diff --git a/conf/app.php b/conf/app.php
index 652dcf6..1fec5c9 100644
--- a/conf/app.php
+++ b/conf/app.php
@@ -2,7 +2,7 @@
 /**
  * Config
  */
-return array(
+$configs = array(
     'default_timezone' => 'Asia/Shanghai',   //timezone
 
     //文档站皮肤
@@ -44,6 +44,14 @@ return array(
         'contact' => 'FileSite视频网站订制联系：<a href="https://filesite.io" target="_blank">FileSite.io</a>',
     ),
 
+    //目前支持的皮肤
+    'allowedThemes' => array(
+        'manual',
+        'webdirectory',
+        'googleimage',
+        'videoblog',
+    ),
+
     //md5加密前缀
     'md5Prefix' => 'some_code_here',
 
@@ -63,3 +71,15 @@ return array(
     ),
 
 );
+
+//自定义配置支持
+$customConfigFile = __DIR__ . '/../runtime/custom_config.json';
+if (file_exists($customConfigFile)) {
+    try {
+        $json = file_get_contents($customConfigFile);
+        $customConfigs = json_decode($json, true);
+        $configs = array_merge($configs, $customConfigs);
+    }catch(Exception $e) {}
+}
+
+return $configs;
\ No newline at end of file
diff --git a/controller/ApiController.php b/controller/ApiController.php
index 1321c20..bd35524 100644
--- a/controller/ApiController.php
+++ b/controller/ApiController.php
@@ -132,10 +132,10 @@ Class ApiController extends Controller {
         $maxDirLen = 20;
         if (empty($newDir) || mb_strlen($newDir, 'utf-8') > $maxDirLen) {
             $err = "目录名不能为空且最长 {$maxDirLen} 个字符";
-            return $this->renderJson(compact('code', 'msg', 'err', 'data'));
+            return $this->renderJson(compact('code', 'msg', 'err', 'data'), $this->httpStatus['notAllowed']);
         }else if (strpos($newDir, '/') !== false) {
             $err = "待创建的目录名称中不能包含斜杠字符！";
-            return $this->renderJson(compact('code', 'msg', 'err', 'data'));
+            return $this->renderJson(compact('code', 'msg', 'err', 'data'), $this->httpStatus['notAllowed']);
         }
 
         $target = __DIR__ . '/../www/' . FSC::$app['config']['content_directory'];
@@ -181,10 +181,10 @@ Class ApiController extends Controller {
         $maxDirLen = 20;
         if (empty($delDir) || mb_strlen($delDir, 'utf-8') > $maxDirLen) {
             $err = "目录名不能为空且最长 {$maxDirLen} 个字符";
-            return $this->renderJson(compact('code', 'msg', 'err', 'data'));
+            return $this->renderJson(compact('code', 'msg', 'err', 'data'), $this->httpStatus['notAllowed']);
         }else if (strpos($delDir, '/') !== false) {
             $err = "待删除的目录名称中不能包含斜杠字符！";
-            return $this->renderJson(compact('code', 'msg', 'err', 'data'));
+            return $this->renderJson(compact('code', 'msg', 'err', 'data'), $this->httpStatus['notAllowed']);
         }
 
         $target = __DIR__ . '/../www/' . FSC::$app['config']['content_directory'];
@@ -229,7 +229,7 @@ Class ApiController extends Controller {
         $maxDirLen = 50;
         if (empty($fromDir) || mb_strlen($fromDir, 'utf-8') > $maxDirLen || empty($toDir) || mb_strlen($toDir, 'utf-8') > $maxDirLen) {
             $err = "目录名不能为空且最长 {$maxDirLen} 个字符";
-            return $this->renderJson(compact('code', 'msg', 'err', 'data'));
+            return $this->renderJson(compact('code', 'msg', 'err', 'data'), $this->httpStatus['notAllowed']);
         }else if ($this->isParentDirectoryValid($fromDir) == false) {       //目录合法性检查
             $err = "目录{$fromDir}不存在";
             return $this->renderJson(compact('code', 'msg', 'err', 'data'), $this->httpStatus['notAllowed']);
@@ -275,7 +275,7 @@ Class ApiController extends Controller {
             return $this->renderJson(compact('code', 'msg', 'err', 'data'));
         }else if (strpos($fromDir, '/') !== false || strpos($toDir, '/') !== false) {
             $err = "目录名称中不能包含斜杠字符！";
-            return $this->renderJson(compact('code', 'msg', 'err', 'data'));
+            return $this->renderJson(compact('code', 'msg', 'err', 'data'), $this->httpStatus['notAllowed']);
         }
 
         $target = __DIR__ . '/../www/' . FSC::$app['config']['content_directory'];
@@ -321,10 +321,10 @@ Class ApiController extends Controller {
         $maxDirLen = 30;
         if (empty($delFile) || mb_strlen($delFile, 'utf-8') > $maxDirLen) {
             $err = "文件名不能为空且最长 {$maxDirLen} 个字符";
-            return $this->renderJson(compact('code', 'msg', 'err', 'data'));
+            return $this->renderJson(compact('code', 'msg', 'err', 'data'), $this->httpStatus['notAllowed']);
         }else if (strpos($delFile, '/') !== false) {
             $err = "待删除的文件名称中不能包含斜杠字符！";
-            return $this->renderJson(compact('code', 'msg', 'err', 'data'));
+            return $this->renderJson(compact('code', 'msg', 'err', 'data'), $this->httpStatus['notAllowed']);
         }
 
         $target = __DIR__ . '/../www/' . FSC::$app['config']['content_directory'];
@@ -422,10 +422,10 @@ Class ApiController extends Controller {
         $maxPasswordLen = 30;
         if (empty($username) || mb_strlen($username, 'utf-8') > $maxUsernameLen) {
             $err = "用户名不能为空且最长 {$maxUsernameLen} 个字符";
-            return $this->renderJson(compact('code', 'msg', 'err', 'data'));
+            return $this->renderJson(compact('code', 'msg', 'err', 'data'), $this->httpStatus['notAllowed']);
         }else if (empty($password) || mb_strlen($password, 'utf-8') > $maxPasswordLen) {
             $err = "密码不能为空且最长 {$maxPasswordLen} 个字符";
-            return $this->renderJson(compact('code', 'msg', 'err', 'data'));
+            return $this->renderJson(compact('code', 'msg', 'err', 'data'), $this->httpStatus['notAllowed']);
         }
 
         $admConfig = FSC::$app['config']['admin'];
@@ -436,10 +436,10 @@ Class ApiController extends Controller {
             $captcha_code = !empty($userData['captcha_code']) ? $userData['captcha_code'] : '';
             if (!empty($admConfig['captcha']) && empty($captcha_code)) {
                 $err = "请刷新网页，如果验证码图片无法显示请联系管理员！";
-                return $this->renderJson(compact('code', 'msg', 'err', 'data'));
+                return $this->renderJson(compact('code', 'msg', 'err', 'data'), $this->httpStatus['notAllowed']);
             }else if (!empty($admConfig['captcha']) && !empty($captcha_code) && $captcha != $captcha_code) {
                 $err = "验证码不正确，请注意字母大小写！";
-                return $this->renderJson(compact('code', 'msg', 'err', 'data'));
+                return $this->renderJson(compact('code', 'msg', 'err', 'data'), $this->httpStatus['notAllowed']);
             }
 
             if ($username == $admConfig['username'] && $password == $admConfig['password']) {
@@ -557,10 +557,10 @@ Class ApiController extends Controller {
         $filename = $this->post('name', '');
         if (empty($upfile) || empty($filename)) {
             $err = '所有参数都不能为空！';
-            return $this->renderJson(compact('code', 'msg', 'err', 'data'), $this->httpStatus['notLogined']);
+            return $this->renderJson(compact('code', 'msg', 'err', 'data'), $this->httpStatus['notAllowed']);
         }else if (!preg_match('/^data:[a-z0-9]+\/[a-z0-9]+;base64,/i', $upfile)) {
             $err = '图片数据必需为base64格式！';
-            return $this->renderJson(compact('code', 'msg', 'err', 'data'), $this->httpStatus['notLogined']);
+            return $this->renderJson(compact('code', 'msg', 'err', 'data'), $this->httpStatus['notAllowed']);
         }else if (!empty($parentDir) && $this->isParentDirectoryValid($parentDir) == false) {  //父目录合法性检查
             $err = "父目录{$parentDir}不存在";
             return $this->renderJson(compact('code', 'msg', 'err', 'data'), $this->httpStatus['notAllowed']);
@@ -604,4 +604,57 @@ Class ApiController extends Controller {
         return $this->renderJson(compact('code', 'msg', 'err', 'data'));
     }
 
+    //切换皮肤
+    public function actionSwitchTheme() {
+        $code = 0;
+        $msg = $err = '';
+        $data = array();
+
+        if ($this->isUserLogined() == false) {
+            $err = '没登陆或登陆已过期！';
+            return $this->renderJson(compact('code', 'msg', 'err', 'data'), $this->httpStatus['notLogined']);
+        }
+
+        $themeName = $this->post('theme', '');
+        $contentDirectory = $this->post('contentdir', '');
+        $allowedThemes = FSC::$app['config']['allowedThemes'];
+        if (empty($themeName)) {
+            $err = '参数不能为空！';
+            return $this->renderJson(compact('code', 'msg', 'err', 'data'), $this->httpStatus['notAllowed']);
+        }else if (!in_array($themeName, $allowedThemes)) {
+            $err = "不支持的皮肤：{$themeName}";
+            return $this->renderJson(compact('code', 'msg', 'err', 'data'), $this->httpStatus['notAllowed']);
+        }else if (!empty($contentDirectory) && strpos($contentDirectory, '/') !== false) {
+            $err = "内容目录名称中不能包含斜杠字符！";
+            return $this->renderJson(compact('code', 'msg', 'err', 'data'), $this->httpStatus['notAllowed']);
+        }
+
+        try {
+            $customConfigFile = __DIR__ . '/../runtime/custom_config.json';
+            $jsonData = array(
+                'theme' => $themeName,
+            );
+
+            if (!empty($contentDirectory)) {
+                $jsonData['content_directory'] = $contentDirectory;
+            }
+
+            if (file_exists($customConfigFile)) {
+                $json = file_get_contents($customConfigFile);
+                $customConfigs = json_decode($json, true);
+                if (!empty($customConfigs)) {
+                    $jsonData = array_merge($customConfigs, $jsonData);
+                }
+            }
+
+            file_put_contents($customConfigFile, json_encode($jsonData));
+            $code = 1;
+            $msg = '皮肤修改完成';
+        }catch(Exception $e) {
+            $err = '皮肤修改失败：' . $e->getMessage();
+        }
+
+        return $this->renderJson(compact('code', 'msg', 'err', 'data'));
+    }
+
 }