diff --git a/libs/src/lighttpd-1.4.51/src/mod_portal.c b/libs/src/lighttpd-1.4.51/src/mod_portal.c
index 776350bf7..7d203f37e 100644
--- a/libs/src/lighttpd-1.4.51/src/mod_portal.c
+++ b/libs/src/lighttpd-1.4.51/src/mod_portal.c
@@ -26,6 +26,8 @@
 #define MESSAGE_SIZE (63)
 #define MAX_ONLINE_NUM 10
 
+#define SPECHAR(element) (strpbrk((element), "~!@#$%^&*()_+{}|:\"<>?\\,./;\'[]-=`")) //校验特殊字符
+
 typedef void *pointer;
 
 #if 0
@@ -415,7 +417,7 @@ static handler_t judge_account_pwd(server *srv, connection *con, void *p_d)
 	/*JSON字符串到JSON格式 */
 	cjson = cJSON_Parse(b->ptr);
 	if(!cjson)
-	{
+	{   
 		return HANDLER_ERROR;
 	}
 
@@ -429,6 +431,11 @@ static handler_t judge_account_pwd(server *srv, connection *con, void *p_d)
 	account = uitem->valuestring;
 	log_error_write(srv, __FILE__, __LINE__, "ss", "test", account);
 
+	if(SPECHAR(account)) 
+	{
+		return HANDLER_ERROR;
+	}
+
 	if (strlen(account) > USERNAME_MAXLEN)
 	{
 		cJSON_Delete(uitem);
@@ -436,7 +443,7 @@ static handler_t judge_account_pwd(server *srv, connection *con, void *p_d)
 		free(account);
 		return HANDLER_ERROR;
 	}
-
+	
 	/*get password */
 	cJSON *pitem = cJSON_GetObjectItem(cjson, "pwd");
 	if (!pitem)
@@ -705,7 +712,9 @@ static handler_t mod_portal_uri_handler(server *srv, connection *con, void *p_d)
 	}
 
 	log_error_write(srv, __FILE__, __LINE__, "s", "test");
-	//http_header_response_set(con, HTTP_HEADER_CONTENT_TYPE, CONST_STR_LEN("Content-Type"), CONST_STR_LEN("text/xml; charset=\"utf-8\""));
+	http_header_response_set(con, HTTP_HEADER_CONTENT_TYPE,
+     CONST_STR_LEN("Content-Type"),
+     CONST_STR_LEN("text/xml; charset=\"utf-8\""));
 	con->http_status = 200;
 	con->file_finished = 1;
 	return t;
@@ -738,3 +747,7 @@ int mod_portal_plugin_init(plugin *p)
 
 
 
+
+
+
+
diff --git a/libs/src/lighttpd-1.4.51/src/mod_usermagnet.c b/libs/src/lighttpd-1.4.51/src/mod_usermagnet.c
index 9886b39b2..787f1313e 100644
--- a/libs/src/lighttpd-1.4.51/src/mod_usermagnet.c
+++ b/libs/src/lighttpd-1.4.51/src/mod_usermagnet.c
@@ -22,6 +22,8 @@
 #define DEL_MAX_NUM    (100)
 #define DEL_MAX_SIZE   (24)
 
+#define SPECHAR(element) (strpbrk((element), "~!@#$%^&*()_+{}|:\"<>?\\,./;\'[]-=`")) //校验特殊字符
+
 /*函数指针*/
 typedef void (*mod_usermagnet_cfg_exec_sync)(int page_num, int count, char *user_name, cJSON *array);
 
@@ -31,6 +33,52 @@ typedef struct {
 	mod_usermagnet_cfg_exec_sync usermagnet_cfg_exec;
 } mod_usermagnet_plugin_data;
 
+int isIpV4Addr(const char *ipAddr)
+{
+    int dots = 0;            /*字符.的个数*/
+    int setions = 0;         /*ip每一部分总和（0-255）*/ 
+    
+    printf("%s\n", ipAddr);
+    if(NULL == ipAddr || *ipAddr == '.')    /*排除输入参数为NULL, 或者一个字符为'.'的字符串*/ 
+    { 
+        return 1;
+    }   
+ 
+    while(*ipAddr)
+    {
+        if(*ipAddr == '.') 
+        {
+            dots ++; 
+            if(setions >= 0 && setions <= 255)  /*检查ip是否合法*/
+            {
+                setions = 0;
+                ipAddr++;
+                continue;
+            }   
+            return 1;
+        }   
+        else if(*ipAddr >= '0' && *ipAddr <= '9')        /*判断是不是数字*/
+        { 
+            setions = setions * 10 + (*ipAddr - '0');    /*求每一段总和*/
+        }
+        else
+        {
+            return 1;
+        }
+          
+        ipAddr++;   
+    } 
+
+    if(setions >= 0 && setions <= 255) 
+    {
+        if (dots == 3) 
+        {
+            return 0;
+        }   
+    }   
+ 
+    return 1;   
+}
 
 INIT_FUNC(mod_usermagnet_init) {
 	mod_usermagnet_plugin_data *p;
@@ -121,6 +169,12 @@ static handler_t get_onlineuser_info(server *srv, connection *con,  void* p_d)
    		log_error_write(srv, __FILE__, __LINE__, "ss", "test", ip);
 	}
 
+	if(userip && (1 == isIpV4Addr(ip)))
+	{
+		return HANDLER_ERROR;
+	}
+    
+	log_error_write(srv, __FILE__, __LINE__, "s", "test");
     /*get username*/
 	username =  cJSON_GetObjectItem(cjson , "user_name");
 	if(username)
@@ -129,6 +183,11 @@ static handler_t get_onlineuser_info(server *srv, connection *con,  void* p_d)
 		log_error_write(srv, __FILE__, __LINE__, "ss", "test", name);
 	}
 
+	if(name && SPECHAR(name)) 
+	{
+		return HANDLER_ERROR;
+	}
+
 	/*get page_num*/
 	Page_Num = cJSON_GetObjectItem(cjson, "page_num");
 	if(Page_Num)
@@ -353,12 +412,17 @@ static handler_t user_offline(server *srv, connection *con, void* p_d)
             /*用户IP地址*/
             userip = cJSON_GetObjectItem(pArrayItem, "user_ip");
             log_error_write(srv, __FILE__, __LINE__, "sd","test", i);
-            if(userip) 
+            if(userip)    
 			{
                 /*点分十进制转为十进制*/
                 inet_pton(AF_INET, userip->valuestring, &clientip);
 				log_error_write(srv, __FILE__, __LINE__, "sds","test", clientip, userip->valuestring);
 
+				if(1 == isIpV4Addr(userip->valuestring))
+				{
+					return HANDLER_ERROR;
+				}
+
 				user_info = ufind_user(clientip);
                 
 				if(NULL != user_info)
@@ -485,6 +549,9 @@ static handler_t mod_usermagnet_uri_handler(server *srv, connection *con, void*
 	}
     
 	log_error_write(srv, __FILE__, __LINE__, "s","test");
+	http_header_response_set(con, HTTP_HEADER_CONTENT_TYPE,
+     CONST_STR_LEN("Content-Type"),
+     CONST_STR_LEN("text/xml; charset=\"utf-8\""));
 	con->http_status = 200;
 	con->file_finished = 1;
 	return t;
@@ -514,7 +581,4 @@ int mod_usermagnet_plugin_init(plugin *p) {
 	p->data        = NULL;
 
 	return 0;
-}
-
-
-
+}
\ No newline at end of file