projects / scpubgit/Q-Branch.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | history | HEAD
check for undef and kill pointless debug checks
[scpubgit/Q-Branch.git] / lib / SQL / Abstract.pm
CommitLineData
96449e8e 1package SQL::Abstract; # see doc at end of file
2
96449e8e 3use strict;
4use warnings;
9d9d5bd6 5use Carp ();
312d830b 6use List::Util ();
7use Scalar::Util ();
96449e8e 8
0da0fe34 9use Exporter 'import';
10our @EXPORT_OK = qw(is_plain_value is_literal_value);
11
12BEGIN {
13 if ($] < 5.009_005) {
14 require MRO::Compat;
15 }
16 else {
17 require mro;
18 }
843a94b5 19
20 *SQL::Abstract::_ENV_::DETECT_AUTOGENERATED_STRINGIFICATION = $ENV{SQLA_ISVALUE_IGNORE_AUTOGENERATED_STRINGIFICATION}
21 ? sub () { 0 }
22 : sub () { 1 }
23 ;
0da0fe34 24}
25
96449e8e 26#======================================================================
27# GLOBALS
28#======================================================================
29
dc6afcf8 30our $VERSION = '1.86';
7479e27e 31
22f1a437 32# This would confuse some packagers
c520207b 33$VERSION = eval $VERSION if $VERSION =~ /_/; # numify for warning-free dev releases
96449e8e 34
35our $AUTOLOAD;
36
37# special operators (-in, -between). May be extended/overridden by user.
38# See section WHERE: BUILTIN SPECIAL OPERATORS below for implementation
39my @BUILTIN_SPECIAL_OPS = (
f663e672 40 {regex => qr/^ (?: not \s )? between $/ix, handler => sub { die "NOPE" }},
41 {regex => qr/^ (?: not \s )? in $/ix, handler => sub { die "NOPE" }},
87c8e45b 42 {regex => qr/^ is (?: \s+ not )? $/ix, handler => sub { die "NOPE" }},
96449e8e 43);
44
45#======================================================================
46# DEBUGGING AND ERROR REPORTING
47#======================================================================
48
49sub _debug {
50 return unless $_[0]->{debug}; shift; # a little faster
51 my $func = (caller(1))[3];
52 warn "[$func] ", @_, "\n";
53}
54
55sub belch (@) {
56 my($func) = (caller(1))[3];
9d9d5bd6 57 Carp::carp "[$func] Warning: ", @_;
96449e8e 58}
59
60sub puke (@) {
61 my($func) = (caller(1))[3];
9d9d5bd6 62 Carp::croak "[$func] Fatal: ", @_;
96449e8e 63}
64
0da0fe34 65sub is_literal_value ($) {
66 ref $_[0] eq 'SCALAR' ? [ ${$_[0]} ]
67 : ( ref $_[0] eq 'REF' and ref ${$_[0]} eq 'ARRAY' ) ? [ @${ $_[0] } ]
0da0fe34 68 : undef;
69}
70
71# FIXME XSify - this can be done so much more efficiently
72sub is_plain_value ($) {
73 no strict 'refs';
966200cc 74 ! length ref $_[0] ? \($_[0])
0da0fe34 75 : (
76 ref $_[0] eq 'HASH' and keys %{$_[0]} == 1
77 and
78 exists $_[0]->{-value}
966200cc 79 ) ? \($_[0]->{-value})
0da0fe34 80 : (
a1c9e0ff 81 # reuse @_ for even moar speedz
82 defined ( $_[1] = Scalar::Util::blessed $_[0] )
0da0fe34 83 and
84 # deliberately not using Devel::OverloadInfo - the checks we are
85 # intersted in are much more limited than the fullblown thing, and
86 # this is a very hot piece of code
87 (
e8d729d4 88 # simply using ->can('(""') can leave behind stub methods that
89 # break actually using the overload later (see L<perldiag/Stub
90 # found while resolving method "%s" overloading "%s" in package
91 # "%s"> and the source of overload::mycan())
44e54b41 92 #
0da0fe34 93 # either has stringification which DBI SHOULD prefer out of the box
a1c9e0ff 94 grep { *{ (qq[${_}::(""]) }{CODE} } @{ $_[2] = mro::get_linear_isa( $_[1] ) }
0da0fe34 95 or
20e178a8 96 # has nummification or boolification, AND fallback is *not* disabled
0da0fe34 97 (
843a94b5 98 SQL::Abstract::_ENV_::DETECT_AUTOGENERATED_STRINGIFICATION
99 and
20e178a8 100 (
101 grep { *{"${_}::(0+"}{CODE} } @{$_[2]}
102 or
103 grep { *{"${_}::(bool"}{CODE} } @{$_[2]}
104 )
0da0fe34 105 and
106 (
107 # no fallback specified at all
a1c9e0ff 108 ! ( ($_[3]) = grep { *{"${_}::()"}{CODE} } @{$_[2]} )
0da0fe34 109 or
110 # fallback explicitly undef
a1c9e0ff 111 ! defined ${"$_[3]::()"}
0da0fe34 112 or
113 # explicitly true
a1c9e0ff 114 !! ${"$_[3]::()"}
0da0fe34 115 )
116 )
117 )
966200cc 118 ) ? \($_[0])
0da0fe34 119 : undef;
120}
121
122
96449e8e 123
124#======================================================================
125# NEW
126#======================================================================
127
128sub new {
129 my $self = shift;
130 my $class = ref($self) || $self;
131 my %opt = (ref $_[0] eq 'HASH') ? %{$_[0]} : @_;
132
133 # choose our case by keeping an option around
134 delete $opt{case} if $opt{case} && $opt{case} ne 'lower';
135
136 # default logic for interpreting arrayrefs
ef559da3 137 $opt{logic} = $opt{logic} ? uc $opt{logic} : 'OR';
96449e8e 138
139 # how to return bind vars
96449e8e 140 $opt{bindtype} ||= 'normal';
141
142 # default comparison is "=", but can be overridden
143 $opt{cmp} ||= '=';
144
3af02ccb 145 # try to recognize which are the 'equality' and 'inequality' ops
3cdadcbe 146 # (temporary quickfix (in 2007), should go through a more seasoned API)
147 $opt{equality_op} = qr/^( \Q$opt{cmp}\E | \= )$/ix;
148 $opt{inequality_op} = qr/^( != | <> )$/ix;
149
150 $opt{like_op} = qr/^ (is\s+)? r?like $/xi;
151 $opt{not_like_op} = qr/^ (is\s+)? not \s+ r?like $/xi;
96449e8e 152
153 # SQL booleans
154 $opt{sqltrue} ||= '1=1';
155 $opt{sqlfalse} ||= '0=1';
156
9d48860e 157 # special operators
30af97c5 158 $opt{special_ops} ||= [];
159
b6251592 160 # regexes are applied in order, thus push after user-defines
96449e8e 161 push @{$opt{special_ops}}, @BUILTIN_SPECIAL_OPS;
162
cf06e9dc 163 if ($class->isa('DBIx::Class::SQLMaker')) {
dd1d0dbf 164 push @{$opt{special_ops}}, our $DBIC_Compat_Op ||= {
165 regex => qr/^(?:ident|value)$/i, handler => sub { die "NOPE" }
166 };
cf06e9dc 167 $opt{is_dbic_sqlmaker} = 1;
dd1d0dbf 168 }
169
9d48860e 170 # unary operators
59f23b3d 171 $opt{unary_ops} ||= [];
59f23b3d 172
3af02ccb 173 # rudimentary sanity-check for user supplied bits treated as functions/operators
b6251592 174 # If a purported function matches this regular expression, an exception is thrown.
175 # Literal SQL is *NOT* subject to this check, only functions (and column names
176 # when quoting is not in effect)
96449e8e 177
b6251592 178 # FIXME
179 # need to guard against ()'s in column names too, but this will break tons of
180 # hacks... ideas anyone?
181 $opt{injection_guard} ||= qr/
182 \;
183 |
184 ^ \s* go \s
185 /xmi;
96449e8e 186
b07681b1 187 $opt{node_types} = +{
188 map +("-$_" => '_render_'.$_),
a332e2cb 189 qw(op func bind ident literal list)
b07681b1 190 };
191
ec19b759 192 $opt{expand_unary} = {};
193
b6251592 194 return bless \%opt, $class;
195}
96449e8e 196
e175845b 197sub sqltrue { +{ -literal => [ $_[0]->{sqltrue} ] } }
198sub sqlfalse { +{ -literal => [ $_[0]->{sqlfalse} ] } }
170e6c33 199
200sub _assert_pass_injection_guard {
201 if ($_[1] =~ $_[0]->{injection_guard}) {
202 my $class = ref $_[0];
203 puke "Possible SQL injection attempt '$_[1]'. If this is indeed a part of the "
204 . "desired SQL use literal SQL ( \'...' or \[ '...' ] ) or supply your own "
205 . "{injection_guard} attribute to ${class}->new()"
206 }
207}
208
209
96449e8e 210#======================================================================
211# INSERT methods
212#======================================================================
213
214sub insert {
02288357 215 my $self = shift;
216 my $table = $self->_table(shift);
217 my $data = shift || return;
218 my $options = shift;
96449e8e 219
220 my $method = $self->_METHOD_FOR_refkind("_insert", $data);
02288357 221 my ($sql, @bind) = $self->$method($data);
96449e8e 222 $sql = join " ", $self->_sqlcase('insert into'), $table, $sql;
02288357 223
e82e648a 224 if ($options->{returning}) {
ca4f826a 225 my ($s, @b) = $self->_insert_returning($options);
e82e648a 226 $sql .= $s;
227 push @bind, @b;
02288357 228 }
229
96449e8e 230 return wantarray ? ($sql, @bind) : $sql;
231}
232
60f3fd3f 233# So that subclasses can override INSERT ... RETURNING separately from
234# UPDATE and DELETE (e.g. DBIx::Class::SQLMaker::Oracle does this)
b17a3ece 235sub _insert_returning { shift->_returning(@_) }
236
95904db5 237sub _returning {
e82e648a 238 my ($self, $options) = @_;
6b1fe79d 239
e82e648a 240 my $f = $options->{returning};
241
ff96fdd4 242 my ($sql, @bind) = $self->_render_expr(
243 $self->_expand_maybe_list_expr($f, undef, -ident)
244 );
245 return wantarray
246 ? $self->_sqlcase(' returning ') . $sql
247 : ($self->_sqlcase(' returning ').$sql, @bind);
6b1fe79d 248}
249
96449e8e 250sub _insert_HASHREF { # explicit list of fields and then values
251 my ($self, $data) = @_;
252
253 my @fields = sort keys %$data;
254
fe3ae272 255 my ($sql, @bind) = $self->_insert_values($data);
96449e8e 256
257 # assemble SQL
258 $_ = $self->_quote($_) foreach @fields;
259 $sql = "( ".join(", ", @fields).") ".$sql;
260
261 return ($sql, @bind);
262}
263
264sub _insert_ARRAYREF { # just generate values(?,?) part (no list of fields)
265 my ($self, $data) = @_;
266
267 # no names (arrayref) so can't generate bindtype
268 $self->{bindtype} ne 'columns'
269 or belch "can't do 'columns' bindtype when called with arrayref";
270
19b6ccce 271 my (@values, @all_bind);
272 foreach my $value (@$data) {
273 my ($values, @bind) = $self->_insert_value(undef, $value);
274 push @values, $values;
275 push @all_bind, @bind;
276 }
277 my $sql = $self->_sqlcase('values')." ( ".join(", ", @values)." )";
278 return ($sql, @all_bind);
fe3ae272 279}
280
281sub _insert_ARRAYREFREF { # literal SQL with bind
282 my ($self, $data) = @_;
283
284 my ($sql, @bind) = @${$data};
285 $self->_assert_bindval_matches_bindtype(@bind);
286
287 return ($sql, @bind);
288}
289
290
291sub _insert_SCALARREF { # literal SQL without bind
292 my ($self, $data) = @_;
293
294 return ($$data);
295}
296
297sub _insert_values {
298 my ($self, $data) = @_;
299
96449e8e 300 my (@values, @all_bind);
fe3ae272 301 foreach my $column (sort keys %$data) {
19b6ccce 302 my ($values, @bind) = $self->_insert_value($column, $data->{$column});
303 push @values, $values;
304 push @all_bind, @bind;
305 }
306 my $sql = $self->_sqlcase('values')." ( ".join(", ", @values)." )";
307 return ($sql, @all_bind);
308}
96449e8e 309
19b6ccce 310sub _insert_value {
311 my ($self, $column, $v) = @_;
96449e8e 312
720ca4f7 313 return $self->_render_expr(
314 $self->_expand_insert_value($column, $v)
315 );
316}
96449e8e 317
720ca4f7 318sub _expand_insert_value {
319 my ($self, $column, $v) = @_;
96449e8e 320
720ca4f7 321 if (ref($v) eq 'ARRAY') {
322 if ($self->{array_datatypes}) {
323 return +{ -bind => [ $column, $v ] };
324 }
325 my ($sql, @bind) = @$v;
326 $self->_assert_bindval_matches_bindtype(@bind);
327 return +{ -literal => $v };
328 }
329 if (ref($v) eq 'HASH') {
330 if (grep !/^-/, keys %$v) {
331 belch "HASH ref as bind value in insert is not supported";
332 return +{ -bind => [ $column, $v ] };
333 }
334 }
335 if (!defined($v)) {
336 return +{ -bind => [ $column, undef ] };
337 }
338 local our $Cur_Col_Meta = $column;
339 return $self->_expand_expr($v);
96449e8e 340}
341
342
96449e8e 343
344#======================================================================
345# UPDATE methods
346#======================================================================
347
348
349sub update {
95904db5 350 my $self = shift;
351 my $table = $self->_table(shift);
352 my $data = shift || return;
353 my $where = shift;
354 my $options = shift;
96449e8e 355
356 # first build the 'SET' part of the sql statement
96449e8e 357 puke "Unsupported data type specified to \$sql->update"
358 unless ref $data eq 'HASH';
359
9ade906e 360 my ($sql, @all_bind) = $self->_update_set_values($data);
a9e94508 361 $sql = $self->_sqlcase('update ') . $table . $self->_sqlcase(' set ')
9ade906e 362 . $sql;
363
364 if ($where) {
365 my($where_sql, @where_bind) = $self->where($where);
366 $sql .= $where_sql;
367 push @all_bind, @where_bind;
368 }
369
370 if ($options->{returning}) {
371 my ($returning_sql, @returning_bind) = $self->_update_returning($options);
372 $sql .= $returning_sql;
373 push @all_bind, @returning_bind;
374 }
375
376 return wantarray ? ($sql, @all_bind) : $sql;
377}
378
379sub _update_set_values {
380 my ($self, $data) = @_;
381
89690da2 382 return $self->_render_expr(
383 $self->_expand_update_set_values($data),
384 );
385}
96449e8e 386
89690da2 387sub _expand_update_set_values {
388 my ($self, $data) = @_;
389 $self->_expand_maybe_list_expr( [
390 map {
391 my ($k, $set) = @$_;
c4ed66f4 392 $set = { -bind => $_ } unless defined $set;
89690da2 393 +{ -op => [ '=', { -ident => $k }, $set ] };
394 }
395 map {
396 my $k = $_;
397 my $v = $data->{$k};
398 (ref($v) eq 'ARRAY'
399 ? ($self->{array_datatypes}
400 ? [ $k, +{ -bind => [ $k, $v ] } ]
401 : [ $k, +{ -literal => $v } ])
402 : do {
403 local our $Cur_Col_Meta = $k;
404 [ $k, $self->_expand_expr($v) ]
405 }
406 );
407 } sort keys %$data
408 ] );
96449e8e 409}
410
60f3fd3f 411# So that subclasses can override UPDATE ... RETURNING separately from
412# INSERT and DELETE
20bb2ad5 413sub _update_returning { shift->_returning(@_) }
96449e8e 414
415
416
417#======================================================================
418# SELECT
419#======================================================================
420
421
422sub select {
423 my $self = shift;
424 my $table = $self->_table(shift);
425 my $fields = shift || '*';
426 my $where = shift;
427 my $order = shift;
428
daa4ccdd 429 my ($fields_sql, @bind) = $self->_select_fields($fields);
96449e8e 430
daa4ccdd 431 my ($where_sql, @where_bind) = $self->where($where, $order);
432 push @bind, @where_bind;
433
434 my $sql = join(' ', $self->_sqlcase('select'), $fields_sql,
96449e8e 435 $self->_sqlcase('from'), $table)
436 . $where_sql;
437
9d48860e 438 return wantarray ? ($sql, @bind) : $sql;
96449e8e 439}
440
daa4ccdd 441sub _select_fields {
442 my ($self, $fields) = @_;
de63ce57 443 return $fields unless ref($fields);
27592e2b 444 return $self->_render_expr(
445 $self->_expand_maybe_list_expr($fields, undef, '-ident')
446 );
daa4ccdd 447}
448
96449e8e 449#======================================================================
450# DELETE
451#======================================================================
452
453
454sub delete {
85327cd5 455 my $self = shift;
456 my $table = $self->_table(shift);
457 my $where = shift;
458 my $options = shift;
96449e8e 459
460 my($where_sql, @bind) = $self->where($where);
a9e94508 461 my $sql = $self->_sqlcase('delete from ') . $table . $where_sql;
96449e8e 462
85327cd5 463 if ($options->{returning}) {
ca4f826a 464 my ($returning_sql, @returning_bind) = $self->_delete_returning($options);
85327cd5 465 $sql .= $returning_sql;
466 push @bind, @returning_bind;
467 }
468
9d48860e 469 return wantarray ? ($sql, @bind) : $sql;
96449e8e 470}
471
60f3fd3f 472# So that subclasses can override DELETE ... RETURNING separately from
473# INSERT and UPDATE
85327cd5 474sub _delete_returning { shift->_returning(@_) }
475
476
96449e8e 477
478#======================================================================
479# WHERE: entry point
480#======================================================================
481
482
483
484# Finally, a separate routine just to handle WHERE clauses
485sub where {
486 my ($self, $where, $order) = @_;
487
7ad12721 488 local $self->{convert_where} = $self->{convert};
489
96449e8e 490 # where ?
e175845b 491 my ($sql, @bind) = defined($where)
492 ? $self->_recurse_where($where)
493 : (undef);
417dd15e 494 $sql = (defined $sql and length $sql) ? $self->_sqlcase(' where ') . "( $sql )" : '';
96449e8e 495
496 # order by?
497 if ($order) {
26fe4d30 498 my ($order_sql, @order_bind) = $self->_order_by($order);
499 $sql .= $order_sql;
500 push @bind, @order_bind;
96449e8e 501 }
502
9d48860e 503 return wantarray ? ($sql, @bind) : $sql;
96449e8e 504}
505
a2cd381d 506sub _expand_expr {
2558b622 507 my ($self, $expr, $logic, $default_scalar_to) = @_;
508 local our $Default_Scalar_To = $default_scalar_to if $default_scalar_to;
3ae10d16 509 our $Expand_Depth ||= 0; local $Expand_Depth = $Expand_Depth + 1;
252518da 510 return undef unless defined($expr);
59588695 511 if (ref($expr) eq 'HASH') {
512 if (keys %$expr > 1) {
513 $logic ||= 'and';
77617257 514 return +{ -op => [
515 $logic,
59588695 516 map $self->_expand_expr_hashpair($_ => $expr->{$_}, $logic),
517 sort keys %$expr
518 ] };
519 }
2f88d495 520 return undef unless keys %$expr;
59588695 521 return $self->_expand_expr_hashpair(%$expr, $logic);
a2cd381d 522 }
08264f40 523 if (ref($expr) eq 'ARRAY') {
99a65fa8 524 my $logic = lc($logic || $self->{logic});
08264f40 525 $logic eq 'and' or $logic eq 'or' or puke "unknown logic: $logic";
526
1c0c0f41 527 my @expr = grep {
528 (ref($_) eq 'ARRAY' and @$_)
529 or (ref($_) eq 'HASH' and %$_)
530 or 1
531 } @$expr;
08264f40 532
533 my @res;
534
535 while (my ($el) = splice @expr, 0, 1) {
536 puke "Supplying an empty left hand side argument is not supported in array-pairs"
537 unless defined($el) and length($el);
538 my $elref = ref($el);
539 if (!$elref) {
dd1d0dbf 540 local $Expand_Depth = 0;
f4082f8b 541 push(@res, grep defined, $self->_expand_expr({ $el, shift(@expr) }));
08264f40 542 } elsif ($elref eq 'ARRAY') {
f4082f8b 543 push(@res, grep defined, $self->_expand_expr($el)) if @$el;
ec857800 544 } elsif (my $l = is_literal_value($el)) {
545 push @res, { -literal => $l };
08264f40 546 } elsif ($elref eq 'HASH') {
dd1d0dbf 547 local $Expand_Depth = 0;
f4082f8b 548 push @res, grep defined, $self->_expand_expr($el) if %$el;
08264f40 549 } else {
da4a0964 550 die "notreached";
08264f40 551 }
552 }
2143604f 553 return { -op => [ $logic, @res ] };
08264f40 554 }
ca3da680 555 if (my $literal = is_literal_value($expr)) {
556 return +{ -literal => $literal };
557 }
99a65fa8 558 if (!ref($expr) or Scalar::Util::blessed($expr)) {
2558b622 559 if (my $d = $Default_Scalar_To) {
a332e2cb 560 return $self->_expand_expr({ $d => $expr });
2558b622 561 }
99a65fa8 562 if (my $m = our $Cur_Col_Meta) {
563 return +{ -bind => [ $m, $expr ] };
564 }
a332e2cb 565 return +{ -bind => [ undef, $expr ] };
252518da 566 }
252518da 567 die "notreached";
a2cd381d 568}
96449e8e 569
59588695 570sub _expand_expr_hashpair {
571 my ($self, $k, $v, $logic) = @_;
d13725da 572 unless (defined($k) and length($k)) {
2d64004f 573 if (defined($k) and my $literal = is_literal_value($v)) {
d13725da 574 belch 'Hash-pairs consisting of an empty string with a literal are deprecated, and will be removed in 2.0: use -and => [ $literal ] instead';
2d64004f 575 return { -literal => $literal };
d13725da 576 }
577 puke "Supplying an empty left hand side argument is not supported";
578 }
ef071fad 579 if ($k =~ /^-/) {
99a65fa8 580 $self->_assert_pass_injection_guard($k =~ /^-(.*)$/s);
581 if ($k =~ s/ [_\s]? \d+ $//x ) {
582 belch 'Use of [and|or|nest]_N modifiers is deprecated and will be removed in SQLA v2.0. '
583 . "You probably wanted ...-and => [ $k => COND1, $k => COND2 ... ]";
584 }
ef071fad 585 if ($k eq '-nest') {
0fc68377 586 # DBIx::Class requires a nest warning to be emitted once but the private
587 # method it overrode to do so no longer exists
cf06e9dc 588 if ($self->{is_dbic_sqlmaker}) {
589 unless (our $Nest_Warned) {
0fc68377 590 belch(
591 "-nest in search conditions is deprecated, you most probably wanted:\n"
592 .q|{..., -and => [ \%cond0, \@cond1, \'cond2', \[ 'cond3', [ col => bind ] ], etc. ], ... }|
593 );
594 $Nest_Warned = 1;
595 }
596 }
ef071fad 597 return $self->_expand_expr($v);
598 }
6ab1562a 599 if ($k eq '-bool') {
600 if (ref($v)) {
601 return $self->_expand_expr($v);
602 }
603 puke "-bool => undef not supported" unless defined($v);
604 return { -ident => $v };
605 }
99a65fa8 606 if ($k eq '-not') {
0c7e3af0 607 return { -op => [ 'not', $self->_expand_expr($v) ] };
99a65fa8 608 }
ce3bc4b0 609 if (my ($rest) = $k =~/^-not[_ ](.*)$/) {
0c7e3af0 610 return +{ -op => [
611 'not',
99a65fa8 612 $self->_expand_expr_hashpair("-${rest}", $v, $logic)
0c7e3af0 613 ] };
ce3bc4b0 614 }
99a65fa8 615 if (my ($logic) = $k =~ /^-(and|or)$/i) {
dd2d5bf7 616 if (ref($v) eq 'HASH') {
617 return $self->_expand_expr($v, $logic);
618 }
99a65fa8 619 if (ref($v) eq 'ARRAY') {
620 return $self->_expand_expr($v, $logic);
621 }
dd2d5bf7 622 }
99a65fa8 623 {
624 my $op = $k;
625 $op =~ s/^-// if length($op) > 1;
626
627 # top level special ops are illegal in general
3ae10d16 628 # note that, arguably, if it makes no sense at top level, it also
629 # makes no sense on the other side of an = sign or similar but DBIC
630 # gets disappointingly upset if I disallow it
631 if (
632 (our $Expand_Depth) == 1
633 and List::Util::first { $op =~ $_->{regex} } @{$self->{special_ops}}
634 ) {
635 puke "Illegal use of top-level '-$op'"
636 }
96a8d74a 637 if (my $us = List::Util::first { $op =~ $_->{regex} } @{$self->{unary_ops}}) {
638 return { -op => [ $op, $v ] };
639 }
99a65fa8 640 }
a332e2cb 641 if ($k eq '-value') {
642 return +{ -bind => [ our $Cur_Col_Meta, $v ] };
99a65fa8 643 }
ec19b759 644 if (my $custom = $self->{expand_unary}{$k}) {
645 return $self->$custom($v);
646 }
b07681b1 647 if ($self->{node_types}{$k}) {
99a65fa8 648 return { $k => $v };
d13725da 649 }
711892b1 650 if (
651 ref($v) eq 'HASH'
652 and keys %$v == 1
653 and (keys %$v)[0] =~ /^-/
654 ) {
655 my ($func) = $k =~ /^-(.*)$/;
3ae10d16 656 if (List::Util::first { $func =~ $_->{regex} } @{$self->{special_ops}}) {
657 return +{ -op => [ $func, $self->_expand_expr($v) ] };
658 }
711892b1 659 return +{ -func => [ $func, $self->_expand_expr($v) ] };
660 }
661 if (!ref($v) or is_literal_value($v)) {
99a65fa8 662 return +{ -op => [ $k =~ /^-(.*)$/, $self->_expand_expr($v) ] };
59588695 663 }
99a65fa8 664 }
665 if (
666 !defined($v)
667 or (
668 ref($v) eq 'HASH'
669 and exists $v->{-value}
670 and not defined $v->{-value}
671 )
672 ) {
673 return $self->_expand_expr_hashpair($k => { $self->{cmp} => undef });
674 }
675 if (!ref($v) or Scalar::Util::blessed($v)) {
ec19b759 676 my $d = our $Default_Scalar_To;
99a65fa8 677 return +{
678 -op => [
679 $self->{cmp},
680 { -ident => $k },
ec19b759 681 ($d ? { $d => $v } : { -bind => [ $k, $v ] })
99a65fa8 682 ]
683 };
684 }
685 if (ref($v) eq 'HASH') {
686 if (keys %$v > 1) {
e175845b 687 return { -op => [
688 'and',
99a65fa8 689 map $self->_expand_expr_hashpair($k => { $_ => $v->{$_} }),
690 sort keys %$v
691 ] };
692 }
b18a95e4 693 return undef unless keys %$v;
99a65fa8 694 my ($vk, $vv) = %$v;
695 $vk =~ s/^-//;
696 $vk = lc($vk);
697 $self->_assert_pass_injection_guard($vk);
698 if ($vk =~ s/ [_\s]? \d+ $//x ) {
699 belch 'Use of [and|or|nest]_N modifiers is deprecated and will be removed in SQLA v2.0. '
700 . "You probably wanted ...-and => [ -$vk => COND1, -$vk => COND2 ... ]";
701 }
702 if ($vk =~ /^(?:not[ _])?between$/) {
703 local our $Cur_Col_Meta = $k;
704 my @rhs = map $self->_expand_expr($_),
705 ref($vv) eq 'ARRAY' ? @$vv : $vv;
706 unless (
707 (@rhs == 1 and ref($rhs[0]) eq 'HASH' and $rhs[0]->{-literal})
708 or
709 (@rhs == 2 and defined($rhs[0]) and defined($rhs[1]))
710 ) {
711 puke "Operator '${\uc($vk)}' requires either an arrayref with two defined values or expressions, or a single literal scalarref/arrayref-ref";
b5b18861 712 }
99a65fa8 713 return +{ -op => [
714 join(' ', split '_', $vk),
715 { -ident => $k },
716 @rhs
717 ] }
718 }
719 if ($vk =~ /^(?:not[ _])?in$/) {
720 if (my $literal = is_literal_value($vv)) {
721 my ($sql, @bind) = @$literal;
722 my $opened_sql = $self->_open_outer_paren($sql);
10d07c4e 723 return +{ -op => [
99a65fa8 724 $vk, { -ident => $k },
725 [ { -literal => [ $opened_sql, @bind ] } ]
10d07c4e 726 ] };
727 }
99a65fa8 728 my $undef_err =
729 'SQL::Abstract before v1.75 used to generate incorrect SQL when the '
730 . "-${\uc($vk)} operator was given an undef-containing list: !!!AUDIT YOUR CODE "
731 . 'AND DATA!!! (the upcoming Data::Query-based version of SQL::Abstract '
732 . 'will emit the logically correct SQL instead of raising this exception)'
733 ;
734 puke("Argument passed to the '${\uc($vk)}' operator can not be undefined")
735 if !defined($vv);
736 my @rhs = map $self->_expand_expr($_),
737 map { ref($_) ? $_ : { -bind => [ $k, $_ ] } }
738 map { defined($_) ? $_: puke($undef_err) }
739 (ref($vv) eq 'ARRAY' ? @$vv : $vv);
e175845b 740 return $self->${\($vk =~ /^not/ ? 'sqltrue' : 'sqlfalse')} unless @rhs;
99a65fa8 741
742 return +{ -op => [
743 join(' ', split '_', $vk),
744 { -ident => $k },
745 \@rhs
746 ] };
747 }
748 if ($vk eq 'ident') {
02b8fe35 749 if (! defined $vv or (ref($vv) and ref($vv) eq 'ARRAY')) {
750 puke "-$vk requires a single plain scalar argument (a quotable identifier) or an arrayref of identifier parts";
f7778474 751 }
99a65fa8 752 return +{ -op => [
753 $self->{cmp},
754 { -ident => $k },
755 { -ident => $vv }
756 ] };
757 }
758 if ($vk eq 'value') {
759 return $self->_expand_expr_hashpair($k, undef) unless defined($vv);
760 return +{ -op => [
761 $self->{cmp},
762 { -ident => $k },
763 { -bind => [ $k, $vv ] }
764 ] };
765 }
766 if ($vk =~ /^is(?:[ _]not)?$/) {
767 puke "$vk can only take undef as argument"
768 if defined($vv)
769 and not (
770 ref($vv) eq 'HASH'
771 and exists($vv->{-value})
772 and !defined($vv->{-value})
773 );
774 $vk =~ s/_/ /g;
775 return +{ -op => [ $vk.' null', { -ident => $k } ] };
776 }
777 if ($vk =~ /^(and|or)$/) {
778 if (ref($vv) eq 'HASH') {
e62fe58a 779 return +{ -op => [
780 $vk,
99a65fa8 781 map $self->_expand_expr_hashpair($k, { $_ => $vv->{$_} }),
782 sort keys %$vv
7d7868d1 783 ] };
784 }
e28d9b13 785 }
30af97c5 786 if (my $us = List::Util::first { $vk =~ $_->{regex} } @{$self->{special_ops}}) {
99a65fa8 787 return { -op => [ $vk, { -ident => $k }, $vv ] };
7dbe1183 788 }
96a8d74a 789 if (my $us = List::Util::first { $vk =~ $_->{regex} } @{$self->{unary_ops}}) {
790 return { -op => [
791 $self->{cmp},
792 { -ident => $k },
793 { -op => [ $vk, $vv ] }
794 ] };
795 }
99a65fa8 796 if (ref($vv) eq 'ARRAY') {
797 my ($logic, @values) = (
798 (defined($vv->[0]) and $vv->[0] =~ /^-(and|or)$/i)
799 ? @$vv
800 : (-or => @$vv)
801 );
802 if (
803 $vk =~ $self->{inequality_op}
804 or join(' ', split '_', $vk) =~ $self->{not_like_op}
805 ) {
806 if (lc($logic) eq '-or' and @values > 1) {
807 my $op = uc join ' ', split '_', $vk;
808 belch "A multi-element arrayref as an argument to the inequality op '$op' "
809 . 'is technically equivalent to an always-true 1=1 (you probably wanted '
810 . "to say ...{ \$inequality_op => [ -and => \@values ] }... instead)"
811 ;
812 }
ef071fad 813 }
b3cb13e8 814 unless (@values) {
815 # try to DWIM on equality operators
816 my $op = join ' ', split '_', $vk;
817 return
e175845b 818 $op =~ $self->{equality_op} ? $self->sqlfalse
819 : $op =~ $self->{like_op} ? belch("Supplying an empty arrayref to '@{[ uc $op]}' is deprecated") && $self->sqlfalse
820 : $op =~ $self->{inequality_op} ? $self->sqltrue
821 : $op =~ $self->{not_like_op} ? belch("Supplying an empty arrayref to '@{[ uc $op]}' is deprecated") && $self->sqltrue
b3cb13e8 822 : puke "operator '$op' applied on an empty array (field '$k')";
823 }
63c97a0b 824 return +{ -op => [
825 $logic =~ /^-(.*)$/,
99a65fa8 826 map $self->_expand_expr_hashpair($k => { $vk => $_ }),
827 @values
828 ] };
829 }
830 if (
831 !defined($vv)
832 or (
833 ref($vv) eq 'HASH'
834 and exists $vv->{-value}
835 and not defined $vv->{-value}
836 )
837 ) {
838 my $op = join ' ', split '_', $vk;
839 my $is =
840 $op =~ /^not$/i ? 'is not' # legacy
841 : $op =~ $self->{equality_op} ? 'is'
842 : $op =~ $self->{like_op} ? belch("Supplying an undefined argument to '@{[ uc $op]}' is deprecated") && 'is'
843 : $op =~ $self->{inequality_op} ? 'is not'
844 : $op =~ $self->{not_like_op} ? belch("Supplying an undefined argument to '@{[ uc $op]}' is deprecated") && 'is not'
845 : puke "unexpected operator '$op' with undef operand";
846 return +{ -op => [ $is.' null', { -ident => $k } ] };
847 }
848 local our $Cur_Col_Meta = $k;
849 return +{ -op => [
850 $vk,
851 { -ident => $k },
852 $self->_expand_expr($vv)
853 ] };
854 }
855 if (ref($v) eq 'ARRAY') {
e175845b 856 return $self->sqlfalse unless @$v;
99a65fa8 857 $self->_debug("ARRAY($k) means distribute over elements");
858 my $this_logic = (
859 $v->[0] =~ /^-((?:and|or))$/i
860 ? ($v = [ @{$v}[1..$#$v] ], $1)
861 : ($self->{logic} || 'or')
862 );
cba28f66 863 return +{ -op => [
864 $this_logic,
865 map $self->_expand_expr({ $k => $_ }, $this_logic), @$v
866 ] };
99a65fa8 867 }
868 if (my $literal = is_literal_value($v)) {
869 unless (length $k) {
870 belch 'Hash-pairs consisting of an empty string with a literal are deprecated, and will be removed in 2.0: use -and => [ $literal ] instead';
871 return \$literal;
872 }
873 my ($sql, @bind) = @$literal;
874 if ($self->{bindtype} eq 'columns') {
875 for (@bind) {
6fb2bd90 876 $self->_assert_bindval_matches_bindtype($_);
aa8d7bdb 877 }
331e2209 878 }
99a65fa8 879 return +{ -literal => [ $self->_quote($k).' '.$sql, @bind ] };
331e2209 880 }
99a65fa8 881 die "notreached";
59588695 882}
883
e175845b 884sub _render_expr {
885 my ($self, $expr) = @_;
886 my ($k, $v, @rest) = %$expr;
887 die "No" if @rest;
b07681b1 888 if (my $meth = $self->{node_types}{$k}) {
181dcebf 889 return $self->$meth($v);
e175845b 890 }
891 die "notreached: $k";
892}
893
96449e8e 894sub _recurse_where {
895 my ($self, $where, $logic) = @_;
896
5492d4c2 897 # Special case: top level simple string treated as literal
898
899 my $where_exp = (ref($where)
900 ? $self->_expand_expr($where, $logic)
901 : { -literal => [ $where ] });
e175845b 902
e3e27543 903 # dispatch expanded expression
311b2151 904
e175845b 905 my ($sql, @bind) = defined($where_exp) ? $self->_render_expr($where_exp) : (undef);
abe1a491 906 # DBIx::Class used to call _recurse_where in scalar context
907 # something else might too...
908 if (wantarray) {
909 return ($sql, @bind);
910 }
911 else {
912 belch "Calling _recurse_where in scalar context is deprecated and will go away before 2.0";
913 return $sql;
914 }
96449e8e 915}
916
181dcebf 917sub _render_ident {
918 my ($self, $ident) = @_;
cc422895 919
9cf28dfb 920 return $self->_convert($self->_quote($ident));
cc422895 921}
922
c452734e 923my %unop_postfix = map +($_ => 1),
924 'is null', 'is not null',
925 'asc', 'desc',
926;
d13725da 927
b5b18861 928my %special = (
929 (map +($_ => do {
930 my $op = $_;
931 sub {
932 my ($self, $args) = @_;
933 my ($left, $low, $high) = @$args;
934 my ($rhsql, @rhbind) = do {
935 if (@$args == 2) {
936 puke "Single arg to between must be a literal"
937 unless $low->{-literal};
938 @{$low->{-literal}}
939 } else {
e56dd780 940 my ($l, $h) = map [ $self->_render_expr($_) ], $low, $high;
b5b18861 941 (join(' ', $l->[0], $self->_sqlcase('and'), $h->[0]),
942 @{$l}[1..$#$l], @{$h}[1..$#$h])
943 }
944 };
e56dd780 945 my ($lhsql, @lhbind) = $self->_render_expr($left);
b5b18861 946 return (
947 join(' ', '(', $lhsql, $self->_sqlcase($op), $rhsql, ')'),
948 @lhbind, @rhbind
949 );
950 }
951 }), 'between', 'not between'),
10d07c4e 952 (map +($_ => do {
953 my $op = $_;
954 sub {
955 my ($self, $args) = @_;
956 my ($lhs, $rhs) = @$args;
957 my @in_bind;
958 my @in_sql = map {
0ce981f8 959 my ($sql, @bind) = $self->_render_expr($_);
10d07c4e 960 push @in_bind, @bind;
961 $sql;
962 } @$rhs;
0ce981f8 963 my ($lhsql, @lbind) = $self->_render_expr($lhs);
10d07c4e 964 return (
965 $lhsql.' '.$self->_sqlcase($op).' ( '
966 .join(', ', @in_sql)
967 .' )',
968 @lbind, @in_bind
969 );
970 }
971 }), 'in', 'not in'),
b5b18861 972);
973
181dcebf 974sub _render_op {
975 my ($self, $v) = @_;
d13725da 976 my ($op, @args) = @$v;
977 $op =~ s/^-// if length($op) > 1;
cba28f66 978 $op = lc($op);
b5b18861 979 if (my $h = $special{$op}) {
980 return $self->$h(\@args);
981 }
3ae10d16 982 my $us = List::Util::first { $op =~ $_->{regex} } @{$self->{special_ops}};
983 if ($us and @args > 1) {
99a65fa8 984 puke "Special op '${op}' requires first value to be identifier"
985 unless my ($k) = map $_->{-ident}, grep ref($_) eq 'HASH', $args[0];
dd1d0dbf 986 local our $Expand_Depth = 1;
99a65fa8 987 return $self->${\($us->{handler})}($k, $op, $args[1]);
988 }
96a8d74a 989 if (my $us = List::Util::first { $op =~ $_->{regex} } @{$self->{unary_ops}}) {
990 return $self->${\($us->{handler})}($op, $args[0]);
991 }
99a65fa8 992 my $final_op = $op =~ /^(?:is|not)_/ ? join(' ', split '_', $op) : $op;
2143604f 993 if (@args == 1 and $op !~ /^(and|or)$/) {
ec857800 994 my ($expr_sql, @bind) = $self->_render_expr($args[0]);
d13725da 995 my $op_sql = $self->_sqlcase($final_op);
996 my $final_sql = (
997 $unop_postfix{lc($final_op)}
998 ? "${expr_sql} ${op_sql}"
999 : "${op_sql} ${expr_sql}"
1000 );
3ae10d16 1001 return (($op eq 'not' || $us ? '('.$final_sql.')' : $final_sql), @bind);
16d9289c 1002 } else {
1c0c0f41 1003 my @parts = grep length($_->[0]), map [ $self->_render_expr($_) ], @args;
1004 return '' unless @parts;
230812fc 1005 my $is_andor = !!($op =~ /^(and|or)$/);
1006 return @{$parts[0]} if $is_andor and @parts == 1;
1007 my ($final_sql) = map +($is_andor ? "( ${_} )" : $_), join(
352d74bc 1008 ' '.$self->_sqlcase($final_op).' ',
77617257 1009 map $_->[0], @parts
1010 );
99a65fa8 1011 return (
77617257 1012 $final_sql,
16d9289c 1013 map @{$_}[1..$#$_], @parts
99a65fa8 1014 );
d13725da 1015 }
1016 die "unhandled";
1017}
1018
352d74bc 1019sub _render_list {
1020 my ($self, $list) = @_;
1021 my @parts = grep length($_->[0]), map [ $self->_render_expr($_) ], @$list;
1022 return join(', ', map $_->[0], @parts), map @{$_}[1..$#$_], @parts;
1023}
1024
181dcebf 1025sub _render_func {
1026 my ($self, $rest) = @_;
711892b1 1027 my ($func, @args) = @$rest;
1028 my @arg_sql;
1029 my @bind = map {
1030 my @x = @$_;
1031 push @arg_sql, shift @x;
1032 @x
0f199fce 1033 } map [ $self->_render_expr($_) ], @args;
711892b1 1034 return ($self->_sqlcase($func).'('.join(', ', @arg_sql).')', @bind);
1035}
1036
181dcebf 1037sub _render_bind {
1038 my ($self, $bind) = @_;
d13725da 1039 return ($self->_convert('?'), $self->_bindtype(@$bind));
1040}
1041
181dcebf 1042sub _render_literal {
1043 my ($self, $literal) = @_;
465d43fd 1044 $self->_assert_bindval_matches_bindtype(@{$literal}[1..$#$literal]);
aa8d7bdb 1045 return @$literal;
1046}
1047
4a1f01a3 1048# Some databases (SQLite) treat col IN (1, 2) different from
1049# col IN ( (1, 2) ). Use this to strip all outer parens while
1050# adding them back in the corresponding method
1051sub _open_outer_paren {
1052 my ($self, $sql) = @_;
a5f91feb 1053
ca4f826a 1054 while (my ($inner) = $sql =~ /^ \s* \( (.*) \) \s* $/xs) {
a5f91feb 1055
1056 # there are closing parens inside, need the heavy duty machinery
1057 # to reevaluate the extraction starting from $sql (full reevaluation)
ca4f826a 1058 if ($inner =~ /\)/) {
a5f91feb 1059 require Text::Balanced;
1060
1061 my (undef, $remainder) = do {
1062 # idiotic design - writes to $@ but *DOES NOT* throw exceptions
1063 local $@;
ca4f826a 1064 Text::Balanced::extract_bracketed($sql, '()', qr/\s*/);
a5f91feb 1065 };
1066
1067 # the entire expression needs to be a balanced bracketed thing
1068 # (after an extract no remainder sans trailing space)
1069 last if defined $remainder and $remainder =~ /\S/;
1070 }
1071
1072 $sql = $inner;
1073 }
1074
1075 $sql;
4a1f01a3 1076}
1077
96449e8e 1078
96449e8e 1079#======================================================================
1080# ORDER BY
1081#======================================================================
1082
33177570 1083sub _expand_order_by {
96449e8e 1084 my ($self, $arg) = @_;
1085
33177570 1086 return unless defined($arg) and not (ref($arg) eq 'ARRAY' and !@$arg);
2b6158af 1087
4325df6a 1088 my $expander = sub {
1089 my ($self, $dir, $expr) = @_;
52ca537e 1090 my @to_expand = ref($expr) eq 'ARRAY' ? @$expr : $expr;
1091 foreach my $arg (@to_expand) {
1092 if (
1093 ref($arg) eq 'HASH'
1094 and keys %$arg > 1
1095 and grep /^-(asc|desc)$/, keys %$arg
1096 ) {
1097 puke "ordering direction hash passed to order by must have exactly one key (-asc or -desc)";
1098 }
1099 }
4325df6a 1100 my @exp = map +(defined($dir) ? { -op => [ $dir => $_ ] } : $_),
74156ee9 1101 map $self->_expand_expr($_, undef, -ident),
1102 map ref($_) eq 'ARRAY' ? @$_ : $_, @to_expand;
352d74bc 1103 return (@exp > 1 ? { -list => \@exp } : $exp[0]);
4325df6a 1104 };
18c743c8 1105
ec19b759 1106 local @{$self->{expand_unary}}{qw(-asc -desc)} = (
1107 sub { shift->$expander(asc => @_) },
1108 sub { shift->$expander(desc => @_) },
1109 );
f267b646 1110
33177570 1111 return $self->$expander(undef, $arg);
1112}
1113
1114sub _order_by {
1115 my ($self, $arg) = @_;
1116
1117 return '' unless defined(my $expanded = $self->_expand_order_by($arg));
4325df6a 1118
1119 my ($sql, @bind) = $self->_render_expr($expanded);
1120
13cd9220 1121 return '' unless length($sql);
1122
4325df6a 1123 my $final_sql = $self->_sqlcase(' order by ').$sql;
1124
1125 return wantarray ? ($final_sql, @bind) : $final_sql;
f267b646 1126}
1127
2e3cc357 1128# _order_by no longer needs to call this so doesn't but DBIC uses it.
1129
33177570 1130sub _order_by_chunks {
1131 my ($self, $arg) = @_;
1132
1133 return () unless defined(my $expanded = $self->_expand_order_by($arg));
1134
2e3cc357 1135 return $self->_chunkify_order_by($expanded);
1136}
1137
1138sub _chunkify_order_by {
1139 my ($self, $expanded) = @_;
1b630cfe 1140
dd1d0dbf 1141 return grep length, $self->_render_expr($expanded)
1b630cfe 1142 if $expanded->{-ident} or @{$expanded->{-literal}||[]} == 1;
1143
33177570 1144 for ($expanded) {
352d74bc 1145 if (ref() eq 'HASH' and my $l = $_->{-list}) {
1146 return map $self->_chunkify_order_by($_), @$l;
33177570 1147 }
1148 return [ $self->_render_expr($_) ];
1149 }
1150}
1151
96449e8e 1152#======================================================================
1153# DATASOURCE (FOR NOW, JUST PLAIN TABLE OR LIST OF TABLES)
1154#======================================================================
1155
1156sub _table {
1157 my $self = shift;
1158 my $from = shift;
7ad12721 1159 ($self->_render_expr(
8476c6a3 1160 $self->_expand_maybe_list_expr($from, undef, -ident)
7ad12721 1161 ))[0];
96449e8e 1162}
1163
1164
1165#======================================================================
1166# UTILITY FUNCTIONS
1167#======================================================================
1168
8476c6a3 1169sub _expand_maybe_list_expr {
1170 my ($self, $expr, $logic, $default) = @_;
bba04f52 1171 my $e = do {
1172 if (ref($expr) eq 'ARRAY') {
352d74bc 1173 return { -list => [
1174 map $self->_expand_expr($_, $logic, $default), @$expr
bba04f52 1175 ] } if @$expr > 1;
1176 $expr->[0]
1177 } else {
1178 $expr
1179 }
1180 };
1181 return $self->_expand_expr($e, $logic, $default);
8476c6a3 1182}
1183
955e77ca 1184# highly optimized, as it's called way too often
96449e8e 1185sub _quote {
955e77ca 1186 # my ($self, $label) = @_;
96449e8e 1187
955e77ca 1188 return '' unless defined $_[1];
955e77ca 1189 return ${$_[1]} if ref($_[1]) eq 'SCALAR';
d3162b5c 1190 puke 'Identifier cannot be hashref' if ref($_[1]) eq 'HASH';
96449e8e 1191
d3162b5c 1192 unless ($_[0]->{quote_char}) {
1193 if (ref($_[1]) eq 'ARRAY') {
1194 return join($_[0]->{name_sep}||'.', @{$_[1]});
1195 } else {
1196 $_[0]->_assert_pass_injection_guard($_[1]);
1197 return $_[1];
1198 }
1199 }
96449e8e 1200
07d7c35c 1201 my $qref = ref $_[0]->{quote_char};
439834d3 1202 my ($l, $r) =
1203 !$qref ? ($_[0]->{quote_char}, $_[0]->{quote_char})
1204 : ($qref eq 'ARRAY') ? @{$_[0]->{quote_char}}
1205 : puke "Unsupported quote_char format: $_[0]->{quote_char}";
1206
46be4313 1207 my $esc = $_[0]->{escape_char} || $r;
96449e8e 1208
07d7c35c 1209 # parts containing * are naturally unquoted
d3162b5c 1210 return join(
1211 $_[0]->{name_sep}||'',
1212 map +(
1213 $_ eq '*'
1214 ? $_
1215 : do { (my $n = $_) =~ s/(\Q$esc\E|\Q$r\E)/$esc$1/g; $l . $n . $r }
1216 ),
1217 (ref($_[1]) eq 'ARRAY'
1218 ? @{$_[1]}
1219 : (
1220 $_[0]->{name_sep}
1221 ? split (/\Q$_[0]->{name_sep}\E/, $_[1] )
1222 : $_[1]
1223 )
1224 )
955e77ca 1225 );
96449e8e 1226}
1227
1228
1229# Conversion, if applicable
d7c862e0 1230sub _convert {
07d7c35c 1231 #my ($self, $arg) = @_;
7ad12721 1232 if ($_[0]->{convert_where}) {
1233 return $_[0]->_sqlcase($_[0]->{convert_where}) .'(' . $_[1] . ')';
96449e8e 1234 }
07d7c35c 1235 return $_[1];
96449e8e 1236}
1237
1238# And bindtype
d7c862e0 1239sub _bindtype {
07d7c35c 1240 #my ($self, $col, @vals) = @_;
07d7c35c 1241 # called often - tighten code
1242 return $_[0]->{bindtype} eq 'columns'
1243 ? map {[$_[1], $_]} @_[2 .. $#_]
1244 : @_[2 .. $#_]
1245 ;
96449e8e 1246}
1247
fe3ae272 1248# Dies if any element of @bind is not in [colname => value] format
1249# if bindtype is 'columns'.
1250sub _assert_bindval_matches_bindtype {
c94a6c93 1251# my ($self, @bind) = @_;
1252 my $self = shift;
fe3ae272 1253 if ($self->{bindtype} eq 'columns') {
c94a6c93 1254 for (@_) {
1255 if (!defined $_ || ref($_) ne 'ARRAY' || @$_ != 2) {
3a06278c 1256 puke "bindtype 'columns' selected, you need to pass: [column_name => bind_value]"
fe3ae272 1257 }
1258 }
1259 }
1260}
1261
96449e8e 1262sub _join_sql_clauses {
1263 my ($self, $logic, $clauses_aref, $bind_aref) = @_;
1264
1265 if (@$clauses_aref > 1) {
1266 my $join = " " . $self->_sqlcase($logic) . " ";
1267 my $sql = '( ' . join($join, @$clauses_aref) . ' )';
1268 return ($sql, @$bind_aref);
1269 }
1270 elsif (@$clauses_aref) {
1271 return ($clauses_aref->[0], @$bind_aref); # no parentheses
1272 }
1273 else {
1274 return (); # if no SQL, ignore @$bind_aref
1275 }
1276}
1277
1278
1279# Fix SQL case, if so requested
1280sub _sqlcase {
96449e8e 1281 # LDNOTE: if $self->{case} is true, then it contains 'lower', so we
1282 # don't touch the argument ... crooked logic, but let's not change it!
07d7c35c 1283 return $_[0]->{case} ? $_[1] : uc($_[1]);
96449e8e 1284}
1285
1286
1287#======================================================================
1288# DISPATCHING FROM REFKIND
1289#======================================================================
1290
1291sub _refkind {
1292 my ($self, $data) = @_;
96449e8e 1293
955e77ca 1294 return 'UNDEF' unless defined $data;
1295
1296 # blessed objects are treated like scalars
1297 my $ref = (Scalar::Util::blessed $data) ? '' : ref $data;
1298
1299 return 'SCALAR' unless $ref;
1300
1301 my $n_steps = 1;
1302 while ($ref eq 'REF') {
96449e8e 1303 $data = $$data;
955e77ca 1304 $ref = (Scalar::Util::blessed $data) ? '' : ref $data;
1305 $n_steps++ if $ref;
96449e8e 1306 }
1307
848556bc 1308 return ($ref||'SCALAR') . ('REF' x $n_steps);
96449e8e 1309}
1310
1311sub _try_refkind {
1312 my ($self, $data) = @_;
1313 my @try = ($self->_refkind($data));
1314 push @try, 'SCALAR_or_UNDEF' if $try[0] eq 'SCALAR' || $try[0] eq 'UNDEF';
1315 push @try, 'FALLBACK';
955e77ca 1316 return \@try;
96449e8e 1317}
1318
1319sub _METHOD_FOR_refkind {
1320 my ($self, $meth_prefix, $data) = @_;
f39eaa60 1321
1322 my $method;
955e77ca 1323 for (@{$self->_try_refkind($data)}) {
f39eaa60 1324 $method = $self->can($meth_prefix."_".$_)
1325 and last;
1326 }
1327
1328 return $method || puke "cannot dispatch on '$meth_prefix' for ".$self->_refkind($data);
96449e8e 1329}
1330
1331
1332sub _SWITCH_refkind {
1333 my ($self, $data, $dispatch_table) = @_;
1334
f39eaa60 1335 my $coderef;
955e77ca 1336 for (@{$self->_try_refkind($data)}) {
f39eaa60 1337 $coderef = $dispatch_table->{$_}
1338 and last;
1339 }
1340
1341 puke "no dispatch entry for ".$self->_refkind($data)
1342 unless $coderef;
1343
96449e8e 1344 $coderef->();
1345}
1346
1347
1348
1349
1350#======================================================================
1351# VALUES, GENERATE, AUTOLOAD
1352#======================================================================
1353
1354# LDNOTE: original code from nwiger, didn't touch code in that section
1355# I feel the AUTOLOAD stuff should not be the default, it should
1356# only be activated on explicit demand by user.
1357
1358sub values {
1359 my $self = shift;
1360 my $data = shift || return;
1361 puke "Argument to ", __PACKAGE__, "->values must be a \\%hash"
1362 unless ref $data eq 'HASH';
bab725ce 1363
1364 my @all_bind;
ca4f826a 1365 foreach my $k (sort keys %$data) {
bab725ce 1366 my $v = $data->{$k};
1367 $self->_SWITCH_refkind($v, {
9d48860e 1368 ARRAYREF => sub {
bab725ce 1369 if ($self->{array_datatypes}) { # array datatype
1370 push @all_bind, $self->_bindtype($k, $v);
1371 }
1372 else { # literal SQL with bind
1373 my ($sql, @bind) = @$v;
1374 $self->_assert_bindval_matches_bindtype(@bind);
1375 push @all_bind, @bind;
1376 }
1377 },
1378 ARRAYREFREF => sub { # literal SQL with bind
1379 my ($sql, @bind) = @${$v};
1380 $self->_assert_bindval_matches_bindtype(@bind);
1381 push @all_bind, @bind;
1382 },
1383 SCALARREF => sub { # literal SQL without bind
1384 },
1385 SCALAR_or_UNDEF => sub {
1386 push @all_bind, $self->_bindtype($k, $v);
1387 },
1388 });
1389 }
1390
1391 return @all_bind;
96449e8e 1392}
1393
1394sub generate {
1395 my $self = shift;
1396
1397 my(@sql, @sqlq, @sqlv);
1398
1399 for (@_) {
1400 my $ref = ref $_;
1401 if ($ref eq 'HASH') {
1402 for my $k (sort keys %$_) {
1403 my $v = $_->{$k};
1404 my $r = ref $v;
1405 my $label = $self->_quote($k);
1406 if ($r eq 'ARRAY') {
fe3ae272 1407 # literal SQL with bind
1408 my ($sql, @bind) = @$v;
1409 $self->_assert_bindval_matches_bindtype(@bind);
96449e8e 1410 push @sqlq, "$label = $sql";
fe3ae272 1411 push @sqlv, @bind;
96449e8e 1412 } elsif ($r eq 'SCALAR') {
fe3ae272 1413 # literal SQL without bind
96449e8e 1414 push @sqlq, "$label = $$v";
9d48860e 1415 } else {
96449e8e 1416 push @sqlq, "$label = ?";
1417 push @sqlv, $self->_bindtype($k, $v);
1418 }
1419 }
1420 push @sql, $self->_sqlcase('set'), join ', ', @sqlq;
1421 } elsif ($ref eq 'ARRAY') {
1422 # unlike insert(), assume these are ONLY the column names, i.e. for SQL
1423 for my $v (@$_) {
1424 my $r = ref $v;
fe3ae272 1425 if ($r eq 'ARRAY') { # literal SQL with bind
1426 my ($sql, @bind) = @$v;
1427 $self->_assert_bindval_matches_bindtype(@bind);
1428 push @sqlq, $sql;
1429 push @sqlv, @bind;
1430 } elsif ($r eq 'SCALAR') { # literal SQL without bind
96449e8e 1431 # embedded literal SQL
1432 push @sqlq, $$v;
9d48860e 1433 } else {
96449e8e 1434 push @sqlq, '?';
1435 push @sqlv, $v;
1436 }
1437 }
1438 push @sql, '(' . join(', ', @sqlq) . ')';
1439 } elsif ($ref eq 'SCALAR') {
1440 # literal SQL
1441 push @sql, $$_;
1442 } else {
1443 # strings get case twiddled
1444 push @sql, $self->_sqlcase($_);
1445 }
1446 }
1447
1448 my $sql = join ' ', @sql;
1449
1450 # this is pretty tricky
1451 # if ask for an array, return ($stmt, @bind)
1452 # otherwise, s/?/shift @sqlv/ to put it inline
1453 if (wantarray) {
1454 return ($sql, @sqlv);
1455 } else {
1456 1 while $sql =~ s/\?/my $d = shift(@sqlv);
1457 ref $d ? $d->[1] : $d/e;
1458 return $sql;
1459 }
1460}
1461
1462
1463sub DESTROY { 1 }
1464
1465sub AUTOLOAD {
1466 # This allows us to check for a local, then _form, attr
1467 my $self = shift;
1468 my($name) = $AUTOLOAD =~ /.*::(.+)/;
1469 return $self->generate($name, @_);
1470}
1471
14721;
1473
1474
1475
1476__END__
32eab2da 1477
1478=head1 NAME
1479
1480SQL::Abstract - Generate SQL from Perl data structures
1481
1482=head1 SYNOPSIS
1483
1484 use SQL::Abstract;
1485
1486 my $sql = SQL::Abstract->new;
1487
85783f3c 1488 my($stmt, @bind) = $sql->select($source, \@fields, \%where, $order);
32eab2da 1489
1490 my($stmt, @bind) = $sql->insert($table, \%fieldvals || \@values);
1491
1492 my($stmt, @bind) = $sql->update($table, \%fieldvals, \%where);
1493
1494 my($stmt, @bind) = $sql->delete($table, \%where);
1495
1496 # Then, use these in your DBI statements
1497 my $sth = $dbh->prepare($stmt);
1498 $sth->execute(@bind);
1499
1500 # Just generate the WHERE clause
85783f3c 1501 my($stmt, @bind) = $sql->where(\%where, $order);
32eab2da 1502
1503 # Return values in the same order, for hashed queries
1504 # See PERFORMANCE section for more details
1505 my @bind = $sql->values(\%fieldvals);
1506
1507=head1 DESCRIPTION
1508
1509This module was inspired by the excellent L<DBIx::Abstract>.
1510However, in using that module I found that what I really wanted
1511to do was generate SQL, but still retain complete control over my
1512statement handles and use the DBI interface. So, I set out to
1513create an abstract SQL generation module.
1514
1515While based on the concepts used by L<DBIx::Abstract>, there are
1516several important differences, especially when it comes to WHERE
1517clauses. I have modified the concepts used to make the SQL easier
1518to generate from Perl data structures and, IMO, more intuitive.
1519The underlying idea is for this module to do what you mean, based
1520on the data structures you provide it. The big advantage is that
1521you don't have to modify your code every time your data changes,
1522as this module figures it out.
1523
1524To begin with, an SQL INSERT is as easy as just specifying a hash
1525of C<key=value> pairs:
1526
1527 my %data = (
1528 name => 'Jimbo Bobson',
1529 phone => '123-456-7890',
1530 address => '42 Sister Lane',
1531 city => 'St. Louis',
1532 state => 'Louisiana',
1533 );
1534
1535The SQL can then be generated with this:
1536
1537 my($stmt, @bind) = $sql->insert('people', \%data);
1538
1539Which would give you something like this:
1540
1541 $stmt = "INSERT INTO people
1542 (address, city, name, phone, state)
1543 VALUES (?, ?, ?, ?, ?)";
1544 @bind = ('42 Sister Lane', 'St. Louis', 'Jimbo Bobson',
1545 '123-456-7890', 'Louisiana');
1546
1547These are then used directly in your DBI code:
1548
1549 my $sth = $dbh->prepare($stmt);
1550 $sth->execute(@bind);
1551
96449e8e 1552=head2 Inserting and Updating Arrays
1553
1554If your database has array types (like for example Postgres),
1555activate the special option C<< array_datatypes => 1 >>
9d48860e 1556when creating the C<SQL::Abstract> object.
96449e8e 1557Then you may use an arrayref to insert and update database array types:
1558
1559 my $sql = SQL::Abstract->new(array_datatypes => 1);
1560 my %data = (
1561 planets => [qw/Mercury Venus Earth Mars/]
1562 );
9d48860e 1563
96449e8e 1564 my($stmt, @bind) = $sql->insert('solar_system', \%data);
1565
1566This results in:
1567
1568 $stmt = "INSERT INTO solar_system (planets) VALUES (?)"
1569
1570 @bind = (['Mercury', 'Venus', 'Earth', 'Mars']);
1571
1572
1573=head2 Inserting and Updating SQL
1574
1575In order to apply SQL functions to elements of your C<%data> you may
1576specify a reference to an arrayref for the given hash value. For example,
1577if you need to execute the Oracle C<to_date> function on a value, you can
1578say something like this:
32eab2da 1579
1580 my %data = (
1581 name => 'Bill',
3ae1c5e2 1582 date_entered => \[ "to_date(?,'MM/DD/YYYY')", "03/02/2003" ],
9d48860e 1583 );
32eab2da 1584
1585The first value in the array is the actual SQL. Any other values are
1586optional and would be included in the bind values array. This gives
1587you:
1588
1589 my($stmt, @bind) = $sql->insert('people', \%data);
1590
9d48860e 1591 $stmt = "INSERT INTO people (name, date_entered)
32eab2da 1592 VALUES (?, to_date(?,'MM/DD/YYYY'))";
1593 @bind = ('Bill', '03/02/2003');
1594
1595An UPDATE is just as easy, all you change is the name of the function:
1596
1597 my($stmt, @bind) = $sql->update('people', \%data);
1598
1599Notice that your C<%data> isn't touched; the module will generate
1600the appropriately quirky SQL for you automatically. Usually you'll
1601want to specify a WHERE clause for your UPDATE, though, which is
1602where handling C<%where> hashes comes in handy...
1603
96449e8e 1604=head2 Complex where statements
1605
32eab2da 1606This module can generate pretty complicated WHERE statements
1607easily. For example, simple C<key=value> pairs are taken to mean
1608equality, and if you want to see if a field is within a set
1609of values, you can use an arrayref. Let's say we wanted to
1610SELECT some data based on this criteria:
1611
1612 my %where = (
1613 requestor => 'inna',
1614 worker => ['nwiger', 'rcwe', 'sfz'],
1615 status => { '!=', 'completed' }
1616 );
1617
1618 my($stmt, @bind) = $sql->select('tickets', '*', \%where);
1619
1620The above would give you something like this:
1621
1622 $stmt = "SELECT * FROM tickets WHERE
1623 ( requestor = ? ) AND ( status != ? )
1624 AND ( worker = ? OR worker = ? OR worker = ? )";
1625 @bind = ('inna', 'completed', 'nwiger', 'rcwe', 'sfz');
1626
1627Which you could then use in DBI code like so:
1628
1629 my $sth = $dbh->prepare($stmt);
1630 $sth->execute(@bind);
1631
1632Easy, eh?
1633
0da0fe34 1634=head1 METHODS
32eab2da 1635
13cc86af 1636The methods are simple. There's one for every major SQL operation,
32eab2da 1637and a constructor you use first. The arguments are specified in a
13cc86af 1638similar order for each method (table, then fields, then a where
32eab2da 1639clause) to try and simplify things.
1640
32eab2da 1641=head2 new(option => 'value')
1642
1643The C<new()> function takes a list of options and values, and returns
1644a new B<SQL::Abstract> object which can then be used to generate SQL
1645through the methods below. The options accepted are:
1646
1647=over
1648
1649=item case
1650
1651If set to 'lower', then SQL will be generated in all lowercase. By
1652default SQL is generated in "textbook" case meaning something like:
1653
1654 SELECT a_field FROM a_table WHERE some_field LIKE '%someval%'
1655
96449e8e 1656Any setting other than 'lower' is ignored.
1657
32eab2da 1658=item cmp
1659
1660This determines what the default comparison operator is. By default
1661it is C<=>, meaning that a hash like this:
1662
1663 %where = (name => 'nwiger', email => 'nate@wiger.org');
1664
1665Will generate SQL like this:
1666
1667 WHERE name = 'nwiger' AND email = 'nate@wiger.org'
1668
1669However, you may want loose comparisons by default, so if you set
1670C<cmp> to C<like> you would get SQL such as:
1671
1672 WHERE name like 'nwiger' AND email like 'nate@wiger.org'
1673
3af02ccb 1674You can also override the comparison on an individual basis - see
32eab2da 1675the huge section on L</"WHERE CLAUSES"> at the bottom.
1676
96449e8e 1677=item sqltrue, sqlfalse
1678
1679Expressions for inserting boolean values within SQL statements.
6e0c6552 1680By default these are C<1=1> and C<1=0>. They are used
1681by the special operators C<-in> and C<-not_in> for generating
1682correct SQL even when the argument is an empty array (see below).
96449e8e 1683
32eab2da 1684=item logic
1685
1686This determines the default logical operator for multiple WHERE
7cac25e6 1687statements in arrays or hashes. If absent, the default logic is "or"
1688for arrays, and "and" for hashes. This means that a WHERE
32eab2da 1689array of the form:
1690
1691 @where = (
9d48860e 1692 event_date => {'>=', '2/13/99'},
1693 event_date => {'<=', '4/24/03'},
32eab2da 1694 );
1695
7cac25e6 1696will generate SQL like this:
32eab2da 1697
1698 WHERE event_date >= '2/13/99' OR event_date <= '4/24/03'
1699
1700This is probably not what you want given this query, though (look
1701at the dates). To change the "OR" to an "AND", simply specify:
1702
1703 my $sql = SQL::Abstract->new(logic => 'and');
1704
1705Which will change the above C<WHERE> to:
1706
1707 WHERE event_date >= '2/13/99' AND event_date <= '4/24/03'
1708
96449e8e 1709The logic can also be changed locally by inserting
be21dde3 1710a modifier in front of an arrayref:
96449e8e 1711
9d48860e 1712 @where = (-and => [event_date => {'>=', '2/13/99'},
7cac25e6 1713 event_date => {'<=', '4/24/03'} ]);
96449e8e 1714
1715See the L</"WHERE CLAUSES"> section for explanations.
1716
32eab2da 1717=item convert
1718
1719This will automatically convert comparisons using the specified SQL
1720function for both column and value. This is mostly used with an argument
1721of C<upper> or C<lower>, so that the SQL will have the effect of
1722case-insensitive "searches". For example, this:
1723
1724 $sql = SQL::Abstract->new(convert => 'upper');
1725 %where = (keywords => 'MaKe iT CAse inSeNSItive');
1726
1727Will turn out the following SQL:
1728
1729 WHERE upper(keywords) like upper('MaKe iT CAse inSeNSItive')
1730
1731The conversion can be C<upper()>, C<lower()>, or any other SQL function
1732that can be applied symmetrically to fields (actually B<SQL::Abstract> does
1733not validate this option; it will just pass through what you specify verbatim).
1734
1735=item bindtype
1736
1737This is a kludge because many databases suck. For example, you can't
1738just bind values using DBI's C<execute()> for Oracle C<CLOB> or C<BLOB> fields.
1739Instead, you have to use C<bind_param()>:
1740
1741 $sth->bind_param(1, 'reg data');
1742 $sth->bind_param(2, $lots, {ora_type => ORA_CLOB});
1743
1744The problem is, B<SQL::Abstract> will normally just return a C<@bind> array,
1745which loses track of which field each slot refers to. Fear not.
1746
1747If you specify C<bindtype> in new, you can determine how C<@bind> is returned.
1748Currently, you can specify either C<normal> (default) or C<columns>. If you
1749specify C<columns>, you will get an array that looks like this:
1750
1751 my $sql = SQL::Abstract->new(bindtype => 'columns');
1752 my($stmt, @bind) = $sql->insert(...);
1753
1754 @bind = (
1755 [ 'column1', 'value1' ],
1756 [ 'column2', 'value2' ],
1757 [ 'column3', 'value3' ],
1758 );
1759
1760You can then iterate through this manually, using DBI's C<bind_param()>.
e3f9dff4 1761
32eab2da 1762 $sth->prepare($stmt);
1763 my $i = 1;
1764 for (@bind) {
1765 my($col, $data) = @$_;
1766 if ($col eq 'details' || $col eq 'comments') {
1767 $sth->bind_param($i, $data, {ora_type => ORA_CLOB});
1768 } elsif ($col eq 'image') {
1769 $sth->bind_param($i, $data, {ora_type => ORA_BLOB});
1770 } else {
1771 $sth->bind_param($i, $data);
1772 }
1773 $i++;
1774 }
1775 $sth->execute; # execute without @bind now
1776
1777Now, why would you still use B<SQL::Abstract> if you have to do this crap?
1778Basically, the advantage is still that you don't have to care which fields
1779are or are not included. You could wrap that above C<for> loop in a simple
1780sub called C<bind_fields()> or something and reuse it repeatedly. You still
1781get a layer of abstraction over manual SQL specification.
1782
3ae1c5e2 1783Note that if you set L</bindtype> to C<columns>, the C<\[ $sql, @bind ]>
deb148a2 1784construct (see L</Literal SQL with placeholders and bind values (subqueries)>)
1785will expect the bind values in this format.
1786
32eab2da 1787=item quote_char
1788
1789This is the character that a table or column name will be quoted
9d48860e 1790with. By default this is an empty string, but you could set it to
32eab2da 1791the character C<`>, to generate SQL like this:
1792
1793 SELECT `a_field` FROM `a_table` WHERE `some_field` LIKE '%someval%'
1794
96449e8e 1795Alternatively, you can supply an array ref of two items, the first being the left
1796hand quote character, and the second the right hand quote character. For
1797example, you could supply C<['[',']']> for SQL Server 2000 compliant quotes
1798that generates SQL like this:
1799
1800 SELECT [a_field] FROM [a_table] WHERE [some_field] LIKE '%someval%'
1801
9d48860e 1802Quoting is useful if you have tables or columns names that are reserved
96449e8e 1803words in your database's SQL dialect.
32eab2da 1804
46be4313 1805=item escape_char
1806
1807This is the character that will be used to escape L</quote_char>s appearing
1808in an identifier before it has been quoted.
1809
80790166 1810The parameter default in case of a single L</quote_char> character is the quote
46be4313 1811character itself.
1812
1813When opening-closing-style quoting is used (L</quote_char> is an arrayref)
9de2bd86 1814this parameter defaults to the B<closing (right)> L</quote_char>. Occurrences
46be4313 1815of the B<opening (left)> L</quote_char> within the identifier are currently left
1816untouched. The default for opening-closing-style quotes may change in future
1817versions, thus you are B<strongly encouraged> to specify the escape character
1818explicitly.
1819
32eab2da 1820=item name_sep
1821
1822This is the character that separates a table and column name. It is
1823necessary to specify this when the C<quote_char> option is selected,
1824so that tables and column names can be individually quoted like this:
1825
1826 SELECT `table`.`one_field` FROM `table` WHERE `table`.`other_field` = 1
1827
b6251592 1828=item injection_guard
1829
1830A regular expression C<qr/.../> that is applied to any C<-function> and unquoted
1831column name specified in a query structure. This is a safety mechanism to avoid
1832injection attacks when mishandling user input e.g.:
1833
1834 my %condition_as_column_value_pairs = get_values_from_user();
1835 $sqla->select( ... , \%condition_as_column_value_pairs );
1836
1837If the expression matches an exception is thrown. Note that literal SQL
1838supplied via C<\'...'> or C<\['...']> is B<not> checked in any way.
1839
1840Defaults to checking for C<;> and the C<GO> keyword (TransactSQL)
1841
96449e8e 1842=item array_datatypes
32eab2da 1843
9d48860e 1844When this option is true, arrayrefs in INSERT or UPDATE are
1845interpreted as array datatypes and are passed directly
96449e8e 1846to the DBI layer.
1847When this option is false, arrayrefs are interpreted
1848as literal SQL, just like refs to arrayrefs
1849(but this behavior is for backwards compatibility; when writing
1850new queries, use the "reference to arrayref" syntax
1851for literal SQL).
32eab2da 1852
32eab2da 1853
96449e8e 1854=item special_ops
32eab2da 1855
9d48860e 1856Takes a reference to a list of "special operators"
96449e8e 1857to extend the syntax understood by L<SQL::Abstract>.
1858See section L</"SPECIAL OPERATORS"> for details.
32eab2da 1859
59f23b3d 1860=item unary_ops
1861
9d48860e 1862Takes a reference to a list of "unary operators"
59f23b3d 1863to extend the syntax understood by L<SQL::Abstract>.
1864See section L</"UNARY OPERATORS"> for details.
1865
32eab2da 1866
32eab2da 1867
96449e8e 1868=back
32eab2da 1869
02288357 1870=head2 insert($table, \@values || \%fieldvals, \%options)
32eab2da 1871
1872This is the simplest function. You simply give it a table name
1873and either an arrayref of values or hashref of field/value pairs.
1874It returns an SQL INSERT statement and a list of bind values.
96449e8e 1875See the sections on L</"Inserting and Updating Arrays"> and
1876L</"Inserting and Updating SQL"> for information on how to insert
1877with those data types.
32eab2da 1878
02288357 1879The optional C<\%options> hash reference may contain additional
1880options to generate the insert SQL. Currently supported options
1881are:
1882
1883=over 4
1884
1885=item returning
1886
1887Takes either a scalar of raw SQL fields, or an array reference of
1888field names, and adds on an SQL C<RETURNING> statement at the end.
1889This allows you to return data generated by the insert statement
1890(such as row IDs) without performing another C<SELECT> statement.
1891Note, however, this is not part of the SQL standard and may not
1892be supported by all database engines.
1893
1894=back
1895
95904db5 1896=head2 update($table, \%fieldvals, \%where, \%options)
32eab2da 1897
1898This takes a table, hashref of field/value pairs, and an optional
86298391 1899hashref L<WHERE clause|/WHERE CLAUSES>. It returns an SQL UPDATE function and a list
32eab2da 1900of bind values.
96449e8e 1901See the sections on L</"Inserting and Updating Arrays"> and
1902L</"Inserting and Updating SQL"> for information on how to insert
1903with those data types.
32eab2da 1904
95904db5 1905The optional C<\%options> hash reference may contain additional
1906options to generate the update SQL. Currently supported options
1907are:
1908
1909=over 4
1910
1911=item returning
1912
1913See the C<returning> option to
1914L<insert|/insert($table, \@values || \%fieldvals, \%options)>.
1915
1916=back
1917
96449e8e 1918=head2 select($source, $fields, $where, $order)
32eab2da 1919
9d48860e 1920This returns a SQL SELECT statement and associated list of bind values, as
be21dde3 1921specified by the arguments:
32eab2da 1922
96449e8e 1923=over
32eab2da 1924
96449e8e 1925=item $source
32eab2da 1926
9d48860e 1927Specification of the 'FROM' part of the statement.
96449e8e 1928The argument can be either a plain scalar (interpreted as a table
1929name, will be quoted), or an arrayref (interpreted as a list
1930of table names, joined by commas, quoted), or a scalarref
063097a3 1931(literal SQL, not quoted).
32eab2da 1932
96449e8e 1933=item $fields
32eab2da 1934
9d48860e 1935Specification of the list of fields to retrieve from
96449e8e 1936the source.
1937The argument can be either an arrayref (interpreted as a list
9d48860e 1938of field names, will be joined by commas and quoted), or a
96449e8e 1939plain scalar (literal SQL, not quoted).
521647e7 1940Please observe that this API is not as flexible as that of
1941the first argument C<$source>, for backwards compatibility reasons.
32eab2da 1942
96449e8e 1943=item $where
32eab2da 1944
96449e8e 1945Optional argument to specify the WHERE part of the query.
1946The argument is most often a hashref, but can also be
9d48860e 1947an arrayref or plain scalar --
96449e8e 1948see section L<WHERE clause|/"WHERE CLAUSES"> for details.
32eab2da 1949
96449e8e 1950=item $order
32eab2da 1951
96449e8e 1952Optional argument to specify the ORDER BY part of the query.
9d48860e 1953The argument can be a scalar, a hashref or an arrayref
96449e8e 1954-- see section L<ORDER BY clause|/"ORDER BY CLAUSES">
1955for details.
32eab2da 1956
96449e8e 1957=back
32eab2da 1958
32eab2da 1959
85327cd5 1960=head2 delete($table, \%where, \%options)
32eab2da 1961
86298391 1962This takes a table name and optional hashref L<WHERE clause|/WHERE CLAUSES>.
32eab2da 1963It returns an SQL DELETE statement and list of bind values.
1964
85327cd5 1965The optional C<\%options> hash reference may contain additional
1966options to generate the delete SQL. Currently supported options
1967are:
1968
1969=over 4
1970
1971=item returning
1972
1973See the C<returning> option to
1974L<insert|/insert($table, \@values || \%fieldvals, \%options)>.
1975
1976=back
1977
85783f3c 1978=head2 where(\%where, $order)
32eab2da 1979
1980This is used to generate just the WHERE clause. For example,
1981if you have an arbitrary data structure and know what the
1982rest of your SQL is going to look like, but want an easy way
1983to produce a WHERE clause, use this. It returns an SQL WHERE
1984clause and list of bind values.
1985
32eab2da 1986
1987=head2 values(\%data)
1988
1989This just returns the values from the hash C<%data>, in the same
1990order that would be returned from any of the other above queries.
1991Using this allows you to markedly speed up your queries if you
1992are affecting lots of rows. See below under the L</"PERFORMANCE"> section.
1993
32eab2da 1994=head2 generate($any, 'number', $of, \@data, $struct, \%types)
1995
1996Warning: This is an experimental method and subject to change.
1997
1998This returns arbitrarily generated SQL. It's a really basic shortcut.
1999It will return two different things, depending on return context:
2000
2001 my($stmt, @bind) = $sql->generate('create table', \$table, \@fields);
2002 my $stmt_and_val = $sql->generate('create table', \$table, \@fields);
2003
2004These would return the following:
2005
2006 # First calling form
2007 $stmt = "CREATE TABLE test (?, ?)";
2008 @bind = (field1, field2);
2009
2010 # Second calling form
2011 $stmt_and_val = "CREATE TABLE test (field1, field2)";
2012
2013Depending on what you're trying to do, it's up to you to choose the correct
2014format. In this example, the second form is what you would want.
2015
2016By the same token:
2017
2018 $sql->generate('alter session', { nls_date_format => 'MM/YY' });
2019
2020Might give you:
2021
2022 ALTER SESSION SET nls_date_format = 'MM/YY'
2023
2024You get the idea. Strings get their case twiddled, but everything
2025else remains verbatim.
2026
0da0fe34 2027=head1 EXPORTABLE FUNCTIONS
2028
2029=head2 is_plain_value
2030
2031Determines if the supplied argument is a plain value as understood by this
2032module:
2033
2034=over
2035
2036=item * The value is C<undef>
2037
2038=item * The value is a non-reference
2039
2040=item * The value is an object with stringification overloading
2041
2042=item * The value is of the form C<< { -value => $anything } >>
2043
2044=back
2045
9de2bd86 2046On failure returns C<undef>, on success returns a B<scalar> reference
966200cc 2047to the original supplied argument.
0da0fe34 2048
843a94b5 2049=over
2050
2051=item * Note
2052
2053The stringification overloading detection is rather advanced: it takes
2054into consideration not only the presence of a C<""> overload, but if that
2055fails also checks for enabled
2056L<autogenerated versions of C<"">|overload/Magic Autogeneration>, based
2057on either C<0+> or C<bool>.
2058
2059Unfortunately testing in the field indicates that this
2060detection B<< may tickle a latent bug in perl versions before 5.018 >>,
2061but only when very large numbers of stringifying objects are involved.
2062At the time of writing ( Sep 2014 ) there is no clear explanation of
2063the direct cause, nor is there a manageably small test case that reliably
2064reproduces the problem.
2065
2066If you encounter any of the following exceptions in B<random places within
2067your application stack> - this module may be to blame:
2068
2069 Operation "ne": no method found,
2070 left argument in overloaded package <something>,
2071 right argument in overloaded package <something>
2072
2073or perhaps even
2074
2075 Stub found while resolving method "???" overloading """" in package <something>
2076
2077If you fall victim to the above - please attempt to reduce the problem
2078to something that could be sent to the L<SQL::Abstract developers
1f490ae4 2079|DBIx::Class/GETTING HELP/SUPPORT>
843a94b5 2080(either publicly or privately). As a workaround in the meantime you can
2081set C<$ENV{SQLA_ISVALUE_IGNORE_AUTOGENERATED_STRINGIFICATION}> to a true
2082value, which will most likely eliminate your problem (at the expense of
2083not being able to properly detect exotic forms of stringification).
2084
2085This notice and environment variable will be removed in a future version,
2086as soon as the underlying problem is found and a reliable workaround is
2087devised.
2088
2089=back
2090
0da0fe34 2091=head2 is_literal_value
2092
2093Determines if the supplied argument is a literal value as understood by this
2094module:
2095
2096=over
2097
2098=item * C<\$sql_string>
2099
2100=item * C<\[ $sql_string, @bind_values ]>
2101
0da0fe34 2102=back
2103
9de2bd86 2104On failure returns C<undef>, on success returns an B<array> reference
966200cc 2105containing the unpacked version of the supplied literal SQL and bind values.
0da0fe34 2106
32eab2da 2107=head1 WHERE CLAUSES
2108
96449e8e 2109=head2 Introduction
2110
32eab2da 2111This module uses a variation on the idea from L<DBIx::Abstract>. It
2112is B<NOT>, repeat I<not> 100% compatible. B<The main logic of this
2113module is that things in arrays are OR'ed, and things in hashes
2114are AND'ed.>
2115
2116The easiest way to explain is to show lots of examples. After
2117each C<%where> hash shown, it is assumed you used:
2118
2119 my($stmt, @bind) = $sql->where(\%where);
2120
2121However, note that the C<%where> hash can be used directly in any
2122of the other functions as well, as described above.
2123
96449e8e 2124=head2 Key-value pairs
2125
32eab2da 2126So, let's get started. To begin, a simple hash:
2127
2128 my %where = (
2129 user => 'nwiger',
2130 status => 'completed'
2131 );
2132
2133Is converted to SQL C<key = val> statements:
2134
2135 $stmt = "WHERE user = ? AND status = ?";
2136 @bind = ('nwiger', 'completed');
2137
2138One common thing I end up doing is having a list of values that
2139a field can be in. To do this, simply specify a list inside of
2140an arrayref:
2141
2142 my %where = (
2143 user => 'nwiger',
2144 status => ['assigned', 'in-progress', 'pending'];
2145 );
2146
2147This simple code will create the following:
9d48860e 2148
32eab2da 2149 $stmt = "WHERE user = ? AND ( status = ? OR status = ? OR status = ? )";
2150 @bind = ('nwiger', 'assigned', 'in-progress', 'pending');
2151
9d48860e 2152A field associated to an empty arrayref will be considered a
7cac25e6 2153logical false and will generate 0=1.
8a68b5be 2154
b864ba9b 2155=head2 Tests for NULL values
2156
2157If the value part is C<undef> then this is converted to SQL <IS NULL>
2158
2159 my %where = (
2160 user => 'nwiger',
2161 status => undef,
2162 );
2163
2164becomes:
2165
2166 $stmt = "WHERE user = ? AND status IS NULL";
2167 @bind = ('nwiger');
2168
e9614080 2169To test if a column IS NOT NULL:
2170
2171 my %where = (
2172 user => 'nwiger',
2173 status => { '!=', undef },
2174 );
cc422895 2175
6e0c6552 2176=head2 Specific comparison operators
96449e8e 2177
32eab2da 2178If you want to specify a different type of operator for your comparison,
2179you can use a hashref for a given column:
2180
2181 my %where = (
2182 user => 'nwiger',
2183 status => { '!=', 'completed' }
2184 );
2185
2186Which would generate:
2187
2188 $stmt = "WHERE user = ? AND status != ?";
2189 @bind = ('nwiger', 'completed');
2190
2191To test against multiple values, just enclose the values in an arrayref:
2192
96449e8e 2193 status => { '=', ['assigned', 'in-progress', 'pending'] };
2194
f2d5020d 2195Which would give you:
96449e8e 2196
2197 "WHERE status = ? OR status = ? OR status = ?"
2198
2199
2200The hashref can also contain multiple pairs, in which case it is expanded
32eab2da 2201into an C<AND> of its elements:
2202
2203 my %where = (
2204 user => 'nwiger',
2205 status => { '!=', 'completed', -not_like => 'pending%' }
2206 );
2207
2208 # Or more dynamically, like from a form
2209 $where{user} = 'nwiger';
2210 $where{status}{'!='} = 'completed';
2211 $where{status}{'-not_like'} = 'pending%';
2212
2213 # Both generate this
2214 $stmt = "WHERE user = ? AND status != ? AND status NOT LIKE ?";
2215 @bind = ('nwiger', 'completed', 'pending%');
2216
96449e8e 2217
32eab2da 2218To get an OR instead, you can combine it with the arrayref idea:
2219
2220 my %where => (
2221 user => 'nwiger',
1a6f2a03 2222 priority => [ { '=', 2 }, { '>', 5 } ]
32eab2da 2223 );
2224
2225Which would generate:
2226
1a6f2a03 2227 $stmt = "WHERE ( priority = ? OR priority > ? ) AND user = ?";
2228 @bind = ('2', '5', 'nwiger');
32eab2da 2229
44b9e502 2230If you want to include literal SQL (with or without bind values), just use a
13cc86af 2231scalar reference or reference to an arrayref as the value:
44b9e502 2232
2233 my %where = (
2234 date_entered => { '>' => \["to_date(?, 'MM/DD/YYYY')", "11/26/2008"] },
2235 date_expires => { '<' => \"now()" }
2236 );
2237
2238Which would generate:
2239
13cc86af 2240 $stmt = "WHERE date_entered > to_date(?, 'MM/DD/YYYY') AND date_expires < now()";
44b9e502 2241 @bind = ('11/26/2008');
2242
96449e8e 2243
2244=head2 Logic and nesting operators
2245
2246In the example above,
2247there is a subtle trap if you want to say something like
32eab2da 2248this (notice the C<AND>):
2249
2250 WHERE priority != ? AND priority != ?
2251
2252Because, in Perl you I<can't> do this:
2253
13cc86af 2254 priority => { '!=' => 2, '!=' => 1 }
32eab2da 2255
2256As the second C<!=> key will obliterate the first. The solution
2257is to use the special C<-modifier> form inside an arrayref:
2258
9d48860e 2259 priority => [ -and => {'!=', 2},
96449e8e 2260 {'!=', 1} ]
2261
32eab2da 2262
2263Normally, these would be joined by C<OR>, but the modifier tells it
2264to use C<AND> instead. (Hint: You can use this in conjunction with the
2265C<logic> option to C<new()> in order to change the way your queries
2266work by default.) B<Important:> Note that the C<-modifier> goes
2267B<INSIDE> the arrayref, as an extra first element. This will
2268B<NOT> do what you think it might:
2269
2270 priority => -and => [{'!=', 2}, {'!=', 1}] # WRONG!
2271
2272Here is a quick list of equivalencies, since there is some overlap:
2273
2274 # Same
2275 status => {'!=', 'completed', 'not like', 'pending%' }
2276 status => [ -and => {'!=', 'completed'}, {'not like', 'pending%'}]
2277
2278 # Same
2279 status => {'=', ['assigned', 'in-progress']}
2280 status => [ -or => {'=', 'assigned'}, {'=', 'in-progress'}]
2281 status => [ {'=', 'assigned'}, {'=', 'in-progress'} ]
2282
e3f9dff4 2283
2284
be21dde3 2285=head2 Special operators: IN, BETWEEN, etc.
96449e8e 2286
32eab2da 2287You can also use the hashref format to compare a list of fields using the
2288C<IN> comparison operator, by specifying the list as an arrayref:
2289
2290 my %where = (
2291 status => 'completed',
2292 reportid => { -in => [567, 2335, 2] }
2293 );
2294
2295Which would generate:
2296
2297 $stmt = "WHERE status = ? AND reportid IN (?,?,?)";
2298 @bind = ('completed', '567', '2335', '2');
2299
9d48860e 2300The reverse operator C<-not_in> generates SQL C<NOT IN> and is used in
96449e8e 2301the same way.
2302
6e0c6552 2303If the argument to C<-in> is an empty array, 'sqlfalse' is generated
be21dde3 2304(by default: C<1=0>). Similarly, C<< -not_in => [] >> generates
2305'sqltrue' (by default: C<1=1>).
6e0c6552 2306
e41c3bdd 2307In addition to the array you can supply a chunk of literal sql or
2308literal sql with bind:
6e0c6552 2309
e41c3bdd 2310 my %where = {
2311 customer => { -in => \[
2312 'SELECT cust_id FROM cust WHERE balance > ?',
2313 2000,
2314 ],
2315 status => { -in => \'SELECT status_codes FROM states' },
2316 };
6e0c6552 2317
e41c3bdd 2318would generate:
2319
2320 $stmt = "WHERE (
2321 customer IN ( SELECT cust_id FROM cust WHERE balance > ? )
2322 AND status IN ( SELECT status_codes FROM states )
2323 )";
2324 @bind = ('2000');
2325
0dfd2442 2326Finally, if the argument to C<-in> is not a reference, it will be
2327treated as a single-element array.
e41c3bdd 2328
2329Another pair of operators is C<-between> and C<-not_between>,
96449e8e 2330used with an arrayref of two values:
32eab2da 2331
2332 my %where = (
2333 user => 'nwiger',
2334 completion_date => {
2335 -not_between => ['2002-10-01', '2003-02-06']
2336 }
2337 );
2338
2339Would give you:
2340
2341 WHERE user = ? AND completion_date NOT BETWEEN ( ? AND ? )
2342
e41c3bdd 2343Just like with C<-in> all plausible combinations of literal SQL
2344are possible:
2345
2346 my %where = {
2347 start0 => { -between => [ 1, 2 ] },
2348 start1 => { -between => \["? AND ?", 1, 2] },
2349 start2 => { -between => \"lower(x) AND upper(y)" },
9d48860e 2350 start3 => { -between => [
e41c3bdd 2351 \"lower(x)",
2352 \["upper(?)", 'stuff' ],
2353 ] },
2354 };
2355
2356Would give you:
2357
2358 $stmt = "WHERE (
2359 ( start0 BETWEEN ? AND ? )
2360 AND ( start1 BETWEEN ? AND ? )
2361 AND ( start2 BETWEEN lower(x) AND upper(y) )
2362 AND ( start3 BETWEEN lower(x) AND upper(?) )
2363 )";
2364 @bind = (1, 2, 1, 2, 'stuff');
2365
2366
9d48860e 2367These are the two builtin "special operators"; but the
be21dde3 2368list can be expanded: see section L</"SPECIAL OPERATORS"> below.
96449e8e 2369
59f23b3d 2370=head2 Unary operators: bool
97a920ef 2371
2372If you wish to test against boolean columns or functions within your
2373database you can use the C<-bool> and C<-not_bool> operators. For
2374example to test the column C<is_user> being true and the column
827bb0eb 2375C<is_enabled> being false you would use:-
97a920ef 2376
2377 my %where = (
2378 -bool => 'is_user',
2379 -not_bool => 'is_enabled',
2380 );
2381
2382Would give you:
2383
277b5d3f 2384 WHERE is_user AND NOT is_enabled
97a920ef 2385
0b604e9d 2386If a more complex combination is required, testing more conditions,
2387then you should use the and/or operators:-
2388
2389 my %where = (
2390 -and => [
2391 -bool => 'one',
23401b81 2392 -not_bool => { two=> { -rlike => 'bar' } },
2393 -not_bool => { three => [ { '=', 2 }, { '>', 5 } ] },
0b604e9d 2394 ],
2395 );
2396
2397Would give you:
2398
23401b81 2399 WHERE
2400 one
2401 AND
2402 (NOT two RLIKE ?)
2403 AND
2404 (NOT ( three = ? OR three > ? ))
97a920ef 2405
2406
107b72f1 2407=head2 Nested conditions, -and/-or prefixes
96449e8e 2408
32eab2da 2409So far, we've seen how multiple conditions are joined with a top-level
2410C<AND>. We can change this by putting the different conditions we want in
2411hashes and then putting those hashes in an array. For example:
2412
2413 my @where = (
2414 {
2415 user => 'nwiger',
2416 status => { -like => ['pending%', 'dispatched'] },
2417 },
2418 {
2419 user => 'robot',
2420 status => 'unassigned',
2421 }
2422 );
2423
2424This data structure would create the following:
2425
2426 $stmt = "WHERE ( user = ? AND ( status LIKE ? OR status LIKE ? ) )
2427 OR ( user = ? AND status = ? ) )";
2428 @bind = ('nwiger', 'pending', 'dispatched', 'robot', 'unassigned');
2429
107b72f1 2430
48d9f5f8 2431Clauses in hashrefs or arrayrefs can be prefixed with an C<-and> or C<-or>
be21dde3 2432to change the logic inside:
32eab2da 2433
2434 my @where = (
2435 -and => [
2436 user => 'nwiger',
48d9f5f8 2437 [
2438 -and => [ workhrs => {'>', 20}, geo => 'ASIA' ],
2439 -or => { workhrs => {'<', 50}, geo => 'EURO' },
32eab2da 2440 ],
2441 ],
2442 );
2443
2444That would yield:
2445
13cc86af 2446 $stmt = "WHERE ( user = ?
2447 AND ( ( workhrs > ? AND geo = ? )
2448 OR ( workhrs < ? OR geo = ? ) ) )";
2449 @bind = ('nwiger', '20', 'ASIA', '50', 'EURO');
107b72f1 2450
cc422895 2451=head3 Algebraic inconsistency, for historical reasons
107b72f1 2452
7cac25e6 2453C<Important note>: when connecting several conditions, the C<-and->|C<-or>
2454operator goes C<outside> of the nested structure; whereas when connecting
2455several constraints on one column, the C<-and> operator goes
be21dde3 2456C<inside> the arrayref. Here is an example combining both features:
7cac25e6 2457
2458 my @where = (
2459 -and => [a => 1, b => 2],
2460 -or => [c => 3, d => 4],
2461 e => [-and => {-like => 'foo%'}, {-like => '%bar'} ]
2462 )
2463
2464yielding
2465
9d48860e 2466 WHERE ( ( ( a = ? AND b = ? )
2467 OR ( c = ? OR d = ? )
7cac25e6 2468 OR ( e LIKE ? AND e LIKE ? ) ) )
2469
107b72f1 2470This difference in syntax is unfortunate but must be preserved for
be21dde3 2471historical reasons. So be careful: the two examples below would
107b72f1 2472seem algebraically equivalent, but they are not
2473
a948b1fe 2474 { col => [ -and =>
2475 { -like => 'foo%' },
2476 { -like => '%bar' },
2477 ] }
be21dde3 2478 # yields: WHERE ( ( col LIKE ? AND col LIKE ? ) )
107b72f1 2479
a948b1fe 2480 [ -and =>
2481 { col => { -like => 'foo%' } },
2482 { col => { -like => '%bar' } },
2483 ]
be21dde3 2484 # yields: WHERE ( ( col LIKE ? OR col LIKE ? ) )
107b72f1 2485
7cac25e6 2486
cc422895 2487=head2 Literal SQL and value type operators
96449e8e 2488
cc422895 2489The basic premise of SQL::Abstract is that in WHERE specifications the "left
2490side" is a column name and the "right side" is a value (normally rendered as
2491a placeholder). This holds true for both hashrefs and arrayref pairs as you
2492see in the L</WHERE CLAUSES> examples above. Sometimes it is necessary to
2493alter this behavior. There are several ways of doing so.
e9614080 2494
cc422895 2495=head3 -ident
2496
2497This is a virtual operator that signals the string to its right side is an
2498identifier (a column name) and not a value. For example to compare two
2499columns you would write:
32eab2da 2500
e9614080 2501 my %where = (
2502 priority => { '<', 2 },
cc422895 2503 requestor => { -ident => 'submitter' },
e9614080 2504 );
2505
2506which creates:
2507
2508 $stmt = "WHERE priority < ? AND requestor = submitter";
2509 @bind = ('2');
2510
cc422895 2511If you are maintaining legacy code you may see a different construct as
2512described in L</Deprecated usage of Literal SQL>, please use C<-ident> in new
2513code.
2514
2515=head3 -value
e9614080 2516
cc422895 2517This is a virtual operator that signals that the construct to its right side
2518is a value to be passed to DBI. This is for example necessary when you want
2519to write a where clause against an array (for RDBMS that support such
2520datatypes). For example:
e9614080 2521
32eab2da 2522 my %where = (
cc422895 2523 array => { -value => [1, 2, 3] }
32eab2da 2524 );
2525
cc422895 2526will result in:
32eab2da 2527
cc422895 2528 $stmt = 'WHERE array = ?';
2529 @bind = ([1, 2, 3]);
32eab2da 2530
cc422895 2531Note that if you were to simply say:
32eab2da 2532
2533 my %where = (
cc422895 2534 array => [1, 2, 3]
32eab2da 2535 );
2536
3af02ccb 2537the result would probably not be what you wanted:
cc422895 2538
2539 $stmt = 'WHERE array = ? OR array = ? OR array = ?';
2540 @bind = (1, 2, 3);
2541
2542=head3 Literal SQL
96449e8e 2543
cc422895 2544Finally, sometimes only literal SQL will do. To include a random snippet
2545of SQL verbatim, you specify it as a scalar reference. Consider this only
2546as a last resort. Usually there is a better way. For example:
96449e8e 2547
2548 my %where = (
cc422895 2549 priority => { '<', 2 },
2550 requestor => { -in => \'(SELECT name FROM hitmen)' },
96449e8e 2551 );
2552
cc422895 2553Would create:
96449e8e 2554
cc422895 2555 $stmt = "WHERE priority < ? AND requestor IN (SELECT name FROM hitmen)"
2556 @bind = (2);
2557
2558Note that in this example, you only get one bind parameter back, since
2559the verbatim SQL is passed as part of the statement.
2560
2561=head4 CAVEAT
2562
2563 Never use untrusted input as a literal SQL argument - this is a massive
2564 security risk (there is no way to check literal snippets for SQL
2565 injections and other nastyness). If you need to deal with untrusted input
2566 use literal SQL with placeholders as described next.
96449e8e 2567
cc422895 2568=head3 Literal SQL with placeholders and bind values (subqueries)
96449e8e 2569
2570If the literal SQL to be inserted has placeholders and bind values,
2571use a reference to an arrayref (yes this is a double reference --
2572not so common, but perfectly legal Perl). For example, to find a date
2573in Postgres you can use something like this:
2574
2575 my %where = (
3ae1c5e2 2576 date_column => \[ "= date '2008-09-30' - ?::integer", 10 ]
96449e8e 2577 )
2578
2579This would create:
2580
d2a8fe1a 2581 $stmt = "WHERE ( date_column = date '2008-09-30' - ?::integer )"
96449e8e 2582 @bind = ('10');
2583
deb148a2 2584Note that you must pass the bind values in the same format as they are returned
85783f3c 2585by L<where|/where(\%where, $order)>. This means that if you set L</bindtype>
1f490ae4 2586to C<columns>, you must provide the bind values in the
2587C<< [ column_meta => value ] >> format, where C<column_meta> is an opaque
2588scalar value; most commonly the column name, but you can use any scalar value
2589(including references and blessed references), L<SQL::Abstract> will simply
2590pass it through intact. So if C<bindtype> is set to C<columns> the above
2591example will look like:
deb148a2 2592
2593 my %where = (
3ae1c5e2 2594 date_column => \[ "= date '2008-09-30' - ?::integer", [ {} => 10 ] ]
deb148a2 2595 )
96449e8e 2596
2597Literal SQL is especially useful for nesting parenthesized clauses in the
be21dde3 2598main SQL query. Here is a first example:
96449e8e 2599
2600 my ($sub_stmt, @sub_bind) = ("SELECT c1 FROM t1 WHERE c2 < ? AND c3 LIKE ?",
2601 100, "foo%");
2602 my %where = (
2603 foo => 1234,
2604 bar => \["IN ($sub_stmt)" => @sub_bind],
2605 );
2606
be21dde3 2607This yields:
96449e8e 2608
9d48860e 2609 $stmt = "WHERE (foo = ? AND bar IN (SELECT c1 FROM t1
96449e8e 2610 WHERE c2 < ? AND c3 LIKE ?))";
2611 @bind = (1234, 100, "foo%");
2612
9d48860e 2613Other subquery operators, like for example C<"E<gt> ALL"> or C<"NOT IN">,
96449e8e 2614are expressed in the same way. Of course the C<$sub_stmt> and
9d48860e 2615its associated bind values can be generated through a former call
96449e8e 2616to C<select()> :
2617
2618 my ($sub_stmt, @sub_bind)
9d48860e 2619 = $sql->select("t1", "c1", {c2 => {"<" => 100},
96449e8e 2620 c3 => {-like => "foo%"}});
2621 my %where = (
2622 foo => 1234,
2623 bar => \["> ALL ($sub_stmt)" => @sub_bind],
2624 );
2625
2626In the examples above, the subquery was used as an operator on a column;
9d48860e 2627but the same principle also applies for a clause within the main C<%where>
be21dde3 2628hash, like an EXISTS subquery:
96449e8e 2629
9d48860e 2630 my ($sub_stmt, @sub_bind)
96449e8e 2631 = $sql->select("t1", "*", {c1 => 1, c2 => \"> t0.c0"});
48d9f5f8 2632 my %where = ( -and => [
96449e8e 2633 foo => 1234,
48d9f5f8 2634 \["EXISTS ($sub_stmt)" => @sub_bind],
2635 ]);
96449e8e 2636
2637which yields
2638
9d48860e 2639 $stmt = "WHERE (foo = ? AND EXISTS (SELECT * FROM t1
96449e8e 2640 WHERE c1 = ? AND c2 > t0.c0))";
2641 @bind = (1234, 1);
2642
2643
9d48860e 2644Observe that the condition on C<c2> in the subquery refers to
be21dde3 2645column C<t0.c0> of the main query: this is I<not> a bind
9d48860e 2646value, so we have to express it through a scalar ref.
96449e8e 2647Writing C<< c2 => {">" => "t0.c0"} >> would have generated
2648C<< c2 > ? >> with bind value C<"t0.c0"> ... not exactly
2649what we wanted here.
2650
96449e8e 2651Finally, here is an example where a subquery is used
2652for expressing unary negation:
2653
9d48860e 2654 my ($sub_stmt, @sub_bind)
96449e8e 2655 = $sql->where({age => [{"<" => 10}, {">" => 20}]});
2656 $sub_stmt =~ s/^ where //i; # don't want "WHERE" in the subclause
2657 my %where = (
2658 lname => {like => '%son%'},
48d9f5f8 2659 \["NOT ($sub_stmt)" => @sub_bind],
96449e8e 2660 );
2661
2662This yields
2663
2664 $stmt = "lname LIKE ? AND NOT ( age < ? OR age > ? )"
2665 @bind = ('%son%', 10, 20)
2666
cc422895 2667=head3 Deprecated usage of Literal SQL
2668
2669Below are some examples of archaic use of literal SQL. It is shown only as
2670reference for those who deal with legacy code. Each example has a much
2671better, cleaner and safer alternative that users should opt for in new code.
2672
2673=over
2674
2675=item *
2676
2677 my %where = ( requestor => \'IS NOT NULL' )
2678
2679 $stmt = "WHERE requestor IS NOT NULL"
2680
2681This used to be the way of generating NULL comparisons, before the handling
2682of C<undef> got formalized. For new code please use the superior syntax as
2683described in L</Tests for NULL values>.
96449e8e 2684
cc422895 2685=item *
2686
2687 my %where = ( requestor => \'= submitter' )
2688
2689 $stmt = "WHERE requestor = submitter"
2690
2691This used to be the only way to compare columns. Use the superior L</-ident>
2692method for all new code. For example an identifier declared in such a way
2693will be properly quoted if L</quote_char> is properly set, while the legacy
2694form will remain as supplied.
2695
2696=item *
2697
2698 my %where = ( is_ready => \"", completed => { '>', '2012-12-21' } )
2699
2700 $stmt = "WHERE completed > ? AND is_ready"
2701 @bind = ('2012-12-21')
2702
2703Using an empty string literal used to be the only way to express a boolean.
2704For all new code please use the much more readable
2705L<-bool|/Unary operators: bool> operator.
2706
2707=back
96449e8e 2708
2709=head2 Conclusion
2710
32eab2da 2711These pages could go on for a while, since the nesting of the data
2712structures this module can handle are pretty much unlimited (the
2713module implements the C<WHERE> expansion as a recursive function
2714internally). Your best bet is to "play around" with the module a
2715little to see how the data structures behave, and choose the best
2716format for your data based on that.
2717
2718And of course, all the values above will probably be replaced with
2719variables gotten from forms or the command line. After all, if you
2720knew everything ahead of time, you wouldn't have to worry about
2721dynamically-generating SQL and could just hardwire it into your
2722script.
2723
86298391 2724=head1 ORDER BY CLAUSES
2725
9d48860e 2726Some functions take an order by clause. This can either be a scalar (just a
18710f60 2727column name), a hashref of C<< { -desc => 'col' } >> or C<< { -asc => 'col' }
2728>>, a scalarref, an arrayref-ref, or an arrayref of any of the previous
2729forms. Examples:
1cfa1db3 2730
8c15b421 2731 Given | Will Generate
18710f60 2732 ---------------------------------------------------------------
8c15b421 2733 |
2734 'colA' | ORDER BY colA
2735 |
2736 [qw/colA colB/] | ORDER BY colA, colB
2737 |
2738 {-asc => 'colA'} | ORDER BY colA ASC
2739 |
2740 {-desc => 'colB'} | ORDER BY colB DESC
2741 |
2742 ['colA', {-asc => 'colB'}] | ORDER BY colA, colB ASC
2743 |
2744 { -asc => [qw/colA colB/] } | ORDER BY colA ASC, colB ASC
2745 |
2746 \'colA DESC' | ORDER BY colA DESC
2747 |
2748 \[ 'FUNC(colA, ?)', $x ] | ORDER BY FUNC(colA, ?)
2749 | /* ...with $x bound to ? */
2750 |
bd805d85 2751 [ | ORDER BY
2752 { -asc => 'colA' }, | colA ASC,
2753 { -desc => [qw/colB/] }, | colB DESC,
2754 { -asc => [qw/colC colD/] },| colC ASC, colD ASC,
2755 \'colE DESC', | colE DESC,
2756 \[ 'FUNC(colF, ?)', $x ], | FUNC(colF, ?)
2757 ] | /* ...with $x bound to ? */
18710f60 2758 ===============================================================
86298391 2759
96449e8e 2760
2761
2762=head1 SPECIAL OPERATORS
2763
e3f9dff4 2764 my $sqlmaker = SQL::Abstract->new(special_ops => [
3a2e1a5e 2765 {
2766 regex => qr/.../,
e3f9dff4 2767 handler => sub {
2768 my ($self, $field, $op, $arg) = @_;
2769 ...
3a2e1a5e 2770 },
2771 },
2772 {
2773 regex => qr/.../,
2774 handler => 'method_name',
e3f9dff4 2775 },
2776 ]);
2777
9d48860e 2778A "special operator" is a SQL syntactic clause that can be
e3f9dff4 2779applied to a field, instead of a usual binary operator.
be21dde3 2780For example:
e3f9dff4 2781
2782 WHERE field IN (?, ?, ?)
2783 WHERE field BETWEEN ? AND ?
2784 WHERE MATCH(field) AGAINST (?, ?)
96449e8e 2785
e3f9dff4 2786Special operators IN and BETWEEN are fairly standard and therefore
3a2e1a5e 2787are builtin within C<SQL::Abstract> (as the overridable methods
2788C<_where_field_IN> and C<_where_field_BETWEEN>). For other operators,
2789like the MATCH .. AGAINST example above which is specific to MySQL,
2790you can write your own operator handlers - supply a C<special_ops>
2791argument to the C<new> method. That argument takes an arrayref of
2792operator definitions; each operator definition is a hashref with two
2793entries:
96449e8e 2794
e3f9dff4 2795=over
2796
2797=item regex
2798
2799the regular expression to match the operator
96449e8e 2800
e3f9dff4 2801=item handler
2802
3a2e1a5e 2803Either a coderef or a plain scalar method name. In both cases
2804the expected return is C<< ($sql, @bind) >>.
2805
2806When supplied with a method name, it is simply called on the
13cc86af 2807L<SQL::Abstract> object as:
3a2e1a5e 2808
ca4f826a 2809 $self->$method_name($field, $op, $arg)
3a2e1a5e 2810
2811 Where:
2812
3a2e1a5e 2813 $field is the LHS of the operator
13cc86af 2814 $op is the part that matched the handler regex
3a2e1a5e 2815 $arg is the RHS
2816
2817When supplied with a coderef, it is called as:
2818
2819 $coderef->($self, $field, $op, $arg)
2820
e3f9dff4 2821
2822=back
2823
9d48860e 2824For example, here is an implementation
e3f9dff4 2825of the MATCH .. AGAINST syntax for MySQL
2826
2827 my $sqlmaker = SQL::Abstract->new(special_ops => [
9d48860e 2828
e3f9dff4 2829 # special op for MySql MATCH (field) AGAINST(word1, word2, ...)
9d48860e 2830 {regex => qr/^match$/i,
e3f9dff4 2831 handler => sub {
2832 my ($self, $field, $op, $arg) = @_;
2833 $arg = [$arg] if not ref $arg;
2834 my $label = $self->_quote($field);
2835 my ($placeholder) = $self->_convert('?');
2836 my $placeholders = join ", ", (($placeholder) x @$arg);
2837 my $sql = $self->_sqlcase('match') . " ($label) "
2838 . $self->_sqlcase('against') . " ($placeholders) ";
2839 my @bind = $self->_bindtype($field, @$arg);
2840 return ($sql, @bind);
2841 }
2842 },
9d48860e 2843
e3f9dff4 2844 ]);
96449e8e 2845
2846
59f23b3d 2847=head1 UNARY OPERATORS
2848
112b5232 2849 my $sqlmaker = SQL::Abstract->new(unary_ops => [
59f23b3d 2850 {
2851 regex => qr/.../,
2852 handler => sub {
2853 my ($self, $op, $arg) = @_;
2854 ...
2855 },
2856 },
2857 {
2858 regex => qr/.../,
2859 handler => 'method_name',
2860 },
2861 ]);
2862
9d48860e 2863A "unary operator" is a SQL syntactic clause that can be
59f23b3d 2864applied to a field - the operator goes before the field
2865
2866You can write your own operator handlers - supply a C<unary_ops>
2867argument to the C<new> method. That argument takes an arrayref of
2868operator definitions; each operator definition is a hashref with two
2869entries:
2870
2871=over
2872
2873=item regex
2874
2875the regular expression to match the operator
2876
2877=item handler
2878
2879Either a coderef or a plain scalar method name. In both cases
2880the expected return is C<< $sql >>.
2881
2882When supplied with a method name, it is simply called on the
13cc86af 2883L<SQL::Abstract> object as:
59f23b3d 2884
ca4f826a 2885 $self->$method_name($op, $arg)
59f23b3d 2886
2887 Where:
2888
2889 $op is the part that matched the handler regex
2890 $arg is the RHS or argument of the operator
2891
2892When supplied with a coderef, it is called as:
2893
2894 $coderef->($self, $op, $arg)
2895
2896
2897=back
2898
2899
32eab2da 2900=head1 PERFORMANCE
2901
2902Thanks to some benchmarking by Mark Stosberg, it turns out that
2903this module is many orders of magnitude faster than using C<DBIx::Abstract>.
2904I must admit this wasn't an intentional design issue, but it's a
2905byproduct of the fact that you get to control your C<DBI> handles
2906yourself.
2907
2908To maximize performance, use a code snippet like the following:
2909
2910 # prepare a statement handle using the first row
2911 # and then reuse it for the rest of the rows
2912 my($sth, $stmt);
2913 for my $href (@array_of_hashrefs) {
2914 $stmt ||= $sql->insert('table', $href);
2915 $sth ||= $dbh->prepare($stmt);
2916 $sth->execute($sql->values($href));
2917 }
2918
2919The reason this works is because the keys in your C<$href> are sorted
2920internally by B<SQL::Abstract>. Thus, as long as your data retains
2921the same structure, you only have to generate the SQL the first time
2922around. On subsequent queries, simply use the C<values> function provided
2923by this module to return your values in the correct order.
2924
b864ba9b 2925However this depends on the values having the same type - if, for
2926example, the values of a where clause may either have values
2927(resulting in sql of the form C<column = ?> with a single bind
2928value), or alternatively the values might be C<undef> (resulting in
2929sql of the form C<column IS NULL> with no bind value) then the
2930caching technique suggested will not work.
96449e8e 2931
32eab2da 2932=head1 FORMBUILDER
2933
2934If you use my C<CGI::FormBuilder> module at all, you'll hopefully
2935really like this part (I do, at least). Building up a complex query
2936can be as simple as the following:
2937
2938 #!/usr/bin/perl
2939
46dc2f3e 2940 use warnings;
2941 use strict;
2942
32eab2da 2943 use CGI::FormBuilder;
2944 use SQL::Abstract;
2945
2946 my $form = CGI::FormBuilder->new(...);
2947 my $sql = SQL::Abstract->new;
2948
2949 if ($form->submitted) {
2950 my $field = $form->field;
2951 my $id = delete $field->{id};
2952 my($stmt, @bind) = $sql->update('table', $field, {id => $id});
2953 }
2954
2955Of course, you would still have to connect using C<DBI> to run the
2956query, but the point is that if you make your form look like your
2957table, the actual query script can be extremely simplistic.
2958
2959If you're B<REALLY> lazy (I am), check out C<HTML::QuickTable> for
9d48860e 2960a fast interface to returning and formatting data. I frequently
32eab2da 2961use these three modules together to write complex database query
2962apps in under 50 lines.
2963
af733667 2964=head1 HOW TO CONTRIBUTE
2965
2966Contributions are always welcome, in all usable forms (we especially
2967welcome documentation improvements). The delivery methods include git-
2968or unified-diff formatted patches, GitHub pull requests, or plain bug
2969reports either via RT or the Mailing list. Contributors are generally
2970granted full access to the official repository after their first several
2971patches pass successful review.
2972
2973This project is maintained in a git repository. The code and related tools are
2974accessible at the following locations:
d8cc1792 2975
2976=over
2977
af733667 2978=item * Official repo: L<git://git.shadowcat.co.uk/dbsrgits/SQL-Abstract.git>
2979
2980=item * Official gitweb: L<http://git.shadowcat.co.uk/gitweb/gitweb.cgi?p=dbsrgits/SQL-Abstract.git>
2981
2982=item * GitHub mirror: L<https://github.com/dbsrgits/sql-abstract>
d8cc1792 2983
af733667 2984=item * Authorized committers: L<ssh://dbsrgits@git.shadowcat.co.uk/SQL-Abstract.git>
d8cc1792 2985
2986=back
32eab2da 2987
96449e8e 2988=head1 CHANGES
2989
2990Version 1.50 was a major internal refactoring of C<SQL::Abstract>.
2991Great care has been taken to preserve the I<published> behavior
2992documented in previous versions in the 1.* family; however,
9d48860e 2993some features that were previously undocumented, or behaved
96449e8e 2994differently from the documentation, had to be changed in order
2995to clarify the semantics. Hence, client code that was relying
9d48860e 2996on some dark areas of C<SQL::Abstract> v1.*
96449e8e 2997B<might behave differently> in v1.50.
32eab2da 2998
be21dde3 2999The main changes are:
d2a8fe1a 3000
96449e8e 3001=over
32eab2da 3002
9d48860e 3003=item *
32eab2da 3004
3ae1c5e2 3005support for literal SQL through the C<< \ [ $sql, @bind ] >> syntax.
96449e8e 3006
3007=item *
3008
145fbfc8 3009support for the { operator => \"..." } construct (to embed literal SQL)
3010
3011=item *
3012
9c37b9c0 3013support for the { operator => \["...", @bind] } construct (to embed literal SQL with bind values)
3014
3015=item *
3016
96449e8e 3017optional support for L<array datatypes|/"Inserting and Updating Arrays">
3018
9d48860e 3019=item *
96449e8e 3020
be21dde3 3021defensive programming: check arguments
96449e8e 3022
3023=item *
3024
3025fixed bug with global logic, which was previously implemented
7cac25e6 3026through global variables yielding side-effects. Prior versions would
96449e8e 3027interpret C<< [ {cond1, cond2}, [cond3, cond4] ] >>
3028as C<< "(cond1 AND cond2) OR (cond3 AND cond4)" >>.
3029Now this is interpreted
3030as C<< "(cond1 AND cond2) OR (cond3 OR cond4)" >>.
3031
96449e8e 3032
3033=item *
3034
3035fixed semantics of _bindtype on array args
3036
9d48860e 3037=item *
96449e8e 3038
3039dropped the C<_anoncopy> of the %where tree. No longer necessary,
3040we just avoid shifting arrays within that tree.
3041
3042=item *
3043
3044dropped the C<_modlogic> function
3045
3046=back
32eab2da 3047
32eab2da 3048=head1 ACKNOWLEDGEMENTS
3049
3050There are a number of individuals that have really helped out with
3051this module. Unfortunately, most of them submitted bugs via CPAN
3052so I have no idea who they are! But the people I do know are:
3053
9d48860e 3054 Ash Berlin (order_by hash term support)
b643abe1 3055 Matt Trout (DBIx::Class support)
32eab2da 3056 Mark Stosberg (benchmarking)
3057 Chas Owens (initial "IN" operator support)
3058 Philip Collins (per-field SQL functions)
3059 Eric Kolve (hashref "AND" support)
3060 Mike Fragassi (enhancements to "BETWEEN" and "LIKE")
3061 Dan Kubb (support for "quote_char" and "name_sep")
f5aab26e 3062 Guillermo Roditi (patch to cleanup "IN" and "BETWEEN", fix and tests for _order_by)
48d9f5f8 3063 Laurent Dami (internal refactoring, extensible list of special operators, literal SQL)
dbdf7648 3064 Norbert Buchmuller (support for literal SQL in hashpair, misc. fixes & tests)
e96c510a 3065 Peter Rabbitson (rewrite of SQLA::Test, misc. fixes & tests)
02288357 3066 Oliver Charles (support for "RETURNING" after "INSERT")
32eab2da 3067
3068Thanks!
3069
32eab2da 3070=head1 SEE ALSO
3071
86298391 3072L<DBIx::Class>, L<DBIx::Abstract>, L<CGI::FormBuilder>, L<HTML::QuickTable>.
32eab2da 3073
32eab2da 3074=head1 AUTHOR
3075
b643abe1 3076Copyright (c) 2001-2007 Nathan Wiger <nwiger@cpan.org>. All Rights Reserved.
3077
3078This module is actively maintained by Matt Trout <mst@shadowcatsystems.co.uk>
32eab2da 3079
abe72f94 3080For support, your best bet is to try the C<DBIx::Class> users mailing list.
3081While not an official support venue, C<DBIx::Class> makes heavy use of
3082C<SQL::Abstract>, and as such list members there are very familiar with
3083how to create queries.
3084
0d067ded 3085=head1 LICENSE
3086
d988ab87 3087This module is free software; you may copy this under the same
3088terms as perl itself (either the GNU General Public License or
3089the Artistic License)
32eab2da 3090
3091=cut
Unnamed repository; edit this file 'description' to name the repository.