Using Safe-Mode Form Variables in mySQL Query

They have: 15 posts

Joined: Jan 2003

I am in a safe mode, I think. Anyway, in order to receive form variables through post method, I have to use $_POST['variable_name'] in order to read that variable. But how do you do it when you want to include it in query? The code is written below:

<?php
$result
= mysql_query(\"INSERT INTO mytable ('column1', 'column2') VALUES ($_POST['variable1'], $_POST['variable2']\") or die (\"Query Error: \".mysql_error());
?>

The code above gives me an mySQL error stating that I should read the manual for the proper format. Isn't the above query in proper format already?