diff --git a/Application/Admin/Model/UserModel.class.php b/Application/Admin/Model/UserModel.class.php
index e031fb6a5..f16e12318 100644
--- a/Application/Admin/Model/UserModel.class.php
+++ b/Application/Admin/Model/UserModel.class.php
@@ -1051,16 +1051,32 @@ class UserModel extends Model{
         }
     }
 
-		public function login_sdk($account,$password,$type=1,$game_id,$game_name,$sdk_version){
+    public function login_sdk($account,$password,$type=1,$game_id,$game_name,$sdk_version,$unique_code){
         $map['account'] = $account;
         /* 获取用户数据 */
         $user = $this->where($map)->find();
         if(is_array($user) && $user['lock_status']  && $user['check_status']){
             /* 验证用户密码 */
             if(think_ucenter_md5($password, UC_AUTH_KEY) === $user['password']||$type==2){
-                $token = $this->updateLogin_($user['id'],$account,$password,$user['fgame_id'],$game_id,$game_name); //更新用户登录信息
-                $this->user_login_record2($user,$type,$game_id,$game_name,$sdk_version);
-                return array("user_id"=>$user['id'],"token"=>$token); //登录成功，返回用户ID
+                $test_resource =  M('test_resource','tab_')->where("user_id=%s and apply_status=2",$user['id'])->find();//测试资源（扶持号）
+                if($test_resource){ //扶持号
+                    if($user['device_number'] && $unique_code && $user['device_number'] !=$unique_code){ //#当前登录设备信息与历史登录设备信息不一致，触发账户冻结
+                        $this->sdklogin_device_error($user,$test_resource,$unique_code);
+                        $this->sdklogin_ip_error($user,$test_resource,get_client_ip());
+                        return -1;//扶持号被禁用
+                    }else{
+                        $token = $this->sdklogin_update($user,$account,$password,$user['fgame_id'],$game_id,$game_name,$unique_code); //更新用户登录信息
+                        $this->user_login_record2($user,$type,$game_id,$game_name,$sdk_version);
+                        $this->sdklogin_ip_error($user,$test_resource,get_client_ip());
+                        return array("user_id"=>$user['id'],"token"=>$token); //登录成功，返回用户ID
+                    }
+                }else{
+                    Log::write('进入SDK_1' , 'INFO');
+                    $token = $this->sdklogin_update($user,$account,$password,$user['fgame_id'],$game_id,$game_name,$unique_code); //更新用户登录信息
+                    $this->user_login_record2($user,$type,$game_id,$game_name,$sdk_version);
+                    return array("user_id"=>$user['id'],"token"=>$token); //登录成功，返回用户ID
+                }
+
             } else {
                 return -2; //密码错误
             }
@@ -1070,6 +1086,79 @@ class UserModel extends Model{
     }
 
 
+    //更新用户登录信息
+    protected function sdklogin_update($user,$account,$password,$user_fgame_id,$game_id,$game_name,$unique_code=''){
+        $model = M('User','tab_');
+        $uid = $user['id'];
+        $data["id"] = $uid;
+        $data["login_time"] = NOW_TIME;
+        $data["login_ip"] = get_client_ip();
+        $data["device_number"] = $unique_code;
+        $data["last_login_ip"] = $user['login_ip'];
+        $data["last_device_number"] = $user['device_number'];
+        $data["token"] = $this->generateToken($uid,$account,$password);
+        if($user_fgame_id){
+            $model->save($data);
+        }else{
+            $data['fgame_id']=$game_id;
+            $data['fgame_name']=$game_name;
+            $model->save($data);
+        }
+        return $data["token"];
+    }
+
+    // 扶持号登录设备异常
+    protected function sdklogin_device_error($user,$resource,$unique_code){
+        $model = M('User','tab_');
+        $uid = $user['id'];
+        $data["id"] = $uid;
+        $data["device_number"] = $unique_code;
+        $data["last_device_number"] = $user['device_number'];
+        $data["lock_status"] = 0 ;
+        $model->save($data);
+        $protect_data['user_id']= $uid;
+        $protect_data['user_account']= $resource['user_account'];
+        $protect_data['server_id'] = $resource['server_id'];
+        $protect_data['server_name']= $resource['server_name'];
+        $protect_data['game_id']=$resource['game_id'];
+        $protect_data['game_name']=$resource['game_name'];
+        $protect_data['nickname']=$resource['role_name'];
+        $protect_data['promote_id']=$resource['promote_id'];
+        $protect_data['promote_account']=$resource['promote_account'];
+        $protect_data['type']=2;
+        $protect_data['detail']="登录设备号异常，本次异常设备号：".$unique_code."，历史登录设备号：".$user['device_number'];
+        $protect_data['create_time'] = NOW_TIME;
+        M('protect_log','tab_')->add($protect_data);
+    }
+
+    // 扶持号登录IP异常
+    protected function sdklogin_ip_error($user,$resource,$ip){
+        $newloginip_source =  file_get_contents("http://ip.taobao.com/service/getIpInfo.php?ip=".$ip);
+        $aldloginip_source = file_get_contents("http://ip.taobao.com/service/getIpInfo.php?ip=".$user['login_ip']);
+
+        $newloginip_source = json_decode($newloginip_source,true);
+        $aldloginip_source = json_decode($aldloginip_source,true);
+
+        if($newloginip_source['data']['city']!=$aldloginip_source['data']['city']){  //登录城市不一致时触发IP异常
+            $uid = $user['id'];
+            $protect_data['user_id']= $uid;
+            $protect_data['user_account']= $resource['user_account'];
+            $protect_data['server_id'] = $resource['server_id'];
+            $protect_data['server_name']= $resource['server_name'];
+            $protect_data['game_id']=$resource['game_id'];
+            $protect_data['game_name']=$resource['game_name'];
+            $protect_data['nickname']=$resource['role_name'];
+            $protect_data['promote_id']=$resource['promote_id'];
+            $protect_data['promote_account']=$resource['promote_account'];
+            $protect_data['type']=1;
+            $protect_data['detail']="登录IP异常，本次异常IP：".$ip."，历史登录IP：".$user['login_ip'];
+            $protect_data['create_time'] = NOW_TIME;
+            M('protect_log','tab_')->add($protect_data);
+        }
+    }
+
+
+
     //判断game_id是否有值
     protected function updateLogin_($uid,$account,$password,$user_fgame_id,$game_id,$game_name){
         $model = M('User','tab_');
diff --git a/Application/Base/Repository/PromoteRepository.class.php b/Application/Base/Repository/PromoteRepository.class.php
index 514f7a734..9f2f55f50 100644
--- a/Application/Base/Repository/PromoteRepository.class.php
+++ b/Application/Base/Repository/PromoteRepository.class.php
@@ -48,7 +48,15 @@ class PromoteRepository {
         if (isset($params['lock_status'])) {
             $lockUserIds = M('user', 'tab_')->where(['lock_status' => 0, 'promote_id' => ['in', $allIds]])->getField('id', 'true');
             if (count($lockUserIds) > 0) {
-                $map['user_id'] = ['not in', $lockUserIds];
+                if ($params['lock_status'] == 1) {
+                    $map['user_id'] = ['not in', $lockUserIds];
+                } else {
+                    $map['user_id'] = ['in', $lockUserIds];
+                }
+            } else {
+                if ($params['lock_status'] == 2) {
+                    $map['_string'] = ' 1<>1';
+                }
             }
         }
         return $map;
@@ -214,7 +222,11 @@ class PromoteRepository {
         }
 
         $subQuery = M('user_play_info', 'tab_')->field('user_id')->group('user_id')->where($subMap)->buildSql();
-        $map['_string'] =  ' user_id not in (' . $subQuery . ')';
+        if (isset($map['_string'])) {
+            $map['_string'] .= ' and user_id not in (' . $subQuery . ')';
+        } else {
+            $map['_string'] =  ' user_id not in (' . $subQuery . ')';
+        }
         $inQuery = M('user_play_info', 'tab_')->field('user_id')->group('user_id')->where($map)->buildSql();
 
         $resultMap = ['_string' => 'user_id in (' . $inQuery . ')'];
diff --git a/Application/Home/Controller/PromoteController.class.php b/Application/Home/Controller/PromoteController.class.php
index d4774857b..037cb7b5f 100644
--- a/Application/Home/Controller/PromoteController.class.php
+++ b/Application/Home/Controller/PromoteController.class.php
@@ -37,7 +37,11 @@ class PromoteController extends BaseController
     {
         $this->meta_title = "首页";
         $loginPromote = $this->getLoginPromote();
-        if ($loginPromote['id'] != 1 && $loginPromote['parent_id'] != 1 && $loginPromote['grand_id'] != 1) {
+
+        $whiteList = [1, 8];
+        $isOpenQuery = in_array($loginPromote['id'], $whiteList) || in_array($loginPromote['parent_id'], $whiteList) || in_array($loginPromote['grand_id'], $whiteList) ? true : false; 
+                
+        if (!$isOpenQuery) {
             $this->display('prepare');
             exit(0);
         }
@@ -856,6 +860,15 @@ class PromoteController extends BaseController
                     $this->ajaxReturn(array('status' => -1, 'msg' => '身份证格式错误'));
                 }
             }
+            if (mb_strlen($_POST['account']) < 6 || mb_strlen($_POST['account']) > 15) {
+                $this->error('账号长度为6-15个字符', U('Promote/edit_chlid', array('id' => $id, 'type' => I('type', 0))));
+                return false;
+            }
+
+            if (mb_strlen($_POST['real_name']) < 2 || mb_strlen($_POST['real_name']) > 4) {
+                $this->error('姓名长度为2-4个字符', U('Promote/edit_chlid', array('id' => $id, 'type' => I('type', 0))));
+                return false;
+            }
 
             $res = $user->promote_add($_POST);
             if (is_numeric($res)) {
diff --git a/Application/Home/Controller/QueryController.class.php b/Application/Home/Controller/QueryController.class.php
index c2913a8d7..30765d46e 100644
--- a/Application/Home/Controller/QueryController.class.php
+++ b/Application/Home/Controller/QueryController.class.php
@@ -1155,7 +1155,9 @@ class QueryController extends BaseController
 
             $newUserNumData = $userPlayInfoModel
                 ->field('tab_user_play_info.create_time,count(distinct tab_user_play_info.user_id) as num')
+                ->join($join)
                 ->where($userPlayInfoWhere2)
+                ->where($map)
                 ->having('tab_user_play_info.create_time between ' . $begTime . ' and ' . ($endTime + 86399))
                 ->order('tab_user_play_info.id')
                 ->find();
@@ -1163,7 +1165,9 @@ class QueryController extends BaseController
 
             $newDeviceData = $userPlayInfoModel
                 ->field('tab_user_play_info.create_time,count(distinct tab_user_play_info.create_device_number) as num')
+                ->join($join)
                 ->where($userPlayInfoWhere2)
+                ->where($map)
                 ->having('tab_user_play_info.create_time between ' . $begTime . ' and ' . ($endTime + 86399))
                 ->order('tab_user_play_info.id')
                 ->find();
@@ -1171,7 +1175,9 @@ class QueryController extends BaseController
 
             $newIpNumData = $userPlayInfoModel
                 ->field('tab_user_play_info.create_time,count(distinct tab_user_play_info.create_ip) as num')
+                ->join($join)
                 ->where($userPlayInfoWhere2)
+                ->where($map)
                 ->having('tab_user_play_info.create_time between ' . $begTime . ' and ' . ($endTime + 86399))
                 ->order('tab_user_play_info.id')
                 ->find();
@@ -1671,6 +1677,7 @@ class QueryController extends BaseController
         $serverData = M('Server', 'tab_')
             ->field('server_id,server_name')
             ->where($where)
+            ->order('server_version,start_time desc')
             ->select();
         $result['status'] = 1;
         $result['data'] = $serverData;
@@ -1990,9 +1997,9 @@ class QueryController extends BaseController
             if ($costBegin != '' && $costEnd != '') {
                 $having = 'sum(cost) between ' . $costBegin . ' and ' . $costEnd;
             } elseif ($costBegin != '' && $costEnd == '') {
-                $having = 'sum(cost) > ' . $costBegin;
+                $having = 'sum(cost) >= ' . $costBegin;
             } elseif ($costBegin == '' && $costEnd != '') {
-                $having = 'sum(cost) < ' . $costEnd;
+                $having = 'sum(cost) <= ' . $costEnd;
             }
             $subMap = $map;
             $subMap['pay_status'] = 1;
@@ -2088,7 +2095,7 @@ class QueryController extends BaseController
     public function getGameServers()
     {
         $gameId = I('game_id', 0);
-        $servers = M('server', 'tab_')->field(['id', 'server_id', 'server_name'])->where(['game_id' => $gameId])->select();
+        $servers = M('server', 'tab_')->field(['id', 'server_id', 'server_name'])->where(['game_id' => $gameId])->order('server_id asc')->select();
         $this->ajaxReturn([
             'status' => 1,
             'msg' => '成功',
diff --git a/Application/Home/View/default/Promote/add_chlid.html b/Application/Home/View/default/Promote/add_chlid.html
index e87d01b21..5d9d63c2a 100644
--- a/Application/Home/View/default/Promote/add_chlid.html
+++ b/Application/Home/View/default/Promote/add_chlid.html
@@ -37,13 +37,13 @@
                   <tr>
                     <td class="l"><span class="req">*</span>帐号：</td>
                     <td class="r">
-                      <input type="text" class="name input-txt txt" name="account" id="account" placeholder="请输入帐号">
+                      <input type="text" class="name input-txt txt" name="account" id="account" maxlength="15" minlength="6" placeholder="请输入帐号">
                     </td>
                   </tr>
                   <tr>
                     <td class="l"><span class="req">*</span>姓名：</td>
                     <td class="r">
-                      <input type="text" class="name input-txt txt" name="real_name" id="real_name" placeholder="请输入姓名">
+                      <input type="text" class="name input-txt txt" name="real_name" id="real_name" maxlength="4" minlength="2" placeholder="请输入姓名">
                     </td>
                   </tr>
                   <tr>
@@ -141,8 +141,14 @@
        if($('#account').val()==""){
         return json_data = {'status':0,'msg':'子渠道账号不能为空'}
        }
-      if($.trim($('#account').val()).length < 6){
-        return json_data = {'status':0,'msg':'子渠道账号不能小于6位字符'}
+      //  if($.trim($('#account').val()).length < 6){
+      //   return json_data = {'status':0,'msg':'子渠道账号不能小于6位字符'}
+      // }
+      if($.trim($('#account').val()).length < 6 || $.trim($('#account').val()).length > 15){
+        return json_data = {'status':0,'msg':'子渠道账号长度为6-15位字符'}
+      }
+      if($.trim($('#real_name').val()).length < 2 || $.trim($('#real_name').val()).length > 4){
+        return json_data = {'status':0,'msg':'子渠道姓名长度为2-4位字符'}
       }
       if($('#password').val()==""){
         return json_data = {'status':0,'msg':'子渠道密码不能为空'}
diff --git a/Application/Home/View/default/Public/promote_base.html b/Application/Home/View/default/Public/promote_base.html
index 0b91d3371..21ceebfe2 100644
--- a/Application/Home/View/default/Public/promote_base.html
+++ b/Application/Home/View/default/Public/promote_base.html
@@ -47,7 +47,10 @@
 					<a href="{:U('Promote/mygrand')}" class="<if condition='CONTROLLER_NAME eq Promote and (ACTION_NAME eq mygrand or ACTION_NAME eq add_chlid or ACTION_NAME eq edit_chlid) '>active</if> ">推广员管理</a>
 				</if>
 			</div>
-			<?php $isOpenQuery = in_array($loginer['id'], [1, 84, 531]) || in_array($loginer['parent_id'], [1, 84, 531]) || in_array($loginer['grand_id'], [1, 84, 531]) ? true : false; ?>
+			<?php
+				$whiteList = [1, 8];
+				$isOpenQuery = in_array($loginer['id'], $whiteList) || in_array($loginer['parent_id'], $whiteList) || in_array($loginer['grand_id'], $whiteList) ? true : false; 
+			?>
 			<?php if($isOpenQuery):?>
 
 			<div class="subNav jssubNav"><i class="prev_icon icon_shujvi"></i><span>数据管理</span><i class="arrow_icon"></i></div>
diff --git a/Application/Home/View/default/Query/achievement.html b/Application/Home/View/default/Query/achievement.html
index 00b1b8500..56ede133f 100644
--- a/Application/Home/View/default/Query/achievement.html
+++ b/Application/Home/View/default/Query/achievement.html
@@ -81,7 +81,7 @@
             </div>
             <?php if (I('parent_id', 0) > 0):?>
             <div class="form-group">
-              <input type="buttom" class="submit normal_space" onclick="window.history.back();" value="返回上级" style="text-align: center; background: #E5E5E5; color: #2bd8ed; cursor: pointer;">
+              <a class="submit normal_space" href="{:U('Query/achievement', ['row'=>I('get.row')])}" style="line-height: 36px; display: inline-block; text-align: center; background: #E5E5E5; color: #2bd8ed; cursor: pointer;">返回上级</a>
             </div>
             <?php endif;?>
           </form>
diff --git a/Application/Home/View/default/Query/arpu.html b/Application/Home/View/default/Query/arpu.html
index cbd0971e5..546ef5c88 100644
--- a/Application/Home/View/default/Query/arpu.html
+++ b/Application/Home/View/default/Query/arpu.html
@@ -235,7 +235,7 @@
 <script type="text/javascript" src="__JS__/20170831/tabpage.js"></script>
 <eq name='timeout' value='1'>
 <script>
-  layer.msg('时间间隔不能超过90天');
+  layer.msg('时间间隔不能超过30天');
 </script>
 </eq>
 <script>
diff --git a/Application/Media/View/default/Index/business.html b/Application/Media/View/default/Index/business.html
index ad0a46623..f8e21cf2c 100644
--- a/Application/Media/View/default/Index/business.html
+++ b/Application/Media/View/default/Index/business.html
@@ -40,7 +40,7 @@
                         </div>
                         <div style="float: left;margin-left: 20px">
                             <h3 style="color: #0C0C0C">平台币充值</h3>
-                            <p style="font-size: 14px;color: #666;margin-bottom: 30px">平台币简介平台币简介平台币简介平台币简介平台币简介平台币简介</p>
+                            <p style="font-size: 14px;color: #666;margin-bottom: 30px">平台币是可以在游戏内直接消费使用的，1平台币=1人民币，在游戏内您可直接用平台币选择购买相应的道具（钻石、宝石、金币等）。</p>
                             <style>
                                 .btn{
                                     background-color: #03B4F5;
diff --git a/Application/Mobile/View/Index/product.html b/Application/Mobile/View/Index/product.html
index 370123230..a1225e492 100644
--- a/Application/Mobile/View/Index/product.html
+++ b/Application/Mobile/View/Index/product.html
@@ -141,7 +141,7 @@
           <div class="swiper-slide">
             <span class="join">
                 平台币简介：
-              这是平台币简介内容
+              平台币是可以在游戏内直接消费使用的，1平台币=1人民币，在游戏内您可直接用平台币选择购买相应的道具（钻石、宝石、金币等）。
             </span>
             <style>
               .btn{
diff --git a/Application/Mobile/View/Ssg/login.html b/Application/Mobile/View/Ssg/login.html
index 18a666838..b7553fe45 100644
--- a/Application/Mobile/View/Ssg/login.html
+++ b/Application/Mobile/View/Ssg/login.html
@@ -139,7 +139,7 @@
                         </div>
                         <div class="formitem">
                             <img src="__IMG__/ssg/login/password.png">
-                            <input id="regpassword" type="password" placeholder="请输入6-12位自字母组合密码" value="">
+                            <input id="regpassword" type="password" placeholder="请输入6-12位字母组合密码" value="">
                         </div>
                         <div class="formitem">
                             <img src="__IMG__/ssg/login/password.png">
diff --git a/Application/Sdk/Controller/UserController.class.php b/Application/Sdk/Controller/UserController.class.php
index d8a701d54..3fcb8157c 100644
--- a/Application/Sdk/Controller/UserController.class.php
+++ b/Application/Sdk/Controller/UserController.class.php
@@ -40,7 +40,7 @@ class UserController extends BaseController
                 //1.登录成功,验证在本地是否有此账号
                 $user_res = M('user', 'tab_') -> where(['account' => $uc_username]) -> find();
                 if (!empty($user_res)) {//本地存在账号,验证密码直接登录
-                    $result = $userApi -> login_sdk($user["account"], $user['password'], 1, $user["game_id"], get_game_name($user["game_id"]), $user['sdk_version']);#调用登录
+                    $result = $userApi -> login_sdk($user["account"], $user['password'], 1, $user["game_id"], get_game_name($user["game_id"]), $user['sdk_version'],$user['unique_code']);#调用登录
                     $res_msg = array();
                     switch ($result) {
                         case - 1:
@@ -112,7 +112,7 @@ class UserController extends BaseController
                     if ($res > 0) {
 
 
-                        $result = $userApi -> login_sdk($user["account"], $user['password'], 1, $user["game_id"], get_game_name($user["game_id"]), $user['sdk_version']);#调用登录
+                        $result = $userApi -> login_sdk($user["account"], $user['password'], 1, $user["game_id"], get_game_name($user["game_id"]), $user['sdk_version'],$user['unique_code']);#调用登录
                         $res_msg = array();
                         switch ($result) {
                             case - 1:
@@ -173,7 +173,7 @@ class UserController extends BaseController
 
             } elseif ($uc_uid == - 1) {
                 //用户不存在,验证本地用户账号密码
-                $result = $userApi -> login_sdk($user["account"], $user['password'], 1, $user["game_id"], get_game_name($user["game_id"]), $user['sdk_version']);#调用登录
+                $result = $userApi -> login_sdk($user["account"], $user['password'], 1, $user["game_id"], get_game_name($user["game_id"]), $user['sdk_version'],$user['unique_code']);#调用登录
                 $res_msg = array();
                 switch ($result) {
                     case - 1:
@@ -236,7 +236,7 @@ class UserController extends BaseController
         }
         #实例化用户接口
         $userApi = new MemberApi();
-        $result = $userApi -> login_sdk($user["account"], $user['password'], 1, $user["game_id"], get_game_name($user["game_id"]), $user['sdk_version']);#调用登录
+        $result = $userApi -> login_sdk($user["account"], $user['password'], 1, $user["game_id"], get_game_name($user["game_id"]), $user['sdk_version'],$user['unique_code']);#调用登录
         $res_msg = array();
         switch ($result) {
 
@@ -1196,7 +1196,13 @@ class UserController extends BaseController
             $data['create_ip'] = get_client_ip();
             // $data['create_device_number'] = time();
 
-            $user_play->add($data);
+            // 修改重复插入问题  增加唯一索引  记录重复插入异常
+            try {
+                $user_play->add($data);
+            } catch (\Exception $e) {
+                Log::write('Duplicate Exception:' .json_encode($e->getMessage()), Log::ERR);
+            }
+
             $this->updateLoginRecord($data);
         }
 
diff --git a/Application/User/Api/MemberApi.class.php b/Application/User/Api/MemberApi.class.php
index 6df0a929c..97baf85f0 100644
--- a/Application/User/Api/MemberApi.class.php
+++ b/Application/User/Api/MemberApi.class.php
@@ -111,12 +111,12 @@ class MemberApi extends Api{
     public function login_($account, $password,$type=2,$game_id=0,$game_name='',$sdk_version){
         return $this->model->login_1($account, $password,$type,$game_id,$game_name,$sdk_version);
     }
-		
-		public function login_sdk($account, $password,$type=2,$game_id=0,$game_name='',$sdk_version){
-        return $this->model->login_sdk($account, $password,$type,$game_id,$game_name,$sdk_version);
+    
+    public function login_sdk($account, $password,$type=2,$game_id=0,$game_name='',$sdk_version,$unique_code=''){
+        return $this->model->login_sdk($account, $password,$type,$game_id,$game_name,$sdk_version,$unique_code);
     }
-		
-		
+
+
     /**
     *修改数据
     */