diff --git a/authlogin.php b/authlogin.php
index 63dcc45..b75a264 100644
--- a/authlogin.php
+++ b/authlogin.php
@@ -213,6 +213,44 @@ if( !empty($_POST['btn_submit']) ) {
                     }
 
                     clearstatcache();
+                                        
+                    if (isset($_SERVER['HTTP_COOKIE'])) {
+                        $cookies = explode(';', $_SERVER['HTTP_COOKIE']);
+                        foreach($cookies as $cookie) {
+                            $parts = explode('=', $cookie);
+                            $name = trim($parts[0]);
+                            setcookie($name, '', time()-1000);
+                        }
+                    }
+
+                    setcookie('userid', $userid,[
+                        'expires' => time() + 60 * 60 * 24 * 14,
+                        'path' => '/',
+                        'samesite' => 'lax',
+                        'secure' => true,
+                        'httponly' => true,
+                    ]);
+                    setcookie('loginid', $row["loginid"],[
+                        'expires' => time() + 60 * 60 * 24 * 14,
+                        'path' => '/',
+                        'samesite' => 'lax',
+                        'secure' => true,
+                        'httponly' => true,
+                    ]);
+                    setcookie('username', $row["username"],[
+                        'expires' => time() + 60 * 60 * 24 * 14,
+                        'path' => '/',
+                        'samesite' => 'lax',
+                        'secure' => true,
+                        'httponly' => true,
+                    ]);
+                    setcookie('admin_login', true,[
+                        'expires' => time() + 60 * 60 * 24 * 14,
+                        'path' => '/',
+                        'samesite' => 'lax',
+                        'secure' => true,
+                        'httponly' => true,
+                    ]);
 
                     $_SESSION['admin_login'] = true;
 
diff --git a/check.php b/check.php
index b9eca9f..91a74b5 100644
--- a/check.php
+++ b/check.php
@@ -171,6 +171,44 @@ if( !empty($_POST['btn_submit']) ) {
 
     clearstatcache();
 
+    if (isset($_SERVER['HTTP_COOKIE'])) {
+        $cookies = explode(';', $_SERVER['HTTP_COOKIE']);
+        foreach($cookies as $cookie) {
+            $parts = explode('=', $cookie);
+            $name = trim($parts[0]);
+            setcookie($name, '', time()-1000);
+        }
+    }
+
+    setcookie('userid', $userid,[
+        'expires' => time() + 60 * 60 * 24 * 14,
+        'path' => '/',
+        'samesite' => 'lax',
+        'secure' => true,
+        'httponly' => true,
+    ]);
+    setcookie('loginid', $userData["loginid"],[
+        'expires' => time() + 60 * 60 * 24 * 14,
+        'path' => '/',
+        'samesite' => 'lax',
+        'secure' => true,
+        'httponly' => true,
+    ]);
+    setcookie('username', $username,[
+        'expires' => time() + 60 * 60 * 24 * 14,
+        'path' => '/',
+        'samesite' => 'lax',
+        'secure' => true,
+        'httponly' => true,
+    ]);
+    setcookie('admin_login', true,[
+        'expires' => time() + 60 * 60 * 24 * 14,
+        'path' => '/',
+        'samesite' => 'lax',
+        'secure' => true,
+        'httponly' => true,
+    ]);
+
     $_SESSION['admin_login'] = true;
     $_SESSION['userid'] = $userid;
     $_SESSION['loginid'] = $userData["loginid"];
diff --git a/css/home.css b/css/home.css
index f9a236f..5ba3f14 100644
--- a/css/home.css
+++ b/css/home.css
@@ -1132,6 +1132,14 @@ main h1{
     font-weight: bold;
     transition: all 250ms ease-out;
 }
+.ueuse .mta img{
+    margin-top: auto;
+    margin-bottom: auto;
+    margin-left: 4px;
+    margin-right: 4px;
+    height: 14px;
+    vertical-align: middle;
+}
 .ueuse .mta:hover{
     font-size: 14px;
     background-color: var(--main-color);
@@ -1368,6 +1376,15 @@ main h1{
     font-family: 'BIZ UDPGothic', sans-serif;
     font-weight: bold;
 }
+.ueuse .abi .back h1 img{
+    margin-top: auto;
+    margin-bottom: auto;
+    margin-left: 4px;
+    margin-right: 4px;
+    height: 16px;
+    vertical-align: middle;
+}
+
 .ueuse .abi h1{
     overflow-wrap: break-word;
     margin-top: auto;
diff --git a/errorpage/400.php b/errorpage/400.php
index 7d447e8..b1e1e2c 100644
--- a/errorpage/400.php
+++ b/errorpage/400.php
@@ -29,9 +29,15 @@ $domain = $_SERVER['HTTP_HOST'];
 <body>
 
 <div class="topbox">
-    <div class="logo">
-        <a href="../index.php"><img src="/img/uwuzulogo.svg"></a>
-    </div>
+    <?php if(!empty(htmlspecialchars($serversettings["serverinfo"]["server_logo_login"], ENT_QUOTES, 'UTF-8'))){ ?>
+        <div class="logo">
+            <a href="../index.php"><img src=<?php echo htmlspecialchars($serversettings["serverinfo"]["server_logo_login"], ENT_QUOTES, 'UTF-8');?>></a>
+        </div>
+    <?php }else{?>
+        <div class="logo">
+            <a href="../index.php"><img src="../img/uwuzulogo.svg"></a>
+        </div>
+    <?php }?>
 </div>
 
 <div class="terms">
diff --git a/errorpage/401.php b/errorpage/401.php
index 1266ae3..8721643 100644
--- a/errorpage/401.php
+++ b/errorpage/401.php
@@ -29,9 +29,15 @@ $domain = $_SERVER['HTTP_HOST'];
 <body>
 
 <div class="topbox">
-    <div class="logo">
-        <a href="../index.php"><img src="/img/uwuzulogo.svg"></a>
-    </div>
+    <?php if(!empty(htmlspecialchars($serversettings["serverinfo"]["server_logo_login"], ENT_QUOTES, 'UTF-8'))){ ?>
+        <div class="logo">
+            <a href="../index.php"><img src=<?php echo htmlspecialchars($serversettings["serverinfo"]["server_logo_login"], ENT_QUOTES, 'UTF-8');?>></a>
+        </div>
+    <?php }else{?>
+        <div class="logo">
+            <a href="../index.php"><img src="../img/uwuzulogo.svg"></a>
+        </div>
+    <?php }?>
 </div>
 
 <div class="terms">
diff --git a/errorpage/403.php b/errorpage/403.php
index 44065c8..1217f7f 100644
--- a/errorpage/403.php
+++ b/errorpage/403.php
@@ -29,9 +29,15 @@ $domain = $_SERVER['HTTP_HOST'];
 <body>
 
 <div class="topbox">
-    <div class="logo">
-        <a href="../index.php"><img src="/img/uwuzulogo.svg"></a>
-    </div>
+    <?php if(!empty(htmlspecialchars($serversettings["serverinfo"]["server_logo_login"], ENT_QUOTES, 'UTF-8'))){ ?>
+        <div class="logo">
+            <a href="../index.php"><img src=<?php echo htmlspecialchars($serversettings["serverinfo"]["server_logo_login"], ENT_QUOTES, 'UTF-8');?>></a>
+        </div>
+    <?php }else{?>
+        <div class="logo">
+            <a href="../index.php"><img src="../img/uwuzulogo.svg"></a>
+        </div>
+    <?php }?>
 </div>
 
 <div class="terms">
diff --git a/errorpage/404.php b/errorpage/404.php
index ec5bf8d..a96eb4a 100644
--- a/errorpage/404.php
+++ b/errorpage/404.php
@@ -31,9 +31,15 @@ $domain = $_SERVER['HTTP_HOST'];
 <body>
 
 <div class="topbox">
-    <div class="logo">
-        <a href="../index.php"><img src="/img/uwuzulogo.svg"></a>
-    </div>
+    <?php if(!empty(htmlspecialchars($serversettings["serverinfo"]["server_logo_login"], ENT_QUOTES, 'UTF-8'))){ ?>
+        <div class="logo">
+            <a href="../index.php"><img src=<?php echo htmlspecialchars($serversettings["serverinfo"]["server_logo_login"], ENT_QUOTES, 'UTF-8');?>></a>
+        </div>
+    <?php }else{?>
+        <div class="logo">
+            <a href="../index.php"><img src="../img/uwuzulogo.svg"></a>
+        </div>
+    <?php }?>
 </div>
 
 <div class="terms">
diff --git a/errorpage/500.php b/errorpage/500.php
index b98d5db..4e46f94 100644
--- a/errorpage/500.php
+++ b/errorpage/500.php
@@ -28,9 +28,15 @@ $domain = $_SERVER['HTTP_HOST'];
 <body>
 
 <div class="topbox">
-    <div class="logo">
-        <a href="../index.php"><img src="/img/uwuzulogo.svg"></a>
-    </div>
+    <?php if(!empty(htmlspecialchars($serversettings["serverinfo"]["server_logo_login"], ENT_QUOTES, 'UTF-8'))){ ?>
+        <div class="logo">
+            <a href="../index.php"><img src=<?php echo htmlspecialchars($serversettings["serverinfo"]["server_logo_login"], ENT_QUOTES, 'UTF-8');?>></a>
+        </div>
+    <?php }else{?>
+        <div class="logo">
+            <a href="../index.php"><img src="../img/uwuzulogo.svg"></a>
+        </div>
+    <?php }?>
 </div>
 
 <div class="terms">
diff --git a/errorpage/503.php b/errorpage/503.php
index 61c3430..e69c4bb 100644
--- a/errorpage/503.php
+++ b/errorpage/503.php
@@ -34,9 +34,15 @@ $domain = $_SERVER['HTTP_HOST'];
 <body>
 
 <div class="topbox">
-    <div class="logo">
-        <a href="../index.php"><img src="/img/uwuzulogo.svg"></a>
-    </div>
+    <?php if(!empty(htmlspecialchars($serversettings["serverinfo"]["server_logo_login"], ENT_QUOTES, 'UTF-8'))){ ?>
+        <div class="logo">
+            <a href="../index.php"><img src=<?php echo htmlspecialchars($serversettings["serverinfo"]["server_logo_login"], ENT_QUOTES, 'UTF-8');?>></a>
+        </div>
+    <?php }else{?>
+        <div class="logo">
+            <a href="../index.php"><img src="../img/uwuzulogo.svg"></a>
+        </div>
+    <?php }?>
 </div>
 
 <div class="terms">
diff --git a/errorpage/serverstop.php b/errorpage/serverstop.php
index 1c20212..ac8cf60 100644
--- a/errorpage/serverstop.php
+++ b/errorpage/serverstop.php
@@ -32,9 +32,15 @@ if(!empty(file_get_contents($serverstopfile))){
 <body>
 
 <div class="topbox">
-    <div class="logo">
-        <a href="../index.php"><img src="/img/uwuzulogo.svg"></a>
-    </div>
+    <?php if(!empty(htmlspecialchars($serversettings["serverinfo"]["server_logo_login"], ENT_QUOTES, 'UTF-8'))){ ?>
+        <div class="logo">
+            <a href="../index.php"><img src=<?php echo htmlspecialchars($serversettings["serverinfo"]["server_logo_login"], ENT_QUOTES, 'UTF-8');?>></a>
+        </div>
+    <?php }else{?>
+        <div class="logo">
+            <a href="../index.php"><img src="../img/uwuzulogo.svg"></a>
+        </div>
+    <?php }?>
 </div>
 
 <div class="terms">
diff --git a/index.php b/index.php
index a95f38a..dc7656b 100644
--- a/index.php
+++ b/index.php
@@ -63,6 +63,17 @@ $serverinfo = file_get_contents($serverinfofile);
 
 //-------------------------------------
 
+//-------------------------
+$softwarefile = "server/uwuzuinfo.txt";
+$softwaredata = file_get_contents($softwarefile);
+
+$softwaredata = explode( "\n", $softwaredata );
+$cnt = count( $softwaredata );
+for( $i=0;$i<$cnt;$i++ ){
+    $uwuzuinfo[$i] = ($softwaredata[$i]);
+}
+//-------------------------
+
 $domain = $_SERVER['HTTP_HOST'];
 
 //------------------------
@@ -135,9 +146,9 @@ if ("serviceWorker" in navigator) {
 <body>
 
 <div class="leftbox">
-    <?php if(!empty($serverlogo_link[1])){ ?>
+    <?php if(!empty(htmlspecialchars($serversettings["serverinfo"]["server_logo_login"], ENT_QUOTES, 'UTF-8'))){ ?>
         <div class="logo">
-            <a href="../index.php"><img src=<?php echo htmlspecialchars($serverlogo_link[1], ENT_QUOTES, 'UTF-8');?>></a>
+            <a href="../index.php"><img src=<?php echo htmlspecialchars($serversettings["serverinfo"]["server_logo_login"], ENT_QUOTES, 'UTF-8');?>></a>
         </div>
     <?php }else{?>
         <div class="logo">
@@ -178,11 +189,13 @@ if ("serviceWorker" in navigator) {
 
         <?php if(htmlspecialchars($serversettings["serverinfo"]["server_invitation"], ENT_QUOTES, 'UTF-8') === "true"){?>
             <p>このサーバーには招待コードがないと登録できません。<br>招待コードはお手元にありますか？</p>
+
             <div class="btnbox">
                 <a href="new.php" class="irobutton">アカウント登録</a>
                 <a href="login.php" class="sirobutton">ログイン</a>
             </div>
         <?php }else{?>
+    
         <div class="cntzone">
             <div class="usercnt">
                 <div class="p1">ユーザー数</div>
@@ -193,12 +206,12 @@ if ("serviceWorker" in navigator) {
                 <p><?php echo $count2."<br>"?></p>
             </div>
         </div>
-
         <div class="btnbox">
             <a href="new.php" class="irobutton">アカウント登録</a>
             <a href="login.php" class="sirobutton">ログイン</a>
         </div>
         <?php }?>
+        <div class="p2" style="margin-top:8px;margin-bottom:0px;"><?php echo $uwuzuinfo[0];?> Version <?php echo $uwuzuinfo[1];?></div>
     </div>
 </div>
 
diff --git a/new.php b/new.php
index db0479f..988a803 100644
--- a/new.php
+++ b/new.php
@@ -607,8 +607,8 @@ $pdo = null;
             </div>
 
             <div class="btn_area">
-                <a href="rule/terms.php" class="fbtn">利用規約</a>
-                <a href="rule/privacypolicy.php" class="fbtn">プライバシーポリシー</a>
+                <a href="rule/terms.php" target="_blank" class="fbtn">利用規約</a>
+                <a href="rule/privacypolicy.php" target="_blank" class="fbtn">プライバシーポリシー</a>
             </div>
 
             <p>登録を押すと利用規約とプライバシーポリシーに同意したこととなります。<br>未確認の場合は上のボタンよりお読みください。</p>
diff --git a/nextpage/notificationview.php b/nextpage/notificationview.php
index c166949..1d6d2bb 100644
--- a/nextpage/notificationview.php
+++ b/nextpage/notificationview.php
@@ -1,4 +1,29 @@
 <?php 
+//Profile
+function replaceProfileEmojiImages($postText) {
+    // プロフィール名で絵文字名（:emoji:）を検出して画像に置き換える
+    $emojiPattern = '/:(\w+):/';
+    $postTextWithImages = preg_replace_callback($emojiPattern, function($matches) {
+        $emojiName = $matches[1];
+        //絵文字path取得
+        $dbh = new PDO('mysql:charset=utf8mb4;dbname='.DB_NAME.';host='.DB_HOST, DB_USER, DB_PASS, array(
+            PDO::ATTR_ERRMODE => PDO::ERRMODE_EXCEPTION,
+            PDO::ATTR_DEFAULT_FETCH_MODE => PDO::FETCH_ASSOC,
+            PDO::MYSQL_ATTR_USE_BUFFERED_QUERY => true,
+        ));
+        $emoji_Query = $dbh->prepare("SELECT emojifile, emojiname FROM emoji WHERE emojiname = :emojiname");
+        $emoji_Query->bindValue(':emojiname', $emojiName);
+        $emoji_Query->execute();
+        $emoji_row = $emoji_Query->fetch();
+        if(empty($emoji_row["emojifile"])){
+            $emoji_path = "img/sysimage/errorimage/emoji_404.png";
+        }else{
+            $emoji_path = $emoji_row["emojifile"];
+        }
+        return "<img src='../".$emoji_path."' alt=':$emojiName:' title=':$emojiName:'>";
+    }, $postText);
+    return $postTextWithImages;
+}
 function replaceEmojisWithImages($postText) {
     // ユーズ内で絵文字名（:emoji:）を検出して画像に置き換える
     $emojiPattern = '/:(\w+):/';
@@ -41,7 +66,7 @@ function replaceEmojisWithImages($postText) {
         if(empty($mentionsuserData)){
             return "@$username";
         }else{
-            return "<a class = 'mta' href='/@".$mentionsuserData["userid"]."'>@".$mentionsuserData["username"]."</a>";
+            return "<a class = 'mta' href='/@".htmlentities($mentionsuserData["userid"])."'>@".replaceProfileEmojiImages(htmlentities($mentionsuserData["username"]))."</a>";
         }
     }, $postTextWithImages);
 
diff --git a/nextpage/view.php b/nextpage/view.php
index 8f2c275..c9f2148 100644
--- a/nextpage/view.php
+++ b/nextpage/view.php
@@ -85,7 +85,7 @@ function replaceEmojisWithImages($postText) {
         if(empty($mentionsuserData)){
             return "@$username";
         }else{
-            return "<a class = 'mta' href='/@".$mentionsuserData["userid"]."'>@".$mentionsuserData["username"]."</a>";
+            return "<a class = 'mta' href='/@".htmlentities($mentionsuserData["userid"])."'>@".replaceProfileEmojiImages(htmlentities($mentionsuserData["username"]))."</a>";
         }
     }, $postTextWithImages);
 
@@ -304,7 +304,7 @@ class MessageDisplay {
             if(!($this->value['abi'] == "none")){
                 echo '<div class="abi">';
                 echo '  <div class="back">';
-                echo '<h1>' . htmlentities($this->value['username']) . 'さんが追記しました</h1>';
+                echo '<h1>' . replaceProfileEmojiImages(htmlentities($this->value['username'])) . 'さんが追記しました</h1>';
                 echo '  </div>';
                 echo '<p>'.processMarkdownAndWrapEmptyLines(replaceEmojisWithImages(replaceURLsWithLinks(nl2br($this->value['abi'])))) . '</p>';
                 echo '<div class="h3s">追記日時 : '. date("Y年m月d日 H:i", strtotime(htmlentities($this->value['abidate']))) . '</div>';
diff --git a/server/serversettings.ini b/server/serversettings.ini
index a3d3bb1..168fb85 100644
--- a/server/serversettings.ini
+++ b/server/serversettings.ini
@@ -9,7 +9,7 @@
 	server_logo_home  = ""
 	server_logo_login = ""
 	;管理者関係
-	server_admin = "admin"
+	server_admin = "あどみん"
 	server_admin_mailadds = "admin@localhost"
 	;招待のオンオフ
 	server_invitation = "false"
diff --git a/server/uwuzuinfo.txt b/server/uwuzuinfo.txt
index 078d368..1a306ae 100644
--- a/server/uwuzuinfo.txt
+++ b/server/uwuzuinfo.txt
@@ -1,4 +1,4 @@
 uwuzu
-1.2.28
-2023/12/20
+1.2.29
+2023/12/21
 daichimarukana,putonfps
\ No newline at end of file
diff --git a/server/uwuzurelease.txt b/server/uwuzurelease.txt
index 789aea3..269fb34 100644
--- a/server/uwuzurelease.txt
+++ b/server/uwuzurelease.txt
@@ -1,6 +1,16 @@
 ## リリースノートだぜぇぇぇぇぇぇい！！！！！！！
 ここにはuwuzuの更新情報を載せてくぜぇ～！(いやまてテンションおかしいだろ...)
 
+## Version 1.2.29
+リリース日:2023/12/21
+fix: ログインがうまくできない・ログインループを起こしてしまう問題を修正しました。
+fix: サーバーのindexページでサーバーロゴが適用されない問題を修正しました。
+fix: 脆弱性を修正しました。
+chg: アカウント作成画面で利用規約を新しいタブで開くようにしました。
+chg: 追記欄でのユーザー名にも絵文字が表示されるようにしました。
+chg: メンション時にカスタム絵文字を表示されるようにしました。
+new: 404ページなどエラーページにもサーバーロゴを適用しました。
+
 ## Version 1.2.28
 リリース日:2023/12/20
 fix: モバイル表示時にメニューを開くとその他が2つになってしまっている問題を修正しました！
diff --git a/user/index.php b/user/index.php
index 390f57b..5eb3fc6 100644
--- a/user/index.php
+++ b/user/index.php
@@ -267,7 +267,7 @@ if( !empty($pdo) ) {
 			if(empty($mentionsuserData)){
 				return "@$username";
 			}else{
-				return "<a class = 'mta' href='/@".$mentionsuserData["userid"]."'>@".$mentionsuserData["username"]."</a>";
+				return "<a class = 'mta' href='/@".htmlentities($mentionsuserData["userid"])."'>@".replaceProfileEmojiImages(htmlentities($mentionsuserData["username"]))."</a>";
 			}
 		}, $postTextWithImages);