diff --git a/app/controllers/users_controller.rb b/app/controllers/users_controller.rb
index a78428f..c0ccdf4 100644
--- a/app/controllers/users_controller.rb
+++ b/app/controllers/users_controller.rb
@@ -1,6 +1,7 @@
 class UsersController < ApplicationController
 
   before_action :authenticate, except: [ :emailExist, :usernameExist, :create ]
+  skip_before_action :verify_authenticity_token, :only => [:emailExist,:usernameExist,:create,:update]
 
   def emailExist
     if checkExist?(:email, params[:email])
@@ -42,6 +43,6 @@ class UsersController < ApplicationController
     end
 
     def user_params
-      params.require(:user).permit(:name, :password, :password_confirmation, :email, :phone)
+      params.require(:user).permit(:name,:password, :password_confirmation, :email, :phone)
     end
 end
diff --git a/app/models/user.rb b/app/models/user.rb
index da707d3..7dbe1c5 100644
--- a/app/models/user.rb
+++ b/app/models/user.rb
@@ -9,7 +9,7 @@ class User < ActiveRecord::Base
   validates :name, presence: true, uniqueness: true, length: { maximum: 30 }
   validates :email, presence: true, uniqueness: true, length: { maximum: 50},
            format: { with: /\A([^@\s]+)@((?:[-a-z0-9]+\.)+[a-z]{2,})\Z/i }
-  validates :password, length: { minimum: 6 }
+  validates :password, length: { minimum: 6 },on:create
   validates :phone, presence: true, uniqueness: true, format: { with: /\A[0-9]{11,11}\Z/i },
       multiline: false
 end
diff --git a/app/views/sessions/show.json.jbuilder b/app/views/sessions/show.json.jbuilder
index daacbcb..fa512e4 100644
--- a/app/views/sessions/show.json.jbuilder
+++ b/app/views/sessions/show.json.jbuilder
@@ -1 +1 @@
-json.extract! current_user, :id, :name, :email, :created_at
\ No newline at end of file
+json.extract! current_user, :id, :name, :email, :created_at,:phone
\ No newline at end of file
diff --git a/public/pages/alter_info.html b/public/pages/alter_info.html
index bef4e75..68d6572 100644
--- a/public/pages/alter_info.html
+++ b/public/pages/alter_info.html
@@ -62,21 +62,21 @@
                                         <div class="form-group row has-feedback">
                                             <label for="inputEmail3" class="col-sm-2 col-md-push-2 control-label">昵称</label>
                                             <div class="col-sm-6 col-md-push-2">
-                                                <input type="text" class="form-control" value="11" id="name" name="name" placeholder="姓名">
+                                                <input type="name" class="form-control" value="" id="name_alter" name="name" placeholder="">
                                             </div>
                                         </div>
                                         <!-- ./form-group -->
                                         <div class="form-group row has-feedback">
                                             <label for="inputPassword3" class="col-sm-2 col-md-push-2 control-label">联系方式</label>
                                             <div class="col-sm-6 col-md-push-2">
-                                                <input type="text" class="form-control" value="11" id="address" name="address" placeholder="地址">
+                                                <input type="phone" class="form-control" value="" id="phone_alter" name="address" placeholder="">
                                             </div>
                                         </div>
                                         <!-- ./form-group -->
                                         <div class="form-group row has-feedback">
                                             <label for="inputPassword3" class="col-sm-2 col-md-push-2 control-label">邮箱</label>
                                             <div class="col-sm-6 col-md-push-2">
-                                                <input type="email" class="form-control" value="11" id="mail" name="mail" placeholder="邮箱">
+                                                <input type="email" class="form-control" value="" id="email_alter" name="mail" placeholder="">
                                             </div>
                                         </div>
                                         <!-- ./form-group -->
@@ -84,7 +84,7 @@
                                 </div>
                                 <!-- /.box-body -->
                                 <div class="box-footer">
-                                    <button onclick="submit_query()" class="btn btn-primary pull-right">提交修改</button>
+                                    <button onclick="alter_basic()" class="btn btn-primary pull-right">提交修改</button>
                                 </div>
                                 <!-- /.box-footer -->
                             </div>
@@ -104,14 +104,14 @@
                                         <div class="form-group row has-feedback">
                                             <label for="inputPassword3" class="col-sm-2 col-md-push-2 control-label">输入新密码</label>
                                             <div class="col-sm-6 col-md-push-2">
-                                                <input type="text" class="form-control" value="11" id="address" name="address" placeholder="地址">
+                                                <input type="password" class="form-control" value="" id="pwd1" name="address" placeholder="">
                                             </div>
                                         </div>
                                         <!-- ./form-group -->
                                         <div class="form-group row has-feedback">
                                             <label for="inputPassword3" class="col-sm-2 col-md-push-2 control-label">再次输入新密码</label>
                                             <div class="col-sm-6 col-md-push-2">
-                                                <input type="email" class="form-control" value="11" id="mail" name="mail" placeholder="邮箱">
+                                                <input type="password" class="form-control" value="" id="pwd2" name="mail" placeholder="">
                                             </div>
                                         </div>
                                         <!-- ./form-group -->
@@ -119,7 +119,7 @@
                                 <!-- /.box-body -->
 
                                 <div class="box-footer">
-                                    <button type="submit" class="btn btn-primary pull-right">提交修改</button>
+                                    <button onclick="alter_pwd()" class="btn btn-primary pull-right">提交修改</button>
                                 </div>
                             </form>
                         </div>
@@ -144,6 +144,89 @@
     <!-- AdminLTE for demo purposes -->
     <script src="../dist/js/demo.js"></script>
     <!-- date select and query -->
+    <script>
+    //alert("111");
+    $(document).ready(function(){
+        $.ajax({
+            type: "get",
+            dataType: "json",
+            url:"/session.json",
+            statusCode: {
+                200: function(data) {// 请求成功
+                    $("#name_alter").val(data.name)
+                    $("#email_alter").val(data.email);
+                    $("#phone_alter").val(data.phone);
+                },
+                401:function(){// 未授权
+                    alert("未登录！");
+                    window.location.href="pages/login.html";
+                }
+            }
+        });
+    });
+    function alter_basic(){
+        var name=$("#name_alter").val();
+        var email=$("#email_alter").val();
+        var phone=$("#phone_alter").val();
+        if( name.length>0 && email.length>0 && phone.length>0 ){
+            $.ajax({
+                type: "patch",
+                dataType: "json",
+                url:"/user/current.json",
+                data:{
+                    "user[name]":name,
+                    "user[email]":email,
+                    "user[phone]":phone
+                },
+                statusCode: {
+                    200: function(data) {// 请求成功
+                        alert("更新成功！");
+                        window.location.reload();
+                    },
+                    401:function(){// 未授权
+                        alert("未登录！");
+                        window.location.href="pages/login.html";
+                    },
+                    422:function(){
+                        alert("输入不符合要求，请重新输入！");
+                    }
+                }
+            });  
+        }else{
+            alert("请输入完整！");
+        }
+    }
+    function alter_pwd(){
+        var pwd1=$("#pwd1").val();
+        var pwd2=$("#pwd2").val();
+        if( pwd1.length>0 && pwd2.length>0 && pwd1==pwd2 ){
+            $.ajax({
+                type: "patch",
+                dataType: "json",
+                url:"/user/current.json",
+                data:{
+                    "user[password]":pwd1,
+                    "user[password_confirmation]":pwd2
+                },
+                statusCode: {
+                    200: function(data) {// 请求成功
+                        alert("更新成功！");
+                        window.location.reload();
+                    },
+                    401:function(){// 未授权
+                        alert("未登录！");
+                        window.location.href="pages/login.html";
+                    },
+                    422:function(){
+                        alert("输入不符合要求，请重新输入！");
+                    }
+                }
+            });  
+        }else{
+            alert("请输入完整！");
+        }
+    }
+    </script>        
 </body>
 
 </html>
\ No newline at end of file