only if you are somehow feeding user input (entered in a form field or off a query string parameter) directly into a php variable which will substitute into a column name
why would you want the user to input a column name?
rather than asking a rhetorical question this time, so that you don't make any conclusions about what i might know, i should have said it in terms of a statement ...
you wouldn't want to let the user input a column name
if your column is a variable, this means you sometimes want this column, sometimes that column, you don't know which column, it could be one of multiple columns... which is a huge red flag that you haven't designed the tables properly
i'm thinking of examples like SELECT Total2009Amt, Total2010Amt, ...
as i said, using backticks should be avoided
if you are using a reserved word as a column name, or have a special character in your column name, like for some reason you wanted to call the column
acct no instead of acctno, then you should simply rename the column and avoid the need for backticks altogether
it has nothing to do with whether there can be sql injection into a column name -- there can, with or without backticks, if you programmed for it, so the backticks aren't the issue, but it would be dumb programming to make a column a variable
backticks should be avoided because the sql is cleaner without them