diff --git a/Application/Mobile/Controller/UserController.class.php b/Application/Mobile/Controller/UserController.class.php
index 7a33f1bdb..afad2c608 100644
--- a/Application/Mobile/Controller/UserController.class.php
+++ b/Application/Mobile/Controller/UserController.class.php
@@ -330,6 +330,15 @@ class UserController extends BaseController {
               			break;
               	}
 
+                if (!preg_match("/^1[34578]\d{9}$/", $phone)) {
+                    echo json_encode(['status' => 0,'msg' => '手机号格式不正确']);
+                    die;
+                }
+
+                if (!preg_match("/^[a-zA-Z0-9]{6,15}+$/", $password)) {
+                    echo json_encode(['status' => 0,'msg' => '密码格式不正确']);
+                    die;
+                }
 
 	            if (isset($_POST['promote_id']) && !empty($_POST['promote_id'])) {
 	                $pid = $this->suser->register($phone,$password,$phone,$register_way,$register_type,$_POST['promote_id'],$_POST['promote_account'],$sex,$nickname,$head_img);
@@ -440,6 +449,16 @@ class UserController extends BaseController {
                 echo json_encode(array('status'=>0,'msg'=>'账号已存在'));exit;
             }
 
+            if (!preg_match("/^[a-z\d]{6,15}$/i", $account)) {
+                echo json_encode(['status' => 0,'msg' => '账号格式不正确']);
+                die;
+            }
+
+            if (!preg_match("/^[a-zA-Z0-9]{6,15}+$/", $password)) {
+                echo json_encode(['status' => 0,'msg' => '密码格式不正确']);
+                die;
+            }
+
             $pid = $this->suser->register($account,$password,'',$register_way,$register_type,'','',$sex,$nickname,$head_img);
 
             if($pid > 0){