diff --git a/app/init_permissions.py b/app/init_permissions.py
index fad8f31..773f81f 100644
--- a/app/init_permissions.py
+++ b/app/init_permissions.py
@@ -361,10 +361,13 @@ async def create_admin_user(sor, username, password, superuser_role_id):
     # 检查用户是否已存在
     recs = await sor.R('users', {'username': username})
     if recs:
-        # 更新密码
         uid = recs[0].id
         encoded_pw = password_encode(password)
-        await sor.U('users', {'id': uid, 'password': encoded_pw})
+        # 用原始 SQL 更新密码，避免 sor.U() 错误生成 userid WHERE 条件
+        await sor.sqlExe(
+            "UPDATE users SET password = ${pw}$ WHERE id = ${uid}$",
+            {'pw': encoded_pw, 'uid': uid}
+        )
         print(f"  用户 {username} 已存在，已更新密码")
         # 检查是否已有角色
         existing_roles = await sor.R('userrole', {'userid': uid, 'roleid': superuser_role_id})
diff --git a/init_permissions.py b/init_permissions.py
index fad8f31..773f81f 100644
--- a/init_permissions.py
+++ b/init_permissions.py
@@ -361,10 +361,13 @@ async def create_admin_user(sor, username, password, superuser_role_id):
     # 检查用户是否已存在
     recs = await sor.R('users', {'username': username})
     if recs:
-        # 更新密码
         uid = recs[0].id
         encoded_pw = password_encode(password)
-        await sor.U('users', {'id': uid, 'password': encoded_pw})
+        # 用原始 SQL 更新密码，避免 sor.U() 错误生成 userid WHERE 条件
+        await sor.sqlExe(
+            "UPDATE users SET password = ${pw}$ WHERE id = ${uid}$",
+            {'pw': encoded_pw, 'uid': uid}
+        )
         print(f"  用户 {username} 已存在，已更新密码")
         # 检查是否已有角色
         existing_roles = await sor.R('userrole', {'userid': uid, 'roleid': superuser_role_id})