Yes, but the first way has a few advantages:
1) it will be recognized and editable from the dreamweaver recordset
2) it uses a parameterized query that has build in SQL injection protection
That doesn't mean your second technique is vulnerable to SQL injection, it just means it isn't guaranteed not to be. If the array itself was somehow manipulated to have injected SQL, then it would make its way to the query.... however it might have inherent protection based on how it is built to begin with.