If the string is enclosed in double quotes the embedded variable should be replaced whit its value.

Did you try a test print of the entire query before submitting it to the DBMS?

BTW, I hope you are aware that generated queries are a potential security issue (risks from SQL injection) and should be used with care