安全修复：加固CSRF与凭证保护并修复越权风险

services/screenshots.py

@@ -538,9 +538,8 @@ def take_screenshot_for_account(
     # 标记账号正在截图（防止重复提交截图任务）
     account.is_running = True
 
-
     user_info = database.get_user_by_id(user_id)
-    username_prefix = user_info["username"] if user_info else f"user{user_id}"
+    username_prefix = f"u{int(user_id)}"
 
     def screenshot_task(
         browser_instance, user_id, account_id, account, browse_type, source, task_start_time, browse_result