$db_query = "SELECT ST.sno_name,HT.homolog_name FROM sno_Table ST, Homolog_Table HT,sno_Homologs SH,Organism O WHERE ST.sno_id=SH.sno_id AND SH.homolog_id=HT.homolog_id AND HT.org_i d=O.org_id and (ST.family=$family) and O.organism='$TB'";

You have just passed $family and $TB directly into an SQL statement as entered into a web page by an untrusted random stranger with no validation what so ever. That will not end well (http://www.bobby-tables.com/).

Use place holders to protect your queries from SQL injections

$db_query = "SELECT ST.sno_name,HT.homolog_name FROM sno_Table ST, Hom
+olog_Table HT,sno_Homologs SH,Organism O WHERE ST.sno_id=SH.sno_id AN
+D SH.homolog_id=HT.homolog_id AND HT.org_i d=O.org_id and (ST.family=
+?) and O.organism=?";

...

$sth->execute($family, $TB);
[download]