projects / scpubgit/Q-Branch.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | history | HEAD
cleaner DBIC detection and compat
[scpubgit/Q-Branch.git] / lib / SQL / Abstract.pm
CommitLineData
96449e8e 1package SQL::Abstract; # see doc at end of file
2
96449e8e 3use strict;
4use warnings;
9d9d5bd6 5use Carp ();
312d830b 6use List::Util ();
7use Scalar::Util ();
96449e8e 8
0da0fe34 9use Exporter 'import';
10our @EXPORT_OK = qw(is_plain_value is_literal_value);
11
12BEGIN {
13 if ($] < 5.009_005) {
14 require MRO::Compat;
15 }
16 else {
17 require mro;
18 }
843a94b5 19
20 *SQL::Abstract::_ENV_::DETECT_AUTOGENERATED_STRINGIFICATION = $ENV{SQLA_ISVALUE_IGNORE_AUTOGENERATED_STRINGIFICATION}
21 ? sub () { 0 }
22 : sub () { 1 }
23 ;
0da0fe34 24}
25
96449e8e 26#======================================================================
27# GLOBALS
28#======================================================================
29
dc6afcf8 30our $VERSION = '1.86';
7479e27e 31
22f1a437 32# This would confuse some packagers
c520207b 33$VERSION = eval $VERSION if $VERSION =~ /_/; # numify for warning-free dev releases
96449e8e 34
35our $AUTOLOAD;
36
37# special operators (-in, -between). May be extended/overridden by user.
38# See section WHERE: BUILTIN SPECIAL OPERATORS below for implementation
39my @BUILTIN_SPECIAL_OPS = (
f663e672 40 {regex => qr/^ (?: not \s )? between $/ix, handler => sub { die "NOPE" }},
41 {regex => qr/^ (?: not \s )? in $/ix, handler => sub { die "NOPE" }},
87c8e45b 42 {regex => qr/^ is (?: \s+ not )? $/ix, handler => sub { die "NOPE" }},
96449e8e 43);
44
45#======================================================================
46# DEBUGGING AND ERROR REPORTING
47#======================================================================
48
49sub _debug {
50 return unless $_[0]->{debug}; shift; # a little faster
51 my $func = (caller(1))[3];
52 warn "[$func] ", @_, "\n";
53}
54
55sub belch (@) {
56 my($func) = (caller(1))[3];
9d9d5bd6 57 Carp::carp "[$func] Warning: ", @_;
96449e8e 58}
59
60sub puke (@) {
61 my($func) = (caller(1))[3];
9d9d5bd6 62 Carp::croak "[$func] Fatal: ", @_;
96449e8e 63}
64
0da0fe34 65sub is_literal_value ($) {
66 ref $_[0] eq 'SCALAR' ? [ ${$_[0]} ]
67 : ( ref $_[0] eq 'REF' and ref ${$_[0]} eq 'ARRAY' ) ? [ @${ $_[0] } ]
0da0fe34 68 : undef;
69}
70
71# FIXME XSify - this can be done so much more efficiently
72sub is_plain_value ($) {
73 no strict 'refs';
966200cc 74 ! length ref $_[0] ? \($_[0])
0da0fe34 75 : (
76 ref $_[0] eq 'HASH' and keys %{$_[0]} == 1
77 and
78 exists $_[0]->{-value}
966200cc 79 ) ? \($_[0]->{-value})
0da0fe34 80 : (
a1c9e0ff 81 # reuse @_ for even moar speedz
82 defined ( $_[1] = Scalar::Util::blessed $_[0] )
0da0fe34 83 and
84 # deliberately not using Devel::OverloadInfo - the checks we are
85 # intersted in are much more limited than the fullblown thing, and
86 # this is a very hot piece of code
87 (
e8d729d4 88 # simply using ->can('(""') can leave behind stub methods that
89 # break actually using the overload later (see L<perldiag/Stub
90 # found while resolving method "%s" overloading "%s" in package
91 # "%s"> and the source of overload::mycan())
44e54b41 92 #
0da0fe34 93 # either has stringification which DBI SHOULD prefer out of the box
a1c9e0ff 94 grep { *{ (qq[${_}::(""]) }{CODE} } @{ $_[2] = mro::get_linear_isa( $_[1] ) }
0da0fe34 95 or
20e178a8 96 # has nummification or boolification, AND fallback is *not* disabled
0da0fe34 97 (
843a94b5 98 SQL::Abstract::_ENV_::DETECT_AUTOGENERATED_STRINGIFICATION
99 and
20e178a8 100 (
101 grep { *{"${_}::(0+"}{CODE} } @{$_[2]}
102 or
103 grep { *{"${_}::(bool"}{CODE} } @{$_[2]}
104 )
0da0fe34 105 and
106 (
107 # no fallback specified at all
a1c9e0ff 108 ! ( ($_[3]) = grep { *{"${_}::()"}{CODE} } @{$_[2]} )
0da0fe34 109 or
110 # fallback explicitly undef
a1c9e0ff 111 ! defined ${"$_[3]::()"}
0da0fe34 112 or
113 # explicitly true
a1c9e0ff 114 !! ${"$_[3]::()"}
0da0fe34 115 )
116 )
117 )
966200cc 118 ) ? \($_[0])
0da0fe34 119 : undef;
120}
121
122
96449e8e 123
124#======================================================================
125# NEW
126#======================================================================
127
128sub new {
129 my $self = shift;
130 my $class = ref($self) || $self;
131 my %opt = (ref $_[0] eq 'HASH') ? %{$_[0]} : @_;
132
133 # choose our case by keeping an option around
134 delete $opt{case} if $opt{case} && $opt{case} ne 'lower';
135
136 # default logic for interpreting arrayrefs
ef559da3 137 $opt{logic} = $opt{logic} ? uc $opt{logic} : 'OR';
96449e8e 138
139 # how to return bind vars
96449e8e 140 $opt{bindtype} ||= 'normal';
141
142 # default comparison is "=", but can be overridden
143 $opt{cmp} ||= '=';
144
3af02ccb 145 # try to recognize which are the 'equality' and 'inequality' ops
3cdadcbe 146 # (temporary quickfix (in 2007), should go through a more seasoned API)
147 $opt{equality_op} = qr/^( \Q$opt{cmp}\E | \= )$/ix;
148 $opt{inequality_op} = qr/^( != | <> )$/ix;
149
150 $opt{like_op} = qr/^ (is\s+)? r?like $/xi;
151 $opt{not_like_op} = qr/^ (is\s+)? not \s+ r?like $/xi;
96449e8e 152
153 # SQL booleans
154 $opt{sqltrue} ||= '1=1';
155 $opt{sqlfalse} ||= '0=1';
156
9d48860e 157 # special operators
30af97c5 158 $opt{special_ops} ||= [];
159
b6251592 160 # regexes are applied in order, thus push after user-defines
96449e8e 161 push @{$opt{special_ops}}, @BUILTIN_SPECIAL_OPS;
162
cf06e9dc 163 if ($class->isa('DBIx::Class::SQLMaker')) {
dd1d0dbf 164 push @{$opt{special_ops}}, our $DBIC_Compat_Op ||= {
165 regex => qr/^(?:ident|value)$/i, handler => sub { die "NOPE" }
166 };
cf06e9dc 167 $opt{is_dbic_sqlmaker} = 1;
dd1d0dbf 168 }
169
9d48860e 170 # unary operators
59f23b3d 171 $opt{unary_ops} ||= [];
59f23b3d 172
3af02ccb 173 # rudimentary sanity-check for user supplied bits treated as functions/operators
b6251592 174 # If a purported function matches this regular expression, an exception is thrown.
175 # Literal SQL is *NOT* subject to this check, only functions (and column names
176 # when quoting is not in effect)
96449e8e 177
b6251592 178 # FIXME
179 # need to guard against ()'s in column names too, but this will break tons of
180 # hacks... ideas anyone?
181 $opt{injection_guard} ||= qr/
182 \;
183 |
184 ^ \s* go \s
185 /xmi;
96449e8e 186
b07681b1 187 $opt{node_types} = +{
188 map +("-$_" => '_render_'.$_),
189 qw(op func value bind ident literal)
190 };
191
ec19b759 192 $opt{expand_unary} = {};
193
b6251592 194 return bless \%opt, $class;
195}
96449e8e 196
e175845b 197sub sqltrue { +{ -literal => [ $_[0]->{sqltrue} ] } }
198sub sqlfalse { +{ -literal => [ $_[0]->{sqlfalse} ] } }
170e6c33 199
200sub _assert_pass_injection_guard {
201 if ($_[1] =~ $_[0]->{injection_guard}) {
202 my $class = ref $_[0];
203 puke "Possible SQL injection attempt '$_[1]'. If this is indeed a part of the "
204 . "desired SQL use literal SQL ( \'...' or \[ '...' ] ) or supply your own "
205 . "{injection_guard} attribute to ${class}->new()"
206 }
207}
208
209
96449e8e 210#======================================================================
211# INSERT methods
212#======================================================================
213
214sub insert {
02288357 215 my $self = shift;
216 my $table = $self->_table(shift);
217 my $data = shift || return;
218 my $options = shift;
96449e8e 219
220 my $method = $self->_METHOD_FOR_refkind("_insert", $data);
02288357 221 my ($sql, @bind) = $self->$method($data);
96449e8e 222 $sql = join " ", $self->_sqlcase('insert into'), $table, $sql;
02288357 223
e82e648a 224 if ($options->{returning}) {
ca4f826a 225 my ($s, @b) = $self->_insert_returning($options);
e82e648a 226 $sql .= $s;
227 push @bind, @b;
02288357 228 }
229
96449e8e 230 return wantarray ? ($sql, @bind) : $sql;
231}
232
60f3fd3f 233# So that subclasses can override INSERT ... RETURNING separately from
234# UPDATE and DELETE (e.g. DBIx::Class::SQLMaker::Oracle does this)
b17a3ece 235sub _insert_returning { shift->_returning(@_) }
236
95904db5 237sub _returning {
e82e648a 238 my ($self, $options) = @_;
6b1fe79d 239
e82e648a 240 my $f = $options->{returning};
241
ff96fdd4 242 my ($sql, @bind) = $self->_render_expr(
243 $self->_expand_maybe_list_expr($f, undef, -ident)
244 );
245 return wantarray
246 ? $self->_sqlcase(' returning ') . $sql
247 : ($self->_sqlcase(' returning ').$sql, @bind);
6b1fe79d 248}
249
96449e8e 250sub _insert_HASHREF { # explicit list of fields and then values
251 my ($self, $data) = @_;
252
253 my @fields = sort keys %$data;
254
fe3ae272 255 my ($sql, @bind) = $self->_insert_values($data);
96449e8e 256
257 # assemble SQL
258 $_ = $self->_quote($_) foreach @fields;
259 $sql = "( ".join(", ", @fields).") ".$sql;
260
261 return ($sql, @bind);
262}
263
264sub _insert_ARRAYREF { # just generate values(?,?) part (no list of fields)
265 my ($self, $data) = @_;
266
267 # no names (arrayref) so can't generate bindtype
268 $self->{bindtype} ne 'columns'
269 or belch "can't do 'columns' bindtype when called with arrayref";
270
19b6ccce 271 my (@values, @all_bind);
272 foreach my $value (@$data) {
273 my ($values, @bind) = $self->_insert_value(undef, $value);
274 push @values, $values;
275 push @all_bind, @bind;
276 }
277 my $sql = $self->_sqlcase('values')." ( ".join(", ", @values)." )";
278 return ($sql, @all_bind);
fe3ae272 279}
280
281sub _insert_ARRAYREFREF { # literal SQL with bind
282 my ($self, $data) = @_;
283
284 my ($sql, @bind) = @${$data};
285 $self->_assert_bindval_matches_bindtype(@bind);
286
287 return ($sql, @bind);
288}
289
290
291sub _insert_SCALARREF { # literal SQL without bind
292 my ($self, $data) = @_;
293
294 return ($$data);
295}
296
297sub _insert_values {
298 my ($self, $data) = @_;
299
96449e8e 300 my (@values, @all_bind);
fe3ae272 301 foreach my $column (sort keys %$data) {
19b6ccce 302 my ($values, @bind) = $self->_insert_value($column, $data->{$column});
303 push @values, $values;
304 push @all_bind, @bind;
305 }
306 my $sql = $self->_sqlcase('values')." ( ".join(", ", @values)." )";
307 return ($sql, @all_bind);
308}
96449e8e 309
19b6ccce 310sub _insert_value {
311 my ($self, $column, $v) = @_;
96449e8e 312
720ca4f7 313 return $self->_render_expr(
314 $self->_expand_insert_value($column, $v)
315 );
316}
96449e8e 317
720ca4f7 318sub _expand_insert_value {
319 my ($self, $column, $v) = @_;
96449e8e 320
720ca4f7 321 if (ref($v) eq 'ARRAY') {
322 if ($self->{array_datatypes}) {
323 return +{ -bind => [ $column, $v ] };
324 }
325 my ($sql, @bind) = @$v;
326 $self->_assert_bindval_matches_bindtype(@bind);
327 return +{ -literal => $v };
328 }
329 if (ref($v) eq 'HASH') {
330 if (grep !/^-/, keys %$v) {
331 belch "HASH ref as bind value in insert is not supported";
332 return +{ -bind => [ $column, $v ] };
333 }
334 }
335 if (!defined($v)) {
336 return +{ -bind => [ $column, undef ] };
337 }
338 local our $Cur_Col_Meta = $column;
339 return $self->_expand_expr($v);
96449e8e 340}
341
342
96449e8e 343
344#======================================================================
345# UPDATE methods
346#======================================================================
347
348
349sub update {
95904db5 350 my $self = shift;
351 my $table = $self->_table(shift);
352 my $data = shift || return;
353 my $where = shift;
354 my $options = shift;
96449e8e 355
356 # first build the 'SET' part of the sql statement
96449e8e 357 puke "Unsupported data type specified to \$sql->update"
358 unless ref $data eq 'HASH';
359
9ade906e 360 my ($sql, @all_bind) = $self->_update_set_values($data);
a9e94508 361 $sql = $self->_sqlcase('update ') . $table . $self->_sqlcase(' set ')
9ade906e 362 . $sql;
363
364 if ($where) {
365 my($where_sql, @where_bind) = $self->where($where);
366 $sql .= $where_sql;
367 push @all_bind, @where_bind;
368 }
369
370 if ($options->{returning}) {
371 my ($returning_sql, @returning_bind) = $self->_update_returning($options);
372 $sql .= $returning_sql;
373 push @all_bind, @returning_bind;
374 }
375
376 return wantarray ? ($sql, @all_bind) : $sql;
377}
378
379sub _update_set_values {
380 my ($self, $data) = @_;
381
89690da2 382 return $self->_render_expr(
383 $self->_expand_update_set_values($data),
384 );
385}
96449e8e 386
89690da2 387sub _expand_update_set_values {
388 my ($self, $data) = @_;
389 $self->_expand_maybe_list_expr( [
390 map {
391 my ($k, $set) = @$_;
c4ed66f4 392 $set = { -bind => $_ } unless defined $set;
89690da2 393 +{ -op => [ '=', { -ident => $k }, $set ] };
394 }
395 map {
396 my $k = $_;
397 my $v = $data->{$k};
398 (ref($v) eq 'ARRAY'
399 ? ($self->{array_datatypes}
400 ? [ $k, +{ -bind => [ $k, $v ] } ]
401 : [ $k, +{ -literal => $v } ])
402 : do {
403 local our $Cur_Col_Meta = $k;
404 [ $k, $self->_expand_expr($v) ]
405 }
406 );
407 } sort keys %$data
408 ] );
96449e8e 409}
410
60f3fd3f 411# So that subclasses can override UPDATE ... RETURNING separately from
412# INSERT and DELETE
20bb2ad5 413sub _update_returning { shift->_returning(@_) }
96449e8e 414
415
416
417#======================================================================
418# SELECT
419#======================================================================
420
421
422sub select {
423 my $self = shift;
424 my $table = $self->_table(shift);
425 my $fields = shift || '*';
426 my $where = shift;
427 my $order = shift;
428
daa4ccdd 429 my ($fields_sql, @bind) = $self->_select_fields($fields);
96449e8e 430
daa4ccdd 431 my ($where_sql, @where_bind) = $self->where($where, $order);
432 push @bind, @where_bind;
433
434 my $sql = join(' ', $self->_sqlcase('select'), $fields_sql,
96449e8e 435 $self->_sqlcase('from'), $table)
436 . $where_sql;
437
9d48860e 438 return wantarray ? ($sql, @bind) : $sql;
96449e8e 439}
440
daa4ccdd 441sub _select_fields {
442 my ($self, $fields) = @_;
de63ce57 443 return $fields unless ref($fields);
27592e2b 444 return $self->_render_expr(
445 $self->_expand_maybe_list_expr($fields, undef, '-ident')
446 );
daa4ccdd 447}
448
96449e8e 449#======================================================================
450# DELETE
451#======================================================================
452
453
454sub delete {
85327cd5 455 my $self = shift;
456 my $table = $self->_table(shift);
457 my $where = shift;
458 my $options = shift;
96449e8e 459
460 my($where_sql, @bind) = $self->where($where);
a9e94508 461 my $sql = $self->_sqlcase('delete from ') . $table . $where_sql;
96449e8e 462
85327cd5 463 if ($options->{returning}) {
ca4f826a 464 my ($returning_sql, @returning_bind) = $self->_delete_returning($options);
85327cd5 465 $sql .= $returning_sql;
466 push @bind, @returning_bind;
467 }
468
9d48860e 469 return wantarray ? ($sql, @bind) : $sql;
96449e8e 470}
471
60f3fd3f 472# So that subclasses can override DELETE ... RETURNING separately from
473# INSERT and UPDATE
85327cd5 474sub _delete_returning { shift->_returning(@_) }
475
476
96449e8e 477
478#======================================================================
479# WHERE: entry point
480#======================================================================
481
482
483
484# Finally, a separate routine just to handle WHERE clauses
485sub where {
486 my ($self, $where, $order) = @_;
487
7ad12721 488 local $self->{convert_where} = $self->{convert};
489
96449e8e 490 # where ?
e175845b 491 my ($sql, @bind) = defined($where)
492 ? $self->_recurse_where($where)
493 : (undef);
417dd15e 494 $sql = (defined $sql and length $sql) ? $self->_sqlcase(' where ') . "( $sql )" : '';
96449e8e 495
496 # order by?
497 if ($order) {
26fe4d30 498 my ($order_sql, @order_bind) = $self->_order_by($order);
499 $sql .= $order_sql;
500 push @bind, @order_bind;
96449e8e 501 }
502
9d48860e 503 return wantarray ? ($sql, @bind) : $sql;
96449e8e 504}
505
a2cd381d 506sub _expand_expr {
2558b622 507 my ($self, $expr, $logic, $default_scalar_to) = @_;
508 local our $Default_Scalar_To = $default_scalar_to if $default_scalar_to;
3ae10d16 509 our $Expand_Depth ||= 0; local $Expand_Depth = $Expand_Depth + 1;
252518da 510 return undef unless defined($expr);
59588695 511 if (ref($expr) eq 'HASH') {
512 if (keys %$expr > 1) {
513 $logic ||= 'and';
77617257 514 return +{ -op => [
515 $logic,
59588695 516 map $self->_expand_expr_hashpair($_ => $expr->{$_}, $logic),
517 sort keys %$expr
518 ] };
519 }
1c0c0f41 520 return { -literal => [ '' ] } unless keys %$expr;
59588695 521 return $self->_expand_expr_hashpair(%$expr, $logic);
a2cd381d 522 }
08264f40 523 if (ref($expr) eq 'ARRAY') {
99a65fa8 524 my $logic = lc($logic || $self->{logic});
08264f40 525 $logic eq 'and' or $logic eq 'or' or puke "unknown logic: $logic";
526
1c0c0f41 527 #my @expr = @$expr;
528 my @expr = grep {
529 (ref($_) eq 'ARRAY' and @$_)
530 or (ref($_) eq 'HASH' and %$_)
531 or 1
532 } @$expr;
08264f40 533
534 my @res;
535
536 while (my ($el) = splice @expr, 0, 1) {
537 puke "Supplying an empty left hand side argument is not supported in array-pairs"
538 unless defined($el) and length($el);
539 my $elref = ref($el);
540 if (!$elref) {
dd1d0dbf 541 local $Expand_Depth = 0;
08264f40 542 push(@res, $self->_expand_expr({ $el, shift(@expr) }));
543 } elsif ($elref eq 'ARRAY') {
544 push(@res, $self->_expand_expr($el)) if @$el;
ec857800 545 } elsif (my $l = is_literal_value($el)) {
546 push @res, { -literal => $l };
08264f40 547 } elsif ($elref eq 'HASH') {
dd1d0dbf 548 local $Expand_Depth = 0;
1b630cfe 549 push @res, $self->_expand_expr($el) if %$el;
08264f40 550 } else {
da4a0964 551 die "notreached";
08264f40 552 }
553 }
2143604f 554 return { -op => [ $logic, @res ] };
08264f40 555 }
ca3da680 556 if (my $literal = is_literal_value($expr)) {
557 return +{ -literal => $literal };
558 }
99a65fa8 559 if (!ref($expr) or Scalar::Util::blessed($expr)) {
2558b622 560 if (my $d = $Default_Scalar_To) {
561 return +{ $d => $expr };
562 }
99a65fa8 563 if (my $m = our $Cur_Col_Meta) {
564 return +{ -bind => [ $m, $expr ] };
565 }
252518da 566 return +{ -value => $expr };
567 }
252518da 568 die "notreached";
a2cd381d 569}
96449e8e 570
59588695 571sub _expand_expr_hashpair {
572 my ($self, $k, $v, $logic) = @_;
d13725da 573 unless (defined($k) and length($k)) {
2d64004f 574 if (defined($k) and my $literal = is_literal_value($v)) {
d13725da 575 belch 'Hash-pairs consisting of an empty string with a literal are deprecated, and will be removed in 2.0: use -and => [ $literal ] instead';
2d64004f 576 return { -literal => $literal };
d13725da 577 }
578 puke "Supplying an empty left hand side argument is not supported";
579 }
ef071fad 580 if ($k =~ /^-/) {
99a65fa8 581 $self->_assert_pass_injection_guard($k =~ /^-(.*)$/s);
582 if ($k =~ s/ [_\s]? \d+ $//x ) {
583 belch 'Use of [and|or|nest]_N modifiers is deprecated and will be removed in SQLA v2.0. '
584 . "You probably wanted ...-and => [ $k => COND1, $k => COND2 ... ]";
585 }
ef071fad 586 if ($k eq '-nest') {
0fc68377 587 # DBIx::Class requires a nest warning to be emitted once but the private
588 # method it overrode to do so no longer exists
cf06e9dc 589 if ($self->{is_dbic_sqlmaker}) {
590 unless (our $Nest_Warned) {
0fc68377 591 belch(
592 "-nest in search conditions is deprecated, you most probably wanted:\n"
593 .q|{..., -and => [ \%cond0, \@cond1, \'cond2', \[ 'cond3', [ col => bind ] ], etc. ], ... }|
594 );
595 $Nest_Warned = 1;
596 }
597 }
ef071fad 598 return $self->_expand_expr($v);
599 }
6ab1562a 600 if ($k eq '-bool') {
601 if (ref($v)) {
602 return $self->_expand_expr($v);
603 }
604 puke "-bool => undef not supported" unless defined($v);
605 return { -ident => $v };
606 }
99a65fa8 607 if ($k eq '-not') {
0c7e3af0 608 return { -op => [ 'not', $self->_expand_expr($v) ] };
99a65fa8 609 }
ce3bc4b0 610 if (my ($rest) = $k =~/^-not[_ ](.*)$/) {
0c7e3af0 611 return +{ -op => [
612 'not',
99a65fa8 613 $self->_expand_expr_hashpair("-${rest}", $v, $logic)
0c7e3af0 614 ] };
ce3bc4b0 615 }
99a65fa8 616 if (my ($logic) = $k =~ /^-(and|or)$/i) {
dd2d5bf7 617 if (ref($v) eq 'HASH') {
618 return $self->_expand_expr($v, $logic);
619 }
99a65fa8 620 if (ref($v) eq 'ARRAY') {
621 return $self->_expand_expr($v, $logic);
622 }
dd2d5bf7 623 }
99a65fa8 624 {
625 my $op = $k;
626 $op =~ s/^-// if length($op) > 1;
627
628 # top level special ops are illegal in general
3ae10d16 629 # note that, arguably, if it makes no sense at top level, it also
630 # makes no sense on the other side of an = sign or similar but DBIC
631 # gets disappointingly upset if I disallow it
632 if (
633 (our $Expand_Depth) == 1
634 and List::Util::first { $op =~ $_->{regex} } @{$self->{special_ops}}
635 ) {
636 puke "Illegal use of top-level '-$op'"
637 }
96a8d74a 638 if (my $us = List::Util::first { $op =~ $_->{regex} } @{$self->{unary_ops}}) {
639 return { -op => [ $op, $v ] };
640 }
99a65fa8 641 }
642 if ($k eq '-value' and my $m = our $Cur_Col_Meta) {
643 return +{ -bind => [ $m, $v ] };
644 }
ec19b759 645 if (my $custom = $self->{expand_unary}{$k}) {
646 return $self->$custom($v);
647 }
b07681b1 648 if ($self->{node_types}{$k}) {
99a65fa8 649 return { $k => $v };
d13725da 650 }
711892b1 651 if (
652 ref($v) eq 'HASH'
653 and keys %$v == 1
654 and (keys %$v)[0] =~ /^-/
655 ) {
656 my ($func) = $k =~ /^-(.*)$/;
3ae10d16 657 if (List::Util::first { $func =~ $_->{regex} } @{$self->{special_ops}}) {
658 return +{ -op => [ $func, $self->_expand_expr($v) ] };
659 }
711892b1 660 return +{ -func => [ $func, $self->_expand_expr($v) ] };
661 }
662 if (!ref($v) or is_literal_value($v)) {
99a65fa8 663 return +{ -op => [ $k =~ /^-(.*)$/, $self->_expand_expr($v) ] };
59588695 664 }
99a65fa8 665 }
666 if (
667 !defined($v)
668 or (
669 ref($v) eq 'HASH'
670 and exists $v->{-value}
671 and not defined $v->{-value}
672 )
673 ) {
674 return $self->_expand_expr_hashpair($k => { $self->{cmp} => undef });
675 }
676 if (!ref($v) or Scalar::Util::blessed($v)) {
ec19b759 677 my $d = our $Default_Scalar_To;
99a65fa8 678 return +{
679 -op => [
680 $self->{cmp},
681 { -ident => $k },
ec19b759 682 ($d ? { $d => $v } : { -bind => [ $k, $v ] })
99a65fa8 683 ]
684 };
685 }
686 if (ref($v) eq 'HASH') {
687 if (keys %$v > 1) {
e175845b 688 return { -op => [
689 'and',
99a65fa8 690 map $self->_expand_expr_hashpair($k => { $_ => $v->{$_} }),
691 sort keys %$v
692 ] };
693 }
dd1d0dbf 694 return { -literal => [ '' ] } unless keys %$v;
99a65fa8 695 my ($vk, $vv) = %$v;
696 $vk =~ s/^-//;
697 $vk = lc($vk);
698 $self->_assert_pass_injection_guard($vk);
699 if ($vk =~ s/ [_\s]? \d+ $//x ) {
700 belch 'Use of [and|or|nest]_N modifiers is deprecated and will be removed in SQLA v2.0. '
701 . "You probably wanted ...-and => [ -$vk => COND1, -$vk => COND2 ... ]";
702 }
703 if ($vk =~ /^(?:not[ _])?between$/) {
704 local our $Cur_Col_Meta = $k;
705 my @rhs = map $self->_expand_expr($_),
706 ref($vv) eq 'ARRAY' ? @$vv : $vv;
707 unless (
708 (@rhs == 1 and ref($rhs[0]) eq 'HASH' and $rhs[0]->{-literal})
709 or
710 (@rhs == 2 and defined($rhs[0]) and defined($rhs[1]))
711 ) {
712 puke "Operator '${\uc($vk)}' requires either an arrayref with two defined values or expressions, or a single literal scalarref/arrayref-ref";
b5b18861 713 }
99a65fa8 714 return +{ -op => [
715 join(' ', split '_', $vk),
716 { -ident => $k },
717 @rhs
718 ] }
719 }
720 if ($vk =~ /^(?:not[ _])?in$/) {
721 if (my $literal = is_literal_value($vv)) {
722 my ($sql, @bind) = @$literal;
723 my $opened_sql = $self->_open_outer_paren($sql);
10d07c4e 724 return +{ -op => [
99a65fa8 725 $vk, { -ident => $k },
726 [ { -literal => [ $opened_sql, @bind ] } ]
10d07c4e 727 ] };
728 }
99a65fa8 729 my $undef_err =
730 'SQL::Abstract before v1.75 used to generate incorrect SQL when the '
731 . "-${\uc($vk)} operator was given an undef-containing list: !!!AUDIT YOUR CODE "
732 . 'AND DATA!!! (the upcoming Data::Query-based version of SQL::Abstract '
733 . 'will emit the logically correct SQL instead of raising this exception)'
734 ;
735 puke("Argument passed to the '${\uc($vk)}' operator can not be undefined")
736 if !defined($vv);
737 my @rhs = map $self->_expand_expr($_),
738 map { ref($_) ? $_ : { -bind => [ $k, $_ ] } }
739 map { defined($_) ? $_: puke($undef_err) }
740 (ref($vv) eq 'ARRAY' ? @$vv : $vv);
e175845b 741 return $self->${\($vk =~ /^not/ ? 'sqltrue' : 'sqlfalse')} unless @rhs;
99a65fa8 742
743 return +{ -op => [
744 join(' ', split '_', $vk),
745 { -ident => $k },
746 \@rhs
747 ] };
748 }
749 if ($vk eq 'ident') {
02b8fe35 750 if (! defined $vv or (ref($vv) and ref($vv) eq 'ARRAY')) {
751 puke "-$vk requires a single plain scalar argument (a quotable identifier) or an arrayref of identifier parts";
f7778474 752 }
99a65fa8 753 return +{ -op => [
754 $self->{cmp},
755 { -ident => $k },
756 { -ident => $vv }
757 ] };
758 }
759 if ($vk eq 'value') {
760 return $self->_expand_expr_hashpair($k, undef) unless defined($vv);
761 return +{ -op => [
762 $self->{cmp},
763 { -ident => $k },
764 { -bind => [ $k, $vv ] }
765 ] };
766 }
767 if ($vk =~ /^is(?:[ _]not)?$/) {
768 puke "$vk can only take undef as argument"
769 if defined($vv)
770 and not (
771 ref($vv) eq 'HASH'
772 and exists($vv->{-value})
773 and !defined($vv->{-value})
774 );
775 $vk =~ s/_/ /g;
776 return +{ -op => [ $vk.' null', { -ident => $k } ] };
777 }
778 if ($vk =~ /^(and|or)$/) {
779 if (ref($vv) eq 'HASH') {
e62fe58a 780 return +{ -op => [
781 $vk,
99a65fa8 782 map $self->_expand_expr_hashpair($k, { $_ => $vv->{$_} }),
783 sort keys %$vv
7d7868d1 784 ] };
785 }
e28d9b13 786 }
30af97c5 787 if (my $us = List::Util::first { $vk =~ $_->{regex} } @{$self->{special_ops}}) {
99a65fa8 788 return { -op => [ $vk, { -ident => $k }, $vv ] };
7dbe1183 789 }
96a8d74a 790 if (my $us = List::Util::first { $vk =~ $_->{regex} } @{$self->{unary_ops}}) {
791 return { -op => [
792 $self->{cmp},
793 { -ident => $k },
794 { -op => [ $vk, $vv ] }
795 ] };
796 }
99a65fa8 797 if (ref($vv) eq 'ARRAY') {
798 my ($logic, @values) = (
799 (defined($vv->[0]) and $vv->[0] =~ /^-(and|or)$/i)
800 ? @$vv
801 : (-or => @$vv)
802 );
803 if (
804 $vk =~ $self->{inequality_op}
805 or join(' ', split '_', $vk) =~ $self->{not_like_op}
806 ) {
807 if (lc($logic) eq '-or' and @values > 1) {
808 my $op = uc join ' ', split '_', $vk;
809 belch "A multi-element arrayref as an argument to the inequality op '$op' "
810 . 'is technically equivalent to an always-true 1=1 (you probably wanted '
811 . "to say ...{ \$inequality_op => [ -and => \@values ] }... instead)"
812 ;
813 }
ef071fad 814 }
b3cb13e8 815 unless (@values) {
816 # try to DWIM on equality operators
817 my $op = join ' ', split '_', $vk;
818 return
e175845b 819 $op =~ $self->{equality_op} ? $self->sqlfalse
820 : $op =~ $self->{like_op} ? belch("Supplying an empty arrayref to '@{[ uc $op]}' is deprecated") && $self->sqlfalse
821 : $op =~ $self->{inequality_op} ? $self->sqltrue
822 : $op =~ $self->{not_like_op} ? belch("Supplying an empty arrayref to '@{[ uc $op]}' is deprecated") && $self->sqltrue
b3cb13e8 823 : puke "operator '$op' applied on an empty array (field '$k')";
824 }
63c97a0b 825 return +{ -op => [
826 $logic =~ /^-(.*)$/,
99a65fa8 827 map $self->_expand_expr_hashpair($k => { $vk => $_ }),
828 @values
829 ] };
830 }
831 if (
832 !defined($vv)
833 or (
834 ref($vv) eq 'HASH'
835 and exists $vv->{-value}
836 and not defined $vv->{-value}
837 )
838 ) {
839 my $op = join ' ', split '_', $vk;
840 my $is =
841 $op =~ /^not$/i ? 'is not' # legacy
842 : $op =~ $self->{equality_op} ? 'is'
843 : $op =~ $self->{like_op} ? belch("Supplying an undefined argument to '@{[ uc $op]}' is deprecated") && 'is'
844 : $op =~ $self->{inequality_op} ? 'is not'
845 : $op =~ $self->{not_like_op} ? belch("Supplying an undefined argument to '@{[ uc $op]}' is deprecated") && 'is not'
846 : puke "unexpected operator '$op' with undef operand";
847 return +{ -op => [ $is.' null', { -ident => $k } ] };
848 }
849 local our $Cur_Col_Meta = $k;
850 return +{ -op => [
851 $vk,
852 { -ident => $k },
853 $self->_expand_expr($vv)
854 ] };
855 }
856 if (ref($v) eq 'ARRAY') {
e175845b 857 return $self->sqlfalse unless @$v;
99a65fa8 858 $self->_debug("ARRAY($k) means distribute over elements");
859 my $this_logic = (
860 $v->[0] =~ /^-((?:and|or))$/i
861 ? ($v = [ @{$v}[1..$#$v] ], $1)
862 : ($self->{logic} || 'or')
863 );
cba28f66 864 return +{ -op => [
865 $this_logic,
866 map $self->_expand_expr({ $k => $_ }, $this_logic), @$v
867 ] };
99a65fa8 868 }
869 if (my $literal = is_literal_value($v)) {
870 unless (length $k) {
871 belch 'Hash-pairs consisting of an empty string with a literal are deprecated, and will be removed in 2.0: use -and => [ $literal ] instead';
872 return \$literal;
873 }
874 my ($sql, @bind) = @$literal;
875 if ($self->{bindtype} eq 'columns') {
876 for (@bind) {
6fb2bd90 877 $self->_assert_bindval_matches_bindtype($_);
aa8d7bdb 878 }
331e2209 879 }
99a65fa8 880 return +{ -literal => [ $self->_quote($k).' '.$sql, @bind ] };
331e2209 881 }
99a65fa8 882 die "notreached";
59588695 883}
884
e175845b 885sub _render_expr {
886 my ($self, $expr) = @_;
887 my ($k, $v, @rest) = %$expr;
888 die "No" if @rest;
b07681b1 889 if (my $meth = $self->{node_types}{$k}) {
181dcebf 890 return $self->$meth($v);
e175845b 891 }
892 die "notreached: $k";
893}
894
96449e8e 895sub _recurse_where {
896 my ($self, $where, $logic) = @_;
897
99a65fa8 898#print STDERR Data::Dumper::Concise::Dumper([ $where, $logic ]);
899
5492d4c2 900 # Special case: top level simple string treated as literal
901
902 my $where_exp = (ref($where)
903 ? $self->_expand_expr($where, $logic)
904 : { -literal => [ $where ] });
1c0c0f41 905#::Dwarn([ EXPANDED => $where_exp ]);
a2cd381d 906
99a65fa8 907#print STDERR Data::Dumper::Concise::Dumper([ EXP => $where_exp ]);
908
96449e8e 909 # dispatch on appropriate method according to refkind of $where
e175845b 910# my $method = $self->_METHOD_FOR_refkind("_where", $where_exp);
911
912# my ($sql, @bind) = $self->$method($where_exp, $logic);
311b2151 913
e175845b 914 my ($sql, @bind) = defined($where_exp) ? $self->_render_expr($where_exp) : (undef);
abe1a491 915 # DBIx::Class used to call _recurse_where in scalar context
916 # something else might too...
917 if (wantarray) {
918 return ($sql, @bind);
919 }
920 else {
921 belch "Calling _recurse_where in scalar context is deprecated and will go away before 2.0";
922 return $sql;
923 }
96449e8e 924}
925
181dcebf 926sub _render_ident {
927 my ($self, $ident) = @_;
cc422895 928
9cf28dfb 929 return $self->_convert($self->_quote($ident));
cc422895 930}
931
181dcebf 932sub _render_value {
933 my ($self, $value) = @_;
cc422895 934
52511ae3 935 return ($self->_convert('?'), $self->_bindtype(undef, $value));
cc422895 936}
937
c452734e 938my %unop_postfix = map +($_ => 1),
939 'is null', 'is not null',
940 'asc', 'desc',
941;
d13725da 942
b5b18861 943my %special = (
944 (map +($_ => do {
945 my $op = $_;
946 sub {
947 my ($self, $args) = @_;
948 my ($left, $low, $high) = @$args;
949 my ($rhsql, @rhbind) = do {
950 if (@$args == 2) {
951 puke "Single arg to between must be a literal"
952 unless $low->{-literal};
953 @{$low->{-literal}}
954 } else {
e56dd780 955 my ($l, $h) = map [ $self->_render_expr($_) ], $low, $high;
b5b18861 956 (join(' ', $l->[0], $self->_sqlcase('and'), $h->[0]),
957 @{$l}[1..$#$l], @{$h}[1..$#$h])
958 }
959 };
e56dd780 960 my ($lhsql, @lhbind) = $self->_render_expr($left);
b5b18861 961 return (
962 join(' ', '(', $lhsql, $self->_sqlcase($op), $rhsql, ')'),
963 @lhbind, @rhbind
964 );
965 }
966 }), 'between', 'not between'),
10d07c4e 967 (map +($_ => do {
968 my $op = $_;
969 sub {
970 my ($self, $args) = @_;
971 my ($lhs, $rhs) = @$args;
972 my @in_bind;
973 my @in_sql = map {
0ce981f8 974 my ($sql, @bind) = $self->_render_expr($_);
10d07c4e 975 push @in_bind, @bind;
976 $sql;
977 } @$rhs;
0ce981f8 978 my ($lhsql, @lbind) = $self->_render_expr($lhs);
10d07c4e 979 return (
980 $lhsql.' '.$self->_sqlcase($op).' ( '
981 .join(', ', @in_sql)
982 .' )',
983 @lbind, @in_bind
984 );
985 }
986 }), 'in', 'not in'),
b5b18861 987);
988
181dcebf 989sub _render_op {
990 my ($self, $v) = @_;
d13725da 991 my ($op, @args) = @$v;
992 $op =~ s/^-// if length($op) > 1;
cba28f66 993 $op = lc($op);
b5b18861 994 if (my $h = $special{$op}) {
995 return $self->$h(\@args);
996 }
3ae10d16 997 my $us = List::Util::first { $op =~ $_->{regex} } @{$self->{special_ops}};
998 if ($us and @args > 1) {
99a65fa8 999 puke "Special op '${op}' requires first value to be identifier"
1000 unless my ($k) = map $_->{-ident}, grep ref($_) eq 'HASH', $args[0];
dd1d0dbf 1001 local our $Expand_Depth = 1;
99a65fa8 1002 return $self->${\($us->{handler})}($k, $op, $args[1]);
1003 }
96a8d74a 1004 if (my $us = List::Util::first { $op =~ $_->{regex} } @{$self->{unary_ops}}) {
1005 return $self->${\($us->{handler})}($op, $args[0]);
1006 }
99a65fa8 1007 my $final_op = $op =~ /^(?:is|not)_/ ? join(' ', split '_', $op) : $op;
2143604f 1008 if (@args == 1 and $op !~ /^(and|or)$/) {
ec857800 1009 my ($expr_sql, @bind) = $self->_render_expr($args[0]);
d13725da 1010 my $op_sql = $self->_sqlcase($final_op);
1011 my $final_sql = (
1012 $unop_postfix{lc($final_op)}
1013 ? "${expr_sql} ${op_sql}"
1014 : "${op_sql} ${expr_sql}"
1015 );
3ae10d16 1016 return (($op eq 'not' || $us ? '('.$final_sql.')' : $final_sql), @bind);
1c0c0f41 1017 #} elsif (@args == 0) {
1018 # return '';
16d9289c 1019 } else {
1c0c0f41 1020 my @parts = grep length($_->[0]), map [ $self->_render_expr($_) ], @args;
1021 return '' unless @parts;
230812fc 1022 my $is_andor = !!($op =~ /^(and|or)$/);
1023 return @{$parts[0]} if $is_andor and @parts == 1;
1024 my ($final_sql) = map +($is_andor ? "( ${_} )" : $_), join(
2f9c5405 1025 ($final_op eq ',' ? '' : ' ').$self->_sqlcase($final_op).' ',
77617257 1026 map $_->[0], @parts
1027 );
99a65fa8 1028 return (
77617257 1029 $final_sql,
16d9289c 1030 map @{$_}[1..$#$_], @parts
99a65fa8 1031 );
d13725da 1032 }
1033 die "unhandled";
1034}
1035
181dcebf 1036sub _render_func {
1037 my ($self, $rest) = @_;
711892b1 1038 my ($func, @args) = @$rest;
1039 my @arg_sql;
1040 my @bind = map {
1041 my @x = @$_;
1042 push @arg_sql, shift @x;
1043 @x
0f199fce 1044 } map [ $self->_render_expr($_) ], @args;
711892b1 1045 return ($self->_sqlcase($func).'('.join(', ', @arg_sql).')', @bind);
1046}
1047
181dcebf 1048sub _render_bind {
1049 my ($self, $bind) = @_;
d13725da 1050 return ($self->_convert('?'), $self->_bindtype(@$bind));
1051}
1052
181dcebf 1053sub _render_literal {
1054 my ($self, $literal) = @_;
465d43fd 1055 $self->_assert_bindval_matches_bindtype(@{$literal}[1..$#$literal]);
aa8d7bdb 1056 return @$literal;
1057}
1058
4a1f01a3 1059# Some databases (SQLite) treat col IN (1, 2) different from
1060# col IN ( (1, 2) ). Use this to strip all outer parens while
1061# adding them back in the corresponding method
1062sub _open_outer_paren {
1063 my ($self, $sql) = @_;
a5f91feb 1064
ca4f826a 1065 while (my ($inner) = $sql =~ /^ \s* \( (.*) \) \s* $/xs) {
a5f91feb 1066
1067 # there are closing parens inside, need the heavy duty machinery
1068 # to reevaluate the extraction starting from $sql (full reevaluation)
ca4f826a 1069 if ($inner =~ /\)/) {
a5f91feb 1070 require Text::Balanced;
1071
1072 my (undef, $remainder) = do {
1073 # idiotic design - writes to $@ but *DOES NOT* throw exceptions
1074 local $@;
ca4f826a 1075 Text::Balanced::extract_bracketed($sql, '()', qr/\s*/);
a5f91feb 1076 };
1077
1078 # the entire expression needs to be a balanced bracketed thing
1079 # (after an extract no remainder sans trailing space)
1080 last if defined $remainder and $remainder =~ /\S/;
1081 }
1082
1083 $sql = $inner;
1084 }
1085
1086 $sql;
4a1f01a3 1087}
1088
96449e8e 1089
96449e8e 1090#======================================================================
1091# ORDER BY
1092#======================================================================
1093
33177570 1094sub _expand_order_by {
96449e8e 1095 my ($self, $arg) = @_;
1096
33177570 1097 return unless defined($arg) and not (ref($arg) eq 'ARRAY' and !@$arg);
2b6158af 1098
4325df6a 1099 my $expander = sub {
1100 my ($self, $dir, $expr) = @_;
52ca537e 1101 my @to_expand = ref($expr) eq 'ARRAY' ? @$expr : $expr;
1102 foreach my $arg (@to_expand) {
1103 if (
1104 ref($arg) eq 'HASH'
1105 and keys %$arg > 1
1106 and grep /^-(asc|desc)$/, keys %$arg
1107 ) {
1108 puke "ordering direction hash passed to order by must have exactly one key (-asc or -desc)";
1109 }
1110 }
4325df6a 1111 my @exp = map +(defined($dir) ? { -op => [ $dir => $_ ] } : $_),
74156ee9 1112 map $self->_expand_expr($_, undef, -ident),
1113 map ref($_) eq 'ARRAY' ? @$_ : $_, @to_expand;
4325df6a 1114 return (@exp > 1 ? { -op => [ ',', @exp ] } : $exp[0]);
1115 };
18c743c8 1116
ec19b759 1117 local @{$self->{expand_unary}}{qw(-asc -desc)} = (
1118 sub { shift->$expander(asc => @_) },
1119 sub { shift->$expander(desc => @_) },
1120 );
f267b646 1121
33177570 1122 return $self->$expander(undef, $arg);
1123}
1124
1125sub _order_by {
1126 my ($self, $arg) = @_;
1127
1128 return '' unless defined(my $expanded = $self->_expand_order_by($arg));
4325df6a 1129
1130 my ($sql, @bind) = $self->_render_expr($expanded);
1131
13cd9220 1132 return '' unless length($sql);
1133
4325df6a 1134 my $final_sql = $self->_sqlcase(' order by ').$sql;
1135
1136 return wantarray ? ($final_sql, @bind) : $final_sql;
f267b646 1137}
1138
2e3cc357 1139# _order_by no longer needs to call this so doesn't but DBIC uses it.
1140
33177570 1141sub _order_by_chunks {
1142 my ($self, $arg) = @_;
1143
1144 return () unless defined(my $expanded = $self->_expand_order_by($arg));
1145
2e3cc357 1146 return $self->_chunkify_order_by($expanded);
1147}
1148
1149sub _chunkify_order_by {
1150 my ($self, $expanded) = @_;
1b630cfe 1151
dd1d0dbf 1152 return grep length, $self->_render_expr($expanded)
1b630cfe 1153 if $expanded->{-ident} or @{$expanded->{-literal}||[]} == 1;
1154
33177570 1155 for ($expanded) {
1156 if (ref() eq 'HASH' and my $op = $_->{-op}) {
1157 if ($op->[0] eq ',') {
2e3cc357 1158 return map $self->_chunkify_order_by($_), @{$op}[1..$#$op];
33177570 1159 }
1160 }
1161 return [ $self->_render_expr($_) ];
1162 }
1163}
1164
96449e8e 1165#======================================================================
1166# DATASOURCE (FOR NOW, JUST PLAIN TABLE OR LIST OF TABLES)
1167#======================================================================
1168
1169sub _table {
1170 my $self = shift;
1171 my $from = shift;
7ad12721 1172 ($self->_render_expr(
8476c6a3 1173 $self->_expand_maybe_list_expr($from, undef, -ident)
7ad12721 1174 ))[0];
96449e8e 1175}
1176
1177
1178#======================================================================
1179# UTILITY FUNCTIONS
1180#======================================================================
1181
8476c6a3 1182sub _expand_maybe_list_expr {
1183 my ($self, $expr, $logic, $default) = @_;
bba04f52 1184 my $e = do {
1185 if (ref($expr) eq 'ARRAY') {
1186 return { -op => [
8476c6a3 1187 ',', map $self->_expand_expr($_, $logic, $default), @$expr
bba04f52 1188 ] } if @$expr > 1;
1189 $expr->[0]
1190 } else {
1191 $expr
1192 }
1193 };
1194 return $self->_expand_expr($e, $logic, $default);
8476c6a3 1195}
1196
955e77ca 1197# highly optimized, as it's called way too often
96449e8e 1198sub _quote {
955e77ca 1199 # my ($self, $label) = @_;
96449e8e 1200
955e77ca 1201 return '' unless defined $_[1];
955e77ca 1202 return ${$_[1]} if ref($_[1]) eq 'SCALAR';
d3162b5c 1203 puke 'Identifier cannot be hashref' if ref($_[1]) eq 'HASH';
96449e8e 1204
d3162b5c 1205 unless ($_[0]->{quote_char}) {
1206 if (ref($_[1]) eq 'ARRAY') {
1207 return join($_[0]->{name_sep}||'.', @{$_[1]});
1208 } else {
1209 $_[0]->_assert_pass_injection_guard($_[1]);
1210 return $_[1];
1211 }
1212 }
96449e8e 1213
07d7c35c 1214 my $qref = ref $_[0]->{quote_char};
439834d3 1215 my ($l, $r) =
1216 !$qref ? ($_[0]->{quote_char}, $_[0]->{quote_char})
1217 : ($qref eq 'ARRAY') ? @{$_[0]->{quote_char}}
1218 : puke "Unsupported quote_char format: $_[0]->{quote_char}";
1219
46be4313 1220 my $esc = $_[0]->{escape_char} || $r;
96449e8e 1221
07d7c35c 1222 # parts containing * are naturally unquoted
d3162b5c 1223 return join(
1224 $_[0]->{name_sep}||'',
1225 map +(
1226 $_ eq '*'
1227 ? $_
1228 : do { (my $n = $_) =~ s/(\Q$esc\E|\Q$r\E)/$esc$1/g; $l . $n . $r }
1229 ),
1230 (ref($_[1]) eq 'ARRAY'
1231 ? @{$_[1]}
1232 : (
1233 $_[0]->{name_sep}
1234 ? split (/\Q$_[0]->{name_sep}\E/, $_[1] )
1235 : $_[1]
1236 )
1237 )
955e77ca 1238 );
96449e8e 1239}
1240
1241
1242# Conversion, if applicable
d7c862e0 1243sub _convert {
07d7c35c 1244 #my ($self, $arg) = @_;
7ad12721 1245 if ($_[0]->{convert_where}) {
1246 return $_[0]->_sqlcase($_[0]->{convert_where}) .'(' . $_[1] . ')';
96449e8e 1247 }
07d7c35c 1248 return $_[1];
96449e8e 1249}
1250
1251# And bindtype
d7c862e0 1252sub _bindtype {
07d7c35c 1253 #my ($self, $col, @vals) = @_;
07d7c35c 1254 # called often - tighten code
1255 return $_[0]->{bindtype} eq 'columns'
1256 ? map {[$_[1], $_]} @_[2 .. $#_]
1257 : @_[2 .. $#_]
1258 ;
96449e8e 1259}
1260
fe3ae272 1261# Dies if any element of @bind is not in [colname => value] format
1262# if bindtype is 'columns'.
1263sub _assert_bindval_matches_bindtype {
c94a6c93 1264# my ($self, @bind) = @_;
1265 my $self = shift;
fe3ae272 1266 if ($self->{bindtype} eq 'columns') {
c94a6c93 1267 for (@_) {
1268 if (!defined $_ || ref($_) ne 'ARRAY' || @$_ != 2) {
3a06278c 1269 puke "bindtype 'columns' selected, you need to pass: [column_name => bind_value]"
fe3ae272 1270 }
1271 }
1272 }
1273}
1274
96449e8e 1275sub _join_sql_clauses {
1276 my ($self, $logic, $clauses_aref, $bind_aref) = @_;
1277
1278 if (@$clauses_aref > 1) {
1279 my $join = " " . $self->_sqlcase($logic) . " ";
1280 my $sql = '( ' . join($join, @$clauses_aref) . ' )';
1281 return ($sql, @$bind_aref);
1282 }
1283 elsif (@$clauses_aref) {
1284 return ($clauses_aref->[0], @$bind_aref); # no parentheses
1285 }
1286 else {
1287 return (); # if no SQL, ignore @$bind_aref
1288 }
1289}
1290
1291
1292# Fix SQL case, if so requested
1293sub _sqlcase {
96449e8e 1294 # LDNOTE: if $self->{case} is true, then it contains 'lower', so we
1295 # don't touch the argument ... crooked logic, but let's not change it!
07d7c35c 1296 return $_[0]->{case} ? $_[1] : uc($_[1]);
96449e8e 1297}
1298
1299
1300#======================================================================
1301# DISPATCHING FROM REFKIND
1302#======================================================================
1303
1304sub _refkind {
1305 my ($self, $data) = @_;
96449e8e 1306
955e77ca 1307 return 'UNDEF' unless defined $data;
1308
1309 # blessed objects are treated like scalars
1310 my $ref = (Scalar::Util::blessed $data) ? '' : ref $data;
1311
1312 return 'SCALAR' unless $ref;
1313
1314 my $n_steps = 1;
1315 while ($ref eq 'REF') {
96449e8e 1316 $data = $$data;
955e77ca 1317 $ref = (Scalar::Util::blessed $data) ? '' : ref $data;
1318 $n_steps++ if $ref;
96449e8e 1319 }
1320
848556bc 1321 return ($ref||'SCALAR') . ('REF' x $n_steps);
96449e8e 1322}
1323
1324sub _try_refkind {
1325 my ($self, $data) = @_;
1326 my @try = ($self->_refkind($data));
1327 push @try, 'SCALAR_or_UNDEF' if $try[0] eq 'SCALAR' || $try[0] eq 'UNDEF';
1328 push @try, 'FALLBACK';
955e77ca 1329 return \@try;
96449e8e 1330}
1331
1332sub _METHOD_FOR_refkind {
1333 my ($self, $meth_prefix, $data) = @_;
f39eaa60 1334
1335 my $method;
955e77ca 1336 for (@{$self->_try_refkind($data)}) {
f39eaa60 1337 $method = $self->can($meth_prefix."_".$_)
1338 and last;
1339 }
1340
1341 return $method || puke "cannot dispatch on '$meth_prefix' for ".$self->_refkind($data);
96449e8e 1342}
1343
1344
1345sub _SWITCH_refkind {
1346 my ($self, $data, $dispatch_table) = @_;
1347
f39eaa60 1348 my $coderef;
955e77ca 1349 for (@{$self->_try_refkind($data)}) {
f39eaa60 1350 $coderef = $dispatch_table->{$_}
1351 and last;
1352 }
1353
1354 puke "no dispatch entry for ".$self->_refkind($data)
1355 unless $coderef;
1356
96449e8e 1357 $coderef->();
1358}
1359
1360
1361
1362
1363#======================================================================
1364# VALUES, GENERATE, AUTOLOAD
1365#======================================================================
1366
1367# LDNOTE: original code from nwiger, didn't touch code in that section
1368# I feel the AUTOLOAD stuff should not be the default, it should
1369# only be activated on explicit demand by user.
1370
1371sub values {
1372 my $self = shift;
1373 my $data = shift || return;
1374 puke "Argument to ", __PACKAGE__, "->values must be a \\%hash"
1375 unless ref $data eq 'HASH';
bab725ce 1376
1377 my @all_bind;
ca4f826a 1378 foreach my $k (sort keys %$data) {
bab725ce 1379 my $v = $data->{$k};
1380 $self->_SWITCH_refkind($v, {
9d48860e 1381 ARRAYREF => sub {
bab725ce 1382 if ($self->{array_datatypes}) { # array datatype
1383 push @all_bind, $self->_bindtype($k, $v);
1384 }
1385 else { # literal SQL with bind
1386 my ($sql, @bind) = @$v;
1387 $self->_assert_bindval_matches_bindtype(@bind);
1388 push @all_bind, @bind;
1389 }
1390 },
1391 ARRAYREFREF => sub { # literal SQL with bind
1392 my ($sql, @bind) = @${$v};
1393 $self->_assert_bindval_matches_bindtype(@bind);
1394 push @all_bind, @bind;
1395 },
1396 SCALARREF => sub { # literal SQL without bind
1397 },
1398 SCALAR_or_UNDEF => sub {
1399 push @all_bind, $self->_bindtype($k, $v);
1400 },
1401 });
1402 }
1403
1404 return @all_bind;
96449e8e 1405}
1406
1407sub generate {
1408 my $self = shift;
1409
1410 my(@sql, @sqlq, @sqlv);
1411
1412 for (@_) {
1413 my $ref = ref $_;
1414 if ($ref eq 'HASH') {
1415 for my $k (sort keys %$_) {
1416 my $v = $_->{$k};
1417 my $r = ref $v;
1418 my $label = $self->_quote($k);
1419 if ($r eq 'ARRAY') {
fe3ae272 1420 # literal SQL with bind
1421 my ($sql, @bind) = @$v;
1422 $self->_assert_bindval_matches_bindtype(@bind);
96449e8e 1423 push @sqlq, "$label = $sql";
fe3ae272 1424 push @sqlv, @bind;
96449e8e 1425 } elsif ($r eq 'SCALAR') {
fe3ae272 1426 # literal SQL without bind
96449e8e 1427 push @sqlq, "$label = $$v";
9d48860e 1428 } else {
96449e8e 1429 push @sqlq, "$label = ?";
1430 push @sqlv, $self->_bindtype($k, $v);
1431 }
1432 }
1433 push @sql, $self->_sqlcase('set'), join ', ', @sqlq;
1434 } elsif ($ref eq 'ARRAY') {
1435 # unlike insert(), assume these are ONLY the column names, i.e. for SQL
1436 for my $v (@$_) {
1437 my $r = ref $v;
fe3ae272 1438 if ($r eq 'ARRAY') { # literal SQL with bind
1439 my ($sql, @bind) = @$v;
1440 $self->_assert_bindval_matches_bindtype(@bind);
1441 push @sqlq, $sql;
1442 push @sqlv, @bind;
1443 } elsif ($r eq 'SCALAR') { # literal SQL without bind
96449e8e 1444 # embedded literal SQL
1445 push @sqlq, $$v;
9d48860e 1446 } else {
96449e8e 1447 push @sqlq, '?';
1448 push @sqlv, $v;
1449 }
1450 }
1451 push @sql, '(' . join(', ', @sqlq) . ')';
1452 } elsif ($ref eq 'SCALAR') {
1453 # literal SQL
1454 push @sql, $$_;
1455 } else {
1456 # strings get case twiddled
1457 push @sql, $self->_sqlcase($_);
1458 }
1459 }
1460
1461 my $sql = join ' ', @sql;
1462
1463 # this is pretty tricky
1464 # if ask for an array, return ($stmt, @bind)
1465 # otherwise, s/?/shift @sqlv/ to put it inline
1466 if (wantarray) {
1467 return ($sql, @sqlv);
1468 } else {
1469 1 while $sql =~ s/\?/my $d = shift(@sqlv);
1470 ref $d ? $d->[1] : $d/e;
1471 return $sql;
1472 }
1473}
1474
1475
1476sub DESTROY { 1 }
1477
1478sub AUTOLOAD {
1479 # This allows us to check for a local, then _form, attr
1480 my $self = shift;
1481 my($name) = $AUTOLOAD =~ /.*::(.+)/;
1482 return $self->generate($name, @_);
1483}
1484
14851;
1486
1487
1488
1489__END__
32eab2da 1490
1491=head1 NAME
1492
1493SQL::Abstract - Generate SQL from Perl data structures
1494
1495=head1 SYNOPSIS
1496
1497 use SQL::Abstract;
1498
1499 my $sql = SQL::Abstract->new;
1500
85783f3c 1501 my($stmt, @bind) = $sql->select($source, \@fields, \%where, $order);
32eab2da 1502
1503 my($stmt, @bind) = $sql->insert($table, \%fieldvals || \@values);
1504
1505 my($stmt, @bind) = $sql->update($table, \%fieldvals, \%where);
1506
1507 my($stmt, @bind) = $sql->delete($table, \%where);
1508
1509 # Then, use these in your DBI statements
1510 my $sth = $dbh->prepare($stmt);
1511 $sth->execute(@bind);
1512
1513 # Just generate the WHERE clause
85783f3c 1514 my($stmt, @bind) = $sql->where(\%where, $order);
32eab2da 1515
1516 # Return values in the same order, for hashed queries
1517 # See PERFORMANCE section for more details
1518 my @bind = $sql->values(\%fieldvals);
1519
1520=head1 DESCRIPTION
1521
1522This module was inspired by the excellent L<DBIx::Abstract>.
1523However, in using that module I found that what I really wanted
1524to do was generate SQL, but still retain complete control over my
1525statement handles and use the DBI interface. So, I set out to
1526create an abstract SQL generation module.
1527
1528While based on the concepts used by L<DBIx::Abstract>, there are
1529several important differences, especially when it comes to WHERE
1530clauses. I have modified the concepts used to make the SQL easier
1531to generate from Perl data structures and, IMO, more intuitive.
1532The underlying idea is for this module to do what you mean, based
1533on the data structures you provide it. The big advantage is that
1534you don't have to modify your code every time your data changes,
1535as this module figures it out.
1536
1537To begin with, an SQL INSERT is as easy as just specifying a hash
1538of C<key=value> pairs:
1539
1540 my %data = (
1541 name => 'Jimbo Bobson',
1542 phone => '123-456-7890',
1543 address => '42 Sister Lane',
1544 city => 'St. Louis',
1545 state => 'Louisiana',
1546 );
1547
1548The SQL can then be generated with this:
1549
1550 my($stmt, @bind) = $sql->insert('people', \%data);
1551
1552Which would give you something like this:
1553
1554 $stmt = "INSERT INTO people
1555 (address, city, name, phone, state)
1556 VALUES (?, ?, ?, ?, ?)";
1557 @bind = ('42 Sister Lane', 'St. Louis', 'Jimbo Bobson',
1558 '123-456-7890', 'Louisiana');
1559
1560These are then used directly in your DBI code:
1561
1562 my $sth = $dbh->prepare($stmt);
1563 $sth->execute(@bind);
1564
96449e8e 1565=head2 Inserting and Updating Arrays
1566
1567If your database has array types (like for example Postgres),
1568activate the special option C<< array_datatypes => 1 >>
9d48860e 1569when creating the C<SQL::Abstract> object.
96449e8e 1570Then you may use an arrayref to insert and update database array types:
1571
1572 my $sql = SQL::Abstract->new(array_datatypes => 1);
1573 my %data = (
1574 planets => [qw/Mercury Venus Earth Mars/]
1575 );
9d48860e 1576
96449e8e 1577 my($stmt, @bind) = $sql->insert('solar_system', \%data);
1578
1579This results in:
1580
1581 $stmt = "INSERT INTO solar_system (planets) VALUES (?)"
1582
1583 @bind = (['Mercury', 'Venus', 'Earth', 'Mars']);
1584
1585
1586=head2 Inserting and Updating SQL
1587
1588In order to apply SQL functions to elements of your C<%data> you may
1589specify a reference to an arrayref for the given hash value. For example,
1590if you need to execute the Oracle C<to_date> function on a value, you can
1591say something like this:
32eab2da 1592
1593 my %data = (
1594 name => 'Bill',
3ae1c5e2 1595 date_entered => \[ "to_date(?,'MM/DD/YYYY')", "03/02/2003" ],
9d48860e 1596 );
32eab2da 1597
1598The first value in the array is the actual SQL. Any other values are
1599optional and would be included in the bind values array. This gives
1600you:
1601
1602 my($stmt, @bind) = $sql->insert('people', \%data);
1603
9d48860e 1604 $stmt = "INSERT INTO people (name, date_entered)
32eab2da 1605 VALUES (?, to_date(?,'MM/DD/YYYY'))";
1606 @bind = ('Bill', '03/02/2003');
1607
1608An UPDATE is just as easy, all you change is the name of the function:
1609
1610 my($stmt, @bind) = $sql->update('people', \%data);
1611
1612Notice that your C<%data> isn't touched; the module will generate
1613the appropriately quirky SQL for you automatically. Usually you'll
1614want to specify a WHERE clause for your UPDATE, though, which is
1615where handling C<%where> hashes comes in handy...
1616
96449e8e 1617=head2 Complex where statements
1618
32eab2da 1619This module can generate pretty complicated WHERE statements
1620easily. For example, simple C<key=value> pairs are taken to mean
1621equality, and if you want to see if a field is within a set
1622of values, you can use an arrayref. Let's say we wanted to
1623SELECT some data based on this criteria:
1624
1625 my %where = (
1626 requestor => 'inna',
1627 worker => ['nwiger', 'rcwe', 'sfz'],
1628 status => { '!=', 'completed' }
1629 );
1630
1631 my($stmt, @bind) = $sql->select('tickets', '*', \%where);
1632
1633The above would give you something like this:
1634
1635 $stmt = "SELECT * FROM tickets WHERE
1636 ( requestor = ? ) AND ( status != ? )
1637 AND ( worker = ? OR worker = ? OR worker = ? )";
1638 @bind = ('inna', 'completed', 'nwiger', 'rcwe', 'sfz');
1639
1640Which you could then use in DBI code like so:
1641
1642 my $sth = $dbh->prepare($stmt);
1643 $sth->execute(@bind);
1644
1645Easy, eh?
1646
0da0fe34 1647=head1 METHODS
32eab2da 1648
13cc86af 1649The methods are simple. There's one for every major SQL operation,
32eab2da 1650and a constructor you use first. The arguments are specified in a
13cc86af 1651similar order for each method (table, then fields, then a where
32eab2da 1652clause) to try and simplify things.
1653
32eab2da 1654=head2 new(option => 'value')
1655
1656The C<new()> function takes a list of options and values, and returns
1657a new B<SQL::Abstract> object which can then be used to generate SQL
1658through the methods below. The options accepted are:
1659
1660=over
1661
1662=item case
1663
1664If set to 'lower', then SQL will be generated in all lowercase. By
1665default SQL is generated in "textbook" case meaning something like:
1666
1667 SELECT a_field FROM a_table WHERE some_field LIKE '%someval%'
1668
96449e8e 1669Any setting other than 'lower' is ignored.
1670
32eab2da 1671=item cmp
1672
1673This determines what the default comparison operator is. By default
1674it is C<=>, meaning that a hash like this:
1675
1676 %where = (name => 'nwiger', email => 'nate@wiger.org');
1677
1678Will generate SQL like this:
1679
1680 WHERE name = 'nwiger' AND email = 'nate@wiger.org'
1681
1682However, you may want loose comparisons by default, so if you set
1683C<cmp> to C<like> you would get SQL such as:
1684
1685 WHERE name like 'nwiger' AND email like 'nate@wiger.org'
1686
3af02ccb 1687You can also override the comparison on an individual basis - see
32eab2da 1688the huge section on L</"WHERE CLAUSES"> at the bottom.
1689
96449e8e 1690=item sqltrue, sqlfalse
1691
1692Expressions for inserting boolean values within SQL statements.
6e0c6552 1693By default these are C<1=1> and C<1=0>. They are used
1694by the special operators C<-in> and C<-not_in> for generating
1695correct SQL even when the argument is an empty array (see below).
96449e8e 1696
32eab2da 1697=item logic
1698
1699This determines the default logical operator for multiple WHERE
7cac25e6 1700statements in arrays or hashes. If absent, the default logic is "or"
1701for arrays, and "and" for hashes. This means that a WHERE
32eab2da 1702array of the form:
1703
1704 @where = (
9d48860e 1705 event_date => {'>=', '2/13/99'},
1706 event_date => {'<=', '4/24/03'},
32eab2da 1707 );
1708
7cac25e6 1709will generate SQL like this:
32eab2da 1710
1711 WHERE event_date >= '2/13/99' OR event_date <= '4/24/03'
1712
1713This is probably not what you want given this query, though (look
1714at the dates). To change the "OR" to an "AND", simply specify:
1715
1716 my $sql = SQL::Abstract->new(logic => 'and');
1717
1718Which will change the above C<WHERE> to:
1719
1720 WHERE event_date >= '2/13/99' AND event_date <= '4/24/03'
1721
96449e8e 1722The logic can also be changed locally by inserting
be21dde3 1723a modifier in front of an arrayref:
96449e8e 1724
9d48860e 1725 @where = (-and => [event_date => {'>=', '2/13/99'},
7cac25e6 1726 event_date => {'<=', '4/24/03'} ]);
96449e8e 1727
1728See the L</"WHERE CLAUSES"> section for explanations.
1729
32eab2da 1730=item convert
1731
1732This will automatically convert comparisons using the specified SQL
1733function for both column and value. This is mostly used with an argument
1734of C<upper> or C<lower>, so that the SQL will have the effect of
1735case-insensitive "searches". For example, this:
1736
1737 $sql = SQL::Abstract->new(convert => 'upper');
1738 %where = (keywords => 'MaKe iT CAse inSeNSItive');
1739
1740Will turn out the following SQL:
1741
1742 WHERE upper(keywords) like upper('MaKe iT CAse inSeNSItive')
1743
1744The conversion can be C<upper()>, C<lower()>, or any other SQL function
1745that can be applied symmetrically to fields (actually B<SQL::Abstract> does
1746not validate this option; it will just pass through what you specify verbatim).
1747
1748=item bindtype
1749
1750This is a kludge because many databases suck. For example, you can't
1751just bind values using DBI's C<execute()> for Oracle C<CLOB> or C<BLOB> fields.
1752Instead, you have to use C<bind_param()>:
1753
1754 $sth->bind_param(1, 'reg data');
1755 $sth->bind_param(2, $lots, {ora_type => ORA_CLOB});
1756
1757The problem is, B<SQL::Abstract> will normally just return a C<@bind> array,
1758which loses track of which field each slot refers to. Fear not.
1759
1760If you specify C<bindtype> in new, you can determine how C<@bind> is returned.
1761Currently, you can specify either C<normal> (default) or C<columns>. If you
1762specify C<columns>, you will get an array that looks like this:
1763
1764 my $sql = SQL::Abstract->new(bindtype => 'columns');
1765 my($stmt, @bind) = $sql->insert(...);
1766
1767 @bind = (
1768 [ 'column1', 'value1' ],
1769 [ 'column2', 'value2' ],
1770 [ 'column3', 'value3' ],
1771 );
1772
1773You can then iterate through this manually, using DBI's C<bind_param()>.
e3f9dff4 1774
32eab2da 1775 $sth->prepare($stmt);
1776 my $i = 1;
1777 for (@bind) {
1778 my($col, $data) = @$_;
1779 if ($col eq 'details' || $col eq 'comments') {
1780 $sth->bind_param($i, $data, {ora_type => ORA_CLOB});
1781 } elsif ($col eq 'image') {
1782 $sth->bind_param($i, $data, {ora_type => ORA_BLOB});
1783 } else {
1784 $sth->bind_param($i, $data);
1785 }
1786 $i++;
1787 }
1788 $sth->execute; # execute without @bind now
1789
1790Now, why would you still use B<SQL::Abstract> if you have to do this crap?
1791Basically, the advantage is still that you don't have to care which fields
1792are or are not included. You could wrap that above C<for> loop in a simple
1793sub called C<bind_fields()> or something and reuse it repeatedly. You still
1794get a layer of abstraction over manual SQL specification.
1795
3ae1c5e2 1796Note that if you set L</bindtype> to C<columns>, the C<\[ $sql, @bind ]>
deb148a2 1797construct (see L</Literal SQL with placeholders and bind values (subqueries)>)
1798will expect the bind values in this format.
1799
32eab2da 1800=item quote_char
1801
1802This is the character that a table or column name will be quoted
9d48860e 1803with. By default this is an empty string, but you could set it to
32eab2da 1804the character C<`>, to generate SQL like this:
1805
1806 SELECT `a_field` FROM `a_table` WHERE `some_field` LIKE '%someval%'
1807
96449e8e 1808Alternatively, you can supply an array ref of two items, the first being the left
1809hand quote character, and the second the right hand quote character. For
1810example, you could supply C<['[',']']> for SQL Server 2000 compliant quotes
1811that generates SQL like this:
1812
1813 SELECT [a_field] FROM [a_table] WHERE [some_field] LIKE '%someval%'
1814
9d48860e 1815Quoting is useful if you have tables or columns names that are reserved
96449e8e 1816words in your database's SQL dialect.
32eab2da 1817
46be4313 1818=item escape_char
1819
1820This is the character that will be used to escape L</quote_char>s appearing
1821in an identifier before it has been quoted.
1822
80790166 1823The parameter default in case of a single L</quote_char> character is the quote
46be4313 1824character itself.
1825
1826When opening-closing-style quoting is used (L</quote_char> is an arrayref)
9de2bd86 1827this parameter defaults to the B<closing (right)> L</quote_char>. Occurrences
46be4313 1828of the B<opening (left)> L</quote_char> within the identifier are currently left
1829untouched. The default for opening-closing-style quotes may change in future
1830versions, thus you are B<strongly encouraged> to specify the escape character
1831explicitly.
1832
32eab2da 1833=item name_sep
1834
1835This is the character that separates a table and column name. It is
1836necessary to specify this when the C<quote_char> option is selected,
1837so that tables and column names can be individually quoted like this:
1838
1839 SELECT `table`.`one_field` FROM `table` WHERE `table`.`other_field` = 1
1840
b6251592 1841=item injection_guard
1842
1843A regular expression C<qr/.../> that is applied to any C<-function> and unquoted
1844column name specified in a query structure. This is a safety mechanism to avoid
1845injection attacks when mishandling user input e.g.:
1846
1847 my %condition_as_column_value_pairs = get_values_from_user();
1848 $sqla->select( ... , \%condition_as_column_value_pairs );
1849
1850If the expression matches an exception is thrown. Note that literal SQL
1851supplied via C<\'...'> or C<\['...']> is B<not> checked in any way.
1852
1853Defaults to checking for C<;> and the C<GO> keyword (TransactSQL)
1854
96449e8e 1855=item array_datatypes
32eab2da 1856
9d48860e 1857When this option is true, arrayrefs in INSERT or UPDATE are
1858interpreted as array datatypes and are passed directly
96449e8e 1859to the DBI layer.
1860When this option is false, arrayrefs are interpreted
1861as literal SQL, just like refs to arrayrefs
1862(but this behavior is for backwards compatibility; when writing
1863new queries, use the "reference to arrayref" syntax
1864for literal SQL).
32eab2da 1865
32eab2da 1866
96449e8e 1867=item special_ops
32eab2da 1868
9d48860e 1869Takes a reference to a list of "special operators"
96449e8e 1870to extend the syntax understood by L<SQL::Abstract>.
1871See section L</"SPECIAL OPERATORS"> for details.
32eab2da 1872
59f23b3d 1873=item unary_ops
1874
9d48860e 1875Takes a reference to a list of "unary operators"
59f23b3d 1876to extend the syntax understood by L<SQL::Abstract>.
1877See section L</"UNARY OPERATORS"> for details.
1878
32eab2da 1879
32eab2da 1880
96449e8e 1881=back
32eab2da 1882
02288357 1883=head2 insert($table, \@values || \%fieldvals, \%options)
32eab2da 1884
1885This is the simplest function. You simply give it a table name
1886and either an arrayref of values or hashref of field/value pairs.
1887It returns an SQL INSERT statement and a list of bind values.
96449e8e 1888See the sections on L</"Inserting and Updating Arrays"> and
1889L</"Inserting and Updating SQL"> for information on how to insert
1890with those data types.
32eab2da 1891
02288357 1892The optional C<\%options> hash reference may contain additional
1893options to generate the insert SQL. Currently supported options
1894are:
1895
1896=over 4
1897
1898=item returning
1899
1900Takes either a scalar of raw SQL fields, or an array reference of
1901field names, and adds on an SQL C<RETURNING> statement at the end.
1902This allows you to return data generated by the insert statement
1903(such as row IDs) without performing another C<SELECT> statement.
1904Note, however, this is not part of the SQL standard and may not
1905be supported by all database engines.
1906
1907=back
1908
95904db5 1909=head2 update($table, \%fieldvals, \%where, \%options)
32eab2da 1910
1911This takes a table, hashref of field/value pairs, and an optional
86298391 1912hashref L<WHERE clause|/WHERE CLAUSES>. It returns an SQL UPDATE function and a list
32eab2da 1913of bind values.
96449e8e 1914See the sections on L</"Inserting and Updating Arrays"> and
1915L</"Inserting and Updating SQL"> for information on how to insert
1916with those data types.
32eab2da 1917
95904db5 1918The optional C<\%options> hash reference may contain additional
1919options to generate the update SQL. Currently supported options
1920are:
1921
1922=over 4
1923
1924=item returning
1925
1926See the C<returning> option to
1927L<insert|/insert($table, \@values || \%fieldvals, \%options)>.
1928
1929=back
1930
96449e8e 1931=head2 select($source, $fields, $where, $order)
32eab2da 1932
9d48860e 1933This returns a SQL SELECT statement and associated list of bind values, as
be21dde3 1934specified by the arguments:
32eab2da 1935
96449e8e 1936=over
32eab2da 1937
96449e8e 1938=item $source
32eab2da 1939
9d48860e 1940Specification of the 'FROM' part of the statement.
96449e8e 1941The argument can be either a plain scalar (interpreted as a table
1942name, will be quoted), or an arrayref (interpreted as a list
1943of table names, joined by commas, quoted), or a scalarref
063097a3 1944(literal SQL, not quoted).
32eab2da 1945
96449e8e 1946=item $fields
32eab2da 1947
9d48860e 1948Specification of the list of fields to retrieve from
96449e8e 1949the source.
1950The argument can be either an arrayref (interpreted as a list
9d48860e 1951of field names, will be joined by commas and quoted), or a
96449e8e 1952plain scalar (literal SQL, not quoted).
521647e7 1953Please observe that this API is not as flexible as that of
1954the first argument C<$source>, for backwards compatibility reasons.
32eab2da 1955
96449e8e 1956=item $where
32eab2da 1957
96449e8e 1958Optional argument to specify the WHERE part of the query.
1959The argument is most often a hashref, but can also be
9d48860e 1960an arrayref or plain scalar --
96449e8e 1961see section L<WHERE clause|/"WHERE CLAUSES"> for details.
32eab2da 1962
96449e8e 1963=item $order
32eab2da 1964
96449e8e 1965Optional argument to specify the ORDER BY part of the query.
9d48860e 1966The argument can be a scalar, a hashref or an arrayref
96449e8e 1967-- see section L<ORDER BY clause|/"ORDER BY CLAUSES">
1968for details.
32eab2da 1969
96449e8e 1970=back
32eab2da 1971
32eab2da 1972
85327cd5 1973=head2 delete($table, \%where, \%options)
32eab2da 1974
86298391 1975This takes a table name and optional hashref L<WHERE clause|/WHERE CLAUSES>.
32eab2da 1976It returns an SQL DELETE statement and list of bind values.
1977
85327cd5 1978The optional C<\%options> hash reference may contain additional
1979options to generate the delete SQL. Currently supported options
1980are:
1981
1982=over 4
1983
1984=item returning
1985
1986See the C<returning> option to
1987L<insert|/insert($table, \@values || \%fieldvals, \%options)>.
1988
1989=back
1990
85783f3c 1991=head2 where(\%where, $order)
32eab2da 1992
1993This is used to generate just the WHERE clause. For example,
1994if you have an arbitrary data structure and know what the
1995rest of your SQL is going to look like, but want an easy way
1996to produce a WHERE clause, use this. It returns an SQL WHERE
1997clause and list of bind values.
1998
32eab2da 1999
2000=head2 values(\%data)
2001
2002This just returns the values from the hash C<%data>, in the same
2003order that would be returned from any of the other above queries.
2004Using this allows you to markedly speed up your queries if you
2005are affecting lots of rows. See below under the L</"PERFORMANCE"> section.
2006
32eab2da 2007=head2 generate($any, 'number', $of, \@data, $struct, \%types)
2008
2009Warning: This is an experimental method and subject to change.
2010
2011This returns arbitrarily generated SQL. It's a really basic shortcut.
2012It will return two different things, depending on return context:
2013
2014 my($stmt, @bind) = $sql->generate('create table', \$table, \@fields);
2015 my $stmt_and_val = $sql->generate('create table', \$table, \@fields);
2016
2017These would return the following:
2018
2019 # First calling form
2020 $stmt = "CREATE TABLE test (?, ?)";
2021 @bind = (field1, field2);
2022
2023 # Second calling form
2024 $stmt_and_val = "CREATE TABLE test (field1, field2)";
2025
2026Depending on what you're trying to do, it's up to you to choose the correct
2027format. In this example, the second form is what you would want.
2028
2029By the same token:
2030
2031 $sql->generate('alter session', { nls_date_format => 'MM/YY' });
2032
2033Might give you:
2034
2035 ALTER SESSION SET nls_date_format = 'MM/YY'
2036
2037You get the idea. Strings get their case twiddled, but everything
2038else remains verbatim.
2039
0da0fe34 2040=head1 EXPORTABLE FUNCTIONS
2041
2042=head2 is_plain_value
2043
2044Determines if the supplied argument is a plain value as understood by this
2045module:
2046
2047=over
2048
2049=item * The value is C<undef>
2050
2051=item * The value is a non-reference
2052
2053=item * The value is an object with stringification overloading
2054
2055=item * The value is of the form C<< { -value => $anything } >>
2056
2057=back
2058
9de2bd86 2059On failure returns C<undef>, on success returns a B<scalar> reference
966200cc 2060to the original supplied argument.
0da0fe34 2061
843a94b5 2062=over
2063
2064=item * Note
2065
2066The stringification overloading detection is rather advanced: it takes
2067into consideration not only the presence of a C<""> overload, but if that
2068fails also checks for enabled
2069L<autogenerated versions of C<"">|overload/Magic Autogeneration>, based
2070on either C<0+> or C<bool>.
2071
2072Unfortunately testing in the field indicates that this
2073detection B<< may tickle a latent bug in perl versions before 5.018 >>,
2074but only when very large numbers of stringifying objects are involved.
2075At the time of writing ( Sep 2014 ) there is no clear explanation of
2076the direct cause, nor is there a manageably small test case that reliably
2077reproduces the problem.
2078
2079If you encounter any of the following exceptions in B<random places within
2080your application stack> - this module may be to blame:
2081
2082 Operation "ne": no method found,
2083 left argument in overloaded package <something>,
2084 right argument in overloaded package <something>
2085
2086or perhaps even
2087
2088 Stub found while resolving method "???" overloading """" in package <something>
2089
2090If you fall victim to the above - please attempt to reduce the problem
2091to something that could be sent to the L<SQL::Abstract developers
1f490ae4 2092|DBIx::Class/GETTING HELP/SUPPORT>
843a94b5 2093(either publicly or privately). As a workaround in the meantime you can
2094set C<$ENV{SQLA_ISVALUE_IGNORE_AUTOGENERATED_STRINGIFICATION}> to a true
2095value, which will most likely eliminate your problem (at the expense of
2096not being able to properly detect exotic forms of stringification).
2097
2098This notice and environment variable will be removed in a future version,
2099as soon as the underlying problem is found and a reliable workaround is
2100devised.
2101
2102=back
2103
0da0fe34 2104=head2 is_literal_value
2105
2106Determines if the supplied argument is a literal value as understood by this
2107module:
2108
2109=over
2110
2111=item * C<\$sql_string>
2112
2113=item * C<\[ $sql_string, @bind_values ]>
2114
0da0fe34 2115=back
2116
9de2bd86 2117On failure returns C<undef>, on success returns an B<array> reference
966200cc 2118containing the unpacked version of the supplied literal SQL and bind values.
0da0fe34 2119
32eab2da 2120=head1 WHERE CLAUSES
2121
96449e8e 2122=head2 Introduction
2123
32eab2da 2124This module uses a variation on the idea from L<DBIx::Abstract>. It
2125is B<NOT>, repeat I<not> 100% compatible. B<The main logic of this
2126module is that things in arrays are OR'ed, and things in hashes
2127are AND'ed.>
2128
2129The easiest way to explain is to show lots of examples. After
2130each C<%where> hash shown, it is assumed you used:
2131
2132 my($stmt, @bind) = $sql->where(\%where);
2133
2134However, note that the C<%where> hash can be used directly in any
2135of the other functions as well, as described above.
2136
96449e8e 2137=head2 Key-value pairs
2138
32eab2da 2139So, let's get started. To begin, a simple hash:
2140
2141 my %where = (
2142 user => 'nwiger',
2143 status => 'completed'
2144 );
2145
2146Is converted to SQL C<key = val> statements:
2147
2148 $stmt = "WHERE user = ? AND status = ?";
2149 @bind = ('nwiger', 'completed');
2150
2151One common thing I end up doing is having a list of values that
2152a field can be in. To do this, simply specify a list inside of
2153an arrayref:
2154
2155 my %where = (
2156 user => 'nwiger',
2157 status => ['assigned', 'in-progress', 'pending'];
2158 );
2159
2160This simple code will create the following:
9d48860e 2161
32eab2da 2162 $stmt = "WHERE user = ? AND ( status = ? OR status = ? OR status = ? )";
2163 @bind = ('nwiger', 'assigned', 'in-progress', 'pending');
2164
9d48860e 2165A field associated to an empty arrayref will be considered a
7cac25e6 2166logical false and will generate 0=1.
8a68b5be 2167
b864ba9b 2168=head2 Tests for NULL values
2169
2170If the value part is C<undef> then this is converted to SQL <IS NULL>
2171
2172 my %where = (
2173 user => 'nwiger',
2174 status => undef,
2175 );
2176
2177becomes:
2178
2179 $stmt = "WHERE user = ? AND status IS NULL";
2180 @bind = ('nwiger');
2181
e9614080 2182To test if a column IS NOT NULL:
2183
2184 my %where = (
2185 user => 'nwiger',
2186 status => { '!=', undef },
2187 );
cc422895 2188
6e0c6552 2189=head2 Specific comparison operators
96449e8e 2190
32eab2da 2191If you want to specify a different type of operator for your comparison,
2192you can use a hashref for a given column:
2193
2194 my %where = (
2195 user => 'nwiger',
2196 status => { '!=', 'completed' }
2197 );
2198
2199Which would generate:
2200
2201 $stmt = "WHERE user = ? AND status != ?";
2202 @bind = ('nwiger', 'completed');
2203
2204To test against multiple values, just enclose the values in an arrayref:
2205
96449e8e 2206 status => { '=', ['assigned', 'in-progress', 'pending'] };
2207
f2d5020d 2208Which would give you:
96449e8e 2209
2210 "WHERE status = ? OR status = ? OR status = ?"
2211
2212
2213The hashref can also contain multiple pairs, in which case it is expanded
32eab2da 2214into an C<AND> of its elements:
2215
2216 my %where = (
2217 user => 'nwiger',
2218 status => { '!=', 'completed', -not_like => 'pending%' }
2219 );
2220
2221 # Or more dynamically, like from a form
2222 $where{user} = 'nwiger';
2223 $where{status}{'!='} = 'completed';
2224 $where{status}{'-not_like'} = 'pending%';
2225
2226 # Both generate this
2227 $stmt = "WHERE user = ? AND status != ? AND status NOT LIKE ?";
2228 @bind = ('nwiger', 'completed', 'pending%');
2229
96449e8e 2230
32eab2da 2231To get an OR instead, you can combine it with the arrayref idea:
2232
2233 my %where => (
2234 user => 'nwiger',
1a6f2a03 2235 priority => [ { '=', 2 }, { '>', 5 } ]
32eab2da 2236 );
2237
2238Which would generate:
2239
1a6f2a03 2240 $stmt = "WHERE ( priority = ? OR priority > ? ) AND user = ?";
2241 @bind = ('2', '5', 'nwiger');
32eab2da 2242
44b9e502 2243If you want to include literal SQL (with or without bind values), just use a
13cc86af 2244scalar reference or reference to an arrayref as the value:
44b9e502 2245
2246 my %where = (
2247 date_entered => { '>' => \["to_date(?, 'MM/DD/YYYY')", "11/26/2008"] },
2248 date_expires => { '<' => \"now()" }
2249 );
2250
2251Which would generate:
2252
13cc86af 2253 $stmt = "WHERE date_entered > to_date(?, 'MM/DD/YYYY') AND date_expires < now()";
44b9e502 2254 @bind = ('11/26/2008');
2255
96449e8e 2256
2257=head2 Logic and nesting operators
2258
2259In the example above,
2260there is a subtle trap if you want to say something like
32eab2da 2261this (notice the C<AND>):
2262
2263 WHERE priority != ? AND priority != ?
2264
2265Because, in Perl you I<can't> do this:
2266
13cc86af 2267 priority => { '!=' => 2, '!=' => 1 }
32eab2da 2268
2269As the second C<!=> key will obliterate the first. The solution
2270is to use the special C<-modifier> form inside an arrayref:
2271
9d48860e 2272 priority => [ -and => {'!=', 2},
96449e8e 2273 {'!=', 1} ]
2274
32eab2da 2275
2276Normally, these would be joined by C<OR>, but the modifier tells it
2277to use C<AND> instead. (Hint: You can use this in conjunction with the
2278C<logic> option to C<new()> in order to change the way your queries
2279work by default.) B<Important:> Note that the C<-modifier> goes
2280B<INSIDE> the arrayref, as an extra first element. This will
2281B<NOT> do what you think it might:
2282
2283 priority => -and => [{'!=', 2}, {'!=', 1}] # WRONG!
2284
2285Here is a quick list of equivalencies, since there is some overlap:
2286
2287 # Same
2288 status => {'!=', 'completed', 'not like', 'pending%' }
2289 status => [ -and => {'!=', 'completed'}, {'not like', 'pending%'}]
2290
2291 # Same
2292 status => {'=', ['assigned', 'in-progress']}
2293 status => [ -or => {'=', 'assigned'}, {'=', 'in-progress'}]
2294 status => [ {'=', 'assigned'}, {'=', 'in-progress'} ]
2295
e3f9dff4 2296
2297
be21dde3 2298=head2 Special operators: IN, BETWEEN, etc.
96449e8e 2299
32eab2da 2300You can also use the hashref format to compare a list of fields using the
2301C<IN> comparison operator, by specifying the list as an arrayref:
2302
2303 my %where = (
2304 status => 'completed',
2305 reportid => { -in => [567, 2335, 2] }
2306 );
2307
2308Which would generate:
2309
2310 $stmt = "WHERE status = ? AND reportid IN (?,?,?)";
2311 @bind = ('completed', '567', '2335', '2');
2312
9d48860e 2313The reverse operator C<-not_in> generates SQL C<NOT IN> and is used in
96449e8e 2314the same way.
2315
6e0c6552 2316If the argument to C<-in> is an empty array, 'sqlfalse' is generated
be21dde3 2317(by default: C<1=0>). Similarly, C<< -not_in => [] >> generates
2318'sqltrue' (by default: C<1=1>).
6e0c6552 2319
e41c3bdd 2320In addition to the array you can supply a chunk of literal sql or
2321literal sql with bind:
6e0c6552 2322
e41c3bdd 2323 my %where = {
2324 customer => { -in => \[
2325 'SELECT cust_id FROM cust WHERE balance > ?',
2326 2000,
2327 ],
2328 status => { -in => \'SELECT status_codes FROM states' },
2329 };
6e0c6552 2330
e41c3bdd 2331would generate:
2332
2333 $stmt = "WHERE (
2334 customer IN ( SELECT cust_id FROM cust WHERE balance > ? )
2335 AND status IN ( SELECT status_codes FROM states )
2336 )";
2337 @bind = ('2000');
2338
0dfd2442 2339Finally, if the argument to C<-in> is not a reference, it will be
2340treated as a single-element array.
e41c3bdd 2341
2342Another pair of operators is C<-between> and C<-not_between>,
96449e8e 2343used with an arrayref of two values:
32eab2da 2344
2345 my %where = (
2346 user => 'nwiger',
2347 completion_date => {
2348 -not_between => ['2002-10-01', '2003-02-06']
2349 }
2350 );
2351
2352Would give you:
2353
2354 WHERE user = ? AND completion_date NOT BETWEEN ( ? AND ? )
2355
e41c3bdd 2356Just like with C<-in> all plausible combinations of literal SQL
2357are possible:
2358
2359 my %where = {
2360 start0 => { -between => [ 1, 2 ] },
2361 start1 => { -between => \["? AND ?", 1, 2] },
2362 start2 => { -between => \"lower(x) AND upper(y)" },
9d48860e 2363 start3 => { -between => [
e41c3bdd 2364 \"lower(x)",
2365 \["upper(?)", 'stuff' ],
2366 ] },
2367 };
2368
2369Would give you:
2370
2371 $stmt = "WHERE (
2372 ( start0 BETWEEN ? AND ? )
2373 AND ( start1 BETWEEN ? AND ? )
2374 AND ( start2 BETWEEN lower(x) AND upper(y) )
2375 AND ( start3 BETWEEN lower(x) AND upper(?) )
2376 )";
2377 @bind = (1, 2, 1, 2, 'stuff');
2378
2379
9d48860e 2380These are the two builtin "special operators"; but the
be21dde3 2381list can be expanded: see section L</"SPECIAL OPERATORS"> below.
96449e8e 2382
59f23b3d 2383=head2 Unary operators: bool
97a920ef 2384
2385If you wish to test against boolean columns or functions within your
2386database you can use the C<-bool> and C<-not_bool> operators. For
2387example to test the column C<is_user> being true and the column
827bb0eb 2388C<is_enabled> being false you would use:-
97a920ef 2389
2390 my %where = (
2391 -bool => 'is_user',
2392 -not_bool => 'is_enabled',
2393 );
2394
2395Would give you:
2396
277b5d3f 2397 WHERE is_user AND NOT is_enabled
97a920ef 2398
0b604e9d 2399If a more complex combination is required, testing more conditions,
2400then you should use the and/or operators:-
2401
2402 my %where = (
2403 -and => [
2404 -bool => 'one',
23401b81 2405 -not_bool => { two=> { -rlike => 'bar' } },
2406 -not_bool => { three => [ { '=', 2 }, { '>', 5 } ] },
0b604e9d 2407 ],
2408 );
2409
2410Would give you:
2411
23401b81 2412 WHERE
2413 one
2414 AND
2415 (NOT two RLIKE ?)
2416 AND
2417 (NOT ( three = ? OR three > ? ))
97a920ef 2418
2419
107b72f1 2420=head2 Nested conditions, -and/-or prefixes
96449e8e 2421
32eab2da 2422So far, we've seen how multiple conditions are joined with a top-level
2423C<AND>. We can change this by putting the different conditions we want in
2424hashes and then putting those hashes in an array. For example:
2425
2426 my @where = (
2427 {
2428 user => 'nwiger',
2429 status => { -like => ['pending%', 'dispatched'] },
2430 },
2431 {
2432 user => 'robot',
2433 status => 'unassigned',
2434 }
2435 );
2436
2437This data structure would create the following:
2438
2439 $stmt = "WHERE ( user = ? AND ( status LIKE ? OR status LIKE ? ) )
2440 OR ( user = ? AND status = ? ) )";
2441 @bind = ('nwiger', 'pending', 'dispatched', 'robot', 'unassigned');
2442
107b72f1 2443
48d9f5f8 2444Clauses in hashrefs or arrayrefs can be prefixed with an C<-and> or C<-or>
be21dde3 2445to change the logic inside:
32eab2da 2446
2447 my @where = (
2448 -and => [
2449 user => 'nwiger',
48d9f5f8 2450 [
2451 -and => [ workhrs => {'>', 20}, geo => 'ASIA' ],
2452 -or => { workhrs => {'<', 50}, geo => 'EURO' },
32eab2da 2453 ],
2454 ],
2455 );
2456
2457That would yield:
2458
13cc86af 2459 $stmt = "WHERE ( user = ?
2460 AND ( ( workhrs > ? AND geo = ? )
2461 OR ( workhrs < ? OR geo = ? ) ) )";
2462 @bind = ('nwiger', '20', 'ASIA', '50', 'EURO');
107b72f1 2463
cc422895 2464=head3 Algebraic inconsistency, for historical reasons
107b72f1 2465
7cac25e6 2466C<Important note>: when connecting several conditions, the C<-and->|C<-or>
2467operator goes C<outside> of the nested structure; whereas when connecting
2468several constraints on one column, the C<-and> operator goes
be21dde3 2469C<inside> the arrayref. Here is an example combining both features:
7cac25e6 2470
2471 my @where = (
2472 -and => [a => 1, b => 2],
2473 -or => [c => 3, d => 4],
2474 e => [-and => {-like => 'foo%'}, {-like => '%bar'} ]
2475 )
2476
2477yielding
2478
9d48860e 2479 WHERE ( ( ( a = ? AND b = ? )
2480 OR ( c = ? OR d = ? )
7cac25e6 2481 OR ( e LIKE ? AND e LIKE ? ) ) )
2482
107b72f1 2483This difference in syntax is unfortunate but must be preserved for
be21dde3 2484historical reasons. So be careful: the two examples below would
107b72f1 2485seem algebraically equivalent, but they are not
2486
a948b1fe 2487 { col => [ -and =>
2488 { -like => 'foo%' },
2489 { -like => '%bar' },
2490 ] }
be21dde3 2491 # yields: WHERE ( ( col LIKE ? AND col LIKE ? ) )
107b72f1 2492
a948b1fe 2493 [ -and =>
2494 { col => { -like => 'foo%' } },
2495 { col => { -like => '%bar' } },
2496 ]
be21dde3 2497 # yields: WHERE ( ( col LIKE ? OR col LIKE ? ) )
107b72f1 2498
7cac25e6 2499
cc422895 2500=head2 Literal SQL and value type operators
96449e8e 2501
cc422895 2502The basic premise of SQL::Abstract is that in WHERE specifications the "left
2503side" is a column name and the "right side" is a value (normally rendered as
2504a placeholder). This holds true for both hashrefs and arrayref pairs as you
2505see in the L</WHERE CLAUSES> examples above. Sometimes it is necessary to
2506alter this behavior. There are several ways of doing so.
e9614080 2507
cc422895 2508=head3 -ident
2509
2510This is a virtual operator that signals the string to its right side is an
2511identifier (a column name) and not a value. For example to compare two
2512columns you would write:
32eab2da 2513
e9614080 2514 my %where = (
2515 priority => { '<', 2 },
cc422895 2516 requestor => { -ident => 'submitter' },
e9614080 2517 );
2518
2519which creates:
2520
2521 $stmt = "WHERE priority < ? AND requestor = submitter";
2522 @bind = ('2');
2523
cc422895 2524If you are maintaining legacy code you may see a different construct as
2525described in L</Deprecated usage of Literal SQL>, please use C<-ident> in new
2526code.
2527
2528=head3 -value
e9614080 2529
cc422895 2530This is a virtual operator that signals that the construct to its right side
2531is a value to be passed to DBI. This is for example necessary when you want
2532to write a where clause against an array (for RDBMS that support such
2533datatypes). For example:
e9614080 2534
32eab2da 2535 my %where = (
cc422895 2536 array => { -value => [1, 2, 3] }
32eab2da 2537 );
2538
cc422895 2539will result in:
32eab2da 2540
cc422895 2541 $stmt = 'WHERE array = ?';
2542 @bind = ([1, 2, 3]);
32eab2da 2543
cc422895 2544Note that if you were to simply say:
32eab2da 2545
2546 my %where = (
cc422895 2547 array => [1, 2, 3]
32eab2da 2548 );
2549
3af02ccb 2550the result would probably not be what you wanted:
cc422895 2551
2552 $stmt = 'WHERE array = ? OR array = ? OR array = ?';
2553 @bind = (1, 2, 3);
2554
2555=head3 Literal SQL
96449e8e 2556
cc422895 2557Finally, sometimes only literal SQL will do. To include a random snippet
2558of SQL verbatim, you specify it as a scalar reference. Consider this only
2559as a last resort. Usually there is a better way. For example:
96449e8e 2560
2561 my %where = (
cc422895 2562 priority => { '<', 2 },
2563 requestor => { -in => \'(SELECT name FROM hitmen)' },
96449e8e 2564 );
2565
cc422895 2566Would create:
96449e8e 2567
cc422895 2568 $stmt = "WHERE priority < ? AND requestor IN (SELECT name FROM hitmen)"
2569 @bind = (2);
2570
2571Note that in this example, you only get one bind parameter back, since
2572the verbatim SQL is passed as part of the statement.
2573
2574=head4 CAVEAT
2575
2576 Never use untrusted input as a literal SQL argument - this is a massive
2577 security risk (there is no way to check literal snippets for SQL
2578 injections and other nastyness). If you need to deal with untrusted input
2579 use literal SQL with placeholders as described next.
96449e8e 2580
cc422895 2581=head3 Literal SQL with placeholders and bind values (subqueries)
96449e8e 2582
2583If the literal SQL to be inserted has placeholders and bind values,
2584use a reference to an arrayref (yes this is a double reference --
2585not so common, but perfectly legal Perl). For example, to find a date
2586in Postgres you can use something like this:
2587
2588 my %where = (
3ae1c5e2 2589 date_column => \[ "= date '2008-09-30' - ?::integer", 10 ]
96449e8e 2590 )
2591
2592This would create:
2593
d2a8fe1a 2594 $stmt = "WHERE ( date_column = date '2008-09-30' - ?::integer )"
96449e8e 2595 @bind = ('10');
2596
deb148a2 2597Note that you must pass the bind values in the same format as they are returned
85783f3c 2598by L<where|/where(\%where, $order)>. This means that if you set L</bindtype>
1f490ae4 2599to C<columns>, you must provide the bind values in the
2600C<< [ column_meta => value ] >> format, where C<column_meta> is an opaque
2601scalar value; most commonly the column name, but you can use any scalar value
2602(including references and blessed references), L<SQL::Abstract> will simply
2603pass it through intact. So if C<bindtype> is set to C<columns> the above
2604example will look like:
deb148a2 2605
2606 my %where = (
3ae1c5e2 2607 date_column => \[ "= date '2008-09-30' - ?::integer", [ {} => 10 ] ]
deb148a2 2608 )
96449e8e 2609
2610Literal SQL is especially useful for nesting parenthesized clauses in the
be21dde3 2611main SQL query. Here is a first example:
96449e8e 2612
2613 my ($sub_stmt, @sub_bind) = ("SELECT c1 FROM t1 WHERE c2 < ? AND c3 LIKE ?",
2614 100, "foo%");
2615 my %where = (
2616 foo => 1234,
2617 bar => \["IN ($sub_stmt)" => @sub_bind],
2618 );
2619
be21dde3 2620This yields:
96449e8e 2621
9d48860e 2622 $stmt = "WHERE (foo = ? AND bar IN (SELECT c1 FROM t1
96449e8e 2623 WHERE c2 < ? AND c3 LIKE ?))";
2624 @bind = (1234, 100, "foo%");
2625
9d48860e 2626Other subquery operators, like for example C<"E<gt> ALL"> or C<"NOT IN">,
96449e8e 2627are expressed in the same way. Of course the C<$sub_stmt> and
9d48860e 2628its associated bind values can be generated through a former call
96449e8e 2629to C<select()> :
2630
2631 my ($sub_stmt, @sub_bind)
9d48860e 2632 = $sql->select("t1", "c1", {c2 => {"<" => 100},
96449e8e 2633 c3 => {-like => "foo%"}});
2634 my %where = (
2635 foo => 1234,
2636 bar => \["> ALL ($sub_stmt)" => @sub_bind],
2637 );
2638
2639In the examples above, the subquery was used as an operator on a column;
9d48860e 2640but the same principle also applies for a clause within the main C<%where>
be21dde3 2641hash, like an EXISTS subquery:
96449e8e 2642
9d48860e 2643 my ($sub_stmt, @sub_bind)
96449e8e 2644 = $sql->select("t1", "*", {c1 => 1, c2 => \"> t0.c0"});
48d9f5f8 2645 my %where = ( -and => [
96449e8e 2646 foo => 1234,
48d9f5f8 2647 \["EXISTS ($sub_stmt)" => @sub_bind],
2648 ]);
96449e8e 2649
2650which yields
2651
9d48860e 2652 $stmt = "WHERE (foo = ? AND EXISTS (SELECT * FROM t1
96449e8e 2653 WHERE c1 = ? AND c2 > t0.c0))";
2654 @bind = (1234, 1);
2655
2656
9d48860e 2657Observe that the condition on C<c2> in the subquery refers to
be21dde3 2658column C<t0.c0> of the main query: this is I<not> a bind
9d48860e 2659value, so we have to express it through a scalar ref.
96449e8e 2660Writing C<< c2 => {">" => "t0.c0"} >> would have generated
2661C<< c2 > ? >> with bind value C<"t0.c0"> ... not exactly
2662what we wanted here.
2663
96449e8e 2664Finally, here is an example where a subquery is used
2665for expressing unary negation:
2666
9d48860e 2667 my ($sub_stmt, @sub_bind)
96449e8e 2668 = $sql->where({age => [{"<" => 10}, {">" => 20}]});
2669 $sub_stmt =~ s/^ where //i; # don't want "WHERE" in the subclause
2670 my %where = (
2671 lname => {like => '%son%'},
48d9f5f8 2672 \["NOT ($sub_stmt)" => @sub_bind],
96449e8e 2673 );
2674
2675This yields
2676
2677 $stmt = "lname LIKE ? AND NOT ( age < ? OR age > ? )"
2678 @bind = ('%son%', 10, 20)
2679
cc422895 2680=head3 Deprecated usage of Literal SQL
2681
2682Below are some examples of archaic use of literal SQL. It is shown only as
2683reference for those who deal with legacy code. Each example has a much
2684better, cleaner and safer alternative that users should opt for in new code.
2685
2686=over
2687
2688=item *
2689
2690 my %where = ( requestor => \'IS NOT NULL' )
2691
2692 $stmt = "WHERE requestor IS NOT NULL"
2693
2694This used to be the way of generating NULL comparisons, before the handling
2695of C<undef> got formalized. For new code please use the superior syntax as
2696described in L</Tests for NULL values>.
96449e8e 2697
cc422895 2698=item *
2699
2700 my %where = ( requestor => \'= submitter' )
2701
2702 $stmt = "WHERE requestor = submitter"
2703
2704This used to be the only way to compare columns. Use the superior L</-ident>
2705method for all new code. For example an identifier declared in such a way
2706will be properly quoted if L</quote_char> is properly set, while the legacy
2707form will remain as supplied.
2708
2709=item *
2710
2711 my %where = ( is_ready => \"", completed => { '>', '2012-12-21' } )
2712
2713 $stmt = "WHERE completed > ? AND is_ready"
2714 @bind = ('2012-12-21')
2715
2716Using an empty string literal used to be the only way to express a boolean.
2717For all new code please use the much more readable
2718L<-bool|/Unary operators: bool> operator.
2719
2720=back
96449e8e 2721
2722=head2 Conclusion
2723
32eab2da 2724These pages could go on for a while, since the nesting of the data
2725structures this module can handle are pretty much unlimited (the
2726module implements the C<WHERE> expansion as a recursive function
2727internally). Your best bet is to "play around" with the module a
2728little to see how the data structures behave, and choose the best
2729format for your data based on that.
2730
2731And of course, all the values above will probably be replaced with
2732variables gotten from forms or the command line. After all, if you
2733knew everything ahead of time, you wouldn't have to worry about
2734dynamically-generating SQL and could just hardwire it into your
2735script.
2736
86298391 2737=head1 ORDER BY CLAUSES
2738
9d48860e 2739Some functions take an order by clause. This can either be a scalar (just a
18710f60 2740column name), a hashref of C<< { -desc => 'col' } >> or C<< { -asc => 'col' }
2741>>, a scalarref, an arrayref-ref, or an arrayref of any of the previous
2742forms. Examples:
1cfa1db3 2743
8c15b421 2744 Given | Will Generate
18710f60 2745 ---------------------------------------------------------------
8c15b421 2746 |
2747 'colA' | ORDER BY colA
2748 |
2749 [qw/colA colB/] | ORDER BY colA, colB
2750 |
2751 {-asc => 'colA'} | ORDER BY colA ASC
2752 |
2753 {-desc => 'colB'} | ORDER BY colB DESC
2754 |
2755 ['colA', {-asc => 'colB'}] | ORDER BY colA, colB ASC
2756 |
2757 { -asc => [qw/colA colB/] } | ORDER BY colA ASC, colB ASC
2758 |
2759 \'colA DESC' | ORDER BY colA DESC
2760 |
2761 \[ 'FUNC(colA, ?)', $x ] | ORDER BY FUNC(colA, ?)
2762 | /* ...with $x bound to ? */
2763 |
bd805d85 2764 [ | ORDER BY
2765 { -asc => 'colA' }, | colA ASC,
2766 { -desc => [qw/colB/] }, | colB DESC,
2767 { -asc => [qw/colC colD/] },| colC ASC, colD ASC,
2768 \'colE DESC', | colE DESC,
2769 \[ 'FUNC(colF, ?)', $x ], | FUNC(colF, ?)
2770 ] | /* ...with $x bound to ? */
18710f60 2771 ===============================================================
86298391 2772
96449e8e 2773
2774
2775=head1 SPECIAL OPERATORS
2776
e3f9dff4 2777 my $sqlmaker = SQL::Abstract->new(special_ops => [
3a2e1a5e 2778 {
2779 regex => qr/.../,
e3f9dff4 2780 handler => sub {
2781 my ($self, $field, $op, $arg) = @_;
2782 ...
3a2e1a5e 2783 },
2784 },
2785 {
2786 regex => qr/.../,
2787 handler => 'method_name',
e3f9dff4 2788 },
2789 ]);
2790
9d48860e 2791A "special operator" is a SQL syntactic clause that can be
e3f9dff4 2792applied to a field, instead of a usual binary operator.
be21dde3 2793For example:
e3f9dff4 2794
2795 WHERE field IN (?, ?, ?)
2796 WHERE field BETWEEN ? AND ?
2797 WHERE MATCH(field) AGAINST (?, ?)
96449e8e 2798
e3f9dff4 2799Special operators IN and BETWEEN are fairly standard and therefore
3a2e1a5e 2800are builtin within C<SQL::Abstract> (as the overridable methods
2801C<_where_field_IN> and C<_where_field_BETWEEN>). For other operators,
2802like the MATCH .. AGAINST example above which is specific to MySQL,
2803you can write your own operator handlers - supply a C<special_ops>
2804argument to the C<new> method. That argument takes an arrayref of
2805operator definitions; each operator definition is a hashref with two
2806entries:
96449e8e 2807
e3f9dff4 2808=over
2809
2810=item regex
2811
2812the regular expression to match the operator
96449e8e 2813
e3f9dff4 2814=item handler
2815
3a2e1a5e 2816Either a coderef or a plain scalar method name. In both cases
2817the expected return is C<< ($sql, @bind) >>.
2818
2819When supplied with a method name, it is simply called on the
13cc86af 2820L<SQL::Abstract> object as:
3a2e1a5e 2821
ca4f826a 2822 $self->$method_name($field, $op, $arg)
3a2e1a5e 2823
2824 Where:
2825
3a2e1a5e 2826 $field is the LHS of the operator
13cc86af 2827 $op is the part that matched the handler regex
3a2e1a5e 2828 $arg is the RHS
2829
2830When supplied with a coderef, it is called as:
2831
2832 $coderef->($self, $field, $op, $arg)
2833
e3f9dff4 2834
2835=back
2836
9d48860e 2837For example, here is an implementation
e3f9dff4 2838of the MATCH .. AGAINST syntax for MySQL
2839
2840 my $sqlmaker = SQL::Abstract->new(special_ops => [
9d48860e 2841
e3f9dff4 2842 # special op for MySql MATCH (field) AGAINST(word1, word2, ...)
9d48860e 2843 {regex => qr/^match$/i,
e3f9dff4 2844 handler => sub {
2845 my ($self, $field, $op, $arg) = @_;
2846 $arg = [$arg] if not ref $arg;
2847 my $label = $self->_quote($field);
2848 my ($placeholder) = $self->_convert('?');
2849 my $placeholders = join ", ", (($placeholder) x @$arg);
2850 my $sql = $self->_sqlcase('match') . " ($label) "
2851 . $self->_sqlcase('against') . " ($placeholders) ";
2852 my @bind = $self->_bindtype($field, @$arg);
2853 return ($sql, @bind);
2854 }
2855 },
9d48860e 2856
e3f9dff4 2857 ]);
96449e8e 2858
2859
59f23b3d 2860=head1 UNARY OPERATORS
2861
112b5232 2862 my $sqlmaker = SQL::Abstract->new(unary_ops => [
59f23b3d 2863 {
2864 regex => qr/.../,
2865 handler => sub {
2866 my ($self, $op, $arg) = @_;
2867 ...
2868 },
2869 },
2870 {
2871 regex => qr/.../,
2872 handler => 'method_name',
2873 },
2874 ]);
2875
9d48860e 2876A "unary operator" is a SQL syntactic clause that can be
59f23b3d 2877applied to a field - the operator goes before the field
2878
2879You can write your own operator handlers - supply a C<unary_ops>
2880argument to the C<new> method. That argument takes an arrayref of
2881operator definitions; each operator definition is a hashref with two
2882entries:
2883
2884=over
2885
2886=item regex
2887
2888the regular expression to match the operator
2889
2890=item handler
2891
2892Either a coderef or a plain scalar method name. In both cases
2893the expected return is C<< $sql >>.
2894
2895When supplied with a method name, it is simply called on the
13cc86af 2896L<SQL::Abstract> object as:
59f23b3d 2897
ca4f826a 2898 $self->$method_name($op, $arg)
59f23b3d 2899
2900 Where:
2901
2902 $op is the part that matched the handler regex
2903 $arg is the RHS or argument of the operator
2904
2905When supplied with a coderef, it is called as:
2906
2907 $coderef->($self, $op, $arg)
2908
2909
2910=back
2911
2912
32eab2da 2913=head1 PERFORMANCE
2914
2915Thanks to some benchmarking by Mark Stosberg, it turns out that
2916this module is many orders of magnitude faster than using C<DBIx::Abstract>.
2917I must admit this wasn't an intentional design issue, but it's a
2918byproduct of the fact that you get to control your C<DBI> handles
2919yourself.
2920
2921To maximize performance, use a code snippet like the following:
2922
2923 # prepare a statement handle using the first row
2924 # and then reuse it for the rest of the rows
2925 my($sth, $stmt);
2926 for my $href (@array_of_hashrefs) {
2927 $stmt ||= $sql->insert('table', $href);
2928 $sth ||= $dbh->prepare($stmt);
2929 $sth->execute($sql->values($href));
2930 }
2931
2932The reason this works is because the keys in your C<$href> are sorted
2933internally by B<SQL::Abstract>. Thus, as long as your data retains
2934the same structure, you only have to generate the SQL the first time
2935around. On subsequent queries, simply use the C<values> function provided
2936by this module to return your values in the correct order.
2937
b864ba9b 2938However this depends on the values having the same type - if, for
2939example, the values of a where clause may either have values
2940(resulting in sql of the form C<column = ?> with a single bind
2941value), or alternatively the values might be C<undef> (resulting in
2942sql of the form C<column IS NULL> with no bind value) then the
2943caching technique suggested will not work.
96449e8e 2944
32eab2da 2945=head1 FORMBUILDER
2946
2947If you use my C<CGI::FormBuilder> module at all, you'll hopefully
2948really like this part (I do, at least). Building up a complex query
2949can be as simple as the following:
2950
2951 #!/usr/bin/perl
2952
46dc2f3e 2953 use warnings;
2954 use strict;
2955
32eab2da 2956 use CGI::FormBuilder;
2957 use SQL::Abstract;
2958
2959 my $form = CGI::FormBuilder->new(...);
2960 my $sql = SQL::Abstract->new;
2961
2962 if ($form->submitted) {
2963 my $field = $form->field;
2964 my $id = delete $field->{id};
2965 my($stmt, @bind) = $sql->update('table', $field, {id => $id});
2966 }
2967
2968Of course, you would still have to connect using C<DBI> to run the
2969query, but the point is that if you make your form look like your
2970table, the actual query script can be extremely simplistic.
2971
2972If you're B<REALLY> lazy (I am), check out C<HTML::QuickTable> for
9d48860e 2973a fast interface to returning and formatting data. I frequently
32eab2da 2974use these three modules together to write complex database query
2975apps in under 50 lines.
2976
af733667 2977=head1 HOW TO CONTRIBUTE
2978
2979Contributions are always welcome, in all usable forms (we especially
2980welcome documentation improvements). The delivery methods include git-
2981or unified-diff formatted patches, GitHub pull requests, or plain bug
2982reports either via RT or the Mailing list. Contributors are generally
2983granted full access to the official repository after their first several
2984patches pass successful review.
2985
2986This project is maintained in a git repository. The code and related tools are
2987accessible at the following locations:
d8cc1792 2988
2989=over
2990
af733667 2991=item * Official repo: L<git://git.shadowcat.co.uk/dbsrgits/SQL-Abstract.git>
2992
2993=item * Official gitweb: L<http://git.shadowcat.co.uk/gitweb/gitweb.cgi?p=dbsrgits/SQL-Abstract.git>
2994
2995=item * GitHub mirror: L<https://github.com/dbsrgits/sql-abstract>
d8cc1792 2996
af733667 2997=item * Authorized committers: L<ssh://dbsrgits@git.shadowcat.co.uk/SQL-Abstract.git>
d8cc1792 2998
2999=back
32eab2da 3000
96449e8e 3001=head1 CHANGES
3002
3003Version 1.50 was a major internal refactoring of C<SQL::Abstract>.
3004Great care has been taken to preserve the I<published> behavior
3005documented in previous versions in the 1.* family; however,
9d48860e 3006some features that were previously undocumented, or behaved
96449e8e 3007differently from the documentation, had to be changed in order
3008to clarify the semantics. Hence, client code that was relying
9d48860e 3009on some dark areas of C<SQL::Abstract> v1.*
96449e8e 3010B<might behave differently> in v1.50.
32eab2da 3011
be21dde3 3012The main changes are:
d2a8fe1a 3013
96449e8e 3014=over
32eab2da 3015
9d48860e 3016=item *
32eab2da 3017
3ae1c5e2 3018support for literal SQL through the C<< \ [ $sql, @bind ] >> syntax.
96449e8e 3019
3020=item *
3021
145fbfc8 3022support for the { operator => \"..." } construct (to embed literal SQL)
3023
3024=item *
3025
9c37b9c0 3026support for the { operator => \["...", @bind] } construct (to embed literal SQL with bind values)
3027
3028=item *
3029
96449e8e 3030optional support for L<array datatypes|/"Inserting and Updating Arrays">
3031
9d48860e 3032=item *
96449e8e 3033
be21dde3 3034defensive programming: check arguments
96449e8e 3035
3036=item *
3037
3038fixed bug with global logic, which was previously implemented
7cac25e6 3039through global variables yielding side-effects. Prior versions would
96449e8e 3040interpret C<< [ {cond1, cond2}, [cond3, cond4] ] >>
3041as C<< "(cond1 AND cond2) OR (cond3 AND cond4)" >>.
3042Now this is interpreted
3043as C<< "(cond1 AND cond2) OR (cond3 OR cond4)" >>.
3044
96449e8e 3045
3046=item *
3047
3048fixed semantics of _bindtype on array args
3049
9d48860e 3050=item *
96449e8e 3051
3052dropped the C<_anoncopy> of the %where tree. No longer necessary,
3053we just avoid shifting arrays within that tree.
3054
3055=item *
3056
3057dropped the C<_modlogic> function
3058
3059=back
32eab2da 3060
32eab2da 3061=head1 ACKNOWLEDGEMENTS
3062
3063There are a number of individuals that have really helped out with
3064this module. Unfortunately, most of them submitted bugs via CPAN
3065so I have no idea who they are! But the people I do know are:
3066
9d48860e 3067 Ash Berlin (order_by hash term support)
b643abe1 3068 Matt Trout (DBIx::Class support)
32eab2da 3069 Mark Stosberg (benchmarking)
3070 Chas Owens (initial "IN" operator support)
3071 Philip Collins (per-field SQL functions)
3072 Eric Kolve (hashref "AND" support)
3073 Mike Fragassi (enhancements to "BETWEEN" and "LIKE")
3074 Dan Kubb (support for "quote_char" and "name_sep")
f5aab26e 3075 Guillermo Roditi (patch to cleanup "IN" and "BETWEEN", fix and tests for _order_by)
48d9f5f8 3076 Laurent Dami (internal refactoring, extensible list of special operators, literal SQL)
dbdf7648 3077 Norbert Buchmuller (support for literal SQL in hashpair, misc. fixes & tests)
e96c510a 3078 Peter Rabbitson (rewrite of SQLA::Test, misc. fixes & tests)
02288357 3079 Oliver Charles (support for "RETURNING" after "INSERT")
32eab2da 3080
3081Thanks!
3082
32eab2da 3083=head1 SEE ALSO
3084
86298391 3085L<DBIx::Class>, L<DBIx::Abstract>, L<CGI::FormBuilder>, L<HTML::QuickTable>.
32eab2da 3086
32eab2da 3087=head1 AUTHOR
3088
b643abe1 3089Copyright (c) 2001-2007 Nathan Wiger <nwiger@cpan.org>. All Rights Reserved.
3090
3091This module is actively maintained by Matt Trout <mst@shadowcatsystems.co.uk>
32eab2da 3092
abe72f94 3093For support, your best bet is to try the C<DBIx::Class> users mailing list.
3094While not an official support venue, C<DBIx::Class> makes heavy use of
3095C<SQL::Abstract>, and as such list members there are very familiar with
3096how to create queries.
3097
0d067ded 3098=head1 LICENSE
3099
d988ab87 3100This module is free software; you may copy this under the same
3101terms as perl itself (either the GNU General Public License or
3102the Artistic License)
32eab2da 3103
3104=cut
Unnamed repository; edit this file 'description' to name the repository.