今天在此记录下今天操作的一段数据库操作语言，调试了两个小时，以便让自己今后铭记：string里面的字符串数据一定要严格把控。

StringBuilder strSql=new StringBuilder();
			strSql.Append("update T_member set ");
			strSql.Append("duty=@duty,");
			strSql.Append("role=@role,");
			strSql.Append("phone=@phone,");
			strSql.Append("address=@address,");
			strSql.Append("cardNo=@cardNo,");
			strSql.Append("password=@password,");
			strSql.Append("account=@account,");
			strSql.Append("email=@email,");
			strSql.Append("photo=@photo,");
			strSql.Append("info=@info,");
			strSql.Append("memberNo=@memberNo");
            strSql.Append(" where name=@name");
            SqlParameter[] parameters = {
					new SqlParameter("@duty", SqlDbType.VarChar,10),
					new SqlParameter("@role", SqlDbType.VarChar,10),
					new SqlParameter("@phone", SqlDbType.VarChar,20),
					new SqlParameter("@address", SqlDbType.VarChar,100),
					new SqlParameter("@cardNo", SqlDbType.Int,4),
					new SqlParameter("@password", SqlDbType.VarChar,20),
					new SqlParameter("@account", SqlDbType.VarChar,20),
					new SqlParameter("@email", SqlDbType.VarChar,50),
					new SqlParameter("@photo", SqlDbType.VarChar,100),
					new SqlParameter("@info", SqlDbType.VarChar,200),
					new SqlParameter("@memberNo", SqlDbType.Int,4),
                    new SqlParameter("@name",SqlDbType.VarChar,10)
                    };

parameters[0].Value = model.duty;
            parameters[1].Value = model.role;
            parameters[2].Value = model.phone;
            parameters[3].Value = model.address;
            parameters[4].Value = model.cardNo;
            parameters[5].Value = model.password;
            parameters[6].Value = model.account;
            parameters[7].Value = model.email;
            parameters[8].Value = model.photo;
            parameters[9].Value = model.info;
            parameters[10].Value = model.memberNo;
            parameters[11].Value = name;