diff --git a/application/admin/controller/Category.php b/application/admin/controller/Category.php
index 6c6ffbe0..ca7e31f4 100644
--- a/application/admin/controller/Category.php
+++ b/application/admin/controller/Category.php
@@ -23,7 +23,7 @@ class Category extends Backend
     {
         parent::_initialize();
         $this->request->filter(['strip_tags']);
-        $this->model = model('Category');
+        $this->model = model('app\common\model\Category');
 
         $tree = Tree::instance();
         $tree->init(collection($this->model->order('weigh desc,id desc')->select())->toArray(), 'pid');
diff --git a/application/admin/controller/auth/Admin.php b/application/admin/controller/auth/Admin.php
index 2e214517..4c7431e6 100644
--- a/application/admin/controller/auth/Admin.php
+++ b/application/admin/controller/auth/Admin.php
@@ -257,6 +257,7 @@ class Admin extends Backend
     protected function selectpage()
     {
         $this->dataLimit = 'auth';
+        $this->dataLimitField = 'id';
         return parent::selectpage();
     }
 
diff --git a/application/admin/library/Auth.php b/application/admin/library/Auth.php
index 45bbc4e7..00a99741 100644
--- a/application/admin/library/Auth.php
+++ b/application/admin/library/Auth.php
@@ -27,6 +27,14 @@ class Auth extends \fast\Auth
         return Session::get('admin.' . $name);
     }
 
+    /**
+     * 管理员登录
+     * 
+     * @param   string  $username   用户名
+     * @param   string  $password   密码
+     * @param   int     $keeptime   有效时长
+     * @return  boolean
+     */
     public function login($username, $password, $keeptime = 0)
     {
         $admin = Admin::get(['username' => $username]);
@@ -34,6 +42,10 @@ class Auth extends \fast\Auth
         {
             return false;
         }
+        if ($admin->loginfailure >= 3 && time() - $admin->updatetime < 86400)
+        {
+            return false;
+        }
         if ($admin->password != md5(md5($password) . $admin->salt))
         {
             $admin->loginfailure++;
@@ -103,8 +115,9 @@ class Auth extends \fast\Auth
 
     /**
      * 刷新保持登录的Cookie
-     * @param int $keeptime
-     * @return boolean
+     * 
+     * @param   int     $keeptime
+     * @return  boolean
      */
     protected function keeplogin($keeptime = 0)
     {
@@ -167,7 +180,6 @@ class Auth extends \fast\Auth
         //判断是否同一时间同一账号只能在一个地方登录
         if (Config::get('fastadmin.login_unique'))
         {
-            
             $my = Admin::get($admin['id']);
             if (!$my || $my['token'] != $admin['token'])
             {
diff --git a/application/common/controller/Backend.php b/application/common/controller/Backend.php
index 7eb308d0..af864d4b 100644
--- a/application/common/controller/Backend.php
+++ b/application/common/controller/Backend.php
@@ -61,7 +61,7 @@ class Backend extends Controller
      * 数据限制字段
      */
     protected $dataLimitField = 'admin_id';
-    
+
     /**
      * 数据限制开启时自动填充限制字段值
      */
@@ -171,7 +171,7 @@ class Backend extends Controller
 
         // 配置信息
         $config = [
-            'site'           => array_intersect_key($site, array_flip(['name', 'cdnurl', 'version', 'timezone', 'languages'])),
+            'site'           => array_intersect_key($site, array_flip(['name', 'indexurl', 'cdnurl', 'version', 'timezone', 'languages'])),
             'upload'         => $upload,
             'modulename'     => $modulename,
             'controllername' => $controllername,
@@ -182,6 +182,7 @@ class Backend extends Controller
             'fastadmin'      => Config::get('fastadmin'),
             'referer'        => Session::get("referer")
         ];
+        $config = array_merge($config, Config::get("view_replace_str"));
 
         Config::set('upload', array_merge(Config::get('upload'), $upload));
 
diff --git a/application/common/controller/Frontend.php b/application/common/controller/Frontend.php
index 1ded6444..f5e6b2c8 100644
--- a/application/common/controller/Frontend.php
+++ b/application/common/controller/Frontend.php
@@ -116,6 +116,7 @@ class Frontend extends Controller
             'moduleurl'      => rtrim(url("/{$modulename}", '', false), '/'),
             'language'       => $lang
         ];
+        $config = array_merge($config, Config::get("view_replace_str"));
 
         Config::set('upload', array_merge(Config::get('upload'), $upload));
 
diff --git a/public/assets/js/backend/auth/rule.js b/public/assets/js/backend/auth/rule.js
index 81dbf15b..bd90b736 100755
--- a/public/assets/js/backend/auth/rule.js
+++ b/public/assets/js/backend/auth/rule.js
@@ -111,7 +111,7 @@ define(['jquery', 'bootstrap', 'backend', 'table', 'form', 'template'], function
                     name.prop("placeholder", $(this).val() == 1 ? name.data("placeholder-menu") : name.data("placeholder-node"));
                 });
                 $("input[name='row[ismenu]']:checked").trigger("click");
-                
+
                 var iconlist = [];
                 Form.api.bindevent($("form[role=form]"));
                 $(document).on('click', ".btn-search-icon", function () {