diff --git a/admin/extending.php b/admin/extending.php
index 9504da97..b423d6e8 100644
--- a/admin/extending.php
+++ b/admin/extending.php
@@ -8,4 +8,6 @@ if (!isset($panelTable['file']) || !in_array(urlencode($panel), $panelTable['fil
     throw new Typecho_Plugin_Exception(_t('页面不存在'), 404);
 }
 
-require_once $panel;
+list ($pluginName, $file) = explode('/', trim('/', $panel), 2);
+
+require_once $options->pluginDir($pluginName) . '/' . $file;
diff --git a/var/Widget/Options/Discussion.php b/var/Widget/Options/Discussion.php
index 68e59c3d..999eb1c9 100644
--- a/var/Widget/Options/Discussion.php
+++ b/var/Widget/Options/Discussion.php
@@ -198,7 +198,7 @@ class Widget_Options_Discussion extends Widget_Abstract_Options implements Widge
         $settings['commentsThreaded'] = $this->isEnableByCheckbox($settings['commentsShow'], 'commentsThreaded');
 
         $settings['commentsPageSize'] = intval($settings['commentsPageSize']);
-        $settings['commentsMaxNestingLevels'] = max(2, intval($settings['commentsMaxNestingLevels']));
+        $settings['commentsMaxNestingLevels'] = min(7, max(2, intval($settings['commentsMaxNestingLevels'])));
         $settings['commentsPageDisplay'] = ('first' == $settings['commentsPageDisplay']) ? 'first' : 'last';
         $settings['commentsOrder'] = ('DESC' == $settings['commentsOrder']) ? 'DESC' : 'ASC';
         $settings['commentsAvatarRating'] = in_array($settings['commentsAvatarRating'], array('G', 'PG', 'R', 'X'))
diff --git a/var/Widget/Options/Reading.php b/var/Widget/Options/Reading.php
index 6de80e4a..589422c8 100644
--- a/var/Widget/Options/Reading.php
+++ b/var/Widget/Options/Reading.php
@@ -191,6 +191,8 @@ class Widget_Options_Reading extends Widget_Options_Permalink
 
                 $settings['routingTable'] = serialize($routingTable);
             }
+        } else {
+            $settings['frontArchive'] = 0;
         }
 
         foreach ($settings as $name => $value) {
diff --git a/var/Widget/Users/Edit.php b/var/Widget/Users/Edit.php
index 3e51767c..6f4d3718 100644
--- a/var/Widget/Users/Edit.php
+++ b/var/Widget/Users/Edit.php
@@ -206,10 +206,12 @@ class Widget_Users_Edit extends Widget_Abstract_Users implements Widget_Interfac
             $this->response->goBack();
         }
 
+        $hasher = new PasswordHash(8, true);
+
         /** 取出数据 */
         $user = $this->request->from('name', 'mail', 'screenName', 'password', 'url', 'group');
         $user['screenName'] = empty($user['screenName']) ? $user['name'] : $user['screenName'];
-        $user['password'] = Typecho_Common::hash($user['password']);
+        $user['password'] = $hasher->HashPassword($user['password']);
         $user['created'] = $this->options->gmtTime;
 
         /** 插入数据 */
@@ -243,7 +245,8 @@ class Widget_Users_Edit extends Widget_Abstract_Users implements Widget_Interfac
         if (empty($user['password'])) {
             unset($user['password']);
         } else {
-            $user['password'] = Typecho_Common::hash($user['password']);
+            $hasher = new PasswordHash(8, true);
+            $user['password'] = $hasher->HashPassword($user['password']);
         }
 
         /** 更新数据 */
diff --git a/var/Widget/Users/Profile.php b/var/Widget/Users/Profile.php
index 02489bbc..f27e66d4 100644
--- a/var/Widget/Users/Profile.php
+++ b/var/Widget/Users/Profile.php
@@ -314,7 +314,8 @@ class Widget_Users_Profile extends Widget_Users_Edit implements Widget_Interface
             $this->response->goBack();
         }
 
-        $password = Typecho_Common::hash($this->request->password);
+        $hasher = new PasswordHash(8, true);
+        $password = $hasher->HashPassword($this->request->password);
 
         /** 更新数据 */
         $this->update(array('password' => $password),