RE:A few corrections
Your finder there is completely terrible. It's vulnerable to a SQL injection attack. Instead, you want Catalog.find_all_by_section(params[:section]); that is cleaner and requires no SQL.
The following method may also be used.
Catalog.find(:all, :conditions => ["section = ?", @section])
Furthermore, why isn't this in the context of a full Rails app? Why do you manually establish the ActiveRecord connection in the model?
Establishing a connection in the model class is not required as the database.yml connection parameters are used by default to establish a connection. The connection is established in the model class to demonstrate establish_connection and set_table_name. A different table than "catalogs" may be specified and a connection with a different database or as a different user may be established.
Finally, why are you embedding your HTML generation in the controller instead of putting it where it belongs, in views?
The HTML may be included in the view instead of the controller class.