fixed #77

var/Widget/Abstract/Contents.php

@@ -512,12 +512,12 @@ class Widget_Abstract_Contents extends Widget_Abstract
 
         $value['slug'] = $tmpSlug;
         $value['category'] = $tmpCategory;
-
+        
         /** 处理密码保护流程 */
         if (!empty($value['password']) &&
         $value['password'] != $this->request->protectPassword &&
-        ($value['authorId'] != $this->user->uid
-        || !$this->user->pass('editor', true))) {
+        $value['authorId'] != $this->user->uid && 
+        !$this->user->pass('editor', true)) {
             $value['hidden'] = true;
 
             /** 抛出错误 */

var/Widget/User.php

@@ -121,7 +121,7 @@ class Widget_User extends Typecho_Widget
         /** 开始验证用户 **/
         $user = $this->db->fetchRow($this->db->select()
         ->from('table.users')
-        ->where('name = ?', $name)
+        ->where((strpos($name, '@') ? 'mail' : 'name') . ' = ?', $name)
         ->limit(1));
 
         $hashValidate = $this->pluginHandle()->trigger($hashPluggable)->hashValidate($password, $user['password']);