function insert_cat($name, $desc, $data) { $mysql = new MySQLProvider(); $query = "insert into categories(category,description,image)" . "values('" . $name . "','" . $desc . "','" . mysql_real_escape_string($data, $mysql->getconnect()) . "')"; $result = $mysql->getresult($query); $mysql->closeconnect(); }
function insert_up($pid, $filename, $filetype) { $mysql = new MySQLProvider(); $query = "insert into upload(prod_id,file_name,file_type)" . "values('" . $pid . "','" . $filename . "','" . $filetype . "')"; $result = $mysql->getresult($query); $mysql->closeconnect(); }
<?php require "../includes/mysql.php"; $mysql = new MySQLProvider(); $query = "SELECT * FROM products Where id ='" . $_GET["id"] . "'"; $result = $mysql->getresult($query); if ($row = mysql_fetch_array($result)) { $content = $row['image_small']; header('Content-type: image/jpeg'); echo $content; } $mysql->closeconnect();