SQL injection question

Hey! I am searching for my first bug and have a question. If I try to inject SQL query i get “Access Denied” error:


q3
But if i double encode this query it loads the page, but gives me non-empty result (my query “AND 2=1” should always be false)

My question is - does this mean that there is an SQL injection and double encoding bypasses filter?