Can't insert into DB

[slpctrl]

I've recently been getting back into PHP, and I've racked my brain over this incredibly simple piece of code, and can't figure out why I can't insert.

 

<?php
$con = mysql_connect("localhost","root","");
if (!$con)
  {
  die('Could not connect: ' . mysql_error());
  }
$user = "********";
$pass = md5("********");
$email = "******@live.com";

mysql_select_db("users", $con) or die("unable to select DB");

mysql_query("INSERT INTO users ('user', 'pass', 'email')
VALUES ($user,$pass,$email)") or die("Can't insert info into DB " mysql_error());


mysql_close($con);
?> 

 

I know my error is within the insert command...I just don't understand why this isn't working. I've even copied the code straight from W3schools, and it still doesn't work. My MYSQL version is 5.5.24

 

mod edit: removed user/pass/email details

[xyph]

Literal strings must be quoted in a query.

 

Column names should not be quoted.

[Christian F.]

You should also read the article in xyph's signature.

[slpctrl]

<?php
$con = mysql_connect("localhost","root","");
if (!$con)
  {
  die('Could not connect: ' . mysql_error());
  }
$user = "********";
$pass = md5("********");
$email = "******@live.com";

mysql_select_db("users", $con) or die("unable to select DB");

mysql_query("INSERT INTO users (user, pass, email)
VALUES ('$user', '$pass', '$email')") or die("Can't insert info into DB " mysql_error());


mysql_close($con);
?> 

 

mod edit: removed user/pass/email details

[slpctrl]

Thanks for removing those details...after a second I realized, oh sh...oh wow, why did I not filter those out x_x

[PFMaBiSmAd]

I recommend that you go and change your password ASAP. A number of the views of this thread are bot scripts and search engine spiders that read and cache the content and it's only a matter of time before someone logs into your mail account.

[slpctrl]

^That actually wasn't my password thank god, but I do use it somewhere . Anyways, I got it thanks all .