diff --git a/function/common.php b/common.php
similarity index 83%
rename from function/common.php
rename to common.php
index 9290cca..7f3bb59 100644
--- a/function/common.php
+++ b/common.php
@@ -25,6 +25,9 @@ $Base64Env = [
     'guestup_path',
     //'usesharepoint',
     'sharepointname',
+    'shareurl',
+    'sharecookie',
+    'shareapiurl',
     //'siteid',
     'public_path',
     //'refresh_token',
@@ -77,6 +80,9 @@ $InnerEnv = [
     'usesharepoint',
     'sharepointname',
     'siteid',
+    'shareurl',
+    'sharecookie',
+    'shareapiurl',
     'public_path',
     'refresh_token',
     'token_expires',
@@ -94,11 +100,252 @@ $ShowedInnerEnv = [
     //'usesharepoint',
     //'sharepointname',
     //'siteid',
+    //'shareurl',
+    //'sharecookie',
+    //'shareapiurl',
     'public_path',
     //'refresh_token',
     //'token_expires',
 ];
 
+function main($path)
+{
+    global $exts;
+    global $constStr;
+
+    if (isset($_COOKIE['language'])) $constStr['language'] = $_COOKIE['language'];
+    if (!$constStr['language']) $constStr['language'] = getConfig('language');
+    if ($constStr['language']=='') $constStr['language'] = 'en-us';
+    $_SERVER['language'] = $constStr['language'];
+    $_SERVER['PHP_SELF'] = path_format($_SERVER['base_path'] . $path);
+
+    if (getConfig('admin')=='') return install();
+    if (getConfig('adminloginpage')=='') {
+        $adminloginpage = 'admin';
+    } else {
+        $adminloginpage = getConfig('adminloginpage');
+    }
+    if (isset($_GET[$adminloginpage])) {
+        if (isset($_GET['preview'])) {
+            $url = $_SERVER['PHP_SELF'] . '?preview';
+        } else {
+            $url = path_format($_SERVER['PHP_SELF'] . '/');
+        }
+        if (getConfig('admin')!='') {
+            if ($_POST['password1']==getConfig('admin')) {
+                return adminform('admin',md5($_POST['password1']),$url);
+            } else return adminform();
+        } else {
+            return output('', 302, [ 'Location' => $url ]);
+        }
+    }
+    if (getConfig('admin')!='')
+        if ( (isset($_COOKIE['admin'])&&$_COOKIE['admin']==md5(getConfig('admin'))) || (isset($_POST['password1'])&&$_POST['password1']==getConfig('admin')) ) {
+            $_SERVER['admin']=1;
+            $_SERVER['needUpdate'] = needUpdate();
+        } else {
+            $_SERVER['admin']=0;
+        }
+    if (isset($_GET['setup']))
+        if ($_SERVER['admin']) {
+            // setup Environments. 设置，对环境变量操作
+            return EnvOpt($_SERVER['needUpdate']);
+        } else {
+            $url = path_format($_SERVER['PHP_SELF'] . '/');
+            return output('<script>alert(\''.getconstStr('SetSecretsFirst').'\');</script>', 302, [ 'Location' => $url ]);
+        }
+
+    $_SERVER['base_disk_path'] = $_SERVER['base_path'];
+    $disktags = explode("|",getConfig('disktag'));
+//    echo 'count$disk:'.count($disktags);
+    if (count($disktags)>1) {
+        if ($path=='/'||$path=='') return output('', 302, [ 'Location' => path_format($_SERVER['base_path'].'/'.$disktags[0].'/') ]);
+        $_SERVER['disktag'] = $path;
+        $pos = strpos($path, '/');
+        if ($pos>1) $_SERVER['disktag'] = substr($path, 0, $pos);
+        if (!in_array($_SERVER['disktag'], $disktags)) return message('<meta http-equiv="refresh" content="2;URL='.$_SERVER['base_path'].'">Please visit from <a href="'.$_SERVER['base_path'].'">Home Page</a>.', 'Error', 404);
+        $path = substr($path, strlen('/'.$_SERVER['disktag']));
+        if ($_SERVER['disktag']!='') $_SERVER['base_disk_path'] = path_format($_SERVER['base_disk_path']. '/' . $_SERVER['disktag'] . '/');
+    } else $_SERVER['disktag'] = $disktags[0];
+//    echo 'main.disktag:'.$_SERVER['disktag'].'，path:'.$path.'
+//';
+    $_SERVER['list_path'] = getListpath($_SERVER['HTTP_HOST']);
+    if ($_SERVER['list_path']=='') $_SERVER['list_path'] = '/';
+    $_SERVER['is_guestup_path'] = is_guestup_path($path);
+    $_SERVER['ajax']=0;
+    if (isset($_SERVER['HTTP_X_REQUESTED_WITH'])) if ($_SERVER['HTTP_X_REQUESTED_WITH']=='XMLHttpRequest') $_SERVER['ajax']=1;
+
+    config_oauth();
+    if ($_SERVER['admin']) if (isset($_GET['AddDisk'])||isset($_GET['authorization_code'])) return get_refresh_token();
+    $refresh_token = getConfig('refresh_token');
+    //if (!$refresh_token) return get_refresh_token();
+    if (!$refresh_token) {
+        return render_list();
+    } else {
+        if (!($_SERVER['access_token'] = getcache('access_token'))) {
+            get_access_token($refresh_token);
+        }
+
+        if ($_SERVER['ajax']) {
+            if ($_GET['action']=='del_upload_cache'&&substr($_GET['filename'],-4)=='.tmp') {
+                // del '.tmp' without login. 无需登录即可删除.tmp后缀文件
+                error_log('del.tmp:GET,'.json_encode($_GET,JSON_PRETTY_PRINT));
+                $tmp = MSAPI('DELETE',path_format(path_format($_SERVER['list_path'] . path_format($path)) . '/' . spurlencode($_GET['filename']) ),'',$_SERVER['access_token']);
+                $path1 = path_format($_SERVER['list_path'] . path_format($path));
+                if ($path1!='/'&&substr($path1,-1)=='/') $path1=substr($path1,0,-1);
+                savecache('path_' . $path1, json_decode('{}',true), 1);
+                return output($tmp['body'],$tmp['stat']);
+            }
+            if ($_GET['action']=='uploaded_rename') {
+                // rename .scfupload file without login.
+                // 无需登录即可重命名.scfupload后缀文件，filemd5为用户提交，可被构造，问题不大，以后处理
+                $oldname = spurlencode($_GET['filename']);
+                $pos = strrpos($oldname, '.');
+                if ($pos>0) $ext = strtolower(substr($oldname, $pos));
+                $oldname = path_format(path_format($_SERVER['list_path'] . path_format($path)) . '/' . $oldname . '.scfupload' );
+                $data = '{"name":"' . $_GET['filemd5'] . $ext . '"}';
+                //echo $oldname .'<br>'. $data;
+                $tmp = MSAPI('PATCH',$oldname,$data,$_SERVER['access_token']);
+                if ($tmp['stat']==409) {
+                    MSAPI('DELETE',$oldname,'',$_SERVER['access_token']);
+                    $tmpbody = json_decode($tmp['body'], true);
+                    $tmpbody['name'] = $_GET['filemd5'] . $ext;
+                    $tmp['body'] = json_encode($tmpbody);
+                }
+                $path1 = path_format($_SERVER['list_path'] . path_format($path));
+                if ($path1!='/'&&substr($path1,-1)=='/') $path1=substr($path1,0,-1);
+                savecache('path_' . $path1, json_decode('{}',true), 1);
+                return output($tmp['body'],$tmp['stat']);
+            }
+            if ($_GET['action']=='upbigfile') return bigfileupload($path);
+        }
+        if ($_SERVER['admin']) {
+            $tmp = adminoperate($path);
+            if ($tmp['statusCode'] > 0) {
+                $path1 = path_format($_SERVER['list_path'] . path_format($path));
+                if ($path1!='/'&&substr($path1,-1)=='/') $path1=substr($path1,0,-1);
+                savecache('path_' . $path1, json_decode('{}',true), 1);
+                return $tmp;
+            }
+        } else {
+            if ($_SERVER['ajax']) return output(getconstStr('RefreshtoLogin'),401);
+        }
+        $_SERVER['ishidden'] = passhidden($path);
+        if (isset($_GET['thumbnails'])) {
+            if ($_SERVER['ishidden']<4) {
+                if (in_array(strtolower(substr($path, strrpos($path, '.') + 1)), $exts['img'])) {
+                    return get_thumbnails_url($path);
+                } else return output(json_encode($exts['img']),400);
+            } else return output('',401);
+        }
+
+        $files = list_files($path);
+        //echo json_encode(array_keys($files['children']), JSON_PRETTY_PRINT);
+        if (isset($_GET['random'])&&$_GET['random']!=='') {
+            if ($_SERVER['ishidden']<4) {
+                $tmp = [];
+                foreach (array_keys($files['children']) as $filename) {
+                    if (strtolower(splitlast($filename,'.')[1])==strtolower($_GET['random'])) $tmp[$filename] = $files['children'][$filename][$_SERVER['DownurlStrName']];
+                }
+                $tmp = array_values($tmp);
+                if (count($tmp)>0) {
+            if (isset($_GET['url'])) return output($tmp[rand(0,count($tmp)-1)], 200);
+            return output('', 302, [ 'Location' => $tmp[rand(0,count($tmp)-1)] ]);
+                } else return output('',404);
+            } else return output('',401);
+        }
+        if (isset($files['file']) && !isset($_GET['preview'])) {
+            // is file && not preview mode
+            if ( $_SERVER['ishidden']<4 || (!!getConfig('downloadencrypt')&&$files['name']!=getConfig('passfile')) ) return output('', 302, [ 'Location' => $files[$_SERVER['DownurlStrName']] ]);
+        }
+        if ( isset($files['folder']) || isset($files['file']) ) {
+            return render_list($path, $files);
+        } else {
+            if (!isset($files['error'])) {
+                $files['error']['message'] = json_encode($files, JSON_PRETTY_PRINT);
+                $files['error']['code'] = 'unknownError';
+                $files['error']['stat'] = 500;
+            }
+            return message('<a href="'.$_SERVER['base_path'].'">'.getconstStr('Back').getconstStr('Home').'</a><div style="margin:8px;"><pre>' . $files['error']['message'] . '</pre></div><a href="javascript:history.back(-1)">'.getconstStr('Back').'</a>', $files['error']['code'], $files['error']['stat']);
+        }
+    }
+}
+
+function get_access_token($refresh_token)
+{
+    if (getConfig('Drive_ver')=='shareurl') {
+
+//if (!$files) $files['body'] = $arr['body'];
+            //$files['returnhead'] = $arr['returnhead'];
+            //$files['cookie'] = $arr['returnhead']['Set-Cookie'];
+//return $files;
+
+            /*$files['get'] = curl_request(
+                "https://mfedu-my.sharepoint.com/personal/ysun_ac_stu_office_gy/_api/web/GetListUsingPath(DecodedUrl=@a1)/RenderListDataAsStream?@a1='%2Fpersonal%2Fysun_ac_stu_office_gy%2FDocuments'&RootFolder=%2Fpersonal%2Fysun_ac_stu_office_gy%2FDocuments%2F&TryNewExperienceSingle=TRUE",
+                '{"parameters":{"__metadata":{"type":"SP.RenderListDataParameters"},"RenderOptions":136967,"AllowMultipleValueFilterForTaxonomyFields":true,"AddRequiredFields":true}}',
+                ['Accept' => 'application/json;odata=verbose', 'Content-Type' => 'application/json;odata=verbose', 'origin' => 'https://mfedu-my.sharepoint.com', 'Cookie' => $arr['returnhead']['Set-Cookie']],
+                1);
+                $files['get']['body'] = json_decode($files['get']['body'], true);
+                $_SERVER['access_token'] = splitlast($files['get']['body']['ListSchema']['.driveAccessToken'],'=')[1];
+                $_SERVER['api_url'] = $files['get']['body']['ListSchema']['.driveUrl'].'/root';
+
+                $files = json_decode( curl_request( $_SERVER['api_url'].'?expand=children(select=name,size,file,folder,parentReference,lastModifiedDateTime,@microsoft.graph.downloadUrl,@content.downloadUrl)', false, ['Authorization' => 'Bearer ' . $_SERVER['access_token'], 'Accept' => 'application/json'] )['body'], true);
+                $files['children']['a']['file'] = $_SERVER['api_url'];
+                $files['children']['a']['name'] = $_SERVER['api_url'];
+*/
+        $shareurl = getConfig('shareurl');
+        //$url = 'https://mfedu-my.sharepoint.com/:f:/g/personal/ysun_ac_stu_office_gy/EpDIBOaYyExHjfu-PJA46icB40X0FKVwmn_9UDJsRvu3Ug?e=XyRZxP';
+        //$url = 'https://2d2-my.sharepoint.com/:f:/g/personal/ysun_host_ac_cn/Ehy8pjSQSoZOtLDs4ZKPiGUBYFt26CjEwG6bw7W5vleNNQ?e=DLZcWF';
+        $tmp1 = splitlast($shareurl, '/')[0];
+        $account = splitlast($tmp1, '/')[1];
+        $tmp1 = splitlast($shareurl, ':')[0];
+        $domain = splitlast($tmp1, '/')[0];
+        if (!isset($_SERVER['sharecookie'])||$_SERVER['sharecookie']=='') $_SERVER['sharecookie'] = curl_request($shareurl,false, [],1)['returnhead']['Set-Cookie'];
+        $response = curl_request(
+            $domain . "/personal/" . $account . "/_api/web/GetListUsingPath(DecodedUrl=@a1)/RenderListDataAsStream?@a1='" . urlencode("/personal/" . $account . "/Documents") . "'&RootFolder=" . urlencode("/personal/" . $account . "/Documents/") . "&TryNewExperienceSingle=TRUE",
+            '{"parameters":{"__metadata":{"type":"SP.RenderListDataParameters"},"RenderOptions":136967,"AllowMultipleValueFilterForTaxonomyFields":true,"AddRequiredFields":true}}',
+            [ 'Accept' => 'application/json;odata=verbose', 'Content-Type' => 'application/json;odata=verbose', 'origin' => $domain, 'Cookie' => $_SERVER['sharecookie'] ]
+        );
+        if ($response['stat']==200) $ret = json_decode($response['body'], true);
+        $_SERVER['access_token'] = splitlast($ret['ListSchema']['.driveAccessToken'],'=')[1];
+        $_SERVER['api_url'] = $ret['ListSchema']['.driveUrl'].'/root';
+        if (!$_SERVER['access_token']) {
+            error_log($domain . "/personal/" . $account . "/_api/web/GetListUsingPath(DecodedUrl=@a1)/RenderListDataAsStream?@a1='" . urlencode("/personal/" . $account . "/Documents") . "'&RootFolder=" . urlencode("/personal/" . $account . "/Documents/") . "&TryNewExperienceSingle=TRUE");
+            error_log('failed to get access_token. response' . json_encode($ret));
+            throw new Exception($response['stat'].', failed to get access_token.'.$response['body']);
+        }
+        error_log('Get access token:'.json_encode($ret, JSON_PRETTY_PRINT));
+        savecache('access_token', $_SERVER['access_token']);
+        if (getConfig('sharecookie')==''||getConfig('shareapiurl')=='') setConfig([ 'sharecookie' => $_SERVER['sharecookie'], 'shareapiurl' => $_SERVER['api_url'] ]);
+    } else {
+        $response = curl_request( $_SERVER['oauth_url'] . 'token', 'client_id='. $_SERVER['client_id'] .'&client_secret='. $_SERVER['client_secret'] .'&grant_type=refresh_token&requested_token_use=on_behalf_of&refresh_token=' . $refresh_token );
+        if ($response['stat']==200) $ret = json_decode($response['body'], true);
+        if (!isset($ret['access_token'])) {
+            error_log($_SERVER['oauth_url'] . 'token'.'?client_id='. $_SERVER['client_id'] .'&client_secret='. $_SERVER['client_secret'] .'&grant_type=refresh_token&requested_token_use=on_behalf_of&refresh_token=' . $refresh_token);
+            error_log('failed to get access_token. response' . json_encode($ret));
+            throw new Exception($response['stat'].', failed to get access_token.'.$response['body']);
+        }
+        error_log('Get access token:'.json_encode($ret, JSON_PRETTY_PRINT));
+        $_SERVER['access_token'] = $ret['access_token'];
+        savecache('access_token', $_SERVER['access_token'], $ret['expires_in'] - 300);
+        if (time()>getConfig('token_expires')) setConfig([ 'refresh_token' => $ret['refresh_token'], 'token_expires' => time()+7*24*60*60 ]);
+    }
+}
+
+function list_files($path)
+{
+    $path = path_format($path);
+    if ($_SERVER['is_guestup_path']&&!$_SERVER['admin']) {
+        $files = json_decode('{"folder":{}}', true);
+    } elseif (!getConfig('downloadencrypt')) {
+        if ($_SERVER['ishidden']==4) $files = json_decode('{"folder":{}}', true);
+        else $files = fetch_files($path);
+    } else {
+        $files = fetch_files($path);
+    }
+    return $files;
+}
+
 function isHideFile($name)
 {
     $FunctionalityFile = [
@@ -139,6 +386,12 @@ function config_oauth()
     $_SERVER['sitename'] = getConfig('sitename');
     if (empty($_SERVER['sitename'])) $_SERVER['sitename'] = getconstStr('defaultSitename');
     $_SERVER['redirect_uri'] = 'https://scfonedrive.github.io';
+    if (getConfig('Drive_ver')=='shareurl') {
+        $_SERVER['api_url'] = getConfig('shareapiurl');
+        $_SERVER['sharecookie'] = getConfig('sharecookie');
+        $_SERVER['DownurlStrName'] = '@content.downloadUrl';
+        return 0;
+    }
     if (getConfig('Drive_ver')=='MS') {
         // MS
         // https://portal.azure.com
@@ -169,6 +422,7 @@ function config_oauth()
     }
     $_SERVER['client_secret'] = urlencode($_SERVER['client_secret']);
     $_SERVER['scope'] = urlencode($_SERVER['scope']);
+    $_SERVER['DownurlStrName'] = '@microsoft.graph.downloadUrl';
 }
 
 function get_siteid($access_token)
@@ -336,7 +590,7 @@ function gethiddenpass($path,$passfile)
         $ispassfile = fetch_files(path_format($path . '/' . urlencode($passfile)));
         //echo $path . '<pre>' . json_encode($ispassfile, JSON_PRETTY_PRINT) . '</pre>';
         if (isset($ispassfile['file'])) {
-            $arr = curl_request($ispassfile['@microsoft.graph.downloadUrl']);
+            $arr = curl_request($ispassfile[$_SERVER['DownurlStrName']]);
             if ($arr['stat']==200) {
                 $passwordf=explode("\n",$arr['body']);
                 $password=$passwordf[0];
@@ -427,7 +681,7 @@ function message($message, $title = 'Message', $statusCode = 200)
 
 function needUpdate()
 {
-    $current_ver = file_get_contents(__DIR__ . '/../version');
+    $current_ver = file_get_contents(__DIR__ . '/version');
     $current_ver = substr($current_ver, strpos($current_ver, '.')+1);
     $current_ver = explode(urldecode('%0A'),$current_ver)[0];
     $current_ver = explode(urldecode('%0D'),$current_ver)[0];
@@ -526,7 +780,7 @@ function bigfileupload($path)
         $getoldupinfo=fetch_files(path_format($path . '/' . $cachefilename));
         //echo json_encode($getoldupinfo, JSON_PRETTY_PRINT);
         if (isset($getoldupinfo['file'])&&$getoldupinfo['size']<5120) {
-            $getoldupinfo_j = curl_request($getoldupinfo['@microsoft.graph.downloadUrl']);
+            $getoldupinfo_j = curl_request($getoldupinfo[$_SERVER['DownurlStrName']]);
             $getoldupinfo = json_decode($getoldupinfo_j['body'], true);
             if ( json_decode( curl_request($getoldupinfo['uploadUrl'])['body'], true)['@odata.context']!='' ) return output($getoldupinfo_j['body'], $getoldupinfo_j['stat']);
         }
@@ -541,194 +795,6 @@ function bigfileupload($path)
     return output('error', 400);
 }
 
-function main($path)
-{
-    global $exts;
-    global $constStr;
-//echo 'main.enterpath:'.$path.'
-//';
-    if (isset($_COOKIE['language'])) $constStr['language'] = $_COOKIE['language'];
-    if (!$constStr['language']) $constStr['language'] = getConfig('language');
-    if ($constStr['language']=='') $constStr['language'] = 'en-us';
-    $_SERVER['language'] = $constStr['language'];
-    $_SERVER['PHP_SELF'] = path_format($_SERVER['base_path'] . $path);
-
-    if (getConfig('admin')=='') return install();
-    if (getConfig('adminloginpage')=='') {
-        $adminloginpage = 'admin';
-    } else {
-        $adminloginpage = getConfig('adminloginpage');
-    }
-    if (isset($_GET[$adminloginpage])) {
-        if (isset($_GET['preview'])) {
-            $url = $_SERVER['PHP_SELF'] . '?preview';
-        } else {
-            $url = path_format($_SERVER['PHP_SELF'] . '/');
-        }
-        if (getConfig('admin')!='') {
-            if ($_POST['password1']==getConfig('admin')) {
-                return adminform('admin',md5($_POST['password1']),$url);
-            } else return adminform();
-        } else {
-            return output('', 302, [ 'Location' => $url ]);
-        }
-    }
-    if (getConfig('admin')!='')
-        if ( (isset($_COOKIE['admin'])&&$_COOKIE['admin']==md5(getConfig('admin'))) || (isset($_POST['password1'])&&$_POST['password1']==getConfig('admin')) ) {
-            $_SERVER['admin']=1;
-            $_SERVER['needUpdate'] = needUpdate();
-        } else {
-            $_SERVER['admin']=0;
-        }
-    if (isset($_GET['setup']))
-        if ($_SERVER['admin']) {
-            // setup Environments. 设置，对环境变量操作
-            return EnvOpt($_SERVER['needUpdate']);
-        } else {
-            $url = path_format($_SERVER['PHP_SELF'] . '/');
-            return output('<script>alert(\''.getconstStr('SetSecretsFirst').'\');</script>', 302, [ 'Location' => $url ]);
-        }
-
-    $_SERVER['base_disk_path'] = $_SERVER['base_path'];
-    $disktags = explode("|",getConfig('disktag'));
-//    echo 'count$disk:'.count($disktags);
-    if (count($disktags)>1) {
-        if ($path=='/'||$path=='') return output('', 302, [ 'Location' => path_format($_SERVER['base_path'].'/'.$disktags[0].'/') ]);
-        $_SERVER['disktag'] = $path;
-        $pos = strpos($path, '/');
-        if ($pos>1) $_SERVER['disktag'] = substr($path, 0, $pos);
-        if (!in_array($_SERVER['disktag'], $disktags)) return message('<meta http-equiv="refresh" content="2;URL='.$_SERVER['base_path'].'">Please visit from <a href="'.$_SERVER['base_path'].'">Home Page</a>.', 'Error', 404);
-        $path = substr($path, strlen('/'.$_SERVER['disktag']));
-        if ($_SERVER['disktag']!='') $_SERVER['base_disk_path'] = path_format($_SERVER['base_disk_path']. '/' . $_SERVER['disktag'] . '/');
-    } else $_SERVER['disktag'] = $disktags[0];
-//    echo 'main.disktag:'.$_SERVER['disktag'].'，path:'.$path.'
-//';
-    $_SERVER['list_path'] = getListpath($_SERVER['HTTP_HOST']);
-    if ($_SERVER['list_path']=='') $_SERVER['list_path'] = '/';
-    $_SERVER['is_guestup_path'] = is_guestup_path($path);
-    $_SERVER['ajax']=0;
-    if (isset($_SERVER['HTTP_X_REQUESTED_WITH'])) if ($_SERVER['HTTP_X_REQUESTED_WITH']=='XMLHttpRequest') $_SERVER['ajax']=1;
-
-    config_oauth();
-    if ($_SERVER['admin']) if (isset($_GET['AddDisk'])||isset($_GET['authorization_code'])) return get_refresh_token();
-    $refresh_token = getConfig('refresh_token');
-    //if (!$refresh_token) return get_refresh_token();
-    if (!$refresh_token) {
-        return render_list();
-    } else {
-        if (!($_SERVER['access_token'] = getcache('access_token'))) {
-            $response = curl_request( $_SERVER['oauth_url'] . 'token', 'client_id='. $_SERVER['client_id'] .'&client_secret='. $_SERVER['client_secret'] .'&grant_type=refresh_token&requested_token_use=on_behalf_of&refresh_token=' . $refresh_token );
-            if ($response['stat']==200) $ret = json_decode($response['body'], true);
-            if (!isset($ret['access_token'])) {
-                error_log($_SERVER['oauth_url'] . 'token'.'?client_id='. $_SERVER['client_id'] .'&client_secret='. $_SERVER['client_secret'] .'&grant_type=refresh_token&requested_token_use=on_behalf_of&refresh_token=' . $refresh_token);
-                error_log('failed to get access_token. response' . json_encode($ret));
-                throw new Exception($response['stat'].', failed to get access_token.'.$response['body']);
-            }
-            error_log('Get access token:'.json_encode($ret, JSON_PRETTY_PRINT));
-            $_SERVER['access_token'] = $ret['access_token'];
-            savecache('access_token', $_SERVER['access_token'], $ret['expires_in'] - 300);
-            if (time()>getConfig('token_expires')) setConfig([ 'refresh_token' => $ret['refresh_token'], 'token_expires' => time()+7*24*60*60 ]);
-        }
-
-        if ($_SERVER['ajax']) {
-            if ($_GET['action']=='del_upload_cache'&&substr($_GET['filename'],-4)=='.tmp') {
-                // del '.tmp' without login. 无需登录即可删除.tmp后缀文件
-                error_log('del.tmp:GET,'.json_encode($_GET,JSON_PRETTY_PRINT));
-                $tmp = MSAPI('DELETE',path_format(path_format($_SERVER['list_path'] . path_format($path)) . '/' . spurlencode($_GET['filename']) ),'',$_SERVER['access_token']);
-                $path1 = path_format($_SERVER['list_path'] . path_format($path));
-                if ($path1!='/'&&substr($path1,-1)=='/') $path1=substr($path1,0,-1);
-                savecache('path_' . $path1, json_decode('{}',true), 1);
-                return output($tmp['body'],$tmp['stat']);
-            }
-            if ($_GET['action']=='uploaded_rename') {
-                // rename .scfupload file without login.
-                // 无需登录即可重命名.scfupload后缀文件，filemd5为用户提交，可被构造，问题不大，以后处理
-                $oldname = spurlencode($_GET['filename']);
-                $pos = strrpos($oldname, '.');
-                if ($pos>0) $ext = strtolower(substr($oldname, $pos));
-                $oldname = path_format(path_format($_SERVER['list_path'] . path_format($path)) . '/' . $oldname . '.scfupload' );
-                $data = '{"name":"' . $_GET['filemd5'] . $ext . '"}';
-                //echo $oldname .'<br>'. $data;
-                $tmp = MSAPI('PATCH',$oldname,$data,$_SERVER['access_token']);
-                if ($tmp['stat']==409) {
-                    MSAPI('DELETE',$oldname,'',$_SERVER['access_token']);
-                    $tmpbody = json_decode($tmp['body'], true);
-                    $tmpbody['name'] = $_GET['filemd5'] . $ext;
-                    $tmp['body'] = json_encode($tmpbody);
-                }
-                $path1 = path_format($_SERVER['list_path'] . path_format($path));
-                if ($path1!='/'&&substr($path1,-1)=='/') $path1=substr($path1,0,-1);
-                savecache('path_' . $path1, json_decode('{}',true), 1);
-                return output($tmp['body'],$tmp['stat']);
-            }
-            if ($_GET['action']=='upbigfile') return bigfileupload($path);
-        }
-        if ($_SERVER['admin']) {
-            $tmp = adminoperate($path);
-            if ($tmp['statusCode'] > 0) {
-                $path1 = path_format($_SERVER['list_path'] . path_format($path));
-                if ($path1!='/'&&substr($path1,-1)=='/') $path1=substr($path1,0,-1);
-                savecache('path_' . $path1, json_decode('{}',true), 1);
-                return $tmp;
-            }
-        } else {
-            if ($_SERVER['ajax']) return output(getconstStr('RefreshtoLogin'),401);
-        }
-        $_SERVER['ishidden'] = passhidden($path);
-        if (isset($_GET['thumbnails'])) {
-            if ($_SERVER['ishidden']<4) {
-                if (in_array(strtolower(substr($path, strrpos($path, '.') + 1)), $exts['img'])) {
-                    return get_thumbnails_url($path);
-                } else return output(json_encode($exts['img']),400);
-            } else return output('',401);
-        }
-
-        $files = list_files($path);
-        //echo json_encode(array_keys($files['children']), JSON_PRETTY_PRINT);
-        if (isset($_GET['random'])&&$_GET['random']!=='') {
-            if ($_SERVER['ishidden']<4) {
-                $tmp = [];
-                foreach (array_keys($files['children']) as $filename) {
-                    if (strtolower(splitlast($filename,'.')[1])==strtolower($_GET['random'])) $tmp[$filename] = $files['children'][$filename]['@microsoft.graph.downloadUrl'];
-                }
-                $tmp = array_values($tmp);
-                if (count($tmp)>0) {
-            if (isset($_GET['url'])) return output($tmp[rand(0,count($tmp)-1)], 200);
-            return output('', 302, [ 'Location' => $tmp[rand(0,count($tmp)-1)] ]);
-                } else return output('',404);
-            } else return output('',401);
-        }
-        if (isset($files['file']) && !isset($_GET['preview'])) {
-            // is file && not preview mode
-            if ( $_SERVER['ishidden']<4 || (!!getConfig('downloadencrypt')&&$files['name']!=getConfig('passfile')) ) return output('', 302, [ 'Location' => $files['@microsoft.graph.downloadUrl'] ]);
-        }
-        if ( isset($files['folder']) || isset($files['file']) ) {
-            return render_list($path, $files);
-        } else {
-            if (!isset($files['error'])) {
-                $files['error']['message'] = json_encode($files, JSON_PRETTY_PRINT);
-                $files['error']['code'] = 'unknownError';
-                $files['error']['stat'] = 500;
-            }
-            return message('<a href="'.$_SERVER['base_path'].'">'.getconstStr('Back').getconstStr('Home').'</a><div style="margin:8px;"><pre>' . $files['error']['message'] . '</pre></div><a href="javascript:history.back(-1)">'.getconstStr('Back').'</a>', $files['error']['code'], $files['error']['stat']);
-        }
-    }
-}
-
-function list_files($path)
-{
-    $path = path_format($path);
-    if ($_SERVER['is_guestup_path']&&!$_SERVER['admin']) {
-        $files = json_decode('{"folder":{}}', true);
-    } elseif (!getConfig('downloadencrypt')) {
-        if ($_SERVER['ishidden']==4) $files = json_decode('{"folder":{}}', true);
-        else $files = fetch_files($path);
-    } else {
-        $files = fetch_files($path);
-    }
-    return $files;
-}
-
 function adminform($name = '', $pass = '', $path = '')
 {
     $statusCode = 401;
@@ -990,10 +1056,10 @@ function fetch_files($path = '/')
         if ($parentpath=='') $parentpath = '/';
         $filename = $pos[1];
         if ($parentfiles = getcache('path_' . $parentpath)) {
-            if (isset($parentfiles['children'][$filename]['@microsoft.graph.downloadUrl'])) {
+            if (isset($parentfiles['children'][$filename][$_SERVER['DownurlStrName']])) {
                 if (in_array(splitlast($filename,'.')[1], $exts['txt'])) {
                     if (!(isset($parentfiles['children'][$filename]['content'])&&$parentfiles['children'][$filename]['content']['stat']==200)) {
-                        $content1 = curl_request($parentfiles['children'][$filename]['@microsoft.graph.downloadUrl']);
+                        $content1 = curl_request($parentfiles['children'][$filename][$_SERVER['DownurlStrName']]);
                         $parentfiles['children'][$filename]['content'] = $content1;
                         savecache('path_' . $parentpath, $parentfiles);
                     }
@@ -1007,16 +1073,16 @@ function fetch_files($path = '/')
             $url .= ':' . $path;
             if (substr($url,-1)=='/') $url=substr($url,0,-1);
         }
-        $url .= '?expand=children(select=name,size,file,folder,parentReference,lastModifiedDateTime,@microsoft.graph.downloadUrl)';
+        $url .= '?expand=children(select=name,size,file,folder,parentReference,lastModifiedDateTime,'.$_SERVER['DownurlStrName'].')';
         $retry = 0;
         $arr = [];
         while ($retry<3&&!$arr['stat']) {
-            $arr = curl_request($url, false, ['Authorization' => 'Bearer ' . $_SERVER['access_token']]);
+            $arr = curl_request($url, false, ['Authorization' => 'Bearer ' . $_SERVER['access_token']],1);
             $retry++;
         }
         if ($arr['stat']<500) {
             $files = json_decode($arr['body'], true);
-            // echo $path . '<br><pre>' . json_encode($files, JSON_PRETTY_PRINT) . '</pre>';
+            //echo $path . '<br><pre>' . json_encode($arr, JSON_PRETTY_PRINT) . '</pre>';
             if (isset($files['folder'])) {
                 if ($files['folder']['childCount']>200) {
                     // files num > 200 , then get nextlink
@@ -1072,7 +1138,7 @@ function fetch_files_children($files, $path, $page)
         // down cache file get jump info. 下载cache文件获取跳页链接
         $cachefile = fetch_files(path_format($path1 . '/' .$cachefilename));
         if ($cachefile['size']>0) {
-            $pageinfo = curl_request($cachefile['@microsoft.graph.downloadUrl'])['body'];
+            $pageinfo = curl_request($cachefile[$_SERVER['DownurlStrName']])['body'];
             $pageinfo = json_decode($pageinfo,true);
             for ($page4=1;$page4<$maxpage;$page4++) {
                 savecache('nextlink_' . $path . '_page_' . $page4, $pageinfo['nextlink_' . $path . '_page_' . $page4]);
@@ -1089,9 +1155,9 @@ function fetch_files_children($files, $path, $page)
                     if ($path !== '/') {
                         $url .= ':' . $path;
                         if (substr($url,-1)=='/') $url=substr($url,0,-1);
-                        $url .= ':/children?$select=name,size,file,folder,parentReference,lastModifiedDateTime,@microsoft.graph.downloadUrl';
+                        $url .= ':/children?$select=name,size,file,folder,parentReference,lastModifiedDateTime,'.$_SERVER['DownurlStrName'];
                     } else {
-                        $url .= '/children?$select=name,size,file,folder,parentReference,lastModifiedDateTime,@microsoft.graph.downloadUrl';
+                        $url .= '/children?$select=name,size,file,folder,parentReference,lastModifiedDateTime,'.$_SERVER['DownurlStrName'];
                     }
                     $children = json_decode(curl_request($url, false, ['Authorization' => 'Bearer ' . $_SERVER['access_token']])['body'], true);
                     // echo $url . '<br><pre>' . json_encode($children, JSON_PRETTY_PRINT) . '</pre>';
@@ -1275,7 +1341,7 @@ function get_refresh_token()
         }
     }
     if (isset($_GET['install0'])) {
-        if ($_POST['disktag_add']!='' && ($_POST['Drive_ver']=='MS' || $_POST['Drive_ver']=='CN')) {
+        if ($_POST['disktag_add']!='') {
             if (in_array($_COOKIE['disktag'], $CommonEnv)) {
                 return message('Do not input ' . $envs . '<br><button onclick="location.href = location.href;">'.getconstStr('Refresh').'</button><script>document.cookie=\'disktag=; path=/\';</script>', 'Error', 201);
             }
@@ -1283,14 +1349,19 @@ function get_refresh_token()
             $tmp['disktag_add'] = $_POST['disktag_add'];
             $tmp['diskname'] = $_POST['diskname'];
             $tmp['Drive_ver'] = $_POST['Drive_ver'];
-            if ($_POST['Drive_custom']=='on') {
-                $tmp['Drive_custom'] = $_POST['Drive_custom'];
-                $tmp['client_id'] = $_POST['client_id'];
-                $tmp['client_secret'] = $_POST['client_secret'];
-            }
-            if ($_POST['usesharepoint']=='on') {
-                $tmp['usesharepoint'] = $_POST['usesharepoint'];
-                $tmp['sharepointname'] = $_POST['sharepointname'];
+            if ($_POST['Drive_ver']=='shareurl') {
+                $tmp['shareurl'] = $_POST['shareurl'];
+                $tmp['refresh_token'] = 1;
+            } else {
+                if ($_POST['Drive_custom']=='on') {
+                    $tmp['Drive_custom'] = $_POST['Drive_custom'];
+                    $tmp['client_id'] = $_POST['client_id'];
+                    $tmp['client_secret'] = $_POST['client_secret'];
+                }
+                if ($_POST['usesharepoint']=='on') {
+                    $tmp['usesharepoint'] = $_POST['usesharepoint'];
+                    $tmp['sharepointname'] = $_POST['sharepointname'];
+                }
             }
             $response = setConfigResponse( setConfig($tmp, $_COOKIE['disktag']) );
             if (api_error($response)) {
@@ -1299,6 +1370,7 @@ function get_refresh_token()
             } else {
                 $title = getconstStr('MayinEnv');
                 $html = getconstStr('Wait') . ' 3s<meta http-equiv="refresh" content="3;URL=' . $url . '?AddDisk&install1">';
+                if ($_POST['Drive_ver']=='shareurl') $html = getconstStr('Wait') . ' 3s<meta http-equiv="refresh" content="3;URL=' . $url . '">';
             }
             return message($html, $title, 201);
         }
@@ -1317,19 +1389,21 @@ function get_refresh_token()
         '.getconstStr('OnedriveDiskName').':<input type="text" name="diskname" placeholder="' . getconstStr('EnvironmentsDescription')['diskname'] . '" style="width:100%"><br>
         <br>
         <div>
-            <label><input type="radio" name="Drive_ver" value="MS" checked>MS: '.getconstStr('DriveVerMS').'</label><br>
-            <label><input type="radio" name="Drive_ver" value="CN">CN: '.getconstStr('DriveVerCN').'</label>
+            <label><input type="radio" name="Drive_ver" value="MS" checked onclick="document.getElementById(\'morecustom\').style.display=\'\';document.getElementById(\'inputshareurl\').style.display=\'none\';">MS: '.getconstStr('DriveVerMS').'</label><br>
+            <label><input type="radio" name="Drive_ver" value="CN" onclick="document.getElementById(\'morecustom\').style.display=\'\';document.getElementById(\'inputshareurl\').style.display=\'none\';">CN: '.getconstStr('DriveVerCN').'</label><br>
+            <label><input type="radio" name="Drive_ver" value="shareurl" onclick="document.getElementById(\'inputshareurl\').style.display=\'\';document.getElementById(\'morecustom\').style.display=\'none\';">shareurl: '.getconstStr('DriveVerShareurl').'</label><br>
         </div>
         <br>
-        <div>
-            <label><input type="checkbox" name="Drive_custom" onclick="document.getElementById(\'secret\').style.display=(this.checked?\'\':\'none\');">'.getconstStr('CustomIdSecret').'</label>
+        <div id="inputshareurl" style="display:none;margin:10px 35px">
+            <input type="text" name="shareurl" style="width:100%" placeholder="https://xxxx.sharepoint.com/:f:/g/personal/xxxxxxxx/mmmmmmmmm?e=XXXX"><br>
+        </div>
+        <div id="morecustom">
+            <label><input type="checkbox" name="Drive_custom" onclick="document.getElementById(\'secret\').style.display=(this.checked?\'\':\'none\');">'.getconstStr('CustomIdSecret').'</label><br>
             <div id="secret" style="display:none;margin:10px 35px">
                 <a href="'.$app_url.'" target="_blank">'.getconstStr('GetSecretIDandKEY').'</a><br>
                 client_secret:<input type="text" name="client_secret"><br>
                 client_id:<input type="text" name="client_id" placeholder="12345678-90ab-cdef-ghij-klmnopqrstuv"><br>
             </div>
-        </div>
-        <div>
             <label><input type="checkbox" name="usesharepoint" onclick="document.getElementById(\'sharepoint\').style.display=(this.checked?\'\':\'none\');">'.getconstStr('UseSharepointInstead').'</label><br>
             <div id="sharepoint" style="display:none;margin:10px 35px">
                 '.getconstStr('GetSharepointName').'<br>
@@ -1357,23 +1431,30 @@ function get_refresh_token()
                 alert(\''.getconstStr('TagFormatAlert').'\');
                 return false;
             }
-            if (t.Drive_custom.checked==true) {
-                if (t.client_secret.value==\'\'||t.client_id.value==\'\') {
-                    alert(\'client_id & client_secret\');
+            if (t.Drive_ver.value==\'shareurl\') {
+                if (t.shareurl.value==\'\') {
+                    alert(\'shareurl\');
                     return false;
                 }
-            }
-            if (t.usesharepoint.checked==true) {
-                if (t.sharepointname.value==\'\') {
-                    alert(\''.getconstStr('InputSharepointName').'\');
-                    return false;
+            } else {
+                if (t.Drive_custom.checked==true) {
+                    if (t.client_secret.value==\'\'||t.client_id.value==\'\') {
+                        alert(\'client_id & client_secret\');
+                        return false;
+                    }
+                }
+                if (t.usesharepoint.checked==true) {
+                    if (t.sharepointname.value==\'\') {
+                        alert(\''.getconstStr('InputSharepointName').'\');
+                        return false;
+                    }
                 }
             }
             document.cookie=\'disktag=\'+t.disktag_add.value+\'; path=/\';
             return true;
         }
     </script>';
-    $title = 'Bind Onedrive';
+    $title = 'Bind Disk';
     return message($html, $title, 201);
 }
 
@@ -1386,7 +1467,7 @@ function EnvOpt($needUpdate = 0)
     asort($ShowedInnerEnv);
     $html = '<title>OneManager '.getconstStr('Setup').'</title>';
     if (isset($_POST['updateProgram'])&&$_POST['updateProgram']==getconstStr('updateProgram')) {
-        $response = OnekeyUpate();
+        $response = OnekeyUpate($_POST['auth'], $_POST['project'], $_POST['branch']);
         if (api_error($response)) {
             $html = api_error_msg($response);
             $title = 'Error';
@@ -1436,22 +1517,7 @@ function EnvOpt($needUpdate = 0)
     $html .= '
 <a href="'.$preurl.'">'.getconstStr('Back').'</a>&nbsp;&nbsp;&nbsp;<a href="'.$_SERVER['base_path'].'">'.getconstStr('Back').getconstStr('Home').'</a><br>
 <a href="https://github.com/qkqpttgf/OneManager-php">Github</a><br>';
-    if (!((isset($_SERVER['USER'])&&$_SERVER['USER']==='qcloud')||(isset($_SERVER['HEROKU_APP_DIR'])&&$_SERVER['HEROKU_APP_DIR']==='/app'))) {
-        $html .= '
-In VPS can not update by a click!<br>';
-    } else {
-        $html .= '
-<form action="" method="post">
-';
-        if ($needUpdate) {
-            $html .= '<pre>' . $_SERVER['github_version'] . '</pre>';
-        } else {
-            $html .= getconstStr('NotNeedUpdate');
-        }
-        $html .= '
-    <input type="submit" name="updateProgram" value="'.getconstStr('updateProgram').'">
-</form>';
-    }
+
     $html .= '
 <table border=1 width=100%>
     <form name="common" action="" method="post">
@@ -1480,7 +1546,7 @@ In VPS can not update by a click!<br>';
             <td><label>' . $key . '</label></td>
             <td width=100%>
                 <select name="' . $key .'">
-                <option value=""></option>';
+                    <option value=""></option>';
             foreach ($theme_arr as $v1) {
                 if ($v1!='.' && $v1!='..') $html .= '
                     <option value="'.$v1.'" '.($v1==getConfig($key)?'selected="selected"':'').'>'.$v1.'</option>';
@@ -1543,6 +1609,56 @@ In VPS can not update by a click!<br>';
         }
     }
     $html .= '
-<a href="?AddDisk">'.getconstStr('AddDisk').'</a>';
+<a href="?AddDisk">'.getconstStr('AddDisk').'</a><br><br>';
+    if (!((isset($_SERVER['USER'])&&$_SERVER['USER']==='qcloud')||(isset($_SERVER['HEROKU_APP_DIR'])&&$_SERVER['HEROKU_APP_DIR']==='/app'))) {
+        $html .= '
+In VPS can not update by a click!<br>';
+    } else {
+        $html .= '
+<form name="updateform" action="" method="post">
+    <input type="text" name="auth" placeholder="auth" value="qkqpttgf">
+    <input type="text" name="project" placeholder="project" value="OneManager-php">
+    <button onclick="querybranchs();return false">查询分支</button>
+    <!--<input type="text" name="branch" placeholder="auth" value="master">-->
+    <select name="branch">
+        <option value="master">master</option>
+    </select>
+    <input type="submit" name="updateProgram" value="'.getconstStr('updateProgram').'">
+</form>
+<script>
+    function querybranchs()
+    {
+        //alert(document.updateform.auth.value);
+        var xhr = new XMLHttpRequest();
+        xhr.open("GET", "https://api.github.com/repos/"+document.updateform.auth.value+"/"+document.updateform.project.value+"/branches");
+        //xhr.setRequestHeader("User-Agent","qkqpttgf/OneManager");
+        xhr.send(null);
+        xhr.onload = function(e){
+            console.log(xhr.responseText+","+xhr.status);
+            if (xhr.status==200) {
+                document.updateform.branch.options.length=0;
+                JSON.parse(xhr.responseText).forEach( function (e) {
+                    //alert(e.name);
+                    document.updateform.branch.options.add(new Option(e.name,e.name));
+                    if ("master"==e.name) document.updateform.branch.options[document.updateform.branch.options.length-1].selected = true; 
+                });
+            } else {
+                alert(xhr.responseText+"\n"+xhr.status);
+            }
+        }
+        xhr.onerror = function(e){
+            alert("Network Error "+xhr.status);
+        }
+    }
+</script>
+';
+    }
+    if ($needUpdate) {
+        $html .= '<div style="position:relative;word-wrap: break-word;">
+        ' . str_replace("\r", '<br>',$_SERVER['github_version']) . '
+</div>';
+    } else {
+        $html .= getconstStr('NotNeedUpdate');
+    }
     return message($html, getconstStr('Setup'));
 }
diff --git a/index.php b/index.php
index ff1cac9..efc0ac1 100644
--- a/index.php
+++ b/index.php
@@ -1,13 +1,13 @@
 <?php
 include 'vendor/autoload.php';
 include 'conststr.php';
-include 'function/common.php';
+include 'common.php';
 
 //echo '<pre>'. json_encode($_SERVER, JSON_PRETTY_PRINT).'</pre>';
 if (isset($_SERVER['USER'])&&$_SERVER['USER']==='qcloud') {
-    include 'function/scf.php';
+    include 'platform/scf.php';
 } elseif (isset($_SERVER['HEROKU_APP_DIR'])&&$_SERVER['HEROKU_APP_DIR']==='/app') {
-    include 'function/heroku.php';
+    include 'platform/heroku.php';
     $path = getpath();
     //echo 'path:'. $path;
     $_GET = getGET();
@@ -20,7 +20,7 @@ if (isset($_SERVER['USER'])&&$_SERVER['USER']==='qcloud') {
     http_response_code($re['statusCode']);
     echo $re['body'];
 } else {
-    include 'function/normal.php';
+    include 'platform/normal.php';
     $path = getpath();
     //echo 'path:'. $path;
     $_GET = getGET();
diff --git a/function/heroku.php b/platform/heroku.php
similarity index 93%
rename from function/heroku.php
rename to platform/heroku.php
index ba91f84..36d3f77 100644
--- a/function/heroku.php
+++ b/platform/heroku.php
@@ -219,9 +219,9 @@ function setHerokuConfig($env, $function_name, $apikey)
     return HerokuAPI('PATCH', 'https://api.heroku.com/apps/' . $function_name . '/config-vars', $data, $apikey);
 }
 
-function updateHerokuapp($function_name, $apikey)
+function updateHerokuapp($function_name, $apikey, $source)
 {
-    $tmp['source_blob']['url'] = 'https://github.com/qkqpttgf/OneManager-php/tarball/master/';
+    $tmp['source_blob']['url'] = $source;
     $data = json_encode($tmp);
     return HerokuAPI('POST', 'https://api.heroku.com/apps/' . $function_name . '/builds', $data, $apikey);
 }
@@ -239,9 +239,11 @@ function_name:' . $_SERVER['function_name'] . '<br>
 <button onclick="location.href = location.href;">'.getconstStr('Refresh').'</button>';
 }
 
-function OnekeyUpate()
+function OnekeyUpate($auth = 'qkqpttgf', $project = 'OneManager-php', $branch = 'master')
 {
-    return json_decode(updateHerokuapp(getConfig('function_name'), getConfig('APIKey'))['body'], true);
+    //'https://github.com/qkqpttgf/OneManager-php/tarball/master/';
+    $source = 'https://github.com/' . $auth . '/' . $project . '/tarball/' . $branch . '/';
+    return json_decode(updateHerokuapp(getConfig('function_name'), getConfig('APIKey'), $source)['body'], true);
 }
 
 function setConfigResponse($response)
diff --git a/function/normal.php b/platform/normal.php
similarity index 96%
rename from function/normal.php
rename to platform/normal.php
index 68a9afb..1e4e0d7 100644
--- a/function/normal.php
+++ b/platform/normal.php
@@ -118,7 +118,7 @@ function install()
     if ($_GET['install2']) {
         if ($_POST['admin']!='') {
             $tmp['admin'] = $_POST['admin'];
-            $tmp['language'] = $_COOKIE['language'];
+            $tmp['language'] = $_POST['language'];
             $response = setConfig($tmp);
             if (api_error($response)) {
                 $html = api_error_msg($response);
diff --git a/function/scf.php b/platform/scf.php
similarity index 94%
rename from function/scf.php
rename to platform/scf.php
index 19e2e5e..f01e57a 100644
--- a/function/scf.php
+++ b/platform/scf.php
@@ -131,7 +131,8 @@ function install()
         $tmp['admin'] = $_POST['admin'];
         setConfig($tmp);
         if (needUpdate()) {
-            updateProgram($_SERVER['function_name'], $_SERVER['Region'], $_SERVER['namespace'], $SecretId, $SecretKey);
+            OnekeyUpate();
+            //updateProgram($_SERVER['function_name'], $_SERVER['Region'], $_SERVER['namespace'], $SecretId, $SecretKey);
             return message('update to github version, reinstall.<script>document.cookie=\'language=; path=/\';</script><meta http-equiv="refresh" content="3;URL=' . $url . '">', 'Program updating', 201);
         }
         return output('Jump<script>document.cookie=\'language=; path=/\';</script><meta http-equiv="refresh" content="3;URL=' . path_format($_SERVER['base_path'] . '/') . '">', 302);
@@ -369,13 +370,13 @@ function SetbaseConfig($Envs, $function_name, $Region, $Namespace, $SecretId, $S
     return post2url('https://'.$host, $data.'&Signature='.urlencode($signStr));
 }
 
-function updateProgram($function_name, $Region, $Namespace, $SecretId, $SecretKey)
+function updateProgram($function_name, $Region, $Namespace, $SecretId, $SecretKey, $source = '')
 {
     WaitSCFStat();
     $meth = 'POST';
     $host = 'scf.tencentcloudapi.com';
     $tmpdata['Action'] = 'UpdateFunctionCode';
-    $tmpdata['Code.GitUrl'] = 'https://github.com/qkqpttgf/OneManager-php';
+    $tmpdata['Code.GitUrl'] = $source;
     $tmpdata['CodeSource'] = 'Git';
     $tmpdata['FunctionName'] = $function_name;
     $tmpdata['Handler'] = 'index.main_handler';
@@ -407,9 +408,11 @@ namespace:' . $_SERVER['namespace'] . '<br>
 <button onclick="location.href = location.href;">'.getconstStr('Refresh').'</button>';
 }
 
-function OnekeyUpate()
+function OnekeyUpate($auth = 'qkqpttgf', $project = 'OneManager-php', $branch = 'master')
 {
-    return json_decode(updateProgram($_SERVER['function_name'], $_SERVER['Region'], $_SERVER['namespace'], getConfig('SecretId'), getConfig('SecretKey')), true)['Response'];
+    //'https://github.com/qkqpttgf/OneManager-php/tree/v2-MultiDisk';
+    $source = 'https://github.com/' . $auth . '/' . $project . '/tree/' . $branch;
+    return json_decode(updateProgram($_SERVER['function_name'], $_SERVER['Region'], $_SERVER['namespace'], getConfig('SecretId'), getConfig('SecretKey'), $source), true)['Response'];
 }
 
 function setConfigResponse($response)
diff --git a/theme/classic.php b/theme/classic.php
index ff720fb..618ca01 100644
--- a/theme/classic.php
+++ b/theme/classic.php
@@ -166,33 +166,33 @@
                 <div style="margin: 12px 4px 4px; text-align: center">
                     <div style="margin: 24px">
                         <textarea id="url" title="url" rows="1" style="width: 100%; margin-top: 2px;" readonly><?php echo str_replace('%2523', '%23', str_replace('%26amp%3B','&amp;',spurlencode(path_format($_SERVER['base_disk_path'] . '/' . $path), '/'))); ?></textarea>
-                        <a href="<?php echo path_format($_SERVER['base_disk_path'] . '/' . $path);//$files['@microsoft.graph.downloadUrl'] ?>"><ion-icon name="download" style="line-height: 16px;vertical-align: middle;"></ion-icon>&nbsp;<?php echo getconstStr('Download'); ?></a>
+                        <a href="<?php echo path_format($_SERVER['base_disk_path'] . '/' . $path);//$files[$_SERVER['DownurlStrName']] ?>"><ion-icon name="download" style="line-height: 16px;vertical-align: middle;"></ion-icon>&nbsp;<?php echo getconstStr('Download'); ?></a>
                     </div>
                     <div style="margin: 24px">
 <?php               $ext = strtolower(substr($path, strrpos($path, '.') + 1));
                     if (in_array($ext, $exts['img'])) {
-                        echo '                        <img src="' . $files['@microsoft.graph.downloadUrl'] . '" alt="' . substr($path, strrpos($path, '/')) . '" onload="if(this.offsetWidth>document.getElementById(\'url\').offsetWidth) this.style.width=\'100%\';" />
+                        echo '                        <img src="' . $files[$_SERVER['DownurlStrName']] . '" alt="' . substr($path, strrpos($path, '/')) . '" onload="if(this.offsetWidth>document.getElementById(\'url\').offsetWidth) this.style.width=\'100%\';" />
 ';
                     } elseif (in_array($ext, $exts['video'])) {
-                    //echo '<video src="' . $files['@microsoft.graph.downloadUrl'] . '" controls="controls" style="width: 100%"></video>';
-                        $DPvideo=$files['@microsoft.graph.downloadUrl'];
+                    //echo '<video src="' . $files[$_SERVER['DownurlStrName']] . '" controls="controls" style="width: 100%"></video>';
+                        $DPvideo=$files[$_SERVER['DownurlStrName']];
                         echo '                        <div id="video-a0"></div>
 ';
                     } elseif (in_array($ext, $exts['music'])) {
-                        echo '                        <audio src="' . $files['@microsoft.graph.downloadUrl'] . '" controls="controls" style="width: 100%"></audio>
+                        echo '                        <audio src="' . $files[$_SERVER['DownurlStrName']] . '" controls="controls" style="width: 100%"></audio>
 ';
                     } elseif (in_array($ext, ['pdf'])) {
                         /*echo '
-                        <embed src="' . $files['@microsoft.graph.downloadUrl'] . '" type="application/pdf" width="100%" height=800px">
+                        <embed src="' . $files[$_SERVER['DownurlStrName']] . '" type="application/pdf" width="100%" height=800px">
 ';*/
-                        $pdfurl = $files['@microsoft.graph.downloadUrl'];
+                        $pdfurl = $files[$_SERVER['DownurlStrName']];
                         echo '                        <div id="pdf-d"></div>
 ';
                     } elseif (in_array($ext, $exts['office'])) {
-                        echo '                        <iframe id="office-a" src="https://view.officeapps.live.com/op/view.aspx?src=' . urlencode($files['@microsoft.graph.downloadUrl']) . '" style="width: 100%;height: 800px" frameborder="0"></iframe>
+                        echo '                        <iframe id="office-a" src="https://view.officeapps.live.com/op/view.aspx?src=' . urlencode($files[$_SERVER['DownurlStrName']]) . '" style="width: 100%;height: 800px" frameborder="0"></iframe>
 ';
                     } elseif (in_array($ext, $exts['txt'])) {
-                        $txtstr = htmlspecialchars(curl_request($files['@microsoft.graph.downloadUrl'])['body']);
+                        $txtstr = htmlspecialchars(curl_request($files[$_SERVER['DownurlStrName']])['body']);
 ?>
                         <div id="txt">
 <?php                   if ($_SERVER['admin']) { ?>
@@ -206,7 +206,7 @@
                         </div>
 <?php               } /*elseif (in_array($ext, ['md'])) {
                         echo '                        <div class="markdown-body" id="readme">
-                            <textarea id="readme-md" style="display:none;">' . curl_request($files['@microsoft.graph.downloadUrl'])['body'] . '</textarea>
+                            <textarea id="readme-md" style="display:none;">' . curl_request($files[$_SERVER['DownurlStrName']])['body'] . '</textarea>
                         </div>
 ';
                     }*/ else {
@@ -705,7 +705,8 @@
         tmptextarea.select();
         tmptextarea.setSelectionRange(0, tmptextarea.value.length);
         document.execCommand("copy");
-        alert(tmptextarea.innerHTML+'<?php echo getconstStr('Success'); ?>');
+        //alert(tmptextarea.innerHTML);
+        alert('Success');
     }
     var sort=0;
     function sortby(string) {