diff --git a/api/project.go b/api/project.go
index e14668e10..e933d5a3f 100644
--- a/api/project.go
+++ b/api/project.go
@@ -118,15 +118,34 @@ func (p *ProjectAPI) Get() {
 	if len(projectName) > 0 {
 		queryProject.Name = "%" + projectName + "%"
 	}
-	public, _ := p.GetInt("is_public")
-	queryProject.Public = public
-
-	projectList, err := dao.QueryProject(queryProject)
+	isPublic := p.GetString("is_public")
+	if len(isPublic) > 0 {
+		public, err := strconv.ParseInt(isPublic, 10, 64)
+		if err != nil {
+			log.Errorf("Error parsing public property: %d, error: %v", isPublic, err)
+			p.CustomAbort(http.StatusBadRequest, "invalid project Id")
+		}
+		queryProject.Public = int(public)
+	}
+	isAdmin, err := dao.IsAdminRole(p.userID)
 	if err != nil {
-		log.Errorf("Error occurred in QueryProject, error: %v", err)
+		log.Errorf("Error occured in check admin, error: %v", err)
+		p.CustomAbort(http.StatusInternalServerError, "Internal error.")
+	}
+	var projectList []models.Project
+	if isAdmin {
+		projectList, err = dao.GetAllProjects()
+	} else {
+		projectList, err = dao.GetUserRelevantProjects(queryProject)
+	}
+	if err != nil {
+		log.Errorf("Error occured in QueryProject, error: %v", err)
 		p.CustomAbort(http.StatusInternalServerError, "Internal error.")
 	}
 	for i := 0; i < len(projectList); i++ {
+		if isAdmin {
+			projectList[i].Role = models.PROJECTADMIN
+		}
 		if projectList[i].Role == models.PROJECTADMIN {
 			projectList[i].Togglable = true
 		}
diff --git a/api/search.go b/api/search.go
index d47bb5890..f22b6b7f7 100644
--- a/api/search.go
+++ b/api/search.go
@@ -61,7 +61,7 @@ func (s *SearchAPI) Get() {
 			s.CustomAbort(http.StatusInternalServerError, "internal error")
 		}
 	} else {
-		projects, err = dao.GetUserRelevantProjects(userID)
+		projects, err = dao.SearchProjects(userID)
 		if err != nil {
 			log.Errorf("failed to get user %d 's relevant projects: %v", userID, err)
 			s.CustomAbort(http.StatusInternalServerError, "internal error")
diff --git a/api/statistic.go b/api/statistic.go
index ddcbcfd92..4d0561840 100644
--- a/api/statistic.go
+++ b/api/statistic.go
@@ -28,40 +28,32 @@ import (
 // StatisticAPI handles request to /api/statistics/
 type StatisticAPI struct {
 	BaseAPI
-	userID   int
-	username string
+	userID int
 }
 
 //Prepare validates the URL and the user
 func (s *StatisticAPI) Prepare() {
-	userID, ok := s.GetSession("userId").(int)
-	if !ok {
-		s.userID = dao.NonExistUserID
-	} else {
-		s.userID = userID
-	}
-	username, ok := s.GetSession("username").(string)
-	if !ok {
-		log.Warning("failed to get username from session")
-		s.username = ""
-	} else {
-		s.username = username
-	}
+	s.userID = s.ValidateUser()
 }
 
 // Get total projects and repos of the user
 func (s *StatisticAPI) Get() {
 	queryProject := models.Project{UserID: s.userID}
-	projectList, err := dao.QueryProject(queryProject)
-	if err != nil {
-		log.Errorf("Error occured in QueryProject, error: %v", err)
-		s.CustomAbort(http.StatusInternalServerError, "Internal error.")
-	}
 	isAdmin, err := dao.IsAdminRole(s.userID)
 	if err != nil {
 		log.Errorf("Error occured in check admin, error: %v", err)
 		s.CustomAbort(http.StatusInternalServerError, "Internal error.")
 	}
+	var projectList []models.Project
+	if isAdmin {
+		projectList, err = dao.GetAllProjects()
+	} else {
+		projectList, err = dao.GetUserRelevantProjects(queryProject)
+	}
+	if err != nil {
+		log.Errorf("Error occured in QueryProject, error: %v", err)
+		s.CustomAbort(http.StatusInternalServerError, "Internal error.")
+	}
 	proMap := map[string]int{}
 	proMap["my_project_count"] = 0
 	proMap["my_repo_count"] = 0
@@ -72,6 +64,9 @@ func (s *StatisticAPI) Get() {
 		proMap["total_repo_count"] = getTotalRepoCount()
 	}
 	for i := 0; i < len(projectList); i++ {
+		if isAdmin {
+			projectList[i].Role = models.PROJECTADMIN
+		}
 		if projectList[i].Role == models.PROJECTADMIN || projectList[i].Role == models.DEVELOPER ||
 			projectList[i].Role == models.GUEST {
 			proMap["my_project_count"]++
diff --git a/dao/dao_test.go b/dao/dao_test.go
index 0ef18faec..b4a48a066 100644
--- a/dao/dao_test.go
+++ b/dao/dao_test.go
@@ -572,39 +572,6 @@ func TestIsProjectPublic(t *testing.T) {
 	}
 }
 
-func TestQueryProject(t *testing.T) {
-	query1 := models.Project{
-		UserID: 1,
-	}
-	projects, err := QueryProject(query1)
-	if err != nil {
-		t.Errorf("Error in Query Project: %v, query: %+v", err, query1)
-	}
-	if len(projects) != 2 {
-		t.Errorf("Expecting get 2 projects, but actual: %d, the list: %+v", len(projects), projects)
-	}
-	query2 := models.Project{
-		Public: 1,
-	}
-	projects, err = QueryProject(query2)
-	if err != nil {
-		t.Errorf("Error in Query Project: %v, query: %+v", err, query2)
-	}
-	if len(projects) != 1 {
-		t.Errorf("Expecting get 1 project, but actual: %d, the list: %+v", len(projects), projects)
-	}
-	query3 := models.Project{
-		UserID: 9,
-	}
-	projects, err = QueryProject(query3)
-	if err != nil {
-		t.Errorf("Error in Query Project: %v, query: %+v", err, query3)
-	}
-	if len(projects) != 0 {
-		t.Errorf("Expecting get 0 project, but actual: %d, the list: %+v", len(projects), projects)
-	}
-}
-
 func TestGetUserProjectRoles(t *testing.T) {
 	r, err := GetUserProjectRoles(currentUser.UserID, currentProject.ProjectID)
 	if err != nil {
diff --git a/dao/project.go b/dao/project.go
index 476350fc7..6efc86d43 100644
--- a/dao/project.go
+++ b/dao/project.go
@@ -79,52 +79,6 @@ func IsProjectPublic(projectName string) bool {
 	return project.Public == 1
 }
 
-// QueryProject querys the projects based on publicity and user, disregarding the names etc.
-func QueryProject(query models.Project) ([]models.Project, error) {
-	o := orm.NewOrm()
-
-	sql := `select distinct
-		p.project_id, p.owner_id, p.name,p.creation_time, p.update_time, p.public`
-	queryParam := make([]interface{}, 1)
-	isAdmin, err := IsAdminRole(query.UserID)
-	if err != nil {
-		return nil, err
-	}
-
-	if query.Public == 1 {
-		//if the project is public
-		sql += ` from project p where p.deleted = 0 and p.public = ?`
-		queryParam = append(queryParam, query.Public)
-	} else if !isAdmin {
-		//if the user is not admin, should join the project_member table to query his/her projects and role id
-		sql += `, pm.role role from project p 
-		left join project_member pm on p.project_id = pm.project_id
-	    where p.deleted = 0  and (pm.user_id = ?) `
-		queryParam = append(queryParam, query.UserID)
-	} else if isAdmin {
-		//if the user is admin, return all projects
-		sql += ` from project p where p.deleted = 0 `
-	}
-	if query.Name != "" {
-		sql += " and p.name like ? "
-		queryParam = append(queryParam, query.Name)
-	}
-
-	sql += " order by p.name "
-
-	var r []models.Project
-	_, err = o.Raw(sql, queryParam).QueryRows(&r)
-	if err != nil {
-		return nil, err
-	}
-	if isAdmin {
-		for i := 0; i < len(r); i++ {
-			r[i].Role = models.PROJECTADMIN
-		}
-	}
-	return r, nil
-}
-
 //ProjectExists returns whether the project exists according to its name of ID.
 func ProjectExists(nameOrID interface{}) (bool, error) {
 	o := orm.NewOrm()
@@ -218,16 +172,16 @@ func ToggleProjectPublicity(projectID int64, publicity int) error {
 	return err
 }
 
-// GetUserRelevantProjects returns a project list,
+// SearchProjects returns a project list,
 // which satisfies the following conditions:
 // 1. the project is not deleted
 // 2. the prject is public or the user is a member of the project
-func GetUserRelevantProjects(userID int) ([]models.Project, error) {
+func SearchProjects(userID int) ([]models.Project, error) {
 	o := orm.NewOrm()
 	sql := `select distinct p.project_id, p.name, p.public 
 		from project p 
 		left join project_member pm on p.project_id = pm.project_id 
-		where (pm.user_id = ? or p.public = 1) and p.deleted = 0`
+		where (pm.user_id = ? or p.pulic=1) and p.deleted = 0`
 
 	var projects []models.Project
 
@@ -238,6 +192,38 @@ func GetUserRelevantProjects(userID int) ([]models.Project, error) {
 	return projects, nil
 }
 
+// GetUserRelevantProjects returns the projects based on publicity and user, disregarding the names etc.
+func GetUserRelevantProjects(query models.Project) ([]models.Project, error) {
+	o := orm.NewOrm()
+
+	sql := `select distinct
+		p.project_id, p.owner_id, p.name,p.creation_time, p.update_time, p.public, pm.role role 
+	 from project p 
+		left join project_member pm on p.project_id = pm.project_id
+	 where p.deleted = 0 and pm.user_id= ?`
+
+	queryParam := make([]interface{}, 1)
+	queryParam = append(queryParam, query.UserID)
+	if query.Public == 1 {
+		sql += ` and p.public = ?`
+		queryParam = append(queryParam, query.Public)
+	}
+	if query.Name != "" {
+		sql += " and p.name like ? "
+		queryParam = append(queryParam, query.Name)
+	}
+
+	sql += " order by p.name "
+
+	var r []models.Project
+	_, err := o.Raw(sql, queryParam).QueryRows(&r)
+
+	if err != nil {
+		return nil, err
+	}
+	return r, nil
+}
+
 // GetAllProjects returns all projects which are not deleted
 func GetAllProjects() ([]models.Project, error) {
 	o := orm.NewOrm()