diff --git a/apps/Note.js b/apps/Note.js
index 316974c..56af60d 100644
--- a/apps/Note.js
+++ b/apps/Note.js
@@ -255,11 +255,11 @@ export async function Note_appoint(e) {
 			let imgurl;
 			let pathFile = urlType[item].replace(/\./, _path)
 			if (item.includes(".")) {
-				imgurl = await segment.image(`file:///${pathFile}`);
+				imgurl = await segment.image(`file://${pathFile}`);
 				item = item.split(".")[0];
 			} else {
 				imgurl = await segment.image(
-					`file:///${pathFile}/icon/bg/${fs.readdirSync(`${pathFile}/icon/bg/`)[0]}`
+					`file://${pathFile}/icon/bg/${fs.readdirSync(`${pathFile}/icon/bg/`)[0]}`
 				)
 			}
 			if (isUser && !temp?.includes(item)) {
diff --git a/apps/admin.js b/apps/admin.js
index 30d8ee2..42b2644 100644
--- a/apps/admin.js
+++ b/apps/admin.js
@@ -19,6 +19,7 @@ let cfgMap = {
 	"模板": "mb.len",
 	"获取sk":"ck.sk",
 	"目录":"Atlas.all",
+	"扫码绑定":'mhy.qrcode',
 };
 let sysCfgReg = `^#图鉴设置\s*(${lodash.keys(cfgMap).join("|")})?\s*(.*)$`;
 export const rule = {
@@ -74,6 +75,8 @@ export async function sysCfg(e, {
 			val = Math.min(200, Math.max(50, val * 1 || 100));
 		}else if(cfgKey === "mb.len"){
 			val= Math.min(2,Math.max(val,0));
+		}else if(cfgKey==='mhy.qrcode'){
+			val= Math.min(3,Math.max(val,0));
 		} else {
 			val = !/关闭/.test(val);
 		}
@@ -88,6 +91,7 @@ export async function sysCfg(e, {
 		len:Cfg.get("mb.len", 0),
 		poke: getStatus("note.poke",false),
 		isSk: getStatus("ck.sk",false),
+		qrcode:Cfg.get("mhy.qrcode", 0),
 		imgPlus: fs.existsSync(plusPath),
 		notePlus: fs.existsSync(notePlus),
 		bg: await rodom(), //获取底图
diff --git a/apps/mhyTopUpLogin.js b/apps/mhyTopUpLogin.js
index a12e859..cd8f291 100644
--- a/apps/mhyTopUpLogin.js
+++ b/apps/mhyTopUpLogin.js
@@ -5,6 +5,9 @@ import mys from "../model/mhyTopUpLogin.js"
 import Common from "../components/Common.js";
 import { bindStoken } from './user.js'
 import utils from '../model/mys/utils.js';
+import {
+	Cfg,
+} from "../components/index.js";
 const _path = process.cwd();
 export const rule = {
 	qrCodeLogin: {
@@ -31,7 +34,7 @@ export const rule = {
 export async function payOrder(e, { render }) {
 	let Mys = new mys(e)
 	if (/(商品|充值)列表/.test(e.msg)) {
-		return await Mys.showgoods( { render })
+		return await Mys.showgoods({ render })
 	} else if (/(订单|查询)(订单|查询)/.test(e.msg)) {
 		return await Mys.checkOrder()
 	} else if (e.msg.includes('充值')) {
@@ -41,6 +44,17 @@ export async function payOrder(e, { render }) {
 }
 
 export async function qrCodeLogin(e, { render }) {
+	let power = Cfg.get("mhy.qrcode")
+	if (power === 3) {
+		return false;
+	} else {
+		if (power == 2 && !e.isPrivate) {
+			return false;
+		}
+		if (power == 1 && !e.isGroup) {
+			return false;
+		}
+	}
 	let Mys = new mys(e)
 	let res = await Mys.qrCodeLogin()
 	if (!res?.data) return false;
@@ -89,15 +103,15 @@ export async function UserPassLogin(e) {
 export async function bindSkCK(e, res) {
 	e.msg = res?.stoken, e.raw_message = res?.stoken
 	e.isPrivate = true
-	await bindStoken(e)
+	await bindStoken(e, '1')
 	e.ck = res?.cookie, e.msg = res.cookie, e.raw_message = res.cookie;
 	if (isV3) {
-		let userck = (await import(`file:///${_path}/plugins/genshin/model/user.js`)).default
+		let userck = (await import(`file://${_path}/plugins/genshin/model/user.js`)).default
 		await (new userck(e)).bing()
 	} else {
 		let {
 			bingCookie
-		} = (await import(`file:///${_path}/lib/app/dailyNote.js`))
+		} = (await import(`file://${_path}/lib/app/dailyNote.js`))
 		await bingCookie(e)
 	}
 }
diff --git a/apps/user.js b/apps/user.js
index db6d769..06d36cd 100644
--- a/apps/user.js
+++ b/apps/user.js
@@ -119,7 +119,7 @@ export async function gcPaylog(e) {
 			EX: time
 		});
 		if (isV3) {
-			let { payLog } = (await import(`file:///${_path}/plugins/genshin/apps/payLog.js`))
+			let { payLog } = (await import(`file://${_path}/plugins/genshin/apps/payLog.js`))
 			let pl = (new payLog())
 			e.isGroup = false;
 			pl.e = e
@@ -166,12 +166,12 @@ export async function gclog(e) {
 		sendMsg = [...sendMsg, ...[1, `uid:${e.uid}`, e.msg]]
 	} else {
 		if (isV3) {
-			let gclog = (await import(`file:///${_path}/plugins/genshin/model/gachaLog.js`)).default
+			let gclog = (await import(`file://${_path}/plugins/genshin/model/gachaLog.js`)).default
 			await (new gclog(e)).logUrl()
 		} else {
 			let {
 				bing
-			} = (await import(`file:///${_path}/lib/app/gachaLog.js`))
+			} = (await import(`file://${_path}/lib/app/gachaLog.js`))
 			e.isPrivate = true;
 			await bing(e)
 		}
@@ -242,7 +242,7 @@ export async function bindLogin_ticket(e) {
 	return false;
 }
 
-export async function bindStoken(e) {
+export async function bindStoken(e, uid = '') {
 	if (!e.isPrivate) {
 		e.reply("请私聊发送")
 		return true;
@@ -250,23 +250,24 @@ export async function bindStoken(e) {
 	let msg = e.msg;
 	let user = new User(e);
 	await user.cookie(e)
+	e.uid = uid || e.uid
 	e.region = getServer(e.uid)
 	e.cks = msg.replace(/;/g, '&').replace(/stuid/, "uid")
 	e.sk = await utils.getCookieMap(msg)
-	let res = await user.getData("bbsGetCookie", { cookies: e.cks })
+	let res = await user.getData("bbsGetCookie", { cookies: e.cks }, false)
 	if (!res?.data) {
-		e.uid="64"
+		e.uid = "64"
 		e.region = getServer(e.uid)
-		res = await user.getData("bbsGetCookie", { cookies: e.cks,method:'post'},false)
-		if(!res?.data){
+		res = await user.getData("bbsGetCookie", { cookies: e.cks, method: 'post' }, false)
+		if (!res?.data) {
 			await e.reply(`绑定Stoken失败，异常：${res?.message}\n请发送【stoken帮助】查看配置教程重新配置~`);
 			return true;
-		}else{
+		} else {
 			await user.seachUid(res);
 			return true;
 		}
 	}
-	await user.getCookie(e)
+	// await user.getCookie(e)
 	await user.seachUid(res);
 	return true;
 }
@@ -278,7 +279,7 @@ export async function cloudToken(e) {
 		e.reply(`格式支持\nai=*;ci=*;oi=*;ct=***********;si=**************;bi=***********;devId=***********`)
 		return false;
 	}
-	let msg = e.msg.replace(/dev(i|l|I|L)d/g,'devId').split("devId")
+	let msg = e.msg.replace(/dev(i|l|I|L)d/g, 'devId').split("devId")
 	if (msg.length < 2) {
 		Bot.logger.mark(`云原神绑定失败：未包含devId字段~`)
 		return false;
@@ -333,15 +334,15 @@ export async function updCookie(e) {
 	for (let item of Object.keys(stoken)) {
 		e.region = getServer(stoken[item].uid)
 		e.uid = stoken[item].uid
-		if(!e?.uid){
+		if (!e?.uid) {
 			Bot.logger.mark(`[刷新ck][stoken读取]qq:${e?.user_id}；uid:${e?.uid}`)
 			continue; //奇怪的东西
-		} 
+		}
 		let cookies = `uid=${stoken[item].stuid}&stoken=${stoken[item].stoken}`
 		if (stoken[item]?.mid) cookies += `&mid=${stoken[item]?.mid}`
 		let data = { cookies: cookies }
-		if(e?.uid[0]>5) data.method='post'
-		let res = await user.getData("bbsGetCookie",data, false)
+		if (e?.uid[0] > 5) data.method = 'post'
+		let res = await user.getData("bbsGetCookie", data, false)
 		if (!res?.data) {
 			e.reply(`uid:${stoken[item].uid},请求异常：${res.message}`)
 			continue;
@@ -352,13 +353,13 @@ export async function updCookie(e) {
 			sendMsg = [...sendMsg, ...[`uid:${stoken[item].uid}`, e.msg]]
 		} else {
 			if (isV3) {
-				let userck = (await import(`file:///${_path}/plugins/genshin/model/user.js`)).default
+				let userck = (await import(`file://${_path}/plugins/genshin/model/user.js`)).default
 				e.ck = e.msg;
 				await (new userck(e)).bing()
 			} else {
 				let {
 					bingCookie
-				} = (await import(`file:///${_path}/lib/app/dailyNote.js`))
+				} = (await import(`file://${_path}/lib/app/dailyNote.js`))
 				e.isPrivate = true;
 				await bingCookie(e)
 			}
diff --git a/apps/xiaoyao_image.js b/apps/xiaoyao_image.js
index c859b0b..81683d0 100644
--- a/apps/xiaoyao_image.js
+++ b/apps/xiaoyao_image.js
@@ -70,7 +70,7 @@ export async function getBasicVoide(e) {
 	if (source) {
 		let imgPath = await redis.get(`xiaoyao:basic:${source.message_id}`)
 		if (imgPath) {
-			e.reply([segment.video(`file:///${imgPath}`)])
+			e.reply([segment.video(`file://${imgPath}`)])
 			return true
 		}
 		if (source.time) {
@@ -129,7 +129,7 @@ const filePath = async function (e) {
 		}
 		let path = `${pathPlus}${val}/${msg}.png`
 		if (fs.existsSync(path)) {
-			e.reply(segment.image(`file:///${path}`));
+			e.reply(segment.image(`file://${path}`));
 			return true;
 		}
 	}
@@ -154,9 +154,9 @@ const send_Msg = async function (e, type, name) {
 	if (!fs.existsSync(path)) {
 		return false;
 	}
-	let msg = segment.image(`file:///${path}`)
+	let msg = segment.image(`file://${path}`)
 	try {
-		if (/动态|幻影/.test(e.msg)) msg = segment.video(`file:///${path.replace(/\.png|\.jpg/, '.mp4')}`)
+		if (/动态|幻影/.test(e.msg)) msg = segment.video(`file://${path.replace(/\.png|\.jpg/, '.mp4')}`)
 	} catch (error) {
 		Bot.logger.error(`发送七圣动态数据失败:` + error)
 		// error
diff --git a/model/mhyTopUpLogin.js b/model/mhyTopUpLogin.js
index 64c2969..18fa6ba 100644
--- a/model/mhyTopUpLogin.js
+++ b/model/mhyTopUpLogin.js
@@ -26,7 +26,7 @@ export default class mysTopLogin {
         this.e.reply(this.sendMsgUser)
         let res = await this.user.getData("qrCodeLogin", {
             device: this.device
-        })
+        },false)
         if (!res.data) {
             return false;
         }
@@ -41,14 +41,14 @@ export default class mysTopLogin {
             await utils.sleepAsync(5000)
             res = await this.user.getData("qrCodeQuery", {
                 device: this.device, ticket
-            })
+            },false)
             if (res?.data?.stat == "Scanned" && RedisData.GetQrCode == 1) {
-                Bot.logger.mark(`[米哈游登录] ${Bot.logger.mark(JSON.stringify(res))}`)
+                Bot.logger.mark(JSON.stringify(res))
                 await this.e.reply("二维码已扫描，请确认登录", true)
                 RedisData.GetQrCode++;
             }
             if (res?.data?.stat == "Confirmed") {
-                Bot.logger.mark(`[米哈游登录] ${Bot.logger.mark(JSON.stringify(res))}`)
+                Bot.logger.mark(JSON.stringify(res))
                 break
             }
         }
@@ -58,8 +58,8 @@ export default class mysTopLogin {
             return false
         }
         let raw = JSON.parse(res?.data?.payload?.raw)
-        let UserData = await this.user.getData("getTokenByGameToken", raw)
-        let ck = await this.user.getData("getCookieAccountInfoByGameToken", raw)
+        let UserData = await this.user.getData("getTokenByGameToken", raw,false)
+        let ck = await this.user.getData("getCookieAccountInfoByGameToken", raw,false)
         return {
             cookie: `ltoken=${UserData.data?.token?.token};ltuid=${UserData.data?.user_info?.aid};cookie_token=${ck.data?.cookie_token}`,
             stoken: `stoken=${UserData.data?.token?.token};stuid=${UserData.data?.user_info?.aid};mid=${UserData?.data?.user_info.mid}`
@@ -120,7 +120,7 @@ export default class mysTopLogin {
     }
     async crack_geetest() {
         let res = ""; //await this.user.getData("microgg", this.aigis_captcha_data, false)
-        Bot.logger.mark(`[米哈游登录] ${Bot.logger.mark(JSON.stringify(res))}`)
+        // Bot.logger.mark(`[米哈游登录] ${Bot.logger.mark(JSON.stringify(res))}`)
         await this.e.reply(`请完成验证：https://challenge.minigg.cn/manual/index.html?gt=${this.aigis_captcha_data.gt}&challenge=${this.aigis_captcha_data.challenge}`, true)
         for (let n = 1; n < 60; n++) {
             await utils.sleepAsync(5000)
diff --git a/model/mys/mihoyoApi.js b/model/mys/mihoyoApi.js
index 06d93d4..5c709e2 100644
--- a/model/mys/mihoyoApi.js
+++ b/model/mys/mihoyoApi.js
@@ -131,6 +131,7 @@ export default class miHoYoApi {
 		return res
 	}
 	getUrl(type, board, data) {
+		// if(/qrCodeLogin|qrCodeQuery|getTokenByGameToken|getCookieAccountInfoByGameToken/.test(type)) this.isOs=false;
 		let urlMap = {
 			userGameInfo: { //通用查询
 				url: `${this.apiMap.apiWeb}/binding/api/getUserGameRolesByCookie`,
diff --git a/model/mys/utils.js b/model/mys/utils.js
index 99647c4..e6497c5 100644
--- a/model/mys/utils.js
+++ b/model/mys/utils.js
@@ -70,10 +70,15 @@ export async function replyMake(e, _msg, lenght) {
 			user_id: Bot.uin
 		})
 	}
-	if (e._reply) {
-		e._reply(await Bot.makeForwardMsg(msgList));
+	if (e.isGroup) {
+		msgList = await e.group.makeForwardMsg(msgList)
 	} else {
-		e.reply(await Bot.makeForwardMsg(msgList));
+		msgList = await e.friend.makeForwardMsg(msgList)
+	}
+	if (e._reply) {
+		e._reply(msgList);
+	} else {
+		e.reply(msgList);
 	}
 }
 
diff --git a/resources/admin/index.html b/resources/admin/index.html
index 7bd5dca..09af130 100644
--- a/resources/admin/index.html
+++ b/resources/admin/index.html
@@ -119,6 +119,14 @@
 			</div>
 			<div class="cfg-desc">开启后将拦截login_ticket自动获取stoken</div>
 		</li>
+		<li class="cfg-li">
+			<div class="cfg-line">
+				扫码绑定
+				<span class="cfg-hint">#图鉴设置扫码绑定 + (0~3)</span>
+				<div class="cfg-status">{{@qrcode}}</div>
+			</div>
+			<div class="cfg-desc">0不限制，1限制群聊使用，2限制私聊使用，3禁用功能</div>
+		</li>
 		<li class="cfg-li">
 			<div class="cfg-line">
 				图鉴作为默认帮助