php - Simple MySQL Insert doesn't work? -

i have strangest problem. wrote simple insert query:

if(isset($_post['putuser'])) {     $user = $_post['user'];     $amount = $_post['amount'];     $what = $_post['what'];     $country = $_post['country'];     $platform = $_post['platform'];      $query = mysql_query('insert sells(id, user, amount, what, country, platform) values (null , '.$user.', 1, 1, 1, 1)');     if($query) {         echo 'ok';     } else {         die(mysql_error());     } } 

and doesn't work. works when pust 1 in values instead of, in example, $user. when variables present, throws error unknown column 'test username' in 'field list'. where's mistake?

well value have passed query not enclosed inside quotes. when don't enclose string inside quotes mysql assumes it's field name. have forgotten escape string.

$query = mysql_query('insert sells (id, user, amount, what, country, platform) '       . 'values (null , "' . mysql_real_escape_string($user) . '", 1, 1, 1, 1)'); 

finally should migrate away using mysql extension , use pdo or mysqli instead.