As I said last time: it's because of the way you are creating your SQL command. You are concatenating strings to form it, and this is one of the problems you get as a result. (The other is your database being deleted because someone on the other side of the world though it would be funny - this is called an SQL Injection Attack.)
As I said last time, read this:
Why do I get a "Parameter is not valid." exception when I read an image from my database?[
^] It explains the problem, and the solution. It is mostly concerned with Images being saved but exactly the same thing happens when you use an array of bytes directly as well. Only you get "System.Byte[]" instead of "System.Drawing.Bitmap" stored in your DB...