Ars Technica

Using PHP to search MySQL database

However, it's still vulnerable to other SQL injection based attacks, so you should validate and escape all your input as necessary anyway.<br><br>And please don't use the direct MySQL driver calls.
Houston Chronicle

How to Build Data Entry Forms & Reports for MySQL

Building data entry forms and reports for MySQL involves using HTML and a Web programming language such as PHP to create the front-end forms and reports, and using a database connection technology ...