This is my code
if (isset($_POST['submit'])) {
$prod_photo = addslashes(file_get_contents($_FILES["prod_photo"]["tmp_name"]));
$cb_values = array($_POST['cb1'],$_POST['cb2']);
$prod_inc = implode(",", $cb_values);
$prod_name = mysqli_escape_string($mysqli,$_POST['prod_name']);
$prod_desc = mysqli_escape_string($mysqli,$_POST['prod_desc']);
$prod_cat = mysqli_escape_string($mysqli,$_POST['prod_cat']);
$result=$mysqli->query("INSERT INTO product_tbl(prod_photo,prod_name,prod_desc,prod_cat,prod_inc) VALUES('$prod_photo','$prod_name','$prod_desc','$prod_cat','$prod_inc')");
header("location:../admin/settings?d=products&tab=2");
}