diff --git a/application/default/controllers/DataController.php b/application/default/controllers/DataController.php
index e5134e4e..bcaa20db 100755
--- a/application/default/controllers/DataController.php
+++ b/application/default/controllers/DataController.php
@@ -655,9 +655,19 @@ class DataController extends Zend_Controller_Action
 			echo "Email格式不正确";
 			exit();
 		}
+
+		if(preg_match("/script/i",$url))
+		{
+			$url = preg_replace("/script/i","ｓｃｒｉｐｔ",$url);
+		}
 		
 		if(strlen($content)<5) exit("评论长度不得少于3个汉字 :)");
 		
+		if(preg_match("/script/i",$content))
+		{
+			$content = preg_replace("/script/i","ｓｃｒｉｐｔ",$content);
+		}
+		
 		$uuid = trim($this->_request->getParam('uuid'));
 		
 		if(!preg_match("/^[0-9A-Za-z]{8}-[0-9A-Za-z]{4}-[0-9A-Za-z]{4}-[0-9A-Za-z]{4}-[0-9A-Za-z]{12}$/",$uuid))
@@ -1145,8 +1155,8 @@ class DataController extends Zend_Controller_Action
 							$pdf = new ApplicantPDF();
 							$pdf->template=$this->view->config->offline->template;
 							$pdf->data = $formData;
-							$pdf->drawWestdc();
-							$pdf->addRef($rows);
+							$pdf->drawWestdc();
+							$pdf->addRef($rows);
 							$pdf->addSecurity($this->view->config->offline->security);
 							header("Content-Disposition: inline; filename=westdc-data-apply.pdf");
 							header("Content-Type:application/pdf");
@@ -1161,7 +1171,7 @@ class DataController extends Zend_Controller_Action
 							$pdf->template=$this->view->config->offline->template;
 							$pdf->data = $formData;
 							$pdf->drawWestdc();
-							$pdf->addRef($rows);
+							$pdf->addRef($rows);
 							$pdf->addSecurity($this->view->config->offline->security);
 							$fn=$formData['realname'].date('YmdHis').".pdf";
 							$pdf->Output($this->view->config->offline->savepath."/".$fn, 'F');
diff --git a/application/default/views/scripts/data/view.phtml b/application/default/views/scripts/data/view.phtml
index 79d04ef9..57d8a68b 100755
--- a/application/default/views/scripts/data/view.phtml
+++ b/application/default/views/scripts/data/view.phtml
@@ -257,18 +257,31 @@ echo '</li>';
 <div id="allcomments">
 <div id="loading"><img src="/images/loading.gif" />评论加载中</div>
 </div>
+<?php
+$auth = Zend_Auth::getInstance();
+if($auth->hasIdentity())
+{
+	$user = $auth->getIdentity();
+	$name = $user->realname;
+	$email = $user->email;
+}else
+{
+	$name = "";
+	$email = "";
+}
+?>
 <form id="postcommentform">
 	<p>
 	<label class="required" style="background:none;">姓名</label>
-    <input type="text" name="author" />
+    <input type="text" name="author" value="<?php echo $name;?>" />
     </p>
     <p>
     <label class="required" style="background:none;">EMAIL</label>
-    <input type="text" name="email" />
+    <input type="text" name="email" value="<?php echo $email;?>" />
     </p>
     <p>
     <label>WEBSITE</label>
-    <input type="text" name="url" />
+    <input type="text" name="url" value="" /> <small>e.g. http://westdc.westgis.ac.cn/</small>
     </p>
     <p>
     <label class="required" style="background:none;">内容</label>