findbugs BUG问题解析：

[RV] Exception created and dropped rather than thrown [RV_EXCEPTION_NOT_THROWN]

This code creates an exception (or error) object, but doesn't do anything with it. For example, something like

if (x < 0)

  new IllegalArgumentException("x must be nonnegative");

It was probably the intent of the programmer to throw the created exception:

if (x < 0)

  throw new IllegalArgumentException("x must be nonnegative");

Findbugs报错：

A prepared statement is generated from a nonconstant String

The code creates an SQL prepared statement from a nonconstant String. If unchecked, tainted data from a user is used in building this String, SQL injection could be used to make the prepared statement do something unexpected and undesirable.

修改方法：

java.sql.PreparedStatement如果含有变量，改成？，然后用setString、setInt等方法替代。例如

            prepareStatement = conn.prepareStatement("insert into tableName (id,name) values (?,?)");

            prepareStatement.setString(1, value1);

            prepareStatement.setString(2, value2);