sql search with variable

$query = "SELECT * from Users where user = '".$last."'";

That's hard to decipher, but it is ' " .$last " ' ";

The $last is a variable from a $_POST command carried over from the previous page.

Is that the correct way to query for the value?

you are correct.
make sure to use

$last = $_POST['last'];

or exchange the last part to whatever you need. should get you off your feet

Or you could use:

$query = "SELECT * from Users where user = '$last' ";

Which is a bit more readable if you're including lots of variables.

or just use one step 😃

$query = "SELECT * FROM Users WHERE user='".$_POST["last"]."'";

Cgraz

yes, cgraz is right if you want to throw it all into one line, depends how comfortable you are with reading php...