I'm trying to write SELECT query for Postgres database but not I'm getting some error - pg_query(): Query failed: ERROR: syntax error at or near "$" LINE 1
$findResult = pg_query('SELECT * FROM fingerprintdata WHERE buildingname = $building ');
$numrows = pg_num_rows($findResult);
The query should be like this:
pg_query('SELECT * FROM fingerprintdata WHERE buildingname = "$building" ');
the variable should be inside quotes ""
$findResult = pg_query($conn, 'SELECT * FROM fingerprintdata WHERE buildingname = "$building"');
$numrows = pg_num_rows($findResult);
Please try below solution. You have not put equal sign in single quote that's why you get the error of variable.
$findResult = pg_query('SELECT * FROM fingerprintdata WHERE buildingname =' . $building);
$numrows = pg_num_rows($findResult);
$query = 'SELECT * FROM fingerprintdata WHERE buildingname = '.pg_escape_literal($building); // to be able to var_dump($query) to see, what it actually looks like
$findResult = pg_query($query);
In Your case, You are using single quotes, which do not expand $building inside. It would work if You used double quotes, but You would be vulnerable to SQL injection (for example $building = "xxx'; DROP DATABASE ...";)