting in
3053sql of the form C<column IS NULL> with no bind value) then the
3054caching technique suggested will not work.
96449e8e 3055
32eab2da 3056=head1 FORMBUILDER
3057
3058If you use my C<CGI::FormBuilder> module at all, you'll hopefully
3059really like this part (I do, at least). Building up a complex query
3060can be as simple as the following:
3061
3062 #!/usr/bin/perl
3063
46dc2f3e 3064 use warnings;
3065 use strict;
3066
32eab2da 3067 use CGI::FormBuilder;
3068 use SQL::Abstract;
3069
3070 my $form = CGI::FormBuilder->new(...);
3071 my $sql = SQL::Abstract->new;
3072
3073 if ($form->submitted) {
3074 my $field = $form->field;
3075 my $id = delete $field->{id};
3076 my($stmt, @bind) = $sql->update('table', $field, {id => $id});
3077 }
3078
3079Of course, you would still have to connect using C<DBI> to run the
3080query, but the point is that if you make your form look like your
3081table, the actual query script can be extremely simplistic.
3082
3083If you're B<REALLY> lazy (I am), check out C<HTML::QuickTable> for
9d48860e 3084a fast interface to returning and formatting data. I frequently
32eab2da 3085use these three modules together to write complex database query
3086apps in under 50 lines.
3087
af733667 3088=head1 HOW TO CONTRIBUTE
3089
3090Contributions are always welcome, in all usable forms (we especially
3091welcome documentation improvements). The delivery methods include git-
3092or unified-diff formatted patches, GitHub pull requests, or plain bug
3093reports either via RT or the Mailing list. Contributors are generally
3094granted full access to the official repository after their first several
3095patches pass successful review.
3096
3097This project is maintained in a git repository. The code and related tools are
3098accessible at the following locations:
d8cc1792 3099
3100=over
3101
af733667 3102=item * Official repo: L<git://git.shadowcat.co.uk/dbsrgits/SQL-Abstract.git>
3103
3104=item * Official gitweb: L<http://git.shadowcat.co.uk/gitweb/gitweb.cgi?p=dbsrgits/SQL-Abstract.git>
3105
3106=item * GitHub mirror: L<https://github.com/dbsrgits/sql-abstract>
d8cc1792 3107
af733667 3108=item * Authorized committers: L<ssh://dbsrgits@git.shadowcat.co.uk/SQL-Abstract.git>
d8cc1792 3109
3110=back
32eab2da 3111
96449e8e 3112=head1 CHANGES
3113
3114Version 1.50 was a major internal refactoring of C<SQL::Abstract>.
3115Great care has been taken to preserve the I<published> behavior
3116documented in previous versions in the 1.* family; however,
9d48860e 3117some features that were previously undocumented, or behaved
96449e8e 3118differently from the documentation, had to be changed in order
3119to clarify the semantics. Hence, client code that was relying
9d48860e 3120on some dark areas of C<SQL::Abstract> v1.*
96449e8e 3121B<might behave differently> in v1.50.
32eab2da 3122
d2a8fe1a 3123The main changes are :
3124
96449e8e 3125=over
32eab2da 3126
9d48860e 3127=item *
32eab2da 3128
3ae1c5e2 3129support for literal SQL through the C<< \ [ $sql, @bind ] >> syntax.
96449e8e 3130
3131=item *
3132
145fbfc8 3133support for the { operator => \"..." } construct (to embed literal SQL)
3134
3135=item *
3136
9c37b9c0 3137support for the { operator => \["...", @bind] } construct (to embed literal SQL with bind values)
3138
3139=item *
3140
96449e8e 3141optional support for L<array datatypes|/"Inserting and Updating Arrays">
3142
9d48860e 3143=item *
96449e8e 3144
3145defensive programming : check arguments
3146
3147=item *
3148
3149fixed bug with global logic, which was previously implemented
7cac25e6 3150through global variables yielding side-effects. Prior versions would
96449e8e 3151interpret C<< [ {cond1, cond2}, [cond3, cond4] ] >>
3152as C<< "(cond1 AND cond2) OR (cond3 AND cond4)" >>.
3153Now this is interpreted
3154as C<< "(cond1 AND cond2) OR (cond3 OR cond4)" >>.
3155
96449e8e 3156
3157=item *
3158
3159fixed semantics of _bindtype on array args
3160
9d48860e 3161=item *
96449e8e 3162
3163dropped the C<_anoncopy> of the %where tree. No longer necessary,
3164we just avoid shifting arrays within that tree.
3165
3166=item *
3167
3168dropped the C<_modlogic> function
3169
3170=back
32eab2da 3171
32eab2da 3172=head1 ACKNOWLEDGEMENTS
3173
3174There are a number of individuals that have really helped out with
3175this module. Unfortunately, most of them submitted bugs via CPAN
3176so I have no idea who they are! But the people I do know are:
3177
9d48860e 3178 Ash Berlin (order_by hash term support)
b643abe1 3179 Matt Trout (DBIx::Class support)
32eab2da 3180 Mark Stosberg (benchmarking)
3181 Chas Owens (initial "IN" operator support)
3182 Philip Collins (per-field SQL functions)
3183 Eric Kolve (hashref "AND" support)
3184 Mike Fragassi (enhancements to "BETWEEN" and "LIKE")
3185 Dan Kubb (support for "quote_char" and "name_sep")
f5aab26e 3186 Guillermo Roditi (patch to cleanup "IN" and "BETWEEN", fix and tests for _order_by)
48d9f5f8 3187 Laurent Dami (internal refactoring, extensible list of special operators, literal SQL)
dbdf7648 3188 Norbert Buchmuller (support for literal SQL in hashpair, misc. fixes & tests)
e96c510a 3189 Peter Rabbitson (rewrite of SQLA::Test, misc. fixes & tests)
02288357 3190 Oliver Charles (support for "RETURNING" after "INSERT")
32eab2da 3191
3192Thanks!
3193
32eab2da 3194=head1 SEE ALSO
3195
86298391 3196L<DBIx::Class>, L<DBIx::Abstract>, L<CGI::FormBuilder>, L<HTML::QuickTable>.
32eab2da 3197
32eab2da 3198=head1 AUTHOR
3199
b643abe1 3200Copyright (c) 2001-2007 Nathan Wiger <nwiger@cpan.org>. All Rights Reserved.
3201
3202This module is actively maintained by Matt Trout <mst@shadowcatsystems.co.uk>
32eab2da 3203
abe72f94 3204For support, your best bet is to try the C<DBIx::Class> users mailing list.
3205While not an official support venue, C<DBIx::Class> makes heavy use of
3206C<SQL::Abstract>, and as such list members there are very familiar with
3207how to create queries.
3208
0d067ded 3209=head1 LICENSE
3210
d988ab87 3211This module is free software; you may copy this under the same
3212terms as perl itself (either the GNU General Public License or
3213the Artistic License)
32eab2da 3214
3215=cut
3216
Unnamed repository; edit this file 'description' to name the repository.