<!-- $Header: /cvsroot/pgsql/doc/src/sgml/plperl.sgml,v 2.18 2002/09/21 18:32:53 petere Exp $ --> <chapter id="plperl"> <title>PL/Perl - Perl Procedural Language</title> <indexterm zone="plperl"> <primary>PL/Perl</primary> </indexterm> <indexterm zone="plperl"> <primary>Perl</primary> </indexterm> <para> PL/Perl is a loadable procedural language that enables you to write <productname>PostgreSQL</productname> functions in the <ulink url="http://www.perl.com">Perl</ulink> programming language. </para> <para> To install PL/Perl in a particular database, use <literal>createlang plperl <replaceable>dbname</></literal>. </para> <tip> <para> If a language is installed into <literal>template1</>, all subsequently created databases will have the language installed automatically. </para> </tip> <note> <para> Users of source packages must specially enable the build of PL/Perl during the installation process (refer to the installation instructions for more information). Users of binary packages might find PL/Perl in a separate subpackage. </para> </note> <sect1 id="plperl-funcs"> <title>PL/Perl Functions and Arguments</title> <para> To create a function in the PL/Perl language, use the standard syntax: <programlisting> CREATE FUNCTION <replaceable>funcname</replaceable> (<replaceable>argument-types</replaceable>) RETURNS <replaceable>return-type</replaceable> AS ' # PL/Perl function body ' LANGUAGE plperl; </programlisting> The body of the function is ordinary Perl code. </para> <para> Arguments and results are handled as in any other Perl subroutine: Arguments are passed in <varname>@_</varname>, and a result value is returned with <literal>return</> or as the last expression evaluated in the function. For example, a function returning the greater of two integer values could be defined as: <programlisting> CREATE FUNCTION perl_max (integer, integer) RETURNS integer AS ' if ($_[0] > $_[1]) { return $_[0]; } return $_[1]; ' LANGUAGE plperl; </programlisting> </para> <para> If an SQL null value is passed to a function, the argument value will appear as <quote>undefined</> in Perl. The above function definition will not behave very nicely with null inputs (in fact, it will act as though they are zeroes). We could add <literal>STRICT</> to the function definition to make <productname>PostgreSQL</productname> do something more reasonable: if a null value is passed, the function will not be called at all, but will just return a null result automatically. Alternatively, we could check for undefined inputs in the function body. For example, suppose that we wanted <function>perl_max</function> with one null and one non-null argument to return the non-null argument, rather than a null value: <programlisting> CREATE FUNCTION perl_max (integer, integer) RETURNS integer AS ' my ($a,$b) = @_; if (! defined $a) { if (! defined $b) { return undef; } return $b; } if (! defined $b) { return $a; } if ($a > $b) { return $a; } return $b; ' LANGUAGE plperl; </programlisting> </para> <para> As shown above, to return an SQL null value from a PL/Perl function, return an undefined value. This can be done whether the function is strict or not. </para> <para> Composite-type arguments are passed to the function as references to hashes. The keys of the hash are the attribute names of the composite type. Here is an example: <programlisting> CREATE TABLE employee ( name text, basesalary integer, bonus integer ); CREATE FUNCTION empcomp(employee) RETURNS integer AS ' my ($emp) = @_; return $emp->{''basesalary''} + $emp->{''bonus''}; ' LANGUAGE plperl; SELECT name, empcomp(employee) FROM employee; </programlisting> </para> <para> There is currently no support for returning a composite-type result value. </para> <tip> <para> Because the function body is passed as an SQL string literal to <command>CREATE FUNCTION</command>, you have to escape single quotes and backslashes within your Perl source, typically by doubling them as shown in the above example. Another possible approach is to avoid writing single quotes by using Perl's extended quoting operators (<literal>q[]</literal>, <literal>qq[]</literal>, <literal>qw[]</literal>). </para> </tip> </sect1> <sect1 id="plperl-data"> <title>Data Values in PL/Perl</title> <para> The argument values supplied to a PL/Perl function's script are simply the input arguments converted to text form (just as if they had been displayed by a <literal>SELECT</literal> statement). Conversely, the <literal>return</> command will accept any string that is acceptable input format for the function's declared return type. So, the PL/Perl programmer can manipulate data values as if they were just text. </para> </sect1> <sect1 id="plperl-database"> <title>Database Access from PL/Perl</title> <para> Access to the database itself from your Perl function can be done via an experimental module <ulink url="http://www.cpan.org/modules/by-module/DBD/APILOS/"><literal>DBD::PgSPI</literal></ulink> (also available at <ulink url="http://www.cpan.org/SITES.html"><acronym>CPAN</> mirror sites</ulink>). This module makes available a <acronym>DBI</>-compliant database-handle named <varname>$pg_dbh</varname> that can be used to perform queries with normal <acronym>DBI</> syntax. </para> <para> PL/Perl itself presently provides only one additional Perl command: <variablelist> <varlistentry> <indexterm> <primary>elog</primary> <secondary>PL/Perl</secondary> </indexterm> <term><function>elog</> <replaceable>level</replaceable>, <replaceable>msg</replaceable></term> <listitem> <para> Emit a log or error message. Possible levels are <literal>DEBUG</>, <literal>LOG</>, <literal>INFO</>, <literal>NOTICE</>, <literal>WARNING</>, and <literal>ERROR</>. <literal>ERROR</> raises an error condition: further execution of the function is abandoned, and the current transaction is aborted. </para> </listitem> </varlistentry> </variablelist> </para> </sect1> <sect1 id="plperl-trusted"> <title>Trusted and Untrusted PL/Perl</title> <para> Normally, PL/Perl is installed as a <quote>trusted</> programming language named <literal>plperl</>. In this setup, certain Perl operations are disabled to preserve security. In general, the operations that are restricted are those that interact with the environment. This includes file handle operations, <literal>require</literal>, and <literal>use</literal> (for external modules). There is no way to access internals of the database backend process or to gain OS-level access with the permissions of the <productname>PostgreSQL</productname> user ID, as a C function can do. Thus, any unprivileged database user may be permitted to use this language. </para> <para> Here is an example of a function that will not work because file system operations are not allowed for security reasons: <programlisting> CREATE FUNCTION badfunc() RETURNS integer AS ' open(TEMP, ">/tmp/badfile"); print TEMP "Gotcha!\n"; return 1; ' LANGUAGE plperl; </programlisting> The creation of the function will succeed, but executing it will not. </para> <para> Sometimes it is desirable to write Perl functions that are not restricted --- for example, one might want a Perl function that sends mail. To handle these cases, PL/Perl can also be installed as an <quote>untrusted</> language (usually called <application>PL/PerlU</application>). In this case the full Perl language is available. If the <command>createlang</command> program is used to install the language, the language name <literal>plperlu</literal> will select the untrusted PL/Perl variant. </para> <para> The writer of a <application>PL/PerlU</> function must take care that the function cannot be used to do anything unwanted, since it will be able to do anything that could be done by a user logged in as the database administrator. Note that the database system allows only database superusers to create functions in untrusted languages. </para> <para> If the above function was created by a superuser using the language <literal>plperlu</>, execution would succeed. </para> </sect1> <sect1 id="plperl-missing"> <title>Missing Features</title> <para> The following features are currently missing from PL/Perl, but they would make welcome contributions: <itemizedlist> <listitem> <para> PL/Perl functions cannot call each other directly (because they are anonymous subroutines inside Perl). There's presently no way for them to share global variables, either. </para> </listitem> <listitem> <para> PL/Perl cannot be used to write trigger functions. </para> </listitem> <listitem> <para> <application>DBD::PgSPI</applicatioN> or similar capability should be integrated into the standard <productname>PostgreSQL</productname> distribution. </para> </listitem> </itemizedlist> </para> </sect1> </chapter> <!-- Keep this comment at the end of the file Local variables: mode:sgml sgml-omittag:nil sgml-shorttag:t sgml-minimize-attributes:nil sgml-always-quote-attributes:t sgml-indent-step:1 sgml-indent-data:t sgml-parent-document:nil sgml-default-dtd-file:"./reference.ced" sgml-exposed-tags:nil sgml-local-catalogs:("/usr/lib/sgml/catalog") sgml-local-ecat-files:nil End: -->