diff --git a/Bootstrap.DataAccess/User.cs b/Bootstrap.DataAccess/User.cs
index da1933d6..4bf9f5ba 100644
--- a/Bootstrap.DataAccess/User.cs
+++ b/Bootstrap.DataAccess/User.cs
@@ -18,7 +18,7 @@
         /// </summary>
         public string Password { get; set; }
         /// <summary>
-        /// 获取/设置 验证信息
+        /// 获取/设置 密码盐
         /// </summary>
         public string PassSalt { get; set; }
         /// <summary>
diff --git a/Bootstrap.DataAccess/UserHelper.cs b/Bootstrap.DataAccess/UserHelper.cs
index 4a5d1a6c..3f7d7b0f 100644
--- a/Bootstrap.DataAccess/UserHelper.cs
+++ b/Bootstrap.DataAccess/UserHelper.cs
@@ -51,7 +51,7 @@ namespace Bootstrap.DataAccess
             return string.IsNullOrEmpty(tId) ? ret : ret.Where(t => tId.Equals(t.ID.ToString(), StringComparison.OrdinalIgnoreCase));
         }
         /// <summary>
-        /// 
+        /// 根据用户名查询用户
         /// </summary>
         /// <param name="userName"></param>
         /// <returns></returns>
@@ -116,13 +116,12 @@ namespace Bootstrap.DataAccess
         /// <returns></returns>
         public static bool SaveUser(User p)
         {
-            //TODO: 这里这样处理明显不行，需要用非对称加密算法进行混淆加密后存储到数据库中
             if (p == null) throw new ArgumentNullException("p");
             bool ret = false;
             if (p.UserName.Length > 50) p.UserName.Substring(0, 50);
-            if (p.Password.Length > 50) p.Password.Substring(0, 50);
             p.PassSalt = LgbCryptography.GenerateSalt();
             p.Password = LgbCryptography.ComputeHash(p.Password, p.PassSalt);
+            if (p.DisplayName.Length > 50) p.DisplayName.Substring(0, 50);
             string sql = p.ID == 0 ?
                 "Insert Into Users (UserName, Password, PassSalt, DisplayName) Values (@UserName, @Password, @PassSalt, @DisplayName)" :
                 "Update Users set UserName = @UserName, Password = @Password, PassSalt = @PassSalt, DisplayName = @DisplayName where ID = @ID";
diff --git a/Bootstrap.DataAccessTests/UserHelperTests.cs b/Bootstrap.DataAccessTests/UserHelperTests.cs
index 214eff46..de52f824 100644
--- a/Bootstrap.DataAccessTests/UserHelperTests.cs
+++ b/Bootstrap.DataAccessTests/UserHelperTests.cs
@@ -18,7 +18,6 @@ namespace Bootstrap.DataAccess.Tests
         [TestMethod]
         public void DeleteUserTest()
         {
-            //TODO: Delete方法没有返回值，自己想想做一个返回值即可
             Assert.IsTrue(UserHelper.DeleteUser("1,2"), "带有参数的UserHelper.DeleteUserTest方法调用失败，请检查数据库连接或者数据库SQL语句");
             Assert.IsFalse(UserHelper.DeleteUser(string.Empty), "参数为空字符串的UserHelper.DeleteUserTest方法调用失败，请检查数据库连接或者数据库SQL语句");
         }
@@ -26,22 +25,23 @@ namespace Bootstrap.DataAccess.Tests
         [TestMethod]
         public void SaveUserTest()
         {
-            //TODO: 两个提示一模一样完全不知道哪里出了问题，本单元测试未通过
             User users = new User();
             users.ID = 0;
-            users.UserName = "liqi";
+            users.UserName = "lq";
             users.Password = "123";
             users.PassSalt = "123";
+            users.DisplayName = "liqi";
             var result = UserHelper.SaveUser(users);
-            Assert.IsTrue(result == true, "带有参数的UserHelper.SaveUser方法中新建用户信息失败，请检查数据库连接或者数据库SQL语句");
+            Assert.IsTrue(result == true, "新建用户信息失败，请检查数据库连接或者数据库SQL语句");
 
             User users1 = new User();
-            users1.ID = 1;
-            users1.UserName = "Lily";
-            users1.Password = "123456";
+            users1.ID = 5;
+            users1.UserName = "lq";
+            users1.Password = "123";
             users1.PassSalt = "123456";
+            users1.DisplayName = "Qi Li";
             result = UserHelper.SaveUser(users1);
-            Assert.IsTrue(result == true, "带有参数的UserHelper.SaveUser方法中更新用户信息失败，请检查数据库连接或者数据库SQL语句");
+            Assert.IsTrue(result == true, "更新用户信息失败，请检查数据库连接或者数据库SQL语句");
         }
     }
 }