# File lib/active_record/sanitization.rb, line 112 def sanitize_sql_array(ary) statement, *values = ary if values.first.is_a?(Hash) && statement =~ /:\w+/ replace_named_bind_variables(statement, values.first) elsif statement.include?('?') replace_bind_variables(statement, values) elsif statement.blank? statement else statement % values.collect { |value| connection.quote_string(value.to_s) } end end