Further to the discussion in the comments I am providing this so that the question has an answer. I thought square brackets would work fine within the php string used to define the query so I tested it out on my own code that connects to MS-SQL using PDO.
So the following should work...
$query = "SELECT UserId AS INTUSERID FROM dbo.[User] WHERE YahooId = 'abcdef'";
Side note - If your YahooId ever comes from a source that can be manipulated by a user (such as $_GET) you should research Prepared Statements with PDO...
$query = "SELECT UserId AS INTUSERID FROM dbo.[User] WHERE YahooId = ?;";
$statement= $db->prepare($query);
$statement->execute(array($userinput));