Using what I posted, instead of intval() you can use mysql_real_escape_string(). Personally, use intval() when the input should be a number, otherwise mysql_real_escape_string() it. Also, when I know it should be a number don't use quotes either, etc (with both):
$sql="SELECT * FROM $tbl_name WHERE technology='".mysql_real_escape_string($_GET['technology'])."' AND `range`=".intval($_GET['range'])." AND output='".mysql_real_escape_string($_GET['output'])."' AND configuration=".floatval($_GET['configuration']);
In that string, creating the SQL knowing that technology can be a string\number, range is a int, output is a string\number, and configuration is a float.
You might need to be a bit careful with just injecting intval though depending on the data in question since it will return 0 on failure. Injecting a 0 may or may not give undesirable results. Personally I like to do some more robust validation rather than relying on intval alone. Depends on what you are doing of course.
However, like using intval as a quick and easy test. as for inserts\updates those are more controlled but for pumping out data with a select, intval does more then enough. Inserts\Updates usually have a lot more validation going on before hand though and then is only executed when everything is a-okay.
Another note, SQL Injection can happen on ANY user input, even things like ORDER BY, LIMIT, etc. So anything that has user input must be cleaned\validated (as for ORDER BY usually I'll setup up an array of approved sorts and if it's not in that list to use a default value, or use a switch to create an ORDER BY using a different name then the column). Alright, starting to rant a bit, bottom line, Good luck monkey.
Personally prefer the first method as it's easier to see and work with in color coded text editors. right with the first back ticks on the range, however the second one is a PHP variable so single quotes.
Once you get that working, try adding some anti hacking (SQL Injection) functionality.