Do not insert $_GET or $_POST vars directly into SQL -you need to sanitise.

$term = mysql_real_escape_string($_GET['term']);

$user_query="SELECT * FROM rt_user WHERE rt_user_username LIKE '%$term%' OR rt_user_name LIKE '%$term%' OR rt_user_description LIKE '%$term%' LIMIT 10";

Try wrapping the LIKE arguments in single quotes:

$user_query="SELECT * FROM rt_user WHERE rt_user_username LIKE '%".$_GET['term']."%' OR rt_user_name LIKE '%".$_GET['term']."%' OR rt_user_description LIKE '%".$_GET['term']."%' LIMIT 10";

Notice the single quotes around the LIKE strings?

You should definitely take diafol's advice and sanitize the input instead of just directly injecting the $_GET values into the query.

Also, I cannot be sure without seeing your database structure, but it looks like where you say rt_user_username, you might really mean to say rt_user.username, or even more simply, just username. What you have (and maybe this is what you want, like I said, I cannot be sure without seeing the schema) is looking for a column named rt_user_username in the rt_user table. What I wrote, rt_user.username, means a column named username in the table named rt_user. Just thought I'd mention that in case it turns out to be another issue.