DB类的使用,sql问题

$connection=DB::connection(‘mysql’)->table(表名称)
问:下面原本的数据怎么防止注入,sql可以执行成功
原本的(可以执行成功,没什么问题,根据可能会出现sql注入)
主要解决where in 绑定的参数过多执行不了的问题

if (count($values)>300) {
    $values=collect($values)->map(function($value){
        return "'".$value."'";
    })->toArray();
    $connection=$connection->whereRaw($column.' in ('.implode(',',$values).')');
}else {
    $connection=$connection->whereIn($column,$values);
}
return $connection;

优化失败,报sql错误
SQLSTATE[42000]: Syntax error or access violation: 1064 You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near ‘?’ at line 1
但是报的错误sql语句,在sql那边执行是没问题的

if (count($values)>300) {
    $values=collect($values)->map(function($value){
        return "'".$value."'";
    })->toArray();
    $values='('.implode(',',$values).')';
    $connection=$connection->whereRaw($column.' in ?',[$values]);
}else {
    $connection=$connection->whereIn($column,$values);
}