+package SQL::Abstract; # see doc at end of file
-package SQL::Abstract;
+use strict;
+use warnings;
+use Carp ();
+use List::Util ();
+use Scalar::Util ();
+
+use Exporter 'import';
+our @EXPORT_OK = qw(is_plain_value is_literal_value);
+
+BEGIN {
+ if ($] < 5.009_005) {
+ require MRO::Compat;
+ }
+ else {
+ require mro;
+ }
+
+ *SQL::Abstract::_ENV_::DETECT_AUTOGENERATED_STRINGIFICATION = $ENV{SQLA_ISVALUE_IGNORE_AUTOGENERATED_STRINGIFICATION}
+ ? sub () { 0 }
+ : sub () { 1 }
+ ;
+}
+
+#======================================================================
+# GLOBALS
+#======================================================================
+
+our $VERSION = '1.87';
+
+# This would confuse some packagers
+$VERSION = eval $VERSION if $VERSION =~ /_/; # numify for warning-free dev releases
+
+our $AUTOLOAD;
+
+# special operators (-in, -between). May be extended/overridden by user.
+# See section WHERE: BUILTIN SPECIAL OPERATORS below for implementation
+my @BUILTIN_SPECIAL_OPS = (
+ {regex => qr/^ (?: not \s )? between $/ix, handler => sub { die "NOPE" }},
+ {regex => qr/^ is (?: \s+ not )? $/ix, handler => sub { die "NOPE" }},
+ {regex => qr/^ (?: not \s )? in $/ix, handler => sub { die "NOPE" }},
+ {regex => qr/^ ident $/ix, handler => sub { die "NOPE" }},
+ {regex => qr/^ value $/ix, handler => sub { die "NOPE" }},
+);
+
+#======================================================================
+# DEBUGGING AND ERROR REPORTING
+#======================================================================
+
+sub _debug {
+ return unless $_[0]->{debug}; shift; # a little faster
+ my $func = (caller(1))[3];
+ warn "[$func] ", @_, "\n";
+}
+
+sub belch (@) {
+ my($func) = (caller(1))[3];
+ Carp::carp "[$func] Warning: ", @_;
+}
+
+sub puke (@) {
+ my($func) = (caller(1))[3];
+ Carp::croak "[$func] Fatal: ", @_;
+}
+
+sub is_literal_value ($) {
+ ref $_[0] eq 'SCALAR' ? [ ${$_[0]} ]
+ : ( ref $_[0] eq 'REF' and ref ${$_[0]} eq 'ARRAY' ) ? [ @${ $_[0] } ]
+ : undef;
+}
+
+sub is_undef_value ($) {
+ !defined($_[0])
+ or (
+ ref($_[0]) eq 'HASH'
+ and exists $_[0]->{-value}
+ and not defined $_[0]->{-value}
+ );
+}
+
+# FIXME XSify - this can be done so much more efficiently
+sub is_plain_value ($) {
+ no strict 'refs';
+ ! length ref $_[0] ? \($_[0])
+ : (
+ ref $_[0] eq 'HASH' and keys %{$_[0]} == 1
+ and
+ exists $_[0]->{-value}
+ ) ? \($_[0]->{-value})
+ : (
+ # reuse @_ for even moar speedz
+ defined ( $_[1] = Scalar::Util::blessed $_[0] )
+ and
+ # deliberately not using Devel::OverloadInfo - the checks we are
+ # intersted in are much more limited than the fullblown thing, and
+ # this is a very hot piece of code
+ (
+ # simply using ->can('(""') can leave behind stub methods that
+ # break actually using the overload later (see L<perldiag/Stub
+ # found while resolving method "%s" overloading "%s" in package
+ # "%s"> and the source of overload::mycan())
+ #
+ # either has stringification which DBI SHOULD prefer out of the box
+ grep { *{ (qq[${_}::(""]) }{CODE} } @{ $_[2] = mro::get_linear_isa( $_[1] ) }
+ or
+ # has nummification or boolification, AND fallback is *not* disabled
+ (
+ SQL::Abstract::_ENV_::DETECT_AUTOGENERATED_STRINGIFICATION
+ and
+ (
+ grep { *{"${_}::(0+"}{CODE} } @{$_[2]}
+ or
+ grep { *{"${_}::(bool"}{CODE} } @{$_[2]}
+ )
+ and
+ (
+ # no fallback specified at all
+ ! ( ($_[3]) = grep { *{"${_}::()"}{CODE} } @{$_[2]} )
+ or
+ # fallback explicitly undef
+ ! defined ${"$_[3]::()"}
+ or
+ # explicitly true
+ !! ${"$_[3]::()"}
+ )
+ )
+ )
+ ) ? \($_[0])
+ : undef;
+}
+
+
+
+#======================================================================
+# NEW
+#======================================================================
+
+sub new {
+ my $self = shift;
+ my $class = ref($self) || $self;
+ my %opt = (ref $_[0] eq 'HASH') ? %{$_[0]} : @_;
+
+ # choose our case by keeping an option around
+ delete $opt{case} if $opt{case} && $opt{case} ne 'lower';
+
+ # default logic for interpreting arrayrefs
+ $opt{logic} = $opt{logic} ? uc $opt{logic} : 'OR';
+
+ # how to return bind vars
+ $opt{bindtype} ||= 'normal';
+
+ # default comparison is "=", but can be overridden
+ $opt{cmp} ||= '=';
+
+ # try to recognize which are the 'equality' and 'inequality' ops
+ # (temporary quickfix (in 2007), should go through a more seasoned API)
+ $opt{equality_op} = qr/^( \Q$opt{cmp}\E | \= )$/ix;
+ $opt{inequality_op} = qr/^( != | <> )$/ix;
+
+ $opt{like_op} = qr/^ (is_)?r?like $/xi;
+ $opt{not_like_op} = qr/^ (is_)?not_r?like $/xi;
+
+ # SQL booleans
+ $opt{sqltrue} ||= '1=1';
+ $opt{sqlfalse} ||= '0=1';
+
+ # special operators
+ $opt{special_ops} ||= [];
+
+ if ($class->isa('DBIx::Class::SQLMaker')) {
+ $opt{warn_once_on_nest} = 1;
+ $opt{disable_old_special_ops} = 1;
+ }
+
+ # unary operators
+ $opt{unary_ops} ||= [];
+
+ # rudimentary sanity-check for user supplied bits treated as functions/operators
+ # If a purported function matches this regular expression, an exception is thrown.
+ # Literal SQL is *NOT* subject to this check, only functions (and column names
+ # when quoting is not in effect)
+
+ # FIXME
+ # need to guard against ()'s in column names too, but this will break tons of
+ # hacks... ideas anyone?
+ $opt{injection_guard} ||= qr/
+ \;
+ |
+ ^ \s* go \s
+ /xmi;
+
+ $opt{expand_unary} = {};
+
+ $opt{expand} = {
+ not => '_expand_not',
+ bool => '_expand_bool',
+ and => '_expand_op_andor',
+ or => '_expand_op_andor',
+ nest => '_expand_nest',
+ bind => '_expand_bind',
+ in => '_expand_in',
+ not_in => '_expand_in',
+ row => '_expand_row',
+ between => '_expand_between',
+ not_between => '_expand_between',
+ op => '_expand_op',
+ (map +($_ => '_expand_op_is'), ('is', 'is_not')),
+ ident => '_expand_ident',
+ value => '_expand_value',
+ func => '_expand_func',
+ };
+
+ $opt{expand_op} = {
+ 'between' => '_expand_between',
+ 'not_between' => '_expand_between',
+ 'in' => '_expand_in',
+ 'not_in' => '_expand_in',
+ 'nest' => '_expand_nest',
+ (map +($_ => '_expand_op_andor'), ('and', 'or')),
+ (map +($_ => '_expand_op_is'), ('is', 'is_not')),
+ 'ident' => '_expand_ident',
+ 'value' => '_expand_value',
+ };
+
+ $opt{render} = {
+ (map +($_, "_render_$_"), qw(op func bind ident literal row)),
+ %{$opt{render}||{}}
+ };
+
+ $opt{render_op} = {
+ (map +($_ => '_render_op_between'), 'between', 'not_between'),
+ (map +($_ => '_render_op_in'), 'in', 'not_in'),
+ (map +($_ => '_render_unop_postfix'),
+ 'is_null', 'is_not_null', 'asc', 'desc',
+ ),
+ (not => '_render_unop_paren'),
+ (map +($_ => '_render_op_andor'), qw(and or)),
+ ',' => '_render_op_multop',
+ };
+
+ return bless \%opt, $class;
+}
+
+sub sqltrue { +{ -literal => [ $_[0]->{sqltrue} ] } }
+sub sqlfalse { +{ -literal => [ $_[0]->{sqlfalse} ] } }
+
+sub _assert_pass_injection_guard {
+ if ($_[1] =~ $_[0]->{injection_guard}) {
+ my $class = ref $_[0];
+ puke "Possible SQL injection attempt '$_[1]'. If this is indeed a part of the "
+ . "desired SQL use literal SQL ( \'...' or \[ '...' ] ) or supply your own "
+ . "{injection_guard} attribute to ${class}->new()"
+ }
+}
+
+
+#======================================================================
+# INSERT methods
+#======================================================================
+
+sub insert {
+ my $self = shift;
+ my $table = $self->_table(shift);
+ my $data = shift || return;
+ my $options = shift;
+
+ my $fields;
+
+ my ($f_aqt, $v_aqt) = $self->_expand_insert_values($data);
+
+ my @parts = ([ $self->_sqlcase('insert into').' '.$table ]);
+ push @parts, [ $self->render_aqt($f_aqt) ] if $f_aqt;
+ push @parts, [ $self->_sqlcase('values') ], [ $self->render_aqt($v_aqt) ];
+
+ if ($options->{returning}) {
+ push @parts, [ $self->_insert_returning($options) ];
+ }
+
+ return $self->join_clauses(' ', @parts);
+}
+
+sub _expand_insert_values {
+ my ($self, $data) = @_;
+ if (is_literal_value($data)) {
+ (undef, $self->expand_expr($data));
+ } else {
+ my ($fields, $values) = (
+ ref($data) eq 'HASH' ?
+ ([ sort keys %$data ], [ @{$data}{sort keys %$data} ])
+ : ([], $data)
+ );
+
+ # no names (arrayref) means can't generate bindtype
+ !($fields) && $self->{bindtype} eq 'columns'
+ && belch "can't do 'columns' bindtype when called with arrayref";
+
+ +(
+ (@$fields
+ ? $self->expand_expr({ -row => $fields }, -ident)
+ : undef
+ ),
+ +{ -row => [
+ map {
+ local our $Cur_Col_Meta = $fields->[$_];
+ $self->_expand_insert_value($values->[$_])
+ } 0..$#$values
+ ] },
+ );
+ }
+}
+
+# So that subclasses can override INSERT ... RETURNING separately from
+# UPDATE and DELETE (e.g. DBIx::Class::SQLMaker::Oracle does this)
+sub _insert_returning { shift->_returning(@_) }
+
+sub _returning {
+ my ($self, $options) = @_;
+
+ my $f = $options->{returning};
+
+ my ($sql, @bind) = $self->render_aqt(
+ $self->_expand_maybe_list_expr($f, -ident)
+ );
+ return wantarray
+ ? $self->_sqlcase(' returning ') . $sql
+ : ($self->_sqlcase(' returning ').$sql, @bind);
+}
+
+sub _expand_insert_value {
+ my ($self, $v) = @_;
+
+ my $k = our $Cur_Col_Meta;
+
+ if (ref($v) eq 'ARRAY') {
+ if ($self->{array_datatypes}) {
+ return +{ -bind => [ $k, $v ] };
+ }
+ my ($sql, @bind) = @$v;
+ $self->_assert_bindval_matches_bindtype(@bind);
+ return +{ -literal => $v };
+ }
+ if (ref($v) eq 'HASH') {
+ if (grep !/^-/, keys %$v) {
+ belch "HASH ref as bind value in insert is not supported";
+ return +{ -bind => [ $k, $v ] };
+ }
+ }
+ if (!defined($v)) {
+ return +{ -bind => [ $k, undef ] };
+ }
+ return $self->expand_expr($v);
+}
+
+
+
+#======================================================================
+# UPDATE methods
+#======================================================================
+
+
+sub update {
+ my $self = shift;
+ my $table = $self->_table(shift);
+ my $data = shift || return;
+ my $where = shift;
+ my $options = shift;
+
+ # first build the 'SET' part of the sql statement
+ puke "Unsupported data type specified to \$sql->update"
+ unless ref $data eq 'HASH';
+
+ my ($sql, @all_bind) = $self->_update_set_values($data);
+ $sql = $self->_sqlcase('update ') . $table . $self->_sqlcase(' set ')
+ . $sql;
+
+ if ($where) {
+ my($where_sql, @where_bind) = $self->where($where);
+ $sql .= $where_sql;
+ push @all_bind, @where_bind;
+ }
+
+ if ($options->{returning}) {
+ my ($returning_sql, @returning_bind) = $self->_update_returning($options);
+ $sql .= $returning_sql;
+ push @all_bind, @returning_bind;
+ }
+
+ return wantarray ? ($sql, @all_bind) : $sql;
+}
+
+sub _update_set_values {
+ my ($self, $data) = @_;
+
+ return $self->render_aqt(
+ $self->_expand_update_set_values(undef, $data),
+ );
+}
+
+sub _expand_update_set_values {
+ my ($self, undef, $data) = @_;
+ $self->_expand_maybe_list_expr( [
+ map {
+ my ($k, $set) = @$_;
+ $set = { -bind => $_ } unless defined $set;
+ +{ -op => [ '=', $self->_expand_ident(-ident => $k), $set ] };
+ }
+ map {
+ my $k = $_;
+ my $v = $data->{$k};
+ (ref($v) eq 'ARRAY'
+ ? ($self->{array_datatypes}
+ ? [ $k, +{ -bind => [ $k, $v ] } ]
+ : [ $k, +{ -literal => $v } ])
+ : do {
+ local our $Cur_Col_Meta = $k;
+ [ $k, $self->_expand_expr($v) ]
+ }
+ );
+ } sort keys %$data
+ ] );
+}
+
+# So that subclasses can override UPDATE ... RETURNING separately from
+# INSERT and DELETE
+sub _update_returning { shift->_returning(@_) }
+
+
+
+#======================================================================
+# SELECT
+#======================================================================
+
+
+sub select {
+ my $self = shift;
+ my $table = $self->_table(shift);
+ my $fields = shift || '*';
+ my $where = shift;
+ my $order = shift;
+
+ my ($fields_sql, @bind) = $self->_select_fields($fields);
+
+ my ($where_sql, @where_bind) = $self->where($where, $order);
+ push @bind, @where_bind;
+
+ my $sql = join(' ', $self->_sqlcase('select'), $fields_sql,
+ $self->_sqlcase('from'), $table)
+ . $where_sql;
+
+ return wantarray ? ($sql, @bind) : $sql;
+}
+
+sub _select_fields {
+ my ($self, $fields) = @_;
+ return $fields unless ref($fields);
+ return $self->render_aqt(
+ $self->_expand_maybe_list_expr($fields, '-ident')
+ );
+}
+
+#======================================================================
+# DELETE
+#======================================================================
+
+
+sub delete {
+ my $self = shift;
+ my $table = $self->_table(shift);
+ my $where = shift;
+ my $options = shift;
+
+ my($where_sql, @bind) = $self->where($where);
+ my $sql = $self->_sqlcase('delete from ') . $table . $where_sql;
+
+ if ($options->{returning}) {
+ my ($returning_sql, @returning_bind) = $self->_delete_returning($options);
+ $sql .= $returning_sql;
+ push @bind, @returning_bind;
+ }
+
+ return wantarray ? ($sql, @bind) : $sql;
+}
+
+# So that subclasses can override DELETE ... RETURNING separately from
+# INSERT and UPDATE
+sub _delete_returning { shift->_returning(@_) }
+
+
+
+#======================================================================
+# WHERE: entry point
+#======================================================================
+
+
+
+# Finally, a separate routine just to handle WHERE clauses
+sub where {
+ my ($self, $where, $order) = @_;
+
+ local $self->{convert_where} = $self->{convert};
+
+ # where ?
+ my ($sql, @bind) = defined($where)
+ ? $self->_recurse_where($where)
+ : (undef);
+ $sql = (defined $sql and length $sql) ? $self->_sqlcase(' where ') . "( $sql )" : '';
+
+ # order by?
+ if ($order) {
+ my ($order_sql, @order_bind) = $self->_order_by($order);
+ $sql .= $order_sql;
+ push @bind, @order_bind;
+ }
+
+ return wantarray ? ($sql, @bind) : $sql;
+}
+
+{ our $Default_Scalar_To = -value }
+
+sub expand_expr {
+ my ($self, $expr, $default_scalar_to) = @_;
+ local our $Default_Scalar_To = $default_scalar_to if $default_scalar_to;
+ $self->_expand_expr($expr);
+}
+
+sub render_aqt {
+ my ($self, $aqt) = @_;
+ my ($k, $v, @rest) = %$aqt;
+ die "No" if @rest;
+ die "Not a node type: $k" unless $k =~ s/^-//;
+ if (my $meth = $self->{render}{$k}) {
+ return $self->$meth($k, $v);
+ }
+ die "notreached: $k";
+}
+
+sub render_expr {
+ my ($self, $expr, $default_scalar_to) = @_;
+ my ($sql, @bind) = $self->render_aqt(
+ $self->expand_expr($expr, $default_scalar_to)
+ );
+ return (wantarray ? ($sql, @bind) : $sql);
+}
+
+sub _normalize_op {
+ my ($self, $raw) = @_;
+ s/^-(?=.)//, s/\s+/_/g for my $op = lc $raw;
+ $op;
+}
+
+sub _expand_expr {
+ my ($self, $expr) = @_;
+ our $Expand_Depth ||= 0; local $Expand_Depth = $Expand_Depth + 1;
+ return undef unless defined($expr);
+ if (ref($expr) eq 'HASH') {
+ return undef unless my $kc = keys %$expr;
+ if ($kc > 1) {
+ return $self->_expand_op_andor(and => $expr);
+ }
+ my ($key, $value) = %$expr;
+ if ($key =~ /^-/ and $key =~ s/ [_\s]? \d+ $//x ) {
+ belch 'Use of [and|or|nest]_N modifiers is deprecated and will be removed in SQLA v2.0. '
+ . "You probably wanted ...-and => [ $key => COND1, $key => COND2 ... ]";
+ }
+ return $self->_expand_hashpair($key, $value);
+ }
+ if (ref($expr) eq 'ARRAY') {
+ return $self->_expand_op_andor(lc($self->{logic}), $expr);
+ }
+ if (my $literal = is_literal_value($expr)) {
+ return +{ -literal => $literal };
+ }
+ if (!ref($expr) or Scalar::Util::blessed($expr)) {
+ return $self->_expand_scalar($expr);
+ }
+ die "notreached";
+}
+
+sub _expand_hashpair {
+ my ($self, $k, $v) = @_;
+ unless (defined($k) and length($k)) {
+ if (defined($k) and my $literal = is_literal_value($v)) {
+ belch 'Hash-pairs consisting of an empty string with a literal are deprecated, and will be removed in 2.0: use -and => [ $literal ] instead';
+ return { -literal => $literal };
+ }
+ puke "Supplying an empty left hand side argument is not supported";
+ }
+ if ($k =~ /^-/) {
+ return $self->_expand_hashpair_op($k, $v);
+ } elsif ($k =~ /^[^\w]/i) {
+ my ($lhs, @rhs) = @$v;
+ return $self->_expand_op(
+ -op, [ $k, $self->expand_expr($lhs, -ident), @rhs ]
+ );
+ }
+ return $self->_expand_hashpair_ident($k, $v);
+}
+
+sub _expand_hashpair_ident {
+ my ($self, $k, $v) = @_;
+
+ local our $Cur_Col_Meta = $k;
+
+ # hash with multiple or no elements is andor
+
+ if (ref($v) eq 'HASH' and keys %$v != 1) {
+ return $self->_expand_op_andor(and => $v, $k);
+ }
+
+ # undef needs to be re-sent with cmp to achieve IS/IS NOT NULL
+
+ if (is_undef_value($v)) {
+ return $self->_expand_hashpair_cmp($k => undef);
+ }
+
+ # scalars and objects get expanded as whatever requested or values
+
+ if (!ref($v) or Scalar::Util::blessed($v)) {
+ return $self->_expand_hashpair_scalar($k, $v);
+ }
+
+ # single key hashref is a hashtriple
+
+ if (ref($v) eq 'HASH') {
+ return $self->_expand_hashtriple($k, %$v);
+ }
+
+ # arrayref needs re-engineering over the elements
+
+ if (ref($v) eq 'ARRAY') {
+ return $self->sqlfalse unless @$v;
+ $self->_debug("ARRAY($k) means distribute over elements");
+ my $logic = lc(
+ $v->[0] =~ /^-(and|or)$/i
+ ? (shift(@{$v = [ @$v ]}), $1)
+ : lc($self->{logic} || 'OR')
+ );
+ return $self->_expand_op_andor(
+ $logic => $v, $k
+ );
+ }
+
+ if (my $literal = is_literal_value($v)) {
+ unless (length $k) {
+ belch 'Hash-pairs consisting of an empty string with a literal are deprecated, and will be removed in 2.0: use -and => [ $literal ] instead';
+ return \$literal;
+ }
+ my ($sql, @bind) = @$literal;
+ if ($self->{bindtype} eq 'columns') {
+ for (@bind) {
+ $self->_assert_bindval_matches_bindtype($_);
+ }
+ }
+ return +{ -literal => [ $self->_quote($k).' '.$sql, @bind ] };
+ }
+ die "notreached";
+}
+
+sub _expand_scalar {
+ my ($self, $expr) = @_;
+
+ return $self->_expand_expr({ (our $Default_Scalar_To) => $expr });
+}
+
+sub _expand_hashpair_scalar {
+ my ($self, $k, $v) = @_;
+
+ return $self->_expand_hashpair_cmp(
+ $k, $self->_expand_scalar($v),
+ );
+}
+
+sub _expand_hashpair_op {
+ my ($self, $k, $v) = @_;
+
+ $self->_assert_pass_injection_guard($k =~ /\A-(.*)\Z/s);
+
+ my $op = $self->_normalize_op($k);
+
+ if (my $exp = $self->{expand}{$op}) {
+ return $self->$exp($op, $v);
+ }
+
+ # Ops prefixed with -not_ get converted
+
+ if (my ($rest) = $op =~/^not_(.*)$/) {
+ return +{ -op => [
+ 'not',
+ $self->_expand_expr({ "-${rest}", $v })
+ ] };
+ }
+
+ { # Old SQLA compat
+
+ my $op = join(' ', split '_', $op);
+
+ # the old special op system requires illegality for top-level use
+
+ if (
+ (our $Expand_Depth) == 1
+ and (
+ List::Util::first { $op =~ $_->{regex} } @{$self->{special_ops}}
+ or (
+ $self->{disable_old_special_ops}
+ and List::Util::first { $op =~ $_->{regex} } @BUILTIN_SPECIAL_OPS
+ )
+ )
+ ) {
+ puke "Illegal use of top-level '-$op'"
+ }
+
+ # the old unary op system means we should touch nothing and let it work
+
+ if (my $us = List::Util::first { $op =~ $_->{regex} } @{$self->{unary_ops}}) {
+ return { -op => [ $op, $v ] };
+ }
+ }
+
+ # an explicit node type is currently assumed to be expanded (this is almost
+ # certainly wrong and there should be expansion anyway)
+
+ if ($self->{render}{$op}) {
+ return { $k => $v };
+ }
+
+ my $type = $self->{unknown_unop_always_func} ? -func : -op;
+
+ { # Old SQLA compat
+
+ if (
+ ref($v) eq 'HASH'
+ and keys %$v == 1
+ and (keys %$v)[0] =~ /^-/
+ ) {
+ $type = (
+ (List::Util::first { $op =~ $_->{regex} } @{$self->{special_ops}})
+ ? -op
+ : -func
+ )
+ }
+ }
+
+ return +{ $type => [
+ $op,
+ ($type eq -func and ref($v) eq 'ARRAY')
+ ? map $self->_expand_expr($_), @$v
+ : $self->_expand_expr($v)
+ ] };
+}
+
+sub _expand_hashpair_cmp {
+ my ($self, $k, $v) = @_;
+ $self->_expand_hashtriple($k, $self->{cmp}, $v);
+}
+
+sub _expand_hashtriple {
+ my ($self, $k, $vk, $vv) = @_;
+
+ my $ik = $self->_expand_ident(-ident => $k);
+
+ my $op = $self->_normalize_op($vk);
+ $self->_assert_pass_injection_guard($op);
+
+ if ($op =~ s/ _? \d+ $//x ) {
+ return $self->_expand_expr($k, { $vk, $vv });
+ }
+ if (my $x = $self->{expand_op}{$op}) {
+ local our $Cur_Col_Meta = $k;
+ return $self->$x($op, $vv, $k);
+ }
+ { # Old SQLA compat
+
+ my $op = join(' ', split '_', $op);
+
+ if (my $us = List::Util::first { $op =~ $_->{regex} } @{$self->{special_ops}}) {
+ return { -op => [ $op, $ik, $vv ] };
+ }
+ if (my $us = List::Util::first { $op =~ $_->{regex} } @{$self->{unary_ops}}) {
+ return { -op => [
+ $self->{cmp},
+ $ik,
+ { -op => [ $op, $vv ] }
+ ] };
+ }
+ }
+ if (ref($vv) eq 'ARRAY') {
+ my @raw = @$vv;
+ my $logic = (defined($raw[0]) and $raw[0] =~ /^-(and|or)$/i)
+ ? (shift(@raw), $1) : 'or';
+ my @values = map +{ $vk => $_ }, @raw;
+ if (
+ $op =~ $self->{inequality_op}
+ or $op =~ $self->{not_like_op}
+ ) {
+ if (lc($logic) eq 'or' and @values > 1) {
+ belch "A multi-element arrayref as an argument to the inequality op '${\uc(join ' ', split '_', $op)}' "
+ . 'is technically equivalent to an always-true 1=1 (you probably wanted '
+ . "to say ...{ \$inequality_op => [ -and => \@values ] }... instead)"
+ ;
+ }
+ }
+ unless (@values) {
+ # try to DWIM on equality operators
+ return ($self->_dwim_op_to_is($op,
+ "Supplying an empty arrayref to '%s' is deprecated",
+ "operator '%s' applied on an empty array (field '$k')"
+ ) ? $self->sqlfalse : $self->sqltrue);
+ }
+ return $self->_expand_op_andor($logic => \@values, $k);
+ }
+ if (is_undef_value($vv)) {
+ my $is = ($self->_dwim_op_to_is($op,
+ "Supplying an undefined argument to '%s' is deprecated",
+ "unexpected operator '%s' with undef operand",
+ ) ? 'is' : 'is not');
+
+ return $self->_expand_hashpair($k => { $is, undef });
+ }
+ local our $Cur_Col_Meta = $k;
+ return +{ -op => [
+ $op,
+ $ik,
+ $self->_expand_expr($vv)
+ ] };
+}
+
+sub _dwim_op_to_is {
+ my ($self, $raw, $empty, $fail) = @_;
+
+ my $op = $self->_normalize_op($raw);
+
+ if ($op =~ /^not$/i) {
+ return 0;
+ }
+ if ($op =~ $self->{equality_op}) {
+ return 1;
+ }
+ if ($op =~ $self->{like_op}) {
+ belch(sprintf $empty, uc(join ' ', split '_', $op));
+ return 1;
+ }
+ if ($op =~ $self->{inequality_op}) {
+ return 0;
+ }
+ if ($op =~ $self->{not_like_op}) {
+ belch(sprintf $empty, uc(join ' ', split '_', $op));
+ return 0;
+ }
+ puke(sprintf $fail, $op);
+}
+
+sub _expand_func {
+ my ($self, undef, $args) = @_;
+ my ($func, @args) = @$args;
+ return { -func => [ $func, map $self->expand_expr($_), @args ] };
+}
+
+sub _expand_ident {
+ my ($self, undef, $body, $k) = @_;
+ return $self->_expand_hashpair_cmp(
+ $k, { -ident => $body }
+ ) if defined($k);
+ unless (defined($body) or (ref($body) and ref($body) eq 'ARRAY')) {
+ puke "-ident requires a single plain scalar argument (a quotable identifier) or an arrayref of identifier parts";
+ }
+ my @parts = map split(/\Q${\($self->{name_sep}||'.')}\E/, $_),
+ ref($body) ? @$body : $body;
+ return { -ident => $parts[-1] } if $self->{_dequalify_idents};
+ unless ($self->{quote_char}) {
+ $self->_assert_pass_injection_guard($_) for @parts;
+ }
+ return +{ -ident => \@parts };
+}
+
+sub _expand_value {
+ return $_[0]->_expand_hashpair_cmp(
+ $_[3], { -value => $_[2] },
+ ) if defined($_[3]);
+ +{ -bind => [ our $Cur_Col_Meta, $_[2] ] };
+}
+
+sub _expand_not {
+ +{ -op => [ 'not', $_[0]->_expand_expr($_[2]) ] };
+}
+
+sub _expand_row {
+ my ($self, undef, $args) = @_;
+ +{ -row => [ map $self->expand_expr($_), @$args ] };
+}
+
+sub _expand_op {
+ my ($self, undef, $args) = @_;
+ my ($op, @opargs) = @$args;
+ if (my $exp = $self->{expand_op}{$op}) {
+ return $self->$exp($op, \@opargs);
+ }
+ +{ -op => [ $op, map $self->expand_expr($_), @opargs ] };
+}
+
+sub _expand_bool {
+ my ($self, undef, $v) = @_;
+ if (ref($v)) {
+ return $self->_expand_expr($v);
+ }
+ puke "-bool => undef not supported" unless defined($v);
+ return $self->_expand_ident(-ident => $v);
+}
+
+sub _expand_op_andor {
+ my ($self, $logop, $v, $k) = @_;
+ if (defined $k) {
+ $v = [ map +{ $k, $_ },
+ (ref($v) eq 'HASH')
+ ? (map +{ $_ => $v->{$_} }, sort keys %$v)
+ : @$v,
+ ];
+ }
+ if (ref($v) eq 'HASH') {
+ return undef unless keys %$v;
+ return +{ -op => [
+ $logop,
+ map $self->_expand_expr({ $_ => $v->{$_} }),
+ sort keys %$v
+ ] };
+ }
+ if (ref($v) eq 'ARRAY') {
+ $logop eq 'and' or $logop eq 'or' or puke "unknown logic: $logop";
+
+ my @expr = grep {
+ (ref($_) eq 'ARRAY' and @$_)
+ or (ref($_) eq 'HASH' and %$_)
+ or 1
+ } @$v;
+
+ my @res;
+
+ while (my ($el) = splice @expr, 0, 1) {
+ puke "Supplying an empty left hand side argument is not supported in array-pairs"
+ unless defined($el) and length($el);
+ my $elref = ref($el);
+ if (!$elref) {
+ local our $Expand_Depth = 0;
+ push(@res, grep defined, $self->_expand_expr({ $el, shift(@expr) }));
+ } elsif ($elref eq 'ARRAY') {
+ push(@res, grep defined, $self->_expand_expr($el)) if @$el;
+ } elsif (my $l = is_literal_value($el)) {
+ push @res, { -literal => $l };
+ } elsif ($elref eq 'HASH') {
+ local our $Expand_Depth = 0;
+ push @res, grep defined, $self->_expand_expr($el) if %$el;
+ } else {
+ die "notreached";
+ }
+ }
+ # ???
+ # return $res[0] if @res == 1;
+ return { -op => [ $logop, @res ] };
+ }
+ die "notreached";
+}
+
+sub _expand_op_is {
+ my ($self, $op, $vv, $k) = @_;
+ ($k, $vv) = @$vv unless defined $k;
+ puke "$op can only take undef as argument"
+ if defined($vv)
+ and not (
+ ref($vv) eq 'HASH'
+ and exists($vv->{-value})
+ and !defined($vv->{-value})
+ );
+ return +{ -op => [ $op.'_null', $self->expand_expr($k, -ident) ] };
+}
+
+sub _expand_between {
+ my ($self, $op, $vv, $k) = @_;
+ $k = shift @{$vv = [ @$vv ]} unless defined $k;
+ my @rhs = map $self->_expand_expr($_),
+ ref($vv) eq 'ARRAY' ? @$vv : $vv;
+ unless (
+ (@rhs == 1 and ref($rhs[0]) eq 'HASH' and $rhs[0]->{-literal})
+ or
+ (@rhs == 2 and defined($rhs[0]) and defined($rhs[1]))
+ ) {
+ puke "Operator '${\uc($op)}' requires either an arrayref with two defined values or expressions, or a single literal scalarref/arrayref-ref";
+ }
+ return +{ -op => [
+ $op,
+ $self->expand_expr(ref($k) ? $k : { -ident => $k }),
+ @rhs
+ ] }
+}
+
+sub _expand_in {
+ my ($self, $op, $vv, $k) = @_;
+ $k = shift @{$vv = [ @$vv ]} unless defined $k;
+ if (my $literal = is_literal_value($vv)) {
+ my ($sql, @bind) = @$literal;
+ my $opened_sql = $self->_open_outer_paren($sql);
+ return +{ -op => [
+ $op, $self->expand_expr($k, -ident),
+ { -literal => [ $opened_sql, @bind ] }
+ ] };
+ }
+ my $undef_err =
+ 'SQL::Abstract before v1.75 used to generate incorrect SQL when the '
+ . "-${\uc($op)} operator was given an undef-containing list: !!!AUDIT YOUR CODE "
+ . 'AND DATA!!! (the upcoming Data::Query-based version of SQL::Abstract '
+ . 'will emit the logically correct SQL instead of raising this exception)'
+ ;
+ puke("Argument passed to the '${\uc($op)}' operator can not be undefined")
+ if !defined($vv);
+ my @rhs = map $self->expand_expr($_, -value),
+ map { defined($_) ? $_: puke($undef_err) }
+ (ref($vv) eq 'ARRAY' ? @$vv : $vv);
+ return $self->${\($op =~ /^not/ ? 'sqltrue' : 'sqlfalse')} unless @rhs;
+
+ return +{ -op => [
+ $op,
+ $self->expand_expr($k, -ident),
+ @rhs
+ ] };
+}
+
+sub _expand_nest {
+ my ($self, undef, $v) = @_;
+ # DBIx::Class requires a nest warning to be emitted once but the private
+ # method it overrode to do so no longer exists
+ if ($self->{warn_once_on_nest}) {
+ unless (our $Nest_Warned) {
+ belch(
+ "-nest in search conditions is deprecated, you most probably wanted:\n"
+ .q|{..., -and => [ \%cond0, \@cond1, \'cond2', \[ 'cond3', [ col => bind ] ], etc. ], ... }|
+ );
+ $Nest_Warned = 1;
+ }
+ }
+ return $self->_expand_expr($v);
+}
+
+sub _expand_bind {
+ my ($self, undef, $bind) = @_;
+ return { -bind => $bind };
+}
+
+sub _recurse_where {
+ my ($self, $where, $logic) = @_;
+
+ # Special case: top level simple string treated as literal
+
+ my $where_exp = (ref($where)
+ ? $self->_expand_expr($where, $logic)
+ : { -literal => [ $where ] });
+
+ # dispatch expanded expression
+
+ my ($sql, @bind) = defined($where_exp) ? $self->render_aqt($where_exp) : (undef);
+ # DBIx::Class used to call _recurse_where in scalar context
+ # something else might too...
+ if (wantarray) {
+ return ($sql, @bind);
+ }
+ else {
+ belch "Calling _recurse_where in scalar context is deprecated and will go away before 2.0";
+ return $sql;
+ }
+}
+
+sub _render_ident {
+ my ($self, undef, $ident) = @_;
+
+ return $self->_convert($self->_quote($ident));
+}
+
+sub _render_row {
+ my ($self, undef, $values) = @_;
+ my ($sql, @bind) = $self->_render_op(undef, [ ',', @$values ]);
+ return "($sql)", @bind;
+}
+
+sub _render_func {
+ my ($self, undef, $rest) = @_;
+ my ($func, @args) = @$rest;
+ if (ref($func) eq 'HASH') {
+ $func = $self->render_aqt($func);
+ }
+ my @arg_sql;
+ my @bind = map {
+ my @x = @$_;
+ push @arg_sql, shift @x;
+ @x
+ } map [ $self->render_aqt($_) ], @args;
+ return ($self->_sqlcase($func).'('.join(', ', @arg_sql).')', @bind);
+}
+
+sub _render_bind {
+ my ($self, undef, $bind) = @_;
+ return ($self->_convert('?'), $self->_bindtype(@$bind));
+}
+
+sub _render_literal {
+ my ($self, undef, $literal) = @_;
+ $self->_assert_bindval_matches_bindtype(@{$literal}[1..$#$literal]);
+ return @$literal;
+}
+
+sub _render_op {
+ my ($self, undef, $v) = @_;
+ my ($op, @args) = @$v;
+ if (my $r = $self->{render_op}{$op}) {
+ return $self->$r($op, \@args);
+ }
+
+ { # Old SQLA compat
+
+ my $op = join(' ', split '_', $op);
+
+ my $ss = List::Util::first { $op =~ $_->{regex} } @{$self->{special_ops}};
+ if ($ss and @args > 1) {
+ puke "Special op '${op}' requires first value to be identifier"
+ unless my ($ident) = map $_->{-ident}, grep ref($_) eq 'HASH', $args[0];
+ my $k = join(($self->{name_sep}||'.'), @$ident);
+ local our $Expand_Depth = 1;
+ return $self->${\($ss->{handler})}($k, $op, $args[1]);
+ }
+ if (my $us = List::Util::first { $op =~ $_->{regex} } @{$self->{unary_ops}}) {
+ return $self->${\($us->{handler})}($op, $args[0]);
+ }
+ if ($ss) {
+ return $self->_render_unop_paren($op, \@args);
+ }
+ }
+ if (@args == 1) {
+ return $self->_render_unop_prefix($op, \@args);
+ } else {
+ return $self->_render_op_multop($op, \@args);
+ }
+ die "notreached";
+}
+
+
+sub _render_op_between {
+ my ($self, $op, $args) = @_;
+ my ($left, $low, $high) = @$args;
+ my ($rhsql, @rhbind) = do {
+ if (@$args == 2) {
+ puke "Single arg to between must be a literal"
+ unless $low->{-literal};
+ @{$low->{-literal}}
+ } else {
+ my ($l, $h) = map [ $self->render_aqt($_) ], $low, $high;
+ (join(' ', $l->[0], $self->_sqlcase('and'), $h->[0]),
+ @{$l}[1..$#$l], @{$h}[1..$#$h])
+ }
+ };
+ my ($lhsql, @lhbind) = $self->render_aqt($left);
+ return (
+ join(' ',
+ '(', $lhsql,
+ $self->_sqlcase(join ' ', split '_', $op),
+ $rhsql, ')'
+ ),
+ @lhbind, @rhbind
+ );
+}
+
+sub _render_op_in {
+ my ($self, $op, $args) = @_;
+ my ($lhs, @rhs) = @$args;
+ my @in_bind;
+ my @in_sql = map {
+ my ($sql, @bind) = $self->render_aqt($_);
+ push @in_bind, @bind;
+ $sql;
+ } @rhs;
+ my ($lhsql, @lbind) = $self->render_aqt($lhs);
+ return (
+ $lhsql.' '.$self->_sqlcase(join ' ', split '_', $op).' ( '
+ .join(', ', @in_sql)
+ .' )',
+ @lbind, @in_bind
+ );
+}
+
+sub _render_op_andor {
+ my ($self, $op, $args) = @_;
+ my @parts = grep length($_->[0]), map [ $self->render_aqt($_) ], @$args;
+ return '' unless @parts;
+ return @{$parts[0]} if @parts == 1;
+ my ($sql, @bind) = $self->join_clauses(' '.$self->_sqlcase($op).' ', @parts);
+ return '( '.$sql.' )', @bind;
+}
+
+sub _render_op_multop {
+ my ($self, $op, $args) = @_;
+ my @parts = grep length($_->[0]), map [ $self->render_aqt($_) ], @$args;
+ return '' unless @parts;
+ return @{$parts[0]} if @parts == 1;
+ my $join = ($op eq ','
+ ? ', '
+ : ' '.$self->_sqlcase(join ' ', split '_', $op).' '
+ );
+ return $self->join_clauses($join, @parts);
+}
+
+sub join_clauses {
+ my ($self, $join, @parts) = @_;
+ return (
+ join($join, map $_->[0], @parts),
+ (wantarray ? (map @{$_}[1..$#$_], @parts) : ()),
+ );
+}
+
+sub _render_unop_paren {
+ my ($self, $op, $v) = @_;
+ my ($sql, @bind) = $self->_render_unop_prefix($op, $v);
+ return "(${sql})", @bind;
+}
+
+sub _render_unop_prefix {
+ my ($self, $op, $v) = @_;
+ my ($expr_sql, @bind) = $self->render_aqt($v->[0]);
+
+ my $op_sql = $self->_sqlcase($op); # join ' ', split '_', $op);
+ return ("${op_sql} ${expr_sql}", @bind);
+}
+
+sub _render_unop_postfix {
+ my ($self, $op, $v) = @_;
+ my ($expr_sql, @bind) = $self->render_aqt($v->[0]);
+ my $op_sql = $self->_sqlcase(join ' ', split '_', $op);
+ return ($expr_sql.' '.$op_sql, @bind);
+}
+
+# Some databases (SQLite) treat col IN (1, 2) different from
+# col IN ( (1, 2) ). Use this to strip all outer parens while
+# adding them back in the corresponding method
+sub _open_outer_paren {
+ my ($self, $sql) = @_;
+
+ while (my ($inner) = $sql =~ /^ \s* \( (.*) \) \s* $/xs) {
+
+ # there are closing parens inside, need the heavy duty machinery
+ # to reevaluate the extraction starting from $sql (full reevaluation)
+ if ($inner =~ /\)/) {
+ require Text::Balanced;
+
+ my (undef, $remainder) = do {
+ # idiotic design - writes to $@ but *DOES NOT* throw exceptions
+ local $@;
+ Text::Balanced::extract_bracketed($sql, '()', qr/\s*/);
+ };
+
+ # the entire expression needs to be a balanced bracketed thing
+ # (after an extract no remainder sans trailing space)
+ last if defined $remainder and $remainder =~ /\S/;
+ }
+
+ $sql = $inner;
+ }
+
+ $sql;
+}
+
+
+#======================================================================
+# ORDER BY
+#======================================================================
+
+sub _expand_order_by {
+ my ($self, $arg) = @_;
+
+ return unless defined($arg) and not (ref($arg) eq 'ARRAY' and !@$arg);
+
+ return $self->_expand_maybe_list_expr($arg)
+ if ref($arg) eq 'HASH' and ($arg->{-op}||[''])->[0] eq ',';
+
+ my $expander = sub {
+ my ($self, $dir, $expr) = @_;
+ my @to_expand = ref($expr) eq 'ARRAY' ? @$expr : $expr;
+ foreach my $arg (@to_expand) {
+ if (
+ ref($arg) eq 'HASH'
+ and keys %$arg > 1
+ and grep /^-(asc|desc)$/, keys %$arg
+ ) {
+ puke "ordering direction hash passed to order by must have exactly one key (-asc or -desc)";
+ }
+ }
+ my @exp = map +(
+ defined($dir) ? { -op => [ $dir =~ /^-?(.*)$/ ,=> $_ ] } : $_
+ ),
+ map $self->expand_expr($_, -ident),
+ map ref($_) eq 'ARRAY' ? @$_ : $_, @to_expand;
+ return undef unless @exp;
+ return undef if @exp == 1 and not defined($exp[0]);
+ return +{ -op => [ ',', @exp ] };
+ };
+
+ local @{$self->{expand}}{qw(asc desc)} = (($expander) x 2);
+
+ return $self->$expander(undef, $arg);
+}
+
+sub _order_by {
+ my ($self, $arg) = @_;
+
+ return '' unless defined(my $expanded = $self->_expand_order_by($arg));
+
+ my ($sql, @bind) = $self->render_aqt($expanded);
+
+ return '' unless length($sql);
+
+ my $final_sql = $self->_sqlcase(' order by ').$sql;
+
+ return wantarray ? ($final_sql, @bind) : $final_sql;
+}
+
+# _order_by no longer needs to call this so doesn't but DBIC uses it.
+
+sub _order_by_chunks {
+ my ($self, $arg) = @_;
+
+ return () unless defined(my $expanded = $self->_expand_order_by($arg));
+
+ return $self->_chunkify_order_by($expanded);
+}
+
+sub _chunkify_order_by {
+ my ($self, $expanded) = @_;
+
+ return grep length, $self->render_aqt($expanded)
+ if $expanded->{-ident} or @{$expanded->{-literal}||[]} == 1;
+
+ for ($expanded) {
+ if (ref() eq 'HASH' and $_->{-op} and $_->{-op}[0] eq ',') {
+ my ($comma, @list) = @{$_->{-op}};
+ return map $self->_chunkify_order_by($_), @list;
+ }
+ return [ $self->render_aqt($_) ];
+ }
+}
+
+#======================================================================
+# DATASOURCE (FOR NOW, JUST PLAIN TABLE OR LIST OF TABLES)
+#======================================================================
+
+sub _table {
+ my $self = shift;
+ my $from = shift;
+ ($self->render_aqt(
+ $self->_expand_maybe_list_expr($from, -ident)
+ ))[0];
+}
+
+
+#======================================================================
+# UTILITY FUNCTIONS
+#======================================================================
+
+sub _expand_maybe_list_expr {
+ my ($self, $expr, $default) = @_;
+ return { -op => [
+ ',', map $self->expand_expr($_, $default),
+ @{$expr->{-op}}[1..$#{$expr->{-op}}]
+ ] } if ref($expr) eq 'HASH' and ($expr->{-op}||[''])->[0] eq ',';
+ return +{ -op => [ ',',
+ map $self->expand_expr($_, $default),
+ ref($expr) eq 'ARRAY' ? @$expr : $expr
+ ] };
+}
+
+# highly optimized, as it's called way too often
+sub _quote {
+ # my ($self, $label) = @_;
+
+ return '' unless defined $_[1];
+ return ${$_[1]} if ref($_[1]) eq 'SCALAR';
+ puke 'Identifier cannot be hashref' if ref($_[1]) eq 'HASH';
+
+ unless ($_[0]->{quote_char}) {
+ if (ref($_[1]) eq 'ARRAY') {
+ return join($_[0]->{name_sep}||'.', @{$_[1]});
+ } else {
+ $_[0]->_assert_pass_injection_guard($_[1]);
+ return $_[1];
+ }
+ }
+
+ my $qref = ref $_[0]->{quote_char};
+ my ($l, $r) =
+ !$qref ? ($_[0]->{quote_char}, $_[0]->{quote_char})
+ : ($qref eq 'ARRAY') ? @{$_[0]->{quote_char}}
+ : puke "Unsupported quote_char format: $_[0]->{quote_char}";
+
+ my $esc = $_[0]->{escape_char} || $r;
+
+ # parts containing * are naturally unquoted
+ return join(
+ $_[0]->{name_sep}||'',
+ map +(
+ $_ eq '*'
+ ? $_
+ : do { (my $n = $_) =~ s/(\Q$esc\E|\Q$r\E)/$esc$1/g; $l . $n . $r }
+ ),
+ (ref($_[1]) eq 'ARRAY'
+ ? @{$_[1]}
+ : (
+ $_[0]->{name_sep}
+ ? split (/\Q$_[0]->{name_sep}\E/, $_[1] )
+ : $_[1]
+ )
+ )
+ );
+}
+
+
+# Conversion, if applicable
+sub _convert {
+ #my ($self, $arg) = @_;
+ if ($_[0]->{convert_where}) {
+ return $_[0]->_sqlcase($_[0]->{convert_where}) .'(' . $_[1] . ')';
+ }
+ return $_[1];
+}
+
+# And bindtype
+sub _bindtype {
+ #my ($self, $col, @vals) = @_;
+ # called often - tighten code
+ return $_[0]->{bindtype} eq 'columns'
+ ? map {[$_[1], $_]} @_[2 .. $#_]
+ : @_[2 .. $#_]
+ ;
+}
+
+# Dies if any element of @bind is not in [colname => value] format
+# if bindtype is 'columns'.
+sub _assert_bindval_matches_bindtype {
+# my ($self, @bind) = @_;
+ my $self = shift;
+ if ($self->{bindtype} eq 'columns') {
+ for (@_) {
+ if (!defined $_ || ref($_) ne 'ARRAY' || @$_ != 2) {
+ puke "bindtype 'columns' selected, you need to pass: [column_name => bind_value]"
+ }
+ }
+ }
+}
+
+sub _join_sql_clauses {
+ my ($self, $logic, $clauses_aref, $bind_aref) = @_;
+
+ if (@$clauses_aref > 1) {
+ my $join = " " . $self->_sqlcase($logic) . " ";
+ my $sql = '( ' . join($join, @$clauses_aref) . ' )';
+ return ($sql, @$bind_aref);
+ }
+ elsif (@$clauses_aref) {
+ return ($clauses_aref->[0], @$bind_aref); # no parentheses
+ }
+ else {
+ return (); # if no SQL, ignore @$bind_aref
+ }
+}
+
+
+# Fix SQL case, if so requested
+sub _sqlcase {
+ # LDNOTE: if $self->{case} is true, then it contains 'lower', so we
+ # don't touch the argument ... crooked logic, but let's not change it!
+ return $_[0]->{case} ? $_[1] : uc($_[1]);
+}
+
+
+#======================================================================
+# DISPATCHING FROM REFKIND
+#======================================================================
+
+sub _refkind {
+ my ($self, $data) = @_;
+
+ return 'UNDEF' unless defined $data;
+
+ # blessed objects are treated like scalars
+ my $ref = (Scalar::Util::blessed $data) ? '' : ref $data;
+
+ return 'SCALAR' unless $ref;
+
+ my $n_steps = 1;
+ while ($ref eq 'REF') {
+ $data = $$data;
+ $ref = (Scalar::Util::blessed $data) ? '' : ref $data;
+ $n_steps++ if $ref;
+ }
+
+ return ($ref||'SCALAR') . ('REF' x $n_steps);
+}
+
+sub _try_refkind {
+ my ($self, $data) = @_;
+ my @try = ($self->_refkind($data));
+ push @try, 'SCALAR_or_UNDEF' if $try[0] eq 'SCALAR' || $try[0] eq 'UNDEF';
+ push @try, 'FALLBACK';
+ return \@try;
+}
+
+sub _METHOD_FOR_refkind {
+ my ($self, $meth_prefix, $data) = @_;
+
+ my $method;
+ for (@{$self->_try_refkind($data)}) {
+ $method = $self->can($meth_prefix."_".$_)
+ and last;
+ }
+
+ return $method || puke "cannot dispatch on '$meth_prefix' for ".$self->_refkind($data);
+}
+
+
+sub _SWITCH_refkind {
+ my ($self, $data, $dispatch_table) = @_;
+
+ my $coderef;
+ for (@{$self->_try_refkind($data)}) {
+ $coderef = $dispatch_table->{$_}
+ and last;
+ }
+
+ puke "no dispatch entry for ".$self->_refkind($data)
+ unless $coderef;
+
+ $coderef->();
+}
+
+
+
+
+#======================================================================
+# VALUES, GENERATE, AUTOLOAD
+#======================================================================
+
+# LDNOTE: original code from nwiger, didn't touch code in that section
+# I feel the AUTOLOAD stuff should not be the default, it should
+# only be activated on explicit demand by user.
+
+sub values {
+ my $self = shift;
+ my $data = shift || return;
+ puke "Argument to ", __PACKAGE__, "->values must be a \\%hash"
+ unless ref $data eq 'HASH';
+
+ my @all_bind;
+ foreach my $k (sort keys %$data) {
+ my $v = $data->{$k};
+ $self->_SWITCH_refkind($v, {
+ ARRAYREF => sub {
+ if ($self->{array_datatypes}) { # array datatype
+ push @all_bind, $self->_bindtype($k, $v);
+ }
+ else { # literal SQL with bind
+ my ($sql, @bind) = @$v;
+ $self->_assert_bindval_matches_bindtype(@bind);
+ push @all_bind, @bind;
+ }
+ },
+ ARRAYREFREF => sub { # literal SQL with bind
+ my ($sql, @bind) = @${$v};
+ $self->_assert_bindval_matches_bindtype(@bind);
+ push @all_bind, @bind;
+ },
+ SCALARREF => sub { # literal SQL without bind
+ },
+ SCALAR_or_UNDEF => sub {
+ push @all_bind, $self->_bindtype($k, $v);
+ },
+ });
+ }
+
+ return @all_bind;
+}
+
+sub generate {
+ my $self = shift;
+
+ my(@sql, @sqlq, @sqlv);
+
+ for (@_) {
+ my $ref = ref $_;
+ if ($ref eq 'HASH') {
+ for my $k (sort keys %$_) {
+ my $v = $_->{$k};
+ my $r = ref $v;
+ my $label = $self->_quote($k);
+ if ($r eq 'ARRAY') {
+ # literal SQL with bind
+ my ($sql, @bind) = @$v;
+ $self->_assert_bindval_matches_bindtype(@bind);
+ push @sqlq, "$label = $sql";
+ push @sqlv, @bind;
+ } elsif ($r eq 'SCALAR') {
+ # literal SQL without bind
+ push @sqlq, "$label = $$v";
+ } else {
+ push @sqlq, "$label = ?";
+ push @sqlv, $self->_bindtype($k, $v);
+ }
+ }
+ push @sql, $self->_sqlcase('set'), join ', ', @sqlq;
+ } elsif ($ref eq 'ARRAY') {
+ # unlike insert(), assume these are ONLY the column names, i.e. for SQL
+ for my $v (@$_) {
+ my $r = ref $v;
+ if ($r eq 'ARRAY') { # literal SQL with bind
+ my ($sql, @bind) = @$v;
+ $self->_assert_bindval_matches_bindtype(@bind);
+ push @sqlq, $sql;
+ push @sqlv, @bind;
+ } elsif ($r eq 'SCALAR') { # literal SQL without bind
+ # embedded literal SQL
+ push @sqlq, $$v;
+ } else {
+ push @sqlq, '?';
+ push @sqlv, $v;
+ }
+ }
+ push @sql, '(' . join(', ', @sqlq) . ')';
+ } elsif ($ref eq 'SCALAR') {
+ # literal SQL
+ push @sql, $$_;
+ } else {
+ # strings get case twiddled
+ push @sql, $self->_sqlcase($_);
+ }
+ }
+
+ my $sql = join ' ', @sql;
+
+ # this is pretty tricky
+ # if ask for an array, return ($stmt, @bind)
+ # otherwise, s/?/shift @sqlv/ to put it inline
+ if (wantarray) {
+ return ($sql, @sqlv);
+ } else {
+ 1 while $sql =~ s/\?/my $d = shift(@sqlv);
+ ref $d ? $d->[1] : $d/e;
+ return $sql;
+ }
+}
+
+
+sub DESTROY { 1 }
+
+sub AUTOLOAD {
+ # This allows us to check for a local, then _form, attr
+ my $self = shift;
+ my($name) = $AUTOLOAD =~ /.*::(.+)/;
+ return $self->generate($name, @_);
+}
+
+1;
+
+
+
+__END__
=head1 NAME
my $sql = SQL::Abstract->new;
- my($stmt, @bind) = $sql->select($table, \@fields, \%where, \@order);
+ my($stmt, @bind) = $sql->select($source, \@fields, \%where, $order);
my($stmt, @bind) = $sql->insert($table, \%fieldvals || \@values);
$sth->execute(@bind);
# Just generate the WHERE clause
- my($stmt, @bind) = $sql->where(\%where, \@order);
+ my($stmt, @bind) = $sql->where(\%where, $order);
# Return values in the same order, for hashed queries
# See PERFORMANCE section for more details
my $sth = $dbh->prepare($stmt);
$sth->execute(@bind);
-In addition, you can apply SQL functions to elements of your C<%data>
-by specifying an arrayref for the given hash value. For example, if
-you need to execute the Oracle C<to_date> function on a value, you
-can say something like this:
+=head2 Inserting and Updating Arrays
+
+If your database has array types (like for example Postgres),
+activate the special option C<< array_datatypes => 1 >>
+when creating the C<SQL::Abstract> object.
+Then you may use an arrayref to insert and update database array types:
+
+ my $sql = SQL::Abstract->new(array_datatypes => 1);
+ my %data = (
+ planets => [qw/Mercury Venus Earth Mars/]
+ );
+
+ my($stmt, @bind) = $sql->insert('solar_system', \%data);
+
+This results in:
+
+ $stmt = "INSERT INTO solar_system (planets) VALUES (?)"
+
+ @bind = (['Mercury', 'Venus', 'Earth', 'Mars']);
+
+
+=head2 Inserting and Updating SQL
+
+In order to apply SQL functions to elements of your C<%data> you may
+specify a reference to an arrayref for the given hash value. For example,
+if you need to execute the Oracle C<to_date> function on a value, you can
+say something like this:
my %data = (
name => 'Bill',
- date_entered => ["to_date(?,'MM/DD/YYYY')", "03/02/2003"],
- );
+ date_entered => \[ "to_date(?,'MM/DD/YYYY')", "03/02/2003" ],
+ );
The first value in the array is the actual SQL. Any other values are
optional and would be included in the bind values array. This gives
my($stmt, @bind) = $sql->insert('people', \%data);
- $stmt = "INSERT INTO people (name, date_entered)
+ $stmt = "INSERT INTO people (name, date_entered)
VALUES (?, to_date(?,'MM/DD/YYYY'))";
@bind = ('Bill', '03/02/2003');
want to specify a WHERE clause for your UPDATE, though, which is
where handling C<%where> hashes comes in handy...
+=head2 Complex where statements
+
This module can generate pretty complicated WHERE statements
easily. For example, simple C<key=value> pairs are taken to mean
equality, and if you want to see if a field is within a set
Easy, eh?
-=head1 FUNCTIONS
+=head1 METHODS
-The functions are simple. There's one for each major SQL operation,
+The methods are simple. There's one for every major SQL operation,
and a constructor you use first. The arguments are specified in a
-similar order to each function (table, then fields, then a where
+similar order for each method (table, then fields, then a where
clause) to try and simplify things.
-=cut
-
-use Carp;
-use strict;
-
-our $VERSION = '1.22';
-our $REVISION = '$Id$';
-our $AUTOLOAD;
-
-# Fix SQL case, if so requested
-sub _sqlcase {
- my $self = shift;
- return $self->{case} ? $_[0] : uc($_[0]);
-}
-
-# Anon copies of arrays/hashes
-# Based on deep_copy example by merlyn
-# http://www.stonehenge.com/merlyn/UnixReview/col30.html
-sub _anoncopy {
- my $orig = shift;
- return (ref $orig eq 'HASH') ? +{map { $_ => _anoncopy($orig->{$_}) } keys %$orig}
- : (ref $orig eq 'ARRAY') ? [map _anoncopy($_), @$orig]
- : $orig;
-}
-
-# Debug
-sub _debug {
- return unless $_[0]->{debug}; shift; # a little faster
- my $func = (caller(1))[3];
- warn "[$func] ", @_, "\n";
-}
-
-sub belch (@) {
- my($func) = (caller(1))[3];
- carp "[$func] Warning: ", @_;
-}
-
-sub puke (@) {
- my($func) = (caller(1))[3];
- croak "[$func] Fatal: ", @_;
-}
-
-# Utility functions
-sub _table {
- my $self = shift;
- my $tab = shift;
- if (ref $tab eq 'ARRAY') {
- return join ', ', map { $self->_quote($_) } @$tab;
- } else {
- return $self->_quote($tab);
- }
-}
-
-sub _quote {
- my $self = shift;
- my $label = shift;
-
- return $label
- if $label eq '*';
-
- return $self->{quote_char} . $label . $self->{quote_char}
- if !defined $self->{name_sep};
-
- return join $self->{name_sep},
- map { $self->{quote_char} . $_ . $self->{quote_char} }
- split /\Q$self->{name_sep}\E/, $label;
-}
-
-# Conversion, if applicable
-sub _convert ($) {
- my $self = shift;
- return @_ unless $self->{convert};
- my $conv = $self->_sqlcase($self->{convert});
- my @ret = map { $conv.'('.$_.')' } @_;
- return wantarray ? @ret : $ret[0];
-}
-
-# And bindtype
-sub _bindtype (@) {
- my $self = shift;
- my($col,@val) = @_;
- return $self->{bindtype} eq 'columns' ? [ @_ ] : @val;
-}
-
-# Modified -logic or -nest
-sub _modlogic ($) {
- my $self = shift;
- my $sym = @_ ? lc(shift) : $self->{logic};
- $sym =~ tr/_/ /;
- $sym = $self->{logic} if $sym eq 'nest';
- return $self->_sqlcase($sym); # override join
-}
-
=head2 new(option => 'value')
The C<new()> function takes a list of options and values, and returns
SELECT a_field FROM a_table WHERE some_field LIKE '%someval%'
+Any setting other than 'lower' is ignored.
+
=item cmp
This determines what the default comparison operator is. By default
WHERE name like 'nwiger' AND email like 'nate@wiger.org'
-You can also override the comparsion on an individual basis - see
+You can also override the comparison on an individual basis - see
the huge section on L</"WHERE CLAUSES"> at the bottom.
+=item sqltrue, sqlfalse
+
+Expressions for inserting boolean values within SQL statements.
+By default these are C<1=1> and C<1=0>. They are used
+by the special operators C<-in> and C<-not_in> for generating
+correct SQL even when the argument is an empty array (see below).
+
=item logic
This determines the default logical operator for multiple WHERE
-statements in arrays. By default it is "or", meaning that a WHERE
+statements in arrays or hashes. If absent, the default logic is "or"
+for arrays, and "and" for hashes. This means that a WHERE
array of the form:
@where = (
- event_date => {'>=', '2/13/99'},
- event_date => {'<=', '4/24/03'},
+ event_date => {'>=', '2/13/99'},
+ event_date => {'<=', '4/24/03'},
);
-Will generate SQL like this:
+will generate SQL like this:
WHERE event_date >= '2/13/99' OR event_date <= '4/24/03'
WHERE event_date >= '2/13/99' AND event_date <= '4/24/03'
+The logic can also be changed locally by inserting
+a modifier in front of an arrayref:
+
+ @where = (-and => [event_date => {'>=', '2/13/99'},
+ event_date => {'<=', '4/24/03'} ]);
+
+See the L</"WHERE CLAUSES"> section for explanations.
+
=item convert
This will automatically convert comparisons using the specified SQL
);
You can then iterate through this manually, using DBI's C<bind_param()>.
-
+
$sth->prepare($stmt);
my $i = 1;
for (@bind) {
sub called C<bind_fields()> or something and reuse it repeatedly. You still
get a layer of abstraction over manual SQL specification.
+Note that if you set L</bindtype> to C<columns>, the C<\[ $sql, @bind ]>
+construct (see L</Literal SQL with placeholders and bind values (subqueries)>)
+will expect the bind values in this format.
+
=item quote_char
This is the character that a table or column name will be quoted
-with. By default this is an empty string, but you could set it to
+with. By default this is an empty string, but you could set it to
the character C<`>, to generate SQL like this:
SELECT `a_field` FROM `a_table` WHERE `some_field` LIKE '%someval%'
-This is useful if you have tables or columns that are reserved words
-in your database's SQL dialect.
+Alternatively, you can supply an array ref of two items, the first being the left
+hand quote character, and the second the right hand quote character. For
+example, you could supply C<['[',']']> for SQL Server 2000 compliant quotes
+that generates SQL like this:
+
+ SELECT [a_field] FROM [a_table] WHERE [some_field] LIKE '%someval%'
+
+Quoting is useful if you have tables or columns names that are reserved
+words in your database's SQL dialect.
+
+=item escape_char
+
+This is the character that will be used to escape L</quote_char>s appearing
+in an identifier before it has been quoted.
+
+The parameter default in case of a single L</quote_char> character is the quote
+character itself.
+
+When opening-closing-style quoting is used (L</quote_char> is an arrayref)
+this parameter defaults to the B<closing (right)> L</quote_char>. Occurrences
+of the B<opening (left)> L</quote_char> within the identifier are currently left
+untouched. The default for opening-closing-style quotes may change in future
+versions, thus you are B<strongly encouraged> to specify the escape character
+explicitly.
=item name_sep
SELECT `table`.`one_field` FROM `table` WHERE `table`.`other_field` = 1
-=back
+=item injection_guard
-=cut
+A regular expression C<qr/.../> that is applied to any C<-function> and unquoted
+column name specified in a query structure. This is a safety mechanism to avoid
+injection attacks when mishandling user input e.g.:
-sub new {
- my $self = shift;
- my $class = ref($self) || $self;
- my %opt = (ref $_[0] eq 'HASH') ? %{$_[0]} : @_;
+ my %condition_as_column_value_pairs = get_values_from_user();
+ $sqla->select( ... , \%condition_as_column_value_pairs );
- # choose our case by keeping an option around
- delete $opt{case} if $opt{case} && $opt{case} ne 'lower';
+If the expression matches an exception is thrown. Note that literal SQL
+supplied via C<\'...'> or C<\['...']> is B<not> checked in any way.
- # override logical operator
- $opt{logic} = uc $opt{logic} if $opt{logic};
+Defaults to checking for C<;> and the C<GO> keyword (TransactSQL)
- # how to return bind vars
- $opt{bindtype} ||= delete($opt{bind_type}) || 'normal';
+=item array_datatypes
- # default comparison is "=", but can be overridden
- $opt{cmp} ||= '=';
+When this option is true, arrayrefs in INSERT or UPDATE are
+interpreted as array datatypes and are passed directly
+to the DBI layer.
+When this option is false, arrayrefs are interpreted
+as literal SQL, just like refs to arrayrefs
+(but this behavior is for backwards compatibility; when writing
+new queries, use the "reference to arrayref" syntax
+for literal SQL).
- # default quotation character around tables/columns
- $opt{quote_char} ||= '';
- return bless \%opt, $class;
-}
+=item special_ops
+
+Takes a reference to a list of "special operators"
+to extend the syntax understood by L<SQL::Abstract>.
+See section L</"SPECIAL OPERATORS"> for details.
-=head2 insert($table, \@values || \%fieldvals)
+=item unary_ops
+
+Takes a reference to a list of "unary operators"
+to extend the syntax understood by L<SQL::Abstract>.
+See section L</"UNARY OPERATORS"> for details.
+
+
+
+=back
+
+=head2 insert($table, \@values || \%fieldvals, \%options)
This is the simplest function. You simply give it a table name
and either an arrayref of values or hashref of field/value pairs.
It returns an SQL INSERT statement and a list of bind values.
+See the sections on L</"Inserting and Updating Arrays"> and
+L</"Inserting and Updating SQL"> for information on how to insert
+with those data types.
-=cut
+The optional C<\%options> hash reference may contain additional
+options to generate the insert SQL. Currently supported options
+are:
-sub insert {
- my $self = shift;
- my $table = $self->_table(shift);
- my $data = shift || return;
-
- my $sql = $self->_sqlcase('insert into') . " $table ";
- my(@sqlf, @sqlv, @sqlq) = ();
-
- my $ref = ref $data;
- if ($ref eq 'HASH') {
- for my $k (sort keys %$data) {
- my $v = $data->{$k};
- my $r = ref $v;
- # named fields, so must save names in order
- push @sqlf, $self->_quote($k);
- if ($r eq 'ARRAY') {
- # SQL included for values
- my @val = @$v;
- push @sqlq, shift @val;
- push @sqlv, $self->_bindtype($k, @val);
- } elsif ($r eq 'SCALAR') {
- # embedded literal SQL
- push @sqlq, $$v;
- } else {
- push @sqlq, '?';
- push @sqlv, $self->_bindtype($k, $v);
- }
- }
- $sql .= '(' . join(', ', @sqlf) .') '. $self->_sqlcase('values') . ' ('. join(', ', @sqlq) .')';
- } elsif ($ref eq 'ARRAY') {
- # just generate values(?,?) part
- # no names (arrayref) so can't generate bindtype
- carp "Warning: ",__PACKAGE__,"->insert called with arrayref when bindtype set"
- if $self->{bindtype} ne 'normal';
- for my $v (@$data) {
- my $r = ref $v;
- if ($r eq 'ARRAY') {
- my @val = @$v;
- push @sqlq, shift @val;
- push @sqlv, @val;
- } elsif ($r eq 'SCALAR') {
- # embedded literal SQL
- push @sqlq, $$v;
- } else {
- push @sqlq, '?';
- push @sqlv, $v;
- }
- }
- $sql .= $self->_sqlcase('values') . ' ('. join(', ', @sqlq) .')';
- } elsif ($ref eq 'SCALAR') {
- # literal SQL
- $sql .= $$data;
- } else {
- puke "Unsupported data type specified to \$sql->insert";
- }
+=over 4
- return wantarray ? ($sql, @sqlv) : $sql;
-}
+=item returning
-=head2 update($table, \%fieldvals, \%where)
+Takes either a scalar of raw SQL fields, or an array reference of
+field names, and adds on an SQL C<RETURNING> statement at the end.
+This allows you to return data generated by the insert statement
+(such as row IDs) without performing another C<SELECT> statement.
+Note, however, this is not part of the SQL standard and may not
+be supported by all database engines.
+
+=back
+
+=head2 update($table, \%fieldvals, \%where, \%options)
This takes a table, hashref of field/value pairs, and an optional
-hashref WHERE clause. It returns an SQL UPDATE function and a list
+hashref L<WHERE clause|/WHERE CLAUSES>. It returns an SQL UPDATE function and a list
of bind values.
+See the sections on L</"Inserting and Updating Arrays"> and
+L</"Inserting and Updating SQL"> for information on how to insert
+with those data types.
-=cut
+The optional C<\%options> hash reference may contain additional
+options to generate the update SQL. Currently supported options
+are:
-sub update {
- my $self = shift;
- my $table = $self->_table(shift);
- my $data = shift || return;
- my $where = shift;
+=over 4
- my $sql = $self->_sqlcase('update') . " $table " . $self->_sqlcase('set ');
- my(@sqlf, @sqlv) = ();
+=item returning
- puke "Unsupported data type specified to \$sql->update"
- unless ref $data eq 'HASH';
+See the C<returning> option to
+L<insert|/insert($table, \@values || \%fieldvals, \%options)>.
- for my $k (sort keys %$data) {
- my $v = $data->{$k};
- my $r = ref $v;
- my $label = $self->_quote($k);
- if ($r eq 'ARRAY') {
- # SQL included for values
- my @bind = @$v;
- my $sql = shift @bind;
- push @sqlf, "$label = $sql";
- push @sqlv, $self->_bindtype($k, @bind);
- } elsif ($r eq 'SCALAR') {
- # embedded literal SQL
- push @sqlf, "$label = $$v";
- } else {
- push @sqlf, "$label = ?";
- push @sqlv, $self->_bindtype($k, $v);
- }
- }
+=back
- $sql .= join ', ', @sqlf;
+=head2 select($source, $fields, $where, $order)
- if ($where) {
- my($wsql, @wval) = $self->where($where);
- $sql .= $wsql;
- push @sqlv, @wval;
- }
+This returns a SQL SELECT statement and associated list of bind values, as
+specified by the arguments:
- return wantarray ? ($sql, @sqlv) : $sql;
-}
+=over
-=head2 select($table, \@fields, \%where, \@order)
+=item $source
-This takes a table, arrayref of fields (or '*'), optional hashref
-WHERE clause, and optional arrayref order by, and returns the
-corresponding SQL SELECT statement and list of bind values.
+Specification of the 'FROM' part of the statement.
+The argument can be either a plain scalar (interpreted as a table
+name, will be quoted), or an arrayref (interpreted as a list
+of table names, joined by commas, quoted), or a scalarref
+(literal SQL, not quoted).
-=cut
+=item $fields
-sub select {
- my $self = shift;
- my $table = $self->_table(shift);
- my $fields = shift || '*';
- my $where = shift;
- my $order = shift;
+Specification of the list of fields to retrieve from
+the source.
+The argument can be either an arrayref (interpreted as a list
+of field names, will be joined by commas and quoted), or a
+plain scalar (literal SQL, not quoted).
+Please observe that this API is not as flexible as that of
+the first argument C<$source>, for backwards compatibility reasons.
- my $f = (ref $fields eq 'ARRAY') ? join ', ', map { $self->_quote($_) } @$fields : $fields;
- my $sql = join ' ', $self->_sqlcase('select'), $f, $self->_sqlcase('from'), $table;
+=item $where
- my(@sqlf, @sqlv) = ();
- my($wsql, @wval) = $self->where($where, $order);
- $sql .= $wsql;
- push @sqlv, @wval;
+Optional argument to specify the WHERE part of the query.
+The argument is most often a hashref, but can also be
+an arrayref or plain scalar --
+see section L<WHERE clause|/"WHERE CLAUSES"> for details.
- return wantarray ? ($sql, @sqlv) : $sql;
-}
+=item $order
+
+Optional argument to specify the ORDER BY part of the query.
+The argument can be a scalar, a hashref or an arrayref
+-- see section L<ORDER BY clause|/"ORDER BY CLAUSES">
+for details.
+
+=back
-=head2 delete($table, \%where)
-This takes a table name and optional hashref WHERE clause.
+=head2 delete($table, \%where, \%options)
+
+This takes a table name and optional hashref L<WHERE clause|/WHERE CLAUSES>.
It returns an SQL DELETE statement and list of bind values.
-=cut
+The optional C<\%options> hash reference may contain additional
+options to generate the delete SQL. Currently supported options
+are:
-sub delete {
- my $self = shift;
- my $table = $self->_table(shift);
- my $where = shift;
+=over 4
- my $sql = $self->_sqlcase('delete from') . " $table";
- my(@sqlf, @sqlv) = ();
+=item returning
- if ($where) {
- my($wsql, @wval) = $self->where($where);
- $sql .= $wsql;
- push @sqlv, @wval;
- }
+See the C<returning> option to
+L<insert|/insert($table, \@values || \%fieldvals, \%options)>.
- return wantarray ? ($sql, @sqlv) : $sql;
-}
+=back
-=head2 where(\%where, \@order)
+=head2 where(\%where, $order)
This is used to generate just the WHERE clause. For example,
if you have an arbitrary data structure and know what the
to produce a WHERE clause, use this. It returns an SQL WHERE
clause and list of bind values.
-=cut
-
-# Finally, a separate routine just to handle WHERE clauses
-sub where {
- my $self = shift;
- my $where = shift;
- my $order = shift;
-
- # Need a separate routine to properly wrap w/ "where"
- my $sql = '';
- my @ret = $self->_recurse_where($where);
- if (@ret) {
- my $wh = shift @ret;
- $sql .= $self->_sqlcase(' where ') . $wh if $wh;
- }
-
- # order by?
- if ($order) {
- $sql .= $self->_order_by($order);
- }
-
- return wantarray ? ($sql, @ret) : $sql;
-}
-
-
-sub _recurse_where {
- local $^W = 0; # really, you've gotta be fucking kidding me
- my $self = shift;
- my $where = _anoncopy(shift); # prevent destroying original
- my $ref = ref $where || '';
- my $join = shift || $self->{logic} ||
- ($ref eq 'ARRAY' ? $self->_sqlcase('or') : $self->_sqlcase('and'));
-
- # For assembling SQL fields and values
- my(@sqlf, @sqlv) = ();
-
- # If an arrayref, then we join each element
- if ($ref eq 'ARRAY') {
- # need to use while() so can shift() for arrays
- my $subjoin;
- while (my $el = shift @$where) {
-
- # skip empty elements, otherwise get invalid trailing AND stuff
- if (my $ref2 = ref $el) {
- if ($ref2 eq 'ARRAY') {
- next unless @$el;
- } elsif ($ref2 eq 'HASH') {
- next unless %$el;
- $subjoin ||= $self->_sqlcase('and');
- } elsif ($ref2 eq 'SCALAR') {
- # literal SQL
- push @sqlf, $$el;
- next;
- }
- $self->_debug("$ref2(*top) means join with $subjoin");
- } else {
- # top-level arrayref with scalars, recurse in pairs
- $self->_debug("NOREF(*top) means join with $subjoin");
- $el = {$el => shift(@$where)};
- }
- my @ret = $self->_recurse_where($el, $subjoin);
- push @sqlf, shift @ret;
- push @sqlv, @ret;
- }
- }
- elsif ($ref eq 'HASH') {
- # Note: during recursion, the last element will always be a hashref,
- # since it needs to point a column => value. So this be the end.
- for my $k (sort keys %$where) {
- my $v = $where->{$k};
- my $label = $self->_quote($k);
- if ($k =~ /^-(\D+)/) {
- # special nesting, like -and, -or, -nest, so shift over
- my $subjoin = $self->_modlogic($1);
- $self->_debug("OP(-$1) means special logic ($subjoin), recursing...");
- my @ret = $self->_recurse_where($v, $subjoin);
- push @sqlf, shift @ret;
- push @sqlv, @ret;
- } elsif (! defined($v)) {
- # undef = null
- $self->_debug("UNDEF($k) means IS NULL");
- push @sqlf, $label . $self->_sqlcase(' is null');
- } elsif (ref $v eq 'ARRAY') {
- my @v = @$v;
-
- # multiple elements: multiple options
- $self->_debug("ARRAY($k) means multiple elements: [ @v ]");
-
- # special nesting, like -and, -or, -nest, so shift over
- my $subjoin = $self->_sqlcase('or');
- if ($v[0] =~ /^-(\D+)/) {
- $subjoin = $self->_modlogic($1); # override subjoin
- $self->_debug("OP(-$1) means special logic ($subjoin), shifting...");
- shift @v;
- }
-
- # map into an array of hashrefs and recurse
- my @ret = $self->_recurse_where([map { {$k => $_} } @v], $subjoin);
-
- # push results into our structure
- push @sqlf, shift @ret;
- push @sqlv, @ret;
- } elsif (ref $v eq 'HASH') {
- # modified operator { '!=', 'completed' }
- for my $f (sort keys %$v) {
- my $x = $v->{$f};
- $self->_debug("HASH($k) means modified operator: { $f }");
-
- # check for the operator being "IN" or "BETWEEN" or whatever
- if (ref $x eq 'ARRAY') {
- if ($f =~ /^-?\s*(not[\s_]+)?(in|between)\s*$/i) {
- my $u = $self->_modlogic($1 . $2);
- $self->_debug("HASH($f => $x) uses special operator: [ $u ]");
- if ($u =~ /between/i) {
- # SQL sucks
- push @sqlf, join ' ', $self->_convert($label), $u, $self->_convert('?'),
- $self->_sqlcase('and'), $self->_convert('?');
- } else {
- push @sqlf, join ' ', $self->_convert($label), $u, '(',
- join(', ', map { $self->_convert('?') } @$x),
- ')';
- }
- push @sqlv, $self->_bindtype($k, @$x);
- } else {
- # multiple elements: multiple options
- $self->_debug("ARRAY($x) means multiple elements: [ @$x ]");
-
- # map into an array of hashrefs and recurse
- my @ret = $self->_recurse_where([map { {$k => {$f, $_}} } @$x]);
-
- # push results into our structure
- push @sqlf, shift @ret;
- push @sqlv, @ret;
- }
- } elsif (! defined($x)) {
- # undef = NOT null
- my $not = ($f eq '!=' || $f eq 'not like') ? ' not' : '';
- push @sqlf, $label . $self->_sqlcase(" is$not null");
- } else {
- # regular ol' value
- $f =~ s/^-//; # strip leading -like =>
- $f =~ s/_/ /; # _ => " "
- push @sqlf, join ' ', $self->_convert($label), $self->_sqlcase($f), $self->_convert('?');
- push @sqlv, $self->_bindtype($k, $x);
- }
- }
- } elsif (ref $v eq 'SCALAR') {
- # literal SQL
- $self->_debug("SCALAR($k) means literal SQL: $$v");
- push @sqlf, "$label $$v";
- } else {
- # standard key => val
- $self->_debug("NOREF($k) means simple key=val: $k $self->{cmp} $v");
- push @sqlf, join ' ', $self->_convert($label), $self->_sqlcase($self->{cmp}), $self->_convert('?');
- push @sqlv, $self->_bindtype($k, $v);
- }
- }
- }
- elsif ($ref eq 'SCALAR') {
- # literal sql
- $self->_debug("SCALAR(*top) means literal SQL: $$where");
- push @sqlf, $$where;
- }
- elsif (defined $where) {
- # literal sql
- $self->_debug("NOREF(*top) means literal SQL: $where");
- push @sqlf, $where;
- }
-
- # assemble and return sql
- my $wsql = @sqlf ? '( ' . join(" $join ", @sqlf) . ' )' : '';
- return wantarray ? ($wsql, @sqlv) : $wsql;
-}
-
-sub _order_by {
- my $self = shift;
- my $ref = ref $_[0];
-
- my @vals = $ref eq 'ARRAY' ? @{$_[0]} :
- $ref eq 'SCALAR' ? ${$_[0]} :
- $ref eq '' ? $_[0] :
- puke "Unsupported data struct $ref for ORDER BY";
-
- my $val = join ', ', map { $self->_quote($_) } @vals;
- return $val ? $self->_sqlcase(' order by')." $val" : '';
-}
=head2 values(\%data)
Using this allows you to markedly speed up your queries if you
are affecting lots of rows. See below under the L</"PERFORMANCE"> section.
-=cut
-
-sub values {
- my $self = shift;
- my $data = shift || return;
- puke "Argument to ", __PACKAGE__, "->values must be a \\%hash"
- unless ref $data eq 'HASH';
- return map { $self->_bindtype($_, $data->{$_}) } sort keys %$data;
-}
-
=head2 generate($any, 'number', $of, \@data, $struct, \%types)
Warning: This is an experimental method and subject to change.
Might give you:
- ALTER SESSION SET nls_date_format = 'MM/YY'
-
-You get the idea. Strings get their case twiddled, but everything
-else remains verbatim.
-
-=cut
-
-sub generate {
- my $self = shift;
-
- my(@sql, @sqlq, @sqlv);
-
- for (@_) {
- my $ref = ref $_;
- if ($ref eq 'HASH') {
- for my $k (sort keys %$_) {
- my $v = $_->{$k};
- my $r = ref $v;
- my $label = $self->_quote($k);
- if ($r eq 'ARRAY') {
- # SQL included for values
- my @bind = @$v;
- my $sql = shift @bind;
- push @sqlq, "$label = $sql";
- push @sqlv, $self->_bindtype($k, @bind);
- } elsif ($r eq 'SCALAR') {
- # embedded literal SQL
- push @sqlq, "$label = $$v";
- } else {
- push @sqlq, "$label = ?";
- push @sqlv, $self->_bindtype($k, $v);
- }
- }
- push @sql, $self->_sqlcase('set'), join ', ', @sqlq;
- } elsif ($ref eq 'ARRAY') {
- # unlike insert(), assume these are ONLY the column names, i.e. for SQL
- for my $v (@$_) {
- my $r = ref $v;
- if ($r eq 'ARRAY') {
- my @val = @$v;
- push @sqlq, shift @val;
- push @sqlv, @val;
- } elsif ($r eq 'SCALAR') {
- # embedded literal SQL
- push @sqlq, $$v;
- } else {
- push @sqlq, '?';
- push @sqlv, $v;
- }
- }
- push @sql, '(' . join(', ', @sqlq) . ')';
- } elsif ($ref eq 'SCALAR') {
- # literal SQL
- push @sql, $$_;
- } else {
- # strings get case twiddled
- push @sql, $self->_sqlcase($_);
- }
- }
+ ALTER SESSION SET nls_date_format = 'MM/YY'
- my $sql = join ' ', @sql;
+You get the idea. Strings get their case twiddled, but everything
+else remains verbatim.
- # this is pretty tricky
- # if ask for an array, return ($stmt, @bind)
- # otherwise, s/?/shift @sqlv/ to put it inline
- if (wantarray) {
- return ($sql, @sqlv);
- } else {
- 1 while $sql =~ s/\?/my $d = shift(@sqlv);
- ref $d ? $d->[1] : $d/e;
- return $sql;
- }
-}
+=head1 EXPORTABLE FUNCTIONS
-sub DESTROY { 1 }
-sub AUTOLOAD {
- # This allows us to check for a local, then _form, attr
- my $self = shift;
- my($name) = $AUTOLOAD =~ /.*::(.+)/;
- return $self->generate($name, @_);
-}
+=head2 is_plain_value
-1;
+Determines if the supplied argument is a plain value as understood by this
+module:
-__END__
+=over
+
+=item * The value is C<undef>
+
+=item * The value is a non-reference
+
+=item * The value is an object with stringification overloading
+
+=item * The value is of the form C<< { -value => $anything } >>
+
+=back
+
+On failure returns C<undef>, on success returns a B<scalar> reference
+to the original supplied argument.
+
+=over
+
+=item * Note
+
+The stringification overloading detection is rather advanced: it takes
+into consideration not only the presence of a C<""> overload, but if that
+fails also checks for enabled
+L<autogenerated versions of C<"">|overload/Magic Autogeneration>, based
+on either C<0+> or C<bool>.
+
+Unfortunately testing in the field indicates that this
+detection B<< may tickle a latent bug in perl versions before 5.018 >>,
+but only when very large numbers of stringifying objects are involved.
+At the time of writing ( Sep 2014 ) there is no clear explanation of
+the direct cause, nor is there a manageably small test case that reliably
+reproduces the problem.
+
+If you encounter any of the following exceptions in B<random places within
+your application stack> - this module may be to blame:
+
+ Operation "ne": no method found,
+ left argument in overloaded package <something>,
+ right argument in overloaded package <something>
+
+or perhaps even
+
+ Stub found while resolving method "???" overloading """" in package <something>
+
+If you fall victim to the above - please attempt to reduce the problem
+to something that could be sent to the L<SQL::Abstract developers
+|DBIx::Class/GETTING HELP/SUPPORT>
+(either publicly or privately). As a workaround in the meantime you can
+set C<$ENV{SQLA_ISVALUE_IGNORE_AUTOGENERATED_STRINGIFICATION}> to a true
+value, which will most likely eliminate your problem (at the expense of
+not being able to properly detect exotic forms of stringification).
+
+This notice and environment variable will be removed in a future version,
+as soon as the underlying problem is found and a reliable workaround is
+devised.
+
+=back
+
+=head2 is_literal_value
+
+Determines if the supplied argument is a literal value as understood by this
+module:
+
+=over
+
+=item * C<\$sql_string>
+
+=item * C<\[ $sql_string, @bind_values ]>
+
+=back
+
+On failure returns C<undef>, on success returns an B<array> reference
+containing the unpacked version of the supplied literal SQL and bind values.
=head1 WHERE CLAUSES
+=head2 Introduction
+
This module uses a variation on the idea from L<DBIx::Abstract>. It
is B<NOT>, repeat I<not> 100% compatible. B<The main logic of this
module is that things in arrays are OR'ed, and things in hashes
However, note that the C<%where> hash can be used directly in any
of the other functions as well, as described above.
+=head2 Key-value pairs
+
So, let's get started. To begin, a simple hash:
my %where = (
);
This simple code will create the following:
-
+
$stmt = "WHERE user = ? AND ( status = ? OR status = ? OR status = ? )";
@bind = ('nwiger', 'assigned', 'in-progress', 'pending');
+A field associated to an empty arrayref will be considered a
+logical false and will generate 0=1.
+
+=head2 Tests for NULL values
+
+If the value part is C<undef> then this is converted to SQL <IS NULL>
+
+ my %where = (
+ user => 'nwiger',
+ status => undef,
+ );
+
+becomes:
+
+ $stmt = "WHERE user = ? AND status IS NULL";
+ @bind = ('nwiger');
+
+To test if a column IS NOT NULL:
+
+ my %where = (
+ user => 'nwiger',
+ status => { '!=', undef },
+ );
+
+=head2 Specific comparison operators
+
If you want to specify a different type of operator for your comparison,
you can use a hashref for a given column:
To test against multiple values, just enclose the values in an arrayref:
- status => { '!=', ['assigned', 'in-progress', 'pending'] };
+ status => { '=', ['assigned', 'in-progress', 'pending'] };
Which would give you:
- "WHERE status != ? OR status != ? OR status != ?"
+ "WHERE status = ? OR status = ? OR status = ?"
-But, this is probably not what you want in this case (look at it). So
-the hashref can also contain multiple pairs, in which case it is expanded
+
+The hashref can also contain multiple pairs, in which case it is expanded
into an C<AND> of its elements:
my %where = (
$stmt = "WHERE user = ? AND status != ? AND status NOT LIKE ?";
@bind = ('nwiger', 'completed', 'pending%');
+
To get an OR instead, you can combine it with the arrayref idea:
my %where => (
user => 'nwiger',
- priority => [ {'=', 2}, {'!=', 1} ]
+ priority => [ { '=', 2 }, { '>', 5 } ]
+ );
+
+Which would generate:
+
+ $stmt = "WHERE ( priority = ? OR priority > ? ) AND user = ?";
+ @bind = ('2', '5', 'nwiger');
+
+If you want to include literal SQL (with or without bind values), just use a
+scalar reference or reference to an arrayref as the value:
+
+ my %where = (
+ date_entered => { '>' => \["to_date(?, 'MM/DD/YYYY')", "11/26/2008"] },
+ date_expires => { '<' => \"now()" }
);
Which would generate:
- $stmt = "WHERE user = ? AND priority = ? OR priority != ?";
- @bind = ('nwiger', '2', '1');
+ $stmt = "WHERE date_entered > to_date(?, 'MM/DD/YYYY') AND date_expires < now()";
+ @bind = ('11/26/2008');
+
-However, there is a subtle trap if you want to say something like
+=head2 Logic and nesting operators
+
+In the example above,
+there is a subtle trap if you want to say something like
this (notice the C<AND>):
WHERE priority != ? AND priority != ?
Because, in Perl you I<can't> do this:
- priority => { '!=', 2, '!=', 1 }
+ priority => { '!=' => 2, '!=' => 1 }
As the second C<!=> key will obliterate the first. The solution
is to use the special C<-modifier> form inside an arrayref:
- priority => [ -and => {'!=', 2}, {'!=', 1} ]
+ priority => [ -and => {'!=', 2},
+ {'!=', 1} ]
+
Normally, these would be joined by C<OR>, but the modifier tells it
to use C<AND> instead. (Hint: You can use this in conjunction with the
status => [ -or => {'=', 'assigned'}, {'=', 'in-progress'}]
status => [ {'=', 'assigned'}, {'=', 'in-progress'} ]
-In addition to C<-and> and C<-or>, there is also a special C<-nest>
-operator which adds an additional set of parens, to create a subquery.
-For example, to get something like this:
- $stmt = WHERE user = ? AND ( workhrs > ? OR geo = ? )
- @bind = ('nwiger', '20', 'ASIA');
-You would do:
-
- my %where = (
- user => 'nwiger',
- -nest => [ workhrs => {'>', 20}, geo => 'ASIA' ],
- );
+=head2 Special operators: IN, BETWEEN, etc.
You can also use the hashref format to compare a list of fields using the
C<IN> comparison operator, by specifying the list as an arrayref:
$stmt = "WHERE status = ? AND reportid IN (?,?,?)";
@bind = ('completed', '567', '2335', '2');
-You can use this same format to use other grouping functions, such
-as C<BETWEEN>, C<SOME>, and so forth. For example:
+The reverse operator C<-not_in> generates SQL C<NOT IN> and is used in
+the same way.
+
+If the argument to C<-in> is an empty array, 'sqlfalse' is generated
+(by default: C<1=0>). Similarly, C<< -not_in => [] >> generates
+'sqltrue' (by default: C<1=1>).
+
+In addition to the array you can supply a chunk of literal sql or
+literal sql with bind:
+
+ my %where = {
+ customer => { -in => \[
+ 'SELECT cust_id FROM cust WHERE balance > ?',
+ 2000,
+ ],
+ status => { -in => \'SELECT status_codes FROM states' },
+ };
+
+would generate:
+
+ $stmt = "WHERE (
+ customer IN ( SELECT cust_id FROM cust WHERE balance > ? )
+ AND status IN ( SELECT status_codes FROM states )
+ )";
+ @bind = ('2000');
+
+Finally, if the argument to C<-in> is not a reference, it will be
+treated as a single-element array.
+
+Another pair of operators is C<-between> and C<-not_between>,
+used with an arrayref of two values:
my %where = (
user => 'nwiger',
WHERE user = ? AND completion_date NOT BETWEEN ( ? AND ? )
+Just like with C<-in> all plausible combinations of literal SQL
+are possible:
+
+ my %where = {
+ start0 => { -between => [ 1, 2 ] },
+ start1 => { -between => \["? AND ?", 1, 2] },
+ start2 => { -between => \"lower(x) AND upper(y)" },
+ start3 => { -between => [
+ \"lower(x)",
+ \["upper(?)", 'stuff' ],
+ ] },
+ };
+
+Would give you:
+
+ $stmt = "WHERE (
+ ( start0 BETWEEN ? AND ? )
+ AND ( start1 BETWEEN ? AND ? )
+ AND ( start2 BETWEEN lower(x) AND upper(y) )
+ AND ( start3 BETWEEN lower(x) AND upper(?) )
+ )";
+ @bind = (1, 2, 1, 2, 'stuff');
+
+
+These are the two builtin "special operators"; but the
+list can be expanded: see section L</"SPECIAL OPERATORS"> below.
+
+=head2 Unary operators: bool
+
+If you wish to test against boolean columns or functions within your
+database you can use the C<-bool> and C<-not_bool> operators. For
+example to test the column C<is_user> being true and the column
+C<is_enabled> being false you would use:-
+
+ my %where = (
+ -bool => 'is_user',
+ -not_bool => 'is_enabled',
+ );
+
+Would give you:
+
+ WHERE is_user AND NOT is_enabled
+
+If a more complex combination is required, testing more conditions,
+then you should use the and/or operators:-
+
+ my %where = (
+ -and => [
+ -bool => 'one',
+ -not_bool => { two=> { -rlike => 'bar' } },
+ -not_bool => { three => [ { '=', 2 }, { '>', 5 } ] },
+ ],
+ );
+
+Would give you:
+
+ WHERE
+ one
+ AND
+ (NOT two RLIKE ?)
+ AND
+ (NOT ( three = ? OR three > ? ))
+
+
+=head2 Nested conditions, -and/-or prefixes
+
So far, we've seen how multiple conditions are joined with a top-level
C<AND>. We can change this by putting the different conditions we want in
hashes and then putting those hashes in an array. For example:
OR ( user = ? AND status = ? ) )";
@bind = ('nwiger', 'pending', 'dispatched', 'robot', 'unassigned');
-This can be combined with the C<-nest> operator to properly group
-SQL statements:
+
+Clauses in hashrefs or arrayrefs can be prefixed with an C<-and> or C<-or>
+to change the logic inside:
my @where = (
-and => [
user => 'nwiger',
- -nest => [
- -and => [workhrs => {'>', 20}, geo => 'ASIA' ],
- -and => [workhrs => {'<', 50}, geo => 'EURO' ]
+ [
+ -and => [ workhrs => {'>', 20}, geo => 'ASIA' ],
+ -or => { workhrs => {'<', 50}, geo => 'EURO' },
],
],
);
That would yield:
- WHERE ( user = ? AND
- ( ( workhrs > ? AND geo = ? )
- OR ( workhrs < ? AND geo = ? ) ) )
+ $stmt = "WHERE ( user = ?
+ AND ( ( workhrs > ? AND geo = ? )
+ OR ( workhrs < ? OR geo = ? ) ) )";
+ @bind = ('nwiger', '20', 'ASIA', '50', 'EURO');
+
+=head3 Algebraic inconsistency, for historical reasons
+
+C<Important note>: when connecting several conditions, the C<-and->|C<-or>
+operator goes C<outside> of the nested structure; whereas when connecting
+several constraints on one column, the C<-and> operator goes
+C<inside> the arrayref. Here is an example combining both features:
+
+ my @where = (
+ -and => [a => 1, b => 2],
+ -or => [c => 3, d => 4],
+ e => [-and => {-like => 'foo%'}, {-like => '%bar'} ]
+ )
+
+yielding
+
+ WHERE ( ( ( a = ? AND b = ? )
+ OR ( c = ? OR d = ? )
+ OR ( e LIKE ? AND e LIKE ? ) ) )
+
+This difference in syntax is unfortunate but must be preserved for
+historical reasons. So be careful: the two examples below would
+seem algebraically equivalent, but they are not
+
+ { col => [ -and =>
+ { -like => 'foo%' },
+ { -like => '%bar' },
+ ] }
+ # yields: WHERE ( ( col LIKE ? AND col LIKE ? ) )
-Finally, sometimes only literal SQL will do. If you want to include
-literal SQL verbatim, you can specify it as a scalar reference, namely:
+ [ -and =>
+ { col => { -like => 'foo%' } },
+ { col => { -like => '%bar' } },
+ ]
+ # yields: WHERE ( ( col LIKE ? OR col LIKE ? ) )
+
+
+=head2 Literal SQL and value type operators
+
+The basic premise of SQL::Abstract is that in WHERE specifications the "left
+side" is a column name and the "right side" is a value (normally rendered as
+a placeholder). This holds true for both hashrefs and arrayref pairs as you
+see in the L</WHERE CLAUSES> examples above. Sometimes it is necessary to
+alter this behavior. There are several ways of doing so.
+
+=head3 -ident
+
+This is a virtual operator that signals the string to its right side is an
+identifier (a column name) and not a value. For example to compare two
+columns you would write:
- my $inn = 'is Not Null';
my %where = (
priority => { '<', 2 },
- requestor => \$inn
+ requestor => { -ident => 'submitter' },
);
-This would create:
+which creates:
- $stmt = "WHERE priority < ? AND requestor is Not Null";
+ $stmt = "WHERE priority < ? AND requestor = submitter";
@bind = ('2');
+If you are maintaining legacy code you may see a different construct as
+described in L</Deprecated usage of Literal SQL>, please use C<-ident> in new
+code.
+
+=head3 -value
+
+This is a virtual operator that signals that the construct to its right side
+is a value to be passed to DBI. This is for example necessary when you want
+to write a where clause against an array (for RDBMS that support such
+datatypes). For example:
+
+ my %where = (
+ array => { -value => [1, 2, 3] }
+ );
+
+will result in:
+
+ $stmt = 'WHERE array = ?';
+ @bind = ([1, 2, 3]);
+
+Note that if you were to simply say:
+
+ my %where = (
+ array => [1, 2, 3]
+ );
+
+the result would probably not be what you wanted:
+
+ $stmt = 'WHERE array = ? OR array = ? OR array = ?';
+ @bind = (1, 2, 3);
+
+=head3 Literal SQL
+
+Finally, sometimes only literal SQL will do. To include a random snippet
+of SQL verbatim, you specify it as a scalar reference. Consider this only
+as a last resort. Usually there is a better way. For example:
+
+ my %where = (
+ priority => { '<', 2 },
+ requestor => { -in => \'(SELECT name FROM hitmen)' },
+ );
+
+Would create:
+
+ $stmt = "WHERE priority < ? AND requestor IN (SELECT name FROM hitmen)"
+ @bind = (2);
+
Note that in this example, you only get one bind parameter back, since
the verbatim SQL is passed as part of the statement.
-Of course, just to prove a point, the above can also be accomplished
-with this:
+=head4 CAVEAT
+
+ Never use untrusted input as a literal SQL argument - this is a massive
+ security risk (there is no way to check literal snippets for SQL
+ injections and other nastyness). If you need to deal with untrusted input
+ use literal SQL with placeholders as described next.
+
+=head3 Literal SQL with placeholders and bind values (subqueries)
+
+If the literal SQL to be inserted has placeholders and bind values,
+use a reference to an arrayref (yes this is a double reference --
+not so common, but perfectly legal Perl). For example, to find a date
+in Postgres you can use something like this:
+
+ my %where = (
+ date_column => \[ "= date '2008-09-30' - ?::integer", 10 ]
+ )
+
+This would create:
+
+ $stmt = "WHERE ( date_column = date '2008-09-30' - ?::integer )"
+ @bind = ('10');
+
+Note that you must pass the bind values in the same format as they are returned
+by L<where|/where(\%where, $order)>. This means that if you set L</bindtype>
+to C<columns>, you must provide the bind values in the
+C<< [ column_meta => value ] >> format, where C<column_meta> is an opaque
+scalar value; most commonly the column name, but you can use any scalar value
+(including references and blessed references), L<SQL::Abstract> will simply
+pass it through intact. So if C<bindtype> is set to C<columns> the above
+example will look like:
my %where = (
- priority => { '<', 2 },
- requestor => { '!=', undef },
+ date_column => \[ "= date '2008-09-30' - ?::integer", [ {} => 10 ] ]
+ )
+
+Literal SQL is especially useful for nesting parenthesized clauses in the
+main SQL query. Here is a first example:
+
+ my ($sub_stmt, @sub_bind) = ("SELECT c1 FROM t1 WHERE c2 < ? AND c3 LIKE ?",
+ 100, "foo%");
+ my %where = (
+ foo => 1234,
+ bar => \["IN ($sub_stmt)" => @sub_bind],
+ );
+
+This yields:
+
+ $stmt = "WHERE (foo = ? AND bar IN (SELECT c1 FROM t1
+ WHERE c2 < ? AND c3 LIKE ?))";
+ @bind = (1234, 100, "foo%");
+
+Other subquery operators, like for example C<"E<gt> ALL"> or C<"NOT IN">,
+are expressed in the same way. Of course the C<$sub_stmt> and
+its associated bind values can be generated through a former call
+to C<select()> :
+
+ my ($sub_stmt, @sub_bind)
+ = $sql->select("t1", "c1", {c2 => {"<" => 100},
+ c3 => {-like => "foo%"}});
+ my %where = (
+ foo => 1234,
+ bar => \["> ALL ($sub_stmt)" => @sub_bind],
+ );
+
+In the examples above, the subquery was used as an operator on a column;
+but the same principle also applies for a clause within the main C<%where>
+hash, like an EXISTS subquery:
+
+ my ($sub_stmt, @sub_bind)
+ = $sql->select("t1", "*", {c1 => 1, c2 => \"> t0.c0"});
+ my %where = ( -and => [
+ foo => 1234,
+ \["EXISTS ($sub_stmt)" => @sub_bind],
+ ]);
+
+which yields
+
+ $stmt = "WHERE (foo = ? AND EXISTS (SELECT * FROM t1
+ WHERE c1 = ? AND c2 > t0.c0))";
+ @bind = (1234, 1);
+
+
+Observe that the condition on C<c2> in the subquery refers to
+column C<t0.c0> of the main query: this is I<not> a bind
+value, so we have to express it through a scalar ref.
+Writing C<< c2 => {">" => "t0.c0"} >> would have generated
+C<< c2 > ? >> with bind value C<"t0.c0"> ... not exactly
+what we wanted here.
+
+Finally, here is an example where a subquery is used
+for expressing unary negation:
+
+ my ($sub_stmt, @sub_bind)
+ = $sql->where({age => [{"<" => 10}, {">" => 20}]});
+ $sub_stmt =~ s/^ where //i; # don't want "WHERE" in the subclause
+ my %where = (
+ lname => {like => '%son%'},
+ \["NOT ($sub_stmt)" => @sub_bind],
);
-TMTOWTDI.
+This yields
+
+ $stmt = "lname LIKE ? AND NOT ( age < ? OR age > ? )"
+ @bind = ('%son%', 10, 20)
+
+=head3 Deprecated usage of Literal SQL
+
+Below are some examples of archaic use of literal SQL. It is shown only as
+reference for those who deal with legacy code. Each example has a much
+better, cleaner and safer alternative that users should opt for in new code.
+
+=over
+
+=item *
+
+ my %where = ( requestor => \'IS NOT NULL' )
+
+ $stmt = "WHERE requestor IS NOT NULL"
+
+This used to be the way of generating NULL comparisons, before the handling
+of C<undef> got formalized. For new code please use the superior syntax as
+described in L</Tests for NULL values>.
+
+=item *
+
+ my %where = ( requestor => \'= submitter' )
+
+ $stmt = "WHERE requestor = submitter"
+
+This used to be the only way to compare columns. Use the superior L</-ident>
+method for all new code. For example an identifier declared in such a way
+will be properly quoted if L</quote_char> is properly set, while the legacy
+form will remain as supplied.
+
+=item *
+
+ my %where = ( is_ready => \"", completed => { '>', '2012-12-21' } )
+
+ $stmt = "WHERE completed > ? AND is_ready"
+ @bind = ('2012-12-21')
+
+Using an empty string literal used to be the only way to express a boolean.
+For all new code please use the much more readable
+L<-bool|/Unary operators: bool> operator.
+
+=back
+
+=head2 Conclusion
These pages could go on for a while, since the nesting of the data
structures this module can handle are pretty much unlimited (the
dynamically-generating SQL and could just hardwire it into your
script.
+=head1 ORDER BY CLAUSES
+
+Some functions take an order by clause. This can either be a scalar (just a
+column name), a hashref of C<< { -desc => 'col' } >> or C<< { -asc => 'col' }
+>>, a scalarref, an arrayref-ref, or an arrayref of any of the previous
+forms. Examples:
+
+ Given | Will Generate
+ ---------------------------------------------------------------
+ |
+ 'colA' | ORDER BY colA
+ |
+ [qw/colA colB/] | ORDER BY colA, colB
+ |
+ {-asc => 'colA'} | ORDER BY colA ASC
+ |
+ {-desc => 'colB'} | ORDER BY colB DESC
+ |
+ ['colA', {-asc => 'colB'}] | ORDER BY colA, colB ASC
+ |
+ { -asc => [qw/colA colB/] } | ORDER BY colA ASC, colB ASC
+ |
+ \'colA DESC' | ORDER BY colA DESC
+ |
+ \[ 'FUNC(colA, ?)', $x ] | ORDER BY FUNC(colA, ?)
+ | /* ...with $x bound to ? */
+ |
+ [ | ORDER BY
+ { -asc => 'colA' }, | colA ASC,
+ { -desc => [qw/colB/] }, | colB DESC,
+ { -asc => [qw/colC colD/] },| colC ASC, colD ASC,
+ \'colE DESC', | colE DESC,
+ \[ 'FUNC(colF, ?)', $x ], | FUNC(colF, ?)
+ ] | /* ...with $x bound to ? */
+ ===============================================================
+
+
+
+=head1 SPECIAL OPERATORS
+
+ my $sqlmaker = SQL::Abstract->new(special_ops => [
+ {
+ regex => qr/.../,
+ handler => sub {
+ my ($self, $field, $op, $arg) = @_;
+ ...
+ },
+ },
+ {
+ regex => qr/.../,
+ handler => 'method_name',
+ },
+ ]);
+
+A "special operator" is a SQL syntactic clause that can be
+applied to a field, instead of a usual binary operator.
+For example:
+
+ WHERE field IN (?, ?, ?)
+ WHERE field BETWEEN ? AND ?
+ WHERE MATCH(field) AGAINST (?, ?)
+
+Special operators IN and BETWEEN are fairly standard and therefore
+are builtin within C<SQL::Abstract> (as the overridable methods
+C<_where_field_IN> and C<_where_field_BETWEEN>). For other operators,
+like the MATCH .. AGAINST example above which is specific to MySQL,
+you can write your own operator handlers - supply a C<special_ops>
+argument to the C<new> method. That argument takes an arrayref of
+operator definitions; each operator definition is a hashref with two
+entries:
+
+=over
+
+=item regex
+
+the regular expression to match the operator
+
+=item handler
+
+Either a coderef or a plain scalar method name. In both cases
+the expected return is C<< ($sql, @bind) >>.
+
+When supplied with a method name, it is simply called on the
+L<SQL::Abstract> object as:
+
+ $self->$method_name($field, $op, $arg)
+
+ Where:
+
+ $field is the LHS of the operator
+ $op is the part that matched the handler regex
+ $arg is the RHS
+
+When supplied with a coderef, it is called as:
+
+ $coderef->($self, $field, $op, $arg)
+
+
+=back
+
+For example, here is an implementation
+of the MATCH .. AGAINST syntax for MySQL
+
+ my $sqlmaker = SQL::Abstract->new(special_ops => [
+
+ # special op for MySql MATCH (field) AGAINST(word1, word2, ...)
+ {regex => qr/^match$/i,
+ handler => sub {
+ my ($self, $field, $op, $arg) = @_;
+ $arg = [$arg] if not ref $arg;
+ my $label = $self->_quote($field);
+ my ($placeholder) = $self->_convert('?');
+ my $placeholders = join ", ", (($placeholder) x @$arg);
+ my $sql = $self->_sqlcase('match') . " ($label) "
+ . $self->_sqlcase('against') . " ($placeholders) ";
+ my @bind = $self->_bindtype($field, @$arg);
+ return ($sql, @bind);
+ }
+ },
+
+ ]);
+
+
+=head1 UNARY OPERATORS
+
+ my $sqlmaker = SQL::Abstract->new(unary_ops => [
+ {
+ regex => qr/.../,
+ handler => sub {
+ my ($self, $op, $arg) = @_;
+ ...
+ },
+ },
+ {
+ regex => qr/.../,
+ handler => 'method_name',
+ },
+ ]);
+
+A "unary operator" is a SQL syntactic clause that can be
+applied to a field - the operator goes before the field
+
+You can write your own operator handlers - supply a C<unary_ops>
+argument to the C<new> method. That argument takes an arrayref of
+operator definitions; each operator definition is a hashref with two
+entries:
+
+=over
+
+=item regex
+
+the regular expression to match the operator
+
+=item handler
+
+Either a coderef or a plain scalar method name. In both cases
+the expected return is C<< $sql >>.
+
+When supplied with a method name, it is simply called on the
+L<SQL::Abstract> object as:
+
+ $self->$method_name($op, $arg)
+
+ Where:
+
+ $op is the part that matched the handler regex
+ $arg is the RHS or argument of the operator
+
+When supplied with a coderef, it is called as:
+
+ $coderef->($self, $op, $arg)
+
+
+=back
+
+
=head1 PERFORMANCE
Thanks to some benchmarking by Mark Stosberg, it turns out that
around. On subsequent queries, simply use the C<values> function provided
by this module to return your values in the correct order.
+However this depends on the values having the same type - if, for
+example, the values of a where clause may either have values
+(resulting in sql of the form C<column = ?> with a single bind
+value), or alternatively the values might be C<undef> (resulting in
+sql of the form C<column IS NULL> with no bind value) then the
+caching technique suggested will not work.
+
=head1 FORMBUILDER
If you use my C<CGI::FormBuilder> module at all, you'll hopefully
#!/usr/bin/perl
+ use warnings;
+ use strict;
+
use CGI::FormBuilder;
use SQL::Abstract;
table, the actual query script can be extremely simplistic.
If you're B<REALLY> lazy (I am), check out C<HTML::QuickTable> for
-a fast interface to returning and formatting data. I frequently
+a fast interface to returning and formatting data. I frequently
use these three modules together to write complex database query
apps in under 50 lines.
-=head1 NOTES
+=head1 HOW TO CONTRIBUTE
-There is not (yet) any explicit support for SQL compound logic
-statements like "AND NOT". Instead, just do the de Morgan's
-law transformations yourself. For example, this:
+Contributions are always welcome, in all usable forms (we especially
+welcome documentation improvements). The delivery methods include git-
+or unified-diff formatted patches, GitHub pull requests, or plain bug
+reports either via RT or the Mailing list. Contributors are generally
+granted full access to the official repository after their first several
+patches pass successful review.
- "lname LIKE '%son%' AND NOT ( age < 10 OR age > 20 )"
+This project is maintained in a git repository. The code and related tools are
+accessible at the following locations:
-Becomes:
+=over
- "lname LIKE '%son%' AND ( age >= 10 AND age <= 20 )"
+=item * Official repo: L<git://git.shadowcat.co.uk/dbsrgits/SQL-Abstract.git>
-With the corresponding C<%where> hash:
+=item * Official gitweb: L<http://git.shadowcat.co.uk/gitweb/gitweb.cgi?p=dbsrgits/SQL-Abstract.git>
- %where = (
- lname => {like => '%son%'},
- age => [-and => {'>=', 10}, {'<=', 20}],
- );
+=item * GitHub mirror: L<https://github.com/dbsrgits/sql-abstract>
+
+=item * Authorized committers: L<ssh://dbsrgits@git.shadowcat.co.uk/SQL-Abstract.git>
+
+=back
+
+=head1 CHANGES
+
+Version 1.50 was a major internal refactoring of C<SQL::Abstract>.
+Great care has been taken to preserve the I<published> behavior
+documented in previous versions in the 1.* family; however,
+some features that were previously undocumented, or behaved
+differently from the documentation, had to be changed in order
+to clarify the semantics. Hence, client code that was relying
+on some dark areas of C<SQL::Abstract> v1.*
+B<might behave differently> in v1.50.
+
+The main changes are:
+
+=over
+
+=item *
+
+support for literal SQL through the C<< \ [ $sql, @bind ] >> syntax.
+
+=item *
+
+support for the { operator => \"..." } construct (to embed literal SQL)
+
+=item *
+
+support for the { operator => \["...", @bind] } construct (to embed literal SQL with bind values)
+
+=item *
+
+optional support for L<array datatypes|/"Inserting and Updating Arrays">
+
+=item *
+
+defensive programming: check arguments
-Again, remember that the C<-and> goes I<inside> the arrayref.
+=item *
+
+fixed bug with global logic, which was previously implemented
+through global variables yielding side-effects. Prior versions would
+interpret C<< [ {cond1, cond2}, [cond3, cond4] ] >>
+as C<< "(cond1 AND cond2) OR (cond3 AND cond4)" >>.
+Now this is interpreted
+as C<< "(cond1 AND cond2) OR (cond3 OR cond4)" >>.
+
+
+=item *
+
+fixed semantics of _bindtype on array args
+
+=item *
+
+dropped the C<_anoncopy> of the %where tree. No longer necessary,
+we just avoid shifting arrays within that tree.
+
+=item *
+
+dropped the C<_modlogic> function
+
+=back
=head1 ACKNOWLEDGEMENTS
this module. Unfortunately, most of them submitted bugs via CPAN
so I have no idea who they are! But the people I do know are:
+ Ash Berlin (order_by hash term support)
+ Matt Trout (DBIx::Class support)
Mark Stosberg (benchmarking)
Chas Owens (initial "IN" operator support)
Philip Collins (per-field SQL functions)
Eric Kolve (hashref "AND" support)
Mike Fragassi (enhancements to "BETWEEN" and "LIKE")
Dan Kubb (support for "quote_char" and "name_sep")
+ Guillermo Roditi (patch to cleanup "IN" and "BETWEEN", fix and tests for _order_by)
+ Laurent Dami (internal refactoring, extensible list of special operators, literal SQL)
+ Norbert Buchmuller (support for literal SQL in hashpair, misc. fixes & tests)
+ Peter Rabbitson (rewrite of SQLA::Test, misc. fixes & tests)
+ Oliver Charles (support for "RETURNING" after "INSERT")
Thanks!
-=head1 BUGS
-
-If found, please DO NOT submit anything via C<rt.cpan.org> - that
-just causes me a ton of work. Email me a patch (or script demonstrating
-the problem) to the below address, and include the VERSION string you'll
-be seeing shortly.
-
=head1 SEE ALSO
-L<DBIx::Abstract>, L<DBI|DBI>, L<CGI::FormBuilder>, L<HTML::QuickTable>
+L<DBIx::Class>, L<DBIx::Abstract>, L<CGI::FormBuilder>, L<HTML::QuickTable>.
-=head1 VERSION
+=head1 AUTHOR
-1.22
+Copyright (c) 2001-2007 Nathan Wiger <nwiger@cpan.org>. All Rights Reserved.
-=head1 AUTHOR
+This module is actively maintained by Matt Trout <mst@shadowcatsystems.co.uk>
-Copyright (c) 2001-2006 Nathan Wiger <nate@wiger.org>. All Rights Reserved.
+For support, your best bet is to try the C<DBIx::Class> users mailing list.
+While not an official support venue, C<DBIx::Class> makes heavy use of
+C<SQL::Abstract>, and as such list members there are very familiar with
+how to create queries.
-This module is free software; you may copy this under the terms of
-the GNU General Public License, or the Artistic License, copies of
-which should have accompanied your Perl kit.
+=head1 LICENSE
-=cut
+This module is free software; you may copy this under the same
+terms as perl itself (either the GNU General Public License or
+the Artistic License)
+=cut
projects / dbsrgits/SQL-Abstract.git / blobdiff