Sql queries in rails

I have an assignment and I need to be able to run a query inputted by
the user (no matter what the query). Also I need to display the result
cleanly with the field names if the query was a select query. So far I
have

@result = ActiveRecord::Base.connection.execute(params[:query])

and in my view I have

<% for result in @result %>
<%= result %>
<% end %>

but this returns all the the data as a single line. Please help!

Use connection.select_all and hope that the user doesn't try and
delete your database.

Fred