Gantry::Utils::SQL - SQL routines.


 my $sql = Gantry::Utils::SQL->new();

 $sql_boolean = $sql->sql_bool( $string );

 $sql = $sql->sql_insert( $table, %vals );

 $sql_number = $sql->sql_num( $number );
 $sql_string = $sql->sql_str( $string );
 $sql = $sql->sql_update( $table, $clause, %vals );
 $sql_quoted = $sql->sql_quote( $string );


This module supplies easy ways to make strings sql safe as well as allowing the creation of sql commands. All of these commands should work with any database as they do not do anything database specfic, well as far as I know anyways.



Standard constructor. Call it first to gain a helper through which to call the other methods. Pass it nothing.

$sql_boolean = $sql_helper->sql_bool( $string )

This function takes a string and returns either TRUE or FALSE depending on whether or not the function thinks it's true or not. True is defined as containing any of the following, 't', 'y', '1', or after the false test if the string is defined. False is defined as 'f', 'n' or '0'. Defined and not false is true, and not defined is false. Hopefully this is fairly confusing.

$sql = $sql_helper->sql_insert( $table, %vals )

This function takes the table to insert into $table', and the information to insert into said table, %vals. The function will build an insert statement based on this information. The %vals variable should contain the keys corrisponding to the columns in the database where the values should be the values to insert into those fields. The function will return, hopefully, a valid sql insert string.

$sql_number = $sql_helper->sql_num( $number )

This function takes a number, $number, and quotes it in such a way as it may be used in a sql call safely. It handles anything that is a number at all. A properly quoted number is return, including the quotes.

$sql_string = $sql_helper->sql_str( $string )

This function takes a string, $string, and quotes in in such a way as it may be used safely in a sql call. The string is then returned, including the quotes arround it.

$sql = $sql_helper->sql_update( $table, $clause, %vals )

This function creates a valid sql update string. It is identical in form to the sql_insert() function save it takes a where clause, $clause. The clause must contain a valid test against the database, in a pinch use a where clause that will always return true. The 'WHERE' in the clause need not be supplied as it is assumed and alwas inserted into the update string. A valid sql update string is returned, hopefully anyways.

$sql_quoted = $sql_helper->sql_quote( $string )

This function works the same way as sql_str() save it doesn't really care what it opperates on. A properly quoted version of whatever is passed in is returned.


Gantry(3), Gantry::Utils::DB(3)


There is no sql_date function, which there probably should be.

The quoting method has been tested with Postgresql.


Tim Keefer <> Nicholas Studt <>


Copyright (c) 2006, Tim Keefer.

This library is free software; you can redistribute it and/or modify it under the same terms as Perl itself, either Perl version 5.8.6 or, at your option, any later version of Perl 5 you may have available.