diff --git a/hoj-springboot/DataBackup/src/main/java/top/hcode/hoj/controller/file/MarkDownFileController.java b/hoj-springboot/DataBackup/src/main/java/top/hcode/hoj/controller/file/MarkDownFileController.java
index 719148ca..a32218a4 100644
--- a/hoj-springboot/DataBackup/src/main/java/top/hcode/hoj/controller/file/MarkDownFileController.java
+++ b/hoj-springboot/DataBackup/src/main/java/top/hcode/hoj/controller/file/MarkDownFileController.java
@@ -4,6 +4,7 @@ import cn.hutool.core.io.FileUtil;
 import cn.hutool.core.map.MapUtil;
 import cn.hutool.core.util.IdUtil;
 import lombok.extern.slf4j.Slf4j;
+import org.apache.shiro.SecurityUtils;
 import org.apache.shiro.authz.annotation.Logical;
 import org.apache.shiro.authz.annotation.RequiresAuthentication;
 import org.apache.shiro.authz.annotation.RequiresRoles;
@@ -14,9 +15,13 @@ import org.springframework.web.bind.annotation.RequestParam;
 import org.springframework.web.bind.annotation.ResponseBody;
 import org.springframework.web.multipart.MultipartFile;
 import top.hcode.hoj.common.result.CommonResult;
+import top.hcode.hoj.pojo.vo.UserRolesVo;
+import top.hcode.hoj.service.common.impl.FileServiceImpl;
 import top.hcode.hoj.utils.Constants;
 
+import javax.annotation.Resource;
 import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpSession;
 import java.io.File;
 
 /**
@@ -30,10 +35,13 @@ import java.io.File;
 public class MarkDownFileController {
 
 
+    @Resource
+    private FileServiceImpl fileService;
+
     @RequestMapping(value = "/upload-md-img", method = RequestMethod.POST)
     @RequiresAuthentication
     @ResponseBody
-    public CommonResult uploadMDImg(@RequestParam("image") MultipartFile image) {
+    public CommonResult uploadMDImg(@RequestParam("image") MultipartFile image, HttpServletRequest request) {
         if (image == null) {
             return CommonResult.errorResponse("上传的图片不能为空！");
         }
@@ -59,9 +67,21 @@ public class MarkDownFileController {
             return CommonResult.errorResponse("服务器异常：图片文件上传失败！", CommonResult.STATUS_ERROR);
         }
 
+        // 获取当前登录用户
+        HttpSession session = request.getSession();
+        UserRolesVo userRolesVo = (UserRolesVo) session.getAttribute("userInfo");
+        top.hcode.hoj.pojo.entity.common.File file = new top.hcode.hoj.pojo.entity.common.File();
+        file.setFolderPath(Constants.File.MARKDOWN_FILE_FOLDER.getPath())
+                .setName(filename)
+                .setFilePath(Constants.File.MARKDOWN_FILE_FOLDER.getPath() + File.separator + filename)
+                .setSuffix(suffix)
+                .setType("md")
+                .setUid(userRolesVo.getUid());
+        fileService.save(file);
+
         return CommonResult.successResponse(MapUtil.builder()
                         .put("link", Constants.File.IMG_API.getPath() + filename)
-                        .put("filePath", Constants.File.MARKDOWN_FILE_FOLDER.getPath() + File.separator + filename).map(),
+                        .put("fileId", file.getId()).map(),
                 "上传图片成功！");
 
     }
@@ -70,9 +90,33 @@ public class MarkDownFileController {
     @RequestMapping(value = "/delete-md-img", method = RequestMethod.GET)
     @RequiresAuthentication
     @ResponseBody
-    public CommonResult uploadMDImg(@RequestParam("filePath") String filePath) {
-        boolean result = FileUtil.del(filePath);
+    public CommonResult deleteMDImg(@RequestParam("fileId") Long fileId, HttpServletRequest request) {
+
+        // 获取当前登录用户
+        HttpSession session = request.getSession();
+        UserRolesVo userRolesVo = (UserRolesVo) session.getAttribute("userInfo");
+
+        top.hcode.hoj.pojo.entity.common.File file = fileService.getById(fileId);
+
+        if (file == null) {
+            return CommonResult.errorResponse("错误：文件不存在！");
+        }
+
+        if (!file.getType().equals("md")) {
+            return CommonResult.errorResponse("错误：不支持删除！", CommonResult.STATUS_FORBIDDEN);
+        }
+
+        boolean isRoot = SecurityUtils.getSubject().hasRole("root");
+        boolean isProblemAdmin = SecurityUtils.getSubject().hasRole("problem_admin");
+        boolean isAdmin = SecurityUtils.getSubject().hasRole("admin");
+
+        if (!file.getUid().equals(userRolesVo.getUid()) && !isRoot && !isAdmin && !isProblemAdmin) {
+            return CommonResult.errorResponse("错误：无权删除他人文件！", CommonResult.STATUS_FORBIDDEN);
+        }
+
+        boolean result = FileUtil.del(file.getFilePath());
         if (result) {
+            fileService.removeById(fileId);
             return CommonResult.successResponse(null, "删除成功");
         } else {
             return CommonResult.errorResponse("删除失败");
diff --git a/hoj-springboot/DataBackup/src/main/java/top/hcode/hoj/controller/oj/AccountController.java b/hoj-springboot/DataBackup/src/main/java/top/hcode/hoj/controller/oj/AccountController.java
index fb7f8a6a..2fbef4d5 100644
--- a/hoj-springboot/DataBackup/src/main/java/top/hcode/hoj/controller/oj/AccountController.java
+++ b/hoj-springboot/DataBackup/src/main/java/top/hcode/hoj/controller/oj/AccountController.java
@@ -314,6 +314,7 @@ public class AccountController {
         if (loginDto.getUsername().length() > 20) {
             return CommonResult.errorResponse("用户名长度不能超过20位!");
         }
+
         UserRolesVo userRoles = userRoleDao.getUserRoles(null, loginDto.getUsername());
         Assert.notNull(userRoles, "用户名不存在，请注意大小写！");
         if (!userRoles.getPassword().equals(SecureUtil.md5(loginDto.getPassword()))) {
diff --git a/hoj-springboot/DataBackup/src/main/java/top/hcode/hoj/judge/Dispatcher.java b/hoj-springboot/DataBackup/src/main/java/top/hcode/hoj/judge/Dispatcher.java
index b4dab1ae..be30fff1 100644
--- a/hoj-springboot/DataBackup/src/main/java/top/hcode/hoj/judge/Dispatcher.java
+++ b/hoj-springboot/DataBackup/src/main/java/top/hcode/hoj/judge/Dispatcher.java
@@ -59,7 +59,7 @@ public class Dispatcher {
                 CompileSpj compileSpj = (CompileSpj) data;
                 return toCompile(path, compileSpj);
             default:
-                throw new NullPointerException("判题机不支持此调用类型");
+                throw new IllegalArgumentException("判题机不支持此调用类型");
         }
         return null;
     }
diff --git a/hoj-springboot/DataBackup/src/main/java/top/hcode/hoj/utils/Constants.java b/hoj-springboot/DataBackup/src/main/java/top/hcode/hoj/utils/Constants.java
index c0853170..3259f499 100644
--- a/hoj-springboot/DataBackup/src/main/java/top/hcode/hoj/utils/Constants.java
+++ b/hoj-springboot/DataBackup/src/main/java/top/hcode/hoj/utils/Constants.java
@@ -135,6 +135,8 @@ public class Constants {
         CODE_CHANGE_EMAIL_FAIL("change-email-fail:"),
         CODE_CHANGE_EMAIL_LOCK("change-email-lock:"),
 
+        TRY_LOGIN_NUM("try-login-num:"),
+
         ACM_RANK_CACHE("acm_rank_cache"),
         OI_RANK_CACHE("oi_rank_cache"),
 
diff --git a/hoj-vue/src/components/admin/Editor.vue b/hoj-vue/src/components/admin/Editor.vue
index a8f6d796..b4007161 100644
--- a/hoj-vue/src/components/admin/Editor.vue
+++ b/hoj-vue/src/components/admin/Editor.vue
@@ -61,7 +61,7 @@ export default {
         headers: { 'Content-Type': 'multipart/form-data' },
       }).then((res) => {
         this.$refs.md.$img2Url(pos, res.data.data.link);
-        this.img_file[res.data.data.link] = res.data.data.filePath;
+        this.img_file[res.data.data.link] = res.data.data.fileId;
       });
     },
     $imgDel(pos) {
@@ -70,7 +70,7 @@ export default {
         url: '/api/file/delete-md-img',
         method: 'get',
         params: {
-          filePath: this.img_file[pos[0]],
+          fileId: this.img_file[pos[0]],
         },
       });
     },