I am using

Code:
find(:first, :conditions => ['username = :username AND password = :password', {:username => username, :password => Digest::SHA1.hexdigest(password)}])

for a query,

however I am unsure if it sanitizes the binding properties... can anyone tell me? Thanks