diff --git a/src/main/java/com/example/springdemo/dao/impl/CommonDao.java b/src/main/java/com/example/springdemo/dao/impl/CommonDao.java
index 07337e1..edbd8ca 100644
--- a/src/main/java/com/example/springdemo/dao/impl/CommonDao.java
+++ b/src/main/java/com/example/springdemo/dao/impl/CommonDao.java
@@ -11,10 +11,10 @@ public class CommonDao {
     DataBaseUtil dataBaseUtil = new DataBaseUtil();
     public int delete(Connection ct, PreparedStatement ps, ResultSet rs,
                              String sql, Long id) {
-
         int flag;
         try {
             ct = dataBaseUtil.getConnection();
+            // FIXME: 未对传入sql语句检测，可能有sql注入攻击
             ps = ct.prepareStatement(sql);
             ps.setLong(1, id);
             flag = ps.executeUpdate();