diff --git a/app/controllers/words_controller.rb b/app/controllers/words_controller.rb
index da5bbb8bd..3063ec5fd 100644
--- a/app/controllers/words_controller.rb
+++ b/app/controllers/words_controller.rb
@@ -41,8 +41,8 @@ class WordsController < ApplicationController
   end
   
   def create_reply
-    user_id_str = request.headers["Referer"].match((%r|/[0-9]{1,}/|))[0]
-    user_id = user_id_str[1, user_id_str.size-2]
+    # deny api. api useless
+    user_id = request.headers["Referer"].match((%r|/([0-9]{1,})/|))[1]
     @user = User.find(user_id)
     parent_id = params[:reference_id]
     author_id = User.current.id
diff --git a/app/models/journals_for_message.rb b/app/models/journals_for_message.rb
index 2c5b40c74..df2e2a162 100644
--- a/app/models/journals_for_message.rb
+++ b/app/models/journals_for_message.rb
@@ -26,6 +26,8 @@ class JournalsForMessage < ActiveRecord::Base
   after_create :act_as_activity #huang
   after_create :reset_counters!
   after_destroy :reset_counters!
+
+  default_scope { where('m_parent_id IS NULL') }
   
   def self.delete_message(message_id)
     self.delete_all "id = #{message_id}"