function __construct($name)
{
global $language;
//we can't call the local query method as it assumes the character id
//which we need to get in the first place
$table_name = "character_data";
//don't go sticking just anything in the database
if (!IsAlphaSpace($name)) {
message_die($language['MESSAGE_ERROR'], $language['MESSAGE_NAME_ALPHA']);
}
//build the query
$template = "SELECT * FROM `%s` WHERE `name` = '%s'";
$query = sprintf($template, $table_name, $name);
//gather database stats
if (defined('DB_PERFORMANCE')) {
dbp_query_stat('query', $query);
}
//get the results/error
$results = mysql_query($query) or message_die('profile.php', $query, mysql_error());
//collect the data from returned row
if ($row = mysql_fetch_array($results)) {
//save it
$this->cached_records[$table_name] = $row;
$this->account_id = $row['account_id'];
$this->char_id = $row['id'];
} else {
message_die($language['MESSAGE_ERROR'], $language['MESSAGE_NO_FIND']);
}
}
$class = $_GET['class'] != "" ? $_GET['class'] : "-1";
$race = $_GET['race'] != "" ? $_GET['race'] : "-1";
$slot = $_GET['slot'] != "" ? $_GET['slot'] : "-1";
$type = $_GET['type'] != "" ? $_GET['type'] : "-1";
$pricemin = $_GET['pricemin'];
$pricemax = $_GET['pricemax'];
$item = $_GET['item'];
$direction = $_GET['direction'] == "DESC" ? "DESC" : "ASC";
$perpage = 25;
//build baselink
$baselink = "bazaar.php?class={$class}&race={$race}&slot={$slot}&type={$type}&pricemin={$pricemin}&pricemax={$pricemax}&item={$item}";
//security against sql injection
if (!IsAlphaSpace($item)) {
message_die($language['MESSAGE_ERROR'], $language['MESSAGE_ITEM_ALPHA']);
}
if (!IsAlphaSpace($orderby)) {
message_die($language['MESSAGE_ERROR'], $language['MESSAGE_ORDER_ALPHA']);
}
if (!is_numeric($start)) {
message_die($language['MESSAGE_ERROR'], $language['MESSAGE_START_NUMERIC']);
}
if (!is_numeric($pricemin) && $pricemin != "") {
message_die($language['MESSAGE_ERROR'], $language['MESSAGE_PRICE_NUMERIC']);
}
if (!is_numeric($pricemax) && $pricemax != "") {
message_die($language['MESSAGE_ERROR'], $language['MESSAGE_PRICE_NUMERIC']);
}
if (!is_numeric($class)) {
message_die($language['MESSAGE_ERROR'], $language['MESSAGE_CLASS_NUMERIC']);
}
if (!is_numeric($race)) {