Passing html params in Ruby

I have an AJAX page that I built.
The user enters in some info.
I format a query string and want use it to query my DB.

something like this:

var query_string = "SELECT * FROM mydbtable;

require ‘dbi’
require ‘cgi’
cgi =
params = cgi.params

new_query_string = cgi.params[‘query_string’]

dbh =

newsth = dbh.execute("#{new_query_string}")

rows = newsth.fetch_all


the query_string variable is not passed in the ‘params’, so obviously
this code is never going to work.
How do I pass the formatted variable (query_string) into my embedded
ruby code so that I can query my DB?

Thank you in advance.