First, you want an interface that is going to work across all browsers. That being said, ActiveXObject() methods are out (IE, only).
But much more importantly:
- you are publicly exposing information about your server
- you are allowing for a duplicate of your page with modified (harmful) SQL
JavaScript, you may have noticed, does not make it easy to do anything to the user's system - let along your server! It would be a security nightmare.
SQL should be called on the server, out of the view of any possible client. PHP is commonly used for this. You can generate the page on the server or use AJAX to retrieve the data and populate your existing page.
Even were you able to get this possibility on you client side you should run head-long in another direction . . . or risk the consequences.