diff --git a/common/pom.xml b/common/pom.xml
index 4f7549b4..fc3c78d7 100644
--- a/common/pom.xml
+++ b/common/pom.xml
@@ -6,7 +6,7 @@
 	<parent>
 		<groupId>com.jeesite</groupId>
 		<artifactId>jeesite-parent</artifactId>
-		<version>4.2.0-SNAPSHOT</version>
+		<version>4.2.1-SNAPSHOT</version>
 		<relativePath>../parent/pom.xml</relativePath>
 	</parent>
 	
@@ -95,6 +95,16 @@
 			<version>${dom4j.version}</version>
 		</dependency>
 		
+		<!-- jdk11 JAXB module -->
+		<dependency>
+			<groupId>jakarta.xml.bind</groupId>
+			<artifactId>jakarta.xml.bind-api</artifactId>
+		</dependency>
+		<dependency>
+			<groupId>org.glassfish.jaxb</groupId>
+			<artifactId>jaxb-runtime</artifactId>
+		</dependency>
+		
 		<!-- XPath xml -->
 		<dependency>
 			<groupId>jaxen</groupId>
diff --git a/common/src/main/java/com/jeesite/common/codec/DesUtils.java b/common/src/main/java/com/jeesite/common/codec/DesUtils.java
index ee24fbd8..c82fe26b 100644
--- a/common/src/main/java/com/jeesite/common/codec/DesUtils.java
+++ b/common/src/main/java/com/jeesite/common/codec/DesUtils.java
@@ -43,7 +43,11 @@ public class DesUtils {
 			return "";
 		}
 		if ("Base64".equals(secretKey)) {
-			return EncodeUtils.decodeBase64String(data);
+			try {
+				return EncodeUtils.decodeBase64String(data);
+			}catch (IllegalArgumentException e) {
+				return "";
+			}
 		}
 		String[] ks = StringUtils.split(secretKey, ",");
 		if (ks.length >= 3){
diff --git a/common/src/main/java/com/jeesite/common/collect/ListUtils.java b/common/src/main/java/com/jeesite/common/collect/ListUtils.java
index 0e7080cb..c601d137 100644
--- a/common/src/main/java/com/jeesite/common/collect/ListUtils.java
+++ b/common/src/main/java/com/jeesite/common/collect/ListUtils.java
@@ -46,6 +46,27 @@ public class ListUtils extends org.apache.commons.collections.ListUtils {
     	return false;
     }
     
+	/**
+     * 是否包含字符串
+     * @param strs 验证字符串组
+     * @param strs2 字符串组
+     * @return 包含返回true
+     */ 	
+    public static boolean inString(List<String> strs, List<String> strs2){
+		if (strs != null && strs2 != null){
+        	for (String s : strs){
+        		if (s != null) {
+        			for (String s2 : strs2){
+        				if (StringUtils.trim(s).equals(StringUtils.trim(s2))){
+        					return true;
+        				}
+        			}
+        		}
+        	}
+    	}
+    	return false;
+    }
+    
 	public static <E> ArrayList<E> newArrayList() {
 		return new ArrayList<E>();
 	}
diff --git a/common/src/main/java/com/jeesite/common/utils/excel/ExcelImport.java b/common/src/main/java/com/jeesite/common/utils/excel/ExcelImport.java
index 6da81d0b..69dc42e1 100644
--- a/common/src/main/java/com/jeesite/common/utils/excel/ExcelImport.java
+++ b/common/src/main/java/com/jeesite/common/utils/excel/ExcelImport.java
@@ -37,6 +37,7 @@ import org.slf4j.LoggerFactory;
 import org.springframework.web.multipart.MultipartFile;
 
 import com.jeesite.common.callback.MethodCallback;
+import com.jeesite.common.codec.EncodeUtils;
 import com.jeesite.common.collect.ListUtils;
 import com.jeesite.common.collect.MapUtils;
 import com.jeesite.common.lang.DateUtils;
@@ -478,6 +479,10 @@ public class ExcelImport implements Closeable {
 						// 参数：Exception ex, int rowNum, int columnNum
 						exceptionCallback.execute(ex, i, column);
 					}
+					// 导入的数据进行 xss 过滤
+					if (val != null && val instanceof String) {
+						val = EncodeUtils.xssFilter(val.toString());
+					}
 					// set entity value
 					if (StringUtils.isNotBlank(ef.attrName())){
 						ReflectUtils.invokeSetter(e, ef.attrName(), val);
diff --git a/common/src/main/resources/static/laydate/5.0/laydate.js b/common/src/main/resources/static/laydate/5.0/laydate.js
index 414a890a..60a90a20 100644
--- a/common/src/main/resources/static/laydate/5.0/laydate.js
+++ b/common/src/main/resources/static/laydate/5.0/laydate.js
@@ -1647,8 +1647,8 @@
         } else {
           if(lay(btn).hasClass(DISABLED)) return that.hint('不在有效日期或时间范围内');
         }
-        that.done();
         that.setValue(that.parse()).remove()
+        that.done();
       }
     };
     active[type] && active[type]();
diff --git a/modules/core/pom.xml b/modules/core/pom.xml
index cbb477b3..2a7f870d 100644
--- a/modules/core/pom.xml
+++ b/modules/core/pom.xml
@@ -6,7 +6,7 @@
 	<parent>
 		<groupId>com.jeesite</groupId>
 		<artifactId>jeesite-parent</artifactId>
-		<version>4.2.0-SNAPSHOT</version>
+		<version>4.2.1-SNAPSHOT</version>
 		<relativePath>../../parent/pom.xml</relativePath>
 	</parent>
 	
diff --git a/modules/core/src/main/resources/config/jeesite-core.yml b/modules/core/src/main/resources/config/jeesite-core.yml
index f31ff36b..a4e384ec 100644
--- a/modules/core/src/main/resources/config/jeesite-core.yml
+++ b/modules/core/src/main/resources/config/jeesite-core.yml
@@ -335,10 +335,11 @@ shiro:
 
   # 登录提交信息加密（如果不需要加密，设置为空即可）
   loginSubmit:
-    # 登录提交信息安全Key，加密用户名、密码、验证码，后再提交（key设置为3个，用逗号分隔）加密方式：DES
-    # v4.2.0+ 支持 Base64 加密方式，方便移动端及第三方系统处理认证，可直接设置 Key 为 Base64
+    # 加密用户名、密码、验证码，后再提交（key设置为3个，用逗号分隔）加密方式：DES（4.1.9及之前版本默认设置）
+    # v4.2.0+ 开始支持 Base64 加密方式，方便移动端及第三方系统处理认证，可直接设置 Key 为 Base64（4.2.0+默认设置）
     #secretKey: thinkgem,jeesite,com
     secretKey: Base64
+    #secretKey: ~
   
   # 记住我密钥设置，你可以通过 com.jeesite.test.RememberMeKeyGen 类快速生成一个秘钥。
   # 若不设置，则每次启动系统后自动生成一个新秘钥，这样会导致每次重启后，客户端记录的用户信息将失效。
diff --git a/modules/core/src/main/resources/db/upgrade/core/versions b/modules/core/src/main/resources/db/upgrade/core/versions
index 37b2dc13..e6ba02b8 100644
--- a/modules/core/src/main/resources/db/upgrade/core/versions
+++ b/modules/core/src/main/resources/db/upgrade/core/versions
@@ -16,4 +16,5 @@
 4.1.7
 4.1.8
 4.1.9
-4.2.0
\ No newline at end of file
+4.2.0
+4.2.1
\ No newline at end of file
diff --git a/modules/core/src/main/resources/i18n/core/common_view/i18n_en.properties b/modules/core/src/main/resources/i18n/core/common_view/i18n_en.properties
index 0db3d027..8123bbcf 100644
--- a/modules/core/src/main/resources/i18n/core/common_view/i18n_en.properties
+++ b/modules/core/src/main/resources/i18n/core/common_view/i18n_en.properties
@@ -20,6 +20,7 @@
 操作=Actions
 更多=More
 更多操作=More action
+设置=Setting
 
 基本信息=Basic information
 详细信息=Detail information
diff --git a/modules/core/src/main/resources/i18n/core/common_view/i18n_ja_JP.properties b/modules/core/src/main/resources/i18n/core/common_view/i18n_ja_JP.properties
index ce276568..c0ff8db6 100644
--- a/modules/core/src/main/resources/i18n/core/common_view/i18n_ja_JP.properties
+++ b/modules/core/src/main/resources/i18n/core/common_view/i18n_ja_JP.properties
@@ -20,6 +20,7 @@
 操作=操作
 更多=さらに多
 更多操作=他の操作
+设置=設置
 
 基本信息=基本情報
 详细信息=詳細情報
diff --git a/modules/core/src/main/resources/static/ueditor/1.4/ueditor.all.js b/modules/core/src/main/resources/static/ueditor/1.4/ueditor.all.js
index 198cc473..eeb0a1b9 100644
--- a/modules/core/src/main/resources/static/ueditor/1.4/ueditor.all.js
+++ b/modules/core/src/main/resources/static/ueditor/1.4/ueditor.all.js
@@ -24454,6 +24454,7 @@ UE.plugin.register('simpleupload', function (){
         var w = containerBtn.offsetWidth || 20,
             h = containerBtn.offsetHeight || 20,
             btnIframe = document.createElement('iframe'),
+            btnIframe2 = document.createElement('iframe'), // ThinkGem
             btnStyle = 'display:block;width:' + w + 'px;height:' + h + 'px;overflow:hidden;border:0;margin:0;padding:0;position:absolute;top:0;left:0;filter:alpha(opacity=0);-moz-opacity:0;-khtml-opacity: 0;opacity: 0;cursor:pointer;';
 
         domUtils.on(btnIframe, 'load', function(){
@@ -24471,9 +24472,13 @@ UE.plugin.register('simpleupload', function (){
             'style="' + btnStyle + '">' +
             '<input id="edui_input_' + timestrap + '" type="file" accept="image/*" name="' + me.options.imageFieldName + '" ' +
             'style="' + btnStyle + '">' +
-            '</form>' +
-            '<iframe id="edui_iframe_' + timestrap + '" name="edui_iframe_' + timestrap + '" style="display:none;width:0;height:0;border:0;margin:0;padding:0;position:absolute;"></iframe>';
+            '</form>';// +
+            //'<iframe id="edui_iframe_' + timestrap + '" name="edui_iframe_' + timestrap + '" style="display:none;width:0;height:0;border:0;margin:0;padding:0;position:absolute;"></iframe>';
 
+            // 解决因 iframe 嵌套问题 session 丢失 ThinkGem
+            btnIframe2.id = 'edui_iframe_' + timestrap;
+            btnIframe2.name = 'edui_iframe_' + timestrap;
+            
             wrapper.className = 'edui-' + me.options.theme;
             wrapper.id = me.ui.id + '_iframeupload';
             btnIframeBody.style.cssText = btnStyle;
@@ -24488,7 +24493,7 @@ UE.plugin.register('simpleupload', function (){
 
             var form = btnIframeDoc.getElementById('edui_form_' + timestrap);
             var input = btnIframeDoc.getElementById('edui_input_' + timestrap);
-            var iframe = btnIframeDoc.getElementById('edui_iframe_' + timestrap);
+            var iframe = btnIframe2;//btnIframeDoc.getElementById('edui_iframe_' + timestrap);
 
             domUtils.on(input, 'change', function(){
                 if(!input.value) return;
@@ -24573,6 +24578,10 @@ UE.plugin.register('simpleupload', function (){
 
         btnIframe.style.cssText = btnStyle;
         containerBtn.appendChild(btnIframe);
+        
+        // 解决因 iframe 嵌套问题 session 丢失 ThinkGem
+        btnIframe2.style.cssText = 'display:none;width:0;height:0;border:0;margin:0;padding:0;position:absolute;';
+        containerBtn.appendChild(btnIframe2);
     }
 
     return {
diff --git a/modules/core/src/main/resources/templates/modules/gen/crud/viewList.xml b/modules/core/src/main/resources/templates/modules/gen/crud/viewList.xml
index f3d969ee..324ad7eb 100644
--- a/modules/core/src/main/resources/templates/modules/gen/crud/viewList.xml
+++ b/modules/core/src/main/resources/templates/modules/gen/crud/viewList.xml
@@ -22,6 +22,7 @@
 				\<% if(hasPermi('${permissionPrefix}:edit')){ %>
 					<a href="\${ctx}/${urlPrefix}/form" class="btn btn-default btnTool" title="\${text('新增${functionNameSimple}')}"><i class="fa fa-plus"></i> \${text('新增')}</a>
 				\<% } %>
+				<a href="#" class="btn btn-default" id="btnSetting" title="\${text('设置')}"><i class="fa fa-navicon"></i></a>
 			</div>
 		</div>
 		<div class="box-body">
diff --git a/modules/core/src/main/resources/templates/modules/gen/query/viewList.xml b/modules/core/src/main/resources/templates/modules/gen/query/viewList.xml
index 0bee5603..a1226315 100644
--- a/modules/core/src/main/resources/templates/modules/gen/query/viewList.xml
+++ b/modules/core/src/main/resources/templates/modules/gen/query/viewList.xml
@@ -19,6 +19,7 @@
 				<a href="#" class="btn btn-default" id="btnExpandTreeNode" title="\${text('展开一级')}"><i class="fa fa-angle-double-down"></i> \${text('展开')}</a>
 				<a href="#" class="btn btn-default" id="btnCollapseTreeNode" title="\${text('折叠全部')}"><i class="fa fa-angle-double-up"></i> \${text('折叠')}</a>
 				<% } %>
+				<a href="#" class="btn btn-default" id="btnSetting" title="\${text('设置')}"><i class="fa fa-navicon"></i></a>
 			</div>
 		</div>
 		<div class="box-body">
diff --git a/modules/core/src/main/resources/views/include/jslibs.html b/modules/core/src/main/resources/views/include/jslibs.html
index 79522054..ca0496eb 100644
--- a/modules/core/src/main/resources/views/include/jslibs.html
+++ b/modules/core/src/main/resources/views/include/jslibs.html
@@ -7,6 +7,9 @@
 <% if (@ListUtils.inString('zTree', libs!)){ %>
 <script src="${ctxStatic}/jquery-ztree/3.5/js/jquery.ztree.all-3.5.js?${_version}"></script>
 <% } %>
+<% if (@ListUtils.inString(['tabPage', 'dataGrid', 'fileupload'], libs!)){ %>
+<script src="${ctxStatic}/jquery/jquery-ui-sortable-1.12.1.min.js"></script>
+<% } %>
 <% if (@ListUtils.inString('tabPage', libs!)){ %>
 <script src="${ctxStatic}/wdScrollTab/js/TabPanel.js?${_version}"></script>
 <script src="${ctxStatic}/wdScrollTab/js/TabPanel.extend.js?${_version}"></script>
@@ -34,7 +37,6 @@
 <script src="${ctxStatic}/webuploader/0.1/webuploader.js?${_version}"></script>
 <script src="${ctxStatic}/webuploader/0.1/webuploader.extend.js?${_version}"></script>
 <script src="${ctxStatic}/webuploader/0.1/i18n/${lang()}.js?${_version}"></script>
-<script src="${ctxStatic}/jquery/jquery-ui-sortable-1.12.1.min.js"></script>
 <% } %>
 <% if (@ListUtils.inString('ueditor', libs!)){ %>
 <script src="${ctxStatic}/ueditor/1.4/ueditor.config.js?${_version}"></script>
diff --git a/modules/core/src/main/resources/views/modules/msg/msgInnerList.html b/modules/core/src/main/resources/views/modules/msg/msgInnerList.html
index 494668af..e6ac4681 100644
--- a/modules/core/src/main/resources/views/modules/msg/msgInnerList.html
+++ b/modules/core/src/main/resources/views/modules/msg/msgInnerList.html
@@ -10,6 +10,7 @@
 				<% if(hasPermi('msg:msgInner:edit')){ %>
 					<a href="${ctx}/msg/msgInner/form" class="btn btn-default btnTool" title="${text('新增')}"><i class="fa fa-plus"></i> ${text('新增')}</a>
 				<% } %>
+				<a href="#" class="btn btn-default" id="btnSetting" title="${text('设置')}"><i class="fa fa-navicon"></i></a>
 			</div>
 		</div>
 		<div class="box-body">
diff --git a/modules/core/src/main/resources/views/modules/sys/areaList.html b/modules/core/src/main/resources/views/modules/sys/areaList.html
index d43e2f83..6a76d9b9 100644
--- a/modules/core/src/main/resources/views/modules/sys/areaList.html
+++ b/modules/core/src/main/resources/views/modules/sys/areaList.html
@@ -13,6 +13,7 @@
 				<% if(hasPermi('sys:area:edit')){ %>
 					<a href="${ctx}/sys/area/form" class="btn btn-default btnTool" title="新增区域"><i class="fa fa-plus"></i> 新增</a>
 				<% } %>
+				<a href="#" class="btn btn-default" id="btnSetting" title="${text('设置')}"><i class="fa fa-navicon"></i></a>
 			</div>
 		</div>
 		<div class="box-body">
diff --git a/modules/core/src/main/resources/views/modules/sys/companyList.html b/modules/core/src/main/resources/views/modules/sys/companyList.html
index 27f70d1f..5482534c 100644
--- a/modules/core/src/main/resources/views/modules/sys/companyList.html
+++ b/modules/core/src/main/resources/views/modules/sys/companyList.html
@@ -13,6 +13,7 @@
 				<% if(hasPermi('sys:company:edit')){ %>
 					<a href="${ctx}/sys/company/form" class="btn btn-default btnTool" title="${text('新增公司')}"><i class="fa fa-plus"></i> ${text('新增')}</a>
 				<% } %>
+				<a href="#" class="btn btn-default" id="btnSetting" title="${text('设置')}"><i class="fa fa-navicon"></i></a>
 			</div>
 		</div>
 		<div class="box-body">
diff --git a/modules/core/src/main/resources/views/modules/sys/logList.html b/modules/core/src/main/resources/views/modules/sys/logList.html
index a19b8261..46d01a02 100644
--- a/modules/core/src/main/resources/views/modules/sys/logList.html
+++ b/modules/core/src/main/resources/views/modules/sys/logList.html
@@ -6,7 +6,8 @@
 				<i class="fa fa-bug"></i> 访问日志
 			</div>
 			<div class="box-tools pull-right">
-				<a href="#" class="btn btn-default" id="btnSearch" title="查询"><i class="fa fa-filter"></i> 查询</a>
+				<a href="#" class="btn btn-default" id="btnSearch" title="${text('查询')}"><i class="fa fa-filter"></i> ${text('查询')}</a>
+				<a href="#" class="btn btn-default" id="btnSetting" title="${text('设置')}"><i class="fa fa-navicon"></i></a>
 			</div>
 		</div>
 		<div class="box-body">
@@ -67,10 +68,12 @@
 					</div>
 					<div class="control-inline" style="width:75px;">
 						<select onchange="js.quickSelectDate(this.value, 'createDate_gte', 'createDate_lte');" class="form-control">
-							<option value="0">&nbsp;</option><option value="1">今日</option><option value="2">本周</option>
+							<option value="0">&nbsp;</option><option value="1">今日</option>
+							<option value="2">本周</option><option value="2|7">上周</option>
 							<option value="3">本月</option><option value="4">本季度</option>
-							<option value="5">上个月</option><option value="5|3">上3个月</option>
-							<option value="6">前1个月</option><option value="6|3">前3个月</option>
+							<option value="5">上1个月</option><option value="5|3">上3个月</option>
+							<option value="1|7">近1个周</option><option value="6">近1个月</option>
+							<option value="6|3">近3个月</option>
 						</select>
 					</div>
 				</div>
diff --git a/modules/core/src/main/resources/views/modules/sys/officeList.html b/modules/core/src/main/resources/views/modules/sys/officeList.html
index 2890365f..699a61e7 100644
--- a/modules/core/src/main/resources/views/modules/sys/officeList.html
+++ b/modules/core/src/main/resources/views/modules/sys/officeList.html
@@ -13,6 +13,7 @@
 				<% if(hasPermi('sys:office:edit')){ %>
 					<a href="${ctx}/sys/office/form" class="btn btn-default btnTool" title="${text('新增机构')}"><i class="fa fa-plus"></i> ${text('新增')}</a>
 				<% } %>
+				<a href="#" class="btn btn-default" id="btnSetting" title="${text('设置')}"><i class="fa fa-navicon"></i></a>
 			</div>
 		</div>
 		<div class="box-body">
diff --git a/modules/core/src/main/resources/views/modules/sys/onlineList.html b/modules/core/src/main/resources/views/modules/sys/onlineList.html
index 99b5813b..10c381e8 100644
--- a/modules/core/src/main/resources/views/modules/sys/onlineList.html
+++ b/modules/core/src/main/resources/views/modules/sys/onlineList.html
@@ -7,6 +7,7 @@
 			</div>
 			<div class="box-tools pull-right">
 				<a href="#" class="btn btn-default" id="btnSearch" title="${text('查询')}"><i class="fa fa-filter"></i> ${text('查询')}</a>
+				<a href="#" class="btn btn-default" id="btnSetting" title="${text('设置')}"><i class="fa fa-navicon"></i></a>
 			</div>
 		</div>
 		<div class="box-body">
diff --git a/modules/core/src/main/resources/views/modules/sys/postList.html b/modules/core/src/main/resources/views/modules/sys/postList.html
index c026671e..4cecd950 100644
--- a/modules/core/src/main/resources/views/modules/sys/postList.html
+++ b/modules/core/src/main/resources/views/modules/sys/postList.html
@@ -10,6 +10,7 @@
 				<% if(hasPermi('sys:post:edit')){ %>
 					<a href="${ctx}/sys/post/form" class="btn btn-default btnTool" title="${text('新增岗位')}"><i class="fa fa-plus"></i> ${text('新增')}</a>
 				<% } %>
+				<a href="#" class="btn btn-default" id="btnSetting" title="${text('设置')}"><i class="fa fa-navicon"></i></a>
 			</div>
 		</div>
 		<div class="box-body">
diff --git a/modules/core/src/main/resources/views/modules/sys/user/corpAdminList.html b/modules/core/src/main/resources/views/modules/sys/user/corpAdminList.html
index 10881915..5681d442 100644
--- a/modules/core/src/main/resources/views/modules/sys/user/corpAdminList.html
+++ b/modules/core/src/main/resources/views/modules/sys/user/corpAdminList.html
@@ -14,6 +14,7 @@
 					<a href="${ctx}/sys/corpAdmin/form?corpCode_=${user.currentUser.corpCode_}&corpName_=${user.currentUser.corpName_}&op=addAdmin" class="btn btn-default btnTool" title="${text('新增管理员')}"><i class="fa fa-plus"></i> ${text('新增管理员')}</a>
 					<% } %>
 				<% } %>
+				<a href="#" class="btn btn-default" id="btnSetting" title="${text('设置')}"><i class="fa fa-navicon"></i></a>
 			</div>
 		</div>
 		<div class="box-body">
diff --git a/modules/core/src/main/resources/views/modules/sys/user/empUserList.html b/modules/core/src/main/resources/views/modules/sys/user/empUserList.html
index 2cc9c31d..3d08d0f4 100644
--- a/modules/core/src/main/resources/views/modules/sys/user/empUserList.html
+++ b/modules/core/src/main/resources/views/modules/sys/user/empUserList.html
@@ -17,6 +17,7 @@
 					<ul class="dropdown-menu">
 						<li><a href="javascript:" id="btnExport"><i class="glyphicon glyphicon-export"></i> ${text('导出')}</a></li>
 						<li><a href="javascript:" id="btnImport"><i class="glyphicon glyphicon-import"></i> ${text('导入')}</a></li>
+						<li><a href="javascript:" id="btnSetting"><i class="fa fa-navicon"></i> ${text('设置')}</a></li>
 					</ul>
 				</div>
 			</div>
@@ -126,7 +127,7 @@ $('#dataGrid').dataGrid({
 		{header:'${text("状态")}', name:'status', index:'a.status', width:140, align:"center", formatter: function(val, obj, row, act){
 			return js.getDictLabel(${@DictUtils.getDictListJson('sys_status')}, val, '未知', true);
 		}},
-		{header:'${text("操作")}', name:'actions', width:260, sortable:false, title:false, formatter: function(val, obj, row, act){
+		{header:'${text("操作")}', name:'actions', width:270, sortable:false, title:false, formatter: function(val, obj, row, act){
 			var actions = [];
 			<% if(hasPermi('sys:empUser:edit')){ %>
 				actions.push('<a href="${ctx}/sys/empUser/form?userCode='+row.userCode+'&op=edit" class="btnList" title="${text("编辑用户")}"><i class="fa fa-pencil"></i></a>&nbsp;');
diff --git a/modules/core/src/main/resources/views/modules/sys/user/secAdminList.html b/modules/core/src/main/resources/views/modules/sys/user/secAdminList.html
index 9cd289bf..2525716c 100644
--- a/modules/core/src/main/resources/views/modules/sys/user/secAdminList.html
+++ b/modules/core/src/main/resources/views/modules/sys/user/secAdminList.html
@@ -9,6 +9,7 @@
 			<div class="box-tools pull-right">
 				<a href="#" class="btn btn-default" id="btnSearch" title="${text('查询')}"><i class="fa fa-filter"></i> ${text('查询')}</a>
 				<a href="#" class="btn btn-default" id="btnAddAdmin" title="${text('新增')}"><i class="fa fa-plus"></i> ${text('新增')}</a>
+				<a href="#" class="btn btn-default" id="btnSetting" title="${text('设置')}"><i class="fa fa-navicon"></i></a>
 			</div>
 		</div>
 		<div class="box-body">
diff --git a/modules/template/pom.xml b/modules/template/pom.xml
index a4032723..f04c1962 100644
--- a/modules/template/pom.xml
+++ b/modules/template/pom.xml
@@ -6,7 +6,7 @@
 	<parent>
 		<groupId>com.jeesite</groupId>
 		<artifactId>jeesite-parent</artifactId>
-		<version>4.2.0-SNAPSHOT</version>
+		<version>4.2.1-SNAPSHOT</version>
 		<relativePath>../../parent/pom.xml</relativePath>
 		
 		<!-- ====== 这是一个新增模块示例项目，你可以拷贝此项目，修改 artifactId 为您的模块即可 ====== -->
diff --git a/parent/pom.xml b/parent/pom.xml
index f4071b25..48222aa3 100644
--- a/parent/pom.xml
+++ b/parent/pom.xml
@@ -6,12 +6,12 @@
 	<parent>
 		<groupId>org.springframework.boot</groupId>
 		<artifactId>spring-boot-starter-parent</artifactId>
-		<version>2.2.8.RELEASE</version>
+		<version>2.2.9.RELEASE</version>
 	</parent>
 	
 	<groupId>com.jeesite</groupId>
 	<artifactId>jeesite-parent</artifactId>
-	<version>4.2.0-SNAPSHOT</version>
+	<version>4.2.1-SNAPSHOT</version>
 	<packaging>pom</packaging>
 	
 	<name>JeeSite Parent</name>
@@ -373,6 +373,12 @@
 		<pluginRepository>
 			<id>aliyun-repos</id>
 			<url>https://maven.aliyun.com/repository/public</url>
+			<releases><enabled>true</enabled></releases>
+			<snapshots><enabled>false</enabled></snapshots>
+		</pluginRepository>
+		<pluginRepository>
+			<id>jeesite-repos</id>
+			<url>http://maven.jeesite.net/repository/maven-public</url>
 		</pluginRepository>
 	</pluginRepositories>
 	
diff --git a/root/pom.xml b/root/pom.xml
index 8e7b7412..0a71acdc 100644
--- a/root/pom.xml
+++ b/root/pom.xml
@@ -5,7 +5,7 @@
 	
 	<groupId>com.jeesite</groupId>
 	<artifactId>jeesite-root</artifactId>
-	<version>4.2.0-SNAPSHOT</version>
+	<version>4.2.1-SNAPSHOT</version>
 	<packaging>pom</packaging>
 	
 	<name>JeeSite</name>
diff --git a/web/pom.xml b/web/pom.xml
index 54b7ec9e..09131ecf 100644
--- a/web/pom.xml
+++ b/web/pom.xml
@@ -6,7 +6,7 @@
 	<parent>
 		<groupId>com.jeesite</groupId>
 		<artifactId>jeesite-parent</artifactId>
-		<version>4.2.0-SNAPSHOT</version>
+		<version>4.2.1-SNAPSHOT</version>
 		<relativePath>../parent/pom.xml</relativePath>
 	</parent>
 	
@@ -159,6 +159,12 @@
 		<pluginRepository>
 			<id>aliyun-repos</id>
 			<url>https://maven.aliyun.com/repository/public</url>
+			<releases><enabled>true</enabled></releases>
+			<snapshots><enabled>false</enabled></snapshots>
+		</pluginRepository>
+		<pluginRepository>
+			<id>jeesite-repos</id>
+			<url>http://maven.jeesite.net/repository/maven-public</url>
 		</pluginRepository>
 	</pluginRepositories>
 	
diff --git a/web/src/main/resources/config/application.yml b/web/src/main/resources/config/application.yml
index 2f13eca7..d54f52c0 100644
--- a/web/src/main/resources/config/application.yml
+++ b/web/src/main/resources/config/application.yml
@@ -447,10 +447,11 @@ shiro:
 #
 #  # 登录提交信息加密（如果不需要加密，设置为空即可）
 #  loginSubmit:
-#    # 登录提交信息安全Key，加密用户名、密码、验证码，后再提交（key设置为3个，用逗号分隔）加密方式：DES
-#    # v4.2.0+ 支持 Base64 加密方式，方便移动端及第三方系统处理认证，可直接设置 Key 为 Base64
+#    # 加密用户名、密码、验证码，后再提交（key设置为3个，用逗号分隔）加密方式：DES（4.1.9及之前版本默认设置）
+#    # v4.2.0+ 开始支持 Base64 加密方式，方便移动端及第三方系统处理认证，可直接设置 Key 为 Base64（4.2.0+默认设置）
 #    #secretKey: thinkgem,jeesite,com
 #    secretKey: Base64
+#    #secretKey: ~
   
   # 记住我密钥设置，你可以通过 com.jeesite.test.RememberMeKeyGen 类快速生成一个秘钥。
   # 若不设置，则每次启动系统后自动生成一个新秘钥，这样会导致每次重启后，客户端记录的用户信息将失效。
diff --git a/web/src/main/resources/views/modules/test/testDataList.html b/web/src/main/resources/views/modules/test/testDataList.html
index c9df4393..04830961 100644
--- a/web/src/main/resources/views/modules/test/testDataList.html
+++ b/web/src/main/resources/views/modules/test/testDataList.html
@@ -11,6 +11,7 @@
 					<a href="${ctx}/test/testData/form" class="btn btn-default btnTool" title="${text('新增数据')}"><i class="fa fa-plus"></i> ${text('新增')}</a>
 				<% } %>
 				<a href="#" class="btn btn-default" id="btnTrunsTest" title="事务测试"><i class="fa fa-refresh"></i> 事务测试</a>
+				<a href="#" class="btn btn-default" id="btnSetting" title="${text('设置')}"><i class="fa fa-navicon"></i></a>
 			</div>
 		</div>
 		<div class="box-body">
@@ -123,7 +124,9 @@ $('#dataGrid').dataGrid({
 	columnModel: [
 		{header:'${text("单行文本")}', name:'testInput', index:'a.test_input', width:250, align:"left", frozen:true, formatter: function(val, obj, row, act){
 			return '<a href="${ctx}/test/testData/form?id='+row.id+'" class="btnList" data-title="${text("编辑数据")}">'+(val||row.id)+'</a>';
-		}},
+		}, searchoptions: { dataInit: function (element) {
+			$(element).attr('form', 'searchForm').attr('name', 'testInput2');
+		}}},
 		{header:'${text("多行文本")}', name:'testTextarea', index:'a.test_textarea', width:150, align:"left"},
 		{header:'${text("下拉框")}', name:'testSelect', index:'a.test_select', width:150, align:"center", formatter: function(val, obj, row, act){
 			return js.getDictLabel(${@DictUtils.getDictListJson('sys_menu_type')}, val, '${text("未知")}', true);
@@ -215,6 +218,12 @@ $('#dataGrid').dataGrid({
 //			$("#dataGrid").parent().append("<div class=\"ml10\">没有符合数据</div>");
 //		}
 	}
+})
+// 开启表头下放搜索工具条
+//.jqGrid('filterToolbar')
+// 列表设置显示隐藏或排序后的事件（可用于设置持久化）
+.on('jqGridRemapColumns',function(){
+	log($('#dataGrid').dataGrid('getParam', 'columnModel'));
 });
 $("#btnTrunsTest").click(function(){ 
 	js.ajaxSubmit("${ctx}/test/testData/transTest", function(data){